./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/email_spec4_product28_true-unreach-call_true-termination.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 635dfa2a Calling Ultimate with: java -Dosgi.configuration.area=/tmp/vcloud-vcloud-master/worker/working_dir_251a6805-40dc-4b4d-90ba-e7bec03f1268/bin-2019/uautomizer/data/config -Xmx12G -Xms1G -jar /tmp/vcloud-vcloud-master/worker/working_dir_251a6805-40dc-4b4d-90ba-e7bec03f1268/bin-2019/uautomizer/plugins/org.eclipse.equinox.launcher_1.3.100.v20150511-1540.jar -data @noDefault -ultimatedata /tmp/vcloud-vcloud-master/worker/working_dir_251a6805-40dc-4b4d-90ba-e7bec03f1268/bin-2019/uautomizer/data -tc /tmp/vcloud-vcloud-master/worker/working_dir_251a6805-40dc-4b4d-90ba-e7bec03f1268/bin-2019/uautomizer/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/email_spec4_product28_true-unreach-call_true-termination.cil.c -s /tmp/vcloud-vcloud-master/worker/working_dir_251a6805-40dc-4b4d-90ba-e7bec03f1268/bin-2019/uautomizer/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud-vcloud-master/worker/working_dir_251a6805-40dc-4b4d-90ba-e7bec03f1268/bin-2019/uautomizer --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(__VERIFIER_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash c155eed8904feb91bc357673889a45f80c4d03bf ..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................... Execution finished normally Writing output log to file Ultimate.log Result: TRUE --- Real Ultimate output --- This is Ultimate 0.1.23-635dfa2 [2018-12-09 00:36:58,750 INFO L170 SettingsManager]: Resetting all preferences to default values... [2018-12-09 00:36:58,751 INFO L174 SettingsManager]: Resetting UltimateCore preferences to default values [2018-12-09 00:36:58,759 INFO L177 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2018-12-09 00:36:58,759 INFO L174 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2018-12-09 00:36:58,760 INFO L174 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2018-12-09 00:36:58,761 INFO L174 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2018-12-09 00:36:58,762 INFO L174 SettingsManager]: Resetting LassoRanker preferences to default values [2018-12-09 00:36:58,763 INFO L174 SettingsManager]: Resetting Reaching Definitions preferences to default values [2018-12-09 00:36:58,764 INFO L174 SettingsManager]: Resetting SyntaxChecker preferences to default values [2018-12-09 00:36:58,764 INFO L177 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2018-12-09 00:36:58,764 INFO L174 SettingsManager]: Resetting LTL2Aut preferences to default values [2018-12-09 00:36:58,765 INFO L174 SettingsManager]: Resetting PEA to Boogie preferences to default values [2018-12-09 00:36:58,766 INFO L174 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2018-12-09 00:36:58,766 INFO L174 SettingsManager]: Resetting ChcToBoogie preferences to default values [2018-12-09 00:36:58,767 INFO L174 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2018-12-09 00:36:58,767 INFO L174 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2018-12-09 00:36:58,769 INFO L174 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2018-12-09 00:36:58,770 INFO L174 SettingsManager]: Resetting CodeCheck preferences to default values [2018-12-09 00:36:58,770 INFO L174 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2018-12-09 00:36:58,771 INFO L174 SettingsManager]: Resetting RCFGBuilder preferences to default values [2018-12-09 00:36:58,771 INFO L174 SettingsManager]: Resetting TraceAbstraction preferences to default values [2018-12-09 00:36:58,772 INFO L177 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2018-12-09 00:36:58,772 INFO L177 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2018-12-09 00:36:58,772 INFO L174 SettingsManager]: Resetting TreeAutomizer preferences to default values [2018-12-09 00:36:58,773 INFO L174 SettingsManager]: Resetting IcfgTransformer preferences to default values [2018-12-09 00:36:58,773 INFO L174 SettingsManager]: Resetting Boogie Printer preferences to default values [2018-12-09 00:36:58,773 INFO L174 SettingsManager]: Resetting ReqPrinter preferences to default values [2018-12-09 00:36:58,774 INFO L174 SettingsManager]: Resetting Witness Printer preferences to default values [2018-12-09 00:36:58,774 INFO L177 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2018-12-09 00:36:58,774 INFO L174 SettingsManager]: Resetting CDTParser preferences to default values [2018-12-09 00:36:58,775 INFO L177 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2018-12-09 00:36:58,775 INFO L177 SettingsManager]: ReqParser provides no preferences, ignoring... [2018-12-09 00:36:58,775 INFO L174 SettingsManager]: Resetting SmtParser preferences to default values [2018-12-09 00:36:58,775 INFO L174 SettingsManager]: Resetting Witness Parser preferences to default values [2018-12-09 00:36:58,776 INFO L181 SettingsManager]: Finished resetting all preferences to default values... [2018-12-09 00:36:58,776 INFO L98 SettingsManager]: Beginning loading settings from /tmp/vcloud-vcloud-master/worker/working_dir_251a6805-40dc-4b4d-90ba-e7bec03f1268/bin-2019/uautomizer/config/svcomp-Reach-32bit-Automizer_Default.epf [2018-12-09 00:36:58,782 INFO L110 SettingsManager]: Loading preferences was successful [2018-12-09 00:36:58,783 INFO L112 SettingsManager]: Preferences different from defaults after loading the file: [2018-12-09 00:36:58,783 INFO L131 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2018-12-09 00:36:58,783 INFO L133 SettingsManager]: * ... calls to implemented procedures=ONLY_FOR_CONCURRENT_PROGRAMS [2018-12-09 00:36:58,784 INFO L131 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2018-12-09 00:36:58,784 INFO L133 SettingsManager]: * Create parallel compositions if possible=false [2018-12-09 00:36:58,784 INFO L133 SettingsManager]: * Use SBE=true [2018-12-09 00:36:58,784 INFO L131 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2018-12-09 00:36:58,784 INFO L133 SettingsManager]: * sizeof long=4 [2018-12-09 00:36:58,784 INFO L133 SettingsManager]: * Overapproximate operations on floating types=true [2018-12-09 00:36:58,785 INFO L133 SettingsManager]: * sizeof POINTER=4 [2018-12-09 00:36:58,785 INFO L133 SettingsManager]: * Check division by zero=IGNORE [2018-12-09 00:36:58,785 INFO L133 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2018-12-09 00:36:58,785 INFO L133 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2018-12-09 00:36:58,785 INFO L133 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2018-12-09 00:36:58,785 INFO L133 SettingsManager]: * sizeof long double=12 [2018-12-09 00:36:58,785 INFO L133 SettingsManager]: * Check if freed pointer was valid=false [2018-12-09 00:36:58,786 INFO L133 SettingsManager]: * Use constant arrays=true [2018-12-09 00:36:58,786 INFO L133 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2018-12-09 00:36:58,786 INFO L131 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2018-12-09 00:36:58,786 INFO L133 SettingsManager]: * Size of a code block=SequenceOfStatements [2018-12-09 00:36:58,786 INFO L133 SettingsManager]: * To the following directory=./dump/ [2018-12-09 00:36:58,786 INFO L133 SettingsManager]: * SMT solver=External_DefaultMode [2018-12-09 00:36:58,786 INFO L133 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2018-12-09 00:36:58,787 INFO L131 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2018-12-09 00:36:58,787 INFO L133 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2018-12-09 00:36:58,787 INFO L133 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2018-12-09 00:36:58,787 INFO L133 SettingsManager]: * Trace refinement strategy=CAMEL [2018-12-09 00:36:58,787 INFO L133 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2018-12-09 00:36:58,787 INFO L133 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2018-12-09 00:36:58,787 INFO L133 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud-vcloud-master/worker/working_dir_251a6805-40dc-4b4d-90ba-e7bec03f1268/bin-2019/uautomizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(__VERIFIER_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> c155eed8904feb91bc357673889a45f80c4d03bf [2018-12-09 00:36:58,810 INFO L81 nceAwareModelManager]: Repository-Root is: /tmp [2018-12-09 00:36:58,819 INFO L258 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2018-12-09 00:36:58,821 INFO L214 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2018-12-09 00:36:58,822 INFO L271 PluginConnector]: Initializing CDTParser... [2018-12-09 00:36:58,823 INFO L276 PluginConnector]: CDTParser initialized [2018-12-09 00:36:58,823 INFO L418 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud-vcloud-master/worker/working_dir_251a6805-40dc-4b4d-90ba-e7bec03f1268/bin-2019/uautomizer/../../sv-benchmarks/c/product-lines/email_spec4_product28_true-unreach-call_true-termination.cil.c [2018-12-09 00:36:58,861 INFO L221 CDTParser]: Created temporary CDT project at /tmp/vcloud-vcloud-master/worker/working_dir_251a6805-40dc-4b4d-90ba-e7bec03f1268/bin-2019/uautomizer/data/3311cf384/dcb6bafee4ab4c4eb417b808f869f16d/FLAG8267a7325 [2018-12-09 00:36:59,305 INFO L307 CDTParser]: Found 1 translation units. [2018-12-09 00:36:59,306 INFO L161 CDTParser]: Scanning /tmp/vcloud-vcloud-master/worker/working_dir_251a6805-40dc-4b4d-90ba-e7bec03f1268/sv-benchmarks/c/product-lines/email_spec4_product28_true-unreach-call_true-termination.cil.c [2018-12-09 00:36:59,315 INFO L355 CDTParser]: About to delete temporary CDT project at /tmp/vcloud-vcloud-master/worker/working_dir_251a6805-40dc-4b4d-90ba-e7bec03f1268/bin-2019/uautomizer/data/3311cf384/dcb6bafee4ab4c4eb417b808f869f16d/FLAG8267a7325 [2018-12-09 00:36:59,323 INFO L363 CDTParser]: Successfully deleted /tmp/vcloud-vcloud-master/worker/working_dir_251a6805-40dc-4b4d-90ba-e7bec03f1268/bin-2019/uautomizer/data/3311cf384/dcb6bafee4ab4c4eb417b808f869f16d [2018-12-09 00:36:59,325 INFO L296 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2018-12-09 00:36:59,325 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2018-12-09 00:36:59,326 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2018-12-09 00:36:59,326 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2018-12-09 00:36:59,328 INFO L276 PluginConnector]: CACSL2BoogieTranslator initialized [2018-12-09 00:36:59,328 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.12 12:36:59" (1/1) ... [2018-12-09 00:36:59,330 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@6fe15e1a and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.12 12:36:59, skipping insertion in model container [2018-12-09 00:36:59,330 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.12 12:36:59" (1/1) ... [2018-12-09 00:36:59,334 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2018-12-09 00:36:59,363 INFO L176 MainTranslator]: Built tables and reachable declarations [2018-12-09 00:36:59,654 INFO L203 PostProcessor]: Analyzing one entry point: main [2018-12-09 00:36:59,663 INFO L191 MainTranslator]: Completed pre-run [2018-12-09 00:36:59,724 INFO L203 PostProcessor]: Analyzing one entry point: main [2018-12-09 00:36:59,757 INFO L195 MainTranslator]: Completed translation [2018-12-09 00:36:59,757 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.12 12:36:59 WrapperNode [2018-12-09 00:36:59,757 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2018-12-09 00:36:59,758 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2018-12-09 00:36:59,758 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2018-12-09 00:36:59,758 INFO L276 PluginConnector]: Boogie Procedure Inliner initialized [2018-12-09 00:36:59,763 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.12 12:36:59" (1/1) ... [2018-12-09 00:36:59,779 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.12 12:36:59" (1/1) ... [2018-12-09 00:36:59,786 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2018-12-09 00:36:59,786 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2018-12-09 00:36:59,786 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2018-12-09 00:36:59,786 INFO L276 PluginConnector]: Boogie Preprocessor initialized [2018-12-09 00:36:59,792 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.12 12:36:59" (1/1) ... [2018-12-09 00:36:59,792 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.12 12:36:59" (1/1) ... [2018-12-09 00:36:59,797 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.12 12:36:59" (1/1) ... [2018-12-09 00:36:59,797 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.12 12:36:59" (1/1) ... [2018-12-09 00:36:59,810 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.12 12:36:59" (1/1) ... [2018-12-09 00:36:59,818 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.12 12:36:59" (1/1) ... [2018-12-09 00:36:59,821 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.12 12:36:59" (1/1) ... [2018-12-09 00:36:59,826 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2018-12-09 00:36:59,826 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2018-12-09 00:36:59,826 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2018-12-09 00:36:59,826 INFO L276 PluginConnector]: RCFGBuilder initialized [2018-12-09 00:36:59,827 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.12 12:36:59" (1/1) ... No working directory specified, using /tmp/vcloud-vcloud-master/worker/working_dir_251a6805-40dc-4b4d-90ba-e7bec03f1268/bin-2019/uautomizer/z3 Starting monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2018-12-09 00:36:59,866 INFO L130 BoogieDeclarations]: Found specification of procedure get_queued_client [2018-12-09 00:36:59,866 INFO L138 BoogieDeclarations]: Found implementation of procedure get_queued_client [2018-12-09 00:36:59,867 INFO L130 BoogieDeclarations]: Found specification of procedure rjhKeyChange [2018-12-09 00:36:59,867 INFO L138 BoogieDeclarations]: Found implementation of procedure rjhKeyChange [2018-12-09 00:36:59,867 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailIsSigned [2018-12-09 00:36:59,867 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailIsSigned [2018-12-09 00:36:59,867 INFO L130 BoogieDeclarations]: Found specification of procedure getClientPrivateKey [2018-12-09 00:36:59,867 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientPrivateKey [2018-12-09 00:36:59,867 INFO L130 BoogieDeclarations]: Found specification of procedure rjhKeyAdd [2018-12-09 00:36:59,867 INFO L138 BoogieDeclarations]: Found implementation of procedure rjhKeyAdd [2018-12-09 00:36:59,867 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.alloc [2018-12-09 00:36:59,867 INFO L130 BoogieDeclarations]: Found specification of procedure bobToRjh [2018-12-09 00:36:59,868 INFO L138 BoogieDeclarations]: Found implementation of procedure bobToRjh [2018-12-09 00:36:59,868 INFO L130 BoogieDeclarations]: Found specification of procedure setup_bob [2018-12-09 00:36:59,868 INFO L138 BoogieDeclarations]: Found implementation of procedure setup_bob [2018-12-09 00:36:59,868 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailEncryptionKey [2018-12-09 00:36:59,868 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailEncryptionKey [2018-12-09 00:36:59,868 INFO L130 BoogieDeclarations]: Found specification of procedure select_features [2018-12-09 00:36:59,868 INFO L138 BoogieDeclarations]: Found implementation of procedure select_features [2018-12-09 00:36:59,868 INFO L130 BoogieDeclarations]: Found specification of procedure setup_bob__wrappee__Base [2018-12-09 00:36:59,868 INFO L138 BoogieDeclarations]: Found implementation of procedure setup_bob__wrappee__Base [2018-12-09 00:36:59,869 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailEncryptionKey [2018-12-09 00:36:59,869 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailEncryptionKey [2018-12-09 00:36:59,869 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing__wrappee__Keys [2018-12-09 00:36:59,869 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing__wrappee__Keys [2018-12-09 00:36:59,869 INFO L130 BoogieDeclarations]: Found specification of procedure createEmail [2018-12-09 00:36:59,869 INFO L138 BoogieDeclarations]: Found implementation of procedure createEmail [2018-12-09 00:36:59,869 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailTo [2018-12-09 00:36:59,869 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailTo [2018-12-09 00:36:59,869 INFO L130 BoogieDeclarations]: Found specification of procedure get_queued_email [2018-12-09 00:36:59,869 INFO L138 BoogieDeclarations]: Found implementation of procedure get_queued_email [2018-12-09 00:36:59,870 INFO L130 BoogieDeclarations]: Found specification of procedure incoming__wrappee__Sign [2018-12-09 00:36:59,870 INFO L138 BoogieDeclarations]: Found implementation of procedure incoming__wrappee__Sign [2018-12-09 00:36:59,870 INFO L130 BoogieDeclarations]: Found specification of procedure isReadable__wrappee__Keys [2018-12-09 00:36:59,870 INFO L138 BoogieDeclarations]: Found implementation of procedure isReadable__wrappee__Keys [2018-12-09 00:36:59,870 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailFrom [2018-12-09 00:36:59,870 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailFrom [2018-12-09 00:36:59,870 INFO L130 BoogieDeclarations]: Found specification of procedure isReadable [2018-12-09 00:36:59,870 INFO L138 BoogieDeclarations]: Found implementation of procedure isReadable [2018-12-09 00:36:59,870 INFO L130 BoogieDeclarations]: Found specification of procedure setup_rjh__wrappee__Base [2018-12-09 00:36:59,870 INFO L138 BoogieDeclarations]: Found implementation of procedure setup_rjh__wrappee__Base [2018-12-09 00:36:59,870 INFO L130 BoogieDeclarations]: Found specification of procedure getClientId [2018-12-09 00:36:59,871 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientId [2018-12-09 00:36:59,871 INFO L130 BoogieDeclarations]: Found specification of procedure deliver [2018-12-09 00:36:59,871 INFO L138 BoogieDeclarations]: Found implementation of procedure deliver [2018-12-09 00:36:59,871 INFO L130 BoogieDeclarations]: Found specification of procedure createClientKeyringEntry [2018-12-09 00:36:59,871 INFO L138 BoogieDeclarations]: Found implementation of procedure createClientKeyringEntry [2018-12-09 00:36:59,871 INFO L130 BoogieDeclarations]: Found specification of procedure verify [2018-12-09 00:36:59,871 INFO L138 BoogieDeclarations]: Found implementation of procedure verify [2018-12-09 00:36:59,871 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailIsEncrypted [2018-12-09 00:36:59,871 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailIsEncrypted [2018-12-09 00:36:59,871 INFO L130 BoogieDeclarations]: Found specification of procedure incoming__wrappee__Verify [2018-12-09 00:36:59,872 INFO L138 BoogieDeclarations]: Found implementation of procedure incoming__wrappee__Verify [2018-12-09 00:36:59,872 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailSignKey [2018-12-09 00:36:59,872 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailSignKey [2018-12-09 00:36:59,872 INFO L130 BoogieDeclarations]: Found specification of procedure chuckKeyAdd [2018-12-09 00:36:59,872 INFO L138 BoogieDeclarations]: Found implementation of procedure chuckKeyAdd [2018-12-09 00:36:59,872 INFO L130 BoogieDeclarations]: Found specification of procedure getClientKeyringSize [2018-12-09 00:36:59,872 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientKeyringSize [2018-12-09 00:36:59,872 INFO L130 BoogieDeclarations]: Found specification of procedure bobKeyAdd [2018-12-09 00:36:59,872 INFO L138 BoogieDeclarations]: Found implementation of procedure bobKeyAdd [2018-12-09 00:36:59,872 INFO L130 BoogieDeclarations]: Found specification of procedure puts [2018-12-09 00:36:59,872 INFO L130 BoogieDeclarations]: Found specification of procedure setup_chuck__wrappee__Base [2018-12-09 00:36:59,873 INFO L138 BoogieDeclarations]: Found implementation of procedure setup_chuck__wrappee__Base [2018-12-09 00:36:59,873 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.init [2018-12-09 00:36:59,873 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.init [2018-12-09 00:36:59,873 INFO L130 BoogieDeclarations]: Found specification of procedure chuckKeyAddRjh [2018-12-09 00:36:59,873 INFO L138 BoogieDeclarations]: Found implementation of procedure chuckKeyAddRjh [2018-12-09 00:36:59,873 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailFrom [2018-12-09 00:36:59,873 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailFrom [2018-12-09 00:36:59,873 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringSize [2018-12-09 00:36:59,873 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringSize [2018-12-09 00:36:59,873 INFO L130 BoogieDeclarations]: Found specification of procedure setClientId [2018-12-09 00:36:59,873 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientId [2018-12-09 00:36:59,873 INFO L130 BoogieDeclarations]: Found specification of procedure bobKeyChange [2018-12-09 00:36:59,874 INFO L138 BoogieDeclarations]: Found implementation of procedure bobKeyChange [2018-12-09 00:36:59,874 INFO L130 BoogieDeclarations]: Found specification of procedure isSigned [2018-12-09 00:36:59,874 INFO L138 BoogieDeclarations]: Found implementation of procedure isSigned [2018-12-09 00:36:59,874 INFO L130 BoogieDeclarations]: Found specification of procedure mail [2018-12-09 00:36:59,874 INFO L138 BoogieDeclarations]: Found implementation of procedure mail [2018-12-09 00:36:59,874 INFO L130 BoogieDeclarations]: Found specification of procedure valid_product [2018-12-09 00:36:59,874 INFO L138 BoogieDeclarations]: Found implementation of procedure valid_product [2018-12-09 00:36:59,874 INFO L130 BoogieDeclarations]: Found specification of procedure isKeyPairValid [2018-12-09 00:36:59,874 INFO L138 BoogieDeclarations]: Found implementation of procedure isKeyPairValid [2018-12-09 00:36:59,874 INFO L130 BoogieDeclarations]: Found specification of procedure sign [2018-12-09 00:36:59,874 INFO L138 BoogieDeclarations]: Found implementation of procedure sign [2018-12-09 00:36:59,875 INFO L130 BoogieDeclarations]: Found specification of procedure main [2018-12-09 00:36:59,875 INFO L138 BoogieDeclarations]: Found implementation of procedure main [2018-12-09 00:36:59,875 INFO L130 BoogieDeclarations]: Found specification of procedure setup_rjh [2018-12-09 00:36:59,875 INFO L138 BoogieDeclarations]: Found implementation of procedure setup_rjh [2018-12-09 00:36:59,875 INFO L130 BoogieDeclarations]: Found specification of procedure incoming [2018-12-09 00:36:59,875 INFO L138 BoogieDeclarations]: Found implementation of procedure incoming [2018-12-09 00:36:59,875 INFO L130 BoogieDeclarations]: Found specification of procedure rjhDeletePrivateKey [2018-12-09 00:36:59,875 INFO L138 BoogieDeclarations]: Found implementation of procedure rjhDeletePrivateKey [2018-12-09 00:36:59,875 INFO L130 BoogieDeclarations]: Found specification of procedure test [2018-12-09 00:36:59,875 INFO L138 BoogieDeclarations]: Found implementation of procedure test [2018-12-09 00:36:59,875 INFO L130 BoogieDeclarations]: Found specification of procedure getClientKeyringUser [2018-12-09 00:36:59,876 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientKeyringUser [2018-12-09 00:36:59,876 INFO L130 BoogieDeclarations]: Found specification of procedure __utac_acc__SignForward_spec__1 [2018-12-09 00:36:59,876 INFO L138 BoogieDeclarations]: Found implementation of procedure __utac_acc__SignForward_spec__1 [2018-12-09 00:36:59,876 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringUser [2018-12-09 00:36:59,876 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringUser [2018-12-09 00:36:59,876 INFO L130 BoogieDeclarations]: Found specification of procedure __automaton_fail [2018-12-09 00:36:59,876 INFO L138 BoogieDeclarations]: Found implementation of procedure __automaton_fail [2018-12-09 00:36:59,876 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringPublicKey [2018-12-09 00:36:59,876 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringPublicKey [2018-12-09 00:36:59,876 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing [2018-12-09 00:36:59,876 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing [2018-12-09 00:36:59,876 INFO L130 BoogieDeclarations]: Found specification of procedure select_helpers [2018-12-09 00:36:59,877 INFO L138 BoogieDeclarations]: Found implementation of procedure select_helpers [2018-12-09 00:36:59,877 INFO L130 BoogieDeclarations]: Found specification of procedure setup_chuck [2018-12-09 00:36:59,877 INFO L138 BoogieDeclarations]: Found implementation of procedure setup_chuck [2018-12-09 00:36:59,877 INFO L130 BoogieDeclarations]: Found specification of procedure findPublicKey [2018-12-09 00:36:59,877 INFO L138 BoogieDeclarations]: Found implementation of procedure findPublicKey [2018-12-09 00:36:59,877 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing__wrappee__Encrypt [2018-12-09 00:36:59,877 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing__wrappee__Encrypt [2018-12-09 00:36:59,877 INFO L130 BoogieDeclarations]: Found specification of procedure sendEmail [2018-12-09 00:36:59,877 INFO L138 BoogieDeclarations]: Found implementation of procedure sendEmail [2018-12-09 00:36:59,877 INFO L130 BoogieDeclarations]: Found specification of procedure isEncrypted [2018-12-09 00:36:59,877 INFO L138 BoogieDeclarations]: Found implementation of procedure isEncrypted [2018-12-09 00:36:59,878 INFO L130 BoogieDeclarations]: Found specification of procedure setClientPrivateKey [2018-12-09 00:36:59,878 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientPrivateKey [2018-12-09 00:36:59,878 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailTo [2018-12-09 00:36:59,878 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailTo [2018-12-09 00:36:59,878 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailIsSignatureVerified [2018-12-09 00:36:59,878 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailIsSignatureVerified [2018-12-09 00:36:59,878 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2018-12-09 00:36:59,878 INFO L130 BoogieDeclarations]: Found specification of procedure is_queue_empty [2018-12-09 00:36:59,878 INFO L138 BoogieDeclarations]: Found implementation of procedure is_queue_empty [2018-12-09 00:36:59,878 INFO L130 BoogieDeclarations]: Found specification of procedure getClientKeyringPublicKey [2018-12-09 00:36:59,878 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientKeyringPublicKey [2018-12-09 00:36:59,878 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailSignKey [2018-12-09 00:36:59,879 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailSignKey [2018-12-09 00:36:59,879 INFO L130 BoogieDeclarations]: Found specification of procedure generateKeyPair [2018-12-09 00:36:59,879 INFO L138 BoogieDeclarations]: Found implementation of procedure generateKeyPair [2018-12-09 00:36:59,879 INFO L130 BoogieDeclarations]: Found specification of procedure setup [2018-12-09 00:36:59,879 INFO L138 BoogieDeclarations]: Found implementation of procedure setup [2018-12-09 00:36:59,879 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2018-12-09 00:36:59,879 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2018-12-09 00:37:00,539 INFO L275 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2018-12-09 00:37:00,539 INFO L280 CfgBuilder]: Removed 1 assue(true) statements. [2018-12-09 00:37:00,539 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.12 12:37:00 BoogieIcfgContainer [2018-12-09 00:37:00,539 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2018-12-09 00:37:00,540 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2018-12-09 00:37:00,540 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2018-12-09 00:37:00,542 INFO L276 PluginConnector]: TraceAbstraction initialized [2018-12-09 00:37:00,542 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 09.12 12:36:59" (1/3) ... [2018-12-09 00:37:00,543 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@109e034c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.12 12:37:00, skipping insertion in model container [2018-12-09 00:37:00,543 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.12 12:36:59" (2/3) ... [2018-12-09 00:37:00,543 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@109e034c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.12 12:37:00, skipping insertion in model container [2018-12-09 00:37:00,543 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.12 12:37:00" (3/3) ... [2018-12-09 00:37:00,544 INFO L112 eAbstractionObserver]: Analyzing ICFG email_spec4_product28_true-unreach-call_true-termination.cil.c [2018-12-09 00:37:00,550 INFO L156 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2018-12-09 00:37:00,555 INFO L168 ceAbstractionStarter]: Appying trace abstraction to program that has 1 error locations. [2018-12-09 00:37:00,565 INFO L257 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2018-12-09 00:37:00,586 INFO L133 ementStrategyFactory]: Using default assertion order modulation [2018-12-09 00:37:00,587 INFO L382 AbstractCegarLoop]: Interprodecural is true [2018-12-09 00:37:00,587 INFO L383 AbstractCegarLoop]: Hoare is true [2018-12-09 00:37:00,587 INFO L384 AbstractCegarLoop]: Compute interpolants for FPandBP [2018-12-09 00:37:00,587 INFO L385 AbstractCegarLoop]: Backedges is STRAIGHT_LINE [2018-12-09 00:37:00,587 INFO L386 AbstractCegarLoop]: Determinization is PREDICATE_ABSTRACTION [2018-12-09 00:37:00,587 INFO L387 AbstractCegarLoop]: Difference is false [2018-12-09 00:37:00,587 INFO L388 AbstractCegarLoop]: Minimize is MINIMIZE_SEVPA [2018-12-09 00:37:00,587 INFO L393 AbstractCegarLoop]: ======== Iteration 0==of CEGAR loop == AllErrorsAtOnce======== [2018-12-09 00:37:00,604 INFO L276 IsEmpty]: Start isEmpty. Operand 469 states. [2018-12-09 00:37:00,614 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 165 [2018-12-09 00:37:00,615 INFO L394 BasicCegarLoop]: Found error trace [2018-12-09 00:37:00,615 INFO L402 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-12-09 00:37:00,617 INFO L423 AbstractCegarLoop]: === Iteration 1 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-12-09 00:37:00,620 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-12-09 00:37:00,621 INFO L82 PathProgramCache]: Analyzing trace with hash 1048986467, now seen corresponding path program 1 times [2018-12-09 00:37:00,622 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-12-09 00:37:00,622 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-12-09 00:37:00,651 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:00,651 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-12-09 00:37:00,651 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:00,772 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-12-09 00:37:00,865 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 32 trivial. 0 not checked. [2018-12-09 00:37:00,866 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-12-09 00:37:00,867 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2018-12-09 00:37:00,869 INFO L459 AbstractCegarLoop]: Interpolant automaton has 2 states [2018-12-09 00:37:00,877 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2018-12-09 00:37:00,878 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2018-12-09 00:37:00,879 INFO L87 Difference]: Start difference. First operand 469 states. Second operand 2 states. [2018-12-09 00:37:00,920 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-12-09 00:37:00,920 INFO L93 Difference]: Finished difference Result 715 states and 948 transitions. [2018-12-09 00:37:00,920 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2018-12-09 00:37:00,921 INFO L78 Accepts]: Start accepts. Automaton has 2 states. Word has length 164 [2018-12-09 00:37:00,921 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-12-09 00:37:00,931 INFO L225 Difference]: With dead ends: 715 [2018-12-09 00:37:00,932 INFO L226 Difference]: Without dead ends: 458 [2018-12-09 00:37:00,935 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2018-12-09 00:37:00,947 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 458 states. [2018-12-09 00:37:00,978 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 458 to 458. [2018-12-09 00:37:00,979 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 458 states. [2018-12-09 00:37:00,981 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 458 states to 458 states and 611 transitions. [2018-12-09 00:37:00,982 INFO L78 Accepts]: Start accepts. Automaton has 458 states and 611 transitions. Word has length 164 [2018-12-09 00:37:00,984 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-12-09 00:37:00,984 INFO L480 AbstractCegarLoop]: Abstraction has 458 states and 611 transitions. [2018-12-09 00:37:00,984 INFO L481 AbstractCegarLoop]: Interpolant automaton has 2 states. [2018-12-09 00:37:00,984 INFO L276 IsEmpty]: Start isEmpty. Operand 458 states and 611 transitions. [2018-12-09 00:37:00,987 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 166 [2018-12-09 00:37:00,987 INFO L394 BasicCegarLoop]: Found error trace [2018-12-09 00:37:00,988 INFO L402 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-12-09 00:37:00,988 INFO L423 AbstractCegarLoop]: === Iteration 2 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-12-09 00:37:00,988 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-12-09 00:37:00,988 INFO L82 PathProgramCache]: Analyzing trace with hash 618517395, now seen corresponding path program 1 times [2018-12-09 00:37:00,988 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-12-09 00:37:00,988 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-12-09 00:37:00,989 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:00,989 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-12-09 00:37:00,989 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:01,022 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-12-09 00:37:01,115 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 32 trivial. 0 not checked. [2018-12-09 00:37:01,115 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-12-09 00:37:01,115 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2018-12-09 00:37:01,116 INFO L459 AbstractCegarLoop]: Interpolant automaton has 3 states [2018-12-09 00:37:01,116 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2018-12-09 00:37:01,116 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2018-12-09 00:37:01,116 INFO L87 Difference]: Start difference. First operand 458 states and 611 transitions. Second operand 3 states. [2018-12-09 00:37:01,147 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-12-09 00:37:01,147 INFO L93 Difference]: Finished difference Result 698 states and 916 transitions. [2018-12-09 00:37:01,147 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2018-12-09 00:37:01,147 INFO L78 Accepts]: Start accepts. Automaton has 3 states. Word has length 165 [2018-12-09 00:37:01,148 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-12-09 00:37:01,151 INFO L225 Difference]: With dead ends: 698 [2018-12-09 00:37:01,151 INFO L226 Difference]: Without dead ends: 461 [2018-12-09 00:37:01,153 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2018-12-09 00:37:01,153 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 461 states. [2018-12-09 00:37:01,167 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 461 to 460. [2018-12-09 00:37:01,167 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 460 states. [2018-12-09 00:37:01,169 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 460 states to 460 states and 613 transitions. [2018-12-09 00:37:01,169 INFO L78 Accepts]: Start accepts. Automaton has 460 states and 613 transitions. Word has length 165 [2018-12-09 00:37:01,169 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-12-09 00:37:01,169 INFO L480 AbstractCegarLoop]: Abstraction has 460 states and 613 transitions. [2018-12-09 00:37:01,169 INFO L481 AbstractCegarLoop]: Interpolant automaton has 3 states. [2018-12-09 00:37:01,169 INFO L276 IsEmpty]: Start isEmpty. Operand 460 states and 613 transitions. [2018-12-09 00:37:01,171 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 172 [2018-12-09 00:37:01,171 INFO L394 BasicCegarLoop]: Found error trace [2018-12-09 00:37:01,171 INFO L402 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-12-09 00:37:01,171 INFO L423 AbstractCegarLoop]: === Iteration 3 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-12-09 00:37:01,172 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-12-09 00:37:01,172 INFO L82 PathProgramCache]: Analyzing trace with hash -1922852473, now seen corresponding path program 1 times [2018-12-09 00:37:01,172 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-12-09 00:37:01,172 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-12-09 00:37:01,172 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:01,172 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-12-09 00:37:01,172 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:01,196 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-12-09 00:37:01,245 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 32 trivial. 0 not checked. [2018-12-09 00:37:01,245 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-12-09 00:37:01,245 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2018-12-09 00:37:01,245 INFO L459 AbstractCegarLoop]: Interpolant automaton has 3 states [2018-12-09 00:37:01,246 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2018-12-09 00:37:01,246 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2018-12-09 00:37:01,246 INFO L87 Difference]: Start difference. First operand 460 states and 613 transitions. Second operand 3 states. [2018-12-09 00:37:01,270 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-12-09 00:37:01,270 INFO L93 Difference]: Finished difference Result 894 states and 1221 transitions. [2018-12-09 00:37:01,270 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2018-12-09 00:37:01,270 INFO L78 Accepts]: Start accepts. Automaton has 3 states. Word has length 171 [2018-12-09 00:37:01,271 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-12-09 00:37:01,273 INFO L225 Difference]: With dead ends: 894 [2018-12-09 00:37:01,273 INFO L226 Difference]: Without dead ends: 499 [2018-12-09 00:37:01,275 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2018-12-09 00:37:01,276 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 499 states. [2018-12-09 00:37:01,293 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 499 to 498. [2018-12-09 00:37:01,293 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 498 states. [2018-12-09 00:37:01,296 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 498 states to 498 states and 679 transitions. [2018-12-09 00:37:01,296 INFO L78 Accepts]: Start accepts. Automaton has 498 states and 679 transitions. Word has length 171 [2018-12-09 00:37:01,296 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-12-09 00:37:01,296 INFO L480 AbstractCegarLoop]: Abstraction has 498 states and 679 transitions. [2018-12-09 00:37:01,296 INFO L481 AbstractCegarLoop]: Interpolant automaton has 3 states. [2018-12-09 00:37:01,297 INFO L276 IsEmpty]: Start isEmpty. Operand 498 states and 679 transitions. [2018-12-09 00:37:01,299 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 173 [2018-12-09 00:37:01,299 INFO L394 BasicCegarLoop]: Found error trace [2018-12-09 00:37:01,299 INFO L402 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-12-09 00:37:01,300 INFO L423 AbstractCegarLoop]: === Iteration 4 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-12-09 00:37:01,300 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-12-09 00:37:01,300 INFO L82 PathProgramCache]: Analyzing trace with hash -519889127, now seen corresponding path program 1 times [2018-12-09 00:37:01,300 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-12-09 00:37:01,300 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-12-09 00:37:01,301 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:01,301 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-12-09 00:37:01,301 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:01,331 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-12-09 00:37:01,416 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 34 trivial. 0 not checked. [2018-12-09 00:37:01,416 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-12-09 00:37:01,417 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2018-12-09 00:37:01,417 INFO L459 AbstractCegarLoop]: Interpolant automaton has 7 states [2018-12-09 00:37:01,417 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2018-12-09 00:37:01,417 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2018-12-09 00:37:01,417 INFO L87 Difference]: Start difference. First operand 498 states and 679 transitions. Second operand 7 states. [2018-12-09 00:37:02,762 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-12-09 00:37:02,763 INFO L93 Difference]: Finished difference Result 954 states and 1267 transitions. [2018-12-09 00:37:02,763 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2018-12-09 00:37:02,763 INFO L78 Accepts]: Start accepts. Automaton has 7 states. Word has length 172 [2018-12-09 00:37:02,763 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-12-09 00:37:02,767 INFO L225 Difference]: With dead ends: 954 [2018-12-09 00:37:02,767 INFO L226 Difference]: Without dead ends: 733 [2018-12-09 00:37:02,768 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 20 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 10 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=43, Invalid=113, Unknown=0, NotChecked=0, Total=156 [2018-12-09 00:37:02,769 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 733 states. [2018-12-09 00:37:02,793 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 733 to 724. [2018-12-09 00:37:02,793 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 724 states. [2018-12-09 00:37:02,795 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 724 states to 724 states and 971 transitions. [2018-12-09 00:37:02,796 INFO L78 Accepts]: Start accepts. Automaton has 724 states and 971 transitions. Word has length 172 [2018-12-09 00:37:02,796 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-12-09 00:37:02,796 INFO L480 AbstractCegarLoop]: Abstraction has 724 states and 971 transitions. [2018-12-09 00:37:02,797 INFO L481 AbstractCegarLoop]: Interpolant automaton has 7 states. [2018-12-09 00:37:02,797 INFO L276 IsEmpty]: Start isEmpty. Operand 724 states and 971 transitions. [2018-12-09 00:37:02,799 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 174 [2018-12-09 00:37:02,799 INFO L394 BasicCegarLoop]: Found error trace [2018-12-09 00:37:02,800 INFO L402 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-12-09 00:37:02,800 INFO L423 AbstractCegarLoop]: === Iteration 5 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-12-09 00:37:02,800 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-12-09 00:37:02,801 INFO L82 PathProgramCache]: Analyzing trace with hash 1975092219, now seen corresponding path program 1 times [2018-12-09 00:37:02,801 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-12-09 00:37:02,801 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-12-09 00:37:02,801 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:02,802 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-12-09 00:37:02,802 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:02,829 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-12-09 00:37:02,992 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 34 trivial. 0 not checked. [2018-12-09 00:37:02,992 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-12-09 00:37:02,992 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [18] imperfect sequences [] total 18 [2018-12-09 00:37:02,992 INFO L459 AbstractCegarLoop]: Interpolant automaton has 18 states [2018-12-09 00:37:02,992 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 18 interpolants. [2018-12-09 00:37:02,993 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=33, Invalid=273, Unknown=0, NotChecked=0, Total=306 [2018-12-09 00:37:02,993 INFO L87 Difference]: Start difference. First operand 724 states and 971 transitions. Second operand 18 states. [2018-12-09 00:37:03,229 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-12-09 00:37:03,229 INFO L93 Difference]: Finished difference Result 1249 states and 1659 transitions. [2018-12-09 00:37:03,230 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2018-12-09 00:37:03,230 INFO L78 Accepts]: Start accepts. Automaton has 18 states. Word has length 173 [2018-12-09 00:37:03,230 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-12-09 00:37:03,232 INFO L225 Difference]: With dead ends: 1249 [2018-12-09 00:37:03,232 INFO L226 Difference]: Without dead ends: 774 [2018-12-09 00:37:03,234 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 25 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 23 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 21 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=61, Invalid=539, Unknown=0, NotChecked=0, Total=600 [2018-12-09 00:37:03,234 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 774 states. [2018-12-09 00:37:03,252 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 774 to 770. [2018-12-09 00:37:03,252 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 770 states. [2018-12-09 00:37:03,254 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 770 states to 770 states and 1034 transitions. [2018-12-09 00:37:03,255 INFO L78 Accepts]: Start accepts. Automaton has 770 states and 1034 transitions. Word has length 173 [2018-12-09 00:37:03,255 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-12-09 00:37:03,255 INFO L480 AbstractCegarLoop]: Abstraction has 770 states and 1034 transitions. [2018-12-09 00:37:03,255 INFO L481 AbstractCegarLoop]: Interpolant automaton has 18 states. [2018-12-09 00:37:03,255 INFO L276 IsEmpty]: Start isEmpty. Operand 770 states and 1034 transitions. [2018-12-09 00:37:03,257 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 183 [2018-12-09 00:37:03,257 INFO L394 BasicCegarLoop]: Found error trace [2018-12-09 00:37:03,258 INFO L402 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-12-09 00:37:03,258 INFO L423 AbstractCegarLoop]: === Iteration 6 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-12-09 00:37:03,258 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-12-09 00:37:03,258 INFO L82 PathProgramCache]: Analyzing trace with hash -148397632, now seen corresponding path program 1 times [2018-12-09 00:37:03,258 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-12-09 00:37:03,258 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-12-09 00:37:03,259 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:03,259 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-12-09 00:37:03,259 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:03,280 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-12-09 00:37:03,345 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 34 trivial. 0 not checked. [2018-12-09 00:37:03,346 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-12-09 00:37:03,346 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2018-12-09 00:37:03,346 INFO L459 AbstractCegarLoop]: Interpolant automaton has 8 states [2018-12-09 00:37:03,346 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2018-12-09 00:37:03,346 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2018-12-09 00:37:03,347 INFO L87 Difference]: Start difference. First operand 770 states and 1034 transitions. Second operand 8 states. [2018-12-09 00:37:03,655 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-12-09 00:37:03,655 INFO L93 Difference]: Finished difference Result 1455 states and 1940 transitions. [2018-12-09 00:37:03,656 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2018-12-09 00:37:03,656 INFO L78 Accepts]: Start accepts. Automaton has 8 states. Word has length 182 [2018-12-09 00:37:03,656 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-12-09 00:37:03,659 INFO L225 Difference]: With dead ends: 1455 [2018-12-09 00:37:03,660 INFO L226 Difference]: Without dead ends: 1296 [2018-12-09 00:37:03,660 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 2 SyntacticMatches, 1 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 10 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=33, Invalid=123, Unknown=0, NotChecked=0, Total=156 [2018-12-09 00:37:03,662 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1296 states. [2018-12-09 00:37:03,691 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1296 to 1283. [2018-12-09 00:37:03,692 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 1283 states. [2018-12-09 00:37:03,695 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1283 states to 1283 states and 1714 transitions. [2018-12-09 00:37:03,696 INFO L78 Accepts]: Start accepts. Automaton has 1283 states and 1714 transitions. Word has length 182 [2018-12-09 00:37:03,696 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-12-09 00:37:03,696 INFO L480 AbstractCegarLoop]: Abstraction has 1283 states and 1714 transitions. [2018-12-09 00:37:03,696 INFO L481 AbstractCegarLoop]: Interpolant automaton has 8 states. [2018-12-09 00:37:03,696 INFO L276 IsEmpty]: Start isEmpty. Operand 1283 states and 1714 transitions. [2018-12-09 00:37:03,699 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 184 [2018-12-09 00:37:03,699 INFO L394 BasicCegarLoop]: Found error trace [2018-12-09 00:37:03,699 INFO L402 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-12-09 00:37:03,699 INFO L423 AbstractCegarLoop]: === Iteration 7 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-12-09 00:37:03,699 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-12-09 00:37:03,700 INFO L82 PathProgramCache]: Analyzing trace with hash -116097865, now seen corresponding path program 1 times [2018-12-09 00:37:03,700 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-12-09 00:37:03,700 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-12-09 00:37:03,700 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:03,700 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-12-09 00:37:03,701 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:03,725 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-12-09 00:37:03,903 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 3 proven. 0 refuted. 0 times theorem prover too weak. 31 trivial. 0 not checked. [2018-12-09 00:37:03,903 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-12-09 00:37:03,903 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [17] imperfect sequences [] total 17 [2018-12-09 00:37:03,904 INFO L459 AbstractCegarLoop]: Interpolant automaton has 17 states [2018-12-09 00:37:03,904 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 17 interpolants. [2018-12-09 00:37:03,904 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=31, Invalid=241, Unknown=0, NotChecked=0, Total=272 [2018-12-09 00:37:03,904 INFO L87 Difference]: Start difference. First operand 1283 states and 1714 transitions. Second operand 17 states. [2018-12-09 00:37:04,303 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-12-09 00:37:04,303 INFO L93 Difference]: Finished difference Result 1748 states and 2313 transitions. [2018-12-09 00:37:04,303 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 17 states. [2018-12-09 00:37:04,303 INFO L78 Accepts]: Start accepts. Automaton has 17 states. Word has length 183 [2018-12-09 00:37:04,304 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-12-09 00:37:04,307 INFO L225 Difference]: With dead ends: 1748 [2018-12-09 00:37:04,307 INFO L226 Difference]: Without dead ends: 1282 [2018-12-09 00:37:04,309 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 32 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 29 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 84 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=101, Invalid=829, Unknown=0, NotChecked=0, Total=930 [2018-12-09 00:37:04,310 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1282 states. [2018-12-09 00:37:04,338 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1282 to 1281. [2018-12-09 00:37:04,338 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 1281 states. [2018-12-09 00:37:04,341 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1281 states to 1281 states and 1709 transitions. [2018-12-09 00:37:04,341 INFO L78 Accepts]: Start accepts. Automaton has 1281 states and 1709 transitions. Word has length 183 [2018-12-09 00:37:04,341 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-12-09 00:37:04,341 INFO L480 AbstractCegarLoop]: Abstraction has 1281 states and 1709 transitions. [2018-12-09 00:37:04,342 INFO L481 AbstractCegarLoop]: Interpolant automaton has 17 states. [2018-12-09 00:37:04,342 INFO L276 IsEmpty]: Start isEmpty. Operand 1281 states and 1709 transitions. [2018-12-09 00:37:04,343 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 184 [2018-12-09 00:37:04,344 INFO L394 BasicCegarLoop]: Found error trace [2018-12-09 00:37:04,344 INFO L402 BasicCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-12-09 00:37:04,344 INFO L423 AbstractCegarLoop]: === Iteration 8 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-12-09 00:37:04,344 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-12-09 00:37:04,344 INFO L82 PathProgramCache]: Analyzing trace with hash -1461413315, now seen corresponding path program 2 times [2018-12-09 00:37:04,344 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-12-09 00:37:04,344 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-12-09 00:37:04,345 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:04,345 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-12-09 00:37:04,345 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:04,365 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-12-09 00:37:04,462 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 0 proven. 3 refuted. 0 times theorem prover too weak. 31 trivial. 0 not checked. [2018-12-09 00:37:04,462 INFO L300 seRefinementStrategy]: The current sequences of interpolants are not accepted, trying to find more. [2018-12-09 00:37:04,462 INFO L223 ckRefinementStrategy]: Switched to mode Z3_FP No working directory specified, using /tmp/vcloud-vcloud-master/worker/working_dir_251a6805-40dc-4b4d-90ba-e7bec03f1268/bin-2019/uautomizer/z3 Starting monitored process 2 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 2 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 [2018-12-09 00:37:04,468 INFO L103 rtionOrderModulation]: Keeping assertion order OUTSIDE_LOOP_FIRST1 [2018-12-09 00:37:04,648 INFO L249 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST1 issued 1 check-sat command(s) [2018-12-09 00:37:04,648 INFO L250 tOrderPrioritization]: Conjunction of SSA is unsat [2018-12-09 00:37:04,661 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-12-09 00:37:04,816 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 8 proven. 0 refuted. 0 times theorem prover too weak. 26 trivial. 0 not checked. [2018-12-09 00:37:04,842 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 1 imperfect interpolant sequences. [2018-12-09 00:37:04,842 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [8] imperfect sequences [11] total 17 [2018-12-09 00:37:04,843 INFO L459 AbstractCegarLoop]: Interpolant automaton has 17 states [2018-12-09 00:37:04,843 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 17 interpolants. [2018-12-09 00:37:04,843 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=32, Invalid=240, Unknown=0, NotChecked=0, Total=272 [2018-12-09 00:37:04,843 INFO L87 Difference]: Start difference. First operand 1281 states and 1709 transitions. Second operand 17 states. [2018-12-09 00:37:05,797 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-12-09 00:37:05,797 INFO L93 Difference]: Finished difference Result 2876 states and 3849 transitions. [2018-12-09 00:37:05,797 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 28 states. [2018-12-09 00:37:05,797 INFO L78 Accepts]: Start accepts. Automaton has 17 states. Word has length 183 [2018-12-09 00:37:05,798 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-12-09 00:37:05,806 INFO L225 Difference]: With dead ends: 2876 [2018-12-09 00:37:05,807 INFO L226 Difference]: Without dead ends: 2190 [2018-12-09 00:37:05,809 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 224 GetRequests, 184 SyntacticMatches, 0 SemanticMatches, 40 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 289 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=199, Invalid=1523, Unknown=0, NotChecked=0, Total=1722 [2018-12-09 00:37:05,812 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2190 states. [2018-12-09 00:37:05,881 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2190 to 2171. [2018-12-09 00:37:05,881 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 2171 states. [2018-12-09 00:37:05,886 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2171 states to 2171 states and 2926 transitions. [2018-12-09 00:37:05,886 INFO L78 Accepts]: Start accepts. Automaton has 2171 states and 2926 transitions. Word has length 183 [2018-12-09 00:37:05,886 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-12-09 00:37:05,887 INFO L480 AbstractCegarLoop]: Abstraction has 2171 states and 2926 transitions. [2018-12-09 00:37:05,887 INFO L481 AbstractCegarLoop]: Interpolant automaton has 17 states. [2018-12-09 00:37:05,887 INFO L276 IsEmpty]: Start isEmpty. Operand 2171 states and 2926 transitions. [2018-12-09 00:37:05,892 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 304 [2018-12-09 00:37:05,892 INFO L394 BasicCegarLoop]: Found error trace [2018-12-09 00:37:05,892 INFO L402 BasicCegarLoop]: trace histogram [4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-12-09 00:37:05,892 INFO L423 AbstractCegarLoop]: === Iteration 9 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-12-09 00:37:05,893 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-12-09 00:37:05,893 INFO L82 PathProgramCache]: Analyzing trace with hash -1371233659, now seen corresponding path program 1 times [2018-12-09 00:37:05,893 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-12-09 00:37:05,893 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-12-09 00:37:05,893 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:05,893 INFO L101 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY [2018-12-09 00:37:05,893 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:05,921 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-12-09 00:37:06,131 INFO L134 CoverageAnalysis]: Checked inductivity of 115 backedges. 24 proven. 14 refuted. 0 times theorem prover too weak. 77 trivial. 0 not checked. [2018-12-09 00:37:06,131 INFO L300 seRefinementStrategy]: The current sequences of interpolants are not accepted, trying to find more. [2018-12-09 00:37:06,131 INFO L223 ckRefinementStrategy]: Switched to mode Z3_FP No working directory specified, using /tmp/vcloud-vcloud-master/worker/working_dir_251a6805-40dc-4b4d-90ba-e7bec03f1268/bin-2019/uautomizer/z3 Starting monitored process 3 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 3 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 [2018-12-09 00:37:06,139 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-12-09 00:37:06,385 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-12-09 00:37:06,397 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-12-09 00:37:06,608 INFO L134 CoverageAnalysis]: Checked inductivity of 115 backedges. 24 proven. 0 refuted. 0 times theorem prover too weak. 91 trivial. 0 not checked. [2018-12-09 00:37:06,625 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 1 imperfect interpolant sequences. [2018-12-09 00:37:06,625 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [9] imperfect sequences [21] total 28 [2018-12-09 00:37:06,626 INFO L459 AbstractCegarLoop]: Interpolant automaton has 28 states [2018-12-09 00:37:06,626 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 28 interpolants. [2018-12-09 00:37:06,626 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=64, Invalid=692, Unknown=0, NotChecked=0, Total=756 [2018-12-09 00:37:06,626 INFO L87 Difference]: Start difference. First operand 2171 states and 2926 transitions. Second operand 28 states. [2018-12-09 00:37:12,825 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-12-09 00:37:12,825 INFO L93 Difference]: Finished difference Result 14056 states and 19127 transitions. [2018-12-09 00:37:12,826 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 91 states. [2018-12-09 00:37:12,826 INFO L78 Accepts]: Start accepts. Automaton has 28 states. Word has length 303 [2018-12-09 00:37:12,826 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-12-09 00:37:12,857 INFO L225 Difference]: With dead ends: 14056 [2018-12-09 00:37:12,857 INFO L226 Difference]: Without dead ends: 11873 [2018-12-09 00:37:12,865 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 440 GetRequests, 325 SyntacticMatches, 1 SemanticMatches, 114 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3881 ImplicationChecksByTransitivity, 1.4s TimeCoverageRelationStatistics Valid=938, Invalid=12402, Unknown=0, NotChecked=0, Total=13340 [2018-12-09 00:37:12,874 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 11873 states. [2018-12-09 00:37:13,175 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 11873 to 10523. [2018-12-09 00:37:13,175 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 10523 states. [2018-12-09 00:37:13,193 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10523 states to 10523 states and 14202 transitions. [2018-12-09 00:37:13,194 INFO L78 Accepts]: Start accepts. Automaton has 10523 states and 14202 transitions. Word has length 303 [2018-12-09 00:37:13,194 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-12-09 00:37:13,194 INFO L480 AbstractCegarLoop]: Abstraction has 10523 states and 14202 transitions. [2018-12-09 00:37:13,194 INFO L481 AbstractCegarLoop]: Interpolant automaton has 28 states. [2018-12-09 00:37:13,194 INFO L276 IsEmpty]: Start isEmpty. Operand 10523 states and 14202 transitions. [2018-12-09 00:37:13,213 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 309 [2018-12-09 00:37:13,213 INFO L394 BasicCegarLoop]: Found error trace [2018-12-09 00:37:13,214 INFO L402 BasicCegarLoop]: trace histogram [4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-12-09 00:37:13,214 INFO L423 AbstractCegarLoop]: === Iteration 10 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-12-09 00:37:13,214 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-12-09 00:37:13,214 INFO L82 PathProgramCache]: Analyzing trace with hash 551750843, now seen corresponding path program 1 times [2018-12-09 00:37:13,214 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-12-09 00:37:13,214 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-12-09 00:37:13,215 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:13,215 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-12-09 00:37:13,215 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:13,234 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-12-09 00:37:13,303 INFO L134 CoverageAnalysis]: Checked inductivity of 115 backedges. 21 proven. 0 refuted. 0 times theorem prover too weak. 94 trivial. 0 not checked. [2018-12-09 00:37:13,303 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-12-09 00:37:13,303 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2018-12-09 00:37:13,303 INFO L459 AbstractCegarLoop]: Interpolant automaton has 5 states [2018-12-09 00:37:13,303 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2018-12-09 00:37:13,303 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2018-12-09 00:37:13,304 INFO L87 Difference]: Start difference. First operand 10523 states and 14202 transitions. Second operand 5 states. [2018-12-09 00:37:13,539 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-12-09 00:37:13,539 INFO L93 Difference]: Finished difference Result 17464 states and 23408 transitions. [2018-12-09 00:37:13,539 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2018-12-09 00:37:13,539 INFO L78 Accepts]: Start accepts. Automaton has 5 states. Word has length 308 [2018-12-09 00:37:13,540 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-12-09 00:37:13,563 INFO L225 Difference]: With dead ends: 17464 [2018-12-09 00:37:13,563 INFO L226 Difference]: Without dead ends: 10417 [2018-12-09 00:37:13,575 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2018-12-09 00:37:13,582 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 10417 states. [2018-12-09 00:37:13,823 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 10417 to 10413. [2018-12-09 00:37:13,823 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 10413 states. [2018-12-09 00:37:13,839 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10413 states to 10413 states and 14012 transitions. [2018-12-09 00:37:13,840 INFO L78 Accepts]: Start accepts. Automaton has 10413 states and 14012 transitions. Word has length 308 [2018-12-09 00:37:13,841 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-12-09 00:37:13,841 INFO L480 AbstractCegarLoop]: Abstraction has 10413 states and 14012 transitions. [2018-12-09 00:37:13,841 INFO L481 AbstractCegarLoop]: Interpolant automaton has 5 states. [2018-12-09 00:37:13,841 INFO L276 IsEmpty]: Start isEmpty. Operand 10413 states and 14012 transitions. [2018-12-09 00:37:13,856 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 307 [2018-12-09 00:37:13,856 INFO L394 BasicCegarLoop]: Found error trace [2018-12-09 00:37:13,857 INFO L402 BasicCegarLoop]: trace histogram [4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-12-09 00:37:13,857 INFO L423 AbstractCegarLoop]: === Iteration 11 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-12-09 00:37:13,857 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-12-09 00:37:13,857 INFO L82 PathProgramCache]: Analyzing trace with hash -68761839, now seen corresponding path program 1 times [2018-12-09 00:37:13,857 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-12-09 00:37:13,857 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-12-09 00:37:13,858 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:13,858 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-12-09 00:37:13,858 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:13,878 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-12-09 00:37:13,987 INFO L134 CoverageAnalysis]: Checked inductivity of 116 backedges. 21 proven. 3 refuted. 0 times theorem prover too weak. 92 trivial. 0 not checked. [2018-12-09 00:37:13,987 INFO L300 seRefinementStrategy]: The current sequences of interpolants are not accepted, trying to find more. [2018-12-09 00:37:13,987 INFO L223 ckRefinementStrategy]: Switched to mode Z3_FP No working directory specified, using /tmp/vcloud-vcloud-master/worker/working_dir_251a6805-40dc-4b4d-90ba-e7bec03f1268/bin-2019/uautomizer/z3 Starting monitored process 4 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 4 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 [2018-12-09 00:37:13,993 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-12-09 00:37:14,200 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-12-09 00:37:14,210 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-12-09 00:37:14,295 INFO L134 CoverageAnalysis]: Checked inductivity of 116 backedges. 24 proven. 0 refuted. 0 times theorem prover too weak. 92 trivial. 0 not checked. [2018-12-09 00:37:14,312 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 1 imperfect interpolant sequences. [2018-12-09 00:37:14,312 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [7] imperfect sequences [11] total 16 [2018-12-09 00:37:14,312 INFO L459 AbstractCegarLoop]: Interpolant automaton has 16 states [2018-12-09 00:37:14,312 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 16 interpolants. [2018-12-09 00:37:14,312 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=33, Invalid=207, Unknown=0, NotChecked=0, Total=240 [2018-12-09 00:37:14,313 INFO L87 Difference]: Start difference. First operand 10413 states and 14012 transitions. Second operand 16 states. [2018-12-09 00:37:15,227 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-12-09 00:37:15,228 INFO L93 Difference]: Finished difference Result 21335 states and 28794 transitions. [2018-12-09 00:37:15,228 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 16 states. [2018-12-09 00:37:15,228 INFO L78 Accepts]: Start accepts. Automaton has 16 states. Word has length 306 [2018-12-09 00:37:15,228 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-12-09 00:37:15,256 INFO L225 Difference]: With dead ends: 21335 [2018-12-09 00:37:15,256 INFO L226 Difference]: Without dead ends: 10769 [2018-12-09 00:37:15,269 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 333 GetRequests, 306 SyntacticMatches, 0 SemanticMatches, 27 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 60 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=121, Invalid=691, Unknown=0, NotChecked=0, Total=812 [2018-12-09 00:37:15,277 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 10769 states. [2018-12-09 00:37:15,576 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 10769 to 10477. [2018-12-09 00:37:15,577 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 10477 states. [2018-12-09 00:37:15,592 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10477 states to 10477 states and 14091 transitions. [2018-12-09 00:37:15,594 INFO L78 Accepts]: Start accepts. Automaton has 10477 states and 14091 transitions. Word has length 306 [2018-12-09 00:37:15,594 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-12-09 00:37:15,594 INFO L480 AbstractCegarLoop]: Abstraction has 10477 states and 14091 transitions. [2018-12-09 00:37:15,594 INFO L481 AbstractCegarLoop]: Interpolant automaton has 16 states. [2018-12-09 00:37:15,594 INFO L276 IsEmpty]: Start isEmpty. Operand 10477 states and 14091 transitions. [2018-12-09 00:37:15,610 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 308 [2018-12-09 00:37:15,610 INFO L394 BasicCegarLoop]: Found error trace [2018-12-09 00:37:15,611 INFO L402 BasicCegarLoop]: trace histogram [4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-12-09 00:37:15,611 INFO L423 AbstractCegarLoop]: === Iteration 12 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-12-09 00:37:15,611 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-12-09 00:37:15,611 INFO L82 PathProgramCache]: Analyzing trace with hash -832784631, now seen corresponding path program 1 times [2018-12-09 00:37:15,611 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-12-09 00:37:15,611 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-12-09 00:37:15,612 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:15,612 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-12-09 00:37:15,612 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:15,631 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-12-09 00:37:15,708 INFO L134 CoverageAnalysis]: Checked inductivity of 115 backedges. 21 proven. 2 refuted. 0 times theorem prover too weak. 92 trivial. 0 not checked. [2018-12-09 00:37:15,708 INFO L300 seRefinementStrategy]: The current sequences of interpolants are not accepted, trying to find more. [2018-12-09 00:37:15,708 INFO L223 ckRefinementStrategy]: Switched to mode Z3_FP No working directory specified, using /tmp/vcloud-vcloud-master/worker/working_dir_251a6805-40dc-4b4d-90ba-e7bec03f1268/bin-2019/uautomizer/z3 Starting monitored process 5 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 5 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 [2018-12-09 00:37:15,715 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-12-09 00:37:15,935 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-12-09 00:37:15,944 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-12-09 00:37:16,045 INFO L134 CoverageAnalysis]: Checked inductivity of 115 backedges. 16 proven. 0 refuted. 0 times theorem prover too weak. 99 trivial. 0 not checked. [2018-12-09 00:37:16,062 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 1 imperfect interpolant sequences. [2018-12-09 00:37:16,062 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [9] imperfect sequences [5] total 12 [2018-12-09 00:37:16,062 INFO L459 AbstractCegarLoop]: Interpolant automaton has 12 states [2018-12-09 00:37:16,062 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2018-12-09 00:37:16,063 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=27, Invalid=105, Unknown=0, NotChecked=0, Total=132 [2018-12-09 00:37:16,063 INFO L87 Difference]: Start difference. First operand 10477 states and 14091 transitions. Second operand 12 states. [2018-12-09 00:37:18,109 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-12-09 00:37:18,109 INFO L93 Difference]: Finished difference Result 34305 states and 46379 transitions. [2018-12-09 00:37:18,110 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2018-12-09 00:37:18,110 INFO L78 Accepts]: Start accepts. Automaton has 12 states. Word has length 307 [2018-12-09 00:37:18,110 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-12-09 00:37:18,159 INFO L225 Difference]: With dead ends: 34305 [2018-12-09 00:37:18,159 INFO L226 Difference]: Without dead ends: 23857 [2018-12-09 00:37:18,179 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 330 GetRequests, 308 SyntacticMatches, 1 SemanticMatches, 21 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 44 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=95, Invalid=411, Unknown=0, NotChecked=0, Total=506 [2018-12-09 00:37:18,195 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 23857 states. [2018-12-09 00:37:18,780 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 23857 to 21252. [2018-12-09 00:37:18,780 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 21252 states. [2018-12-09 00:37:18,809 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 21252 states to 21252 states and 28656 transitions. [2018-12-09 00:37:18,811 INFO L78 Accepts]: Start accepts. Automaton has 21252 states and 28656 transitions. Word has length 307 [2018-12-09 00:37:18,811 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-12-09 00:37:18,811 INFO L480 AbstractCegarLoop]: Abstraction has 21252 states and 28656 transitions. [2018-12-09 00:37:18,811 INFO L481 AbstractCegarLoop]: Interpolant automaton has 12 states. [2018-12-09 00:37:18,811 INFO L276 IsEmpty]: Start isEmpty. Operand 21252 states and 28656 transitions. [2018-12-09 00:37:18,834 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 310 [2018-12-09 00:37:18,834 INFO L394 BasicCegarLoop]: Found error trace [2018-12-09 00:37:18,834 INFO L402 BasicCegarLoop]: trace histogram [4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-12-09 00:37:18,835 INFO L423 AbstractCegarLoop]: === Iteration 13 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-12-09 00:37:18,835 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-12-09 00:37:18,835 INFO L82 PathProgramCache]: Analyzing trace with hash 1189369598, now seen corresponding path program 1 times [2018-12-09 00:37:18,835 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-12-09 00:37:18,835 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-12-09 00:37:18,835 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:18,835 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-12-09 00:37:18,835 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:18,855 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-12-09 00:37:18,984 INFO L134 CoverageAnalysis]: Checked inductivity of 118 backedges. 24 proven. 3 refuted. 0 times theorem prover too weak. 91 trivial. 0 not checked. [2018-12-09 00:37:18,984 INFO L300 seRefinementStrategy]: The current sequences of interpolants are not accepted, trying to find more. [2018-12-09 00:37:18,984 INFO L223 ckRefinementStrategy]: Switched to mode Z3_FP No working directory specified, using /tmp/vcloud-vcloud-master/worker/working_dir_251a6805-40dc-4b4d-90ba-e7bec03f1268/bin-2019/uautomizer/z3 Starting monitored process 6 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 6 with z3 -smt2 -in SMTLIB2_COMPLIANT=true -t:12000 [2018-12-09 00:37:18,991 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-12-09 00:37:19,194 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-12-09 00:37:19,203 INFO L273 TraceCheckSpWp]: Computing forward predicates... [2018-12-09 00:37:19,315 INFO L134 CoverageAnalysis]: Checked inductivity of 118 backedges. 17 proven. 0 refuted. 0 times theorem prover too weak. 101 trivial. 0 not checked. [2018-12-09 00:37:19,332 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 1 imperfect interpolant sequences. [2018-12-09 00:37:19,332 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [9] imperfect sequences [16] total 23 [2018-12-09 00:37:19,333 INFO L459 AbstractCegarLoop]: Interpolant automaton has 23 states [2018-12-09 00:37:19,333 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 23 interpolants. [2018-12-09 00:37:19,333 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=49, Invalid=457, Unknown=0, NotChecked=0, Total=506 [2018-12-09 00:37:19,333 INFO L87 Difference]: Start difference. First operand 21252 states and 28656 transitions. Second operand 23 states. [2018-12-09 00:37:20,831 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-12-09 00:37:20,832 INFO L93 Difference]: Finished difference Result 44585 states and 60633 transitions. [2018-12-09 00:37:20,832 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 26 states. [2018-12-09 00:37:20,832 INFO L78 Accepts]: Start accepts. Automaton has 23 states. Word has length 309 [2018-12-09 00:37:20,832 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-12-09 00:37:20,878 INFO L225 Difference]: With dead ends: 44585 [2018-12-09 00:37:20,878 INFO L226 Difference]: Without dead ends: 22100 [2018-12-09 00:37:20,904 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 345 GetRequests, 304 SyntacticMatches, 0 SemanticMatches, 41 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 184 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=147, Invalid=1659, Unknown=0, NotChecked=0, Total=1806 [2018-12-09 00:37:20,917 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 22100 states. [2018-12-09 00:37:21,423 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 22100 to 20910. [2018-12-09 00:37:21,423 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 20910 states. [2018-12-09 00:37:21,451 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 20910 states to 20910 states and 27932 transitions. [2018-12-09 00:37:21,454 INFO L78 Accepts]: Start accepts. Automaton has 20910 states and 27932 transitions. Word has length 309 [2018-12-09 00:37:21,454 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-12-09 00:37:21,454 INFO L480 AbstractCegarLoop]: Abstraction has 20910 states and 27932 transitions. [2018-12-09 00:37:21,454 INFO L481 AbstractCegarLoop]: Interpolant automaton has 23 states. [2018-12-09 00:37:21,454 INFO L276 IsEmpty]: Start isEmpty. Operand 20910 states and 27932 transitions. [2018-12-09 00:37:21,475 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 310 [2018-12-09 00:37:21,476 INFO L394 BasicCegarLoop]: Found error trace [2018-12-09 00:37:21,476 INFO L402 BasicCegarLoop]: trace histogram [4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-12-09 00:37:21,476 INFO L423 AbstractCegarLoop]: === Iteration 14 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-12-09 00:37:21,476 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-12-09 00:37:21,476 INFO L82 PathProgramCache]: Analyzing trace with hash 806266354, now seen corresponding path program 1 times [2018-12-09 00:37:21,476 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-12-09 00:37:21,476 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-12-09 00:37:21,477 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:21,477 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-12-09 00:37:21,477 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:21,507 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-12-09 00:37:21,621 INFO L134 CoverageAnalysis]: Checked inductivity of 118 backedges. 21 proven. 0 refuted. 0 times theorem prover too weak. 97 trivial. 0 not checked. [2018-12-09 00:37:21,621 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-12-09 00:37:21,621 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2018-12-09 00:37:21,621 INFO L459 AbstractCegarLoop]: Interpolant automaton has 9 states [2018-12-09 00:37:21,622 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2018-12-09 00:37:21,622 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=57, Unknown=0, NotChecked=0, Total=72 [2018-12-09 00:37:21,622 INFO L87 Difference]: Start difference. First operand 20910 states and 27932 transitions. Second operand 9 states. [2018-12-09 00:37:24,378 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-12-09 00:37:24,378 INFO L93 Difference]: Finished difference Result 75234 states and 100653 transitions. [2018-12-09 00:37:24,378 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2018-12-09 00:37:24,378 INFO L78 Accepts]: Start accepts. Automaton has 9 states. Word has length 309 [2018-12-09 00:37:24,379 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-12-09 00:37:24,496 INFO L225 Difference]: With dead ends: 75234 [2018-12-09 00:37:24,496 INFO L226 Difference]: Without dead ends: 59222 [2018-12-09 00:37:24,528 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 33 GetRequests, 17 SyntacticMatches, 0 SemanticMatches, 16 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 29 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=65, Invalid=241, Unknown=0, NotChecked=0, Total=306 [2018-12-09 00:37:24,568 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 59222 states. [2018-12-09 00:37:25,989 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 59222 to 54036. [2018-12-09 00:37:25,989 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 54036 states. [2018-12-09 00:37:26,088 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 54036 states to 54036 states and 72918 transitions. [2018-12-09 00:37:26,092 INFO L78 Accepts]: Start accepts. Automaton has 54036 states and 72918 transitions. Word has length 309 [2018-12-09 00:37:26,092 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-12-09 00:37:26,092 INFO L480 AbstractCegarLoop]: Abstraction has 54036 states and 72918 transitions. [2018-12-09 00:37:26,092 INFO L481 AbstractCegarLoop]: Interpolant automaton has 9 states. [2018-12-09 00:37:26,092 INFO L276 IsEmpty]: Start isEmpty. Operand 54036 states and 72918 transitions. [2018-12-09 00:37:26,152 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 310 [2018-12-09 00:37:26,152 INFO L394 BasicCegarLoop]: Found error trace [2018-12-09 00:37:26,152 INFO L402 BasicCegarLoop]: trace histogram [4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-12-09 00:37:26,152 INFO L423 AbstractCegarLoop]: === Iteration 15 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-12-09 00:37:26,152 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-12-09 00:37:26,152 INFO L82 PathProgramCache]: Analyzing trace with hash 1181102727, now seen corresponding path program 1 times [2018-12-09 00:37:26,153 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-12-09 00:37:26,153 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-12-09 00:37:26,153 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:26,153 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-12-09 00:37:26,153 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:26,175 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-12-09 00:37:26,509 INFO L134 CoverageAnalysis]: Checked inductivity of 116 backedges. 21 proven. 0 refuted. 0 times theorem prover too weak. 95 trivial. 0 not checked. [2018-12-09 00:37:26,509 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-12-09 00:37:26,509 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [24] imperfect sequences [] total 24 [2018-12-09 00:37:26,510 INFO L459 AbstractCegarLoop]: Interpolant automaton has 24 states [2018-12-09 00:37:26,510 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 24 interpolants. [2018-12-09 00:37:26,510 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=45, Invalid=507, Unknown=0, NotChecked=0, Total=552 [2018-12-09 00:37:26,510 INFO L87 Difference]: Start difference. First operand 54036 states and 72918 transitions. Second operand 24 states. [2018-12-09 00:37:28,004 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-12-09 00:37:28,004 INFO L93 Difference]: Finished difference Result 95438 states and 129027 transitions. [2018-12-09 00:37:28,005 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 28 states. [2018-12-09 00:37:28,005 INFO L78 Accepts]: Start accepts. Automaton has 24 states. Word has length 309 [2018-12-09 00:37:28,005 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-12-09 00:37:28,091 INFO L225 Difference]: With dead ends: 95438 [2018-12-09 00:37:28,091 INFO L226 Difference]: Without dead ends: 42748 [2018-12-09 00:37:28,153 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 34 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 32 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 45 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=85, Invalid=1037, Unknown=0, NotChecked=0, Total=1122 [2018-12-09 00:37:28,181 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 42748 states. [2018-12-09 00:37:29,434 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 42748 to 41817. [2018-12-09 00:37:29,434 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 41817 states. [2018-12-09 00:37:29,496 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 41817 states to 41817 states and 56065 transitions. [2018-12-09 00:37:29,502 INFO L78 Accepts]: Start accepts. Automaton has 41817 states and 56065 transitions. Word has length 309 [2018-12-09 00:37:29,502 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-12-09 00:37:29,502 INFO L480 AbstractCegarLoop]: Abstraction has 41817 states and 56065 transitions. [2018-12-09 00:37:29,502 INFO L481 AbstractCegarLoop]: Interpolant automaton has 24 states. [2018-12-09 00:37:29,502 INFO L276 IsEmpty]: Start isEmpty. Operand 41817 states and 56065 transitions. [2018-12-09 00:37:29,547 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 314 [2018-12-09 00:37:29,547 INFO L394 BasicCegarLoop]: Found error trace [2018-12-09 00:37:29,547 INFO L402 BasicCegarLoop]: trace histogram [4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-12-09 00:37:29,547 INFO L423 AbstractCegarLoop]: === Iteration 16 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-12-09 00:37:29,547 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-12-09 00:37:29,547 INFO L82 PathProgramCache]: Analyzing trace with hash 106316644, now seen corresponding path program 1 times [2018-12-09 00:37:29,548 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-12-09 00:37:29,548 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-12-09 00:37:29,548 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:29,548 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-12-09 00:37:29,548 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:29,568 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-12-09 00:37:29,645 INFO L134 CoverageAnalysis]: Checked inductivity of 116 backedges. 21 proven. 0 refuted. 0 times theorem prover too weak. 95 trivial. 0 not checked. [2018-12-09 00:37:29,645 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-12-09 00:37:29,646 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2018-12-09 00:37:29,646 INFO L459 AbstractCegarLoop]: Interpolant automaton has 10 states [2018-12-09 00:37:29,646 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2018-12-09 00:37:29,646 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=17, Invalid=73, Unknown=0, NotChecked=0, Total=90 [2018-12-09 00:37:29,646 INFO L87 Difference]: Start difference. First operand 41817 states and 56065 transitions. Second operand 10 states. [2018-12-09 00:37:30,456 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-12-09 00:37:30,457 INFO L93 Difference]: Finished difference Result 56979 states and 75561 transitions. [2018-12-09 00:37:30,457 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2018-12-09 00:37:30,457 INFO L78 Accepts]: Start accepts. Automaton has 10 states. Word has length 313 [2018-12-09 00:37:30,457 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-12-09 00:37:30,543 INFO L225 Difference]: With dead ends: 56979 [2018-12-09 00:37:30,543 INFO L226 Difference]: Without dead ends: 41817 [2018-12-09 00:37:30,573 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=73, Unknown=0, NotChecked=0, Total=90 [2018-12-09 00:37:30,602 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 41817 states. [2018-12-09 00:37:31,834 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 41817 to 41789. [2018-12-09 00:37:31,834 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 41789 states. [2018-12-09 00:37:31,896 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 41789 states to 41789 states and 55977 transitions. [2018-12-09 00:37:31,900 INFO L78 Accepts]: Start accepts. Automaton has 41789 states and 55977 transitions. Word has length 313 [2018-12-09 00:37:31,900 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-12-09 00:37:31,901 INFO L480 AbstractCegarLoop]: Abstraction has 41789 states and 55977 transitions. [2018-12-09 00:37:31,901 INFO L481 AbstractCegarLoop]: Interpolant automaton has 10 states. [2018-12-09 00:37:31,901 INFO L276 IsEmpty]: Start isEmpty. Operand 41789 states and 55977 transitions. [2018-12-09 00:37:31,945 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 321 [2018-12-09 00:37:31,945 INFO L394 BasicCegarLoop]: Found error trace [2018-12-09 00:37:31,945 INFO L402 BasicCegarLoop]: trace histogram [4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2018-12-09 00:37:31,946 INFO L423 AbstractCegarLoop]: === Iteration 17 === [__automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION]=== [2018-12-09 00:37:31,946 INFO L141 PredicateUnifier]: Initialized classic predicate unifier [2018-12-09 00:37:31,946 INFO L82 PathProgramCache]: Analyzing trace with hash -1214319505, now seen corresponding path program 1 times [2018-12-09 00:37:31,946 INFO L223 ckRefinementStrategy]: Switched to mode SMTINTERPOL_TREE_INTERPOLANTS [2018-12-09 00:37:31,946 INFO L69 tionRefinementEngine]: Using refinement strategy CamelRefinementStrategy [2018-12-09 00:37:31,947 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:31,947 INFO L103 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2018-12-09 00:37:31,947 INFO L119 rtionOrderModulation]: Craig_TreeInterpolation forces the order to NOT_INCREMENTALLY [2018-12-09 00:37:31,973 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2018-12-09 00:37:32,076 INFO L134 CoverageAnalysis]: Checked inductivity of 124 backedges. 21 proven. 0 refuted. 0 times theorem prover too weak. 103 trivial. 0 not checked. [2018-12-09 00:37:32,076 INFO L312 seRefinementStrategy]: Constructing automaton from 1 perfect and 0 imperfect interpolant sequences. [2018-12-09 00:37:32,076 INFO L327 seRefinementStrategy]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2018-12-09 00:37:32,076 INFO L459 AbstractCegarLoop]: Interpolant automaton has 10 states [2018-12-09 00:37:32,077 INFO L142 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2018-12-09 00:37:32,077 INFO L144 InterpolantAutomaton]: CoverageRelationStatistics Valid=18, Invalid=72, Unknown=0, NotChecked=0, Total=90 [2018-12-09 00:37:32,077 INFO L87 Difference]: Start difference. First operand 41789 states and 55977 transitions. Second operand 10 states. [2018-12-09 00:37:32,858 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2018-12-09 00:37:32,858 INFO L93 Difference]: Finished difference Result 47389 states and 62597 transitions. [2018-12-09 00:37:32,859 INFO L142 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2018-12-09 00:37:32,859 INFO L78 Accepts]: Start accepts. Automaton has 10 states. Word has length 320 [2018-12-09 00:37:32,859 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2018-12-09 00:37:32,861 INFO L225 Difference]: With dead ends: 47389 [2018-12-09 00:37:32,861 INFO L226 Difference]: Without dead ends: 0 [2018-12-09 00:37:32,897 INFO L631 BasicCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 18 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=48, Invalid=192, Unknown=0, NotChecked=0, Total=240 [2018-12-09 00:37:32,897 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2018-12-09 00:37:32,897 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2018-12-09 00:37:32,898 INFO L82 GeneralOperation]: Start removeUnreachable. Operand 0 states. [2018-12-09 00:37:32,898 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2018-12-09 00:37:32,901 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 320 [2018-12-09 00:37:32,901 INFO L84 Accepts]: Finished accepts. word is rejected. [2018-12-09 00:37:32,901 INFO L480 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2018-12-09 00:37:32,901 INFO L481 AbstractCegarLoop]: Interpolant automaton has 10 states. [2018-12-09 00:37:32,902 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2018-12-09 00:37:32,902 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2018-12-09 00:37:32,905 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2018-12-09 00:37:33,064 WARN L180 SmtUtils]: Spent 106.00 ms on a formula simplification that was a NOOP. DAG size: 31 [2018-12-09 00:37:33,246 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:33,248 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:33,251 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:33,277 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:33,277 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:33,277 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:33,277 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:33,292 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:33,298 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:33,299 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:33,299 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:33,299 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:33,723 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:33,724 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:33,725 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:33,725 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:33,727 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:33,727 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:33,738 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:33,739 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:33,772 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:33,773 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:33,776 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:33,776 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:33,788 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:33,789 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:35,562 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:35,563 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:35,571 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:35,571 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:35,586 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:35,598 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:35,599 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:35,602 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:35,602 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:35,604 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:35,604 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:35,609 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:35,610 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:35,710 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:35,711 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:35,719 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:35,719 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:35,733 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:35,745 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:35,746 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:35,749 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:35,750 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:35,752 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:35,753 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:35,758 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:35,760 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:39,107 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:39,109 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:39,117 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:39,117 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:39,117 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:39,118 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:39,126 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:39,129 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:39,130 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:39,130 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:39,132 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:39,134 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:39,160 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:39,161 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:39,162 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:39,162 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:39,165 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:39,165 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:39,166 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:39,166 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:39,168 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:39,169 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:39,169 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:39,170 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:39,174 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:39,175 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:39,175 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:39,176 WARN L250 erpolLogProxyWrapper]: Already inconsistent. [2018-12-09 00:37:40,022 WARN L180 SmtUtils]: Spent 447.00 ms on a formula simplification. DAG size of input: 334 DAG size of output: 40 [2018-12-09 00:37:40,505 WARN L180 SmtUtils]: Spent 352.00 ms on a formula simplification. DAG size of input: 311 DAG size of output: 40 [2018-12-09 00:37:43,822 WARN L180 SmtUtils]: Spent 3.31 s on a formula simplification. DAG size of input: 481 DAG size of output: 40 [2018-12-09 00:37:48,662 WARN L180 SmtUtils]: Spent 4.83 s on a formula simplification. DAG size of input: 385 DAG size of output: 41 [2018-12-09 00:37:49,020 WARN L180 SmtUtils]: Spent 285.00 ms on a formula simplification. DAG size of input: 483 DAG size of output: 1 [2018-12-09 00:37:53,107 WARN L180 SmtUtils]: Spent 4.08 s on a formula simplification. DAG size of input: 481 DAG size of output: 40 [2018-12-09 00:37:55,470 WARN L180 SmtUtils]: Spent 2.34 s on a formula simplification. DAG size of input: 455 DAG size of output: 30 [2018-12-09 00:37:56,209 WARN L180 SmtUtils]: Spent 731.00 ms on a formula simplification. DAG size of input: 457 DAG size of output: 36 [2018-12-09 00:37:56,940 WARN L180 SmtUtils]: Spent 681.00 ms on a formula simplification. DAG size of input: 455 DAG size of output: 30 [2018-12-09 00:37:57,410 WARN L180 SmtUtils]: Spent 328.00 ms on a formula simplification. DAG size of input: 304 DAG size of output: 33 [2018-12-09 00:37:57,891 WARN L180 SmtUtils]: Spent 377.00 ms on a formula simplification. DAG size of input: 334 DAG size of output: 27 [2018-12-09 00:37:59,036 WARN L180 SmtUtils]: Spent 299.00 ms on a formula simplification. DAG size of input: 220 DAG size of output: 32 [2018-12-09 00:37:59,524 WARN L180 SmtUtils]: Spent 109.00 ms on a formula simplification. DAG size of input: 115 DAG size of output: 40 [2018-12-09 00:38:05,278 WARN L180 SmtUtils]: Spent 5.50 s on a formula simplification. DAG size of input: 481 DAG size of output: 40 [2018-12-09 00:38:06,032 WARN L180 SmtUtils]: Spent 676.00 ms on a formula simplification. DAG size of input: 359 DAG size of output: 36 [2018-12-09 00:38:06,359 WARN L180 SmtUtils]: Spent 109.00 ms on a formula simplification. DAG size of input: 112 DAG size of output: 43 [2018-12-09 00:38:07,246 WARN L180 SmtUtils]: Spent 871.00 ms on a formula simplification. DAG size of input: 536 DAG size of output: 24 [2018-12-09 00:38:07,938 WARN L180 SmtUtils]: Spent 623.00 ms on a formula simplification. DAG size of input: 431 DAG size of output: 30 [2018-12-09 00:38:10,413 WARN L180 SmtUtils]: Spent 2.36 s on a formula simplification. DAG size of input: 481 DAG size of output: 40 [2018-12-09 00:38:14,003 WARN L180 SmtUtils]: Spent 3.52 s on a formula simplification. DAG size of input: 481 DAG size of output: 40 [2018-12-09 00:38:15,586 WARN L180 SmtUtils]: Spent 1.46 s on a formula simplification. DAG size of input: 331 DAG size of output: 43 [2018-12-09 00:38:16,069 WARN L180 SmtUtils]: Spent 434.00 ms on a formula simplification. DAG size of input: 340 DAG size of output: 36 [2018-12-09 00:38:16,557 WARN L180 SmtUtils]: Spent 373.00 ms on a formula simplification. DAG size of input: 328 DAG size of output: 33 [2018-12-09 00:38:17,345 WARN L180 SmtUtils]: Spent 708.00 ms on a formula simplification. DAG size of input: 457 DAG size of output: 36 [2018-12-09 00:38:17,996 WARN L180 SmtUtils]: Spent 643.00 ms on a formula simplification. DAG size of input: 431 DAG size of output: 30 [2018-12-09 00:38:20,598 WARN L180 SmtUtils]: Spent 2.59 s on a formula simplification. DAG size of input: 358 DAG size of output: 32 [2018-12-09 00:38:22,856 WARN L180 SmtUtils]: Spent 2.25 s on a formula simplification. DAG size of input: 358 DAG size of output: 32 [2018-12-09 00:38:23,469 WARN L180 SmtUtils]: Spent 370.00 ms on a formula simplification. DAG size of input: 311 DAG size of output: 40 [2018-12-09 00:38:23,771 WARN L180 SmtUtils]: Spent 296.00 ms on a formula simplification. DAG size of input: 169 DAG size of output: 27 [2018-12-09 00:38:26,759 WARN L180 SmtUtils]: Spent 2.98 s on a formula simplification. DAG size of input: 481 DAG size of output: 40 [2018-12-09 00:38:27,739 WARN L180 SmtUtils]: Spent 339.00 ms on a formula simplification. DAG size of input: 304 DAG size of output: 32 [2018-12-09 00:38:28,648 WARN L180 SmtUtils]: Spent 783.00 ms on a formula simplification. DAG size of input: 457 DAG size of output: 36 [2018-12-09 00:38:29,152 WARN L180 SmtUtils]: Spent 438.00 ms on a formula simplification. DAG size of input: 334 DAG size of output: 40 [2018-12-09 00:38:29,956 WARN L180 SmtUtils]: Spent 444.00 ms on a formula simplification. DAG size of input: 334 DAG size of output: 40 [2018-12-09 00:38:30,366 INFO L448 ceAbstractionStarter]: For program point bobKeyChangeFINAL(lines 2538 2547) no Hoare annotation was computed. [2018-12-09 00:38:30,366 INFO L448 ceAbstractionStarter]: For program point bobKeyChangeEXIT(lines 2538 2547) no Hoare annotation was computed. [2018-12-09 00:38:30,366 INFO L444 ceAbstractionStarter]: At program point bobKeyChangeENTRY(lines 2538 2547) the Hoare annotation is: (or (<= 789 ~__ste_client_privateKey0~0) (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (not (= 0 ~__ste_email_isSigned0~0)) (< |old(~__ste_client_privateKey0~0)| 789) (< ~rjh~0 2) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,366 INFO L448 ceAbstractionStarter]: For program point isSignedEXIT(lines 752 770) no Hoare annotation was computed. [2018-12-09 00:38:30,366 INFO L451 ceAbstractionStarter]: At program point isSignedENTRY(lines 752 770) the Hoare annotation is: true [2018-12-09 00:38:30,367 INFO L448 ceAbstractionStarter]: For program point isSignedFINAL(lines 752 770) no Hoare annotation was computed. [2018-12-09 00:38:30,367 INFO L448 ceAbstractionStarter]: For program point L760(lines 760 766) no Hoare annotation was computed. [2018-12-09 00:38:30,367 INFO L448 ceAbstractionStarter]: For program point L756(lines 756 767) no Hoare annotation was computed. [2018-12-09 00:38:30,367 INFO L444 ceAbstractionStarter]: At program point mailENTRY(lines 127 143) the Hoare annotation is: (let ((.cse0 (= ~__ste_email_isEncrypted0~0 |old(~__ste_email_isEncrypted0~0)|)) (.cse1 (not (= 1 |mail_#in~msg|))) (.cse2 (not (= 1 |mail_#in~client|))) (.cse3 (not (= ~queue_empty~0 1))) (.cse4 (< ~rjh~0 2)) (.cse5 (< ~chuck~0 3)) (.cse6 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (= 0 ~__ste_email_isSigned0~0)) .cse4 .cse5 .cse6) (or .cse0 .cse1 .cse2 .cse3 .cse4 (= 0 ~__ste_client_privateKey0~0) .cse5 .cse6))) [2018-12-09 00:38:30,367 INFO L444 ceAbstractionStarter]: At program point L139(line 139) the Hoare annotation is: (let ((.cse1 (not (= 1 |mail_#in~msg|))) (.cse2 (not (= 1 |mail_#in~client|))) (.cse3 (not (= ~queue_empty~0 1))) (.cse4 (< ~rjh~0 2)) (.cse5 (< ~chuck~0 3)) (.cse6 (not (= 1 ~bob~0))) (.cse0 (and (= ~__ste_email_to0~0 mail_~tmp~0) (= 1 mail_~__utac__ad__arg1~0) (= ~__ste_email_isEncrypted0~0 |old(~__ste_email_isEncrypted0~0)|) (= 1 mail_~__utac__ad__arg2~0) (= mail_~msg |mail_#in~msg|)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (= 0 ~__ste_email_isSigned0~0)) .cse4 .cse5 .cse6) (or .cse1 .cse2 .cse3 .cse4 (= 0 ~__ste_client_privateKey0~0) .cse5 .cse6 .cse0))) [2018-12-09 00:38:30,367 INFO L448 ceAbstractionStarter]: For program point mailEXIT(lines 127 143) no Hoare annotation was computed. [2018-12-09 00:38:30,367 INFO L444 ceAbstractionStarter]: At program point L138(line 138) the Hoare annotation is: (let ((.cse0 (not (= 1 |mail_#in~msg|))) (.cse1 (not (= 1 |mail_#in~client|))) (.cse6 (and (= 1 mail_~__utac__ad__arg1~0) (= ~__ste_email_isEncrypted0~0 |old(~__ste_email_isEncrypted0~0)|) (= 1 mail_~__utac__ad__arg2~0) (= mail_~msg |mail_#in~msg|))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (< ~rjh~0 2)) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (= 0 ~__ste_client_privateKey0~0) .cse4 .cse5 .cse6) (or .cse0 .cse1 .cse6 .cse2 (not (= 0 ~__ste_email_isSigned0~0)) .cse3 .cse4 .cse5))) [2018-12-09 00:38:30,367 INFO L448 ceAbstractionStarter]: For program point L138-1(line 138) no Hoare annotation was computed. [2018-12-09 00:38:30,367 INFO L444 ceAbstractionStarter]: At program point L136(line 136) the Hoare annotation is: (let ((.cse0 (not (= 1 |mail_#in~msg|))) (.cse1 (not (= 1 |mail_#in~client|))) (.cse6 (and (= 1 mail_~__utac__ad__arg1~0) (= ~__ste_email_isEncrypted0~0 |old(~__ste_email_isEncrypted0~0)|) (= 1 mail_~__utac__ad__arg2~0) (= mail_~msg |mail_#in~msg|))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (< ~rjh~0 2)) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (= 0 ~__ste_client_privateKey0~0) .cse4 .cse5 .cse6) (or .cse0 .cse1 .cse6 .cse2 (not (= 0 ~__ste_email_isSigned0~0)) .cse3 .cse4 .cse5))) [2018-12-09 00:38:30,367 INFO L448 ceAbstractionStarter]: For program point L136-1(line 136) no Hoare annotation was computed. [2018-12-09 00:38:30,367 INFO L448 ceAbstractionStarter]: For program point mailFINAL(lines 127 143) no Hoare annotation was computed. [2018-12-09 00:38:30,367 INFO L448 ceAbstractionStarter]: For program point valid_productEXIT(lines 78 86) no Hoare annotation was computed. [2018-12-09 00:38:30,367 INFO L451 ceAbstractionStarter]: At program point valid_productENTRY(lines 78 86) the Hoare annotation is: true [2018-12-09 00:38:30,367 INFO L448 ceAbstractionStarter]: For program point valid_productFINAL(lines 78 86) no Hoare annotation was computed. [2018-12-09 00:38:30,367 INFO L448 ceAbstractionStarter]: For program point get_queued_clientEXIT(lines 313 321) no Hoare annotation was computed. [2018-12-09 00:38:30,367 INFO L451 ceAbstractionStarter]: At program point get_queued_clientENTRY(lines 313 321) the Hoare annotation is: true [2018-12-09 00:38:30,367 INFO L448 ceAbstractionStarter]: For program point get_queued_clientFINAL(lines 313 321) no Hoare annotation was computed. [2018-12-09 00:38:30,367 INFO L448 ceAbstractionStarter]: For program point isKeyPairValidEXIT(lines 331 355) no Hoare annotation was computed. [2018-12-09 00:38:30,367 INFO L451 ceAbstractionStarter]: At program point isKeyPairValidENTRY(lines 331 355) the Hoare annotation is: true [2018-12-09 00:38:30,367 INFO L448 ceAbstractionStarter]: For program point isKeyPairValidFINAL(lines 331 355) no Hoare annotation was computed. [2018-12-09 00:38:30,368 INFO L448 ceAbstractionStarter]: For program point L344(lines 344 349) no Hoare annotation was computed. [2018-12-09 00:38:30,368 INFO L448 ceAbstractionStarter]: For program point L340(lines 340 350) no Hoare annotation was computed. [2018-12-09 00:38:30,368 INFO L444 ceAbstractionStarter]: At program point signENTRY(lines 366 386) the Hoare annotation is: (or (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (= 0 ~__ste_email_isSigned0~0) (< ~rjh~0 2) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,368 INFO L444 ceAbstractionStarter]: At program point L381(line 381) the Hoare annotation is: (let ((.cse0 (= |sign_#in~client| sign_~client)) (.cse1 (= 0 ~__ste_email_isSigned0~0))) (or (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (and .cse0 .cse1 (not (= |sign_#in~client| 1))) (< ~rjh~0 2) (and .cse0 (= sign_~privkey~1 ~__ste_client_privateKey0~0) .cse1 (not (= 0 ~__ste_client_privateKey0~0))) (< ~chuck~0 3) (not (= 1 ~bob~0)))) [2018-12-09 00:38:30,368 INFO L448 ceAbstractionStarter]: For program point signEXIT(lines 366 386) no Hoare annotation was computed. [2018-12-09 00:38:30,368 INFO L444 ceAbstractionStarter]: At program point L381-1(line 381) the Hoare annotation is: (let ((.cse0 (= |sign_#in~client| sign_~client))) (or (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (and .cse0 (= sign_~privkey~1 ~__ste_client_privateKey0~0) (not (= 0 ~__ste_client_privateKey0~0))) (< ~rjh~0 2) (and .cse0 (not (= |sign_#in~client| 1))) (< ~chuck~0 3) (not (= 1 ~bob~0)))) [2018-12-09 00:38:30,368 INFO L448 ceAbstractionStarter]: For program point signFINAL(lines 366 386) no Hoare annotation was computed. [2018-12-09 00:38:30,368 INFO L448 ceAbstractionStarter]: For program point L375(lines 375 379) no Hoare annotation was computed. [2018-12-09 00:38:30,368 INFO L444 ceAbstractionStarter]: At program point L372(line 372) the Hoare annotation is: (or (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (< ~rjh~0 2) (and (= |sign_#in~client| sign_~client) (= 0 ~__ste_email_isSigned0~0)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,368 INFO L448 ceAbstractionStarter]: For program point L372-1(line 372) no Hoare annotation was computed. [2018-12-09 00:38:30,368 INFO L444 ceAbstractionStarter]: At program point L2432(line 2432) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0) (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0) (= 0 ~__ste_Client_Keyring0_User0~0) (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0)) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|))) [2018-12-09 00:38:30,368 INFO L448 ceAbstractionStarter]: For program point L2433(line 2433) no Hoare annotation was computed. [2018-12-09 00:38:30,368 INFO L444 ceAbstractionStarter]: At program point L2431-1(line 2431) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0) (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0) (= 0 ~__ste_Client_Keyring0_User0~0) (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0)) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|))) [2018-12-09 00:38:30,368 INFO L444 ceAbstractionStarter]: At program point L2431(line 2431) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0) (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0) (= 0 ~__ste_Client_Keyring0_User0~0) (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0)) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|))) [2018-12-09 00:38:30,368 INFO L444 ceAbstractionStarter]: At program point mainENTRY(lines 2425 2445) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0) (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0) (= 0 ~__ste_Client_Keyring0_User0~0) (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0)) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|))) [2018-12-09 00:38:30,368 INFO L448 ceAbstractionStarter]: For program point mainEXIT(lines 2425 2445) no Hoare annotation was computed. [2018-12-09 00:38:30,368 INFO L448 ceAbstractionStarter]: For program point mainFINAL(lines 2425 2445) no Hoare annotation was computed. [2018-12-09 00:38:30,368 INFO L444 ceAbstractionStarter]: At program point L2437-1(line 2437) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 1 ~bob~0) (<= 2 ~rjh~0) (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) (<= 3 ~chuck~0) (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0) (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0) (= 0 ~__ste_Client_Keyring0_User0~0) (= main_~tmp~17 1)) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|))) [2018-12-09 00:38:30,369 INFO L444 ceAbstractionStarter]: At program point L2437(line 2437) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (and (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0) (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0) (= 0 ~__ste_Client_Keyring0_User0~0) (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) (= main_~tmp~17 1))) [2018-12-09 00:38:30,369 INFO L448 ceAbstractionStarter]: For program point L2435-1(lines 2435 2442) no Hoare annotation was computed. [2018-12-09 00:38:30,369 INFO L448 ceAbstractionStarter]: For program point L2435(lines 2435 2442) no Hoare annotation was computed. [2018-12-09 00:38:30,369 INFO L444 ceAbstractionStarter]: At program point rjhKeyChangeENTRY(lines 2548 2557) the Hoare annotation is: (or (<= 789 ~__ste_client_privateKey0~0) (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (not (= 0 ~__ste_email_isSigned0~0)) (< |old(~__ste_client_privateKey0~0)| 789) (< ~rjh~0 2) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,369 INFO L448 ceAbstractionStarter]: For program point rjhKeyChangeEXIT(lines 2548 2557) no Hoare annotation was computed. [2018-12-09 00:38:30,369 INFO L448 ceAbstractionStarter]: For program point rjhKeyChangeFINAL(lines 2548 2557) no Hoare annotation was computed. [2018-12-09 00:38:30,369 INFO L448 ceAbstractionStarter]: For program point setup_rjhFINAL(lines 2336 2346) no Hoare annotation was computed. [2018-12-09 00:38:30,369 INFO L451 ceAbstractionStarter]: At program point setup_rjhENTRY(lines 2336 2346) the Hoare annotation is: true [2018-12-09 00:38:30,369 INFO L444 ceAbstractionStarter]: At program point L2341-1(line 2341) the Hoare annotation is: (or (not (= 0 ~__ste_Client_Keyring0_User0~0)) (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (not (= 0 ~__ste_email_isSigned0~0)) (not (= ~__ste_Client_Keyring0_User0~0 ~__ste_Client_Keyring0_User1~0)) (< ~rjh~0 2) (<= |setup_rjh_#in~rjh___0| setup_rjh_~rjh___0) (not (= ~__ste_email_to0~0 ~__ste_Client_Keyring0_User0~0)) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,369 INFO L444 ceAbstractionStarter]: At program point L2341(line 2341) the Hoare annotation is: (or (not (= 0 ~__ste_Client_Keyring0_User0~0)) (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (not (= 0 ~__ste_email_isSigned0~0)) (not (= ~__ste_Client_Keyring0_User0~0 ~__ste_Client_Keyring0_User1~0)) (< ~rjh~0 2) (<= |setup_rjh_#in~rjh___0| setup_rjh_~rjh___0) (not (= ~__ste_email_to0~0 ~__ste_Client_Keyring0_User0~0)) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,369 INFO L448 ceAbstractionStarter]: For program point setup_rjhEXIT(lines 2336 2346) no Hoare annotation was computed. [2018-12-09 00:38:30,369 INFO L448 ceAbstractionStarter]: For program point setEmailIsSignedEXIT(lines 771 786) no Hoare annotation was computed. [2018-12-09 00:38:30,369 INFO L448 ceAbstractionStarter]: For program point L778(lines 778 782) no Hoare annotation was computed. [2018-12-09 00:38:30,369 INFO L448 ceAbstractionStarter]: For program point L778-2(lines 771 786) no Hoare annotation was computed. [2018-12-09 00:38:30,369 INFO L448 ceAbstractionStarter]: For program point L775(lines 775 783) no Hoare annotation was computed. [2018-12-09 00:38:30,369 INFO L444 ceAbstractionStarter]: At program point setEmailIsSignedENTRY(lines 771 786) the Hoare annotation is: (or (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (= 0 ~__ste_email_isSigned0~0) (< ~rjh~0 2) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,369 INFO L451 ceAbstractionStarter]: At program point getClientPrivateKeyENTRY(lines 1678 1701) the Hoare annotation is: true [2018-12-09 00:38:30,369 INFO L448 ceAbstractionStarter]: For program point getClientPrivateKeyEXIT(lines 1678 1701) no Hoare annotation was computed. [2018-12-09 00:38:30,369 INFO L448 ceAbstractionStarter]: For program point L1690(lines 1690 1696) no Hoare annotation was computed. [2018-12-09 00:38:30,369 INFO L448 ceAbstractionStarter]: For program point getClientPrivateKeyFINAL(lines 1678 1701) no Hoare annotation was computed. [2018-12-09 00:38:30,369 INFO L448 ceAbstractionStarter]: For program point L1686(lines 1686 1697) no Hoare annotation was computed. [2018-12-09 00:38:30,369 INFO L448 ceAbstractionStarter]: For program point L1682(lines 1682 1698) no Hoare annotation was computed. [2018-12-09 00:38:30,369 INFO L448 ceAbstractionStarter]: For program point rjhKeyAddFINAL(lines 2468 2479) no Hoare annotation was computed. [2018-12-09 00:38:30,370 INFO L444 ceAbstractionStarter]: At program point L2474(line 2474) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse1 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (not (= 0 ~__ste_email_isSigned0~0))) (.cse4 (< ~rjh~0 2)) (.cse5 (not (= ~__ste_email_to0~0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse6 (< ~chuck~0 3)) (.cse7 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) .cse4 .cse5 .cse6 .cse7 (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0)) (or .cse0 .cse1 (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) .cse2 .cse3 .cse4 .cse5 .cse6 .cse7))) [2018-12-09 00:38:30,370 INFO L448 ceAbstractionStarter]: For program point rjhKeyAddEXIT(lines 2468 2479) no Hoare annotation was computed. [2018-12-09 00:38:30,370 INFO L448 ceAbstractionStarter]: For program point L2473(line 2473) no Hoare annotation was computed. [2018-12-09 00:38:30,370 INFO L451 ceAbstractionStarter]: At program point L2474-1(line 2474) the Hoare annotation is: true [2018-12-09 00:38:30,370 INFO L444 ceAbstractionStarter]: At program point rjhKeyAddENTRY(lines 2468 2479) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse1 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (not (= 0 ~__ste_email_isSigned0~0))) (.cse4 (< ~rjh~0 2)) (.cse5 (not (= ~__ste_email_to0~0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse6 (< ~chuck~0 3)) (.cse7 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) .cse4 .cse5 .cse6 .cse7 (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0)) (or .cse0 .cse1 (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) .cse2 .cse3 .cse4 .cse5 .cse6 .cse7))) [2018-12-09 00:38:30,370 INFO L448 ceAbstractionStarter]: For program point bobToRjhEXIT(lines 2368 2390) no Hoare annotation was computed. [2018-12-09 00:38:30,370 INFO L444 ceAbstractionStarter]: At program point L2384(line 2384) the Hoare annotation is: (or (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (< ~rjh~0 2) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,370 INFO L448 ceAbstractionStarter]: For program point L2385-1(lines 2368 2390) no Hoare annotation was computed. [2018-12-09 00:38:30,370 INFO L444 ceAbstractionStarter]: At program point bobToRjhENTRY(lines 2368 2390) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_email_isEncrypted0~0)|))) (.cse1 (not (= ~queue_empty~0 1))) (.cse2 (not (= 0 |old(~__ste_email_isSigned0~0)|))) (.cse3 (< ~rjh~0 2)) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) .cse3 .cse4 .cse5) (or (not (= 0 ~__ste_Client_Keyring0_User0~0)) .cse0 (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) .cse1 .cse2 .cse3 (not (= |old(~__ste_email_to0~0)| ~__ste_Client_Keyring0_User0~0)) .cse4 .cse5))) [2018-12-09 00:38:30,370 INFO L444 ceAbstractionStarter]: At program point L2385(line 2385) the Hoare annotation is: (or (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (< ~rjh~0 2) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,370 INFO L448 ceAbstractionStarter]: For program point L2383-1(line 2383) no Hoare annotation was computed. [2018-12-09 00:38:30,370 INFO L444 ceAbstractionStarter]: At program point L2383(line 2383) the Hoare annotation is: (or (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (< ~rjh~0 2) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,370 INFO L448 ceAbstractionStarter]: For program point L2384-1(line 2384) no Hoare annotation was computed. [2018-12-09 00:38:30,370 INFO L448 ceAbstractionStarter]: For program point L2379(lines 2379 2387) no Hoare annotation was computed. [2018-12-09 00:38:30,370 INFO L444 ceAbstractionStarter]: At program point L2376(line 2376) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_email_isEncrypted0~0)|))) (.cse1 (not (= ~queue_empty~0 1))) (.cse2 (not (= 0 |old(~__ste_email_isSigned0~0)|))) (.cse3 (< ~rjh~0 2)) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) .cse3 .cse4 .cse5) (or (not (= 0 ~__ste_Client_Keyring0_User0~0)) .cse0 (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) .cse1 .cse2 .cse3 (not (= |old(~__ste_email_to0~0)| ~__ste_Client_Keyring0_User0~0)) .cse4 .cse5))) [2018-12-09 00:38:30,370 INFO L448 ceAbstractionStarter]: For program point L2377(line 2377) no Hoare annotation was computed. [2018-12-09 00:38:30,370 INFO L444 ceAbstractionStarter]: At program point L2376-1(line 2376) the Hoare annotation is: (or (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (= 0 ~__ste_email_isSigned0~0) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (< ~rjh~0 2) (not (= 1 ~bob~0)) (not (= 0 ~__ste_client_privateKey0~0)) (< ~chuck~0 3)) [2018-12-09 00:38:30,370 INFO L451 ceAbstractionStarter]: At program point L2320(line 2320) the Hoare annotation is: true [2018-12-09 00:38:30,370 INFO L451 ceAbstractionStarter]: At program point L2320-1(line 2320) the Hoare annotation is: true [2018-12-09 00:38:30,370 INFO L451 ceAbstractionStarter]: At program point setup_bobENTRY(lines 2315 2325) the Hoare annotation is: true [2018-12-09 00:38:30,371 INFO L448 ceAbstractionStarter]: For program point setup_bobFINAL(lines 2315 2325) no Hoare annotation was computed. [2018-12-09 00:38:30,371 INFO L448 ceAbstractionStarter]: For program point setup_bobEXIT(lines 2315 2325) no Hoare annotation was computed. [2018-12-09 00:38:30,371 INFO L451 ceAbstractionStarter]: At program point setEmailEncryptionKeyENTRY(lines 734 749) the Hoare annotation is: true [2018-12-09 00:38:30,371 INFO L448 ceAbstractionStarter]: For program point setEmailEncryptionKeyEXIT(lines 734 749) no Hoare annotation was computed. [2018-12-09 00:38:30,371 INFO L448 ceAbstractionStarter]: For program point L741(lines 741 745) no Hoare annotation was computed. [2018-12-09 00:38:30,371 INFO L448 ceAbstractionStarter]: For program point L741-2(lines 734 749) no Hoare annotation was computed. [2018-12-09 00:38:30,371 INFO L448 ceAbstractionStarter]: For program point L738(lines 738 746) no Hoare annotation was computed. [2018-12-09 00:38:30,371 INFO L448 ceAbstractionStarter]: For program point select_featuresEXIT(lines 64 70) no Hoare annotation was computed. [2018-12-09 00:38:30,371 INFO L451 ceAbstractionStarter]: At program point select_featuresFINAL(lines 64 70) the Hoare annotation is: true [2018-12-09 00:38:30,371 INFO L448 ceAbstractionStarter]: For program point setup_bob__wrappee__BaseFINAL(lines 2305 2314) no Hoare annotation was computed. [2018-12-09 00:38:30,371 INFO L451 ceAbstractionStarter]: At program point setup_bob__wrappee__BaseENTRY(lines 2305 2314) the Hoare annotation is: true [2018-12-09 00:38:30,371 INFO L451 ceAbstractionStarter]: At program point L2310(line 2310) the Hoare annotation is: true [2018-12-09 00:38:30,371 INFO L448 ceAbstractionStarter]: For program point setup_bob__wrappee__BaseEXIT(lines 2305 2314) no Hoare annotation was computed. [2018-12-09 00:38:30,371 INFO L448 ceAbstractionStarter]: For program point L719(lines 719 730) no Hoare annotation was computed. [2018-12-09 00:38:30,371 INFO L448 ceAbstractionStarter]: For program point getEmailEncryptionKeyEXIT(lines 715 733) no Hoare annotation was computed. [2018-12-09 00:38:30,371 INFO L451 ceAbstractionStarter]: At program point getEmailEncryptionKeyENTRY(lines 715 733) the Hoare annotation is: true [2018-12-09 00:38:30,371 INFO L448 ceAbstractionStarter]: For program point getEmailEncryptionKeyFINAL(lines 715 733) no Hoare annotation was computed. [2018-12-09 00:38:30,371 INFO L448 ceAbstractionStarter]: For program point L723(lines 723 729) no Hoare annotation was computed. [2018-12-09 00:38:30,371 INFO L444 ceAbstractionStarter]: At program point outgoing__wrappee__KeysENTRY(lines 144 155) the Hoare annotation is: (let ((.cse0 (not (= ~queue_empty~0 1))) (.cse1 (< ~rjh~0 2)) (.cse5 (= ~__ste_email_isEncrypted0~0 |old(~__ste_email_isEncrypted0~0)|)) (.cse2 (not (= 1 |outgoing__wrappee__Keys_#in~msg|))) (.cse3 (< ~chuck~0 3)) (.cse4 (not (= 1 ~bob~0))) (.cse6 (not (= 1 |outgoing__wrappee__Keys_#in~client|)))) (and (or .cse0 (not (= 0 ~__ste_email_isSigned0~0)) .cse1 .cse2 .cse3 .cse4 .cse5 .cse6) (or .cse0 .cse1 .cse5 (= 0 ~__ste_client_privateKey0~0) .cse2 .cse3 .cse4 .cse6))) [2018-12-09 00:38:30,371 INFO L448 ceAbstractionStarter]: For program point outgoing__wrappee__KeysEXIT(lines 144 155) no Hoare annotation was computed. [2018-12-09 00:38:30,371 INFO L448 ceAbstractionStarter]: For program point outgoing__wrappee__KeysFINAL(lines 144 155) no Hoare annotation was computed. [2018-12-09 00:38:30,371 INFO L444 ceAbstractionStarter]: At program point L150(line 150) the Hoare annotation is: (let ((.cse7 (not (= ~queue_empty~0 1))) (.cse6 (= ~__ste_email_isEncrypted0~0 |old(~__ste_email_isEncrypted0~0)|)) (.cse1 (not (= 0 ~__ste_email_isSigned0~0))) (.cse9 (< ~chuck~0 3)) (.cse0 (and (= 1 outgoing__wrappee__Keys_~client) (= 1 outgoing__wrappee__Keys_~msg))) (.cse2 (< ~rjh~0 2)) (.cse8 (= 0 ~__ste_client_privateKey0~0)) (.cse3 (not (= 1 |outgoing__wrappee__Keys_#in~msg|))) (.cse4 (not (= 1 ~bob~0))) (.cse5 (not (= 1 |outgoing__wrappee__Keys_#in~client|)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse6 .cse7 .cse2 .cse8 .cse3 .cse9 .cse4 .cse5) (or .cse7 .cse6 .cse1 .cse2 .cse3 .cse9 .cse4 .cse5) (or .cse0 .cse2 .cse8 .cse3 .cse4 .cse5))) [2018-12-09 00:38:30,372 INFO L444 ceAbstractionStarter]: At program point L149(line 149) the Hoare annotation is: (let ((.cse7 (not (= ~queue_empty~0 1))) (.cse6 (= ~__ste_email_isEncrypted0~0 |old(~__ste_email_isEncrypted0~0)|)) (.cse1 (not (= 0 ~__ste_email_isSigned0~0))) (.cse9 (< ~chuck~0 3)) (.cse0 (and (= 1 outgoing__wrappee__Keys_~client) (= 1 outgoing__wrappee__Keys_~msg))) (.cse2 (< ~rjh~0 2)) (.cse8 (= 0 ~__ste_client_privateKey0~0)) (.cse3 (not (= 1 |outgoing__wrappee__Keys_#in~msg|))) (.cse4 (not (= 1 ~bob~0))) (.cse5 (not (= 1 |outgoing__wrappee__Keys_#in~client|)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse6 .cse7 .cse2 .cse8 .cse3 .cse9 .cse4 .cse5) (or .cse7 .cse6 .cse1 .cse2 .cse3 .cse9 .cse4 .cse5) (or .cse0 .cse2 .cse8 .cse3 .cse4 .cse5))) [2018-12-09 00:38:30,372 INFO L444 ceAbstractionStarter]: At program point L150-1(line 150) the Hoare annotation is: (let ((.cse7 (not (= ~queue_empty~0 1))) (.cse6 (= ~__ste_email_isEncrypted0~0 |old(~__ste_email_isEncrypted0~0)|)) (.cse1 (not (= 0 ~__ste_email_isSigned0~0))) (.cse9 (< ~chuck~0 3)) (.cse0 (and (= 1 outgoing__wrappee__Keys_~client) (= 1 outgoing__wrappee__Keys_~msg))) (.cse2 (< ~rjh~0 2)) (.cse8 (= 0 ~__ste_client_privateKey0~0)) (.cse3 (not (= 1 |outgoing__wrappee__Keys_#in~msg|))) (.cse4 (not (= 1 ~bob~0))) (.cse5 (not (= 1 |outgoing__wrappee__Keys_#in~client|)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse6 .cse7 .cse2 .cse8 .cse3 .cse9 .cse4 .cse5) (or .cse7 .cse6 .cse1 .cse2 .cse3 .cse9 .cse4 .cse5) (or .cse0 .cse2 .cse8 .cse3 .cse4 .cse5))) [2018-12-09 00:38:30,372 INFO L448 ceAbstractionStarter]: For program point L149-1(line 149) no Hoare annotation was computed. [2018-12-09 00:38:30,372 INFO L448 ceAbstractionStarter]: For program point incomingFINAL(lines 225 265) no Hoare annotation was computed. [2018-12-09 00:38:30,372 INFO L444 ceAbstractionStarter]: At program point incomingENTRY(lines 225 265) the Hoare annotation is: (let ((.cse4 (= ~__ste_email_isEncrypted0~0 |old(~__ste_email_isEncrypted0~0)|)) (.cse0 (not (= ~queue_empty~0 1))) (.cse1 (< ~rjh~0 2)) (.cse2 (< ~chuck~0 3)) (.cse3 (not (= 1 ~bob~0)))) (and (or .cse0 (not (= 0 ~__ste_email_isSigned0~0)) .cse1 .cse2 .cse3 .cse4) (or .cse4 .cse0 .cse1 (= 0 ~__ste_client_privateKey0~0) .cse2 .cse3))) [2018-12-09 00:38:30,372 INFO L444 ceAbstractionStarter]: At program point L248(line 248) the Hoare annotation is: (let ((.cse0 (= |incoming_#in~client| incoming_~client)) (.cse7 (= 0 ~__ste_client_privateKey0~0)) (.cse6 (not (= ~queue_empty~0 1))) (.cse1 (not (= 0 ~__ste_email_isSigned0~0))) (.cse5 (and (= ~__ste_email_isEncrypted0~0 |old(~__ste_email_isEncrypted0~0)|) (= incoming_~msg |incoming_#in~msg|))) (.cse2 (< ~rjh~0 2)) (.cse3 (< ~chuck~0 3)) (.cse4 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse6 .cse2 .cse7 .cse3 .cse4) (or .cse0 .cse2 .cse7 .cse3 .cse4) (or .cse6 .cse1 .cse5 .cse2 .cse3 .cse4))) [2018-12-09 00:38:30,372 INFO L444 ceAbstractionStarter]: At program point L248-1(line 248) the Hoare annotation is: (let ((.cse1 (not (= 0 ~__ste_email_isSigned0~0))) (.cse0 (= |incoming_#in~client| incoming_~client)) (.cse6 (= incoming_~msg |incoming_#in~msg|)) (.cse5 (not (= ~queue_empty~0 1))) (.cse2 (< ~rjh~0 2)) (.cse7 (= 0 ~__ste_client_privateKey0~0)) (.cse3 (< ~chuck~0 3)) (.cse4 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse1 .cse2 .cse6 .cse3 .cse4) (or .cse0 .cse2 .cse7 .cse3 .cse4) (or .cse6 .cse5 .cse2 .cse7 .cse3 .cse4))) [2018-12-09 00:38:30,372 INFO L448 ceAbstractionStarter]: For program point L246(lines 246 253) no Hoare annotation was computed. [2018-12-09 00:38:30,372 INFO L444 ceAbstractionStarter]: At program point L244(line 244) the Hoare annotation is: (let ((.cse0 (= |incoming_#in~client| incoming_~client)) (.cse7 (= 0 ~__ste_client_privateKey0~0)) (.cse6 (not (= ~queue_empty~0 1))) (.cse1 (not (= 0 ~__ste_email_isSigned0~0))) (.cse5 (and (= ~__ste_email_isEncrypted0~0 |old(~__ste_email_isEncrypted0~0)|) (= incoming_~msg |incoming_#in~msg|))) (.cse2 (< ~rjh~0 2)) (.cse3 (< ~chuck~0 3)) (.cse4 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse6 .cse2 .cse7 .cse3 .cse4) (or .cse0 .cse2 .cse7 .cse3 .cse4) (or .cse6 .cse1 .cse5 .cse2 .cse3 .cse4))) [2018-12-09 00:38:30,372 INFO L448 ceAbstractionStarter]: For program point L244-1(line 244) no Hoare annotation was computed. [2018-12-09 00:38:30,372 INFO L444 ceAbstractionStarter]: At program point L234(line 234) the Hoare annotation is: (let ((.cse0 (= |incoming_#in~client| incoming_~client)) (.cse7 (= 0 ~__ste_client_privateKey0~0)) (.cse6 (not (= ~queue_empty~0 1))) (.cse1 (not (= 0 ~__ste_email_isSigned0~0))) (.cse5 (and (= ~__ste_email_isEncrypted0~0 |old(~__ste_email_isEncrypted0~0)|) (= incoming_~msg |incoming_#in~msg|))) (.cse2 (< ~rjh~0 2)) (.cse3 (< ~chuck~0 3)) (.cse4 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse6 .cse2 .cse7 .cse3 .cse4) (or .cse0 .cse2 .cse7 .cse3 .cse4) (or .cse6 .cse1 .cse5 .cse2 .cse3 .cse4))) [2018-12-09 00:38:30,372 INFO L448 ceAbstractionStarter]: For program point L234-1(line 234) no Hoare annotation was computed. [2018-12-09 00:38:30,372 INFO L444 ceAbstractionStarter]: At program point L243(line 243) the Hoare annotation is: (let ((.cse0 (= |incoming_#in~client| incoming_~client)) (.cse7 (= 0 ~__ste_client_privateKey0~0)) (.cse6 (not (= ~queue_empty~0 1))) (.cse1 (not (= 0 ~__ste_email_isSigned0~0))) (.cse5 (and (= ~__ste_email_isEncrypted0~0 |old(~__ste_email_isEncrypted0~0)|) (= incoming_~msg |incoming_#in~msg|))) (.cse2 (< ~rjh~0 2)) (.cse3 (< ~chuck~0 3)) (.cse4 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse6 .cse2 .cse7 .cse3 .cse4) (or .cse0 .cse2 .cse7 .cse3 .cse4) (or .cse6 .cse1 .cse5 .cse2 .cse3 .cse4))) [2018-12-09 00:38:30,372 INFO L448 ceAbstractionStarter]: For program point incomingEXIT(lines 225 265) no Hoare annotation was computed. [2018-12-09 00:38:30,372 INFO L448 ceAbstractionStarter]: For program point L243-1(line 243) no Hoare annotation was computed. [2018-12-09 00:38:30,373 INFO L448 ceAbstractionStarter]: For program point L241(lines 241 256) no Hoare annotation was computed. [2018-12-09 00:38:30,373 INFO L444 ceAbstractionStarter]: At program point L239(line 239) the Hoare annotation is: (let ((.cse0 (= |incoming_#in~client| incoming_~client)) (.cse7 (= 0 ~__ste_client_privateKey0~0)) (.cse6 (not (= ~queue_empty~0 1))) (.cse1 (not (= 0 ~__ste_email_isSigned0~0))) (.cse5 (and (= ~__ste_email_isEncrypted0~0 |old(~__ste_email_isEncrypted0~0)|) (= incoming_~msg |incoming_#in~msg|))) (.cse2 (< ~rjh~0 2)) (.cse3 (< ~chuck~0 3)) (.cse4 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse6 .cse2 .cse7 .cse3 .cse4) (or .cse0 .cse2 .cse7 .cse3 .cse4) (or .cse6 .cse1 .cse5 .cse2 .cse3 .cse4))) [2018-12-09 00:38:30,373 INFO L448 ceAbstractionStarter]: For program point L239-1(line 239) no Hoare annotation was computed. [2018-12-09 00:38:30,373 INFO L448 ceAbstractionStarter]: For program point L237(lines 237 259) no Hoare annotation was computed. [2018-12-09 00:38:30,373 INFO L444 ceAbstractionStarter]: At program point L237-1(lines 237 259) the Hoare annotation is: (let ((.cse1 (not (= 0 ~__ste_email_isSigned0~0))) (.cse0 (= |incoming_#in~client| incoming_~client)) (.cse6 (= incoming_~msg |incoming_#in~msg|)) (.cse5 (not (= ~queue_empty~0 1))) (.cse2 (< ~rjh~0 2)) (.cse7 (= 0 ~__ste_client_privateKey0~0)) (.cse3 (< ~chuck~0 3)) (.cse4 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse1 .cse2 .cse6 .cse3 .cse4) (or .cse0 .cse2 .cse7 .cse3 .cse4) (or .cse6 .cse5 .cse2 .cse7 .cse3 .cse4))) [2018-12-09 00:38:30,373 INFO L448 ceAbstractionStarter]: For program point L2286(line 2286) no Hoare annotation was computed. [2018-12-09 00:38:30,373 INFO L448 ceAbstractionStarter]: For program point createEmailEXIT(lines 2278 2292) no Hoare annotation was computed. [2018-12-09 00:38:30,373 INFO L444 ceAbstractionStarter]: At program point L2285-1(line 2285) the Hoare annotation is: (let ((.cse0 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse1 (not (= ~queue_empty~0 1))) (.cse2 (not (= 0 ~__ste_email_isSigned0~0))) (.cse3 (< ~rjh~0 2)) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 (= 1 createEmail_~msg~0) .cse3 .cse4 .cse5) (or (not (= 0 ~__ste_Client_Keyring0_User0~0)) .cse0 .cse1 .cse2 (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) .cse3 (not (= |old(~__ste_email_to0~0)| ~__ste_Client_Keyring0_User0~0)) .cse4 .cse5))) [2018-12-09 00:38:30,373 INFO L444 ceAbstractionStarter]: At program point L2285(line 2285) the Hoare annotation is: (let ((.cse0 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse1 (not (= ~queue_empty~0 1))) (.cse2 (not (= 0 ~__ste_email_isSigned0~0))) (.cse3 (< ~rjh~0 2)) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 (= 1 createEmail_~msg~0) .cse3 .cse4 .cse5) (or (not (= 0 ~__ste_Client_Keyring0_User0~0)) .cse0 .cse1 .cse2 (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) .cse3 (not (= |old(~__ste_email_to0~0)| ~__ste_Client_Keyring0_User0~0)) .cse4 .cse5))) [2018-12-09 00:38:30,373 INFO L444 ceAbstractionStarter]: At program point createEmailENTRY(lines 2278 2292) the Hoare annotation is: (or (not (= 0 ~__ste_Client_Keyring0_User0~0)) (not (= 0 ~__ste_email_isEncrypted0~0)) (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) (not (= ~queue_empty~0 1)) (not (= 0 ~__ste_email_isSigned0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| ~__ste_Client_Keyring0_User0~0)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,373 INFO L448 ceAbstractionStarter]: For program point createEmailFINAL(lines 2278 2292) no Hoare annotation was computed. [2018-12-09 00:38:30,373 INFO L444 ceAbstractionStarter]: At program point rjhDeletePrivateKeyENTRY(lines 2528 2537) the Hoare annotation is: (or (<= 789 ~__ste_client_privateKey0~0) (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (not (= 0 ~__ste_email_isSigned0~0)) (< |old(~__ste_client_privateKey0~0)| 789) (< ~rjh~0 2) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,373 INFO L448 ceAbstractionStarter]: For program point rjhDeletePrivateKeyEXIT(lines 2528 2537) no Hoare annotation was computed. [2018-12-09 00:38:30,373 INFO L448 ceAbstractionStarter]: For program point rjhDeletePrivateKeyFINAL(lines 2528 2537) no Hoare annotation was computed. [2018-12-09 00:38:30,373 INFO L448 ceAbstractionStarter]: For program point L1026-1(line 1026) no Hoare annotation was computed. [2018-12-09 00:38:30,373 INFO L448 ceAbstractionStarter]: For program point L960(lines 960 967) no Hoare annotation was computed. [2018-12-09 00:38:30,373 INFO L448 ceAbstractionStarter]: For program point L911(lines 911 915) no Hoare annotation was computed. [2018-12-09 00:38:30,373 INFO L444 ceAbstractionStarter]: At program point L969(lines 956 1069) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,373 INFO L444 ceAbstractionStarter]: At program point L994(lines 984 1067) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,374 INFO L448 ceAbstractionStarter]: For program point L1052(lines 1052 1059) no Hoare annotation was computed. [2018-12-09 00:38:30,374 INFO L444 ceAbstractionStarter]: At program point L1019(lines 1009 1065) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,374 INFO L444 ceAbstractionStarter]: At program point L1052-1(lines 909 1073) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,374 INFO L448 ceAbstractionStarter]: For program point testEXIT(lines 870 1081) no Hoare annotation was computed. [2018-12-09 00:38:30,374 INFO L444 ceAbstractionStarter]: At program point L962(line 962) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,374 INFO L448 ceAbstractionStarter]: For program point L962-1(line 962) no Hoare annotation was computed. [2018-12-09 00:38:30,374 INFO L444 ceAbstractionStarter]: At program point testENTRY(lines 870 1081) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse1 (not (= 0 |old(~__ste_email_isEncrypted0~0)|))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (not (= 0 |old(~__ste_email_isSigned0~0)|))) (.cse4 (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|))) (.cse5 (< ~rjh~0 2)) (.cse6 (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|))) (.cse7 (< ~chuck~0 3)) (.cse8 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6 .cse7 .cse8 (and (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0) (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0) (= 0 ~__ste_Client_Keyring0_User0~0) (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0))) (or (<= 789 ~__ste_client_privateKey0~0) .cse0 .cse1 .cse2 .cse3 (< |old(~__ste_client_privateKey0~0)| 789) .cse4 .cse5 .cse6 .cse7 .cse8))) [2018-12-09 00:38:30,374 INFO L448 ceAbstractionStarter]: For program point L921(lines 921 928) no Hoare annotation was computed. [2018-12-09 00:38:30,374 INFO L448 ceAbstractionStarter]: For program point testFINAL(lines 870 1081) no Hoare annotation was computed. [2018-12-09 00:38:30,374 INFO L448 ceAbstractionStarter]: For program point L946(lines 946 953) no Hoare annotation was computed. [2018-12-09 00:38:30,374 INFO L444 ceAbstractionStarter]: At program point L930(lines 917 1072) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,374 INFO L444 ceAbstractionStarter]: At program point L1054(line 1054) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,374 INFO L448 ceAbstractionStarter]: For program point L1054-1(line 1054) no Hoare annotation was computed. [2018-12-09 00:38:30,374 INFO L448 ceAbstractionStarter]: For program point L988(lines 988 992) no Hoare annotation was computed. [2018-12-09 00:38:30,374 INFO L444 ceAbstractionStarter]: At program point L955(lines 942 1070) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,374 INFO L448 ceAbstractionStarter]: For program point L1013(lines 1013 1017) no Hoare annotation was computed. [2018-12-09 00:38:30,374 INFO L448 ceAbstractionStarter]: For program point L1038(lines 1038 1045) no Hoare annotation was computed. [2018-12-09 00:38:30,374 INFO L444 ceAbstractionStarter]: At program point L923(line 923) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (and (= test_~op1~0 0) (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,375 INFO L448 ceAbstractionStarter]: For program point L923-1(line 923) no Hoare annotation was computed. [2018-12-09 00:38:30,375 INFO L444 ceAbstractionStarter]: At program point L1047(lines 1034 1063) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,375 INFO L444 ceAbstractionStarter]: At program point L948(line 948) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,375 INFO L448 ceAbstractionStarter]: For program point L948-1(line 948) no Hoare annotation was computed. [2018-12-09 00:38:30,375 INFO L444 ceAbstractionStarter]: At program point L1040(line 1040) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,375 INFO L448 ceAbstractionStarter]: For program point L1040-1(line 1040) no Hoare annotation was computed. [2018-12-09 00:38:30,375 INFO L448 ceAbstractionStarter]: For program point L974(lines 974 981) no Hoare annotation was computed. [2018-12-09 00:38:30,375 INFO L444 ceAbstractionStarter]: At program point L941(lines 931 1071) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,375 INFO L448 ceAbstractionStarter]: For program point L999(lines 999 1006) no Hoare annotation was computed. [2018-12-09 00:38:30,375 INFO L448 ceAbstractionStarter]: For program point L1024(lines 1024 1031) no Hoare annotation was computed. [2018-12-09 00:38:30,375 INFO L444 ceAbstractionStarter]: At program point L983(lines 970 1068) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,376 INFO L448 ceAbstractionStarter]: For program point L917(lines 917 1072) no Hoare annotation was computed. [2018-12-09 00:38:30,376 INFO L444 ceAbstractionStarter]: At program point L1074(lines 908 1075) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,376 INFO L444 ceAbstractionStarter]: At program point L1008(lines 995 1066) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,376 INFO L444 ceAbstractionStarter]: At program point L1033(lines 1020 1064) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,376 INFO L444 ceAbstractionStarter]: At program point L976(line 976) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,376 INFO L448 ceAbstractionStarter]: For program point L976-1(line 976) no Hoare annotation was computed. [2018-12-09 00:38:30,376 INFO L448 ceAbstractionStarter]: For program point L910(lines 909 1073) no Hoare annotation was computed. [2018-12-09 00:38:30,376 INFO L444 ceAbstractionStarter]: At program point L1001(line 1001) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,376 INFO L448 ceAbstractionStarter]: For program point L1001-1(line 1001) no Hoare annotation was computed. [2018-12-09 00:38:30,376 INFO L448 ceAbstractionStarter]: For program point L935(lines 935 939) no Hoare annotation was computed. [2018-12-09 00:38:30,376 INFO L444 ceAbstractionStarter]: At program point L1026(line 1026) the Hoare annotation is: (or (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| |old(~__ste_Client_Keyring0_User0~0)|)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,376 INFO L448 ceAbstractionStarter]: For program point getEmailToFINAL(lines 563 581) no Hoare annotation was computed. [2018-12-09 00:38:30,376 INFO L448 ceAbstractionStarter]: For program point L571(lines 571 577) no Hoare annotation was computed. [2018-12-09 00:38:30,376 INFO L448 ceAbstractionStarter]: For program point getEmailToEXIT(lines 563 581) no Hoare annotation was computed. [2018-12-09 00:38:30,376 INFO L448 ceAbstractionStarter]: For program point L567(lines 567 578) no Hoare annotation was computed. [2018-12-09 00:38:30,376 INFO L451 ceAbstractionStarter]: At program point getEmailToENTRY(lines 563 581) the Hoare annotation is: true [2018-12-09 00:38:30,376 INFO L451 ceAbstractionStarter]: At program point get_queued_emailENTRY(lines 322 330) the Hoare annotation is: true [2018-12-09 00:38:30,376 INFO L448 ceAbstractionStarter]: For program point get_queued_emailFINAL(lines 322 330) no Hoare annotation was computed. [2018-12-09 00:38:30,376 INFO L448 ceAbstractionStarter]: For program point get_queued_emailEXIT(lines 322 330) no Hoare annotation was computed. [2018-12-09 00:38:30,376 INFO L451 ceAbstractionStarter]: At program point L209(line 209) the Hoare annotation is: true [2018-12-09 00:38:30,377 INFO L451 ceAbstractionStarter]: At program point incoming__wrappee__SignENTRY(lines 204 213) the Hoare annotation is: true [2018-12-09 00:38:30,377 INFO L448 ceAbstractionStarter]: For program point incoming__wrappee__SignEXIT(lines 204 213) no Hoare annotation was computed. [2018-12-09 00:38:30,377 INFO L448 ceAbstractionStarter]: For program point incoming__wrappee__SignFINAL(lines 204 213) no Hoare annotation was computed. [2018-12-09 00:38:30,377 INFO L448 ceAbstractionStarter]: For program point getClientKeyringUserEXIT(lines 1803 1856) no Hoare annotation was computed. [2018-12-09 00:38:30,377 INFO L448 ceAbstractionStarter]: For program point L1821(lines 1821 1852) no Hoare annotation was computed. [2018-12-09 00:38:30,377 INFO L448 ceAbstractionStarter]: For program point L1840(lines 1840 1846) no Hoare annotation was computed. [2018-12-09 00:38:30,377 INFO L448 ceAbstractionStarter]: For program point L1807(lines 1807 1853) no Hoare annotation was computed. [2018-12-09 00:38:30,377 INFO L448 ceAbstractionStarter]: For program point L1836(lines 1836 1847) no Hoare annotation was computed. [2018-12-09 00:38:30,377 INFO L448 ceAbstractionStarter]: For program point getClientKeyringUserFINAL(lines 1803 1856) no Hoare annotation was computed. [2018-12-09 00:38:30,377 INFO L448 ceAbstractionStarter]: For program point L1826(lines 1826 1832) no Hoare annotation was computed. [2018-12-09 00:38:30,377 INFO L448 ceAbstractionStarter]: For program point L1822(lines 1822 1833) no Hoare annotation was computed. [2018-12-09 00:38:30,377 INFO L451 ceAbstractionStarter]: At program point getClientKeyringUserENTRY(lines 1803 1856) the Hoare annotation is: true [2018-12-09 00:38:30,377 INFO L448 ceAbstractionStarter]: For program point L1812(lines 1812 1818) no Hoare annotation was computed. [2018-12-09 00:38:30,377 INFO L448 ceAbstractionStarter]: For program point L1808(lines 1808 1819) no Hoare annotation was computed. [2018-12-09 00:38:30,377 INFO L448 ceAbstractionStarter]: For program point L1835(lines 1835 1851) no Hoare annotation was computed. [2018-12-09 00:38:30,377 INFO L451 ceAbstractionStarter]: At program point isReadable__wrappee__KeysENTRY(lines 2240 2248) the Hoare annotation is: true [2018-12-09 00:38:30,377 INFO L448 ceAbstractionStarter]: For program point isReadable__wrappee__KeysFINAL(lines 2240 2248) no Hoare annotation was computed. [2018-12-09 00:38:30,377 INFO L448 ceAbstractionStarter]: For program point isReadable__wrappee__KeysEXIT(lines 2240 2248) no Hoare annotation was computed. [2018-12-09 00:38:30,377 INFO L451 ceAbstractionStarter]: At program point __utac_acc__SignForward_spec__1ENTRY(lines 2559 2584) the Hoare annotation is: true [2018-12-09 00:38:30,377 INFO L448 ceAbstractionStarter]: For program point __utac_acc__SignForward_spec__1EXIT(lines 2559 2584) no Hoare annotation was computed. [2018-12-09 00:38:30,377 INFO L444 ceAbstractionStarter]: At program point L2574(line 2574) the Hoare annotation is: (let ((.cse0 (< ~rjh~0 2)) (.cse1 (not (= 1 |__utac_acc__SignForward_spec__1_#in~client|))) (.cse2 (not (= 1 |__utac_acc__SignForward_spec__1_#in~msg|))) (.cse3 (< ~chuck~0 3)) (.cse4 (not (= 1 ~bob~0)))) (and (or (not (= 0 ~__ste_email_isSigned0~0)) .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse0 .cse1 .cse2 (= 0 ~__ste_client_privateKey0~0) .cse3 .cse4))) [2018-12-09 00:38:30,377 INFO L448 ceAbstractionStarter]: For program point L2572(lines 2572 2578) no Hoare annotation was computed. [2018-12-09 00:38:30,377 INFO L444 ceAbstractionStarter]: At program point L2570(line 2570) the Hoare annotation is: (let ((.cse0 (< ~rjh~0 2)) (.cse1 (not (= 1 |__utac_acc__SignForward_spec__1_#in~client|))) (.cse2 (not (= 1 |__utac_acc__SignForward_spec__1_#in~msg|))) (.cse3 (< ~chuck~0 3)) (.cse4 (not (= 1 ~bob~0)))) (and (or (not (= 0 ~__ste_email_isSigned0~0)) .cse0 .cse1 .cse2 .cse3 .cse4) (or (and (= 1 __utac_acc__SignForward_spec__1_~client) (= 1 __utac_acc__SignForward_spec__1_~msg)) .cse0 .cse1 .cse2 (= 0 ~__ste_client_privateKey0~0) .cse3 .cse4))) [2018-12-09 00:38:30,378 INFO L448 ceAbstractionStarter]: For program point L2568(lines 2568 2581) no Hoare annotation was computed. [2018-12-09 00:38:30,378 INFO L448 ceAbstractionStarter]: For program point L2570-1(line 2570) no Hoare annotation was computed. [2018-12-09 00:38:30,378 INFO L444 ceAbstractionStarter]: At program point L2566(line 2566) the Hoare annotation is: (let ((.cse0 (and (= 1 __utac_acc__SignForward_spec__1_~client) (= 1 __utac_acc__SignForward_spec__1_~msg))) (.cse1 (< ~rjh~0 2)) (.cse2 (not (= 1 |__utac_acc__SignForward_spec__1_#in~client|))) (.cse3 (not (= 1 |__utac_acc__SignForward_spec__1_#in~msg|))) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0)))) (and (or .cse0 (not (= 0 ~__ste_email_isSigned0~0)) .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse0 .cse1 .cse2 .cse3 (= 0 ~__ste_client_privateKey0~0) .cse4 .cse5))) [2018-12-09 00:38:30,378 INFO L448 ceAbstractionStarter]: For program point L2568-1(lines 2559 2584) no Hoare annotation was computed. [2018-12-09 00:38:30,378 INFO L448 ceAbstractionStarter]: For program point L2566-1(line 2566) no Hoare annotation was computed. [2018-12-09 00:38:30,378 INFO L448 ceAbstractionStarter]: For program point L1887(lines 1887 1891) no Hoare annotation was computed. [2018-12-09 00:38:30,378 INFO L444 ceAbstractionStarter]: At program point setClientKeyringUserENTRY(lines 1857 1900) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse1 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (not (= 0 ~__ste_email_isSigned0~0))) (.cse4 (< ~rjh~0 2)) (.cse5 (not (= ~__ste_email_to0~0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse6 (< ~chuck~0 3)) (.cse7 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) .cse4 .cse5 .cse6 .cse7 (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0)) (or .cse0 .cse1 (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) .cse2 .cse3 .cse4 .cse5 .cse6 .cse7))) [2018-12-09 00:38:30,378 INFO L448 ceAbstractionStarter]: For program point L1883(lines 1883 1895) no Hoare annotation was computed. [2018-12-09 00:38:30,378 INFO L448 ceAbstractionStarter]: For program point L1883-1(lines 1857 1900) no Hoare annotation was computed. [2018-12-09 00:38:30,378 INFO L448 ceAbstractionStarter]: For program point L1873(lines 1873 1881) no Hoare annotation was computed. [2018-12-09 00:38:30,378 INFO L448 ceAbstractionStarter]: For program point L1865(lines 1865 1869) no Hoare annotation was computed. [2018-12-09 00:38:30,378 INFO L448 ceAbstractionStarter]: For program point L1861(lines 1861 1897) no Hoare annotation was computed. [2018-12-09 00:38:30,378 INFO L448 ceAbstractionStarter]: For program point setClientKeyringUserEXIT(lines 1857 1900) no Hoare annotation was computed. [2018-12-09 00:38:30,378 INFO L448 ceAbstractionStarter]: For program point L1884(lines 1884 1892) no Hoare annotation was computed. [2018-12-09 00:38:30,378 INFO L448 ceAbstractionStarter]: For program point L1876(lines 1876 1880) no Hoare annotation was computed. [2018-12-09 00:38:30,378 INFO L448 ceAbstractionStarter]: For program point L1872(lines 1872 1896) no Hoare annotation was computed. [2018-12-09 00:38:30,378 INFO L448 ceAbstractionStarter]: For program point L1862(lines 1862 1870) no Hoare annotation was computed. [2018-12-09 00:38:30,378 INFO L451 ceAbstractionStarter]: At program point setEmailFromENTRY(lines 545 560) the Hoare annotation is: true [2018-12-09 00:38:30,378 INFO L448 ceAbstractionStarter]: For program point setEmailFromEXIT(lines 545 560) no Hoare annotation was computed. [2018-12-09 00:38:30,379 INFO L448 ceAbstractionStarter]: For program point L552(lines 552 556) no Hoare annotation was computed. [2018-12-09 00:38:30,379 INFO L448 ceAbstractionStarter]: For program point L552-2(lines 545 560) no Hoare annotation was computed. [2018-12-09 00:38:30,379 INFO L448 ceAbstractionStarter]: For program point L549(lines 549 557) no Hoare annotation was computed. [2018-12-09 00:38:30,379 INFO L448 ceAbstractionStarter]: For program point L2257(lines 2257 2265) no Hoare annotation was computed. [2018-12-09 00:38:30,379 INFO L448 ceAbstractionStarter]: For program point isReadableEXIT(lines 2249 2268) no Hoare annotation was computed. [2018-12-09 00:38:30,379 INFO L448 ceAbstractionStarter]: For program point L2255-1(line 2255) no Hoare annotation was computed. [2018-12-09 00:38:30,379 INFO L444 ceAbstractionStarter]: At program point L2255(line 2255) the Hoare annotation is: (let ((.cse2 (= 0 ~__ste_client_privateKey0~0)) (.cse5 (= 1 |isReadable_#in~msg|)) (.cse6 (not (= ~queue_empty~0 1))) (.cse7 (not (= 0 ~__ste_email_isSigned0~0))) (.cse1 (= isReadable_~msg |isReadable_#in~msg|)) (.cse0 (< ~rjh~0 2)) (.cse3 (< ~chuck~0 3)) (.cse4 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse1 .cse6 .cse0 .cse2 .cse3 .cse4) (or .cse7 .cse0 .cse1 .cse3 .cse4 .cse5) (or .cse6 .cse7 .cse1 .cse0 .cse3 .cse4))) [2018-12-09 00:38:30,379 INFO L444 ceAbstractionStarter]: At program point L2262(line 2262) the Hoare annotation is: (let ((.cse9 (= 1 |isReadable_#in~msg|))) (let ((.cse14 (= 0 ~__ste_email_isSigned0~0)) (.cse8 (= isReadable_~tmp~15 ~__ste_email_isEncrypted0~0)) (.cse16 (= 0 ~__ste_email_isEncrypted0~0)) (.cse12 (<= 2 ~rjh~0)) (.cse13 (not .cse9)) (.cse15 (= isReadable_~msg |isReadable_#in~msg|))) (let ((.cse1 (and .cse12 .cse13 .cse15)) (.cse4 (= 0 ~__ste_client_privateKey0~0)) (.cse7 (not .cse16)) (.cse0 (not (= ~queue_empty~0 1))) (.cse3 (and .cse15 .cse8 .cse16)) (.cse10 (not .cse14)) (.cse2 (< ~rjh~0 2)) (.cse11 (and .cse12 .cse13 .cse14 .cse15)) (.cse5 (< ~chuck~0 3)) (.cse6 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6) (or .cse7 .cse8 .cse2 .cse4 .cse5 .cse6 .cse9) (or .cse2 .cse1 .cse4 .cse5 .cse6 .cse9) (or .cse7 .cse10 .cse2 .cse8 .cse5 .cse6 .cse9) (or .cse10 .cse2 .cse11 .cse5 .cse6 .cse9) (or .cse0 .cse3 .cse10 .cse2 .cse11 .cse5 .cse6))))) [2018-12-09 00:38:30,379 INFO L451 ceAbstractionStarter]: At program point isReadableENTRY(lines 2249 2268) the Hoare annotation is: true [2018-12-09 00:38:30,379 INFO L448 ceAbstractionStarter]: For program point L2262-1(line 2262) no Hoare annotation was computed. [2018-12-09 00:38:30,379 INFO L448 ceAbstractionStarter]: For program point isReadableFINAL(lines 2249 2268) no Hoare annotation was computed. [2018-12-09 00:38:30,379 INFO L448 ceAbstractionStarter]: For program point __automaton_failFINAL(lines 436 443) no Hoare annotation was computed. [2018-12-09 00:38:30,380 INFO L448 ceAbstractionStarter]: For program point __automaton_failErr0ASSERT_VIOLATIONERROR_FUNCTION(line 440) no Hoare annotation was computed. [2018-12-09 00:38:30,380 INFO L451 ceAbstractionStarter]: At program point __automaton_failENTRY(lines 436 443) the Hoare annotation is: true [2018-12-09 00:38:30,380 INFO L448 ceAbstractionStarter]: For program point __automaton_failEXIT(lines 436 443) no Hoare annotation was computed. [2018-12-09 00:38:30,380 INFO L448 ceAbstractionStarter]: For program point L2048(lines 2048 2052) no Hoare annotation was computed. [2018-12-09 00:38:30,380 INFO L448 ceAbstractionStarter]: For program point L2044(lines 2044 2056) no Hoare annotation was computed. [2018-12-09 00:38:30,380 INFO L448 ceAbstractionStarter]: For program point L2044-1(lines 2018 2061) no Hoare annotation was computed. [2018-12-09 00:38:30,380 INFO L448 ceAbstractionStarter]: For program point setClientKeyringPublicKeyEXIT(lines 2018 2061) no Hoare annotation was computed. [2018-12-09 00:38:30,380 INFO L448 ceAbstractionStarter]: For program point L2034(lines 2034 2042) no Hoare annotation was computed. [2018-12-09 00:38:30,380 INFO L448 ceAbstractionStarter]: For program point L2026(lines 2026 2030) no Hoare annotation was computed. [2018-12-09 00:38:30,380 INFO L448 ceAbstractionStarter]: For program point L2022(lines 2022 2058) no Hoare annotation was computed. [2018-12-09 00:38:30,380 INFO L448 ceAbstractionStarter]: For program point L2045(lines 2045 2053) no Hoare annotation was computed. [2018-12-09 00:38:30,380 INFO L451 ceAbstractionStarter]: At program point setClientKeyringPublicKeyENTRY(lines 2018 2061) the Hoare annotation is: true [2018-12-09 00:38:30,381 INFO L448 ceAbstractionStarter]: For program point L2037(lines 2037 2041) no Hoare annotation was computed. [2018-12-09 00:38:30,381 INFO L448 ceAbstractionStarter]: For program point L2033(lines 2033 2057) no Hoare annotation was computed. [2018-12-09 00:38:30,381 INFO L448 ceAbstractionStarter]: For program point L2023(lines 2023 2031) no Hoare annotation was computed. [2018-12-09 00:38:30,381 INFO L451 ceAbstractionStarter]: At program point setup_rjh__wrappee__BaseENTRY(lines 2326 2335) the Hoare annotation is: true [2018-12-09 00:38:30,381 INFO L444 ceAbstractionStarter]: At program point L2331(line 2331) the Hoare annotation is: (or (not (= 0 ~__ste_Client_Keyring0_User0~0)) (not (= 0 ~__ste_email_isEncrypted0~0)) (<= |setup_rjh__wrappee__Base_#in~rjh___0| setup_rjh__wrappee__Base_~rjh___0) (not (= ~queue_empty~0 1)) (not (= 0 ~__ste_email_isSigned0~0)) (not (= ~__ste_Client_Keyring0_User0~0 ~__ste_Client_Keyring0_User1~0)) (< ~rjh~0 2) (not (= ~__ste_email_to0~0 ~__ste_Client_Keyring0_User0~0)) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,381 INFO L448 ceAbstractionStarter]: For program point setup_rjh__wrappee__BaseFINAL(lines 2326 2335) no Hoare annotation was computed. [2018-12-09 00:38:30,381 INFO L448 ceAbstractionStarter]: For program point setup_rjh__wrappee__BaseEXIT(lines 2326 2335) no Hoare annotation was computed. [2018-12-09 00:38:30,381 INFO L444 ceAbstractionStarter]: At program point L188(line 188) the Hoare annotation is: (or (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= 1 |outgoing_#in~client|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0) (= outgoing_~client |outgoing_#in~client|) (= outgoing_~msg |outgoing_#in~msg|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= 1 |outgoing_#in~msg|)) (< ~rjh~0 2) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,381 INFO L444 ceAbstractionStarter]: At program point L188-1(line 188) the Hoare annotation is: (let ((.cse0 (= 0 ~__ste_email_isEncrypted0~0)) (.cse1 (= outgoing_~client |outgoing_#in~client|)) (.cse2 (= outgoing_~msg |outgoing_#in~msg|))) (or (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= 1 |outgoing_#in~client|)) (and (= 0 ~__ste_email_isSigned0~0) .cse0 .cse1 .cse2) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= 1 |outgoing_#in~msg|)) (< ~rjh~0 2) (and (not (= 0 ~__ste_client_privateKey0~0)) .cse0 .cse1 .cse2) (< ~chuck~0 3) (not (= 1 ~bob~0)))) [2018-12-09 00:38:30,381 INFO L448 ceAbstractionStarter]: For program point outgoingEXIT(lines 183 193) no Hoare annotation was computed. [2018-12-09 00:38:30,382 INFO L444 ceAbstractionStarter]: At program point outgoingENTRY(lines 183 193) the Hoare annotation is: (or (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= 1 |outgoing_#in~client|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (not (= 1 |outgoing_#in~msg|)) (< ~rjh~0 2) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,382 INFO L448 ceAbstractionStarter]: For program point outgoingFINAL(lines 183 193) no Hoare annotation was computed. [2018-12-09 00:38:30,382 INFO L451 ceAbstractionStarter]: At program point select_helpersFINAL(lines 71 77) the Hoare annotation is: true [2018-12-09 00:38:30,382 INFO L448 ceAbstractionStarter]: For program point select_helpersEXIT(lines 71 77) no Hoare annotation was computed. [2018-12-09 00:38:30,382 INFO L448 ceAbstractionStarter]: For program point getClientIdFINAL(lines 2113 2136) no Hoare annotation was computed. [2018-12-09 00:38:30,382 INFO L448 ceAbstractionStarter]: For program point L2125(lines 2125 2131) no Hoare annotation was computed. [2018-12-09 00:38:30,382 INFO L451 ceAbstractionStarter]: At program point getClientIdENTRY(lines 2113 2136) the Hoare annotation is: true [2018-12-09 00:38:30,382 INFO L448 ceAbstractionStarter]: For program point L2121(lines 2121 2132) no Hoare annotation was computed. [2018-12-09 00:38:30,382 INFO L448 ceAbstractionStarter]: For program point getClientIdEXIT(lines 2113 2136) no Hoare annotation was computed. [2018-12-09 00:38:30,382 INFO L448 ceAbstractionStarter]: For program point L2117(lines 2117 2133) no Hoare annotation was computed. [2018-12-09 00:38:30,382 INFO L448 ceAbstractionStarter]: For program point deliverFINAL(lines 194 203) no Hoare annotation was computed. [2018-12-09 00:38:30,382 INFO L451 ceAbstractionStarter]: At program point deliverENTRY(lines 194 203) the Hoare annotation is: true [2018-12-09 00:38:30,382 INFO L448 ceAbstractionStarter]: For program point deliverEXIT(lines 194 203) no Hoare annotation was computed. [2018-12-09 00:38:30,382 INFO L451 ceAbstractionStarter]: At program point L1777(line 1777) the Hoare annotation is: true [2018-12-09 00:38:30,383 INFO L448 ceAbstractionStarter]: For program point L1777-1(line 1777) no Hoare annotation was computed. [2018-12-09 00:38:30,383 INFO L448 ceAbstractionStarter]: For program point createClientKeyringEntryEXIT(lines 1769 1793) no Hoare annotation was computed. [2018-12-09 00:38:30,383 INFO L451 ceAbstractionStarter]: At program point L1783(line 1783) the Hoare annotation is: true [2018-12-09 00:38:30,383 INFO L448 ceAbstractionStarter]: For program point L1783-1(line 1783) no Hoare annotation was computed. [2018-12-09 00:38:30,383 INFO L448 ceAbstractionStarter]: For program point L1780(lines 1780 1790) no Hoare annotation was computed. [2018-12-09 00:38:30,383 INFO L451 ceAbstractionStarter]: At program point createClientKeyringEntryENTRY(lines 1769 1793) the Hoare annotation is: true [2018-12-09 00:38:30,383 INFO L448 ceAbstractionStarter]: For program point createClientKeyringEntryFINAL(lines 1769 1793) no Hoare annotation was computed. [2018-12-09 00:38:30,383 INFO L448 ceAbstractionStarter]: For program point setup_chuckEXIT(lines 2357 2367) no Hoare annotation was computed. [2018-12-09 00:38:30,383 INFO L444 ceAbstractionStarter]: At program point L2362(line 2362) the Hoare annotation is: (or (not (= 0 ~__ste_Client_Keyring0_User0~0)) (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (not (= 0 ~__ste_email_isSigned0~0)) (not (= ~__ste_Client_Keyring0_User0~0 ~__ste_Client_Keyring0_User1~0)) (< ~rjh~0 2) (not (= ~__ste_email_to0~0 ~__ste_Client_Keyring0_User0~0)) (<= |setup_chuck_#in~chuck___0| setup_chuck_~chuck___0) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,383 INFO L451 ceAbstractionStarter]: At program point setup_chuckENTRY(lines 2357 2367) the Hoare annotation is: true [2018-12-09 00:38:30,383 INFO L448 ceAbstractionStarter]: For program point setup_chuckFINAL(lines 2357 2367) no Hoare annotation was computed. [2018-12-09 00:38:30,383 INFO L444 ceAbstractionStarter]: At program point L2362-1(line 2362) the Hoare annotation is: (or (not (= 0 ~__ste_Client_Keyring0_User0~0)) (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (not (= 0 ~__ste_email_isSigned0~0)) (not (= ~__ste_Client_Keyring0_User0~0 ~__ste_Client_Keyring0_User1~0)) (< ~rjh~0 2) (not (= ~__ste_email_to0~0 ~__ste_Client_Keyring0_User0~0)) (<= |setup_chuck_#in~chuck___0| setup_chuck_~chuck___0) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,383 INFO L448 ceAbstractionStarter]: For program point L1982(lines 1982 2013) no Hoare annotation was computed. [2018-12-09 00:38:30,384 INFO L448 ceAbstractionStarter]: For program point L2001(lines 2001 2007) no Hoare annotation was computed. [2018-12-09 00:38:30,384 INFO L448 ceAbstractionStarter]: For program point L1968(lines 1968 2014) no Hoare annotation was computed. [2018-12-09 00:38:30,384 INFO L448 ceAbstractionStarter]: For program point L1997(lines 1997 2008) no Hoare annotation was computed. [2018-12-09 00:38:30,384 INFO L448 ceAbstractionStarter]: For program point L1987(lines 1987 1993) no Hoare annotation was computed. [2018-12-09 00:38:30,384 INFO L448 ceAbstractionStarter]: For program point L1983(lines 1983 1994) no Hoare annotation was computed. [2018-12-09 00:38:30,384 INFO L448 ceAbstractionStarter]: For program point L1973(lines 1973 1979) no Hoare annotation was computed. [2018-12-09 00:38:30,384 INFO L448 ceAbstractionStarter]: For program point findPublicKeyFINAL(lines 1964 2017) no Hoare annotation was computed. [2018-12-09 00:38:30,384 INFO L448 ceAbstractionStarter]: For program point L1969(lines 1969 1980) no Hoare annotation was computed. [2018-12-09 00:38:30,386 INFO L448 ceAbstractionStarter]: For program point L1996(lines 1996 2012) no Hoare annotation was computed. [2018-12-09 00:38:30,386 INFO L448 ceAbstractionStarter]: For program point findPublicKeyEXIT(lines 1964 2017) no Hoare annotation was computed. [2018-12-09 00:38:30,386 INFO L451 ceAbstractionStarter]: At program point findPublicKeyENTRY(lines 1964 2017) the Hoare annotation is: true [2018-12-09 00:38:30,386 INFO L444 ceAbstractionStarter]: At program point outgoing__wrappee__EncryptENTRY(lines 156 182) the Hoare annotation is: (let ((.cse1 (= 0 ~__ste_email_isEncrypted0~0)) (.cse0 (not (= 0 |old(~__ste_email_isEncrypted0~0)|))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (not (= 1 |outgoing__wrappee__Encrypt_#in~client|))) (.cse4 (not (= 1 |outgoing__wrappee__Encrypt_#in~msg|))) (.cse5 (< ~rjh~0 2)) (.cse6 (< ~chuck~0 3)) (.cse7 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (= 0 ~__ste_email_isSigned0~0)) .cse4 .cse5 .cse6 .cse7) (or .cse1 .cse0 .cse2 .cse3 .cse4 .cse5 (= 0 ~__ste_client_privateKey0~0) .cse6 .cse7))) [2018-12-09 00:38:30,386 INFO L448 ceAbstractionStarter]: For program point outgoing__wrappee__EncryptEXIT(lines 156 182) no Hoare annotation was computed. [2018-12-09 00:38:30,386 INFO L444 ceAbstractionStarter]: At program point L171(line 171) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_email_isEncrypted0~0)|))) (.cse7 (and (= |outgoing__wrappee__Encrypt_#in~msg| outgoing__wrappee__Encrypt_~msg) (= outgoing__wrappee__Encrypt_~client |outgoing__wrappee__Encrypt_#in~client|) (= 0 ~__ste_email_isEncrypted0~0))) (.cse1 (not (= ~queue_empty~0 1))) (.cse2 (not (= 1 |outgoing__wrappee__Encrypt_#in~client|))) (.cse3 (not (= 1 |outgoing__wrappee__Encrypt_#in~msg|))) (.cse4 (< ~rjh~0 2)) (.cse5 (< ~chuck~0 3)) (.cse6 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 (= 0 ~__ste_client_privateKey0~0) .cse5 .cse6 .cse7) (or .cse0 .cse7 .cse1 .cse2 (not (= 0 ~__ste_email_isSigned0~0)) .cse3 .cse4 .cse5 .cse6))) [2018-12-09 00:38:30,387 INFO L444 ceAbstractionStarter]: At program point L171-1(line 171) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_email_isEncrypted0~0)|))) (.cse7 (and (= |outgoing__wrappee__Encrypt_#in~msg| outgoing__wrappee__Encrypt_~msg) (= outgoing__wrappee__Encrypt_~client |outgoing__wrappee__Encrypt_#in~client|) (= 0 ~__ste_email_isEncrypted0~0))) (.cse1 (not (= ~queue_empty~0 1))) (.cse2 (not (= 1 |outgoing__wrappee__Encrypt_#in~client|))) (.cse3 (not (= 1 |outgoing__wrappee__Encrypt_#in~msg|))) (.cse4 (< ~rjh~0 2)) (.cse5 (< ~chuck~0 3)) (.cse6 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 (= 0 ~__ste_client_privateKey0~0) .cse5 .cse6 .cse7) (or .cse0 .cse7 .cse1 .cse2 (not (= 0 ~__ste_email_isSigned0~0)) .cse3 .cse4 .cse5 .cse6))) [2018-12-09 00:38:30,387 INFO L448 ceAbstractionStarter]: For program point L169(lines 169 176) no Hoare annotation was computed. [2018-12-09 00:38:30,387 INFO L444 ceAbstractionStarter]: At program point L169-1(lines 169 176) the Hoare annotation is: (let ((.cse1 (not (= 0 |old(~__ste_email_isEncrypted0~0)|))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (not (= 1 |outgoing__wrappee__Encrypt_#in~client|))) (.cse4 (not (= 1 |outgoing__wrappee__Encrypt_#in~msg|))) (.cse5 (< ~rjh~0 2)) (.cse0 (and (= |outgoing__wrappee__Encrypt_#in~msg| outgoing__wrappee__Encrypt_~msg) (= outgoing__wrappee__Encrypt_~client |outgoing__wrappee__Encrypt_#in~client|))) (.cse6 (< ~chuck~0 3)) (.cse7 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (= 0 ~__ste_email_isSigned0~0)) .cse4 .cse5 .cse6 .cse7) (or .cse1 .cse2 .cse3 .cse4 .cse5 .cse0 (= 0 ~__ste_client_privateKey0~0) .cse6 .cse7))) [2018-12-09 00:38:30,387 INFO L448 ceAbstractionStarter]: For program point outgoing__wrappee__EncryptFINAL(lines 156 182) no Hoare annotation was computed. [2018-12-09 00:38:30,387 INFO L444 ceAbstractionStarter]: At program point L166(line 166) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_email_isEncrypted0~0)|))) (.cse1 (not (= ~queue_empty~0 1))) (.cse2 (not (= 1 |outgoing__wrappee__Encrypt_#in~client|))) (.cse3 (and (= |outgoing__wrappee__Encrypt_#in~msg| outgoing__wrappee__Encrypt_~msg) (= outgoing__wrappee__Encrypt_~receiver~0 ~__ste_email_to0~0) (= outgoing__wrappee__Encrypt_~client |outgoing__wrappee__Encrypt_#in~client|) (= 0 ~__ste_email_isEncrypted0~0))) (.cse4 (not (= 1 |outgoing__wrappee__Encrypt_#in~msg|))) (.cse5 (< ~rjh~0 2)) (.cse6 (< ~chuck~0 3)) (.cse7 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 (= 0 ~__ste_client_privateKey0~0) .cse6 .cse7) (or .cse0 .cse1 .cse2 .cse3 (not (= 0 ~__ste_email_isSigned0~0)) .cse4 .cse5 .cse6 .cse7))) [2018-12-09 00:38:30,390 INFO L448 ceAbstractionStarter]: For program point L166-1(line 166) no Hoare annotation was computed. [2018-12-09 00:38:30,390 INFO L444 ceAbstractionStarter]: At program point L164(line 164) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_email_isEncrypted0~0)|))) (.cse1 (not (= ~queue_empty~0 1))) (.cse2 (not (= 1 |outgoing__wrappee__Encrypt_#in~client|))) (.cse4 (not (= 1 |outgoing__wrappee__Encrypt_#in~msg|))) (.cse3 (and (= |outgoing__wrappee__Encrypt_#in~msg| outgoing__wrappee__Encrypt_~msg) (= outgoing__wrappee__Encrypt_~client |outgoing__wrappee__Encrypt_#in~client|) (= 0 ~__ste_email_isEncrypted0~0))) (.cse5 (< ~rjh~0 2)) (.cse6 (< ~chuck~0 3)) (.cse7 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 (= 0 ~__ste_client_privateKey0~0) .cse6 .cse7) (or .cse0 .cse1 .cse2 (not (= 0 ~__ste_email_isSigned0~0)) .cse4 .cse3 .cse5 .cse6 .cse7))) [2018-12-09 00:38:30,390 INFO L448 ceAbstractionStarter]: For program point L164-1(line 164) no Hoare annotation was computed. [2018-12-09 00:38:30,390 INFO L444 ceAbstractionStarter]: At program point L289(line 289) the Hoare annotation is: (or (not (= 1 |sendEmail_#in~sender|)) (not (= 0 |old(~__ste_email_isEncrypted0~0)|)) (not (= ~queue_empty~0 1)) (not (= 0 |old(~__ste_email_isSigned0~0)|)) (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0) (= 1 sendEmail_~sender) (= 1 sendEmail_~email~0)) (< ~rjh~0 2) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,391 INFO L448 ceAbstractionStarter]: For program point sendEmailEXIT(lines 281 293) no Hoare annotation was computed. [2018-12-09 00:38:30,391 INFO L444 ceAbstractionStarter]: At program point L287(line 287) the Hoare annotation is: (let ((.cse0 (not (= 1 |sendEmail_#in~sender|))) (.cse1 (not (= 0 |old(~__ste_email_isEncrypted0~0)|))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (not (= 0 |old(~__ste_email_isSigned0~0)|))) (.cse4 (< ~rjh~0 2)) (.cse5 (< ~chuck~0 3)) (.cse6 (not (= 1 ~bob~0)))) (and (or .cse0 (not (= 0 ~__ste_Client_Keyring0_User0~0)) .cse1 .cse2 (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) .cse3 .cse4 (not (= |old(~__ste_email_to0~0)| ~__ste_Client_Keyring0_User0~0)) .cse5 .cse6) (or .cse0 .cse1 .cse2 (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0) (= 1 sendEmail_~sender)) .cse3 .cse4 .cse5 .cse6))) [2018-12-09 00:38:30,391 INFO L448 ceAbstractionStarter]: For program point L287-1(line 287) no Hoare annotation was computed. [2018-12-09 00:38:30,391 INFO L444 ceAbstractionStarter]: At program point sendEmailENTRY(lines 281 293) the Hoare annotation is: (let ((.cse0 (not (= 1 |sendEmail_#in~sender|))) (.cse1 (not (= 0 |old(~__ste_email_isEncrypted0~0)|))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (not (= 0 |old(~__ste_email_isSigned0~0)|))) (.cse4 (< ~rjh~0 2)) (.cse5 (< ~chuck~0 3)) (.cse6 (not (= 1 ~bob~0)))) (and (or .cse0 (not (= 0 ~__ste_Client_Keyring0_User0~0)) (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) .cse1 .cse2 .cse3 .cse4 (not (= |old(~__ste_email_to0~0)| ~__ste_Client_Keyring0_User0~0)) .cse5 .cse6) (or .cse0 .cse1 .cse2 .cse3 .cse4 (and (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0)) .cse5 .cse6))) [2018-12-09 00:38:30,395 INFO L448 ceAbstractionStarter]: For program point sendEmailFINAL(lines 281 293) no Hoare annotation was computed. [2018-12-09 00:38:30,395 INFO L448 ceAbstractionStarter]: For program point L686(lines 686 692) no Hoare annotation was computed. [2018-12-09 00:38:30,395 INFO L448 ceAbstractionStarter]: For program point isEncryptedFINAL(lines 678 696) no Hoare annotation was computed. [2018-12-09 00:38:30,395 INFO L448 ceAbstractionStarter]: For program point L682(lines 682 693) no Hoare annotation was computed. [2018-12-09 00:38:30,395 INFO L448 ceAbstractionStarter]: For program point isEncryptedEXIT(lines 678 696) no Hoare annotation was computed. [2018-12-09 00:38:30,395 INFO L451 ceAbstractionStarter]: At program point isEncryptedENTRY(lines 678 696) the Hoare annotation is: true [2018-12-09 00:38:30,395 INFO L448 ceAbstractionStarter]: For program point L417(lines 417 431) no Hoare annotation was computed. [2018-12-09 00:38:30,395 INFO L448 ceAbstractionStarter]: For program point L417-1(lines 387 434) no Hoare annotation was computed. [2018-12-09 00:38:30,395 INFO L448 ceAbstractionStarter]: For program point L413(line 413) no Hoare annotation was computed. [2018-12-09 00:38:30,395 INFO L448 ceAbstractionStarter]: For program point verifyEXIT(lines 387 434) no Hoare annotation was computed. [2018-12-09 00:38:30,395 INFO L444 ceAbstractionStarter]: At program point L424(line 424) the Hoare annotation is: (let ((.cse9 (= 1 |verify_#in~msg|))) (let ((.cse8 (not .cse9)) (.cse0 (= verify_~msg |verify_#in~msg|)) (.cse12 (= 0 ~__ste_email_isSigned0~0))) (let ((.cse3 (= 0 ~__ste_client_privateKey0~0)) (.cse6 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse1 (not (= ~queue_empty~0 1))) (.cse7 (= verify_~tmp~7 1)) (.cse10 (not .cse12)) (.cse2 (< ~rjh~0 2)) (.cse11 (and .cse8 (<= 2 ~rjh~0) .cse0 .cse12)) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse6 .cse1 .cse2 .cse7 .cse3 .cse4 .cse5 .cse8) (or .cse9 .cse0 .cse2 .cse3 .cse4 .cse5) (or .cse9 .cse10 .cse2 .cse11 .cse4 .cse5) (or (and .cse0 .cse6) .cse1 (and .cse7 .cse0) .cse10 .cse2 .cse11 .cse4 .cse5))))) [2018-12-09 00:38:30,395 INFO L451 ceAbstractionStarter]: At program point verifyENTRY(lines 387 434) the Hoare annotation is: true [2018-12-09 00:38:30,395 INFO L448 ceAbstractionStarter]: For program point L422(lines 422 428) no Hoare annotation was computed. [2018-12-09 00:38:30,395 INFO L444 ceAbstractionStarter]: At program point L420(line 420) the Hoare annotation is: (let ((.cse9 (= 1 |verify_#in~msg|))) (let ((.cse8 (not .cse9)) (.cse0 (= verify_~msg |verify_#in~msg|)) (.cse12 (= 0 ~__ste_email_isSigned0~0))) (let ((.cse3 (= 0 ~__ste_client_privateKey0~0)) (.cse6 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse1 (not (= ~queue_empty~0 1))) (.cse7 (= verify_~tmp~7 1)) (.cse10 (not .cse12)) (.cse2 (< ~rjh~0 2)) (.cse11 (and .cse8 (<= 2 ~rjh~0) .cse0 .cse12)) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse6 .cse1 .cse2 .cse7 .cse3 .cse4 .cse5 .cse8) (or .cse9 .cse0 .cse2 .cse3 .cse4 .cse5) (or .cse9 .cse10 .cse2 .cse11 .cse4 .cse5) (or (and .cse0 .cse6) .cse1 (and .cse7 .cse0) .cse10 .cse2 .cse11 .cse4 .cse5))))) [2018-12-09 00:38:30,395 INFO L448 ceAbstractionStarter]: For program point L420-1(line 420) no Hoare annotation was computed. [2018-12-09 00:38:30,398 INFO L444 ceAbstractionStarter]: At program point L414(line 414) the Hoare annotation is: (let ((.cse9 (= 1 |verify_#in~msg|))) (let ((.cse8 (not .cse9)) (.cse0 (= verify_~msg |verify_#in~msg|)) (.cse12 (= 0 ~__ste_email_isSigned0~0))) (let ((.cse3 (= 0 ~__ste_client_privateKey0~0)) (.cse6 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse1 (not (= ~queue_empty~0 1))) (.cse7 (= verify_~tmp~7 1)) (.cse10 (not .cse12)) (.cse2 (< ~rjh~0 2)) (.cse11 (and .cse8 (<= 2 ~rjh~0) .cse0 .cse12)) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse6 .cse1 .cse2 .cse7 .cse3 .cse4 .cse5 .cse8) (or .cse9 .cse0 .cse2 .cse3 .cse4 .cse5) (or .cse9 .cse10 .cse2 .cse11 .cse4 .cse5) (or (and .cse0 .cse6) .cse1 (and .cse7 .cse0) .cse10 .cse2 .cse11 .cse4 .cse5))))) [2018-12-09 00:38:30,398 INFO L448 ceAbstractionStarter]: For program point L414-1(line 414) no Hoare annotation was computed. [2018-12-09 00:38:30,398 INFO L448 ceAbstractionStarter]: For program point L404(lines 404 408) no Hoare annotation was computed. [2018-12-09 00:38:30,398 INFO L444 ceAbstractionStarter]: At program point L404-1(lines 400 411) the Hoare annotation is: (let ((.cse9 (= 1 |verify_#in~msg|))) (let ((.cse8 (not .cse9)) (.cse0 (= verify_~msg |verify_#in~msg|)) (.cse12 (= 0 ~__ste_email_isSigned0~0))) (let ((.cse3 (= 0 ~__ste_client_privateKey0~0)) (.cse6 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse1 (not (= ~queue_empty~0 1))) (.cse7 (= verify_~tmp~7 1)) (.cse10 (not .cse12)) (.cse2 (< ~rjh~0 2)) (.cse11 (and .cse8 (<= 2 ~rjh~0) .cse0 .cse12)) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse6 .cse1 .cse2 .cse7 .cse3 .cse4 .cse5 .cse8) (or .cse9 .cse0 .cse2 .cse3 .cse4 .cse5) (or .cse9 .cse10 .cse2 .cse11 .cse4 .cse5) (or (and .cse0 .cse6) .cse1 (and .cse7 .cse0) .cse10 .cse2 .cse11 .cse4 .cse5))))) [2018-12-09 00:38:30,398 INFO L444 ceAbstractionStarter]: At program point L402(line 402) the Hoare annotation is: (let ((.cse9 (= 1 |verify_#in~msg|))) (let ((.cse8 (not .cse9)) (.cse0 (= verify_~msg |verify_#in~msg|)) (.cse12 (= 0 ~__ste_email_isSigned0~0))) (let ((.cse3 (= 0 ~__ste_client_privateKey0~0)) (.cse6 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse1 (not (= ~queue_empty~0 1))) (.cse7 (= verify_~tmp~7 1)) (.cse10 (not .cse12)) (.cse2 (< ~rjh~0 2)) (.cse11 (and .cse8 (<= 2 ~rjh~0) .cse0 .cse12)) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse6 .cse1 .cse2 .cse7 .cse3 .cse4 .cse5 .cse8) (or .cse9 .cse0 .cse2 .cse3 .cse4 .cse5) (or .cse9 .cse10 .cse2 .cse11 .cse4 .cse5) (or (and .cse0 .cse6) .cse1 (and .cse7 .cse0) .cse10 .cse2 .cse11 .cse4 .cse5))))) [2018-12-09 00:38:30,398 INFO L448 ceAbstractionStarter]: For program point L402-1(line 402) no Hoare annotation was computed. [2018-12-09 00:38:30,398 INFO L448 ceAbstractionStarter]: For program point L400(lines 400 411) no Hoare annotation was computed. [2018-12-09 00:38:30,398 INFO L444 ceAbstractionStarter]: At program point L398(line 398) the Hoare annotation is: (let ((.cse1 (not (= 0 ~__ste_email_isSigned0~0))) (.cse0 (= 1 |verify_#in~msg|)) (.cse6 (not (= ~queue_empty~0 1))) (.cse3 (= verify_~msg |verify_#in~msg|)) (.cse2 (< ~rjh~0 2)) (.cse7 (= 0 ~__ste_client_privateKey0~0)) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse6 .cse1 .cse3 .cse2 .cse4 .cse5) (or .cse0 .cse3 .cse2 .cse7 .cse4 .cse5) (or .cse6 .cse3 .cse2 .cse7 .cse4 .cse5))) [2018-12-09 00:38:30,398 INFO L448 ceAbstractionStarter]: For program point L398-1(line 398) no Hoare annotation was computed. [2018-12-09 00:38:30,398 INFO L444 ceAbstractionStarter]: At program point L419(line 419) the Hoare annotation is: (let ((.cse9 (= 1 |verify_#in~msg|))) (let ((.cse8 (not .cse9)) (.cse0 (= verify_~msg |verify_#in~msg|)) (.cse12 (= 0 ~__ste_email_isSigned0~0))) (let ((.cse3 (= 0 ~__ste_client_privateKey0~0)) (.cse6 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse1 (not (= ~queue_empty~0 1))) (.cse7 (= verify_~tmp~7 1)) (.cse10 (not .cse12)) (.cse2 (< ~rjh~0 2)) (.cse11 (and .cse8 (<= 2 ~rjh~0) .cse0 .cse12)) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse6 .cse1 .cse2 .cse7 .cse3 .cse4 .cse5 .cse8) (or .cse9 .cse0 .cse2 .cse3 .cse4 .cse5) (or .cse9 .cse10 .cse2 .cse11 .cse4 .cse5) (or (and .cse0 .cse6) .cse1 (and .cse7 .cse0) .cse10 .cse2 .cse11 .cse4 .cse5))))) [2018-12-09 00:38:30,401 INFO L448 ceAbstractionStarter]: For program point L419-1(line 419) no Hoare annotation was computed. [2018-12-09 00:38:30,401 INFO L448 ceAbstractionStarter]: For program point L704(lines 704 708) no Hoare annotation was computed. [2018-12-09 00:38:30,401 INFO L448 ceAbstractionStarter]: For program point L704-2(lines 697 712) no Hoare annotation was computed. [2018-12-09 00:38:30,401 INFO L448 ceAbstractionStarter]: For program point L701(lines 701 709) no Hoare annotation was computed. [2018-12-09 00:38:30,401 INFO L448 ceAbstractionStarter]: For program point setEmailIsEncryptedEXIT(lines 697 712) no Hoare annotation was computed. [2018-12-09 00:38:30,401 INFO L444 ceAbstractionStarter]: At program point setEmailIsEncryptedENTRY(lines 697 712) the Hoare annotation is: (let ((.cse1 (= ~__ste_email_isEncrypted0~0 |old(~__ste_email_isEncrypted0~0)|)) (.cse0 (< ~rjh~0 2)) (.cse2 (< ~chuck~0 3)) (.cse3 (not (= 1 ~bob~0)))) (and (or .cse0 (= 0 ~__ste_client_privateKey0~0) .cse1 .cse2 .cse3) (or .cse1 (not (= 0 ~__ste_email_isSigned0~0)) .cse0 .cse2 .cse3))) [2018-12-09 00:38:30,401 INFO L451 ceAbstractionStarter]: At program point incoming__wrappee__VerifyENTRY(lines 214 224) the Hoare annotation is: true [2018-12-09 00:38:30,401 INFO L444 ceAbstractionStarter]: At program point L219(line 219) the Hoare annotation is: (let ((.cse2 (= 1 |incoming__wrappee__Verify_#in~msg|)) (.cse6 (= 0 ~__ste_client_privateKey0~0)) (.cse7 (not (= ~queue_empty~0 1))) (.cse0 (not (= 0 ~__ste_email_isSigned0~0))) (.cse1 (< ~rjh~0 2)) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0))) (.cse3 (= incoming__wrappee__Verify_~msg |incoming__wrappee__Verify_#in~msg|))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse3 .cse1 .cse6 .cse2 .cse4 .cse5) (or .cse3 .cse7 .cse1 .cse6 .cse4 .cse5) (or .cse7 .cse0 .cse1 .cse4 .cse5 .cse3))) [2018-12-09 00:38:30,402 INFO L444 ceAbstractionStarter]: At program point L219-1(line 219) the Hoare annotation is: (let ((.cse3 (= 0 ~__ste_client_privateKey0~0)) (.cse7 (= 1 |incoming__wrappee__Verify_#in~msg|)) (.cse1 (not (= ~queue_empty~0 1))) (.cse6 (not (= 0 ~__ste_email_isSigned0~0))) (.cse2 (< ~rjh~0 2)) (.cse4 (< ~chuck~0 3)) (.cse5 (not (= 1 ~bob~0))) (.cse0 (= incoming__wrappee__Verify_~msg |incoming__wrappee__Verify_#in~msg|))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse6 .cse2 .cse7 .cse0 .cse4 .cse5) (or .cse0 .cse2 .cse3 .cse7 .cse4 .cse5) (or .cse1 .cse6 .cse2 .cse4 .cse5 .cse0))) [2018-12-09 00:38:30,402 INFO L448 ceAbstractionStarter]: For program point incoming__wrappee__VerifyFINAL(lines 214 224) no Hoare annotation was computed. [2018-12-09 00:38:30,402 INFO L448 ceAbstractionStarter]: For program point incoming__wrappee__VerifyEXIT(lines 214 224) no Hoare annotation was computed. [2018-12-09 00:38:30,402 INFO L448 ceAbstractionStarter]: For program point getEmailSignKeyEXIT(lines 789 807) no Hoare annotation was computed. [2018-12-09 00:38:30,402 INFO L448 ceAbstractionStarter]: For program point L797(lines 797 803) no Hoare annotation was computed. [2018-12-09 00:38:30,402 INFO L451 ceAbstractionStarter]: At program point getEmailSignKeyENTRY(lines 789 807) the Hoare annotation is: true [2018-12-09 00:38:30,405 INFO L448 ceAbstractionStarter]: For program point getEmailSignKeyFINAL(lines 789 807) no Hoare annotation was computed. [2018-12-09 00:38:30,405 INFO L448 ceAbstractionStarter]: For program point L793(lines 793 804) no Hoare annotation was computed. [2018-12-09 00:38:30,405 INFO L444 ceAbstractionStarter]: At program point setClientPrivateKeyENTRY(lines 1702 1721) the Hoare annotation is: (let ((.cse0 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse1 (not (= ~queue_empty~0 1))) (.cse2 (not (= 0 ~__ste_email_isSigned0~0))) (.cse3 (< |old(~__ste_client_privateKey0~0)| 789)) (.cse4 (< ~rjh~0 2)) (.cse5 (< ~chuck~0 3)) (.cse6 (not (= 1 ~bob~0)))) (and (or (<= 789 ~__ste_client_privateKey0~0) .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6) (or .cse0 .cse1 .cse2 .cse3 (< |old(~__ste_client_privateKey0~0)| |setClientPrivateKey_#in~value|) .cse4 .cse5 .cse6 (<= |setClientPrivateKey_#in~value| ~__ste_client_privateKey0~0)))) [2018-12-09 00:38:30,405 INFO L448 ceAbstractionStarter]: For program point setClientPrivateKeyEXIT(lines 1702 1721) no Hoare annotation was computed. [2018-12-09 00:38:30,405 INFO L448 ceAbstractionStarter]: For program point L1712(lines 1712 1716) no Hoare annotation was computed. [2018-12-09 00:38:30,405 INFO L448 ceAbstractionStarter]: For program point L1712-2(lines 1702 1721) no Hoare annotation was computed. [2018-12-09 00:38:30,406 INFO L448 ceAbstractionStarter]: For program point L1709(lines 1709 1717) no Hoare annotation was computed. [2018-12-09 00:38:30,406 INFO L448 ceAbstractionStarter]: For program point L1706(lines 1706 1718) no Hoare annotation was computed. [2018-12-09 00:38:30,406 INFO L444 ceAbstractionStarter]: At program point L2510(line 2510) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse1 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (not (= 0 ~__ste_email_isSigned0~0))) (.cse4 (< ~rjh~0 2)) (.cse5 (not (= ~__ste_email_to0~0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse6 (< ~chuck~0 3)) (.cse7 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) .cse4 .cse5 .cse6 .cse7 (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0)) (or .cse0 .cse1 (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) .cse2 .cse3 .cse4 .cse5 .cse6 .cse7))) [2018-12-09 00:38:30,406 INFO L448 ceAbstractionStarter]: For program point chuckKeyAddEXIT(lines 2504 2515) no Hoare annotation was computed. [2018-12-09 00:38:30,406 INFO L448 ceAbstractionStarter]: For program point L2509(line 2509) no Hoare annotation was computed. [2018-12-09 00:38:30,406 INFO L451 ceAbstractionStarter]: At program point L2510-1(line 2510) the Hoare annotation is: true [2018-12-09 00:38:30,406 INFO L444 ceAbstractionStarter]: At program point chuckKeyAddENTRY(lines 2504 2515) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse1 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (not (= 0 ~__ste_email_isSigned0~0))) (.cse4 (< ~rjh~0 2)) (.cse5 (not (= ~__ste_email_to0~0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse6 (< ~chuck~0 3)) (.cse7 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) .cse4 .cse5 .cse6 .cse7 (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0)) (or .cse0 .cse1 (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) .cse2 .cse3 .cse4 .cse5 .cse6 .cse7))) [2018-12-09 00:38:30,406 INFO L448 ceAbstractionStarter]: For program point chuckKeyAddFINAL(lines 2504 2515) no Hoare annotation was computed. [2018-12-09 00:38:30,406 INFO L448 ceAbstractionStarter]: For program point L1729(lines 1729 1745) no Hoare annotation was computed. [2018-12-09 00:38:30,408 INFO L451 ceAbstractionStarter]: At program point getClientKeyringSizeENTRY(lines 1725 1748) the Hoare annotation is: true [2018-12-09 00:38:30,408 INFO L448 ceAbstractionStarter]: For program point getClientKeyringSizeEXIT(lines 1725 1748) no Hoare annotation was computed. [2018-12-09 00:38:30,408 INFO L448 ceAbstractionStarter]: For program point L1737(lines 1737 1743) no Hoare annotation was computed. [2018-12-09 00:38:30,408 INFO L448 ceAbstractionStarter]: For program point getClientKeyringSizeFINAL(lines 1725 1748) no Hoare annotation was computed. [2018-12-09 00:38:30,408 INFO L448 ceAbstractionStarter]: For program point L1733(lines 1733 1744) no Hoare annotation was computed. [2018-12-09 00:38:30,408 INFO L448 ceAbstractionStarter]: For program point L589(lines 589 593) no Hoare annotation was computed. [2018-12-09 00:38:30,408 INFO L448 ceAbstractionStarter]: For program point L589-2(lines 582 597) no Hoare annotation was computed. [2018-12-09 00:38:30,409 INFO L448 ceAbstractionStarter]: For program point L586(lines 586 594) no Hoare annotation was computed. [2018-12-09 00:38:30,409 INFO L448 ceAbstractionStarter]: For program point setEmailToEXIT(lines 582 597) no Hoare annotation was computed. [2018-12-09 00:38:30,409 INFO L444 ceAbstractionStarter]: At program point setEmailToENTRY(lines 582 597) the Hoare annotation is: (or (not (= 0 ~__ste_Client_Keyring0_User0~0)) (not (= 0 ~__ste_email_isEncrypted0~0)) (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) (not (= ~queue_empty~0 1)) (not (= 0 ~__ste_email_isSigned0~0)) (< ~rjh~0 2) (not (= |old(~__ste_email_to0~0)| ~__ste_Client_Keyring0_User0~0)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,409 INFO L451 ceAbstractionStarter]: At program point setEmailIsSignatureVerifiedENTRY(lines 845 860) the Hoare annotation is: true [2018-12-09 00:38:30,409 INFO L448 ceAbstractionStarter]: For program point L849(lines 849 857) no Hoare annotation was computed. [2018-12-09 00:38:30,409 INFO L448 ceAbstractionStarter]: For program point setEmailIsSignatureVerifiedEXIT(lines 845 860) no Hoare annotation was computed. [2018-12-09 00:38:30,409 INFO L448 ceAbstractionStarter]: For program point L852(lines 852 856) no Hoare annotation was computed. [2018-12-09 00:38:30,409 INFO L448 ceAbstractionStarter]: For program point L852-2(lines 845 860) no Hoare annotation was computed. [2018-12-09 00:38:30,409 INFO L448 ceAbstractionStarter]: For program point is_queue_emptyEXIT(lines 304 312) no Hoare annotation was computed. [2018-12-09 00:38:30,409 INFO L451 ceAbstractionStarter]: At program point is_queue_emptyENTRY(lines 304 312) the Hoare annotation is: true [2018-12-09 00:38:30,409 INFO L448 ceAbstractionStarter]: For program point is_queue_emptyFINAL(lines 304 312) no Hoare annotation was computed. [2018-12-09 00:38:30,409 INFO L448 ceAbstractionStarter]: For program point L2461-1(line 2461) no Hoare annotation was computed. [2018-12-09 00:38:30,409 INFO L451 ceAbstractionStarter]: At program point L2461(line 2461) the Hoare annotation is: true [2018-12-09 00:38:30,409 INFO L451 ceAbstractionStarter]: At program point L2458(line 2458) the Hoare annotation is: true [2018-12-09 00:38:30,409 INFO L448 ceAbstractionStarter]: For program point L2456(line 2456) no Hoare annotation was computed. [2018-12-09 00:38:30,409 INFO L448 ceAbstractionStarter]: For program point L2458-1(line 2458) no Hoare annotation was computed. [2018-12-09 00:38:30,409 INFO L444 ceAbstractionStarter]: At program point L2454(line 2454) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse1 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (not (= 0 ~__ste_email_isSigned0~0))) (.cse4 (< ~rjh~0 2)) (.cse5 (not (= ~__ste_email_to0~0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse6 (< ~chuck~0 3)) (.cse7 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) .cse4 .cse5 .cse6 .cse7 (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0)) (or .cse0 .cse1 (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) .cse2 .cse3 .cse4 .cse5 .cse6 .cse7))) [2018-12-09 00:38:30,412 INFO L451 ceAbstractionStarter]: At program point L2455-1(line 2455) the Hoare annotation is: true [2018-12-09 00:38:30,412 INFO L448 ceAbstractionStarter]: For program point bobKeyAddEXIT(lines 2446 2467) no Hoare annotation was computed. [2018-12-09 00:38:30,412 INFO L444 ceAbstractionStarter]: At program point L2455(line 2455) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse1 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (not (= 0 ~__ste_email_isSigned0~0))) (.cse4 (< ~rjh~0 2)) (.cse5 (not (= ~__ste_email_to0~0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse6 (< ~chuck~0 3)) (.cse7 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) .cse4 .cse5 .cse6 .cse7 (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0)) (or .cse0 .cse1 (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) .cse2 .cse3 .cse4 .cse5 .cse6 .cse7))) [2018-12-09 00:38:30,413 INFO L448 ceAbstractionStarter]: For program point L2454-1(line 2454) no Hoare annotation was computed. [2018-12-09 00:38:30,413 INFO L444 ceAbstractionStarter]: At program point bobKeyAddENTRY(lines 2446 2467) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse1 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (not (= 0 ~__ste_email_isSigned0~0))) (.cse4 (< ~rjh~0 2)) (.cse5 (not (= ~__ste_email_to0~0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse6 (< ~chuck~0 3)) (.cse7 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) .cse4 .cse5 .cse6 .cse7 (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0)) (or .cse0 .cse1 (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) .cse2 .cse3 .cse4 .cse5 .cse6 .cse7))) [2018-12-09 00:38:30,413 INFO L448 ceAbstractionStarter]: For program point bobKeyAddFINAL(lines 2446 2467) no Hoare annotation was computed. [2018-12-09 00:38:30,413 INFO L448 ceAbstractionStarter]: For program point getClientKeyringPublicKeyEXIT(lines 1910 1963) no Hoare annotation was computed. [2018-12-09 00:38:30,413 INFO L448 ceAbstractionStarter]: For program point L1947(lines 1947 1953) no Hoare annotation was computed. [2018-12-09 00:38:30,413 INFO L448 ceAbstractionStarter]: For program point L1914(lines 1914 1960) no Hoare annotation was computed. [2018-12-09 00:38:30,413 INFO L448 ceAbstractionStarter]: For program point L1943(lines 1943 1954) no Hoare annotation was computed. [2018-12-09 00:38:30,413 INFO L448 ceAbstractionStarter]: For program point L1933(lines 1933 1939) no Hoare annotation was computed. [2018-12-09 00:38:30,413 INFO L448 ceAbstractionStarter]: For program point L1929(lines 1929 1940) no Hoare annotation was computed. [2018-12-09 00:38:30,413 INFO L448 ceAbstractionStarter]: For program point getClientKeyringPublicKeyFINAL(lines 1910 1963) no Hoare annotation was computed. [2018-12-09 00:38:30,413 INFO L448 ceAbstractionStarter]: For program point L1919(lines 1919 1925) no Hoare annotation was computed. [2018-12-09 00:38:30,413 INFO L448 ceAbstractionStarter]: For program point L1915(lines 1915 1926) no Hoare annotation was computed. [2018-12-09 00:38:30,416 INFO L451 ceAbstractionStarter]: At program point getClientKeyringPublicKeyENTRY(lines 1910 1963) the Hoare annotation is: true [2018-12-09 00:38:30,416 INFO L448 ceAbstractionStarter]: For program point L1942(lines 1942 1958) no Hoare annotation was computed. [2018-12-09 00:38:30,416 INFO L448 ceAbstractionStarter]: For program point L1928(lines 1928 1959) no Hoare annotation was computed. [2018-12-09 00:38:30,416 INFO L448 ceAbstractionStarter]: For program point setEmailSignKeyEXIT(lines 808 823) no Hoare annotation was computed. [2018-12-09 00:38:30,416 INFO L448 ceAbstractionStarter]: For program point L815(lines 815 819) no Hoare annotation was computed. [2018-12-09 00:38:30,416 INFO L448 ceAbstractionStarter]: For program point L815-2(lines 808 823) no Hoare annotation was computed. [2018-12-09 00:38:30,416 INFO L448 ceAbstractionStarter]: For program point L812(lines 812 820) no Hoare annotation was computed. [2018-12-09 00:38:30,416 INFO L451 ceAbstractionStarter]: At program point setEmailSignKeyENTRY(lines 808 823) the Hoare annotation is: true [2018-12-09 00:38:30,416 INFO L448 ceAbstractionStarter]: For program point generateKeyPairFINAL(lines 356 365) no Hoare annotation was computed. [2018-12-09 00:38:30,416 INFO L444 ceAbstractionStarter]: At program point generateKeyPairENTRY(lines 356 365) the Hoare annotation is: (or (<= 789 ~__ste_client_privateKey0~0) (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (not (= 0 ~__ste_email_isSigned0~0)) (< |old(~__ste_client_privateKey0~0)| 789) (< ~rjh~0 2) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,416 INFO L444 ceAbstractionStarter]: At program point L361(line 361) the Hoare annotation is: (or (<= 789 ~__ste_client_privateKey0~0) (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (not (= 0 ~__ste_email_isSigned0~0)) (< |old(~__ste_client_privateKey0~0)| 789) (< ~rjh~0 2) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,416 INFO L448 ceAbstractionStarter]: For program point generateKeyPairEXIT(lines 356 365) no Hoare annotation was computed. [2018-12-09 00:38:30,416 INFO L444 ceAbstractionStarter]: At program point L2352(line 2352) the Hoare annotation is: (or (not (= 0 ~__ste_Client_Keyring0_User0~0)) (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (<= |setup_chuck__wrappee__Base_#in~chuck___0| setup_chuck__wrappee__Base_~chuck___0) (not (= 0 ~__ste_email_isSigned0~0)) (not (= ~__ste_Client_Keyring0_User0~0 ~__ste_Client_Keyring0_User1~0)) (< ~rjh~0 2) (not (= ~__ste_email_to0~0 ~__ste_Client_Keyring0_User0~0)) (< ~chuck~0 3) (not (= 1 ~bob~0))) [2018-12-09 00:38:30,416 INFO L451 ceAbstractionStarter]: At program point setup_chuck__wrappee__BaseENTRY(lines 2347 2356) the Hoare annotation is: true [2018-12-09 00:38:30,416 INFO L448 ceAbstractionStarter]: For program point setup_chuck__wrappee__BaseFINAL(lines 2347 2356) no Hoare annotation was computed. [2018-12-09 00:38:30,416 INFO L448 ceAbstractionStarter]: For program point setup_chuck__wrappee__BaseEXIT(lines 2347 2356) no Hoare annotation was computed. [2018-12-09 00:38:30,417 INFO L448 ceAbstractionStarter]: For program point ULTIMATE.initFINAL(line -1) no Hoare annotation was computed. [2018-12-09 00:38:30,417 INFO L444 ceAbstractionStarter]: At program point ULTIMATE.initENTRY(line -1) the Hoare annotation is: (and (= |old(~__ste_email_isSigned0~0)| ~__ste_email_isSigned0~0) (= ~__ste_email_isEncrypted0~0 |old(~__ste_email_isEncrypted0~0)|)) [2018-12-09 00:38:30,417 INFO L448 ceAbstractionStarter]: For program point ULTIMATE.initEXIT(line -1) no Hoare annotation was computed. [2018-12-09 00:38:30,417 INFO L448 ceAbstractionStarter]: For program point chuckKeyAddRjhFINAL(lines 2516 2527) no Hoare annotation was computed. [2018-12-09 00:38:30,417 INFO L444 ceAbstractionStarter]: At program point L2522(line 2522) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse1 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (not (= 0 ~__ste_email_isSigned0~0))) (.cse4 (< ~rjh~0 2)) (.cse5 (not (= ~__ste_email_to0~0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse6 (< ~chuck~0 3)) (.cse7 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) .cse4 .cse5 .cse6 .cse7 (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0)) (or .cse0 .cse1 (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) .cse2 .cse3 .cse4 .cse5 .cse6 .cse7))) [2018-12-09 00:38:30,419 INFO L444 ceAbstractionStarter]: At program point chuckKeyAddRjhENTRY(lines 2516 2527) the Hoare annotation is: (let ((.cse0 (not (= 0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse1 (not (= 0 ~__ste_email_isEncrypted0~0))) (.cse2 (not (= ~queue_empty~0 1))) (.cse3 (not (= 0 ~__ste_email_isSigned0~0))) (.cse4 (< ~rjh~0 2)) (.cse5 (not (= ~__ste_email_to0~0 |old(~__ste_Client_Keyring0_User0~0)|))) (.cse6 (< ~chuck~0 3)) (.cse7 (not (= 1 ~bob~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (= |old(~__ste_Client_Keyring0_User0~0)| |old(~__ste_Client_Keyring0_User1~0)|)) .cse4 .cse5 .cse6 .cse7 (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0)) (or .cse0 .cse1 (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) .cse2 .cse3 .cse4 .cse5 .cse6 .cse7))) [2018-12-09 00:38:30,419 INFO L448 ceAbstractionStarter]: For program point L2521(line 2521) no Hoare annotation was computed. [2018-12-09 00:38:30,419 INFO L451 ceAbstractionStarter]: At program point L2522-1(line 2522) the Hoare annotation is: true [2018-12-09 00:38:30,419 INFO L448 ceAbstractionStarter]: For program point chuckKeyAddRjhEXIT(lines 2516 2527) no Hoare annotation was computed. [2018-12-09 00:38:30,419 INFO L448 ceAbstractionStarter]: For program point L2418-1(line 2418) no Hoare annotation was computed. [2018-12-09 00:38:30,419 INFO L448 ceAbstractionStarter]: For program point setupEXIT(lines 2402 2424) no Hoare annotation was computed. [2018-12-09 00:38:30,419 INFO L451 ceAbstractionStarter]: At program point setupENTRY(lines 2402 2424) the Hoare annotation is: true [2018-12-09 00:38:30,419 INFO L444 ceAbstractionStarter]: At program point L2414(line 2414) the Hoare annotation is: (or (not (= 0 ~__ste_Client_Keyring0_User0~0)) (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (not (= 0 ~__ste_email_isSigned0~0)) (not (= ~__ste_Client_Keyring0_User0~0 ~__ste_Client_Keyring0_User1~0)) (not (= ~__ste_email_to0~0 ~__ste_Client_Keyring0_User0~0)) (and (= 1 ~bob~0) (<= 2 ~rjh~0))) [2018-12-09 00:38:30,419 INFO L448 ceAbstractionStarter]: For program point L2414-1(line 2414) no Hoare annotation was computed. [2018-12-09 00:38:30,420 INFO L448 ceAbstractionStarter]: For program point setupFINAL(lines 2402 2424) no Hoare annotation was computed. [2018-12-09 00:38:30,420 INFO L444 ceAbstractionStarter]: At program point L2410(line 2410) the Hoare annotation is: (or (not (= 0 ~__ste_Client_Keyring0_User0~0)) (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (= 1 ~bob~0) (not (= 0 ~__ste_email_isSigned0~0)) (not (= ~__ste_Client_Keyring0_User0~0 ~__ste_Client_Keyring0_User1~0)) (not (= ~__ste_email_to0~0 ~__ste_Client_Keyring0_User0~0))) [2018-12-09 00:38:30,420 INFO L448 ceAbstractionStarter]: For program point L2410-1(line 2410) no Hoare annotation was computed. [2018-12-09 00:38:30,420 INFO L444 ceAbstractionStarter]: At program point L2418(line 2418) the Hoare annotation is: (or (not (= 0 ~__ste_Client_Keyring0_User0~0)) (not (= 0 ~__ste_email_isEncrypted0~0)) (not (= ~queue_empty~0 1)) (not (= 0 ~__ste_email_isSigned0~0)) (not (= ~__ste_Client_Keyring0_User0~0 ~__ste_Client_Keyring0_User1~0)) (not (= ~__ste_email_to0~0 ~__ste_Client_Keyring0_User0~0)) (and (<= 3 ~chuck~0) (= 1 ~bob~0) (<= 2 ~rjh~0))) [2018-12-09 00:38:30,426 INFO L448 ceAbstractionStarter]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2018-12-09 00:38:30,426 INFO L444 ceAbstractionStarter]: At program point L-1(line -1) the Hoare annotation is: (and (= ~__ste_Client_Keyring0_User1~0 ~__ste_Client_Keyring0_User0~0) (= 0 ~__ste_email_isSigned0~0) (= 0 ~__ste_email_isEncrypted0~0) (= 0 ~__ste_Client_Keyring0_User0~0) (= ~__ste_Client_Keyring0_User0~0 ~__ste_email_to0~0) (= ~queue_empty~0 1)) [2018-12-09 00:38:30,426 INFO L451 ceAbstractionStarter]: At program point ULTIMATE.startENTRY(line -1) the Hoare annotation is: true [2018-12-09 00:38:30,426 INFO L448 ceAbstractionStarter]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2018-12-09 00:38:30,426 INFO L448 ceAbstractionStarter]: For program point getEmailFromFINAL(lines 526 544) no Hoare annotation was computed. [2018-12-09 00:38:30,426 INFO L448 ceAbstractionStarter]: For program point getEmailFromEXIT(lines 526 544) no Hoare annotation was computed. [2018-12-09 00:38:30,426 INFO L451 ceAbstractionStarter]: At program point getEmailFromENTRY(lines 526 544) the Hoare annotation is: true [2018-12-09 00:38:30,426 INFO L448 ceAbstractionStarter]: For program point L534(lines 534 540) no Hoare annotation was computed. [2018-12-09 00:38:30,426 INFO L448 ceAbstractionStarter]: For program point L530(lines 530 541) no Hoare annotation was computed. [2018-12-09 00:38:30,426 INFO L448 ceAbstractionStarter]: For program point L1759(lines 1759 1763) no Hoare annotation was computed. [2018-12-09 00:38:30,426 INFO L448 ceAbstractionStarter]: For program point L1759-2(lines 1749 1768) no Hoare annotation was computed. [2018-12-09 00:38:30,426 INFO L448 ceAbstractionStarter]: For program point L1756(lines 1756 1764) no Hoare annotation was computed. [2018-12-09 00:38:30,426 INFO L448 ceAbstractionStarter]: For program point L1753(lines 1753 1765) no Hoare annotation was computed. [2018-12-09 00:38:30,426 INFO L448 ceAbstractionStarter]: For program point setClientKeyringSizeEXIT(lines 1749 1768) no Hoare annotation was computed. [2018-12-09 00:38:30,426 INFO L451 ceAbstractionStarter]: At program point setClientKeyringSizeENTRY(lines 1749 1768) the Hoare annotation is: true [2018-12-09 00:38:30,426 INFO L448 ceAbstractionStarter]: For program point L2144(lines 2144 2152) no Hoare annotation was computed. [2018-12-09 00:38:30,426 INFO L448 ceAbstractionStarter]: For program point L2147-2(lines 2137 2156) no Hoare annotation was computed. [2018-12-09 00:38:30,426 INFO L448 ceAbstractionStarter]: For program point L2141(lines 2141 2153) no Hoare annotation was computed. [2018-12-09 00:38:30,426 INFO L448 ceAbstractionStarter]: For program point setClientIdEXIT(lines 2137 2156) no Hoare annotation was computed. [2018-12-09 00:38:30,426 INFO L451 ceAbstractionStarter]: At program point setClientIdENTRY(lines 2137 2156) the Hoare annotation is: true [2018-12-09 00:38:30,426 INFO L448 ceAbstractionStarter]: For program point L2147(lines 2147 2151) no Hoare annotation was computed. [2018-12-09 00:38:30,442 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 09.12 12:38:30 BoogieIcfgContainer [2018-12-09 00:38:30,442 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2018-12-09 00:38:30,442 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2018-12-09 00:38:30,442 INFO L271 PluginConnector]: Initializing Witness Printer... [2018-12-09 00:38:30,442 INFO L276 PluginConnector]: Witness Printer initialized [2018-12-09 00:38:30,443 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.12 12:37:00" (3/4) ... [2018-12-09 00:38:30,445 INFO L144 WitnessPrinter]: Generating witness for correct program [2018-12-09 00:38:30,450 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure bobKeyChange [2018-12-09 00:38:30,450 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isSigned [2018-12-09 00:38:30,450 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure mail [2018-12-09 00:38:30,450 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure valid_product [2018-12-09 00:38:30,450 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure get_queued_client [2018-12-09 00:38:30,450 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isKeyPairValid [2018-12-09 00:38:30,450 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure sign [2018-12-09 00:38:30,450 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure main [2018-12-09 00:38:30,450 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure rjhKeyChange [2018-12-09 00:38:30,450 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setup_rjh [2018-12-09 00:38:30,451 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setEmailIsSigned [2018-12-09 00:38:30,451 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure getClientPrivateKey [2018-12-09 00:38:30,451 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure rjhKeyAdd [2018-12-09 00:38:30,451 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure bobToRjh [2018-12-09 00:38:30,451 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setup_bob [2018-12-09 00:38:30,451 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setEmailEncryptionKey [2018-12-09 00:38:30,451 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure select_features [2018-12-09 00:38:30,451 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setup_bob__wrappee__Base [2018-12-09 00:38:30,451 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure getEmailEncryptionKey [2018-12-09 00:38:30,451 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure outgoing__wrappee__Keys [2018-12-09 00:38:30,451 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure incoming [2018-12-09 00:38:30,451 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure createEmail [2018-12-09 00:38:30,451 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure rjhDeletePrivateKey [2018-12-09 00:38:30,451 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure test [2018-12-09 00:38:30,451 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure getEmailTo [2018-12-09 00:38:30,451 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure get_queued_email [2018-12-09 00:38:30,451 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure incoming__wrappee__Sign [2018-12-09 00:38:30,452 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure getClientKeyringUser [2018-12-09 00:38:30,452 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isReadable__wrappee__Keys [2018-12-09 00:38:30,452 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure __utac_acc__SignForward_spec__1 [2018-12-09 00:38:30,452 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setClientKeyringUser [2018-12-09 00:38:30,452 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setEmailFrom [2018-12-09 00:38:30,452 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isReadable [2018-12-09 00:38:30,452 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure __automaton_fail [2018-12-09 00:38:30,452 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setClientKeyringPublicKey [2018-12-09 00:38:30,452 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setup_rjh__wrappee__Base [2018-12-09 00:38:30,452 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure outgoing [2018-12-09 00:38:30,452 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure select_helpers [2018-12-09 00:38:30,452 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure getClientId [2018-12-09 00:38:30,452 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure deliver [2018-12-09 00:38:30,452 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure createClientKeyringEntry [2018-12-09 00:38:30,452 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setup_chuck [2018-12-09 00:38:30,452 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure findPublicKey [2018-12-09 00:38:30,452 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure outgoing__wrappee__Encrypt [2018-12-09 00:38:30,452 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure sendEmail [2018-12-09 00:38:30,452 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isEncrypted [2018-12-09 00:38:30,452 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure verify [2018-12-09 00:38:30,452 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setEmailIsEncrypted [2018-12-09 00:38:30,452 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure incoming__wrappee__Verify [2018-12-09 00:38:30,452 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure getEmailSignKey [2018-12-09 00:38:30,452 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setClientPrivateKey [2018-12-09 00:38:30,453 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure chuckKeyAdd [2018-12-09 00:38:30,453 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure getClientKeyringSize [2018-12-09 00:38:30,453 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setEmailTo [2018-12-09 00:38:30,453 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setEmailIsSignatureVerified [2018-12-09 00:38:30,453 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure is_queue_empty [2018-12-09 00:38:30,453 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure bobKeyAdd [2018-12-09 00:38:30,453 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure getClientKeyringPublicKey [2018-12-09 00:38:30,453 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setEmailSignKey [2018-12-09 00:38:30,453 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure generateKeyPair [2018-12-09 00:38:30,453 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setup_chuck__wrappee__Base [2018-12-09 00:38:30,453 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure ULTIMATE.init [2018-12-09 00:38:30,453 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure chuckKeyAddRjh [2018-12-09 00:38:30,453 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setup [2018-12-09 00:38:30,453 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure getEmailFrom [2018-12-09 00:38:30,453 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setClientKeyringSize [2018-12-09 00:38:30,453 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure setClientId [2018-12-09 00:38:30,462 INFO L905 BoogieBacktranslator]: Reduced CFG by removing 99 nodes and edges [2018-12-09 00:38:30,463 INFO L905 BoogieBacktranslator]: Reduced CFG by removing 48 nodes and edges [2018-12-09 00:38:30,464 INFO L905 BoogieBacktranslator]: Reduced CFG by removing 8 nodes and edges [2018-12-09 00:38:30,464 INFO L905 BoogieBacktranslator]: Reduced CFG by removing 4 nodes and edges [2018-12-09 00:38:30,465 INFO L905 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2018-12-09 00:38:30,483 WARN L221 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) [2018-12-09 00:38:30,483 WARN L221 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) [2018-12-09 00:38:30,483 WARN L221 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) [2018-12-09 00:38:30,483 WARN L221 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) [2018-12-09 00:38:30,483 WARN L221 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) [2018-12-09 00:38:30,483 WARN L221 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) [2018-12-09 00:38:30,483 WARN L221 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) [2018-12-09 00:38:30,483 WARN L221 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) [2018-12-09 00:38:30,484 WARN L221 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) [2018-12-09 00:38:30,484 WARN L221 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) [2018-12-09 00:38:30,484 WARN L221 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) [2018-12-09 00:38:30,484 WARN L221 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) [2018-12-09 00:38:30,534 INFO L145 WitnessManager]: Wrote witness to /tmp/vcloud-vcloud-master/worker/working_dir_251a6805-40dc-4b4d-90ba-e7bec03f1268/bin-2019/uautomizer/witness.graphml [2018-12-09 00:38:30,534 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2018-12-09 00:38:30,535 INFO L168 Benchmark]: Toolchain (without parser) took 91210.19 ms. Allocated memory was 1.0 GB in the beginning and 4.4 GB in the end (delta: 3.4 GB). Free memory was 950.6 MB in the beginning and 2.1 GB in the end (delta: -1.1 GB). Peak memory consumption was 2.3 GB. Max. memory is 11.5 GB. [2018-12-09 00:38:30,536 INFO L168 Benchmark]: CDTParser took 0.13 ms. Allocated memory is still 1.0 GB. Free memory is still 979.6 MB. There was no memory consumed. Max. memory is 11.5 GB. [2018-12-09 00:38:30,536 INFO L168 Benchmark]: CACSL2BoogieTranslator took 431.45 ms. Allocated memory was 1.0 GB in the beginning and 1.1 GB in the end (delta: 116.9 MB). Free memory was 950.6 MB in the beginning and 1.1 GB in the end (delta: -110.9 MB). Peak memory consumption was 42.3 MB. Max. memory is 11.5 GB. [2018-12-09 00:38:30,536 INFO L168 Benchmark]: Boogie Procedure Inliner took 28.55 ms. Allocated memory is still 1.1 GB. Free memory was 1.1 GB in the beginning and 1.1 GB in the end (delta: 3.5 MB). Peak memory consumption was 3.5 MB. Max. memory is 11.5 GB. [2018-12-09 00:38:30,536 INFO L168 Benchmark]: Boogie Preprocessor took 39.65 ms. Allocated memory is still 1.1 GB. Free memory was 1.1 GB in the beginning and 1.1 GB in the end (delta: 7.0 MB). Peak memory consumption was 7.0 MB. Max. memory is 11.5 GB. [2018-12-09 00:38:30,536 INFO L168 Benchmark]: RCFGBuilder took 713.25 ms. Allocated memory is still 1.1 GB. Free memory was 1.1 GB in the beginning and 914.5 MB in the end (delta: 136.5 MB). Peak memory consumption was 136.5 MB. Max. memory is 11.5 GB. [2018-12-09 00:38:30,536 INFO L168 Benchmark]: TraceAbstraction took 89902.33 ms. Allocated memory was 1.1 GB in the beginning and 4.4 GB in the end (delta: 3.2 GB). Free memory was 914.5 MB in the beginning and 2.1 GB in the end (delta: -1.1 GB). Peak memory consumption was 4.4 GB. Max. memory is 11.5 GB. [2018-12-09 00:38:30,536 INFO L168 Benchmark]: Witness Printer took 92.15 ms. Allocated memory is still 4.4 GB. Free memory is still 2.1 GB. There was no memory consumed. Max. memory is 11.5 GB. [2018-12-09 00:38:30,537 INFO L336 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.13 ms. Allocated memory is still 1.0 GB. Free memory is still 979.6 MB. There was no memory consumed. Max. memory is 11.5 GB. * CACSL2BoogieTranslator took 431.45 ms. Allocated memory was 1.0 GB in the beginning and 1.1 GB in the end (delta: 116.9 MB). Free memory was 950.6 MB in the beginning and 1.1 GB in the end (delta: -110.9 MB). Peak memory consumption was 42.3 MB. Max. memory is 11.5 GB. * Boogie Procedure Inliner took 28.55 ms. Allocated memory is still 1.1 GB. Free memory was 1.1 GB in the beginning and 1.1 GB in the end (delta: 3.5 MB). Peak memory consumption was 3.5 MB. Max. memory is 11.5 GB. * Boogie Preprocessor took 39.65 ms. Allocated memory is still 1.1 GB. Free memory was 1.1 GB in the beginning and 1.1 GB in the end (delta: 7.0 MB). Peak memory consumption was 7.0 MB. Max. memory is 11.5 GB. * RCFGBuilder took 713.25 ms. Allocated memory is still 1.1 GB. Free memory was 1.1 GB in the beginning and 914.5 MB in the end (delta: 136.5 MB). Peak memory consumption was 136.5 MB. Max. memory is 11.5 GB. * TraceAbstraction took 89902.33 ms. Allocated memory was 1.1 GB in the beginning and 4.4 GB in the end (delta: 3.2 GB). Free memory was 914.5 MB in the beginning and 2.1 GB in the end (delta: -1.1 GB). Peak memory consumption was 4.4 GB. Max. memory is 11.5 GB. * Witness Printer took 92.15 ms. Allocated memory is still 4.4 GB. Free memory is still 2.1 GB. There was no memory consumed. Max. memory is 11.5 GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - PositiveResult [Line: 440]: call of __VERIFIER_error() unreachable For all program executions holds that call of __VERIFIER_error() unreachable at this location - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 956]: Loop Invariant Derived loop invariant: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) - InvariantResult [Line: 1020]: Loop Invariant Derived loop invariant: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) - InvariantResult [Line: 931]: Loop Invariant Derived loop invariant: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) - InvariantResult [Line: 908]: Loop Invariant Derived loop invariant: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) - InvariantResult [Line: 917]: Loop Invariant Derived loop invariant: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) - InvariantResult [Line: 984]: Loop Invariant Derived loop invariant: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) - InvariantResult [Line: 970]: Loop Invariant Derived loop invariant: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) - InvariantResult [Line: 1034]: Loop Invariant Derived loop invariant: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) - InvariantResult [Line: 942]: Loop Invariant Derived loop invariant: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) - InvariantResult [Line: 1009]: Loop Invariant Derived loop invariant: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) - InvariantResult [Line: 909]: Loop Invariant Derived loop invariant: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) - InvariantResult [Line: 995]: Loop Invariant Derived loop invariant: ((((((((!(0 == \old(__ste_Client_Keyring0_User0)) || !(0 == \old(__ste_email_isEncrypted0))) || !(queue_empty == 1)) || !(0 == \old(__ste_email_isSigned0))) || !(\old(__ste_Client_Keyring0_User0) == \old(__ste_Client_Keyring0_User1))) || (0 == __ste_email_isSigned0 && 0 == __ste_email_isEncrypted0)) || rjh < 2) || !(\old(__ste_email_to0) == \old(__ste_Client_Keyring0_User0))) || chuck < 3) || !(1 == bob) - StatisticsResult: Ultimate Automizer benchmark data CFG has 68 procedures, 469 locations, 1 error locations. SAFE Result, 89.8s OverallTime, 17 OverallIterations, 4 TraceHistogramMax, 20.8s AutomataDifference, 0.0s DeadEndRemovalTime, 57.4s HoareAnnotationTime, HoareTripleCheckerStatistics: 11828 SDtfs, 11272 SDslu, 102445 SDs, 0 SdLazy, 26707 SolverSat, 3672 SolverUnsat, 0 SolverUnknown, 0 SolverNotchecked, 10.4s Time, PredicateUnifierStatistics: 0 DeclaredPredicates, 1872 GetRequests, 1476 SyntacticMatches, 3 SemanticMatches, 393 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4675 ImplicationChecksByTransitivity, 3.3s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=54036occurred in iteration=14, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s AbstIntTime, 0 AbstIntIterations, 0 AbstIntStrong, NaN AbsIntWeakeningRatio, NaN AbsIntAvgWeakeningVarsNumRemoved, NaN AbsIntAvgWeakenedConjuncts, 0.0s DumpTime, AutomataMinimizationStatistics: 6.5s AutomataMinimizationTime, 17 MinimizatonAttempts, 11634 StatesRemovedByMinimization, 15 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 167 LocationsWithAnnotation, 61059 PreInvPairs, 71297 NumberOfFragments, 7314 HoareAnnotationTreeSize, 61059 FomulaSimplifications, 174034 FormulaSimplificationTreeSizeReduction, 6.4s HoareSimplificationTime, 167 FomulaSimplificationsInter, 704803 FormulaSimplificationTreeSizeReductionInter, 50.2s HoareSimplificationTimeInter, RefinementEngineStatistics: TraceCheckStatistics: 0.4s SsaConstructionTime, 1.1s SatisfiabilityAnalysisTime, 2.3s InterpolantComputationTime, 5585 NumberOfCodeBlocks, 5478 NumberOfCodeBlocksAsserted, 22 NumberOfCheckSat, 5563 ConstructedInterpolants, 0 QuantifiedInterpolants, 1978781 SizeOfPredicates, 20 NumberOfNonLiveVariables, 13995 ConjunctsInSsa, 40 ConjunctsInUnsatCore, 22 InterpolantComputations, 17 PerfectInterpolantSequences, 1794/1819 InterpolantCoveringCapability, InvariantSynthesisStatistics: No data available, InterpolantConsolidationStatistics: No data available, ReuseStatistics: No data available RESULT: Ultimate proved your program to be correct! Received shutdown request...