./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/email_spec11_product10.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 8393723b Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/email_spec11_product10.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash c9a35f77051831a79054d5620e487d68dd21285b0cc9c8ae29c469f997bd1ec7 --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-8393723 [2022-11-19 08:23:00,713 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-19 08:23:00,720 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-19 08:23:00,754 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-19 08:23:00,758 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-19 08:23:00,763 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-19 08:23:00,766 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-19 08:23:00,770 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-19 08:23:00,773 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-19 08:23:00,782 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-19 08:23:00,783 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-19 08:23:00,785 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-19 08:23:00,786 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-19 08:23:00,789 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-19 08:23:00,790 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-19 08:23:00,793 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-19 08:23:00,795 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-19 08:23:00,797 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-19 08:23:00,799 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-19 08:23:00,806 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-19 08:23:00,812 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-19 08:23:00,814 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-19 08:23:00,815 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-19 08:23:00,817 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-19 08:23:00,824 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-19 08:23:00,829 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-19 08:23:00,829 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-19 08:23:00,830 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-19 08:23:00,832 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-19 08:23:00,833 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-19 08:23:00,834 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-19 08:23:00,835 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-19 08:23:00,836 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-19 08:23:00,838 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-19 08:23:00,840 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-19 08:23:00,841 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-19 08:23:00,842 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-19 08:23:00,842 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-19 08:23:00,843 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-19 08:23:00,844 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-19 08:23:00,844 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-19 08:23:00,845 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS/config/svcomp-Reach-32bit-Taipan_Default.epf [2022-11-19 08:23:00,880 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-19 08:23:00,884 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-19 08:23:00,885 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-19 08:23:00,885 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-19 08:23:00,886 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-19 08:23:00,886 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-19 08:23:00,887 INFO L138 SettingsManager]: * User list type=DISABLED [2022-11-19 08:23:00,887 INFO L136 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2022-11-19 08:23:00,887 INFO L138 SettingsManager]: * Explicit value domain=true [2022-11-19 08:23:00,887 INFO L138 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2022-11-19 08:23:00,888 INFO L138 SettingsManager]: * Octagon Domain=false [2022-11-19 08:23:00,889 INFO L138 SettingsManager]: * Abstract domain=CompoundDomain [2022-11-19 08:23:00,889 INFO L138 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2022-11-19 08:23:00,889 INFO L138 SettingsManager]: * Use the RCFG-of-the-future interface=true [2022-11-19 08:23:00,889 INFO L138 SettingsManager]: * Interval Domain=false [2022-11-19 08:23:00,890 INFO L136 SettingsManager]: Preferences of Sifa differ from their defaults: [2022-11-19 08:23:00,890 INFO L138 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2022-11-19 08:23:00,890 INFO L138 SettingsManager]: * Simplification Technique=POLY_PAC [2022-11-19 08:23:00,891 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-19 08:23:00,891 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-19 08:23:00,891 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-19 08:23:00,891 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-19 08:23:00,891 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-19 08:23:00,892 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-19 08:23:00,892 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-19 08:23:00,892 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-19 08:23:00,892 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-19 08:23:00,892 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-19 08:23:00,893 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-19 08:23:00,893 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-19 08:23:00,893 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-19 08:23:00,894 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-19 08:23:00,894 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-19 08:23:00,894 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-19 08:23:00,894 INFO L138 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2022-11-19 08:23:00,894 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-19 08:23:00,895 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-19 08:23:00,895 INFO L138 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2022-11-19 08:23:00,895 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-19 08:23:00,895 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-19 08:23:00,895 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2022-11-19 08:23:00,896 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> c9a35f77051831a79054d5620e487d68dd21285b0cc9c8ae29c469f997bd1ec7 [2022-11-19 08:23:01,244 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-19 08:23:01,273 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-19 08:23:01,277 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-19 08:23:01,278 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-19 08:23:01,279 INFO L275 PluginConnector]: CDTParser initialized [2022-11-19 08:23:01,281 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS/../../sv-benchmarks/c/product-lines/email_spec11_product10.cil.c [2022-11-19 08:23:01,366 INFO L220 CDTParser]: Created temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS/data/115ea3cca/a771a4e263564a76aa7f78fa75af333d/FLAGd48f2478f [2022-11-19 08:23:02,062 INFO L306 CDTParser]: Found 1 translation units. [2022-11-19 08:23:02,062 INFO L160 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/sv-benchmarks/c/product-lines/email_spec11_product10.cil.c [2022-11-19 08:23:02,096 INFO L349 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS/data/115ea3cca/a771a4e263564a76aa7f78fa75af333d/FLAGd48f2478f [2022-11-19 08:23:02,294 INFO L357 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS/data/115ea3cca/a771a4e263564a76aa7f78fa75af333d [2022-11-19 08:23:02,297 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-19 08:23:02,300 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-19 08:23:02,305 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-19 08:23:02,305 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-19 08:23:02,308 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-19 08:23:02,309 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 19.11 08:23:02" (1/1) ... [2022-11-19 08:23:02,310 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@3a1082da and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 08:23:02, skipping insertion in model container [2022-11-19 08:23:02,311 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 19.11 08:23:02" (1/1) ... [2022-11-19 08:23:02,319 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-19 08:23:02,397 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-19 08:23:02,888 WARN L234 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/sv-benchmarks/c/product-lines/email_spec11_product10.cil.c[53446,53459] [2022-11-19 08:23:02,941 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-19 08:23:02,958 INFO L203 MainTranslator]: Completed pre-run [2022-11-19 08:23:03,106 WARN L234 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/sv-benchmarks/c/product-lines/email_spec11_product10.cil.c[53446,53459] [2022-11-19 08:23:03,120 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-19 08:23:03,162 INFO L208 MainTranslator]: Completed translation [2022-11-19 08:23:03,163 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 08:23:03 WrapperNode [2022-11-19 08:23:03,163 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-19 08:23:03,164 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-19 08:23:03,164 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-19 08:23:03,164 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-19 08:23:03,172 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 08:23:03" (1/1) ... [2022-11-19 08:23:03,208 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 08:23:03" (1/1) ... [2022-11-19 08:23:03,257 INFO L138 Inliner]: procedures = 110, calls = 135, calls flagged for inlining = 40, calls inlined = 33, statements flattened = 620 [2022-11-19 08:23:03,266 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-19 08:23:03,267 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-19 08:23:03,267 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-19 08:23:03,268 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-19 08:23:03,279 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 08:23:03" (1/1) ... [2022-11-19 08:23:03,280 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 08:23:03" (1/1) ... [2022-11-19 08:23:03,284 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 08:23:03" (1/1) ... [2022-11-19 08:23:03,284 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 08:23:03" (1/1) ... [2022-11-19 08:23:03,296 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 08:23:03" (1/1) ... [2022-11-19 08:23:03,302 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 08:23:03" (1/1) ... [2022-11-19 08:23:03,305 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 08:23:03" (1/1) ... [2022-11-19 08:23:03,308 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 08:23:03" (1/1) ... [2022-11-19 08:23:03,313 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-19 08:23:03,314 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-19 08:23:03,315 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-19 08:23:03,315 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-19 08:23:03,316 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 08:23:03" (1/1) ... [2022-11-19 08:23:03,338 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-19 08:23:03,353 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS/z3 [2022-11-19 08:23:03,373 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-19 08:23:03,403 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-19 08:23:03,426 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailTo [2022-11-19 08:23:03,427 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailTo [2022-11-19 08:23:03,427 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailFrom [2022-11-19 08:23:03,427 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailFrom [2022-11-19 08:23:03,427 INFO L130 BoogieDeclarations]: Found specification of procedure isReadable [2022-11-19 08:23:03,427 INFO L138 BoogieDeclarations]: Found implementation of procedure isReadable [2022-11-19 08:23:03,428 INFO L130 BoogieDeclarations]: Found specification of procedure puts [2022-11-19 08:23:03,428 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailFrom [2022-11-19 08:23:03,428 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailFrom [2022-11-19 08:23:03,428 INFO L130 BoogieDeclarations]: Found specification of procedure queue [2022-11-19 08:23:03,428 INFO L138 BoogieDeclarations]: Found implementation of procedure queue [2022-11-19 08:23:03,428 INFO L130 BoogieDeclarations]: Found specification of procedure setClientId [2022-11-19 08:23:03,429 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientId [2022-11-19 08:23:03,429 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-19 08:23:03,429 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing [2022-11-19 08:23:03,429 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing [2022-11-19 08:23:03,429 INFO L130 BoogieDeclarations]: Found specification of procedure sendEmail [2022-11-19 08:23:03,430 INFO L138 BoogieDeclarations]: Found implementation of procedure sendEmail [2022-11-19 08:23:03,430 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailTo [2022-11-19 08:23:03,430 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailTo [2022-11-19 08:23:03,430 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-19 08:23:03,430 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-19 08:23:03,430 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-19 08:23:03,716 INFO L235 CfgBuilder]: Building ICFG [2022-11-19 08:23:03,718 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-19 08:23:04,334 INFO L276 CfgBuilder]: Performing block encoding [2022-11-19 08:23:04,572 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-19 08:23:04,572 INFO L300 CfgBuilder]: Removed 1 assume(true) statements. [2022-11-19 08:23:04,575 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 19.11 08:23:04 BoogieIcfgContainer [2022-11-19 08:23:04,575 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-19 08:23:04,578 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-19 08:23:04,578 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-19 08:23:04,582 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-19 08:23:04,582 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 19.11 08:23:02" (1/3) ... [2022-11-19 08:23:04,583 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5b17179f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 19.11 08:23:04, skipping insertion in model container [2022-11-19 08:23:04,583 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 08:23:03" (2/3) ... [2022-11-19 08:23:04,583 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5b17179f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 19.11 08:23:04, skipping insertion in model container [2022-11-19 08:23:04,583 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 19.11 08:23:04" (3/3) ... [2022-11-19 08:23:04,584 INFO L112 eAbstractionObserver]: Analyzing ICFG email_spec11_product10.cil.c [2022-11-19 08:23:04,604 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-19 08:23:04,604 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-19 08:23:04,657 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-19 08:23:04,665 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@29721fd7, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-19 08:23:04,665 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-19 08:23:04,672 INFO L276 IsEmpty]: Start isEmpty. Operand has 92 states, 62 states have (on average 1.4838709677419355) internal successors, (92), 64 states have internal predecessors, (92), 19 states have call successors, (19), 9 states have call predecessors, (19), 9 states have return successors, (19), 19 states have call predecessors, (19), 19 states have call successors, (19) [2022-11-19 08:23:04,688 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2022-11-19 08:23:04,689 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 08:23:04,689 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 08:23:04,690 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 08:23:04,697 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 08:23:04,697 INFO L85 PathProgramCache]: Analyzing trace with hash -144883800, now seen corresponding path program 1 times [2022-11-19 08:23:04,711 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 08:23:04,713 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [11760961] [2022-11-19 08:23:04,713 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 08:23:04,714 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 08:23:04,926 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 08:23:05,135 INFO L134 CoverageAnalysis]: Checked inductivity of 8 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-11-19 08:23:05,136 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 08:23:05,136 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [11760961] [2022-11-19 08:23:05,137 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [11760961] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 08:23:05,137 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-19 08:23:05,137 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-19 08:23:05,139 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1550144001] [2022-11-19 08:23:05,140 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 08:23:05,144 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-19 08:23:05,144 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 08:23:05,181 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-19 08:23:05,183 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-19 08:23:05,186 INFO L87 Difference]: Start difference. First operand has 92 states, 62 states have (on average 1.4838709677419355) internal successors, (92), 64 states have internal predecessors, (92), 19 states have call successors, (19), 9 states have call predecessors, (19), 9 states have return successors, (19), 19 states have call predecessors, (19), 19 states have call successors, (19) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) [2022-11-19 08:23:05,313 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 08:23:05,313 INFO L93 Difference]: Finished difference Result 150 states and 202 transitions. [2022-11-19 08:23:05,315 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-19 08:23:05,316 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) Word has length 42 [2022-11-19 08:23:05,317 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 08:23:05,335 INFO L225 Difference]: With dead ends: 150 [2022-11-19 08:23:05,336 INFO L226 Difference]: Without dead ends: 89 [2022-11-19 08:23:05,339 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-19 08:23:05,343 INFO L413 NwaCegarLoop]: 105 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 23 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 105 SdHoareTripleChecker+Invalid, 23 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 23 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-19 08:23:05,344 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 105 Invalid, 23 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 23 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-19 08:23:05,362 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 89 states. [2022-11-19 08:23:05,395 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 89 to 89. [2022-11-19 08:23:05,397 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 89 states, 60 states have (on average 1.4333333333333333) internal successors, (86), 61 states have internal predecessors, (86), 19 states have call successors, (19), 9 states have call predecessors, (19), 9 states have return successors, (18), 18 states have call predecessors, (18), 18 states have call successors, (18) [2022-11-19 08:23:05,399 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 89 states to 89 states and 123 transitions. [2022-11-19 08:23:05,401 INFO L78 Accepts]: Start accepts. Automaton has 89 states and 123 transitions. Word has length 42 [2022-11-19 08:23:05,403 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 08:23:05,404 INFO L495 AbstractCegarLoop]: Abstraction has 89 states and 123 transitions. [2022-11-19 08:23:05,405 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) [2022-11-19 08:23:05,406 INFO L276 IsEmpty]: Start isEmpty. Operand 89 states and 123 transitions. [2022-11-19 08:23:05,408 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2022-11-19 08:23:05,409 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 08:23:05,410 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 08:23:05,410 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-19 08:23:05,410 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 08:23:05,411 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 08:23:05,412 INFO L85 PathProgramCache]: Analyzing trace with hash 689599262, now seen corresponding path program 1 times [2022-11-19 08:23:05,412 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 08:23:05,413 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1794932780] [2022-11-19 08:23:05,413 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 08:23:05,413 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 08:23:05,502 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 08:23:05,697 INFO L134 CoverageAnalysis]: Checked inductivity of 8 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-11-19 08:23:05,698 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 08:23:05,698 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1794932780] [2022-11-19 08:23:05,698 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1794932780] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 08:23:05,698 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-19 08:23:05,699 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-19 08:23:05,699 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1682090428] [2022-11-19 08:23:05,699 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 08:23:05,705 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-19 08:23:05,705 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 08:23:05,706 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-19 08:23:05,706 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-19 08:23:05,706 INFO L87 Difference]: Start difference. First operand 89 states and 123 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) [2022-11-19 08:23:05,780 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 08:23:05,781 INFO L93 Difference]: Finished difference Result 146 states and 190 transitions. [2022-11-19 08:23:05,781 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-19 08:23:05,781 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) Word has length 43 [2022-11-19 08:23:05,782 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 08:23:05,783 INFO L225 Difference]: With dead ends: 146 [2022-11-19 08:23:05,783 INFO L226 Difference]: Without dead ends: 91 [2022-11-19 08:23:05,784 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-19 08:23:05,786 INFO L413 NwaCegarLoop]: 102 mSDtfsCounter, 0 mSDsluCounter, 101 mSDsCounter, 0 mSdLazyCounter, 42 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 203 SdHoareTripleChecker+Invalid, 42 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 42 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-19 08:23:05,786 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 203 Invalid, 42 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 42 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-19 08:23:05,787 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 91 states. [2022-11-19 08:23:05,796 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 91 to 91. [2022-11-19 08:23:05,797 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 91 states, 62 states have (on average 1.4193548387096775) internal successors, (88), 63 states have internal predecessors, (88), 19 states have call successors, (19), 9 states have call predecessors, (19), 9 states have return successors, (18), 18 states have call predecessors, (18), 18 states have call successors, (18) [2022-11-19 08:23:05,798 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 91 states to 91 states and 125 transitions. [2022-11-19 08:23:05,799 INFO L78 Accepts]: Start accepts. Automaton has 91 states and 125 transitions. Word has length 43 [2022-11-19 08:23:05,799 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 08:23:05,799 INFO L495 AbstractCegarLoop]: Abstraction has 91 states and 125 transitions. [2022-11-19 08:23:05,800 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) [2022-11-19 08:23:05,800 INFO L276 IsEmpty]: Start isEmpty. Operand 91 states and 125 transitions. [2022-11-19 08:23:05,801 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2022-11-19 08:23:05,802 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 08:23:05,802 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 08:23:05,802 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-19 08:23:05,802 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 08:23:05,803 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 08:23:05,803 INFO L85 PathProgramCache]: Analyzing trace with hash 46987416, now seen corresponding path program 1 times [2022-11-19 08:23:05,803 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 08:23:05,804 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1304611932] [2022-11-19 08:23:05,804 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 08:23:05,804 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 08:23:05,836 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 08:23:06,015 INFO L134 CoverageAnalysis]: Checked inductivity of 10 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-11-19 08:23:06,016 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 08:23:06,016 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1304611932] [2022-11-19 08:23:06,016 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1304611932] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-19 08:23:06,016 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1574466478] [2022-11-19 08:23:06,017 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 08:23:06,017 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-19 08:23:06,017 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS/z3 [2022-11-19 08:23:06,023 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-19 08:23:06,043 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-19 08:23:06,305 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 08:23:06,310 INFO L263 TraceCheckSpWp]: Trace formula consists of 772 conjuncts, 3 conjunts are in the unsatisfiable core [2022-11-19 08:23:06,317 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-19 08:23:06,373 INFO L134 CoverageAnalysis]: Checked inductivity of 10 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-11-19 08:23:06,373 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-19 08:23:06,454 INFO L134 CoverageAnalysis]: Checked inductivity of 10 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-11-19 08:23:06,455 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1574466478] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-19 08:23:06,455 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1268317478] [2022-11-19 08:23:06,489 INFO L159 IcfgInterpreter]: Started Sifa with 40 locations of interest [2022-11-19 08:23:06,489 INFO L166 IcfgInterpreter]: Building call graph [2022-11-19 08:23:06,493 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-19 08:23:06,499 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-19 08:23:06,500 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-19 08:23:16,088 INFO L197 IcfgInterpreter]: Interpreting procedure setClientId with input of size 451 for LOIs [2022-11-19 08:23:16,508 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-19 08:23:43,928 WARN L233 SmtUtils]: Spent 9.09s on a formula simplification. DAG size of input: 573 DAG size of output: 309 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:24:04,649 WARN L233 SmtUtils]: Spent 20.44s on a formula simplification. DAG size of input: 575 DAG size of output: 442 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:24:05,757 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSifa [1268317478] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 08:24:05,757 INFO L184 FreeRefinementEngine]: Found 1 perfect and 3 imperfect interpolant sequences. [2022-11-19 08:24:05,758 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [13] imperfect sequences [4, 4, 4] total 19 [2022-11-19 08:24:05,758 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [618272649] [2022-11-19 08:24:05,759 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 08:24:05,759 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2022-11-19 08:24:05,759 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 08:24:05,760 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2022-11-19 08:24:05,760 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=58, Invalid=284, Unknown=0, NotChecked=0, Total=342 [2022-11-19 08:24:05,760 INFO L87 Difference]: Start difference. First operand 91 states and 125 transitions. Second operand has 14 states, 10 states have (on average 2.5) internal successors, (25), 9 states have internal predecessors, (25), 4 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (8), 4 states have call predecessors, (8), 4 states have call successors, (8) [2022-11-19 08:24:09,951 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 08:24:09,951 INFO L93 Difference]: Finished difference Result 244 states and 379 transitions. [2022-11-19 08:24:09,952 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 14 states. [2022-11-19 08:24:09,952 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 10 states have (on average 2.5) internal successors, (25), 9 states have internal predecessors, (25), 4 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (8), 4 states have call predecessors, (8), 4 states have call successors, (8) Word has length 47 [2022-11-19 08:24:09,952 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 08:24:09,955 INFO L225 Difference]: With dead ends: 244 [2022-11-19 08:24:09,955 INFO L226 Difference]: Without dead ends: 165 [2022-11-19 08:24:09,956 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 143 GetRequests, 126 SyntacticMatches, 0 SemanticMatches, 17 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 84 ImplicationChecksByTransitivity, 49.2s TimeCoverageRelationStatistics Valid=58, Invalid=284, Unknown=0, NotChecked=0, Total=342 [2022-11-19 08:24:09,958 INFO L413 NwaCegarLoop]: 146 mSDtfsCounter, 100 mSDsluCounter, 1206 mSDsCounter, 0 mSdLazyCounter, 793 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 3.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 100 SdHoareTripleChecker+Valid, 1352 SdHoareTripleChecker+Invalid, 804 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.1s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 793 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 4.0s IncrementalHoareTripleChecker+Time [2022-11-19 08:24:09,958 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [100 Valid, 1352 Invalid, 804 Unknown, 0 Unchecked, 0.1s Time], IncrementalHoareTripleChecker [11 Valid, 793 Invalid, 0 Unknown, 0 Unchecked, 4.0s Time] [2022-11-19 08:24:09,959 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 165 states. [2022-11-19 08:24:10,035 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 165 to 112. [2022-11-19 08:24:10,036 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 112 states, 83 states have (on average 1.4457831325301205) internal successors, (120), 84 states have internal predecessors, (120), 19 states have call successors, (19), 9 states have call predecessors, (19), 9 states have return successors, (18), 18 states have call predecessors, (18), 18 states have call successors, (18) [2022-11-19 08:24:10,037 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 112 states to 112 states and 157 transitions. [2022-11-19 08:24:10,038 INFO L78 Accepts]: Start accepts. Automaton has 112 states and 157 transitions. Word has length 47 [2022-11-19 08:24:10,038 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 08:24:10,038 INFO L495 AbstractCegarLoop]: Abstraction has 112 states and 157 transitions. [2022-11-19 08:24:10,039 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 10 states have (on average 2.5) internal successors, (25), 9 states have internal predecessors, (25), 4 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (8), 4 states have call predecessors, (8), 4 states have call successors, (8) [2022-11-19 08:24:10,039 INFO L276 IsEmpty]: Start isEmpty. Operand 112 states and 157 transitions. [2022-11-19 08:24:10,042 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 49 [2022-11-19 08:24:10,042 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 08:24:10,043 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 08:24:10,056 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-19 08:24:10,250 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable2 [2022-11-19 08:24:10,250 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 08:24:10,251 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 08:24:10,251 INFO L85 PathProgramCache]: Analyzing trace with hash -394875217, now seen corresponding path program 1 times [2022-11-19 08:24:10,251 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 08:24:10,252 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1290500708] [2022-11-19 08:24:10,252 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 08:24:10,252 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 08:24:10,277 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 08:24:10,330 INFO L134 CoverageAnalysis]: Checked inductivity of 10 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-11-19 08:24:10,330 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 08:24:10,331 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1290500708] [2022-11-19 08:24:10,333 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1290500708] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 08:24:10,335 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-19 08:24:10,335 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-19 08:24:10,336 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [83164641] [2022-11-19 08:24:10,336 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 08:24:10,336 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-19 08:24:10,337 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 08:24:10,337 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-19 08:24:10,337 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-19 08:24:10,337 INFO L87 Difference]: Start difference. First operand 112 states and 157 transitions. Second operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) [2022-11-19 08:24:10,565 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 08:24:10,565 INFO L93 Difference]: Finished difference Result 260 states and 379 transitions. [2022-11-19 08:24:10,565 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-19 08:24:10,566 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) Word has length 48 [2022-11-19 08:24:10,566 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 08:24:10,571 INFO L225 Difference]: With dead ends: 260 [2022-11-19 08:24:10,572 INFO L226 Difference]: Without dead ends: 162 [2022-11-19 08:24:10,575 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-19 08:24:10,580 INFO L413 NwaCegarLoop]: 102 mSDtfsCounter, 46 mSDsluCounter, 98 mSDsCounter, 0 mSdLazyCounter, 44 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 47 SdHoareTripleChecker+Valid, 200 SdHoareTripleChecker+Invalid, 45 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 44 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-19 08:24:10,581 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [47 Valid, 200 Invalid, 45 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 44 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-19 08:24:10,585 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 162 states. [2022-11-19 08:24:10,705 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 162 to 157. [2022-11-19 08:24:10,706 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 157 states, 128 states have (on average 1.5234375) internal successors, (195), 129 states have internal predecessors, (195), 19 states have call successors, (19), 9 states have call predecessors, (19), 9 states have return successors, (18), 18 states have call predecessors, (18), 18 states have call successors, (18) [2022-11-19 08:24:10,708 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 157 states to 157 states and 232 transitions. [2022-11-19 08:24:10,708 INFO L78 Accepts]: Start accepts. Automaton has 157 states and 232 transitions. Word has length 48 [2022-11-19 08:24:10,709 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 08:24:10,709 INFO L495 AbstractCegarLoop]: Abstraction has 157 states and 232 transitions. [2022-11-19 08:24:10,709 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) [2022-11-19 08:24:10,709 INFO L276 IsEmpty]: Start isEmpty. Operand 157 states and 232 transitions. [2022-11-19 08:24:10,711 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2022-11-19 08:24:10,711 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 08:24:10,711 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 08:24:10,712 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-19 08:24:10,712 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 08:24:10,712 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 08:24:10,713 INFO L85 PathProgramCache]: Analyzing trace with hash 942691457, now seen corresponding path program 1 times [2022-11-19 08:24:10,713 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 08:24:10,713 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [609670237] [2022-11-19 08:24:10,713 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 08:24:10,714 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 08:24:10,737 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 08:24:10,823 INFO L134 CoverageAnalysis]: Checked inductivity of 10 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-11-19 08:24:10,824 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 08:24:10,824 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [609670237] [2022-11-19 08:24:10,824 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [609670237] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-19 08:24:10,824 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1137242418] [2022-11-19 08:24:10,824 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 08:24:10,825 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-19 08:24:10,825 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS/z3 [2022-11-19 08:24:10,826 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-19 08:24:10,835 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-19 08:24:11,062 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 08:24:11,066 INFO L263 TraceCheckSpWp]: Trace formula consists of 789 conjuncts, 3 conjunts are in the unsatisfiable core [2022-11-19 08:24:11,069 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-19 08:24:11,103 INFO L134 CoverageAnalysis]: Checked inductivity of 10 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-11-19 08:24:11,103 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-19 08:24:11,191 INFO L134 CoverageAnalysis]: Checked inductivity of 10 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-11-19 08:24:11,192 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1137242418] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-19 08:24:11,192 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1581288529] [2022-11-19 08:24:11,195 INFO L159 IcfgInterpreter]: Started Sifa with 42 locations of interest [2022-11-19 08:24:11,196 INFO L166 IcfgInterpreter]: Building call graph [2022-11-19 08:24:11,196 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-19 08:24:11,196 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-19 08:24:11,197 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-19 08:24:23,011 INFO L197 IcfgInterpreter]: Interpreting procedure setClientId with input of size 451 for LOIs [2022-11-19 08:24:23,348 INFO L197 IcfgInterpreter]: Interpreting procedure sendEmail with input of size 249 for LOIs [2022-11-19 08:24:24,969 INFO L197 IcfgInterpreter]: Interpreting procedure setEmailTo with input of size 239 for LOIs [2022-11-19 08:24:25,012 INFO L197 IcfgInterpreter]: Interpreting procedure outgoing with input of size 251 for LOIs [2022-11-19 08:24:35,368 INFO L197 IcfgInterpreter]: Interpreting procedure isReadable with input of size 446 for LOIs [2022-11-19 08:24:35,620 INFO L197 IcfgInterpreter]: Interpreting procedure getEmailTo with input of size 242 for LOIs [2022-11-19 08:24:35,661 INFO L197 IcfgInterpreter]: Interpreting procedure setEmailFrom with input of size 478 for LOIs [2022-11-19 08:24:38,865 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-19 08:25:15,857 WARN L233 SmtUtils]: Spent 19.44s on a formula simplification. DAG size of input: 584 DAG size of output: 453 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:25:35,756 WARN L233 SmtUtils]: Spent 19.63s on a formula simplification. DAG size of input: 586 DAG size of output: 456 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:25:43,131 WARN L233 SmtUtils]: Spent 7.13s on a formula simplification. DAG size of input: 558 DAG size of output: 370 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:25:50,479 WARN L233 SmtUtils]: Spent 7.08s on a formula simplification. DAG size of input: 556 DAG size of output: 368 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:26:08,573 WARN L233 SmtUtils]: Spent 13.72s on a formula simplification. DAG size of input: 478 DAG size of output: 365 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:26:37,730 WARN L233 SmtUtils]: Spent 7.58s on a formula simplification. DAG size of input: 506 DAG size of output: 391 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:26:47,069 WARN L233 SmtUtils]: Spent 8.80s on a formula simplification. DAG size of input: 570 DAG size of output: 434 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:26:57,007 WARN L233 SmtUtils]: Spent 9.38s on a formula simplification. DAG size of input: 592 DAG size of output: 456 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:27:09,575 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSifa [1581288529] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 08:27:09,575 INFO L184 FreeRefinementEngine]: Found 1 perfect and 3 imperfect interpolant sequences. [2022-11-19 08:27:09,575 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [38] imperfect sequences [4, 4, 4] total 44 [2022-11-19 08:27:09,575 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1022967830] [2022-11-19 08:27:09,576 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 08:27:09,576 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 39 states [2022-11-19 08:27:09,576 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 08:27:09,577 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 39 interpolants. [2022-11-19 08:27:09,578 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=118, Invalid=1774, Unknown=0, NotChecked=0, Total=1892 [2022-11-19 08:27:09,578 INFO L87 Difference]: Start difference. First operand 157 states and 232 transitions. Second operand has 39 states, 25 states have (on average 1.08) internal successors, (27), 23 states have internal predecessors, (27), 10 states have call successors, (10), 7 states have call predecessors, (10), 5 states have return successors, (8), 8 states have call predecessors, (8), 8 states have call successors, (8) [2022-11-19 08:27:20,251 WARN L233 SmtUtils]: Spent 9.28s on a formula simplification. DAG size of input: 568 DAG size of output: 427 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:27:29,395 WARN L233 SmtUtils]: Spent 8.75s on a formula simplification. DAG size of input: 570 DAG size of output: 317 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:27:41,029 WARN L233 SmtUtils]: Spent 11.25s on a formula simplification. DAG size of input: 578 DAG size of output: 345 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:27:52,704 WARN L233 SmtUtils]: Spent 11.21s on a formula simplification. DAG size of input: 576 DAG size of output: 343 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:28:02,231 WARN L233 SmtUtils]: Spent 9.17s on a formula simplification. DAG size of input: 584 DAG size of output: 310 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:28:12,822 WARN L233 SmtUtils]: Spent 10.23s on a formula simplification. DAG size of input: 514 DAG size of output: 446 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:28:26,069 WARN L233 SmtUtils]: Spent 12.62s on a formula simplification. DAG size of input: 521 DAG size of output: 448 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:28:37,600 WARN L233 SmtUtils]: Spent 11.15s on a formula simplification. DAG size of input: 580 DAG size of output: 447 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:28:51,599 WARN L233 SmtUtils]: Spent 8.19s on a formula simplification. DAG size of input: 614 DAG size of output: 403 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:29:00,276 WARN L233 SmtUtils]: Spent 8.17s on a formula simplification. DAG size of input: 614 DAG size of output: 403 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:29:02,511 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 08:29:02,511 INFO L93 Difference]: Finished difference Result 410 states and 646 transitions. [2022-11-19 08:29:02,512 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 43 states. [2022-11-19 08:29:02,512 INFO L78 Accepts]: Start accepts. Automaton has has 39 states, 25 states have (on average 1.08) internal successors, (27), 23 states have internal predecessors, (27), 10 states have call successors, (10), 7 states have call predecessors, (10), 5 states have return successors, (8), 8 states have call predecessors, (8), 8 states have call successors, (8) Word has length 49 [2022-11-19 08:29:02,513 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 08:29:02,515 INFO L225 Difference]: With dead ends: 410 [2022-11-19 08:29:02,515 INFO L226 Difference]: Without dead ends: 308 [2022-11-19 08:29:02,517 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 159 GetRequests, 107 SyntacticMatches, 0 SemanticMatches, 52 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 573 ImplicationChecksByTransitivity, 253.4s TimeCoverageRelationStatistics Valid=200, Invalid=2662, Unknown=0, NotChecked=0, Total=2862 [2022-11-19 08:29:02,518 INFO L413 NwaCegarLoop]: 112 mSDtfsCounter, 258 mSDsluCounter, 1937 mSDsCounter, 0 mSdLazyCounter, 2240 mSolverCounterSat, 30 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 9.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 260 SdHoareTripleChecker+Valid, 2049 SdHoareTripleChecker+Invalid, 2270 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.1s SdHoareTripleChecker+Time, 30 IncrementalHoareTripleChecker+Valid, 2240 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 9.7s IncrementalHoareTripleChecker+Time [2022-11-19 08:29:02,519 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [260 Valid, 2049 Invalid, 2270 Unknown, 0 Unchecked, 0.1s Time], IncrementalHoareTripleChecker [30 Valid, 2240 Invalid, 0 Unknown, 0 Unchecked, 9.7s Time] [2022-11-19 08:29:02,520 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 308 states. [2022-11-19 08:29:02,799 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 308 to 258. [2022-11-19 08:29:02,799 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 258 states, 217 states have (on average 1.5852534562211982) internal successors, (344), 219 states have internal predecessors, (344), 26 states have call successors, (26), 15 states have call predecessors, (26), 14 states have return successors, (26), 23 states have call predecessors, (26), 25 states have call successors, (26) [2022-11-19 08:29:02,801 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 258 states to 258 states and 396 transitions. [2022-11-19 08:29:02,801 INFO L78 Accepts]: Start accepts. Automaton has 258 states and 396 transitions. Word has length 49 [2022-11-19 08:29:02,802 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 08:29:02,802 INFO L495 AbstractCegarLoop]: Abstraction has 258 states and 396 transitions. [2022-11-19 08:29:02,802 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 39 states, 25 states have (on average 1.08) internal successors, (27), 23 states have internal predecessors, (27), 10 states have call successors, (10), 7 states have call predecessors, (10), 5 states have return successors, (8), 8 states have call predecessors, (8), 8 states have call successors, (8) [2022-11-19 08:29:02,803 INFO L276 IsEmpty]: Start isEmpty. Operand 258 states and 396 transitions. [2022-11-19 08:29:02,805 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2022-11-19 08:29:02,805 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 08:29:02,805 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 08:29:02,812 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2022-11-19 08:29:03,011 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-19 08:29:03,011 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 08:29:03,011 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 08:29:03,012 INFO L85 PathProgramCache]: Analyzing trace with hash 314475893, now seen corresponding path program 1 times [2022-11-19 08:29:03,012 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 08:29:03,012 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [980383546] [2022-11-19 08:29:03,012 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 08:29:03,012 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 08:29:03,056 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 08:29:03,278 INFO L134 CoverageAnalysis]: Checked inductivity of 15 backedges. 3 proven. 2 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2022-11-19 08:29:03,279 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 08:29:03,279 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [980383546] [2022-11-19 08:29:03,279 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [980383546] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-19 08:29:03,279 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1734815752] [2022-11-19 08:29:03,279 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 08:29:03,280 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-19 08:29:03,280 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS/z3 [2022-11-19 08:29:03,281 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-19 08:29:03,312 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2022-11-19 08:29:03,532 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 08:29:03,536 INFO L263 TraceCheckSpWp]: Trace formula consists of 795 conjuncts, 4 conjunts are in the unsatisfiable core [2022-11-19 08:29:03,540 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-19 08:29:03,580 INFO L134 CoverageAnalysis]: Checked inductivity of 15 backedges. 0 proven. 7 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-11-19 08:29:03,581 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-19 08:29:03,666 INFO L134 CoverageAnalysis]: Checked inductivity of 15 backedges. 0 proven. 7 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-11-19 08:29:03,667 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1734815752] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-19 08:29:03,667 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [26599044] [2022-11-19 08:29:03,670 INFO L159 IcfgInterpreter]: Started Sifa with 42 locations of interest [2022-11-19 08:29:03,670 INFO L166 IcfgInterpreter]: Building call graph [2022-11-19 08:29:03,671 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-19 08:29:03,671 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-19 08:29:03,671 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-19 08:29:20,869 INFO L197 IcfgInterpreter]: Interpreting procedure setClientId with input of size 451 for LOIs [2022-11-19 08:29:21,208 INFO L197 IcfgInterpreter]: Interpreting procedure sendEmail with input of size 466 for LOIs [2022-11-19 08:29:45,983 INFO L197 IcfgInterpreter]: Interpreting procedure setEmailTo with input of size 456 for LOIs [2022-11-19 08:29:46,279 INFO L197 IcfgInterpreter]: Interpreting procedure outgoing with input of size 464 for LOIs [2022-11-19 08:29:53,131 INFO L197 IcfgInterpreter]: Interpreting procedure isReadable with input of size 244 for LOIs [2022-11-19 08:29:53,162 INFO L197 IcfgInterpreter]: Interpreting procedure getEmailTo with input of size 241 for LOIs [2022-11-19 08:29:53,199 INFO L197 IcfgInterpreter]: Interpreting procedure setEmailFrom with input of size 455 for LOIs [2022-11-19 08:29:53,914 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-19 08:30:18,656 WARN L233 SmtUtils]: Spent 6.97s on a formula simplification. DAG size of input: 557 DAG size of output: 361 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:30:24,778 WARN L233 SmtUtils]: Spent 5.82s on a formula simplification. DAG size of input: 559 DAG size of output: 333 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:30:32,078 WARN L233 SmtUtils]: Spent 5.86s on a formula simplification. DAG size of input: 561 DAG size of output: 335 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:30:39,786 WARN L233 SmtUtils]: Spent 6.20s on a formula simplification. DAG size of input: 553 DAG size of output: 344 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:30:45,789 WARN L233 SmtUtils]: Spent 5.69s on a formula simplification. DAG size of input: 466 DAG size of output: 324 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:30:52,070 WARN L233 SmtUtils]: Spent 5.96s on a formula simplification. DAG size of input: 480 DAG size of output: 338 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:30:58,429 WARN L233 SmtUtils]: Spent 6.03s on a formula simplification. DAG size of input: 455 DAG size of output: 335 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:31:04,946 WARN L233 SmtUtils]: Spent 6.17s on a formula simplification. DAG size of input: 470 DAG size of output: 338 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:31:11,570 WARN L233 SmtUtils]: Spent 6.23s on a formula simplification. DAG size of input: 508 DAG size of output: 324 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:31:24,663 WARN L233 SmtUtils]: Spent 5.51s on a formula simplification. DAG size of input: 504 DAG size of output: 289 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:31:35,168 WARN L233 SmtUtils]: Spent 5.61s on a formula simplification. DAG size of input: 464 DAG size of output: 322 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:31:41,650 WARN L233 SmtUtils]: Spent 6.02s on a formula simplification. DAG size of input: 503 DAG size of output: 343 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:31:53,157 WARN L233 SmtUtils]: Spent 6.17s on a formula simplification. DAG size of input: 505 DAG size of output: 351 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-19 08:32:06,065 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSifa [26599044] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 08:32:06,065 INFO L184 FreeRefinementEngine]: Found 1 perfect and 3 imperfect interpolant sequences. [2022-11-19 08:32:06,065 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [38] imperfect sequences [6, 5, 5] total 47 [2022-11-19 08:32:06,066 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [348333730] [2022-11-19 08:32:06,066 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 08:32:06,066 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 39 states [2022-11-19 08:32:06,066 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 08:32:06,067 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 39 interpolants. [2022-11-19 08:32:06,067 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=135, Invalid=2027, Unknown=0, NotChecked=0, Total=2162 [2022-11-19 08:32:06,068 INFO L87 Difference]: Start difference. First operand 258 states and 396 transitions. Second operand has 39 states, 25 states have (on average 1.12) internal successors, (28), 23 states have internal predecessors, (28), 10 states have call successors, (10), 7 states have call predecessors, (10), 5 states have return successors, (8), 8 states have call predecessors, (8), 8 states have call successors, (8) [2022-11-19 08:32:48,576 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 08:32:48,577 INFO L93 Difference]: Finished difference Result 676 states and 1088 transitions. [2022-11-19 08:32:48,577 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 44 states. [2022-11-19 08:32:48,578 INFO L78 Accepts]: Start accepts. Automaton has has 39 states, 25 states have (on average 1.12) internal successors, (28), 23 states have internal predecessors, (28), 10 states have call successors, (10), 7 states have call predecessors, (10), 5 states have return successors, (8), 8 states have call predecessors, (8), 8 states have call successors, (8) Word has length 52 [2022-11-19 08:32:48,578 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 08:32:48,580 INFO L225 Difference]: With dead ends: 676 [2022-11-19 08:32:48,581 INFO L226 Difference]: Without dead ends: 440 [2022-11-19 08:32:48,582 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 170 GetRequests, 114 SyntacticMatches, 2 SemanticMatches, 54 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 502 ImplicationChecksByTransitivity, 162.7s TimeCoverageRelationStatistics Valid=209, Invalid=2871, Unknown=0, NotChecked=0, Total=3080 [2022-11-19 08:32:48,583 INFO L413 NwaCegarLoop]: 124 mSDtfsCounter, 218 mSDsluCounter, 2350 mSDsCounter, 0 mSdLazyCounter, 3115 mSolverCounterSat, 32 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 10.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 220 SdHoareTripleChecker+Valid, 2474 SdHoareTripleChecker+Invalid, 3147 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.1s SdHoareTripleChecker+Time, 32 IncrementalHoareTripleChecker+Valid, 3115 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 11.3s IncrementalHoareTripleChecker+Time [2022-11-19 08:32:48,583 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [220 Valid, 2474 Invalid, 3147 Unknown, 0 Unchecked, 0.1s Time], IncrementalHoareTripleChecker [32 Valid, 3115 Invalid, 0 Unknown, 0 Unchecked, 11.3s Time] [2022-11-19 08:32:48,584 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 440 states. [2022-11-19 08:32:48,833 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 440 to 263. [2022-11-19 08:32:48,834 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 263 states, 222 states have (on average 1.5765765765765767) internal successors, (350), 224 states have internal predecessors, (350), 26 states have call successors, (26), 15 states have call predecessors, (26), 14 states have return successors, (26), 23 states have call predecessors, (26), 25 states have call successors, (26) [2022-11-19 08:32:48,835 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 263 states to 263 states and 402 transitions. [2022-11-19 08:32:48,835 INFO L78 Accepts]: Start accepts. Automaton has 263 states and 402 transitions. Word has length 52 [2022-11-19 08:32:48,835 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 08:32:48,836 INFO L495 AbstractCegarLoop]: Abstraction has 263 states and 402 transitions. [2022-11-19 08:32:48,836 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 39 states, 25 states have (on average 1.12) internal successors, (28), 23 states have internal predecessors, (28), 10 states have call successors, (10), 7 states have call predecessors, (10), 5 states have return successors, (8), 8 states have call predecessors, (8), 8 states have call successors, (8) [2022-11-19 08:32:48,836 INFO L276 IsEmpty]: Start isEmpty. Operand 263 states and 402 transitions. [2022-11-19 08:32:48,838 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 58 [2022-11-19 08:32:48,838 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 08:32:48,838 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 08:32:48,845 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2022-11-19 08:32:49,043 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5,4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-19 08:32:49,043 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 08:32:49,043 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 08:32:49,044 INFO L85 PathProgramCache]: Analyzing trace with hash -1215413347, now seen corresponding path program 1 times [2022-11-19 08:32:49,044 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 08:32:49,044 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [516626521] [2022-11-19 08:32:49,044 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 08:32:49,044 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 08:32:49,071 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 08:32:49,163 INFO L134 CoverageAnalysis]: Checked inductivity of 18 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2022-11-19 08:32:49,164 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 08:32:49,164 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [516626521] [2022-11-19 08:32:49,164 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [516626521] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 08:32:49,164 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-19 08:32:49,164 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-19 08:32:49,164 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [425248947] [2022-11-19 08:32:49,165 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 08:32:49,165 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-19 08:32:49,165 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 08:32:49,166 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-19 08:32:49,166 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-19 08:32:49,166 INFO L87 Difference]: Start difference. First operand 263 states and 402 transitions. Second operand has 5 states, 4 states have (on average 7.5) internal successors, (30), 4 states have internal predecessors, (30), 1 states have call successors, (10), 1 states have call predecessors, (10), 2 states have return successors, (8), 2 states have call predecessors, (8), 1 states have call successors, (8) [2022-11-19 08:32:49,570 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 08:32:49,570 INFO L93 Difference]: Finished difference Result 277 states and 423 transitions. [2022-11-19 08:32:49,575 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-19 08:32:49,575 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 7.5) internal successors, (30), 4 states have internal predecessors, (30), 1 states have call successors, (10), 1 states have call predecessors, (10), 2 states have return successors, (8), 2 states have call predecessors, (8), 1 states have call successors, (8) Word has length 57 [2022-11-19 08:32:49,578 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 08:32:49,578 INFO L225 Difference]: With dead ends: 277 [2022-11-19 08:32:49,578 INFO L226 Difference]: Without dead ends: 0 [2022-11-19 08:32:49,579 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-19 08:32:49,580 INFO L413 NwaCegarLoop]: 114 mSDtfsCounter, 13 mSDsluCounter, 320 mSDsCounter, 0 mSdLazyCounter, 106 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 21 SdHoareTripleChecker+Valid, 434 SdHoareTripleChecker+Invalid, 106 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 106 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-19 08:32:49,580 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [21 Valid, 434 Invalid, 106 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 106 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-19 08:32:49,582 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-19 08:32:49,582 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-19 08:32:49,582 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-19 08:32:49,582 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-19 08:32:49,582 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 57 [2022-11-19 08:32:49,583 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 08:32:49,583 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-19 08:32:49,583 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 7.5) internal successors, (30), 4 states have internal predecessors, (30), 1 states have call successors, (10), 1 states have call predecessors, (10), 2 states have return successors, (8), 2 states have call predecessors, (8), 1 states have call successors, (8) [2022-11-19 08:32:49,583 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-19 08:32:49,583 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-19 08:32:49,586 INFO L805 garLoopResultBuilder]: Registering result SAFE for location outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-19 08:32:49,586 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-11-19 08:32:49,589 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-19 08:32:56,868 WARN L233 SmtUtils]: Spent 5.75s on a formula simplification. DAG size of input: 710 DAG size of output: 557 (called from [L 149] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.combineInter) [2022-11-19 08:33:02,759 WARN L233 SmtUtils]: Spent 5.88s on a formula simplification. DAG size of input: 711 DAG size of output: 538 (called from [L 149] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.combineInter) [2022-11-19 08:33:08,411 WARN L233 SmtUtils]: Spent 5.64s on a formula simplification. DAG size of input: 697 DAG size of output: 532 (called from [L 149] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.combineInter) [2022-11-19 08:33:15,360 WARN L233 SmtUtils]: Spent 6.15s on a formula simplification. DAG size of input: 704 DAG size of output: 550 (called from [L 149] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.combineInter) [2022-11-19 08:33:21,055 WARN L233 SmtUtils]: Spent 5.68s on a formula simplification. DAG size of input: 704 DAG size of output: 535 (called from [L 149] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.combineInter) [2022-11-19 08:33:28,555 WARN L233 SmtUtils]: Spent 6.20s on a formula simplification. DAG size of input: 624 DAG size of output: 548 (called from [L 149] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.combineInter) [2022-11-19 08:33:35,507 WARN L233 SmtUtils]: Spent 6.94s on a formula simplification. DAG size of input: 776 DAG size of output: 622 (called from [L 149] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.combineInter) [2022-11-19 08:33:49,577 WARN L233 SmtUtils]: Spent 5.41s on a formula simplification. DAG size of input: 685 DAG size of output: 532 (called from [L 149] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.combineInter) [2022-11-19 08:33:59,744 WARN L233 SmtUtils]: Spent 6.70s on a formula simplification. DAG size of input: 756 DAG size of output: 602 (called from [L 149] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.combineInter) [2022-11-19 08:34:07,694 WARN L233 SmtUtils]: Spent 5.36s on a formula simplification. DAG size of input: 671 DAG size of output: 516 (called from [L 149] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.combineInter) [2022-11-19 08:34:13,202 WARN L233 SmtUtils]: Spent 5.50s on a formula simplification. DAG size of input: 685 DAG size of output: 530 (called from [L 149] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.combineInter) [2022-11-19 08:34:16,331 INFO L902 garLoopResultBuilder]: At program point L1662(line 1662) the Hoare annotation is: true [2022-11-19 08:34:16,331 INFO L902 garLoopResultBuilder]: At program point L1662-1(line 1662) the Hoare annotation is: true [2022-11-19 08:34:16,331 INFO L899 garLoopResultBuilder]: For program point L2521-1(line 2521) no Hoare annotation was computed. [2022-11-19 08:34:16,332 INFO L902 garLoopResultBuilder]: At program point L2521(line 2521) the Hoare annotation is: true [2022-11-19 08:34:16,336 INFO L895 garLoopResultBuilder]: At program point L1606(line 1606) the Hoare annotation is: (or (not (<= ~__ste_client_privateKey0~0 0)) (not (<= 1 |outgoing_#in~client#1|)) (not (<= 0 ~__ste_email_subject0~0.offset)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address1~0)) (not (<= 0 |old(~queued_message~0)|)) (not (<= ~__ste_email_isEncrypted1~0 0)) (not (<= 0 ~__ste_client_privateKey0~0)) (not (<= ~__ste_email_subject1~0.offset 0)) (not (<= 0 |old(~__ste_email_from0~0)|)) (not (<= ~__ste_email_signKey1~0 0)) (not (<= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 ~__ste_email_subject1~0.offset)) (not (<= 0 ~__ste_Client_AddressBook1_Address1~0)) (not (<= 0 ~head~0.base)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (<= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (<= 0 |#NULL.offset|)) (not (<= ~__ste_client_privateKey1~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (<= 0 ~__ste_client_forwardReceiver1~0)) (not (<= 0 ~__ste_client_privateKey1~0)) (not (= ~__ste_Client_counter~0 0)) (not (<= 0 ~__ste_email_id1~0)) (not (<= ~__ste_Client_AddressBook2_Address1~0 0)) (not (<= 3 ~chuck~0)) (not (<= |old(~queued_message~0)| 0)) (not (<= ~__ste_ClientAddressBook_size1~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (<= 0 ~__ste_Client_Keyring0_User0~0)) (not (<= 0 ~__ste_email_body1~0.offset)) (not (<= |old(~queued_client~0)| 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (<= 0 ~__ste_email_encryptionKey0~0)) (not (<= 0 ~__ste_Client_Keyring1_User2~0)) (not (<= ~__ste_ClientKeyring_size0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AddressBook~0)) (not (<= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address0~0)) (not (<= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (<= 0 ~__GUIDSL_ROOT_PRODUCTION~0)) (not (<= ~head~0.base 0)) (and (= |outgoing_getClientId_#in~handle#1| |outgoing_~client#1|) (= ~queued_message~0 |old(~queued_message~0)|) (= ~__ste_email_to0~0 |old(~__ste_email_to0~0)|) (= ~__ste_email_to1~0 |old(~__ste_email_to1~0)|) (= |outgoing_#in~msg#1| |outgoing_~msg#1|) (= |old(~__ste_email_from0~0)| ~__ste_email_from0~0) (= |old(~__ste_email_from1~0)| ~__ste_email_from1~0) (<= |outgoing_~tmp~3#1| 2147483647) (= |old(~queue_empty~0)| ~queue_empty~0) (= |outgoing_getClientId_~retValue_acc~28#1| ~__ste_client_idCounter0~0) (= ~queued_client~0 |old(~queued_client~0)|) (= |outgoing_getClientId_#in~handle#1| |outgoing_getClientId_~handle#1|) (= |outgoing_~client#1| |outgoing_#in~client#1|) (= |outgoing_getClientId_~retValue_acc~28#1| |outgoing_getClientId_#res#1|) (= |outgoing_~tmp~3#1| |outgoing_getClientId_#res#1|) (<= 0 (+ |outgoing_~tmp~3#1| 2147483648))) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (<= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias0~0)) (not (<= 2 ~rjh~0)) (not (<= |outgoing_#in~msg#1| 1)) (not (<= ~bob~0 1)) (not (<= 0 ~__ste_ClientKeyring_size1~0)) (not (<= ~__ste_Client_AddressBook2_Address0~0 0)) (not (<= |outgoing_#in~client#1| 1)) (not (<= 0 ~__SELECTED_FEATURE_AutoResponder~0)) (not (<= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~rjh~0 2)) (not (<= 0 ~__ste_Client_AddressBook0_Alias2~0)) (not (<= 0 ~__ste_email_isSignatureVerified0~0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey0~0)) (not (<= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (<= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= ~__ste_email_body1~0.base 0)) (not (<= 0 ~__SELECTED_FEATURE_Decrypt~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body0~0.offset 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey2~0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey2~0)) (not (<= 0 ~__GUIDSL_NON_TERMINAL_main~0)) (not (<= ~__ste_client_name2~0.offset 0)) (not (<= 1 ~bob~0)) (not (= ~head~0.offset 0)) (not (<= ~__ste_email_subject0~0.base 0)) (not (<= 0 ~__ste_Client_Keyring2_User1~0)) (not (<= 0 ~__ste_client_name2~0.offset)) (not (<= ~__ste_client_forwardReceiver3~0 0)) (not (<= |old(~__ste_email_to0~0)| 2)) (not (<= 1 |outgoing_#in~msg#1|)) (not (<= 0 ~__ste_email_isSignatureVerified1~0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (<= 0 ~__ste_email_signKey1~0)) (not (<= 0 ~__ste_client_outbuffer1~0)) (not (<= 0 ~__ste_ClientAddressBook_size1~0)) (not (<= 0 ~__ste_client_name0~0.base)) (not (<= 0 |old(~queued_client~0)|)) (not (<= 0 ~__ste_Client_AddressBook1_Alias0~0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (<= ~__ste_client_outbuffer0~0 0)) (not (<= ~__ste_client_name0~0.offset 0)) (not (<= ~__ste_email_id1~0 0)) (not (<= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (<= ~__ste_client_privateKey2~0 0)) (not (<= 0 ~__ste_email_isSigned0~0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (<= 0 ~__ste_client_privateKey2~0)) (not (<= ~__ste_ClientKeyring_size1~0 0)) (not (<= ~__ste_client_name0~0.base 0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (<= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (<= |#NULL.offset| 0)) (not (<= ~__ste_Client_AddressBook0_Address1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver2~0)) (not (<= ~__ste_email_subject0~0.offset 0)) (not (<= 0 ~__ste_Email_counter~0)) (not (<= 0 ~__SELECTED_FEATURE_Encrypt~0)) (not (<= ~__ste_Client_Keyring1_User0~0 0)) (not (<= 0 ~__ste_email_isEncrypted1~0)) (not (= |#NULL.base| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (<= 0 ~__ste_ClientKeyring_size0~0)) (not (<= ~__ste_Client_AddressBook0_Address2~0 0)) (not (<= ~chuck~0 3)) (not (<= 0 ~__SELECTED_FEATURE_Verify~0)) (not (<= ~__ste_Client_Keyring2_User1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver3~0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias1~0)) (not (<= ~__ste_Client_Keyring2_User2~0 0)) (not (<= 0 ~__ste_email_isSigned1~0)) (not (<= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (<= 0 ~__ste_Client_AddressBook1_Alias2~0)) (not (<= ~__ste_email_isSigned1~0 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (not (<= ~__ste_client_forwardReceiver2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_User2~0)) (not (<= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey0~0)) (not (<= 0 ~__ste_client_name1~0.base)) (not (<= |old(~queue_empty~0)| 1)) (not (<= ~__ste_Client_AddressBook0_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Alias1~0)) (not (<= 2 |old(~__ste_email_to0~0)|)) (not (<= 0 ~__ste_email_id0~0)) (not (<= 0 |#StackHeapBarrier|)) (not (<= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey0~0)) (not (<= 0 ~__ste_ClientAddressBook_size0~0)) (not (<= 1 |old(~queue_empty~0)|)) (not (<= 0 ~__SELECTED_FEATURE_Keys~0)) (not (<= |old(~__ste_email_from0~0)| 0)) (not (<= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (<= ~__ste_client_forwardReceiver1~0 0)) (not (<= ~__ste_email_body1~0.offset 0)) (not (<= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (<= ~__ste_email_isEncrypted0~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (<= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_User0~0)) (not (<= 0 ~__ste_client_name0~0.offset)) (not (<= 0 ~__ste_client_outbuffer0~0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (<= ~__ste_email_encryptionKey0~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (<= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (<= ~__ste_client_name1~0.base 0)) (not (<= ~__ste_email_isSignatureVerified1~0 0)) (not (<= ~__ste_Email_counter~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (<= 0 ~__ste_email_signKey0~0)) (not (<= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (<= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (<= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey2~0)) (not (<= ~__ste_email_isSigned0~0 0)) (not (<= ~__ste_email_id0~0 0)) (not (<= ~__ste_email_signKey0~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (<= 0 ~__ste_email_isEncrypted0~0)) (not (<= 0 ~__ste_email_subject0~0.base))) [2022-11-19 08:34:16,337 INFO L899 garLoopResultBuilder]: For program point L1606-1(line 1606) no Hoare annotation was computed. [2022-11-19 08:34:16,337 INFO L899 garLoopResultBuilder]: For program point L1640(lines 1640 1646) no Hoare annotation was computed. [2022-11-19 08:34:16,342 INFO L895 garLoopResultBuilder]: At program point L2342(line 2342) the Hoare annotation is: (or (not (<= ~__ste_client_privateKey0~0 0)) (not (<= 1 |outgoing_#in~client#1|)) (not (<= 0 ~__ste_email_subject0~0.offset)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address1~0)) (not (<= 0 |old(~queued_message~0)|)) (not (<= ~__ste_email_isEncrypted1~0 0)) (not (<= 0 ~__ste_client_privateKey0~0)) (not (<= ~__ste_email_subject1~0.offset 0)) (not (<= 0 |old(~__ste_email_from0~0)|)) (not (<= ~__ste_email_signKey1~0 0)) (not (<= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 ~__ste_email_subject1~0.offset)) (not (<= 0 ~__ste_Client_AddressBook1_Address1~0)) (not (<= 0 ~head~0.base)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (<= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (<= 0 |#NULL.offset|)) (not (<= ~__ste_client_privateKey1~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (<= 0 ~__ste_client_forwardReceiver1~0)) (not (<= 0 ~__ste_client_privateKey1~0)) (not (= ~__ste_Client_counter~0 0)) (not (<= 0 ~__ste_email_id1~0)) (not (<= ~__ste_Client_AddressBook2_Address1~0 0)) (not (<= 3 ~chuck~0)) (not (<= |old(~queued_message~0)| 0)) (not (<= ~__ste_ClientAddressBook_size1~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (<= 0 ~__ste_Client_Keyring0_User0~0)) (not (<= 0 ~__ste_email_body1~0.offset)) (not (<= |old(~queued_client~0)| 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (<= 0 ~__ste_email_encryptionKey0~0)) (not (<= 0 ~__ste_Client_Keyring1_User2~0)) (not (<= ~__ste_ClientKeyring_size0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AddressBook~0)) (not (<= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address0~0)) (not (<= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (<= 0 ~__GUIDSL_ROOT_PRODUCTION~0)) (not (<= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (<= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias0~0)) (not (<= 2 ~rjh~0)) (not (<= |outgoing_#in~msg#1| 1)) (not (<= ~bob~0 1)) (not (<= 0 ~__ste_ClientKeyring_size1~0)) (not (<= ~__ste_Client_AddressBook2_Address0~0 0)) (not (<= |outgoing_#in~client#1| 1)) (not (<= 0 ~__SELECTED_FEATURE_AutoResponder~0)) (not (<= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~rjh~0 2)) (not (<= 0 ~__ste_Client_AddressBook0_Alias2~0)) (not (<= 0 ~__ste_email_isSignatureVerified0~0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey0~0)) (not (<= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (<= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= ~__ste_email_body1~0.base 0)) (not (<= 0 ~__SELECTED_FEATURE_Decrypt~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body0~0.offset 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey2~0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey2~0)) (not (<= 0 ~__GUIDSL_NON_TERMINAL_main~0)) (not (<= ~__ste_client_name2~0.offset 0)) (not (<= 1 ~bob~0)) (not (= ~head~0.offset 0)) (not (<= ~__ste_email_subject0~0.base 0)) (not (<= 0 ~__ste_Client_Keyring2_User1~0)) (not (<= 0 ~__ste_client_name2~0.offset)) (not (<= ~__ste_client_forwardReceiver3~0 0)) (not (<= |old(~__ste_email_to0~0)| 2)) (not (<= 1 |outgoing_#in~msg#1|)) (not (<= 0 ~__ste_email_isSignatureVerified1~0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (<= 0 ~__ste_email_signKey1~0)) (not (<= 0 ~__ste_client_outbuffer1~0)) (not (<= 0 ~__ste_ClientAddressBook_size1~0)) (not (<= 0 ~__ste_client_name0~0.base)) (not (<= 0 |old(~queued_client~0)|)) (not (<= 0 ~__ste_Client_AddressBook1_Alias0~0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (<= ~__ste_client_outbuffer0~0 0)) (not (<= ~__ste_client_name0~0.offset 0)) (not (<= ~__ste_email_id1~0 0)) (not (<= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (<= ~__ste_client_privateKey2~0 0)) (not (<= 0 ~__ste_email_isSigned0~0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (<= 0 ~__ste_client_privateKey2~0)) (not (<= ~__ste_ClientKeyring_size1~0 0)) (not (<= ~__ste_client_name0~0.base 0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (<= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (<= |#NULL.offset| 0)) (not (<= ~__ste_Client_AddressBook0_Address1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver2~0)) (not (<= ~__ste_email_subject0~0.offset 0)) (not (<= 0 ~__ste_Email_counter~0)) (not (<= 0 ~__SELECTED_FEATURE_Encrypt~0)) (not (<= ~__ste_Client_Keyring1_User0~0 0)) (not (<= 0 ~__ste_email_isEncrypted1~0)) (not (= |#NULL.base| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (<= 0 ~__ste_ClientKeyring_size0~0)) (not (<= ~__ste_Client_AddressBook0_Address2~0 0)) (not (<= ~chuck~0 3)) (and (<= 2 |outgoing_mail_~tmp~2#1|) (= |outgoing_incoming__wrappee__AutoResponder_#in~client#1| |outgoing_incoming_~client#1|) (= |outgoing_incoming__wrappee__Base_#in~client#1| |outgoing_incoming__wrappee__Base_~client#1|) (<= 1 |outgoing_mail_#in~client#1|) (<= |outgoing_mail_#in~msg#1| 1) (<= 0 (+ 2147483648 |outgoing_getClientId_#res#1|)) (= |outgoing_getClientAutoResponse_#in~handle#1| |outgoing_incoming__wrappee__AutoResponder_~client#1|) (= |outgoing_getClientAutoResponse_#in~handle#1| |outgoing_getClientAutoResponse_~handle#1|) (<= 1 |outgoing_mail_~msg#1|) (= |outgoing_deliver_#in~client#1| |outgoing_incoming__wrappee__Base_~client#1|) (= |outgoing_autoRespond_~__utac__ad__arg1~0#1| |outgoing___utac_acc__DecryptAutoResponder_spec__1_#in~client#1|) (= |outgoing_incoming_~msg#1| |outgoing_incoming_#in~msg#1|) (= |outgoing_incoming_~client#1| |outgoing_incoming_#in~client#1|) (= |outgoing_incoming_#in~client#1| |outgoing_mail_~tmp~2#1|) (= |outgoing___utac_acc__DecryptAutoResponder_spec__1_#in~client#1| |outgoing___utac_acc__DecryptAutoResponder_spec__1_~client#1|) (<= ~queued_message~0 0) (= |outgoing_incoming__wrappee__AutoResponder_#in~msg#1| |outgoing_incoming__wrappee__AutoResponder_~msg#1|) (<= ~__ste_email_from0~0 2147483647) (= |outgoing___utac_acc__DecryptAutoResponder_spec__1_#in~msg#1| |outgoing_autoRespond_~__utac__ad__arg2~0#1|) (= |outgoing_deliver_~client#1| |outgoing_deliver_#in~client#1|) (<= 1 |outgoing_~client#1|) (<= 0 (+ ~__ste_email_from0~0 2147483648)) (= |outgoing_incoming__wrappee__Base_~msg#1| |outgoing_deliver_#in~msg#1|) (<= |outgoing_getClientId_#res#1| 2147483647) (= |outgoing_incoming__wrappee__AutoResponder_~client#1| |outgoing_autoRespond_#in~client#1|) (= |outgoing_incoming__wrappee__AutoResponder_~client#1| |outgoing_incoming__wrappee__AutoResponder_#in~client#1|) (= |outgoing_incoming__wrappee__Base_#in~msg#1| |outgoing_incoming__wrappee__Base_~msg#1|) (<= ~queue_empty~0 1) (<= 1 |outgoing_getClientId_~handle#1|) (= |outgoing_getClientAutoResponse_#res#1| |outgoing_incoming__wrappee__AutoResponder_~tmp~4#1|) (= |outgoing_getClientAutoResponse_#res#1| |outgoing_getClientAutoResponse_~retValue_acc~20#1|) (<= 1 |outgoing_mail_#in~msg#1|) (= |outgoing_mail_~msg#1| |outgoing_incoming_#in~msg#1|) (<= ~__ste_client_idCounter0~0 2147483647) (= |outgoing_deliver_~msg#1| |outgoing_deliver_#in~msg#1|) (<= 1 ~queue_empty~0) (<= 0 (+ |outgoing_getClientId_~retValue_acc~28#1| 2147483648)) (<= 0 ~queued_message~0) (<= |outgoing_mail_~tmp~2#1| 2) (<= |outgoing_getClientId_#in~handle#1| 1) (= |outgoing_autoRespond_~__utac__ad__arg1~0#1| |outgoing_autoRespond_~client#1|) (<= |outgoing_~tmp~3#1| 2147483647) (<= 1 |outgoing_~msg#1|) (= |outgoing_autoRespond_~msg#1| |outgoing_autoRespond_~__utac__ad__arg2~0#1|) (<= |outgoing_mail_~client#1| 1) (<= 0 ~queued_client~0) (= |outgoing_incoming__wrappee__Base_#in~msg#1| |outgoing_incoming__wrappee__AutoResponder_~msg#1|) (= |outgoing___utac_acc__DecryptAutoResponder_spec__1_#in~msg#1| |outgoing___utac_acc__DecryptAutoResponder_spec__1_~msg#1|) (<= |outgoing_mail_~msg#1| 1) (= |outgoing_incoming_~msg#1| |outgoing_incoming__wrappee__AutoResponder_#in~msg#1|) (<= |outgoing_mail_#in~client#1| 1) (= |outgoing_autoRespond_#in~client#1| |outgoing_autoRespond_~client#1|) (not (= |outgoing_incoming__wrappee__AutoResponder_~tmp~4#1| 0)) (= |outgoing_incoming__wrappee__AutoResponder_~client#1| |outgoing_incoming__wrappee__Base_#in~client#1|) (= |outgoing_autoRespond_#in~msg#1| |outgoing_incoming__wrappee__AutoResponder_~msg#1|) (<= |outgoing_~msg#1| 1) (= |outgoing_getClientAutoResponse_~retValue_acc~20#1| ~__ste_client_autoResponse1~0) (<= |outgoing_getClientId_~retValue_acc~28#1| 2147483647) (<= 1 |outgoing_getClientId_#in~handle#1|) (<= |outgoing_getClientId_~handle#1| 1) (<= |outgoing_~client#1| 1) (<= |outgoing_getClientAutoResponse_#res#1| 2147483647) (<= 0 (+ ~__ste_client_idCounter0~0 2147483648)) (<= 2 ~__ste_email_to0~0) (= |outgoing_autoRespond_#in~msg#1| |outgoing_autoRespond_~msg#1|) (<= ~__ste_email_to0~0 2) (<= 1 |outgoing_mail_~client#1|) (<= 0 (+ |outgoing_~tmp~3#1| 2147483648)) (<= ~queued_client~0 0)) (not (<= 0 ~__SELECTED_FEATURE_Verify~0)) (not (<= ~__ste_Client_Keyring2_User1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver3~0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias1~0)) (not (<= ~__ste_Client_Keyring2_User2~0 0)) (not (<= 0 ~__ste_email_isSigned1~0)) (not (<= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (<= 0 ~__ste_Client_AddressBook1_Alias2~0)) (not (<= ~__ste_email_isSigned1~0 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (not (<= ~__ste_client_forwardReceiver2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_User2~0)) (not (<= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey0~0)) (not (<= 0 ~__ste_client_name1~0.base)) (not (<= |old(~queue_empty~0)| 1)) (not (<= ~__ste_Client_AddressBook0_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Alias1~0)) (not (<= 2 |old(~__ste_email_to0~0)|)) (not (<= 0 ~__ste_email_id0~0)) (not (<= 0 |#StackHeapBarrier|)) (not (<= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey0~0)) (not (<= 0 ~__ste_ClientAddressBook_size0~0)) (not (<= 1 |old(~queue_empty~0)|)) (not (<= 0 ~__SELECTED_FEATURE_Keys~0)) (not (<= |old(~__ste_email_from0~0)| 0)) (not (<= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (<= ~__ste_client_forwardReceiver1~0 0)) (not (<= ~__ste_email_body1~0.offset 0)) (not (<= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (<= ~__ste_email_isEncrypted0~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (<= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_User0~0)) (not (<= 0 ~__ste_client_name0~0.offset)) (not (<= 0 ~__ste_client_outbuffer0~0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (<= ~__ste_email_encryptionKey0~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (<= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (<= ~__ste_client_name1~0.base 0)) (not (<= ~__ste_email_isSignatureVerified1~0 0)) (not (<= ~__ste_Email_counter~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (<= 0 ~__ste_email_signKey0~0)) (not (<= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (<= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (<= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey2~0)) (not (<= ~__ste_email_isSigned0~0 0)) (not (<= ~__ste_email_id0~0 0)) (not (<= ~__ste_email_signKey0~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (<= 0 ~__ste_email_isEncrypted0~0)) (not (<= 0 ~__ste_email_subject0~0.base))) [2022-11-19 08:34:16,347 INFO L895 garLoopResultBuilder]: At program point L1640-2(lines 1632 1649) the Hoare annotation is: (or (not (<= ~__ste_client_privateKey0~0 0)) (not (<= 1 |outgoing_#in~client#1|)) (not (<= 0 ~__ste_email_subject0~0.offset)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address1~0)) (not (<= 0 |old(~queued_message~0)|)) (not (<= ~__ste_email_isEncrypted1~0 0)) (not (<= 0 ~__ste_client_privateKey0~0)) (not (<= ~__ste_email_subject1~0.offset 0)) (not (<= 0 |old(~__ste_email_from0~0)|)) (not (<= ~__ste_email_signKey1~0 0)) (not (<= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 ~__ste_email_subject1~0.offset)) (not (<= 0 ~__ste_Client_AddressBook1_Address1~0)) (not (<= 0 ~head~0.base)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (<= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (<= 0 |#NULL.offset|)) (not (<= ~__ste_client_privateKey1~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (<= 0 ~__ste_client_forwardReceiver1~0)) (not (<= 0 ~__ste_client_privateKey1~0)) (not (= ~__ste_Client_counter~0 0)) (not (<= 0 ~__ste_email_id1~0)) (not (<= ~__ste_Client_AddressBook2_Address1~0 0)) (not (<= 3 ~chuck~0)) (not (<= |old(~queued_message~0)| 0)) (not (<= ~__ste_ClientAddressBook_size1~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (<= 0 ~__ste_Client_Keyring0_User0~0)) (not (<= 0 ~__ste_email_body1~0.offset)) (not (<= |old(~queued_client~0)| 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (<= 0 ~__ste_email_encryptionKey0~0)) (not (<= 0 ~__ste_Client_Keyring1_User2~0)) (not (<= ~__ste_ClientKeyring_size0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AddressBook~0)) (not (<= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address0~0)) (not (<= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (<= 0 ~__GUIDSL_ROOT_PRODUCTION~0)) (not (<= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (<= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias0~0)) (not (<= 2 ~rjh~0)) (not (<= |outgoing_#in~msg#1| 1)) (not (<= ~bob~0 1)) (not (<= 0 ~__ste_ClientKeyring_size1~0)) (not (<= ~__ste_Client_AddressBook2_Address0~0 0)) (not (<= |outgoing_#in~client#1| 1)) (not (<= 0 ~__SELECTED_FEATURE_AutoResponder~0)) (not (<= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~rjh~0 2)) (not (<= 0 ~__ste_Client_AddressBook0_Alias2~0)) (not (<= 0 ~__ste_email_isSignatureVerified0~0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey0~0)) (not (<= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (<= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= ~__ste_email_body1~0.base 0)) (not (<= 0 ~__SELECTED_FEATURE_Decrypt~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body0~0.offset 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey2~0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey2~0)) (not (<= 0 ~__GUIDSL_NON_TERMINAL_main~0)) (not (<= ~__ste_client_name2~0.offset 0)) (not (<= 1 ~bob~0)) (not (= ~head~0.offset 0)) (not (<= ~__ste_email_subject0~0.base 0)) (not (<= 0 ~__ste_Client_Keyring2_User1~0)) (not (<= 0 ~__ste_client_name2~0.offset)) (not (<= ~__ste_client_forwardReceiver3~0 0)) (not (<= |old(~__ste_email_to0~0)| 2)) (not (<= 1 |outgoing_#in~msg#1|)) (not (<= 0 ~__ste_email_isSignatureVerified1~0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (<= 0 ~__ste_email_signKey1~0)) (not (<= 0 ~__ste_client_outbuffer1~0)) (not (<= 0 ~__ste_ClientAddressBook_size1~0)) (not (<= 0 ~__ste_client_name0~0.base)) (not (<= 0 |old(~queued_client~0)|)) (not (<= 0 ~__ste_Client_AddressBook1_Alias0~0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (<= ~__ste_client_outbuffer0~0 0)) (not (<= ~__ste_client_name0~0.offset 0)) (not (<= ~__ste_email_id1~0 0)) (not (<= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (<= ~__ste_client_privateKey2~0 0)) (not (<= 0 ~__ste_email_isSigned0~0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (<= 0 ~__ste_client_privateKey2~0)) (not (<= ~__ste_ClientKeyring_size1~0 0)) (not (<= ~__ste_client_name0~0.base 0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (<= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (<= |#NULL.offset| 0)) (not (<= ~__ste_Client_AddressBook0_Address1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver2~0)) (not (<= ~__ste_email_subject0~0.offset 0)) (not (<= 0 ~__ste_Email_counter~0)) (not (<= 0 ~__SELECTED_FEATURE_Encrypt~0)) (not (<= ~__ste_Client_Keyring1_User0~0 0)) (and (<= 2 |outgoing_mail_~tmp~2#1|) (= |outgoing_incoming__wrappee__AutoResponder_#in~client#1| |outgoing_incoming_~client#1|) (= |outgoing_incoming__wrappee__Base_#in~client#1| |outgoing_incoming__wrappee__Base_~client#1|) (<= 1 |outgoing_mail_#in~client#1|) (<= |outgoing_mail_#in~msg#1| 1) (<= 0 (+ 2147483648 |outgoing_getClientId_#res#1|)) (= |outgoing_getClientAutoResponse_#in~handle#1| |outgoing_incoming__wrappee__AutoResponder_~client#1|) (= |outgoing_getClientAutoResponse_#in~handle#1| |outgoing_getClientAutoResponse_~handle#1|) (<= 1 |outgoing_mail_~msg#1|) (= |outgoing_deliver_#in~client#1| |outgoing_incoming__wrappee__Base_~client#1|) (= |outgoing_incoming_~msg#1| |outgoing_incoming_#in~msg#1|) (= |outgoing_incoming_~client#1| |outgoing_incoming_#in~client#1|) (= |outgoing_incoming_#in~client#1| |outgoing_mail_~tmp~2#1|) (<= ~queued_message~0 0) (= |outgoing_incoming__wrappee__AutoResponder_#in~msg#1| |outgoing_incoming__wrappee__AutoResponder_~msg#1|) (<= ~__ste_email_from0~0 2147483647) (= |outgoing_deliver_~client#1| |outgoing_deliver_#in~client#1|) (<= 1 |outgoing_~client#1|) (<= 0 (+ ~__ste_email_from0~0 2147483648)) (= |outgoing_incoming__wrappee__Base_~msg#1| |outgoing_deliver_#in~msg#1|) (<= |outgoing_getClientId_#res#1| 2147483647) (= |outgoing_incoming__wrappee__AutoResponder_~client#1| |outgoing_incoming__wrappee__AutoResponder_#in~client#1|) (= |outgoing_incoming__wrappee__Base_#in~msg#1| |outgoing_incoming__wrappee__Base_~msg#1|) (<= ~queue_empty~0 1) (<= 1 |outgoing_getClientId_~handle#1|) (= |outgoing_getClientAutoResponse_#res#1| |outgoing_incoming__wrappee__AutoResponder_~tmp~4#1|) (= |outgoing_getClientAutoResponse_#res#1| |outgoing_getClientAutoResponse_~retValue_acc~20#1|) (<= 1 |outgoing_mail_#in~msg#1|) (= |outgoing_mail_~msg#1| |outgoing_incoming_#in~msg#1|) (<= ~__ste_client_idCounter0~0 2147483647) (= |outgoing_deliver_~msg#1| |outgoing_deliver_#in~msg#1|) (<= 1 ~queue_empty~0) (<= 0 (+ |outgoing_getClientId_~retValue_acc~28#1| 2147483648)) (<= 0 ~queued_message~0) (<= |outgoing_mail_~tmp~2#1| 2) (<= |outgoing_getClientId_#in~handle#1| 1) (<= |outgoing_~tmp~3#1| 2147483647) (<= 1 |outgoing_~msg#1|) (<= |outgoing_mail_~client#1| 1) (<= 0 ~queued_client~0) (= |outgoing_incoming__wrappee__Base_#in~msg#1| |outgoing_incoming__wrappee__AutoResponder_~msg#1|) (<= |outgoing_mail_~msg#1| 1) (= |outgoing_incoming_~msg#1| |outgoing_incoming__wrappee__AutoResponder_#in~msg#1|) (<= |outgoing_mail_#in~client#1| 1) (= |outgoing_incoming__wrappee__AutoResponder_~client#1| |outgoing_incoming__wrappee__Base_#in~client#1|) (<= |outgoing_~msg#1| 1) (= |outgoing_getClientAutoResponse_~retValue_acc~20#1| ~__ste_client_autoResponse1~0) (<= |outgoing_getClientId_~retValue_acc~28#1| 2147483647) (<= 1 |outgoing_getClientId_#in~handle#1|) (<= |outgoing_getClientId_~handle#1| 1) (<= |outgoing_~client#1| 1) (<= |outgoing_getClientAutoResponse_#res#1| 2147483647) (<= 0 (+ ~__ste_client_idCounter0~0 2147483648)) (<= 2 ~__ste_email_to0~0) (<= ~__ste_email_to0~0 2) (<= 1 |outgoing_mail_~client#1|) (<= 0 (+ |outgoing_~tmp~3#1| 2147483648)) (<= ~queued_client~0 0)) (not (<= 0 ~__ste_email_isEncrypted1~0)) (not (= |#NULL.base| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (<= 0 ~__ste_ClientKeyring_size0~0)) (not (<= ~__ste_Client_AddressBook0_Address2~0 0)) (not (<= ~chuck~0 3)) (not (<= 0 ~__SELECTED_FEATURE_Verify~0)) (not (<= ~__ste_Client_Keyring2_User1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver3~0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias1~0)) (not (<= ~__ste_Client_Keyring2_User2~0 0)) (not (<= 0 ~__ste_email_isSigned1~0)) (not (<= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (<= 0 ~__ste_Client_AddressBook1_Alias2~0)) (not (<= ~__ste_email_isSigned1~0 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (= 1 |outgoing___utac_acc__DecryptAutoResponder_spec__1_~tmp~13#1|) (not (<= ~__ste_client_forwardReceiver2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_User2~0)) (not (<= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey0~0)) (not (<= 0 ~__ste_client_name1~0.base)) (not (<= |old(~queue_empty~0)| 1)) (not (<= ~__ste_Client_AddressBook0_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Alias1~0)) (not (<= 2 |old(~__ste_email_to0~0)|)) (not (<= 0 ~__ste_email_id0~0)) (not (<= 0 |#StackHeapBarrier|)) (not (<= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey0~0)) (not (<= 0 ~__ste_ClientAddressBook_size0~0)) (not (<= 1 |old(~queue_empty~0)|)) (not (<= 0 ~__SELECTED_FEATURE_Keys~0)) (not (<= |old(~__ste_email_from0~0)| 0)) (not (<= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (<= ~__ste_client_forwardReceiver1~0 0)) (not (<= ~__ste_email_body1~0.offset 0)) (not (<= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (<= ~__ste_email_isEncrypted0~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (<= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_User0~0)) (not (<= 0 ~__ste_client_name0~0.offset)) (not (<= 0 ~__ste_client_outbuffer0~0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (<= ~__ste_email_encryptionKey0~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (<= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (<= ~__ste_client_name1~0.base 0)) (not (<= ~__ste_email_isSignatureVerified1~0 0)) (not (<= ~__ste_Email_counter~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (<= 0 ~__ste_email_signKey0~0)) (not (<= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (<= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (<= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey2~0)) (not (<= ~__ste_email_isSigned0~0 0)) (not (<= ~__ste_email_id0~0 0)) (not (<= ~__ste_email_signKey0~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (<= 0 ~__ste_email_isEncrypted0~0)) (not (<= 0 ~__ste_email_subject0~0.base))) [2022-11-19 08:34:16,347 INFO L899 garLoopResultBuilder]: For program point L2342-1(line 2342) no Hoare annotation was computed. [2022-11-19 08:34:16,348 INFO L902 garLoopResultBuilder]: At program point L1764(line 1764) the Hoare annotation is: true [2022-11-19 08:34:16,348 INFO L902 garLoopResultBuilder]: At program point L1764-1(lines 1757 1768) the Hoare annotation is: true [2022-11-19 08:34:16,348 INFO L902 garLoopResultBuilder]: At program point L2524(line 2524) the Hoare annotation is: true [2022-11-19 08:34:16,348 INFO L899 garLoopResultBuilder]: For program point L2524-1(line 2524) no Hoare annotation was computed. [2022-11-19 08:34:16,348 INFO L895 garLoopResultBuilder]: At program point L2359(line 2359) the Hoare annotation is: false [2022-11-19 08:34:16,348 INFO L895 garLoopResultBuilder]: At program point L1749(line 1749) the Hoare annotation is: (= 1 |outgoing___utac_acc__DecryptAutoResponder_spec__1_~tmp~13#1|) [2022-11-19 08:34:16,348 INFO L899 garLoopResultBuilder]: For program point L1749-1(line 1749) no Hoare annotation was computed. [2022-11-19 08:34:16,349 INFO L899 garLoopResultBuilder]: For program point L2344(lines 2344 2350) no Hoare annotation was computed. [2022-11-19 08:34:16,349 INFO L895 garLoopResultBuilder]: At program point L2344-2(lines 2336 2353) the Hoare annotation is: (= 1 |outgoing___utac_acc__DecryptAutoResponder_spec__1_~tmp~13#1|) [2022-11-19 08:34:16,349 INFO L902 garLoopResultBuilder]: At program point L2527-1(line 2527) the Hoare annotation is: true [2022-11-19 08:34:16,349 INFO L902 garLoopResultBuilder]: At program point L2527(line 2527) the Hoare annotation is: true [2022-11-19 08:34:16,349 INFO L899 garLoopResultBuilder]: For program point outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION(line 2359) no Hoare annotation was computed. [2022-11-19 08:34:16,349 INFO L899 garLoopResultBuilder]: For program point L1660(lines 1660 1667) no Hoare annotation was computed. [2022-11-19 08:34:16,353 INFO L895 garLoopResultBuilder]: At program point L1594(line 1594) the Hoare annotation is: (or (not (<= ~__ste_client_privateKey0~0 0)) (not (<= 1 |outgoing_#in~client#1|)) (not (<= 0 ~__ste_email_subject0~0.offset)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address1~0)) (not (<= 0 |old(~queued_message~0)|)) (not (<= ~__ste_email_isEncrypted1~0 0)) (not (<= 0 ~__ste_client_privateKey0~0)) (not (<= ~__ste_email_subject1~0.offset 0)) (not (<= 0 |old(~__ste_email_from0~0)|)) (not (<= ~__ste_email_signKey1~0 0)) (not (<= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 ~__ste_email_subject1~0.offset)) (not (<= 0 ~__ste_Client_AddressBook1_Address1~0)) (not (<= 0 ~head~0.base)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (<= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (<= 0 |#NULL.offset|)) (not (<= ~__ste_client_privateKey1~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (<= 0 ~__ste_client_forwardReceiver1~0)) (not (<= 0 ~__ste_client_privateKey1~0)) (not (= ~__ste_Client_counter~0 0)) (not (<= 0 ~__ste_email_id1~0)) (not (<= ~__ste_Client_AddressBook2_Address1~0 0)) (not (<= 3 ~chuck~0)) (not (<= |old(~queued_message~0)| 0)) (not (<= ~__ste_ClientAddressBook_size1~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (<= 0 ~__ste_Client_Keyring0_User0~0)) (not (<= 0 ~__ste_email_body1~0.offset)) (not (<= |old(~queued_client~0)| 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (<= 0 ~__ste_email_encryptionKey0~0)) (not (<= 0 ~__ste_Client_Keyring1_User2~0)) (not (<= ~__ste_ClientKeyring_size0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AddressBook~0)) (not (<= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address0~0)) (not (<= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (<= 0 ~__GUIDSL_ROOT_PRODUCTION~0)) (not (<= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (<= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias0~0)) (not (<= 2 ~rjh~0)) (not (<= |outgoing_#in~msg#1| 1)) (not (<= ~bob~0 1)) (not (<= 0 ~__ste_ClientKeyring_size1~0)) (not (<= ~__ste_Client_AddressBook2_Address0~0 0)) (not (<= |outgoing_#in~client#1| 1)) (not (<= 0 ~__SELECTED_FEATURE_AutoResponder~0)) (not (<= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~rjh~0 2)) (not (<= 0 ~__ste_Client_AddressBook0_Alias2~0)) (not (<= 0 ~__ste_email_isSignatureVerified0~0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey0~0)) (not (<= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (<= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= ~__ste_email_body1~0.base 0)) (not (<= 0 ~__SELECTED_FEATURE_Decrypt~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body0~0.offset 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey2~0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey2~0)) (not (<= 0 ~__GUIDSL_NON_TERMINAL_main~0)) (not (<= ~__ste_client_name2~0.offset 0)) (not (<= 1 ~bob~0)) (not (= ~head~0.offset 0)) (not (<= ~__ste_email_subject0~0.base 0)) (not (<= 0 ~__ste_Client_Keyring2_User1~0)) (not (<= 0 ~__ste_client_name2~0.offset)) (not (<= ~__ste_client_forwardReceiver3~0 0)) (not (<= |old(~__ste_email_to0~0)| 2)) (not (<= 1 |outgoing_#in~msg#1|)) (not (<= 0 ~__ste_email_isSignatureVerified1~0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (<= 0 ~__ste_email_signKey1~0)) (not (<= 0 ~__ste_client_outbuffer1~0)) (not (<= 0 ~__ste_ClientAddressBook_size1~0)) (not (<= 0 ~__ste_client_name0~0.base)) (not (<= 0 |old(~queued_client~0)|)) (not (<= 0 ~__ste_Client_AddressBook1_Alias0~0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (<= ~__ste_client_outbuffer0~0 0)) (not (<= ~__ste_client_name0~0.offset 0)) (not (<= ~__ste_email_id1~0 0)) (not (<= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (<= ~__ste_client_privateKey2~0 0)) (not (<= 0 ~__ste_email_isSigned0~0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (<= 0 ~__ste_client_privateKey2~0)) (not (<= ~__ste_ClientKeyring_size1~0 0)) (not (<= ~__ste_client_name0~0.base 0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (<= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (<= |#NULL.offset| 0)) (not (<= ~__ste_Client_AddressBook0_Address1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver2~0)) (not (<= ~__ste_email_subject0~0.offset 0)) (not (<= 0 ~__ste_Email_counter~0)) (not (<= 0 ~__SELECTED_FEATURE_Encrypt~0)) (not (<= ~__ste_Client_Keyring1_User0~0 0)) (not (<= 0 ~__ste_email_isEncrypted1~0)) (not (= |#NULL.base| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (<= 0 ~__ste_ClientKeyring_size0~0)) (not (<= ~__ste_Client_AddressBook0_Address2~0 0)) (not (<= ~chuck~0 3)) (not (<= 0 ~__SELECTED_FEATURE_Verify~0)) (not (<= ~__ste_Client_Keyring2_User1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver3~0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias1~0)) (not (<= ~__ste_Client_Keyring2_User2~0 0)) (not (<= 0 ~__ste_email_isSigned1~0)) (not (<= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (<= 0 ~__ste_Client_AddressBook1_Alias2~0)) (not (<= ~__ste_email_isSigned1~0 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (not (<= ~__ste_client_forwardReceiver2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_User2~0)) (not (<= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey0~0)) (not (<= 0 ~__ste_client_name1~0.base)) (not (<= |old(~queue_empty~0)| 1)) (not (<= ~__ste_Client_AddressBook0_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Alias1~0)) (not (<= 2 |old(~__ste_email_to0~0)|)) (not (<= 0 ~__ste_email_id0~0)) (not (<= 0 |#StackHeapBarrier|)) (not (<= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey0~0)) (not (<= 0 ~__ste_ClientAddressBook_size0~0)) (not (<= 1 |old(~queue_empty~0)|)) (not (<= 0 ~__SELECTED_FEATURE_Keys~0)) (not (<= |old(~__ste_email_from0~0)| 0)) (not (<= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (<= ~__ste_client_forwardReceiver1~0 0)) (not (<= ~__ste_email_body1~0.offset 0)) (not (<= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (<= ~__ste_email_isEncrypted0~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (and (= |outgoing_mail_#in~client#1| |outgoing_~client#1|) (= |outgoing_mail_~msg#1| |outgoing_mail_#in~msg#1|) (<= 0 (+ 2147483648 |outgoing_getClientId_#res#1|)) (= |outgoing_mail_#in~client#1| |outgoing_mail_~client#1|) (<= ~queued_message~0 0) (<= ~__ste_email_from0~0 2147483647) (<= 1 |outgoing_~client#1|) (<= 0 (+ ~__ste_email_from0~0 2147483648)) (<= |outgoing_getClientId_#res#1| 2147483647) (<= ~queue_empty~0 1) (<= 1 |outgoing_getClientId_~handle#1|) (<= ~__ste_client_idCounter0~0 2147483647) (<= 1 ~queue_empty~0) (<= 0 (+ |outgoing_getClientId_~retValue_acc~28#1| 2147483648)) (<= 0 ~queued_message~0) (<= |outgoing_getClientId_#in~handle#1| 1) (<= |outgoing_~tmp~3#1| 2147483647) (<= 1 |outgoing_~msg#1|) (= |outgoing_mail_#in~msg#1| |outgoing_~msg#1|) (<= 0 ~queued_client~0) (<= |outgoing_~msg#1| 1) (<= |outgoing_getClientId_~retValue_acc~28#1| 2147483647) (<= 1 |outgoing_getClientId_#in~handle#1|) (<= |outgoing_getClientId_~handle#1| 1) (<= |outgoing_~client#1| 1) (<= 0 (+ ~__ste_client_idCounter0~0 2147483648)) (<= 2 ~__ste_email_to0~0) (<= ~__ste_email_to0~0 2) (<= 0 (+ |outgoing_~tmp~3#1| 2147483648)) (<= ~queued_client~0 0)) (not (<= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_User0~0)) (not (<= 0 ~__ste_client_name0~0.offset)) (not (<= 0 ~__ste_client_outbuffer0~0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (<= ~__ste_email_encryptionKey0~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (<= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (<= ~__ste_client_name1~0.base 0)) (not (<= ~__ste_email_isSignatureVerified1~0 0)) (not (<= ~__ste_Email_counter~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (<= 0 ~__ste_email_signKey0~0)) (not (<= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (<= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (<= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey2~0)) (not (<= ~__ste_email_isSigned0~0 0)) (not (<= ~__ste_email_id0~0 0)) (not (<= ~__ste_email_signKey0~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (<= 0 ~__ste_email_isEncrypted0~0)) (not (<= 0 ~__ste_email_subject0~0.base))) [2022-11-19 08:34:16,353 INFO L902 garLoopResultBuilder]: At program point L1660-2(lines 1650 1670) the Hoare annotation is: true [2022-11-19 08:34:16,356 INFO L895 garLoopResultBuilder]: At program point L1594-1(line 1594) the Hoare annotation is: (or (not (<= ~__ste_client_privateKey0~0 0)) (not (<= 1 |outgoing_#in~client#1|)) (not (<= 0 ~__ste_email_subject0~0.offset)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address1~0)) (not (<= 0 |old(~queued_message~0)|)) (not (<= ~__ste_email_isEncrypted1~0 0)) (not (<= 0 ~__ste_client_privateKey0~0)) (not (<= ~__ste_email_subject1~0.offset 0)) (not (<= 0 |old(~__ste_email_from0~0)|)) (not (<= ~__ste_email_signKey1~0 0)) (not (<= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 ~__ste_email_subject1~0.offset)) (not (<= 0 ~__ste_Client_AddressBook1_Address1~0)) (not (<= 0 ~head~0.base)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (<= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (<= 0 |#NULL.offset|)) (not (<= ~__ste_client_privateKey1~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (<= 0 ~__ste_client_forwardReceiver1~0)) (not (<= 0 ~__ste_client_privateKey1~0)) (not (= ~__ste_Client_counter~0 0)) (not (<= 0 ~__ste_email_id1~0)) (not (<= ~__ste_Client_AddressBook2_Address1~0 0)) (not (<= 3 ~chuck~0)) (not (<= |old(~queued_message~0)| 0)) (not (<= ~__ste_ClientAddressBook_size1~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (<= 0 ~__ste_Client_Keyring0_User0~0)) (not (<= 0 ~__ste_email_body1~0.offset)) (not (<= |old(~queued_client~0)| 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (<= 0 ~__ste_email_encryptionKey0~0)) (not (<= 0 ~__ste_Client_Keyring1_User2~0)) (not (<= ~__ste_ClientKeyring_size0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AddressBook~0)) (not (<= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address0~0)) (not (<= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (<= 0 ~__GUIDSL_ROOT_PRODUCTION~0)) (not (<= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (<= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias0~0)) (not (<= 2 ~rjh~0)) (not (<= |outgoing_#in~msg#1| 1)) (not (<= ~bob~0 1)) (not (<= 0 ~__ste_ClientKeyring_size1~0)) (not (<= ~__ste_Client_AddressBook2_Address0~0 0)) (not (<= |outgoing_#in~client#1| 1)) (not (<= 0 ~__SELECTED_FEATURE_AutoResponder~0)) (not (<= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~rjh~0 2)) (not (<= 0 ~__ste_Client_AddressBook0_Alias2~0)) (not (<= 0 ~__ste_email_isSignatureVerified0~0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey0~0)) (not (<= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (<= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= ~__ste_email_body1~0.base 0)) (not (<= 0 ~__SELECTED_FEATURE_Decrypt~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body0~0.offset 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey2~0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey2~0)) (not (<= 0 ~__GUIDSL_NON_TERMINAL_main~0)) (not (<= ~__ste_client_name2~0.offset 0)) (not (<= 1 ~bob~0)) (not (= ~head~0.offset 0)) (not (<= ~__ste_email_subject0~0.base 0)) (not (<= 0 ~__ste_Client_Keyring2_User1~0)) (not (<= 0 ~__ste_client_name2~0.offset)) (not (<= ~__ste_client_forwardReceiver3~0 0)) (not (<= |old(~__ste_email_to0~0)| 2)) (not (<= 1 |outgoing_#in~msg#1|)) (not (<= 0 ~__ste_email_isSignatureVerified1~0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (<= 0 ~__ste_email_signKey1~0)) (not (<= 0 ~__ste_client_outbuffer1~0)) (not (<= 0 ~__ste_ClientAddressBook_size1~0)) (not (<= 0 ~__ste_client_name0~0.base)) (not (<= 0 |old(~queued_client~0)|)) (not (<= 0 ~__ste_Client_AddressBook1_Alias0~0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (<= ~__ste_client_outbuffer0~0 0)) (not (<= ~__ste_client_name0~0.offset 0)) (not (<= ~__ste_email_id1~0 0)) (not (<= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (<= ~__ste_client_privateKey2~0 0)) (not (<= 0 ~__ste_email_isSigned0~0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (<= 0 ~__ste_client_privateKey2~0)) (not (<= ~__ste_ClientKeyring_size1~0 0)) (not (<= ~__ste_client_name0~0.base 0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (<= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (<= |#NULL.offset| 0)) (not (<= ~__ste_Client_AddressBook0_Address1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver2~0)) (not (<= ~__ste_email_subject0~0.offset 0)) (not (<= 0 ~__ste_Email_counter~0)) (not (<= 0 ~__SELECTED_FEATURE_Encrypt~0)) (not (<= ~__ste_Client_Keyring1_User0~0 0)) (not (<= 0 ~__ste_email_isEncrypted1~0)) (not (= |#NULL.base| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (<= 0 ~__ste_ClientKeyring_size0~0)) (not (<= ~__ste_Client_AddressBook0_Address2~0 0)) (not (<= ~chuck~0 3)) (not (<= 0 ~__SELECTED_FEATURE_Verify~0)) (not (<= ~__ste_Client_Keyring2_User1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver3~0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias1~0)) (not (<= ~__ste_Client_Keyring2_User2~0 0)) (not (<= 0 ~__ste_email_isSigned1~0)) (not (<= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (<= 0 ~__ste_Client_AddressBook1_Alias2~0)) (and (<= 1 |outgoing_mail_#in~client#1|) (<= |outgoing_mail_#in~msg#1| 1) (<= 0 (+ 2147483648 |outgoing_getClientId_#res#1|)) (<= 1 |outgoing_mail_~msg#1|) (<= ~queued_message~0 0) (<= ~__ste_email_from0~0 2147483647) (<= 1 |outgoing_~client#1|) (<= 0 (+ ~__ste_email_from0~0 2147483648)) (<= |outgoing_getClientId_#res#1| 2147483647) (<= ~queue_empty~0 1) (<= 1 |outgoing_getClientId_~handle#1|) (<= |outgoing_mail_#t~ret8#1| 2) (<= 1 |outgoing_mail_#in~msg#1|) (<= ~__ste_client_idCounter0~0 2147483647) (<= 1 ~queue_empty~0) (<= 0 (+ |outgoing_getClientId_~retValue_acc~28#1| 2147483648)) (<= 0 ~queued_message~0) (<= |outgoing_getClientId_#in~handle#1| 1) (<= |outgoing_~tmp~3#1| 2147483647) (<= 1 |outgoing_~msg#1|) (<= |outgoing_mail_~client#1| 1) (<= 0 ~queued_client~0) (<= |outgoing_mail_~msg#1| 1) (<= |outgoing_mail_#in~client#1| 1) (<= |outgoing_~msg#1| 1) (<= 2 |outgoing_mail_#t~ret8#1|) (<= |outgoing_getClientId_~retValue_acc~28#1| 2147483647) (<= 1 |outgoing_getClientId_#in~handle#1|) (<= |outgoing_getClientId_~handle#1| 1) (<= |outgoing_~client#1| 1) (<= 0 (+ ~__ste_client_idCounter0~0 2147483648)) (<= 2 ~__ste_email_to0~0) (<= ~__ste_email_to0~0 2) (<= 1 |outgoing_mail_~client#1|) (<= 0 (+ |outgoing_~tmp~3#1| 2147483648)) (<= ~queued_client~0 0)) (not (<= ~__ste_email_isSigned1~0 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (not (<= ~__ste_client_forwardReceiver2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_User2~0)) (not (<= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey0~0)) (not (<= 0 ~__ste_client_name1~0.base)) (not (<= |old(~queue_empty~0)| 1)) (not (<= ~__ste_Client_AddressBook0_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Alias1~0)) (not (<= 2 |old(~__ste_email_to0~0)|)) (not (<= 0 ~__ste_email_id0~0)) (not (<= 0 |#StackHeapBarrier|)) (not (<= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey0~0)) (not (<= 0 ~__ste_ClientAddressBook_size0~0)) (not (<= 1 |old(~queue_empty~0)|)) (not (<= 0 ~__SELECTED_FEATURE_Keys~0)) (not (<= |old(~__ste_email_from0~0)| 0)) (not (<= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (<= ~__ste_client_forwardReceiver1~0 0)) (not (<= ~__ste_email_body1~0.offset 0)) (not (<= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (<= ~__ste_email_isEncrypted0~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (<= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_User0~0)) (not (<= 0 ~__ste_client_name0~0.offset)) (not (<= 0 ~__ste_client_outbuffer0~0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (<= ~__ste_email_encryptionKey0~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (<= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (<= ~__ste_client_name1~0.base 0)) (not (<= ~__ste_email_isSignatureVerified1~0 0)) (not (<= ~__ste_Email_counter~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (<= 0 ~__ste_email_signKey0~0)) (not (<= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (<= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (<= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey2~0)) (not (<= ~__ste_email_isSigned0~0 0)) (not (<= ~__ste_email_id0~0 0)) (not (<= ~__ste_email_signKey0~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (<= 0 ~__ste_email_isEncrypted0~0)) (not (<= 0 ~__ste_email_subject0~0.base))) [2022-11-19 08:34:16,356 INFO L895 garLoopResultBuilder]: At program point L1751(line 1751) the Hoare annotation is: (= 1 |outgoing___utac_acc__DecryptAutoResponder_spec__1_~tmp~13#1|) [2022-11-19 08:34:16,356 INFO L895 garLoopResultBuilder]: At program point L1751-1(line 1751) the Hoare annotation is: (= 1 |outgoing___utac_acc__DecryptAutoResponder_spec__1_~tmp~13#1|) [2022-11-19 08:34:16,358 INFO L895 garLoopResultBuilder]: At program point outgoingENTRY(lines 1600 1611) the Hoare annotation is: (or (not (<= ~__ste_client_privateKey0~0 0)) (not (<= 1 |outgoing_#in~client#1|)) (not (<= 0 ~__ste_email_subject0~0.offset)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address1~0)) (not (<= 0 |old(~queued_message~0)|)) (not (<= ~__ste_email_isEncrypted1~0 0)) (not (<= 0 ~__ste_client_privateKey0~0)) (not (<= ~__ste_email_subject1~0.offset 0)) (not (<= 0 |old(~__ste_email_from0~0)|)) (not (<= ~__ste_email_signKey1~0 0)) (not (<= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 ~__ste_email_subject1~0.offset)) (not (<= 0 ~__ste_Client_AddressBook1_Address1~0)) (not (<= 0 ~head~0.base)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (<= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (<= 0 |#NULL.offset|)) (not (<= ~__ste_client_privateKey1~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (<= 0 ~__ste_client_forwardReceiver1~0)) (not (<= 0 ~__ste_client_privateKey1~0)) (not (= ~__ste_Client_counter~0 0)) (not (<= 0 ~__ste_email_id1~0)) (not (<= ~__ste_Client_AddressBook2_Address1~0 0)) (not (<= 3 ~chuck~0)) (not (<= |old(~queued_message~0)| 0)) (not (<= ~__ste_ClientAddressBook_size1~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (<= 0 ~__ste_Client_Keyring0_User0~0)) (not (<= 0 ~__ste_email_body1~0.offset)) (not (<= |old(~queued_client~0)| 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (<= 0 ~__ste_email_encryptionKey0~0)) (not (<= 0 ~__ste_Client_Keyring1_User2~0)) (not (<= ~__ste_ClientKeyring_size0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AddressBook~0)) (not (<= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address0~0)) (not (<= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (<= 0 ~__GUIDSL_ROOT_PRODUCTION~0)) (not (<= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (<= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias0~0)) (not (<= 2 ~rjh~0)) (not (<= |outgoing_#in~msg#1| 1)) (not (<= ~bob~0 1)) (not (<= 0 ~__ste_ClientKeyring_size1~0)) (not (<= ~__ste_Client_AddressBook2_Address0~0 0)) (not (<= |outgoing_#in~client#1| 1)) (not (<= 0 ~__SELECTED_FEATURE_AutoResponder~0)) (not (<= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~rjh~0 2)) (not (<= 0 ~__ste_Client_AddressBook0_Alias2~0)) (not (<= 0 ~__ste_email_isSignatureVerified0~0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey0~0)) (not (<= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (<= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= ~__ste_email_body1~0.base 0)) (not (<= 0 ~__SELECTED_FEATURE_Decrypt~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body0~0.offset 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey2~0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey2~0)) (not (<= 0 ~__GUIDSL_NON_TERMINAL_main~0)) (not (<= ~__ste_client_name2~0.offset 0)) (not (<= 1 ~bob~0)) (not (= ~head~0.offset 0)) (not (<= ~__ste_email_subject0~0.base 0)) (not (<= 0 ~__ste_Client_Keyring2_User1~0)) (not (<= 0 ~__ste_client_name2~0.offset)) (not (<= ~__ste_client_forwardReceiver3~0 0)) (not (<= |old(~__ste_email_to0~0)| 2)) (not (<= 1 |outgoing_#in~msg#1|)) (not (<= 0 ~__ste_email_isSignatureVerified1~0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (<= 0 ~__ste_email_signKey1~0)) (not (<= 0 ~__ste_client_outbuffer1~0)) (not (<= 0 ~__ste_ClientAddressBook_size1~0)) (not (<= 0 ~__ste_client_name0~0.base)) (not (<= 0 |old(~queued_client~0)|)) (not (<= 0 ~__ste_Client_AddressBook1_Alias0~0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (<= ~__ste_client_outbuffer0~0 0)) (not (<= ~__ste_client_name0~0.offset 0)) (not (<= ~__ste_email_id1~0 0)) (not (<= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (<= ~__ste_client_privateKey2~0 0)) (not (<= 0 ~__ste_email_isSigned0~0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (<= 0 ~__ste_client_privateKey2~0)) (not (<= ~__ste_ClientKeyring_size1~0 0)) (not (<= ~__ste_client_name0~0.base 0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (<= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (<= |#NULL.offset| 0)) (not (<= ~__ste_Client_AddressBook0_Address1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver2~0)) (not (<= ~__ste_email_subject0~0.offset 0)) (not (<= 0 ~__ste_Email_counter~0)) (not (<= 0 ~__SELECTED_FEATURE_Encrypt~0)) (not (<= ~__ste_Client_Keyring1_User0~0 0)) (not (<= 0 ~__ste_email_isEncrypted1~0)) (not (= |#NULL.base| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (<= 0 ~__ste_ClientKeyring_size0~0)) (not (<= ~__ste_Client_AddressBook0_Address2~0 0)) (not (<= ~chuck~0 3)) (not (<= 0 ~__SELECTED_FEATURE_Verify~0)) (not (<= ~__ste_Client_Keyring2_User1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver3~0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias1~0)) (not (<= ~__ste_Client_Keyring2_User2~0 0)) (and (= ~queued_message~0 |old(~queued_message~0)|) (= ~__ste_email_to0~0 |old(~__ste_email_to0~0)|) (= ~__ste_email_to1~0 |old(~__ste_email_to1~0)|) (= |old(~__ste_email_from0~0)| ~__ste_email_from0~0) (= |old(~__ste_email_from1~0)| ~__ste_email_from1~0) (= |old(~queue_empty~0)| ~queue_empty~0) (= ~queued_client~0 |old(~queued_client~0)|)) (not (<= 0 ~__ste_email_isSigned1~0)) (not (<= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (<= 0 ~__ste_Client_AddressBook1_Alias2~0)) (not (<= ~__ste_email_isSigned1~0 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (not (<= ~__ste_client_forwardReceiver2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_User2~0)) (not (<= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey0~0)) (not (<= 0 ~__ste_client_name1~0.base)) (not (<= |old(~queue_empty~0)| 1)) (not (<= ~__ste_Client_AddressBook0_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Alias1~0)) (not (<= 2 |old(~__ste_email_to0~0)|)) (not (<= 0 ~__ste_email_id0~0)) (not (<= 0 |#StackHeapBarrier|)) (not (<= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey0~0)) (not (<= 0 ~__ste_ClientAddressBook_size0~0)) (not (<= 1 |old(~queue_empty~0)|)) (not (<= 0 ~__SELECTED_FEATURE_Keys~0)) (not (<= |old(~__ste_email_from0~0)| 0)) (not (<= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (<= ~__ste_client_forwardReceiver1~0 0)) (not (<= ~__ste_email_body1~0.offset 0)) (not (<= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (<= ~__ste_email_isEncrypted0~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (<= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_User0~0)) (not (<= 0 ~__ste_client_name0~0.offset)) (not (<= 0 ~__ste_client_outbuffer0~0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (<= ~__ste_email_encryptionKey0~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (<= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (<= ~__ste_client_name1~0.base 0)) (not (<= ~__ste_email_isSignatureVerified1~0 0)) (not (<= ~__ste_Email_counter~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (<= 0 ~__ste_email_signKey0~0)) (not (<= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (<= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (<= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey2~0)) (not (<= ~__ste_email_isSigned0~0 0)) (not (<= ~__ste_email_id0~0 0)) (not (<= ~__ste_email_signKey0~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (<= 0 ~__ste_email_isEncrypted0~0)) (not (<= 0 ~__ste_email_subject0~0.base))) [2022-11-19 08:34:16,359 INFO L895 garLoopResultBuilder]: At program point L1752(lines 1737 1756) the Hoare annotation is: (= 1 |outgoing___utac_acc__DecryptAutoResponder_spec__1_~tmp~13#1|) [2022-11-19 08:34:16,359 INFO L899 garLoopResultBuilder]: For program point outgoingEXIT(lines 1600 1611) no Hoare annotation was computed. [2022-11-19 08:34:16,359 INFO L899 garLoopResultBuilder]: For program point setEmailToEXIT(lines 181 196) no Hoare annotation was computed. [2022-11-19 08:34:16,361 INFO L895 garLoopResultBuilder]: At program point setEmailToENTRY(lines 181 196) the Hoare annotation is: (or (not (= |setEmailTo_#in~value| ~rjh~0)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (= ~__ste_email_from0~0 0)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (= ~rjh~0 2)) (not (= ~__ste_ClientAddressBook_size1~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (= |#NULL.offset| 0)) (not (= ~__ste_Client_counter~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (= ~queued_message~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (= ~__ste_client_name2~0.offset 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (= ~__ste_email_id0~0 0)) (not (= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_client_privateKey2~0 0)) (not (= ~__ste_Client_AddressBook2_Address0~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (= ~queued_client~0 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (= ~__ste_email_isSigned0~0 0)) (not (= ~__ste_email_encryptionKey0~0 0)) (not (= ~__ste_Client_Keyring0_User0~0 0)) (not (<= ~bob~0 1)) (not (= ~__ste_client_privateKey1~0 0)) (not (= ~__ste_email_signKey1~0 0)) (not (= ~__ste_client_name0~0.base 0)) (not (= ~__ste_Client_AddressBook2_Address1~0 0)) (not (= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (= |old(~__ste_email_to0~0)| 0)) (not (= ~__ste_email_body1~0.base 0)) (not (= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (= ~__ste_client_outbuffer0~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body1~0.offset 0)) (not (= ~__ste_email_body0~0.offset 0)) (not (= ~__ste_Client_Keyring1_User0~0 0)) (not (= ~__ste_email_isEncrypted1~0 0)) (not (= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (<= 1 ~bob~0)) (not (= ~head~0.offset 0)) (not (= ~__ste_email_id1~0 0)) (not (= ~__ste_client_forwardReceiver2~0 0)) (not (= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_ClientKeyring_size0~0 0)) (not (= ~__ste_email_signKey0~0 0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (= |setEmailTo_#in~handle| 1)) (not (= |old(~__ste_email_to1~0)| 0)) (not (= ~__ste_client_privateKey0~0 0)) (not (= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (= ~__ste_email_subject0~0.offset 0)) (not (= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= |#NULL.base| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (= ~__ste_Client_Keyring2_User1~0 0)) (not (= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (= ~__ste_email_isSignatureVerified1~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (and (= ~__ste_email_to0~0 |old(~__ste_email_to0~0)|) (= ~__ste_email_to1~0 |old(~__ste_email_to1~0)|)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (= ~__ste_client_name0~0.offset 0)) (not (= 3 ~chuck~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 |#StackHeapBarrier|)) (not (= ~__ste_Client_Keyring2_User2~0 0)) (not (= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (= ~__ste_ClientAddressBook_size0~0 0)) (not (= ~__ste_client_forwardReceiver3~0 0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (= ~__ste_client_forwardReceiver1~0 0)) (not (= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (= ~__ste_email_isEncrypted0~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (= ~queue_empty~0 1)) (not (= ~__ste_client_name1~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (= ~__ste_email_isSigned1~0 0)) (not (= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (= ~__ste_Email_counter~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (= ~__ste_email_subject1~0.offset 0)) (not (= 0 ~__ste_email_subject0~0.base)) (not (= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (= ~__ste_ClientKeyring_size1~0 0))) [2022-11-19 08:34:16,361 INFO L899 garLoopResultBuilder]: For program point getEmailToEXIT(lines 162 180) no Hoare annotation was computed. [2022-11-19 08:34:16,361 INFO L902 garLoopResultBuilder]: At program point getEmailToENTRY(lines 162 180) the Hoare annotation is: true [2022-11-19 08:34:16,364 INFO L895 garLoopResultBuilder]: At program point L2560(line 2560) the Hoare annotation is: (or (not (<= ~__ste_client_privateKey0~0 0)) (not (<= 0 ~__ste_email_subject0~0.offset)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address1~0)) (not (<= 0 |old(~queued_message~0)|)) (not (<= ~__ste_email_isEncrypted1~0 0)) (not (<= 0 ~__ste_client_privateKey0~0)) (not (<= ~__ste_email_subject1~0.offset 0)) (not (<= 0 |old(~__ste_email_from0~0)|)) (not (<= ~__ste_email_signKey1~0 0)) (not (<= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 ~__ste_email_subject1~0.offset)) (not (<= 0 ~__ste_Client_AddressBook1_Address1~0)) (not (<= 0 ~head~0.base)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (<= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (<= 0 |#NULL.offset|)) (not (<= ~__ste_client_privateKey1~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (<= 0 ~__ste_client_forwardReceiver1~0)) (not (<= 0 ~__ste_client_privateKey1~0)) (not (= ~__ste_Client_counter~0 0)) (not (<= 0 ~__ste_email_id1~0)) (not (<= ~__ste_Client_AddressBook2_Address1~0 0)) (not (<= 3 ~chuck~0)) (not (<= |old(~queued_message~0)| 0)) (not (<= ~__ste_ClientAddressBook_size1~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (<= 0 ~__ste_Client_Keyring0_User0~0)) (not (<= 0 ~__ste_email_body1~0.offset)) (not (<= |old(~queued_client~0)| 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (<= 0 ~__ste_email_encryptionKey0~0)) (not (<= 0 ~__ste_Client_Keyring1_User2~0)) (not (<= ~__ste_ClientKeyring_size0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AddressBook~0)) (and (<= ~queued_message~0 0) (= |sendEmail_#in~receiver#1| |sendEmail_~receiver#1|) (= |sendEmail_createEmail_~from#1| ~__ste_email_from0~0) (<= |sendEmail_createEmail_~to#1| 2) (<= 0 ~queued_message~0) (= |sendEmail_createEmail_~from#1| |sendEmail_createEmail_#in~from#1|) (<= 1 |sendEmail_~sender#1|) (<= |sendEmail_~sender#1| 1) (= |old(~queue_empty~0)| ~queue_empty~0) (<= ~__ste_email_from0~0 0) (= ~queued_client~0 |old(~queued_client~0)|) (<= |sendEmail_createEmail_#in~to#1| 2) (<= 2 |sendEmail_createEmail_#in~to#1|) (<= 2 ~__ste_email_to0~0) (<= 2 |sendEmail_createEmail_~to#1|) (<= ~__ste_email_to0~0 2) (= 1 |sendEmail_createEmail_~msg~0#1|) (<= 0 |sendEmail_createEmail_#in~from#1|)) (not (<= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address0~0)) (not (<= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (<= 0 ~__GUIDSL_ROOT_PRODUCTION~0)) (not (<= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (<= |old(~__ste_email_to1~0)| 0)) (not (<= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias0~0)) (not (<= 2 ~rjh~0)) (not (<= ~bob~0 1)) (not (<= 0 ~__ste_ClientKeyring_size1~0)) (not (<= ~__ste_Client_AddressBook2_Address0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AutoResponder~0)) (not (<= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~rjh~0 2)) (not (<= 0 ~__ste_Client_AddressBook0_Alias2~0)) (not (<= 0 ~__ste_email_isSignatureVerified0~0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey0~0)) (not (<= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (<= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= ~__ste_email_body1~0.base 0)) (not (<= 0 ~__SELECTED_FEATURE_Decrypt~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body0~0.offset 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey2~0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey2~0)) (not (<= 0 ~__GUIDSL_NON_TERMINAL_main~0)) (not (<= ~__ste_client_name2~0.offset 0)) (not (<= 1 ~bob~0)) (not (= ~head~0.offset 0)) (not (<= ~__ste_email_subject0~0.base 0)) (not (<= 0 ~__ste_Client_Keyring2_User1~0)) (not (<= 0 ~__ste_client_name2~0.offset)) (not (<= ~__ste_client_forwardReceiver3~0 0)) (not (<= 0 ~__ste_email_isSignatureVerified1~0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (<= 0 ~__ste_email_signKey1~0)) (not (<= 0 ~__ste_client_outbuffer1~0)) (not (= ~bob~0 |sendEmail_#in~sender#1|)) (not (<= 0 ~__ste_ClientAddressBook_size1~0)) (not (<= 0 |old(~__ste_email_to1~0)|)) (not (<= 0 ~__ste_client_name0~0.base)) (not (<= 0 |old(~queued_client~0)|)) (not (<= 0 ~__ste_Client_AddressBook1_Alias0~0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (<= ~__ste_client_outbuffer0~0 0)) (not (<= ~__ste_client_name0~0.offset 0)) (not (<= ~__ste_email_id1~0 0)) (not (<= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (<= ~__ste_client_privateKey2~0 0)) (not (<= 0 ~__ste_email_isSigned0~0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (<= 0 ~__ste_client_privateKey2~0)) (not (= |sendEmail_#in~receiver#1| ~rjh~0)) (not (<= ~__ste_ClientKeyring_size1~0 0)) (not (<= ~__ste_client_name0~0.base 0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (<= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (<= 0 |old(~__ste_email_from1~0)|)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (<= |#NULL.offset| 0)) (not (<= ~__ste_Client_AddressBook0_Address1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver2~0)) (not (<= ~__ste_email_subject0~0.offset 0)) (not (<= 0 ~__ste_Email_counter~0)) (not (<= 0 ~__SELECTED_FEATURE_Encrypt~0)) (not (<= ~__ste_Client_Keyring1_User0~0 0)) (not (<= 0 ~__ste_email_isEncrypted1~0)) (not (= |#NULL.base| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (<= 0 ~__ste_ClientKeyring_size0~0)) (not (<= ~__ste_Client_AddressBook0_Address2~0 0)) (not (<= ~chuck~0 3)) (not (<= 0 ~__SELECTED_FEATURE_Verify~0)) (not (<= ~__ste_Client_Keyring2_User1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver3~0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias1~0)) (not (<= |old(~__ste_email_to0~0)| 0)) (not (<= ~__ste_Client_Keyring2_User2~0 0)) (not (<= 0 ~__ste_email_isSigned1~0)) (not (<= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (<= 0 ~__ste_Client_AddressBook1_Alias2~0)) (not (<= ~__ste_email_isSigned1~0 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (not (<= ~__ste_client_forwardReceiver2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_User2~0)) (not (<= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey0~0)) (not (<= |old(~__ste_email_from1~0)| 0)) (not (<= 0 ~__ste_client_name1~0.base)) (not (<= |old(~queue_empty~0)| 1)) (not (<= ~__ste_Client_AddressBook0_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Alias1~0)) (not (<= 0 ~__ste_email_id0~0)) (not (<= 0 |#StackHeapBarrier|)) (not (<= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey0~0)) (not (<= 0 ~__ste_ClientAddressBook_size0~0)) (not (<= 1 |old(~queue_empty~0)|)) (not (<= 0 ~__SELECTED_FEATURE_Keys~0)) (not (<= |old(~__ste_email_from0~0)| 0)) (not (<= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (<= ~__ste_client_forwardReceiver1~0 0)) (not (<= ~__ste_email_body1~0.offset 0)) (not (<= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (<= ~__ste_email_isEncrypted0~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (<= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_User0~0)) (not (<= 0 ~__ste_client_name0~0.offset)) (not (<= 0 ~__ste_client_outbuffer0~0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (<= ~__ste_email_encryptionKey0~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (<= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (<= 0 |old(~__ste_email_to0~0)|)) (not (<= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (<= ~__ste_client_name1~0.base 0)) (not (<= ~__ste_email_isSignatureVerified1~0 0)) (not (<= ~__ste_Email_counter~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (<= 0 ~__ste_email_signKey0~0)) (not (<= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (<= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (<= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey2~0)) (not (<= ~__ste_email_isSigned0~0 0)) (not (<= ~__ste_email_id0~0 0)) (not (<= ~__ste_email_signKey0~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (<= 0 ~__ste_email_isEncrypted0~0)) (not (<= 0 ~__ste_email_subject0~0.base))) [2022-11-19 08:34:16,365 INFO L899 garLoopResultBuilder]: For program point sendEmailEXIT(lines 1686 1698) no Hoare annotation was computed. [2022-11-19 08:34:16,368 INFO L895 garLoopResultBuilder]: At program point L2559-1(line 2559) the Hoare annotation is: (or (not (<= ~__ste_client_privateKey0~0 0)) (not (<= 0 ~__ste_email_subject0~0.offset)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address1~0)) (not (<= 0 |old(~queued_message~0)|)) (not (<= ~__ste_email_isEncrypted1~0 0)) (not (<= 0 ~__ste_client_privateKey0~0)) (not (<= ~__ste_email_subject1~0.offset 0)) (not (<= 0 |old(~__ste_email_from0~0)|)) (not (<= ~__ste_email_signKey1~0 0)) (not (<= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 ~__ste_email_subject1~0.offset)) (not (<= 0 ~__ste_Client_AddressBook1_Address1~0)) (not (<= 0 ~head~0.base)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (<= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (<= 0 |#NULL.offset|)) (not (<= ~__ste_client_privateKey1~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (<= 0 ~__ste_client_forwardReceiver1~0)) (not (<= 0 ~__ste_client_privateKey1~0)) (not (= ~__ste_Client_counter~0 0)) (not (<= 0 ~__ste_email_id1~0)) (not (<= ~__ste_Client_AddressBook2_Address1~0 0)) (not (<= 3 ~chuck~0)) (not (<= |old(~queued_message~0)| 0)) (not (<= ~__ste_ClientAddressBook_size1~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (<= 0 ~__ste_Client_Keyring0_User0~0)) (not (<= 0 ~__ste_email_body1~0.offset)) (and (= ~queued_message~0 |old(~queued_message~0)|) (<= |sendEmail_createEmail_~from#1| 0) (<= |sendEmail_createEmail_#in~from#1| 0) (<= 1 |sendEmail_createEmail_~msg~0#1|) (<= 0 ~__ste_email_to0~0) (<= 0 ~__ste_email_to1~0) (<= ~queue_empty~0 1) (<= 0 |sendEmail_createEmail_~from#1|) (<= 0 ~__ste_email_from0~0) (= |sendEmail_#in~receiver#1| |sendEmail_~receiver#1|) (<= ~__ste_email_to1~0 0) (<= |sendEmail_createEmail_~msg~0#1| 1) (<= 1 ~queue_empty~0) (<= |sendEmail_createEmail_~to#1| 2) (<= 1 |sendEmail_~sender#1|) (<= |sendEmail_~sender#1| 1) (<= ~__ste_email_from0~0 0) (= ~queued_client~0 |old(~queued_client~0)|) (<= |sendEmail_createEmail_#in~to#1| 2) (<= 2 |sendEmail_createEmail_#in~to#1|) (<= ~__ste_email_to0~0 0) (<= 2 |sendEmail_createEmail_~to#1|) (<= 0 |sendEmail_createEmail_#in~from#1|)) (not (<= |old(~queued_client~0)| 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (<= 0 ~__ste_email_encryptionKey0~0)) (not (<= 0 ~__ste_Client_Keyring1_User2~0)) (not (<= ~__ste_ClientKeyring_size0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AddressBook~0)) (not (<= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address0~0)) (not (<= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (<= 0 ~__GUIDSL_ROOT_PRODUCTION~0)) (not (<= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (<= |old(~__ste_email_to1~0)| 0)) (not (<= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias0~0)) (not (<= 2 ~rjh~0)) (not (<= ~bob~0 1)) (not (<= 0 ~__ste_ClientKeyring_size1~0)) (not (<= ~__ste_Client_AddressBook2_Address0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AutoResponder~0)) (not (<= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~rjh~0 2)) (not (<= 0 ~__ste_Client_AddressBook0_Alias2~0)) (not (<= 0 ~__ste_email_isSignatureVerified0~0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey0~0)) (not (<= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (<= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= ~__ste_email_body1~0.base 0)) (not (<= 0 ~__SELECTED_FEATURE_Decrypt~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body0~0.offset 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey2~0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey2~0)) (not (<= 0 ~__GUIDSL_NON_TERMINAL_main~0)) (not (<= ~__ste_client_name2~0.offset 0)) (not (<= 1 ~bob~0)) (not (= ~head~0.offset 0)) (not (<= ~__ste_email_subject0~0.base 0)) (not (<= 0 ~__ste_Client_Keyring2_User1~0)) (not (<= 0 ~__ste_client_name2~0.offset)) (not (<= ~__ste_client_forwardReceiver3~0 0)) (not (<= 0 ~__ste_email_isSignatureVerified1~0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (<= 0 ~__ste_email_signKey1~0)) (not (<= 0 ~__ste_client_outbuffer1~0)) (not (= ~bob~0 |sendEmail_#in~sender#1|)) (not (<= 0 ~__ste_ClientAddressBook_size1~0)) (not (<= 0 |old(~__ste_email_to1~0)|)) (not (<= 0 ~__ste_client_name0~0.base)) (not (<= 0 |old(~queued_client~0)|)) (not (<= 0 ~__ste_Client_AddressBook1_Alias0~0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (<= ~__ste_client_outbuffer0~0 0)) (not (<= ~__ste_client_name0~0.offset 0)) (not (<= ~__ste_email_id1~0 0)) (not (<= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (<= ~__ste_client_privateKey2~0 0)) (not (<= 0 ~__ste_email_isSigned0~0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (<= 0 ~__ste_client_privateKey2~0)) (not (= |sendEmail_#in~receiver#1| ~rjh~0)) (not (<= ~__ste_ClientKeyring_size1~0 0)) (not (<= ~__ste_client_name0~0.base 0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (<= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (<= 0 |old(~__ste_email_from1~0)|)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (<= |#NULL.offset| 0)) (not (<= ~__ste_Client_AddressBook0_Address1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver2~0)) (not (<= ~__ste_email_subject0~0.offset 0)) (not (<= 0 ~__ste_Email_counter~0)) (not (<= 0 ~__SELECTED_FEATURE_Encrypt~0)) (not (<= ~__ste_Client_Keyring1_User0~0 0)) (not (<= 0 ~__ste_email_isEncrypted1~0)) (not (= |#NULL.base| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (<= 0 ~__ste_ClientKeyring_size0~0)) (not (<= ~__ste_Client_AddressBook0_Address2~0 0)) (not (<= ~chuck~0 3)) (not (<= 0 ~__SELECTED_FEATURE_Verify~0)) (not (<= ~__ste_Client_Keyring2_User1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver3~0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias1~0)) (not (<= |old(~__ste_email_to0~0)| 0)) (not (<= ~__ste_Client_Keyring2_User2~0 0)) (not (<= 0 ~__ste_email_isSigned1~0)) (not (<= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (<= 0 ~__ste_Client_AddressBook1_Alias2~0)) (not (<= ~__ste_email_isSigned1~0 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (not (<= ~__ste_client_forwardReceiver2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_User2~0)) (not (<= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey0~0)) (not (<= |old(~__ste_email_from1~0)| 0)) (not (<= 0 ~__ste_client_name1~0.base)) (not (<= |old(~queue_empty~0)| 1)) (not (<= ~__ste_Client_AddressBook0_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Alias1~0)) (not (<= 0 ~__ste_email_id0~0)) (not (<= 0 |#StackHeapBarrier|)) (not (<= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey0~0)) (not (<= 0 ~__ste_ClientAddressBook_size0~0)) (not (<= 1 |old(~queue_empty~0)|)) (not (<= 0 ~__SELECTED_FEATURE_Keys~0)) (not (<= |old(~__ste_email_from0~0)| 0)) (not (<= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (<= ~__ste_client_forwardReceiver1~0 0)) (not (<= ~__ste_email_body1~0.offset 0)) (not (<= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (<= ~__ste_email_isEncrypted0~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (<= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_User0~0)) (not (<= 0 ~__ste_client_name0~0.offset)) (not (<= 0 ~__ste_client_outbuffer0~0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (<= ~__ste_email_encryptionKey0~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (<= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (<= 0 |old(~__ste_email_to0~0)|)) (not (<= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (<= ~__ste_client_name1~0.base 0)) (not (<= ~__ste_email_isSignatureVerified1~0 0)) (not (<= ~__ste_Email_counter~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (<= 0 ~__ste_email_signKey0~0)) (not (<= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (<= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (<= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey2~0)) (not (<= ~__ste_email_isSigned0~0 0)) (not (<= ~__ste_email_id0~0 0)) (not (<= ~__ste_email_signKey0~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (<= 0 ~__ste_email_isEncrypted0~0)) (not (<= 0 ~__ste_email_subject0~0.base))) [2022-11-19 08:34:16,372 INFO L895 garLoopResultBuilder]: At program point L2559(line 2559) the Hoare annotation is: (or (not (<= ~__ste_client_privateKey0~0 0)) (not (<= 0 ~__ste_email_subject0~0.offset)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address1~0)) (not (<= 0 |old(~queued_message~0)|)) (not (<= ~__ste_email_isEncrypted1~0 0)) (not (<= 0 ~__ste_client_privateKey0~0)) (not (<= ~__ste_email_subject1~0.offset 0)) (and (= ~queued_message~0 |old(~queued_message~0)|) (= |sendEmail_createEmail_#in~from#1| 0) (= ~__ste_email_to0~0 |old(~__ste_email_to0~0)|) (= |sendEmail_createEmail_#in~to#1| |sendEmail_createEmail_~to#1|) (= |sendEmail_#in~sender#1| |sendEmail_~sender#1|) (= ~__ste_email_to1~0 |old(~__ste_email_to1~0)|) (= |sendEmail_createEmail_#in~to#1| |sendEmail_~receiver#1|) (= |sendEmail_#in~receiver#1| |sendEmail_~receiver#1|) (= |old(~__ste_email_from0~0)| ~__ste_email_from0~0) (= |old(~__ste_email_from1~0)| ~__ste_email_from1~0) (= |sendEmail_createEmail_~from#1| |sendEmail_createEmail_#in~from#1|) (= |old(~queue_empty~0)| ~queue_empty~0) (= ~queued_client~0 |old(~queued_client~0)|) (= 1 |sendEmail_createEmail_~msg~0#1|)) (not (<= 0 |old(~__ste_email_from0~0)|)) (not (<= ~__ste_email_signKey1~0 0)) (not (<= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 ~__ste_email_subject1~0.offset)) (not (<= 0 ~__ste_Client_AddressBook1_Address1~0)) (not (<= 0 ~head~0.base)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (<= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (<= 0 |#NULL.offset|)) (not (<= ~__ste_client_privateKey1~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (<= 0 ~__ste_client_forwardReceiver1~0)) (not (<= 0 ~__ste_client_privateKey1~0)) (not (= ~__ste_Client_counter~0 0)) (not (<= 0 ~__ste_email_id1~0)) (not (<= ~__ste_Client_AddressBook2_Address1~0 0)) (not (<= 3 ~chuck~0)) (not (<= |old(~queued_message~0)| 0)) (not (<= ~__ste_ClientAddressBook_size1~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (<= 0 ~__ste_Client_Keyring0_User0~0)) (not (<= 0 ~__ste_email_body1~0.offset)) (not (<= |old(~queued_client~0)| 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (<= 0 ~__ste_email_encryptionKey0~0)) (not (<= 0 ~__ste_Client_Keyring1_User2~0)) (not (<= ~__ste_ClientKeyring_size0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AddressBook~0)) (not (<= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address0~0)) (not (<= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (<= 0 ~__GUIDSL_ROOT_PRODUCTION~0)) (not (<= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (<= |old(~__ste_email_to1~0)| 0)) (not (<= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias0~0)) (not (<= 2 ~rjh~0)) (not (<= ~bob~0 1)) (not (<= 0 ~__ste_ClientKeyring_size1~0)) (not (<= ~__ste_Client_AddressBook2_Address0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AutoResponder~0)) (not (<= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~rjh~0 2)) (not (<= 0 ~__ste_Client_AddressBook0_Alias2~0)) (not (<= 0 ~__ste_email_isSignatureVerified0~0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey0~0)) (not (<= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (<= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= ~__ste_email_body1~0.base 0)) (not (<= 0 ~__SELECTED_FEATURE_Decrypt~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body0~0.offset 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey2~0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey2~0)) (not (<= 0 ~__GUIDSL_NON_TERMINAL_main~0)) (not (<= ~__ste_client_name2~0.offset 0)) (not (<= 1 ~bob~0)) (not (= ~head~0.offset 0)) (not (<= ~__ste_email_subject0~0.base 0)) (not (<= 0 ~__ste_Client_Keyring2_User1~0)) (not (<= 0 ~__ste_client_name2~0.offset)) (not (<= ~__ste_client_forwardReceiver3~0 0)) (not (<= 0 ~__ste_email_isSignatureVerified1~0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (<= 0 ~__ste_email_signKey1~0)) (not (<= 0 ~__ste_client_outbuffer1~0)) (not (= ~bob~0 |sendEmail_#in~sender#1|)) (not (<= 0 ~__ste_ClientAddressBook_size1~0)) (not (<= 0 |old(~__ste_email_to1~0)|)) (not (<= 0 ~__ste_client_name0~0.base)) (not (<= 0 |old(~queued_client~0)|)) (not (<= 0 ~__ste_Client_AddressBook1_Alias0~0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (<= ~__ste_client_outbuffer0~0 0)) (not (<= ~__ste_client_name0~0.offset 0)) (not (<= ~__ste_email_id1~0 0)) (not (<= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (<= ~__ste_client_privateKey2~0 0)) (not (<= 0 ~__ste_email_isSigned0~0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (<= 0 ~__ste_client_privateKey2~0)) (not (= |sendEmail_#in~receiver#1| ~rjh~0)) (not (<= ~__ste_ClientKeyring_size1~0 0)) (not (<= ~__ste_client_name0~0.base 0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (<= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (<= 0 |old(~__ste_email_from1~0)|)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (<= |#NULL.offset| 0)) (not (<= ~__ste_Client_AddressBook0_Address1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver2~0)) (not (<= ~__ste_email_subject0~0.offset 0)) (not (<= 0 ~__ste_Email_counter~0)) (not (<= 0 ~__SELECTED_FEATURE_Encrypt~0)) (not (<= ~__ste_Client_Keyring1_User0~0 0)) (not (<= 0 ~__ste_email_isEncrypted1~0)) (not (= |#NULL.base| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (<= 0 ~__ste_ClientKeyring_size0~0)) (not (<= ~__ste_Client_AddressBook0_Address2~0 0)) (not (<= ~chuck~0 3)) (not (<= 0 ~__SELECTED_FEATURE_Verify~0)) (not (<= ~__ste_Client_Keyring2_User1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver3~0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias1~0)) (not (<= |old(~__ste_email_to0~0)| 0)) (not (<= ~__ste_Client_Keyring2_User2~0 0)) (not (<= 0 ~__ste_email_isSigned1~0)) (not (<= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (<= 0 ~__ste_Client_AddressBook1_Alias2~0)) (not (<= ~__ste_email_isSigned1~0 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (not (<= ~__ste_client_forwardReceiver2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_User2~0)) (not (<= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey0~0)) (not (<= |old(~__ste_email_from1~0)| 0)) (not (<= 0 ~__ste_client_name1~0.base)) (not (<= |old(~queue_empty~0)| 1)) (not (<= ~__ste_Client_AddressBook0_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Alias1~0)) (not (<= 0 ~__ste_email_id0~0)) (not (<= 0 |#StackHeapBarrier|)) (not (<= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey0~0)) (not (<= 0 ~__ste_ClientAddressBook_size0~0)) (not (<= 1 |old(~queue_empty~0)|)) (not (<= 0 ~__SELECTED_FEATURE_Keys~0)) (not (<= |old(~__ste_email_from0~0)| 0)) (not (<= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (<= ~__ste_client_forwardReceiver1~0 0)) (not (<= ~__ste_email_body1~0.offset 0)) (not (<= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (<= ~__ste_email_isEncrypted0~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (<= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_User0~0)) (not (<= 0 ~__ste_client_name0~0.offset)) (not (<= 0 ~__ste_client_outbuffer0~0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (<= ~__ste_email_encryptionKey0~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (<= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (<= 0 |old(~__ste_email_to0~0)|)) (not (<= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (<= ~__ste_client_name1~0.base 0)) (not (<= ~__ste_email_isSignatureVerified1~0 0)) (not (<= ~__ste_Email_counter~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (<= 0 ~__ste_email_signKey0~0)) (not (<= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (<= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (<= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey2~0)) (not (<= ~__ste_email_isSigned0~0 0)) (not (<= ~__ste_email_id0~0 0)) (not (<= ~__ste_email_signKey0~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (<= 0 ~__ste_email_isEncrypted0~0)) (not (<= 0 ~__ste_email_subject0~0.base))) [2022-11-19 08:34:16,376 INFO L895 garLoopResultBuilder]: At program point L1694(line 1694) the Hoare annotation is: (or (not (<= ~__ste_client_privateKey0~0 0)) (not (<= 0 ~__ste_email_subject0~0.offset)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address1~0)) (not (<= 0 |old(~queued_message~0)|)) (not (<= ~__ste_email_isEncrypted1~0 0)) (not (<= 0 ~__ste_client_privateKey0~0)) (not (<= ~__ste_email_subject1~0.offset 0)) (not (<= 0 |old(~__ste_email_from0~0)|)) (not (<= ~__ste_email_signKey1~0 0)) (not (<= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 ~__ste_email_subject1~0.offset)) (not (<= 0 ~__ste_Client_AddressBook1_Address1~0)) (not (<= 0 ~head~0.base)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (<= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (<= 0 |#NULL.offset|)) (not (<= ~__ste_client_privateKey1~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (<= 0 ~__ste_client_forwardReceiver1~0)) (not (<= 0 ~__ste_client_privateKey1~0)) (not (= ~__ste_Client_counter~0 0)) (not (<= 0 ~__ste_email_id1~0)) (not (<= ~__ste_Client_AddressBook2_Address1~0 0)) (not (<= 3 ~chuck~0)) (not (<= |old(~queued_message~0)| 0)) (not (<= ~__ste_ClientAddressBook_size1~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (<= 0 ~__ste_Client_Keyring0_User0~0)) (not (<= 0 ~__ste_email_body1~0.offset)) (not (<= |old(~queued_client~0)| 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (<= 0 ~__ste_email_encryptionKey0~0)) (not (<= 0 ~__ste_Client_Keyring1_User2~0)) (not (<= ~__ste_ClientKeyring_size0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AddressBook~0)) (not (<= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address0~0)) (not (<= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (<= 0 ~__GUIDSL_ROOT_PRODUCTION~0)) (not (<= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (<= |old(~__ste_email_to1~0)| 0)) (not (<= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias0~0)) (not (<= 2 ~rjh~0)) (not (<= ~bob~0 1)) (not (<= 0 ~__ste_ClientKeyring_size1~0)) (not (<= ~__ste_Client_AddressBook2_Address0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AutoResponder~0)) (not (<= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~rjh~0 2)) (not (<= 0 ~__ste_Client_AddressBook0_Alias2~0)) (not (<= 0 ~__ste_email_isSignatureVerified0~0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey0~0)) (not (<= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (<= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= ~__ste_email_body1~0.base 0)) (not (<= 0 ~__SELECTED_FEATURE_Decrypt~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body0~0.offset 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey2~0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey2~0)) (not (<= 0 ~__GUIDSL_NON_TERMINAL_main~0)) (not (<= ~__ste_client_name2~0.offset 0)) (not (<= 1 ~bob~0)) (not (= ~head~0.offset 0)) (not (<= ~__ste_email_subject0~0.base 0)) (not (<= 0 ~__ste_Client_Keyring2_User1~0)) (not (<= 0 ~__ste_client_name2~0.offset)) (not (<= ~__ste_client_forwardReceiver3~0 0)) (not (<= 0 ~__ste_email_isSignatureVerified1~0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (<= 0 ~__ste_email_signKey1~0)) (not (<= 0 ~__ste_client_outbuffer1~0)) (not (= ~bob~0 |sendEmail_#in~sender#1|)) (not (<= 0 ~__ste_ClientAddressBook_size1~0)) (not (<= 0 |old(~__ste_email_to1~0)|)) (not (<= 0 ~__ste_client_name0~0.base)) (not (<= 0 |old(~queued_client~0)|)) (not (<= 0 ~__ste_Client_AddressBook1_Alias0~0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (<= ~__ste_client_outbuffer0~0 0)) (not (<= ~__ste_client_name0~0.offset 0)) (not (<= ~__ste_email_id1~0 0)) (not (<= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (<= ~__ste_client_privateKey2~0 0)) (not (<= 0 ~__ste_email_isSigned0~0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (<= 0 ~__ste_client_privateKey2~0)) (not (= |sendEmail_#in~receiver#1| ~rjh~0)) (not (<= ~__ste_ClientKeyring_size1~0 0)) (not (<= ~__ste_client_name0~0.base 0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (<= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (<= 0 |old(~__ste_email_from1~0)|)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (<= |#NULL.offset| 0)) (not (<= ~__ste_Client_AddressBook0_Address1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver2~0)) (not (<= ~__ste_email_subject0~0.offset 0)) (not (<= 0 ~__ste_Email_counter~0)) (not (<= 0 ~__SELECTED_FEATURE_Encrypt~0)) (not (<= ~__ste_Client_Keyring1_User0~0 0)) (not (<= 0 ~__ste_email_isEncrypted1~0)) (not (= |#NULL.base| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (<= 0 ~__ste_ClientKeyring_size0~0)) (not (<= ~__ste_Client_AddressBook0_Address2~0 0)) (not (<= ~chuck~0 3)) (not (<= 0 ~__SELECTED_FEATURE_Verify~0)) (not (<= ~__ste_Client_Keyring2_User1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver3~0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias1~0)) (not (<= |old(~__ste_email_to0~0)| 0)) (not (<= ~__ste_Client_Keyring2_User2~0 0)) (not (<= 0 ~__ste_email_isSigned1~0)) (not (<= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (<= 0 ~__ste_Client_AddressBook1_Alias2~0)) (not (<= ~__ste_email_isSigned1~0 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (not (<= ~__ste_client_forwardReceiver2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_User2~0)) (not (<= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey0~0)) (not (<= |old(~__ste_email_from1~0)| 0)) (not (<= 0 ~__ste_client_name1~0.base)) (not (<= |old(~queue_empty~0)| 1)) (not (<= ~__ste_Client_AddressBook0_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Alias1~0)) (not (<= 0 ~__ste_email_id0~0)) (not (<= 0 |#StackHeapBarrier|)) (not (<= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey0~0)) (not (<= 0 ~__ste_ClientAddressBook_size0~0)) (not (<= 1 |old(~queue_empty~0)|)) (not (<= 0 ~__SELECTED_FEATURE_Keys~0)) (not (<= |old(~__ste_email_from0~0)| 0)) (not (<= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (<= ~__ste_client_forwardReceiver1~0 0)) (not (<= ~__ste_email_body1~0.offset 0)) (not (<= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (<= ~__ste_email_isEncrypted0~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (<= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_User0~0)) (not (<= 0 ~__ste_client_name0~0.offset)) (not (<= 0 ~__ste_client_outbuffer0~0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (<= ~__ste_email_encryptionKey0~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (<= ~__ste_Client_Keyring0_User0~0 0)) (and (= ~queued_message~0 |old(~queued_message~0)|) (= |sendEmail_createEmail_#in~from#1| 0) (= |sendEmail_createEmail_#res#1| |sendEmail_createEmail_~retValue_acc~39#1|) (= |sendEmail_#in~sender#1| |sendEmail_~sender#1|) (= |sendEmail_createEmail_#in~to#1| |sendEmail_~receiver#1|) (= |sendEmail_#in~receiver#1| |sendEmail_~receiver#1|) (= |sendEmail_createEmail_~from#1| ~__ste_email_from0~0) (= |sendEmail_createEmail_~from#1| |sendEmail_createEmail_#in~from#1|) (= |old(~queue_empty~0)| ~queue_empty~0) (= ~__ste_email_to0~0 |sendEmail_createEmail_~to#1|) (= |sendEmail_createEmail_~retValue_acc~39#1| |sendEmail_createEmail_~msg~0#1|) (= ~queued_client~0 |old(~queued_client~0)|) (= |sendEmail_createEmail_#res#1| |sendEmail_~tmp~7#1|) (= |sendEmail_~email~0#1| |sendEmail_~tmp~7#1|) (<= 2 |sendEmail_createEmail_~to#1|) (<= ~__ste_email_to0~0 2) (= 1 |sendEmail_createEmail_~msg~0#1|)) (not (= ~__ste_client_outbuffer2~0 0)) (not (<= 0 |old(~__ste_email_to0~0)|)) (not (<= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (<= ~__ste_client_name1~0.base 0)) (not (<= ~__ste_email_isSignatureVerified1~0 0)) (not (<= ~__ste_Email_counter~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (<= 0 ~__ste_email_signKey0~0)) (not (<= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (<= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (<= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey2~0)) (not (<= ~__ste_email_isSigned0~0 0)) (not (<= ~__ste_email_id0~0 0)) (not (<= ~__ste_email_signKey0~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (<= 0 ~__ste_email_isEncrypted0~0)) (not (<= 0 ~__ste_email_subject0~0.base))) [2022-11-19 08:34:16,380 INFO L895 garLoopResultBuilder]: At program point sendEmailENTRY(lines 1686 1698) the Hoare annotation is: (or (not (<= ~__ste_client_privateKey0~0 0)) (not (<= 0 ~__ste_email_subject0~0.offset)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address1~0)) (not (<= 0 |old(~queued_message~0)|)) (not (<= ~__ste_email_isEncrypted1~0 0)) (not (<= 0 ~__ste_client_privateKey0~0)) (not (<= ~__ste_email_subject1~0.offset 0)) (not (<= 0 |old(~__ste_email_from0~0)|)) (not (<= ~__ste_email_signKey1~0 0)) (not (<= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 ~__ste_email_subject1~0.offset)) (not (<= 0 ~__ste_Client_AddressBook1_Address1~0)) (not (<= 0 ~head~0.base)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (<= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (<= 0 |#NULL.offset|)) (not (<= ~__ste_client_privateKey1~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (<= 0 ~__ste_client_forwardReceiver1~0)) (not (<= 0 ~__ste_client_privateKey1~0)) (not (= ~__ste_Client_counter~0 0)) (not (<= 0 ~__ste_email_id1~0)) (not (<= ~__ste_Client_AddressBook2_Address1~0 0)) (not (<= 3 ~chuck~0)) (not (<= |old(~queued_message~0)| 0)) (not (<= ~__ste_ClientAddressBook_size1~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (<= 0 ~__ste_Client_Keyring0_User0~0)) (not (<= 0 ~__ste_email_body1~0.offset)) (not (<= |old(~queued_client~0)| 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (<= 0 ~__ste_email_encryptionKey0~0)) (not (<= 0 ~__ste_Client_Keyring1_User2~0)) (not (<= ~__ste_ClientKeyring_size0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AddressBook~0)) (not (<= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address0~0)) (not (<= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (<= 0 ~__GUIDSL_ROOT_PRODUCTION~0)) (not (<= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (<= |old(~__ste_email_to1~0)| 0)) (not (<= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias0~0)) (not (<= 2 ~rjh~0)) (not (<= ~bob~0 1)) (not (<= 0 ~__ste_ClientKeyring_size1~0)) (not (<= ~__ste_Client_AddressBook2_Address0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AutoResponder~0)) (not (<= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~rjh~0 2)) (not (<= 0 ~__ste_Client_AddressBook0_Alias2~0)) (not (<= 0 ~__ste_email_isSignatureVerified0~0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey0~0)) (not (<= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (<= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= ~__ste_email_body1~0.base 0)) (not (<= 0 ~__SELECTED_FEATURE_Decrypt~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body0~0.offset 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey2~0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey2~0)) (not (<= 0 ~__GUIDSL_NON_TERMINAL_main~0)) (not (<= ~__ste_client_name2~0.offset 0)) (not (<= 1 ~bob~0)) (not (= ~head~0.offset 0)) (not (<= ~__ste_email_subject0~0.base 0)) (not (<= 0 ~__ste_Client_Keyring2_User1~0)) (not (<= 0 ~__ste_client_name2~0.offset)) (not (<= ~__ste_client_forwardReceiver3~0 0)) (not (<= 0 ~__ste_email_isSignatureVerified1~0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (<= 0 ~__ste_email_signKey1~0)) (not (<= 0 ~__ste_client_outbuffer1~0)) (not (= ~bob~0 |sendEmail_#in~sender#1|)) (not (<= 0 ~__ste_ClientAddressBook_size1~0)) (not (<= 0 |old(~__ste_email_to1~0)|)) (not (<= 0 ~__ste_client_name0~0.base)) (not (<= 0 |old(~queued_client~0)|)) (not (<= 0 ~__ste_Client_AddressBook1_Alias0~0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (<= ~__ste_client_outbuffer0~0 0)) (not (<= ~__ste_client_name0~0.offset 0)) (not (<= ~__ste_email_id1~0 0)) (not (<= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (<= ~__ste_client_privateKey2~0 0)) (not (<= 0 ~__ste_email_isSigned0~0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (<= 0 ~__ste_client_privateKey2~0)) (not (= |sendEmail_#in~receiver#1| ~rjh~0)) (not (<= ~__ste_ClientKeyring_size1~0 0)) (not (<= ~__ste_client_name0~0.base 0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (<= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (<= 0 |old(~__ste_email_from1~0)|)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (<= |#NULL.offset| 0)) (not (<= ~__ste_Client_AddressBook0_Address1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver2~0)) (not (<= ~__ste_email_subject0~0.offset 0)) (not (<= 0 ~__ste_Email_counter~0)) (not (<= 0 ~__SELECTED_FEATURE_Encrypt~0)) (not (<= ~__ste_Client_Keyring1_User0~0 0)) (not (<= 0 ~__ste_email_isEncrypted1~0)) (not (= |#NULL.base| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (<= 0 ~__ste_ClientKeyring_size0~0)) (not (<= ~__ste_Client_AddressBook0_Address2~0 0)) (not (<= ~chuck~0 3)) (not (<= 0 ~__SELECTED_FEATURE_Verify~0)) (not (<= ~__ste_Client_Keyring2_User1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver3~0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias1~0)) (not (<= |old(~__ste_email_to0~0)| 0)) (not (<= ~__ste_Client_Keyring2_User2~0 0)) (and (= ~queued_message~0 |old(~queued_message~0)|) (= ~__ste_email_to0~0 |old(~__ste_email_to0~0)|) (= ~__ste_email_to1~0 |old(~__ste_email_to1~0)|) (= |old(~__ste_email_from0~0)| ~__ste_email_from0~0) (= |old(~__ste_email_from1~0)| ~__ste_email_from1~0) (= |old(~queue_empty~0)| ~queue_empty~0) (= ~queued_client~0 |old(~queued_client~0)|)) (not (<= 0 ~__ste_email_isSigned1~0)) (not (<= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (<= 0 ~__ste_Client_AddressBook1_Alias2~0)) (not (<= ~__ste_email_isSigned1~0 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (not (<= ~__ste_client_forwardReceiver2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_User2~0)) (not (<= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey0~0)) (not (<= |old(~__ste_email_from1~0)| 0)) (not (<= 0 ~__ste_client_name1~0.base)) (not (<= |old(~queue_empty~0)| 1)) (not (<= ~__ste_Client_AddressBook0_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Alias1~0)) (not (<= 0 ~__ste_email_id0~0)) (not (<= 0 |#StackHeapBarrier|)) (not (<= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey0~0)) (not (<= 0 ~__ste_ClientAddressBook_size0~0)) (not (<= 1 |old(~queue_empty~0)|)) (not (<= 0 ~__SELECTED_FEATURE_Keys~0)) (not (<= |old(~__ste_email_from0~0)| 0)) (not (<= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (<= ~__ste_client_forwardReceiver1~0 0)) (not (<= ~__ste_email_body1~0.offset 0)) (not (<= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (<= ~__ste_email_isEncrypted0~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (<= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_User0~0)) (not (<= 0 ~__ste_client_name0~0.offset)) (not (<= 0 ~__ste_client_outbuffer0~0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (<= ~__ste_email_encryptionKey0~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (<= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (<= 0 |old(~__ste_email_to0~0)|)) (not (<= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (<= ~__ste_client_name1~0.base 0)) (not (<= ~__ste_email_isSignatureVerified1~0 0)) (not (<= ~__ste_Email_counter~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (<= 0 ~__ste_email_signKey0~0)) (not (<= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (<= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (<= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey2~0)) (not (<= ~__ste_email_isSigned0~0 0)) (not (<= ~__ste_email_id0~0 0)) (not (<= ~__ste_email_signKey0~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (<= 0 ~__ste_email_isEncrypted0~0)) (not (<= 0 ~__ste_email_subject0~0.base))) [2022-11-19 08:34:16,380 INFO L899 garLoopResultBuilder]: For program point sendEmailFINAL(lines 1686 1698) no Hoare annotation was computed. [2022-11-19 08:34:16,384 INFO L895 garLoopResultBuilder]: At program point setEmailFromENTRY(lines 144 159) the Hoare annotation is: (or (not (<= ~__ste_client_privateKey0~0 0)) (not (<= 0 ~queued_client~0)) (not (<= 0 ~__ste_email_subject0~0.offset)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address1~0)) (not (<= ~__ste_email_isEncrypted1~0 0)) (not (<= |setEmailFrom_#in~value| 2147483647)) (not (<= 0 ~__ste_client_privateKey0~0)) (not (<= ~__ste_email_subject1~0.offset 0)) (not (<= 0 |old(~__ste_email_from0~0)|)) (not (<= ~__ste_email_signKey1~0 0)) (not (<= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 ~__ste_email_subject1~0.offset)) (not (<= 0 ~__ste_Client_AddressBook1_Address1~0)) (not (<= 0 ~__ste_Client_AddressBook0_Alias0~0)) (not (<= 0 ~head~0.base)) (not (<= 0 ~__ste_ClientKeyring_size2~0)) (not (<= |setEmailFrom_#in~handle| 1)) (not (<= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (<= 0 |#NULL.offset|)) (not (<= ~__SELECTED_FEATURE_Sign~0 0)) (not (<= 0 ~__ste_Client_counter~0)) (not (<= ~__ste_client_privateKey1~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (<= 0 ~__ste_client_forwardReceiver1~0)) (not (<= 0 ~__ste_client_privateKey1~0)) (not (<= ~queued_message~0 0)) (not (<= 0 ~__ste_email_id1~0)) (not (<= ~__ste_Client_AddressBook2_Address1~0 0)) (not (<= 3 ~chuck~0)) (not (<= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (<= 0 ~__ste_email_body0~0.offset)) (not (<= ~__ste_ClientAddressBook_size1~0 0)) (not (<= 0 ~__ste_Client_Keyring0_User0~0)) (not (<= 0 ~__ste_email_body1~0.offset)) (not (<= 0 ~__ste_email_to0~0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias2~0)) (not (<= 0 ~__ste_email_encryptionKey0~0)) (not (<= 0 ~__ste_client_outbuffer3~0)) (not (<= 0 ~__ste_Client_Keyring1_User2~0)) (not (<= ~__ste_ClientKeyring_size0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AddressBook~0)) (not (<= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address0~0)) (not (<= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (<= ~__ste_email_to0~0 2)) (not (<= 0 ~__GUIDSL_ROOT_PRODUCTION~0)) (not (<= ~head~0.base 0)) (not (<= 0 ~__ste_Client_Keyring1_User1~0)) (not (<= ~__ste_email_body1~0.base 0)) (not (<= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias0~0)) (not (<= 2 ~rjh~0)) (not (<= ~bob~0 1)) (not (<= 0 ~__ste_ClientKeyring_size1~0)) (not (<= ~__ste_Client_AddressBook2_Address0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AutoResponder~0)) (not (<= ~__ste_Client_Keyring1_User1~0 0)) (not (<= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~rjh~0 2)) (not (<= 0 ~__ste_Client_AddressBook0_Alias2~0)) (not (<= 0 ~__ste_client_name2~0.base)) (not (<= 0 ~__ste_email_isSignatureVerified0~0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey0~0)) (not (<= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (<= ~__ste_Client_AddressBook1_Address1~0 0)) (not (<= ~__ste_Client_AddressBook1_Address0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_Decrypt~0)) (not (<= ~__ste_client_name2~0.base 0)) (not (<= 0 ~queued_message~0)) (not (<= 0 ~__ste_email_subject1~0.base)) (not (<= 0 ~__ste_client_name1~0.offset)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey2~0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey2~0)) (not (<= ~__ste_email_encryptionKey1~0 0)) (not (<= 0 ~__GUIDSL_NON_TERMINAL_main~0)) (not (<= ~__ste_client_name2~0.offset 0)) (not (<= 1 ~bob~0)) (not (<= ~__ste_email_subject0~0.base 0)) (not (<= 0 ~__ste_Client_Keyring2_User1~0)) (not (<= ~__ste_ClientAddressBook_size2~0 0)) (not (<= 1 |setEmailFrom_#in~handle|)) (not (<= ~head~0.offset 0)) (not (<= 0 ~__SELECTED_FEATURE_Sign~0)) (and (<= 0 ~__ste_email_from0~0) (<= ~__ste_email_from0~0 0)) (not (<= 0 ~__ste_client_name2~0.offset)) (not (<= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (<= ~__ste_client_forwardReceiver3~0 0)) (not (<= ~__ste_Client_Keyring2_User0~0 0)) (not (<= 0 ~__ste_email_isSignatureVerified1~0)) (not (<= ~__ste_ClientKeyring_size2~0 0)) (not (<= 0 ~__ste_email_signKey1~0)) (not (<= 0 ~__ste_client_outbuffer1~0)) (not (<= 0 ~__ste_ClientAddressBook_size1~0)) (not (<= 0 ~__ste_Client_AddressBook1_Alias1~0)) (not (<= 0 ~__ste_client_name0~0.base)) (not (<= ~__ste_client_outbuffer3~0 0)) (not (<= 0 ~__ste_Client_AddressBook1_Alias0~0)) (not (<= ~__ste_Client_counter~0 0)) (not (<= ~__ste_client_outbuffer0~0 0)) (not (<= ~__ste_client_name0~0.offset 0)) (not (<= ~__ste_email_id1~0 0)) (not (<= ~__ste_client_name1~0.offset 0)) (not (<= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (<= 0 (+ |setEmailFrom_#in~value| 2147483648))) (not (<= ~__ste_client_privateKey2~0 0)) (not (<= 0 ~__ste_email_isSigned0~0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (<= 1 ~queue_empty~0)) (not (<= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (<= 0 ~__ste_client_forwardReceiver0~0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (<= 0 ~__ste_client_privateKey2~0)) (not (<= ~__ste_ClientKeyring_size1~0 0)) (not (<= ~__ste_client_name0~0.base 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (<= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (<= 0 ~__ste_Client_AddressBook1_Address0~0)) (not (<= |#NULL.offset| 0)) (not (<= ~__ste_Client_AddressBook0_Address1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver2~0)) (not (<= ~__ste_email_subject0~0.offset 0)) (not (<= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (<= 0 ~__ste_Email_counter~0)) (not (<= 0 ~__SELECTED_FEATURE_Encrypt~0)) (not (<= 0 ~__ste_Client_Keyring2_User0~0)) (not (<= ~__ste_Client_Keyring1_User0~0 0)) (not (<= 0 ~__ste_email_isEncrypted1~0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (<= 0 |#NULL.base|)) (not (<= 0 ~__ste_ClientKeyring_size0~0)) (not (<= ~__ste_Client_AddressBook0_Address2~0 0)) (not (<= ~chuck~0 3)) (not (<= 0 ~__SELECTED_FEATURE_Verify~0)) (not (<= ~__ste_Client_Keyring2_User1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver3~0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias1~0)) (not (<= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (<= ~__ste_Client_Keyring2_User2~0 0)) (not (<= 0 ~__ste_email_isSigned1~0)) (not (<= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (<= 0 ~__ste_email_body1~0.base)) (not (<= 0 ~__ste_Client_AddressBook1_Alias2~0)) (not (<= ~__ste_email_isSigned1~0 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (<= ~__ste_client_forwardReceiver2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_User2~0)) (not (<= ~__SELECTED_FEATURE_Keys~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey1~0)) (not (= ~__ste_email_body0~0.base 0)) (not (<= 0 ~__ste_ClientAddressBook_size2~0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey0~0)) (not (<= ~__ste_email_body0~0.offset 0)) (not (<= 0 ~__ste_client_name1~0.base)) (not (<= ~queue_empty~0 1)) (not (<= ~__ste_Client_AddressBook0_Address0~0 0)) (not (<= 0 ~__ste_email_encryptionKey1~0)) (not (<= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (<= 0 ~__ste_Client_Keyring0_User1~0)) (not (<= 0 ~__ste_Client_AddressBook0_Alias1~0)) (not (<= 0 ~__ste_email_id0~0)) (not (<= ~__ste_email_subject1~0.base 0)) (not (<= 0 |#StackHeapBarrier|)) (not (<= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey0~0)) (not (<= 0 ~__ste_ClientAddressBook_size0~0)) (not (<= 0 ~__SELECTED_FEATURE_Keys~0)) (not (<= |old(~__ste_email_from0~0)| 0)) (not (<= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (<= ~__ste_client_forwardReceiver1~0 0)) (not (<= ~__ste_email_body1~0.offset 0)) (not (<= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (<= ~__ste_email_isEncrypted0~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (<= ~queued_client~0 0)) (not (<= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_User0~0)) (not (<= 0 ~__ste_client_name0~0.offset)) (not (<= 0 ~__ste_client_outbuffer0~0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (<= ~__ste_email_encryptionKey0~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (<= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (<= 0 ~head~0.offset)) (not (<= |#NULL.base| 0)) (not (<= ~__ste_client_name1~0.base 0)) (not (<= ~__ste_email_isSignatureVerified1~0 0)) (not (<= ~__ste_Email_counter~0 0)) (not (<= 0 ~__ste_email_signKey0~0)) (not (<= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (<= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (<= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey2~0)) (not (<= ~__ste_Client_Keyring0_User1~0 0)) (not (<= ~__ste_email_isSigned0~0 0)) (not (<= ~__ste_email_id0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey1~0)) (not (<= ~__ste_email_signKey0~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (<= 0 ~__ste_email_isEncrypted0~0)) (not (<= ~__ste_client_forwardReceiver0~0 0)) (not (<= 0 ~__ste_email_subject0~0.base))) [2022-11-19 08:34:16,384 INFO L899 garLoopResultBuilder]: For program point setEmailFromEXIT(lines 144 159) no Hoare annotation was computed. [2022-11-19 08:34:16,384 INFO L899 garLoopResultBuilder]: For program point L1918(lines 1918 1922) no Hoare annotation was computed. [2022-11-19 08:34:16,385 INFO L902 garLoopResultBuilder]: At program point L1935(lines 1925 1948) the Hoare annotation is: true [2022-11-19 08:34:16,385 INFO L902 garLoopResultBuilder]: At program point L2414(line 2414) the Hoare annotation is: true [2022-11-19 08:34:16,385 INFO L902 garLoopResultBuilder]: At program point L1902(lines 1892 1951) the Hoare annotation is: true [2022-11-19 08:34:16,386 INFO L895 garLoopResultBuilder]: At program point L2381-1(lines 2376 2385) the Hoare annotation is: (and (= ~queued_client~0 0) (= ~__ste_Client_Keyring1_User2~0 0) (= ~__GUIDSL_NON_TERMINAL_main~0 0) (= ~__ste_email_isEncrypted1~0 0) (= ~__ste_email_subject0~0.offset 0) (= ~__SELECTED_FEATURE_Sign~0 0) (= 0 ~__ste_Client_AddressBook0_Address2~0) (= ~__ste_client_outbuffer3~0 0) (<= 1 |ULTIMATE.start_valid_product_#res#1|) (<= 1 |ULTIMATE.start_setup_bob_#in~bob___0#1|) (= ~__ste_Client_counter~0 0) (= ~rjh~0 0) (= ~__ste_Client_Keyring1_PublicKey2~0 0) (= ~__ste_client_autoResponse1~0 0) (= ~__ste_Client_AddressBook2_Alias0~0 0) (= 0 ~__ste_email_subject0~0.base) (= ~__ste_Client_AddressBook2_Alias1~0 0) (= ~__ste_Client_Keyring2_PublicKey2~0 0) (= ~__ste_client_forwardReceiver3~0 0) (<= |ULTIMATE.start_setup_bob_#in~bob___0#1| 1) (= 1 |ULTIMATE.start_valid_product_~retValue_acc~41#1|) (= ~__ste_client_name2~0.offset 0) (= ~__ste_client_name1~0.base 0) (= ~__SELECTED_FEATURE_Verify~0 0) (= ~__ste_Client_Keyring1_User0~0 0) (= ~__ste_email_body1~0.offset 0) (= ~__SELECTED_FEATURE_Encrypt~0 0) (= ~__ste_Client_AddressBook1_Address2~0 0) (<= 1 |ULTIMATE.start_setup_bob_~bob___0#1|) (= ~__ste_ClientAddressBook_size1~0 0) (= ~__ste_Client_Keyring0_PublicKey0~0 0) (= ~__ste_Email_counter~0 0) (= ~__ste_ClientKeyring_size1~0 0) (= ~__ste_email_body0~0.offset 0) (= ~__ste_email_isSignatureVerified0~0 0) (= ~__ste_Client_Keyring0_User2~0 0) (= ~__ste_ClientAddressBook_size0~0 0) (<= |ULTIMATE.start_main_~retValue_acc~36#1| 2147483647) (= ~__ste_Client_Keyring0_User1~0 0) (= ~__ste_Client_AddressBook1_Alias1~0 0) (= ~__ste_email_to1~0 0) (= ~__ste_client_name1~0.offset 0) (= ~__ste_client_privateKey1~0 0) (= ~head~0.offset 0) (= ~__ste_client_name0~0.offset 0) (= ~__ste_Client_Keyring0_PublicKey2~0 0) (= ~__ste_Client_Keyring1_PublicKey0~0 0) (= ~__ste_email_to0~0 0) (= ~__ste_email_signKey0~0 0) (= ~__SELECTED_FEATURE_Decrypt~0 0) (= ~__ste_email_encryptionKey0~0 0) (= ~__SELECTED_FEATURE_Keys~0 0) (= ~__SELECTED_FEATURE_AddressBook~0 0) (= ~__ste_client_forwardReceiver2~0 0) (= ~__ste_Client_Keyring0_PublicKey1~0 0) (= ~__SELECTED_FEATURE_Forward~0 0) (= ~__ste_Client_Keyring0_User0~0 0) (= ~__ste_email_isSigned0~0 0) (= ~__ste_Client_Keyring2_PublicKey1~0 0) (= ~__ste_email_isSigned1~0 0) (= ~__ste_email_body0~0.base 0) (= ~__ste_Client_AddressBook0_Alias0~0 0) (= ~__ste_email_id0~0 0) (= ~__ste_client_privateKey0~0 0) (= ~__ste_email_from0~0 0) (= ~__ste_Client_Keyring2_User1~0 0) (<= |ULTIMATE.start_setup_bob_~bob___0#1| 1) (= ~__ste_Client_AddressBook2_Address2~0 0) (<= |ULTIMATE.start_valid_product_#res#1| 1) (= ~__ste_Client_AddressBook2_Address1~0 0) (= ~bob~0 1) (<= |ULTIMATE.start_main_~tmp~15#1| 1) (= ~__ste_client_forwardReceiver1~0 0) (= ~__ste_Client_AddressBook1_Alias2~0 0) (= ~__ste_client_outbuffer0~0 0) (= ~queue_empty~0 1) (= ~__SELECTED_FEATURE_Base~0 0) (= ~__ste_client_forwardReceiver0~0 0) (= ~__ste_Client_Keyring2_User0~0 0) (= 0 ~__ste_Client_AddressBook0_Address1~0) (= ~__ste_Client_AddressBook2_Address0~0 0) (= ~__ste_email_isSignatureVerified1~0 0) (= ~__ste_Client_Keyring1_PublicKey1~0 0) (= ~__ste_Client_Keyring2_PublicKey0~0 0) (= ~__ste_Client_AddressBook1_Address0~0 0) (= ~__ste_client_name2~0.base 0) (= ~__ste_email_from1~0 0) (<= ~__ste_client_idCounter0~0 1) (= ~__ste_email_subject1~0.base 0) (= ~__ste_Client_AddressBook1_Alias0~0 0) (= ~__ste_Client_Keyring2_User2~0 0) (= ~head~0.base 0) (= ~__ste_client_privateKey2~0 0) (= ~__ste_Client_Keyring1_User1~0 0) (= |#NULL.offset| 0) (= ~__ste_Client_AddressBook2_Alias2~0 0) (<= 1 |ULTIMATE.start_main_~tmp~15#1|) (= ~__ste_email_subject1~0.offset 0) (= ~__ste_Client_AddressBook0_Alias2~0 0) (= ~__ste_ClientKeyring_size0~0 0) (= ~__ste_email_isEncrypted0~0 0) (= ~queued_message~0 0) (= ~__ste_Client_AddressBook1_Address1~0 0) (= 0 ~__ste_Client_AddressBook0_Address0~0) (<= 1 ~__ste_client_idCounter0~0) (= ~__ste_client_outbuffer1~0 0) (<= 0 (+ 2147483648 |ULTIMATE.start_main_~retValue_acc~36#1|)) (= ~__ste_Client_AddressBook0_Alias1~0 0) (= ~__GUIDSL_ROOT_PRODUCTION~0 0) (= ~chuck~0 0) (= ~__ste_client_name0~0.base 0) (= ~__ste_email_id1~0 0) (= ~__ste_client_outbuffer2~0 0) (<= 0 |#StackHeapBarrier|) (= ~__ste_ClientAddressBook_size2~0 0) (= ~__SELECTED_FEATURE_AutoResponder~0 0) (= ~__ste_email_encryptionKey1~0 0) (= ~__ste_client_autoResponse0~0 0) (= ~__ste_email_body1~0.base 0) (= ~__ste_ClientKeyring_size2~0 0) (= ~__ste_client_autoResponse2~0 0) (= |#NULL.base| 0) (= ~__ste_email_signKey1~0 0)) [2022-11-19 08:34:16,389 INFO L895 garLoopResultBuilder]: At program point L2381(line 2381) the Hoare annotation is: (let ((.cse0 (select |#memory_int| 4)) (.cse1 (select |#memory_int| 1))) (and (= ~queued_client~0 0) (= ~__ste_Client_Keyring1_User2~0 0) (= ~__GUIDSL_NON_TERMINAL_main~0 0) (= ~__ste_email_isEncrypted1~0 0) (= ~__ste_email_subject0~0.offset 0) (= (select |#valid| 30) 1) (= ~__SELECTED_FEATURE_Sign~0 0) (= 0 ~__ste_Client_AddressBook0_Address2~0) (= ~__ste_client_outbuffer3~0 0) (= 1 (select |#valid| 5)) (= (select |#length| 3) 12) (= (select |#valid| 15) 1) (= ~__ste_Client_counter~0 0) (= ~rjh~0 0) (= ~__ste_Client_Keyring1_PublicKey2~0 0) (= 21 (select |#length| 11)) (= (select |#valid| 26) 1) (= ~__ste_client_autoResponse1~0 0) (= 9 (select |#length| 16)) (= ~__ste_Client_AddressBook2_Alias0~0 0) (= 0 ~__ste_email_subject0~0.base) (= (select .cse0 2) 10) (= ~__ste_Client_AddressBook2_Alias1~0 0) (= (select |#length| 20) 25) (= ~__ste_Client_Keyring2_PublicKey2~0 0) (= ~__ste_client_forwardReceiver3~0 0) (= (select |#valid| 9) 1) (= 1 |ULTIMATE.start_valid_product_~retValue_acc~41#1|) (= ~__ste_client_name2~0.offset 0) (= ~__ste_client_name1~0.base 0) (= ~__SELECTED_FEATURE_Verify~0 0) (= ~__ste_Client_Keyring1_User0~0 0) (= (select |#length| 28) 12) (= (select |#length| 6) 16) (= ~__ste_email_body1~0.offset 0) (= (select |#length| 15) 30) (= ~__SELECTED_FEATURE_Encrypt~0 0) (= (select |#valid| 11) 1) (= ~__ste_Client_AddressBook1_Address2~0 0) (= (select |#valid| 27) 1) (= ~__ste_ClientAddressBook_size1~0 0) (= ~__ste_Client_Keyring0_PublicKey0~0 0) (= ~__ste_Email_counter~0 0) (= ~__ste_ClientKeyring_size1~0 0) (= ~__ste_email_body0~0.offset 0) (= ~__ste_email_isSignatureVerified0~0 0) (= ~__ste_Client_Keyring0_User2~0 0) (= |ULTIMATE.start_setup_bob_#in~bob___0#1| ~bob~0) (= (select |#length| 24) 9) (= ~__ste_ClientAddressBook_size0~0 0) (<= |ULTIMATE.start_main_~retValue_acc~36#1| 2147483647) (= ~__ste_Client_Keyring0_User1~0 0) (= ~__ste_Client_AddressBook1_Alias1~0 0) (= ~__ste_email_to1~0 0) (= ~__ste_client_name1~0.offset 0) (= 9 (select |#length| 25)) (= ~__ste_client_privateKey1~0 0) (= ~head~0.offset 0) (= 30 (select |#length| 12)) (= ~__ste_client_name0~0.offset 0) (= ~__ste_Client_Keyring0_PublicKey2~0 0) (= 2 (select |#length| 1)) (= ~__ste_client_idCounter1~0 0) (= ~__ste_Client_Keyring1_PublicKey0~0 0) (= (select |#length| 4) 4) (= 11 (select |#length| 26)) (= ~__ste_email_to0~0 0) (= (select |#valid| 3) 1) (= ~__ste_email_signKey0~0 0) (= (select |#valid| 7) 1) (= 115 (select .cse0 1)) (= ~__SELECTED_FEATURE_Decrypt~0 0) (= ~__ste_email_encryptionKey0~0 0) (= ~__SELECTED_FEATURE_Keys~0 0) (= (select |#valid| 18) 1) (= (select |#valid| 22) 1) (= ~__SELECTED_FEATURE_AddressBook~0 0) (= ~__ste_client_forwardReceiver2~0 0) (= ~__ste_Client_Keyring0_PublicKey1~0 0) (= ~__SELECTED_FEATURE_Forward~0 0) (= ~__ste_Client_Keyring0_User0~0 0) (= ~__ste_email_isSigned0~0 0) (= ~__ste_Client_Keyring2_PublicKey1~0 0) (= ~__ste_email_isSigned1~0 0) (= (select |#valid| 24) 1) (= ~__ste_email_body0~0.base 0) (= ~__ste_Client_AddressBook0_Alias0~0 0) (= ~__ste_email_id0~0 0) (= (select |#length| 27) 10) (= ~__ste_client_privateKey0~0 0) (= ~__ste_email_from0~0 0) (= ~__ste_Client_Keyring2_User1~0 0) (= (select |#valid| 12) 1) (= (select |#length| 19) 9) (= ~__ste_Client_AddressBook2_Address2~0 0) (= (select |#valid| 28) 1) (= ~__ste_Client_AddressBook2_Address1~0 0) (= (select .cse0 0) 37) (= (select |#length| 30) 18) (= ~bob~0 1) (= ~__ste_client_forwardReceiver1~0 0) (= (select |#valid| 4) 1) (= ~__ste_Client_AddressBook1_Alias2~0 0) (= ~__ste_client_outbuffer0~0 0) (= 9 (select |#length| 13)) (= ~queue_empty~0 1) (= ~__SELECTED_FEATURE_Base~0 0) (= (select |#valid| 1) 1) (= ~__ste_client_forwardReceiver0~0 0) (= (select |#valid| 20) 1) (= ~__ste_Client_Keyring2_User0~0 0) (= (select .cse0 3) 0) (= 0 ~__ste_Client_AddressBook0_Address1~0) (= ~__ste_Client_AddressBook2_Address0~0 0) (= ~__ste_email_isSignatureVerified1~0 0) (= ~__ste_Client_Keyring1_PublicKey1~0 0) (= (select |#length| 29) 10) (= ~__ste_Client_Keyring2_PublicKey0~0 0) (= (select |#valid| 21) 1) (= ~__ste_Client_AddressBook1_Address0~0 0) (= ~__ste_client_idCounter2~0 0) (= ~__ste_client_name2~0.base 0) (= ~__ste_email_from1~0 0) (= (select |#length| 17) 25) (= (select |#valid| 14) 1) (= ~__ste_email_subject1~0.base 0) (= ~__ste_Client_AddressBook1_Alias0~0 0) (= (select |#valid| 0) 0) (= ~__ste_Client_Keyring2_User2~0 0) (= (select |#valid| 25) 1) (= 22 (select |#length| 7)) (= ~head~0.base 0) (= (select |#length| 5) 10) (= ~__ste_client_privateKey2~0 0) (= ~__ste_Client_Keyring1_User1~0 0) (= (select |#valid| 2) 1) (= |#NULL.offset| 0) (= ~__ste_Client_AddressBook2_Alias2~0 0) (= (select |#length| 21) 20) (= (select .cse1 0) 48) (= ~__ste_email_subject1~0.offset 0) (= (select |#valid| 23) 1) (= ~__ste_Client_AddressBook0_Alias2~0 0) (= ~__ste_ClientKeyring_size0~0 0) (= ~__ste_email_isEncrypted0~0 0) (= ~queued_message~0 0) (= ~__ste_Client_AddressBook1_Address1~0 0) (= 30 (select |#length| 9)) (= ~__ste_client_idCounter0~0 0) (= 0 ~__ste_Client_AddressBook0_Address0~0) (= 29 (select |#length| 2)) (= ~__ste_client_outbuffer1~0 0) (= (select |#valid| 19) 1) (<= 0 (+ 2147483648 |ULTIMATE.start_main_~retValue_acc~36#1|)) (= ~__ste_Client_AddressBook0_Alias1~0 0) (= ~__GUIDSL_ROOT_PRODUCTION~0 0) (= (select |#valid| 16) 1) (= (select |#length| 22) 44) (= (select |#valid| 6) 1) (= ~chuck~0 0) (= 30 (select |#length| 18)) (= (select .cse1 1) 0) (= ~__ste_client_name0~0.base 0) (= ~__ste_email_id1~0 0) (= |ULTIMATE.start_setup_bob_#in~bob___0#1| |ULTIMATE.start_setup_bob_~bob___0#1|) (= ~__ste_client_outbuffer2~0 0) (= (select |#valid| 29) 1) (= |ULTIMATE.start_main_~tmp~15#1| |ULTIMATE.start_valid_product_#res#1|) (= |ULTIMATE.start_valid_product_#res#1| |ULTIMATE.start_valid_product_~retValue_acc~41#1|) (= ~__ste_ClientAddressBook_size2~0 0) (= (select |#valid| 17) 1) (= (select |#valid| 10) 1) (= ~__SELECTED_FEATURE_AutoResponder~0 0) (= ~__ste_email_encryptionKey1~0 0) (= (select |#valid| 8) 1) (= ~__ste_client_autoResponse0~0 0) (= ~__ste_email_body1~0.base 0) (= 44 (select |#length| 23)) (= ~__ste_ClientKeyring_size2~0 0) (= (select |#length| 8) 21) (= ~__ste_client_autoResponse2~0 0) (= (select |#valid| 13) 1) (< 0 |#StackHeapBarrier|) (= |#NULL.base| 0) (= 9 (select |#length| 10)) (= 21 (select |#length| 14)) (= ~__ste_email_signKey1~0 0))) [2022-11-19 08:34:16,389 INFO L902 garLoopResultBuilder]: At program point L2414-1(line 2414) the Hoare annotation is: true [2022-11-19 08:34:16,389 INFO L902 garLoopResultBuilder]: At program point ULTIMATE.startENTRY(line -1) the Hoare annotation is: true [2022-11-19 08:34:16,389 INFO L899 garLoopResultBuilder]: For program point L1820(lines 1820 1957) no Hoare annotation was computed. [2022-11-19 08:34:16,390 INFO L899 garLoopResultBuilder]: For program point L1871(lines 1871 1875) no Hoare annotation was computed. [2022-11-19 08:34:16,390 INFO L902 garLoopResultBuilder]: At program point L1855(lines 1845 1955) the Hoare annotation is: true [2022-11-19 08:34:16,390 INFO L902 garLoopResultBuilder]: At program point L2417(lines 2417 2425) the Hoare annotation is: true [2022-11-19 08:34:16,391 INFO L895 garLoopResultBuilder]: At program point L2401-1(lines 2396 2405) the Hoare annotation is: (and (= ~queued_client~0 0) (= ~__ste_Client_Keyring1_User2~0 0) (= ~__GUIDSL_NON_TERMINAL_main~0 0) (= ~__ste_email_isEncrypted1~0 0) (= ~__ste_email_subject0~0.offset 0) (= ~__SELECTED_FEATURE_Sign~0 0) (= 0 ~__ste_Client_AddressBook0_Address2~0) (= |ULTIMATE.start_setup_~__cil_tmp2~0#1.offset| 0) (= ~__ste_client_outbuffer3~0 0) (<= 1 |ULTIMATE.start_valid_product_#res#1|) (<= 1 |ULTIMATE.start_setup_bob_#in~bob___0#1|) (= ~__ste_Client_counter~0 0) (= ~__ste_Client_Keyring1_PublicKey2~0 0) (= ~__ste_client_autoResponse1~0 0) (<= 2 |ULTIMATE.start_setup_rjh_~rjh___0#1|) (= ~__ste_Client_AddressBook2_Alias0~0 0) (= |ULTIMATE.start_setup_~__cil_tmp1~0#1.offset| 0) (= 0 ~__ste_email_subject0~0.base) (= ~__ste_Client_AddressBook2_Alias1~0 0) (= ~__ste_Client_Keyring2_PublicKey2~0 0) (= ~__ste_client_forwardReceiver3~0 0) (<= |ULTIMATE.start_setup_bob_#in~bob___0#1| 1) (= 1 |ULTIMATE.start_valid_product_~retValue_acc~41#1|) (= ~__ste_client_name2~0.offset 0) (= ~__ste_client_name1~0.base 0) (<= |ULTIMATE.start_setup_chuck_#in~chuck___0#1| 3) (= ~__SELECTED_FEATURE_Verify~0 0) (= ~__ste_Client_Keyring1_User0~0 0) (<= ~__ste_client_idCounter2~0 3) (= ~__ste_email_body1~0.offset 0) (= ~__SELECTED_FEATURE_Encrypt~0 0) (= ~__ste_Client_AddressBook1_Address2~0 0) (<= 1 |ULTIMATE.start_setup_bob_~bob___0#1|) (= ~__ste_ClientAddressBook_size1~0 0) (= ~__ste_Client_Keyring0_PublicKey0~0 0) (= ~__ste_Email_counter~0 0) (= ~__ste_ClientKeyring_size1~0 0) (= ~__ste_email_body0~0.offset 0) (= ~__ste_email_isSignatureVerified0~0 0) (= ~__ste_Client_Keyring0_User2~0 0) (= ~__ste_ClientAddressBook_size0~0 0) (<= |ULTIMATE.start_main_~retValue_acc~36#1| 2147483647) (= ~__ste_Client_Keyring0_User1~0 0) (= ~__ste_Client_AddressBook1_Alias1~0 0) (= ~__ste_email_to1~0 0) (= ~__ste_client_name1~0.offset 0) (= ~__ste_client_privateKey1~0 0) (= ~head~0.offset 0) (= ~__ste_client_name0~0.offset 0) (= ~__ste_Client_Keyring0_PublicKey2~0 0) (= ~__ste_Client_Keyring1_PublicKey0~0 0) (= ~__ste_email_to0~0 0) (= ~__ste_email_signKey0~0 0) (= ~__SELECTED_FEATURE_Decrypt~0 0) (= ~__ste_email_encryptionKey0~0 0) (= ~__SELECTED_FEATURE_Keys~0 0) (= ~__SELECTED_FEATURE_AddressBook~0 0) (= ~__ste_client_forwardReceiver2~0 0) (= ~__ste_Client_Keyring0_PublicKey1~0 0) (= ~__SELECTED_FEATURE_Forward~0 0) (<= |ULTIMATE.start_setup_rjh_~rjh___0#1| 2) (= ~__ste_Client_Keyring0_User0~0 0) (= ~__ste_email_isSigned0~0 0) (= ~__ste_Client_Keyring2_PublicKey1~0 0) (= ~__ste_email_isSigned1~0 0) (= ~__ste_email_body0~0.base 0) (= ~__ste_Client_AddressBook0_Alias0~0 0) (= ~__ste_email_id0~0 0) (<= |ULTIMATE.start_setup_rjh_#in~rjh___0#1| 2) (= ~__ste_client_privateKey0~0 0) (= ~__ste_email_from0~0 0) (= ~__ste_Client_Keyring2_User1~0 0) (<= |ULTIMATE.start_setup_bob_~bob___0#1| 1) (<= 3 ~__ste_client_idCounter2~0) (= ~__ste_Client_AddressBook2_Address2~0 0) (<= |ULTIMATE.start_valid_product_#res#1| 1) (= 3 ~chuck~0) (= ~__ste_Client_AddressBook2_Address1~0 0) (= ~bob~0 1) (<= |ULTIMATE.start_main_~tmp~15#1| 1) (= ~__ste_client_forwardReceiver1~0 0) (<= 3 |ULTIMATE.start_setup_chuck_~chuck___0#1|) (= ~__ste_Client_AddressBook1_Alias2~0 0) (= ~__ste_client_outbuffer0~0 0) (= ~queue_empty~0 1) (= ~__SELECTED_FEATURE_Base~0 0) (= ~__ste_client_forwardReceiver0~0 0) (<= 3 |ULTIMATE.start_setup_chuck_#in~chuck___0#1|) (= ~__ste_Client_Keyring2_User0~0 0) (= ~rjh~0 2) (= 0 ~__ste_Client_AddressBook0_Address1~0) (= ~__ste_Client_AddressBook2_Address0~0 0) (= ~__ste_email_isSignatureVerified1~0 0) (= ~__ste_Client_Keyring1_PublicKey1~0 0) (= ~__ste_Client_Keyring2_PublicKey0~0 0) (= ~__ste_Client_AddressBook1_Address0~0 0) (= ~__ste_client_name2~0.base 0) (= ~__ste_email_from1~0 0) (<= 2 |ULTIMATE.start_setup_rjh_#in~rjh___0#1|) (= ~__ste_email_subject1~0.base 0) (= |ULTIMATE.start_setup_~__cil_tmp2~0#1.base| 25) (= ~__ste_Client_AddressBook1_Alias0~0 0) (= ~__ste_Client_Keyring2_User2~0 0) (= ~head~0.base 0) (<= |ULTIMATE.start_setup_chuck_~chuck___0#1| 3) (= ~__ste_client_privateKey2~0 0) (= ~__ste_Client_Keyring1_User1~0 0) (= |#NULL.offset| 0) (= ~__ste_Client_AddressBook2_Alias2~0 0) (<= 1 |ULTIMATE.start_main_~tmp~15#1|) (= ~__ste_email_subject1~0.offset 0) (= ~__ste_Client_AddressBook0_Alias2~0 0) (= ~__ste_ClientKeyring_size0~0 0) (= ~__ste_email_isEncrypted0~0 0) (= ~queued_message~0 0) (= ~__ste_Client_AddressBook1_Address1~0 0) (= 0 ~__ste_Client_AddressBook0_Address0~0) (= ~__ste_client_outbuffer1~0 0) (<= 0 (+ 2147483648 |ULTIMATE.start_main_~retValue_acc~36#1|)) (= ~__ste_Client_AddressBook0_Alias1~0 0) (= ~__GUIDSL_ROOT_PRODUCTION~0 0) (= |ULTIMATE.start_setup_~__cil_tmp1~0#1.base| 24) (= ~__ste_client_name0~0.base 0) (= ~__ste_email_id1~0 0) (= ~__ste_client_outbuffer2~0 0) (<= 0 |#StackHeapBarrier|) (= ~__ste_ClientAddressBook_size2~0 0) (= ~__SELECTED_FEATURE_AutoResponder~0 0) (= ~__ste_email_encryptionKey1~0 0) (= ~__ste_client_autoResponse0~0 0) (= ~__ste_email_body1~0.base 0) (= ~__ste_ClientKeyring_size2~0 0) (= ~__ste_client_autoResponse2~0 0) (= |#NULL.base| 0) (= ~__ste_email_signKey1~0 0)) [2022-11-19 08:34:16,393 INFO L895 garLoopResultBuilder]: At program point L2401(line 2401) the Hoare annotation is: (and (= ~queued_client~0 0) (= ~__ste_Client_Keyring1_User2~0 0) (= ~__GUIDSL_NON_TERMINAL_main~0 0) (= ~__ste_email_isEncrypted1~0 0) (= ~__ste_email_subject0~0.offset 0) (= ~__SELECTED_FEATURE_Sign~0 0) (= 0 ~__ste_Client_AddressBook0_Address2~0) (= |ULTIMATE.start_setup_~__cil_tmp2~0#1.offset| 0) (= ~__ste_client_outbuffer3~0 0) (<= 1 |ULTIMATE.start_valid_product_#res#1|) (<= 1 |ULTIMATE.start_setup_bob_#in~bob___0#1|) (= ~__ste_Client_counter~0 0) (= ~__ste_Client_Keyring1_PublicKey2~0 0) (= ~__ste_client_autoResponse1~0 0) (<= 2 |ULTIMATE.start_setup_rjh_~rjh___0#1|) (= ~__ste_Client_AddressBook2_Alias0~0 0) (= |ULTIMATE.start_setup_~__cil_tmp1~0#1.offset| 0) (= 0 ~__ste_email_subject0~0.base) (<= ~__ste_client_idCounter1~0 2) (= ~__ste_Client_AddressBook2_Alias1~0 0) (= ~__ste_Client_Keyring2_PublicKey2~0 0) (= ~__ste_client_forwardReceiver3~0 0) (<= |ULTIMATE.start_setup_bob_#in~bob___0#1| 1) (= 1 |ULTIMATE.start_valid_product_~retValue_acc~41#1|) (= ~__ste_client_name2~0.offset 0) (= ~__ste_client_name1~0.base 0) (= ~__SELECTED_FEATURE_Verify~0 0) (= ~__ste_Client_Keyring1_User0~0 0) (= ~__ste_email_body1~0.offset 0) (= ~__SELECTED_FEATURE_Encrypt~0 0) (= ~__ste_Client_AddressBook1_Address2~0 0) (<= 1 |ULTIMATE.start_setup_bob_~bob___0#1|) (= ~__ste_ClientAddressBook_size1~0 0) (= ~__ste_Client_Keyring0_PublicKey0~0 0) (= ~__ste_Email_counter~0 0) (= ~__ste_ClientKeyring_size1~0 0) (= ~__ste_email_body0~0.offset 0) (= ~__ste_email_isSignatureVerified0~0 0) (= |ULTIMATE.start_setup_chuck_#in~chuck___0#1| ~chuck~0) (= ~__ste_Client_Keyring0_User2~0 0) (= ~__ste_ClientAddressBook_size0~0 0) (<= |ULTIMATE.start_main_~retValue_acc~36#1| 2147483647) (= ~__ste_Client_Keyring0_User1~0 0) (= ~__ste_Client_AddressBook1_Alias1~0 0) (= ~__ste_email_to1~0 0) (= ~__ste_client_name1~0.offset 0) (= ~__ste_client_privateKey1~0 0) (= ~head~0.offset 0) (= ~__ste_client_name0~0.offset 0) (= ~__ste_Client_Keyring0_PublicKey2~0 0) (= ~__ste_Client_Keyring1_PublicKey0~0 0) (= ~__ste_email_to0~0 0) (= ~__ste_email_signKey0~0 0) (= ~__SELECTED_FEATURE_Decrypt~0 0) (= ~__ste_email_encryptionKey0~0 0) (= |ULTIMATE.start_setup_chuck_#in~chuck___0#1| |ULTIMATE.start_setup_chuck_~chuck___0#1|) (= ~__SELECTED_FEATURE_Keys~0 0) (= ~__SELECTED_FEATURE_AddressBook~0 0) (= ~__ste_client_forwardReceiver2~0 0) (= ~__ste_Client_Keyring0_PublicKey1~0 0) (= ~__SELECTED_FEATURE_Forward~0 0) (<= |ULTIMATE.start_setup_rjh_~rjh___0#1| 2) (= ~__ste_Client_Keyring0_User0~0 0) (= ~__ste_email_isSigned0~0 0) (= ~__ste_Client_Keyring2_PublicKey1~0 0) (= ~__ste_email_isSigned1~0 0) (= ~__ste_email_body0~0.base 0) (= ~__ste_Client_AddressBook0_Alias0~0 0) (= ~__ste_email_id0~0 0) (<= |ULTIMATE.start_setup_rjh_#in~rjh___0#1| 2) (= ~__ste_client_privateKey0~0 0) (= ~__ste_email_from0~0 0) (= ~__ste_Client_Keyring2_User1~0 0) (<= |ULTIMATE.start_setup_bob_~bob___0#1| 1) (= ~__ste_Client_AddressBook2_Address2~0 0) (<= |ULTIMATE.start_valid_product_#res#1| 1) (= 3 ~chuck~0) (= ~__ste_Client_AddressBook2_Address1~0 0) (= ~bob~0 1) (<= |ULTIMATE.start_main_~tmp~15#1| 1) (= ~__ste_client_forwardReceiver1~0 0) (= ~__ste_Client_AddressBook1_Alias2~0 0) (<= 2 ~__ste_client_idCounter1~0) (= ~__ste_client_outbuffer0~0 0) (= ~queue_empty~0 1) (= ~__SELECTED_FEATURE_Base~0 0) (= ~__ste_client_forwardReceiver0~0 0) (= ~__ste_Client_Keyring2_User0~0 0) (= ~rjh~0 2) (= 0 ~__ste_Client_AddressBook0_Address1~0) (= ~__ste_Client_AddressBook2_Address0~0 0) (= ~__ste_email_isSignatureVerified1~0 0) (= ~__ste_Client_Keyring1_PublicKey1~0 0) (= ~__ste_Client_Keyring2_PublicKey0~0 0) (= ~__ste_Client_AddressBook1_Address0~0 0) (= ~__ste_client_name2~0.base 0) (= ~__ste_email_from1~0 0) (<= 2 |ULTIMATE.start_setup_rjh_#in~rjh___0#1|) (= ~__ste_email_subject1~0.base 0) (= |ULTIMATE.start_setup_~__cil_tmp2~0#1.base| 25) (= ~__ste_Client_AddressBook1_Alias0~0 0) (= ~__ste_Client_Keyring2_User2~0 0) (= ~head~0.base 0) (= ~__ste_client_privateKey2~0 0) (= ~__ste_Client_Keyring1_User1~0 0) (= |#NULL.offset| 0) (= ~__ste_Client_AddressBook2_Alias2~0 0) (<= 1 |ULTIMATE.start_main_~tmp~15#1|) (= ~__ste_email_subject1~0.offset 0) (= ~__ste_Client_AddressBook0_Alias2~0 0) (= ~__ste_ClientKeyring_size0~0 0) (= ~__ste_email_isEncrypted0~0 0) (= ~queued_message~0 0) (= ~__ste_Client_AddressBook1_Address1~0 0) (= 0 ~__ste_Client_AddressBook0_Address0~0) (= ~__ste_client_outbuffer1~0 0) (<= 0 (+ 2147483648 |ULTIMATE.start_main_~retValue_acc~36#1|)) (= ~__ste_Client_AddressBook0_Alias1~0 0) (= ~__GUIDSL_ROOT_PRODUCTION~0 0) (= |ULTIMATE.start_setup_~__cil_tmp1~0#1.base| 24) (= ~__ste_client_name0~0.base 0) (= ~__ste_email_id1~0 0) (= ~__ste_client_outbuffer2~0 0) (<= 0 |#StackHeapBarrier|) (= ~__ste_ClientAddressBook_size2~0 0) (= ~__SELECTED_FEATURE_AutoResponder~0 0) (= ~__ste_email_encryptionKey1~0 0) (= ~__ste_client_autoResponse0~0 0) (= ~__ste_email_body1~0.base 0) (= ~__ste_ClientKeyring_size2~0 0) (= ~__ste_client_autoResponse2~0 0) (= |#NULL.base| 0) (= ~__ste_email_signKey1~0 0)) [2022-11-19 08:34:16,393 INFO L899 garLoopResultBuilder]: For program point L1824(lines 1824 1828) no Hoare annotation was computed. [2022-11-19 08:34:16,394 INFO L899 garLoopResultBuilder]: For program point L1940(lines 1940 1944) no Hoare annotation was computed. [2022-11-19 08:34:16,394 INFO L899 garLoopResultBuilder]: For program point L1907(lines 1907 1911) no Hoare annotation was computed. [2022-11-19 08:34:16,394 INFO L902 garLoopResultBuilder]: At program point L1940-1(lines 1812 1958) the Hoare annotation is: true [2022-11-19 08:34:16,394 INFO L902 garLoopResultBuilder]: At program point L1924(lines 1914 1949) the Hoare annotation is: true [2022-11-19 08:34:16,394 INFO L902 garLoopResultBuilder]: At program point L1891(lines 1878 1952) the Hoare annotation is: true [2022-11-19 08:34:16,394 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-19 08:34:16,394 INFO L902 garLoopResultBuilder]: At program point L1959(lines 1811 1960) the Hoare annotation is: true [2022-11-19 08:34:16,395 INFO L899 garLoopResultBuilder]: For program point L1860(lines 1860 1864) no Hoare annotation was computed. [2022-11-19 08:34:16,395 INFO L902 garLoopResultBuilder]: At program point L1877(lines 1867 1953) the Hoare annotation is: true [2022-11-19 08:34:16,395 INFO L902 garLoopResultBuilder]: At program point L1844(lines 1831 1956) the Hoare annotation is: true [2022-11-19 08:34:16,395 INFO L902 garLoopResultBuilder]: At program point L2423-1(lines 2406 2428) the Hoare annotation is: true [2022-11-19 08:34:16,395 INFO L902 garLoopResultBuilder]: At program point L2423(line 2423) the Hoare annotation is: true [2022-11-19 08:34:16,395 INFO L899 garLoopResultBuilder]: For program point L2473(lines 2473 2480) no Hoare annotation was computed. [2022-11-19 08:34:16,396 INFO L902 garLoopResultBuilder]: At program point L2473-2(lines 2473 2480) the Hoare annotation is: true [2022-11-19 08:34:16,397 INFO L895 garLoopResultBuilder]: At program point L2391-1(lines 2386 2395) the Hoare annotation is: (and (= ~queued_client~0 0) (= ~__ste_Client_Keyring1_User2~0 0) (= ~__GUIDSL_NON_TERMINAL_main~0 0) (= ~__ste_email_isEncrypted1~0 0) (= ~__ste_email_subject0~0.offset 0) (= ~__SELECTED_FEATURE_Sign~0 0) (= 0 ~__ste_Client_AddressBook0_Address2~0) (= ~__ste_client_outbuffer3~0 0) (<= 1 |ULTIMATE.start_valid_product_#res#1|) (<= 1 |ULTIMATE.start_setup_bob_#in~bob___0#1|) (= ~__ste_Client_counter~0 0) (= ~__ste_Client_Keyring1_PublicKey2~0 0) (= ~__ste_client_autoResponse1~0 0) (<= 2 |ULTIMATE.start_setup_rjh_~rjh___0#1|) (= ~__ste_Client_AddressBook2_Alias0~0 0) (= |ULTIMATE.start_setup_~__cil_tmp1~0#1.offset| 0) (= 0 ~__ste_email_subject0~0.base) (<= ~__ste_client_idCounter1~0 2) (= ~__ste_Client_AddressBook2_Alias1~0 0) (= ~__ste_Client_Keyring2_PublicKey2~0 0) (= ~__ste_client_forwardReceiver3~0 0) (<= |ULTIMATE.start_setup_bob_#in~bob___0#1| 1) (= 1 |ULTIMATE.start_valid_product_~retValue_acc~41#1|) (= ~__ste_client_name2~0.offset 0) (= ~__ste_client_name1~0.base 0) (= ~__SELECTED_FEATURE_Verify~0 0) (= ~__ste_Client_Keyring1_User0~0 0) (= ~__ste_email_body1~0.offset 0) (= ~__SELECTED_FEATURE_Encrypt~0 0) (= ~__ste_Client_AddressBook1_Address2~0 0) (<= 1 |ULTIMATE.start_setup_bob_~bob___0#1|) (= ~__ste_ClientAddressBook_size1~0 0) (= ~__ste_Client_Keyring0_PublicKey0~0 0) (= ~__ste_Email_counter~0 0) (= ~__ste_ClientKeyring_size1~0 0) (= ~__ste_email_body0~0.offset 0) (= ~__ste_email_isSignatureVerified0~0 0) (= ~__ste_Client_Keyring0_User2~0 0) (= ~__ste_ClientAddressBook_size0~0 0) (<= |ULTIMATE.start_main_~retValue_acc~36#1| 2147483647) (= ~__ste_Client_Keyring0_User1~0 0) (= ~__ste_Client_AddressBook1_Alias1~0 0) (= ~__ste_email_to1~0 0) (= ~__ste_client_name1~0.offset 0) (= ~__ste_client_privateKey1~0 0) (= ~head~0.offset 0) (= ~__ste_client_name0~0.offset 0) (= ~__ste_Client_Keyring0_PublicKey2~0 0) (= ~__ste_Client_Keyring1_PublicKey0~0 0) (= ~__ste_email_to0~0 0) (= ~__ste_email_signKey0~0 0) (= ~__SELECTED_FEATURE_Decrypt~0 0) (= ~__ste_email_encryptionKey0~0 0) (= ~__SELECTED_FEATURE_Keys~0 0) (= ~__SELECTED_FEATURE_AddressBook~0 0) (= ~__ste_client_forwardReceiver2~0 0) (= ~__ste_Client_Keyring0_PublicKey1~0 0) (= ~__SELECTED_FEATURE_Forward~0 0) (<= |ULTIMATE.start_setup_rjh_~rjh___0#1| 2) (= ~__ste_Client_Keyring0_User0~0 0) (= ~__ste_email_isSigned0~0 0) (= ~__ste_Client_Keyring2_PublicKey1~0 0) (= ~__ste_email_isSigned1~0 0) (= ~__ste_email_body0~0.base 0) (= ~__ste_Client_AddressBook0_Alias0~0 0) (= ~__ste_email_id0~0 0) (<= |ULTIMATE.start_setup_rjh_#in~rjh___0#1| 2) (= ~__ste_client_privateKey0~0 0) (= ~__ste_email_from0~0 0) (= ~__ste_Client_Keyring2_User1~0 0) (<= |ULTIMATE.start_setup_bob_~bob___0#1| 1) (= ~__ste_Client_AddressBook2_Address2~0 0) (<= |ULTIMATE.start_valid_product_#res#1| 1) (= ~__ste_Client_AddressBook2_Address1~0 0) (= ~bob~0 1) (<= |ULTIMATE.start_main_~tmp~15#1| 1) (= ~__ste_client_forwardReceiver1~0 0) (= ~__ste_Client_AddressBook1_Alias2~0 0) (<= 2 ~__ste_client_idCounter1~0) (= ~__ste_client_outbuffer0~0 0) (= ~queue_empty~0 1) (= ~__SELECTED_FEATURE_Base~0 0) (= ~__ste_client_forwardReceiver0~0 0) (= ~__ste_Client_Keyring2_User0~0 0) (= ~rjh~0 2) (= 0 ~__ste_Client_AddressBook0_Address1~0) (= ~__ste_Client_AddressBook2_Address0~0 0) (= ~__ste_email_isSignatureVerified1~0 0) (= ~__ste_Client_Keyring1_PublicKey1~0 0) (= ~__ste_Client_Keyring2_PublicKey0~0 0) (= ~__ste_Client_AddressBook1_Address0~0 0) (= ~__ste_client_name2~0.base 0) (= ~__ste_email_from1~0 0) (<= 2 |ULTIMATE.start_setup_rjh_#in~rjh___0#1|) (= ~__ste_email_subject1~0.base 0) (= ~__ste_Client_AddressBook1_Alias0~0 0) (= ~__ste_Client_Keyring2_User2~0 0) (= ~head~0.base 0) (= ~__ste_client_privateKey2~0 0) (= ~__ste_Client_Keyring1_User1~0 0) (= |#NULL.offset| 0) (= ~__ste_Client_AddressBook2_Alias2~0 0) (<= 1 |ULTIMATE.start_main_~tmp~15#1|) (= ~__ste_email_subject1~0.offset 0) (= ~__ste_Client_AddressBook0_Alias2~0 0) (= ~__ste_ClientKeyring_size0~0 0) (= ~__ste_email_isEncrypted0~0 0) (= ~queued_message~0 0) (= ~__ste_Client_AddressBook1_Address1~0 0) (= 0 ~__ste_Client_AddressBook0_Address0~0) (= ~__ste_client_outbuffer1~0 0) (<= 0 (+ 2147483648 |ULTIMATE.start_main_~retValue_acc~36#1|)) (= ~__ste_Client_AddressBook0_Alias1~0 0) (= ~__GUIDSL_ROOT_PRODUCTION~0 0) (= |ULTIMATE.start_setup_~__cil_tmp1~0#1.base| 24) (= ~chuck~0 0) (= ~__ste_client_name0~0.base 0) (= ~__ste_email_id1~0 0) (= ~__ste_client_outbuffer2~0 0) (<= 0 |#StackHeapBarrier|) (= ~__ste_ClientAddressBook_size2~0 0) (= ~__SELECTED_FEATURE_AutoResponder~0 0) (= ~__ste_email_encryptionKey1~0 0) (= ~__ste_client_autoResponse0~0 0) (= ~__ste_email_body1~0.base 0) (= ~__ste_ClientKeyring_size2~0 0) (= ~__ste_client_autoResponse2~0 0) (= |#NULL.base| 0) (= ~__ste_email_signKey1~0 0)) [2022-11-19 08:34:16,398 INFO L895 garLoopResultBuilder]: At program point L2391(line 2391) the Hoare annotation is: (and (= ~queued_client~0 0) (= ~__ste_Client_Keyring1_User2~0 0) (= ~__GUIDSL_NON_TERMINAL_main~0 0) (= ~__ste_email_isEncrypted1~0 0) (= ~__ste_email_subject0~0.offset 0) (= ~__SELECTED_FEATURE_Sign~0 0) (= 0 ~__ste_Client_AddressBook0_Address2~0) (= ~__ste_client_outbuffer3~0 0) (<= 1 |ULTIMATE.start_valid_product_#res#1|) (<= 1 |ULTIMATE.start_setup_bob_#in~bob___0#1|) (= ~__ste_Client_counter~0 0) (= ~__ste_Client_Keyring1_PublicKey2~0 0) (= ~__ste_client_autoResponse1~0 0) (= ~__ste_Client_AddressBook2_Alias0~0 0) (= |ULTIMATE.start_setup_~__cil_tmp1~0#1.offset| 0) (= 0 ~__ste_email_subject0~0.base) (= ~__ste_Client_AddressBook2_Alias1~0 0) (= ~__ste_Client_Keyring2_PublicKey2~0 0) (= ~__ste_client_forwardReceiver3~0 0) (<= |ULTIMATE.start_setup_bob_#in~bob___0#1| 1) (= 1 |ULTIMATE.start_valid_product_~retValue_acc~41#1|) (= ~__ste_client_name2~0.offset 0) (= ~__ste_client_name1~0.base 0) (= ~__SELECTED_FEATURE_Verify~0 0) (= ~__ste_Client_Keyring1_User0~0 0) (= ~__ste_email_body1~0.offset 0) (= ~__SELECTED_FEATURE_Encrypt~0 0) (= ~__ste_Client_AddressBook1_Address2~0 0) (<= 1 |ULTIMATE.start_setup_bob_~bob___0#1|) (= ~__ste_ClientAddressBook_size1~0 0) (= ~__ste_Client_Keyring0_PublicKey0~0 0) (= ~__ste_Email_counter~0 0) (= ~__ste_ClientKeyring_size1~0 0) (= ~__ste_email_body0~0.offset 0) (= ~__ste_email_isSignatureVerified0~0 0) (= ~__ste_Client_Keyring0_User2~0 0) (= ~__ste_ClientAddressBook_size0~0 0) (<= |ULTIMATE.start_main_~retValue_acc~36#1| 2147483647) (= ~__ste_Client_Keyring0_User1~0 0) (= ~__ste_Client_AddressBook1_Alias1~0 0) (= ~__ste_email_to1~0 0) (= ~__ste_client_name1~0.offset 0) (= ~__ste_client_privateKey1~0 0) (= ~head~0.offset 0) (= ~__ste_client_name0~0.offset 0) (= ~__ste_Client_Keyring0_PublicKey2~0 0) (= ~__ste_Client_Keyring1_PublicKey0~0 0) (= |ULTIMATE.start_setup_rjh_#in~rjh___0#1| ~rjh~0) (= ~__ste_email_to0~0 0) (= ~__ste_email_signKey0~0 0) (= ~__SELECTED_FEATURE_Decrypt~0 0) (= ~__ste_email_encryptionKey0~0 0) (= ~__SELECTED_FEATURE_Keys~0 0) (= ~__SELECTED_FEATURE_AddressBook~0 0) (= ~__ste_client_forwardReceiver2~0 0) (= ~__ste_Client_Keyring0_PublicKey1~0 0) (= |ULTIMATE.start_setup_rjh_#in~rjh___0#1| |ULTIMATE.start_setup_rjh_~rjh___0#1|) (= ~__SELECTED_FEATURE_Forward~0 0) (= ~__ste_Client_Keyring0_User0~0 0) (= ~__ste_email_isSigned0~0 0) (= ~__ste_Client_Keyring2_PublicKey1~0 0) (= ~__ste_email_isSigned1~0 0) (= ~__ste_email_body0~0.base 0) (= ~__ste_Client_AddressBook0_Alias0~0 0) (= ~__ste_email_id0~0 0) (= ~__ste_client_privateKey0~0 0) (= ~__ste_email_from0~0 0) (= ~__ste_Client_Keyring2_User1~0 0) (<= |ULTIMATE.start_setup_bob_~bob___0#1| 1) (= ~__ste_Client_AddressBook2_Address2~0 0) (<= |ULTIMATE.start_valid_product_#res#1| 1) (= ~__ste_Client_AddressBook2_Address1~0 0) (= ~bob~0 1) (<= |ULTIMATE.start_main_~tmp~15#1| 1) (= ~__ste_client_forwardReceiver1~0 0) (= ~__ste_Client_AddressBook1_Alias2~0 0) (= ~__ste_client_outbuffer0~0 0) (= ~queue_empty~0 1) (= ~__SELECTED_FEATURE_Base~0 0) (= ~__ste_client_forwardReceiver0~0 0) (= ~__ste_Client_Keyring2_User0~0 0) (= ~rjh~0 2) (= 0 ~__ste_Client_AddressBook0_Address1~0) (= ~__ste_Client_AddressBook2_Address0~0 0) (= ~__ste_email_isSignatureVerified1~0 0) (= ~__ste_Client_Keyring1_PublicKey1~0 0) (= ~__ste_Client_Keyring2_PublicKey0~0 0) (= ~__ste_Client_AddressBook1_Address0~0 0) (= ~__ste_client_name2~0.base 0) (= ~__ste_email_from1~0 0) (<= ~__ste_client_idCounter0~0 1) (= ~__ste_email_subject1~0.base 0) (= ~__ste_Client_AddressBook1_Alias0~0 0) (= ~__ste_Client_Keyring2_User2~0 0) (= ~head~0.base 0) (= ~__ste_client_privateKey2~0 0) (= ~__ste_Client_Keyring1_User1~0 0) (= |#NULL.offset| 0) (= ~__ste_Client_AddressBook2_Alias2~0 0) (<= 1 |ULTIMATE.start_main_~tmp~15#1|) (= ~__ste_email_subject1~0.offset 0) (= ~__ste_Client_AddressBook0_Alias2~0 0) (= ~__ste_ClientKeyring_size0~0 0) (= ~__ste_email_isEncrypted0~0 0) (= ~queued_message~0 0) (= ~__ste_Client_AddressBook1_Address1~0 0) (= 0 ~__ste_Client_AddressBook0_Address0~0) (<= 1 ~__ste_client_idCounter0~0) (= ~__ste_client_outbuffer1~0 0) (<= 0 (+ 2147483648 |ULTIMATE.start_main_~retValue_acc~36#1|)) (= ~__ste_Client_AddressBook0_Alias1~0 0) (= ~__GUIDSL_ROOT_PRODUCTION~0 0) (= |ULTIMATE.start_setup_~__cil_tmp1~0#1.base| 24) (= ~chuck~0 0) (= ~__ste_client_name0~0.base 0) (= ~__ste_email_id1~0 0) (= ~__ste_client_outbuffer2~0 0) (<= 0 |#StackHeapBarrier|) (= ~__ste_ClientAddressBook_size2~0 0) (= ~__SELECTED_FEATURE_AutoResponder~0 0) (= ~__ste_email_encryptionKey1~0 0) (= ~__ste_client_autoResponse0~0 0) (= ~__ste_email_body1~0.base 0) (= ~__ste_ClientKeyring_size2~0 0) (= ~__ste_client_autoResponse2~0 0) (= |#NULL.base| 0) (= ~__ste_email_signKey1~0 0)) [2022-11-19 08:34:16,399 INFO L899 garLoopResultBuilder]: For program point L1813(lines 1812 1958) no Hoare annotation was computed. [2022-11-19 08:34:16,399 INFO L899 garLoopResultBuilder]: For program point L1929(lines 1929 1933) no Hoare annotation was computed. [2022-11-19 08:34:16,399 INFO L899 garLoopResultBuilder]: For program point L1896(lines 1896 1900) no Hoare annotation was computed. [2022-11-19 08:34:16,399 INFO L902 garLoopResultBuilder]: At program point L1830(lines 1820 1957) the Hoare annotation is: true [2022-11-19 08:34:16,399 INFO L902 garLoopResultBuilder]: At program point L1913(lines 1903 1950) the Hoare annotation is: true [2022-11-19 08:34:16,400 INFO L902 garLoopResultBuilder]: At program point L1882(lines 1882 1889) the Hoare annotation is: true [2022-11-19 08:34:16,400 INFO L899 garLoopResultBuilder]: For program point L1849(lines 1849 1853) no Hoare annotation was computed. [2022-11-19 08:34:16,400 INFO L902 garLoopResultBuilder]: At program point L1866(lines 1856 1954) the Hoare annotation is: true [2022-11-19 08:34:16,400 INFO L902 garLoopResultBuilder]: At program point L1835(lines 1835 1842) the Hoare annotation is: true [2022-11-19 08:34:16,400 INFO L899 garLoopResultBuilder]: For program point getEmailFromEXIT(lines 125 143) no Hoare annotation was computed. [2022-11-19 08:34:16,400 INFO L902 garLoopResultBuilder]: At program point getEmailFromENTRY(lines 125 143) the Hoare annotation is: true [2022-11-19 08:34:16,400 INFO L899 garLoopResultBuilder]: For program point isReadableEXIT(lines 2534 2542) no Hoare annotation was computed. [2022-11-19 08:34:16,401 INFO L902 garLoopResultBuilder]: At program point isReadableENTRY(lines 2534 2542) the Hoare annotation is: true [2022-11-19 08:34:16,401 INFO L902 garLoopResultBuilder]: At program point queueENTRY(lines 1699 1708) the Hoare annotation is: true [2022-11-19 08:34:16,401 INFO L899 garLoopResultBuilder]: For program point queueEXIT(lines 1699 1708) no Hoare annotation was computed. [2022-11-19 08:34:16,401 INFO L899 garLoopResultBuilder]: For program point setClientIdEXIT(lines 1538 1557) no Hoare annotation was computed. [2022-11-19 08:34:16,401 INFO L902 garLoopResultBuilder]: At program point setClientIdENTRY(lines 1538 1557) the Hoare annotation is: true [2022-11-19 08:34:16,404 INFO L444 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1] [2022-11-19 08:34:16,407 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-19 08:34:16,517 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 19.11 08:34:16 BoogieIcfgContainer [2022-11-19 08:34:16,518 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-19 08:34:16,518 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-19 08:34:16,518 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-19 08:34:16,519 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-19 08:34:16,519 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 19.11 08:23:04" (3/4) ... [2022-11-19 08:34:16,522 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-19 08:34:16,528 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure outgoing [2022-11-19 08:34:16,528 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure sendEmail [2022-11-19 08:34:16,528 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure setEmailFrom [2022-11-19 08:34:16,528 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure setEmailTo [2022-11-19 08:34:16,529 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure getEmailTo [2022-11-19 08:34:16,529 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure getEmailFrom [2022-11-19 08:34:16,529 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isReadable [2022-11-19 08:34:16,529 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure queue [2022-11-19 08:34:16,529 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure setClientId [2022-11-19 08:34:16,540 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 109 nodes and edges [2022-11-19 08:34:16,541 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 40 nodes and edges [2022-11-19 08:34:16,543 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 8 nodes and edges [2022-11-19 08:34:16,544 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 3 nodes and edges [2022-11-19 08:34:16,545 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-19 08:34:16,546 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-19 08:34:16,571 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((queued_client == 0 && __ste_Client_Keyring1_User2 == 0) && __GUIDSL_NON_TERMINAL_main == 0) && __ste_email_isEncrypted1 == 0) && __ste_email_subject0 == 0) && __SELECTED_FEATURE_Sign == 0) && 0 == __ste_Client_AddressBook0_Address2) && __ste_client_outbuffer3 == 0) && 1 <= \result) && 1 <= \old(bob___0)) && __ste_Client_counter == 0) && rjh == 0) && __ste_Client_Keyring1_PublicKey2 == 0) && __ste_client_autoResponse1 == 0) && __ste_Client_AddressBook2_Alias0 == 0) && 0 == __ste_email_subject0) && __ste_Client_AddressBook2_Alias1 == 0) && __ste_Client_Keyring2_PublicKey2 == 0) && __ste_client_forwardReceiver3 == 0) && \old(bob___0) <= 1) && 1 == retValue_acc) && __ste_client_name2 == 0) && __ste_client_name1 == 0) && __SELECTED_FEATURE_Verify == 0) && __ste_Client_Keyring1_User0 == 0) && __ste_email_body1 == 0) && __SELECTED_FEATURE_Encrypt == 0) && __ste_Client_AddressBook1_Address2 == 0) && 1 <= bob___0) && __ste_ClientAddressBook_size1 == 0) && __ste_Client_Keyring0_PublicKey0 == 0) && __ste_Email_counter == 0) && __ste_ClientKeyring_size1 == 0) && __ste_email_body0 == 0) && __ste_email_isSignatureVerified0 == 0) && __ste_Client_Keyring0_User2 == 0) && __ste_ClientAddressBook_size0 == 0) && retValue_acc <= 2147483647) && __ste_Client_Keyring0_User1 == 0) && __ste_Client_AddressBook1_Alias1 == 0) && __ste_email_to1 == 0) && __ste_client_name1 == 0) && __ste_client_privateKey1 == 0) && head == 0) && __ste_client_name0 == 0) && __ste_Client_Keyring0_PublicKey2 == 0) && __ste_Client_Keyring1_PublicKey0 == 0) && __ste_email_to0 == 0) && __ste_email_signKey0 == 0) && __SELECTED_FEATURE_Decrypt == 0) && __ste_email_encryptionKey0 == 0) && __SELECTED_FEATURE_Keys == 0) && __SELECTED_FEATURE_AddressBook == 0) && __ste_client_forwardReceiver2 == 0) && __ste_Client_Keyring0_PublicKey1 == 0) && __SELECTED_FEATURE_Forward == 0) && __ste_Client_Keyring0_User0 == 0) && __ste_email_isSigned0 == 0) && __ste_Client_Keyring2_PublicKey1 == 0) && __ste_email_isSigned1 == 0) && __ste_email_body0 == 0) && __ste_Client_AddressBook0_Alias0 == 0) && __ste_email_id0 == 0) && __ste_client_privateKey0 == 0) && __ste_email_from0 == 0) && __ste_Client_Keyring2_User1 == 0) && bob___0 <= 1) && __ste_Client_AddressBook2_Address2 == 0) && \result <= 1) && __ste_Client_AddressBook2_Address1 == 0) && bob == 1) && tmp <= 1) && __ste_client_forwardReceiver1 == 0) && __ste_Client_AddressBook1_Alias2 == 0) && __ste_client_outbuffer0 == 0) && queue_empty == 1) && __SELECTED_FEATURE_Base == 0) && __ste_client_forwardReceiver0 == 0) && __ste_Client_Keyring2_User0 == 0) && 0 == __ste_Client_AddressBook0_Address1) && __ste_Client_AddressBook2_Address0 == 0) && __ste_email_isSignatureVerified1 == 0) && __ste_Client_Keyring1_PublicKey1 == 0) && __ste_Client_Keyring2_PublicKey0 == 0) && __ste_Client_AddressBook1_Address0 == 0) && __ste_client_name2 == 0) && __ste_email_from1 == 0) && __ste_client_idCounter0 <= 1) && __ste_email_subject1 == 0) && __ste_Client_AddressBook1_Alias0 == 0) && __ste_Client_Keyring2_User2 == 0) && head == 0) && __ste_client_privateKey2 == 0) && __ste_Client_Keyring1_User1 == 0) && #NULL == 0) && __ste_Client_AddressBook2_Alias2 == 0) && 1 <= tmp) && __ste_email_subject1 == 0) && __ste_Client_AddressBook0_Alias2 == 0) && __ste_ClientKeyring_size0 == 0) && __ste_email_isEncrypted0 == 0) && queued_message == 0) && __ste_Client_AddressBook1_Address1 == 0) && 0 == __ste_Client_AddressBook0_Address0) && 1 <= __ste_client_idCounter0) && __ste_client_outbuffer1 == 0) && 0 <= 2147483648 + retValue_acc) && __ste_Client_AddressBook0_Alias1 == 0) && __GUIDSL_ROOT_PRODUCTION == 0) && chuck == 0) && __ste_client_name0 == 0) && __ste_email_id1 == 0) && __ste_client_outbuffer2 == 0) && 0 <= unknown-#StackHeapBarrier-unknown) && __ste_ClientAddressBook_size2 == 0) && __SELECTED_FEATURE_AutoResponder == 0) && __ste_email_encryptionKey1 == 0) && __ste_client_autoResponse0 == 0) && __ste_email_body1 == 0) && __ste_ClientKeyring_size2 == 0) && __ste_client_autoResponse2 == 0) && #NULL == 0) && __ste_email_signKey1 == 0 [2022-11-19 08:34:16,572 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((queued_client == 0 && __ste_Client_Keyring1_User2 == 0) && __GUIDSL_NON_TERMINAL_main == 0) && __ste_email_isEncrypted1 == 0) && __ste_email_subject0 == 0) && __SELECTED_FEATURE_Sign == 0) && 0 == __ste_Client_AddressBook0_Address2) && __ste_client_outbuffer3 == 0) && 1 <= \result) && 1 <= \old(bob___0)) && __ste_Client_counter == 0) && __ste_Client_Keyring1_PublicKey2 == 0) && __ste_client_autoResponse1 == 0) && 2 <= rjh___0) && __ste_Client_AddressBook2_Alias0 == 0) && __cil_tmp1 == 0) && 0 == __ste_email_subject0) && __ste_client_idCounter1 <= 2) && __ste_Client_AddressBook2_Alias1 == 0) && __ste_Client_Keyring2_PublicKey2 == 0) && __ste_client_forwardReceiver3 == 0) && \old(bob___0) <= 1) && 1 == retValue_acc) && __ste_client_name2 == 0) && __ste_client_name1 == 0) && __SELECTED_FEATURE_Verify == 0) && __ste_Client_Keyring1_User0 == 0) && __ste_email_body1 == 0) && __SELECTED_FEATURE_Encrypt == 0) && __ste_Client_AddressBook1_Address2 == 0) && 1 <= bob___0) && __ste_ClientAddressBook_size1 == 0) && __ste_Client_Keyring0_PublicKey0 == 0) && __ste_Email_counter == 0) && __ste_ClientKeyring_size1 == 0) && __ste_email_body0 == 0) && __ste_email_isSignatureVerified0 == 0) && __ste_Client_Keyring0_User2 == 0) && __ste_ClientAddressBook_size0 == 0) && retValue_acc <= 2147483647) && __ste_Client_Keyring0_User1 == 0) && __ste_Client_AddressBook1_Alias1 == 0) && __ste_email_to1 == 0) && __ste_client_name1 == 0) && __ste_client_privateKey1 == 0) && head == 0) && __ste_client_name0 == 0) && __ste_Client_Keyring0_PublicKey2 == 0) && __ste_Client_Keyring1_PublicKey0 == 0) && __ste_email_to0 == 0) && __ste_email_signKey0 == 0) && __SELECTED_FEATURE_Decrypt == 0) && __ste_email_encryptionKey0 == 0) && __SELECTED_FEATURE_Keys == 0) && __SELECTED_FEATURE_AddressBook == 0) && __ste_client_forwardReceiver2 == 0) && __ste_Client_Keyring0_PublicKey1 == 0) && __SELECTED_FEATURE_Forward == 0) && rjh___0 <= 2) && __ste_Client_Keyring0_User0 == 0) && __ste_email_isSigned0 == 0) && __ste_Client_Keyring2_PublicKey1 == 0) && __ste_email_isSigned1 == 0) && __ste_email_body0 == 0) && __ste_Client_AddressBook0_Alias0 == 0) && __ste_email_id0 == 0) && \old(rjh___0) <= 2) && __ste_client_privateKey0 == 0) && __ste_email_from0 == 0) && __ste_Client_Keyring2_User1 == 0) && bob___0 <= 1) && __ste_Client_AddressBook2_Address2 == 0) && \result <= 1) && __ste_Client_AddressBook2_Address1 == 0) && bob == 1) && tmp <= 1) && __ste_client_forwardReceiver1 == 0) && __ste_Client_AddressBook1_Alias2 == 0) && 2 <= __ste_client_idCounter1) && __ste_client_outbuffer0 == 0) && queue_empty == 1) && __SELECTED_FEATURE_Base == 0) && __ste_client_forwardReceiver0 == 0) && __ste_Client_Keyring2_User0 == 0) && rjh == 2) && 0 == __ste_Client_AddressBook0_Address1) && __ste_Client_AddressBook2_Address0 == 0) && __ste_email_isSignatureVerified1 == 0) && __ste_Client_Keyring1_PublicKey1 == 0) && __ste_Client_Keyring2_PublicKey0 == 0) && __ste_Client_AddressBook1_Address0 == 0) && __ste_client_name2 == 0) && __ste_email_from1 == 0) && 2 <= \old(rjh___0)) && __ste_email_subject1 == 0) && __ste_Client_AddressBook1_Alias0 == 0) && __ste_Client_Keyring2_User2 == 0) && head == 0) && __ste_client_privateKey2 == 0) && __ste_Client_Keyring1_User1 == 0) && #NULL == 0) && __ste_Client_AddressBook2_Alias2 == 0) && 1 <= tmp) && __ste_email_subject1 == 0) && __ste_Client_AddressBook0_Alias2 == 0) && __ste_ClientKeyring_size0 == 0) && __ste_email_isEncrypted0 == 0) && queued_message == 0) && __ste_Client_AddressBook1_Address1 == 0) && 0 == __ste_Client_AddressBook0_Address0) && __ste_client_outbuffer1 == 0) && 0 <= 2147483648 + retValue_acc) && __ste_Client_AddressBook0_Alias1 == 0) && __GUIDSL_ROOT_PRODUCTION == 0) && __cil_tmp1 == 24) && chuck == 0) && __ste_client_name0 == 0) && __ste_email_id1 == 0) && __ste_client_outbuffer2 == 0) && 0 <= unknown-#StackHeapBarrier-unknown) && __ste_ClientAddressBook_size2 == 0) && __SELECTED_FEATURE_AutoResponder == 0) && __ste_email_encryptionKey1 == 0) && __ste_client_autoResponse0 == 0) && __ste_email_body1 == 0) && __ste_ClientKeyring_size2 == 0) && __ste_client_autoResponse2 == 0) && #NULL == 0) && __ste_email_signKey1 == 0 [2022-11-19 08:34:16,572 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((queued_client == 0 && __ste_Client_Keyring1_User2 == 0) && __GUIDSL_NON_TERMINAL_main == 0) && __ste_email_isEncrypted1 == 0) && __ste_email_subject0 == 0) && __SELECTED_FEATURE_Sign == 0) && 0 == __ste_Client_AddressBook0_Address2) && __cil_tmp2 == 0) && __ste_client_outbuffer3 == 0) && 1 <= \result) && 1 <= \old(bob___0)) && __ste_Client_counter == 0) && __ste_Client_Keyring1_PublicKey2 == 0) && __ste_client_autoResponse1 == 0) && 2 <= rjh___0) && __ste_Client_AddressBook2_Alias0 == 0) && __cil_tmp1 == 0) && 0 == __ste_email_subject0) && __ste_Client_AddressBook2_Alias1 == 0) && __ste_Client_Keyring2_PublicKey2 == 0) && __ste_client_forwardReceiver3 == 0) && \old(bob___0) <= 1) && 1 == retValue_acc) && __ste_client_name2 == 0) && __ste_client_name1 == 0) && \old(chuck___0) <= 3) && __SELECTED_FEATURE_Verify == 0) && __ste_Client_Keyring1_User0 == 0) && __ste_client_idCounter2 <= 3) && __ste_email_body1 == 0) && __SELECTED_FEATURE_Encrypt == 0) && __ste_Client_AddressBook1_Address2 == 0) && 1 <= bob___0) && __ste_ClientAddressBook_size1 == 0) && __ste_Client_Keyring0_PublicKey0 == 0) && __ste_Email_counter == 0) && __ste_ClientKeyring_size1 == 0) && __ste_email_body0 == 0) && __ste_email_isSignatureVerified0 == 0) && __ste_Client_Keyring0_User2 == 0) && __ste_ClientAddressBook_size0 == 0) && retValue_acc <= 2147483647) && __ste_Client_Keyring0_User1 == 0) && __ste_Client_AddressBook1_Alias1 == 0) && __ste_email_to1 == 0) && __ste_client_name1 == 0) && __ste_client_privateKey1 == 0) && head == 0) && __ste_client_name0 == 0) && __ste_Client_Keyring0_PublicKey2 == 0) && __ste_Client_Keyring1_PublicKey0 == 0) && __ste_email_to0 == 0) && __ste_email_signKey0 == 0) && __SELECTED_FEATURE_Decrypt == 0) && __ste_email_encryptionKey0 == 0) && __SELECTED_FEATURE_Keys == 0) && __SELECTED_FEATURE_AddressBook == 0) && __ste_client_forwardReceiver2 == 0) && __ste_Client_Keyring0_PublicKey1 == 0) && __SELECTED_FEATURE_Forward == 0) && rjh___0 <= 2) && __ste_Client_Keyring0_User0 == 0) && __ste_email_isSigned0 == 0) && __ste_Client_Keyring2_PublicKey1 == 0) && __ste_email_isSigned1 == 0) && __ste_email_body0 == 0) && __ste_Client_AddressBook0_Alias0 == 0) && __ste_email_id0 == 0) && \old(rjh___0) <= 2) && __ste_client_privateKey0 == 0) && __ste_email_from0 == 0) && __ste_Client_Keyring2_User1 == 0) && bob___0 <= 1) && 3 <= __ste_client_idCounter2) && __ste_Client_AddressBook2_Address2 == 0) && \result <= 1) && 3 == chuck) && __ste_Client_AddressBook2_Address1 == 0) && bob == 1) && tmp <= 1) && __ste_client_forwardReceiver1 == 0) && 3 <= chuck___0) && __ste_Client_AddressBook1_Alias2 == 0) && __ste_client_outbuffer0 == 0) && queue_empty == 1) && __SELECTED_FEATURE_Base == 0) && __ste_client_forwardReceiver0 == 0) && 3 <= \old(chuck___0)) && __ste_Client_Keyring2_User0 == 0) && rjh == 2) && 0 == __ste_Client_AddressBook0_Address1) && __ste_Client_AddressBook2_Address0 == 0) && __ste_email_isSignatureVerified1 == 0) && __ste_Client_Keyring1_PublicKey1 == 0) && __ste_Client_Keyring2_PublicKey0 == 0) && __ste_Client_AddressBook1_Address0 == 0) && __ste_client_name2 == 0) && __ste_email_from1 == 0) && 2 <= \old(rjh___0)) && __ste_email_subject1 == 0) && __cil_tmp2 == 25) && __ste_Client_AddressBook1_Alias0 == 0) && __ste_Client_Keyring2_User2 == 0) && head == 0) && chuck___0 <= 3) && __ste_client_privateKey2 == 0) && __ste_Client_Keyring1_User1 == 0) && #NULL == 0) && __ste_Client_AddressBook2_Alias2 == 0) && 1 <= tmp) && __ste_email_subject1 == 0) && __ste_Client_AddressBook0_Alias2 == 0) && __ste_ClientKeyring_size0 == 0) && __ste_email_isEncrypted0 == 0) && queued_message == 0) && __ste_Client_AddressBook1_Address1 == 0) && 0 == __ste_Client_AddressBook0_Address0) && __ste_client_outbuffer1 == 0) && 0 <= 2147483648 + retValue_acc) && __ste_Client_AddressBook0_Alias1 == 0) && __GUIDSL_ROOT_PRODUCTION == 0) && __cil_tmp1 == 24) && __ste_client_name0 == 0) && __ste_email_id1 == 0) && __ste_client_outbuffer2 == 0) && 0 <= unknown-#StackHeapBarrier-unknown) && __ste_ClientAddressBook_size2 == 0) && __SELECTED_FEATURE_AutoResponder == 0) && __ste_email_encryptionKey1 == 0) && __ste_client_autoResponse0 == 0) && __ste_email_body1 == 0) && __ste_ClientKeyring_size2 == 0) && __ste_client_autoResponse2 == 0) && #NULL == 0) && __ste_email_signKey1 == 0 [2022-11-19 08:34:16,575 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((!(__ste_client_privateKey0 <= 0) || !(0 <= __ste_email_subject0)) || !(__ste_Client_AddressBook1_Address2 == 0)) || !(0 <= __ste_Client_AddressBook2_Address1)) || !(0 <= \old(queued_message))) || !(__ste_email_isEncrypted1 <= 0)) || !(0 <= __ste_client_privateKey0)) || !(__ste_email_subject1 <= 0)) || !(0 <= \old(__ste_email_from0))) || !(__ste_email_signKey1 <= 0)) || !(__SELECTED_FEATURE_Verify <= 0)) || !(0 <= __ste_email_subject1)) || !(0 <= __ste_Client_AddressBook1_Address1)) || !(0 <= head)) || !(__ste_client_name2 == 0)) || !(__ste_Client_AddressBook1_Alias1 == 0)) || !(__SELECTED_FEATURE_AutoResponder <= 0)) || !(__ste_Client_AddressBook0_Alias1 <= 0)) || !(0 <= #NULL)) || !(__ste_client_privateKey1 <= 0)) || !(__ste_Client_AddressBook2_Alias0 <= 0)) || !(0 <= __ste_client_forwardReceiver1)) || !(0 <= __ste_client_privateKey1)) || !(__ste_Client_counter == 0)) || !(0 <= __ste_email_id1)) || !(__ste_Client_AddressBook2_Address1 <= 0)) || !(3 <= chuck)) || !(\old(queued_message) <= 0)) || !(__ste_ClientAddressBook_size1 <= 0)) || !(__ste_Client_Keyring1_PublicKey1 == 0)) || !(0 <= __ste_Client_Keyring0_User0)) || !(0 <= __ste_email_body1)) || !(\old(queued_client) <= 0)) || !(__ste_ClientAddressBook_size2 == 0)) || !(0 <= __ste_email_encryptionKey0)) || !(0 <= __ste_Client_Keyring1_User2)) || !(__ste_ClientKeyring_size0 <= 0)) || !(0 <= __SELECTED_FEATURE_AddressBook)) || (((((((((((((((((queued_message <= 0 && \old(receiver) == receiver) && from == __ste_email_from0) && to <= 2) && 0 <= queued_message) && from == \old(from)) && 1 <= sender) && sender <= 1) && \old(queue_empty) == queue_empty) && __ste_email_from0 <= 0) && queued_client == \old(queued_client)) && \old(to) <= 2) && 2 <= \old(to)) && 2 <= __ste_email_to0) && 2 <= to) && __ste_email_to0 <= 2) && 1 == msg) && 0 <= \old(from))) || !(__SELECTED_FEATURE_Decrypt <= 0)) || !(0 <= __ste_Client_AddressBook2_Address0)) || !(__ste_client_outbuffer1 <= 0)) || !(__ste_Client_Keyring0_User2 == 0)) || !(0 <= __GUIDSL_ROOT_PRODUCTION)) || !(head <= 0)) || !(__ste_Client_AddressBook2_Alias2 == 0)) || !(\old(__ste_email_to1) <= 0)) || !(__ste_Client_Keyring0_PublicKey2 <= 0)) || !(0 <= __ste_Client_AddressBook2_Alias0)) || !(2 <= rjh)) || !(bob <= 1)) || !(0 <= __ste_ClientKeyring_size1)) || !(__ste_Client_AddressBook2_Address0 <= 0)) || !(0 <= __SELECTED_FEATURE_AutoResponder)) || !(__ste_ClientAddressBook_size0 <= 0)) || !(rjh <= 2)) || !(0 <= __ste_Client_AddressBook0_Alias2)) || !(0 <= __ste_email_isSignatureVerified0)) || !(__SELECTED_FEATURE_Forward == 0)) || !(__ste_Client_AddressBook2_Alias1 <= 0)) || !(0 <= __ste_Client_Keyring2_PublicKey0)) || !(__ste_Client_AddressBook1_Alias0 <= 0)) || !(__ste_Client_AddressBook1_Address1 <= 0)) || !(__ste_email_body1 == 0)) || !(0 <= __SELECTED_FEATURE_Decrypt)) || !(__ste_client_forwardReceiver0 == 0)) || !(__ste_email_body0 == 0)) || !(0 <= __ste_Client_Keyring1_PublicKey2)) || !(0 <= __ste_Client_Keyring0_PublicKey2)) || !(0 <= __GUIDSL_NON_TERMINAL_main)) || !(__ste_client_name2 <= 0)) || !(1 <= bob)) || !(head == 0)) || !(__ste_email_subject0 <= 0)) || !(0 <= __ste_Client_Keyring2_User1)) || !(0 <= __ste_client_name2)) || !(__ste_client_forwardReceiver3 <= 0)) || !(0 <= __ste_email_isSignatureVerified1)) || !(__SELECTED_FEATURE_Sign == 0)) || !(0 <= __ste_email_signKey1)) || !(0 <= __ste_client_outbuffer1)) || !(bob == \old(sender))) || !(0 <= __ste_ClientAddressBook_size1)) || !(0 <= \old(__ste_email_to1))) || !(0 <= __ste_client_name0)) || !(0 <= \old(queued_client))) || !(0 <= __ste_Client_AddressBook1_Alias0)) || !(__ste_Client_Keyring1_User1 == 0)) || !(__ste_client_outbuffer0 <= 0)) || !(__ste_client_name0 <= 0)) || !(__ste_email_id1 <= 0)) || !(__SELECTED_FEATURE_Encrypt <= 0)) || !(__ste_client_privateKey2 <= 0)) || !(0 <= __ste_email_isSigned0)) || !(0 <= __ste_client_autoResponse2)) || !(__ste_Client_AddressBook0_Alias0 == 0)) || !(__ste_Client_Keyring1_PublicKey2 <= 0)) || !(__ste_Client_Keyring1_PublicKey0 <= 0)) || !(__ste_client_outbuffer3 == 0)) || !(__ste_client_autoResponse0 <= 0)) || !(__ste_Client_AddressBook0_Alias2 <= 0)) || !(0 <= __ste_client_privateKey2)) || !(\old(receiver) == rjh)) || !(__ste_ClientKeyring_size1 <= 0)) || !(__ste_client_name0 <= 0)) || !(__ste_Client_Keyring2_PublicKey1 == 0)) || !(__SELECTED_FEATURE_Base == 0)) || !(__ste_Client_AddressBook1_Alias2 <= 0)) || !(0 <= \old(__ste_email_from1))) || !(__ste_email_encryptionKey1 == 0)) || !(#NULL <= 0)) || !(__ste_Client_AddressBook0_Address1 <= 0)) || !(0 <= __ste_client_forwardReceiver2)) || !(__ste_email_subject0 <= 0)) || !(0 <= __ste_Email_counter)) || !(0 <= __SELECTED_FEATURE_Encrypt)) || !(__ste_Client_Keyring1_User0 <= 0)) || !(0 <= __ste_email_isEncrypted1)) || !(#NULL == 0)) || !(__ste_Client_Keyring0_PublicKey1 == 0)) || !(__ste_Client_Keyring0_User1 == 0)) || !(0 <= __ste_ClientKeyring_size0)) || !(__ste_Client_AddressBook0_Address2 <= 0)) || !(chuck <= 3)) || !(0 <= __SELECTED_FEATURE_Verify)) || !(__ste_Client_Keyring2_User1 <= 0)) || !(0 <= __ste_client_forwardReceiver3)) || !(0 <= __ste_Client_AddressBook2_Alias1)) || !(\old(__ste_email_to0) <= 0)) || !(__ste_Client_Keyring2_User2 <= 0)) || !(0 <= __ste_email_isSigned1)) || !(__SELECTED_FEATURE_AddressBook <= 0)) || !(__ste_email_subject1 == 0)) || !(0 <= __ste_Client_AddressBook1_Alias2)) || !(__ste_email_isSigned1 <= 0)) || !(__ste_Client_AddressBook2_Address2 == 0)) || !(__ste_client_name1 == 0)) || !(__ste_client_forwardReceiver2 <= 0)) || !(0 <= __ste_Client_Keyring2_User2)) || !(__SELECTED_FEATURE_Keys <= 0)) || !(__ste_email_body0 == 0)) || !(__ste_ClientKeyring_size2 == 0)) || !(0 <= __ste_Client_Keyring0_PublicKey0)) || !(\old(__ste_email_from1) <= 0)) || !(0 <= __ste_client_name1)) || !(\old(queue_empty) <= 1)) || !(__ste_Client_AddressBook0_Address0 <= 0)) || !(0 <= __ste_Client_AddressBook0_Address0)) || !(__ste_client_idCounter2 <= 3)) || !(__ste_Client_AddressBook1_Address0 == 0)) || !(0 <= __ste_Client_AddressBook0_Alias1)) || !(0 <= __ste_email_id0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(__ste_email_isSignatureVerified0 <= 0)) || !(0 <= __ste_Client_Keyring1_PublicKey0)) || !(0 <= __ste_ClientAddressBook_size0)) || !(1 <= \old(queue_empty))) || !(0 <= __SELECTED_FEATURE_Keys)) || !(\old(__ste_email_from0) <= 0)) || !(__GUIDSL_ROOT_PRODUCTION <= 0)) || !(__ste_client_forwardReceiver1 <= 0)) || !(__ste_email_body1 <= 0)) || !(__ste_Client_Keyring2_PublicKey2 <= 0)) || !(__ste_email_isEncrypted0 <= 0)) || !(__ste_client_autoResponse2 <= 0)) || !(__ste_Client_Keyring2_PublicKey0 <= 0)) || !(0 <= __ste_Client_Keyring1_User0)) || !(0 <= __ste_client_name0)) || !(0 <= __ste_client_outbuffer0)) || !(0 <= __ste_client_autoResponse1)) || !(__ste_email_encryptionKey0 <= 0)) || !(0 <= __ste_client_autoResponse0)) || !(__ste_Client_Keyring0_User0 <= 0)) || !(__ste_client_outbuffer2 == 0)) || !(0 <= \old(__ste_email_to0))) || !(0 <= __ste_Client_AddressBook0_Address1)) || !(__ste_client_name1 <= 0)) || !(__ste_email_isSignatureVerified1 <= 0)) || !(__ste_Email_counter <= 0)) || !(__ste_Client_Keyring2_User0 == 0)) || !(0 <= __ste_email_signKey0)) || !(__GUIDSL_NON_TERMINAL_main <= 0)) || !(0 <= __ste_Client_AddressBook0_Address2)) || !(__ste_Client_Keyring0_PublicKey0 <= 0)) || !(__ste_Client_Keyring1_User2 <= 0)) || !(0 <= __ste_Client_Keyring2_PublicKey2)) || !(__ste_email_isSigned0 <= 0)) || !(__ste_email_id0 <= 0)) || !(__ste_email_signKey0 <= 0)) || !(3 <= __ste_client_idCounter2)) || !(0 <= __ste_email_isEncrypted0)) || !(0 <= __ste_email_subject0) [2022-11-19 08:34:16,576 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((!(__ste_client_privateKey0 <= 0) || !(1 <= \old(client))) || !(0 <= __ste_email_subject0)) || !(__ste_Client_AddressBook1_Address2 == 0)) || !(0 <= __ste_Client_AddressBook2_Address1)) || !(0 <= \old(queued_message))) || !(__ste_email_isEncrypted1 <= 0)) || !(0 <= __ste_client_privateKey0)) || !(__ste_email_subject1 <= 0)) || !(0 <= \old(__ste_email_from0))) || !(__ste_email_signKey1 <= 0)) || !(__SELECTED_FEATURE_Verify <= 0)) || !(0 <= __ste_email_subject1)) || !(0 <= __ste_Client_AddressBook1_Address1)) || !(0 <= head)) || !(__ste_client_name2 == 0)) || !(__ste_Client_AddressBook1_Alias1 == 0)) || !(__SELECTED_FEATURE_AutoResponder <= 0)) || !(__ste_Client_AddressBook0_Alias1 <= 0)) || !(0 <= #NULL)) || !(__ste_client_privateKey1 <= 0)) || !(__ste_Client_AddressBook2_Alias0 <= 0)) || !(0 <= __ste_client_forwardReceiver1)) || !(0 <= __ste_client_privateKey1)) || !(__ste_Client_counter == 0)) || !(0 <= __ste_email_id1)) || !(__ste_Client_AddressBook2_Address1 <= 0)) || !(3 <= chuck)) || !(\old(queued_message) <= 0)) || !(__ste_ClientAddressBook_size1 <= 0)) || !(__ste_Client_Keyring1_PublicKey1 == 0)) || !(0 <= __ste_Client_Keyring0_User0)) || !(0 <= __ste_email_body1)) || !(\old(queued_client) <= 0)) || !(__ste_ClientAddressBook_size2 == 0)) || !(0 <= __ste_email_encryptionKey0)) || !(0 <= __ste_Client_Keyring1_User2)) || !(__ste_ClientKeyring_size0 <= 0)) || !(0 <= __SELECTED_FEATURE_AddressBook)) || !(__SELECTED_FEATURE_Decrypt <= 0)) || !(0 <= __ste_Client_AddressBook2_Address0)) || !(__ste_client_outbuffer1 <= 0)) || !(__ste_Client_Keyring0_User2 == 0)) || !(0 <= __GUIDSL_ROOT_PRODUCTION)) || !(head <= 0)) || !(__ste_Client_AddressBook2_Alias2 == 0)) || !(__ste_Client_Keyring0_PublicKey2 <= 0)) || !(0 <= __ste_Client_AddressBook2_Alias0)) || !(2 <= rjh)) || !(\old(msg) <= 1)) || !(bob <= 1)) || !(0 <= __ste_ClientKeyring_size1)) || !(__ste_Client_AddressBook2_Address0 <= 0)) || !(\old(client) <= 1)) || !(0 <= __SELECTED_FEATURE_AutoResponder)) || !(__ste_ClientAddressBook_size0 <= 0)) || !(rjh <= 2)) || !(0 <= __ste_Client_AddressBook0_Alias2)) || !(0 <= __ste_email_isSignatureVerified0)) || !(__SELECTED_FEATURE_Forward == 0)) || !(__ste_Client_AddressBook2_Alias1 <= 0)) || !(0 <= __ste_Client_Keyring2_PublicKey0)) || !(__ste_Client_AddressBook1_Alias0 <= 0)) || !(__ste_Client_AddressBook1_Address1 <= 0)) || !(__ste_email_body1 == 0)) || !(0 <= __SELECTED_FEATURE_Decrypt)) || !(__ste_client_forwardReceiver0 == 0)) || !(__ste_email_body0 == 0)) || !(0 <= __ste_Client_Keyring1_PublicKey2)) || !(0 <= __ste_Client_Keyring0_PublicKey2)) || !(0 <= __GUIDSL_NON_TERMINAL_main)) || !(__ste_client_name2 <= 0)) || !(1 <= bob)) || !(head == 0)) || !(__ste_email_subject0 <= 0)) || !(0 <= __ste_Client_Keyring2_User1)) || !(0 <= __ste_client_name2)) || !(__ste_client_forwardReceiver3 <= 0)) || !(\old(__ste_email_to0) <= 2)) || !(1 <= \old(msg))) || !(0 <= __ste_email_isSignatureVerified1)) || !(__SELECTED_FEATURE_Sign == 0)) || !(0 <= __ste_email_signKey1)) || !(0 <= __ste_client_outbuffer1)) || !(0 <= __ste_ClientAddressBook_size1)) || !(0 <= __ste_client_name0)) || !(0 <= \old(queued_client))) || !(0 <= __ste_Client_AddressBook1_Alias0)) || !(__ste_Client_Keyring1_User1 == 0)) || !(__ste_client_outbuffer0 <= 0)) || !(__ste_client_name0 <= 0)) || !(__ste_email_id1 <= 0)) || !(__SELECTED_FEATURE_Encrypt <= 0)) || !(__ste_client_privateKey2 <= 0)) || !(0 <= __ste_email_isSigned0)) || !(0 <= __ste_client_autoResponse2)) || !(__ste_Client_AddressBook0_Alias0 == 0)) || !(__ste_Client_Keyring1_PublicKey2 <= 0)) || !(__ste_Client_Keyring1_PublicKey0 <= 0)) || !(__ste_client_outbuffer3 == 0)) || !(__ste_client_autoResponse0 <= 0)) || !(__ste_Client_AddressBook0_Alias2 <= 0)) || !(0 <= __ste_client_privateKey2)) || !(__ste_ClientKeyring_size1 <= 0)) || !(__ste_client_name0 <= 0)) || !(__ste_Client_Keyring2_PublicKey1 == 0)) || !(__SELECTED_FEATURE_Base == 0)) || !(__ste_Client_AddressBook1_Alias2 <= 0)) || !(__ste_email_encryptionKey1 == 0)) || !(#NULL <= 0)) || !(__ste_Client_AddressBook0_Address1 <= 0)) || !(0 <= __ste_client_forwardReceiver2)) || !(__ste_email_subject0 <= 0)) || !(0 <= __ste_Email_counter)) || !(0 <= __SELECTED_FEATURE_Encrypt)) || !(__ste_Client_Keyring1_User0 <= 0)) || (((((((((((((((((((((((((((((((((((((((((((((((((((((((((2 <= tmp && \old(client) == client) && \old(client) == client) && 1 <= \old(client)) && \old(msg) <= 1) && 0 <= 2147483648 + \result) && \old(handle) == client) && \old(handle) == handle) && 1 <= msg) && \old(client) == client) && msg == \old(msg)) && client == \old(client)) && \old(client) == tmp) && queued_message <= 0) && \old(msg) == msg) && __ste_email_from0 <= 2147483647) && client == \old(client)) && 1 <= client) && 0 <= __ste_email_from0 + 2147483648) && msg == \old(msg)) && \result <= 2147483647) && client == \old(client)) && \old(msg) == msg) && queue_empty <= 1) && 1 <= handle) && \result == tmp) && \result == retValue_acc) && 1 <= \old(msg)) && msg == \old(msg)) && __ste_client_idCounter0 <= 2147483647) && msg == \old(msg)) && 1 <= queue_empty) && 0 <= retValue_acc + 2147483648) && 0 <= queued_message) && tmp <= 2) && \old(handle) <= 1) && tmp <= 2147483647) && 1 <= msg) && client <= 1) && 0 <= queued_client) && \old(msg) == msg) && msg <= 1) && msg == \old(msg)) && \old(client) <= 1) && client == \old(client)) && msg <= 1) && retValue_acc == __ste_client_autoResponse1) && retValue_acc <= 2147483647) && 1 <= \old(handle)) && handle <= 1) && client <= 1) && \result <= 2147483647) && 0 <= __ste_client_idCounter0 + 2147483648) && 2 <= __ste_email_to0) && __ste_email_to0 <= 2) && 1 <= client) && 0 <= tmp + 2147483648) && queued_client <= 0)) || !(0 <= __ste_email_isEncrypted1)) || !(#NULL == 0)) || !(__ste_Client_Keyring0_PublicKey1 == 0)) || !(__ste_Client_Keyring0_User1 == 0)) || !(0 <= __ste_ClientKeyring_size0)) || !(__ste_Client_AddressBook0_Address2 <= 0)) || !(chuck <= 3)) || !(0 <= __SELECTED_FEATURE_Verify)) || !(__ste_Client_Keyring2_User1 <= 0)) || !(0 <= __ste_client_forwardReceiver3)) || !(0 <= __ste_Client_AddressBook2_Alias1)) || !(__ste_Client_Keyring2_User2 <= 0)) || !(0 <= __ste_email_isSigned1)) || !(__SELECTED_FEATURE_AddressBook <= 0)) || !(__ste_email_subject1 == 0)) || !(0 <= __ste_Client_AddressBook1_Alias2)) || !(__ste_email_isSigned1 <= 0)) || !(__ste_Client_AddressBook2_Address2 == 0)) || !(__ste_client_name1 == 0)) || 1 == tmp) || !(__ste_client_forwardReceiver2 <= 0)) || !(0 <= __ste_Client_Keyring2_User2)) || !(__SELECTED_FEATURE_Keys <= 0)) || !(__ste_email_body0 == 0)) || !(__ste_ClientKeyring_size2 == 0)) || !(0 <= __ste_Client_Keyring0_PublicKey0)) || !(0 <= __ste_client_name1)) || !(\old(queue_empty) <= 1)) || !(__ste_Client_AddressBook0_Address0 <= 0)) || !(0 <= __ste_Client_AddressBook0_Address0)) || !(__ste_client_idCounter2 <= 3)) || !(__ste_Client_AddressBook1_Address0 == 0)) || !(0 <= __ste_Client_AddressBook0_Alias1)) || !(2 <= \old(__ste_email_to0))) || !(0 <= __ste_email_id0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(__ste_email_isSignatureVerified0 <= 0)) || !(0 <= __ste_Client_Keyring1_PublicKey0)) || !(0 <= __ste_ClientAddressBook_size0)) || !(1 <= \old(queue_empty))) || !(0 <= __SELECTED_FEATURE_Keys)) || !(\old(__ste_email_from0) <= 0)) || !(__GUIDSL_ROOT_PRODUCTION <= 0)) || !(__ste_client_forwardReceiver1 <= 0)) || !(__ste_email_body1 <= 0)) || !(__ste_Client_Keyring2_PublicKey2 <= 0)) || !(__ste_email_isEncrypted0 <= 0)) || !(__ste_client_autoResponse2 <= 0)) || !(__ste_Client_Keyring2_PublicKey0 <= 0)) || !(0 <= __ste_Client_Keyring1_User0)) || !(0 <= __ste_client_name0)) || !(0 <= __ste_client_outbuffer0)) || !(0 <= __ste_client_autoResponse1)) || !(__ste_email_encryptionKey0 <= 0)) || !(0 <= __ste_client_autoResponse0)) || !(__ste_Client_Keyring0_User0 <= 0)) || !(__ste_client_outbuffer2 == 0)) || !(0 <= __ste_Client_AddressBook0_Address1)) || !(__ste_client_name1 <= 0)) || !(__ste_email_isSignatureVerified1 <= 0)) || !(__ste_Email_counter <= 0)) || !(__ste_Client_Keyring2_User0 == 0)) || !(0 <= __ste_email_signKey0)) || !(__GUIDSL_NON_TERMINAL_main <= 0)) || !(0 <= __ste_Client_AddressBook0_Address2)) || !(__ste_Client_Keyring0_PublicKey0 <= 0)) || !(__ste_Client_Keyring1_User2 <= 0)) || !(0 <= __ste_Client_Keyring2_PublicKey2)) || !(__ste_email_isSigned0 <= 0)) || !(__ste_email_id0 <= 0)) || !(__ste_email_signKey0 <= 0)) || !(3 <= __ste_client_idCounter2)) || !(0 <= __ste_email_isEncrypted0)) || !(0 <= __ste_email_subject0) [2022-11-19 08:34:16,576 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((!(__ste_client_privateKey0 <= 0) || !(1 <= \old(client))) || !(0 <= __ste_email_subject0)) || !(__ste_Client_AddressBook1_Address2 == 0)) || !(0 <= __ste_Client_AddressBook2_Address1)) || !(0 <= \old(queued_message))) || !(__ste_email_isEncrypted1 <= 0)) || !(0 <= __ste_client_privateKey0)) || !(__ste_email_subject1 <= 0)) || !(0 <= \old(__ste_email_from0))) || !(__ste_email_signKey1 <= 0)) || !(__SELECTED_FEATURE_Verify <= 0)) || !(0 <= __ste_email_subject1)) || !(0 <= __ste_Client_AddressBook1_Address1)) || !(0 <= head)) || !(__ste_client_name2 == 0)) || !(__ste_Client_AddressBook1_Alias1 == 0)) || !(__SELECTED_FEATURE_AutoResponder <= 0)) || !(__ste_Client_AddressBook0_Alias1 <= 0)) || !(0 <= #NULL)) || !(__ste_client_privateKey1 <= 0)) || !(__ste_Client_AddressBook2_Alias0 <= 0)) || !(0 <= __ste_client_forwardReceiver1)) || !(0 <= __ste_client_privateKey1)) || !(__ste_Client_counter == 0)) || !(0 <= __ste_email_id1)) || !(__ste_Client_AddressBook2_Address1 <= 0)) || !(3 <= chuck)) || !(\old(queued_message) <= 0)) || !(__ste_ClientAddressBook_size1 <= 0)) || !(__ste_Client_Keyring1_PublicKey1 == 0)) || !(0 <= __ste_Client_Keyring0_User0)) || !(0 <= __ste_email_body1)) || !(\old(queued_client) <= 0)) || !(__ste_ClientAddressBook_size2 == 0)) || !(0 <= __ste_email_encryptionKey0)) || !(0 <= __ste_Client_Keyring1_User2)) || !(__ste_ClientKeyring_size0 <= 0)) || !(0 <= __SELECTED_FEATURE_AddressBook)) || !(__SELECTED_FEATURE_Decrypt <= 0)) || !(0 <= __ste_Client_AddressBook2_Address0)) || !(__ste_client_outbuffer1 <= 0)) || !(__ste_Client_Keyring0_User2 == 0)) || !(0 <= __GUIDSL_ROOT_PRODUCTION)) || !(head <= 0)) || !(__ste_Client_AddressBook2_Alias2 == 0)) || !(__ste_Client_Keyring0_PublicKey2 <= 0)) || !(0 <= __ste_Client_AddressBook2_Alias0)) || !(2 <= rjh)) || !(\old(msg) <= 1)) || !(bob <= 1)) || !(0 <= __ste_ClientKeyring_size1)) || !(__ste_Client_AddressBook2_Address0 <= 0)) || !(\old(client) <= 1)) || !(0 <= __SELECTED_FEATURE_AutoResponder)) || !(__ste_ClientAddressBook_size0 <= 0)) || !(rjh <= 2)) || !(0 <= __ste_Client_AddressBook0_Alias2)) || !(0 <= __ste_email_isSignatureVerified0)) || !(__SELECTED_FEATURE_Forward == 0)) || !(__ste_Client_AddressBook2_Alias1 <= 0)) || !(0 <= __ste_Client_Keyring2_PublicKey0)) || !(__ste_Client_AddressBook1_Alias0 <= 0)) || !(__ste_Client_AddressBook1_Address1 <= 0)) || !(__ste_email_body1 == 0)) || !(0 <= __SELECTED_FEATURE_Decrypt)) || !(__ste_client_forwardReceiver0 == 0)) || !(__ste_email_body0 == 0)) || !(0 <= __ste_Client_Keyring1_PublicKey2)) || !(0 <= __ste_Client_Keyring0_PublicKey2)) || !(0 <= __GUIDSL_NON_TERMINAL_main)) || !(__ste_client_name2 <= 0)) || !(1 <= bob)) || !(head == 0)) || !(__ste_email_subject0 <= 0)) || !(0 <= __ste_Client_Keyring2_User1)) || !(0 <= __ste_client_name2)) || !(__ste_client_forwardReceiver3 <= 0)) || !(\old(__ste_email_to0) <= 2)) || !(1 <= \old(msg))) || !(0 <= __ste_email_isSignatureVerified1)) || !(__SELECTED_FEATURE_Sign == 0)) || !(0 <= __ste_email_signKey1)) || !(0 <= __ste_client_outbuffer1)) || !(0 <= __ste_ClientAddressBook_size1)) || !(0 <= __ste_client_name0)) || !(0 <= \old(queued_client))) || !(0 <= __ste_Client_AddressBook1_Alias0)) || !(__ste_Client_Keyring1_User1 == 0)) || !(__ste_client_outbuffer0 <= 0)) || !(__ste_client_name0 <= 0)) || !(__ste_email_id1 <= 0)) || !(__SELECTED_FEATURE_Encrypt <= 0)) || !(__ste_client_privateKey2 <= 0)) || !(0 <= __ste_email_isSigned0)) || !(0 <= __ste_client_autoResponse2)) || !(__ste_Client_AddressBook0_Alias0 == 0)) || !(__ste_Client_Keyring1_PublicKey2 <= 0)) || !(__ste_Client_Keyring1_PublicKey0 <= 0)) || !(__ste_client_outbuffer3 == 0)) || !(__ste_client_autoResponse0 <= 0)) || !(__ste_Client_AddressBook0_Alias2 <= 0)) || !(0 <= __ste_client_privateKey2)) || !(__ste_ClientKeyring_size1 <= 0)) || !(__ste_client_name0 <= 0)) || !(__ste_Client_Keyring2_PublicKey1 == 0)) || !(__SELECTED_FEATURE_Base == 0)) || !(__ste_Client_AddressBook1_Alias2 <= 0)) || !(__ste_email_encryptionKey1 == 0)) || !(#NULL <= 0)) || !(__ste_Client_AddressBook0_Address1 <= 0)) || !(0 <= __ste_client_forwardReceiver2)) || !(__ste_email_subject0 <= 0)) || !(0 <= __ste_Email_counter)) || !(0 <= __SELECTED_FEATURE_Encrypt)) || !(__ste_Client_Keyring1_User0 <= 0)) || !(0 <= __ste_email_isEncrypted1)) || !(#NULL == 0)) || !(__ste_Client_Keyring0_PublicKey1 == 0)) || !(__ste_Client_Keyring0_User1 == 0)) || !(0 <= __ste_ClientKeyring_size0)) || !(__ste_Client_AddressBook0_Address2 <= 0)) || !(chuck <= 3)) || !(0 <= __SELECTED_FEATURE_Verify)) || !(__ste_Client_Keyring2_User1 <= 0)) || !(0 <= __ste_client_forwardReceiver3)) || !(0 <= __ste_Client_AddressBook2_Alias1)) || !(__ste_Client_Keyring2_User2 <= 0)) || ((((((queued_message == \old(queued_message) && __ste_email_to0 == \old(__ste_email_to0)) && __ste_email_to1 == \old(__ste_email_to1)) && \old(__ste_email_from0) == __ste_email_from0) && \old(__ste_email_from1) == __ste_email_from1) && \old(queue_empty) == queue_empty) && queued_client == \old(queued_client))) || !(0 <= __ste_email_isSigned1)) || !(__SELECTED_FEATURE_AddressBook <= 0)) || !(__ste_email_subject1 == 0)) || !(0 <= __ste_Client_AddressBook1_Alias2)) || !(__ste_email_isSigned1 <= 0)) || !(__ste_Client_AddressBook2_Address2 == 0)) || !(__ste_client_name1 == 0)) || !(__ste_client_forwardReceiver2 <= 0)) || !(0 <= __ste_Client_Keyring2_User2)) || !(__SELECTED_FEATURE_Keys <= 0)) || !(__ste_email_body0 == 0)) || !(__ste_ClientKeyring_size2 == 0)) || !(0 <= __ste_Client_Keyring0_PublicKey0)) || !(0 <= __ste_client_name1)) || !(\old(queue_empty) <= 1)) || !(__ste_Client_AddressBook0_Address0 <= 0)) || !(0 <= __ste_Client_AddressBook0_Address0)) || !(__ste_client_idCounter2 <= 3)) || !(__ste_Client_AddressBook1_Address0 == 0)) || !(0 <= __ste_Client_AddressBook0_Alias1)) || !(2 <= \old(__ste_email_to0))) || !(0 <= __ste_email_id0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(__ste_email_isSignatureVerified0 <= 0)) || !(0 <= __ste_Client_Keyring1_PublicKey0)) || !(0 <= __ste_ClientAddressBook_size0)) || !(1 <= \old(queue_empty))) || !(0 <= __SELECTED_FEATURE_Keys)) || !(\old(__ste_email_from0) <= 0)) || !(__GUIDSL_ROOT_PRODUCTION <= 0)) || !(__ste_client_forwardReceiver1 <= 0)) || !(__ste_email_body1 <= 0)) || !(__ste_Client_Keyring2_PublicKey2 <= 0)) || !(__ste_email_isEncrypted0 <= 0)) || !(__ste_client_autoResponse2 <= 0)) || !(__ste_Client_Keyring2_PublicKey0 <= 0)) || !(0 <= __ste_Client_Keyring1_User0)) || !(0 <= __ste_client_name0)) || !(0 <= __ste_client_outbuffer0)) || !(0 <= __ste_client_autoResponse1)) || !(__ste_email_encryptionKey0 <= 0)) || !(0 <= __ste_client_autoResponse0)) || !(__ste_Client_Keyring0_User0 <= 0)) || !(__ste_client_outbuffer2 == 0)) || !(0 <= __ste_Client_AddressBook0_Address1)) || !(__ste_client_name1 <= 0)) || !(__ste_email_isSignatureVerified1 <= 0)) || !(__ste_Email_counter <= 0)) || !(__ste_Client_Keyring2_User0 == 0)) || !(0 <= __ste_email_signKey0)) || !(__GUIDSL_NON_TERMINAL_main <= 0)) || !(0 <= __ste_Client_AddressBook0_Address2)) || !(__ste_Client_Keyring0_PublicKey0 <= 0)) || !(__ste_Client_Keyring1_User2 <= 0)) || !(0 <= __ste_Client_Keyring2_PublicKey2)) || !(__ste_email_isSigned0 <= 0)) || !(__ste_email_id0 <= 0)) || !(__ste_email_signKey0 <= 0)) || !(3 <= __ste_client_idCounter2)) || !(0 <= __ste_email_isEncrypted0)) || !(0 <= __ste_email_subject0) [2022-11-19 08:34:16,576 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((!(__ste_client_privateKey0 <= 0) || !(1 <= \old(client))) || !(0 <= __ste_email_subject0)) || !(__ste_Client_AddressBook1_Address2 == 0)) || !(0 <= __ste_Client_AddressBook2_Address1)) || !(0 <= \old(queued_message))) || !(__ste_email_isEncrypted1 <= 0)) || !(0 <= __ste_client_privateKey0)) || !(__ste_email_subject1 <= 0)) || !(0 <= \old(__ste_email_from0))) || !(__ste_email_signKey1 <= 0)) || !(__SELECTED_FEATURE_Verify <= 0)) || !(0 <= __ste_email_subject1)) || !(0 <= __ste_Client_AddressBook1_Address1)) || !(0 <= head)) || !(__ste_client_name2 == 0)) || !(__ste_Client_AddressBook1_Alias1 == 0)) || !(__SELECTED_FEATURE_AutoResponder <= 0)) || !(__ste_Client_AddressBook0_Alias1 <= 0)) || !(0 <= #NULL)) || !(__ste_client_privateKey1 <= 0)) || !(__ste_Client_AddressBook2_Alias0 <= 0)) || !(0 <= __ste_client_forwardReceiver1)) || !(0 <= __ste_client_privateKey1)) || !(__ste_Client_counter == 0)) || !(0 <= __ste_email_id1)) || !(__ste_Client_AddressBook2_Address1 <= 0)) || !(3 <= chuck)) || !(\old(queued_message) <= 0)) || !(__ste_ClientAddressBook_size1 <= 0)) || !(__ste_Client_Keyring1_PublicKey1 == 0)) || !(0 <= __ste_Client_Keyring0_User0)) || !(0 <= __ste_email_body1)) || !(\old(queued_client) <= 0)) || !(__ste_ClientAddressBook_size2 == 0)) || !(0 <= __ste_email_encryptionKey0)) || !(0 <= __ste_Client_Keyring1_User2)) || !(__ste_ClientKeyring_size0 <= 0)) || !(0 <= __SELECTED_FEATURE_AddressBook)) || !(__SELECTED_FEATURE_Decrypt <= 0)) || !(0 <= __ste_Client_AddressBook2_Address0)) || !(__ste_client_outbuffer1 <= 0)) || !(__ste_Client_Keyring0_User2 == 0)) || !(0 <= __GUIDSL_ROOT_PRODUCTION)) || !(head <= 0)) || !(__ste_Client_AddressBook2_Alias2 == 0)) || !(__ste_Client_Keyring0_PublicKey2 <= 0)) || !(0 <= __ste_Client_AddressBook2_Alias0)) || !(2 <= rjh)) || !(\old(msg) <= 1)) || !(bob <= 1)) || !(0 <= __ste_ClientKeyring_size1)) || !(__ste_Client_AddressBook2_Address0 <= 0)) || !(\old(client) <= 1)) || !(0 <= __SELECTED_FEATURE_AutoResponder)) || !(__ste_ClientAddressBook_size0 <= 0)) || !(rjh <= 2)) || !(0 <= __ste_Client_AddressBook0_Alias2)) || !(0 <= __ste_email_isSignatureVerified0)) || !(__SELECTED_FEATURE_Forward == 0)) || !(__ste_Client_AddressBook2_Alias1 <= 0)) || !(0 <= __ste_Client_Keyring2_PublicKey0)) || !(__ste_Client_AddressBook1_Alias0 <= 0)) || !(__ste_Client_AddressBook1_Address1 <= 0)) || !(__ste_email_body1 == 0)) || !(0 <= __SELECTED_FEATURE_Decrypt)) || !(__ste_client_forwardReceiver0 == 0)) || !(__ste_email_body0 == 0)) || !(0 <= __ste_Client_Keyring1_PublicKey2)) || !(0 <= __ste_Client_Keyring0_PublicKey2)) || !(0 <= __GUIDSL_NON_TERMINAL_main)) || !(__ste_client_name2 <= 0)) || !(1 <= bob)) || !(head == 0)) || !(__ste_email_subject0 <= 0)) || !(0 <= __ste_Client_Keyring2_User1)) || !(0 <= __ste_client_name2)) || !(__ste_client_forwardReceiver3 <= 0)) || !(\old(__ste_email_to0) <= 2)) || !(1 <= \old(msg))) || !(0 <= __ste_email_isSignatureVerified1)) || !(__SELECTED_FEATURE_Sign == 0)) || !(0 <= __ste_email_signKey1)) || !(0 <= __ste_client_outbuffer1)) || !(0 <= __ste_ClientAddressBook_size1)) || !(0 <= __ste_client_name0)) || !(0 <= \old(queued_client))) || !(0 <= __ste_Client_AddressBook1_Alias0)) || !(__ste_Client_Keyring1_User1 == 0)) || !(__ste_client_outbuffer0 <= 0)) || !(__ste_client_name0 <= 0)) || !(__ste_email_id1 <= 0)) || !(__SELECTED_FEATURE_Encrypt <= 0)) || !(__ste_client_privateKey2 <= 0)) || !(0 <= __ste_email_isSigned0)) || !(0 <= __ste_client_autoResponse2)) || !(__ste_Client_AddressBook0_Alias0 == 0)) || !(__ste_Client_Keyring1_PublicKey2 <= 0)) || !(__ste_Client_Keyring1_PublicKey0 <= 0)) || !(__ste_client_outbuffer3 == 0)) || !(__ste_client_autoResponse0 <= 0)) || !(__ste_Client_AddressBook0_Alias2 <= 0)) || !(0 <= __ste_client_privateKey2)) || !(__ste_ClientKeyring_size1 <= 0)) || !(__ste_client_name0 <= 0)) || !(__ste_Client_Keyring2_PublicKey1 == 0)) || !(__SELECTED_FEATURE_Base == 0)) || !(__ste_Client_AddressBook1_Alias2 <= 0)) || !(__ste_email_encryptionKey1 == 0)) || !(#NULL <= 0)) || !(__ste_Client_AddressBook0_Address1 <= 0)) || !(0 <= __ste_client_forwardReceiver2)) || !(__ste_email_subject0 <= 0)) || !(0 <= __ste_Email_counter)) || !(0 <= __SELECTED_FEATURE_Encrypt)) || !(__ste_Client_Keyring1_User0 <= 0)) || !(0 <= __ste_email_isEncrypted1)) || !(#NULL == 0)) || !(__ste_Client_Keyring0_PublicKey1 == 0)) || !(__ste_Client_Keyring0_User1 == 0)) || !(0 <= __ste_ClientKeyring_size0)) || !(__ste_Client_AddressBook0_Address2 <= 0)) || !(chuck <= 3)) || !(0 <= __SELECTED_FEATURE_Verify)) || !(__ste_Client_Keyring2_User1 <= 0)) || !(0 <= __ste_client_forwardReceiver3)) || !(0 <= __ste_Client_AddressBook2_Alias1)) || !(__ste_Client_Keyring2_User2 <= 0)) || !(0 <= __ste_email_isSigned1)) || !(__SELECTED_FEATURE_AddressBook <= 0)) || !(__ste_email_subject1 == 0)) || !(0 <= __ste_Client_AddressBook1_Alias2)) || (((((((((((((((((((((((((((((((((((1 <= \old(client) && \old(msg) <= 1) && 0 <= 2147483648 + \result) && 1 <= msg) && queued_message <= 0) && __ste_email_from0 <= 2147483647) && 1 <= client) && 0 <= __ste_email_from0 + 2147483648) && \result <= 2147483647) && queue_empty <= 1) && 1 <= handle) && aux-getEmailTo(msg)-aux <= 2) && 1 <= \old(msg)) && __ste_client_idCounter0 <= 2147483647) && 1 <= queue_empty) && 0 <= retValue_acc + 2147483648) && 0 <= queued_message) && \old(handle) <= 1) && tmp <= 2147483647) && 1 <= msg) && client <= 1) && 0 <= queued_client) && msg <= 1) && \old(client) <= 1) && msg <= 1) && 2 <= aux-getEmailTo(msg)-aux) && retValue_acc <= 2147483647) && 1 <= \old(handle)) && handle <= 1) && client <= 1) && 0 <= __ste_client_idCounter0 + 2147483648) && 2 <= __ste_email_to0) && __ste_email_to0 <= 2) && 1 <= client) && 0 <= tmp + 2147483648) && queued_client <= 0)) || !(__ste_email_isSigned1 <= 0)) || !(__ste_Client_AddressBook2_Address2 == 0)) || !(__ste_client_name1 == 0)) || !(__ste_client_forwardReceiver2 <= 0)) || !(0 <= __ste_Client_Keyring2_User2)) || !(__SELECTED_FEATURE_Keys <= 0)) || !(__ste_email_body0 == 0)) || !(__ste_ClientKeyring_size2 == 0)) || !(0 <= __ste_Client_Keyring0_PublicKey0)) || !(0 <= __ste_client_name1)) || !(\old(queue_empty) <= 1)) || !(__ste_Client_AddressBook0_Address0 <= 0)) || !(0 <= __ste_Client_AddressBook0_Address0)) || !(__ste_client_idCounter2 <= 3)) || !(__ste_Client_AddressBook1_Address0 == 0)) || !(0 <= __ste_Client_AddressBook0_Alias1)) || !(2 <= \old(__ste_email_to0))) || !(0 <= __ste_email_id0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(__ste_email_isSignatureVerified0 <= 0)) || !(0 <= __ste_Client_Keyring1_PublicKey0)) || !(0 <= __ste_ClientAddressBook_size0)) || !(1 <= \old(queue_empty))) || !(0 <= __SELECTED_FEATURE_Keys)) || !(\old(__ste_email_from0) <= 0)) || !(__GUIDSL_ROOT_PRODUCTION <= 0)) || !(__ste_client_forwardReceiver1 <= 0)) || !(__ste_email_body1 <= 0)) || !(__ste_Client_Keyring2_PublicKey2 <= 0)) || !(__ste_email_isEncrypted0 <= 0)) || !(__ste_client_autoResponse2 <= 0)) || !(__ste_Client_Keyring2_PublicKey0 <= 0)) || !(0 <= __ste_Client_Keyring1_User0)) || !(0 <= __ste_client_name0)) || !(0 <= __ste_client_outbuffer0)) || !(0 <= __ste_client_autoResponse1)) || !(__ste_email_encryptionKey0 <= 0)) || !(0 <= __ste_client_autoResponse0)) || !(__ste_Client_Keyring0_User0 <= 0)) || !(__ste_client_outbuffer2 == 0)) || !(0 <= __ste_Client_AddressBook0_Address1)) || !(__ste_client_name1 <= 0)) || !(__ste_email_isSignatureVerified1 <= 0)) || !(__ste_Email_counter <= 0)) || !(__ste_Client_Keyring2_User0 == 0)) || !(0 <= __ste_email_signKey0)) || !(__GUIDSL_NON_TERMINAL_main <= 0)) || !(0 <= __ste_Client_AddressBook0_Address2)) || !(__ste_Client_Keyring0_PublicKey0 <= 0)) || !(__ste_Client_Keyring1_User2 <= 0)) || !(0 <= __ste_Client_Keyring2_PublicKey2)) || !(__ste_email_isSigned0 <= 0)) || !(__ste_email_id0 <= 0)) || !(__ste_email_signKey0 <= 0)) || !(3 <= __ste_client_idCounter2)) || !(0 <= __ste_email_isEncrypted0)) || !(0 <= __ste_email_subject0) [2022-11-19 08:34:16,658 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS/witness.graphml [2022-11-19 08:34:16,658 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-19 08:34:16,659 INFO L158 Benchmark]: Toolchain (without parser) took 674358.89ms. Allocated memory was 142.6MB in the beginning and 960.5MB in the end (delta: 817.9MB). Free memory was 105.2MB in the beginning and 827.3MB in the end (delta: -722.1MB). Peak memory consumption was 96.4MB. Max. memory is 16.1GB. [2022-11-19 08:34:16,659 INFO L158 Benchmark]: CDTParser took 0.30ms. Allocated memory is still 81.8MB. Free memory was 35.9MB in the beginning and 35.9MB in the end (delta: 45.6kB). There was no memory consumed. Max. memory is 16.1GB. [2022-11-19 08:34:16,659 INFO L158 Benchmark]: CACSL2BoogieTranslator took 858.80ms. Allocated memory is still 142.6MB. Free memory was 105.2MB in the beginning and 92.5MB in the end (delta: 12.8MB). Peak memory consumption was 14.7MB. Max. memory is 16.1GB. [2022-11-19 08:34:16,660 INFO L158 Benchmark]: Boogie Procedure Inliner took 102.05ms. Allocated memory is still 142.6MB. Free memory was 91.9MB in the beginning and 87.7MB in the end (delta: 4.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-11-19 08:34:16,660 INFO L158 Benchmark]: Boogie Preprocessor took 46.77ms. Allocated memory is still 142.6MB. Free memory was 87.7MB in the beginning and 84.8MB in the end (delta: 2.8MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-11-19 08:34:16,661 INFO L158 Benchmark]: RCFGBuilder took 1261.25ms. Allocated memory was 142.6MB in the beginning and 182.5MB in the end (delta: 39.8MB). Free memory was 84.8MB in the beginning and 126.3MB in the end (delta: -41.5MB). Peak memory consumption was 50.5MB. Max. memory is 16.1GB. [2022-11-19 08:34:16,661 INFO L158 Benchmark]: TraceAbstraction took 671939.76ms. Allocated memory was 182.5MB in the beginning and 960.5MB in the end (delta: 778.0MB). Free memory was 125.2MB in the beginning and 838.8MB in the end (delta: -713.6MB). Peak memory consumption was 567.9MB. Max. memory is 16.1GB. [2022-11-19 08:34:16,661 INFO L158 Benchmark]: Witness Printer took 139.79ms. Allocated memory is still 960.5MB. Free memory was 838.8MB in the beginning and 827.3MB in the end (delta: 11.5MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2022-11-19 08:34:16,667 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.30ms. Allocated memory is still 81.8MB. Free memory was 35.9MB in the beginning and 35.9MB in the end (delta: 45.6kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 858.80ms. Allocated memory is still 142.6MB. Free memory was 105.2MB in the beginning and 92.5MB in the end (delta: 12.8MB). Peak memory consumption was 14.7MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 102.05ms. Allocated memory is still 142.6MB. Free memory was 91.9MB in the beginning and 87.7MB in the end (delta: 4.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Boogie Preprocessor took 46.77ms. Allocated memory is still 142.6MB. Free memory was 87.7MB in the beginning and 84.8MB in the end (delta: 2.8MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * RCFGBuilder took 1261.25ms. Allocated memory was 142.6MB in the beginning and 182.5MB in the end (delta: 39.8MB). Free memory was 84.8MB in the beginning and 126.3MB in the end (delta: -41.5MB). Peak memory consumption was 50.5MB. Max. memory is 16.1GB. * TraceAbstraction took 671939.76ms. Allocated memory was 182.5MB in the beginning and 960.5MB in the end (delta: 778.0MB). Free memory was 125.2MB in the beginning and 838.8MB in the end (delta: -713.6MB). Peak memory consumption was 567.9MB. Max. memory is 16.1GB. * Witness Printer took 139.79ms. Allocated memory is still 960.5MB. Free memory was 838.8MB in the beginning and 827.3MB in the end (delta: 11.5MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 2359]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 92 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 671.8s, OverallIterations: 7, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 160.6s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 86.7s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 648 SdHoareTripleChecker+Valid, 25.2s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 635 mSDsluCounter, 6817 SdHoareTripleChecker+Invalid, 23.6s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 6012 mSDsCounter, 74 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 6363 IncrementalHoareTripleChecker+Invalid, 6437 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 74 mSolverCounterUnsat, 805 mSDtfsCounter, 6363 mSolverCounterSat, 0.3s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 485 GetRequests, 355 SyntacticMatches, 2 SemanticMatches, 128 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1159 ImplicationChecksByTransitivity, 465.4s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=263occurred in iteration=6, InterpolantAutomatonStates: 114, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.8s AutomataMinimizationTime, 7 MinimizatonAttempts, 285 StatesRemovedByMinimization, 4 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 60 LocationsWithAnnotation, 517 PreInvPairs, 776 NumberOfFragments, 13356 HoareAnnotationTreeSize, 517 FomulaSimplifications, 3678 FormulaSimplificationTreeSizeReduction, 1.5s HoareSimplificationTime, 60 FomulaSimplificationsInter, 41942 FormulaSimplificationTreeSizeReductionInter, 85.0s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.2s SsaConstructionTime, 0.6s SatisfiabilityAnalysisTime, 1.4s InterpolantComputationTime, 486 NumberOfCodeBlocks, 486 NumberOfCodeBlocksAsserted, 10 NumberOfCheckSat, 621 ConstructedInterpolants, 0 QuantifiedInterpolants, 779 SizeOfPredicates, 0 NumberOfNonLiveVariables, 2356 ConjunctsInSsa, 10 ConjunctsInUnsatCore, 13 InterpolantComputations, 4 PerfectInterpolantSequences, 121/149 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: OVERALL_TIME: 87.9s, ICFG_INTERPRETER_ENTERED_PROCEDURES: 18, DAG_INTERPRETER_EARLY_EXIT_QUERIES_NONTRIVIAL: 108, DAG_INTERPRETER_EARLY_EXITS: 3, TOOLS_POST_APPLICATIONS: 131, TOOLS_POST_TIME: 27.7s, TOOLS_POST_CALL_APPLICATIONS: 61, TOOLS_POST_CALL_TIME: 36.6s, TOOLS_POST_RETURN_APPLICATIONS: 38, TOOLS_POST_RETURN_TIME: 7.9s, TOOLS_QUANTIFIERELIM_APPLICATIONS: 228, TOOLS_QUANTIFIERELIM_TIME: 71.9s, TOOLS_QUANTIFIERELIM_MAX_TIME: 5.3s, FLUID_QUERY_TIME: 0.0s, FLUID_QUERIES: 352, FLUID_YES_ANSWERS: 0, DOMAIN_JOIN_APPLICATIONS: 59, DOMAIN_JOIN_TIME: 14.1s, DOMAIN_ALPHA_APPLICATIONS: 0, DOMAIN_ALPHA_TIME: 0.0s, DOMAIN_WIDEN_APPLICATIONS: 4, DOMAIN_WIDEN_TIME: 0.9s, DOMAIN_ISSUBSETEQ_APPLICATIONS: 10, DOMAIN_ISSUBSETEQ_TIME: 0.0s, DOMAIN_ISBOTTOM_APPLICATIONS: 108, DOMAIN_ISBOTTOM_TIME: 0.5s, LOOP_SUMMARIZER_APPLICATIONS: 6, LOOP_SUMMARIZER_CACHE_MISSES: 6, LOOP_SUMMARIZER_OVERALL_TIME: 9.8s, LOOP_SUMMARIZER_NEW_COMPUTATION_TIME: 9.8s, LOOP_SUMMARIZER_FIXPOINT_ITERATIONS: 10, CALL_SUMMARIZER_APPLICATIONS: 38, CALL_SUMMARIZER_CACHE_MISSES: 11, CALL_SUMMARIZER_OVERALL_TIME: 0.1s, CALL_SUMMARIZER_NEW_COMPUTATION_TIME: 0.1s, PROCEDURE_GRAPH_BUILDER_TIME: 0.0s, PATH_EXPR_TIME: 0.0s, REGEX_TO_DAG_TIME: 0.0s, DAG_COMPRESSION_TIME: 0.0s, DAG_COMPRESSION_PROCESSED_NODES: 1575, DAG_COMPRESSION_RETAINED_NODES: 342, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 1650]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1594]: Loop Invariant Derived loop invariant: ((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((!(__ste_client_privateKey0 <= 0) || !(1 <= \old(client))) || !(0 <= __ste_email_subject0)) || !(__ste_Client_AddressBook1_Address2 == 0)) || !(0 <= __ste_Client_AddressBook2_Address1)) || !(0 <= \old(queued_message))) || !(__ste_email_isEncrypted1 <= 0)) || !(0 <= __ste_client_privateKey0)) || !(__ste_email_subject1 <= 0)) || !(0 <= \old(__ste_email_from0))) || !(__ste_email_signKey1 <= 0)) || !(__SELECTED_FEATURE_Verify <= 0)) || !(0 <= __ste_email_subject1)) || !(0 <= __ste_Client_AddressBook1_Address1)) || !(0 <= head)) || !(__ste_client_name2 == 0)) || !(__ste_Client_AddressBook1_Alias1 == 0)) || !(__SELECTED_FEATURE_AutoResponder <= 0)) || !(__ste_Client_AddressBook0_Alias1 <= 0)) || !(0 <= #NULL)) || !(__ste_client_privateKey1 <= 0)) || !(__ste_Client_AddressBook2_Alias0 <= 0)) || !(0 <= __ste_client_forwardReceiver1)) || !(0 <= __ste_client_privateKey1)) || !(__ste_Client_counter == 0)) || !(0 <= __ste_email_id1)) || !(__ste_Client_AddressBook2_Address1 <= 0)) || !(3 <= chuck)) || !(\old(queued_message) <= 0)) || !(__ste_ClientAddressBook_size1 <= 0)) || !(__ste_Client_Keyring1_PublicKey1 == 0)) || !(0 <= __ste_Client_Keyring0_User0)) || !(0 <= __ste_email_body1)) || !(\old(queued_client) <= 0)) || !(__ste_ClientAddressBook_size2 == 0)) || !(0 <= __ste_email_encryptionKey0)) || !(0 <= __ste_Client_Keyring1_User2)) || !(__ste_ClientKeyring_size0 <= 0)) || !(0 <= __SELECTED_FEATURE_AddressBook)) || !(__SELECTED_FEATURE_Decrypt <= 0)) || !(0 <= __ste_Client_AddressBook2_Address0)) || !(__ste_client_outbuffer1 <= 0)) || !(__ste_Client_Keyring0_User2 == 0)) || !(0 <= __GUIDSL_ROOT_PRODUCTION)) || !(head <= 0)) || !(__ste_Client_AddressBook2_Alias2 == 0)) || !(__ste_Client_Keyring0_PublicKey2 <= 0)) || !(0 <= __ste_Client_AddressBook2_Alias0)) || !(2 <= rjh)) || !(\old(msg) <= 1)) || !(bob <= 1)) || !(0 <= __ste_ClientKeyring_size1)) || !(__ste_Client_AddressBook2_Address0 <= 0)) || !(\old(client) <= 1)) || !(0 <= __SELECTED_FEATURE_AutoResponder)) || !(__ste_ClientAddressBook_size0 <= 0)) || !(rjh <= 2)) || !(0 <= __ste_Client_AddressBook0_Alias2)) || !(0 <= __ste_email_isSignatureVerified0)) || !(__SELECTED_FEATURE_Forward == 0)) || !(__ste_Client_AddressBook2_Alias1 <= 0)) || !(0 <= __ste_Client_Keyring2_PublicKey0)) || !(__ste_Client_AddressBook1_Alias0 <= 0)) || !(__ste_Client_AddressBook1_Address1 <= 0)) || !(__ste_email_body1 == 0)) || !(0 <= __SELECTED_FEATURE_Decrypt)) || !(__ste_client_forwardReceiver0 == 0)) || !(__ste_email_body0 == 0)) || !(0 <= __ste_Client_Keyring1_PublicKey2)) || !(0 <= __ste_Client_Keyring0_PublicKey2)) || !(0 <= __GUIDSL_NON_TERMINAL_main)) || !(__ste_client_name2 <= 0)) || !(1 <= bob)) || !(head == 0)) || !(__ste_email_subject0 <= 0)) || !(0 <= __ste_Client_Keyring2_User1)) || !(0 <= __ste_client_name2)) || !(__ste_client_forwardReceiver3 <= 0)) || !(\old(__ste_email_to0) <= 2)) || !(1 <= \old(msg))) || !(0 <= __ste_email_isSignatureVerified1)) || !(__SELECTED_FEATURE_Sign == 0)) || !(0 <= __ste_email_signKey1)) || !(0 <= __ste_client_outbuffer1)) || !(0 <= __ste_ClientAddressBook_size1)) || !(0 <= __ste_client_name0)) || !(0 <= \old(queued_client))) || !(0 <= __ste_Client_AddressBook1_Alias0)) || !(__ste_Client_Keyring1_User1 == 0)) || !(__ste_client_outbuffer0 <= 0)) || !(__ste_client_name0 <= 0)) || !(__ste_email_id1 <= 0)) || !(__SELECTED_FEATURE_Encrypt <= 0)) || !(__ste_client_privateKey2 <= 0)) || !(0 <= __ste_email_isSigned0)) || !(0 <= __ste_client_autoResponse2)) || !(__ste_Client_AddressBook0_Alias0 == 0)) || !(__ste_Client_Keyring1_PublicKey2 <= 0)) || !(__ste_Client_Keyring1_PublicKey0 <= 0)) || !(__ste_client_outbuffer3 == 0)) || !(__ste_client_autoResponse0 <= 0)) || !(__ste_Client_AddressBook0_Alias2 <= 0)) || !(0 <= __ste_client_privateKey2)) || !(__ste_ClientKeyring_size1 <= 0)) || !(__ste_client_name0 <= 0)) || !(__ste_Client_Keyring2_PublicKey1 == 0)) || !(__SELECTED_FEATURE_Base == 0)) || !(__ste_Client_AddressBook1_Alias2 <= 0)) || !(__ste_email_encryptionKey1 == 0)) || !(#NULL <= 0)) || !(__ste_Client_AddressBook0_Address1 <= 0)) || !(0 <= __ste_client_forwardReceiver2)) || !(__ste_email_subject0 <= 0)) || !(0 <= __ste_Email_counter)) || !(0 <= __SELECTED_FEATURE_Encrypt)) || !(__ste_Client_Keyring1_User0 <= 0)) || !(0 <= __ste_email_isEncrypted1)) || !(#NULL == 0)) || !(__ste_Client_Keyring0_PublicKey1 == 0)) || !(__ste_Client_Keyring0_User1 == 0)) || !(0 <= __ste_ClientKeyring_size0)) || !(__ste_Client_AddressBook0_Address2 <= 0)) || !(chuck <= 3)) || !(0 <= __SELECTED_FEATURE_Verify)) || !(__ste_Client_Keyring2_User1 <= 0)) || !(0 <= __ste_client_forwardReceiver3)) || !(0 <= __ste_Client_AddressBook2_Alias1)) || !(__ste_Client_Keyring2_User2 <= 0)) || !(0 <= __ste_email_isSigned1)) || !(__SELECTED_FEATURE_AddressBook <= 0)) || !(__ste_email_subject1 == 0)) || !(0 <= __ste_Client_AddressBook1_Alias2)) || (((((((((((((((((((((((((((((((((((1 <= \old(client) && \old(msg) <= 1) && 0 <= 2147483648 + \result) && 1 <= msg) && queued_message <= 0) && __ste_email_from0 <= 2147483647) && 1 <= client) && 0 <= __ste_email_from0 + 2147483648) && \result <= 2147483647) && queue_empty <= 1) && 1 <= handle) && aux-getEmailTo(msg)-aux <= 2) && 1 <= \old(msg)) && __ste_client_idCounter0 <= 2147483647) && 1 <= queue_empty) && 0 <= retValue_acc + 2147483648) && 0 <= queued_message) && \old(handle) <= 1) && tmp <= 2147483647) && 1 <= msg) && client <= 1) && 0 <= queued_client) && msg <= 1) && \old(client) <= 1) && msg <= 1) && 2 <= aux-getEmailTo(msg)-aux) && retValue_acc <= 2147483647) && 1 <= \old(handle)) && handle <= 1) && client <= 1) && 0 <= __ste_client_idCounter0 + 2147483648) && 2 <= __ste_email_to0) && __ste_email_to0 <= 2) && 1 <= client) && 0 <= tmp + 2147483648) && queued_client <= 0)) || !(__ste_email_isSigned1 <= 0)) || !(__ste_Client_AddressBook2_Address2 == 0)) || !(__ste_client_name1 == 0)) || !(__ste_client_forwardReceiver2 <= 0)) || !(0 <= __ste_Client_Keyring2_User2)) || !(__SELECTED_FEATURE_Keys <= 0)) || !(__ste_email_body0 == 0)) || !(__ste_ClientKeyring_size2 == 0)) || !(0 <= __ste_Client_Keyring0_PublicKey0)) || !(0 <= __ste_client_name1)) || !(\old(queue_empty) <= 1)) || !(__ste_Client_AddressBook0_Address0 <= 0)) || !(0 <= __ste_Client_AddressBook0_Address0)) || !(__ste_client_idCounter2 <= 3)) || !(__ste_Client_AddressBook1_Address0 == 0)) || !(0 <= __ste_Client_AddressBook0_Alias1)) || !(2 <= \old(__ste_email_to0))) || !(0 <= __ste_email_id0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(__ste_email_isSignatureVerified0 <= 0)) || !(0 <= __ste_Client_Keyring1_PublicKey0)) || !(0 <= __ste_ClientAddressBook_size0)) || !(1 <= \old(queue_empty))) || !(0 <= __SELECTED_FEATURE_Keys)) || !(\old(__ste_email_from0) <= 0)) || !(__GUIDSL_ROOT_PRODUCTION <= 0)) || !(__ste_client_forwardReceiver1 <= 0)) || !(__ste_email_body1 <= 0)) || !(__ste_Client_Keyring2_PublicKey2 <= 0)) || !(__ste_email_isEncrypted0 <= 0)) || !(__ste_client_autoResponse2 <= 0)) || !(__ste_Client_Keyring2_PublicKey0 <= 0)) || !(0 <= __ste_Client_Keyring1_User0)) || !(0 <= __ste_client_name0)) || !(0 <= __ste_client_outbuffer0)) || !(0 <= __ste_client_autoResponse1)) || !(__ste_email_encryptionKey0 <= 0)) || !(0 <= __ste_client_autoResponse0)) || !(__ste_Client_Keyring0_User0 <= 0)) || !(__ste_client_outbuffer2 == 0)) || !(0 <= __ste_Client_AddressBook0_Address1)) || !(__ste_client_name1 <= 0)) || !(__ste_email_isSignatureVerified1 <= 0)) || !(__ste_Email_counter <= 0)) || !(__ste_Client_Keyring2_User0 == 0)) || !(0 <= __ste_email_signKey0)) || !(__GUIDSL_NON_TERMINAL_main <= 0)) || !(0 <= __ste_Client_AddressBook0_Address2)) || !(__ste_Client_Keyring0_PublicKey0 <= 0)) || !(__ste_Client_Keyring1_User2 <= 0)) || !(0 <= __ste_Client_Keyring2_PublicKey2)) || !(__ste_email_isSigned0 <= 0)) || !(__ste_email_id0 <= 0)) || !(__ste_email_signKey0 <= 0)) || !(3 <= __ste_client_idCounter2)) || !(0 <= __ste_email_isEncrypted0)) || !(0 <= __ste_email_subject0) - InvariantResult [Line: 2560]: Loop Invariant Derived loop invariant: ((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((!(__ste_client_privateKey0 <= 0) || !(0 <= __ste_email_subject0)) || !(__ste_Client_AddressBook1_Address2 == 0)) || !(0 <= __ste_Client_AddressBook2_Address1)) || !(0 <= \old(queued_message))) || !(__ste_email_isEncrypted1 <= 0)) || !(0 <= __ste_client_privateKey0)) || !(__ste_email_subject1 <= 0)) || !(0 <= \old(__ste_email_from0))) || !(__ste_email_signKey1 <= 0)) || !(__SELECTED_FEATURE_Verify <= 0)) || !(0 <= __ste_email_subject1)) || !(0 <= __ste_Client_AddressBook1_Address1)) || !(0 <= head)) || !(__ste_client_name2 == 0)) || !(__ste_Client_AddressBook1_Alias1 == 0)) || !(__SELECTED_FEATURE_AutoResponder <= 0)) || !(__ste_Client_AddressBook0_Alias1 <= 0)) || !(0 <= #NULL)) || !(__ste_client_privateKey1 <= 0)) || !(__ste_Client_AddressBook2_Alias0 <= 0)) || !(0 <= __ste_client_forwardReceiver1)) || !(0 <= __ste_client_privateKey1)) || !(__ste_Client_counter == 0)) || !(0 <= __ste_email_id1)) || !(__ste_Client_AddressBook2_Address1 <= 0)) || !(3 <= chuck)) || !(\old(queued_message) <= 0)) || !(__ste_ClientAddressBook_size1 <= 0)) || !(__ste_Client_Keyring1_PublicKey1 == 0)) || !(0 <= __ste_Client_Keyring0_User0)) || !(0 <= __ste_email_body1)) || !(\old(queued_client) <= 0)) || !(__ste_ClientAddressBook_size2 == 0)) || !(0 <= __ste_email_encryptionKey0)) || !(0 <= __ste_Client_Keyring1_User2)) || !(__ste_ClientKeyring_size0 <= 0)) || !(0 <= __SELECTED_FEATURE_AddressBook)) || (((((((((((((((((queued_message <= 0 && \old(receiver) == receiver) && from == __ste_email_from0) && to <= 2) && 0 <= queued_message) && from == \old(from)) && 1 <= sender) && sender <= 1) && \old(queue_empty) == queue_empty) && __ste_email_from0 <= 0) && queued_client == \old(queued_client)) && \old(to) <= 2) && 2 <= \old(to)) && 2 <= __ste_email_to0) && 2 <= to) && __ste_email_to0 <= 2) && 1 == msg) && 0 <= \old(from))) || !(__SELECTED_FEATURE_Decrypt <= 0)) || !(0 <= __ste_Client_AddressBook2_Address0)) || !(__ste_client_outbuffer1 <= 0)) || !(__ste_Client_Keyring0_User2 == 0)) || !(0 <= __GUIDSL_ROOT_PRODUCTION)) || !(head <= 0)) || !(__ste_Client_AddressBook2_Alias2 == 0)) || !(\old(__ste_email_to1) <= 0)) || !(__ste_Client_Keyring0_PublicKey2 <= 0)) || !(0 <= __ste_Client_AddressBook2_Alias0)) || !(2 <= rjh)) || !(bob <= 1)) || !(0 <= __ste_ClientKeyring_size1)) || !(__ste_Client_AddressBook2_Address0 <= 0)) || !(0 <= __SELECTED_FEATURE_AutoResponder)) || !(__ste_ClientAddressBook_size0 <= 0)) || !(rjh <= 2)) || !(0 <= __ste_Client_AddressBook0_Alias2)) || !(0 <= __ste_email_isSignatureVerified0)) || !(__SELECTED_FEATURE_Forward == 0)) || !(__ste_Client_AddressBook2_Alias1 <= 0)) || !(0 <= __ste_Client_Keyring2_PublicKey0)) || !(__ste_Client_AddressBook1_Alias0 <= 0)) || !(__ste_Client_AddressBook1_Address1 <= 0)) || !(__ste_email_body1 == 0)) || !(0 <= __SELECTED_FEATURE_Decrypt)) || !(__ste_client_forwardReceiver0 == 0)) || !(__ste_email_body0 == 0)) || !(0 <= __ste_Client_Keyring1_PublicKey2)) || !(0 <= __ste_Client_Keyring0_PublicKey2)) || !(0 <= __GUIDSL_NON_TERMINAL_main)) || !(__ste_client_name2 <= 0)) || !(1 <= bob)) || !(head == 0)) || !(__ste_email_subject0 <= 0)) || !(0 <= __ste_Client_Keyring2_User1)) || !(0 <= __ste_client_name2)) || !(__ste_client_forwardReceiver3 <= 0)) || !(0 <= __ste_email_isSignatureVerified1)) || !(__SELECTED_FEATURE_Sign == 0)) || !(0 <= __ste_email_signKey1)) || !(0 <= __ste_client_outbuffer1)) || !(bob == \old(sender))) || !(0 <= __ste_ClientAddressBook_size1)) || !(0 <= \old(__ste_email_to1))) || !(0 <= __ste_client_name0)) || !(0 <= \old(queued_client))) || !(0 <= __ste_Client_AddressBook1_Alias0)) || !(__ste_Client_Keyring1_User1 == 0)) || !(__ste_client_outbuffer0 <= 0)) || !(__ste_client_name0 <= 0)) || !(__ste_email_id1 <= 0)) || !(__SELECTED_FEATURE_Encrypt <= 0)) || !(__ste_client_privateKey2 <= 0)) || !(0 <= __ste_email_isSigned0)) || !(0 <= __ste_client_autoResponse2)) || !(__ste_Client_AddressBook0_Alias0 == 0)) || !(__ste_Client_Keyring1_PublicKey2 <= 0)) || !(__ste_Client_Keyring1_PublicKey0 <= 0)) || !(__ste_client_outbuffer3 == 0)) || !(__ste_client_autoResponse0 <= 0)) || !(__ste_Client_AddressBook0_Alias2 <= 0)) || !(0 <= __ste_client_privateKey2)) || !(\old(receiver) == rjh)) || !(__ste_ClientKeyring_size1 <= 0)) || !(__ste_client_name0 <= 0)) || !(__ste_Client_Keyring2_PublicKey1 == 0)) || !(__SELECTED_FEATURE_Base == 0)) || !(__ste_Client_AddressBook1_Alias2 <= 0)) || !(0 <= \old(__ste_email_from1))) || !(__ste_email_encryptionKey1 == 0)) || !(#NULL <= 0)) || !(__ste_Client_AddressBook0_Address1 <= 0)) || !(0 <= __ste_client_forwardReceiver2)) || !(__ste_email_subject0 <= 0)) || !(0 <= __ste_Email_counter)) || !(0 <= __SELECTED_FEATURE_Encrypt)) || !(__ste_Client_Keyring1_User0 <= 0)) || !(0 <= __ste_email_isEncrypted1)) || !(#NULL == 0)) || !(__ste_Client_Keyring0_PublicKey1 == 0)) || !(__ste_Client_Keyring0_User1 == 0)) || !(0 <= __ste_ClientKeyring_size0)) || !(__ste_Client_AddressBook0_Address2 <= 0)) || !(chuck <= 3)) || !(0 <= __SELECTED_FEATURE_Verify)) || !(__ste_Client_Keyring2_User1 <= 0)) || !(0 <= __ste_client_forwardReceiver3)) || !(0 <= __ste_Client_AddressBook2_Alias1)) || !(\old(__ste_email_to0) <= 0)) || !(__ste_Client_Keyring2_User2 <= 0)) || !(0 <= __ste_email_isSigned1)) || !(__SELECTED_FEATURE_AddressBook <= 0)) || !(__ste_email_subject1 == 0)) || !(0 <= __ste_Client_AddressBook1_Alias2)) || !(__ste_email_isSigned1 <= 0)) || !(__ste_Client_AddressBook2_Address2 == 0)) || !(__ste_client_name1 == 0)) || !(__ste_client_forwardReceiver2 <= 0)) || !(0 <= __ste_Client_Keyring2_User2)) || !(__SELECTED_FEATURE_Keys <= 0)) || !(__ste_email_body0 == 0)) || !(__ste_ClientKeyring_size2 == 0)) || !(0 <= __ste_Client_Keyring0_PublicKey0)) || !(\old(__ste_email_from1) <= 0)) || !(0 <= __ste_client_name1)) || !(\old(queue_empty) <= 1)) || !(__ste_Client_AddressBook0_Address0 <= 0)) || !(0 <= __ste_Client_AddressBook0_Address0)) || !(__ste_client_idCounter2 <= 3)) || !(__ste_Client_AddressBook1_Address0 == 0)) || !(0 <= __ste_Client_AddressBook0_Alias1)) || !(0 <= __ste_email_id0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(__ste_email_isSignatureVerified0 <= 0)) || !(0 <= __ste_Client_Keyring1_PublicKey0)) || !(0 <= __ste_ClientAddressBook_size0)) || !(1 <= \old(queue_empty))) || !(0 <= __SELECTED_FEATURE_Keys)) || !(\old(__ste_email_from0) <= 0)) || !(__GUIDSL_ROOT_PRODUCTION <= 0)) || !(__ste_client_forwardReceiver1 <= 0)) || !(__ste_email_body1 <= 0)) || !(__ste_Client_Keyring2_PublicKey2 <= 0)) || !(__ste_email_isEncrypted0 <= 0)) || !(__ste_client_autoResponse2 <= 0)) || !(__ste_Client_Keyring2_PublicKey0 <= 0)) || !(0 <= __ste_Client_Keyring1_User0)) || !(0 <= __ste_client_name0)) || !(0 <= __ste_client_outbuffer0)) || !(0 <= __ste_client_autoResponse1)) || !(__ste_email_encryptionKey0 <= 0)) || !(0 <= __ste_client_autoResponse0)) || !(__ste_Client_Keyring0_User0 <= 0)) || !(__ste_client_outbuffer2 == 0)) || !(0 <= \old(__ste_email_to0))) || !(0 <= __ste_Client_AddressBook0_Address1)) || !(__ste_client_name1 <= 0)) || !(__ste_email_isSignatureVerified1 <= 0)) || !(__ste_Email_counter <= 0)) || !(__ste_Client_Keyring2_User0 == 0)) || !(0 <= __ste_email_signKey0)) || !(__GUIDSL_NON_TERMINAL_main <= 0)) || !(0 <= __ste_Client_AddressBook0_Address2)) || !(__ste_Client_Keyring0_PublicKey0 <= 0)) || !(__ste_Client_Keyring1_User2 <= 0)) || !(0 <= __ste_Client_Keyring2_PublicKey2)) || !(__ste_email_isSigned0 <= 0)) || !(__ste_email_id0 <= 0)) || !(__ste_email_signKey0 <= 0)) || !(3 <= __ste_client_idCounter2)) || !(0 <= __ste_email_isEncrypted0)) || !(0 <= __ste_email_subject0) - InvariantResult [Line: 1662]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 2396]: Loop Invariant Derived loop invariant: (((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((queued_client == 0 && __ste_Client_Keyring1_User2 == 0) && __GUIDSL_NON_TERMINAL_main == 0) && __ste_email_isEncrypted1 == 0) && __ste_email_subject0 == 0) && __SELECTED_FEATURE_Sign == 0) && 0 == __ste_Client_AddressBook0_Address2) && __cil_tmp2 == 0) && __ste_client_outbuffer3 == 0) && 1 <= \result) && 1 <= \old(bob___0)) && __ste_Client_counter == 0) && __ste_Client_Keyring1_PublicKey2 == 0) && __ste_client_autoResponse1 == 0) && 2 <= rjh___0) && __ste_Client_AddressBook2_Alias0 == 0) && __cil_tmp1 == 0) && 0 == __ste_email_subject0) && __ste_Client_AddressBook2_Alias1 == 0) && __ste_Client_Keyring2_PublicKey2 == 0) && __ste_client_forwardReceiver3 == 0) && \old(bob___0) <= 1) && 1 == retValue_acc) && __ste_client_name2 == 0) && __ste_client_name1 == 0) && \old(chuck___0) <= 3) && __SELECTED_FEATURE_Verify == 0) && __ste_Client_Keyring1_User0 == 0) && __ste_client_idCounter2 <= 3) && __ste_email_body1 == 0) && __SELECTED_FEATURE_Encrypt == 0) && __ste_Client_AddressBook1_Address2 == 0) && 1 <= bob___0) && __ste_ClientAddressBook_size1 == 0) && __ste_Client_Keyring0_PublicKey0 == 0) && __ste_Email_counter == 0) && __ste_ClientKeyring_size1 == 0) && __ste_email_body0 == 0) && __ste_email_isSignatureVerified0 == 0) && __ste_Client_Keyring0_User2 == 0) && __ste_ClientAddressBook_size0 == 0) && retValue_acc <= 2147483647) && __ste_Client_Keyring0_User1 == 0) && __ste_Client_AddressBook1_Alias1 == 0) && __ste_email_to1 == 0) && __ste_client_name1 == 0) && __ste_client_privateKey1 == 0) && head == 0) && __ste_client_name0 == 0) && __ste_Client_Keyring0_PublicKey2 == 0) && __ste_Client_Keyring1_PublicKey0 == 0) && __ste_email_to0 == 0) && __ste_email_signKey0 == 0) && __SELECTED_FEATURE_Decrypt == 0) && __ste_email_encryptionKey0 == 0) && __SELECTED_FEATURE_Keys == 0) && __SELECTED_FEATURE_AddressBook == 0) && __ste_client_forwardReceiver2 == 0) && __ste_Client_Keyring0_PublicKey1 == 0) && __SELECTED_FEATURE_Forward == 0) && rjh___0 <= 2) && __ste_Client_Keyring0_User0 == 0) && __ste_email_isSigned0 == 0) && __ste_Client_Keyring2_PublicKey1 == 0) && __ste_email_isSigned1 == 0) && __ste_email_body0 == 0) && __ste_Client_AddressBook0_Alias0 == 0) && __ste_email_id0 == 0) && \old(rjh___0) <= 2) && __ste_client_privateKey0 == 0) && __ste_email_from0 == 0) && __ste_Client_Keyring2_User1 == 0) && bob___0 <= 1) && 3 <= __ste_client_idCounter2) && __ste_Client_AddressBook2_Address2 == 0) && \result <= 1) && 3 == chuck) && __ste_Client_AddressBook2_Address1 == 0) && bob == 1) && tmp <= 1) && __ste_client_forwardReceiver1 == 0) && 3 <= chuck___0) && __ste_Client_AddressBook1_Alias2 == 0) && __ste_client_outbuffer0 == 0) && queue_empty == 1) && __SELECTED_FEATURE_Base == 0) && __ste_client_forwardReceiver0 == 0) && 3 <= \old(chuck___0)) && __ste_Client_Keyring2_User0 == 0) && rjh == 2) && 0 == __ste_Client_AddressBook0_Address1) && __ste_Client_AddressBook2_Address0 == 0) && __ste_email_isSignatureVerified1 == 0) && __ste_Client_Keyring1_PublicKey1 == 0) && __ste_Client_Keyring2_PublicKey0 == 0) && __ste_Client_AddressBook1_Address0 == 0) && __ste_client_name2 == 0) && __ste_email_from1 == 0) && 2 <= \old(rjh___0)) && __ste_email_subject1 == 0) && __cil_tmp2 == 25) && __ste_Client_AddressBook1_Alias0 == 0) && __ste_Client_Keyring2_User2 == 0) && head == 0) && chuck___0 <= 3) && __ste_client_privateKey2 == 0) && __ste_Client_Keyring1_User1 == 0) && #NULL == 0) && __ste_Client_AddressBook2_Alias2 == 0) && 1 <= tmp) && __ste_email_subject1 == 0) && __ste_Client_AddressBook0_Alias2 == 0) && __ste_ClientKeyring_size0 == 0) && __ste_email_isEncrypted0 == 0) && queued_message == 0) && __ste_Client_AddressBook1_Address1 == 0) && 0 == __ste_Client_AddressBook0_Address0) && __ste_client_outbuffer1 == 0) && 0 <= 2147483648 + retValue_acc) && __ste_Client_AddressBook0_Alias1 == 0) && __GUIDSL_ROOT_PRODUCTION == 0) && __cil_tmp1 == 24) && __ste_client_name0 == 0) && __ste_email_id1 == 0) && __ste_client_outbuffer2 == 0) && 0 <= unknown-#StackHeapBarrier-unknown) && __ste_ClientAddressBook_size2 == 0) && __SELECTED_FEATURE_AutoResponder == 0) && __ste_email_encryptionKey1 == 0) && __ste_client_autoResponse0 == 0) && __ste_email_body1 == 0) && __ste_ClientKeyring_size2 == 0) && __ste_client_autoResponse2 == 0) && #NULL == 0) && __ste_email_signKey1 == 0 - InvariantResult [Line: 1867]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 2386]: Loop Invariant Derived loop invariant: (((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((queued_client == 0 && __ste_Client_Keyring1_User2 == 0) && __GUIDSL_NON_TERMINAL_main == 0) && __ste_email_isEncrypted1 == 0) && __ste_email_subject0 == 0) && __SELECTED_FEATURE_Sign == 0) && 0 == __ste_Client_AddressBook0_Address2) && __ste_client_outbuffer3 == 0) && 1 <= \result) && 1 <= \old(bob___0)) && __ste_Client_counter == 0) && __ste_Client_Keyring1_PublicKey2 == 0) && __ste_client_autoResponse1 == 0) && 2 <= rjh___0) && __ste_Client_AddressBook2_Alias0 == 0) && __cil_tmp1 == 0) && 0 == __ste_email_subject0) && __ste_client_idCounter1 <= 2) && __ste_Client_AddressBook2_Alias1 == 0) && __ste_Client_Keyring2_PublicKey2 == 0) && __ste_client_forwardReceiver3 == 0) && \old(bob___0) <= 1) && 1 == retValue_acc) && __ste_client_name2 == 0) && __ste_client_name1 == 0) && __SELECTED_FEATURE_Verify == 0) && __ste_Client_Keyring1_User0 == 0) && __ste_email_body1 == 0) && __SELECTED_FEATURE_Encrypt == 0) && __ste_Client_AddressBook1_Address2 == 0) && 1 <= bob___0) && __ste_ClientAddressBook_size1 == 0) && __ste_Client_Keyring0_PublicKey0 == 0) && __ste_Email_counter == 0) && __ste_ClientKeyring_size1 == 0) && __ste_email_body0 == 0) && __ste_email_isSignatureVerified0 == 0) && __ste_Client_Keyring0_User2 == 0) && __ste_ClientAddressBook_size0 == 0) && retValue_acc <= 2147483647) && __ste_Client_Keyring0_User1 == 0) && __ste_Client_AddressBook1_Alias1 == 0) && __ste_email_to1 == 0) && __ste_client_name1 == 0) && __ste_client_privateKey1 == 0) && head == 0) && __ste_client_name0 == 0) && __ste_Client_Keyring0_PublicKey2 == 0) && __ste_Client_Keyring1_PublicKey0 == 0) && __ste_email_to0 == 0) && __ste_email_signKey0 == 0) && __SELECTED_FEATURE_Decrypt == 0) && __ste_email_encryptionKey0 == 0) && __SELECTED_FEATURE_Keys == 0) && __SELECTED_FEATURE_AddressBook == 0) && __ste_client_forwardReceiver2 == 0) && __ste_Client_Keyring0_PublicKey1 == 0) && __SELECTED_FEATURE_Forward == 0) && rjh___0 <= 2) && __ste_Client_Keyring0_User0 == 0) && __ste_email_isSigned0 == 0) && __ste_Client_Keyring2_PublicKey1 == 0) && __ste_email_isSigned1 == 0) && __ste_email_body0 == 0) && __ste_Client_AddressBook0_Alias0 == 0) && __ste_email_id0 == 0) && \old(rjh___0) <= 2) && __ste_client_privateKey0 == 0) && __ste_email_from0 == 0) && __ste_Client_Keyring2_User1 == 0) && bob___0 <= 1) && __ste_Client_AddressBook2_Address2 == 0) && \result <= 1) && __ste_Client_AddressBook2_Address1 == 0) && bob == 1) && tmp <= 1) && __ste_client_forwardReceiver1 == 0) && __ste_Client_AddressBook1_Alias2 == 0) && 2 <= __ste_client_idCounter1) && __ste_client_outbuffer0 == 0) && queue_empty == 1) && __SELECTED_FEATURE_Base == 0) && __ste_client_forwardReceiver0 == 0) && __ste_Client_Keyring2_User0 == 0) && rjh == 2) && 0 == __ste_Client_AddressBook0_Address1) && __ste_Client_AddressBook2_Address0 == 0) && __ste_email_isSignatureVerified1 == 0) && __ste_Client_Keyring1_PublicKey1 == 0) && __ste_Client_Keyring2_PublicKey0 == 0) && __ste_Client_AddressBook1_Address0 == 0) && __ste_client_name2 == 0) && __ste_email_from1 == 0) && 2 <= \old(rjh___0)) && __ste_email_subject1 == 0) && __ste_Client_AddressBook1_Alias0 == 0) && __ste_Client_Keyring2_User2 == 0) && head == 0) && __ste_client_privateKey2 == 0) && __ste_Client_Keyring1_User1 == 0) && #NULL == 0) && __ste_Client_AddressBook2_Alias2 == 0) && 1 <= tmp) && __ste_email_subject1 == 0) && __ste_Client_AddressBook0_Alias2 == 0) && __ste_ClientKeyring_size0 == 0) && __ste_email_isEncrypted0 == 0) && queued_message == 0) && __ste_Client_AddressBook1_Address1 == 0) && 0 == __ste_Client_AddressBook0_Address0) && __ste_client_outbuffer1 == 0) && 0 <= 2147483648 + retValue_acc) && __ste_Client_AddressBook0_Alias1 == 0) && __GUIDSL_ROOT_PRODUCTION == 0) && __cil_tmp1 == 24) && chuck == 0) && __ste_client_name0 == 0) && __ste_email_id1 == 0) && __ste_client_outbuffer2 == 0) && 0 <= unknown-#StackHeapBarrier-unknown) && __ste_ClientAddressBook_size2 == 0) && __SELECTED_FEATURE_AutoResponder == 0) && __ste_email_encryptionKey1 == 0) && __ste_client_autoResponse0 == 0) && __ste_email_body1 == 0) && __ste_ClientKeyring_size2 == 0) && __ste_client_autoResponse2 == 0) && #NULL == 0) && __ste_email_signKey1 == 0 - InvariantResult [Line: 1903]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1835]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 2359]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 1757]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1820]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1914]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1632]: Loop Invariant Derived loop invariant: (((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((!(__ste_client_privateKey0 <= 0) || !(1 <= \old(client))) || !(0 <= __ste_email_subject0)) || !(__ste_Client_AddressBook1_Address2 == 0)) || !(0 <= __ste_Client_AddressBook2_Address1)) || !(0 <= \old(queued_message))) || !(__ste_email_isEncrypted1 <= 0)) || !(0 <= __ste_client_privateKey0)) || !(__ste_email_subject1 <= 0)) || !(0 <= \old(__ste_email_from0))) || !(__ste_email_signKey1 <= 0)) || !(__SELECTED_FEATURE_Verify <= 0)) || !(0 <= __ste_email_subject1)) || !(0 <= __ste_Client_AddressBook1_Address1)) || !(0 <= head)) || !(__ste_client_name2 == 0)) || !(__ste_Client_AddressBook1_Alias1 == 0)) || !(__SELECTED_FEATURE_AutoResponder <= 0)) || !(__ste_Client_AddressBook0_Alias1 <= 0)) || !(0 <= #NULL)) || !(__ste_client_privateKey1 <= 0)) || !(__ste_Client_AddressBook2_Alias0 <= 0)) || !(0 <= __ste_client_forwardReceiver1)) || !(0 <= __ste_client_privateKey1)) || !(__ste_Client_counter == 0)) || !(0 <= __ste_email_id1)) || !(__ste_Client_AddressBook2_Address1 <= 0)) || !(3 <= chuck)) || !(\old(queued_message) <= 0)) || !(__ste_ClientAddressBook_size1 <= 0)) || !(__ste_Client_Keyring1_PublicKey1 == 0)) || !(0 <= __ste_Client_Keyring0_User0)) || !(0 <= __ste_email_body1)) || !(\old(queued_client) <= 0)) || !(__ste_ClientAddressBook_size2 == 0)) || !(0 <= __ste_email_encryptionKey0)) || !(0 <= __ste_Client_Keyring1_User2)) || !(__ste_ClientKeyring_size0 <= 0)) || !(0 <= __SELECTED_FEATURE_AddressBook)) || !(__SELECTED_FEATURE_Decrypt <= 0)) || !(0 <= __ste_Client_AddressBook2_Address0)) || !(__ste_client_outbuffer1 <= 0)) || !(__ste_Client_Keyring0_User2 == 0)) || !(0 <= __GUIDSL_ROOT_PRODUCTION)) || !(head <= 0)) || !(__ste_Client_AddressBook2_Alias2 == 0)) || !(__ste_Client_Keyring0_PublicKey2 <= 0)) || !(0 <= __ste_Client_AddressBook2_Alias0)) || !(2 <= rjh)) || !(\old(msg) <= 1)) || !(bob <= 1)) || !(0 <= __ste_ClientKeyring_size1)) || !(__ste_Client_AddressBook2_Address0 <= 0)) || !(\old(client) <= 1)) || !(0 <= __SELECTED_FEATURE_AutoResponder)) || !(__ste_ClientAddressBook_size0 <= 0)) || !(rjh <= 2)) || !(0 <= __ste_Client_AddressBook0_Alias2)) || !(0 <= __ste_email_isSignatureVerified0)) || !(__SELECTED_FEATURE_Forward == 0)) || !(__ste_Client_AddressBook2_Alias1 <= 0)) || !(0 <= __ste_Client_Keyring2_PublicKey0)) || !(__ste_Client_AddressBook1_Alias0 <= 0)) || !(__ste_Client_AddressBook1_Address1 <= 0)) || !(__ste_email_body1 == 0)) || !(0 <= __SELECTED_FEATURE_Decrypt)) || !(__ste_client_forwardReceiver0 == 0)) || !(__ste_email_body0 == 0)) || !(0 <= __ste_Client_Keyring1_PublicKey2)) || !(0 <= __ste_Client_Keyring0_PublicKey2)) || !(0 <= __GUIDSL_NON_TERMINAL_main)) || !(__ste_client_name2 <= 0)) || !(1 <= bob)) || !(head == 0)) || !(__ste_email_subject0 <= 0)) || !(0 <= __ste_Client_Keyring2_User1)) || !(0 <= __ste_client_name2)) || !(__ste_client_forwardReceiver3 <= 0)) || !(\old(__ste_email_to0) <= 2)) || !(1 <= \old(msg))) || !(0 <= __ste_email_isSignatureVerified1)) || !(__SELECTED_FEATURE_Sign == 0)) || !(0 <= __ste_email_signKey1)) || !(0 <= __ste_client_outbuffer1)) || !(0 <= __ste_ClientAddressBook_size1)) || !(0 <= __ste_client_name0)) || !(0 <= \old(queued_client))) || !(0 <= __ste_Client_AddressBook1_Alias0)) || !(__ste_Client_Keyring1_User1 == 0)) || !(__ste_client_outbuffer0 <= 0)) || !(__ste_client_name0 <= 0)) || !(__ste_email_id1 <= 0)) || !(__SELECTED_FEATURE_Encrypt <= 0)) || !(__ste_client_privateKey2 <= 0)) || !(0 <= __ste_email_isSigned0)) || !(0 <= __ste_client_autoResponse2)) || !(__ste_Client_AddressBook0_Alias0 == 0)) || !(__ste_Client_Keyring1_PublicKey2 <= 0)) || !(__ste_Client_Keyring1_PublicKey0 <= 0)) || !(__ste_client_outbuffer3 == 0)) || !(__ste_client_autoResponse0 <= 0)) || !(__ste_Client_AddressBook0_Alias2 <= 0)) || !(0 <= __ste_client_privateKey2)) || !(__ste_ClientKeyring_size1 <= 0)) || !(__ste_client_name0 <= 0)) || !(__ste_Client_Keyring2_PublicKey1 == 0)) || !(__SELECTED_FEATURE_Base == 0)) || !(__ste_Client_AddressBook1_Alias2 <= 0)) || !(__ste_email_encryptionKey1 == 0)) || !(#NULL <= 0)) || !(__ste_Client_AddressBook0_Address1 <= 0)) || !(0 <= __ste_client_forwardReceiver2)) || !(__ste_email_subject0 <= 0)) || !(0 <= __ste_Email_counter)) || !(0 <= __SELECTED_FEATURE_Encrypt)) || !(__ste_Client_Keyring1_User0 <= 0)) || (((((((((((((((((((((((((((((((((((((((((((((((((((((((((2 <= tmp && \old(client) == client) && \old(client) == client) && 1 <= \old(client)) && \old(msg) <= 1) && 0 <= 2147483648 + \result) && \old(handle) == client) && \old(handle) == handle) && 1 <= msg) && \old(client) == client) && msg == \old(msg)) && client == \old(client)) && \old(client) == tmp) && queued_message <= 0) && \old(msg) == msg) && __ste_email_from0 <= 2147483647) && client == \old(client)) && 1 <= client) && 0 <= __ste_email_from0 + 2147483648) && msg == \old(msg)) && \result <= 2147483647) && client == \old(client)) && \old(msg) == msg) && queue_empty <= 1) && 1 <= handle) && \result == tmp) && \result == retValue_acc) && 1 <= \old(msg)) && msg == \old(msg)) && __ste_client_idCounter0 <= 2147483647) && msg == \old(msg)) && 1 <= queue_empty) && 0 <= retValue_acc + 2147483648) && 0 <= queued_message) && tmp <= 2) && \old(handle) <= 1) && tmp <= 2147483647) && 1 <= msg) && client <= 1) && 0 <= queued_client) && \old(msg) == msg) && msg <= 1) && msg == \old(msg)) && \old(client) <= 1) && client == \old(client)) && msg <= 1) && retValue_acc == __ste_client_autoResponse1) && retValue_acc <= 2147483647) && 1 <= \old(handle)) && handle <= 1) && client <= 1) && \result <= 2147483647) && 0 <= __ste_client_idCounter0 + 2147483648) && 2 <= __ste_email_to0) && __ste_email_to0 <= 2) && 1 <= client) && 0 <= tmp + 2147483648) && queued_client <= 0)) || !(0 <= __ste_email_isEncrypted1)) || !(#NULL == 0)) || !(__ste_Client_Keyring0_PublicKey1 == 0)) || !(__ste_Client_Keyring0_User1 == 0)) || !(0 <= __ste_ClientKeyring_size0)) || !(__ste_Client_AddressBook0_Address2 <= 0)) || !(chuck <= 3)) || !(0 <= __SELECTED_FEATURE_Verify)) || !(__ste_Client_Keyring2_User1 <= 0)) || !(0 <= __ste_client_forwardReceiver3)) || !(0 <= __ste_Client_AddressBook2_Alias1)) || !(__ste_Client_Keyring2_User2 <= 0)) || !(0 <= __ste_email_isSigned1)) || !(__SELECTED_FEATURE_AddressBook <= 0)) || !(__ste_email_subject1 == 0)) || !(0 <= __ste_Client_AddressBook1_Alias2)) || !(__ste_email_isSigned1 <= 0)) || !(__ste_Client_AddressBook2_Address2 == 0)) || !(__ste_client_name1 == 0)) || 1 == tmp) || !(__ste_client_forwardReceiver2 <= 0)) || !(0 <= __ste_Client_Keyring2_User2)) || !(__SELECTED_FEATURE_Keys <= 0)) || !(__ste_email_body0 == 0)) || !(__ste_ClientKeyring_size2 == 0)) || !(0 <= __ste_Client_Keyring0_PublicKey0)) || !(0 <= __ste_client_name1)) || !(\old(queue_empty) <= 1)) || !(__ste_Client_AddressBook0_Address0 <= 0)) || !(0 <= __ste_Client_AddressBook0_Address0)) || !(__ste_client_idCounter2 <= 3)) || !(__ste_Client_AddressBook1_Address0 == 0)) || !(0 <= __ste_Client_AddressBook0_Alias1)) || !(2 <= \old(__ste_email_to0))) || !(0 <= __ste_email_id0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(__ste_email_isSignatureVerified0 <= 0)) || !(0 <= __ste_Client_Keyring1_PublicKey0)) || !(0 <= __ste_ClientAddressBook_size0)) || !(1 <= \old(queue_empty))) || !(0 <= __SELECTED_FEATURE_Keys)) || !(\old(__ste_email_from0) <= 0)) || !(__GUIDSL_ROOT_PRODUCTION <= 0)) || !(__ste_client_forwardReceiver1 <= 0)) || !(__ste_email_body1 <= 0)) || !(__ste_Client_Keyring2_PublicKey2 <= 0)) || !(__ste_email_isEncrypted0 <= 0)) || !(__ste_client_autoResponse2 <= 0)) || !(__ste_Client_Keyring2_PublicKey0 <= 0)) || !(0 <= __ste_Client_Keyring1_User0)) || !(0 <= __ste_client_name0)) || !(0 <= __ste_client_outbuffer0)) || !(0 <= __ste_client_autoResponse1)) || !(__ste_email_encryptionKey0 <= 0)) || !(0 <= __ste_client_autoResponse0)) || !(__ste_Client_Keyring0_User0 <= 0)) || !(__ste_client_outbuffer2 == 0)) || !(0 <= __ste_Client_AddressBook0_Address1)) || !(__ste_client_name1 <= 0)) || !(__ste_email_isSignatureVerified1 <= 0)) || !(__ste_Email_counter <= 0)) || !(__ste_Client_Keyring2_User0 == 0)) || !(0 <= __ste_email_signKey0)) || !(__GUIDSL_NON_TERMINAL_main <= 0)) || !(0 <= __ste_Client_AddressBook0_Address2)) || !(__ste_Client_Keyring0_PublicKey0 <= 0)) || !(__ste_Client_Keyring1_User2 <= 0)) || !(0 <= __ste_Client_Keyring2_PublicKey2)) || !(__ste_email_isSigned0 <= 0)) || !(__ste_email_id0 <= 0)) || !(__ste_email_signKey0 <= 0)) || !(3 <= __ste_client_idCounter2)) || !(0 <= __ste_email_isEncrypted0)) || !(0 <= __ste_email_subject0) - InvariantResult [Line: 1882]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 2417]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1856]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 2336]: Loop Invariant Derived loop invariant: 1 == tmp - InvariantResult [Line: 2473]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1892]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: -1]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1831]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 2376]: Loop Invariant Derived loop invariant: (((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((queued_client == 0 && __ste_Client_Keyring1_User2 == 0) && __GUIDSL_NON_TERMINAL_main == 0) && __ste_email_isEncrypted1 == 0) && __ste_email_subject0 == 0) && __SELECTED_FEATURE_Sign == 0) && 0 == __ste_Client_AddressBook0_Address2) && __ste_client_outbuffer3 == 0) && 1 <= \result) && 1 <= \old(bob___0)) && __ste_Client_counter == 0) && rjh == 0) && __ste_Client_Keyring1_PublicKey2 == 0) && __ste_client_autoResponse1 == 0) && __ste_Client_AddressBook2_Alias0 == 0) && 0 == __ste_email_subject0) && __ste_Client_AddressBook2_Alias1 == 0) && __ste_Client_Keyring2_PublicKey2 == 0) && __ste_client_forwardReceiver3 == 0) && \old(bob___0) <= 1) && 1 == retValue_acc) && __ste_client_name2 == 0) && __ste_client_name1 == 0) && __SELECTED_FEATURE_Verify == 0) && __ste_Client_Keyring1_User0 == 0) && __ste_email_body1 == 0) && __SELECTED_FEATURE_Encrypt == 0) && __ste_Client_AddressBook1_Address2 == 0) && 1 <= bob___0) && __ste_ClientAddressBook_size1 == 0) && __ste_Client_Keyring0_PublicKey0 == 0) && __ste_Email_counter == 0) && __ste_ClientKeyring_size1 == 0) && __ste_email_body0 == 0) && __ste_email_isSignatureVerified0 == 0) && __ste_Client_Keyring0_User2 == 0) && __ste_ClientAddressBook_size0 == 0) && retValue_acc <= 2147483647) && __ste_Client_Keyring0_User1 == 0) && __ste_Client_AddressBook1_Alias1 == 0) && __ste_email_to1 == 0) && __ste_client_name1 == 0) && __ste_client_privateKey1 == 0) && head == 0) && __ste_client_name0 == 0) && __ste_Client_Keyring0_PublicKey2 == 0) && __ste_Client_Keyring1_PublicKey0 == 0) && __ste_email_to0 == 0) && __ste_email_signKey0 == 0) && __SELECTED_FEATURE_Decrypt == 0) && __ste_email_encryptionKey0 == 0) && __SELECTED_FEATURE_Keys == 0) && __SELECTED_FEATURE_AddressBook == 0) && __ste_client_forwardReceiver2 == 0) && __ste_Client_Keyring0_PublicKey1 == 0) && __SELECTED_FEATURE_Forward == 0) && __ste_Client_Keyring0_User0 == 0) && __ste_email_isSigned0 == 0) && __ste_Client_Keyring2_PublicKey1 == 0) && __ste_email_isSigned1 == 0) && __ste_email_body0 == 0) && __ste_Client_AddressBook0_Alias0 == 0) && __ste_email_id0 == 0) && __ste_client_privateKey0 == 0) && __ste_email_from0 == 0) && __ste_Client_Keyring2_User1 == 0) && bob___0 <= 1) && __ste_Client_AddressBook2_Address2 == 0) && \result <= 1) && __ste_Client_AddressBook2_Address1 == 0) && bob == 1) && tmp <= 1) && __ste_client_forwardReceiver1 == 0) && __ste_Client_AddressBook1_Alias2 == 0) && __ste_client_outbuffer0 == 0) && queue_empty == 1) && __SELECTED_FEATURE_Base == 0) && __ste_client_forwardReceiver0 == 0) && __ste_Client_Keyring2_User0 == 0) && 0 == __ste_Client_AddressBook0_Address1) && __ste_Client_AddressBook2_Address0 == 0) && __ste_email_isSignatureVerified1 == 0) && __ste_Client_Keyring1_PublicKey1 == 0) && __ste_Client_Keyring2_PublicKey0 == 0) && __ste_Client_AddressBook1_Address0 == 0) && __ste_client_name2 == 0) && __ste_email_from1 == 0) && __ste_client_idCounter0 <= 1) && __ste_email_subject1 == 0) && __ste_Client_AddressBook1_Alias0 == 0) && __ste_Client_Keyring2_User2 == 0) && head == 0) && __ste_client_privateKey2 == 0) && __ste_Client_Keyring1_User1 == 0) && #NULL == 0) && __ste_Client_AddressBook2_Alias2 == 0) && 1 <= tmp) && __ste_email_subject1 == 0) && __ste_Client_AddressBook0_Alias2 == 0) && __ste_ClientKeyring_size0 == 0) && __ste_email_isEncrypted0 == 0) && queued_message == 0) && __ste_Client_AddressBook1_Address1 == 0) && 0 == __ste_Client_AddressBook0_Address0) && 1 <= __ste_client_idCounter0) && __ste_client_outbuffer1 == 0) && 0 <= 2147483648 + retValue_acc) && __ste_Client_AddressBook0_Alias1 == 0) && __GUIDSL_ROOT_PRODUCTION == 0) && chuck == 0) && __ste_client_name0 == 0) && __ste_email_id1 == 0) && __ste_client_outbuffer2 == 0) && 0 <= unknown-#StackHeapBarrier-unknown) && __ste_ClientAddressBook_size2 == 0) && __SELECTED_FEATURE_AutoResponder == 0) && __ste_email_encryptionKey1 == 0) && __ste_client_autoResponse0 == 0) && __ste_email_body1 == 0) && __ste_ClientKeyring_size2 == 0) && __ste_client_autoResponse2 == 0) && #NULL == 0) && __ste_email_signKey1 == 0 - InvariantResult [Line: 1925]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 2406]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1600]: Loop Invariant Derived loop invariant: ((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((!(__ste_client_privateKey0 <= 0) || !(1 <= \old(client))) || !(0 <= __ste_email_subject0)) || !(__ste_Client_AddressBook1_Address2 == 0)) || !(0 <= __ste_Client_AddressBook2_Address1)) || !(0 <= \old(queued_message))) || !(__ste_email_isEncrypted1 <= 0)) || !(0 <= __ste_client_privateKey0)) || !(__ste_email_subject1 <= 0)) || !(0 <= \old(__ste_email_from0))) || !(__ste_email_signKey1 <= 0)) || !(__SELECTED_FEATURE_Verify <= 0)) || !(0 <= __ste_email_subject1)) || !(0 <= __ste_Client_AddressBook1_Address1)) || !(0 <= head)) || !(__ste_client_name2 == 0)) || !(__ste_Client_AddressBook1_Alias1 == 0)) || !(__SELECTED_FEATURE_AutoResponder <= 0)) || !(__ste_Client_AddressBook0_Alias1 <= 0)) || !(0 <= #NULL)) || !(__ste_client_privateKey1 <= 0)) || !(__ste_Client_AddressBook2_Alias0 <= 0)) || !(0 <= __ste_client_forwardReceiver1)) || !(0 <= __ste_client_privateKey1)) || !(__ste_Client_counter == 0)) || !(0 <= __ste_email_id1)) || !(__ste_Client_AddressBook2_Address1 <= 0)) || !(3 <= chuck)) || !(\old(queued_message) <= 0)) || !(__ste_ClientAddressBook_size1 <= 0)) || !(__ste_Client_Keyring1_PublicKey1 == 0)) || !(0 <= __ste_Client_Keyring0_User0)) || !(0 <= __ste_email_body1)) || !(\old(queued_client) <= 0)) || !(__ste_ClientAddressBook_size2 == 0)) || !(0 <= __ste_email_encryptionKey0)) || !(0 <= __ste_Client_Keyring1_User2)) || !(__ste_ClientKeyring_size0 <= 0)) || !(0 <= __SELECTED_FEATURE_AddressBook)) || !(__SELECTED_FEATURE_Decrypt <= 0)) || !(0 <= __ste_Client_AddressBook2_Address0)) || !(__ste_client_outbuffer1 <= 0)) || !(__ste_Client_Keyring0_User2 == 0)) || !(0 <= __GUIDSL_ROOT_PRODUCTION)) || !(head <= 0)) || !(__ste_Client_AddressBook2_Alias2 == 0)) || !(__ste_Client_Keyring0_PublicKey2 <= 0)) || !(0 <= __ste_Client_AddressBook2_Alias0)) || !(2 <= rjh)) || !(\old(msg) <= 1)) || !(bob <= 1)) || !(0 <= __ste_ClientKeyring_size1)) || !(__ste_Client_AddressBook2_Address0 <= 0)) || !(\old(client) <= 1)) || !(0 <= __SELECTED_FEATURE_AutoResponder)) || !(__ste_ClientAddressBook_size0 <= 0)) || !(rjh <= 2)) || !(0 <= __ste_Client_AddressBook0_Alias2)) || !(0 <= __ste_email_isSignatureVerified0)) || !(__SELECTED_FEATURE_Forward == 0)) || !(__ste_Client_AddressBook2_Alias1 <= 0)) || !(0 <= __ste_Client_Keyring2_PublicKey0)) || !(__ste_Client_AddressBook1_Alias0 <= 0)) || !(__ste_Client_AddressBook1_Address1 <= 0)) || !(__ste_email_body1 == 0)) || !(0 <= __SELECTED_FEATURE_Decrypt)) || !(__ste_client_forwardReceiver0 == 0)) || !(__ste_email_body0 == 0)) || !(0 <= __ste_Client_Keyring1_PublicKey2)) || !(0 <= __ste_Client_Keyring0_PublicKey2)) || !(0 <= __GUIDSL_NON_TERMINAL_main)) || !(__ste_client_name2 <= 0)) || !(1 <= bob)) || !(head == 0)) || !(__ste_email_subject0 <= 0)) || !(0 <= __ste_Client_Keyring2_User1)) || !(0 <= __ste_client_name2)) || !(__ste_client_forwardReceiver3 <= 0)) || !(\old(__ste_email_to0) <= 2)) || !(1 <= \old(msg))) || !(0 <= __ste_email_isSignatureVerified1)) || !(__SELECTED_FEATURE_Sign == 0)) || !(0 <= __ste_email_signKey1)) || !(0 <= __ste_client_outbuffer1)) || !(0 <= __ste_ClientAddressBook_size1)) || !(0 <= __ste_client_name0)) || !(0 <= \old(queued_client))) || !(0 <= __ste_Client_AddressBook1_Alias0)) || !(__ste_Client_Keyring1_User1 == 0)) || !(__ste_client_outbuffer0 <= 0)) || !(__ste_client_name0 <= 0)) || !(__ste_email_id1 <= 0)) || !(__SELECTED_FEATURE_Encrypt <= 0)) || !(__ste_client_privateKey2 <= 0)) || !(0 <= __ste_email_isSigned0)) || !(0 <= __ste_client_autoResponse2)) || !(__ste_Client_AddressBook0_Alias0 == 0)) || !(__ste_Client_Keyring1_PublicKey2 <= 0)) || !(__ste_Client_Keyring1_PublicKey0 <= 0)) || !(__ste_client_outbuffer3 == 0)) || !(__ste_client_autoResponse0 <= 0)) || !(__ste_Client_AddressBook0_Alias2 <= 0)) || !(0 <= __ste_client_privateKey2)) || !(__ste_ClientKeyring_size1 <= 0)) || !(__ste_client_name0 <= 0)) || !(__ste_Client_Keyring2_PublicKey1 == 0)) || !(__SELECTED_FEATURE_Base == 0)) || !(__ste_Client_AddressBook1_Alias2 <= 0)) || !(__ste_email_encryptionKey1 == 0)) || !(#NULL <= 0)) || !(__ste_Client_AddressBook0_Address1 <= 0)) || !(0 <= __ste_client_forwardReceiver2)) || !(__ste_email_subject0 <= 0)) || !(0 <= __ste_Email_counter)) || !(0 <= __SELECTED_FEATURE_Encrypt)) || !(__ste_Client_Keyring1_User0 <= 0)) || !(0 <= __ste_email_isEncrypted1)) || !(#NULL == 0)) || !(__ste_Client_Keyring0_PublicKey1 == 0)) || !(__ste_Client_Keyring0_User1 == 0)) || !(0 <= __ste_ClientKeyring_size0)) || !(__ste_Client_AddressBook0_Address2 <= 0)) || !(chuck <= 3)) || !(0 <= __SELECTED_FEATURE_Verify)) || !(__ste_Client_Keyring2_User1 <= 0)) || !(0 <= __ste_client_forwardReceiver3)) || !(0 <= __ste_Client_AddressBook2_Alias1)) || !(__ste_Client_Keyring2_User2 <= 0)) || ((((((queued_message == \old(queued_message) && __ste_email_to0 == \old(__ste_email_to0)) && __ste_email_to1 == \old(__ste_email_to1)) && \old(__ste_email_from0) == __ste_email_from0) && \old(__ste_email_from1) == __ste_email_from1) && \old(queue_empty) == queue_empty) && queued_client == \old(queued_client))) || !(0 <= __ste_email_isSigned1)) || !(__SELECTED_FEATURE_AddressBook <= 0)) || !(__ste_email_subject1 == 0)) || !(0 <= __ste_Client_AddressBook1_Alias2)) || !(__ste_email_isSigned1 <= 0)) || !(__ste_Client_AddressBook2_Address2 == 0)) || !(__ste_client_name1 == 0)) || !(__ste_client_forwardReceiver2 <= 0)) || !(0 <= __ste_Client_Keyring2_User2)) || !(__SELECTED_FEATURE_Keys <= 0)) || !(__ste_email_body0 == 0)) || !(__ste_ClientKeyring_size2 == 0)) || !(0 <= __ste_Client_Keyring0_PublicKey0)) || !(0 <= __ste_client_name1)) || !(\old(queue_empty) <= 1)) || !(__ste_Client_AddressBook0_Address0 <= 0)) || !(0 <= __ste_Client_AddressBook0_Address0)) || !(__ste_client_idCounter2 <= 3)) || !(__ste_Client_AddressBook1_Address0 == 0)) || !(0 <= __ste_Client_AddressBook0_Alias1)) || !(2 <= \old(__ste_email_to0))) || !(0 <= __ste_email_id0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(__ste_email_isSignatureVerified0 <= 0)) || !(0 <= __ste_Client_Keyring1_PublicKey0)) || !(0 <= __ste_ClientAddressBook_size0)) || !(1 <= \old(queue_empty))) || !(0 <= __SELECTED_FEATURE_Keys)) || !(\old(__ste_email_from0) <= 0)) || !(__GUIDSL_ROOT_PRODUCTION <= 0)) || !(__ste_client_forwardReceiver1 <= 0)) || !(__ste_email_body1 <= 0)) || !(__ste_Client_Keyring2_PublicKey2 <= 0)) || !(__ste_email_isEncrypted0 <= 0)) || !(__ste_client_autoResponse2 <= 0)) || !(__ste_Client_Keyring2_PublicKey0 <= 0)) || !(0 <= __ste_Client_Keyring1_User0)) || !(0 <= __ste_client_name0)) || !(0 <= __ste_client_outbuffer0)) || !(0 <= __ste_client_autoResponse1)) || !(__ste_email_encryptionKey0 <= 0)) || !(0 <= __ste_client_autoResponse0)) || !(__ste_Client_Keyring0_User0 <= 0)) || !(__ste_client_outbuffer2 == 0)) || !(0 <= __ste_Client_AddressBook0_Address1)) || !(__ste_client_name1 <= 0)) || !(__ste_email_isSignatureVerified1 <= 0)) || !(__ste_Email_counter <= 0)) || !(__ste_Client_Keyring2_User0 == 0)) || !(0 <= __ste_email_signKey0)) || !(__GUIDSL_NON_TERMINAL_main <= 0)) || !(0 <= __ste_Client_AddressBook0_Address2)) || !(__ste_Client_Keyring0_PublicKey0 <= 0)) || !(__ste_Client_Keyring1_User2 <= 0)) || !(0 <= __ste_Client_Keyring2_PublicKey2)) || !(__ste_email_isSigned0 <= 0)) || !(__ste_email_id0 <= 0)) || !(__ste_email_signKey0 <= 0)) || !(3 <= __ste_client_idCounter2)) || !(0 <= __ste_email_isEncrypted0)) || !(0 <= __ste_email_subject0) - InvariantResult [Line: 1812]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1845]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 2527]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1737]: Loop Invariant Derived loop invariant: 1 == tmp - InvariantResult [Line: 1878]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1811]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 2414]: Loop Invariant Derived loop invariant: 1 RESULT: Ultimate proved your program to be correct! [2022-11-19 08:34:16,745 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_81cf609c-3dbf-4434-ab71-310981a866bc/bin/utaipan-I9t0OCRTmS/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE