./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/email_spec4_product28_true-unreach-call_true-termination.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 0cd3be1d Calling Ultimate with: java -Dosgi.configuration.area=/tmp/vcloud-vcloud-master/worker/working_dir_69c16468-adf0-42ac-bcca-69aed0e597cf/bin-2019/uautomizer/data/config -Xmx12G -Xms1G -jar /tmp/vcloud-vcloud-master/worker/working_dir_69c16468-adf0-42ac-bcca-69aed0e597cf/bin-2019/uautomizer/plugins/org.eclipse.equinox.launcher_1.3.100.v20150511-1540.jar -data @noDefault -ultimatedata /tmp/vcloud-vcloud-master/worker/working_dir_69c16468-adf0-42ac-bcca-69aed0e597cf/bin-2019/uautomizer/data -tc /tmp/vcloud-vcloud-master/worker/working_dir_69c16468-adf0-42ac-bcca-69aed0e597cf/bin-2019/uautomizer/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/email_spec4_product28_true-unreach-call_true-termination.cil.c -s /tmp/vcloud-vcloud-master/worker/working_dir_69c16468-adf0-42ac-bcca-69aed0e597cf/bin-2019/uautomizer/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud-vcloud-master/worker/working_dir_69c16468-adf0-42ac-bcca-69aed0e597cf/bin-2019/uautomizer --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(__VERIFIER_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash c155eed8904feb91bc357673889a45f80c4d03bf ........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................... Execution finished normally Writing output log to file Ultimate.log Result: TRUE --- Real Ultimate output --- This is Ultimate 0.1.23-0cd3be1 [2018-11-28 12:58:53,682 INFO L170 SettingsManager]: Resetting all preferences to default values... [2018-11-28 12:58:53,683 INFO L174 SettingsManager]: Resetting UltimateCore preferences to default values [2018-11-28 12:58:53,691 INFO L177 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2018-11-28 12:58:53,692 INFO L174 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2018-11-28 12:58:53,692 INFO L174 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2018-11-28 12:58:53,693 INFO L174 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2018-11-28 12:58:53,694 INFO L174 SettingsManager]: Resetting LassoRanker preferences to default values [2018-11-28 12:58:53,695 INFO L174 SettingsManager]: Resetting Reaching Definitions preferences to default values [2018-11-28 12:58:53,696 INFO L174 SettingsManager]: Resetting SyntaxChecker preferences to default values [2018-11-28 12:58:53,697 INFO L177 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2018-11-28 12:58:53,697 INFO L174 SettingsManager]: Resetting LTL2Aut preferences to default values [2018-11-28 12:58:53,698 INFO L174 SettingsManager]: Resetting PEA to Boogie preferences to default values [2018-11-28 12:58:53,698 INFO L174 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2018-11-28 12:58:53,699 INFO L174 SettingsManager]: Resetting ChcToBoogie preferences to default values [2018-11-28 12:58:53,700 INFO L174 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2018-11-28 12:58:53,700 INFO L174 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2018-11-28 12:58:53,702 INFO L174 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2018-11-28 12:58:53,703 INFO L174 SettingsManager]: Resetting CodeCheck preferences to default values [2018-11-28 12:58:53,704 INFO L174 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2018-11-28 12:58:53,705 INFO L174 SettingsManager]: Resetting RCFGBuilder preferences to default values [2018-11-28 12:58:53,706 INFO L174 SettingsManager]: Resetting TraceAbstraction preferences to default values [2018-11-28 12:58:53,707 INFO L177 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2018-11-28 12:58:53,708 INFO L177 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2018-11-28 12:58:53,708 INFO L174 SettingsManager]: Resetting TreeAutomizer preferences to default values [2018-11-28 12:58:53,708 INFO L174 SettingsManager]: Resetting IcfgTransformer preferences to default values [2018-11-28 12:58:53,709 INFO L174 SettingsManager]: Resetting Boogie Printer preferences to default values [2018-11-28 12:58:53,710 INFO L174 SettingsManager]: Resetting ReqPrinter preferences to default values [2018-11-28 12:58:53,710 INFO L174 SettingsManager]: Resetting Witness Printer preferences to default values [2018-11-28 12:58:53,711 INFO L177 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2018-11-28 12:58:53,711 INFO L174 SettingsManager]: Resetting CDTParser preferences to default values [2018-11-28 12:58:53,712 INFO L177 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2018-11-28 12:58:53,712 INFO L177 SettingsManager]: ReqParser provides no preferences, ignoring... [2018-11-28 12:58:53,712 INFO L174 SettingsManager]: Resetting SmtParser preferences to default values [2018-11-28 12:58:53,713 INFO L174 SettingsManager]: Resetting Witness Parser preferences to default values [2018-11-28 12:58:53,714 INFO L181 SettingsManager]: Finished resetting all preferences to default values... [2018-11-28 12:58:53,714 INFO L98 SettingsManager]: Beginning loading settings from /tmp/vcloud-vcloud-master/worker/working_dir_69c16468-adf0-42ac-bcca-69aed0e597cf/bin-2019/uautomizer/config/svcomp-Reach-32bit-Automizer_Default.epf [2018-11-28 12:58:53,724 INFO L110 SettingsManager]: Loading preferences was successful [2018-11-28 12:58:53,724 INFO L112 SettingsManager]: Preferences different from defaults after loading the file: [2018-11-28 12:58:53,725 INFO L131 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2018-11-28 12:58:53,725 INFO L133 SettingsManager]: * ... calls to implemented procedures=ONLY_FOR_CONCURRENT_PROGRAMS [2018-11-28 12:58:53,726 INFO L131 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2018-11-28 12:58:53,726 INFO L133 SettingsManager]: * Create parallel compositions if possible=false [2018-11-28 12:58:53,726 INFO L133 SettingsManager]: * Use SBE=true [2018-11-28 12:58:53,726 INFO L131 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2018-11-28 12:58:53,726 INFO L133 SettingsManager]: * sizeof long=4 [2018-11-28 12:58:53,726 INFO L133 SettingsManager]: * Overapproximate operations on floating types=true [2018-11-28 12:58:53,726 INFO L133 SettingsManager]: * sizeof POINTER=4 [2018-11-28 12:58:53,727 INFO L133 SettingsManager]: * Check division by zero=IGNORE [2018-11-28 12:58:53,727 INFO L133 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2018-11-28 12:58:53,727 INFO L133 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2018-11-28 12:58:53,727 INFO L133 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2018-11-28 12:58:53,727 INFO L133 SettingsManager]: * sizeof long double=12 [2018-11-28 12:58:53,727 INFO L133 SettingsManager]: * Check if freed pointer was valid=false [2018-11-28 12:58:53,727 INFO L133 SettingsManager]: * Use constant arrays=true [2018-11-28 12:58:53,728 INFO L133 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2018-11-28 12:58:53,728 INFO L131 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2018-11-28 12:58:53,728 INFO L133 SettingsManager]: * Size of a code block=SequenceOfStatements [2018-11-28 12:58:53,728 INFO L133 SettingsManager]: * To the following directory=./dump/ [2018-11-28 12:58:53,728 INFO L133 SettingsManager]: * SMT solver=External_DefaultMode [2018-11-28 12:58:53,728 INFO L133 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2018-11-28 12:58:53,728 INFO L131 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2018-11-28 12:58:53,729 INFO L133 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2018-11-28 12:58:53,729 INFO L133 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2018-11-28 12:58:53,729 INFO L133 SettingsManager]: * Trace refinement strategy=CAMEL [2018-11-28 12:58:53,729 INFO L133 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2018-11-28 12:58:53,729 INFO L133 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2018-11-28 12:58:53,729 INFO L133 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud-vcloud-master/worker/working_dir_69c16468-adf0-42ac-bcca-69aed0e597cf/bin-2019/uautomizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(__VERIFIER_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> c155eed8904feb91bc357673889a45f80c4d03bf [2018-11-28 12:58:53,753 INFO L81 nceAwareModelManager]: Repository-Root is: /tmp [2018-11-28 12:58:53,762 INFO L258 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2018-11-28 12:58:53,765 INFO L214 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2018-11-28 12:58:53,765 INFO L271 PluginConnector]: Initializing CDTParser... [2018-11-28 12:58:53,766 INFO L276 PluginConnector]: CDTParser initialized [2018-11-28 12:58:53,766 INFO L418 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud-vcloud-master/worker/working_dir_69c16468-adf0-42ac-bcca-69aed0e597cf/bin-2019/uautomizer/../../sv-benchmarks/c/product-lines/email_spec4_product28_true-unreach-call_true-termination.cil.c [2018-11-28 12:58:53,804 INFO L221 CDTParser]: Created temporary CDT project at /tmp/vcloud-vcloud-master/worker/working_dir_69c16468-adf0-42ac-bcca-69aed0e597cf/bin-2019/uautomizer/data/712e5e152/1b62e82eefd54c81a4687ca5a59fe2e2/FLAG3cb75a1bf [2018-11-28 12:58:54,289 INFO L307 CDTParser]: Found 1 translation units. [2018-11-28 12:58:54,290 INFO L161 CDTParser]: Scanning /tmp/vcloud-vcloud-master/worker/working_dir_69c16468-adf0-42ac-bcca-69aed0e597cf/sv-benchmarks/c/product-lines/email_spec4_product28_true-unreach-call_true-termination.cil.c [2018-11-28 12:58:54,302 INFO L355 CDTParser]: About to delete temporary CDT project at /tmp/vcloud-vcloud-master/worker/working_dir_69c16468-adf0-42ac-bcca-69aed0e597cf/bin-2019/uautomizer/data/712e5e152/1b62e82eefd54c81a4687ca5a59fe2e2/FLAG3cb75a1bf [2018-11-28 12:58:54,784 INFO L363 CDTParser]: Successfully deleted /tmp/vcloud-vcloud-master/worker/working_dir_69c16468-adf0-42ac-bcca-69aed0e597cf/bin-2019/uautomizer/data/712e5e152/1b62e82eefd54c81a4687ca5a59fe2e2 [2018-11-28 12:58:54,786 INFO L296 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2018-11-28 12:58:54,787 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2018-11-28 12:58:54,787 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2018-11-28 12:58:54,788 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2018-11-28 12:58:54,790 INFO L276 PluginConnector]: CACSL2BoogieTranslator initialized [2018-11-28 12:58:54,790 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 28.11 12:58:54" (1/1) ... [2018-11-28 12:58:54,792 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@2ea54b17 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 28.11 12:58:54, skipping insertion in model container [2018-11-28 12:58:54,792 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 28.11 12:58:54" (1/1) ... [2018-11-28 12:58:54,796 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2018-11-28 12:58:54,838 INFO L176 MainTranslator]: Built tables and reachable declarations [2018-11-28 12:58:55,264 INFO L203 PostProcessor]: Analyzing one entry point: main [2018-11-28 12:58:55,277 INFO L191 MainTranslator]: Completed pre-run [2018-11-28 12:58:55,362 INFO L203 PostProcessor]: Analyzing one entry point: main [2018-11-28 12:58:55,401 INFO L195 MainTranslator]: Completed translation [2018-11-28 12:58:55,401 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 28.11 12:58:55 WrapperNode [2018-11-28 12:58:55,402 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2018-11-28 12:58:55,402 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2018-11-28 12:58:55,402 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2018-11-28 12:58:55,402 INFO L276 PluginConnector]: Boogie Procedure Inliner initialized [2018-11-28 12:58:55,407 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 28.11 12:58:55" (1/1) ... [2018-11-28 12:58:55,429 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 28.11 12:58:55" (1/1) ... [2018-11-28 12:58:55,438 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2018-11-28 12:58:55,438 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2018-11-28 12:58:55,439 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2018-11-28 12:58:55,439 INFO L276 PluginConnector]: Boogie Preprocessor initialized [2018-11-28 12:58:55,447 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 28.11 12:58:55" (1/1) ... [2018-11-28 12:58:55,447 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 28.11 12:58:55" (1/1) ... [2018-11-28 12:58:55,453 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 28.11 12:58:55" (1/1) ... [2018-11-28 12:58:55,453 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 28.11 12:58:55" (1/1) ... [2018-11-28 12:58:55,473 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 28.11 12:58:55" (1/1) ... [2018-11-28 12:58:55,483 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 28.11 12:58:55" (1/1) ... [2018-11-28 12:58:55,490 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 28.11 12:58:55" (1/1) ... [2018-11-28 12:58:55,496 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2018-11-28 12:58:55,496 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2018-11-28 12:58:55,496 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2018-11-28 12:58:55,496 INFO L276 PluginConnector]: RCFGBuilder initialized [2018-11-28 12:58:55,497 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 28.11 12:58:55" (1/1) ... No working directory specified, using /tmp/vcloud-vcloud-master/worker/working_dir_69c16468-adf0-42ac-bcca-69aed0e597cf/bin-2019/uautomizer/z3 Starting monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2018-11-28 12:58:55,534 INFO L130 BoogieDeclarations]: Found specification of procedure get_queued_client [2018-11-28 12:58:55,534 INFO L138 BoogieDeclarations]: Found implementation of procedure get_queued_client [2018-11-28 12:58:55,534 INFO L130 BoogieDeclarations]: Found specification of procedure rjhKeyChange [2018-11-28 12:58:55,534 INFO L138 BoogieDeclarations]: Found implementation of procedure rjhKeyChange [2018-11-28 12:58:55,535 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailIsSigned [2018-11-28 12:58:55,535 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailIsSigned [2018-11-28 12:58:55,535 INFO L130 BoogieDeclarations]: Found specification of procedure getClientPrivateKey [2018-11-28 12:58:55,535 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientPrivateKey [2018-11-28 12:58:55,535 INFO L130 BoogieDeclarations]: Found specification of procedure rjhKeyAdd [2018-11-28 12:58:55,535 INFO L138 BoogieDeclarations]: Found implementation of procedure rjhKeyAdd [2018-11-28 12:58:55,535 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.alloc [2018-11-28 12:58:55,535 INFO L130 BoogieDeclarations]: Found specification of procedure bobToRjh [2018-11-28 12:58:55,535 INFO L138 BoogieDeclarations]: Found implementation of procedure bobToRjh [2018-11-28 12:58:55,536 INFO L130 BoogieDeclarations]: Found specification of procedure setup_bob [2018-11-28 12:58:55,536 INFO L138 BoogieDeclarations]: Found implementation of procedure setup_bob [2018-11-28 12:58:55,536 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailEncryptionKey [2018-11-28 12:58:55,536 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailEncryptionKey [2018-11-28 12:58:55,536 INFO L130 BoogieDeclarations]: Found specification of procedure select_features [2018-11-28 12:58:55,536 INFO L138 BoogieDeclarations]: Found implementation of procedure select_features [2018-11-28 12:58:55,536 INFO L130 BoogieDeclarations]: Found specification of procedure setup_bob__wrappee__Base [2018-11-28 12:58:55,536 INFO L138 BoogieDeclarations]: Found implementation of procedure setup_bob__wrappee__Base [2018-11-28 12:58:55,536 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailEncryptionKey [2018-11-28 12:58:55,537 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailEncryptionKey [2018-11-28 12:58:55,537 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing__wrappee__Keys [2018-11-28 12:58:55,537 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing__wrappee__Keys [2018-11-28 12:58:55,537 INFO L130 BoogieDeclarations]: Found specification of procedure createEmail [2018-11-28 12:58:55,537 INFO L138 BoogieDeclarations]: Found implementation of procedure createEmail [2018-11-28 12:58:55,537 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailTo [2018-11-28 12:58:55,537 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailTo [2018-11-28 12:58:55,537 INFO L130 BoogieDeclarations]: Found specification of procedure get_queued_email [2018-11-28 12:58:55,537 INFO L138 BoogieDeclarations]: Found implementation of procedure get_queued_email [2018-11-28 12:58:55,537 INFO L130 BoogieDeclarations]: Found specification of procedure incoming__wrappee__Sign [2018-11-28 12:58:55,537 INFO L138 BoogieDeclarations]: Found implementation of procedure incoming__wrappee__Sign [2018-11-28 12:58:55,537 INFO L130 BoogieDeclarations]: Found specification of procedure isReadable__wrappee__Keys [2018-11-28 12:58:55,538 INFO L138 BoogieDeclarations]: Found implementation of procedure isReadable__wrappee__Keys [2018-11-28 12:58:55,538 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailFrom [2018-11-28 12:58:55,538 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailFrom [2018-11-28 12:58:55,538 INFO L130 BoogieDeclarations]: Found specification of procedure isReadable [2018-11-28 12:58:55,538 INFO L138 BoogieDeclarations]: Found implementation of procedure isReadable [2018-11-28 12:58:55,538 INFO L130 BoogieDeclarations]: Found specification of procedure setup_rjh__wrappee__Base [2018-11-28 12:58:55,538 INFO L138 BoogieDeclarations]: Found implementation of procedure setup_rjh__wrappee__Base [2018-11-28 12:58:55,538 INFO L130 BoogieDeclarations]: Found specification of procedure getClientId [2018-11-28 12:58:55,538 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientId [2018-11-28 12:58:55,538 INFO L130 BoogieDeclarations]: Found specification of procedure deliver [2018-11-28 12:58:55,538 INFO L138 BoogieDeclarations]: Found implementation of procedure deliver [2018-11-28 12:58:55,538 INFO L130 BoogieDeclarations]: Found specification of procedure createClientKeyringEntry [2018-11-28 12:58:55,538 INFO L138 BoogieDeclarations]: Found implementation of procedure createClientKeyringEntry [2018-11-28 12:58:55,538 INFO L130 BoogieDeclarations]: Found specification of procedure verify [2018-11-28 12:58:55,538 INFO L138 BoogieDeclarations]: Found implementation of procedure verify [2018-11-28 12:58:55,539 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailIsEncrypted [2018-11-28 12:58:55,539 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailIsEncrypted [2018-11-28 12:58:55,539 INFO L130 BoogieDeclarations]: Found specification of procedure incoming__wrappee__Verify [2018-11-28 12:58:55,539 INFO L138 BoogieDeclarations]: Found implementation of procedure incoming__wrappee__Verify [2018-11-28 12:58:55,539 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailSignKey [2018-11-28 12:58:55,539 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailSignKey [2018-11-28 12:58:55,539 INFO L130 BoogieDeclarations]: Found specification of procedure chuckKeyAdd [2018-11-28 12:58:55,539 INFO L138 BoogieDeclarations]: Found implementation of procedure chuckKeyAdd [2018-11-28 12:58:55,539 INFO L130 BoogieDeclarations]: Found specification of procedure getClientKeyringSize [2018-11-28 12:58:55,539 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientKeyringSize [2018-11-28 12:58:55,539 INFO L130 BoogieDeclarations]: Found specification of procedure bobKeyAdd [2018-11-28 12:58:55,540 INFO L138 BoogieDeclarations]: Found implementation of procedure bobKeyAdd [2018-11-28 12:58:55,540 INFO L130 BoogieDeclarations]: Found specification of procedure puts [2018-11-28 12:58:55,540 INFO L130 BoogieDeclarations]: Found specification of procedure setup_chuck__wrappee__Base [2018-11-28 12:58:55,540 INFO L138 BoogieDeclarations]: Found implementation of procedure setup_chuck__wrappee__Base [2018-11-28 12:58:55,540 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.init [2018-11-28 12:58:55,540 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.init [2018-11-28 12:58:55,540 INFO L130 BoogieDeclarations]: Found specification of procedure chuckKeyAddRjh [2018-11-28 12:58:55,540 INFO L138 BoogieDeclarations]: Found implementation of procedure chuckKeyAddRjh [2018-11-28 12:58:55,540 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailFrom [2018-11-28 12:58:55,540 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailFrom [2018-11-28 12:58:55,541 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringSize [2018-11-28 12:58:55,541 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringSize [2018-11-28 12:58:55,541 INFO L130 BoogieDeclarations]: Found specification of procedure setClientId [2018-11-28 12:58:55,541 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientId [2018-11-28 12:58:55,541 INFO L130 BoogieDeclarations]: Found specification of procedure bobKeyChange [2018-11-28 12:58:55,541 INFO L138 BoogieDeclarations]: Found implementation of procedure bobKeyChange [2018-11-28 12:58:55,541 INFO L130 BoogieDeclarations]: Found specification of procedure isSigned [2018-11-28 12:58:55,541 INFO L138 BoogieDeclarations]: Found implementation of procedure isSigned [2018-11-28 12:58:55,541 INFO L130 BoogieDeclarations]: Found specification of procedure mail [2018-11-28 12:58:55,542 INFO L138 BoogieDeclarations]: Found implementation of procedure mail [2018-11-28 12:58:55,542 INFO L130 BoogieDeclarations]: Found specification of procedure valid_product [2018-11-28 12:58:55,542 INFO L138 BoogieDeclarations]: Found implementation of procedure valid_product [2018-11-28 12:58:55,542 INFO L130 BoogieDeclarations]: Found specification of procedure isKeyPairValid [2018-11-28 12:58:55,542 INFO L138 BoogieDeclarations]: Found implementation of procedure isKeyPairValid [2018-11-28 12:58:55,542 INFO L130 BoogieDeclarations]: Found specification of procedure sign [2018-11-28 12:58:55,542 INFO L138 BoogieDeclarations]: Found implementation of procedure sign [2018-11-28 12:58:55,542 INFO L130 BoogieDeclarations]: Found specification of procedure main [2018-11-28 12:58:55,542 INFO L138 BoogieDeclarations]: Found implementation of procedure main [2018-11-28 12:58:55,543 INFO L130 BoogieDeclarations]: Found specification of procedure setup_rjh [2018-11-28 12:58:55,543 INFO L138 BoogieDeclarations]: Found implementation of procedure setup_rjh [2018-11-28 12:58:55,543 INFO L130 BoogieDeclarations]: Found specification of procedure incoming [2018-11-28 12:58:55,543 INFO L138 BoogieDeclarations]: Found implementation of procedure incoming [2018-11-28 12:58:55,543 INFO L130 BoogieDeclarations]: Found specification of procedure rjhDeletePrivateKey [2018-11-28 12:58:55,543 INFO L138 BoogieDeclarations]: Found implementation of procedure rjhDeletePrivateKey [2018-11-28 12:58:55,543 INFO L130 BoogieDeclarations]: Found specification of procedure test [2018-11-28 12:58:55,543 INFO L138 BoogieDeclarations]: Found implementation of procedure test [2018-11-28 12:58:55,543 INFO L130 BoogieDeclarations]: Found specification of procedure getClientKeyringUser [2018-11-28 12:58:55,544 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientKeyringUser [2018-11-28 12:58:55,544 INFO L130 BoogieDeclarations]: Found specification of procedure __utac_acc__SignForward_spec__1 [2018-11-28 12:58:55,544 INFO L138 BoogieDeclarations]: Found implementation of procedure __utac_acc__SignForward_spec__1 [2018-11-28 12:58:55,544 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringUser [2018-11-28 12:58:55,544 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringUser [2018-11-28 12:58:55,544 INFO L130 BoogieDeclarations]: Found specification of procedure __automaton_fail [2018-11-28 12:58:55,544 INFO L138 BoogieDeclarations]: Found implementation of procedure __automaton_fail [2018-11-28 12:58:55,544 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringPublicKey [2018-11-28 12:58:55,544 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringPublicKey [2018-11-28 12:58:55,544 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing [2018-11-28 12:58:55,545 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing [2018-11-28 12:58:55,545 INFO L130 BoogieDeclarations]: Found specification of procedure select_helpers [2018-11-28 12:58:55,545 INFO L138 BoogieDeclarations]: Found implementation of procedure select_helpers [2018-11-28 12:58:55,545 INFO L130 BoogieDeclarations]: Found specification of procedure setup_chuck [2018-11-28 12:58:55,545 INFO L138 BoogieDeclarations]: Found implementation of procedure setup_chuck [2018-11-28 12:58:55,545 INFO L130 BoogieDeclarations]: Found specification of procedure findPublicKey [2018-11-28 12:58:55,545 INFO L138 BoogieDeclarations]: Found implementation of procedure findPublicKey [2018-11-28 12:58:55,545 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing__wrappee__Encrypt [2018-11-28 12:58:55,545 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing__wrappee__Encrypt [2018-11-28 12:58:55,546 INFO L130 BoogieDeclarations]: Found specification of procedure sendEmail [2018-11-28 12:58:55,546 INFO L138 BoogieDeclarations]: Found implementation of procedure sendEmail [2018-11-28 12:58:55,546 INFO L130 BoogieDeclarations]: Found specification of procedure isEncrypted [2018-11-28 12:58:55,546 INFO L138 BoogieDeclarations]: Found implementation of procedure isEncrypted [2018-11-28 12:58:55,546 INFO L130 BoogieDeclarations]: Found specification of procedure setClientPrivateKey [2018-11-28 12:58:55,546 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientPrivateKey [2018-11-28 12:58:55,546 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailTo [2018-11-28 12:58:55,546 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailTo [2018-11-28 12:58:55,546 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailIsSignatureVerified [2018-11-28 12:58:55,546 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailIsSignatureVerified [2018-11-28 12:58:55,547 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2018-11-28 12:58:55,547 INFO L130 BoogieDeclarations]: Found specification of procedure is_queue_empty [2018-11-28 12:58:55,547 INFO L138 BoogieDeclarations]: Found implementation of procedure is_queue_empty [2018-11-28 12:58:55,547 INFO L130 BoogieDeclarations]: Found specification of procedure getClientKeyringPublicKey [2018-11-28 12:58:55,547 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientKeyringPublicKey [2018-11-28 12:58:55,547 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailSignKey [2018-11-28 12:58:55,547 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailSignKey [2018-11-28 12:58:55,547 INFO L130 BoogieDeclarations]: Found specification of procedure generateKeyPair [2018-11-28 12:58:55,547 INFO L138 BoogieDeclarations]: Found implementation of procedure generateKeyPair [2018-11-28 12:58:55,547 INFO L130 BoogieDeclarations]: Found specification of procedure setup [2018-11-28 12:58:55,548 INFO L138 BoogieDeclarations]: Found implementation of procedure setup [2018-11-28 12:58:55,548 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2018-11-28 12:58:55,548 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2018-11-28 12:58:56,462 INFO L275 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2018-11-28 12:58:56,463 INFO L280 CfgBuilder]: Removed 1 assue(true) statements. [2018-11-28 12:58:56,463 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 28.11 12:58:56 BoogieIcfgContainer [2018-11-28 12:58:56,463 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2018-11-28 12:58:56,464 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2018-11-28 12:58:56,464 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2018-11-28 12:58:56,467 INFO L276 PluginConnector]: TraceAbstraction initialized [2018-11-28 12:58:56,467 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 28.11 12:58:54" (1/3) ... [2018-11-28 12:58:56,468 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4db6888e and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 28.11 12:58:56, skipping insertion in model container [2018-11-28 12:58:56,468 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 28.11 12:58:55" (2/3) ... [2018-11-28 12:58:56,468 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4db6888e and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 28.11 12:58:56, skipping insertion in model container [2018-11-28 12:58:56,468 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 28.11 12:58:56" (3/3) ... [2018-11-28 12:58:56,470 INFO L112 eAbstractionObserver]: Analyzing ICFG email_spec4_product28_true-unreach-call_true-termination.cil.c [2018-11-28 12:58:56,476 INFO L156 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2018-11-28 12:58:56,485 INFO L168 ceAbstractionStarter]: Appying trace abstraction to program that has 1 error locations. [2018-11-28 12:58:56,496 INFO L257 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2018-11-28 12:58:56,519 INFO L133 ementStrategyFactory]: Using default assertion order modulation [2018-11-28 12:58:56,519 INFO L382 AbstractCegarLoop]: Interprodecural is true [2018-11-28 12:58:56,520 INFO L383 AbstractCegarLoop]: Hoare is true [2018-11-28 12:58:56,520 INFO L384 AbstractCegarLoop]: Compute interpolants for FPandBP [2018-11-28 12:58:56,520 INFO L385 AbstractCegarLoop]: Backedges is STRAIGHT_LINE [2018-11-28 12:58:56,520 INFO L386 AbstractCegarLoop]: Determinization is PREDICATE_ABSTRACTION [2018-11-28 12:58:56,520 INFO L387 AbstractCegarLoop]: Difference is false [2018-11-28 12:58:56,520 INFO L388 AbstractCegarLoop]: Minimize is MINIMIZE_SEVPA [2018-11-28 12:58:56,521 INFO L393 AbstractCegarLoop]: ======== Iteration 0==of CEGAR loop == AllErrorsAtOnce======== [2018-11-28 12:58:56,541 INFO L276 IsEmpty]: Start isEmpty. Operand 469 states. [2018-11-28 12:58:56,554 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 165 [2018-11-28 12:58:56,554 INFO L394 BasicCegarLoop]: Found error trace [2018-11-28 12:58:56,555 INFO L402 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-28 12:58:56,557 INFO L423 AbstractCegarLoop]: === Iteration 1 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-28 12:58:56,561 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-28 12:58:56,561 INFO L82 PathProgramCache]: Analyzing trace with hash 1048986467, now seen corresponding path program 1 times [2018-11-28 12:58:56,563 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-28 12:58:56,563 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-28 12:58:56,596 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:58:56,596 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-28 12:58:56,596 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:58:56,759 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-28 12:58:56,900 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 32 trivial. 0 not checked. [2018-11-28 12:58:56,901 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-28 12:58:56,902 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2018-11-28 12:58:56,904 INFO L459 AbstractCegarLoop]: Interpolant automaton has 2 states [2018-11-28 12:58:56,911 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2018-11-28 12:58:56,912 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2018-11-28 12:58:56,913 INFO L87 Difference]: Start difference. First operand 469 states. Second operand 2 states. [2018-11-28 12:58:56,961 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-28 12:58:56,962 INFO L93 Difference]: Finished difference Result 715 states and 948 transitions. [2018-11-28 12:58:56,962 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2018-11-28 12:58:56,963 INFO L78 Accepts]: Start accepts. Automaton has 2 states. Word has length 164 [2018-11-28 12:58:56,963 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-28 12:58:56,976 INFO L225 Difference]: With dead ends: 715 [2018-11-28 12:58:56,976 INFO L226 Difference]: Without dead ends: 458 [2018-11-28 12:58:56,980 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2018-11-28 12:58:56,992 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 458 states. [2018-11-28 12:58:57,034 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 458 to 458. [2018-11-28 12:58:57,035 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 458 states. [2018-11-28 12:58:57,038 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 458 states to 458 states and 611 transitions. [2018-11-28 12:58:57,040 INFO L78 Accepts]: Start accepts. Automaton has 458 states and 611 transitions. Word has length 164 [2018-11-28 12:58:57,041 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-28 12:58:57,041 INFO L480 AbstractCegarLoop]: Abstraction has 458 states and 611 transitions. [2018-11-28 12:58:57,042 INFO L481 AbstractCegarLoop]: Interpolant automaton has 2 states. [2018-11-28 12:58:57,042 INFO L276 IsEmpty]: Start isEmpty. Operand 458 states and 611 transitions. [2018-11-28 12:58:57,046 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 166 [2018-11-28 12:58:57,046 INFO L394 BasicCegarLoop]: Found error trace [2018-11-28 12:58:57,046 INFO L402 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-28 12:58:57,047 INFO L423 AbstractCegarLoop]: === Iteration 2 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-28 12:58:57,047 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-28 12:58:57,047 INFO L82 PathProgramCache]: Analyzing trace with hash 618517395, now seen corresponding path program 1 times [2018-11-28 12:58:57,047 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-28 12:58:57,048 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-28 12:58:57,048 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:58:57,049 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-28 12:58:57,049 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:58:57,097 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-28 12:58:57,261 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 32 trivial. 0 not checked. [2018-11-28 12:58:57,261 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-28 12:58:57,262 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2018-11-28 12:58:57,264 INFO L459 AbstractCegarLoop]: Interpolant automaton has 3 states [2018-11-28 12:58:57,264 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2018-11-28 12:58:57,264 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2018-11-28 12:58:57,264 INFO L87 Difference]: Start difference. First operand 458 states and 611 transitions. Second operand 3 states. [2018-11-28 12:58:57,303 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-28 12:58:57,304 INFO L93 Difference]: Finished difference Result 698 states and 916 transitions. [2018-11-28 12:58:57,304 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2018-11-28 12:58:57,304 INFO L78 Accepts]: Start accepts. Automaton has 3 states. Word has length 165 [2018-11-28 12:58:57,305 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-28 12:58:57,306 INFO L225 Difference]: With dead ends: 698 [2018-11-28 12:58:57,306 INFO L226 Difference]: Without dead ends: 461 [2018-11-28 12:58:57,308 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2018-11-28 12:58:57,309 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 461 states. [2018-11-28 12:58:57,330 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 461 to 460. [2018-11-28 12:58:57,331 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 460 states. [2018-11-28 12:58:57,333 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 460 states to 460 states and 613 transitions. [2018-11-28 12:58:57,333 INFO L78 Accepts]: Start accepts. Automaton has 460 states and 613 transitions. Word has length 165 [2018-11-28 12:58:57,334 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-28 12:58:57,334 INFO L480 AbstractCegarLoop]: Abstraction has 460 states and 613 transitions. [2018-11-28 12:58:57,334 INFO L481 AbstractCegarLoop]: Interpolant automaton has 3 states. [2018-11-28 12:58:57,334 INFO L276 IsEmpty]: Start isEmpty. Operand 460 states and 613 transitions. [2018-11-28 12:58:57,337 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 172 [2018-11-28 12:58:57,337 INFO L394 BasicCegarLoop]: Found error trace [2018-11-28 12:58:57,337 INFO L402 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-28 12:58:57,337 INFO L423 AbstractCegarLoop]: === Iteration 3 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-28 12:58:57,338 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-28 12:58:57,338 INFO L82 PathProgramCache]: Analyzing trace with hash -1922852473, now seen corresponding path program 1 times [2018-11-28 12:58:57,338 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-28 12:58:57,338 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-28 12:58:57,339 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:58:57,339 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-28 12:58:57,339 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:58:57,369 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-28 12:58:57,427 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 32 trivial. 0 not checked. [2018-11-28 12:58:57,427 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-28 12:58:57,428 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2018-11-28 12:58:57,428 INFO L459 AbstractCegarLoop]: Interpolant automaton has 3 states [2018-11-28 12:58:57,428 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2018-11-28 12:58:57,428 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2018-11-28 12:58:57,429 INFO L87 Difference]: Start difference. First operand 460 states and 613 transitions. Second operand 3 states. [2018-11-28 12:58:57,471 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-28 12:58:57,472 INFO L93 Difference]: Finished difference Result 894 states and 1221 transitions. [2018-11-28 12:58:57,475 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2018-11-28 12:58:57,475 INFO L78 Accepts]: Start accepts. Automaton has 3 states. Word has length 171 [2018-11-28 12:58:57,476 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-28 12:58:57,478 INFO L225 Difference]: With dead ends: 894 [2018-11-28 12:58:57,479 INFO L226 Difference]: Without dead ends: 499 [2018-11-28 12:58:57,480 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2018-11-28 12:58:57,481 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 499 states. [2018-11-28 12:58:57,498 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 499 to 498. [2018-11-28 12:58:57,498 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 498 states. [2018-11-28 12:58:57,501 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 498 states to 498 states and 679 transitions. [2018-11-28 12:58:57,501 INFO L78 Accepts]: Start accepts. Automaton has 498 states and 679 transitions. Word has length 171 [2018-11-28 12:58:57,502 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-28 12:58:57,502 INFO L480 AbstractCegarLoop]: Abstraction has 498 states and 679 transitions. [2018-11-28 12:58:57,502 INFO L481 AbstractCegarLoop]: Interpolant automaton has 3 states. [2018-11-28 12:58:57,502 INFO L276 IsEmpty]: Start isEmpty. Operand 498 states and 679 transitions. [2018-11-28 12:58:57,505 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 173 [2018-11-28 12:58:57,505 INFO L394 BasicCegarLoop]: Found error trace [2018-11-28 12:58:57,506 INFO L402 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-28 12:58:57,506 INFO L423 AbstractCegarLoop]: === Iteration 4 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-28 12:58:57,506 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-28 12:58:57,506 INFO L82 PathProgramCache]: Analyzing trace with hash -519889127, now seen corresponding path program 1 times [2018-11-28 12:58:57,506 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-28 12:58:57,506 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-28 12:58:57,507 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:58:57,507 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-28 12:58:57,507 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:58:57,549 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-28 12:58:57,679 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 34 trivial. 0 not checked. [2018-11-28 12:58:57,679 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-28 12:58:57,679 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2018-11-28 12:58:57,680 INFO L459 AbstractCegarLoop]: Interpolant automaton has 7 states [2018-11-28 12:58:57,680 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2018-11-28 12:58:57,680 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2018-11-28 12:58:57,681 INFO L87 Difference]: Start difference. First operand 498 states and 679 transitions. Second operand 7 states. [2018-11-28 12:58:59,104 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-28 12:58:59,104 INFO L93 Difference]: Finished difference Result 954 states and 1267 transitions. [2018-11-28 12:58:59,105 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2018-11-28 12:58:59,105 INFO L78 Accepts]: Start accepts. Automaton has 7 states. Word has length 172 [2018-11-28 12:58:59,105 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-28 12:58:59,108 INFO L225 Difference]: With dead ends: 954 [2018-11-28 12:58:59,108 INFO L226 Difference]: Without dead ends: 733 [2018-11-28 12:58:59,109 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 20 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 10 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=43, Invalid=113, Unknown=0, NotChecked=0, Total=156 [2018-11-28 12:58:59,110 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 733 states. [2018-11-28 12:58:59,133 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 733 to 724. [2018-11-28 12:58:59,133 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 724 states. [2018-11-28 12:58:59,135 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 724 states to 724 states and 971 transitions. [2018-11-28 12:58:59,135 INFO L78 Accepts]: Start accepts. Automaton has 724 states and 971 transitions. Word has length 172 [2018-11-28 12:58:59,136 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-28 12:58:59,136 INFO L480 AbstractCegarLoop]: Abstraction has 724 states and 971 transitions. [2018-11-28 12:58:59,136 INFO L481 AbstractCegarLoop]: Interpolant automaton has 7 states. [2018-11-28 12:58:59,136 INFO L276 IsEmpty]: Start isEmpty. Operand 724 states and 971 transitions. [2018-11-28 12:58:59,138 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 174 [2018-11-28 12:58:59,139 INFO L394 BasicCegarLoop]: Found error trace [2018-11-28 12:58:59,139 INFO L402 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-28 12:58:59,140 INFO L423 AbstractCegarLoop]: === Iteration 5 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-28 12:58:59,140 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-28 12:58:59,141 INFO L82 PathProgramCache]: Analyzing trace with hash 1975092219, now seen corresponding path program 1 times [2018-11-28 12:58:59,141 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-28 12:58:59,141 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-28 12:58:59,141 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:58:59,141 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-28 12:58:59,142 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:58:59,170 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-28 12:58:59,353 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 34 trivial. 0 not checked. [2018-11-28 12:58:59,353 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-28 12:58:59,353 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [18] imperfect sequences [] total 18 [2018-11-28 12:58:59,354 INFO L459 AbstractCegarLoop]: Interpolant automaton has 18 states [2018-11-28 12:58:59,354 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 18 interpolants. [2018-11-28 12:58:59,355 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=33, Invalid=273, Unknown=0, NotChecked=0, Total=306 [2018-11-28 12:58:59,355 INFO L87 Difference]: Start difference. First operand 724 states and 971 transitions. Second operand 18 states. [2018-11-28 12:58:59,706 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-28 12:58:59,706 INFO L93 Difference]: Finished difference Result 1249 states and 1659 transitions. [2018-11-28 12:58:59,708 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2018-11-28 12:58:59,708 INFO L78 Accepts]: Start accepts. Automaton has 18 states. Word has length 173 [2018-11-28 12:58:59,708 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-28 12:58:59,713 INFO L225 Difference]: With dead ends: 1249 [2018-11-28 12:58:59,713 INFO L226 Difference]: Without dead ends: 774 [2018-11-28 12:58:59,715 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 25 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 23 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 21 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=61, Invalid=539, Unknown=0, NotChecked=0, Total=600 [2018-11-28 12:58:59,716 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 774 states. [2018-11-28 12:58:59,746 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 774 to 770. [2018-11-28 12:58:59,746 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 770 states. [2018-11-28 12:58:59,750 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 770 states to 770 states and 1034 transitions. [2018-11-28 12:58:59,750 INFO L78 Accepts]: Start accepts. Automaton has 770 states and 1034 transitions. Word has length 173 [2018-11-28 12:58:59,751 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-28 12:58:59,751 INFO L480 AbstractCegarLoop]: Abstraction has 770 states and 1034 transitions. [2018-11-28 12:58:59,751 INFO L481 AbstractCegarLoop]: Interpolant automaton has 18 states. [2018-11-28 12:58:59,751 INFO L276 IsEmpty]: Start isEmpty. Operand 770 states and 1034 transitions. [2018-11-28 12:58:59,754 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 183 [2018-11-28 12:58:59,754 INFO L394 BasicCegarLoop]: Found error trace [2018-11-28 12:58:59,754 INFO L402 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-28 12:58:59,754 INFO L423 AbstractCegarLoop]: === Iteration 6 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-28 12:58:59,754 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-28 12:58:59,754 INFO L82 PathProgramCache]: Analyzing trace with hash -148397632, now seen corresponding path program 1 times [2018-11-28 12:58:59,754 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-28 12:58:59,755 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-28 12:58:59,757 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:58:59,758 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-28 12:58:59,758 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:58:59,796 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-28 12:58:59,891 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 34 trivial. 0 not checked. [2018-11-28 12:58:59,891 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-28 12:58:59,891 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2018-11-28 12:58:59,891 INFO L459 AbstractCegarLoop]: Interpolant automaton has 8 states [2018-11-28 12:58:59,892 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2018-11-28 12:58:59,892 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2018-11-28 12:58:59,892 INFO L87 Difference]: Start difference. First operand 770 states and 1034 transitions. Second operand 8 states. [2018-11-28 12:59:00,310 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-28 12:59:00,310 INFO L93 Difference]: Finished difference Result 1455 states and 1940 transitions. [2018-11-28 12:59:00,311 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2018-11-28 12:59:00,311 INFO L78 Accepts]: Start accepts. Automaton has 8 states. Word has length 182 [2018-11-28 12:59:00,311 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-28 12:59:00,316 INFO L225 Difference]: With dead ends: 1455 [2018-11-28 12:59:00,316 INFO L226 Difference]: Without dead ends: 1296 [2018-11-28 12:59:00,317 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 2 SyntacticMatches, 1 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 10 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=33, Invalid=123, Unknown=0, NotChecked=0, Total=156 [2018-11-28 12:59:00,319 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1296 states. [2018-11-28 12:59:00,371 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1296 to 1283. [2018-11-28 12:59:00,372 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 1283 states. [2018-11-28 12:59:00,378 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1283 states to 1283 states and 1714 transitions. [2018-11-28 12:59:00,378 INFO L78 Accepts]: Start accepts. Automaton has 1283 states and 1714 transitions. Word has length 182 [2018-11-28 12:59:00,379 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-28 12:59:00,379 INFO L480 AbstractCegarLoop]: Abstraction has 1283 states and 1714 transitions. [2018-11-28 12:59:00,379 INFO L481 AbstractCegarLoop]: Interpolant automaton has 8 states. [2018-11-28 12:59:00,379 INFO L276 IsEmpty]: Start isEmpty. Operand 1283 states and 1714 transitions. [2018-11-28 12:59:00,382 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 184 [2018-11-28 12:59:00,383 INFO L394 BasicCegarLoop]: Found error trace [2018-11-28 12:59:00,383 INFO L402 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-28 12:59:00,383 INFO L423 AbstractCegarLoop]: === Iteration 7 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-28 12:59:00,383 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-28 12:59:00,383 INFO L82 PathProgramCache]: Analyzing trace with hash -116097865, now seen corresponding path program 1 times [2018-11-28 12:59:00,384 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-28 12:59:00,384 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-28 12:59:00,384 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:59:00,384 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-28 12:59:00,384 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:59:00,425 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-28 12:59:00,671 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 3 proven. 0 refuted. 0 times theorem prover too weak. 31 trivial. 0 not checked. [2018-11-28 12:59:00,671 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-28 12:59:00,671 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [17] imperfect sequences [] total 17 [2018-11-28 12:59:00,672 INFO L459 AbstractCegarLoop]: Interpolant automaton has 17 states [2018-11-28 12:59:00,672 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 17 interpolants. [2018-11-28 12:59:00,672 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=31, Invalid=241, Unknown=0, NotChecked=0, Total=272 [2018-11-28 12:59:00,672 INFO L87 Difference]: Start difference. First operand 1283 states and 1714 transitions. Second operand 17 states. [2018-11-28 12:59:01,242 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-28 12:59:01,242 INFO L93 Difference]: Finished difference Result 1748 states and 2313 transitions. [2018-11-28 12:59:01,243 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 17 states. [2018-11-28 12:59:01,243 INFO L78 Accepts]: Start accepts. Automaton has 17 states. Word has length 183 [2018-11-28 12:59:01,243 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-28 12:59:01,249 INFO L225 Difference]: With dead ends: 1748 [2018-11-28 12:59:01,249 INFO L226 Difference]: Without dead ends: 1282 [2018-11-28 12:59:01,251 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 32 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 29 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 84 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=101, Invalid=829, Unknown=0, NotChecked=0, Total=930 [2018-11-28 12:59:01,252 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1282 states. [2018-11-28 12:59:01,292 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1282 to 1281. [2018-11-28 12:59:01,293 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 1281 states. [2018-11-28 12:59:01,296 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1281 states to 1281 states and 1709 transitions. [2018-11-28 12:59:01,296 INFO L78 Accepts]: Start accepts. Automaton has 1281 states and 1709 transitions. Word has length 183 [2018-11-28 12:59:01,297 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-28 12:59:01,297 INFO L480 AbstractCegarLoop]: Abstraction has 1281 states and 1709 transitions. [2018-11-28 12:59:01,297 INFO L481 AbstractCegarLoop]: Interpolant automaton has 17 states. [2018-11-28 12:59:01,297 INFO L276 IsEmpty]: Start isEmpty. Operand 1281 states and 1709 transitions. [2018-11-28 12:59:01,300 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 184 [2018-11-28 12:59:01,300 INFO L394 BasicCegarLoop]: Found error trace [2018-11-28 12:59:01,300 INFO L402 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-28 12:59:01,300 INFO L423 AbstractCegarLoop]: === Iteration 8 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-28 12:59:01,300 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-28 12:59:01,300 INFO L82 PathProgramCache]: Analyzing trace with hash -1461413315, now seen corresponding path program 2 times [2018-11-28 12:59:01,300 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-28 12:59:01,300 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-28 12:59:01,301 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:59:01,301 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-28 12:59:01,301 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:59:01,324 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-28 12:59:01,422 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 0 proven. 3 refuted. 0 times theorem prover too weak. 31 trivial. 0 not checked. [2018-11-28 12:59:01,423 INFO L300 seRefinementStrategy]: The current sequences of interpolants are not accepted, trying to find more. [2018-11-28 12:59:01,423 INFO L223 ckRefinementStrategy]: Switched to mode Z3_FP No working directory specified, using /tmp/vcloud-vcloud-master/worker/working_dir_69c16468-adf0-42ac-bcca-69aed0e597cf/bin-2019/uautomizer/z3 Starting monitored process 2 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 2 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 [2018-11-28 12:59:01,431 INFO L103 rtionOrderModulation]: Keeping assertion order OUTSIDE_LOOP_FIRST1 [2018-11-28 12:59:01,615 INFO L249 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST1 issued 1 check-sat command(s) [2018-11-28 12:59:01,615 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2018-11-28 12:59:01,630 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-28 12:59:01,766 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 8 proven. 0 refuted. 0 times theorem prover too weak. 26 trivial. 0 not checked. [2018-11-28 12:59:01,783 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 1 imperfect interpolant sequences. [2018-11-28 12:59:01,784 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [8] imperfect sequences [11] total 17 [2018-11-28 12:59:01,784 INFO L459 AbstractCegarLoop]: Interpolant automaton has 17 states [2018-11-28 12:59:01,784 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 17 interpolants. [2018-11-28 12:59:01,785 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=32, Invalid=240, Unknown=0, NotChecked=0, Total=272 [2018-11-28 12:59:01,785 INFO L87 Difference]: Start difference. First operand 1281 states and 1709 transitions. Second operand 17 states. [2018-11-28 12:59:03,061 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-28 12:59:03,063 INFO L93 Difference]: Finished difference Result 2876 states and 3849 transitions. [2018-11-28 12:59:03,064 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 28 states. [2018-11-28 12:59:03,064 INFO L78 Accepts]: Start accepts. Automaton has 17 states. Word has length 183 [2018-11-28 12:59:03,064 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-28 12:59:03,073 INFO L225 Difference]: With dead ends: 2876 [2018-11-28 12:59:03,073 INFO L226 Difference]: Without dead ends: 2190 [2018-11-28 12:59:03,077 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 224 GetRequests, 184 SyntacticMatches, 0 SemanticMatches, 40 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 289 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=199, Invalid=1523, Unknown=0, NotChecked=0, Total=1722 [2018-11-28 12:59:03,079 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2190 states. [2018-11-28 12:59:03,171 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2190 to 2171. [2018-11-28 12:59:03,171 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 2171 states. [2018-11-28 12:59:03,180 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2171 states to 2171 states and 2926 transitions. [2018-11-28 12:59:03,180 INFO L78 Accepts]: Start accepts. Automaton has 2171 states and 2926 transitions. Word has length 183 [2018-11-28 12:59:03,181 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-28 12:59:03,181 INFO L480 AbstractCegarLoop]: Abstraction has 2171 states and 2926 transitions. [2018-11-28 12:59:03,181 INFO L481 AbstractCegarLoop]: Interpolant automaton has 17 states. [2018-11-28 12:59:03,181 INFO L276 IsEmpty]: Start isEmpty. Operand 2171 states and 2926 transitions. [2018-11-28 12:59:03,189 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 303 [2018-11-28 12:59:03,190 INFO L394 BasicCegarLoop]: Found error trace [2018-11-28 12:59:03,190 INFO L402 BasicCegarLoop]: trace histogram [4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-28 12:59:03,190 INFO L423 AbstractCegarLoop]: === Iteration 9 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-28 12:59:03,190 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-28 12:59:03,190 INFO L82 PathProgramCache]: Analyzing trace with hash -249638608, now seen corresponding path program 1 times [2018-11-28 12:59:03,191 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-28 12:59:03,191 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-28 12:59:03,191 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:59:03,191 INFO L101 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY [2018-11-28 12:59:03,191 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:59:03,239 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-28 12:59:03,582 INFO L134 CoverageAnalysis]: Checked inductivity of 114 backedges. 24 proven. 14 refuted. 0 times theorem prover too weak. 76 trivial. 0 not checked. [2018-11-28 12:59:03,582 INFO L300 seRefinementStrategy]: The current sequences of interpolants are not accepted, trying to find more. [2018-11-28 12:59:03,582 INFO L223 ckRefinementStrategy]: Switched to mode Z3_FP No working directory specified, using /tmp/vcloud-vcloud-master/worker/working_dir_69c16468-adf0-42ac-bcca-69aed0e597cf/bin-2019/uautomizer/z3 Starting monitored process 3 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 3 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 [2018-11-28 12:59:03,594 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-28 12:59:03,926 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-28 12:59:03,944 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-28 12:59:04,258 INFO L134 CoverageAnalysis]: Checked inductivity of 114 backedges. 24 proven. 0 refuted. 0 times theorem prover too weak. 90 trivial. 0 not checked. [2018-11-28 12:59:04,286 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 1 imperfect interpolant sequences. [2018-11-28 12:59:04,287 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [9] imperfect sequences [21] total 28 [2018-11-28 12:59:04,287 INFO L459 AbstractCegarLoop]: Interpolant automaton has 28 states [2018-11-28 12:59:04,288 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 28 interpolants. [2018-11-28 12:59:04,288 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=64, Invalid=692, Unknown=0, NotChecked=0, Total=756 [2018-11-28 12:59:04,288 INFO L87 Difference]: Start difference. First operand 2171 states and 2926 transitions. Second operand 28 states. [2018-11-28 12:59:10,577 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-28 12:59:10,577 INFO L93 Difference]: Finished difference Result 14056 states and 19127 transitions. [2018-11-28 12:59:10,577 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 91 states. [2018-11-28 12:59:10,578 INFO L78 Accepts]: Start accepts. Automaton has 28 states. Word has length 302 [2018-11-28 12:59:10,578 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-28 12:59:10,628 INFO L225 Difference]: With dead ends: 14056 [2018-11-28 12:59:10,629 INFO L226 Difference]: Without dead ends: 11873 [2018-11-28 12:59:10,640 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 439 GetRequests, 324 SyntacticMatches, 1 SemanticMatches, 114 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3881 ImplicationChecksByTransitivity, 1.5s TimeCoverageRelationStatistics Valid=938, Invalid=12402, Unknown=0, NotChecked=0, Total=13340 [2018-11-28 12:59:10,651 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 11873 states. [2018-11-28 12:59:11,134 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 11873 to 10523. [2018-11-28 12:59:11,135 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 10523 states. [2018-11-28 12:59:11,163 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10523 states to 10523 states and 14202 transitions. [2018-11-28 12:59:11,164 INFO L78 Accepts]: Start accepts. Automaton has 10523 states and 14202 transitions. Word has length 302 [2018-11-28 12:59:11,164 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-28 12:59:11,164 INFO L480 AbstractCegarLoop]: Abstraction has 10523 states and 14202 transitions. [2018-11-28 12:59:11,164 INFO L481 AbstractCegarLoop]: Interpolant automaton has 28 states. [2018-11-28 12:59:11,164 INFO L276 IsEmpty]: Start isEmpty. Operand 10523 states and 14202 transitions. [2018-11-28 12:59:11,196 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 306 [2018-11-28 12:59:11,197 INFO L394 BasicCegarLoop]: Found error trace [2018-11-28 12:59:11,197 INFO L402 BasicCegarLoop]: trace histogram [4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-28 12:59:11,197 INFO L423 AbstractCegarLoop]: === Iteration 10 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-28 12:59:11,198 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-28 12:59:11,198 INFO L82 PathProgramCache]: Analyzing trace with hash -901827560, now seen corresponding path program 1 times [2018-11-28 12:59:11,198 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-28 12:59:11,198 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-28 12:59:11,199 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:59:11,199 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-28 12:59:11,199 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:59:11,233 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-28 12:59:11,471 INFO L134 CoverageAnalysis]: Checked inductivity of 115 backedges. 24 proven. 3 refuted. 0 times theorem prover too weak. 88 trivial. 0 not checked. [2018-11-28 12:59:11,471 INFO L300 seRefinementStrategy]: The current sequences of interpolants are not accepted, trying to find more. [2018-11-28 12:59:11,471 INFO L223 ckRefinementStrategy]: Switched to mode Z3_FP No working directory specified, using /tmp/vcloud-vcloud-master/worker/working_dir_69c16468-adf0-42ac-bcca-69aed0e597cf/bin-2019/uautomizer/z3 Starting monitored process 4 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 4 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 [2018-11-28 12:59:11,480 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-28 12:59:11,863 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-28 12:59:11,879 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-28 12:59:12,023 INFO L134 CoverageAnalysis]: Checked inductivity of 115 backedges. 24 proven. 0 refuted. 0 times theorem prover too weak. 91 trivial. 0 not checked. [2018-11-28 12:59:12,051 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 1 imperfect interpolant sequences. [2018-11-28 12:59:12,051 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [7] imperfect sequences [16] total 21 [2018-11-28 12:59:12,052 INFO L459 AbstractCegarLoop]: Interpolant automaton has 21 states [2018-11-28 12:59:12,052 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 21 interpolants. [2018-11-28 12:59:12,052 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=43, Invalid=377, Unknown=0, NotChecked=0, Total=420 [2018-11-28 12:59:12,053 INFO L87 Difference]: Start difference. First operand 10523 states and 14202 transitions. Second operand 21 states. [2018-11-28 12:59:13,108 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-28 12:59:13,108 INFO L93 Difference]: Finished difference Result 22067 states and 30058 transitions. [2018-11-28 12:59:13,108 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 24 states. [2018-11-28 12:59:13,108 INFO L78 Accepts]: Start accepts. Automaton has 21 states. Word has length 305 [2018-11-28 12:59:13,109 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-28 12:59:13,140 INFO L225 Difference]: With dead ends: 22067 [2018-11-28 12:59:13,141 INFO L226 Difference]: Without dead ends: 10875 [2018-11-28 12:59:13,164 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 340 GetRequests, 302 SyntacticMatches, 0 SemanticMatches, 38 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 164 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=136, Invalid=1424, Unknown=0, NotChecked=0, Total=1560 [2018-11-28 12:59:13,172 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 10875 states. [2018-11-28 12:59:13,456 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 10875 to 10319. [2018-11-28 12:59:13,456 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 10319 states. [2018-11-28 12:59:13,477 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10319 states to 10319 states and 13785 transitions. [2018-11-28 12:59:13,479 INFO L78 Accepts]: Start accepts. Automaton has 10319 states and 13785 transitions. Word has length 305 [2018-11-28 12:59:13,480 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-28 12:59:13,480 INFO L480 AbstractCegarLoop]: Abstraction has 10319 states and 13785 transitions. [2018-11-28 12:59:13,480 INFO L481 AbstractCegarLoop]: Interpolant automaton has 21 states. [2018-11-28 12:59:13,480 INFO L276 IsEmpty]: Start isEmpty. Operand 10319 states and 13785 transitions. [2018-11-28 12:59:13,504 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 308 [2018-11-28 12:59:13,504 INFO L394 BasicCegarLoop]: Found error trace [2018-11-28 12:59:13,504 INFO L402 BasicCegarLoop]: trace histogram [4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-28 12:59:13,504 INFO L423 AbstractCegarLoop]: === Iteration 11 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-28 12:59:13,505 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-28 12:59:13,505 INFO L82 PathProgramCache]: Analyzing trace with hash -1207505723, now seen corresponding path program 1 times [2018-11-28 12:59:13,505 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-28 12:59:13,505 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-28 12:59:13,506 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:59:13,506 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-28 12:59:13,506 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:59:13,531 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-28 12:59:13,715 INFO L134 CoverageAnalysis]: Checked inductivity of 116 backedges. 21 proven. 3 refuted. 0 times theorem prover too weak. 92 trivial. 0 not checked. [2018-11-28 12:59:13,715 INFO L300 seRefinementStrategy]: The current sequences of interpolants are not accepted, trying to find more. [2018-11-28 12:59:13,715 INFO L223 ckRefinementStrategy]: Switched to mode Z3_FP No working directory specified, using /tmp/vcloud-vcloud-master/worker/working_dir_69c16468-adf0-42ac-bcca-69aed0e597cf/bin-2019/uautomizer/z3 Starting monitored process 5 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 5 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 [2018-11-28 12:59:13,722 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-28 12:59:13,945 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-28 12:59:13,957 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-28 12:59:14,081 INFO L134 CoverageAnalysis]: Checked inductivity of 116 backedges. 16 proven. 0 refuted. 0 times theorem prover too weak. 100 trivial. 0 not checked. [2018-11-28 12:59:14,098 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 1 imperfect interpolant sequences. [2018-11-28 12:59:14,099 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [9] imperfect sequences [11] total 18 [2018-11-28 12:59:14,099 INFO L459 AbstractCegarLoop]: Interpolant automaton has 18 states [2018-11-28 12:59:14,100 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 18 interpolants. [2018-11-28 12:59:14,100 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=39, Invalid=267, Unknown=0, NotChecked=0, Total=306 [2018-11-28 12:59:14,100 INFO L87 Difference]: Start difference. First operand 10319 states and 13785 transitions. Second operand 18 states. [2018-11-28 12:59:15,190 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-28 12:59:15,190 INFO L93 Difference]: Finished difference Result 21213 states and 28420 transitions. [2018-11-28 12:59:15,191 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2018-11-28 12:59:15,191 INFO L78 Accepts]: Start accepts. Automaton has 18 states. Word has length 307 [2018-11-28 12:59:15,191 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-28 12:59:15,223 INFO L225 Difference]: With dead ends: 21213 [2018-11-28 12:59:15,223 INFO L226 Difference]: Without dead ends: 10685 [2018-11-28 12:59:15,245 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 336 GetRequests, 305 SyntacticMatches, 0 SemanticMatches, 31 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 84 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=141, Invalid=915, Unknown=0, NotChecked=0, Total=1056 [2018-11-28 12:59:15,254 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 10685 states. [2018-11-28 12:59:15,651 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 10685 to 10393. [2018-11-28 12:59:15,651 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 10393 states. [2018-11-28 12:59:15,667 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10393 states to 10393 states and 13884 transitions. [2018-11-28 12:59:15,669 INFO L78 Accepts]: Start accepts. Automaton has 10393 states and 13884 transitions. Word has length 307 [2018-11-28 12:59:15,669 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-28 12:59:15,669 INFO L480 AbstractCegarLoop]: Abstraction has 10393 states and 13884 transitions. [2018-11-28 12:59:15,669 INFO L481 AbstractCegarLoop]: Interpolant automaton has 18 states. [2018-11-28 12:59:15,669 INFO L276 IsEmpty]: Start isEmpty. Operand 10393 states and 13884 transitions. [2018-11-28 12:59:15,691 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 308 [2018-11-28 12:59:15,691 INFO L394 BasicCegarLoop]: Found error trace [2018-11-28 12:59:15,691 INFO L402 BasicCegarLoop]: trace histogram [4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-28 12:59:15,691 INFO L423 AbstractCegarLoop]: === Iteration 12 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-28 12:59:15,691 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-28 12:59:15,691 INFO L82 PathProgramCache]: Analyzing trace with hash 1399576548, now seen corresponding path program 1 times [2018-11-28 12:59:15,692 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-28 12:59:15,692 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-28 12:59:15,692 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:59:15,692 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-28 12:59:15,692 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:59:15,714 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-28 12:59:15,784 INFO L134 CoverageAnalysis]: Checked inductivity of 116 backedges. 21 proven. 0 refuted. 0 times theorem prover too weak. 95 trivial. 0 not checked. [2018-11-28 12:59:15,784 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-28 12:59:15,784 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2018-11-28 12:59:15,785 INFO L459 AbstractCegarLoop]: Interpolant automaton has 5 states [2018-11-28 12:59:15,785 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2018-11-28 12:59:15,785 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2018-11-28 12:59:15,785 INFO L87 Difference]: Start difference. First operand 10393 states and 13884 transitions. Second operand 5 states. [2018-11-28 12:59:15,990 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-28 12:59:15,990 INFO L93 Difference]: Finished difference Result 17260 states and 22902 transitions. [2018-11-28 12:59:15,991 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2018-11-28 12:59:15,991 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 307 [2018-11-28 12:59:15,991 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-28 12:59:16,014 INFO L225 Difference]: With dead ends: 17260 [2018-11-28 12:59:16,015 INFO L226 Difference]: Without dead ends: 10341 [2018-11-28 12:59:16,027 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2018-11-28 12:59:16,034 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 10341 states. [2018-11-28 12:59:16,290 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 10341 to 10337. [2018-11-28 12:59:16,291 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 10337 states. [2018-11-28 12:59:16,307 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10337 states to 10337 states and 13790 transitions. [2018-11-28 12:59:16,308 INFO L78 Accepts]: Start accepts. Automaton has 10337 states and 13790 transitions. Word has length 307 [2018-11-28 12:59:16,308 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-28 12:59:16,308 INFO L480 AbstractCegarLoop]: Abstraction has 10337 states and 13790 transitions. [2018-11-28 12:59:16,309 INFO L481 AbstractCegarLoop]: Interpolant automaton has 5 states. [2018-11-28 12:59:16,309 INFO L276 IsEmpty]: Start isEmpty. Operand 10337 states and 13790 transitions. [2018-11-28 12:59:16,327 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 309 [2018-11-28 12:59:16,327 INFO L394 BasicCegarLoop]: Found error trace [2018-11-28 12:59:16,327 INFO L402 BasicCegarLoop]: trace histogram [4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-28 12:59:16,328 INFO L423 AbstractCegarLoop]: === Iteration 13 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-28 12:59:16,328 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-28 12:59:16,328 INFO L82 PathProgramCache]: Analyzing trace with hash -67426343, now seen corresponding path program 1 times [2018-11-28 12:59:16,328 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-28 12:59:16,328 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-28 12:59:16,329 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:59:16,329 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-28 12:59:16,329 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:59:16,349 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-28 12:59:16,441 INFO L134 CoverageAnalysis]: Checked inductivity of 118 backedges. 21 proven. 2 refuted. 0 times theorem prover too weak. 95 trivial. 0 not checked. [2018-11-28 12:59:16,441 INFO L300 seRefinementStrategy]: The current sequences of interpolants are not accepted, trying to find more. [2018-11-28 12:59:16,441 INFO L223 ckRefinementStrategy]: Switched to mode Z3_FP No working directory specified, using /tmp/vcloud-vcloud-master/worker/working_dir_69c16468-adf0-42ac-bcca-69aed0e597cf/bin-2019/uautomizer/z3 Starting monitored process 6 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 6 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 [2018-11-28 12:59:16,452 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-28 12:59:16,674 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-28 12:59:16,685 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-11-28 12:59:16,812 INFO L134 CoverageAnalysis]: Checked inductivity of 118 backedges. 17 proven. 0 refuted. 0 times theorem prover too weak. 101 trivial. 0 not checked. [2018-11-28 12:59:16,829 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 1 imperfect interpolant sequences. [2018-11-28 12:59:16,829 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [9] imperfect sequences [5] total 12 [2018-11-28 12:59:16,830 INFO L459 AbstractCegarLoop]: Interpolant automaton has 12 states [2018-11-28 12:59:16,830 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2018-11-28 12:59:16,830 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=27, Invalid=105, Unknown=0, NotChecked=0, Total=132 [2018-11-28 12:59:16,830 INFO L87 Difference]: Start difference. First operand 10337 states and 13790 transitions. Second operand 12 states. [2018-11-28 12:59:18,611 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-28 12:59:18,611 INFO L93 Difference]: Finished difference Result 33863 states and 45372 transitions. [2018-11-28 12:59:18,611 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2018-11-28 12:59:18,611 INFO L78 Accepts]: Start accepts. Automaton has 12 states. Word has length 308 [2018-11-28 12:59:18,611 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-28 12:59:18,689 INFO L225 Difference]: With dead ends: 33863 [2018-11-28 12:59:18,690 INFO L226 Difference]: Without dead ends: 23569 [2018-11-28 12:59:18,714 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 331 GetRequests, 309 SyntacticMatches, 1 SemanticMatches, 21 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 44 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=95, Invalid=411, Unknown=0, NotChecked=0, Total=506 [2018-11-28 12:59:18,736 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 23569 states. [2018-11-28 12:59:19,561 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 23569 to 21311. [2018-11-28 12:59:19,561 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 21311 states. [2018-11-28 12:59:19,592 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 21311 states to 21311 states and 28452 transitions. [2018-11-28 12:59:19,594 INFO L78 Accepts]: Start accepts. Automaton has 21311 states and 28452 transitions. Word has length 308 [2018-11-28 12:59:19,594 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-28 12:59:19,594 INFO L480 AbstractCegarLoop]: Abstraction has 21311 states and 28452 transitions. [2018-11-28 12:59:19,594 INFO L481 AbstractCegarLoop]: Interpolant automaton has 12 states. [2018-11-28 12:59:19,594 INFO L276 IsEmpty]: Start isEmpty. Operand 21311 states and 28452 transitions. [2018-11-28 12:59:19,617 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 310 [2018-11-28 12:59:19,617 INFO L394 BasicCegarLoop]: Found error trace [2018-11-28 12:59:19,617 INFO L402 BasicCegarLoop]: trace histogram [4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-28 12:59:19,617 INFO L423 AbstractCegarLoop]: === Iteration 14 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-28 12:59:19,618 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-28 12:59:19,618 INFO L82 PathProgramCache]: Analyzing trace with hash 806266354, now seen corresponding path program 1 times [2018-11-28 12:59:19,618 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-28 12:59:19,618 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-28 12:59:19,618 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:59:19,619 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-28 12:59:19,619 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:59:19,642 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-28 12:59:19,743 INFO L134 CoverageAnalysis]: Checked inductivity of 118 backedges. 21 proven. 0 refuted. 0 times theorem prover too weak. 97 trivial. 0 not checked. [2018-11-28 12:59:19,743 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-28 12:59:19,743 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2018-11-28 12:59:19,743 INFO L459 AbstractCegarLoop]: Interpolant automaton has 9 states [2018-11-28 12:59:19,743 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2018-11-28 12:59:19,744 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=57, Unknown=0, NotChecked=0, Total=72 [2018-11-28 12:59:19,744 INFO L87 Difference]: Start difference. First operand 21311 states and 28452 transitions. Second operand 9 states. [2018-11-28 12:59:22,509 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-28 12:59:22,509 INFO L93 Difference]: Finished difference Result 76862 states and 102760 transitions. [2018-11-28 12:59:22,509 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2018-11-28 12:59:22,509 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 309 [2018-11-28 12:59:22,510 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-28 12:59:22,642 INFO L225 Difference]: With dead ends: 76862 [2018-11-28 12:59:22,642 INFO L226 Difference]: Without dead ends: 60449 [2018-11-28 12:59:22,670 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 33 GetRequests, 17 SyntacticMatches, 0 SemanticMatches, 16 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 29 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=65, Invalid=241, Unknown=0, NotChecked=0, Total=306 [2018-11-28 12:59:22,710 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 60449 states. [2018-11-28 12:59:24,247 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 60449 to 55251. [2018-11-28 12:59:24,247 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 55251 states. [2018-11-28 12:59:24,336 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 55251 states to 55251 states and 74493 transitions. [2018-11-28 12:59:24,339 INFO L78 Accepts]: Start accepts. Automaton has 55251 states and 74493 transitions. Word has length 309 [2018-11-28 12:59:24,340 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-28 12:59:24,340 INFO L480 AbstractCegarLoop]: Abstraction has 55251 states and 74493 transitions. [2018-11-28 12:59:24,340 INFO L481 AbstractCegarLoop]: Interpolant automaton has 9 states. [2018-11-28 12:59:24,340 INFO L276 IsEmpty]: Start isEmpty. Operand 55251 states and 74493 transitions. [2018-11-28 12:59:24,401 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 310 [2018-11-28 12:59:24,401 INFO L394 BasicCegarLoop]: Found error trace [2018-11-28 12:59:24,401 INFO L402 BasicCegarLoop]: trace histogram [4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-28 12:59:24,401 INFO L423 AbstractCegarLoop]: === Iteration 15 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-28 12:59:24,402 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-28 12:59:24,402 INFO L82 PathProgramCache]: Analyzing trace with hash 1181102727, now seen corresponding path program 1 times [2018-11-28 12:59:24,402 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-28 12:59:24,402 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-28 12:59:24,402 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:59:24,403 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-28 12:59:24,403 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:59:24,434 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-28 12:59:24,721 INFO L134 CoverageAnalysis]: Checked inductivity of 116 backedges. 21 proven. 0 refuted. 0 times theorem prover too weak. 95 trivial. 0 not checked. [2018-11-28 12:59:24,721 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-28 12:59:24,721 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [24] imperfect sequences [] total 24 [2018-11-28 12:59:24,721 INFO L459 AbstractCegarLoop]: Interpolant automaton has 24 states [2018-11-28 12:59:24,721 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 24 interpolants. [2018-11-28 12:59:24,722 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=45, Invalid=507, Unknown=0, NotChecked=0, Total=552 [2018-11-28 12:59:24,722 INFO L87 Difference]: Start difference. First operand 55251 states and 74493 transitions. Second operand 24 states. [2018-11-28 12:59:26,540 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-28 12:59:26,540 INFO L93 Difference]: Finished difference Result 97562 states and 131760 transitions. [2018-11-28 12:59:26,541 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 28 states. [2018-11-28 12:59:26,541 INFO L78 Accepts]: Start accepts. Automaton has 24 states. Word has length 309 [2018-11-28 12:59:26,541 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-28 12:59:26,616 INFO L225 Difference]: With dead ends: 97562 [2018-11-28 12:59:26,616 INFO L226 Difference]: Without dead ends: 43639 [2018-11-28 12:59:26,664 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 34 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 32 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 45 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=85, Invalid=1037, Unknown=0, NotChecked=0, Total=1122 [2018-11-28 12:59:26,693 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 43639 states. [2018-11-28 12:59:27,844 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 43639 to 42575. [2018-11-28 12:59:27,844 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 42575 states. [2018-11-28 12:59:27,909 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 42575 states to 42575 states and 57037 transitions. [2018-11-28 12:59:27,915 INFO L78 Accepts]: Start accepts. Automaton has 42575 states and 57037 transitions. Word has length 309 [2018-11-28 12:59:27,915 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-28 12:59:27,915 INFO L480 AbstractCegarLoop]: Abstraction has 42575 states and 57037 transitions. [2018-11-28 12:59:27,915 INFO L481 AbstractCegarLoop]: Interpolant automaton has 24 states. [2018-11-28 12:59:27,916 INFO L276 IsEmpty]: Start isEmpty. Operand 42575 states and 57037 transitions. [2018-11-28 12:59:27,959 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 314 [2018-11-28 12:59:27,959 INFO L394 BasicCegarLoop]: Found error trace [2018-11-28 12:59:27,960 INFO L402 BasicCegarLoop]: trace histogram [4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-28 12:59:27,960 INFO L423 AbstractCegarLoop]: === Iteration 16 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-28 12:59:27,960 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-28 12:59:27,960 INFO L82 PathProgramCache]: Analyzing trace with hash 106316644, now seen corresponding path program 1 times [2018-11-28 12:59:27,960 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-28 12:59:27,960 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-28 12:59:27,961 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:59:27,961 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-28 12:59:27,961 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:59:27,985 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-28 12:59:28,093 INFO L134 CoverageAnalysis]: Checked inductivity of 116 backedges. 21 proven. 0 refuted. 0 times theorem prover too weak. 95 trivial. 0 not checked. [2018-11-28 12:59:28,093 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-28 12:59:28,093 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2018-11-28 12:59:28,094 INFO L459 AbstractCegarLoop]: Interpolant automaton has 10 states [2018-11-28 12:59:28,094 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2018-11-28 12:59:28,094 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=17, Invalid=73, Unknown=0, NotChecked=0, Total=90 [2018-11-28 12:59:28,094 INFO L87 Difference]: Start difference. First operand 42575 states and 57037 transitions. Second operand 10 states. [2018-11-28 12:59:29,161 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-28 12:59:29,161 INFO L93 Difference]: Finished difference Result 58144 states and 77059 transitions. [2018-11-28 12:59:29,161 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2018-11-28 12:59:29,161 INFO L78 Accepts]: Start accepts. Automaton has 10 states. Word has length 313 [2018-11-28 12:59:29,162 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-28 12:59:29,247 INFO L225 Difference]: With dead ends: 58144 [2018-11-28 12:59:29,247 INFO L226 Difference]: Without dead ends: 42575 [2018-11-28 12:59:29,272 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=73, Unknown=0, NotChecked=0, Total=90 [2018-11-28 12:59:29,300 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 42575 states. [2018-11-28 12:59:30,506 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 42575 to 42575. [2018-11-28 12:59:30,506 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 42575 states. [2018-11-28 12:59:30,572 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 42575 states to 42575 states and 56989 transitions. [2018-11-28 12:59:30,576 INFO L78 Accepts]: Start accepts. Automaton has 42575 states and 56989 transitions. Word has length 313 [2018-11-28 12:59:30,576 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-28 12:59:30,576 INFO L480 AbstractCegarLoop]: Abstraction has 42575 states and 56989 transitions. [2018-11-28 12:59:30,576 INFO L481 AbstractCegarLoop]: Interpolant automaton has 10 states. [2018-11-28 12:59:30,576 INFO L276 IsEmpty]: Start isEmpty. Operand 42575 states and 56989 transitions. [2018-11-28 12:59:30,621 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 321 [2018-11-28 12:59:30,621 INFO L394 BasicCegarLoop]: Found error trace [2018-11-28 12:59:30,622 INFO L402 BasicCegarLoop]: trace histogram [4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-11-28 12:59:30,622 INFO L423 AbstractCegarLoop]: === Iteration 17 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-11-28 12:59:30,622 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-11-28 12:59:30,622 INFO L82 PathProgramCache]: Analyzing trace with hash -1214319505, now seen corresponding path program 1 times [2018-11-28 12:59:30,623 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-11-28 12:59:30,623 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-11-28 12:59:30,623 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:59:30,623 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-11-28 12:59:30,623 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-11-28 12:59:30,656 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-11-28 12:59:30,815 INFO L134 CoverageAnalysis]: Checked inductivity of 124 backedges. 21 proven. 0 refuted. 0 times theorem prover too weak. 103 trivial. 0 not checked. [2018-11-28 12:59:30,816 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-11-28 12:59:30,816 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2018-11-28 12:59:30,816 INFO L459 AbstractCegarLoop]: Interpolant automaton has 10 states [2018-11-28 12:59:30,816 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2018-11-28 12:59:30,816 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=18, Invalid=72, Unknown=0, NotChecked=0, Total=90 [2018-11-28 12:59:30,816 INFO L87 Difference]: Start difference. First operand 42575 states and 56989 transitions. Second operand 10 states. [2018-11-28 12:59:31,808 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-11-28 12:59:31,808 INFO L93 Difference]: Finished difference Result 48175 states and 63609 transitions. [2018-11-28 12:59:31,809 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2018-11-28 12:59:31,809 INFO L78 Accepts]: Start accepts. Automaton has 10 states. Word has length 320 [2018-11-28 12:59:31,809 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-11-28 12:59:31,812 INFO L225 Difference]: With dead ends: 48175 [2018-11-28 12:59:31,812 INFO L226 Difference]: Without dead ends: 0 [2018-11-28 12:59:31,858 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 18 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=48, Invalid=192, Unknown=0, NotChecked=0, Total=240 [2018-11-28 12:59:31,859 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2018-11-28 12:59:31,859 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2018-11-28 12:59:31,859 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 0 states. [2018-11-28 12:59:31,859 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2018-11-28 12:59:31,865 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 320 [2018-11-28 12:59:31,865 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-11-28 12:59:31,865 INFO L480 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2018-11-28 12:59:31,865 INFO L481 AbstractCegarLoop]: Interpolant automaton has 10 states. [2018-11-28 12:59:31,866 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2018-11-28 12:59:31,866 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-11-28 12:59:31,869 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2018-11-28 12:59:32,234 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:32,235 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:32,235 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:32,268 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:32,268 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:32,275 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:32,279 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:32,279 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:32,279 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:32,974 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:32,975 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:32,981 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:32,992 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:33,039 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:33,040 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:33,044 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:33,060 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:33,069 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:35,418 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:35,431 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:35,436 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:35,440 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:35,447 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:35,486 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:35,498 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:35,605 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:35,617 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:35,622 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:35,626 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:35,633 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:35,670 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:35,681 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:38,977 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:39,011 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:39,012 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:39,012 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:39,017 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:39,017 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:39,018 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:39,021 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:39,021 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:39,021 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:39,028 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:39,028 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:39,029 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:39,049 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:39,052 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:39,061 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:39,061 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:39,061 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:39,071 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:39,074 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:39,074 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:39,075 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:39,077 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-11-28 12:59:39,903 WARN L180 SmtUtils]: Spent 449.00 ms on a formula simplification. DAG size of input: 322 DAG size of output: 40 [2018-11-28 12:59:40,339 WARN L180 SmtUtils]: Spent 304.00 ms on a formula simplification. DAG size of input: 287 DAG size of output: 40 [2018-11-28 12:59:42,518 WARN L180 SmtUtils]: Spent 2.17 s on a formula simplification. DAG size of input: 481 DAG size of output: 40 [2018-11-28 12:59:45,540 WARN L180 SmtUtils]: Spent 3.01 s on a formula simplification. DAG size of input: 385 DAG size of output: 41 [2018-11-28 12:59:46,178 WARN L180 SmtUtils]: Spent 564.00 ms on a formula simplification. DAG size of input: 474 DAG size of output: 1 [2018-11-28 12:59:48,353 WARN L180 SmtUtils]: Spent 2.17 s on a formula simplification. DAG size of input: 481 DAG size of output: 40 [2018-11-28 12:59:50,728 WARN L180 SmtUtils]: Spent 2.35 s on a formula simplification. DAG size of input: 443 DAG size of output: 30 [2018-11-28 12:59:51,128 WARN L180 SmtUtils]: Spent 394.00 ms on a formula simplification. DAG size of input: 397 DAG size of output: 36 [2018-11-28 12:59:51,840 WARN L180 SmtUtils]: Spent 651.00 ms on a formula simplification. DAG size of input: 443 DAG size of output: 30 [2018-11-28 12:59:52,259 WARN L180 SmtUtils]: Spent 279.00 ms on a formula simplification. DAG size of input: 280 DAG size of output: 33 [2018-11-28 12:59:52,638 WARN L180 SmtUtils]: Spent 277.00 ms on a formula simplification. DAG size of input: 286 DAG size of output: 27 [2018-11-28 12:59:53,701 WARN L180 SmtUtils]: Spent 249.00 ms on a formula simplification. DAG size of input: 204 DAG size of output: 28 [2018-11-28 12:59:53,846 WARN L180 SmtUtils]: Spent 100.00 ms on a formula simplification. DAG size of input: 103 DAG size of output: 40 [2018-11-28 12:59:54,155 WARN L180 SmtUtils]: Spent 100.00 ms on a formula simplification. DAG size of input: 103 DAG size of output: 40 [2018-11-28 12:59:56,594 WARN L180 SmtUtils]: Spent 2.22 s on a formula simplification. DAG size of input: 481 DAG size of output: 40 [2018-11-28 12:59:57,043 WARN L180 SmtUtils]: Spent 373.00 ms on a formula simplification. DAG size of input: 299 DAG size of output: 36 [2018-11-28 12:59:57,338 WARN L180 SmtUtils]: Spent 101.00 ms on a formula simplification. DAG size of input: 106 DAG size of output: 43 [2018-11-28 12:59:58,124 WARN L180 SmtUtils]: Spent 770.00 ms on a formula simplification. DAG size of input: 500 DAG size of output: 24 [2018-11-28 12:59:58,799 WARN L180 SmtUtils]: Spent 613.00 ms on a formula simplification. DAG size of input: 431 DAG size of output: 30 [2018-11-28 13:00:01,100 WARN L180 SmtUtils]: Spent 2.18 s on a formula simplification. DAG size of input: 481 DAG size of output: 40 [2018-11-28 13:00:03,394 WARN L180 SmtUtils]: Spent 2.23 s on a formula simplification. DAG size of input: 481 DAG size of output: 40 [2018-11-28 13:00:03,952 WARN L180 SmtUtils]: Spent 434.00 ms on a formula simplification. DAG size of input: 295 DAG size of output: 43 [2018-11-28 13:00:04,308 WARN L180 SmtUtils]: Spent 320.00 ms on a formula simplification. DAG size of input: 292 DAG size of output: 36 [2018-11-28 13:00:04,761 WARN L180 SmtUtils]: Spent 341.00 ms on a formula simplification. DAG size of input: 316 DAG size of output: 33 [2018-11-28 13:00:05,231 WARN L180 SmtUtils]: Spent 398.00 ms on a formula simplification. DAG size of input: 397 DAG size of output: 36 [2018-11-28 13:00:05,889 WARN L180 SmtUtils]: Spent 651.00 ms on a formula simplification. DAG size of input: 431 DAG size of output: 30 [2018-11-28 13:00:07,295 WARN L180 SmtUtils]: Spent 1.40 s on a formula simplification. DAG size of input: 298 DAG size of output: 32 [2018-11-28 13:00:08,717 WARN L180 SmtUtils]: Spent 1.42 s on a formula simplification. DAG size of input: 298 DAG size of output: 32 [2018-11-28 13:00:09,240 WARN L180 SmtUtils]: Spent 299.00 ms on a formula simplification. DAG size of input: 287 DAG size of output: 40 [2018-11-28 13:00:09,486 WARN L180 SmtUtils]: Spent 239.00 ms on a formula simplification. DAG size of input: 157 DAG size of output: 23 [2018-11-28 13:00:11,687 WARN L180 SmtUtils]: Spent 2.19 s on a formula simplification. DAG size of input: 481 DAG size of output: 40 [2018-11-28 13:00:12,549 WARN L180 SmtUtils]: Spent 273.00 ms on a formula simplification. DAG size of input: 280 DAG size of output: 28 [2018-11-28 13:00:13,066 WARN L180 SmtUtils]: Spent 394.00 ms on a formula simplification. DAG size of input: 397 DAG size of output: 36 [2018-11-28 13:00:13,539 WARN L180 SmtUtils]: Spent 413.00 ms on a formula simplification. DAG size of input: 322 DAG size of output: 40 [2018-11-28 13:00:14,279 WARN L180 SmtUtils]: Spent 405.00 ms on a formula simplification. DAG size of input: 322 DAG size of output: 40 [2018-11-28 13:00:14,674 INFO L448 ceAbstractionStarter]: For program point bobKeyChangeFINAL(lines 2538 2547) no Hoare annotation was computed. [2018-11-28 13:00:14,674 INFO L448 ceAbstractionStarter]: For program point bobKeyChangeEXIT(lines 2538 2547) no Hoare annotation was computed. [2018-11-28 13:00:14,674 INFO L444 ceAbstractionStarter]: At program point bobKeyChangeENTRY(lines 2538 2547) the Hoare annotation is: (or (<= 789 ~__ste_client_privateKey0~0) (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (not (= 0 ~__ste_email_isSigned0~0)) (< |old(~__ste_client_privateKey0~0)| 789) (< ~rjh~0 2) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,674 INFO L448 ceAbstractionStarter]: For program point isSignedEXIT(lines 752 770) no Hoare annotation was computed. [2018-11-28 13:00:14,675 INFO L451 ceAbstractionStarter]: At program point isSignedENTRY(lines 752 770) the Hoare annotation is: true [2018-11-28 13:00:14,675 INFO L448 ceAbstractionStarter]: For program point isSignedFINAL(lines 752 770) no Hoare annotation was computed. [2018-11-28 13:00:14,675 INFO L448 ceAbstractionStarter]: For program point L760(lines 760 766) no Hoare annotation was computed. [2018-11-28 13:00:14,675 INFO L448 ceAbstractionStarter]: For program point L756(lines 756 767) no Hoare annotation was computed. [2018-11-28 13:00:14,675 INFO L444 ceAbstractionStarter]: At program point mailENTRY(lines 127 143) the Hoare annotation is: (let ((.cse0 (= ~__ste_email_isEncrypted0~0 |old(~__ste_email_isEncrypted0~0)|)) (.cse1 (not (= 1 |mail_#in~msg|))) (.cse2 (not (= 1 |mail_#in~client|))) (.cse3 (not (= ~queue_empty~0 1))) (.cse4 (< ~rjh~0 2)) (.cse5 (< ~chuck~0 3)) (.cse6 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (= 0 ~__ste_email_isSigned0~0)) .cse4 .cse5 .cse6) (or .cse0 .cse1 .cse2 .cse3 .cse4 (= 0 ~__ste_client_privateKey0~0) .cse5 .cse6))) [2018-11-28 13:00:14,675 INFO L444 ceAbstractionStarter]: At program point L139(line 139) the Hoare annotation is: (let ((.cse1 (not (= 1 |mail_#in~msg|))) (.cse2 (not (= 1 |mail_#in~client|))) (.cse3 (not (= ~queue_empty~0 1))) (.cse4 (< ~rjh~0 2)) (.cse5 (< ~chuck~0 3)) (.cse6 (not (= 1 ~bob~0))) (.cse0 (and (= ~__ste_email_to0~0 mail_~tmp~0) (= 1 mail_~__utac__ad__arg1~0) (= ~__ste_email_isEncrypted0~0 |old(~__ste_email_isEncrypted0~0)|) (= 1 mail_~__utac__ad__arg2~0) (= mail_~msg |mail_#in~msg|)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (= 0 ~__ste_email_isSigned0~0)) .cse4 .cse5 .cse6) (or .cse1 .cse2 .cse3 .cse4 (= 0 ~__ste_client_privateKey0~0) .cse5 .cse6 .cse0))) [2018-11-28 13:00:14,675 INFO L448 ceAbstractionStarter]: For program point mailEXIT(lines 127 143) no Hoare annotation was computed. [2018-11-28 13:00:14,675 INFO L444 ceAbstractionStarter]: At program point L138(line 138) the Hoare annotation is: (let ((.cse0 (not (= 1 |mail_#in~msg|))) (.cse1 (not (= 1 |mail_#in~client|))) (.cse6 (and (= 1 mail_~__utac__ad__arg1~0) (= ~__ste_email_isEncrypted0~0 |old(~__ste_email_isEncrypted0~0)|) (= 1 mail_~__utac__ad__arg2~0) (= mail_~msg |mail_#in~msg|))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (< ~rjh~0 2)) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (= 0 ~__ste_client_privateKey0~0) .cse4 .cse5 .cse6) (or .cse0 .cse1 .cse6 .cse2 (not (= 0 ~__ste_email_isSigned0~0)) .cse3 .cse4 .cse5))) [2018-11-28 13:00:14,675 INFO L448 ceAbstractionStarter]: For program point L138-1(line 138) no Hoare annotation was computed. [2018-11-28 13:00:14,675 INFO L444 ceAbstractionStarter]: At program point L136(line 136) the Hoare annotation is: (let ((.cse0 (not (= 1 |mail_#in~msg|))) (.cse1 (not (= 1 |mail_#in~client|))) (.cse6 (and (= 1 mail_~__utac__ad__arg1~0) (= ~__ste_email_isEncrypted0~0 |old(~__ste_email_isEncrypted0~0)|) (= 1 mail_~__utac__ad__arg2~0) (= mail_~msg |mail_#in~msg|))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (< ~rjh~0 2)) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (= 0 ~__ste_client_privateKey0~0) .cse4 .cse5 .cse6) (or .cse0 .cse1 .cse6 .cse2 (not (= 0 ~__ste_email_isSigned0~0)) .cse3 .cse4 .cse5))) [2018-11-28 13:00:14,675 INFO L448 ceAbstractionStarter]: For program point L136-1(line 136) no Hoare annotation was computed. [2018-11-28 13:00:14,676 INFO L448 ceAbstractionStarter]: For program point mailFINAL(lines 127 143) no Hoare annotation was computed. [2018-11-28 13:00:14,676 INFO L448 ceAbstractionStarter]: For program point valid_productEXIT(lines 78 86) no Hoare annotation was computed. [2018-11-28 13:00:14,676 INFO L451 ceAbstractionStarter]: At program point valid_productENTRY(lines 78 86) the Hoare annotation is: true [2018-11-28 13:00:14,676 INFO L448 ceAbstractionStarter]: For program point valid_productFINAL(lines 78 86) no Hoare annotation was computed. [2018-11-28 13:00:14,676 INFO L448 ceAbstractionStarter]: For program point get_queued_clientEXIT(lines 313 321) no Hoare annotation was computed. [2018-11-28 13:00:14,676 INFO L451 ceAbstractionStarter]: At program point get_queued_clientENTRY(lines 313 321) the Hoare annotation is: true [2018-11-28 13:00:14,676 INFO L448 ceAbstractionStarter]: For program point get_queued_clientFINAL(lines 313 321) no Hoare annotation was computed. [2018-11-28 13:00:14,676 INFO L448 ceAbstractionStarter]: For program point isKeyPairValidEXIT(lines 331 355) no Hoare annotation was computed. [2018-11-28 13:00:14,676 INFO L451 ceAbstractionStarter]: At program point isKeyPairValidENTRY(lines 331 355) the Hoare annotation is: true [2018-11-28 13:00:14,676 INFO L448 ceAbstractionStarter]: For program point isKeyPairValidFINAL(lines 331 355) no Hoare annotation was computed. [2018-11-28 13:00:14,676 INFO L448 ceAbstractionStarter]: For program point L344(lines 344 349) no Hoare annotation was computed. [2018-11-28 13:00:14,676 INFO L448 ceAbstractionStarter]: For program point L340(lines 340 350) no Hoare annotation was computed. [2018-11-28 13:00:14,676 INFO L444 ceAbstractionStarter]: At program point signENTRY(lines 366 386) the Hoare annotation is: (or (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (= 0 ~__ste_email_isSigned0~0) (< ~rjh~0 2) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,676 INFO L444 ceAbstractionStarter]: At program point L381(line 381) the Hoare annotation is: (let ((.cse0 (= |sign_#in~client| sign_~client)) (.cse1 (= 0 ~__ste_email_isSigned0~0))) (or (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (and .cse0 .cse1 (not (= |sign_#in~client| 1))) (< ~rjh~0 2) (and .cse0 (= sign_~privkey~1 ~__ste_client_privateKey0~0) .cse1 (not (= 0 ~__ste_client_privateKey0~0))) (< ~chuck~0 3) (not (= 1 ~bob~0)))) [2018-11-28 13:00:14,676 INFO L448 ceAbstractionStarter]: For program point signEXIT(lines 366 386) no Hoare annotation was computed. [2018-11-28 13:00:14,677 INFO L444 ceAbstractionStarter]: At program point L381-1(line 381) the Hoare annotation is: (let ((.cse0 (= |sign_#in~client| sign_~client))) (or (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (and .cse0 (= sign_~privkey~1 ~__ste_client_privateKey0~0) (not (= 0 ~__ste_client_privateKey0~0))) (< ~rjh~0 2) (and .cse0 (not (= |sign_#in~client| 1))) (< ~chuck~0 3) (not (= 1 ~bob~0)))) [2018-11-28 13:00:14,677 INFO L448 ceAbstractionStarter]: For program point signFINAL(lines 366 386) no Hoare annotation was computed. [2018-11-28 13:00:14,677 INFO L448 ceAbstractionStarter]: For program point L375(lines 375 379) no Hoare annotation was computed. [2018-11-28 13:00:14,677 INFO L444 ceAbstractionStarter]: At program point L372(line 372) the Hoare annotation is: (or (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (< ~rjh~0 2) (and (= |sign_#in~client| sign_~client) (= 0 ~__ste_email_isSigned0~0)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,677 INFO L448 ceAbstractionStarter]: For program point L372-1(line 372) no Hoare annotation was computed. [2018-11-28 13:00:14,677 INFO L444 ceAbstractionStarter]: At program point L2432(line 2432) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0) (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0) (= 0 ~__ste_Client_Keyring0_User0~0) (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0)) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|))) [2018-11-28 13:00:14,677 INFO L448 ceAbstractionStarter]: For program point L2433(line 2433) no Hoare annotation was computed. [2018-11-28 13:00:14,677 INFO L444 ceAbstractionStarter]: At program point L2431-1(line 2431) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0) (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0) (= 0 ~__ste_Client_Keyring0_User0~0) (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0)) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|))) [2018-11-28 13:00:14,677 INFO L444 ceAbstractionStarter]: At program point L2431(line 2431) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0) (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0) (= 0 ~__ste_Client_Keyring0_User0~0) (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0)) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|))) [2018-11-28 13:00:14,677 INFO L444 ceAbstractionStarter]: At program point mainENTRY(lines 2425 2445) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0) (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0) (= 0 ~__ste_Client_Keyring0_User0~0) (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0)) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|))) [2018-11-28 13:00:14,677 INFO L448 ceAbstractionStarter]: For program point mainEXIT(lines 2425 2445) no Hoare annotation was computed. [2018-11-28 13:00:14,677 INFO L448 ceAbstractionStarter]: For program point mainFINAL(lines 2425 2445) no Hoare annotation was computed. [2018-11-28 13:00:14,678 INFO L444 ceAbstractionStarter]: At program point L2437-1(line 2437) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 1 ~bob~0) (<= 2 ~rjh~0) (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) (<= 3 ~chuck~0) (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0) (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0) (= 0 ~__ste_Client_Keyring0_User0~0) (= main_~tmp~17 1)) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|))) [2018-11-28 13:00:14,678 INFO L444 ceAbstractionStarter]: At program point L2437(line 2437) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (and (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0) (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0) (= 0 ~__ste_Client_Keyring0_User0~0) (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) (= main_~tmp~17 1))) [2018-11-28 13:00:14,678 INFO L448 ceAbstractionStarter]: For program point L2435-1(lines 2435 2442) no Hoare annotation was computed. [2018-11-28 13:00:14,678 INFO L448 ceAbstractionStarter]: For program point L2435(lines 2435 2442) no Hoare annotation was computed. [2018-11-28 13:00:14,678 INFO L444 ceAbstractionStarter]: At program point rjhKeyChangeENTRY(lines 2548 2557) the Hoare annotation is: (or (<= 789 ~__ste_client_privateKey0~0) (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (not (= 0 ~__ste_email_isSigned0~0)) (< |old(~__ste_client_privateKey0~0)| 789) (< ~rjh~0 2) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,678 INFO L448 ceAbstractionStarter]: For program point rjhKeyChangeEXIT(lines 2548 2557) no Hoare annotation was computed. [2018-11-28 13:00:14,678 INFO L448 ceAbstractionStarter]: For program point rjhKeyChangeFINAL(lines 2548 2557) no Hoare annotation was computed. [2018-11-28 13:00:14,678 INFO L448 ceAbstractionStarter]: For program point setup_rjhFINAL(lines 2336 2346) no Hoare annotation was computed. [2018-11-28 13:00:14,678 INFO L451 ceAbstractionStarter]: At program point setup_rjhENTRY(lines 2336 2346) the Hoare annotation is: true [2018-11-28 13:00:14,678 INFO L444 ceAbstractionStarter]: At program point L2341-1(line 2341) the Hoare annotation is: (or (not (= 0 ~__ste_Client_Keyring0_User0~0)) (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (not (= 0 ~__ste_email_isSigned0~0)) (not (= ~__ste_Client_Keyring0_User0~0 ~__ste_Client_Keyring0_User1~0)) (< ~rjh~0 2) (<= |setup_rjh_#in~rjh___0| setup_rjh_~rjh___0) (not (= ~__ste_email_to0~0 ~__ste_Client_Keyring0_User0~0)) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,678 INFO L444 ceAbstractionStarter]: At program point L2341(line 2341) the Hoare annotation is: (or (not (= 0 ~__ste_Client_Keyring0_User0~0)) (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (not (= 0 ~__ste_email_isSigned0~0)) (not (= ~__ste_Client_Keyring0_User0~0 ~__ste_Client_Keyring0_User1~0)) (< ~rjh~0 2) (<= |setup_rjh_#in~rjh___0| setup_rjh_~rjh___0) (not (= ~__ste_email_to0~0 ~__ste_Client_Keyring0_User0~0)) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,678 INFO L448 ceAbstractionStarter]: For program point setup_rjhEXIT(lines 2336 2346) no Hoare annotation was computed. [2018-11-28 13:00:14,678 INFO L448 ceAbstractionStarter]: For program point setEmailIsSignedEXIT(lines 771 786) no Hoare annotation was computed. [2018-11-28 13:00:14,679 INFO L448 ceAbstractionStarter]: For program point L778(lines 778 782) no Hoare annotation was computed. [2018-11-28 13:00:14,679 INFO L448 ceAbstractionStarter]: For program point L778-2(lines 771 786) no Hoare annotation was computed. [2018-11-28 13:00:14,679 INFO L448 ceAbstractionStarter]: For program point L775(lines 775 783) no Hoare annotation was computed. [2018-11-28 13:00:14,679 INFO L444 ceAbstractionStarter]: At program point setEmailIsSignedENTRY(lines 771 786) the Hoare annotation is: (or (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (= 0 ~__ste_email_isSigned0~0) (< ~rjh~0 2) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,679 INFO L451 ceAbstractionStarter]: At program point getClientPrivateKeyENTRY(lines 1678 1701) the Hoare annotation is: true [2018-11-28 13:00:14,679 INFO L448 ceAbstractionStarter]: For program point getClientPrivateKeyEXIT(lines 1678 1701) no Hoare annotation was computed. [2018-11-28 13:00:14,679 INFO L448 ceAbstractionStarter]: For program point L1690(lines 1690 1696) no Hoare annotation was computed. [2018-11-28 13:00:14,679 INFO L448 ceAbstractionStarter]: For program point getClientPrivateKeyFINAL(lines 1678 1701) no Hoare annotation was computed. [2018-11-28 13:00:14,679 INFO L448 ceAbstractionStarter]: For program point L1686(lines 1686 1697) no Hoare annotation was computed. [2018-11-28 13:00:14,679 INFO L448 ceAbstractionStarter]: For program point L1682(lines 1682 1698) no Hoare annotation was computed. [2018-11-28 13:00:14,679 INFO L448 ceAbstractionStarter]: For program point rjhKeyAddFINAL(lines 2468 2479) no Hoare annotation was computed. [2018-11-28 13:00:14,679 INFO L444 ceAbstractionStarter]: At program point L2474(line 2474) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse1 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (not (= 0 ~__ste_email_isSigned0~0))) (.cse4 (< ~rjh~0 2)) (.cse5 (not (= ~__ste_email_to0~0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse6 (< ~chuck~0 3)) (.cse7 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) .cse4 .cse5 .cse6 .cse7 (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0)) (or .cse0 .cse1 (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) .cse2 .cse3 .cse4 .cse5 .cse6 .cse7))) [2018-11-28 13:00:14,679 INFO L448 ceAbstractionStarter]: For program point rjhKeyAddEXIT(lines 2468 2479) no Hoare annotation was computed. [2018-11-28 13:00:14,679 INFO L448 ceAbstractionStarter]: For program point L2473(line 2473) no Hoare annotation was computed. [2018-11-28 13:00:14,679 INFO L451 ceAbstractionStarter]: At program point L2474-1(line 2474) the Hoare annotation is: true [2018-11-28 13:00:14,680 INFO L444 ceAbstractionStarter]: At program point rjhKeyAddENTRY(lines 2468 2479) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse1 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (not (= 0 ~__ste_email_isSigned0~0))) (.cse4 (< ~rjh~0 2)) (.cse5 (not (= ~__ste_email_to0~0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse6 (< ~chuck~0 3)) (.cse7 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) .cse4 .cse5 .cse6 .cse7 (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0)) (or .cse0 .cse1 (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) .cse2 .cse3 .cse4 .cse5 .cse6 .cse7))) [2018-11-28 13:00:14,680 INFO L448 ceAbstractionStarter]: For program point bobToRjhEXIT(lines 2368 2390) no Hoare annotation was computed. [2018-11-28 13:00:14,680 INFO L444 ceAbstractionStarter]: At program point L2384(line 2384) the Hoare annotation is: (or (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (< ~rjh~0 2) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,680 INFO L448 ceAbstractionStarter]: For program point L2385-1(lines 2368 2390) no Hoare annotation was computed. [2018-11-28 13:00:14,680 INFO L444 ceAbstractionStarter]: At program point bobToRjhENTRY(lines 2368 2390) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_email_isEncrypted0~0)|))) (.cse1 (not (= ~queue_empty~0 1))) (.cse2 (not (= 0 |old(~__ste_email_isSigned0~0)|))) (.cse3 (< ~rjh~0 2)) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) .cse3 .cse4 .cse5) (or (not (= 0 ~__ste_Client_Keyring0_User0~0)) .cse0 (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) .cse1 .cse2 .cse3 (not (= |old(~__ste_email_to0~0)| ~__ste_Client_Keyring0_User0~0)) .cse4 .cse5))) [2018-11-28 13:00:14,680 INFO L444 ceAbstractionStarter]: At program point L2385(line 2385) the Hoare annotation is: (or (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (< ~rjh~0 2) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,680 INFO L448 ceAbstractionStarter]: For program point L2383-1(line 2383) no Hoare annotation was computed. [2018-11-28 13:00:14,680 INFO L444 ceAbstractionStarter]: At program point L2383(line 2383) the Hoare annotation is: (or (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (< ~rjh~0 2) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,680 INFO L448 ceAbstractionStarter]: For program point L2384-1(line 2384) no Hoare annotation was computed. [2018-11-28 13:00:14,680 INFO L448 ceAbstractionStarter]: For program point L2379(lines 2379 2387) no Hoare annotation was computed. [2018-11-28 13:00:14,680 INFO L444 ceAbstractionStarter]: At program point L2376(line 2376) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_email_isEncrypted0~0)|))) (.cse1 (not (= ~queue_empty~0 1))) (.cse2 (not (= 0 |old(~__ste_email_isSigned0~0)|))) (.cse3 (< ~rjh~0 2)) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) .cse3 .cse4 .cse5) (or (not (= 0 ~__ste_Client_Keyring0_User0~0)) .cse0 (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) .cse1 .cse2 .cse3 (not (= |old(~__ste_email_to0~0)| ~__ste_Client_Keyring0_User0~0)) .cse4 .cse5))) [2018-11-28 13:00:14,681 INFO L448 ceAbstractionStarter]: For program point L2377(line 2377) no Hoare annotation was computed. [2018-11-28 13:00:14,681 INFO L444 ceAbstractionStarter]: At program point L2376-1(line 2376) the Hoare annotation is: (or (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (= 0 ~__ste_email_isSigned0~0) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (< ~rjh~0 2) (not (= 1 ~bob~0)) (not (= 0 ~__ste_client_privateKey0~0)) (< ~chuck~0 3)) [2018-11-28 13:00:14,681 INFO L451 ceAbstractionStarter]: At program point L2320(line 2320) the Hoare annotation is: true [2018-11-28 13:00:14,681 INFO L451 ceAbstractionStarter]: At program point L2320-1(line 2320) the Hoare annotation is: true [2018-11-28 13:00:14,681 INFO L451 ceAbstractionStarter]: At program point setup_bobENTRY(lines 2315 2325) the Hoare annotation is: true [2018-11-28 13:00:14,681 INFO L448 ceAbstractionStarter]: For program point setup_bobFINAL(lines 2315 2325) no Hoare annotation was computed. [2018-11-28 13:00:14,681 INFO L448 ceAbstractionStarter]: For program point setup_bobEXIT(lines 2315 2325) no Hoare annotation was computed. [2018-11-28 13:00:14,681 INFO L451 ceAbstractionStarter]: At program point setEmailEncryptionKeyENTRY(lines 734 749) the Hoare annotation is: true [2018-11-28 13:00:14,681 INFO L448 ceAbstractionStarter]: For program point setEmailEncryptionKeyEXIT(lines 734 749) no Hoare annotation was computed. [2018-11-28 13:00:14,681 INFO L448 ceAbstractionStarter]: For program point L741(lines 741 745) no Hoare annotation was computed. [2018-11-28 13:00:14,681 INFO L448 ceAbstractionStarter]: For program point L741-2(lines 734 749) no Hoare annotation was computed. [2018-11-28 13:00:14,681 INFO L448 ceAbstractionStarter]: For program point L738(lines 738 746) no Hoare annotation was computed. [2018-11-28 13:00:14,681 INFO L448 ceAbstractionStarter]: For program point select_featuresEXIT(lines 64 70) no Hoare annotation was computed. [2018-11-28 13:00:14,681 INFO L451 ceAbstractionStarter]: At program point select_featuresFINAL(lines 64 70) the Hoare annotation is: true [2018-11-28 13:00:14,681 INFO L448 ceAbstractionStarter]: For program point setup_bob__wrappee__BaseFINAL(lines 2305 2314) no Hoare annotation was computed. [2018-11-28 13:00:14,681 INFO L451 ceAbstractionStarter]: At program point setup_bob__wrappee__BaseENTRY(lines 2305 2314) the Hoare annotation is: true [2018-11-28 13:00:14,682 INFO L451 ceAbstractionStarter]: At program point L2310(line 2310) the Hoare annotation is: true [2018-11-28 13:00:14,682 INFO L448 ceAbstractionStarter]: For program point setup_bob__wrappee__BaseEXIT(lines 2305 2314) no Hoare annotation was computed. [2018-11-28 13:00:14,682 INFO L448 ceAbstractionStarter]: For program point L719(lines 719 730) no Hoare annotation was computed. [2018-11-28 13:00:14,682 INFO L448 ceAbstractionStarter]: For program point getEmailEncryptionKeyEXIT(lines 715 733) no Hoare annotation was computed. [2018-11-28 13:00:14,682 INFO L451 ceAbstractionStarter]: At program point getEmailEncryptionKeyENTRY(lines 715 733) the Hoare annotation is: true [2018-11-28 13:00:14,682 INFO L448 ceAbstractionStarter]: For program point getEmailEncryptionKeyFINAL(lines 715 733) no Hoare annotation was computed. [2018-11-28 13:00:14,682 INFO L448 ceAbstractionStarter]: For program point L723(lines 723 729) no Hoare annotation was computed. [2018-11-28 13:00:14,682 INFO L444 ceAbstractionStarter]: At program point outgoing__wrappee__KeysENTRY(lines 144 155) the Hoare annotation is: (let ((.cse0 (not (= ~queue_empty~0 1))) (.cse1 (< ~rjh~0 2)) (.cse5 (= ~__ste_email_isEncrypted0~0 |old(~__ste_email_isEncrypted0~0)|)) (.cse2 (not (= 1 |outgoing__wrappee__Keys_#in~msg|))) (.cse3 (< ~chuck~0 3)) (.cse4 (not (= 1 ~bob~0))) (.cse6 (not (= 1 |outgoing__wrappee__Keys_#in~client|)))) (and (or .cse0 (not (= 0 ~__ste_email_isSigned0~0)) .cse1 .cse2 .cse3 .cse4 .cse5 .cse6) (or .cse0 .cse1 .cse5 (= 0 ~__ste_client_privateKey0~0) .cse2 .cse3 .cse4 .cse6))) [2018-11-28 13:00:14,682 INFO L448 ceAbstractionStarter]: For program point outgoing__wrappee__KeysEXIT(lines 144 155) no Hoare annotation was computed. [2018-11-28 13:00:14,682 INFO L448 ceAbstractionStarter]: For program point outgoing__wrappee__KeysFINAL(lines 144 155) no Hoare annotation was computed. [2018-11-28 13:00:14,682 INFO L444 ceAbstractionStarter]: At program point L150(line 150) the Hoare annotation is: (let ((.cse3 (and (= 1 outgoing__wrappee__Keys_~client) (= 1 outgoing__wrappee__Keys_~msg))) (.cse7 (= 0 ~__ste_client_privateKey0~0)) (.cse9 (not (= ~queue_empty~0 1))) (.cse8 (= ~__ste_email_isEncrypted0~0 |old(~__ste_email_isEncrypted0~0)|)) (.cse0 (not (= 0 ~__ste_email_isSigned0~0))) (.cse1 (< ~rjh~0 2)) (.cse2 (not (= 1 |outgoing__wrappee__Keys_#in~msg|))) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0))) (.cse6 (not (= 1 |outgoing__wrappee__Keys_#in~client|)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6) (or .cse1 .cse7 .cse3 .cse2 .cse4 .cse5 .cse6) (or .cse8 .cse9 .cse1 .cse7 .cse2 .cse4 .cse5 .cse6) (or .cse9 .cse8 .cse0 .cse1 .cse2 .cse4 .cse5 .cse6))) [2018-11-28 13:00:14,682 INFO L444 ceAbstractionStarter]: At program point L149(line 149) the Hoare annotation is: (let ((.cse3 (and (= 1 outgoing__wrappee__Keys_~client) (= 1 outgoing__wrappee__Keys_~msg))) (.cse7 (= 0 ~__ste_client_privateKey0~0)) (.cse9 (not (= ~queue_empty~0 1))) (.cse8 (= ~__ste_email_isEncrypted0~0 |old(~__ste_email_isEncrypted0~0)|)) (.cse0 (not (= 0 ~__ste_email_isSigned0~0))) (.cse1 (< ~rjh~0 2)) (.cse2 (not (= 1 |outgoing__wrappee__Keys_#in~msg|))) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0))) (.cse6 (not (= 1 |outgoing__wrappee__Keys_#in~client|)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6) (or .cse1 .cse7 .cse3 .cse2 .cse4 .cse5 .cse6) (or .cse8 .cse9 .cse1 .cse7 .cse2 .cse4 .cse5 .cse6) (or .cse9 .cse8 .cse0 .cse1 .cse2 .cse4 .cse5 .cse6))) [2018-11-28 13:00:14,683 INFO L444 ceAbstractionStarter]: At program point L150-1(line 150) the Hoare annotation is: (let ((.cse3 (and (= 1 outgoing__wrappee__Keys_~client) (= 1 outgoing__wrappee__Keys_~msg))) (.cse7 (= 0 ~__ste_client_privateKey0~0)) (.cse9 (not (= ~queue_empty~0 1))) (.cse8 (= ~__ste_email_isEncrypted0~0 |old(~__ste_email_isEncrypted0~0)|)) (.cse0 (not (= 0 ~__ste_email_isSigned0~0))) (.cse1 (< ~rjh~0 2)) (.cse2 (not (= 1 |outgoing__wrappee__Keys_#in~msg|))) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0))) (.cse6 (not (= 1 |outgoing__wrappee__Keys_#in~client|)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6) (or .cse1 .cse7 .cse3 .cse2 .cse4 .cse5 .cse6) (or .cse8 .cse9 .cse1 .cse7 .cse2 .cse4 .cse5 .cse6) (or .cse9 .cse8 .cse0 .cse1 .cse2 .cse4 .cse5 .cse6))) [2018-11-28 13:00:14,683 INFO L448 ceAbstractionStarter]: For program point L149-1(line 149) no Hoare annotation was computed. [2018-11-28 13:00:14,683 INFO L448 ceAbstractionStarter]: For program point incomingFINAL(lines 225 265) no Hoare annotation was computed. [2018-11-28 13:00:14,683 INFO L444 ceAbstractionStarter]: At program point incomingENTRY(lines 225 265) the Hoare annotation is: (let ((.cse4 (= ~__ste_email_isEncrypted0~0 |old(~__ste_email_isEncrypted0~0)|)) (.cse0 (not (= ~queue_empty~0 1))) (.cse1 (< ~rjh~0 2)) (.cse2 (< ~chuck~0 3)) (.cse3 (not (= 1 ~bob~0)))) (and (or .cse0 (not (= 0 ~__ste_email_isSigned0~0)) .cse1 .cse2 .cse3 .cse4) (or .cse4 .cse0 .cse1 (= 0 ~__ste_client_privateKey0~0) .cse2 .cse3))) [2018-11-28 13:00:14,683 INFO L444 ceAbstractionStarter]: At program point L248(line 248) the Hoare annotation is: (let ((.cse3 (= |incoming_#in~client| incoming_~client)) (.cse1 (= 0 ~__ste_client_privateKey0~0)) (.cse6 (not (= ~queue_empty~0 1))) (.cse4 (not (= 0 ~__ste_email_isSigned0~0))) (.cse5 (and (= ~__ste_email_isEncrypted0~0 |old(~__ste_email_isEncrypted0~0)|) (= incoming_~msg |incoming_#in~msg|))) (.cse0 (< ~rjh~0 2)) (.cse7 (< ~chuck~0 3)) (.cse2 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse3 .cse4 .cse0 .cse2) (or .cse5 .cse6 .cse0 .cse1 .cse7 .cse2) (or .cse6 .cse4 .cse5 .cse0 .cse7 .cse2))) [2018-11-28 13:00:14,684 INFO L444 ceAbstractionStarter]: At program point L248-1(line 248) the Hoare annotation is: (let ((.cse3 (= |incoming_#in~client| incoming_~client)) (.cse4 (not (= 0 ~__ste_email_isSigned0~0))) (.cse6 (= incoming_~msg |incoming_#in~msg|)) (.cse5 (not (= ~queue_empty~0 1))) (.cse0 (< ~rjh~0 2)) (.cse1 (= 0 ~__ste_client_privateKey0~0)) (.cse7 (< ~chuck~0 3)) (.cse2 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse3 .cse4 .cse0 .cse2) (or .cse5 .cse4 .cse0 .cse6 .cse7 .cse2) (or .cse6 .cse5 .cse0 .cse1 .cse7 .cse2))) [2018-11-28 13:00:14,684 INFO L448 ceAbstractionStarter]: For program point L246(lines 246 253) no Hoare annotation was computed. [2018-11-28 13:00:14,684 INFO L444 ceAbstractionStarter]: At program point L244(line 244) the Hoare annotation is: (let ((.cse3 (= |incoming_#in~client| incoming_~client)) (.cse1 (= 0 ~__ste_client_privateKey0~0)) (.cse6 (not (= ~queue_empty~0 1))) (.cse4 (not (= 0 ~__ste_email_isSigned0~0))) (.cse5 (and (= ~__ste_email_isEncrypted0~0 |old(~__ste_email_isEncrypted0~0)|) (= incoming_~msg |incoming_#in~msg|))) (.cse0 (< ~rjh~0 2)) (.cse7 (< ~chuck~0 3)) (.cse2 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse3 .cse4 .cse0 .cse2) (or .cse5 .cse6 .cse0 .cse1 .cse7 .cse2) (or .cse6 .cse4 .cse5 .cse0 .cse7 .cse2))) [2018-11-28 13:00:14,684 INFO L448 ceAbstractionStarter]: For program point L244-1(line 244) no Hoare annotation was computed. [2018-11-28 13:00:14,684 INFO L444 ceAbstractionStarter]: At program point L234(line 234) the Hoare annotation is: (let ((.cse3 (= |incoming_#in~client| incoming_~client)) (.cse1 (= 0 ~__ste_client_privateKey0~0)) (.cse6 (not (= ~queue_empty~0 1))) (.cse4 (not (= 0 ~__ste_email_isSigned0~0))) (.cse5 (and (= ~__ste_email_isEncrypted0~0 |old(~__ste_email_isEncrypted0~0)|) (= incoming_~msg |incoming_#in~msg|))) (.cse0 (< ~rjh~0 2)) (.cse7 (< ~chuck~0 3)) (.cse2 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse3 .cse4 .cse0 .cse2) (or .cse5 .cse6 .cse0 .cse1 .cse7 .cse2) (or .cse6 .cse4 .cse5 .cse0 .cse7 .cse2))) [2018-11-28 13:00:14,684 INFO L448 ceAbstractionStarter]: For program point L234-1(line 234) no Hoare annotation was computed. [2018-11-28 13:00:14,684 INFO L444 ceAbstractionStarter]: At program point L243(line 243) the Hoare annotation is: (let ((.cse3 (= |incoming_#in~client| incoming_~client)) (.cse1 (= 0 ~__ste_client_privateKey0~0)) (.cse6 (not (= ~queue_empty~0 1))) (.cse4 (not (= 0 ~__ste_email_isSigned0~0))) (.cse5 (and (= ~__ste_email_isEncrypted0~0 |old(~__ste_email_isEncrypted0~0)|) (= incoming_~msg |incoming_#in~msg|))) (.cse0 (< ~rjh~0 2)) (.cse7 (< ~chuck~0 3)) (.cse2 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse3 .cse4 .cse0 .cse2) (or .cse5 .cse6 .cse0 .cse1 .cse7 .cse2) (or .cse6 .cse4 .cse5 .cse0 .cse7 .cse2))) [2018-11-28 13:00:14,684 INFO L448 ceAbstractionStarter]: For program point incomingEXIT(lines 225 265) no Hoare annotation was computed. [2018-11-28 13:00:14,685 INFO L448 ceAbstractionStarter]: For program point L243-1(line 243) no Hoare annotation was computed. [2018-11-28 13:00:14,685 INFO L448 ceAbstractionStarter]: For program point L241(lines 241 256) no Hoare annotation was computed. [2018-11-28 13:00:14,685 INFO L444 ceAbstractionStarter]: At program point L239(line 239) the Hoare annotation is: (let ((.cse3 (= |incoming_#in~client| incoming_~client)) (.cse1 (= 0 ~__ste_client_privateKey0~0)) (.cse6 (not (= ~queue_empty~0 1))) (.cse4 (not (= 0 ~__ste_email_isSigned0~0))) (.cse5 (and (= ~__ste_email_isEncrypted0~0 |old(~__ste_email_isEncrypted0~0)|) (= incoming_~msg |incoming_#in~msg|))) (.cse0 (< ~rjh~0 2)) (.cse7 (< ~chuck~0 3)) (.cse2 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse3 .cse4 .cse0 .cse2) (or .cse5 .cse6 .cse0 .cse1 .cse7 .cse2) (or .cse6 .cse4 .cse5 .cse0 .cse7 .cse2))) [2018-11-28 13:00:14,685 INFO L448 ceAbstractionStarter]: For program point L239-1(line 239) no Hoare annotation was computed. [2018-11-28 13:00:14,685 INFO L448 ceAbstractionStarter]: For program point L237(lines 237 259) no Hoare annotation was computed. [2018-11-28 13:00:14,685 INFO L444 ceAbstractionStarter]: At program point L237-1(lines 237 259) the Hoare annotation is: (let ((.cse3 (= |incoming_#in~client| incoming_~client)) (.cse4 (not (= 0 ~__ste_email_isSigned0~0))) (.cse6 (= incoming_~msg |incoming_#in~msg|)) (.cse5 (not (= ~queue_empty~0 1))) (.cse0 (< ~rjh~0 2)) (.cse1 (= 0 ~__ste_client_privateKey0~0)) (.cse7 (< ~chuck~0 3)) (.cse2 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse3 .cse4 .cse0 .cse2) (or .cse5 .cse4 .cse0 .cse6 .cse7 .cse2) (or .cse6 .cse5 .cse0 .cse1 .cse7 .cse2))) [2018-11-28 13:00:14,685 INFO L448 ceAbstractionStarter]: For program point L2286(line 2286) no Hoare annotation was computed. [2018-11-28 13:00:14,685 INFO L448 ceAbstractionStarter]: For program point createEmailEXIT(lines 2278 2292) no Hoare annotation was computed. [2018-11-28 13:00:14,685 INFO L444 ceAbstractionStarter]: At program point L2285-1(line 2285) the Hoare annotation is: (let ((.cse0 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse1 (not (= ~queue_empty~0 1))) (.cse2 (not (= 0 ~__ste_email_isSigned0~0))) (.cse3 (< ~rjh~0 2)) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 (= 1 createEmail_~msg~0) .cse3 .cse4 .cse5) (or (not (= 0 ~__ste_Client_Keyring0_User0~0)) .cse0 .cse1 .cse2 (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) .cse3 (not (= |old(~__ste_email_to0~0)| ~__ste_Client_Keyring0_User0~0)) .cse4 .cse5))) [2018-11-28 13:00:14,685 INFO L444 ceAbstractionStarter]: At program point L2285(line 2285) the Hoare annotation is: (let ((.cse0 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse1 (not (= ~queue_empty~0 1))) (.cse2 (not (= 0 ~__ste_email_isSigned0~0))) (.cse3 (< ~rjh~0 2)) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 (= 1 createEmail_~msg~0) .cse3 .cse4 .cse5) (or (not (= 0 ~__ste_Client_Keyring0_User0~0)) .cse0 .cse1 .cse2 (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) .cse3 (not (= |old(~__ste_email_to0~0)| ~__ste_Client_Keyring0_User0~0)) .cse4 .cse5))) [2018-11-28 13:00:14,685 INFO L444 ceAbstractionStarter]: At program point createEmailENTRY(lines 2278 2292) the Hoare annotation is: (or (not (= 0 ~__ste_Client_Keyring0_User0~0)) (not (= 0 ~__ste_email_isEncrypted0~0)) (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) (not (= ~queue_empty~0 1)) (not (= 0 ~__ste_email_isSigned0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| ~__ste_Client_Keyring0_User0~0)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,685 INFO L448 ceAbstractionStarter]: For program point createEmailFINAL(lines 2278 2292) no Hoare annotation was computed. [2018-11-28 13:00:14,686 INFO L444 ceAbstractionStarter]: At program point rjhDeletePrivateKeyENTRY(lines 2528 2537) the Hoare annotation is: (or (<= 789 ~__ste_client_privateKey0~0) (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (not (= 0 ~__ste_email_isSigned0~0)) (< |old(~__ste_client_privateKey0~0)| 789) (< ~rjh~0 2) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,686 INFO L448 ceAbstractionStarter]: For program point rjhDeletePrivateKeyEXIT(lines 2528 2537) no Hoare annotation was computed. [2018-11-28 13:00:14,686 INFO L448 ceAbstractionStarter]: For program point rjhDeletePrivateKeyFINAL(lines 2528 2537) no Hoare annotation was computed. [2018-11-28 13:00:14,686 INFO L448 ceAbstractionStarter]: For program point L1026-1(line 1026) no Hoare annotation was computed. [2018-11-28 13:00:14,686 INFO L448 ceAbstractionStarter]: For program point L960(lines 960 967) no Hoare annotation was computed. [2018-11-28 13:00:14,686 INFO L448 ceAbstractionStarter]: For program point L911(lines 911 915) no Hoare annotation was computed. [2018-11-28 13:00:14,686 INFO L444 ceAbstractionStarter]: At program point L969(lines 956 1069) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,686 INFO L444 ceAbstractionStarter]: At program point L994(lines 984 1067) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,686 INFO L448 ceAbstractionStarter]: For program point L1052(lines 1052 1059) no Hoare annotation was computed. [2018-11-28 13:00:14,686 INFO L444 ceAbstractionStarter]: At program point L1019(lines 1009 1065) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,686 INFO L444 ceAbstractionStarter]: At program point L1052-1(lines 909 1073) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,686 INFO L448 ceAbstractionStarter]: For program point testEXIT(lines 870 1081) no Hoare annotation was computed. [2018-11-28 13:00:14,686 INFO L444 ceAbstractionStarter]: At program point L962(line 962) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,687 INFO L448 ceAbstractionStarter]: For program point L962-1(line 962) no Hoare annotation was computed. [2018-11-28 13:00:14,687 INFO L444 ceAbstractionStarter]: At program point testENTRY(lines 870 1081) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse1 (not (= 0 |old(~__ste_email_isEncrypted0~0)|))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (not (= 0 |old(~__ste_email_isSigned0~0)|))) (.cse4 (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|))) (.cse5 (< ~rjh~0 2)) (.cse6 (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|))) (.cse7 (< ~chuck~0 3)) (.cse8 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6 .cse7 .cse8 (and (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0) (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0) (= 0 ~__ste_Client_Keyring0_User0~0) (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0))) (or (<= 789 ~__ste_client_privateKey0~0) .cse0 .cse1 .cse2 .cse3 (< |old(~__ste_client_privateKey0~0)| 789) .cse4 .cse5 .cse6 .cse7 .cse8))) [2018-11-28 13:00:14,687 INFO L448 ceAbstractionStarter]: For program point L921(lines 921 928) no Hoare annotation was computed. [2018-11-28 13:00:14,687 INFO L448 ceAbstractionStarter]: For program point testFINAL(lines 870 1081) no Hoare annotation was computed. [2018-11-28 13:00:14,687 INFO L448 ceAbstractionStarter]: For program point L946(lines 946 953) no Hoare annotation was computed. [2018-11-28 13:00:14,687 INFO L444 ceAbstractionStarter]: At program point L930(lines 917 1072) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,688 INFO L444 ceAbstractionStarter]: At program point L1054(line 1054) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,688 INFO L448 ceAbstractionStarter]: For program point L1054-1(line 1054) no Hoare annotation was computed. [2018-11-28 13:00:14,688 INFO L448 ceAbstractionStarter]: For program point L988(lines 988 992) no Hoare annotation was computed. [2018-11-28 13:00:14,688 INFO L444 ceAbstractionStarter]: At program point L955(lines 942 1070) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,688 INFO L448 ceAbstractionStarter]: For program point L1013(lines 1013 1017) no Hoare annotation was computed. [2018-11-28 13:00:14,688 INFO L448 ceAbstractionStarter]: For program point L1038(lines 1038 1045) no Hoare annotation was computed. [2018-11-28 13:00:14,688 INFO L444 ceAbstractionStarter]: At program point L923(line 923) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (and (= test_~op1~0 0) (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,688 INFO L448 ceAbstractionStarter]: For program point L923-1(line 923) no Hoare annotation was computed. [2018-11-28 13:00:14,688 INFO L444 ceAbstractionStarter]: At program point L1047(lines 1034 1063) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,688 INFO L444 ceAbstractionStarter]: At program point L948(line 948) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,688 INFO L448 ceAbstractionStarter]: For program point L948-1(line 948) no Hoare annotation was computed. [2018-11-28 13:00:14,688 INFO L444 ceAbstractionStarter]: At program point L1040(line 1040) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,688 INFO L448 ceAbstractionStarter]: For program point L1040-1(line 1040) no Hoare annotation was computed. [2018-11-28 13:00:14,689 INFO L448 ceAbstractionStarter]: For program point L974(lines 974 981) no Hoare annotation was computed. [2018-11-28 13:00:14,689 INFO L444 ceAbstractionStarter]: At program point L941(lines 931 1071) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,689 INFO L448 ceAbstractionStarter]: For program point L999(lines 999 1006) no Hoare annotation was computed. [2018-11-28 13:00:14,689 INFO L448 ceAbstractionStarter]: For program point L1024(lines 1024 1031) no Hoare annotation was computed. [2018-11-28 13:00:14,689 INFO L444 ceAbstractionStarter]: At program point L983(lines 970 1068) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,689 INFO L448 ceAbstractionStarter]: For program point L917(lines 917 1072) no Hoare annotation was computed. [2018-11-28 13:00:14,689 INFO L444 ceAbstractionStarter]: At program point L1074(lines 908 1075) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,689 INFO L444 ceAbstractionStarter]: At program point L1008(lines 995 1066) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,689 INFO L444 ceAbstractionStarter]: At program point L1033(lines 1020 1064) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,689 INFO L444 ceAbstractionStarter]: At program point L976(line 976) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,689 INFO L448 ceAbstractionStarter]: For program point L976-1(line 976) no Hoare annotation was computed. [2018-11-28 13:00:14,689 INFO L448 ceAbstractionStarter]: For program point L910(lines 909 1073) no Hoare annotation was computed. [2018-11-28 13:00:14,690 INFO L444 ceAbstractionStarter]: At program point L1001(line 1001) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,690 INFO L448 ceAbstractionStarter]: For program point L1001-1(line 1001) no Hoare annotation was computed. [2018-11-28 13:00:14,690 INFO L448 ceAbstractionStarter]: For program point L935(lines 935 939) no Hoare annotation was computed. [2018-11-28 13:00:14,690 INFO L444 ceAbstractionStarter]: At program point L1026(line 1026) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,690 INFO L448 ceAbstractionStarter]: For program point getEmailToFINAL(lines 563 581) no Hoare annotation was computed. [2018-11-28 13:00:14,690 INFO L448 ceAbstractionStarter]: For program point L571(lines 571 577) no Hoare annotation was computed. [2018-11-28 13:00:14,690 INFO L448 ceAbstractionStarter]: For program point getEmailToEXIT(lines 563 581) no Hoare annotation was computed. [2018-11-28 13:00:14,690 INFO L448 ceAbstractionStarter]: For program point L567(lines 567 578) no Hoare annotation was computed. [2018-11-28 13:00:14,690 INFO L451 ceAbstractionStarter]: At program point getEmailToENTRY(lines 563 581) the Hoare annotation is: true [2018-11-28 13:00:14,690 INFO L451 ceAbstractionStarter]: At program point get_queued_emailENTRY(lines 322 330) the Hoare annotation is: true [2018-11-28 13:00:14,690 INFO L448 ceAbstractionStarter]: For program point get_queued_emailFINAL(lines 322 330) no Hoare annotation was computed. [2018-11-28 13:00:14,690 INFO L448 ceAbstractionStarter]: For program point get_queued_emailEXIT(lines 322 330) no Hoare annotation was computed. [2018-11-28 13:00:14,690 INFO L451 ceAbstractionStarter]: At program point L209(line 209) the Hoare annotation is: true [2018-11-28 13:00:14,690 INFO L451 ceAbstractionStarter]: At program point incoming__wrappee__SignENTRY(lines 204 213) the Hoare annotation is: true [2018-11-28 13:00:14,690 INFO L448 ceAbstractionStarter]: For program point incoming__wrappee__SignEXIT(lines 204 213) no Hoare annotation was computed. [2018-11-28 13:00:14,690 INFO L448 ceAbstractionStarter]: For program point incoming__wrappee__SignFINAL(lines 204 213) no Hoare annotation was computed. [2018-11-28 13:00:14,691 INFO L448 ceAbstractionStarter]: For program point getClientKeyringUserEXIT(lines 1803 1856) no Hoare annotation was computed. [2018-11-28 13:00:14,691 INFO L448 ceAbstractionStarter]: For program point L1821(lines 1821 1852) no Hoare annotation was computed. [2018-11-28 13:00:14,691 INFO L448 ceAbstractionStarter]: For program point L1840(lines 1840 1846) no Hoare annotation was computed. [2018-11-28 13:00:14,691 INFO L448 ceAbstractionStarter]: For program point L1807(lines 1807 1853) no Hoare annotation was computed. [2018-11-28 13:00:14,691 INFO L448 ceAbstractionStarter]: For program point L1836(lines 1836 1847) no Hoare annotation was computed. [2018-11-28 13:00:14,691 INFO L448 ceAbstractionStarter]: For program point getClientKeyringUserFINAL(lines 1803 1856) no Hoare annotation was computed. [2018-11-28 13:00:14,691 INFO L448 ceAbstractionStarter]: For program point L1826(lines 1826 1832) no Hoare annotation was computed. [2018-11-28 13:00:14,691 INFO L448 ceAbstractionStarter]: For program point L1822(lines 1822 1833) no Hoare annotation was computed. [2018-11-28 13:00:14,691 INFO L451 ceAbstractionStarter]: At program point getClientKeyringUserENTRY(lines 1803 1856) the Hoare annotation is: true [2018-11-28 13:00:14,691 INFO L448 ceAbstractionStarter]: For program point L1812(lines 1812 1818) no Hoare annotation was computed. [2018-11-28 13:00:14,691 INFO L448 ceAbstractionStarter]: For program point L1808(lines 1808 1819) no Hoare annotation was computed. [2018-11-28 13:00:14,691 INFO L448 ceAbstractionStarter]: For program point L1835(lines 1835 1851) no Hoare annotation was computed. [2018-11-28 13:00:14,691 INFO L451 ceAbstractionStarter]: At program point isReadable__wrappee__KeysENTRY(lines 2240 2248) the Hoare annotation is: true [2018-11-28 13:00:14,691 INFO L448 ceAbstractionStarter]: For program point isReadable__wrappee__KeysFINAL(lines 2240 2248) no Hoare annotation was computed. [2018-11-28 13:00:14,691 INFO L448 ceAbstractionStarter]: For program point isReadable__wrappee__KeysEXIT(lines 2240 2248) no Hoare annotation was computed. [2018-11-28 13:00:14,691 INFO L451 ceAbstractionStarter]: At program point __utac_acc__SignForward_spec__1ENTRY(lines 2559 2584) the Hoare annotation is: true [2018-11-28 13:00:14,691 INFO L448 ceAbstractionStarter]: For program point __utac_acc__SignForward_spec__1EXIT(lines 2559 2584) no Hoare annotation was computed. [2018-11-28 13:00:14,692 INFO L444 ceAbstractionStarter]: At program point L2574(line 2574) the Hoare annotation is: (let ((.cse0 (< ~rjh~0 2)) (.cse1 (not (= 1 |__utac_acc__SignForward_spec__1_#in~client|))) (.cse2 (not (= 1 |__utac_acc__SignForward_spec__1_#in~msg|))) (.cse3 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 (= 0 ~__ste_client_privateKey0~0) .cse3) (or (not (= 0 ~__ste_email_isSigned0~0)) .cse0 .cse1 .cse2 .cse3))) [2018-11-28 13:00:14,692 INFO L448 ceAbstractionStarter]: For program point L2572(lines 2572 2578) no Hoare annotation was computed. [2018-11-28 13:00:14,692 INFO L444 ceAbstractionStarter]: At program point L2570(line 2570) the Hoare annotation is: (let ((.cse0 (< ~rjh~0 2)) (.cse1 (not (= 1 |__utac_acc__SignForward_spec__1_#in~client|))) (.cse2 (not (= 1 |__utac_acc__SignForward_spec__1_#in~msg|))) (.cse3 (not (= 1 ~bob~0)))) (and (or (and (= 1 __utac_acc__SignForward_spec__1_~client) (= 1 __utac_acc__SignForward_spec__1_~msg)) .cse0 .cse1 .cse2 (= 0 ~__ste_client_privateKey0~0) .cse3) (or (not (= 0 ~__ste_email_isSigned0~0)) .cse0 .cse1 .cse2 .cse3))) [2018-11-28 13:00:14,692 INFO L448 ceAbstractionStarter]: For program point L2568(lines 2568 2581) no Hoare annotation was computed. [2018-11-28 13:00:14,692 INFO L448 ceAbstractionStarter]: For program point L2570-1(line 2570) no Hoare annotation was computed. [2018-11-28 13:00:14,692 INFO L444 ceAbstractionStarter]: At program point L2566(line 2566) the Hoare annotation is: (let ((.cse0 (and (= 1 __utac_acc__SignForward_spec__1_~client) (= 1 __utac_acc__SignForward_spec__1_~msg))) (.cse1 (< ~rjh~0 2)) (.cse2 (not (= 1 |__utac_acc__SignForward_spec__1_#in~client|))) (.cse3 (not (= 1 |__utac_acc__SignForward_spec__1_#in~msg|))) (.cse4 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (= 0 ~__ste_client_privateKey0~0) .cse4) (or .cse0 (not (= 0 ~__ste_email_isSigned0~0)) .cse1 .cse2 .cse3 .cse4))) [2018-11-28 13:00:14,692 INFO L448 ceAbstractionStarter]: For program point L2568-1(lines 2559 2584) no Hoare annotation was computed. [2018-11-28 13:00:14,692 INFO L448 ceAbstractionStarter]: For program point L2566-1(line 2566) no Hoare annotation was computed. [2018-11-28 13:00:14,692 INFO L448 ceAbstractionStarter]: For program point L1887(lines 1887 1891) no Hoare annotation was computed. [2018-11-28 13:00:14,692 INFO L444 ceAbstractionStarter]: At program point setClientKeyringUserENTRY(lines 1857 1900) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse1 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (not (= 0 ~__ste_email_isSigned0~0))) (.cse4 (< ~rjh~0 2)) (.cse5 (not (= ~__ste_email_to0~0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse6 (< ~chuck~0 3)) (.cse7 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) .cse4 .cse5 .cse6 .cse7 (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0)) (or .cse0 .cse1 (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) .cse2 .cse3 .cse4 .cse5 .cse6 .cse7))) [2018-11-28 13:00:14,692 INFO L448 ceAbstractionStarter]: For program point L1883(lines 1883 1895) no Hoare annotation was computed. [2018-11-28 13:00:14,692 INFO L448 ceAbstractionStarter]: For program point L1883-1(lines 1857 1900) no Hoare annotation was computed. [2018-11-28 13:00:14,693 INFO L448 ceAbstractionStarter]: For program point L1873(lines 1873 1881) no Hoare annotation was computed. [2018-11-28 13:00:14,693 INFO L448 ceAbstractionStarter]: For program point L1865(lines 1865 1869) no Hoare annotation was computed. [2018-11-28 13:00:14,693 INFO L448 ceAbstractionStarter]: For program point L1861(lines 1861 1897) no Hoare annotation was computed. [2018-11-28 13:00:14,693 INFO L448 ceAbstractionStarter]: For program point setClientKeyringUserEXIT(lines 1857 1900) no Hoare annotation was computed. [2018-11-28 13:00:14,693 INFO L448 ceAbstractionStarter]: For program point L1884(lines 1884 1892) no Hoare annotation was computed. [2018-11-28 13:00:14,693 INFO L448 ceAbstractionStarter]: For program point L1876(lines 1876 1880) no Hoare annotation was computed. [2018-11-28 13:00:14,693 INFO L448 ceAbstractionStarter]: For program point L1872(lines 1872 1896) no Hoare annotation was computed. [2018-11-28 13:00:14,693 INFO L448 ceAbstractionStarter]: For program point L1862(lines 1862 1870) no Hoare annotation was computed. [2018-11-28 13:00:14,693 INFO L451 ceAbstractionStarter]: At program point setEmailFromENTRY(lines 545 560) the Hoare annotation is: true [2018-11-28 13:00:14,693 INFO L448 ceAbstractionStarter]: For program point setEmailFromEXIT(lines 545 560) no Hoare annotation was computed. [2018-11-28 13:00:14,693 INFO L448 ceAbstractionStarter]: For program point L552(lines 552 556) no Hoare annotation was computed. [2018-11-28 13:00:14,693 INFO L448 ceAbstractionStarter]: For program point L552-2(lines 545 560) no Hoare annotation was computed. [2018-11-28 13:00:14,693 INFO L448 ceAbstractionStarter]: For program point L549(lines 549 557) no Hoare annotation was computed. [2018-11-28 13:00:14,693 INFO L448 ceAbstractionStarter]: For program point L2257(lines 2257 2265) no Hoare annotation was computed. [2018-11-28 13:00:14,693 INFO L448 ceAbstractionStarter]: For program point isReadableEXIT(lines 2249 2268) no Hoare annotation was computed. [2018-11-28 13:00:14,693 INFO L448 ceAbstractionStarter]: For program point L2255-1(line 2255) no Hoare annotation was computed. [2018-11-28 13:00:14,694 INFO L444 ceAbstractionStarter]: At program point L2255(line 2255) the Hoare annotation is: (let ((.cse2 (= 0 ~__ste_client_privateKey0~0)) (.cse5 (= 1 |isReadable_#in~msg|)) (.cse6 (not (= ~queue_empty~0 1))) (.cse7 (not (= 0 ~__ste_email_isSigned0~0))) (.cse1 (= isReadable_~msg |isReadable_#in~msg|)) (.cse0 (< ~rjh~0 2)) (.cse3 (< ~chuck~0 3)) (.cse4 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse1 .cse6 .cse0 .cse2 .cse3 .cse4) (or .cse7 .cse0 .cse1 .cse3 .cse4 .cse5) (or .cse6 .cse7 .cse1 .cse0 .cse3 .cse4))) [2018-11-28 13:00:14,694 INFO L444 ceAbstractionStarter]: At program point L2262(line 2262) the Hoare annotation is: (let ((.cse9 (= 1 |isReadable_#in~msg|))) (let ((.cse14 (= 0 ~__ste_email_isSigned0~0)) (.cse8 (= isReadable_~tmp~15 ~__ste_email_isEncrypted0~0)) (.cse16 (= 0 ~__ste_email_isEncrypted0~0)) (.cse12 (<= 2 ~rjh~0)) (.cse13 (not .cse9)) (.cse15 (= isReadable_~msg |isReadable_#in~msg|))) (let ((.cse1 (and .cse12 .cse13 .cse15)) (.cse4 (= 0 ~__ste_client_privateKey0~0)) (.cse7 (not .cse16)) (.cse0 (not (= ~queue_empty~0 1))) (.cse3 (and .cse15 .cse8 .cse16)) (.cse10 (not .cse14)) (.cse2 (< ~rjh~0 2)) (.cse11 (and .cse12 .cse13 .cse14 .cse15)) (.cse5 (< ~chuck~0 3)) (.cse6 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6) (or .cse7 .cse8 .cse2 .cse4 .cse5 .cse6 .cse9) (or .cse2 .cse1 .cse4 .cse5 .cse6 .cse9) (or .cse7 .cse10 .cse2 .cse8 .cse5 .cse6 .cse9) (or .cse10 .cse2 .cse11 .cse5 .cse6 .cse9) (or .cse0 .cse3 .cse10 .cse2 .cse11 .cse5 .cse6))))) [2018-11-28 13:00:14,694 INFO L451 ceAbstractionStarter]: At program point isReadableENTRY(lines 2249 2268) the Hoare annotation is: true [2018-11-28 13:00:14,694 INFO L448 ceAbstractionStarter]: For program point L2262-1(line 2262) no Hoare annotation was computed. [2018-11-28 13:00:14,694 INFO L448 ceAbstractionStarter]: For program point isReadableFINAL(lines 2249 2268) no Hoare annotation was computed. [2018-11-28 13:00:14,694 INFO L448 ceAbstractionStarter]: For program point __automaton_failFINAL(lines 436 443) no Hoare annotation was computed. [2018-11-28 13:00:14,694 INFO L448 ceAbstractionStarter]: For program point __automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION(line 440) no Hoare annotation was computed. [2018-11-28 13:00:14,694 INFO L451 ceAbstractionStarter]: At program point __automaton_failENTRY(lines 436 443) the Hoare annotation is: true [2018-11-28 13:00:14,694 INFO L448 ceAbstractionStarter]: For program point __automaton_failEXIT(lines 436 443) no Hoare annotation was computed. [2018-11-28 13:00:14,694 INFO L448 ceAbstractionStarter]: For program point L2048(lines 2048 2052) no Hoare annotation was computed. [2018-11-28 13:00:14,694 INFO L448 ceAbstractionStarter]: For program point L2044(lines 2044 2056) no Hoare annotation was computed. [2018-11-28 13:00:14,694 INFO L448 ceAbstractionStarter]: For program point L2044-1(lines 2018 2061) no Hoare annotation was computed. [2018-11-28 13:00:14,695 INFO L448 ceAbstractionStarter]: For program point setClientKeyringPublicKeyEXIT(lines 2018 2061) no Hoare annotation was computed. [2018-11-28 13:00:14,695 INFO L448 ceAbstractionStarter]: For program point L2034(lines 2034 2042) no Hoare annotation was computed. [2018-11-28 13:00:14,695 INFO L448 ceAbstractionStarter]: For program point L2026(lines 2026 2030) no Hoare annotation was computed. [2018-11-28 13:00:14,695 INFO L448 ceAbstractionStarter]: For program point L2022(lines 2022 2058) no Hoare annotation was computed. [2018-11-28 13:00:14,695 INFO L448 ceAbstractionStarter]: For program point L2045(lines 2045 2053) no Hoare annotation was computed. [2018-11-28 13:00:14,695 INFO L451 ceAbstractionStarter]: At program point setClientKeyringPublicKeyENTRY(lines 2018 2061) the Hoare annotation is: true [2018-11-28 13:00:14,695 INFO L448 ceAbstractionStarter]: For program point L2037(lines 2037 2041) no Hoare annotation was computed. [2018-11-28 13:00:14,695 INFO L448 ceAbstractionStarter]: For program point L2033(lines 2033 2057) no Hoare annotation was computed. [2018-11-28 13:00:14,696 INFO L448 ceAbstractionStarter]: For program point L2023(lines 2023 2031) no Hoare annotation was computed. [2018-11-28 13:00:14,696 INFO L451 ceAbstractionStarter]: At program point setup_rjh__wrappee__BaseENTRY(lines 2326 2335) the Hoare annotation is: true [2018-11-28 13:00:14,696 INFO L444 ceAbstractionStarter]: At program point L2331(line 2331) the Hoare annotation is: (or (not (= 0 ~__ste_Client_Keyring0_User0~0)) (not (= 0 ~__ste_email_isEncrypted0~0)) (<= |setup_rjh__wrappee__Base_#in~rjh___0| setup_rjh__wrappee__Base_~rjh___0) (not (= ~queue_empty~0 1)) (not (= 0 ~__ste_email_isSigned0~0)) (not (= ~__ste_Client_Keyring0_User0~0 ~__ste_Client_Keyring0_User1~0)) (< ~rjh~0 2) (not (= ~__ste_email_to0~0 ~__ste_Client_Keyring0_User0~0)) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,696 INFO L448 ceAbstractionStarter]: For program point setup_rjh__wrappee__BaseFINAL(lines 2326 2335) no Hoare annotation was computed. [2018-11-28 13:00:14,696 INFO L448 ceAbstractionStarter]: For program point setup_rjh__wrappee__BaseEXIT(lines 2326 2335) no Hoare annotation was computed. [2018-11-28 13:00:14,696 INFO L444 ceAbstractionStarter]: At program point L188(line 188) the Hoare annotation is: (or (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= 1 |outgoing_#in~client|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0) (= outgoing_~client |outgoing_#in~client|) (= outgoing_~msg |outgoing_#in~msg|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= 1 |outgoing_#in~msg|)) (< ~rjh~0 2) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,697 INFO L444 ceAbstractionStarter]: At program point L188-1(line 188) the Hoare annotation is: (let ((.cse0 (= 0 ~__ste_email_isEncrypted0~0)) (.cse1 (= outgoing_~client |outgoing_#in~client|)) (.cse2 (= outgoing_~msg |outgoing_#in~msg|))) (or (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= 1 |outgoing_#in~client|)) (and (= 0 ~__ste_email_isSigned0~0) .cse0 .cse1 .cse2) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= 1 |outgoing_#in~msg|)) (< ~rjh~0 2) (and (not (= 0 ~__ste_client_privateKey0~0)) .cse0 .cse1 .cse2) (< ~chuck~0 3) (not (= 1 ~bob~0)))) [2018-11-28 13:00:14,697 INFO L448 ceAbstractionStarter]: For program point outgoingEXIT(lines 183 193) no Hoare annotation was computed. [2018-11-28 13:00:14,697 INFO L444 ceAbstractionStarter]: At program point outgoingENTRY(lines 183 193) the Hoare annotation is: (or (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= 1 |outgoing_#in~client|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= 1 |outgoing_#in~msg|)) (< ~rjh~0 2) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,697 INFO L448 ceAbstractionStarter]: For program point outgoingFINAL(lines 183 193) no Hoare annotation was computed. [2018-11-28 13:00:14,697 INFO L451 ceAbstractionStarter]: At program point select_helpersFINAL(lines 71 77) the Hoare annotation is: true [2018-11-28 13:00:14,697 INFO L448 ceAbstractionStarter]: For program point select_helpersEXIT(lines 71 77) no Hoare annotation was computed. [2018-11-28 13:00:14,697 INFO L448 ceAbstractionStarter]: For program point getClientIdFINAL(lines 2113 2136) no Hoare annotation was computed. [2018-11-28 13:00:14,697 INFO L448 ceAbstractionStarter]: For program point L2125(lines 2125 2131) no Hoare annotation was computed. [2018-11-28 13:00:14,697 INFO L451 ceAbstractionStarter]: At program point getClientIdENTRY(lines 2113 2136) the Hoare annotation is: true [2018-11-28 13:00:14,697 INFO L448 ceAbstractionStarter]: For program point L2121(lines 2121 2132) no Hoare annotation was computed. [2018-11-28 13:00:14,697 INFO L448 ceAbstractionStarter]: For program point getClientIdEXIT(lines 2113 2136) no Hoare annotation was computed. [2018-11-28 13:00:14,697 INFO L448 ceAbstractionStarter]: For program point L2117(lines 2117 2133) no Hoare annotation was computed. [2018-11-28 13:00:14,697 INFO L448 ceAbstractionStarter]: For program point deliverFINAL(lines 194 203) no Hoare annotation was computed. [2018-11-28 13:00:14,697 INFO L451 ceAbstractionStarter]: At program point deliverENTRY(lines 194 203) the Hoare annotation is: true [2018-11-28 13:00:14,698 INFO L448 ceAbstractionStarter]: For program point deliverEXIT(lines 194 203) no Hoare annotation was computed. [2018-11-28 13:00:14,698 INFO L451 ceAbstractionStarter]: At program point L1777(line 1777) the Hoare annotation is: true [2018-11-28 13:00:14,698 INFO L448 ceAbstractionStarter]: For program point L1777-1(line 1777) no Hoare annotation was computed. [2018-11-28 13:00:14,698 INFO L448 ceAbstractionStarter]: For program point createClientKeyringEntryEXIT(lines 1769 1793) no Hoare annotation was computed. [2018-11-28 13:00:14,698 INFO L451 ceAbstractionStarter]: At program point L1783(line 1783) the Hoare annotation is: true [2018-11-28 13:00:14,698 INFO L448 ceAbstractionStarter]: For program point L1783-1(line 1783) no Hoare annotation was computed. [2018-11-28 13:00:14,698 INFO L448 ceAbstractionStarter]: For program point L1780(lines 1780 1790) no Hoare annotation was computed. [2018-11-28 13:00:14,698 INFO L451 ceAbstractionStarter]: At program point createClientKeyringEntryENTRY(lines 1769 1793) the Hoare annotation is: true [2018-11-28 13:00:14,698 INFO L448 ceAbstractionStarter]: For program point createClientKeyringEntryFINAL(lines 1769 1793) no Hoare annotation was computed. [2018-11-28 13:00:14,698 INFO L448 ceAbstractionStarter]: For program point setup_chuckEXIT(lines 2357 2367) no Hoare annotation was computed. [2018-11-28 13:00:14,698 INFO L444 ceAbstractionStarter]: At program point L2362(line 2362) the Hoare annotation is: (or (not (= 0 ~__ste_Client_Keyring0_User0~0)) (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (not (= 0 ~__ste_email_isSigned0~0)) (not (= ~__ste_Client_Keyring0_User0~0 ~__ste_Client_Keyring0_User1~0)) (< ~rjh~0 2) (not (= ~__ste_email_to0~0 ~__ste_Client_Keyring0_User0~0)) (<= |setup_chuck_#in~chuck___0| setup_chuck_~chuck___0) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,698 INFO L451 ceAbstractionStarter]: At program point setup_chuckENTRY(lines 2357 2367) the Hoare annotation is: true [2018-11-28 13:00:14,698 INFO L448 ceAbstractionStarter]: For program point setup_chuckFINAL(lines 2357 2367) no Hoare annotation was computed. [2018-11-28 13:00:14,698 INFO L444 ceAbstractionStarter]: At program point L2362-1(line 2362) the Hoare annotation is: (or (not (= 0 ~__ste_Client_Keyring0_User0~0)) (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (not (= 0 ~__ste_email_isSigned0~0)) (not (= ~__ste_Client_Keyring0_User0~0 ~__ste_Client_Keyring0_User1~0)) (< ~rjh~0 2) (not (= ~__ste_email_to0~0 ~__ste_Client_Keyring0_User0~0)) (<= |setup_chuck_#in~chuck___0| setup_chuck_~chuck___0) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,698 INFO L448 ceAbstractionStarter]: For program point L1982(lines 1982 2013) no Hoare annotation was computed. [2018-11-28 13:00:14,699 INFO L448 ceAbstractionStarter]: For program point L2001(lines 2001 2007) no Hoare annotation was computed. [2018-11-28 13:00:14,699 INFO L448 ceAbstractionStarter]: For program point L1968(lines 1968 2014) no Hoare annotation was computed. [2018-11-28 13:00:14,699 INFO L448 ceAbstractionStarter]: For program point L1997(lines 1997 2008) no Hoare annotation was computed. [2018-11-28 13:00:14,699 INFO L448 ceAbstractionStarter]: For program point L1987(lines 1987 1993) no Hoare annotation was computed. [2018-11-28 13:00:14,699 INFO L448 ceAbstractionStarter]: For program point L1983(lines 1983 1994) no Hoare annotation was computed. [2018-11-28 13:00:14,699 INFO L448 ceAbstractionStarter]: For program point L1973(lines 1973 1979) no Hoare annotation was computed. [2018-11-28 13:00:14,699 INFO L448 ceAbstractionStarter]: For program point findPublicKeyFINAL(lines 1964 2017) no Hoare annotation was computed. [2018-11-28 13:00:14,699 INFO L448 ceAbstractionStarter]: For program point L1969(lines 1969 1980) no Hoare annotation was computed. [2018-11-28 13:00:14,699 INFO L448 ceAbstractionStarter]: For program point L1996(lines 1996 2012) no Hoare annotation was computed. [2018-11-28 13:00:14,699 INFO L448 ceAbstractionStarter]: For program point findPublicKeyEXIT(lines 1964 2017) no Hoare annotation was computed. [2018-11-28 13:00:14,699 INFO L451 ceAbstractionStarter]: At program point findPublicKeyENTRY(lines 1964 2017) the Hoare annotation is: true [2018-11-28 13:00:14,699 INFO L444 ceAbstractionStarter]: At program point outgoing__wrappee__EncryptENTRY(lines 156 182) the Hoare annotation is: (let ((.cse1 (= 0 ~__ste_email_isEncrypted0~0)) (.cse0 (not (= 0 |old(~__ste_email_isEncrypted0~0)|))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (not (= 1 |outgoing__wrappee__Encrypt_#in~client|))) (.cse4 (not (= 1 |outgoing__wrappee__Encrypt_#in~msg|))) (.cse5 (< ~rjh~0 2)) (.cse6 (< ~chuck~0 3)) (.cse7 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (= 0 ~__ste_email_isSigned0~0)) .cse4 .cse5 .cse6 .cse7) (or .cse1 .cse0 .cse2 .cse3 .cse4 .cse5 (= 0 ~__ste_client_privateKey0~0) .cse6 .cse7))) [2018-11-28 13:00:14,699 INFO L448 ceAbstractionStarter]: For program point outgoing__wrappee__EncryptEXIT(lines 156 182) no Hoare annotation was computed. [2018-11-28 13:00:14,699 INFO L444 ceAbstractionStarter]: At program point L171(line 171) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_email_isEncrypted0~0)|))) (.cse7 (and (= |outgoing__wrappee__Encrypt_#in~msg| outgoing__wrappee__Encrypt_~msg) (= outgoing__wrappee__Encrypt_~client |outgoing__wrappee__Encrypt_#in~client|) (= 0 ~__ste_email_isEncrypted0~0))) (.cse1 (not (= ~queue_empty~0 1))) (.cse2 (not (= 1 |outgoing__wrappee__Encrypt_#in~client|))) (.cse3 (not (= 1 |outgoing__wrappee__Encrypt_#in~msg|))) (.cse4 (< ~rjh~0 2)) (.cse5 (< ~chuck~0 3)) (.cse6 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 (= 0 ~__ste_client_privateKey0~0) .cse5 .cse6 .cse7) (or .cse0 .cse7 .cse1 .cse2 (not (= 0 ~__ste_email_isSigned0~0)) .cse3 .cse4 .cse5 .cse6))) [2018-11-28 13:00:14,701 INFO L444 ceAbstractionStarter]: At program point L171-1(line 171) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_email_isEncrypted0~0)|))) (.cse7 (and (= |outgoing__wrappee__Encrypt_#in~msg| outgoing__wrappee__Encrypt_~msg) (= outgoing__wrappee__Encrypt_~client |outgoing__wrappee__Encrypt_#in~client|) (= 0 ~__ste_email_isEncrypted0~0))) (.cse1 (not (= ~queue_empty~0 1))) (.cse2 (not (= 1 |outgoing__wrappee__Encrypt_#in~client|))) (.cse3 (not (= 1 |outgoing__wrappee__Encrypt_#in~msg|))) (.cse4 (< ~rjh~0 2)) (.cse5 (< ~chuck~0 3)) (.cse6 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 (= 0 ~__ste_client_privateKey0~0) .cse5 .cse6 .cse7) (or .cse0 .cse7 .cse1 .cse2 (not (= 0 ~__ste_email_isSigned0~0)) .cse3 .cse4 .cse5 .cse6))) [2018-11-28 13:00:14,701 INFO L448 ceAbstractionStarter]: For program point L169(lines 169 176) no Hoare annotation was computed. [2018-11-28 13:00:14,701 INFO L444 ceAbstractionStarter]: At program point L169-1(lines 169 176) the Hoare annotation is: (let ((.cse1 (not (= 0 |old(~__ste_email_isEncrypted0~0)|))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (not (= 1 |outgoing__wrappee__Encrypt_#in~client|))) (.cse4 (not (= 1 |outgoing__wrappee__Encrypt_#in~msg|))) (.cse5 (< ~rjh~0 2)) (.cse0 (and (= |outgoing__wrappee__Encrypt_#in~msg| outgoing__wrappee__Encrypt_~msg) (= outgoing__wrappee__Encrypt_~client |outgoing__wrappee__Encrypt_#in~client|))) (.cse6 (< ~chuck~0 3)) (.cse7 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (= 0 ~__ste_email_isSigned0~0)) .cse4 .cse5 .cse6 .cse7) (or .cse1 .cse2 .cse3 .cse4 .cse5 .cse0 (= 0 ~__ste_client_privateKey0~0) .cse6 .cse7))) [2018-11-28 13:00:14,701 INFO L448 ceAbstractionStarter]: For program point outgoing__wrappee__EncryptFINAL(lines 156 182) no Hoare annotation was computed. [2018-11-28 13:00:14,702 INFO L444 ceAbstractionStarter]: At program point L166(line 166) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_email_isEncrypted0~0)|))) (.cse1 (not (= ~queue_empty~0 1))) (.cse2 (not (= 1 |outgoing__wrappee__Encrypt_#in~client|))) (.cse3 (and (= |outgoing__wrappee__Encrypt_#in~msg| outgoing__wrappee__Encrypt_~msg) (= outgoing__wrappee__Encrypt_~receiver~0 ~__ste_email_to0~0) (= outgoing__wrappee__Encrypt_~client |outgoing__wrappee__Encrypt_#in~client|) (= 0 ~__ste_email_isEncrypted0~0))) (.cse4 (not (= 1 |outgoing__wrappee__Encrypt_#in~msg|))) (.cse5 (< ~rjh~0 2)) (.cse6 (< ~chuck~0 3)) (.cse7 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 (= 0 ~__ste_client_privateKey0~0) .cse6 .cse7) (or .cse0 .cse1 .cse2 .cse3 (not (= 0 ~__ste_email_isSigned0~0)) .cse4 .cse5 .cse6 .cse7))) [2018-11-28 13:00:14,702 INFO L448 ceAbstractionStarter]: For program point L166-1(line 166) no Hoare annotation was computed. [2018-11-28 13:00:14,702 INFO L444 ceAbstractionStarter]: At program point L164(line 164) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_email_isEncrypted0~0)|))) (.cse1 (not (= ~queue_empty~0 1))) (.cse2 (not (= 1 |outgoing__wrappee__Encrypt_#in~client|))) (.cse4 (not (= 1 |outgoing__wrappee__Encrypt_#in~msg|))) (.cse3 (and (= |outgoing__wrappee__Encrypt_#in~msg| outgoing__wrappee__Encrypt_~msg) (= outgoing__wrappee__Encrypt_~client |outgoing__wrappee__Encrypt_#in~client|) (= 0 ~__ste_email_isEncrypted0~0))) (.cse5 (< ~rjh~0 2)) (.cse6 (< ~chuck~0 3)) (.cse7 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 (= 0 ~__ste_client_privateKey0~0) .cse6 .cse7) (or .cse0 .cse1 .cse2 (not (= 0 ~__ste_email_isSigned0~0)) .cse4 .cse3 .cse5 .cse6 .cse7))) [2018-11-28 13:00:14,706 INFO L448 ceAbstractionStarter]: For program point L164-1(line 164) no Hoare annotation was computed. [2018-11-28 13:00:14,706 INFO L444 ceAbstractionStarter]: At program point L289(line 289) the Hoare annotation is: (or (not (= 1 |sendEmail_#in~sender|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0) (= 1 sendEmail_~sender) (= 1 sendEmail_~email~0)) (< ~rjh~0 2) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,706 INFO L448 ceAbstractionStarter]: For program point sendEmailEXIT(lines 281 293) no Hoare annotation was computed. [2018-11-28 13:00:14,706 INFO L444 ceAbstractionStarter]: At program point L287(line 287) the Hoare annotation is: (let ((.cse0 (not (= 1 |sendEmail_#in~sender|))) (.cse1 (not (= 0 |old(~__ste_email_isEncrypted0~0)|))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (not (= 0 |old(~__ste_email_isSigned0~0)|))) (.cse4 (< ~rjh~0 2)) (.cse5 (< ~chuck~0 3)) (.cse6 (not (= 1 ~bob~0)))) (and (or .cse0 (not (= 0 ~__ste_Client_Keyring0_User0~0)) .cse1 .cse2 (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) .cse3 .cse4 (not (= |old(~__ste_email_to0~0)| ~__ste_Client_Keyring0_User0~0)) .cse5 .cse6) (or .cse0 .cse1 .cse2 (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0) (= 1 sendEmail_~sender)) .cse3 .cse4 .cse5 .cse6))) [2018-11-28 13:00:14,706 INFO L448 ceAbstractionStarter]: For program point L287-1(line 287) no Hoare annotation was computed. [2018-11-28 13:00:14,706 INFO L444 ceAbstractionStarter]: At program point sendEmailENTRY(lines 281 293) the Hoare annotation is: (let ((.cse0 (not (= 1 |sendEmail_#in~sender|))) (.cse1 (not (= 0 |old(~__ste_email_isEncrypted0~0)|))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (not (= 0 |old(~__ste_email_isSigned0~0)|))) (.cse4 (< ~rjh~0 2)) (.cse5 (< ~chuck~0 3)) (.cse6 (not (= 1 ~bob~0)))) (and (or .cse0 (not (= 0 ~__ste_Client_Keyring0_User0~0)) (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) .cse1 .cse2 .cse3 .cse4 (not (= |old(~__ste_email_to0~0)| ~__ste_Client_Keyring0_User0~0)) .cse5 .cse6) (or .cse0 .cse1 .cse2 .cse3 .cse4 (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) .cse5 .cse6))) [2018-11-28 13:00:14,706 INFO L448 ceAbstractionStarter]: For program point sendEmailFINAL(lines 281 293) no Hoare annotation was computed. [2018-11-28 13:00:14,706 INFO L448 ceAbstractionStarter]: For program point L686(lines 686 692) no Hoare annotation was computed. [2018-11-28 13:00:14,707 INFO L448 ceAbstractionStarter]: For program point isEncryptedFINAL(lines 678 696) no Hoare annotation was computed. [2018-11-28 13:00:14,707 INFO L448 ceAbstractionStarter]: For program point L682(lines 682 693) no Hoare annotation was computed. [2018-11-28 13:00:14,707 INFO L448 ceAbstractionStarter]: For program point isEncryptedEXIT(lines 678 696) no Hoare annotation was computed. [2018-11-28 13:00:14,707 INFO L451 ceAbstractionStarter]: At program point isEncryptedENTRY(lines 678 696) the Hoare annotation is: true [2018-11-28 13:00:14,707 INFO L448 ceAbstractionStarter]: For program point L417(lines 417 431) no Hoare annotation was computed. [2018-11-28 13:00:14,711 INFO L448 ceAbstractionStarter]: For program point L417-1(lines 387 434) no Hoare annotation was computed. [2018-11-28 13:00:14,711 INFO L448 ceAbstractionStarter]: For program point L413(line 413) no Hoare annotation was computed. [2018-11-28 13:00:14,711 INFO L448 ceAbstractionStarter]: For program point verifyEXIT(lines 387 434) no Hoare annotation was computed. [2018-11-28 13:00:14,711 INFO L444 ceAbstractionStarter]: At program point L424(line 424) the Hoare annotation is: (let ((.cse9 (= 1 |verify_#in~msg|))) (let ((.cse8 (not .cse9)) (.cse0 (= verify_~msg |verify_#in~msg|)) (.cse12 (= 0 ~__ste_email_isSigned0~0))) (let ((.cse3 (= 0 ~__ste_client_privateKey0~0)) (.cse6 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse1 (not (= ~queue_empty~0 1))) (.cse7 (= verify_~tmp~7 1)) (.cse10 (not .cse12)) (.cse2 (< ~rjh~0 2)) (.cse11 (and .cse8 (<= 2 ~rjh~0) .cse0 .cse12)) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse6 .cse1 .cse2 .cse7 .cse3 .cse4 .cse5 .cse8) (or .cse9 .cse0 .cse2 .cse3 .cse4 .cse5) (or .cse9 .cse10 .cse2 .cse11 .cse4 .cse5) (or (and .cse0 .cse6) .cse1 (and .cse7 .cse0) .cse10 .cse2 .cse11 .cse4 .cse5))))) [2018-11-28 13:00:14,711 INFO L451 ceAbstractionStarter]: At program point verifyENTRY(lines 387 434) the Hoare annotation is: true [2018-11-28 13:00:14,711 INFO L448 ceAbstractionStarter]: For program point L422(lines 422 428) no Hoare annotation was computed. [2018-11-28 13:00:14,712 INFO L444 ceAbstractionStarter]: At program point L420(line 420) the Hoare annotation is: (let ((.cse9 (= 1 |verify_#in~msg|))) (let ((.cse8 (not .cse9)) (.cse0 (= verify_~msg |verify_#in~msg|)) (.cse12 (= 0 ~__ste_email_isSigned0~0))) (let ((.cse3 (= 0 ~__ste_client_privateKey0~0)) (.cse6 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse1 (not (= ~queue_empty~0 1))) (.cse7 (= verify_~tmp~7 1)) (.cse10 (not .cse12)) (.cse2 (< ~rjh~0 2)) (.cse11 (and .cse8 (<= 2 ~rjh~0) .cse0 .cse12)) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse6 .cse1 .cse2 .cse7 .cse3 .cse4 .cse5 .cse8) (or .cse9 .cse0 .cse2 .cse3 .cse4 .cse5) (or .cse9 .cse10 .cse2 .cse11 .cse4 .cse5) (or (and .cse0 .cse6) .cse1 (and .cse7 .cse0) .cse10 .cse2 .cse11 .cse4 .cse5))))) [2018-11-28 13:00:14,712 INFO L448 ceAbstractionStarter]: For program point L420-1(line 420) no Hoare annotation was computed. [2018-11-28 13:00:14,712 INFO L444 ceAbstractionStarter]: At program point L414(line 414) the Hoare annotation is: (let ((.cse9 (= 1 |verify_#in~msg|))) (let ((.cse8 (not .cse9)) (.cse0 (= verify_~msg |verify_#in~msg|)) (.cse12 (= 0 ~__ste_email_isSigned0~0))) (let ((.cse3 (= 0 ~__ste_client_privateKey0~0)) (.cse6 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse1 (not (= ~queue_empty~0 1))) (.cse7 (= verify_~tmp~7 1)) (.cse10 (not .cse12)) (.cse2 (< ~rjh~0 2)) (.cse11 (and .cse8 (<= 2 ~rjh~0) .cse0 .cse12)) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse6 .cse1 .cse2 .cse7 .cse3 .cse4 .cse5 .cse8) (or .cse9 .cse0 .cse2 .cse3 .cse4 .cse5) (or .cse9 .cse10 .cse2 .cse11 .cse4 .cse5) (or (and .cse0 .cse6) .cse1 (and .cse7 .cse0) .cse10 .cse2 .cse11 .cse4 .cse5))))) [2018-11-28 13:00:14,712 INFO L448 ceAbstractionStarter]: For program point L414-1(line 414) no Hoare annotation was computed. [2018-11-28 13:00:14,712 INFO L448 ceAbstractionStarter]: For program point L404(lines 404 408) no Hoare annotation was computed. [2018-11-28 13:00:14,712 INFO L444 ceAbstractionStarter]: At program point L404-1(lines 400 411) the Hoare annotation is: (let ((.cse9 (= 1 |verify_#in~msg|))) (let ((.cse8 (not .cse9)) (.cse0 (= verify_~msg |verify_#in~msg|)) (.cse12 (= 0 ~__ste_email_isSigned0~0))) (let ((.cse3 (= 0 ~__ste_client_privateKey0~0)) (.cse6 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse1 (not (= ~queue_empty~0 1))) (.cse7 (= verify_~tmp~7 1)) (.cse10 (not .cse12)) (.cse2 (< ~rjh~0 2)) (.cse11 (and .cse8 (<= 2 ~rjh~0) .cse0 .cse12)) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse6 .cse1 .cse2 .cse7 .cse3 .cse4 .cse5 .cse8) (or .cse9 .cse0 .cse2 .cse3 .cse4 .cse5) (or .cse9 .cse10 .cse2 .cse11 .cse4 .cse5) (or (and .cse0 .cse6) .cse1 (and .cse7 .cse0) .cse10 .cse2 .cse11 .cse4 .cse5))))) [2018-11-28 13:00:14,715 INFO L444 ceAbstractionStarter]: At program point L402(line 402) the Hoare annotation is: (let ((.cse9 (= 1 |verify_#in~msg|))) (let ((.cse8 (not .cse9)) (.cse0 (= verify_~msg |verify_#in~msg|)) (.cse12 (= 0 ~__ste_email_isSigned0~0))) (let ((.cse3 (= 0 ~__ste_client_privateKey0~0)) (.cse6 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse1 (not (= ~queue_empty~0 1))) (.cse7 (= verify_~tmp~7 1)) (.cse10 (not .cse12)) (.cse2 (< ~rjh~0 2)) (.cse11 (and .cse8 (<= 2 ~rjh~0) .cse0 .cse12)) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse6 .cse1 .cse2 .cse7 .cse3 .cse4 .cse5 .cse8) (or .cse9 .cse0 .cse2 .cse3 .cse4 .cse5) (or .cse9 .cse10 .cse2 .cse11 .cse4 .cse5) (or (and .cse0 .cse6) .cse1 (and .cse7 .cse0) .cse10 .cse2 .cse11 .cse4 .cse5))))) [2018-11-28 13:00:14,715 INFO L448 ceAbstractionStarter]: For program point L402-1(line 402) no Hoare annotation was computed. [2018-11-28 13:00:14,715 INFO L448 ceAbstractionStarter]: For program point L400(lines 400 411) no Hoare annotation was computed. [2018-11-28 13:00:14,715 INFO L444 ceAbstractionStarter]: At program point L398(line 398) the Hoare annotation is: (let ((.cse1 (not (= 0 ~__ste_email_isSigned0~0))) (.cse0 (= 1 |verify_#in~msg|)) (.cse6 (not (= ~queue_empty~0 1))) (.cse3 (= verify_~msg |verify_#in~msg|)) (.cse2 (< ~rjh~0 2)) (.cse7 (= 0 ~__ste_client_privateKey0~0)) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse6 .cse1 .cse3 .cse2 .cse4 .cse5) (or .cse0 .cse3 .cse2 .cse7 .cse4 .cse5) (or .cse6 .cse3 .cse2 .cse7 .cse4 .cse5))) [2018-11-28 13:00:14,715 INFO L448 ceAbstractionStarter]: For program point L398-1(line 398) no Hoare annotation was computed. [2018-11-28 13:00:14,715 INFO L444 ceAbstractionStarter]: At program point L419(line 419) the Hoare annotation is: (let ((.cse9 (= 1 |verify_#in~msg|))) (let ((.cse8 (not .cse9)) (.cse0 (= verify_~msg |verify_#in~msg|)) (.cse12 (= 0 ~__ste_email_isSigned0~0))) (let ((.cse3 (= 0 ~__ste_client_privateKey0~0)) (.cse6 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse1 (not (= ~queue_empty~0 1))) (.cse7 (= verify_~tmp~7 1)) (.cse10 (not .cse12)) (.cse2 (< ~rjh~0 2)) (.cse11 (and .cse8 (<= 2 ~rjh~0) .cse0 .cse12)) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse6 .cse1 .cse2 .cse7 .cse3 .cse4 .cse5 .cse8) (or .cse9 .cse0 .cse2 .cse3 .cse4 .cse5) (or .cse9 .cse10 .cse2 .cse11 .cse4 .cse5) (or (and .cse0 .cse6) .cse1 (and .cse7 .cse0) .cse10 .cse2 .cse11 .cse4 .cse5))))) [2018-11-28 13:00:14,715 INFO L448 ceAbstractionStarter]: For program point L419-1(line 419) no Hoare annotation was computed. [2018-11-28 13:00:14,715 INFO L448 ceAbstractionStarter]: For program point L704(lines 704 708) no Hoare annotation was computed. [2018-11-28 13:00:14,715 INFO L448 ceAbstractionStarter]: For program point L704-2(lines 697 712) no Hoare annotation was computed. [2018-11-28 13:00:14,716 INFO L448 ceAbstractionStarter]: For program point L701(lines 701 709) no Hoare annotation was computed. [2018-11-28 13:00:14,716 INFO L448 ceAbstractionStarter]: For program point setEmailIsEncryptedEXIT(lines 697 712) no Hoare annotation was computed. [2018-11-28 13:00:14,719 INFO L444 ceAbstractionStarter]: At program point setEmailIsEncryptedENTRY(lines 697 712) the Hoare annotation is: (let ((.cse1 (= ~__ste_email_isEncrypted0~0 |old(~__ste_email_isEncrypted0~0)|)) (.cse0 (< ~rjh~0 2)) (.cse2 (< ~chuck~0 3)) (.cse3 (not (= 1 ~bob~0)))) (and (or .cse0 (= 0 ~__ste_client_privateKey0~0) .cse1 .cse2 .cse3) (or .cse1 (not (= 0 ~__ste_email_isSigned0~0)) .cse0 .cse2 .cse3))) [2018-11-28 13:00:14,719 INFO L451 ceAbstractionStarter]: At program point incoming__wrappee__VerifyENTRY(lines 214 224) the Hoare annotation is: true [2018-11-28 13:00:14,719 INFO L444 ceAbstractionStarter]: At program point L219(line 219) the Hoare annotation is: (let ((.cse2 (= 1 |incoming__wrappee__Verify_#in~msg|)) (.cse6 (= 0 ~__ste_client_privateKey0~0)) (.cse7 (not (= ~queue_empty~0 1))) (.cse0 (not (= 0 ~__ste_email_isSigned0~0))) (.cse1 (< ~rjh~0 2)) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0))) (.cse3 (= incoming__wrappee__Verify_~msg |incoming__wrappee__Verify_#in~msg|))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse3 .cse1 .cse6 .cse2 .cse4 .cse5) (or .cse3 .cse7 .cse1 .cse6 .cse4 .cse5) (or .cse7 .cse0 .cse1 .cse4 .cse5 .cse3))) [2018-11-28 13:00:14,719 INFO L444 ceAbstractionStarter]: At program point L219-1(line 219) the Hoare annotation is: (let ((.cse3 (= 0 ~__ste_client_privateKey0~0)) (.cse7 (= 1 |incoming__wrappee__Verify_#in~msg|)) (.cse1 (not (= ~queue_empty~0 1))) (.cse6 (not (= 0 ~__ste_email_isSigned0~0))) (.cse2 (< ~rjh~0 2)) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0))) (.cse0 (= incoming__wrappee__Verify_~msg |incoming__wrappee__Verify_#in~msg|))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse6 .cse2 .cse7 .cse0 .cse4 .cse5) (or .cse0 .cse2 .cse3 .cse7 .cse4 .cse5) (or .cse1 .cse6 .cse2 .cse4 .cse5 .cse0))) [2018-11-28 13:00:14,719 INFO L448 ceAbstractionStarter]: For program point incoming__wrappee__VerifyFINAL(lines 214 224) no Hoare annotation was computed. [2018-11-28 13:00:14,719 INFO L448 ceAbstractionStarter]: For program point incoming__wrappee__VerifyEXIT(lines 214 224) no Hoare annotation was computed. [2018-11-28 13:00:14,719 INFO L448 ceAbstractionStarter]: For program point getEmailSignKeyEXIT(lines 789 807) no Hoare annotation was computed. [2018-11-28 13:00:14,719 INFO L448 ceAbstractionStarter]: For program point L797(lines 797 803) no Hoare annotation was computed. [2018-11-28 13:00:14,719 INFO L451 ceAbstractionStarter]: At program point getEmailSignKeyENTRY(lines 789 807) the Hoare annotation is: true [2018-11-28 13:00:14,719 INFO L448 ceAbstractionStarter]: For program point getEmailSignKeyFINAL(lines 789 807) no Hoare annotation was computed. [2018-11-28 13:00:14,719 INFO L448 ceAbstractionStarter]: For program point L793(lines 793 804) no Hoare annotation was computed. [2018-11-28 13:00:14,720 INFO L444 ceAbstractionStarter]: At program point setClientPrivateKeyENTRY(lines 1702 1721) the Hoare annotation is: (let ((.cse0 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse1 (not (= ~queue_empty~0 1))) (.cse2 (not (= 0 ~__ste_email_isSigned0~0))) (.cse3 (< |old(~__ste_client_privateKey0~0)| 789)) (.cse4 (< ~rjh~0 2)) (.cse5 (< ~chuck~0 3)) (.cse6 (not (= 1 ~bob~0)))) (and (or (<= 789 ~__ste_client_privateKey0~0) .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6) (or .cse0 .cse1 .cse2 .cse3 (< |old(~__ste_client_privateKey0~0)| |setClientPrivateKey_#in~value|) .cse4 .cse5 .cse6 (<= |setClientPrivateKey_#in~value| ~__ste_client_privateKey0~0)))) [2018-11-28 13:00:14,720 INFO L448 ceAbstractionStarter]: For program point setClientPrivateKeyEXIT(lines 1702 1721) no Hoare annotation was computed. [2018-11-28 13:00:14,720 INFO L448 ceAbstractionStarter]: For program point L1712(lines 1712 1716) no Hoare annotation was computed. [2018-11-28 13:00:14,720 INFO L448 ceAbstractionStarter]: For program point L1712-2(lines 1702 1721) no Hoare annotation was computed. [2018-11-28 13:00:14,723 INFO L448 ceAbstractionStarter]: For program point L1709(lines 1709 1717) no Hoare annotation was computed. [2018-11-28 13:00:14,723 INFO L448 ceAbstractionStarter]: For program point L1706(lines 1706 1718) no Hoare annotation was computed. [2018-11-28 13:00:14,723 INFO L444 ceAbstractionStarter]: At program point L2510(line 2510) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse1 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (not (= 0 ~__ste_email_isSigned0~0))) (.cse4 (< ~rjh~0 2)) (.cse5 (not (= ~__ste_email_to0~0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse6 (< ~chuck~0 3)) (.cse7 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) .cse4 .cse5 .cse6 .cse7 (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0)) (or .cse0 .cse1 (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) .cse2 .cse3 .cse4 .cse5 .cse6 .cse7))) [2018-11-28 13:00:14,723 INFO L448 ceAbstractionStarter]: For program point chuckKeyAddEXIT(lines 2504 2515) no Hoare annotation was computed. [2018-11-28 13:00:14,724 INFO L448 ceAbstractionStarter]: For program point L2509(line 2509) no Hoare annotation was computed. [2018-11-28 13:00:14,724 INFO L451 ceAbstractionStarter]: At program point L2510-1(line 2510) the Hoare annotation is: true [2018-11-28 13:00:14,724 INFO L444 ceAbstractionStarter]: At program point chuckKeyAddENTRY(lines 2504 2515) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse1 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (not (= 0 ~__ste_email_isSigned0~0))) (.cse4 (< ~rjh~0 2)) (.cse5 (not (= ~__ste_email_to0~0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse6 (< ~chuck~0 3)) (.cse7 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) .cse4 .cse5 .cse6 .cse7 (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0)) (or .cse0 .cse1 (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) .cse2 .cse3 .cse4 .cse5 .cse6 .cse7))) [2018-11-28 13:00:14,724 INFO L448 ceAbstractionStarter]: For program point chuckKeyAddFINAL(lines 2504 2515) no Hoare annotation was computed. [2018-11-28 13:00:14,724 INFO L448 ceAbstractionStarter]: For program point L1729(lines 1729 1745) no Hoare annotation was computed. [2018-11-28 13:00:14,724 INFO L451 ceAbstractionStarter]: At program point getClientKeyringSizeENTRY(lines 1725 1748) the Hoare annotation is: true [2018-11-28 13:00:14,724 INFO L448 ceAbstractionStarter]: For program point getClientKeyringSizeEXIT(lines 1725 1748) no Hoare annotation was computed. [2018-11-28 13:00:14,724 INFO L448 ceAbstractionStarter]: For program point L1737(lines 1737 1743) no Hoare annotation was computed. [2018-11-28 13:00:14,724 INFO L448 ceAbstractionStarter]: For program point getClientKeyringSizeFINAL(lines 1725 1748) no Hoare annotation was computed. [2018-11-28 13:00:14,724 INFO L448 ceAbstractionStarter]: For program point L1733(lines 1733 1744) no Hoare annotation was computed. [2018-11-28 13:00:14,724 INFO L448 ceAbstractionStarter]: For program point L589(lines 589 593) no Hoare annotation was computed. [2018-11-28 13:00:14,724 INFO L448 ceAbstractionStarter]: For program point L589-2(lines 582 597) no Hoare annotation was computed. [2018-11-28 13:00:14,724 INFO L448 ceAbstractionStarter]: For program point L586(lines 586 594) no Hoare annotation was computed. [2018-11-28 13:00:14,724 INFO L448 ceAbstractionStarter]: For program point setEmailToEXIT(lines 582 597) no Hoare annotation was computed. [2018-11-28 13:00:14,724 INFO L444 ceAbstractionStarter]: At program point setEmailToENTRY(lines 582 597) the Hoare annotation is: (or (not (= 0 ~__ste_Client_Keyring0_User0~0)) (not (= 0 ~__ste_email_isEncrypted0~0)) (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) (not (= ~queue_empty~0 1)) (not (= 0 ~__ste_email_isSigned0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| ~__ste_Client_Keyring0_User0~0)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,728 INFO L451 ceAbstractionStarter]: At program point setEmailIsSignatureVerifiedENTRY(lines 845 860) the Hoare annotation is: true [2018-11-28 13:00:14,728 INFO L448 ceAbstractionStarter]: For program point L849(lines 849 857) no Hoare annotation was computed. [2018-11-28 13:00:14,728 INFO L448 ceAbstractionStarter]: For program point setEmailIsSignatureVerifiedEXIT(lines 845 860) no Hoare annotation was computed. [2018-11-28 13:00:14,728 INFO L448 ceAbstractionStarter]: For program point L852(lines 852 856) no Hoare annotation was computed. [2018-11-28 13:00:14,728 INFO L448 ceAbstractionStarter]: For program point L852-2(lines 845 860) no Hoare annotation was computed. [2018-11-28 13:00:14,728 INFO L448 ceAbstractionStarter]: For program point is_queue_emptyEXIT(lines 304 312) no Hoare annotation was computed. [2018-11-28 13:00:14,728 INFO L451 ceAbstractionStarter]: At program point is_queue_emptyENTRY(lines 304 312) the Hoare annotation is: true [2018-11-28 13:00:14,729 INFO L448 ceAbstractionStarter]: For program point is_queue_emptyFINAL(lines 304 312) no Hoare annotation was computed. [2018-11-28 13:00:14,729 INFO L448 ceAbstractionStarter]: For program point L2461-1(line 2461) no Hoare annotation was computed. [2018-11-28 13:00:14,729 INFO L451 ceAbstractionStarter]: At program point L2461(line 2461) the Hoare annotation is: true [2018-11-28 13:00:14,729 INFO L451 ceAbstractionStarter]: At program point L2458(line 2458) the Hoare annotation is: true [2018-11-28 13:00:14,729 INFO L448 ceAbstractionStarter]: For program point L2456(line 2456) no Hoare annotation was computed. [2018-11-28 13:00:14,729 INFO L448 ceAbstractionStarter]: For program point L2458-1(line 2458) no Hoare annotation was computed. [2018-11-28 13:00:14,729 INFO L444 ceAbstractionStarter]: At program point L2454(line 2454) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse1 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (not (= 0 ~__ste_email_isSigned0~0))) (.cse4 (< ~rjh~0 2)) (.cse5 (not (= ~__ste_email_to0~0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse6 (< ~chuck~0 3)) (.cse7 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) .cse4 .cse5 .cse6 .cse7 (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0)) (or .cse0 .cse1 (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) .cse2 .cse3 .cse4 .cse5 .cse6 .cse7))) [2018-11-28 13:00:14,729 INFO L451 ceAbstractionStarter]: At program point L2455-1(line 2455) the Hoare annotation is: true [2018-11-28 13:00:14,729 INFO L448 ceAbstractionStarter]: For program point bobKeyAddEXIT(lines 2446 2467) no Hoare annotation was computed. [2018-11-28 13:00:14,729 INFO L444 ceAbstractionStarter]: At program point L2455(line 2455) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse1 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (not (= 0 ~__ste_email_isSigned0~0))) (.cse4 (< ~rjh~0 2)) (.cse5 (not (= ~__ste_email_to0~0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse6 (< ~chuck~0 3)) (.cse7 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) .cse4 .cse5 .cse6 .cse7 (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0)) (or .cse0 .cse1 (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) .cse2 .cse3 .cse4 .cse5 .cse6 .cse7))) [2018-11-28 13:00:14,732 INFO L448 ceAbstractionStarter]: For program point L2454-1(line 2454) no Hoare annotation was computed. [2018-11-28 13:00:14,732 INFO L444 ceAbstractionStarter]: At program point bobKeyAddENTRY(lines 2446 2467) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse1 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (not (= 0 ~__ste_email_isSigned0~0))) (.cse4 (< ~rjh~0 2)) (.cse5 (not (= ~__ste_email_to0~0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse6 (< ~chuck~0 3)) (.cse7 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) .cse4 .cse5 .cse6 .cse7 (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0)) (or .cse0 .cse1 (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) .cse2 .cse3 .cse4 .cse5 .cse6 .cse7))) [2018-11-28 13:00:14,732 INFO L448 ceAbstractionStarter]: For program point bobKeyAddFINAL(lines 2446 2467) no Hoare annotation was computed. [2018-11-28 13:00:14,733 INFO L448 ceAbstractionStarter]: For program point getClientKeyringPublicKeyEXIT(lines 1910 1963) no Hoare annotation was computed. [2018-11-28 13:00:14,733 INFO L448 ceAbstractionStarter]: For program point L1947(lines 1947 1953) no Hoare annotation was computed. [2018-11-28 13:00:14,733 INFO L448 ceAbstractionStarter]: For program point L1914(lines 1914 1960) no Hoare annotation was computed. [2018-11-28 13:00:14,733 INFO L448 ceAbstractionStarter]: For program point L1943(lines 1943 1954) no Hoare annotation was computed. [2018-11-28 13:00:14,733 INFO L448 ceAbstractionStarter]: For program point L1933(lines 1933 1939) no Hoare annotation was computed. [2018-11-28 13:00:14,733 INFO L448 ceAbstractionStarter]: For program point L1929(lines 1929 1940) no Hoare annotation was computed. [2018-11-28 13:00:14,733 INFO L448 ceAbstractionStarter]: For program point getClientKeyringPublicKeyFINAL(lines 1910 1963) no Hoare annotation was computed. [2018-11-28 13:00:14,733 INFO L448 ceAbstractionStarter]: For program point L1919(lines 1919 1925) no Hoare annotation was computed. [2018-11-28 13:00:14,733 INFO L448 ceAbstractionStarter]: For program point L1915(lines 1915 1926) no Hoare annotation was computed. [2018-11-28 13:00:14,733 INFO L451 ceAbstractionStarter]: At program point getClientKeyringPublicKeyENTRY(lines 1910 1963) the Hoare annotation is: true [2018-11-28 13:00:14,733 INFO L448 ceAbstractionStarter]: For program point L1942(lines 1942 1958) no Hoare annotation was computed. [2018-11-28 13:00:14,733 INFO L448 ceAbstractionStarter]: For program point L1928(lines 1928 1959) no Hoare annotation was computed. [2018-11-28 13:00:14,733 INFO L448 ceAbstractionStarter]: For program point setEmailSignKeyEXIT(lines 808 823) no Hoare annotation was computed. [2018-11-28 13:00:14,733 INFO L448 ceAbstractionStarter]: For program point L815(lines 815 819) no Hoare annotation was computed. [2018-11-28 13:00:14,733 INFO L448 ceAbstractionStarter]: For program point L815-2(lines 808 823) no Hoare annotation was computed. [2018-11-28 13:00:14,733 INFO L448 ceAbstractionStarter]: For program point L812(lines 812 820) no Hoare annotation was computed. [2018-11-28 13:00:14,736 INFO L451 ceAbstractionStarter]: At program point setEmailSignKeyENTRY(lines 808 823) the Hoare annotation is: true [2018-11-28 13:00:14,737 INFO L448 ceAbstractionStarter]: For program point generateKeyPairFINAL(lines 356 365) no Hoare annotation was computed. [2018-11-28 13:00:14,737 INFO L444 ceAbstractionStarter]: At program point generateKeyPairENTRY(lines 356 365) the Hoare annotation is: (or (<= 789 ~__ste_client_privateKey0~0) (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (not (= 0 ~__ste_email_isSigned0~0)) (< |old(~__ste_client_privateKey0~0)| 789) (< ~rjh~0 2) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,737 INFO L444 ceAbstractionStarter]: At program point L361(line 361) the Hoare annotation is: (or (<= 789 ~__ste_client_privateKey0~0) (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (not (= 0 ~__ste_email_isSigned0~0)) (< |old(~__ste_client_privateKey0~0)| 789) (< ~rjh~0 2) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,737 INFO L448 ceAbstractionStarter]: For program point generateKeyPairEXIT(lines 356 365) no Hoare annotation was computed. [2018-11-28 13:00:14,737 INFO L444 ceAbstractionStarter]: At program point L2352(line 2352) the Hoare annotation is: (or (not (= 0 ~__ste_Client_Keyring0_User0~0)) (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (<= |setup_chuck__wrappee__Base_#in~chuck___0| setup_chuck__wrappee__Base_~chuck___0) (not (= 0 ~__ste_email_isSigned0~0)) (not (= ~__ste_Client_Keyring0_User0~0 ~__ste_Client_Keyring0_User1~0)) (< ~rjh~0 2) (not (= ~__ste_email_to0~0 ~__ste_Client_Keyring0_User0~0)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-11-28 13:00:14,737 INFO L451 ceAbstractionStarter]: At program point setup_chuck__wrappee__BaseENTRY(lines 2347 2356) the Hoare annotation is: true [2018-11-28 13:00:14,737 INFO L448 ceAbstractionStarter]: For program point setup_chuck__wrappee__BaseFINAL(lines 2347 2356) no Hoare annotation was computed. [2018-11-28 13:00:14,737 INFO L448 ceAbstractionStarter]: For program point setup_chuck__wrappee__BaseEXIT(lines 2347 2356) no Hoare annotation was computed. [2018-11-28 13:00:14,737 INFO L448 ceAbstractionStarter]: For program point ULTIMATE.initFINAL(line -1) no Hoare annotation was computed. [2018-11-28 13:00:14,737 INFO L444 ceAbstractionStarter]: At program point ULTIMATE.initENTRY(line -1) the Hoare annotation is: (and (= |old(~__ste_email_isSigned0~0)| ~__ste_email_isSigned0~0) (= ~__ste_email_isEncrypted0~0 |old(~__ste_email_isEncrypted0~0)|)) [2018-11-28 13:00:14,737 INFO L448 ceAbstractionStarter]: For program point ULTIMATE.initEXIT(line -1) no Hoare annotation was computed. [2018-11-28 13:00:14,737 INFO L448 ceAbstractionStarter]: For program point chuckKeyAddRjhFINAL(lines 2516 2527) no Hoare annotation was computed. [2018-11-28 13:00:14,737 INFO L444 ceAbstractionStarter]: At program point L2522(line 2522) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse1 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (not (= 0 ~__ste_email_isSigned0~0))) (.cse4 (< ~rjh~0 2)) (.cse5 (not (= ~__ste_email_to0~0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse6 (< ~chuck~0 3)) (.cse7 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) .cse4 .cse5 .cse6 .cse7 (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0)) (or .cse0 .cse1 (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) .cse2 .cse3 .cse4 .cse5 .cse6 .cse7))) [2018-11-28 13:00:14,738 INFO L444 ceAbstractionStarter]: At program point chuckKeyAddRjhENTRY(lines 2516 2527) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse1 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (not (= 0 ~__ste_email_isSigned0~0))) (.cse4 (< ~rjh~0 2)) (.cse5 (not (= ~__ste_email_to0~0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse6 (< ~chuck~0 3)) (.cse7 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) .cse4 .cse5 .cse6 .cse7 (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0)) (or .cse0 .cse1 (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) .cse2 .cse3 .cse4 .cse5 .cse6 .cse7))) [2018-11-28 13:00:14,740 INFO L448 ceAbstractionStarter]: For program point L2521(line 2521) no Hoare annotation was computed. [2018-11-28 13:00:14,741 INFO L451 ceAbstractionStarter]: At program point L2522-1(line 2522) the Hoare annotation is: true [2018-11-28 13:00:14,741 INFO L448 ceAbstractionStarter]: For program point chuckKeyAddRjhEXIT(lines 2516 2527) no Hoare annotation was computed. [2018-11-28 13:00:14,741 INFO L448 ceAbstractionStarter]: For program point L2418-1(line 2418) no Hoare annotation was computed. [2018-11-28 13:00:14,741 INFO L448 ceAbstractionStarter]: For program point setupEXIT(lines 2402 2424) no Hoare annotation was computed. [2018-11-28 13:00:14,741 INFO L451 ceAbstractionStarter]: At program point setupENTRY(lines 2402 2424) the Hoare annotation is: true [2018-11-28 13:00:14,741 INFO L444 ceAbstractionStarter]: At program point L2414(line 2414) the Hoare annotation is: (or (not (= 0 ~__ste_Client_Keyring0_User0~0)) (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (not (= 0 ~__ste_email_isSigned0~0)) (not (= ~__ste_Client_Keyring0_User0~0 ~__ste_Client_Keyring0_User1~0)) (not (= ~__ste_email_to0~0 ~__ste_Client_Keyring0_User0~0)) (and (= 1 ~bob~0) (<= 2 ~rjh~0))) [2018-11-28 13:00:14,741 INFO L448 ceAbstractionStarter]: For program point L2414-1(line 2414) no Hoare annotation was computed. [2018-11-28 13:00:14,741 INFO L448 ceAbstractionStarter]: For program point setupFINAL(lines 2402 2424) no Hoare annotation was computed. [2018-11-28 13:00:14,741 INFO L444 ceAbstractionStarter]: At program point L2410(line 2410) the Hoare annotation is: (or (not (= 0 ~__ste_Client_Keyring0_User0~0)) (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (= 1 ~bob~0) (not (= 0 ~__ste_email_isSigned0~0)) (not (= ~__ste_Client_Keyring0_User0~0 ~__ste_Client_Keyring0_User1~0)) (not (= ~__ste_email_to0~0 ~__ste_Client_Keyring0_User0~0))) [2018-11-28 13:00:14,741 INFO L448 ceAbstractionStarter]: For program point L2410-1(line 2410) no Hoare annotation was computed. [2018-11-28 13:00:14,741 INFO L444 ceAbstractionStarter]: At program point L2418(line 2418) the Hoare annotation is: (or (not (= 0 ~__ste_Client_Keyring0_User0~0)) (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (not (= 0 ~__ste_email_isSigned0~0)) (not (= ~__ste_Client_Keyring0_User0~0 ~__ste_Client_Keyring0_User1~0)) (not (= ~__ste_email_to0~0 ~__ste_Client_Keyring0_User0~0)) (and (<= 3 ~chuck~0) (= 1 ~bob~0) (<= 2 ~rjh~0))) [2018-11-28 13:00:14,741 INFO L448 ceAbstractionStarter]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2018-11-28 13:00:14,741 INFO L444 ceAbstractionStarter]: At program point L-1(line -1) the Hoare annotation is: (and (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0) (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0) (= 0 ~__ste_Client_Keyring0_User0~0) (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) (= ~queue_empty~0 1)) [2018-11-28 13:00:14,742 INFO L451 ceAbstractionStarter]: At program point ULTIMATE.startENTRY(line -1) the Hoare annotation is: true [2018-11-28 13:00:14,742 INFO L448 ceAbstractionStarter]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2018-11-28 13:00:14,747 INFO L448 ceAbstractionStarter]: For program point getEmailFromFINAL(lines 526 544) no Hoare annotation was computed. [2018-11-28 13:00:14,747 INFO L448 ceAbstractionStarter]: For program point getEmailFromEXIT(lines 526 544) no Hoare annotation was computed. [2018-11-28 13:00:14,747 INFO L451 ceAbstractionStarter]: At program point getEmailFromENTRY(lines 526 544) the Hoare annotation is: true [2018-11-28 13:00:14,747 INFO L448 ceAbstractionStarter]: For program point L534(lines 534 540) no Hoare annotation was computed. [2018-11-28 13:00:14,747 INFO L448 ceAbstractionStarter]: For program point L530(lines 530 541) no Hoare annotation was computed. [2018-11-28 13:00:14,747 INFO L448 ceAbstractionStarter]: For program point L1759(lines 1759 1763) no Hoare annotation was computed. [2018-11-28 13:00:14,747 INFO L448 ceAbstractionStarter]: For program point L1759-2(lines 1749 1768) no Hoare annotation was computed. [2018-11-28 13:00:14,747 INFO L448 ceAbstractionStarter]: For program point L1756(lines 1756 1764) no Hoare annotation was computed. [2018-11-28 13:00:14,747 INFO L448 ceAbstractionStarter]: For program point L1753(lines 1753 1765) no Hoare annotation was computed. [2018-11-28 13:00:14,747 INFO L448 ceAbstractionStarter]: For program point setClientKeyringSizeEXIT(lines 1749 1768) no Hoare annotation was computed. [2018-11-28 13:00:14,747 INFO L451 ceAbstractionStarter]: At program point setClientKeyringSizeENTRY(lines 1749 1768) the Hoare annotation is: true [2018-11-28 13:00:14,747 INFO L448 ceAbstractionStarter]: For program point L2144(lines 2144 2152) no Hoare annotation was computed. [2018-11-28 13:00:14,747 INFO L448 ceAbstractionStarter]: For program point L2147-2(lines 2137 2156) no Hoare annotation was computed. [2018-11-28 13:00:14,748 INFO L448 ceAbstractionStarter]: For program point L2141(lines 2141 2153) no Hoare annotation was computed. [2018-11-28 13:00:14,748 INFO L448 ceAbstractionStarter]: For program point setClientIdEXIT(lines 2137 2156) no Hoare annotation was computed. [2018-11-28 13:00:14,748 INFO L451 ceAbstractionStarter]: At program point setClientIdENTRY(lines 2137 2156) the Hoare annotation is: true [2018-11-28 13:00:14,748 INFO L448 ceAbstractionStarter]: For program point L2147(lines 2147 2151) no Hoare annotation was computed. [2018-11-28 13:00:14,766 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 28.11 01:00:14 BoogieIcfgContainer [2018-11-28 13:00:14,766 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2018-11-28 13:00:14,766 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2018-11-28 13:00:14,766 INFO L271 PluginConnector]: Initializing Witness Printer... [2018-11-28 13:00:14,767 INFO L276 PluginConnector]: Witness Printer initialized [2018-11-28 13:00:14,767 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 28.11 12:58:56" (3/4) ... [2018-11-28 13:00:14,771 INFO L144 WitnessPrinter]: Generating witness for correct program [2018-11-28 13:00:14,776 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure bobKeyChange [2018-11-28 13:00:14,776 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isSigned [2018-11-28 13:00:14,776 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure mail [2018-11-28 13:00:14,776 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure valid_product [2018-11-28 13:00:14,776 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure get_queued_client [2018-11-28 13:00:14,776 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isKeyPairValid [2018-11-28 13:00:14,777 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure sign [2018-11-28 13:00:14,777 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure main [2018-11-28 13:00:14,777 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure rjhKeyChange [2018-11-28 13:00:14,777 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setup_rjh [2018-11-28 13:00:14,777 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setEmailIsSigned [2018-11-28 13:00:14,777 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure getClientPrivateKey [2018-11-28 13:00:14,777 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure rjhKeyAdd [2018-11-28 13:00:14,777 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure bobToRjh [2018-11-28 13:00:14,777 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setup_bob [2018-11-28 13:00:14,777 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setEmailEncryptionKey [2018-11-28 13:00:14,777 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure select_features [2018-11-28 13:00:14,777 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setup_bob__wrappee__Base [2018-11-28 13:00:14,777 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure getEmailEncryptionKey [2018-11-28 13:00:14,777 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure outgoing__wrappee__Keys [2018-11-28 13:00:14,778 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure incoming [2018-11-28 13:00:14,778 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure createEmail [2018-11-28 13:00:14,778 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure rjhDeletePrivateKey [2018-11-28 13:00:14,778 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure test [2018-11-28 13:00:14,778 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure getEmailTo [2018-11-28 13:00:14,778 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure get_queued_email [2018-11-28 13:00:14,778 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure incoming__wrappee__Sign [2018-11-28 13:00:14,778 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure getClientKeyringUser [2018-11-28 13:00:14,778 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isReadable__wrappee__Keys [2018-11-28 13:00:14,778 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure __utac_acc__SignForward_spec__1 [2018-11-28 13:00:14,778 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setClientKeyringUser [2018-11-28 13:00:14,778 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setEmailFrom [2018-11-28 13:00:14,778 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isReadable [2018-11-28 13:00:14,778 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure __automaton_fail [2018-11-28 13:00:14,779 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setClientKeyringPublicKey [2018-11-28 13:00:14,779 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setup_rjh__wrappee__Base [2018-11-28 13:00:14,779 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure outgoing [2018-11-28 13:00:14,779 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure select_helpers [2018-11-28 13:00:14,779 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure getClientId [2018-11-28 13:00:14,779 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure deliver [2018-11-28 13:00:14,779 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure createClientKeyringEntry [2018-11-28 13:00:14,779 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setup_chuck [2018-11-28 13:00:14,779 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure findPublicKey [2018-11-28 13:00:14,779 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure outgoing__wrappee__Encrypt [2018-11-28 13:00:14,779 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure sendEmail [2018-11-28 13:00:14,779 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isEncrypted [2018-11-28 13:00:14,779 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure verify [2018-11-28 13:00:14,779 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setEmailIsEncrypted [2018-11-28 13:00:14,780 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure incoming__wrappee__Verify [2018-11-28 13:00:14,780 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure getEmailSignKey [2018-11-28 13:00:14,780 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setClientPrivateKey [2018-11-28 13:00:14,780 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure chuckKeyAdd [2018-11-28 13:00:14,780 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure getClientKeyringSize [2018-11-28 13:00:14,780 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setEmailTo [2018-11-28 13:00:14,780 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setEmailIsSignatureVerified [2018-11-28 13:00:14,780 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure is_queue_empty [2018-11-28 13:00:14,780 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure bobKeyAdd [2018-11-28 13:00:14,780 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure getClientKeyringPublicKey [2018-11-28 13:00:14,780 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setEmailSignKey [2018-11-28 13:00:14,780 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure generateKeyPair [2018-11-28 13:00:14,780 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setup_chuck__wrappee__Base [2018-11-28 13:00:14,781 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure ULTIMATE.init [2018-11-28 13:00:14,781 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure chuckKeyAddRjh [2018-11-28 13:00:14,781 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setup [2018-11-28 13:00:14,781 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure getEmailFrom [2018-11-28 13:00:14,781 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setClientKeyringSize [2018-11-28 13:00:14,781 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setClientId [2018-11-28 13:00:14,796 INFO L905 BoogieBacktranslator]: Reduced CFG by removing 99 nodes and edges [2018-11-28 13:00:14,797 INFO L905 BoogieBacktranslator]: Reduced CFG by removing 48 nodes and edges [2018-11-28 13:00:14,798 INFO L905 BoogieBacktranslator]: Reduced CFG by removing 8 nodes and edges [2018-11-28 13:00:14,799 INFO L905 BoogieBacktranslator]: Reduced CFG by removing 4 nodes and edges [2018-11-28 13:00:14,800 INFO L905 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2018-11-28 13:00:14,835 WARN L221 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) [2018-11-28 13:00:14,835 WARN L221 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) [2018-11-28 13:00:14,836 WARN L221 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) [2018-11-28 13:00:14,836 WARN L221 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) [2018-11-28 13:00:14,836 WARN L221 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) [2018-11-28 13:00:14,837 WARN L221 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) [2018-11-28 13:00:14,837 WARN L221 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) [2018-11-28 13:00:14,837 WARN L221 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) [2018-11-28 13:00:14,837 WARN L221 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) [2018-11-28 13:00:14,837 WARN L221 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) [2018-11-28 13:00:14,837 WARN L221 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) [2018-11-28 13:00:14,838 WARN L221 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) [2018-11-28 13:00:14,970 INFO L145 WitnessManager]: Wrote witness to /tmp/vcloud-vcloud-master/worker/working_dir_69c16468-adf0-42ac-bcca-69aed0e597cf/bin-2019/uautomizer/witness.graphml [2018-11-28 13:00:14,970 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2018-11-28 13:00:14,971 INFO L168 Benchmark]: Toolchain (without parser) took 80184.24 ms. Allocated memory was 1.0 GB in the beginning and 4.9 GB in the end (delta: 3.8 GB). Free memory was 950.6 MB in the beginning and 1.5 GB in the end (delta: -523.6 MB). Peak memory consumption was 3.3 GB. Max. memory is 11.5 GB. [2018-11-28 13:00:14,971 INFO L168 Benchmark]: CDTParser took 0.10 ms. Allocated memory is still 1.0 GB. Free memory is still 979.6 MB. There was no memory consumed. Max. memory is 11.5 GB. [2018-11-28 13:00:14,971 INFO L168 Benchmark]: CACSL2BoogieTranslator took 614.41 ms. Allocated memory was 1.0 GB in the beginning and 1.2 GB in the end (delta: 126.9 MB). Free memory was 950.6 MB in the beginning and 1.1 GB in the end (delta: -126.1 MB). Peak memory consumption was 42.5 MB. Max. memory is 11.5 GB. [2018-11-28 13:00:14,972 INFO L168 Benchmark]: Boogie Procedure Inliner took 36.16 ms. Allocated memory is still 1.2 GB. Free memory is still 1.1 GB. There was no memory consumed. Max. memory is 11.5 GB. [2018-11-28 13:00:14,972 INFO L168 Benchmark]: Boogie Preprocessor took 57.23 ms. Allocated memory is still 1.2 GB. Free memory was 1.1 GB in the beginning and 1.1 GB in the end (delta: 6.8 MB). Peak memory consumption was 6.8 MB. Max. memory is 11.5 GB. [2018-11-28 13:00:14,972 INFO L168 Benchmark]: RCFGBuilder took 967.53 ms. Allocated memory is still 1.2 GB. Free memory was 1.1 GB in the beginning and 936.3 MB in the end (delta: 133.7 MB). Peak memory consumption was 133.7 MB. Max. memory is 11.5 GB. [2018-11-28 13:00:14,972 INFO L168 Benchmark]: TraceAbstraction took 78301.74 ms. Allocated memory was 1.2 GB in the beginning and 4.9 GB in the end (delta: 3.7 GB). Free memory was 936.3 MB in the beginning and 1.5 GB in the end (delta: -537.9 MB). Peak memory consumption was 4.3 GB. Max. memory is 11.5 GB. [2018-11-28 13:00:14,973 INFO L168 Benchmark]: Witness Printer took 203.77 ms. Allocated memory is still 4.9 GB. Free memory is still 1.5 GB. There was no memory consumed. Max. memory is 11.5 GB. [2018-11-28 13:00:14,974 INFO L336 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.10 ms. Allocated memory is still 1.0 GB. Free memory is still 979.6 MB. There was no memory consumed. Max. memory is 11.5 GB. * CACSL2BoogieTranslator took 614.41 ms. Allocated memory was 1.0 GB in the beginning and 1.2 GB in the end (delta: 126.9 MB). Free memory was 950.6 MB in the beginning and 1.1 GB in the end (delta: -126.1 MB). Peak memory consumption was 42.5 MB. Max. memory is 11.5 GB. * Boogie Procedure Inliner took 36.16 ms. Allocated memory is still 1.2 GB. Free memory is still 1.1 GB. There was no memory consumed. Max. memory is 11.5 GB. * Boogie Preprocessor took 57.23 ms. Allocated memory is still 1.2 GB. Free memory was 1.1 GB in the beginning and 1.1 GB in the end (delta: 6.8 MB). Peak memory consumption was 6.8 MB. Max. memory is 11.5 GB. * RCFGBuilder took 967.53 ms. Allocated memory is still 1.2 GB. Free memory was 1.1 GB in the beginning and 936.3 MB in the end (delta: 133.7 MB). Peak memory consumption was 133.7 MB. Max. memory is 11.5 GB. * TraceAbstraction took 78301.74 ms. Allocated memory was 1.2 GB in the beginning and 4.9 GB in the end (delta: 3.7 GB). Free memory was 936.3 MB in the beginning and 1.5 GB in the end (delta: -537.9 MB). Peak memory consumption was 4.3 GB. Max. memory is 11.5 GB. * Witness Printer took 203.77 ms. Allocated memory is still 4.9 GB. Free memory is still 1.5 GB. There was no memory consumed. Max. memory is 11.5 GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - PositiveResult [Line: 440]: call of __VERIFIER_error() unreachable For all program executions holds that call of __VERIFIER_error() unreachable at this location - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 956]: Loop Invariant Derived loop invariant: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) - InvariantResult [Line: 1020]: Loop Invariant Derived loop invariant: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) - InvariantResult [Line: 931]: Loop Invariant Derived loop invariant: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) - InvariantResult [Line: 908]: Loop Invariant Derived loop invariant: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) - InvariantResult [Line: 917]: Loop Invariant Derived loop invariant: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) - InvariantResult [Line: 984]: Loop Invariant Derived loop invariant: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) - InvariantResult [Line: 970]: Loop Invariant Derived loop invariant: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) - InvariantResult [Line: 1034]: Loop Invariant Derived loop invariant: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) - InvariantResult [Line: 942]: Loop Invariant Derived loop invariant: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) - InvariantResult [Line: 1009]: Loop Invariant Derived loop invariant: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) - InvariantResult [Line: 909]: Loop Invariant Derived loop invariant: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) - InvariantResult [Line: 995]: Loop Invariant Derived loop invariant: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) - StatisticsResult: Ultimate Automizer benchmark data CFG has 68 procedures, 469 locations, 1 error locations. SAFE Result, 78.2s OverallTime, 17 OverallIterations, 4 TraceHistogramMax, 22.0s AutomataDifference, 0.0s DeadEndRemovalTime, 42.8s HoareAnnotationTime, HoareTripleCheckerStatistics: 11839 SDtfs, 11313 SDslu, 102555 SDs, 0 SdLazy, 26705 SolverSat, 3675 SolverUnsat, 0 SolverUnknown, 0 SolverNotchecked, 10.8s Time, PredicateUnifierStatistics: 0 DeclaredPredicates, 1870 GetRequests, 1473 SyntacticMatches, 3 SemanticMatches, 394 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4679 ImplicationChecksByTransitivity, 4.0s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=55251occurred in iteration=14, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s AbstIntTime, 0 AbstIntIterations, 0 AbstIntStrong, NaN AbsIntWeakeningRatio, NaN AbsIntAvgWeakeningVarsNumRemoved, NaN AbsIntAvgWeakenedConjuncts, 0.0s DumpTime, AutomataMinimizationStatistics: 6.9s AutomataMinimizationTime, 17 MinimizatonAttempts, 10770 StatesRemovedByMinimization, 14 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 167 LocationsWithAnnotation, 56929 PreInvPairs, 66839 NumberOfFragments, 7258 HoareAnnotationTreeSize, 56929 FomulaSimplifications, 162184 FormulaSimplificationTreeSizeReduction, 7.3s HoareSimplificationTime, 167 FomulaSimplificationsInter, 669383 FormulaSimplificationTreeSizeReductionInter, 34.7s HoareSimplificationTimeInter, RefinementEngineStatistics: TraceCheckStatistics: 0.5s SsaConstructionTime, 1.4s SatisfiabilityAnalysisTime, 3.2s InterpolantComputationTime, 5578 NumberOfCodeBlocks, 5471 NumberOfCodeBlocksAsserted, 22 NumberOfCheckSat, 5556 ConstructedInterpolants, 0 QuantifiedInterpolants, 1973977 SizeOfPredicates, 20 NumberOfNonLiveVariables, 13993 ConjunctsInSsa, 40 ConjunctsInUnsatCore, 22 InterpolantComputations, 17 PerfectInterpolantSequences, 1793/1818 InterpolantCoveringCapability, InvariantSynthesisStatistics: No data available, InterpolantConsolidationStatistics: No data available, ReuseStatistics: No data available RESULT: Ultimate proved your program to be correct! Received shutdown request...