./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/email_spec11_product10.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 6b4ec56b Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/bin/utaipan-6cKwYrpEi9/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/bin/utaipan-6cKwYrpEi9/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/bin/utaipan-6cKwYrpEi9/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/bin/utaipan-6cKwYrpEi9/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/email_spec11_product10.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/bin/utaipan-6cKwYrpEi9/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/bin/utaipan-6cKwYrpEi9 --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash c9a35f77051831a79054d5620e487d68dd21285b0cc9c8ae29c469f997bd1ec7 --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-6b4ec56 [2022-11-20 20:30:03,822 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-20 20:30:03,824 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-20 20:30:03,852 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-20 20:30:03,852 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-20 20:30:03,856 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-20 20:30:03,859 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-20 20:30:03,863 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-20 20:30:03,865 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-20 20:30:03,871 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-20 20:30:03,873 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-20 20:30:03,876 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-20 20:30:03,876 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-20 20:30:03,881 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-20 20:30:03,883 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-20 20:30:03,885 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-20 20:30:03,887 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-20 20:30:03,887 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-20 20:30:03,889 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-20 20:30:03,895 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-20 20:30:03,897 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-20 20:30:03,899 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-20 20:30:03,900 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-20 20:30:03,901 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-20 20:30:03,910 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-20 20:30:03,910 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-20 20:30:03,911 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-20 20:30:03,912 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-20 20:30:03,912 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-20 20:30:03,913 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-20 20:30:03,913 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-20 20:30:03,914 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-20 20:30:03,915 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-20 20:30:03,918 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-20 20:30:03,921 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-20 20:30:03,922 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-20 20:30:03,922 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-20 20:30:03,923 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-20 20:30:03,923 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-20 20:30:03,924 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-20 20:30:03,924 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-20 20:30:03,925 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/bin/utaipan-6cKwYrpEi9/config/svcomp-Reach-32bit-Taipan_Default.epf [2022-11-20 20:30:03,956 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-20 20:30:03,957 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-20 20:30:03,957 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-20 20:30:03,957 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-20 20:30:03,958 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-20 20:30:03,958 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-20 20:30:03,958 INFO L138 SettingsManager]: * User list type=DISABLED [2022-11-20 20:30:03,958 INFO L136 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2022-11-20 20:30:03,959 INFO L138 SettingsManager]: * Explicit value domain=true [2022-11-20 20:30:03,959 INFO L138 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2022-11-20 20:30:03,959 INFO L138 SettingsManager]: * Octagon Domain=false [2022-11-20 20:30:03,959 INFO L138 SettingsManager]: * Abstract domain=CompoundDomain [2022-11-20 20:30:03,959 INFO L138 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2022-11-20 20:30:03,959 INFO L138 SettingsManager]: * Use the RCFG-of-the-future interface=true [2022-11-20 20:30:03,960 INFO L138 SettingsManager]: * Interval Domain=false [2022-11-20 20:30:03,960 INFO L136 SettingsManager]: Preferences of Sifa differ from their defaults: [2022-11-20 20:30:03,960 INFO L138 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2022-11-20 20:30:03,960 INFO L138 SettingsManager]: * Simplification Technique=POLY_PAC [2022-11-20 20:30:03,961 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-20 20:30:03,961 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-20 20:30:03,961 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-20 20:30:03,961 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-20 20:30:03,962 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-20 20:30:03,962 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-20 20:30:03,962 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-20 20:30:03,962 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-20 20:30:03,962 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-20 20:30:03,962 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-20 20:30:03,963 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-20 20:30:03,963 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-20 20:30:03,963 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-20 20:30:03,963 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-20 20:30:03,963 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-20 20:30:03,964 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-20 20:30:03,964 INFO L138 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2022-11-20 20:30:03,964 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-20 20:30:03,964 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-20 20:30:03,964 INFO L138 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2022-11-20 20:30:03,965 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-20 20:30:03,965 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-20 20:30:03,965 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2022-11-20 20:30:03,965 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/bin/utaipan-6cKwYrpEi9/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/bin/utaipan-6cKwYrpEi9 Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> c9a35f77051831a79054d5620e487d68dd21285b0cc9c8ae29c469f997bd1ec7 [2022-11-20 20:30:04,198 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-20 20:30:04,219 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-20 20:30:04,222 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-20 20:30:04,223 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-20 20:30:04,224 INFO L275 PluginConnector]: CDTParser initialized [2022-11-20 20:30:04,225 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/bin/utaipan-6cKwYrpEi9/../../sv-benchmarks/c/product-lines/email_spec11_product10.cil.c [2022-11-20 20:30:07,259 INFO L500 CDTParser]: Created temporary CDT project at NULL [2022-11-20 20:30:07,596 INFO L351 CDTParser]: Found 1 translation units. [2022-11-20 20:30:07,605 INFO L172 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/sv-benchmarks/c/product-lines/email_spec11_product10.cil.c [2022-11-20 20:30:07,628 INFO L394 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/bin/utaipan-6cKwYrpEi9/data/28ff1bbe9/1f24b85c4c0d4c1c978c141112641f89/FLAGc66126d7b [2022-11-20 20:30:07,653 INFO L402 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/bin/utaipan-6cKwYrpEi9/data/28ff1bbe9/1f24b85c4c0d4c1c978c141112641f89 [2022-11-20 20:30:07,659 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-20 20:30:07,661 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-20 20:30:07,668 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-20 20:30:07,668 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-20 20:30:07,672 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-20 20:30:07,673 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.11 08:30:07" (1/1) ... [2022-11-20 20:30:07,675 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@650bfc98 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 08:30:07, skipping insertion in model container [2022-11-20 20:30:07,675 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.11 08:30:07" (1/1) ... [2022-11-20 20:30:07,683 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-20 20:30:07,768 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-20 20:30:08,275 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/sv-benchmarks/c/product-lines/email_spec11_product10.cil.c[53446,53459] [2022-11-20 20:30:08,304 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-20 20:30:08,328 INFO L203 MainTranslator]: Completed pre-run [2022-11-20 20:30:08,430 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/sv-benchmarks/c/product-lines/email_spec11_product10.cil.c[53446,53459] [2022-11-20 20:30:08,438 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-20 20:30:08,471 INFO L208 MainTranslator]: Completed translation [2022-11-20 20:30:08,472 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 08:30:08 WrapperNode [2022-11-20 20:30:08,472 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-20 20:30:08,473 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-20 20:30:08,474 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-20 20:30:08,475 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-20 20:30:08,482 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 08:30:08" (1/1) ... [2022-11-20 20:30:08,509 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 08:30:08" (1/1) ... [2022-11-20 20:30:08,575 INFO L138 Inliner]: procedures = 110, calls = 135, calls flagged for inlining = 40, calls inlined = 33, statements flattened = 620 [2022-11-20 20:30:08,576 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-20 20:30:08,576 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-20 20:30:08,577 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-20 20:30:08,577 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-20 20:30:08,594 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 08:30:08" (1/1) ... [2022-11-20 20:30:08,594 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 08:30:08" (1/1) ... [2022-11-20 20:30:08,608 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 08:30:08" (1/1) ... [2022-11-20 20:30:08,609 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 08:30:08" (1/1) ... [2022-11-20 20:30:08,624 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 08:30:08" (1/1) ... [2022-11-20 20:30:08,643 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 08:30:08" (1/1) ... [2022-11-20 20:30:08,659 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 08:30:08" (1/1) ... [2022-11-20 20:30:08,662 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 08:30:08" (1/1) ... [2022-11-20 20:30:08,667 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-20 20:30:08,669 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-20 20:30:08,669 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-20 20:30:08,684 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-20 20:30:08,685 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 08:30:08" (1/1) ... [2022-11-20 20:30:08,699 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-20 20:30:08,710 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/bin/utaipan-6cKwYrpEi9/z3 [2022-11-20 20:30:08,743 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/bin/utaipan-6cKwYrpEi9/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-20 20:30:08,765 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/bin/utaipan-6cKwYrpEi9/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-20 20:30:08,823 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailTo [2022-11-20 20:30:08,824 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailTo [2022-11-20 20:30:08,824 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailFrom [2022-11-20 20:30:08,824 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailFrom [2022-11-20 20:30:08,824 INFO L130 BoogieDeclarations]: Found specification of procedure isReadable [2022-11-20 20:30:08,824 INFO L138 BoogieDeclarations]: Found implementation of procedure isReadable [2022-11-20 20:30:08,824 INFO L130 BoogieDeclarations]: Found specification of procedure puts [2022-11-20 20:30:08,824 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailFrom [2022-11-20 20:30:08,825 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailFrom [2022-11-20 20:30:08,825 INFO L130 BoogieDeclarations]: Found specification of procedure queue [2022-11-20 20:30:08,825 INFO L138 BoogieDeclarations]: Found implementation of procedure queue [2022-11-20 20:30:08,825 INFO L130 BoogieDeclarations]: Found specification of procedure setClientId [2022-11-20 20:30:08,825 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientId [2022-11-20 20:30:08,825 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-20 20:30:08,825 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing [2022-11-20 20:30:08,825 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing [2022-11-20 20:30:08,826 INFO L130 BoogieDeclarations]: Found specification of procedure sendEmail [2022-11-20 20:30:08,826 INFO L138 BoogieDeclarations]: Found implementation of procedure sendEmail [2022-11-20 20:30:08,826 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailTo [2022-11-20 20:30:08,826 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailTo [2022-11-20 20:30:08,826 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-20 20:30:08,826 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-20 20:30:08,827 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-20 20:30:09,037 INFO L235 CfgBuilder]: Building ICFG [2022-11-20 20:30:09,039 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-20 20:30:09,680 INFO L276 CfgBuilder]: Performing block encoding [2022-11-20 20:30:09,887 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-20 20:30:09,887 INFO L300 CfgBuilder]: Removed 1 assume(true) statements. [2022-11-20 20:30:09,890 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.11 08:30:09 BoogieIcfgContainer [2022-11-20 20:30:09,890 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-20 20:30:09,892 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-20 20:30:09,893 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-20 20:30:09,896 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-20 20:30:09,896 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.11 08:30:07" (1/3) ... [2022-11-20 20:30:09,897 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@17dbca1b and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.11 08:30:09, skipping insertion in model container [2022-11-20 20:30:09,897 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 08:30:08" (2/3) ... [2022-11-20 20:30:09,897 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@17dbca1b and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.11 08:30:09, skipping insertion in model container [2022-11-20 20:30:09,898 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.11 08:30:09" (3/3) ... [2022-11-20 20:30:09,899 INFO L112 eAbstractionObserver]: Analyzing ICFG email_spec11_product10.cil.c [2022-11-20 20:30:09,919 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-20 20:30:09,919 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-20 20:30:10,018 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-20 20:30:10,026 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@4cccbcb1, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-20 20:30:10,027 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-20 20:30:10,032 INFO L276 IsEmpty]: Start isEmpty. Operand has 92 states, 62 states have (on average 1.4838709677419355) internal successors, (92), 64 states have internal predecessors, (92), 19 states have call successors, (19), 9 states have call predecessors, (19), 9 states have return successors, (19), 19 states have call predecessors, (19), 19 states have call successors, (19) [2022-11-20 20:30:10,041 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2022-11-20 20:30:10,042 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 20:30:10,043 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 20:30:10,043 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 20:30:10,053 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 20:30:10,054 INFO L85 PathProgramCache]: Analyzing trace with hash -144883800, now seen corresponding path program 1 times [2022-11-20 20:30:10,068 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-20 20:30:10,068 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2077715136] [2022-11-20 20:30:10,069 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 20:30:10,069 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 20:30:10,300 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 20:30:10,444 INFO L134 CoverageAnalysis]: Checked inductivity of 8 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-11-20 20:30:10,445 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-20 20:30:10,445 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2077715136] [2022-11-20 20:30:10,446 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2077715136] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 20:30:10,446 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 20:30:10,446 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-20 20:30:10,448 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [282434797] [2022-11-20 20:30:10,448 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 20:30:10,453 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-20 20:30:10,453 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-20 20:30:10,481 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-20 20:30:10,482 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-20 20:30:10,485 INFO L87 Difference]: Start difference. First operand has 92 states, 62 states have (on average 1.4838709677419355) internal successors, (92), 64 states have internal predecessors, (92), 19 states have call successors, (19), 9 states have call predecessors, (19), 9 states have return successors, (19), 19 states have call predecessors, (19), 19 states have call successors, (19) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) [2022-11-20 20:30:10,574 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 20:30:10,574 INFO L93 Difference]: Finished difference Result 150 states and 202 transitions. [2022-11-20 20:30:10,576 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-20 20:30:10,577 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) Word has length 42 [2022-11-20 20:30:10,578 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 20:30:10,587 INFO L225 Difference]: With dead ends: 150 [2022-11-20 20:30:10,587 INFO L226 Difference]: Without dead ends: 89 [2022-11-20 20:30:10,591 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-20 20:30:10,595 INFO L413 NwaCegarLoop]: 105 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 23 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 105 SdHoareTripleChecker+Invalid, 23 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 23 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-20 20:30:10,596 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 105 Invalid, 23 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 23 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-20 20:30:10,615 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 89 states. [2022-11-20 20:30:10,642 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 89 to 89. [2022-11-20 20:30:10,643 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 89 states, 60 states have (on average 1.4333333333333333) internal successors, (86), 61 states have internal predecessors, (86), 19 states have call successors, (19), 9 states have call predecessors, (19), 9 states have return successors, (18), 18 states have call predecessors, (18), 18 states have call successors, (18) [2022-11-20 20:30:10,646 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 89 states to 89 states and 123 transitions. [2022-11-20 20:30:10,648 INFO L78 Accepts]: Start accepts. Automaton has 89 states and 123 transitions. Word has length 42 [2022-11-20 20:30:10,650 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 20:30:10,650 INFO L495 AbstractCegarLoop]: Abstraction has 89 states and 123 transitions. [2022-11-20 20:30:10,651 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) [2022-11-20 20:30:10,651 INFO L276 IsEmpty]: Start isEmpty. Operand 89 states and 123 transitions. [2022-11-20 20:30:10,656 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2022-11-20 20:30:10,656 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 20:30:10,657 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 20:30:10,657 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-20 20:30:10,657 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 20:30:10,658 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 20:30:10,658 INFO L85 PathProgramCache]: Analyzing trace with hash 689599262, now seen corresponding path program 1 times [2022-11-20 20:30:10,658 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-20 20:30:10,658 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [974886374] [2022-11-20 20:30:10,659 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 20:30:10,659 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 20:30:10,719 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 20:30:10,964 INFO L134 CoverageAnalysis]: Checked inductivity of 8 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-11-20 20:30:10,965 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-20 20:30:10,965 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [974886374] [2022-11-20 20:30:10,966 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [974886374] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 20:30:10,966 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 20:30:10,966 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-20 20:30:10,967 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1582648793] [2022-11-20 20:30:10,968 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 20:30:10,970 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-20 20:30:10,971 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-20 20:30:10,973 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-20 20:30:10,974 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-20 20:30:10,975 INFO L87 Difference]: Start difference. First operand 89 states and 123 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) [2022-11-20 20:30:11,075 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 20:30:11,076 INFO L93 Difference]: Finished difference Result 146 states and 190 transitions. [2022-11-20 20:30:11,076 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-20 20:30:11,076 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) Word has length 43 [2022-11-20 20:30:11,077 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 20:30:11,078 INFO L225 Difference]: With dead ends: 146 [2022-11-20 20:30:11,078 INFO L226 Difference]: Without dead ends: 91 [2022-11-20 20:30:11,079 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-20 20:30:11,081 INFO L413 NwaCegarLoop]: 102 mSDtfsCounter, 0 mSDsluCounter, 101 mSDsCounter, 0 mSdLazyCounter, 42 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 203 SdHoareTripleChecker+Invalid, 42 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 42 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-20 20:30:11,081 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 203 Invalid, 42 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 42 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-20 20:30:11,082 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 91 states. [2022-11-20 20:30:11,092 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 91 to 91. [2022-11-20 20:30:11,093 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 91 states, 62 states have (on average 1.4193548387096775) internal successors, (88), 63 states have internal predecessors, (88), 19 states have call successors, (19), 9 states have call predecessors, (19), 9 states have return successors, (18), 18 states have call predecessors, (18), 18 states have call successors, (18) [2022-11-20 20:30:11,094 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 91 states to 91 states and 125 transitions. [2022-11-20 20:30:11,095 INFO L78 Accepts]: Start accepts. Automaton has 91 states and 125 transitions. Word has length 43 [2022-11-20 20:30:11,095 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 20:30:11,095 INFO L495 AbstractCegarLoop]: Abstraction has 91 states and 125 transitions. [2022-11-20 20:30:11,095 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) [2022-11-20 20:30:11,096 INFO L276 IsEmpty]: Start isEmpty. Operand 91 states and 125 transitions. [2022-11-20 20:30:11,097 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2022-11-20 20:30:11,097 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 20:30:11,097 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 20:30:11,097 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-20 20:30:11,098 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 20:30:11,098 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 20:30:11,098 INFO L85 PathProgramCache]: Analyzing trace with hash 46987416, now seen corresponding path program 1 times [2022-11-20 20:30:11,098 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-20 20:30:11,099 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [965212588] [2022-11-20 20:30:11,099 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 20:30:11,099 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 20:30:11,162 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 20:30:11,354 INFO L134 CoverageAnalysis]: Checked inductivity of 10 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-11-20 20:30:11,354 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-20 20:30:11,354 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [965212588] [2022-11-20 20:30:11,355 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [965212588] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-20 20:30:11,357 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [429461816] [2022-11-20 20:30:11,357 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 20:30:11,357 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-20 20:30:11,358 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/bin/utaipan-6cKwYrpEi9/z3 [2022-11-20 20:30:11,363 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-20 20:30:11,376 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-20 20:30:11,639 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 20:30:11,644 INFO L263 TraceCheckSpWp]: Trace formula consists of 772 conjuncts, 3 conjunts are in the unsatisfiable core [2022-11-20 20:30:11,651 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-20 20:30:11,737 INFO L134 CoverageAnalysis]: Checked inductivity of 10 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-11-20 20:30:11,737 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-20 20:30:11,806 INFO L134 CoverageAnalysis]: Checked inductivity of 10 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-11-20 20:30:11,807 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [429461816] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-20 20:30:11,807 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [868215377] [2022-11-20 20:30:11,842 INFO L159 IcfgInterpreter]: Started Sifa with 40 locations of interest [2022-11-20 20:30:11,842 INFO L166 IcfgInterpreter]: Building call graph [2022-11-20 20:30:11,846 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-20 20:30:11,853 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-20 20:30:11,854 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-20 20:30:21,141 INFO L197 IcfgInterpreter]: Interpreting procedure setClientId with input of size 451 for LOIs [2022-11-20 20:30:21,488 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-20 20:30:49,069 WARN L233 SmtUtils]: Spent 9.12s on a formula simplification. DAG size of input: 573 DAG size of output: 309 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:31:09,997 WARN L233 SmtUtils]: Spent 20.66s on a formula simplification. DAG size of input: 575 DAG size of output: 442 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:31:11,109 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSifa [868215377] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 20:31:11,110 INFO L184 FreeRefinementEngine]: Found 1 perfect and 3 imperfect interpolant sequences. [2022-11-20 20:31:11,110 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [13] imperfect sequences [4, 4, 4] total 19 [2022-11-20 20:31:11,111 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1818765225] [2022-11-20 20:31:11,111 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 20:31:11,111 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2022-11-20 20:31:11,112 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-20 20:31:11,112 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2022-11-20 20:31:11,113 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=58, Invalid=284, Unknown=0, NotChecked=0, Total=342 [2022-11-20 20:31:11,113 INFO L87 Difference]: Start difference. First operand 91 states and 125 transitions. Second operand has 14 states, 10 states have (on average 2.5) internal successors, (25), 9 states have internal predecessors, (25), 4 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (8), 4 states have call predecessors, (8), 4 states have call successors, (8) [2022-11-20 20:31:15,204 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 20:31:15,204 INFO L93 Difference]: Finished difference Result 244 states and 379 transitions. [2022-11-20 20:31:15,205 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 14 states. [2022-11-20 20:31:15,205 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 10 states have (on average 2.5) internal successors, (25), 9 states have internal predecessors, (25), 4 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (8), 4 states have call predecessors, (8), 4 states have call successors, (8) Word has length 47 [2022-11-20 20:31:15,205 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 20:31:15,208 INFO L225 Difference]: With dead ends: 244 [2022-11-20 20:31:15,208 INFO L226 Difference]: Without dead ends: 165 [2022-11-20 20:31:15,210 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 143 GetRequests, 126 SyntacticMatches, 0 SemanticMatches, 17 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 84 ImplicationChecksByTransitivity, 49.6s TimeCoverageRelationStatistics Valid=58, Invalid=284, Unknown=0, NotChecked=0, Total=342 [2022-11-20 20:31:15,211 INFO L413 NwaCegarLoop]: 146 mSDtfsCounter, 100 mSDsluCounter, 1206 mSDsCounter, 0 mSdLazyCounter, 793 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 3.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 100 SdHoareTripleChecker+Valid, 1352 SdHoareTripleChecker+Invalid, 804 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.1s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 793 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 3.8s IncrementalHoareTripleChecker+Time [2022-11-20 20:31:15,212 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [100 Valid, 1352 Invalid, 804 Unknown, 0 Unchecked, 0.1s Time], IncrementalHoareTripleChecker [11 Valid, 793 Invalid, 0 Unknown, 0 Unchecked, 3.8s Time] [2022-11-20 20:31:15,213 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 165 states. [2022-11-20 20:31:15,295 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 165 to 112. [2022-11-20 20:31:15,295 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 112 states, 83 states have (on average 1.4457831325301205) internal successors, (120), 84 states have internal predecessors, (120), 19 states have call successors, (19), 9 states have call predecessors, (19), 9 states have return successors, (18), 18 states have call predecessors, (18), 18 states have call successors, (18) [2022-11-20 20:31:15,297 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 112 states to 112 states and 157 transitions. [2022-11-20 20:31:15,297 INFO L78 Accepts]: Start accepts. Automaton has 112 states and 157 transitions. Word has length 47 [2022-11-20 20:31:15,298 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 20:31:15,298 INFO L495 AbstractCegarLoop]: Abstraction has 112 states and 157 transitions. [2022-11-20 20:31:15,298 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 10 states have (on average 2.5) internal successors, (25), 9 states have internal predecessors, (25), 4 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (8), 4 states have call predecessors, (8), 4 states have call successors, (8) [2022-11-20 20:31:15,299 INFO L276 IsEmpty]: Start isEmpty. Operand 112 states and 157 transitions. [2022-11-20 20:31:15,300 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 49 [2022-11-20 20:31:15,300 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 20:31:15,301 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 20:31:15,310 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-20 20:31:15,507 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-20 20:31:15,508 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 20:31:15,508 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 20:31:15,508 INFO L85 PathProgramCache]: Analyzing trace with hash -394875217, now seen corresponding path program 1 times [2022-11-20 20:31:15,509 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-20 20:31:15,510 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [661336756] [2022-11-20 20:31:15,510 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 20:31:15,510 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 20:31:15,537 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 20:31:15,601 INFO L134 CoverageAnalysis]: Checked inductivity of 10 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-11-20 20:31:15,602 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-20 20:31:15,604 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [661336756] [2022-11-20 20:31:15,605 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [661336756] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 20:31:15,606 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 20:31:15,607 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-20 20:31:15,607 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [715799813] [2022-11-20 20:31:15,607 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 20:31:15,608 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-20 20:31:15,608 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-20 20:31:15,609 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-20 20:31:15,609 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-20 20:31:15,609 INFO L87 Difference]: Start difference. First operand 112 states and 157 transitions. Second operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) [2022-11-20 20:31:15,816 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 20:31:15,816 INFO L93 Difference]: Finished difference Result 260 states and 379 transitions. [2022-11-20 20:31:15,816 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-20 20:31:15,817 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) Word has length 48 [2022-11-20 20:31:15,817 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 20:31:15,818 INFO L225 Difference]: With dead ends: 260 [2022-11-20 20:31:15,818 INFO L226 Difference]: Without dead ends: 162 [2022-11-20 20:31:15,820 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-20 20:31:15,821 INFO L413 NwaCegarLoop]: 102 mSDtfsCounter, 46 mSDsluCounter, 98 mSDsCounter, 0 mSdLazyCounter, 44 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 47 SdHoareTripleChecker+Valid, 200 SdHoareTripleChecker+Invalid, 45 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 44 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-20 20:31:15,821 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [47 Valid, 200 Invalid, 45 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 44 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-20 20:31:15,822 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 162 states. [2022-11-20 20:31:15,940 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 162 to 157. [2022-11-20 20:31:15,941 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 157 states, 128 states have (on average 1.5234375) internal successors, (195), 129 states have internal predecessors, (195), 19 states have call successors, (19), 9 states have call predecessors, (19), 9 states have return successors, (18), 18 states have call predecessors, (18), 18 states have call successors, (18) [2022-11-20 20:31:15,943 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 157 states to 157 states and 232 transitions. [2022-11-20 20:31:15,943 INFO L78 Accepts]: Start accepts. Automaton has 157 states and 232 transitions. Word has length 48 [2022-11-20 20:31:15,943 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 20:31:15,944 INFO L495 AbstractCegarLoop]: Abstraction has 157 states and 232 transitions. [2022-11-20 20:31:15,944 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) [2022-11-20 20:31:15,944 INFO L276 IsEmpty]: Start isEmpty. Operand 157 states and 232 transitions. [2022-11-20 20:31:15,950 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2022-11-20 20:31:15,955 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 20:31:15,956 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 20:31:15,956 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-20 20:31:15,956 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 20:31:15,957 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 20:31:15,957 INFO L85 PathProgramCache]: Analyzing trace with hash 942691457, now seen corresponding path program 1 times [2022-11-20 20:31:15,957 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-20 20:31:15,957 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [516523293] [2022-11-20 20:31:15,957 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 20:31:15,958 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 20:31:15,979 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 20:31:16,062 INFO L134 CoverageAnalysis]: Checked inductivity of 10 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-11-20 20:31:16,062 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-20 20:31:16,062 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [516523293] [2022-11-20 20:31:16,063 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [516523293] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-20 20:31:16,063 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1740627636] [2022-11-20 20:31:16,063 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 20:31:16,063 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-20 20:31:16,063 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/bin/utaipan-6cKwYrpEi9/z3 [2022-11-20 20:31:16,065 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-20 20:31:16,087 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-20 20:31:16,295 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 20:31:16,298 INFO L263 TraceCheckSpWp]: Trace formula consists of 789 conjuncts, 3 conjunts are in the unsatisfiable core [2022-11-20 20:31:16,302 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-20 20:31:16,322 INFO L134 CoverageAnalysis]: Checked inductivity of 10 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-11-20 20:31:16,322 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-20 20:31:16,370 INFO L134 CoverageAnalysis]: Checked inductivity of 10 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-11-20 20:31:16,370 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1740627636] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-20 20:31:16,370 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1306199875] [2022-11-20 20:31:16,374 INFO L159 IcfgInterpreter]: Started Sifa with 42 locations of interest [2022-11-20 20:31:16,374 INFO L166 IcfgInterpreter]: Building call graph [2022-11-20 20:31:16,375 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-20 20:31:16,375 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-20 20:31:16,375 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-20 20:31:27,475 INFO L197 IcfgInterpreter]: Interpreting procedure setClientId with input of size 451 for LOIs [2022-11-20 20:31:27,799 INFO L197 IcfgInterpreter]: Interpreting procedure sendEmail with input of size 249 for LOIs [2022-11-20 20:31:29,467 INFO L197 IcfgInterpreter]: Interpreting procedure setEmailTo with input of size 239 for LOIs [2022-11-20 20:31:29,531 INFO L197 IcfgInterpreter]: Interpreting procedure outgoing with input of size 251 for LOIs [2022-11-20 20:31:39,849 INFO L197 IcfgInterpreter]: Interpreting procedure isReadable with input of size 446 for LOIs [2022-11-20 20:31:40,103 INFO L197 IcfgInterpreter]: Interpreting procedure getEmailTo with input of size 242 for LOIs [2022-11-20 20:31:40,144 INFO L197 IcfgInterpreter]: Interpreting procedure setEmailFrom with input of size 478 for LOIs [2022-11-20 20:31:43,439 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-20 20:32:20,858 WARN L233 SmtUtils]: Spent 19.70s on a formula simplification. DAG size of input: 584 DAG size of output: 453 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:32:40,717 WARN L233 SmtUtils]: Spent 19.57s on a formula simplification. DAG size of input: 586 DAG size of output: 456 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:32:48,082 WARN L233 SmtUtils]: Spent 7.12s on a formula simplification. DAG size of input: 558 DAG size of output: 370 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:32:55,432 WARN L233 SmtUtils]: Spent 7.09s on a formula simplification. DAG size of input: 556 DAG size of output: 368 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:33:13,598 WARN L233 SmtUtils]: Spent 13.81s on a formula simplification. DAG size of input: 478 DAG size of output: 365 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:33:42,704 WARN L233 SmtUtils]: Spent 7.61s on a formula simplification. DAG size of input: 506 DAG size of output: 391 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:33:52,044 WARN L233 SmtUtils]: Spent 8.84s on a formula simplification. DAG size of input: 570 DAG size of output: 434 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:34:02,077 WARN L233 SmtUtils]: Spent 9.49s on a formula simplification. DAG size of input: 592 DAG size of output: 456 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:34:14,947 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSifa [1306199875] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 20:34:14,947 INFO L184 FreeRefinementEngine]: Found 1 perfect and 3 imperfect interpolant sequences. [2022-11-20 20:34:14,948 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [38] imperfect sequences [4, 4, 4] total 44 [2022-11-20 20:34:14,948 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1220348612] [2022-11-20 20:34:14,948 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 20:34:14,949 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 39 states [2022-11-20 20:34:14,949 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-20 20:34:14,949 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 39 interpolants. [2022-11-20 20:34:14,950 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=118, Invalid=1774, Unknown=0, NotChecked=0, Total=1892 [2022-11-20 20:34:14,951 INFO L87 Difference]: Start difference. First operand 157 states and 232 transitions. Second operand has 39 states, 25 states have (on average 1.08) internal successors, (27), 23 states have internal predecessors, (27), 10 states have call successors, (10), 7 states have call predecessors, (10), 5 states have return successors, (8), 8 states have call predecessors, (8), 8 states have call successors, (8) [2022-11-20 20:34:25,611 WARN L233 SmtUtils]: Spent 9.30s on a formula simplification. DAG size of input: 568 DAG size of output: 427 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:34:35,021 WARN L233 SmtUtils]: Spent 9.02s on a formula simplification. DAG size of input: 570 DAG size of output: 317 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:34:46,960 WARN L233 SmtUtils]: Spent 11.56s on a formula simplification. DAG size of input: 578 DAG size of output: 345 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:34:58,763 WARN L233 SmtUtils]: Spent 11.33s on a formula simplification. DAG size of input: 576 DAG size of output: 343 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:35:08,481 WARN L233 SmtUtils]: Spent 9.36s on a formula simplification. DAG size of input: 584 DAG size of output: 310 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:35:19,323 WARN L233 SmtUtils]: Spent 10.46s on a formula simplification. DAG size of input: 514 DAG size of output: 446 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:35:32,732 WARN L233 SmtUtils]: Spent 12.79s on a formula simplification. DAG size of input: 521 DAG size of output: 448 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:35:44,462 WARN L233 SmtUtils]: Spent 11.35s on a formula simplification. DAG size of input: 580 DAG size of output: 447 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:35:58,402 WARN L233 SmtUtils]: Spent 8.24s on a formula simplification. DAG size of input: 614 DAG size of output: 403 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:36:07,159 WARN L233 SmtUtils]: Spent 8.25s on a formula simplification. DAG size of input: 614 DAG size of output: 403 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:36:09,379 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 20:36:09,379 INFO L93 Difference]: Finished difference Result 410 states and 646 transitions. [2022-11-20 20:36:09,380 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 43 states. [2022-11-20 20:36:09,380 INFO L78 Accepts]: Start accepts. Automaton has has 39 states, 25 states have (on average 1.08) internal successors, (27), 23 states have internal predecessors, (27), 10 states have call successors, (10), 7 states have call predecessors, (10), 5 states have return successors, (8), 8 states have call predecessors, (8), 8 states have call successors, (8) Word has length 49 [2022-11-20 20:36:09,381 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 20:36:09,382 INFO L225 Difference]: With dead ends: 410 [2022-11-20 20:36:09,383 INFO L226 Difference]: Without dead ends: 308 [2022-11-20 20:36:09,385 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 159 GetRequests, 107 SyntacticMatches, 0 SemanticMatches, 52 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 573 ImplicationChecksByTransitivity, 255.9s TimeCoverageRelationStatistics Valid=200, Invalid=2662, Unknown=0, NotChecked=0, Total=2862 [2022-11-20 20:36:09,386 INFO L413 NwaCegarLoop]: 112 mSDtfsCounter, 258 mSDsluCounter, 1937 mSDsCounter, 0 mSdLazyCounter, 2240 mSolverCounterSat, 30 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 8.9s Time, 0 mProtectedPredicate, 0 mProtectedAction, 260 SdHoareTripleChecker+Valid, 2049 SdHoareTripleChecker+Invalid, 2270 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.1s SdHoareTripleChecker+Time, 30 IncrementalHoareTripleChecker+Valid, 2240 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 9.5s IncrementalHoareTripleChecker+Time [2022-11-20 20:36:09,386 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [260 Valid, 2049 Invalid, 2270 Unknown, 0 Unchecked, 0.1s Time], IncrementalHoareTripleChecker [30 Valid, 2240 Invalid, 0 Unknown, 0 Unchecked, 9.5s Time] [2022-11-20 20:36:09,387 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 308 states. [2022-11-20 20:36:09,655 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 308 to 258. [2022-11-20 20:36:09,655 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 258 states, 217 states have (on average 1.5852534562211982) internal successors, (344), 219 states have internal predecessors, (344), 26 states have call successors, (26), 15 states have call predecessors, (26), 14 states have return successors, (26), 23 states have call predecessors, (26), 25 states have call successors, (26) [2022-11-20 20:36:09,657 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 258 states to 258 states and 396 transitions. [2022-11-20 20:36:09,657 INFO L78 Accepts]: Start accepts. Automaton has 258 states and 396 transitions. Word has length 49 [2022-11-20 20:36:09,657 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 20:36:09,658 INFO L495 AbstractCegarLoop]: Abstraction has 258 states and 396 transitions. [2022-11-20 20:36:09,658 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 39 states, 25 states have (on average 1.08) internal successors, (27), 23 states have internal predecessors, (27), 10 states have call successors, (10), 7 states have call predecessors, (10), 5 states have return successors, (8), 8 states have call predecessors, (8), 8 states have call successors, (8) [2022-11-20 20:36:09,658 INFO L276 IsEmpty]: Start isEmpty. Operand 258 states and 396 transitions. [2022-11-20 20:36:09,660 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2022-11-20 20:36:09,660 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 20:36:09,660 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 20:36:09,668 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-11-20 20:36:09,867 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-20 20:36:09,867 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 20:36:09,868 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 20:36:09,868 INFO L85 PathProgramCache]: Analyzing trace with hash 314475893, now seen corresponding path program 1 times [2022-11-20 20:36:09,868 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-20 20:36:09,868 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [904347191] [2022-11-20 20:36:09,868 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 20:36:09,868 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 20:36:09,896 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 20:36:10,029 INFO L134 CoverageAnalysis]: Checked inductivity of 15 backedges. 3 proven. 2 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2022-11-20 20:36:10,029 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-20 20:36:10,030 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [904347191] [2022-11-20 20:36:10,030 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [904347191] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-20 20:36:10,030 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [311368071] [2022-11-20 20:36:10,030 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 20:36:10,030 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-20 20:36:10,031 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/bin/utaipan-6cKwYrpEi9/z3 [2022-11-20 20:36:10,037 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-20 20:36:10,040 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2022-11-20 20:36:10,285 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 20:36:10,289 INFO L263 TraceCheckSpWp]: Trace formula consists of 795 conjuncts, 4 conjunts are in the unsatisfiable core [2022-11-20 20:36:10,292 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-20 20:36:10,336 INFO L134 CoverageAnalysis]: Checked inductivity of 15 backedges. 0 proven. 7 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-11-20 20:36:10,336 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-20 20:36:10,401 INFO L134 CoverageAnalysis]: Checked inductivity of 15 backedges. 0 proven. 7 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-11-20 20:36:10,401 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [311368071] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-20 20:36:10,402 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [306991926] [2022-11-20 20:36:10,405 INFO L159 IcfgInterpreter]: Started Sifa with 42 locations of interest [2022-11-20 20:36:10,405 INFO L166 IcfgInterpreter]: Building call graph [2022-11-20 20:36:10,405 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-20 20:36:10,406 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-20 20:36:10,406 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-20 20:36:27,294 INFO L197 IcfgInterpreter]: Interpreting procedure setClientId with input of size 451 for LOIs [2022-11-20 20:36:27,587 INFO L197 IcfgInterpreter]: Interpreting procedure sendEmail with input of size 466 for LOIs [2022-11-20 20:36:52,337 INFO L197 IcfgInterpreter]: Interpreting procedure setEmailTo with input of size 456 for LOIs [2022-11-20 20:36:52,635 INFO L197 IcfgInterpreter]: Interpreting procedure outgoing with input of size 464 for LOIs [2022-11-20 20:36:59,626 INFO L197 IcfgInterpreter]: Interpreting procedure isReadable with input of size 244 for LOIs [2022-11-20 20:36:59,656 INFO L197 IcfgInterpreter]: Interpreting procedure getEmailTo with input of size 241 for LOIs [2022-11-20 20:36:59,693 INFO L197 IcfgInterpreter]: Interpreting procedure setEmailFrom with input of size 455 for LOIs [2022-11-20 20:37:00,408 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-20 20:37:25,577 WARN L233 SmtUtils]: Spent 6.95s on a formula simplification. DAG size of input: 557 DAG size of output: 361 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:37:31,768 WARN L233 SmtUtils]: Spent 5.88s on a formula simplification. DAG size of input: 559 DAG size of output: 333 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:37:39,126 WARN L233 SmtUtils]: Spent 5.90s on a formula simplification. DAG size of input: 561 DAG size of output: 335 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:37:46,879 WARN L233 SmtUtils]: Spent 6.23s on a formula simplification. DAG size of input: 553 DAG size of output: 344 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:37:52,914 WARN L233 SmtUtils]: Spent 5.73s on a formula simplification. DAG size of input: 466 DAG size of output: 324 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:37:59,236 WARN L233 SmtUtils]: Spent 6.00s on a formula simplification. DAG size of input: 480 DAG size of output: 338 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:38:05,624 WARN L233 SmtUtils]: Spent 6.07s on a formula simplification. DAG size of input: 455 DAG size of output: 335 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:38:12,168 WARN L233 SmtUtils]: Spent 6.21s on a formula simplification. DAG size of input: 470 DAG size of output: 338 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:38:18,816 WARN L233 SmtUtils]: Spent 6.27s on a formula simplification. DAG size of input: 508 DAG size of output: 324 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:38:31,961 WARN L233 SmtUtils]: Spent 5.57s on a formula simplification. DAG size of input: 504 DAG size of output: 289 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:38:42,584 WARN L233 SmtUtils]: Spent 5.75s on a formula simplification. DAG size of input: 464 DAG size of output: 322 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:38:49,377 WARN L233 SmtUtils]: Spent 6.30s on a formula simplification. DAG size of input: 503 DAG size of output: 343 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:39:01,276 WARN L233 SmtUtils]: Spent 6.26s on a formula simplification. DAG size of input: 505 DAG size of output: 351 (called from [L 361] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-20 20:39:14,435 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSifa [306991926] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 20:39:14,435 INFO L184 FreeRefinementEngine]: Found 1 perfect and 3 imperfect interpolant sequences. [2022-11-20 20:39:14,435 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [38] imperfect sequences [6, 5, 5] total 47 [2022-11-20 20:39:14,436 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1668452296] [2022-11-20 20:39:14,436 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 20:39:14,436 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 39 states [2022-11-20 20:39:14,436 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-20 20:39:14,437 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 39 interpolants. [2022-11-20 20:39:14,437 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=135, Invalid=2027, Unknown=0, NotChecked=0, Total=2162 [2022-11-20 20:39:14,438 INFO L87 Difference]: Start difference. First operand 258 states and 396 transitions. Second operand has 39 states, 25 states have (on average 1.12) internal successors, (28), 23 states have internal predecessors, (28), 10 states have call successors, (10), 7 states have call predecessors, (10), 5 states have return successors, (8), 8 states have call predecessors, (8), 8 states have call successors, (8) [2022-11-20 20:39:58,129 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 20:39:58,129 INFO L93 Difference]: Finished difference Result 676 states and 1088 transitions. [2022-11-20 20:39:58,129 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 44 states. [2022-11-20 20:39:58,130 INFO L78 Accepts]: Start accepts. Automaton has has 39 states, 25 states have (on average 1.12) internal successors, (28), 23 states have internal predecessors, (28), 10 states have call successors, (10), 7 states have call predecessors, (10), 5 states have return successors, (8), 8 states have call predecessors, (8), 8 states have call successors, (8) Word has length 52 [2022-11-20 20:39:58,130 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 20:39:58,133 INFO L225 Difference]: With dead ends: 676 [2022-11-20 20:39:58,133 INFO L226 Difference]: Without dead ends: 440 [2022-11-20 20:39:58,134 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 170 GetRequests, 114 SyntacticMatches, 2 SemanticMatches, 54 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 502 ImplicationChecksByTransitivity, 165.3s TimeCoverageRelationStatistics Valid=209, Invalid=2871, Unknown=0, NotChecked=0, Total=3080 [2022-11-20 20:39:58,135 INFO L413 NwaCegarLoop]: 124 mSDtfsCounter, 218 mSDsluCounter, 2350 mSDsCounter, 0 mSdLazyCounter, 3115 mSolverCounterSat, 32 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 11.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 220 SdHoareTripleChecker+Valid, 2474 SdHoareTripleChecker+Invalid, 3147 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.1s SdHoareTripleChecker+Time, 32 IncrementalHoareTripleChecker+Valid, 3115 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 11.8s IncrementalHoareTripleChecker+Time [2022-11-20 20:39:58,136 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [220 Valid, 2474 Invalid, 3147 Unknown, 0 Unchecked, 0.1s Time], IncrementalHoareTripleChecker [32 Valid, 3115 Invalid, 0 Unknown, 0 Unchecked, 11.8s Time] [2022-11-20 20:39:58,137 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 440 states. [2022-11-20 20:39:58,411 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 440 to 263. [2022-11-20 20:39:58,411 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 263 states, 222 states have (on average 1.5765765765765767) internal successors, (350), 224 states have internal predecessors, (350), 26 states have call successors, (26), 15 states have call predecessors, (26), 14 states have return successors, (26), 23 states have call predecessors, (26), 25 states have call successors, (26) [2022-11-20 20:39:58,412 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 263 states to 263 states and 402 transitions. [2022-11-20 20:39:58,413 INFO L78 Accepts]: Start accepts. Automaton has 263 states and 402 transitions. Word has length 52 [2022-11-20 20:39:58,413 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 20:39:58,413 INFO L495 AbstractCegarLoop]: Abstraction has 263 states and 402 transitions. [2022-11-20 20:39:58,413 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 39 states, 25 states have (on average 1.12) internal successors, (28), 23 states have internal predecessors, (28), 10 states have call successors, (10), 7 states have call predecessors, (10), 5 states have return successors, (8), 8 states have call predecessors, (8), 8 states have call successors, (8) [2022-11-20 20:39:58,413 INFO L276 IsEmpty]: Start isEmpty. Operand 263 states and 402 transitions. [2022-11-20 20:39:58,415 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 58 [2022-11-20 20:39:58,415 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 20:39:58,415 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 20:39:58,424 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2022-11-20 20:39:58,622 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable5 [2022-11-20 20:39:58,622 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 20:39:58,623 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 20:39:58,623 INFO L85 PathProgramCache]: Analyzing trace with hash -1215413347, now seen corresponding path program 1 times [2022-11-20 20:39:58,623 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-20 20:39:58,623 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1612710842] [2022-11-20 20:39:58,623 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 20:39:58,623 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 20:39:58,650 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 20:39:58,747 INFO L134 CoverageAnalysis]: Checked inductivity of 18 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2022-11-20 20:39:58,747 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-20 20:39:58,748 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1612710842] [2022-11-20 20:39:58,748 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1612710842] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 20:39:58,748 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 20:39:58,748 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-20 20:39:58,748 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [711633133] [2022-11-20 20:39:58,748 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 20:39:58,749 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-20 20:39:58,749 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-20 20:39:58,750 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-20 20:39:58,750 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-20 20:39:58,750 INFO L87 Difference]: Start difference. First operand 263 states and 402 transitions. Second operand has 5 states, 4 states have (on average 7.5) internal successors, (30), 4 states have internal predecessors, (30), 1 states have call successors, (10), 1 states have call predecessors, (10), 2 states have return successors, (8), 2 states have call predecessors, (8), 1 states have call successors, (8) [2022-11-20 20:39:59,126 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 20:39:59,126 INFO L93 Difference]: Finished difference Result 277 states and 423 transitions. [2022-11-20 20:39:59,127 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-20 20:39:59,127 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 7.5) internal successors, (30), 4 states have internal predecessors, (30), 1 states have call successors, (10), 1 states have call predecessors, (10), 2 states have return successors, (8), 2 states have call predecessors, (8), 1 states have call successors, (8) Word has length 57 [2022-11-20 20:39:59,128 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 20:39:59,128 INFO L225 Difference]: With dead ends: 277 [2022-11-20 20:39:59,128 INFO L226 Difference]: Without dead ends: 0 [2022-11-20 20:39:59,129 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-20 20:39:59,130 INFO L413 NwaCegarLoop]: 114 mSDtfsCounter, 13 mSDsluCounter, 320 mSDsCounter, 0 mSdLazyCounter, 106 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 21 SdHoareTripleChecker+Valid, 434 SdHoareTripleChecker+Invalid, 106 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 106 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-20 20:39:59,130 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [21 Valid, 434 Invalid, 106 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 106 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-20 20:39:59,131 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-20 20:39:59,131 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-20 20:39:59,131 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-20 20:39:59,131 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-20 20:39:59,131 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 57 [2022-11-20 20:39:59,132 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 20:39:59,132 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-20 20:39:59,132 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 7.5) internal successors, (30), 4 states have internal predecessors, (30), 1 states have call successors, (10), 1 states have call predecessors, (10), 2 states have return successors, (8), 2 states have call predecessors, (8), 1 states have call successors, (8) [2022-11-20 20:39:59,132 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-20 20:39:59,132 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-20 20:39:59,135 INFO L805 garLoopResultBuilder]: Registering result SAFE for location outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-20 20:39:59,136 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-11-20 20:39:59,138 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-20 20:40:06,589 WARN L233 SmtUtils]: Spent 5.89s on a formula simplification. DAG size of input: 710 DAG size of output: 557 (called from [L 149] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.combineInter) [2022-11-20 20:40:12,751 WARN L233 SmtUtils]: Spent 6.15s on a formula simplification. DAG size of input: 711 DAG size of output: 538 (called from [L 149] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.combineInter) [2022-11-20 20:40:18,564 WARN L233 SmtUtils]: Spent 5.80s on a formula simplification. DAG size of input: 697 DAG size of output: 532 (called from [L 149] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.combineInter) [2022-11-20 20:40:25,587 WARN L233 SmtUtils]: Spent 6.19s on a formula simplification. DAG size of input: 704 DAG size of output: 550 (called from [L 149] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.combineInter) [2022-11-20 20:40:31,273 WARN L233 SmtUtils]: Spent 5.67s on a formula simplification. DAG size of input: 704 DAG size of output: 535 (called from [L 149] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.combineInter) [2022-11-20 20:40:38,829 WARN L233 SmtUtils]: Spent 6.25s on a formula simplification. DAG size of input: 624 DAG size of output: 548 (called from [L 149] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.combineInter) [2022-11-20 20:40:45,812 WARN L233 SmtUtils]: Spent 6.97s on a formula simplification. DAG size of input: 776 DAG size of output: 622 (called from [L 149] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.combineInter) [2022-11-20 20:40:54,601 WARN L233 SmtUtils]: Spent 5.01s on a formula simplification. DAG size of input: 665 DAG size of output: 512 (called from [L 149] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.combineInter) [2022-11-20 20:41:00,223 WARN L233 SmtUtils]: Spent 5.60s on a formula simplification. DAG size of input: 685 DAG size of output: 532 (called from [L 149] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.combineInter) [2022-11-20 20:41:10,848 WARN L233 SmtUtils]: Spent 7.04s on a formula simplification. DAG size of input: 756 DAG size of output: 602 (called from [L 149] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.combineInter) [2022-11-20 20:41:19,247 WARN L233 SmtUtils]: Spent 5.70s on a formula simplification. DAG size of input: 671 DAG size of output: 516 (called from [L 149] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.combineInter) [2022-11-20 20:41:24,875 WARN L233 SmtUtils]: Spent 5.62s on a formula simplification. DAG size of input: 685 DAG size of output: 530 (called from [L 149] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.combineInter) [2022-11-20 20:41:28,047 INFO L902 garLoopResultBuilder]: At program point L1662(line 1662) the Hoare annotation is: true [2022-11-20 20:41:28,047 INFO L902 garLoopResultBuilder]: At program point L1662-1(line 1662) the Hoare annotation is: true [2022-11-20 20:41:28,047 INFO L899 garLoopResultBuilder]: For program point L2521-1(line 2521) no Hoare annotation was computed. [2022-11-20 20:41:28,047 INFO L902 garLoopResultBuilder]: At program point L2521(line 2521) the Hoare annotation is: true [2022-11-20 20:41:28,053 INFO L895 garLoopResultBuilder]: At program point L1606(line 1606) the Hoare annotation is: (or (not (<= ~__ste_client_privateKey0~0 0)) (not (<= 1 |outgoing_#in~client#1|)) (not (<= 0 ~__ste_email_subject0~0.offset)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address1~0)) (not (<= 0 |old(~queued_message~0)|)) (not (<= ~__ste_email_isEncrypted1~0 0)) (not (<= 0 ~__ste_client_privateKey0~0)) (not (<= ~__ste_email_subject1~0.offset 0)) (not (<= 0 |old(~__ste_email_from0~0)|)) (not (<= ~__ste_email_signKey1~0 0)) (not (<= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 ~__ste_email_subject1~0.offset)) (not (<= 0 ~__ste_Client_AddressBook1_Address1~0)) (not (<= 0 ~head~0.base)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (<= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (<= 0 |#NULL.offset|)) (not (<= ~__ste_client_privateKey1~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (<= 0 ~__ste_client_forwardReceiver1~0)) (not (<= 0 ~__ste_client_privateKey1~0)) (not (= ~__ste_Client_counter~0 0)) (not (<= 0 ~__ste_email_id1~0)) (not (<= ~__ste_Client_AddressBook2_Address1~0 0)) (not (<= 3 ~chuck~0)) (not (<= |old(~queued_message~0)| 0)) (not (<= ~__ste_ClientAddressBook_size1~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (<= 0 ~__ste_Client_Keyring0_User0~0)) (not (<= 0 ~__ste_email_body1~0.offset)) (not (<= |old(~queued_client~0)| 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (<= 0 ~__ste_email_encryptionKey0~0)) (not (<= 0 ~__ste_Client_Keyring1_User2~0)) (not (<= ~__ste_ClientKeyring_size0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AddressBook~0)) (not (<= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address0~0)) (not (<= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (<= 0 ~__GUIDSL_ROOT_PRODUCTION~0)) (not (<= ~head~0.base 0)) (and (= |outgoing_getClientId_#in~handle#1| |outgoing_~client#1|) (= ~queued_message~0 |old(~queued_message~0)|) (= ~__ste_email_to0~0 |old(~__ste_email_to0~0)|) (= ~__ste_email_to1~0 |old(~__ste_email_to1~0)|) (= |outgoing_#in~msg#1| |outgoing_~msg#1|) (= |old(~__ste_email_from0~0)| ~__ste_email_from0~0) (= |old(~__ste_email_from1~0)| ~__ste_email_from1~0) (<= |outgoing_~tmp~3#1| 2147483647) (= |old(~queue_empty~0)| ~queue_empty~0) (= |outgoing_getClientId_~retValue_acc~28#1| ~__ste_client_idCounter0~0) (= ~queued_client~0 |old(~queued_client~0)|) (= |outgoing_getClientId_#in~handle#1| |outgoing_getClientId_~handle#1|) (= |outgoing_~client#1| |outgoing_#in~client#1|) (= |outgoing_getClientId_~retValue_acc~28#1| |outgoing_getClientId_#res#1|) (= |outgoing_~tmp~3#1| |outgoing_getClientId_#res#1|) (<= 0 (+ |outgoing_~tmp~3#1| 2147483648))) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (<= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias0~0)) (not (<= 2 ~rjh~0)) (not (<= |outgoing_#in~msg#1| 1)) (not (<= ~bob~0 1)) (not (<= 0 ~__ste_ClientKeyring_size1~0)) (not (<= ~__ste_Client_AddressBook2_Address0~0 0)) (not (<= |outgoing_#in~client#1| 1)) (not (<= 0 ~__SELECTED_FEATURE_AutoResponder~0)) (not (<= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~rjh~0 2)) (not (<= 0 ~__ste_Client_AddressBook0_Alias2~0)) (not (<= 0 ~__ste_email_isSignatureVerified0~0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey0~0)) (not (<= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (<= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= ~__ste_email_body1~0.base 0)) (not (<= 0 ~__SELECTED_FEATURE_Decrypt~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body0~0.offset 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey2~0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey2~0)) (not (<= 0 ~__GUIDSL_NON_TERMINAL_main~0)) (not (<= ~__ste_client_name2~0.offset 0)) (not (<= 1 ~bob~0)) (not (= ~head~0.offset 0)) (not (<= ~__ste_email_subject0~0.base 0)) (not (<= 0 ~__ste_Client_Keyring2_User1~0)) (not (<= 0 ~__ste_client_name2~0.offset)) (not (<= ~__ste_client_forwardReceiver3~0 0)) (not (<= |old(~__ste_email_to0~0)| 2)) (not (<= 1 |outgoing_#in~msg#1|)) (not (<= 0 ~__ste_email_isSignatureVerified1~0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (<= 0 ~__ste_email_signKey1~0)) (not (<= 0 ~__ste_client_outbuffer1~0)) (not (<= 0 ~__ste_ClientAddressBook_size1~0)) (not (<= 0 ~__ste_client_name0~0.base)) (not (<= 0 |old(~queued_client~0)|)) (not (<= 0 ~__ste_Client_AddressBook1_Alias0~0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (<= ~__ste_client_outbuffer0~0 0)) (not (<= ~__ste_client_name0~0.offset 0)) (not (<= ~__ste_email_id1~0 0)) (not (<= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (<= ~__ste_client_privateKey2~0 0)) (not (<= 0 ~__ste_email_isSigned0~0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (<= 0 ~__ste_client_privateKey2~0)) (not (<= ~__ste_ClientKeyring_size1~0 0)) (not (<= ~__ste_client_name0~0.base 0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (<= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (<= |#NULL.offset| 0)) (not (<= ~__ste_Client_AddressBook0_Address1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver2~0)) (not (<= ~__ste_email_subject0~0.offset 0)) (not (<= 0 ~__ste_Email_counter~0)) (not (<= 0 ~__SELECTED_FEATURE_Encrypt~0)) (not (<= ~__ste_Client_Keyring1_User0~0 0)) (not (<= 0 ~__ste_email_isEncrypted1~0)) (not (= |#NULL.base| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (<= 0 ~__ste_ClientKeyring_size0~0)) (not (<= ~__ste_Client_AddressBook0_Address2~0 0)) (not (<= ~chuck~0 3)) (not (<= 0 ~__SELECTED_FEATURE_Verify~0)) (not (<= ~__ste_Client_Keyring2_User1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver3~0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias1~0)) (not (<= ~__ste_Client_Keyring2_User2~0 0)) (not (<= 0 ~__ste_email_isSigned1~0)) (not (<= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (<= 0 ~__ste_Client_AddressBook1_Alias2~0)) (not (<= ~__ste_email_isSigned1~0 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (not (<= ~__ste_client_forwardReceiver2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_User2~0)) (not (<= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey0~0)) (not (<= 0 ~__ste_client_name1~0.base)) (not (<= |old(~queue_empty~0)| 1)) (not (<= ~__ste_Client_AddressBook0_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Alias1~0)) (not (<= 2 |old(~__ste_email_to0~0)|)) (not (<= 0 ~__ste_email_id0~0)) (not (<= 0 |#StackHeapBarrier|)) (not (<= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey0~0)) (not (<= 0 ~__ste_ClientAddressBook_size0~0)) (not (<= 1 |old(~queue_empty~0)|)) (not (<= 0 ~__SELECTED_FEATURE_Keys~0)) (not (<= |old(~__ste_email_from0~0)| 0)) (not (<= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (<= ~__ste_client_forwardReceiver1~0 0)) (not (<= ~__ste_email_body1~0.offset 0)) (not (<= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (<= ~__ste_email_isEncrypted0~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (<= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_User0~0)) (not (<= 0 ~__ste_client_name0~0.offset)) (not (<= 0 ~__ste_client_outbuffer0~0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (<= ~__ste_email_encryptionKey0~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (<= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (<= ~__ste_client_name1~0.base 0)) (not (<= ~__ste_email_isSignatureVerified1~0 0)) (not (<= ~__ste_Email_counter~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (<= 0 ~__ste_email_signKey0~0)) (not (<= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (<= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (<= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey2~0)) (not (<= ~__ste_email_isSigned0~0 0)) (not (<= ~__ste_email_id0~0 0)) (not (<= ~__ste_email_signKey0~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (<= 0 ~__ste_email_isEncrypted0~0)) (not (<= 0 ~__ste_email_subject0~0.base))) [2022-11-20 20:41:28,053 INFO L899 garLoopResultBuilder]: For program point L1606-1(line 1606) no Hoare annotation was computed. [2022-11-20 20:41:28,053 INFO L899 garLoopResultBuilder]: For program point L1640(lines 1640 1646) no Hoare annotation was computed. [2022-11-20 20:41:28,059 INFO L895 garLoopResultBuilder]: At program point L2342(line 2342) the Hoare annotation is: (or (not (<= ~__ste_client_privateKey0~0 0)) (not (<= 1 |outgoing_#in~client#1|)) (not (<= 0 ~__ste_email_subject0~0.offset)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address1~0)) (not (<= 0 |old(~queued_message~0)|)) (not (<= ~__ste_email_isEncrypted1~0 0)) (not (<= 0 ~__ste_client_privateKey0~0)) (not (<= ~__ste_email_subject1~0.offset 0)) (not (<= 0 |old(~__ste_email_from0~0)|)) (not (<= ~__ste_email_signKey1~0 0)) (not (<= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 ~__ste_email_subject1~0.offset)) (not (<= 0 ~__ste_Client_AddressBook1_Address1~0)) (not (<= 0 ~head~0.base)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (<= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (<= 0 |#NULL.offset|)) (not (<= ~__ste_client_privateKey1~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (<= 0 ~__ste_client_forwardReceiver1~0)) (not (<= 0 ~__ste_client_privateKey1~0)) (not (= ~__ste_Client_counter~0 0)) (not (<= 0 ~__ste_email_id1~0)) (not (<= ~__ste_Client_AddressBook2_Address1~0 0)) (not (<= 3 ~chuck~0)) (not (<= |old(~queued_message~0)| 0)) (not (<= ~__ste_ClientAddressBook_size1~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (<= 0 ~__ste_Client_Keyring0_User0~0)) (not (<= 0 ~__ste_email_body1~0.offset)) (not (<= |old(~queued_client~0)| 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (<= 0 ~__ste_email_encryptionKey0~0)) (not (<= 0 ~__ste_Client_Keyring1_User2~0)) (not (<= ~__ste_ClientKeyring_size0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AddressBook~0)) (not (<= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address0~0)) (not (<= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (<= 0 ~__GUIDSL_ROOT_PRODUCTION~0)) (not (<= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (<= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias0~0)) (not (<= 2 ~rjh~0)) (not (<= |outgoing_#in~msg#1| 1)) (not (<= ~bob~0 1)) (not (<= 0 ~__ste_ClientKeyring_size1~0)) (not (<= ~__ste_Client_AddressBook2_Address0~0 0)) (not (<= |outgoing_#in~client#1| 1)) (not (<= 0 ~__SELECTED_FEATURE_AutoResponder~0)) (not (<= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~rjh~0 2)) (not (<= 0 ~__ste_Client_AddressBook0_Alias2~0)) (not (<= 0 ~__ste_email_isSignatureVerified0~0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey0~0)) (not (<= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (<= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= ~__ste_email_body1~0.base 0)) (not (<= 0 ~__SELECTED_FEATURE_Decrypt~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body0~0.offset 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey2~0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey2~0)) (not (<= 0 ~__GUIDSL_NON_TERMINAL_main~0)) (not (<= ~__ste_client_name2~0.offset 0)) (not (<= 1 ~bob~0)) (not (= ~head~0.offset 0)) (not (<= ~__ste_email_subject0~0.base 0)) (not (<= 0 ~__ste_Client_Keyring2_User1~0)) (not (<= 0 ~__ste_client_name2~0.offset)) (not (<= ~__ste_client_forwardReceiver3~0 0)) (not (<= |old(~__ste_email_to0~0)| 2)) (not (<= 1 |outgoing_#in~msg#1|)) (not (<= 0 ~__ste_email_isSignatureVerified1~0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (<= 0 ~__ste_email_signKey1~0)) (not (<= 0 ~__ste_client_outbuffer1~0)) (not (<= 0 ~__ste_ClientAddressBook_size1~0)) (not (<= 0 ~__ste_client_name0~0.base)) (not (<= 0 |old(~queued_client~0)|)) (not (<= 0 ~__ste_Client_AddressBook1_Alias0~0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (<= ~__ste_client_outbuffer0~0 0)) (not (<= ~__ste_client_name0~0.offset 0)) (not (<= ~__ste_email_id1~0 0)) (not (<= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (<= ~__ste_client_privateKey2~0 0)) (not (<= 0 ~__ste_email_isSigned0~0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (<= 0 ~__ste_client_privateKey2~0)) (not (<= ~__ste_ClientKeyring_size1~0 0)) (not (<= ~__ste_client_name0~0.base 0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (<= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (<= |#NULL.offset| 0)) (not (<= ~__ste_Client_AddressBook0_Address1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver2~0)) (not (<= ~__ste_email_subject0~0.offset 0)) (not (<= 0 ~__ste_Email_counter~0)) (not (<= 0 ~__SELECTED_FEATURE_Encrypt~0)) (not (<= ~__ste_Client_Keyring1_User0~0 0)) (not (<= 0 ~__ste_email_isEncrypted1~0)) (not (= |#NULL.base| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (<= 0 ~__ste_ClientKeyring_size0~0)) (not (<= ~__ste_Client_AddressBook0_Address2~0 0)) (not (<= ~chuck~0 3)) (and (<= 2 |outgoing_mail_~tmp~2#1|) (= |outgoing_incoming__wrappee__AutoResponder_#in~client#1| |outgoing_incoming_~client#1|) (= |outgoing_incoming__wrappee__Base_#in~client#1| |outgoing_incoming__wrappee__Base_~client#1|) (<= 1 |outgoing_mail_#in~client#1|) (<= |outgoing_mail_#in~msg#1| 1) (<= 0 (+ 2147483648 |outgoing_getClientId_#res#1|)) (= |outgoing_getClientAutoResponse_#in~handle#1| |outgoing_incoming__wrappee__AutoResponder_~client#1|) (= |outgoing_getClientAutoResponse_#in~handle#1| |outgoing_getClientAutoResponse_~handle#1|) (<= 1 |outgoing_mail_~msg#1|) (= |outgoing_deliver_#in~client#1| |outgoing_incoming__wrappee__Base_~client#1|) (= |outgoing_autoRespond_~__utac__ad__arg1~0#1| |outgoing___utac_acc__DecryptAutoResponder_spec__1_#in~client#1|) (= |outgoing_incoming_~msg#1| |outgoing_incoming_#in~msg#1|) (= |outgoing_incoming_~client#1| |outgoing_incoming_#in~client#1|) (= |outgoing_incoming_#in~client#1| |outgoing_mail_~tmp~2#1|) (= |outgoing___utac_acc__DecryptAutoResponder_spec__1_#in~client#1| |outgoing___utac_acc__DecryptAutoResponder_spec__1_~client#1|) (<= ~queued_message~0 0) (= |outgoing_incoming__wrappee__AutoResponder_#in~msg#1| |outgoing_incoming__wrappee__AutoResponder_~msg#1|) (<= ~__ste_email_from0~0 2147483647) (= |outgoing___utac_acc__DecryptAutoResponder_spec__1_#in~msg#1| |outgoing_autoRespond_~__utac__ad__arg2~0#1|) (= |outgoing_deliver_~client#1| |outgoing_deliver_#in~client#1|) (<= 1 |outgoing_~client#1|) (<= 0 (+ ~__ste_email_from0~0 2147483648)) (= |outgoing_incoming__wrappee__Base_~msg#1| |outgoing_deliver_#in~msg#1|) (<= |outgoing_getClientId_#res#1| 2147483647) (= |outgoing_incoming__wrappee__AutoResponder_~client#1| |outgoing_autoRespond_#in~client#1|) (= |outgoing_incoming__wrappee__AutoResponder_~client#1| |outgoing_incoming__wrappee__AutoResponder_#in~client#1|) (= |outgoing_incoming__wrappee__Base_#in~msg#1| |outgoing_incoming__wrappee__Base_~msg#1|) (<= ~queue_empty~0 1) (<= 1 |outgoing_getClientId_~handle#1|) (= |outgoing_getClientAutoResponse_#res#1| |outgoing_incoming__wrappee__AutoResponder_~tmp~4#1|) (= |outgoing_getClientAutoResponse_#res#1| |outgoing_getClientAutoResponse_~retValue_acc~20#1|) (<= 1 |outgoing_mail_#in~msg#1|) (= |outgoing_mail_~msg#1| |outgoing_incoming_#in~msg#1|) (<= ~__ste_client_idCounter0~0 2147483647) (= |outgoing_deliver_~msg#1| |outgoing_deliver_#in~msg#1|) (<= 1 ~queue_empty~0) (<= 0 (+ |outgoing_getClientId_~retValue_acc~28#1| 2147483648)) (<= 0 ~queued_message~0) (<= |outgoing_mail_~tmp~2#1| 2) (<= |outgoing_getClientId_#in~handle#1| 1) (= |outgoing_autoRespond_~__utac__ad__arg1~0#1| |outgoing_autoRespond_~client#1|) (<= |outgoing_~tmp~3#1| 2147483647) (<= 1 |outgoing_~msg#1|) (= |outgoing_autoRespond_~msg#1| |outgoing_autoRespond_~__utac__ad__arg2~0#1|) (<= |outgoing_mail_~client#1| 1) (<= 0 ~queued_client~0) (= |outgoing_incoming__wrappee__Base_#in~msg#1| |outgoing_incoming__wrappee__AutoResponder_~msg#1|) (= |outgoing___utac_acc__DecryptAutoResponder_spec__1_#in~msg#1| |outgoing___utac_acc__DecryptAutoResponder_spec__1_~msg#1|) (<= |outgoing_mail_~msg#1| 1) (= |outgoing_incoming_~msg#1| |outgoing_incoming__wrappee__AutoResponder_#in~msg#1|) (<= |outgoing_mail_#in~client#1| 1) (= |outgoing_autoRespond_#in~client#1| |outgoing_autoRespond_~client#1|) (not (= |outgoing_incoming__wrappee__AutoResponder_~tmp~4#1| 0)) (= |outgoing_incoming__wrappee__AutoResponder_~client#1| |outgoing_incoming__wrappee__Base_#in~client#1|) (= |outgoing_autoRespond_#in~msg#1| |outgoing_incoming__wrappee__AutoResponder_~msg#1|) (<= |outgoing_~msg#1| 1) (= |outgoing_getClientAutoResponse_~retValue_acc~20#1| ~__ste_client_autoResponse1~0) (<= |outgoing_getClientId_~retValue_acc~28#1| 2147483647) (<= 1 |outgoing_getClientId_#in~handle#1|) (<= |outgoing_getClientId_~handle#1| 1) (<= |outgoing_~client#1| 1) (<= |outgoing_getClientAutoResponse_#res#1| 2147483647) (<= 0 (+ ~__ste_client_idCounter0~0 2147483648)) (<= 2 ~__ste_email_to0~0) (= |outgoing_autoRespond_#in~msg#1| |outgoing_autoRespond_~msg#1|) (<= ~__ste_email_to0~0 2) (<= 1 |outgoing_mail_~client#1|) (<= 0 (+ |outgoing_~tmp~3#1| 2147483648)) (<= ~queued_client~0 0)) (not (<= 0 ~__SELECTED_FEATURE_Verify~0)) (not (<= ~__ste_Client_Keyring2_User1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver3~0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias1~0)) (not (<= ~__ste_Client_Keyring2_User2~0 0)) (not (<= 0 ~__ste_email_isSigned1~0)) (not (<= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (<= 0 ~__ste_Client_AddressBook1_Alias2~0)) (not (<= ~__ste_email_isSigned1~0 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (not (<= ~__ste_client_forwardReceiver2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_User2~0)) (not (<= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey0~0)) (not (<= 0 ~__ste_client_name1~0.base)) (not (<= |old(~queue_empty~0)| 1)) (not (<= ~__ste_Client_AddressBook0_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Alias1~0)) (not (<= 2 |old(~__ste_email_to0~0)|)) (not (<= 0 ~__ste_email_id0~0)) (not (<= 0 |#StackHeapBarrier|)) (not (<= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey0~0)) (not (<= 0 ~__ste_ClientAddressBook_size0~0)) (not (<= 1 |old(~queue_empty~0)|)) (not (<= 0 ~__SELECTED_FEATURE_Keys~0)) (not (<= |old(~__ste_email_from0~0)| 0)) (not (<= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (<= ~__ste_client_forwardReceiver1~0 0)) (not (<= ~__ste_email_body1~0.offset 0)) (not (<= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (<= ~__ste_email_isEncrypted0~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (<= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_User0~0)) (not (<= 0 ~__ste_client_name0~0.offset)) (not (<= 0 ~__ste_client_outbuffer0~0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (<= ~__ste_email_encryptionKey0~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (<= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (<= ~__ste_client_name1~0.base 0)) (not (<= ~__ste_email_isSignatureVerified1~0 0)) (not (<= ~__ste_Email_counter~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (<= 0 ~__ste_email_signKey0~0)) (not (<= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (<= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (<= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey2~0)) (not (<= ~__ste_email_isSigned0~0 0)) (not (<= ~__ste_email_id0~0 0)) (not (<= ~__ste_email_signKey0~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (<= 0 ~__ste_email_isEncrypted0~0)) (not (<= 0 ~__ste_email_subject0~0.base))) [2022-11-20 20:41:28,067 INFO L895 garLoopResultBuilder]: At program point L1640-2(lines 1632 1649) the Hoare annotation is: (or (not (<= ~__ste_client_privateKey0~0 0)) (not (<= 1 |outgoing_#in~client#1|)) (not (<= 0 ~__ste_email_subject0~0.offset)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address1~0)) (not (<= 0 |old(~queued_message~0)|)) (not (<= ~__ste_email_isEncrypted1~0 0)) (not (<= 0 ~__ste_client_privateKey0~0)) (not (<= ~__ste_email_subject1~0.offset 0)) (not (<= 0 |old(~__ste_email_from0~0)|)) (not (<= ~__ste_email_signKey1~0 0)) (not (<= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 ~__ste_email_subject1~0.offset)) (not (<= 0 ~__ste_Client_AddressBook1_Address1~0)) (not (<= 0 ~head~0.base)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (<= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (<= 0 |#NULL.offset|)) (not (<= ~__ste_client_privateKey1~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (<= 0 ~__ste_client_forwardReceiver1~0)) (not (<= 0 ~__ste_client_privateKey1~0)) (not (= ~__ste_Client_counter~0 0)) (not (<= 0 ~__ste_email_id1~0)) (not (<= ~__ste_Client_AddressBook2_Address1~0 0)) (not (<= 3 ~chuck~0)) (not (<= |old(~queued_message~0)| 0)) (not (<= ~__ste_ClientAddressBook_size1~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (<= 0 ~__ste_Client_Keyring0_User0~0)) (not (<= 0 ~__ste_email_body1~0.offset)) (not (<= |old(~queued_client~0)| 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (<= 0 ~__ste_email_encryptionKey0~0)) (not (<= 0 ~__ste_Client_Keyring1_User2~0)) (not (<= ~__ste_ClientKeyring_size0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AddressBook~0)) (not (<= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address0~0)) (not (<= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (<= 0 ~__GUIDSL_ROOT_PRODUCTION~0)) (not (<= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (<= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias0~0)) (not (<= 2 ~rjh~0)) (not (<= |outgoing_#in~msg#1| 1)) (not (<= ~bob~0 1)) (not (<= 0 ~__ste_ClientKeyring_size1~0)) (not (<= ~__ste_Client_AddressBook2_Address0~0 0)) (not (<= |outgoing_#in~client#1| 1)) (not (<= 0 ~__SELECTED_FEATURE_AutoResponder~0)) (not (<= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~rjh~0 2)) (not (<= 0 ~__ste_Client_AddressBook0_Alias2~0)) (not (<= 0 ~__ste_email_isSignatureVerified0~0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey0~0)) (not (<= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (<= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= ~__ste_email_body1~0.base 0)) (not (<= 0 ~__SELECTED_FEATURE_Decrypt~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body0~0.offset 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey2~0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey2~0)) (not (<= 0 ~__GUIDSL_NON_TERMINAL_main~0)) (not (<= ~__ste_client_name2~0.offset 0)) (not (<= 1 ~bob~0)) (not (= ~head~0.offset 0)) (not (<= ~__ste_email_subject0~0.base 0)) (not (<= 0 ~__ste_Client_Keyring2_User1~0)) (not (<= 0 ~__ste_client_name2~0.offset)) (not (<= ~__ste_client_forwardReceiver3~0 0)) (not (<= |old(~__ste_email_to0~0)| 2)) (not (<= 1 |outgoing_#in~msg#1|)) (not (<= 0 ~__ste_email_isSignatureVerified1~0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (<= 0 ~__ste_email_signKey1~0)) (not (<= 0 ~__ste_client_outbuffer1~0)) (not (<= 0 ~__ste_ClientAddressBook_size1~0)) (not (<= 0 ~__ste_client_name0~0.base)) (not (<= 0 |old(~queued_client~0)|)) (not (<= 0 ~__ste_Client_AddressBook1_Alias0~0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (<= ~__ste_client_outbuffer0~0 0)) (not (<= ~__ste_client_name0~0.offset 0)) (not (<= ~__ste_email_id1~0 0)) (not (<= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (<= ~__ste_client_privateKey2~0 0)) (not (<= 0 ~__ste_email_isSigned0~0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (<= 0 ~__ste_client_privateKey2~0)) (not (<= ~__ste_ClientKeyring_size1~0 0)) (not (<= ~__ste_client_name0~0.base 0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (<= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (<= |#NULL.offset| 0)) (not (<= ~__ste_Client_AddressBook0_Address1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver2~0)) (not (<= ~__ste_email_subject0~0.offset 0)) (not (<= 0 ~__ste_Email_counter~0)) (not (<= 0 ~__SELECTED_FEATURE_Encrypt~0)) (not (<= ~__ste_Client_Keyring1_User0~0 0)) (and (<= 2 |outgoing_mail_~tmp~2#1|) (= |outgoing_incoming__wrappee__AutoResponder_#in~client#1| |outgoing_incoming_~client#1|) (= |outgoing_incoming__wrappee__Base_#in~client#1| |outgoing_incoming__wrappee__Base_~client#1|) (<= 1 |outgoing_mail_#in~client#1|) (<= |outgoing_mail_#in~msg#1| 1) (<= 0 (+ 2147483648 |outgoing_getClientId_#res#1|)) (= |outgoing_getClientAutoResponse_#in~handle#1| |outgoing_incoming__wrappee__AutoResponder_~client#1|) (= |outgoing_getClientAutoResponse_#in~handle#1| |outgoing_getClientAutoResponse_~handle#1|) (<= 1 |outgoing_mail_~msg#1|) (= |outgoing_deliver_#in~client#1| |outgoing_incoming__wrappee__Base_~client#1|) (= |outgoing_incoming_~msg#1| |outgoing_incoming_#in~msg#1|) (= |outgoing_incoming_~client#1| |outgoing_incoming_#in~client#1|) (= |outgoing_incoming_#in~client#1| |outgoing_mail_~tmp~2#1|) (<= ~queued_message~0 0) (= |outgoing_incoming__wrappee__AutoResponder_#in~msg#1| |outgoing_incoming__wrappee__AutoResponder_~msg#1|) (<= ~__ste_email_from0~0 2147483647) (= |outgoing_deliver_~client#1| |outgoing_deliver_#in~client#1|) (<= 1 |outgoing_~client#1|) (<= 0 (+ ~__ste_email_from0~0 2147483648)) (= |outgoing_incoming__wrappee__Base_~msg#1| |outgoing_deliver_#in~msg#1|) (<= |outgoing_getClientId_#res#1| 2147483647) (= |outgoing_incoming__wrappee__AutoResponder_~client#1| |outgoing_incoming__wrappee__AutoResponder_#in~client#1|) (= |outgoing_incoming__wrappee__Base_#in~msg#1| |outgoing_incoming__wrappee__Base_~msg#1|) (<= ~queue_empty~0 1) (<= 1 |outgoing_getClientId_~handle#1|) (= |outgoing_getClientAutoResponse_#res#1| |outgoing_incoming__wrappee__AutoResponder_~tmp~4#1|) (= |outgoing_getClientAutoResponse_#res#1| |outgoing_getClientAutoResponse_~retValue_acc~20#1|) (<= 1 |outgoing_mail_#in~msg#1|) (= |outgoing_mail_~msg#1| |outgoing_incoming_#in~msg#1|) (<= ~__ste_client_idCounter0~0 2147483647) (= |outgoing_deliver_~msg#1| |outgoing_deliver_#in~msg#1|) (<= 1 ~queue_empty~0) (<= 0 (+ |outgoing_getClientId_~retValue_acc~28#1| 2147483648)) (<= 0 ~queued_message~0) (<= |outgoing_mail_~tmp~2#1| 2) (<= |outgoing_getClientId_#in~handle#1| 1) (<= |outgoing_~tmp~3#1| 2147483647) (<= 1 |outgoing_~msg#1|) (<= |outgoing_mail_~client#1| 1) (<= 0 ~queued_client~0) (= |outgoing_incoming__wrappee__Base_#in~msg#1| |outgoing_incoming__wrappee__AutoResponder_~msg#1|) (<= |outgoing_mail_~msg#1| 1) (= |outgoing_incoming_~msg#1| |outgoing_incoming__wrappee__AutoResponder_#in~msg#1|) (<= |outgoing_mail_#in~client#1| 1) (= |outgoing_incoming__wrappee__AutoResponder_~client#1| |outgoing_incoming__wrappee__Base_#in~client#1|) (<= |outgoing_~msg#1| 1) (= |outgoing_getClientAutoResponse_~retValue_acc~20#1| ~__ste_client_autoResponse1~0) (<= |outgoing_getClientId_~retValue_acc~28#1| 2147483647) (<= 1 |outgoing_getClientId_#in~handle#1|) (<= |outgoing_getClientId_~handle#1| 1) (<= |outgoing_~client#1| 1) (<= |outgoing_getClientAutoResponse_#res#1| 2147483647) (<= 0 (+ ~__ste_client_idCounter0~0 2147483648)) (<= 2 ~__ste_email_to0~0) (<= ~__ste_email_to0~0 2) (<= 1 |outgoing_mail_~client#1|) (<= 0 (+ |outgoing_~tmp~3#1| 2147483648)) (<= ~queued_client~0 0)) (not (<= 0 ~__ste_email_isEncrypted1~0)) (not (= |#NULL.base| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (<= 0 ~__ste_ClientKeyring_size0~0)) (not (<= ~__ste_Client_AddressBook0_Address2~0 0)) (not (<= ~chuck~0 3)) (not (<= 0 ~__SELECTED_FEATURE_Verify~0)) (not (<= ~__ste_Client_Keyring2_User1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver3~0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias1~0)) (not (<= ~__ste_Client_Keyring2_User2~0 0)) (not (<= 0 ~__ste_email_isSigned1~0)) (not (<= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (<= 0 ~__ste_Client_AddressBook1_Alias2~0)) (not (<= ~__ste_email_isSigned1~0 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (= 1 |outgoing___utac_acc__DecryptAutoResponder_spec__1_~tmp~13#1|) (not (<= ~__ste_client_forwardReceiver2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_User2~0)) (not (<= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey0~0)) (not (<= 0 ~__ste_client_name1~0.base)) (not (<= |old(~queue_empty~0)| 1)) (not (<= ~__ste_Client_AddressBook0_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Alias1~0)) (not (<= 2 |old(~__ste_email_to0~0)|)) (not (<= 0 ~__ste_email_id0~0)) (not (<= 0 |#StackHeapBarrier|)) (not (<= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey0~0)) (not (<= 0 ~__ste_ClientAddressBook_size0~0)) (not (<= 1 |old(~queue_empty~0)|)) (not (<= 0 ~__SELECTED_FEATURE_Keys~0)) (not (<= |old(~__ste_email_from0~0)| 0)) (not (<= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (<= ~__ste_client_forwardReceiver1~0 0)) (not (<= ~__ste_email_body1~0.offset 0)) (not (<= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (<= ~__ste_email_isEncrypted0~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (<= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_User0~0)) (not (<= 0 ~__ste_client_name0~0.offset)) (not (<= 0 ~__ste_client_outbuffer0~0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (<= ~__ste_email_encryptionKey0~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (<= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (<= ~__ste_client_name1~0.base 0)) (not (<= ~__ste_email_isSignatureVerified1~0 0)) (not (<= ~__ste_Email_counter~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (<= 0 ~__ste_email_signKey0~0)) (not (<= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (<= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (<= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey2~0)) (not (<= ~__ste_email_isSigned0~0 0)) (not (<= ~__ste_email_id0~0 0)) (not (<= ~__ste_email_signKey0~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (<= 0 ~__ste_email_isEncrypted0~0)) (not (<= 0 ~__ste_email_subject0~0.base))) [2022-11-20 20:41:28,067 INFO L899 garLoopResultBuilder]: For program point L2342-1(line 2342) no Hoare annotation was computed. [2022-11-20 20:41:28,068 INFO L902 garLoopResultBuilder]: At program point L1764(line 1764) the Hoare annotation is: true [2022-11-20 20:41:28,068 INFO L902 garLoopResultBuilder]: At program point L1764-1(lines 1757 1768) the Hoare annotation is: true [2022-11-20 20:41:28,068 INFO L902 garLoopResultBuilder]: At program point L2524(line 2524) the Hoare annotation is: true [2022-11-20 20:41:28,068 INFO L899 garLoopResultBuilder]: For program point L2524-1(line 2524) no Hoare annotation was computed. [2022-11-20 20:41:28,068 INFO L895 garLoopResultBuilder]: At program point L2359(line 2359) the Hoare annotation is: false [2022-11-20 20:41:28,069 INFO L895 garLoopResultBuilder]: At program point L1749(line 1749) the Hoare annotation is: (= 1 |outgoing___utac_acc__DecryptAutoResponder_spec__1_~tmp~13#1|) [2022-11-20 20:41:28,069 INFO L899 garLoopResultBuilder]: For program point L1749-1(line 1749) no Hoare annotation was computed. [2022-11-20 20:41:28,069 INFO L899 garLoopResultBuilder]: For program point L2344(lines 2344 2350) no Hoare annotation was computed. [2022-11-20 20:41:28,069 INFO L895 garLoopResultBuilder]: At program point L2344-2(lines 2336 2353) the Hoare annotation is: (= 1 |outgoing___utac_acc__DecryptAutoResponder_spec__1_~tmp~13#1|) [2022-11-20 20:41:28,069 INFO L902 garLoopResultBuilder]: At program point L2527-1(line 2527) the Hoare annotation is: true [2022-11-20 20:41:28,069 INFO L902 garLoopResultBuilder]: At program point L2527(line 2527) the Hoare annotation is: true [2022-11-20 20:41:28,070 INFO L899 garLoopResultBuilder]: For program point outgoingErr0ASSERT_VIOLATIONERROR_FUNCTION(line 2359) no Hoare annotation was computed. [2022-11-20 20:41:28,070 INFO L899 garLoopResultBuilder]: For program point L1660(lines 1660 1667) no Hoare annotation was computed. [2022-11-20 20:41:28,073 INFO L895 garLoopResultBuilder]: At program point L1594(line 1594) the Hoare annotation is: (or (not (<= ~__ste_client_privateKey0~0 0)) (not (<= 1 |outgoing_#in~client#1|)) (not (<= 0 ~__ste_email_subject0~0.offset)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address1~0)) (not (<= 0 |old(~queued_message~0)|)) (not (<= ~__ste_email_isEncrypted1~0 0)) (not (<= 0 ~__ste_client_privateKey0~0)) (not (<= ~__ste_email_subject1~0.offset 0)) (not (<= 0 |old(~__ste_email_from0~0)|)) (not (<= ~__ste_email_signKey1~0 0)) (not (<= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 ~__ste_email_subject1~0.offset)) (not (<= 0 ~__ste_Client_AddressBook1_Address1~0)) (not (<= 0 ~head~0.base)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (<= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (<= 0 |#NULL.offset|)) (not (<= ~__ste_client_privateKey1~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (<= 0 ~__ste_client_forwardReceiver1~0)) (not (<= 0 ~__ste_client_privateKey1~0)) (not (= ~__ste_Client_counter~0 0)) (not (<= 0 ~__ste_email_id1~0)) (not (<= ~__ste_Client_AddressBook2_Address1~0 0)) (not (<= 3 ~chuck~0)) (not (<= |old(~queued_message~0)| 0)) (not (<= ~__ste_ClientAddressBook_size1~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (<= 0 ~__ste_Client_Keyring0_User0~0)) (not (<= 0 ~__ste_email_body1~0.offset)) (not (<= |old(~queued_client~0)| 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (<= 0 ~__ste_email_encryptionKey0~0)) (not (<= 0 ~__ste_Client_Keyring1_User2~0)) (not (<= ~__ste_ClientKeyring_size0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AddressBook~0)) (not (<= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address0~0)) (not (<= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (<= 0 ~__GUIDSL_ROOT_PRODUCTION~0)) (not (<= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (<= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias0~0)) (not (<= 2 ~rjh~0)) (not (<= |outgoing_#in~msg#1| 1)) (not (<= ~bob~0 1)) (not (<= 0 ~__ste_ClientKeyring_size1~0)) (not (<= ~__ste_Client_AddressBook2_Address0~0 0)) (not (<= |outgoing_#in~client#1| 1)) (not (<= 0 ~__SELECTED_FEATURE_AutoResponder~0)) (not (<= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~rjh~0 2)) (not (<= 0 ~__ste_Client_AddressBook0_Alias2~0)) (not (<= 0 ~__ste_email_isSignatureVerified0~0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey0~0)) (not (<= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (<= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= ~__ste_email_body1~0.base 0)) (not (<= 0 ~__SELECTED_FEATURE_Decrypt~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body0~0.offset 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey2~0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey2~0)) (not (<= 0 ~__GUIDSL_NON_TERMINAL_main~0)) (not (<= ~__ste_client_name2~0.offset 0)) (not (<= 1 ~bob~0)) (not (= ~head~0.offset 0)) (not (<= ~__ste_email_subject0~0.base 0)) (not (<= 0 ~__ste_Client_Keyring2_User1~0)) (not (<= 0 ~__ste_client_name2~0.offset)) (not (<= ~__ste_client_forwardReceiver3~0 0)) (not (<= |old(~__ste_email_to0~0)| 2)) (not (<= 1 |outgoing_#in~msg#1|)) (not (<= 0 ~__ste_email_isSignatureVerified1~0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (<= 0 ~__ste_email_signKey1~0)) (not (<= 0 ~__ste_client_outbuffer1~0)) (not (<= 0 ~__ste_ClientAddressBook_size1~0)) (not (<= 0 ~__ste_client_name0~0.base)) (not (<= 0 |old(~queued_client~0)|)) (not (<= 0 ~__ste_Client_AddressBook1_Alias0~0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (<= ~__ste_client_outbuffer0~0 0)) (not (<= ~__ste_client_name0~0.offset 0)) (not (<= ~__ste_email_id1~0 0)) (not (<= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (<= ~__ste_client_privateKey2~0 0)) (not (<= 0 ~__ste_email_isSigned0~0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (<= 0 ~__ste_client_privateKey2~0)) (not (<= ~__ste_ClientKeyring_size1~0 0)) (not (<= ~__ste_client_name0~0.base 0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (<= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (<= |#NULL.offset| 0)) (not (<= ~__ste_Client_AddressBook0_Address1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver2~0)) (not (<= ~__ste_email_subject0~0.offset 0)) (not (<= 0 ~__ste_Email_counter~0)) (not (<= 0 ~__SELECTED_FEATURE_Encrypt~0)) (not (<= ~__ste_Client_Keyring1_User0~0 0)) (not (<= 0 ~__ste_email_isEncrypted1~0)) (not (= |#NULL.base| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (<= 0 ~__ste_ClientKeyring_size0~0)) (not (<= ~__ste_Client_AddressBook0_Address2~0 0)) (not (<= ~chuck~0 3)) (not (<= 0 ~__SELECTED_FEATURE_Verify~0)) (not (<= ~__ste_Client_Keyring2_User1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver3~0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias1~0)) (not (<= ~__ste_Client_Keyring2_User2~0 0)) (not (<= 0 ~__ste_email_isSigned1~0)) (not (<= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (<= 0 ~__ste_Client_AddressBook1_Alias2~0)) (not (<= ~__ste_email_isSigned1~0 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (not (<= ~__ste_client_forwardReceiver2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_User2~0)) (not (<= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey0~0)) (not (<= 0 ~__ste_client_name1~0.base)) (not (<= |old(~queue_empty~0)| 1)) (not (<= ~__ste_Client_AddressBook0_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Alias1~0)) (not (<= 2 |old(~__ste_email_to0~0)|)) (not (<= 0 ~__ste_email_id0~0)) (not (<= 0 |#StackHeapBarrier|)) (not (<= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey0~0)) (not (<= 0 ~__ste_ClientAddressBook_size0~0)) (not (<= 1 |old(~queue_empty~0)|)) (not (<= 0 ~__SELECTED_FEATURE_Keys~0)) (not (<= |old(~__ste_email_from0~0)| 0)) (not (<= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (<= ~__ste_client_forwardReceiver1~0 0)) (not (<= ~__ste_email_body1~0.offset 0)) (not (<= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (<= ~__ste_email_isEncrypted0~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (and (= |outgoing_mail_#in~client#1| |outgoing_~client#1|) (= |outgoing_mail_~msg#1| |outgoing_mail_#in~msg#1|) (<= 0 (+ 2147483648 |outgoing_getClientId_#res#1|)) (= |outgoing_mail_#in~client#1| |outgoing_mail_~client#1|) (<= ~queued_message~0 0) (<= ~__ste_email_from0~0 2147483647) (<= 1 |outgoing_~client#1|) (<= 0 (+ ~__ste_email_from0~0 2147483648)) (<= |outgoing_getClientId_#res#1| 2147483647) (<= ~queue_empty~0 1) (<= 1 |outgoing_getClientId_~handle#1|) (<= ~__ste_client_idCounter0~0 2147483647) (<= 1 ~queue_empty~0) (<= 0 (+ |outgoing_getClientId_~retValue_acc~28#1| 2147483648)) (<= 0 ~queued_message~0) (<= |outgoing_getClientId_#in~handle#1| 1) (<= |outgoing_~tmp~3#1| 2147483647) (<= 1 |outgoing_~msg#1|) (= |outgoing_mail_#in~msg#1| |outgoing_~msg#1|) (<= 0 ~queued_client~0) (<= |outgoing_~msg#1| 1) (<= |outgoing_getClientId_~retValue_acc~28#1| 2147483647) (<= 1 |outgoing_getClientId_#in~handle#1|) (<= |outgoing_getClientId_~handle#1| 1) (<= |outgoing_~client#1| 1) (<= 0 (+ ~__ste_client_idCounter0~0 2147483648)) (<= 2 ~__ste_email_to0~0) (<= ~__ste_email_to0~0 2) (<= 0 (+ |outgoing_~tmp~3#1| 2147483648)) (<= ~queued_client~0 0)) (not (<= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_User0~0)) (not (<= 0 ~__ste_client_name0~0.offset)) (not (<= 0 ~__ste_client_outbuffer0~0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (<= ~__ste_email_encryptionKey0~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (<= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (<= ~__ste_client_name1~0.base 0)) (not (<= ~__ste_email_isSignatureVerified1~0 0)) (not (<= ~__ste_Email_counter~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (<= 0 ~__ste_email_signKey0~0)) (not (<= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (<= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (<= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey2~0)) (not (<= ~__ste_email_isSigned0~0 0)) (not (<= ~__ste_email_id0~0 0)) (not (<= ~__ste_email_signKey0~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (<= 0 ~__ste_email_isEncrypted0~0)) (not (<= 0 ~__ste_email_subject0~0.base))) [2022-11-20 20:41:28,073 INFO L902 garLoopResultBuilder]: At program point L1660-2(lines 1650 1670) the Hoare annotation is: true [2022-11-20 20:41:28,077 INFO L895 garLoopResultBuilder]: At program point L1594-1(line 1594) the Hoare annotation is: (or (not (<= ~__ste_client_privateKey0~0 0)) (not (<= 1 |outgoing_#in~client#1|)) (not (<= 0 ~__ste_email_subject0~0.offset)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address1~0)) (not (<= 0 |old(~queued_message~0)|)) (not (<= ~__ste_email_isEncrypted1~0 0)) (not (<= 0 ~__ste_client_privateKey0~0)) (not (<= ~__ste_email_subject1~0.offset 0)) (not (<= 0 |old(~__ste_email_from0~0)|)) (not (<= ~__ste_email_signKey1~0 0)) (not (<= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 ~__ste_email_subject1~0.offset)) (not (<= 0 ~__ste_Client_AddressBook1_Address1~0)) (not (<= 0 ~head~0.base)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (<= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (<= 0 |#NULL.offset|)) (not (<= ~__ste_client_privateKey1~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (<= 0 ~__ste_client_forwardReceiver1~0)) (not (<= 0 ~__ste_client_privateKey1~0)) (not (= ~__ste_Client_counter~0 0)) (not (<= 0 ~__ste_email_id1~0)) (not (<= ~__ste_Client_AddressBook2_Address1~0 0)) (not (<= 3 ~chuck~0)) (not (<= |old(~queued_message~0)| 0)) (not (<= ~__ste_ClientAddressBook_size1~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (<= 0 ~__ste_Client_Keyring0_User0~0)) (not (<= 0 ~__ste_email_body1~0.offset)) (not (<= |old(~queued_client~0)| 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (<= 0 ~__ste_email_encryptionKey0~0)) (not (<= 0 ~__ste_Client_Keyring1_User2~0)) (not (<= ~__ste_ClientKeyring_size0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AddressBook~0)) (not (<= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address0~0)) (not (<= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (<= 0 ~__GUIDSL_ROOT_PRODUCTION~0)) (not (<= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (<= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias0~0)) (not (<= 2 ~rjh~0)) (not (<= |outgoing_#in~msg#1| 1)) (not (<= ~bob~0 1)) (not (<= 0 ~__ste_ClientKeyring_size1~0)) (not (<= ~__ste_Client_AddressBook2_Address0~0 0)) (not (<= |outgoing_#in~client#1| 1)) (not (<= 0 ~__SELECTED_FEATURE_AutoResponder~0)) (not (<= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~rjh~0 2)) (not (<= 0 ~__ste_Client_AddressBook0_Alias2~0)) (not (<= 0 ~__ste_email_isSignatureVerified0~0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey0~0)) (not (<= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (<= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= ~__ste_email_body1~0.base 0)) (not (<= 0 ~__SELECTED_FEATURE_Decrypt~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body0~0.offset 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey2~0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey2~0)) (not (<= 0 ~__GUIDSL_NON_TERMINAL_main~0)) (not (<= ~__ste_client_name2~0.offset 0)) (not (<= 1 ~bob~0)) (not (= ~head~0.offset 0)) (not (<= ~__ste_email_subject0~0.base 0)) (not (<= 0 ~__ste_Client_Keyring2_User1~0)) (not (<= 0 ~__ste_client_name2~0.offset)) (not (<= ~__ste_client_forwardReceiver3~0 0)) (not (<= |old(~__ste_email_to0~0)| 2)) (not (<= 1 |outgoing_#in~msg#1|)) (not (<= 0 ~__ste_email_isSignatureVerified1~0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (<= 0 ~__ste_email_signKey1~0)) (not (<= 0 ~__ste_client_outbuffer1~0)) (not (<= 0 ~__ste_ClientAddressBook_size1~0)) (not (<= 0 ~__ste_client_name0~0.base)) (not (<= 0 |old(~queued_client~0)|)) (not (<= 0 ~__ste_Client_AddressBook1_Alias0~0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (<= ~__ste_client_outbuffer0~0 0)) (not (<= ~__ste_client_name0~0.offset 0)) (not (<= ~__ste_email_id1~0 0)) (not (<= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (<= ~__ste_client_privateKey2~0 0)) (not (<= 0 ~__ste_email_isSigned0~0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (<= 0 ~__ste_client_privateKey2~0)) (not (<= ~__ste_ClientKeyring_size1~0 0)) (not (<= ~__ste_client_name0~0.base 0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (<= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (<= |#NULL.offset| 0)) (not (<= ~__ste_Client_AddressBook0_Address1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver2~0)) (not (<= ~__ste_email_subject0~0.offset 0)) (not (<= 0 ~__ste_Email_counter~0)) (not (<= 0 ~__SELECTED_FEATURE_Encrypt~0)) (not (<= ~__ste_Client_Keyring1_User0~0 0)) (not (<= 0 ~__ste_email_isEncrypted1~0)) (not (= |#NULL.base| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (<= 0 ~__ste_ClientKeyring_size0~0)) (not (<= ~__ste_Client_AddressBook0_Address2~0 0)) (not (<= ~chuck~0 3)) (not (<= 0 ~__SELECTED_FEATURE_Verify~0)) (not (<= ~__ste_Client_Keyring2_User1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver3~0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias1~0)) (not (<= ~__ste_Client_Keyring2_User2~0 0)) (not (<= 0 ~__ste_email_isSigned1~0)) (not (<= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (<= 0 ~__ste_Client_AddressBook1_Alias2~0)) (and (<= 1 |outgoing_mail_#in~client#1|) (<= |outgoing_mail_#in~msg#1| 1) (<= 0 (+ 2147483648 |outgoing_getClientId_#res#1|)) (<= 1 |outgoing_mail_~msg#1|) (<= ~queued_message~0 0) (<= ~__ste_email_from0~0 2147483647) (<= 1 |outgoing_~client#1|) (<= 0 (+ ~__ste_email_from0~0 2147483648)) (<= |outgoing_getClientId_#res#1| 2147483647) (<= ~queue_empty~0 1) (<= 1 |outgoing_getClientId_~handle#1|) (<= |outgoing_mail_#t~ret8#1| 2) (<= 1 |outgoing_mail_#in~msg#1|) (<= ~__ste_client_idCounter0~0 2147483647) (<= 1 ~queue_empty~0) (<= 0 (+ |outgoing_getClientId_~retValue_acc~28#1| 2147483648)) (<= 0 ~queued_message~0) (<= |outgoing_getClientId_#in~handle#1| 1) (<= |outgoing_~tmp~3#1| 2147483647) (<= 1 |outgoing_~msg#1|) (<= |outgoing_mail_~client#1| 1) (<= 0 ~queued_client~0) (<= |outgoing_mail_~msg#1| 1) (<= |outgoing_mail_#in~client#1| 1) (<= |outgoing_~msg#1| 1) (<= 2 |outgoing_mail_#t~ret8#1|) (<= |outgoing_getClientId_~retValue_acc~28#1| 2147483647) (<= 1 |outgoing_getClientId_#in~handle#1|) (<= |outgoing_getClientId_~handle#1| 1) (<= |outgoing_~client#1| 1) (<= 0 (+ ~__ste_client_idCounter0~0 2147483648)) (<= 2 ~__ste_email_to0~0) (<= ~__ste_email_to0~0 2) (<= 1 |outgoing_mail_~client#1|) (<= 0 (+ |outgoing_~tmp~3#1| 2147483648)) (<= ~queued_client~0 0)) (not (<= ~__ste_email_isSigned1~0 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (not (<= ~__ste_client_forwardReceiver2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_User2~0)) (not (<= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey0~0)) (not (<= 0 ~__ste_client_name1~0.base)) (not (<= |old(~queue_empty~0)| 1)) (not (<= ~__ste_Client_AddressBook0_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Alias1~0)) (not (<= 2 |old(~__ste_email_to0~0)|)) (not (<= 0 ~__ste_email_id0~0)) (not (<= 0 |#StackHeapBarrier|)) (not (<= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey0~0)) (not (<= 0 ~__ste_ClientAddressBook_size0~0)) (not (<= 1 |old(~queue_empty~0)|)) (not (<= 0 ~__SELECTED_FEATURE_Keys~0)) (not (<= |old(~__ste_email_from0~0)| 0)) (not (<= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (<= ~__ste_client_forwardReceiver1~0 0)) (not (<= ~__ste_email_body1~0.offset 0)) (not (<= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (<= ~__ste_email_isEncrypted0~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (<= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_User0~0)) (not (<= 0 ~__ste_client_name0~0.offset)) (not (<= 0 ~__ste_client_outbuffer0~0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (<= ~__ste_email_encryptionKey0~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (<= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (<= ~__ste_client_name1~0.base 0)) (not (<= ~__ste_email_isSignatureVerified1~0 0)) (not (<= ~__ste_Email_counter~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (<= 0 ~__ste_email_signKey0~0)) (not (<= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (<= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (<= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey2~0)) (not (<= ~__ste_email_isSigned0~0 0)) (not (<= ~__ste_email_id0~0 0)) (not (<= ~__ste_email_signKey0~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (<= 0 ~__ste_email_isEncrypted0~0)) (not (<= 0 ~__ste_email_subject0~0.base))) [2022-11-20 20:41:28,077 INFO L895 garLoopResultBuilder]: At program point L1751(line 1751) the Hoare annotation is: (= 1 |outgoing___utac_acc__DecryptAutoResponder_spec__1_~tmp~13#1|) [2022-11-20 20:41:28,077 INFO L895 garLoopResultBuilder]: At program point L1751-1(line 1751) the Hoare annotation is: (= 1 |outgoing___utac_acc__DecryptAutoResponder_spec__1_~tmp~13#1|) [2022-11-20 20:41:28,079 INFO L895 garLoopResultBuilder]: At program point outgoingENTRY(lines 1600 1611) the Hoare annotation is: (or (not (<= ~__ste_client_privateKey0~0 0)) (not (<= 1 |outgoing_#in~client#1|)) (not (<= 0 ~__ste_email_subject0~0.offset)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address1~0)) (not (<= 0 |old(~queued_message~0)|)) (not (<= ~__ste_email_isEncrypted1~0 0)) (not (<= 0 ~__ste_client_privateKey0~0)) (not (<= ~__ste_email_subject1~0.offset 0)) (not (<= 0 |old(~__ste_email_from0~0)|)) (not (<= ~__ste_email_signKey1~0 0)) (not (<= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 ~__ste_email_subject1~0.offset)) (not (<= 0 ~__ste_Client_AddressBook1_Address1~0)) (not (<= 0 ~head~0.base)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (<= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (<= 0 |#NULL.offset|)) (not (<= ~__ste_client_privateKey1~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (<= 0 ~__ste_client_forwardReceiver1~0)) (not (<= 0 ~__ste_client_privateKey1~0)) (not (= ~__ste_Client_counter~0 0)) (not (<= 0 ~__ste_email_id1~0)) (not (<= ~__ste_Client_AddressBook2_Address1~0 0)) (not (<= 3 ~chuck~0)) (not (<= |old(~queued_message~0)| 0)) (not (<= ~__ste_ClientAddressBook_size1~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (<= 0 ~__ste_Client_Keyring0_User0~0)) (not (<= 0 ~__ste_email_body1~0.offset)) (not (<= |old(~queued_client~0)| 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (<= 0 ~__ste_email_encryptionKey0~0)) (not (<= 0 ~__ste_Client_Keyring1_User2~0)) (not (<= ~__ste_ClientKeyring_size0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AddressBook~0)) (not (<= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address0~0)) (not (<= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (<= 0 ~__GUIDSL_ROOT_PRODUCTION~0)) (not (<= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (<= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias0~0)) (not (<= 2 ~rjh~0)) (not (<= |outgoing_#in~msg#1| 1)) (not (<= ~bob~0 1)) (not (<= 0 ~__ste_ClientKeyring_size1~0)) (not (<= ~__ste_Client_AddressBook2_Address0~0 0)) (not (<= |outgoing_#in~client#1| 1)) (not (<= 0 ~__SELECTED_FEATURE_AutoResponder~0)) (not (<= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~rjh~0 2)) (not (<= 0 ~__ste_Client_AddressBook0_Alias2~0)) (not (<= 0 ~__ste_email_isSignatureVerified0~0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey0~0)) (not (<= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (<= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= ~__ste_email_body1~0.base 0)) (not (<= 0 ~__SELECTED_FEATURE_Decrypt~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body0~0.offset 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey2~0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey2~0)) (not (<= 0 ~__GUIDSL_NON_TERMINAL_main~0)) (not (<= ~__ste_client_name2~0.offset 0)) (not (<= 1 ~bob~0)) (not (= ~head~0.offset 0)) (not (<= ~__ste_email_subject0~0.base 0)) (not (<= 0 ~__ste_Client_Keyring2_User1~0)) (not (<= 0 ~__ste_client_name2~0.offset)) (not (<= ~__ste_client_forwardReceiver3~0 0)) (not (<= |old(~__ste_email_to0~0)| 2)) (not (<= 1 |outgoing_#in~msg#1|)) (not (<= 0 ~__ste_email_isSignatureVerified1~0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (<= 0 ~__ste_email_signKey1~0)) (not (<= 0 ~__ste_client_outbuffer1~0)) (not (<= 0 ~__ste_ClientAddressBook_size1~0)) (not (<= 0 ~__ste_client_name0~0.base)) (not (<= 0 |old(~queued_client~0)|)) (not (<= 0 ~__ste_Client_AddressBook1_Alias0~0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (<= ~__ste_client_outbuffer0~0 0)) (not (<= ~__ste_client_name0~0.offset 0)) (not (<= ~__ste_email_id1~0 0)) (not (<= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (<= ~__ste_client_privateKey2~0 0)) (not (<= 0 ~__ste_email_isSigned0~0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (<= 0 ~__ste_client_privateKey2~0)) (not (<= ~__ste_ClientKeyring_size1~0 0)) (not (<= ~__ste_client_name0~0.base 0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (<= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (<= |#NULL.offset| 0)) (not (<= ~__ste_Client_AddressBook0_Address1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver2~0)) (not (<= ~__ste_email_subject0~0.offset 0)) (not (<= 0 ~__ste_Email_counter~0)) (not (<= 0 ~__SELECTED_FEATURE_Encrypt~0)) (not (<= ~__ste_Client_Keyring1_User0~0 0)) (not (<= 0 ~__ste_email_isEncrypted1~0)) (not (= |#NULL.base| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (<= 0 ~__ste_ClientKeyring_size0~0)) (not (<= ~__ste_Client_AddressBook0_Address2~0 0)) (not (<= ~chuck~0 3)) (not (<= 0 ~__SELECTED_FEATURE_Verify~0)) (not (<= ~__ste_Client_Keyring2_User1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver3~0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias1~0)) (not (<= ~__ste_Client_Keyring2_User2~0 0)) (and (= ~queued_message~0 |old(~queued_message~0)|) (= ~__ste_email_to0~0 |old(~__ste_email_to0~0)|) (= ~__ste_email_to1~0 |old(~__ste_email_to1~0)|) (= |old(~__ste_email_from0~0)| ~__ste_email_from0~0) (= |old(~__ste_email_from1~0)| ~__ste_email_from1~0) (= |old(~queue_empty~0)| ~queue_empty~0) (= ~queued_client~0 |old(~queued_client~0)|)) (not (<= 0 ~__ste_email_isSigned1~0)) (not (<= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (<= 0 ~__ste_Client_AddressBook1_Alias2~0)) (not (<= ~__ste_email_isSigned1~0 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (not (<= ~__ste_client_forwardReceiver2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_User2~0)) (not (<= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey0~0)) (not (<= 0 ~__ste_client_name1~0.base)) (not (<= |old(~queue_empty~0)| 1)) (not (<= ~__ste_Client_AddressBook0_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Alias1~0)) (not (<= 2 |old(~__ste_email_to0~0)|)) (not (<= 0 ~__ste_email_id0~0)) (not (<= 0 |#StackHeapBarrier|)) (not (<= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey0~0)) (not (<= 0 ~__ste_ClientAddressBook_size0~0)) (not (<= 1 |old(~queue_empty~0)|)) (not (<= 0 ~__SELECTED_FEATURE_Keys~0)) (not (<= |old(~__ste_email_from0~0)| 0)) (not (<= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (<= ~__ste_client_forwardReceiver1~0 0)) (not (<= ~__ste_email_body1~0.offset 0)) (not (<= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (<= ~__ste_email_isEncrypted0~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (<= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_User0~0)) (not (<= 0 ~__ste_client_name0~0.offset)) (not (<= 0 ~__ste_client_outbuffer0~0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (<= ~__ste_email_encryptionKey0~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (<= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (<= ~__ste_client_name1~0.base 0)) (not (<= ~__ste_email_isSignatureVerified1~0 0)) (not (<= ~__ste_Email_counter~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (<= 0 ~__ste_email_signKey0~0)) (not (<= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (<= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (<= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey2~0)) (not (<= ~__ste_email_isSigned0~0 0)) (not (<= ~__ste_email_id0~0 0)) (not (<= ~__ste_email_signKey0~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (<= 0 ~__ste_email_isEncrypted0~0)) (not (<= 0 ~__ste_email_subject0~0.base))) [2022-11-20 20:41:28,079 INFO L895 garLoopResultBuilder]: At program point L1752(lines 1737 1756) the Hoare annotation is: (= 1 |outgoing___utac_acc__DecryptAutoResponder_spec__1_~tmp~13#1|) [2022-11-20 20:41:28,080 INFO L899 garLoopResultBuilder]: For program point outgoingEXIT(lines 1600 1611) no Hoare annotation was computed. [2022-11-20 20:41:28,080 INFO L899 garLoopResultBuilder]: For program point setEmailToEXIT(lines 181 196) no Hoare annotation was computed. [2022-11-20 20:41:28,082 INFO L895 garLoopResultBuilder]: At program point setEmailToENTRY(lines 181 196) the Hoare annotation is: (or (not (= |setEmailTo_#in~value| ~rjh~0)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (= ~__ste_email_from0~0 0)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (= ~rjh~0 2)) (not (= ~__ste_ClientAddressBook_size1~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (= |#NULL.offset| 0)) (not (= ~__ste_Client_counter~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (= ~queued_message~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (= ~__ste_client_name2~0.offset 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (= ~__ste_email_id0~0 0)) (not (= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_client_privateKey2~0 0)) (not (= ~__ste_Client_AddressBook2_Address0~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (= ~queued_client~0 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (= ~__ste_email_isSigned0~0 0)) (not (= ~__ste_email_encryptionKey0~0 0)) (not (= ~__ste_Client_Keyring0_User0~0 0)) (not (<= ~bob~0 1)) (not (= ~__ste_client_privateKey1~0 0)) (not (= ~__ste_email_signKey1~0 0)) (not (= ~__ste_client_name0~0.base 0)) (not (= ~__ste_Client_AddressBook2_Address1~0 0)) (not (= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (= |old(~__ste_email_to0~0)| 0)) (not (= ~__ste_email_body1~0.base 0)) (not (= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (= ~__ste_client_outbuffer0~0 0)) (not (= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body1~0.offset 0)) (not (= ~__ste_email_body0~0.offset 0)) (not (= ~__ste_Client_Keyring1_User0~0 0)) (not (= ~__ste_email_isEncrypted1~0 0)) (not (= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (<= 1 ~bob~0)) (not (= ~head~0.offset 0)) (not (= ~__ste_email_id1~0 0)) (not (= ~__ste_client_forwardReceiver2~0 0)) (not (= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_ClientKeyring_size0~0 0)) (not (= ~__ste_email_signKey0~0 0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (= |setEmailTo_#in~handle| 1)) (not (= |old(~__ste_email_to1~0)| 0)) (not (= ~__ste_client_privateKey0~0 0)) (not (= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (= ~__ste_email_subject0~0.offset 0)) (not (= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= |#NULL.base| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (= ~__ste_Client_Keyring2_User1~0 0)) (not (= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (= ~__ste_email_isSignatureVerified1~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (and (= ~__ste_email_to0~0 |old(~__ste_email_to0~0)|) (= ~__ste_email_to1~0 |old(~__ste_email_to1~0)|)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (= ~__ste_client_name0~0.offset 0)) (not (= 3 ~chuck~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 |#StackHeapBarrier|)) (not (= ~__ste_Client_Keyring2_User2~0 0)) (not (= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (= ~__ste_ClientAddressBook_size0~0 0)) (not (= ~__ste_client_forwardReceiver3~0 0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (= ~__ste_client_forwardReceiver1~0 0)) (not (= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (= ~__ste_email_isEncrypted0~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (= ~queue_empty~0 1)) (not (= ~__ste_client_name1~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (= ~__ste_email_isSigned1~0 0)) (not (= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (= ~__ste_Email_counter~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (= ~__ste_email_subject1~0.offset 0)) (not (= 0 ~__ste_email_subject0~0.base)) (not (= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (= ~__ste_ClientKeyring_size1~0 0))) [2022-11-20 20:41:28,082 INFO L899 garLoopResultBuilder]: For program point getEmailToEXIT(lines 162 180) no Hoare annotation was computed. [2022-11-20 20:41:28,083 INFO L902 garLoopResultBuilder]: At program point getEmailToENTRY(lines 162 180) the Hoare annotation is: true [2022-11-20 20:41:28,086 INFO L895 garLoopResultBuilder]: At program point L2560(line 2560) the Hoare annotation is: (or (not (<= ~__ste_client_privateKey0~0 0)) (not (<= 0 ~__ste_email_subject0~0.offset)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address1~0)) (not (<= 0 |old(~queued_message~0)|)) (not (<= ~__ste_email_isEncrypted1~0 0)) (not (<= 0 ~__ste_client_privateKey0~0)) (not (<= ~__ste_email_subject1~0.offset 0)) (not (<= 0 |old(~__ste_email_from0~0)|)) (not (<= ~__ste_email_signKey1~0 0)) (not (<= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 ~__ste_email_subject1~0.offset)) (not (<= 0 ~__ste_Client_AddressBook1_Address1~0)) (not (<= 0 ~head~0.base)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (<= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (<= 0 |#NULL.offset|)) (not (<= ~__ste_client_privateKey1~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (<= 0 ~__ste_client_forwardReceiver1~0)) (not (<= 0 ~__ste_client_privateKey1~0)) (not (= ~__ste_Client_counter~0 0)) (not (<= 0 ~__ste_email_id1~0)) (not (<= ~__ste_Client_AddressBook2_Address1~0 0)) (not (<= 3 ~chuck~0)) (not (<= |old(~queued_message~0)| 0)) (not (<= ~__ste_ClientAddressBook_size1~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (<= 0 ~__ste_Client_Keyring0_User0~0)) (not (<= 0 ~__ste_email_body1~0.offset)) (not (<= |old(~queued_client~0)| 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (<= 0 ~__ste_email_encryptionKey0~0)) (not (<= 0 ~__ste_Client_Keyring1_User2~0)) (not (<= ~__ste_ClientKeyring_size0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AddressBook~0)) (and (<= ~queued_message~0 0) (= |sendEmail_#in~receiver#1| |sendEmail_~receiver#1|) (= |sendEmail_createEmail_~from#1| ~__ste_email_from0~0) (<= |sendEmail_createEmail_~to#1| 2) (<= 0 ~queued_message~0) (= |sendEmail_createEmail_~from#1| |sendEmail_createEmail_#in~from#1|) (<= 1 |sendEmail_~sender#1|) (<= |sendEmail_~sender#1| 1) (= |old(~queue_empty~0)| ~queue_empty~0) (<= ~__ste_email_from0~0 0) (= ~queued_client~0 |old(~queued_client~0)|) (<= |sendEmail_createEmail_#in~to#1| 2) (<= 2 |sendEmail_createEmail_#in~to#1|) (<= 2 ~__ste_email_to0~0) (<= 2 |sendEmail_createEmail_~to#1|) (<= ~__ste_email_to0~0 2) (= 1 |sendEmail_createEmail_~msg~0#1|) (<= 0 |sendEmail_createEmail_#in~from#1|)) (not (<= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address0~0)) (not (<= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (<= 0 ~__GUIDSL_ROOT_PRODUCTION~0)) (not (<= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (<= |old(~__ste_email_to1~0)| 0)) (not (<= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias0~0)) (not (<= 2 ~rjh~0)) (not (<= ~bob~0 1)) (not (<= 0 ~__ste_ClientKeyring_size1~0)) (not (<= ~__ste_Client_AddressBook2_Address0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AutoResponder~0)) (not (<= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~rjh~0 2)) (not (<= 0 ~__ste_Client_AddressBook0_Alias2~0)) (not (<= 0 ~__ste_email_isSignatureVerified0~0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey0~0)) (not (<= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (<= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= ~__ste_email_body1~0.base 0)) (not (<= 0 ~__SELECTED_FEATURE_Decrypt~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body0~0.offset 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey2~0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey2~0)) (not (<= 0 ~__GUIDSL_NON_TERMINAL_main~0)) (not (<= ~__ste_client_name2~0.offset 0)) (not (<= 1 ~bob~0)) (not (= ~head~0.offset 0)) (not (<= ~__ste_email_subject0~0.base 0)) (not (<= 0 ~__ste_Client_Keyring2_User1~0)) (not (<= 0 ~__ste_client_name2~0.offset)) (not (<= ~__ste_client_forwardReceiver3~0 0)) (not (<= 0 ~__ste_email_isSignatureVerified1~0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (<= 0 ~__ste_email_signKey1~0)) (not (<= 0 ~__ste_client_outbuffer1~0)) (not (= ~bob~0 |sendEmail_#in~sender#1|)) (not (<= 0 ~__ste_ClientAddressBook_size1~0)) (not (<= 0 |old(~__ste_email_to1~0)|)) (not (<= 0 ~__ste_client_name0~0.base)) (not (<= 0 |old(~queued_client~0)|)) (not (<= 0 ~__ste_Client_AddressBook1_Alias0~0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (<= ~__ste_client_outbuffer0~0 0)) (not (<= ~__ste_client_name0~0.offset 0)) (not (<= ~__ste_email_id1~0 0)) (not (<= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (<= ~__ste_client_privateKey2~0 0)) (not (<= 0 ~__ste_email_isSigned0~0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (<= 0 ~__ste_client_privateKey2~0)) (not (= |sendEmail_#in~receiver#1| ~rjh~0)) (not (<= ~__ste_ClientKeyring_size1~0 0)) (not (<= ~__ste_client_name0~0.base 0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (<= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (<= 0 |old(~__ste_email_from1~0)|)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (<= |#NULL.offset| 0)) (not (<= ~__ste_Client_AddressBook0_Address1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver2~0)) (not (<= ~__ste_email_subject0~0.offset 0)) (not (<= 0 ~__ste_Email_counter~0)) (not (<= 0 ~__SELECTED_FEATURE_Encrypt~0)) (not (<= ~__ste_Client_Keyring1_User0~0 0)) (not (<= 0 ~__ste_email_isEncrypted1~0)) (not (= |#NULL.base| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (<= 0 ~__ste_ClientKeyring_size0~0)) (not (<= ~__ste_Client_AddressBook0_Address2~0 0)) (not (<= ~chuck~0 3)) (not (<= 0 ~__SELECTED_FEATURE_Verify~0)) (not (<= ~__ste_Client_Keyring2_User1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver3~0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias1~0)) (not (<= |old(~__ste_email_to0~0)| 0)) (not (<= ~__ste_Client_Keyring2_User2~0 0)) (not (<= 0 ~__ste_email_isSigned1~0)) (not (<= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (<= 0 ~__ste_Client_AddressBook1_Alias2~0)) (not (<= ~__ste_email_isSigned1~0 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (not (<= ~__ste_client_forwardReceiver2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_User2~0)) (not (<= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey0~0)) (not (<= |old(~__ste_email_from1~0)| 0)) (not (<= 0 ~__ste_client_name1~0.base)) (not (<= |old(~queue_empty~0)| 1)) (not (<= ~__ste_Client_AddressBook0_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Alias1~0)) (not (<= 0 ~__ste_email_id0~0)) (not (<= 0 |#StackHeapBarrier|)) (not (<= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey0~0)) (not (<= 0 ~__ste_ClientAddressBook_size0~0)) (not (<= 1 |old(~queue_empty~0)|)) (not (<= 0 ~__SELECTED_FEATURE_Keys~0)) (not (<= |old(~__ste_email_from0~0)| 0)) (not (<= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (<= ~__ste_client_forwardReceiver1~0 0)) (not (<= ~__ste_email_body1~0.offset 0)) (not (<= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (<= ~__ste_email_isEncrypted0~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (<= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_User0~0)) (not (<= 0 ~__ste_client_name0~0.offset)) (not (<= 0 ~__ste_client_outbuffer0~0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (<= ~__ste_email_encryptionKey0~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (<= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (<= 0 |old(~__ste_email_to0~0)|)) (not (<= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (<= ~__ste_client_name1~0.base 0)) (not (<= ~__ste_email_isSignatureVerified1~0 0)) (not (<= ~__ste_Email_counter~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (<= 0 ~__ste_email_signKey0~0)) (not (<= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (<= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (<= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey2~0)) (not (<= ~__ste_email_isSigned0~0 0)) (not (<= ~__ste_email_id0~0 0)) (not (<= ~__ste_email_signKey0~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (<= 0 ~__ste_email_isEncrypted0~0)) (not (<= 0 ~__ste_email_subject0~0.base))) [2022-11-20 20:41:28,087 INFO L899 garLoopResultBuilder]: For program point sendEmailEXIT(lines 1686 1698) no Hoare annotation was computed. [2022-11-20 20:41:28,091 INFO L895 garLoopResultBuilder]: At program point L2559-1(line 2559) the Hoare annotation is: (or (not (<= ~__ste_client_privateKey0~0 0)) (not (<= 0 ~__ste_email_subject0~0.offset)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address1~0)) (not (<= 0 |old(~queued_message~0)|)) (not (<= ~__ste_email_isEncrypted1~0 0)) (not (<= 0 ~__ste_client_privateKey0~0)) (not (<= ~__ste_email_subject1~0.offset 0)) (not (<= 0 |old(~__ste_email_from0~0)|)) (not (<= ~__ste_email_signKey1~0 0)) (not (<= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 ~__ste_email_subject1~0.offset)) (not (<= 0 ~__ste_Client_AddressBook1_Address1~0)) (not (<= 0 ~head~0.base)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (<= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (<= 0 |#NULL.offset|)) (not (<= ~__ste_client_privateKey1~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (<= 0 ~__ste_client_forwardReceiver1~0)) (not (<= 0 ~__ste_client_privateKey1~0)) (not (= ~__ste_Client_counter~0 0)) (not (<= 0 ~__ste_email_id1~0)) (not (<= ~__ste_Client_AddressBook2_Address1~0 0)) (not (<= 3 ~chuck~0)) (not (<= |old(~queued_message~0)| 0)) (not (<= ~__ste_ClientAddressBook_size1~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (<= 0 ~__ste_Client_Keyring0_User0~0)) (not (<= 0 ~__ste_email_body1~0.offset)) (and (= ~queued_message~0 |old(~queued_message~0)|) (<= |sendEmail_createEmail_~from#1| 0) (<= |sendEmail_createEmail_#in~from#1| 0) (<= 1 |sendEmail_createEmail_~msg~0#1|) (<= 0 ~__ste_email_to0~0) (<= 0 ~__ste_email_to1~0) (<= ~queue_empty~0 1) (<= 0 |sendEmail_createEmail_~from#1|) (<= 0 ~__ste_email_from0~0) (= |sendEmail_#in~receiver#1| |sendEmail_~receiver#1|) (<= ~__ste_email_to1~0 0) (<= |sendEmail_createEmail_~msg~0#1| 1) (<= 1 ~queue_empty~0) (<= |sendEmail_createEmail_~to#1| 2) (<= 1 |sendEmail_~sender#1|) (<= |sendEmail_~sender#1| 1) (<= ~__ste_email_from0~0 0) (= ~queued_client~0 |old(~queued_client~0)|) (<= |sendEmail_createEmail_#in~to#1| 2) (<= 2 |sendEmail_createEmail_#in~to#1|) (<= ~__ste_email_to0~0 0) (<= 2 |sendEmail_createEmail_~to#1|) (<= 0 |sendEmail_createEmail_#in~from#1|)) (not (<= |old(~queued_client~0)| 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (<= 0 ~__ste_email_encryptionKey0~0)) (not (<= 0 ~__ste_Client_Keyring1_User2~0)) (not (<= ~__ste_ClientKeyring_size0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AddressBook~0)) (not (<= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address0~0)) (not (<= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (<= 0 ~__GUIDSL_ROOT_PRODUCTION~0)) (not (<= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (<= |old(~__ste_email_to1~0)| 0)) (not (<= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias0~0)) (not (<= 2 ~rjh~0)) (not (<= ~bob~0 1)) (not (<= 0 ~__ste_ClientKeyring_size1~0)) (not (<= ~__ste_Client_AddressBook2_Address0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AutoResponder~0)) (not (<= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~rjh~0 2)) (not (<= 0 ~__ste_Client_AddressBook0_Alias2~0)) (not (<= 0 ~__ste_email_isSignatureVerified0~0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey0~0)) (not (<= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (<= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= ~__ste_email_body1~0.base 0)) (not (<= 0 ~__SELECTED_FEATURE_Decrypt~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body0~0.offset 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey2~0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey2~0)) (not (<= 0 ~__GUIDSL_NON_TERMINAL_main~0)) (not (<= ~__ste_client_name2~0.offset 0)) (not (<= 1 ~bob~0)) (not (= ~head~0.offset 0)) (not (<= ~__ste_email_subject0~0.base 0)) (not (<= 0 ~__ste_Client_Keyring2_User1~0)) (not (<= 0 ~__ste_client_name2~0.offset)) (not (<= ~__ste_client_forwardReceiver3~0 0)) (not (<= 0 ~__ste_email_isSignatureVerified1~0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (<= 0 ~__ste_email_signKey1~0)) (not (<= 0 ~__ste_client_outbuffer1~0)) (not (= ~bob~0 |sendEmail_#in~sender#1|)) (not (<= 0 ~__ste_ClientAddressBook_size1~0)) (not (<= 0 |old(~__ste_email_to1~0)|)) (not (<= 0 ~__ste_client_name0~0.base)) (not (<= 0 |old(~queued_client~0)|)) (not (<= 0 ~__ste_Client_AddressBook1_Alias0~0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (<= ~__ste_client_outbuffer0~0 0)) (not (<= ~__ste_client_name0~0.offset 0)) (not (<= ~__ste_email_id1~0 0)) (not (<= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (<= ~__ste_client_privateKey2~0 0)) (not (<= 0 ~__ste_email_isSigned0~0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (<= 0 ~__ste_client_privateKey2~0)) (not (= |sendEmail_#in~receiver#1| ~rjh~0)) (not (<= ~__ste_ClientKeyring_size1~0 0)) (not (<= ~__ste_client_name0~0.base 0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (<= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (<= 0 |old(~__ste_email_from1~0)|)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (<= |#NULL.offset| 0)) (not (<= ~__ste_Client_AddressBook0_Address1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver2~0)) (not (<= ~__ste_email_subject0~0.offset 0)) (not (<= 0 ~__ste_Email_counter~0)) (not (<= 0 ~__SELECTED_FEATURE_Encrypt~0)) (not (<= ~__ste_Client_Keyring1_User0~0 0)) (not (<= 0 ~__ste_email_isEncrypted1~0)) (not (= |#NULL.base| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (<= 0 ~__ste_ClientKeyring_size0~0)) (not (<= ~__ste_Client_AddressBook0_Address2~0 0)) (not (<= ~chuck~0 3)) (not (<= 0 ~__SELECTED_FEATURE_Verify~0)) (not (<= ~__ste_Client_Keyring2_User1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver3~0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias1~0)) (not (<= |old(~__ste_email_to0~0)| 0)) (not (<= ~__ste_Client_Keyring2_User2~0 0)) (not (<= 0 ~__ste_email_isSigned1~0)) (not (<= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (<= 0 ~__ste_Client_AddressBook1_Alias2~0)) (not (<= ~__ste_email_isSigned1~0 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (not (<= ~__ste_client_forwardReceiver2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_User2~0)) (not (<= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey0~0)) (not (<= |old(~__ste_email_from1~0)| 0)) (not (<= 0 ~__ste_client_name1~0.base)) (not (<= |old(~queue_empty~0)| 1)) (not (<= ~__ste_Client_AddressBook0_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Alias1~0)) (not (<= 0 ~__ste_email_id0~0)) (not (<= 0 |#StackHeapBarrier|)) (not (<= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey0~0)) (not (<= 0 ~__ste_ClientAddressBook_size0~0)) (not (<= 1 |old(~queue_empty~0)|)) (not (<= 0 ~__SELECTED_FEATURE_Keys~0)) (not (<= |old(~__ste_email_from0~0)| 0)) (not (<= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (<= ~__ste_client_forwardReceiver1~0 0)) (not (<= ~__ste_email_body1~0.offset 0)) (not (<= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (<= ~__ste_email_isEncrypted0~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (<= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_User0~0)) (not (<= 0 ~__ste_client_name0~0.offset)) (not (<= 0 ~__ste_client_outbuffer0~0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (<= ~__ste_email_encryptionKey0~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (<= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (<= 0 |old(~__ste_email_to0~0)|)) (not (<= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (<= ~__ste_client_name1~0.base 0)) (not (<= ~__ste_email_isSignatureVerified1~0 0)) (not (<= ~__ste_Email_counter~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (<= 0 ~__ste_email_signKey0~0)) (not (<= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (<= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (<= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey2~0)) (not (<= ~__ste_email_isSigned0~0 0)) (not (<= ~__ste_email_id0~0 0)) (not (<= ~__ste_email_signKey0~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (<= 0 ~__ste_email_isEncrypted0~0)) (not (<= 0 ~__ste_email_subject0~0.base))) [2022-11-20 20:41:28,096 INFO L895 garLoopResultBuilder]: At program point L2559(line 2559) the Hoare annotation is: (or (not (<= ~__ste_client_privateKey0~0 0)) (not (<= 0 ~__ste_email_subject0~0.offset)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address1~0)) (not (<= 0 |old(~queued_message~0)|)) (not (<= ~__ste_email_isEncrypted1~0 0)) (not (<= 0 ~__ste_client_privateKey0~0)) (not (<= ~__ste_email_subject1~0.offset 0)) (and (= ~queued_message~0 |old(~queued_message~0)|) (= |sendEmail_createEmail_#in~from#1| 0) (= ~__ste_email_to0~0 |old(~__ste_email_to0~0)|) (= |sendEmail_createEmail_#in~to#1| |sendEmail_createEmail_~to#1|) (= |sendEmail_#in~sender#1| |sendEmail_~sender#1|) (= ~__ste_email_to1~0 |old(~__ste_email_to1~0)|) (= |sendEmail_createEmail_#in~to#1| |sendEmail_~receiver#1|) (= |sendEmail_#in~receiver#1| |sendEmail_~receiver#1|) (= |old(~__ste_email_from0~0)| ~__ste_email_from0~0) (= |old(~__ste_email_from1~0)| ~__ste_email_from1~0) (= |sendEmail_createEmail_~from#1| |sendEmail_createEmail_#in~from#1|) (= |old(~queue_empty~0)| ~queue_empty~0) (= ~queued_client~0 |old(~queued_client~0)|) (= 1 |sendEmail_createEmail_~msg~0#1|)) (not (<= 0 |old(~__ste_email_from0~0)|)) (not (<= ~__ste_email_signKey1~0 0)) (not (<= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 ~__ste_email_subject1~0.offset)) (not (<= 0 ~__ste_Client_AddressBook1_Address1~0)) (not (<= 0 ~head~0.base)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (<= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (<= 0 |#NULL.offset|)) (not (<= ~__ste_client_privateKey1~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (<= 0 ~__ste_client_forwardReceiver1~0)) (not (<= 0 ~__ste_client_privateKey1~0)) (not (= ~__ste_Client_counter~0 0)) (not (<= 0 ~__ste_email_id1~0)) (not (<= ~__ste_Client_AddressBook2_Address1~0 0)) (not (<= 3 ~chuck~0)) (not (<= |old(~queued_message~0)| 0)) (not (<= ~__ste_ClientAddressBook_size1~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (<= 0 ~__ste_Client_Keyring0_User0~0)) (not (<= 0 ~__ste_email_body1~0.offset)) (not (<= |old(~queued_client~0)| 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (<= 0 ~__ste_email_encryptionKey0~0)) (not (<= 0 ~__ste_Client_Keyring1_User2~0)) (not (<= ~__ste_ClientKeyring_size0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AddressBook~0)) (not (<= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address0~0)) (not (<= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (<= 0 ~__GUIDSL_ROOT_PRODUCTION~0)) (not (<= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (<= |old(~__ste_email_to1~0)| 0)) (not (<= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias0~0)) (not (<= 2 ~rjh~0)) (not (<= ~bob~0 1)) (not (<= 0 ~__ste_ClientKeyring_size1~0)) (not (<= ~__ste_Client_AddressBook2_Address0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AutoResponder~0)) (not (<= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~rjh~0 2)) (not (<= 0 ~__ste_Client_AddressBook0_Alias2~0)) (not (<= 0 ~__ste_email_isSignatureVerified0~0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey0~0)) (not (<= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (<= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= ~__ste_email_body1~0.base 0)) (not (<= 0 ~__SELECTED_FEATURE_Decrypt~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body0~0.offset 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey2~0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey2~0)) (not (<= 0 ~__GUIDSL_NON_TERMINAL_main~0)) (not (<= ~__ste_client_name2~0.offset 0)) (not (<= 1 ~bob~0)) (not (= ~head~0.offset 0)) (not (<= ~__ste_email_subject0~0.base 0)) (not (<= 0 ~__ste_Client_Keyring2_User1~0)) (not (<= 0 ~__ste_client_name2~0.offset)) (not (<= ~__ste_client_forwardReceiver3~0 0)) (not (<= 0 ~__ste_email_isSignatureVerified1~0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (<= 0 ~__ste_email_signKey1~0)) (not (<= 0 ~__ste_client_outbuffer1~0)) (not (= ~bob~0 |sendEmail_#in~sender#1|)) (not (<= 0 ~__ste_ClientAddressBook_size1~0)) (not (<= 0 |old(~__ste_email_to1~0)|)) (not (<= 0 ~__ste_client_name0~0.base)) (not (<= 0 |old(~queued_client~0)|)) (not (<= 0 ~__ste_Client_AddressBook1_Alias0~0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (<= ~__ste_client_outbuffer0~0 0)) (not (<= ~__ste_client_name0~0.offset 0)) (not (<= ~__ste_email_id1~0 0)) (not (<= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (<= ~__ste_client_privateKey2~0 0)) (not (<= 0 ~__ste_email_isSigned0~0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (<= 0 ~__ste_client_privateKey2~0)) (not (= |sendEmail_#in~receiver#1| ~rjh~0)) (not (<= ~__ste_ClientKeyring_size1~0 0)) (not (<= ~__ste_client_name0~0.base 0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (<= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (<= 0 |old(~__ste_email_from1~0)|)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (<= |#NULL.offset| 0)) (not (<= ~__ste_Client_AddressBook0_Address1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver2~0)) (not (<= ~__ste_email_subject0~0.offset 0)) (not (<= 0 ~__ste_Email_counter~0)) (not (<= 0 ~__SELECTED_FEATURE_Encrypt~0)) (not (<= ~__ste_Client_Keyring1_User0~0 0)) (not (<= 0 ~__ste_email_isEncrypted1~0)) (not (= |#NULL.base| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (<= 0 ~__ste_ClientKeyring_size0~0)) (not (<= ~__ste_Client_AddressBook0_Address2~0 0)) (not (<= ~chuck~0 3)) (not (<= 0 ~__SELECTED_FEATURE_Verify~0)) (not (<= ~__ste_Client_Keyring2_User1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver3~0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias1~0)) (not (<= |old(~__ste_email_to0~0)| 0)) (not (<= ~__ste_Client_Keyring2_User2~0 0)) (not (<= 0 ~__ste_email_isSigned1~0)) (not (<= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (<= 0 ~__ste_Client_AddressBook1_Alias2~0)) (not (<= ~__ste_email_isSigned1~0 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (not (<= ~__ste_client_forwardReceiver2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_User2~0)) (not (<= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey0~0)) (not (<= |old(~__ste_email_from1~0)| 0)) (not (<= 0 ~__ste_client_name1~0.base)) (not (<= |old(~queue_empty~0)| 1)) (not (<= ~__ste_Client_AddressBook0_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Alias1~0)) (not (<= 0 ~__ste_email_id0~0)) (not (<= 0 |#StackHeapBarrier|)) (not (<= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey0~0)) (not (<= 0 ~__ste_ClientAddressBook_size0~0)) (not (<= 1 |old(~queue_empty~0)|)) (not (<= 0 ~__SELECTED_FEATURE_Keys~0)) (not (<= |old(~__ste_email_from0~0)| 0)) (not (<= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (<= ~__ste_client_forwardReceiver1~0 0)) (not (<= ~__ste_email_body1~0.offset 0)) (not (<= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (<= ~__ste_email_isEncrypted0~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (<= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_User0~0)) (not (<= 0 ~__ste_client_name0~0.offset)) (not (<= 0 ~__ste_client_outbuffer0~0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (<= ~__ste_email_encryptionKey0~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (<= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (<= 0 |old(~__ste_email_to0~0)|)) (not (<= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (<= ~__ste_client_name1~0.base 0)) (not (<= ~__ste_email_isSignatureVerified1~0 0)) (not (<= ~__ste_Email_counter~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (<= 0 ~__ste_email_signKey0~0)) (not (<= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (<= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (<= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey2~0)) (not (<= ~__ste_email_isSigned0~0 0)) (not (<= ~__ste_email_id0~0 0)) (not (<= ~__ste_email_signKey0~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (<= 0 ~__ste_email_isEncrypted0~0)) (not (<= 0 ~__ste_email_subject0~0.base))) [2022-11-20 20:41:28,100 INFO L895 garLoopResultBuilder]: At program point L1694(line 1694) the Hoare annotation is: (or (not (<= ~__ste_client_privateKey0~0 0)) (not (<= 0 ~__ste_email_subject0~0.offset)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address1~0)) (not (<= 0 |old(~queued_message~0)|)) (not (<= ~__ste_email_isEncrypted1~0 0)) (not (<= 0 ~__ste_client_privateKey0~0)) (not (<= ~__ste_email_subject1~0.offset 0)) (not (<= 0 |old(~__ste_email_from0~0)|)) (not (<= ~__ste_email_signKey1~0 0)) (not (<= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 ~__ste_email_subject1~0.offset)) (not (<= 0 ~__ste_Client_AddressBook1_Address1~0)) (not (<= 0 ~head~0.base)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (<= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (<= 0 |#NULL.offset|)) (not (<= ~__ste_client_privateKey1~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (<= 0 ~__ste_client_forwardReceiver1~0)) (not (<= 0 ~__ste_client_privateKey1~0)) (not (= ~__ste_Client_counter~0 0)) (not (<= 0 ~__ste_email_id1~0)) (not (<= ~__ste_Client_AddressBook2_Address1~0 0)) (not (<= 3 ~chuck~0)) (not (<= |old(~queued_message~0)| 0)) (not (<= ~__ste_ClientAddressBook_size1~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (<= 0 ~__ste_Client_Keyring0_User0~0)) (not (<= 0 ~__ste_email_body1~0.offset)) (not (<= |old(~queued_client~0)| 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (<= 0 ~__ste_email_encryptionKey0~0)) (not (<= 0 ~__ste_Client_Keyring1_User2~0)) (not (<= ~__ste_ClientKeyring_size0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AddressBook~0)) (not (<= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address0~0)) (not (<= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (<= 0 ~__GUIDSL_ROOT_PRODUCTION~0)) (not (<= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (<= |old(~__ste_email_to1~0)| 0)) (not (<= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias0~0)) (not (<= 2 ~rjh~0)) (not (<= ~bob~0 1)) (not (<= 0 ~__ste_ClientKeyring_size1~0)) (not (<= ~__ste_Client_AddressBook2_Address0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AutoResponder~0)) (not (<= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~rjh~0 2)) (not (<= 0 ~__ste_Client_AddressBook0_Alias2~0)) (not (<= 0 ~__ste_email_isSignatureVerified0~0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey0~0)) (not (<= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (<= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= ~__ste_email_body1~0.base 0)) (not (<= 0 ~__SELECTED_FEATURE_Decrypt~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body0~0.offset 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey2~0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey2~0)) (not (<= 0 ~__GUIDSL_NON_TERMINAL_main~0)) (not (<= ~__ste_client_name2~0.offset 0)) (not (<= 1 ~bob~0)) (not (= ~head~0.offset 0)) (not (<= ~__ste_email_subject0~0.base 0)) (not (<= 0 ~__ste_Client_Keyring2_User1~0)) (not (<= 0 ~__ste_client_name2~0.offset)) (not (<= ~__ste_client_forwardReceiver3~0 0)) (not (<= 0 ~__ste_email_isSignatureVerified1~0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (<= 0 ~__ste_email_signKey1~0)) (not (<= 0 ~__ste_client_outbuffer1~0)) (not (= ~bob~0 |sendEmail_#in~sender#1|)) (not (<= 0 ~__ste_ClientAddressBook_size1~0)) (not (<= 0 |old(~__ste_email_to1~0)|)) (not (<= 0 ~__ste_client_name0~0.base)) (not (<= 0 |old(~queued_client~0)|)) (not (<= 0 ~__ste_Client_AddressBook1_Alias0~0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (<= ~__ste_client_outbuffer0~0 0)) (not (<= ~__ste_client_name0~0.offset 0)) (not (<= ~__ste_email_id1~0 0)) (not (<= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (<= ~__ste_client_privateKey2~0 0)) (not (<= 0 ~__ste_email_isSigned0~0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (<= 0 ~__ste_client_privateKey2~0)) (not (= |sendEmail_#in~receiver#1| ~rjh~0)) (not (<= ~__ste_ClientKeyring_size1~0 0)) (not (<= ~__ste_client_name0~0.base 0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (<= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (<= 0 |old(~__ste_email_from1~0)|)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (<= |#NULL.offset| 0)) (not (<= ~__ste_Client_AddressBook0_Address1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver2~0)) (not (<= ~__ste_email_subject0~0.offset 0)) (not (<= 0 ~__ste_Email_counter~0)) (not (<= 0 ~__SELECTED_FEATURE_Encrypt~0)) (not (<= ~__ste_Client_Keyring1_User0~0 0)) (not (<= 0 ~__ste_email_isEncrypted1~0)) (not (= |#NULL.base| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (<= 0 ~__ste_ClientKeyring_size0~0)) (not (<= ~__ste_Client_AddressBook0_Address2~0 0)) (not (<= ~chuck~0 3)) (not (<= 0 ~__SELECTED_FEATURE_Verify~0)) (not (<= ~__ste_Client_Keyring2_User1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver3~0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias1~0)) (not (<= |old(~__ste_email_to0~0)| 0)) (not (<= ~__ste_Client_Keyring2_User2~0 0)) (not (<= 0 ~__ste_email_isSigned1~0)) (not (<= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (<= 0 ~__ste_Client_AddressBook1_Alias2~0)) (not (<= ~__ste_email_isSigned1~0 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (not (<= ~__ste_client_forwardReceiver2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_User2~0)) (not (<= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey0~0)) (not (<= |old(~__ste_email_from1~0)| 0)) (not (<= 0 ~__ste_client_name1~0.base)) (not (<= |old(~queue_empty~0)| 1)) (not (<= ~__ste_Client_AddressBook0_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Alias1~0)) (not (<= 0 ~__ste_email_id0~0)) (not (<= 0 |#StackHeapBarrier|)) (not (<= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey0~0)) (not (<= 0 ~__ste_ClientAddressBook_size0~0)) (not (<= 1 |old(~queue_empty~0)|)) (not (<= 0 ~__SELECTED_FEATURE_Keys~0)) (not (<= |old(~__ste_email_from0~0)| 0)) (not (<= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (<= ~__ste_client_forwardReceiver1~0 0)) (not (<= ~__ste_email_body1~0.offset 0)) (not (<= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (<= ~__ste_email_isEncrypted0~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (<= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_User0~0)) (not (<= 0 ~__ste_client_name0~0.offset)) (not (<= 0 ~__ste_client_outbuffer0~0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (<= ~__ste_email_encryptionKey0~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (<= ~__ste_Client_Keyring0_User0~0 0)) (and (= ~queued_message~0 |old(~queued_message~0)|) (= |sendEmail_createEmail_#in~from#1| 0) (= |sendEmail_createEmail_#res#1| |sendEmail_createEmail_~retValue_acc~39#1|) (= |sendEmail_#in~sender#1| |sendEmail_~sender#1|) (= |sendEmail_createEmail_#in~to#1| |sendEmail_~receiver#1|) (= |sendEmail_#in~receiver#1| |sendEmail_~receiver#1|) (= |sendEmail_createEmail_~from#1| ~__ste_email_from0~0) (= |sendEmail_createEmail_~from#1| |sendEmail_createEmail_#in~from#1|) (= |old(~queue_empty~0)| ~queue_empty~0) (= ~__ste_email_to0~0 |sendEmail_createEmail_~to#1|) (= |sendEmail_createEmail_~retValue_acc~39#1| |sendEmail_createEmail_~msg~0#1|) (= ~queued_client~0 |old(~queued_client~0)|) (= |sendEmail_createEmail_#res#1| |sendEmail_~tmp~7#1|) (= |sendEmail_~email~0#1| |sendEmail_~tmp~7#1|) (<= 2 |sendEmail_createEmail_~to#1|) (<= ~__ste_email_to0~0 2) (= 1 |sendEmail_createEmail_~msg~0#1|)) (not (= ~__ste_client_outbuffer2~0 0)) (not (<= 0 |old(~__ste_email_to0~0)|)) (not (<= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (<= ~__ste_client_name1~0.base 0)) (not (<= ~__ste_email_isSignatureVerified1~0 0)) (not (<= ~__ste_Email_counter~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (<= 0 ~__ste_email_signKey0~0)) (not (<= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (<= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (<= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey2~0)) (not (<= ~__ste_email_isSigned0~0 0)) (not (<= ~__ste_email_id0~0 0)) (not (<= ~__ste_email_signKey0~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (<= 0 ~__ste_email_isEncrypted0~0)) (not (<= 0 ~__ste_email_subject0~0.base))) [2022-11-20 20:41:28,104 INFO L895 garLoopResultBuilder]: At program point sendEmailENTRY(lines 1686 1698) the Hoare annotation is: (or (not (<= ~__ste_client_privateKey0~0 0)) (not (<= 0 ~__ste_email_subject0~0.offset)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address1~0)) (not (<= 0 |old(~queued_message~0)|)) (not (<= ~__ste_email_isEncrypted1~0 0)) (not (<= 0 ~__ste_client_privateKey0~0)) (not (<= ~__ste_email_subject1~0.offset 0)) (not (<= 0 |old(~__ste_email_from0~0)|)) (not (<= ~__ste_email_signKey1~0 0)) (not (<= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 ~__ste_email_subject1~0.offset)) (not (<= 0 ~__ste_Client_AddressBook1_Address1~0)) (not (<= 0 ~head~0.base)) (not (= ~__ste_client_name2~0.base 0)) (not (= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (<= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (<= 0 |#NULL.offset|)) (not (<= ~__ste_client_privateKey1~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (<= 0 ~__ste_client_forwardReceiver1~0)) (not (<= 0 ~__ste_client_privateKey1~0)) (not (= ~__ste_Client_counter~0 0)) (not (<= 0 ~__ste_email_id1~0)) (not (<= ~__ste_Client_AddressBook2_Address1~0 0)) (not (<= 3 ~chuck~0)) (not (<= |old(~queued_message~0)| 0)) (not (<= ~__ste_ClientAddressBook_size1~0 0)) (not (= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (<= 0 ~__ste_Client_Keyring0_User0~0)) (not (<= 0 ~__ste_email_body1~0.offset)) (not (<= |old(~queued_client~0)| 0)) (not (= ~__ste_ClientAddressBook_size2~0 0)) (not (<= 0 ~__ste_email_encryptionKey0~0)) (not (<= 0 ~__ste_Client_Keyring1_User2~0)) (not (<= ~__ste_ClientKeyring_size0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AddressBook~0)) (not (<= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address0~0)) (not (<= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (<= 0 ~__GUIDSL_ROOT_PRODUCTION~0)) (not (<= ~head~0.base 0)) (not (= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (<= |old(~__ste_email_to1~0)| 0)) (not (<= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias0~0)) (not (<= 2 ~rjh~0)) (not (<= ~bob~0 1)) (not (<= 0 ~__ste_ClientKeyring_size1~0)) (not (<= ~__ste_Client_AddressBook2_Address0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AutoResponder~0)) (not (<= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~rjh~0 2)) (not (<= 0 ~__ste_Client_AddressBook0_Alias2~0)) (not (<= 0 ~__ste_email_isSignatureVerified0~0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey0~0)) (not (<= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (<= ~__ste_Client_AddressBook1_Address1~0 0)) (not (= ~__ste_email_body1~0.base 0)) (not (<= 0 ~__SELECTED_FEATURE_Decrypt~0)) (not (= ~__ste_client_forwardReceiver0~0 0)) (not (= ~__ste_email_body0~0.offset 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey2~0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey2~0)) (not (<= 0 ~__GUIDSL_NON_TERMINAL_main~0)) (not (<= ~__ste_client_name2~0.offset 0)) (not (<= 1 ~bob~0)) (not (= ~head~0.offset 0)) (not (<= ~__ste_email_subject0~0.base 0)) (not (<= 0 ~__ste_Client_Keyring2_User1~0)) (not (<= 0 ~__ste_client_name2~0.offset)) (not (<= ~__ste_client_forwardReceiver3~0 0)) (not (<= 0 ~__ste_email_isSignatureVerified1~0)) (not (= ~__SELECTED_FEATURE_Sign~0 0)) (not (<= 0 ~__ste_email_signKey1~0)) (not (<= 0 ~__ste_client_outbuffer1~0)) (not (= ~bob~0 |sendEmail_#in~sender#1|)) (not (<= 0 ~__ste_ClientAddressBook_size1~0)) (not (<= 0 |old(~__ste_email_to1~0)|)) (not (<= 0 ~__ste_client_name0~0.base)) (not (<= 0 |old(~queued_client~0)|)) (not (<= 0 ~__ste_Client_AddressBook1_Alias0~0)) (not (= ~__ste_Client_Keyring1_User1~0 0)) (not (<= ~__ste_client_outbuffer0~0 0)) (not (<= ~__ste_client_name0~0.offset 0)) (not (<= ~__ste_email_id1~0 0)) (not (<= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (<= ~__ste_client_privateKey2~0 0)) (not (<= 0 ~__ste_email_isSigned0~0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (= ~__ste_client_outbuffer3~0 0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (<= 0 ~__ste_client_privateKey2~0)) (not (= |sendEmail_#in~receiver#1| ~rjh~0)) (not (<= ~__ste_ClientKeyring_size1~0 0)) (not (<= ~__ste_client_name0~0.base 0)) (not (= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (<= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (<= 0 |old(~__ste_email_from1~0)|)) (not (= ~__ste_email_encryptionKey1~0 0)) (not (<= |#NULL.offset| 0)) (not (<= ~__ste_Client_AddressBook0_Address1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver2~0)) (not (<= ~__ste_email_subject0~0.offset 0)) (not (<= 0 ~__ste_Email_counter~0)) (not (<= 0 ~__SELECTED_FEATURE_Encrypt~0)) (not (<= ~__ste_Client_Keyring1_User0~0 0)) (not (<= 0 ~__ste_email_isEncrypted1~0)) (not (= |#NULL.base| 0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (= ~__ste_Client_Keyring0_User1~0 0)) (not (<= 0 ~__ste_ClientKeyring_size0~0)) (not (<= ~__ste_Client_AddressBook0_Address2~0 0)) (not (<= ~chuck~0 3)) (not (<= 0 ~__SELECTED_FEATURE_Verify~0)) (not (<= ~__ste_Client_Keyring2_User1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver3~0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias1~0)) (not (<= |old(~__ste_email_to0~0)| 0)) (not (<= ~__ste_Client_Keyring2_User2~0 0)) (and (= ~queued_message~0 |old(~queued_message~0)|) (= ~__ste_email_to0~0 |old(~__ste_email_to0~0)|) (= ~__ste_email_to1~0 |old(~__ste_email_to1~0)|) (= |old(~__ste_email_from0~0)| ~__ste_email_from0~0) (= |old(~__ste_email_from1~0)| ~__ste_email_from1~0) (= |old(~queue_empty~0)| ~queue_empty~0) (= ~queued_client~0 |old(~queued_client~0)|)) (not (<= 0 ~__ste_email_isSigned1~0)) (not (<= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (= ~__ste_email_subject1~0.base 0)) (not (<= 0 ~__ste_Client_AddressBook1_Alias2~0)) (not (<= ~__ste_email_isSigned1~0 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (= ~__ste_client_name1~0.offset 0)) (not (<= ~__ste_client_forwardReceiver2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_User2~0)) (not (<= ~__SELECTED_FEATURE_Keys~0 0)) (not (= ~__ste_email_body0~0.base 0)) (not (= ~__ste_ClientKeyring_size2~0 0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey0~0)) (not (<= |old(~__ste_email_from1~0)| 0)) (not (<= 0 ~__ste_client_name1~0.base)) (not (<= |old(~queue_empty~0)| 1)) (not (<= ~__ste_Client_AddressBook0_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (= ~__ste_Client_AddressBook1_Address0~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Alias1~0)) (not (<= 0 ~__ste_email_id0~0)) (not (<= 0 |#StackHeapBarrier|)) (not (<= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey0~0)) (not (<= 0 ~__ste_ClientAddressBook_size0~0)) (not (<= 1 |old(~queue_empty~0)|)) (not (<= 0 ~__SELECTED_FEATURE_Keys~0)) (not (<= |old(~__ste_email_from0~0)| 0)) (not (<= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (<= ~__ste_client_forwardReceiver1~0 0)) (not (<= ~__ste_email_body1~0.offset 0)) (not (<= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (<= ~__ste_email_isEncrypted0~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (<= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_User0~0)) (not (<= 0 ~__ste_client_name0~0.offset)) (not (<= 0 ~__ste_client_outbuffer0~0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (<= ~__ste_email_encryptionKey0~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (<= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (<= 0 |old(~__ste_email_to0~0)|)) (not (<= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (<= ~__ste_client_name1~0.base 0)) (not (<= ~__ste_email_isSignatureVerified1~0 0)) (not (<= ~__ste_Email_counter~0 0)) (not (= ~__ste_Client_Keyring2_User0~0 0)) (not (<= 0 ~__ste_email_signKey0~0)) (not (<= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (<= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (<= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey2~0)) (not (<= ~__ste_email_isSigned0~0 0)) (not (<= ~__ste_email_id0~0 0)) (not (<= ~__ste_email_signKey0~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (<= 0 ~__ste_email_isEncrypted0~0)) (not (<= 0 ~__ste_email_subject0~0.base))) [2022-11-20 20:41:28,105 INFO L899 garLoopResultBuilder]: For program point sendEmailFINAL(lines 1686 1698) no Hoare annotation was computed. [2022-11-20 20:41:28,109 INFO L895 garLoopResultBuilder]: At program point setEmailFromENTRY(lines 144 159) the Hoare annotation is: (or (not (<= ~__ste_client_privateKey0~0 0)) (not (<= 0 ~queued_client~0)) (not (<= 0 ~__ste_email_subject0~0.offset)) (not (= ~__ste_Client_AddressBook1_Address2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address1~0)) (not (<= ~__ste_email_isEncrypted1~0 0)) (not (<= |setEmailFrom_#in~value| 2147483647)) (not (<= 0 ~__ste_client_privateKey0~0)) (not (<= ~__ste_email_subject1~0.offset 0)) (not (<= 0 |old(~__ste_email_from0~0)|)) (not (<= ~__ste_email_signKey1~0 0)) (not (<= ~__SELECTED_FEATURE_Verify~0 0)) (not (<= 0 ~__ste_email_subject1~0.offset)) (not (<= 0 ~__ste_Client_AddressBook1_Address1~0)) (not (<= 0 ~__ste_Client_AddressBook0_Alias0~0)) (not (<= 0 ~head~0.base)) (not (<= 0 ~__ste_ClientKeyring_size2~0)) (not (<= |setEmailFrom_#in~handle| 1)) (not (<= ~__SELECTED_FEATURE_AutoResponder~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias1~0 0)) (not (<= 0 |#NULL.offset|)) (not (<= ~__SELECTED_FEATURE_Sign~0 0)) (not (<= 0 ~__ste_Client_counter~0)) (not (<= ~__ste_client_privateKey1~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias0~0 0)) (not (<= 0 ~__ste_client_forwardReceiver1~0)) (not (<= 0 ~__ste_client_privateKey1~0)) (not (<= ~queued_message~0 0)) (not (<= 0 ~__ste_email_id1~0)) (not (<= ~__ste_Client_AddressBook2_Address1~0 0)) (not (<= 3 ~chuck~0)) (not (<= ~__ste_Client_AddressBook2_Alias2~0 0)) (not (<= 0 ~__ste_email_body0~0.offset)) (not (<= ~__ste_ClientAddressBook_size1~0 0)) (not (<= 0 ~__ste_Client_Keyring0_User0~0)) (not (<= 0 ~__ste_email_body1~0.offset)) (not (<= 0 ~__ste_email_to0~0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias2~0)) (not (<= 0 ~__ste_email_encryptionKey0~0)) (not (<= 0 ~__ste_client_outbuffer3~0)) (not (<= 0 ~__ste_Client_Keyring1_User2~0)) (not (<= ~__ste_ClientKeyring_size0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AddressBook~0)) (not (<= ~__SELECTED_FEATURE_Decrypt~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Address0~0)) (not (<= ~__ste_client_outbuffer1~0 0)) (not (= ~__ste_Client_Keyring0_User2~0 0)) (not (<= ~__ste_email_to0~0 2)) (not (<= 0 ~__GUIDSL_ROOT_PRODUCTION~0)) (not (<= ~head~0.base 0)) (not (<= 0 ~__ste_Client_Keyring1_User1~0)) (not (<= ~__ste_email_body1~0.base 0)) (not (<= ~__ste_Client_Keyring0_PublicKey2~0 0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias0~0)) (not (<= 2 ~rjh~0)) (not (<= ~bob~0 1)) (not (<= 0 ~__ste_ClientKeyring_size1~0)) (not (<= ~__ste_Client_AddressBook2_Address0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_AutoResponder~0)) (not (<= ~__ste_Client_Keyring1_User1~0 0)) (not (<= ~__ste_ClientAddressBook_size0~0 0)) (not (<= ~rjh~0 2)) (not (<= 0 ~__ste_Client_AddressBook0_Alias2~0)) (not (<= 0 ~__ste_client_name2~0.base)) (not (<= 0 ~__ste_email_isSignatureVerified0~0)) (not (= ~__SELECTED_FEATURE_Forward~0 0)) (not (<= ~__ste_Client_AddressBook2_Alias1~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey0~0)) (not (<= ~__ste_Client_AddressBook1_Alias0~0 0)) (not (<= ~__ste_Client_AddressBook1_Address1~0 0)) (not (<= ~__ste_Client_AddressBook1_Address0~0 0)) (not (<= 0 ~__SELECTED_FEATURE_Decrypt~0)) (not (<= ~__ste_client_name2~0.base 0)) (not (<= 0 ~queued_message~0)) (not (<= 0 ~__ste_email_subject1~0.base)) (not (<= 0 ~__ste_client_name1~0.offset)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey2~0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey2~0)) (not (<= ~__ste_email_encryptionKey1~0 0)) (not (<= 0 ~__GUIDSL_NON_TERMINAL_main~0)) (not (<= ~__ste_client_name2~0.offset 0)) (not (<= 1 ~bob~0)) (not (<= ~__ste_email_subject0~0.base 0)) (not (<= 0 ~__ste_Client_Keyring2_User1~0)) (not (<= ~__ste_ClientAddressBook_size2~0 0)) (not (<= 1 |setEmailFrom_#in~handle|)) (not (<= ~head~0.offset 0)) (not (<= 0 ~__SELECTED_FEATURE_Sign~0)) (and (<= 0 ~__ste_email_from0~0) (<= ~__ste_email_from0~0 0)) (not (<= 0 ~__ste_client_name2~0.offset)) (not (<= ~__ste_Client_Keyring1_PublicKey1~0 0)) (not (<= ~__ste_client_forwardReceiver3~0 0)) (not (<= ~__ste_Client_Keyring2_User0~0 0)) (not (<= 0 ~__ste_email_isSignatureVerified1~0)) (not (<= ~__ste_ClientKeyring_size2~0 0)) (not (<= 0 ~__ste_email_signKey1~0)) (not (<= 0 ~__ste_client_outbuffer1~0)) (not (<= 0 ~__ste_ClientAddressBook_size1~0)) (not (<= 0 ~__ste_Client_AddressBook1_Alias1~0)) (not (<= 0 ~__ste_client_name0~0.base)) (not (<= ~__ste_client_outbuffer3~0 0)) (not (<= 0 ~__ste_Client_AddressBook1_Alias0~0)) (not (<= ~__ste_Client_counter~0 0)) (not (<= ~__ste_client_outbuffer0~0 0)) (not (<= ~__ste_client_name0~0.offset 0)) (not (<= ~__ste_email_id1~0 0)) (not (<= ~__ste_client_name1~0.offset 0)) (not (<= ~__SELECTED_FEATURE_Encrypt~0 0)) (not (<= 0 (+ |setEmailFrom_#in~value| 2147483648))) (not (<= ~__ste_client_privateKey2~0 0)) (not (<= 0 ~__ste_email_isSigned0~0)) (not (<= 0 ~__ste_client_autoResponse2~0)) (not (<= 1 ~queue_empty~0)) (not (<= ~__ste_Client_Keyring1_PublicKey2~0 0)) (not (<= ~__ste_Client_Keyring1_PublicKey0~0 0)) (not (<= 0 ~__ste_client_forwardReceiver0~0)) (not (<= ~__ste_client_autoResponse0~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias2~0 0)) (not (<= 0 ~__ste_client_privateKey2~0)) (not (<= ~__ste_ClientKeyring_size1~0 0)) (not (<= ~__ste_client_name0~0.base 0)) (not (= ~__SELECTED_FEATURE_Base~0 0)) (not (<= ~__ste_Client_AddressBook1_Alias2~0 0)) (not (<= 0 ~__ste_Client_AddressBook1_Address0~0)) (not (<= |#NULL.offset| 0)) (not (<= ~__ste_Client_AddressBook0_Address1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver2~0)) (not (<= ~__ste_email_subject0~0.offset 0)) (not (<= ~__ste_Client_AddressBook1_Alias1~0 0)) (not (<= 0 ~__ste_Email_counter~0)) (not (<= 0 ~__SELECTED_FEATURE_Encrypt~0)) (not (<= 0 ~__ste_Client_Keyring2_User0~0)) (not (<= ~__ste_Client_Keyring1_User0~0 0)) (not (<= 0 ~__ste_email_isEncrypted1~0)) (not (= ~__ste_Client_Keyring0_PublicKey1~0 0)) (not (<= 0 |#NULL.base|)) (not (<= 0 ~__ste_ClientKeyring_size0~0)) (not (<= ~__ste_Client_AddressBook0_Address2~0 0)) (not (<= ~chuck~0 3)) (not (<= 0 ~__SELECTED_FEATURE_Verify~0)) (not (<= ~__ste_Client_Keyring2_User1~0 0)) (not (<= 0 ~__ste_client_forwardReceiver3~0)) (not (<= 0 ~__ste_Client_AddressBook2_Alias1~0)) (not (<= ~__ste_Client_Keyring2_PublicKey1~0 0)) (not (<= ~__ste_Client_Keyring2_User2~0 0)) (not (<= 0 ~__ste_email_isSigned1~0)) (not (<= ~__SELECTED_FEATURE_AddressBook~0 0)) (not (<= 0 ~__ste_email_body1~0.base)) (not (<= 0 ~__ste_Client_AddressBook1_Alias2~0)) (not (<= ~__ste_email_isSigned1~0 0)) (not (= ~__ste_Client_AddressBook2_Address2~0 0)) (not (<= ~__ste_Client_AddressBook0_Alias0~0 0)) (not (<= ~__ste_client_forwardReceiver2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_User2~0)) (not (<= ~__SELECTED_FEATURE_Keys~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey1~0)) (not (= ~__ste_email_body0~0.base 0)) (not (<= 0 ~__ste_ClientAddressBook_size2~0)) (not (<= 0 ~__ste_Client_Keyring0_PublicKey0~0)) (not (<= ~__ste_email_body0~0.offset 0)) (not (<= 0 ~__ste_client_name1~0.base)) (not (<= ~queue_empty~0 1)) (not (<= ~__ste_Client_AddressBook0_Address0~0 0)) (not (<= 0 ~__ste_email_encryptionKey1~0)) (not (<= 0 ~__ste_Client_AddressBook0_Address0~0)) (not (<= ~__ste_client_idCounter2~0 3)) (not (<= 0 ~__ste_Client_Keyring0_User1~0)) (not (<= 0 ~__ste_Client_AddressBook0_Alias1~0)) (not (<= 0 ~__ste_email_id0~0)) (not (<= ~__ste_email_subject1~0.base 0)) (not (<= 0 |#StackHeapBarrier|)) (not (<= ~__ste_email_isSignatureVerified0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey0~0)) (not (<= 0 ~__ste_ClientAddressBook_size0~0)) (not (<= 0 ~__SELECTED_FEATURE_Keys~0)) (not (<= |old(~__ste_email_from0~0)| 0)) (not (<= ~__GUIDSL_ROOT_PRODUCTION~0 0)) (not (<= ~__ste_client_forwardReceiver1~0 0)) (not (<= ~__ste_email_body1~0.offset 0)) (not (<= ~__ste_Client_Keyring2_PublicKey2~0 0)) (not (<= ~__ste_email_isEncrypted0~0 0)) (not (<= ~__ste_client_autoResponse2~0 0)) (not (<= ~queued_client~0 0)) (not (<= ~__ste_Client_Keyring2_PublicKey0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_User0~0)) (not (<= 0 ~__ste_client_name0~0.offset)) (not (<= 0 ~__ste_client_outbuffer0~0)) (not (<= 0 ~__ste_client_autoResponse1~0)) (not (<= ~__ste_email_encryptionKey0~0 0)) (not (<= 0 ~__ste_client_autoResponse0~0)) (not (<= ~__ste_Client_Keyring0_User0~0 0)) (not (= ~__ste_client_outbuffer2~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address1~0)) (not (<= 0 ~head~0.offset)) (not (<= |#NULL.base| 0)) (not (<= ~__ste_client_name1~0.base 0)) (not (<= ~__ste_email_isSignatureVerified1~0 0)) (not (<= ~__ste_Email_counter~0 0)) (not (<= 0 ~__ste_email_signKey0~0)) (not (<= ~__GUIDSL_NON_TERMINAL_main~0 0)) (not (<= 0 ~__ste_Client_AddressBook0_Address2~0)) (not (<= ~__ste_Client_Keyring0_PublicKey0~0 0)) (not (<= ~__ste_Client_Keyring1_User2~0 0)) (not (<= 0 ~__ste_Client_Keyring2_PublicKey2~0)) (not (<= ~__ste_Client_Keyring0_User1~0 0)) (not (<= ~__ste_email_isSigned0~0 0)) (not (<= ~__ste_email_id0~0 0)) (not (<= 0 ~__ste_Client_Keyring1_PublicKey1~0)) (not (<= ~__ste_email_signKey0~0 0)) (not (<= 3 ~__ste_client_idCounter2~0)) (not (<= 0 ~__ste_email_isEncrypted0~0)) (not (<= ~__ste_client_forwardReceiver0~0 0)) (not (<= 0 ~__ste_email_subject0~0.base))) [2022-11-20 20:41:28,110 INFO L899 garLoopResultBuilder]: For program point setEmailFromEXIT(lines 144 159) no Hoare annotation was computed. [2022-11-20 20:41:28,110 INFO L899 garLoopResultBuilder]: For program point L1918(lines 1918 1922) no Hoare annotation was computed. [2022-11-20 20:41:28,110 INFO L902 garLoopResultBuilder]: At program point L1935(lines 1925 1948) the Hoare annotation is: true [2022-11-20 20:41:28,110 INFO L902 garLoopResultBuilder]: At program point L2414(line 2414) the Hoare annotation is: true [2022-11-20 20:41:28,110 INFO L902 garLoopResultBuilder]: At program point L1902(lines 1892 1951) the Hoare annotation is: true [2022-11-20 20:41:28,112 INFO L895 garLoopResultBuilder]: At program point L2381-1(lines 2376 2385) the Hoare annotation is: (and (= ~queued_client~0 0) (= ~__ste_Client_Keyring1_User2~0 0) (= ~__GUIDSL_NON_TERMINAL_main~0 0) (= ~__ste_email_isEncrypted1~0 0) (= ~__ste_email_subject0~0.offset 0) (= ~__SELECTED_FEATURE_Sign~0 0) (= 0 ~__ste_Client_AddressBook0_Address2~0) (= ~__ste_client_outbuffer3~0 0) (<= 1 |ULTIMATE.start_valid_product_#res#1|) (<= 1 |ULTIMATE.start_setup_bob_#in~bob___0#1|) (= ~__ste_Client_counter~0 0) (= ~rjh~0 0) (= ~__ste_Client_Keyring1_PublicKey2~0 0) (= ~__ste_client_autoResponse1~0 0) (= ~__ste_Client_AddressBook2_Alias0~0 0) (= 0 ~__ste_email_subject0~0.base) (= ~__ste_Client_AddressBook2_Alias1~0 0) (= ~__ste_Client_Keyring2_PublicKey2~0 0) (= ~__ste_client_forwardReceiver3~0 0) (<= |ULTIMATE.start_setup_bob_#in~bob___0#1| 1) (= 1 |ULTIMATE.start_valid_product_~retValue_acc~41#1|) (= ~__ste_client_name2~0.offset 0) (= ~__ste_client_name1~0.base 0) (= ~__SELECTED_FEATURE_Verify~0 0) (= ~__ste_Client_Keyring1_User0~0 0) (= ~__ste_email_body1~0.offset 0) (= ~__SELECTED_FEATURE_Encrypt~0 0) (= ~__ste_Client_AddressBook1_Address2~0 0) (<= 1 |ULTIMATE.start_setup_bob_~bob___0#1|) (= ~__ste_ClientAddressBook_size1~0 0) (= ~__ste_Client_Keyring0_PublicKey0~0 0) (= ~__ste_Email_counter~0 0) (= ~__ste_ClientKeyring_size1~0 0) (= ~__ste_email_body0~0.offset 0) (= ~__ste_email_isSignatureVerified0~0 0) (= ~__ste_Client_Keyring0_User2~0 0) (= ~__ste_ClientAddressBook_size0~0 0) (<= |ULTIMATE.start_main_~retValue_acc~36#1| 2147483647) (= ~__ste_Client_Keyring0_User1~0 0) (= ~__ste_Client_AddressBook1_Alias1~0 0) (= ~__ste_email_to1~0 0) (= ~__ste_client_name1~0.offset 0) (= ~__ste_client_privateKey1~0 0) (= ~head~0.offset 0) (= ~__ste_client_name0~0.offset 0) (= ~__ste_Client_Keyring0_PublicKey2~0 0) (= ~__ste_Client_Keyring1_PublicKey0~0 0) (= ~__ste_email_to0~0 0) (= ~__ste_email_signKey0~0 0) (= ~__SELECTED_FEATURE_Decrypt~0 0) (= ~__ste_email_encryptionKey0~0 0) (= ~__SELECTED_FEATURE_Keys~0 0) (= ~__SELECTED_FEATURE_AddressBook~0 0) (= ~__ste_client_forwardReceiver2~0 0) (= ~__ste_Client_Keyring0_PublicKey1~0 0) (= ~__SELECTED_FEATURE_Forward~0 0) (= ~__ste_Client_Keyring0_User0~0 0) (= ~__ste_email_isSigned0~0 0) (= ~__ste_Client_Keyring2_PublicKey1~0 0) (= ~__ste_email_isSigned1~0 0) (= ~__ste_email_body0~0.base 0) (= ~__ste_Client_AddressBook0_Alias0~0 0) (= ~__ste_email_id0~0 0) (= ~__ste_client_privateKey0~0 0) (= ~__ste_email_from0~0 0) (= ~__ste_Client_Keyring2_User1~0 0) (<= |ULTIMATE.start_setup_bob_~bob___0#1| 1) (= ~__ste_Client_AddressBook2_Address2~0 0) (<= |ULTIMATE.start_valid_product_#res#1| 1) (= ~__ste_Client_AddressBook2_Address1~0 0) (= ~bob~0 1) (<= |ULTIMATE.start_main_~tmp~15#1| 1) (= ~__ste_client_forwardReceiver1~0 0) (= ~__ste_Client_AddressBook1_Alias2~0 0) (= ~__ste_client_outbuffer0~0 0) (= ~queue_empty~0 1) (= ~__SELECTED_FEATURE_Base~0 0) (= ~__ste_client_forwardReceiver0~0 0) (= ~__ste_Client_Keyring2_User0~0 0) (= 0 ~__ste_Client_AddressBook0_Address1~0) (= ~__ste_Client_AddressBook2_Address0~0 0) (= ~__ste_email_isSignatureVerified1~0 0) (= ~__ste_Client_Keyring1_PublicKey1~0 0) (= ~__ste_Client_Keyring2_PublicKey0~0 0) (= ~__ste_Client_AddressBook1_Address0~0 0) (= ~__ste_client_name2~0.base 0) (= ~__ste_email_from1~0 0) (<= ~__ste_client_idCounter0~0 1) (= ~__ste_email_subject1~0.base 0) (= ~__ste_Client_AddressBook1_Alias0~0 0) (= ~__ste_Client_Keyring2_User2~0 0) (= ~head~0.base 0) (= ~__ste_client_privateKey2~0 0) (= ~__ste_Client_Keyring1_User1~0 0) (= |#NULL.offset| 0) (= ~__ste_Client_AddressBook2_Alias2~0 0) (<= 1 |ULTIMATE.start_main_~tmp~15#1|) (= ~__ste_email_subject1~0.offset 0) (= ~__ste_Client_AddressBook0_Alias2~0 0) (= ~__ste_ClientKeyring_size0~0 0) (= ~__ste_email_isEncrypted0~0 0) (= ~queued_message~0 0) (= ~__ste_Client_AddressBook1_Address1~0 0) (= 0 ~__ste_Client_AddressBook0_Address0~0) (<= 1 ~__ste_client_idCounter0~0) (= ~__ste_client_outbuffer1~0 0) (<= 0 (+ 2147483648 |ULTIMATE.start_main_~retValue_acc~36#1|)) (= ~__ste_Client_AddressBook0_Alias1~0 0) (= ~__GUIDSL_ROOT_PRODUCTION~0 0) (= ~chuck~0 0) (= ~__ste_client_name0~0.base 0) (= ~__ste_email_id1~0 0) (= ~__ste_client_outbuffer2~0 0) (<= 0 |#StackHeapBarrier|) (= ~__ste_ClientAddressBook_size2~0 0) (= ~__SELECTED_FEATURE_AutoResponder~0 0) (= ~__ste_email_encryptionKey1~0 0) (= ~__ste_client_autoResponse0~0 0) (= ~__ste_email_body1~0.base 0) (= ~__ste_ClientKeyring_size2~0 0) (= ~__ste_client_autoResponse2~0 0) (= |#NULL.base| 0) (= ~__ste_email_signKey1~0 0)) [2022-11-20 20:41:28,115 INFO L895 garLoopResultBuilder]: At program point L2381(line 2381) the Hoare annotation is: (let ((.cse0 (select |#memory_int| 4)) (.cse1 (select |#memory_int| 1))) (and (= ~queued_client~0 0) (= ~__ste_Client_Keyring1_User2~0 0) (= ~__GUIDSL_NON_TERMINAL_main~0 0) (= ~__ste_email_isEncrypted1~0 0) (= ~__ste_email_subject0~0.offset 0) (= (select |#valid| 30) 1) (= ~__SELECTED_FEATURE_Sign~0 0) (= 0 ~__ste_Client_AddressBook0_Address2~0) (= ~__ste_client_outbuffer3~0 0) (= 1 (select |#valid| 5)) (= (select |#length| 3) 12) (= (select |#valid| 15) 1) (= ~__ste_Client_counter~0 0) (= ~rjh~0 0) (= ~__ste_Client_Keyring1_PublicKey2~0 0) (= 21 (select |#length| 11)) (= (select |#valid| 26) 1) (= ~__ste_client_autoResponse1~0 0) (= 9 (select |#length| 16)) (= ~__ste_Client_AddressBook2_Alias0~0 0) (= 0 ~__ste_email_subject0~0.base) (= (select .cse0 2) 10) (= ~__ste_Client_AddressBook2_Alias1~0 0) (= (select |#length| 20) 25) (= ~__ste_Client_Keyring2_PublicKey2~0 0) (= ~__ste_client_forwardReceiver3~0 0) (= (select |#valid| 9) 1) (= 1 |ULTIMATE.start_valid_product_~retValue_acc~41#1|) (= ~__ste_client_name2~0.offset 0) (= ~__ste_client_name1~0.base 0) (= ~__SELECTED_FEATURE_Verify~0 0) (= ~__ste_Client_Keyring1_User0~0 0) (= (select |#length| 28) 12) (= (select |#length| 6) 16) (= ~__ste_email_body1~0.offset 0) (= (select |#length| 15) 30) (= ~__SELECTED_FEATURE_Encrypt~0 0) (= (select |#valid| 11) 1) (= ~__ste_Client_AddressBook1_Address2~0 0) (= (select |#valid| 27) 1) (= ~__ste_ClientAddressBook_size1~0 0) (= ~__ste_Client_Keyring0_PublicKey0~0 0) (= ~__ste_Email_counter~0 0) (= ~__ste_ClientKeyring_size1~0 0) (= ~__ste_email_body0~0.offset 0) (= ~__ste_email_isSignatureVerified0~0 0) (= ~__ste_Client_Keyring0_User2~0 0) (= |ULTIMATE.start_setup_bob_#in~bob___0#1| ~bob~0) (= (select |#length| 24) 9) (= ~__ste_ClientAddressBook_size0~0 0) (<= |ULTIMATE.start_main_~retValue_acc~36#1| 2147483647) (= ~__ste_Client_Keyring0_User1~0 0) (= ~__ste_Client_AddressBook1_Alias1~0 0) (= ~__ste_email_to1~0 0) (= ~__ste_client_name1~0.offset 0) (= 9 (select |#length| 25)) (= ~__ste_client_privateKey1~0 0) (= ~head~0.offset 0) (= 30 (select |#length| 12)) (= ~__ste_client_name0~0.offset 0) (= ~__ste_Client_Keyring0_PublicKey2~0 0) (= 2 (select |#length| 1)) (= ~__ste_client_idCounter1~0 0) (= ~__ste_Client_Keyring1_PublicKey0~0 0) (= (select |#length| 4) 4) (= 11 (select |#length| 26)) (= ~__ste_email_to0~0 0) (= (select |#valid| 3) 1) (= ~__ste_email_signKey0~0 0) (= (select |#valid| 7) 1) (= 115 (select .cse0 1)) (= ~__SELECTED_FEATURE_Decrypt~0 0) (= ~__ste_email_encryptionKey0~0 0) (= ~__SELECTED_FEATURE_Keys~0 0) (= (select |#valid| 18) 1) (= (select |#valid| 22) 1) (= ~__SELECTED_FEATURE_AddressBook~0 0) (= ~__ste_client_forwardReceiver2~0 0) (= ~__ste_Client_Keyring0_PublicKey1~0 0) (= ~__SELECTED_FEATURE_Forward~0 0) (= ~__ste_Client_Keyring0_User0~0 0) (= ~__ste_email_isSigned0~0 0) (= ~__ste_Client_Keyring2_PublicKey1~0 0) (= ~__ste_email_isSigned1~0 0) (= (select |#valid| 24) 1) (= ~__ste_email_body0~0.base 0) (= ~__ste_Client_AddressBook0_Alias0~0 0) (= ~__ste_email_id0~0 0) (= (select |#length| 27) 10) (= ~__ste_client_privateKey0~0 0) (= ~__ste_email_from0~0 0) (= ~__ste_Client_Keyring2_User1~0 0) (= (select |#valid| 12) 1) (= (select |#length| 19) 9) (= ~__ste_Client_AddressBook2_Address2~0 0) (= (select |#valid| 28) 1) (= ~__ste_Client_AddressBook2_Address1~0 0) (= (select .cse0 0) 37) (= (select |#length| 30) 18) (= ~bob~0 1) (= ~__ste_client_forwardReceiver1~0 0) (= (select |#valid| 4) 1) (= ~__ste_Client_AddressBook1_Alias2~0 0) (= ~__ste_client_outbuffer0~0 0) (= 9 (select |#length| 13)) (= ~queue_empty~0 1) (= ~__SELECTED_FEATURE_Base~0 0) (= (select |#valid| 1) 1) (= ~__ste_client_forwardReceiver0~0 0) (= (select |#valid| 20) 1) (= ~__ste_Client_Keyring2_User0~0 0) (= (select .cse0 3) 0) (= 0 ~__ste_Client_AddressBook0_Address1~0) (= ~__ste_Client_AddressBook2_Address0~0 0) (= ~__ste_email_isSignatureVerified1~0 0) (= ~__ste_Client_Keyring1_PublicKey1~0 0) (= (select |#length| 29) 10) (= ~__ste_Client_Keyring2_PublicKey0~0 0) (= (select |#valid| 21) 1) (= ~__ste_Client_AddressBook1_Address0~0 0) (= ~__ste_client_idCounter2~0 0) (= ~__ste_client_name2~0.base 0) (= ~__ste_email_from1~0 0) (= (select |#length| 17) 25) (= (select |#valid| 14) 1) (= ~__ste_email_subject1~0.base 0) (= ~__ste_Client_AddressBook1_Alias0~0 0) (= (select |#valid| 0) 0) (= ~__ste_Client_Keyring2_User2~0 0) (= (select |#valid| 25) 1) (= 22 (select |#length| 7)) (= ~head~0.base 0) (= (select |#length| 5) 10) (= ~__ste_client_privateKey2~0 0) (= ~__ste_Client_Keyring1_User1~0 0) (= (select |#valid| 2) 1) (= |#NULL.offset| 0) (= ~__ste_Client_AddressBook2_Alias2~0 0) (= (select |#length| 21) 20) (= (select .cse1 0) 48) (= ~__ste_email_subject1~0.offset 0) (= (select |#valid| 23) 1) (= ~__ste_Client_AddressBook0_Alias2~0 0) (= ~__ste_ClientKeyring_size0~0 0) (= ~__ste_email_isEncrypted0~0 0) (= ~queued_message~0 0) (= ~__ste_Client_AddressBook1_Address1~0 0) (= 30 (select |#length| 9)) (= ~__ste_client_idCounter0~0 0) (= 0 ~__ste_Client_AddressBook0_Address0~0) (= 29 (select |#length| 2)) (= ~__ste_client_outbuffer1~0 0) (= (select |#valid| 19) 1) (<= 0 (+ 2147483648 |ULTIMATE.start_main_~retValue_acc~36#1|)) (= ~__ste_Client_AddressBook0_Alias1~0 0) (= ~__GUIDSL_ROOT_PRODUCTION~0 0) (= (select |#valid| 16) 1) (= (select |#length| 22) 44) (= (select |#valid| 6) 1) (= ~chuck~0 0) (= 30 (select |#length| 18)) (= (select .cse1 1) 0) (= ~__ste_client_name0~0.base 0) (= ~__ste_email_id1~0 0) (= |ULTIMATE.start_setup_bob_#in~bob___0#1| |ULTIMATE.start_setup_bob_~bob___0#1|) (= ~__ste_client_outbuffer2~0 0) (= (select |#valid| 29) 1) (= |ULTIMATE.start_main_~tmp~15#1| |ULTIMATE.start_valid_product_#res#1|) (= |ULTIMATE.start_valid_product_#res#1| |ULTIMATE.start_valid_product_~retValue_acc~41#1|) (= ~__ste_ClientAddressBook_size2~0 0) (= (select |#valid| 17) 1) (= (select |#valid| 10) 1) (= ~__SELECTED_FEATURE_AutoResponder~0 0) (= ~__ste_email_encryptionKey1~0 0) (= (select |#valid| 8) 1) (= ~__ste_client_autoResponse0~0 0) (= ~__ste_email_body1~0.base 0) (= 44 (select |#length| 23)) (= ~__ste_ClientKeyring_size2~0 0) (= (select |#length| 8) 21) (= ~__ste_client_autoResponse2~0 0) (= (select |#valid| 13) 1) (< 0 |#StackHeapBarrier|) (= |#NULL.base| 0) (= 9 (select |#length| 10)) (= 21 (select |#length| 14)) (= ~__ste_email_signKey1~0 0))) [2022-11-20 20:41:28,115 INFO L902 garLoopResultBuilder]: At program point L2414-1(line 2414) the Hoare annotation is: true [2022-11-20 20:41:28,115 INFO L902 garLoopResultBuilder]: At program point ULTIMATE.startENTRY(line -1) the Hoare annotation is: true [2022-11-20 20:41:28,116 INFO L899 garLoopResultBuilder]: For program point L1820(lines 1820 1957) no Hoare annotation was computed. [2022-11-20 20:41:28,116 INFO L899 garLoopResultBuilder]: For program point L1871(lines 1871 1875) no Hoare annotation was computed. [2022-11-20 20:41:28,116 INFO L902 garLoopResultBuilder]: At program point L1855(lines 1845 1955) the Hoare annotation is: true [2022-11-20 20:41:28,116 INFO L902 garLoopResultBuilder]: At program point L2417(lines 2417 2425) the Hoare annotation is: true [2022-11-20 20:41:28,118 INFO L895 garLoopResultBuilder]: At program point L2401-1(lines 2396 2405) the Hoare annotation is: (and (= ~queued_client~0 0) (= ~__ste_Client_Keyring1_User2~0 0) (= ~__GUIDSL_NON_TERMINAL_main~0 0) (= ~__ste_email_isEncrypted1~0 0) (= ~__ste_email_subject0~0.offset 0) (= ~__SELECTED_FEATURE_Sign~0 0) (= 0 ~__ste_Client_AddressBook0_Address2~0) (= |ULTIMATE.start_setup_~__cil_tmp2~0#1.offset| 0) (= ~__ste_client_outbuffer3~0 0) (<= 1 |ULTIMATE.start_valid_product_#res#1|) (<= 1 |ULTIMATE.start_setup_bob_#in~bob___0#1|) (= ~__ste_Client_counter~0 0) (= ~__ste_Client_Keyring1_PublicKey2~0 0) (= ~__ste_client_autoResponse1~0 0) (<= 2 |ULTIMATE.start_setup_rjh_~rjh___0#1|) (= ~__ste_Client_AddressBook2_Alias0~0 0) (= |ULTIMATE.start_setup_~__cil_tmp1~0#1.offset| 0) (= 0 ~__ste_email_subject0~0.base) (= ~__ste_Client_AddressBook2_Alias1~0 0) (= ~__ste_Client_Keyring2_PublicKey2~0 0) (= ~__ste_client_forwardReceiver3~0 0) (<= |ULTIMATE.start_setup_bob_#in~bob___0#1| 1) (= 1 |ULTIMATE.start_valid_product_~retValue_acc~41#1|) (= ~__ste_client_name2~0.offset 0) (= ~__ste_client_name1~0.base 0) (<= |ULTIMATE.start_setup_chuck_#in~chuck___0#1| 3) (= ~__SELECTED_FEATURE_Verify~0 0) (= ~__ste_Client_Keyring1_User0~0 0) (<= ~__ste_client_idCounter2~0 3) (= ~__ste_email_body1~0.offset 0) (= ~__SELECTED_FEATURE_Encrypt~0 0) (= ~__ste_Client_AddressBook1_Address2~0 0) (<= 1 |ULTIMATE.start_setup_bob_~bob___0#1|) (= ~__ste_ClientAddressBook_size1~0 0) (= ~__ste_Client_Keyring0_PublicKey0~0 0) (= ~__ste_Email_counter~0 0) (= ~__ste_ClientKeyring_size1~0 0) (= ~__ste_email_body0~0.offset 0) (= ~__ste_email_isSignatureVerified0~0 0) (= ~__ste_Client_Keyring0_User2~0 0) (= ~__ste_ClientAddressBook_size0~0 0) (<= |ULTIMATE.start_main_~retValue_acc~36#1| 2147483647) (= ~__ste_Client_Keyring0_User1~0 0) (= ~__ste_Client_AddressBook1_Alias1~0 0) (= ~__ste_email_to1~0 0) (= ~__ste_client_name1~0.offset 0) (= ~__ste_client_privateKey1~0 0) (= ~head~0.offset 0) (= ~__ste_client_name0~0.offset 0) (= ~__ste_Client_Keyring0_PublicKey2~0 0) (= ~__ste_Client_Keyring1_PublicKey0~0 0) (= ~__ste_email_to0~0 0) (= ~__ste_email_signKey0~0 0) (= ~__SELECTED_FEATURE_Decrypt~0 0) (= ~__ste_email_encryptionKey0~0 0) (= ~__SELECTED_FEATURE_Keys~0 0) (= ~__SELECTED_FEATURE_AddressBook~0 0) (= ~__ste_client_forwardReceiver2~0 0) (= ~__ste_Client_Keyring0_PublicKey1~0 0) (= ~__SELECTED_FEATURE_Forward~0 0) (<= |ULTIMATE.start_setup_rjh_~rjh___0#1| 2) (= ~__ste_Client_Keyring0_User0~0 0) (= ~__ste_email_isSigned0~0 0) (= ~__ste_Client_Keyring2_PublicKey1~0 0) (= ~__ste_email_isSigned1~0 0) (= ~__ste_email_body0~0.base 0) (= ~__ste_Client_AddressBook0_Alias0~0 0) (= ~__ste_email_id0~0 0) (<= |ULTIMATE.start_setup_rjh_#in~rjh___0#1| 2) (= ~__ste_client_privateKey0~0 0) (= ~__ste_email_from0~0 0) (= ~__ste_Client_Keyring2_User1~0 0) (<= |ULTIMATE.start_setup_bob_~bob___0#1| 1) (<= 3 ~__ste_client_idCounter2~0) (= ~__ste_Client_AddressBook2_Address2~0 0) (<= |ULTIMATE.start_valid_product_#res#1| 1) (= 3 ~chuck~0) (= ~__ste_Client_AddressBook2_Address1~0 0) (= ~bob~0 1) (<= |ULTIMATE.start_main_~tmp~15#1| 1) (= ~__ste_client_forwardReceiver1~0 0) (<= 3 |ULTIMATE.start_setup_chuck_~chuck___0#1|) (= ~__ste_Client_AddressBook1_Alias2~0 0) (= ~__ste_client_outbuffer0~0 0) (= ~queue_empty~0 1) (= ~__SELECTED_FEATURE_Base~0 0) (= ~__ste_client_forwardReceiver0~0 0) (<= 3 |ULTIMATE.start_setup_chuck_#in~chuck___0#1|) (= ~__ste_Client_Keyring2_User0~0 0) (= ~rjh~0 2) (= 0 ~__ste_Client_AddressBook0_Address1~0) (= ~__ste_Client_AddressBook2_Address0~0 0) (= ~__ste_email_isSignatureVerified1~0 0) (= ~__ste_Client_Keyring1_PublicKey1~0 0) (= ~__ste_Client_Keyring2_PublicKey0~0 0) (= ~__ste_Client_AddressBook1_Address0~0 0) (= ~__ste_client_name2~0.base 0) (= ~__ste_email_from1~0 0) (<= 2 |ULTIMATE.start_setup_rjh_#in~rjh___0#1|) (= ~__ste_email_subject1~0.base 0) (= |ULTIMATE.start_setup_~__cil_tmp2~0#1.base| 25) (= ~__ste_Client_AddressBook1_Alias0~0 0) (= ~__ste_Client_Keyring2_User2~0 0) (= ~head~0.base 0) (<= |ULTIMATE.start_setup_chuck_~chuck___0#1| 3) (= ~__ste_client_privateKey2~0 0) (= ~__ste_Client_Keyring1_User1~0 0) (= |#NULL.offset| 0) (= ~__ste_Client_AddressBook2_Alias2~0 0) (<= 1 |ULTIMATE.start_main_~tmp~15#1|) (= ~__ste_email_subject1~0.offset 0) (= ~__ste_Client_AddressBook0_Alias2~0 0) (= ~__ste_ClientKeyring_size0~0 0) (= ~__ste_email_isEncrypted0~0 0) (= ~queued_message~0 0) (= ~__ste_Client_AddressBook1_Address1~0 0) (= 0 ~__ste_Client_AddressBook0_Address0~0) (= ~__ste_client_outbuffer1~0 0) (<= 0 (+ 2147483648 |ULTIMATE.start_main_~retValue_acc~36#1|)) (= ~__ste_Client_AddressBook0_Alias1~0 0) (= ~__GUIDSL_ROOT_PRODUCTION~0 0) (= |ULTIMATE.start_setup_~__cil_tmp1~0#1.base| 24) (= ~__ste_client_name0~0.base 0) (= ~__ste_email_id1~0 0) (= ~__ste_client_outbuffer2~0 0) (<= 0 |#StackHeapBarrier|) (= ~__ste_ClientAddressBook_size2~0 0) (= ~__SELECTED_FEATURE_AutoResponder~0 0) (= ~__ste_email_encryptionKey1~0 0) (= ~__ste_client_autoResponse0~0 0) (= ~__ste_email_body1~0.base 0) (= ~__ste_ClientKeyring_size2~0 0) (= ~__ste_client_autoResponse2~0 0) (= |#NULL.base| 0) (= ~__ste_email_signKey1~0 0)) [2022-11-20 20:41:28,120 INFO L895 garLoopResultBuilder]: At program point L2401(line 2401) the Hoare annotation is: (and (= ~queued_client~0 0) (= ~__ste_Client_Keyring1_User2~0 0) (= ~__GUIDSL_NON_TERMINAL_main~0 0) (= ~__ste_email_isEncrypted1~0 0) (= ~__ste_email_subject0~0.offset 0) (= ~__SELECTED_FEATURE_Sign~0 0) (= 0 ~__ste_Client_AddressBook0_Address2~0) (= |ULTIMATE.start_setup_~__cil_tmp2~0#1.offset| 0) (= ~__ste_client_outbuffer3~0 0) (<= 1 |ULTIMATE.start_valid_product_#res#1|) (<= 1 |ULTIMATE.start_setup_bob_#in~bob___0#1|) (= ~__ste_Client_counter~0 0) (= ~__ste_Client_Keyring1_PublicKey2~0 0) (= ~__ste_client_autoResponse1~0 0) (<= 2 |ULTIMATE.start_setup_rjh_~rjh___0#1|) (= ~__ste_Client_AddressBook2_Alias0~0 0) (= |ULTIMATE.start_setup_~__cil_tmp1~0#1.offset| 0) (= 0 ~__ste_email_subject0~0.base) (<= ~__ste_client_idCounter1~0 2) (= ~__ste_Client_AddressBook2_Alias1~0 0) (= ~__ste_Client_Keyring2_PublicKey2~0 0) (= ~__ste_client_forwardReceiver3~0 0) (<= |ULTIMATE.start_setup_bob_#in~bob___0#1| 1) (= 1 |ULTIMATE.start_valid_product_~retValue_acc~41#1|) (= ~__ste_client_name2~0.offset 0) (= ~__ste_client_name1~0.base 0) (= ~__SELECTED_FEATURE_Verify~0 0) (= ~__ste_Client_Keyring1_User0~0 0) (= ~__ste_email_body1~0.offset 0) (= ~__SELECTED_FEATURE_Encrypt~0 0) (= ~__ste_Client_AddressBook1_Address2~0 0) (<= 1 |ULTIMATE.start_setup_bob_~bob___0#1|) (= ~__ste_ClientAddressBook_size1~0 0) (= ~__ste_Client_Keyring0_PublicKey0~0 0) (= ~__ste_Email_counter~0 0) (= ~__ste_ClientKeyring_size1~0 0) (= ~__ste_email_body0~0.offset 0) (= ~__ste_email_isSignatureVerified0~0 0) (= |ULTIMATE.start_setup_chuck_#in~chuck___0#1| ~chuck~0) (= ~__ste_Client_Keyring0_User2~0 0) (= ~__ste_ClientAddressBook_size0~0 0) (<= |ULTIMATE.start_main_~retValue_acc~36#1| 2147483647) (= ~__ste_Client_Keyring0_User1~0 0) (= ~__ste_Client_AddressBook1_Alias1~0 0) (= ~__ste_email_to1~0 0) (= ~__ste_client_name1~0.offset 0) (= ~__ste_client_privateKey1~0 0) (= ~head~0.offset 0) (= ~__ste_client_name0~0.offset 0) (= ~__ste_Client_Keyring0_PublicKey2~0 0) (= ~__ste_Client_Keyring1_PublicKey0~0 0) (= ~__ste_email_to0~0 0) (= ~__ste_email_signKey0~0 0) (= ~__SELECTED_FEATURE_Decrypt~0 0) (= ~__ste_email_encryptionKey0~0 0) (= |ULTIMATE.start_setup_chuck_#in~chuck___0#1| |ULTIMATE.start_setup_chuck_~chuck___0#1|) (= ~__SELECTED_FEATURE_Keys~0 0) (= ~__SELECTED_FEATURE_AddressBook~0 0) (= ~__ste_client_forwardReceiver2~0 0) (= ~__ste_Client_Keyring0_PublicKey1~0 0) (= ~__SELECTED_FEATURE_Forward~0 0) (<= |ULTIMATE.start_setup_rjh_~rjh___0#1| 2) (= ~__ste_Client_Keyring0_User0~0 0) (= ~__ste_email_isSigned0~0 0) (= ~__ste_Client_Keyring2_PublicKey1~0 0) (= ~__ste_email_isSigned1~0 0) (= ~__ste_email_body0~0.base 0) (= ~__ste_Client_AddressBook0_Alias0~0 0) (= ~__ste_email_id0~0 0) (<= |ULTIMATE.start_setup_rjh_#in~rjh___0#1| 2) (= ~__ste_client_privateKey0~0 0) (= ~__ste_email_from0~0 0) (= ~__ste_Client_Keyring2_User1~0 0) (<= |ULTIMATE.start_setup_bob_~bob___0#1| 1) (= ~__ste_Client_AddressBook2_Address2~0 0) (<= |ULTIMATE.start_valid_product_#res#1| 1) (= 3 ~chuck~0) (= ~__ste_Client_AddressBook2_Address1~0 0) (= ~bob~0 1) (<= |ULTIMATE.start_main_~tmp~15#1| 1) (= ~__ste_client_forwardReceiver1~0 0) (= ~__ste_Client_AddressBook1_Alias2~0 0) (<= 2 ~__ste_client_idCounter1~0) (= ~__ste_client_outbuffer0~0 0) (= ~queue_empty~0 1) (= ~__SELECTED_FEATURE_Base~0 0) (= ~__ste_client_forwardReceiver0~0 0) (= ~__ste_Client_Keyring2_User0~0 0) (= ~rjh~0 2) (= 0 ~__ste_Client_AddressBook0_Address1~0) (= ~__ste_Client_AddressBook2_Address0~0 0) (= ~__ste_email_isSignatureVerified1~0 0) (= ~__ste_Client_Keyring1_PublicKey1~0 0) (= ~__ste_Client_Keyring2_PublicKey0~0 0) (= ~__ste_Client_AddressBook1_Address0~0 0) (= ~__ste_client_name2~0.base 0) (= ~__ste_email_from1~0 0) (<= 2 |ULTIMATE.start_setup_rjh_#in~rjh___0#1|) (= ~__ste_email_subject1~0.base 0) (= |ULTIMATE.start_setup_~__cil_tmp2~0#1.base| 25) (= ~__ste_Client_AddressBook1_Alias0~0 0) (= ~__ste_Client_Keyring2_User2~0 0) (= ~head~0.base 0) (= ~__ste_client_privateKey2~0 0) (= ~__ste_Client_Keyring1_User1~0 0) (= |#NULL.offset| 0) (= ~__ste_Client_AddressBook2_Alias2~0 0) (<= 1 |ULTIMATE.start_main_~tmp~15#1|) (= ~__ste_email_subject1~0.offset 0) (= ~__ste_Client_AddressBook0_Alias2~0 0) (= ~__ste_ClientKeyring_size0~0 0) (= ~__ste_email_isEncrypted0~0 0) (= ~queued_message~0 0) (= ~__ste_Client_AddressBook1_Address1~0 0) (= 0 ~__ste_Client_AddressBook0_Address0~0) (= ~__ste_client_outbuffer1~0 0) (<= 0 (+ 2147483648 |ULTIMATE.start_main_~retValue_acc~36#1|)) (= ~__ste_Client_AddressBook0_Alias1~0 0) (= ~__GUIDSL_ROOT_PRODUCTION~0 0) (= |ULTIMATE.start_setup_~__cil_tmp1~0#1.base| 24) (= ~__ste_client_name0~0.base 0) (= ~__ste_email_id1~0 0) (= ~__ste_client_outbuffer2~0 0) (<= 0 |#StackHeapBarrier|) (= ~__ste_ClientAddressBook_size2~0 0) (= ~__SELECTED_FEATURE_AutoResponder~0 0) (= ~__ste_email_encryptionKey1~0 0) (= ~__ste_client_autoResponse0~0 0) (= ~__ste_email_body1~0.base 0) (= ~__ste_ClientKeyring_size2~0 0) (= ~__ste_client_autoResponse2~0 0) (= |#NULL.base| 0) (= ~__ste_email_signKey1~0 0)) [2022-11-20 20:41:28,120 INFO L899 garLoopResultBuilder]: For program point L1824(lines 1824 1828) no Hoare annotation was computed. [2022-11-20 20:41:28,120 INFO L899 garLoopResultBuilder]: For program point L1940(lines 1940 1944) no Hoare annotation was computed. [2022-11-20 20:41:28,120 INFO L899 garLoopResultBuilder]: For program point L1907(lines 1907 1911) no Hoare annotation was computed. [2022-11-20 20:41:28,120 INFO L902 garLoopResultBuilder]: At program point L1940-1(lines 1812 1958) the Hoare annotation is: true [2022-11-20 20:41:28,121 INFO L902 garLoopResultBuilder]: At program point L1924(lines 1914 1949) the Hoare annotation is: true [2022-11-20 20:41:28,121 INFO L902 garLoopResultBuilder]: At program point L1891(lines 1878 1952) the Hoare annotation is: true [2022-11-20 20:41:28,121 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-20 20:41:28,121 INFO L902 garLoopResultBuilder]: At program point L1959(lines 1811 1960) the Hoare annotation is: true [2022-11-20 20:41:28,121 INFO L899 garLoopResultBuilder]: For program point L1860(lines 1860 1864) no Hoare annotation was computed. [2022-11-20 20:41:28,121 INFO L902 garLoopResultBuilder]: At program point L1877(lines 1867 1953) the Hoare annotation is: true [2022-11-20 20:41:28,122 INFO L902 garLoopResultBuilder]: At program point L1844(lines 1831 1956) the Hoare annotation is: true [2022-11-20 20:41:28,122 INFO L902 garLoopResultBuilder]: At program point L2423-1(lines 2406 2428) the Hoare annotation is: true [2022-11-20 20:41:28,122 INFO L902 garLoopResultBuilder]: At program point L2423(line 2423) the Hoare annotation is: true [2022-11-20 20:41:28,122 INFO L899 garLoopResultBuilder]: For program point L2473(lines 2473 2480) no Hoare annotation was computed. [2022-11-20 20:41:28,122 INFO L902 garLoopResultBuilder]: At program point L2473-2(lines 2473 2480) the Hoare annotation is: true [2022-11-20 20:41:28,124 INFO L895 garLoopResultBuilder]: At program point L2391-1(lines 2386 2395) the Hoare annotation is: (and (= ~queued_client~0 0) (= ~__ste_Client_Keyring1_User2~0 0) (= ~__GUIDSL_NON_TERMINAL_main~0 0) (= ~__ste_email_isEncrypted1~0 0) (= ~__ste_email_subject0~0.offset 0) (= ~__SELECTED_FEATURE_Sign~0 0) (= 0 ~__ste_Client_AddressBook0_Address2~0) (= ~__ste_client_outbuffer3~0 0) (<= 1 |ULTIMATE.start_valid_product_#res#1|) (<= 1 |ULTIMATE.start_setup_bob_#in~bob___0#1|) (= ~__ste_Client_counter~0 0) (= ~__ste_Client_Keyring1_PublicKey2~0 0) (= ~__ste_client_autoResponse1~0 0) (<= 2 |ULTIMATE.start_setup_rjh_~rjh___0#1|) (= ~__ste_Client_AddressBook2_Alias0~0 0) (= |ULTIMATE.start_setup_~__cil_tmp1~0#1.offset| 0) (= 0 ~__ste_email_subject0~0.base) (<= ~__ste_client_idCounter1~0 2) (= ~__ste_Client_AddressBook2_Alias1~0 0) (= ~__ste_Client_Keyring2_PublicKey2~0 0) (= ~__ste_client_forwardReceiver3~0 0) (<= |ULTIMATE.start_setup_bob_#in~bob___0#1| 1) (= 1 |ULTIMATE.start_valid_product_~retValue_acc~41#1|) (= ~__ste_client_name2~0.offset 0) (= ~__ste_client_name1~0.base 0) (= ~__SELECTED_FEATURE_Verify~0 0) (= ~__ste_Client_Keyring1_User0~0 0) (= ~__ste_email_body1~0.offset 0) (= ~__SELECTED_FEATURE_Encrypt~0 0) (= ~__ste_Client_AddressBook1_Address2~0 0) (<= 1 |ULTIMATE.start_setup_bob_~bob___0#1|) (= ~__ste_ClientAddressBook_size1~0 0) (= ~__ste_Client_Keyring0_PublicKey0~0 0) (= ~__ste_Email_counter~0 0) (= ~__ste_ClientKeyring_size1~0 0) (= ~__ste_email_body0~0.offset 0) (= ~__ste_email_isSignatureVerified0~0 0) (= ~__ste_Client_Keyring0_User2~0 0) (= ~__ste_ClientAddressBook_size0~0 0) (<= |ULTIMATE.start_main_~retValue_acc~36#1| 2147483647) (= ~__ste_Client_Keyring0_User1~0 0) (= ~__ste_Client_AddressBook1_Alias1~0 0) (= ~__ste_email_to1~0 0) (= ~__ste_client_name1~0.offset 0) (= ~__ste_client_privateKey1~0 0) (= ~head~0.offset 0) (= ~__ste_client_name0~0.offset 0) (= ~__ste_Client_Keyring0_PublicKey2~0 0) (= ~__ste_Client_Keyring1_PublicKey0~0 0) (= ~__ste_email_to0~0 0) (= ~__ste_email_signKey0~0 0) (= ~__SELECTED_FEATURE_Decrypt~0 0) (= ~__ste_email_encryptionKey0~0 0) (= ~__SELECTED_FEATURE_Keys~0 0) (= ~__SELECTED_FEATURE_AddressBook~0 0) (= ~__ste_client_forwardReceiver2~0 0) (= ~__ste_Client_Keyring0_PublicKey1~0 0) (= ~__SELECTED_FEATURE_Forward~0 0) (<= |ULTIMATE.start_setup_rjh_~rjh___0#1| 2) (= ~__ste_Client_Keyring0_User0~0 0) (= ~__ste_email_isSigned0~0 0) (= ~__ste_Client_Keyring2_PublicKey1~0 0) (= ~__ste_email_isSigned1~0 0) (= ~__ste_email_body0~0.base 0) (= ~__ste_Client_AddressBook0_Alias0~0 0) (= ~__ste_email_id0~0 0) (<= |ULTIMATE.start_setup_rjh_#in~rjh___0#1| 2) (= ~__ste_client_privateKey0~0 0) (= ~__ste_email_from0~0 0) (= ~__ste_Client_Keyring2_User1~0 0) (<= |ULTIMATE.start_setup_bob_~bob___0#1| 1) (= ~__ste_Client_AddressBook2_Address2~0 0) (<= |ULTIMATE.start_valid_product_#res#1| 1) (= ~__ste_Client_AddressBook2_Address1~0 0) (= ~bob~0 1) (<= |ULTIMATE.start_main_~tmp~15#1| 1) (= ~__ste_client_forwardReceiver1~0 0) (= ~__ste_Client_AddressBook1_Alias2~0 0) (<= 2 ~__ste_client_idCounter1~0) (= ~__ste_client_outbuffer0~0 0) (= ~queue_empty~0 1) (= ~__SELECTED_FEATURE_Base~0 0) (= ~__ste_client_forwardReceiver0~0 0) (= ~__ste_Client_Keyring2_User0~0 0) (= ~rjh~0 2) (= 0 ~__ste_Client_AddressBook0_Address1~0) (= ~__ste_Client_AddressBook2_Address0~0 0) (= ~__ste_email_isSignatureVerified1~0 0) (= ~__ste_Client_Keyring1_PublicKey1~0 0) (= ~__ste_Client_Keyring2_PublicKey0~0 0) (= ~__ste_Client_AddressBook1_Address0~0 0) (= ~__ste_client_name2~0.base 0) (= ~__ste_email_from1~0 0) (<= 2 |ULTIMATE.start_setup_rjh_#in~rjh___0#1|) (= ~__ste_email_subject1~0.base 0) (= ~__ste_Client_AddressBook1_Alias0~0 0) (= ~__ste_Client_Keyring2_User2~0 0) (= ~head~0.base 0) (= ~__ste_client_privateKey2~0 0) (= ~__ste_Client_Keyring1_User1~0 0) (= |#NULL.offset| 0) (= ~__ste_Client_AddressBook2_Alias2~0 0) (<= 1 |ULTIMATE.start_main_~tmp~15#1|) (= ~__ste_email_subject1~0.offset 0) (= ~__ste_Client_AddressBook0_Alias2~0 0) (= ~__ste_ClientKeyring_size0~0 0) (= ~__ste_email_isEncrypted0~0 0) (= ~queued_message~0 0) (= ~__ste_Client_AddressBook1_Address1~0 0) (= 0 ~__ste_Client_AddressBook0_Address0~0) (= ~__ste_client_outbuffer1~0 0) (<= 0 (+ 2147483648 |ULTIMATE.start_main_~retValue_acc~36#1|)) (= ~__ste_Client_AddressBook0_Alias1~0 0) (= ~__GUIDSL_ROOT_PRODUCTION~0 0) (= |ULTIMATE.start_setup_~__cil_tmp1~0#1.base| 24) (= ~chuck~0 0) (= ~__ste_client_name0~0.base 0) (= ~__ste_email_id1~0 0) (= ~__ste_client_outbuffer2~0 0) (<= 0 |#StackHeapBarrier|) (= ~__ste_ClientAddressBook_size2~0 0) (= ~__SELECTED_FEATURE_AutoResponder~0 0) (= ~__ste_email_encryptionKey1~0 0) (= ~__ste_client_autoResponse0~0 0) (= ~__ste_email_body1~0.base 0) (= ~__ste_ClientKeyring_size2~0 0) (= ~__ste_client_autoResponse2~0 0) (= |#NULL.base| 0) (= ~__ste_email_signKey1~0 0)) [2022-11-20 20:41:28,125 INFO L895 garLoopResultBuilder]: At program point L2391(line 2391) the Hoare annotation is: (and (= ~queued_client~0 0) (= ~__ste_Client_Keyring1_User2~0 0) (= ~__GUIDSL_NON_TERMINAL_main~0 0) (= ~__ste_email_isEncrypted1~0 0) (= ~__ste_email_subject0~0.offset 0) (= ~__SELECTED_FEATURE_Sign~0 0) (= 0 ~__ste_Client_AddressBook0_Address2~0) (= ~__ste_client_outbuffer3~0 0) (<= 1 |ULTIMATE.start_valid_product_#res#1|) (<= 1 |ULTIMATE.start_setup_bob_#in~bob___0#1|) (= ~__ste_Client_counter~0 0) (= ~__ste_Client_Keyring1_PublicKey2~0 0) (= ~__ste_client_autoResponse1~0 0) (= ~__ste_Client_AddressBook2_Alias0~0 0) (= |ULTIMATE.start_setup_~__cil_tmp1~0#1.offset| 0) (= 0 ~__ste_email_subject0~0.base) (= ~__ste_Client_AddressBook2_Alias1~0 0) (= ~__ste_Client_Keyring2_PublicKey2~0 0) (= ~__ste_client_forwardReceiver3~0 0) (<= |ULTIMATE.start_setup_bob_#in~bob___0#1| 1) (= 1 |ULTIMATE.start_valid_product_~retValue_acc~41#1|) (= ~__ste_client_name2~0.offset 0) (= ~__ste_client_name1~0.base 0) (= ~__SELECTED_FEATURE_Verify~0 0) (= ~__ste_Client_Keyring1_User0~0 0) (= ~__ste_email_body1~0.offset 0) (= ~__SELECTED_FEATURE_Encrypt~0 0) (= ~__ste_Client_AddressBook1_Address2~0 0) (<= 1 |ULTIMATE.start_setup_bob_~bob___0#1|) (= ~__ste_ClientAddressBook_size1~0 0) (= ~__ste_Client_Keyring0_PublicKey0~0 0) (= ~__ste_Email_counter~0 0) (= ~__ste_ClientKeyring_size1~0 0) (= ~__ste_email_body0~0.offset 0) (= ~__ste_email_isSignatureVerified0~0 0) (= ~__ste_Client_Keyring0_User2~0 0) (= ~__ste_ClientAddressBook_size0~0 0) (<= |ULTIMATE.start_main_~retValue_acc~36#1| 2147483647) (= ~__ste_Client_Keyring0_User1~0 0) (= ~__ste_Client_AddressBook1_Alias1~0 0) (= ~__ste_email_to1~0 0) (= ~__ste_client_name1~0.offset 0) (= ~__ste_client_privateKey1~0 0) (= ~head~0.offset 0) (= ~__ste_client_name0~0.offset 0) (= ~__ste_Client_Keyring0_PublicKey2~0 0) (= ~__ste_Client_Keyring1_PublicKey0~0 0) (= |ULTIMATE.start_setup_rjh_#in~rjh___0#1| ~rjh~0) (= ~__ste_email_to0~0 0) (= ~__ste_email_signKey0~0 0) (= ~__SELECTED_FEATURE_Decrypt~0 0) (= ~__ste_email_encryptionKey0~0 0) (= ~__SELECTED_FEATURE_Keys~0 0) (= ~__SELECTED_FEATURE_AddressBook~0 0) (= ~__ste_client_forwardReceiver2~0 0) (= ~__ste_Client_Keyring0_PublicKey1~0 0) (= |ULTIMATE.start_setup_rjh_#in~rjh___0#1| |ULTIMATE.start_setup_rjh_~rjh___0#1|) (= ~__SELECTED_FEATURE_Forward~0 0) (= ~__ste_Client_Keyring0_User0~0 0) (= ~__ste_email_isSigned0~0 0) (= ~__ste_Client_Keyring2_PublicKey1~0 0) (= ~__ste_email_isSigned1~0 0) (= ~__ste_email_body0~0.base 0) (= ~__ste_Client_AddressBook0_Alias0~0 0) (= ~__ste_email_id0~0 0) (= ~__ste_client_privateKey0~0 0) (= ~__ste_email_from0~0 0) (= ~__ste_Client_Keyring2_User1~0 0) (<= |ULTIMATE.start_setup_bob_~bob___0#1| 1) (= ~__ste_Client_AddressBook2_Address2~0 0) (<= |ULTIMATE.start_valid_product_#res#1| 1) (= ~__ste_Client_AddressBook2_Address1~0 0) (= ~bob~0 1) (<= |ULTIMATE.start_main_~tmp~15#1| 1) (= ~__ste_client_forwardReceiver1~0 0) (= ~__ste_Client_AddressBook1_Alias2~0 0) (= ~__ste_client_outbuffer0~0 0) (= ~queue_empty~0 1) (= ~__SELECTED_FEATURE_Base~0 0) (= ~__ste_client_forwardReceiver0~0 0) (= ~__ste_Client_Keyring2_User0~0 0) (= ~rjh~0 2) (= 0 ~__ste_Client_AddressBook0_Address1~0) (= ~__ste_Client_AddressBook2_Address0~0 0) (= ~__ste_email_isSignatureVerified1~0 0) (= ~__ste_Client_Keyring1_PublicKey1~0 0) (= ~__ste_Client_Keyring2_PublicKey0~0 0) (= ~__ste_Client_AddressBook1_Address0~0 0) (= ~__ste_client_name2~0.base 0) (= ~__ste_email_from1~0 0) (<= ~__ste_client_idCounter0~0 1) (= ~__ste_email_subject1~0.base 0) (= ~__ste_Client_AddressBook1_Alias0~0 0) (= ~__ste_Client_Keyring2_User2~0 0) (= ~head~0.base 0) (= ~__ste_client_privateKey2~0 0) (= ~__ste_Client_Keyring1_User1~0 0) (= |#NULL.offset| 0) (= ~__ste_Client_AddressBook2_Alias2~0 0) (<= 1 |ULTIMATE.start_main_~tmp~15#1|) (= ~__ste_email_subject1~0.offset 0) (= ~__ste_Client_AddressBook0_Alias2~0 0) (= ~__ste_ClientKeyring_size0~0 0) (= ~__ste_email_isEncrypted0~0 0) (= ~queued_message~0 0) (= ~__ste_Client_AddressBook1_Address1~0 0) (= 0 ~__ste_Client_AddressBook0_Address0~0) (<= 1 ~__ste_client_idCounter0~0) (= ~__ste_client_outbuffer1~0 0) (<= 0 (+ 2147483648 |ULTIMATE.start_main_~retValue_acc~36#1|)) (= ~__ste_Client_AddressBook0_Alias1~0 0) (= ~__GUIDSL_ROOT_PRODUCTION~0 0) (= |ULTIMATE.start_setup_~__cil_tmp1~0#1.base| 24) (= ~chuck~0 0) (= ~__ste_client_name0~0.base 0) (= ~__ste_email_id1~0 0) (= ~__ste_client_outbuffer2~0 0) (<= 0 |#StackHeapBarrier|) (= ~__ste_ClientAddressBook_size2~0 0) (= ~__SELECTED_FEATURE_AutoResponder~0 0) (= ~__ste_email_encryptionKey1~0 0) (= ~__ste_client_autoResponse0~0 0) (= ~__ste_email_body1~0.base 0) (= ~__ste_ClientKeyring_size2~0 0) (= ~__ste_client_autoResponse2~0 0) (= |#NULL.base| 0) (= ~__ste_email_signKey1~0 0)) [2022-11-20 20:41:28,126 INFO L899 garLoopResultBuilder]: For program point L1813(lines 1812 1958) no Hoare annotation was computed. [2022-11-20 20:41:28,126 INFO L899 garLoopResultBuilder]: For program point L1929(lines 1929 1933) no Hoare annotation was computed. [2022-11-20 20:41:28,126 INFO L899 garLoopResultBuilder]: For program point L1896(lines 1896 1900) no Hoare annotation was computed. [2022-11-20 20:41:28,126 INFO L902 garLoopResultBuilder]: At program point L1830(lines 1820 1957) the Hoare annotation is: true [2022-11-20 20:41:28,126 INFO L902 garLoopResultBuilder]: At program point L1913(lines 1903 1950) the Hoare annotation is: true [2022-11-20 20:41:28,127 INFO L902 garLoopResultBuilder]: At program point L1882(lines 1882 1889) the Hoare annotation is: true [2022-11-20 20:41:28,127 INFO L899 garLoopResultBuilder]: For program point L1849(lines 1849 1853) no Hoare annotation was computed. [2022-11-20 20:41:28,127 INFO L902 garLoopResultBuilder]: At program point L1866(lines 1856 1954) the Hoare annotation is: true [2022-11-20 20:41:28,127 INFO L902 garLoopResultBuilder]: At program point L1835(lines 1835 1842) the Hoare annotation is: true [2022-11-20 20:41:28,127 INFO L899 garLoopResultBuilder]: For program point getEmailFromEXIT(lines 125 143) no Hoare annotation was computed. [2022-11-20 20:41:28,127 INFO L902 garLoopResultBuilder]: At program point getEmailFromENTRY(lines 125 143) the Hoare annotation is: true [2022-11-20 20:41:28,127 INFO L899 garLoopResultBuilder]: For program point isReadableEXIT(lines 2534 2542) no Hoare annotation was computed. [2022-11-20 20:41:28,128 INFO L902 garLoopResultBuilder]: At program point isReadableENTRY(lines 2534 2542) the Hoare annotation is: true [2022-11-20 20:41:28,128 INFO L902 garLoopResultBuilder]: At program point queueENTRY(lines 1699 1708) the Hoare annotation is: true [2022-11-20 20:41:28,128 INFO L899 garLoopResultBuilder]: For program point queueEXIT(lines 1699 1708) no Hoare annotation was computed. [2022-11-20 20:41:28,128 INFO L899 garLoopResultBuilder]: For program point setClientIdEXIT(lines 1538 1557) no Hoare annotation was computed. [2022-11-20 20:41:28,128 INFO L902 garLoopResultBuilder]: At program point setClientIdENTRY(lines 1538 1557) the Hoare annotation is: true [2022-11-20 20:41:28,131 INFO L444 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1] [2022-11-20 20:41:28,133 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-20 20:41:28,216 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 20.11 08:41:28 BoogieIcfgContainer [2022-11-20 20:41:28,216 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-20 20:41:28,217 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-20 20:41:28,217 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-20 20:41:28,218 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-20 20:41:28,218 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.11 08:30:09" (3/4) ... [2022-11-20 20:41:28,221 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-20 20:41:28,227 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure outgoing [2022-11-20 20:41:28,227 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure sendEmail [2022-11-20 20:41:28,227 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure setEmailFrom [2022-11-20 20:41:28,227 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure setEmailTo [2022-11-20 20:41:28,228 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure getEmailTo [2022-11-20 20:41:28,228 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure getEmailFrom [2022-11-20 20:41:28,228 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isReadable [2022-11-20 20:41:28,228 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure queue [2022-11-20 20:41:28,228 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure setClientId [2022-11-20 20:41:28,241 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 109 nodes and edges [2022-11-20 20:41:28,242 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 40 nodes and edges [2022-11-20 20:41:28,243 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 8 nodes and edges [2022-11-20 20:41:28,244 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 3 nodes and edges [2022-11-20 20:41:28,245 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-20 20:41:28,246 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-20 20:41:28,274 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((queued_client == 0 && __ste_Client_Keyring1_User2 == 0) && __GUIDSL_NON_TERMINAL_main == 0) && __ste_email_isEncrypted1 == 0) && __ste_email_subject0 == 0) && __SELECTED_FEATURE_Sign == 0) && 0 == __ste_Client_AddressBook0_Address2) && __ste_client_outbuffer3 == 0) && 1 <= \result) && 1 <= \old(bob___0)) && __ste_Client_counter == 0) && rjh == 0) && __ste_Client_Keyring1_PublicKey2 == 0) && __ste_client_autoResponse1 == 0) && __ste_Client_AddressBook2_Alias0 == 0) && 0 == __ste_email_subject0) && __ste_Client_AddressBook2_Alias1 == 0) && __ste_Client_Keyring2_PublicKey2 == 0) && __ste_client_forwardReceiver3 == 0) && \old(bob___0) <= 1) && 1 == retValue_acc) && __ste_client_name2 == 0) && __ste_client_name1 == 0) && __SELECTED_FEATURE_Verify == 0) && __ste_Client_Keyring1_User0 == 0) && __ste_email_body1 == 0) && __SELECTED_FEATURE_Encrypt == 0) && __ste_Client_AddressBook1_Address2 == 0) && 1 <= bob___0) && __ste_ClientAddressBook_size1 == 0) && __ste_Client_Keyring0_PublicKey0 == 0) && __ste_Email_counter == 0) && __ste_ClientKeyring_size1 == 0) && __ste_email_body0 == 0) && __ste_email_isSignatureVerified0 == 0) && __ste_Client_Keyring0_User2 == 0) && __ste_ClientAddressBook_size0 == 0) && retValue_acc <= 2147483647) && __ste_Client_Keyring0_User1 == 0) && __ste_Client_AddressBook1_Alias1 == 0) && __ste_email_to1 == 0) && __ste_client_name1 == 0) && __ste_client_privateKey1 == 0) && head == 0) && __ste_client_name0 == 0) && __ste_Client_Keyring0_PublicKey2 == 0) && __ste_Client_Keyring1_PublicKey0 == 0) && __ste_email_to0 == 0) && __ste_email_signKey0 == 0) && __SELECTED_FEATURE_Decrypt == 0) && __ste_email_encryptionKey0 == 0) && __SELECTED_FEATURE_Keys == 0) && __SELECTED_FEATURE_AddressBook == 0) && __ste_client_forwardReceiver2 == 0) && __ste_Client_Keyring0_PublicKey1 == 0) && __SELECTED_FEATURE_Forward == 0) && __ste_Client_Keyring0_User0 == 0) && __ste_email_isSigned0 == 0) && __ste_Client_Keyring2_PublicKey1 == 0) && __ste_email_isSigned1 == 0) && __ste_email_body0 == 0) && __ste_Client_AddressBook0_Alias0 == 0) && __ste_email_id0 == 0) && __ste_client_privateKey0 == 0) && __ste_email_from0 == 0) && __ste_Client_Keyring2_User1 == 0) && bob___0 <= 1) && __ste_Client_AddressBook2_Address2 == 0) && \result <= 1) && __ste_Client_AddressBook2_Address1 == 0) && bob == 1) && tmp <= 1) && __ste_client_forwardReceiver1 == 0) && __ste_Client_AddressBook1_Alias2 == 0) && __ste_client_outbuffer0 == 0) && queue_empty == 1) && __SELECTED_FEATURE_Base == 0) && __ste_client_forwardReceiver0 == 0) && __ste_Client_Keyring2_User0 == 0) && 0 == __ste_Client_AddressBook0_Address1) && __ste_Client_AddressBook2_Address0 == 0) && __ste_email_isSignatureVerified1 == 0) && __ste_Client_Keyring1_PublicKey1 == 0) && __ste_Client_Keyring2_PublicKey0 == 0) && __ste_Client_AddressBook1_Address0 == 0) && __ste_client_name2 == 0) && __ste_email_from1 == 0) && __ste_client_idCounter0 <= 1) && __ste_email_subject1 == 0) && __ste_Client_AddressBook1_Alias0 == 0) && __ste_Client_Keyring2_User2 == 0) && head == 0) && __ste_client_privateKey2 == 0) && __ste_Client_Keyring1_User1 == 0) && #NULL == 0) && __ste_Client_AddressBook2_Alias2 == 0) && 1 <= tmp) && __ste_email_subject1 == 0) && __ste_Client_AddressBook0_Alias2 == 0) && __ste_ClientKeyring_size0 == 0) && __ste_email_isEncrypted0 == 0) && queued_message == 0) && __ste_Client_AddressBook1_Address1 == 0) && 0 == __ste_Client_AddressBook0_Address0) && 1 <= __ste_client_idCounter0) && __ste_client_outbuffer1 == 0) && 0 <= 2147483648 + retValue_acc) && __ste_Client_AddressBook0_Alias1 == 0) && __GUIDSL_ROOT_PRODUCTION == 0) && chuck == 0) && __ste_client_name0 == 0) && __ste_email_id1 == 0) && __ste_client_outbuffer2 == 0) && 0 <= unknown-#StackHeapBarrier-unknown) && __ste_ClientAddressBook_size2 == 0) && __SELECTED_FEATURE_AutoResponder == 0) && __ste_email_encryptionKey1 == 0) && __ste_client_autoResponse0 == 0) && __ste_email_body1 == 0) && __ste_ClientKeyring_size2 == 0) && __ste_client_autoResponse2 == 0) && #NULL == 0) && __ste_email_signKey1 == 0 [2022-11-20 20:41:28,275 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((queued_client == 0 && __ste_Client_Keyring1_User2 == 0) && __GUIDSL_NON_TERMINAL_main == 0) && __ste_email_isEncrypted1 == 0) && __ste_email_subject0 == 0) && __SELECTED_FEATURE_Sign == 0) && 0 == __ste_Client_AddressBook0_Address2) && __ste_client_outbuffer3 == 0) && 1 <= \result) && 1 <= \old(bob___0)) && __ste_Client_counter == 0) && __ste_Client_Keyring1_PublicKey2 == 0) && __ste_client_autoResponse1 == 0) && 2 <= rjh___0) && __ste_Client_AddressBook2_Alias0 == 0) && __cil_tmp1 == 0) && 0 == __ste_email_subject0) && __ste_client_idCounter1 <= 2) && __ste_Client_AddressBook2_Alias1 == 0) && __ste_Client_Keyring2_PublicKey2 == 0) && __ste_client_forwardReceiver3 == 0) && \old(bob___0) <= 1) && 1 == retValue_acc) && __ste_client_name2 == 0) && __ste_client_name1 == 0) && __SELECTED_FEATURE_Verify == 0) && __ste_Client_Keyring1_User0 == 0) && __ste_email_body1 == 0) && __SELECTED_FEATURE_Encrypt == 0) && __ste_Client_AddressBook1_Address2 == 0) && 1 <= bob___0) && __ste_ClientAddressBook_size1 == 0) && __ste_Client_Keyring0_PublicKey0 == 0) && __ste_Email_counter == 0) && __ste_ClientKeyring_size1 == 0) && __ste_email_body0 == 0) && __ste_email_isSignatureVerified0 == 0) && __ste_Client_Keyring0_User2 == 0) && __ste_ClientAddressBook_size0 == 0) && retValue_acc <= 2147483647) && __ste_Client_Keyring0_User1 == 0) && __ste_Client_AddressBook1_Alias1 == 0) && __ste_email_to1 == 0) && __ste_client_name1 == 0) && __ste_client_privateKey1 == 0) && head == 0) && __ste_client_name0 == 0) && __ste_Client_Keyring0_PublicKey2 == 0) && __ste_Client_Keyring1_PublicKey0 == 0) && __ste_email_to0 == 0) && __ste_email_signKey0 == 0) && __SELECTED_FEATURE_Decrypt == 0) && __ste_email_encryptionKey0 == 0) && __SELECTED_FEATURE_Keys == 0) && __SELECTED_FEATURE_AddressBook == 0) && __ste_client_forwardReceiver2 == 0) && __ste_Client_Keyring0_PublicKey1 == 0) && __SELECTED_FEATURE_Forward == 0) && rjh___0 <= 2) && __ste_Client_Keyring0_User0 == 0) && __ste_email_isSigned0 == 0) && __ste_Client_Keyring2_PublicKey1 == 0) && __ste_email_isSigned1 == 0) && __ste_email_body0 == 0) && __ste_Client_AddressBook0_Alias0 == 0) && __ste_email_id0 == 0) && \old(rjh___0) <= 2) && __ste_client_privateKey0 == 0) && __ste_email_from0 == 0) && __ste_Client_Keyring2_User1 == 0) && bob___0 <= 1) && __ste_Client_AddressBook2_Address2 == 0) && \result <= 1) && __ste_Client_AddressBook2_Address1 == 0) && bob == 1) && tmp <= 1) && __ste_client_forwardReceiver1 == 0) && __ste_Client_AddressBook1_Alias2 == 0) && 2 <= __ste_client_idCounter1) && __ste_client_outbuffer0 == 0) && queue_empty == 1) && __SELECTED_FEATURE_Base == 0) && __ste_client_forwardReceiver0 == 0) && __ste_Client_Keyring2_User0 == 0) && rjh == 2) && 0 == __ste_Client_AddressBook0_Address1) && __ste_Client_AddressBook2_Address0 == 0) && __ste_email_isSignatureVerified1 == 0) && __ste_Client_Keyring1_PublicKey1 == 0) && __ste_Client_Keyring2_PublicKey0 == 0) && __ste_Client_AddressBook1_Address0 == 0) && __ste_client_name2 == 0) && __ste_email_from1 == 0) && 2 <= \old(rjh___0)) && __ste_email_subject1 == 0) && __ste_Client_AddressBook1_Alias0 == 0) && __ste_Client_Keyring2_User2 == 0) && head == 0) && __ste_client_privateKey2 == 0) && __ste_Client_Keyring1_User1 == 0) && #NULL == 0) && __ste_Client_AddressBook2_Alias2 == 0) && 1 <= tmp) && __ste_email_subject1 == 0) && __ste_Client_AddressBook0_Alias2 == 0) && __ste_ClientKeyring_size0 == 0) && __ste_email_isEncrypted0 == 0) && queued_message == 0) && __ste_Client_AddressBook1_Address1 == 0) && 0 == __ste_Client_AddressBook0_Address0) && __ste_client_outbuffer1 == 0) && 0 <= 2147483648 + retValue_acc) && __ste_Client_AddressBook0_Alias1 == 0) && __GUIDSL_ROOT_PRODUCTION == 0) && __cil_tmp1 == 24) && chuck == 0) && __ste_client_name0 == 0) && __ste_email_id1 == 0) && __ste_client_outbuffer2 == 0) && 0 <= unknown-#StackHeapBarrier-unknown) && __ste_ClientAddressBook_size2 == 0) && __SELECTED_FEATURE_AutoResponder == 0) && __ste_email_encryptionKey1 == 0) && __ste_client_autoResponse0 == 0) && __ste_email_body1 == 0) && __ste_ClientKeyring_size2 == 0) && __ste_client_autoResponse2 == 0) && #NULL == 0) && __ste_email_signKey1 == 0 [2022-11-20 20:41:28,275 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((queued_client == 0 && __ste_Client_Keyring1_User2 == 0) && __GUIDSL_NON_TERMINAL_main == 0) && __ste_email_isEncrypted1 == 0) && __ste_email_subject0 == 0) && __SELECTED_FEATURE_Sign == 0) && 0 == __ste_Client_AddressBook0_Address2) && __cil_tmp2 == 0) && __ste_client_outbuffer3 == 0) && 1 <= \result) && 1 <= \old(bob___0)) && __ste_Client_counter == 0) && __ste_Client_Keyring1_PublicKey2 == 0) && __ste_client_autoResponse1 == 0) && 2 <= rjh___0) && __ste_Client_AddressBook2_Alias0 == 0) && __cil_tmp1 == 0) && 0 == __ste_email_subject0) && __ste_Client_AddressBook2_Alias1 == 0) && __ste_Client_Keyring2_PublicKey2 == 0) && __ste_client_forwardReceiver3 == 0) && \old(bob___0) <= 1) && 1 == retValue_acc) && __ste_client_name2 == 0) && __ste_client_name1 == 0) && \old(chuck___0) <= 3) && __SELECTED_FEATURE_Verify == 0) && __ste_Client_Keyring1_User0 == 0) && __ste_client_idCounter2 <= 3) && __ste_email_body1 == 0) && __SELECTED_FEATURE_Encrypt == 0) && __ste_Client_AddressBook1_Address2 == 0) && 1 <= bob___0) && __ste_ClientAddressBook_size1 == 0) && __ste_Client_Keyring0_PublicKey0 == 0) && __ste_Email_counter == 0) && __ste_ClientKeyring_size1 == 0) && __ste_email_body0 == 0) && __ste_email_isSignatureVerified0 == 0) && __ste_Client_Keyring0_User2 == 0) && __ste_ClientAddressBook_size0 == 0) && retValue_acc <= 2147483647) && __ste_Client_Keyring0_User1 == 0) && __ste_Client_AddressBook1_Alias1 == 0) && __ste_email_to1 == 0) && __ste_client_name1 == 0) && __ste_client_privateKey1 == 0) && head == 0) && __ste_client_name0 == 0) && __ste_Client_Keyring0_PublicKey2 == 0) && __ste_Client_Keyring1_PublicKey0 == 0) && __ste_email_to0 == 0) && __ste_email_signKey0 == 0) && __SELECTED_FEATURE_Decrypt == 0) && __ste_email_encryptionKey0 == 0) && __SELECTED_FEATURE_Keys == 0) && __SELECTED_FEATURE_AddressBook == 0) && __ste_client_forwardReceiver2 == 0) && __ste_Client_Keyring0_PublicKey1 == 0) && __SELECTED_FEATURE_Forward == 0) && rjh___0 <= 2) && __ste_Client_Keyring0_User0 == 0) && __ste_email_isSigned0 == 0) && __ste_Client_Keyring2_PublicKey1 == 0) && __ste_email_isSigned1 == 0) && __ste_email_body0 == 0) && __ste_Client_AddressBook0_Alias0 == 0) && __ste_email_id0 == 0) && \old(rjh___0) <= 2) && __ste_client_privateKey0 == 0) && __ste_email_from0 == 0) && __ste_Client_Keyring2_User1 == 0) && bob___0 <= 1) && 3 <= __ste_client_idCounter2) && __ste_Client_AddressBook2_Address2 == 0) && \result <= 1) && 3 == chuck) && __ste_Client_AddressBook2_Address1 == 0) && bob == 1) && tmp <= 1) && __ste_client_forwardReceiver1 == 0) && 3 <= chuck___0) && __ste_Client_AddressBook1_Alias2 == 0) && __ste_client_outbuffer0 == 0) && queue_empty == 1) && __SELECTED_FEATURE_Base == 0) && __ste_client_forwardReceiver0 == 0) && 3 <= \old(chuck___0)) && __ste_Client_Keyring2_User0 == 0) && rjh == 2) && 0 == __ste_Client_AddressBook0_Address1) && __ste_Client_AddressBook2_Address0 == 0) && __ste_email_isSignatureVerified1 == 0) && __ste_Client_Keyring1_PublicKey1 == 0) && __ste_Client_Keyring2_PublicKey0 == 0) && __ste_Client_AddressBook1_Address0 == 0) && __ste_client_name2 == 0) && __ste_email_from1 == 0) && 2 <= \old(rjh___0)) && __ste_email_subject1 == 0) && __cil_tmp2 == 25) && __ste_Client_AddressBook1_Alias0 == 0) && __ste_Client_Keyring2_User2 == 0) && head == 0) && chuck___0 <= 3) && __ste_client_privateKey2 == 0) && __ste_Client_Keyring1_User1 == 0) && #NULL == 0) && __ste_Client_AddressBook2_Alias2 == 0) && 1 <= tmp) && __ste_email_subject1 == 0) && __ste_Client_AddressBook0_Alias2 == 0) && __ste_ClientKeyring_size0 == 0) && __ste_email_isEncrypted0 == 0) && queued_message == 0) && __ste_Client_AddressBook1_Address1 == 0) && 0 == __ste_Client_AddressBook0_Address0) && __ste_client_outbuffer1 == 0) && 0 <= 2147483648 + retValue_acc) && __ste_Client_AddressBook0_Alias1 == 0) && __GUIDSL_ROOT_PRODUCTION == 0) && __cil_tmp1 == 24) && __ste_client_name0 == 0) && __ste_email_id1 == 0) && __ste_client_outbuffer2 == 0) && 0 <= unknown-#StackHeapBarrier-unknown) && __ste_ClientAddressBook_size2 == 0) && __SELECTED_FEATURE_AutoResponder == 0) && __ste_email_encryptionKey1 == 0) && __ste_client_autoResponse0 == 0) && __ste_email_body1 == 0) && __ste_ClientKeyring_size2 == 0) && __ste_client_autoResponse2 == 0) && #NULL == 0) && __ste_email_signKey1 == 0 [2022-11-20 20:41:28,277 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((!(__ste_client_privateKey0 <= 0) || !(0 <= __ste_email_subject0)) || !(__ste_Client_AddressBook1_Address2 == 0)) || !(0 <= __ste_Client_AddressBook2_Address1)) || !(0 <= \old(queued_message))) || !(__ste_email_isEncrypted1 <= 0)) || !(0 <= __ste_client_privateKey0)) || !(__ste_email_subject1 <= 0)) || !(0 <= \old(__ste_email_from0))) || !(__ste_email_signKey1 <= 0)) || !(__SELECTED_FEATURE_Verify <= 0)) || !(0 <= __ste_email_subject1)) || !(0 <= __ste_Client_AddressBook1_Address1)) || !(0 <= head)) || !(__ste_client_name2 == 0)) || !(__ste_Client_AddressBook1_Alias1 == 0)) || !(__SELECTED_FEATURE_AutoResponder <= 0)) || !(__ste_Client_AddressBook0_Alias1 <= 0)) || !(0 <= #NULL)) || !(__ste_client_privateKey1 <= 0)) || !(__ste_Client_AddressBook2_Alias0 <= 0)) || !(0 <= __ste_client_forwardReceiver1)) || !(0 <= __ste_client_privateKey1)) || !(__ste_Client_counter == 0)) || !(0 <= __ste_email_id1)) || !(__ste_Client_AddressBook2_Address1 <= 0)) || !(3 <= chuck)) || !(\old(queued_message) <= 0)) || !(__ste_ClientAddressBook_size1 <= 0)) || !(__ste_Client_Keyring1_PublicKey1 == 0)) || !(0 <= __ste_Client_Keyring0_User0)) || !(0 <= __ste_email_body1)) || !(\old(queued_client) <= 0)) || !(__ste_ClientAddressBook_size2 == 0)) || !(0 <= __ste_email_encryptionKey0)) || !(0 <= __ste_Client_Keyring1_User2)) || !(__ste_ClientKeyring_size0 <= 0)) || !(0 <= __SELECTED_FEATURE_AddressBook)) || (((((((((((((((((queued_message <= 0 && \old(receiver) == receiver) && from == __ste_email_from0) && to <= 2) && 0 <= queued_message) && from == \old(from)) && 1 <= sender) && sender <= 1) && \old(queue_empty) == queue_empty) && __ste_email_from0 <= 0) && queued_client == \old(queued_client)) && \old(to) <= 2) && 2 <= \old(to)) && 2 <= __ste_email_to0) && 2 <= to) && __ste_email_to0 <= 2) && 1 == msg) && 0 <= \old(from))) || !(__SELECTED_FEATURE_Decrypt <= 0)) || !(0 <= __ste_Client_AddressBook2_Address0)) || !(__ste_client_outbuffer1 <= 0)) || !(__ste_Client_Keyring0_User2 == 0)) || !(0 <= __GUIDSL_ROOT_PRODUCTION)) || !(head <= 0)) || !(__ste_Client_AddressBook2_Alias2 == 0)) || !(\old(__ste_email_to1) <= 0)) || !(__ste_Client_Keyring0_PublicKey2 <= 0)) || !(0 <= __ste_Client_AddressBook2_Alias0)) || !(2 <= rjh)) || !(bob <= 1)) || !(0 <= __ste_ClientKeyring_size1)) || !(__ste_Client_AddressBook2_Address0 <= 0)) || !(0 <= __SELECTED_FEATURE_AutoResponder)) || !(__ste_ClientAddressBook_size0 <= 0)) || !(rjh <= 2)) || !(0 <= __ste_Client_AddressBook0_Alias2)) || !(0 <= __ste_email_isSignatureVerified0)) || !(__SELECTED_FEATURE_Forward == 0)) || !(__ste_Client_AddressBook2_Alias1 <= 0)) || !(0 <= __ste_Client_Keyring2_PublicKey0)) || !(__ste_Client_AddressBook1_Alias0 <= 0)) || !(__ste_Client_AddressBook1_Address1 <= 0)) || !(__ste_email_body1 == 0)) || !(0 <= __SELECTED_FEATURE_Decrypt)) || !(__ste_client_forwardReceiver0 == 0)) || !(__ste_email_body0 == 0)) || !(0 <= __ste_Client_Keyring1_PublicKey2)) || !(0 <= __ste_Client_Keyring0_PublicKey2)) || !(0 <= __GUIDSL_NON_TERMINAL_main)) || !(__ste_client_name2 <= 0)) || !(1 <= bob)) || !(head == 0)) || !(__ste_email_subject0 <= 0)) || !(0 <= __ste_Client_Keyring2_User1)) || !(0 <= __ste_client_name2)) || !(__ste_client_forwardReceiver3 <= 0)) || !(0 <= __ste_email_isSignatureVerified1)) || !(__SELECTED_FEATURE_Sign == 0)) || !(0 <= __ste_email_signKey1)) || !(0 <= __ste_client_outbuffer1)) || !(bob == \old(sender))) || !(0 <= __ste_ClientAddressBook_size1)) || !(0 <= \old(__ste_email_to1))) || !(0 <= __ste_client_name0)) || !(0 <= \old(queued_client))) || !(0 <= __ste_Client_AddressBook1_Alias0)) || !(__ste_Client_Keyring1_User1 == 0)) || !(__ste_client_outbuffer0 <= 0)) || !(__ste_client_name0 <= 0)) || !(__ste_email_id1 <= 0)) || !(__SELECTED_FEATURE_Encrypt <= 0)) || !(__ste_client_privateKey2 <= 0)) || !(0 <= __ste_email_isSigned0)) || !(0 <= __ste_client_autoResponse2)) || !(__ste_Client_AddressBook0_Alias0 == 0)) || !(__ste_Client_Keyring1_PublicKey2 <= 0)) || !(__ste_Client_Keyring1_PublicKey0 <= 0)) || !(__ste_client_outbuffer3 == 0)) || !(__ste_client_autoResponse0 <= 0)) || !(__ste_Client_AddressBook0_Alias2 <= 0)) || !(0 <= __ste_client_privateKey2)) || !(\old(receiver) == rjh)) || !(__ste_ClientKeyring_size1 <= 0)) || !(__ste_client_name0 <= 0)) || !(__ste_Client_Keyring2_PublicKey1 == 0)) || !(__SELECTED_FEATURE_Base == 0)) || !(__ste_Client_AddressBook1_Alias2 <= 0)) || !(0 <= \old(__ste_email_from1))) || !(__ste_email_encryptionKey1 == 0)) || !(#NULL <= 0)) || !(__ste_Client_AddressBook0_Address1 <= 0)) || !(0 <= __ste_client_forwardReceiver2)) || !(__ste_email_subject0 <= 0)) || !(0 <= __ste_Email_counter)) || !(0 <= __SELECTED_FEATURE_Encrypt)) || !(__ste_Client_Keyring1_User0 <= 0)) || !(0 <= __ste_email_isEncrypted1)) || !(#NULL == 0)) || !(__ste_Client_Keyring0_PublicKey1 == 0)) || !(__ste_Client_Keyring0_User1 == 0)) || !(0 <= __ste_ClientKeyring_size0)) || !(__ste_Client_AddressBook0_Address2 <= 0)) || !(chuck <= 3)) || !(0 <= __SELECTED_FEATURE_Verify)) || !(__ste_Client_Keyring2_User1 <= 0)) || !(0 <= __ste_client_forwardReceiver3)) || !(0 <= __ste_Client_AddressBook2_Alias1)) || !(\old(__ste_email_to0) <= 0)) || !(__ste_Client_Keyring2_User2 <= 0)) || !(0 <= __ste_email_isSigned1)) || !(__SELECTED_FEATURE_AddressBook <= 0)) || !(__ste_email_subject1 == 0)) || !(0 <= __ste_Client_AddressBook1_Alias2)) || !(__ste_email_isSigned1 <= 0)) || !(__ste_Client_AddressBook2_Address2 == 0)) || !(__ste_client_name1 == 0)) || !(__ste_client_forwardReceiver2 <= 0)) || !(0 <= __ste_Client_Keyring2_User2)) || !(__SELECTED_FEATURE_Keys <= 0)) || !(__ste_email_body0 == 0)) || !(__ste_ClientKeyring_size2 == 0)) || !(0 <= __ste_Client_Keyring0_PublicKey0)) || !(\old(__ste_email_from1) <= 0)) || !(0 <= __ste_client_name1)) || !(\old(queue_empty) <= 1)) || !(__ste_Client_AddressBook0_Address0 <= 0)) || !(0 <= __ste_Client_AddressBook0_Address0)) || !(__ste_client_idCounter2 <= 3)) || !(__ste_Client_AddressBook1_Address0 == 0)) || !(0 <= __ste_Client_AddressBook0_Alias1)) || !(0 <= __ste_email_id0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(__ste_email_isSignatureVerified0 <= 0)) || !(0 <= __ste_Client_Keyring1_PublicKey0)) || !(0 <= __ste_ClientAddressBook_size0)) || !(1 <= \old(queue_empty))) || !(0 <= __SELECTED_FEATURE_Keys)) || !(\old(__ste_email_from0) <= 0)) || !(__GUIDSL_ROOT_PRODUCTION <= 0)) || !(__ste_client_forwardReceiver1 <= 0)) || !(__ste_email_body1 <= 0)) || !(__ste_Client_Keyring2_PublicKey2 <= 0)) || !(__ste_email_isEncrypted0 <= 0)) || !(__ste_client_autoResponse2 <= 0)) || !(__ste_Client_Keyring2_PublicKey0 <= 0)) || !(0 <= __ste_Client_Keyring1_User0)) || !(0 <= __ste_client_name0)) || !(0 <= __ste_client_outbuffer0)) || !(0 <= __ste_client_autoResponse1)) || !(__ste_email_encryptionKey0 <= 0)) || !(0 <= __ste_client_autoResponse0)) || !(__ste_Client_Keyring0_User0 <= 0)) || !(__ste_client_outbuffer2 == 0)) || !(0 <= \old(__ste_email_to0))) || !(0 <= __ste_Client_AddressBook0_Address1)) || !(__ste_client_name1 <= 0)) || !(__ste_email_isSignatureVerified1 <= 0)) || !(__ste_Email_counter <= 0)) || !(__ste_Client_Keyring2_User0 == 0)) || !(0 <= __ste_email_signKey0)) || !(__GUIDSL_NON_TERMINAL_main <= 0)) || !(0 <= __ste_Client_AddressBook0_Address2)) || !(__ste_Client_Keyring0_PublicKey0 <= 0)) || !(__ste_Client_Keyring1_User2 <= 0)) || !(0 <= __ste_Client_Keyring2_PublicKey2)) || !(__ste_email_isSigned0 <= 0)) || !(__ste_email_id0 <= 0)) || !(__ste_email_signKey0 <= 0)) || !(3 <= __ste_client_idCounter2)) || !(0 <= __ste_email_isEncrypted0)) || !(0 <= __ste_email_subject0) [2022-11-20 20:41:28,278 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((!(__ste_client_privateKey0 <= 0) || !(1 <= \old(client))) || !(0 <= __ste_email_subject0)) || !(__ste_Client_AddressBook1_Address2 == 0)) || !(0 <= __ste_Client_AddressBook2_Address1)) || !(0 <= \old(queued_message))) || !(__ste_email_isEncrypted1 <= 0)) || !(0 <= __ste_client_privateKey0)) || !(__ste_email_subject1 <= 0)) || !(0 <= \old(__ste_email_from0))) || !(__ste_email_signKey1 <= 0)) || !(__SELECTED_FEATURE_Verify <= 0)) || !(0 <= __ste_email_subject1)) || !(0 <= __ste_Client_AddressBook1_Address1)) || !(0 <= head)) || !(__ste_client_name2 == 0)) || !(__ste_Client_AddressBook1_Alias1 == 0)) || !(__SELECTED_FEATURE_AutoResponder <= 0)) || !(__ste_Client_AddressBook0_Alias1 <= 0)) || !(0 <= #NULL)) || !(__ste_client_privateKey1 <= 0)) || !(__ste_Client_AddressBook2_Alias0 <= 0)) || !(0 <= __ste_client_forwardReceiver1)) || !(0 <= __ste_client_privateKey1)) || !(__ste_Client_counter == 0)) || !(0 <= __ste_email_id1)) || !(__ste_Client_AddressBook2_Address1 <= 0)) || !(3 <= chuck)) || !(\old(queued_message) <= 0)) || !(__ste_ClientAddressBook_size1 <= 0)) || !(__ste_Client_Keyring1_PublicKey1 == 0)) || !(0 <= __ste_Client_Keyring0_User0)) || !(0 <= __ste_email_body1)) || !(\old(queued_client) <= 0)) || !(__ste_ClientAddressBook_size2 == 0)) || !(0 <= __ste_email_encryptionKey0)) || !(0 <= __ste_Client_Keyring1_User2)) || !(__ste_ClientKeyring_size0 <= 0)) || !(0 <= __SELECTED_FEATURE_AddressBook)) || !(__SELECTED_FEATURE_Decrypt <= 0)) || !(0 <= __ste_Client_AddressBook2_Address0)) || !(__ste_client_outbuffer1 <= 0)) || !(__ste_Client_Keyring0_User2 == 0)) || !(0 <= __GUIDSL_ROOT_PRODUCTION)) || !(head <= 0)) || !(__ste_Client_AddressBook2_Alias2 == 0)) || !(__ste_Client_Keyring0_PublicKey2 <= 0)) || !(0 <= __ste_Client_AddressBook2_Alias0)) || !(2 <= rjh)) || !(\old(msg) <= 1)) || !(bob <= 1)) || !(0 <= __ste_ClientKeyring_size1)) || !(__ste_Client_AddressBook2_Address0 <= 0)) || !(\old(client) <= 1)) || !(0 <= __SELECTED_FEATURE_AutoResponder)) || !(__ste_ClientAddressBook_size0 <= 0)) || !(rjh <= 2)) || !(0 <= __ste_Client_AddressBook0_Alias2)) || !(0 <= __ste_email_isSignatureVerified0)) || !(__SELECTED_FEATURE_Forward == 0)) || !(__ste_Client_AddressBook2_Alias1 <= 0)) || !(0 <= __ste_Client_Keyring2_PublicKey0)) || !(__ste_Client_AddressBook1_Alias0 <= 0)) || !(__ste_Client_AddressBook1_Address1 <= 0)) || !(__ste_email_body1 == 0)) || !(0 <= __SELECTED_FEATURE_Decrypt)) || !(__ste_client_forwardReceiver0 == 0)) || !(__ste_email_body0 == 0)) || !(0 <= __ste_Client_Keyring1_PublicKey2)) || !(0 <= __ste_Client_Keyring0_PublicKey2)) || !(0 <= __GUIDSL_NON_TERMINAL_main)) || !(__ste_client_name2 <= 0)) || !(1 <= bob)) || !(head == 0)) || !(__ste_email_subject0 <= 0)) || !(0 <= __ste_Client_Keyring2_User1)) || !(0 <= __ste_client_name2)) || !(__ste_client_forwardReceiver3 <= 0)) || !(\old(__ste_email_to0) <= 2)) || !(1 <= \old(msg))) || !(0 <= __ste_email_isSignatureVerified1)) || !(__SELECTED_FEATURE_Sign == 0)) || !(0 <= __ste_email_signKey1)) || !(0 <= __ste_client_outbuffer1)) || !(0 <= __ste_ClientAddressBook_size1)) || !(0 <= __ste_client_name0)) || !(0 <= \old(queued_client))) || !(0 <= __ste_Client_AddressBook1_Alias0)) || !(__ste_Client_Keyring1_User1 == 0)) || !(__ste_client_outbuffer0 <= 0)) || !(__ste_client_name0 <= 0)) || !(__ste_email_id1 <= 0)) || !(__SELECTED_FEATURE_Encrypt <= 0)) || !(__ste_client_privateKey2 <= 0)) || !(0 <= __ste_email_isSigned0)) || !(0 <= __ste_client_autoResponse2)) || !(__ste_Client_AddressBook0_Alias0 == 0)) || !(__ste_Client_Keyring1_PublicKey2 <= 0)) || !(__ste_Client_Keyring1_PublicKey0 <= 0)) || !(__ste_client_outbuffer3 == 0)) || !(__ste_client_autoResponse0 <= 0)) || !(__ste_Client_AddressBook0_Alias2 <= 0)) || !(0 <= __ste_client_privateKey2)) || !(__ste_ClientKeyring_size1 <= 0)) || !(__ste_client_name0 <= 0)) || !(__ste_Client_Keyring2_PublicKey1 == 0)) || !(__SELECTED_FEATURE_Base == 0)) || !(__ste_Client_AddressBook1_Alias2 <= 0)) || !(__ste_email_encryptionKey1 == 0)) || !(#NULL <= 0)) || !(__ste_Client_AddressBook0_Address1 <= 0)) || !(0 <= __ste_client_forwardReceiver2)) || !(__ste_email_subject0 <= 0)) || !(0 <= __ste_Email_counter)) || !(0 <= __SELECTED_FEATURE_Encrypt)) || !(__ste_Client_Keyring1_User0 <= 0)) || (((((((((((((((((((((((((((((((((((((((((((((((((((((((((2 <= tmp && \old(client) == client) && \old(client) == client) && 1 <= \old(client)) && \old(msg) <= 1) && 0 <= 2147483648 + \result) && \old(handle) == client) && \old(handle) == handle) && 1 <= msg) && \old(client) == client) && msg == \old(msg)) && client == \old(client)) && \old(client) == tmp) && queued_message <= 0) && \old(msg) == msg) && __ste_email_from0 <= 2147483647) && client == \old(client)) && 1 <= client) && 0 <= __ste_email_from0 + 2147483648) && msg == \old(msg)) && \result <= 2147483647) && client == \old(client)) && \old(msg) == msg) && queue_empty <= 1) && 1 <= handle) && \result == tmp) && \result == retValue_acc) && 1 <= \old(msg)) && msg == \old(msg)) && __ste_client_idCounter0 <= 2147483647) && msg == \old(msg)) && 1 <= queue_empty) && 0 <= retValue_acc + 2147483648) && 0 <= queued_message) && tmp <= 2) && \old(handle) <= 1) && tmp <= 2147483647) && 1 <= msg) && client <= 1) && 0 <= queued_client) && \old(msg) == msg) && msg <= 1) && msg == \old(msg)) && \old(client) <= 1) && client == \old(client)) && msg <= 1) && retValue_acc == __ste_client_autoResponse1) && retValue_acc <= 2147483647) && 1 <= \old(handle)) && handle <= 1) && client <= 1) && \result <= 2147483647) && 0 <= __ste_client_idCounter0 + 2147483648) && 2 <= __ste_email_to0) && __ste_email_to0 <= 2) && 1 <= client) && 0 <= tmp + 2147483648) && queued_client <= 0)) || !(0 <= __ste_email_isEncrypted1)) || !(#NULL == 0)) || !(__ste_Client_Keyring0_PublicKey1 == 0)) || !(__ste_Client_Keyring0_User1 == 0)) || !(0 <= __ste_ClientKeyring_size0)) || !(__ste_Client_AddressBook0_Address2 <= 0)) || !(chuck <= 3)) || !(0 <= __SELECTED_FEATURE_Verify)) || !(__ste_Client_Keyring2_User1 <= 0)) || !(0 <= __ste_client_forwardReceiver3)) || !(0 <= __ste_Client_AddressBook2_Alias1)) || !(__ste_Client_Keyring2_User2 <= 0)) || !(0 <= __ste_email_isSigned1)) || !(__SELECTED_FEATURE_AddressBook <= 0)) || !(__ste_email_subject1 == 0)) || !(0 <= __ste_Client_AddressBook1_Alias2)) || !(__ste_email_isSigned1 <= 0)) || !(__ste_Client_AddressBook2_Address2 == 0)) || !(__ste_client_name1 == 0)) || 1 == tmp) || !(__ste_client_forwardReceiver2 <= 0)) || !(0 <= __ste_Client_Keyring2_User2)) || !(__SELECTED_FEATURE_Keys <= 0)) || !(__ste_email_body0 == 0)) || !(__ste_ClientKeyring_size2 == 0)) || !(0 <= __ste_Client_Keyring0_PublicKey0)) || !(0 <= __ste_client_name1)) || !(\old(queue_empty) <= 1)) || !(__ste_Client_AddressBook0_Address0 <= 0)) || !(0 <= __ste_Client_AddressBook0_Address0)) || !(__ste_client_idCounter2 <= 3)) || !(__ste_Client_AddressBook1_Address0 == 0)) || !(0 <= __ste_Client_AddressBook0_Alias1)) || !(2 <= \old(__ste_email_to0))) || !(0 <= __ste_email_id0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(__ste_email_isSignatureVerified0 <= 0)) || !(0 <= __ste_Client_Keyring1_PublicKey0)) || !(0 <= __ste_ClientAddressBook_size0)) || !(1 <= \old(queue_empty))) || !(0 <= __SELECTED_FEATURE_Keys)) || !(\old(__ste_email_from0) <= 0)) || !(__GUIDSL_ROOT_PRODUCTION <= 0)) || !(__ste_client_forwardReceiver1 <= 0)) || !(__ste_email_body1 <= 0)) || !(__ste_Client_Keyring2_PublicKey2 <= 0)) || !(__ste_email_isEncrypted0 <= 0)) || !(__ste_client_autoResponse2 <= 0)) || !(__ste_Client_Keyring2_PublicKey0 <= 0)) || !(0 <= __ste_Client_Keyring1_User0)) || !(0 <= __ste_client_name0)) || !(0 <= __ste_client_outbuffer0)) || !(0 <= __ste_client_autoResponse1)) || !(__ste_email_encryptionKey0 <= 0)) || !(0 <= __ste_client_autoResponse0)) || !(__ste_Client_Keyring0_User0 <= 0)) || !(__ste_client_outbuffer2 == 0)) || !(0 <= __ste_Client_AddressBook0_Address1)) || !(__ste_client_name1 <= 0)) || !(__ste_email_isSignatureVerified1 <= 0)) || !(__ste_Email_counter <= 0)) || !(__ste_Client_Keyring2_User0 == 0)) || !(0 <= __ste_email_signKey0)) || !(__GUIDSL_NON_TERMINAL_main <= 0)) || !(0 <= __ste_Client_AddressBook0_Address2)) || !(__ste_Client_Keyring0_PublicKey0 <= 0)) || !(__ste_Client_Keyring1_User2 <= 0)) || !(0 <= __ste_Client_Keyring2_PublicKey2)) || !(__ste_email_isSigned0 <= 0)) || !(__ste_email_id0 <= 0)) || !(__ste_email_signKey0 <= 0)) || !(3 <= __ste_client_idCounter2)) || !(0 <= __ste_email_isEncrypted0)) || !(0 <= __ste_email_subject0) [2022-11-20 20:41:28,279 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((!(__ste_client_privateKey0 <= 0) || !(1 <= \old(client))) || !(0 <= __ste_email_subject0)) || !(__ste_Client_AddressBook1_Address2 == 0)) || !(0 <= __ste_Client_AddressBook2_Address1)) || !(0 <= \old(queued_message))) || !(__ste_email_isEncrypted1 <= 0)) || !(0 <= __ste_client_privateKey0)) || !(__ste_email_subject1 <= 0)) || !(0 <= \old(__ste_email_from0))) || !(__ste_email_signKey1 <= 0)) || !(__SELECTED_FEATURE_Verify <= 0)) || !(0 <= __ste_email_subject1)) || !(0 <= __ste_Client_AddressBook1_Address1)) || !(0 <= head)) || !(__ste_client_name2 == 0)) || !(__ste_Client_AddressBook1_Alias1 == 0)) || !(__SELECTED_FEATURE_AutoResponder <= 0)) || !(__ste_Client_AddressBook0_Alias1 <= 0)) || !(0 <= #NULL)) || !(__ste_client_privateKey1 <= 0)) || !(__ste_Client_AddressBook2_Alias0 <= 0)) || !(0 <= __ste_client_forwardReceiver1)) || !(0 <= __ste_client_privateKey1)) || !(__ste_Client_counter == 0)) || !(0 <= __ste_email_id1)) || !(__ste_Client_AddressBook2_Address1 <= 0)) || !(3 <= chuck)) || !(\old(queued_message) <= 0)) || !(__ste_ClientAddressBook_size1 <= 0)) || !(__ste_Client_Keyring1_PublicKey1 == 0)) || !(0 <= __ste_Client_Keyring0_User0)) || !(0 <= __ste_email_body1)) || !(\old(queued_client) <= 0)) || !(__ste_ClientAddressBook_size2 == 0)) || !(0 <= __ste_email_encryptionKey0)) || !(0 <= __ste_Client_Keyring1_User2)) || !(__ste_ClientKeyring_size0 <= 0)) || !(0 <= __SELECTED_FEATURE_AddressBook)) || !(__SELECTED_FEATURE_Decrypt <= 0)) || !(0 <= __ste_Client_AddressBook2_Address0)) || !(__ste_client_outbuffer1 <= 0)) || !(__ste_Client_Keyring0_User2 == 0)) || !(0 <= __GUIDSL_ROOT_PRODUCTION)) || !(head <= 0)) || !(__ste_Client_AddressBook2_Alias2 == 0)) || !(__ste_Client_Keyring0_PublicKey2 <= 0)) || !(0 <= __ste_Client_AddressBook2_Alias0)) || !(2 <= rjh)) || !(\old(msg) <= 1)) || !(bob <= 1)) || !(0 <= __ste_ClientKeyring_size1)) || !(__ste_Client_AddressBook2_Address0 <= 0)) || !(\old(client) <= 1)) || !(0 <= __SELECTED_FEATURE_AutoResponder)) || !(__ste_ClientAddressBook_size0 <= 0)) || !(rjh <= 2)) || !(0 <= __ste_Client_AddressBook0_Alias2)) || !(0 <= __ste_email_isSignatureVerified0)) || !(__SELECTED_FEATURE_Forward == 0)) || !(__ste_Client_AddressBook2_Alias1 <= 0)) || !(0 <= __ste_Client_Keyring2_PublicKey0)) || !(__ste_Client_AddressBook1_Alias0 <= 0)) || !(__ste_Client_AddressBook1_Address1 <= 0)) || !(__ste_email_body1 == 0)) || !(0 <= __SELECTED_FEATURE_Decrypt)) || !(__ste_client_forwardReceiver0 == 0)) || !(__ste_email_body0 == 0)) || !(0 <= __ste_Client_Keyring1_PublicKey2)) || !(0 <= __ste_Client_Keyring0_PublicKey2)) || !(0 <= __GUIDSL_NON_TERMINAL_main)) || !(__ste_client_name2 <= 0)) || !(1 <= bob)) || !(head == 0)) || !(__ste_email_subject0 <= 0)) || !(0 <= __ste_Client_Keyring2_User1)) || !(0 <= __ste_client_name2)) || !(__ste_client_forwardReceiver3 <= 0)) || !(\old(__ste_email_to0) <= 2)) || !(1 <= \old(msg))) || !(0 <= __ste_email_isSignatureVerified1)) || !(__SELECTED_FEATURE_Sign == 0)) || !(0 <= __ste_email_signKey1)) || !(0 <= __ste_client_outbuffer1)) || !(0 <= __ste_ClientAddressBook_size1)) || !(0 <= __ste_client_name0)) || !(0 <= \old(queued_client))) || !(0 <= __ste_Client_AddressBook1_Alias0)) || !(__ste_Client_Keyring1_User1 == 0)) || !(__ste_client_outbuffer0 <= 0)) || !(__ste_client_name0 <= 0)) || !(__ste_email_id1 <= 0)) || !(__SELECTED_FEATURE_Encrypt <= 0)) || !(__ste_client_privateKey2 <= 0)) || !(0 <= __ste_email_isSigned0)) || !(0 <= __ste_client_autoResponse2)) || !(__ste_Client_AddressBook0_Alias0 == 0)) || !(__ste_Client_Keyring1_PublicKey2 <= 0)) || !(__ste_Client_Keyring1_PublicKey0 <= 0)) || !(__ste_client_outbuffer3 == 0)) || !(__ste_client_autoResponse0 <= 0)) || !(__ste_Client_AddressBook0_Alias2 <= 0)) || !(0 <= __ste_client_privateKey2)) || !(__ste_ClientKeyring_size1 <= 0)) || !(__ste_client_name0 <= 0)) || !(__ste_Client_Keyring2_PublicKey1 == 0)) || !(__SELECTED_FEATURE_Base == 0)) || !(__ste_Client_AddressBook1_Alias2 <= 0)) || !(__ste_email_encryptionKey1 == 0)) || !(#NULL <= 0)) || !(__ste_Client_AddressBook0_Address1 <= 0)) || !(0 <= __ste_client_forwardReceiver2)) || !(__ste_email_subject0 <= 0)) || !(0 <= __ste_Email_counter)) || !(0 <= __SELECTED_FEATURE_Encrypt)) || !(__ste_Client_Keyring1_User0 <= 0)) || !(0 <= __ste_email_isEncrypted1)) || !(#NULL == 0)) || !(__ste_Client_Keyring0_PublicKey1 == 0)) || !(__ste_Client_Keyring0_User1 == 0)) || !(0 <= __ste_ClientKeyring_size0)) || !(__ste_Client_AddressBook0_Address2 <= 0)) || !(chuck <= 3)) || !(0 <= __SELECTED_FEATURE_Verify)) || !(__ste_Client_Keyring2_User1 <= 0)) || !(0 <= __ste_client_forwardReceiver3)) || !(0 <= __ste_Client_AddressBook2_Alias1)) || !(__ste_Client_Keyring2_User2 <= 0)) || ((((((queued_message == \old(queued_message) && __ste_email_to0 == \old(__ste_email_to0)) && __ste_email_to1 == \old(__ste_email_to1)) && \old(__ste_email_from0) == __ste_email_from0) && \old(__ste_email_from1) == __ste_email_from1) && \old(queue_empty) == queue_empty) && queued_client == \old(queued_client))) || !(0 <= __ste_email_isSigned1)) || !(__SELECTED_FEATURE_AddressBook <= 0)) || !(__ste_email_subject1 == 0)) || !(0 <= __ste_Client_AddressBook1_Alias2)) || !(__ste_email_isSigned1 <= 0)) || !(__ste_Client_AddressBook2_Address2 == 0)) || !(__ste_client_name1 == 0)) || !(__ste_client_forwardReceiver2 <= 0)) || !(0 <= __ste_Client_Keyring2_User2)) || !(__SELECTED_FEATURE_Keys <= 0)) || !(__ste_email_body0 == 0)) || !(__ste_ClientKeyring_size2 == 0)) || !(0 <= __ste_Client_Keyring0_PublicKey0)) || !(0 <= __ste_client_name1)) || !(\old(queue_empty) <= 1)) || !(__ste_Client_AddressBook0_Address0 <= 0)) || !(0 <= __ste_Client_AddressBook0_Address0)) || !(__ste_client_idCounter2 <= 3)) || !(__ste_Client_AddressBook1_Address0 == 0)) || !(0 <= __ste_Client_AddressBook0_Alias1)) || !(2 <= \old(__ste_email_to0))) || !(0 <= __ste_email_id0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(__ste_email_isSignatureVerified0 <= 0)) || !(0 <= __ste_Client_Keyring1_PublicKey0)) || !(0 <= __ste_ClientAddressBook_size0)) || !(1 <= \old(queue_empty))) || !(0 <= __SELECTED_FEATURE_Keys)) || !(\old(__ste_email_from0) <= 0)) || !(__GUIDSL_ROOT_PRODUCTION <= 0)) || !(__ste_client_forwardReceiver1 <= 0)) || !(__ste_email_body1 <= 0)) || !(__ste_Client_Keyring2_PublicKey2 <= 0)) || !(__ste_email_isEncrypted0 <= 0)) || !(__ste_client_autoResponse2 <= 0)) || !(__ste_Client_Keyring2_PublicKey0 <= 0)) || !(0 <= __ste_Client_Keyring1_User0)) || !(0 <= __ste_client_name0)) || !(0 <= __ste_client_outbuffer0)) || !(0 <= __ste_client_autoResponse1)) || !(__ste_email_encryptionKey0 <= 0)) || !(0 <= __ste_client_autoResponse0)) || !(__ste_Client_Keyring0_User0 <= 0)) || !(__ste_client_outbuffer2 == 0)) || !(0 <= __ste_Client_AddressBook0_Address1)) || !(__ste_client_name1 <= 0)) || !(__ste_email_isSignatureVerified1 <= 0)) || !(__ste_Email_counter <= 0)) || !(__ste_Client_Keyring2_User0 == 0)) || !(0 <= __ste_email_signKey0)) || !(__GUIDSL_NON_TERMINAL_main <= 0)) || !(0 <= __ste_Client_AddressBook0_Address2)) || !(__ste_Client_Keyring0_PublicKey0 <= 0)) || !(__ste_Client_Keyring1_User2 <= 0)) || !(0 <= __ste_Client_Keyring2_PublicKey2)) || !(__ste_email_isSigned0 <= 0)) || !(__ste_email_id0 <= 0)) || !(__ste_email_signKey0 <= 0)) || !(3 <= __ste_client_idCounter2)) || !(0 <= __ste_email_isEncrypted0)) || !(0 <= __ste_email_subject0) [2022-11-20 20:41:28,279 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((!(__ste_client_privateKey0 <= 0) || !(1 <= \old(client))) || !(0 <= __ste_email_subject0)) || !(__ste_Client_AddressBook1_Address2 == 0)) || !(0 <= __ste_Client_AddressBook2_Address1)) || !(0 <= \old(queued_message))) || !(__ste_email_isEncrypted1 <= 0)) || !(0 <= __ste_client_privateKey0)) || !(__ste_email_subject1 <= 0)) || !(0 <= \old(__ste_email_from0))) || !(__ste_email_signKey1 <= 0)) || !(__SELECTED_FEATURE_Verify <= 0)) || !(0 <= __ste_email_subject1)) || !(0 <= __ste_Client_AddressBook1_Address1)) || !(0 <= head)) || !(__ste_client_name2 == 0)) || !(__ste_Client_AddressBook1_Alias1 == 0)) || !(__SELECTED_FEATURE_AutoResponder <= 0)) || !(__ste_Client_AddressBook0_Alias1 <= 0)) || !(0 <= #NULL)) || !(__ste_client_privateKey1 <= 0)) || !(__ste_Client_AddressBook2_Alias0 <= 0)) || !(0 <= __ste_client_forwardReceiver1)) || !(0 <= __ste_client_privateKey1)) || !(__ste_Client_counter == 0)) || !(0 <= __ste_email_id1)) || !(__ste_Client_AddressBook2_Address1 <= 0)) || !(3 <= chuck)) || !(\old(queued_message) <= 0)) || !(__ste_ClientAddressBook_size1 <= 0)) || !(__ste_Client_Keyring1_PublicKey1 == 0)) || !(0 <= __ste_Client_Keyring0_User0)) || !(0 <= __ste_email_body1)) || !(\old(queued_client) <= 0)) || !(__ste_ClientAddressBook_size2 == 0)) || !(0 <= __ste_email_encryptionKey0)) || !(0 <= __ste_Client_Keyring1_User2)) || !(__ste_ClientKeyring_size0 <= 0)) || !(0 <= __SELECTED_FEATURE_AddressBook)) || !(__SELECTED_FEATURE_Decrypt <= 0)) || !(0 <= __ste_Client_AddressBook2_Address0)) || !(__ste_client_outbuffer1 <= 0)) || !(__ste_Client_Keyring0_User2 == 0)) || !(0 <= __GUIDSL_ROOT_PRODUCTION)) || !(head <= 0)) || !(__ste_Client_AddressBook2_Alias2 == 0)) || !(__ste_Client_Keyring0_PublicKey2 <= 0)) || !(0 <= __ste_Client_AddressBook2_Alias0)) || !(2 <= rjh)) || !(\old(msg) <= 1)) || !(bob <= 1)) || !(0 <= __ste_ClientKeyring_size1)) || !(__ste_Client_AddressBook2_Address0 <= 0)) || !(\old(client) <= 1)) || !(0 <= __SELECTED_FEATURE_AutoResponder)) || !(__ste_ClientAddressBook_size0 <= 0)) || !(rjh <= 2)) || !(0 <= __ste_Client_AddressBook0_Alias2)) || !(0 <= __ste_email_isSignatureVerified0)) || !(__SELECTED_FEATURE_Forward == 0)) || !(__ste_Client_AddressBook2_Alias1 <= 0)) || !(0 <= __ste_Client_Keyring2_PublicKey0)) || !(__ste_Client_AddressBook1_Alias0 <= 0)) || !(__ste_Client_AddressBook1_Address1 <= 0)) || !(__ste_email_body1 == 0)) || !(0 <= __SELECTED_FEATURE_Decrypt)) || !(__ste_client_forwardReceiver0 == 0)) || !(__ste_email_body0 == 0)) || !(0 <= __ste_Client_Keyring1_PublicKey2)) || !(0 <= __ste_Client_Keyring0_PublicKey2)) || !(0 <= __GUIDSL_NON_TERMINAL_main)) || !(__ste_client_name2 <= 0)) || !(1 <= bob)) || !(head == 0)) || !(__ste_email_subject0 <= 0)) || !(0 <= __ste_Client_Keyring2_User1)) || !(0 <= __ste_client_name2)) || !(__ste_client_forwardReceiver3 <= 0)) || !(\old(__ste_email_to0) <= 2)) || !(1 <= \old(msg))) || !(0 <= __ste_email_isSignatureVerified1)) || !(__SELECTED_FEATURE_Sign == 0)) || !(0 <= __ste_email_signKey1)) || !(0 <= __ste_client_outbuffer1)) || !(0 <= __ste_ClientAddressBook_size1)) || !(0 <= __ste_client_name0)) || !(0 <= \old(queued_client))) || !(0 <= __ste_Client_AddressBook1_Alias0)) || !(__ste_Client_Keyring1_User1 == 0)) || !(__ste_client_outbuffer0 <= 0)) || !(__ste_client_name0 <= 0)) || !(__ste_email_id1 <= 0)) || !(__SELECTED_FEATURE_Encrypt <= 0)) || !(__ste_client_privateKey2 <= 0)) || !(0 <= __ste_email_isSigned0)) || !(0 <= __ste_client_autoResponse2)) || !(__ste_Client_AddressBook0_Alias0 == 0)) || !(__ste_Client_Keyring1_PublicKey2 <= 0)) || !(__ste_Client_Keyring1_PublicKey0 <= 0)) || !(__ste_client_outbuffer3 == 0)) || !(__ste_client_autoResponse0 <= 0)) || !(__ste_Client_AddressBook0_Alias2 <= 0)) || !(0 <= __ste_client_privateKey2)) || !(__ste_ClientKeyring_size1 <= 0)) || !(__ste_client_name0 <= 0)) || !(__ste_Client_Keyring2_PublicKey1 == 0)) || !(__SELECTED_FEATURE_Base == 0)) || !(__ste_Client_AddressBook1_Alias2 <= 0)) || !(__ste_email_encryptionKey1 == 0)) || !(#NULL <= 0)) || !(__ste_Client_AddressBook0_Address1 <= 0)) || !(0 <= __ste_client_forwardReceiver2)) || !(__ste_email_subject0 <= 0)) || !(0 <= __ste_Email_counter)) || !(0 <= __SELECTED_FEATURE_Encrypt)) || !(__ste_Client_Keyring1_User0 <= 0)) || !(0 <= __ste_email_isEncrypted1)) || !(#NULL == 0)) || !(__ste_Client_Keyring0_PublicKey1 == 0)) || !(__ste_Client_Keyring0_User1 == 0)) || !(0 <= __ste_ClientKeyring_size0)) || !(__ste_Client_AddressBook0_Address2 <= 0)) || !(chuck <= 3)) || !(0 <= __SELECTED_FEATURE_Verify)) || !(__ste_Client_Keyring2_User1 <= 0)) || !(0 <= __ste_client_forwardReceiver3)) || !(0 <= __ste_Client_AddressBook2_Alias1)) || !(__ste_Client_Keyring2_User2 <= 0)) || !(0 <= __ste_email_isSigned1)) || !(__SELECTED_FEATURE_AddressBook <= 0)) || !(__ste_email_subject1 == 0)) || !(0 <= __ste_Client_AddressBook1_Alias2)) || (((((((((((((((((((((((((((((((((((1 <= \old(client) && \old(msg) <= 1) && 0 <= 2147483648 + \result) && 1 <= msg) && queued_message <= 0) && __ste_email_from0 <= 2147483647) && 1 <= client) && 0 <= __ste_email_from0 + 2147483648) && \result <= 2147483647) && queue_empty <= 1) && 1 <= handle) && aux-getEmailTo(msg)-aux <= 2) && 1 <= \old(msg)) && __ste_client_idCounter0 <= 2147483647) && 1 <= queue_empty) && 0 <= retValue_acc + 2147483648) && 0 <= queued_message) && \old(handle) <= 1) && tmp <= 2147483647) && 1 <= msg) && client <= 1) && 0 <= queued_client) && msg <= 1) && \old(client) <= 1) && msg <= 1) && 2 <= aux-getEmailTo(msg)-aux) && retValue_acc <= 2147483647) && 1 <= \old(handle)) && handle <= 1) && client <= 1) && 0 <= __ste_client_idCounter0 + 2147483648) && 2 <= __ste_email_to0) && __ste_email_to0 <= 2) && 1 <= client) && 0 <= tmp + 2147483648) && queued_client <= 0)) || !(__ste_email_isSigned1 <= 0)) || !(__ste_Client_AddressBook2_Address2 == 0)) || !(__ste_client_name1 == 0)) || !(__ste_client_forwardReceiver2 <= 0)) || !(0 <= __ste_Client_Keyring2_User2)) || !(__SELECTED_FEATURE_Keys <= 0)) || !(__ste_email_body0 == 0)) || !(__ste_ClientKeyring_size2 == 0)) || !(0 <= __ste_Client_Keyring0_PublicKey0)) || !(0 <= __ste_client_name1)) || !(\old(queue_empty) <= 1)) || !(__ste_Client_AddressBook0_Address0 <= 0)) || !(0 <= __ste_Client_AddressBook0_Address0)) || !(__ste_client_idCounter2 <= 3)) || !(__ste_Client_AddressBook1_Address0 == 0)) || !(0 <= __ste_Client_AddressBook0_Alias1)) || !(2 <= \old(__ste_email_to0))) || !(0 <= __ste_email_id0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(__ste_email_isSignatureVerified0 <= 0)) || !(0 <= __ste_Client_Keyring1_PublicKey0)) || !(0 <= __ste_ClientAddressBook_size0)) || !(1 <= \old(queue_empty))) || !(0 <= __SELECTED_FEATURE_Keys)) || !(\old(__ste_email_from0) <= 0)) || !(__GUIDSL_ROOT_PRODUCTION <= 0)) || !(__ste_client_forwardReceiver1 <= 0)) || !(__ste_email_body1 <= 0)) || !(__ste_Client_Keyring2_PublicKey2 <= 0)) || !(__ste_email_isEncrypted0 <= 0)) || !(__ste_client_autoResponse2 <= 0)) || !(__ste_Client_Keyring2_PublicKey0 <= 0)) || !(0 <= __ste_Client_Keyring1_User0)) || !(0 <= __ste_client_name0)) || !(0 <= __ste_client_outbuffer0)) || !(0 <= __ste_client_autoResponse1)) || !(__ste_email_encryptionKey0 <= 0)) || !(0 <= __ste_client_autoResponse0)) || !(__ste_Client_Keyring0_User0 <= 0)) || !(__ste_client_outbuffer2 == 0)) || !(0 <= __ste_Client_AddressBook0_Address1)) || !(__ste_client_name1 <= 0)) || !(__ste_email_isSignatureVerified1 <= 0)) || !(__ste_Email_counter <= 0)) || !(__ste_Client_Keyring2_User0 == 0)) || !(0 <= __ste_email_signKey0)) || !(__GUIDSL_NON_TERMINAL_main <= 0)) || !(0 <= __ste_Client_AddressBook0_Address2)) || !(__ste_Client_Keyring0_PublicKey0 <= 0)) || !(__ste_Client_Keyring1_User2 <= 0)) || !(0 <= __ste_Client_Keyring2_PublicKey2)) || !(__ste_email_isSigned0 <= 0)) || !(__ste_email_id0 <= 0)) || !(__ste_email_signKey0 <= 0)) || !(3 <= __ste_client_idCounter2)) || !(0 <= __ste_email_isEncrypted0)) || !(0 <= __ste_email_subject0) [2022-11-20 20:41:28,335 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/bin/utaipan-6cKwYrpEi9/witness.graphml [2022-11-20 20:41:28,335 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-20 20:41:28,336 INFO L158 Benchmark]: Toolchain (without parser) took 680674.62ms. Allocated memory was 174.1MB in the beginning and 813.7MB in the end (delta: 639.6MB). Free memory was 139.8MB in the beginning and 411.7MB in the end (delta: -272.0MB). Peak memory consumption was 369.9MB. Max. memory is 16.1GB. [2022-11-20 20:41:28,336 INFO L158 Benchmark]: CDTParser took 0.21ms. Allocated memory is still 121.6MB. Free memory is still 63.8MB. There was no memory consumed. Max. memory is 16.1GB. [2022-11-20 20:41:28,336 INFO L158 Benchmark]: CACSL2BoogieTranslator took 805.26ms. Allocated memory is still 174.1MB. Free memory was 139.3MB in the beginning and 103.2MB in the end (delta: 36.1MB). Peak memory consumption was 35.7MB. Max. memory is 16.1GB. [2022-11-20 20:41:28,337 INFO L158 Benchmark]: Boogie Procedure Inliner took 102.34ms. Allocated memory is still 174.1MB. Free memory was 102.7MB in the beginning and 98.5MB in the end (delta: 4.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-11-20 20:41:28,337 INFO L158 Benchmark]: Boogie Preprocessor took 91.34ms. Allocated memory is still 174.1MB. Free memory was 98.5MB in the beginning and 95.4MB in the end (delta: 3.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-20 20:41:28,337 INFO L158 Benchmark]: RCFGBuilder took 1221.45ms. Allocated memory is still 174.1MB. Free memory was 95.4MB in the beginning and 76.4MB in the end (delta: 19.0MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2022-11-20 20:41:28,338 INFO L158 Benchmark]: TraceAbstraction took 678324.21ms. Allocated memory was 174.1MB in the beginning and 813.7MB in the end (delta: 639.6MB). Free memory was 76.2MB in the beginning and 423.3MB in the end (delta: -347.1MB). Peak memory consumption was 450.1MB. Max. memory is 16.1GB. [2022-11-20 20:41:28,338 INFO L158 Benchmark]: Witness Printer took 117.91ms. Allocated memory is still 813.7MB. Free memory was 423.3MB in the beginning and 411.7MB in the end (delta: 11.5MB). Peak memory consumption was 12.6MB. Max. memory is 16.1GB. [2022-11-20 20:41:28,340 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.21ms. Allocated memory is still 121.6MB. Free memory is still 63.8MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 805.26ms. Allocated memory is still 174.1MB. Free memory was 139.3MB in the beginning and 103.2MB in the end (delta: 36.1MB). Peak memory consumption was 35.7MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 102.34ms. Allocated memory is still 174.1MB. Free memory was 102.7MB in the beginning and 98.5MB in the end (delta: 4.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Boogie Preprocessor took 91.34ms. Allocated memory is still 174.1MB. Free memory was 98.5MB in the beginning and 95.4MB in the end (delta: 3.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 1221.45ms. Allocated memory is still 174.1MB. Free memory was 95.4MB in the beginning and 76.4MB in the end (delta: 19.0MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * TraceAbstraction took 678324.21ms. Allocated memory was 174.1MB in the beginning and 813.7MB in the end (delta: 639.6MB). Free memory was 76.2MB in the beginning and 423.3MB in the end (delta: -347.1MB). Peak memory consumption was 450.1MB. Max. memory is 16.1GB. * Witness Printer took 117.91ms. Allocated memory is still 813.7MB. Free memory was 423.3MB in the beginning and 411.7MB in the end (delta: 11.5MB). Peak memory consumption was 12.6MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 2359]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 92 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 678.1s, OverallIterations: 7, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 163.1s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 88.9s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 648 SdHoareTripleChecker+Valid, 25.4s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 635 mSDsluCounter, 6817 SdHoareTripleChecker+Invalid, 23.7s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 6012 mSDsCounter, 74 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 6363 IncrementalHoareTripleChecker+Invalid, 6437 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 74 mSolverCounterUnsat, 805 mSDtfsCounter, 6363 mSolverCounterSat, 0.3s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 485 GetRequests, 355 SyntacticMatches, 2 SemanticMatches, 128 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1159 ImplicationChecksByTransitivity, 470.8s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=263occurred in iteration=6, InterpolantAutomatonStates: 114, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.8s AutomataMinimizationTime, 7 MinimizatonAttempts, 285 StatesRemovedByMinimization, 4 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 60 LocationsWithAnnotation, 517 PreInvPairs, 776 NumberOfFragments, 13356 HoareAnnotationTreeSize, 517 FomulaSimplifications, 3678 FormulaSimplificationTreeSizeReduction, 1.5s HoareSimplificationTime, 60 FomulaSimplificationsInter, 41942 FormulaSimplificationTreeSizeReductionInter, 87.2s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.2s SsaConstructionTime, 0.6s SatisfiabilityAnalysisTime, 1.3s InterpolantComputationTime, 486 NumberOfCodeBlocks, 486 NumberOfCodeBlocksAsserted, 10 NumberOfCheckSat, 621 ConstructedInterpolants, 0 QuantifiedInterpolants, 779 SizeOfPredicates, 0 NumberOfNonLiveVariables, 2356 ConjunctsInSsa, 10 ConjunctsInUnsatCore, 13 InterpolantComputations, 4 PerfectInterpolantSequences, 121/149 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: OVERALL_TIME: 86.7s, ICFG_INTERPRETER_ENTERED_PROCEDURES: 18, DAG_INTERPRETER_EARLY_EXIT_QUERIES_NONTRIVIAL: 108, DAG_INTERPRETER_EARLY_EXITS: 3, TOOLS_POST_APPLICATIONS: 131, TOOLS_POST_TIME: 27.0s, TOOLS_POST_CALL_APPLICATIONS: 61, TOOLS_POST_CALL_TIME: 36.9s, TOOLS_POST_RETURN_APPLICATIONS: 38, TOOLS_POST_RETURN_TIME: 7.4s, TOOLS_QUANTIFIERELIM_APPLICATIONS: 228, TOOLS_QUANTIFIERELIM_TIME: 71.1s, TOOLS_QUANTIFIERELIM_MAX_TIME: 5.3s, FLUID_QUERY_TIME: 0.0s, FLUID_QUERIES: 352, FLUID_YES_ANSWERS: 0, DOMAIN_JOIN_APPLICATIONS: 59, DOMAIN_JOIN_TIME: 13.9s, DOMAIN_ALPHA_APPLICATIONS: 0, DOMAIN_ALPHA_TIME: 0.0s, DOMAIN_WIDEN_APPLICATIONS: 4, DOMAIN_WIDEN_TIME: 0.8s, DOMAIN_ISSUBSETEQ_APPLICATIONS: 10, DOMAIN_ISSUBSETEQ_TIME: 0.0s, DOMAIN_ISBOTTOM_APPLICATIONS: 108, DOMAIN_ISBOTTOM_TIME: 0.5s, LOOP_SUMMARIZER_APPLICATIONS: 6, LOOP_SUMMARIZER_CACHE_MISSES: 6, LOOP_SUMMARIZER_OVERALL_TIME: 9.2s, LOOP_SUMMARIZER_NEW_COMPUTATION_TIME: 9.2s, LOOP_SUMMARIZER_FIXPOINT_ITERATIONS: 10, CALL_SUMMARIZER_APPLICATIONS: 38, CALL_SUMMARIZER_CACHE_MISSES: 11, CALL_SUMMARIZER_OVERALL_TIME: 0.1s, CALL_SUMMARIZER_NEW_COMPUTATION_TIME: 0.1s, PROCEDURE_GRAPH_BUILDER_TIME: 0.0s, PATH_EXPR_TIME: 0.0s, REGEX_TO_DAG_TIME: 0.0s, DAG_COMPRESSION_TIME: 0.0s, DAG_COMPRESSION_PROCESSED_NODES: 1575, DAG_COMPRESSION_RETAINED_NODES: 342, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 1650]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1594]: Loop Invariant Derived loop invariant: ((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((!(__ste_client_privateKey0 <= 0) || !(1 <= \old(client))) || !(0 <= __ste_email_subject0)) || !(__ste_Client_AddressBook1_Address2 == 0)) || !(0 <= __ste_Client_AddressBook2_Address1)) || !(0 <= \old(queued_message))) || !(__ste_email_isEncrypted1 <= 0)) || !(0 <= __ste_client_privateKey0)) || !(__ste_email_subject1 <= 0)) || !(0 <= \old(__ste_email_from0))) || !(__ste_email_signKey1 <= 0)) || !(__SELECTED_FEATURE_Verify <= 0)) || !(0 <= __ste_email_subject1)) || !(0 <= __ste_Client_AddressBook1_Address1)) || !(0 <= head)) || !(__ste_client_name2 == 0)) || !(__ste_Client_AddressBook1_Alias1 == 0)) || !(__SELECTED_FEATURE_AutoResponder <= 0)) || !(__ste_Client_AddressBook0_Alias1 <= 0)) || !(0 <= #NULL)) || !(__ste_client_privateKey1 <= 0)) || !(__ste_Client_AddressBook2_Alias0 <= 0)) || !(0 <= __ste_client_forwardReceiver1)) || !(0 <= __ste_client_privateKey1)) || !(__ste_Client_counter == 0)) || !(0 <= __ste_email_id1)) || !(__ste_Client_AddressBook2_Address1 <= 0)) || !(3 <= chuck)) || !(\old(queued_message) <= 0)) || !(__ste_ClientAddressBook_size1 <= 0)) || !(__ste_Client_Keyring1_PublicKey1 == 0)) || !(0 <= __ste_Client_Keyring0_User0)) || !(0 <= __ste_email_body1)) || !(\old(queued_client) <= 0)) || !(__ste_ClientAddressBook_size2 == 0)) || !(0 <= __ste_email_encryptionKey0)) || !(0 <= __ste_Client_Keyring1_User2)) || !(__ste_ClientKeyring_size0 <= 0)) || !(0 <= __SELECTED_FEATURE_AddressBook)) || !(__SELECTED_FEATURE_Decrypt <= 0)) || !(0 <= __ste_Client_AddressBook2_Address0)) || !(__ste_client_outbuffer1 <= 0)) || !(__ste_Client_Keyring0_User2 == 0)) || !(0 <= __GUIDSL_ROOT_PRODUCTION)) || !(head <= 0)) || !(__ste_Client_AddressBook2_Alias2 == 0)) || !(__ste_Client_Keyring0_PublicKey2 <= 0)) || !(0 <= __ste_Client_AddressBook2_Alias0)) || !(2 <= rjh)) || !(\old(msg) <= 1)) || !(bob <= 1)) || !(0 <= __ste_ClientKeyring_size1)) || !(__ste_Client_AddressBook2_Address0 <= 0)) || !(\old(client) <= 1)) || !(0 <= __SELECTED_FEATURE_AutoResponder)) || !(__ste_ClientAddressBook_size0 <= 0)) || !(rjh <= 2)) || !(0 <= __ste_Client_AddressBook0_Alias2)) || !(0 <= __ste_email_isSignatureVerified0)) || !(__SELECTED_FEATURE_Forward == 0)) || !(__ste_Client_AddressBook2_Alias1 <= 0)) || !(0 <= __ste_Client_Keyring2_PublicKey0)) || !(__ste_Client_AddressBook1_Alias0 <= 0)) || !(__ste_Client_AddressBook1_Address1 <= 0)) || !(__ste_email_body1 == 0)) || !(0 <= __SELECTED_FEATURE_Decrypt)) || !(__ste_client_forwardReceiver0 == 0)) || !(__ste_email_body0 == 0)) || !(0 <= __ste_Client_Keyring1_PublicKey2)) || !(0 <= __ste_Client_Keyring0_PublicKey2)) || !(0 <= __GUIDSL_NON_TERMINAL_main)) || !(__ste_client_name2 <= 0)) || !(1 <= bob)) || !(head == 0)) || !(__ste_email_subject0 <= 0)) || !(0 <= __ste_Client_Keyring2_User1)) || !(0 <= __ste_client_name2)) || !(__ste_client_forwardReceiver3 <= 0)) || !(\old(__ste_email_to0) <= 2)) || !(1 <= \old(msg))) || !(0 <= __ste_email_isSignatureVerified1)) || !(__SELECTED_FEATURE_Sign == 0)) || !(0 <= __ste_email_signKey1)) || !(0 <= __ste_client_outbuffer1)) || !(0 <= __ste_ClientAddressBook_size1)) || !(0 <= __ste_client_name0)) || !(0 <= \old(queued_client))) || !(0 <= __ste_Client_AddressBook1_Alias0)) || !(__ste_Client_Keyring1_User1 == 0)) || !(__ste_client_outbuffer0 <= 0)) || !(__ste_client_name0 <= 0)) || !(__ste_email_id1 <= 0)) || !(__SELECTED_FEATURE_Encrypt <= 0)) || !(__ste_client_privateKey2 <= 0)) || !(0 <= __ste_email_isSigned0)) || !(0 <= __ste_client_autoResponse2)) || !(__ste_Client_AddressBook0_Alias0 == 0)) || !(__ste_Client_Keyring1_PublicKey2 <= 0)) || !(__ste_Client_Keyring1_PublicKey0 <= 0)) || !(__ste_client_outbuffer3 == 0)) || !(__ste_client_autoResponse0 <= 0)) || !(__ste_Client_AddressBook0_Alias2 <= 0)) || !(0 <= __ste_client_privateKey2)) || !(__ste_ClientKeyring_size1 <= 0)) || !(__ste_client_name0 <= 0)) || !(__ste_Client_Keyring2_PublicKey1 == 0)) || !(__SELECTED_FEATURE_Base == 0)) || !(__ste_Client_AddressBook1_Alias2 <= 0)) || !(__ste_email_encryptionKey1 == 0)) || !(#NULL <= 0)) || !(__ste_Client_AddressBook0_Address1 <= 0)) || !(0 <= __ste_client_forwardReceiver2)) || !(__ste_email_subject0 <= 0)) || !(0 <= __ste_Email_counter)) || !(0 <= __SELECTED_FEATURE_Encrypt)) || !(__ste_Client_Keyring1_User0 <= 0)) || !(0 <= __ste_email_isEncrypted1)) || !(#NULL == 0)) || !(__ste_Client_Keyring0_PublicKey1 == 0)) || !(__ste_Client_Keyring0_User1 == 0)) || !(0 <= __ste_ClientKeyring_size0)) || !(__ste_Client_AddressBook0_Address2 <= 0)) || !(chuck <= 3)) || !(0 <= __SELECTED_FEATURE_Verify)) || !(__ste_Client_Keyring2_User1 <= 0)) || !(0 <= __ste_client_forwardReceiver3)) || !(0 <= __ste_Client_AddressBook2_Alias1)) || !(__ste_Client_Keyring2_User2 <= 0)) || !(0 <= __ste_email_isSigned1)) || !(__SELECTED_FEATURE_AddressBook <= 0)) || !(__ste_email_subject1 == 0)) || !(0 <= __ste_Client_AddressBook1_Alias2)) || (((((((((((((((((((((((((((((((((((1 <= \old(client) && \old(msg) <= 1) && 0 <= 2147483648 + \result) && 1 <= msg) && queued_message <= 0) && __ste_email_from0 <= 2147483647) && 1 <= client) && 0 <= __ste_email_from0 + 2147483648) && \result <= 2147483647) && queue_empty <= 1) && 1 <= handle) && aux-getEmailTo(msg)-aux <= 2) && 1 <= \old(msg)) && __ste_client_idCounter0 <= 2147483647) && 1 <= queue_empty) && 0 <= retValue_acc + 2147483648) && 0 <= queued_message) && \old(handle) <= 1) && tmp <= 2147483647) && 1 <= msg) && client <= 1) && 0 <= queued_client) && msg <= 1) && \old(client) <= 1) && msg <= 1) && 2 <= aux-getEmailTo(msg)-aux) && retValue_acc <= 2147483647) && 1 <= \old(handle)) && handle <= 1) && client <= 1) && 0 <= __ste_client_idCounter0 + 2147483648) && 2 <= __ste_email_to0) && __ste_email_to0 <= 2) && 1 <= client) && 0 <= tmp + 2147483648) && queued_client <= 0)) || !(__ste_email_isSigned1 <= 0)) || !(__ste_Client_AddressBook2_Address2 == 0)) || !(__ste_client_name1 == 0)) || !(__ste_client_forwardReceiver2 <= 0)) || !(0 <= __ste_Client_Keyring2_User2)) || !(__SELECTED_FEATURE_Keys <= 0)) || !(__ste_email_body0 == 0)) || !(__ste_ClientKeyring_size2 == 0)) || !(0 <= __ste_Client_Keyring0_PublicKey0)) || !(0 <= __ste_client_name1)) || !(\old(queue_empty) <= 1)) || !(__ste_Client_AddressBook0_Address0 <= 0)) || !(0 <= __ste_Client_AddressBook0_Address0)) || !(__ste_client_idCounter2 <= 3)) || !(__ste_Client_AddressBook1_Address0 == 0)) || !(0 <= __ste_Client_AddressBook0_Alias1)) || !(2 <= \old(__ste_email_to0))) || !(0 <= __ste_email_id0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(__ste_email_isSignatureVerified0 <= 0)) || !(0 <= __ste_Client_Keyring1_PublicKey0)) || !(0 <= __ste_ClientAddressBook_size0)) || !(1 <= \old(queue_empty))) || !(0 <= __SELECTED_FEATURE_Keys)) || !(\old(__ste_email_from0) <= 0)) || !(__GUIDSL_ROOT_PRODUCTION <= 0)) || !(__ste_client_forwardReceiver1 <= 0)) || !(__ste_email_body1 <= 0)) || !(__ste_Client_Keyring2_PublicKey2 <= 0)) || !(__ste_email_isEncrypted0 <= 0)) || !(__ste_client_autoResponse2 <= 0)) || !(__ste_Client_Keyring2_PublicKey0 <= 0)) || !(0 <= __ste_Client_Keyring1_User0)) || !(0 <= __ste_client_name0)) || !(0 <= __ste_client_outbuffer0)) || !(0 <= __ste_client_autoResponse1)) || !(__ste_email_encryptionKey0 <= 0)) || !(0 <= __ste_client_autoResponse0)) || !(__ste_Client_Keyring0_User0 <= 0)) || !(__ste_client_outbuffer2 == 0)) || !(0 <= __ste_Client_AddressBook0_Address1)) || !(__ste_client_name1 <= 0)) || !(__ste_email_isSignatureVerified1 <= 0)) || !(__ste_Email_counter <= 0)) || !(__ste_Client_Keyring2_User0 == 0)) || !(0 <= __ste_email_signKey0)) || !(__GUIDSL_NON_TERMINAL_main <= 0)) || !(0 <= __ste_Client_AddressBook0_Address2)) || !(__ste_Client_Keyring0_PublicKey0 <= 0)) || !(__ste_Client_Keyring1_User2 <= 0)) || !(0 <= __ste_Client_Keyring2_PublicKey2)) || !(__ste_email_isSigned0 <= 0)) || !(__ste_email_id0 <= 0)) || !(__ste_email_signKey0 <= 0)) || !(3 <= __ste_client_idCounter2)) || !(0 <= __ste_email_isEncrypted0)) || !(0 <= __ste_email_subject0) - InvariantResult [Line: 2560]: Loop Invariant Derived loop invariant: ((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((!(__ste_client_privateKey0 <= 0) || !(0 <= __ste_email_subject0)) || !(__ste_Client_AddressBook1_Address2 == 0)) || !(0 <= __ste_Client_AddressBook2_Address1)) || !(0 <= \old(queued_message))) || !(__ste_email_isEncrypted1 <= 0)) || !(0 <= __ste_client_privateKey0)) || !(__ste_email_subject1 <= 0)) || !(0 <= \old(__ste_email_from0))) || !(__ste_email_signKey1 <= 0)) || !(__SELECTED_FEATURE_Verify <= 0)) || !(0 <= __ste_email_subject1)) || !(0 <= __ste_Client_AddressBook1_Address1)) || !(0 <= head)) || !(__ste_client_name2 == 0)) || !(__ste_Client_AddressBook1_Alias1 == 0)) || !(__SELECTED_FEATURE_AutoResponder <= 0)) || !(__ste_Client_AddressBook0_Alias1 <= 0)) || !(0 <= #NULL)) || !(__ste_client_privateKey1 <= 0)) || !(__ste_Client_AddressBook2_Alias0 <= 0)) || !(0 <= __ste_client_forwardReceiver1)) || !(0 <= __ste_client_privateKey1)) || !(__ste_Client_counter == 0)) || !(0 <= __ste_email_id1)) || !(__ste_Client_AddressBook2_Address1 <= 0)) || !(3 <= chuck)) || !(\old(queued_message) <= 0)) || !(__ste_ClientAddressBook_size1 <= 0)) || !(__ste_Client_Keyring1_PublicKey1 == 0)) || !(0 <= __ste_Client_Keyring0_User0)) || !(0 <= __ste_email_body1)) || !(\old(queued_client) <= 0)) || !(__ste_ClientAddressBook_size2 == 0)) || !(0 <= __ste_email_encryptionKey0)) || !(0 <= __ste_Client_Keyring1_User2)) || !(__ste_ClientKeyring_size0 <= 0)) || !(0 <= __SELECTED_FEATURE_AddressBook)) || (((((((((((((((((queued_message <= 0 && \old(receiver) == receiver) && from == __ste_email_from0) && to <= 2) && 0 <= queued_message) && from == \old(from)) && 1 <= sender) && sender <= 1) && \old(queue_empty) == queue_empty) && __ste_email_from0 <= 0) && queued_client == \old(queued_client)) && \old(to) <= 2) && 2 <= \old(to)) && 2 <= __ste_email_to0) && 2 <= to) && __ste_email_to0 <= 2) && 1 == msg) && 0 <= \old(from))) || !(__SELECTED_FEATURE_Decrypt <= 0)) || !(0 <= __ste_Client_AddressBook2_Address0)) || !(__ste_client_outbuffer1 <= 0)) || !(__ste_Client_Keyring0_User2 == 0)) || !(0 <= __GUIDSL_ROOT_PRODUCTION)) || !(head <= 0)) || !(__ste_Client_AddressBook2_Alias2 == 0)) || !(\old(__ste_email_to1) <= 0)) || !(__ste_Client_Keyring0_PublicKey2 <= 0)) || !(0 <= __ste_Client_AddressBook2_Alias0)) || !(2 <= rjh)) || !(bob <= 1)) || !(0 <= __ste_ClientKeyring_size1)) || !(__ste_Client_AddressBook2_Address0 <= 0)) || !(0 <= __SELECTED_FEATURE_AutoResponder)) || !(__ste_ClientAddressBook_size0 <= 0)) || !(rjh <= 2)) || !(0 <= __ste_Client_AddressBook0_Alias2)) || !(0 <= __ste_email_isSignatureVerified0)) || !(__SELECTED_FEATURE_Forward == 0)) || !(__ste_Client_AddressBook2_Alias1 <= 0)) || !(0 <= __ste_Client_Keyring2_PublicKey0)) || !(__ste_Client_AddressBook1_Alias0 <= 0)) || !(__ste_Client_AddressBook1_Address1 <= 0)) || !(__ste_email_body1 == 0)) || !(0 <= __SELECTED_FEATURE_Decrypt)) || !(__ste_client_forwardReceiver0 == 0)) || !(__ste_email_body0 == 0)) || !(0 <= __ste_Client_Keyring1_PublicKey2)) || !(0 <= __ste_Client_Keyring0_PublicKey2)) || !(0 <= __GUIDSL_NON_TERMINAL_main)) || !(__ste_client_name2 <= 0)) || !(1 <= bob)) || !(head == 0)) || !(__ste_email_subject0 <= 0)) || !(0 <= __ste_Client_Keyring2_User1)) || !(0 <= __ste_client_name2)) || !(__ste_client_forwardReceiver3 <= 0)) || !(0 <= __ste_email_isSignatureVerified1)) || !(__SELECTED_FEATURE_Sign == 0)) || !(0 <= __ste_email_signKey1)) || !(0 <= __ste_client_outbuffer1)) || !(bob == \old(sender))) || !(0 <= __ste_ClientAddressBook_size1)) || !(0 <= \old(__ste_email_to1))) || !(0 <= __ste_client_name0)) || !(0 <= \old(queued_client))) || !(0 <= __ste_Client_AddressBook1_Alias0)) || !(__ste_Client_Keyring1_User1 == 0)) || !(__ste_client_outbuffer0 <= 0)) || !(__ste_client_name0 <= 0)) || !(__ste_email_id1 <= 0)) || !(__SELECTED_FEATURE_Encrypt <= 0)) || !(__ste_client_privateKey2 <= 0)) || !(0 <= __ste_email_isSigned0)) || !(0 <= __ste_client_autoResponse2)) || !(__ste_Client_AddressBook0_Alias0 == 0)) || !(__ste_Client_Keyring1_PublicKey2 <= 0)) || !(__ste_Client_Keyring1_PublicKey0 <= 0)) || !(__ste_client_outbuffer3 == 0)) || !(__ste_client_autoResponse0 <= 0)) || !(__ste_Client_AddressBook0_Alias2 <= 0)) || !(0 <= __ste_client_privateKey2)) || !(\old(receiver) == rjh)) || !(__ste_ClientKeyring_size1 <= 0)) || !(__ste_client_name0 <= 0)) || !(__ste_Client_Keyring2_PublicKey1 == 0)) || !(__SELECTED_FEATURE_Base == 0)) || !(__ste_Client_AddressBook1_Alias2 <= 0)) || !(0 <= \old(__ste_email_from1))) || !(__ste_email_encryptionKey1 == 0)) || !(#NULL <= 0)) || !(__ste_Client_AddressBook0_Address1 <= 0)) || !(0 <= __ste_client_forwardReceiver2)) || !(__ste_email_subject0 <= 0)) || !(0 <= __ste_Email_counter)) || !(0 <= __SELECTED_FEATURE_Encrypt)) || !(__ste_Client_Keyring1_User0 <= 0)) || !(0 <= __ste_email_isEncrypted1)) || !(#NULL == 0)) || !(__ste_Client_Keyring0_PublicKey1 == 0)) || !(__ste_Client_Keyring0_User1 == 0)) || !(0 <= __ste_ClientKeyring_size0)) || !(__ste_Client_AddressBook0_Address2 <= 0)) || !(chuck <= 3)) || !(0 <= __SELECTED_FEATURE_Verify)) || !(__ste_Client_Keyring2_User1 <= 0)) || !(0 <= __ste_client_forwardReceiver3)) || !(0 <= __ste_Client_AddressBook2_Alias1)) || !(\old(__ste_email_to0) <= 0)) || !(__ste_Client_Keyring2_User2 <= 0)) || !(0 <= __ste_email_isSigned1)) || !(__SELECTED_FEATURE_AddressBook <= 0)) || !(__ste_email_subject1 == 0)) || !(0 <= __ste_Client_AddressBook1_Alias2)) || !(__ste_email_isSigned1 <= 0)) || !(__ste_Client_AddressBook2_Address2 == 0)) || !(__ste_client_name1 == 0)) || !(__ste_client_forwardReceiver2 <= 0)) || !(0 <= __ste_Client_Keyring2_User2)) || !(__SELECTED_FEATURE_Keys <= 0)) || !(__ste_email_body0 == 0)) || !(__ste_ClientKeyring_size2 == 0)) || !(0 <= __ste_Client_Keyring0_PublicKey0)) || !(\old(__ste_email_from1) <= 0)) || !(0 <= __ste_client_name1)) || !(\old(queue_empty) <= 1)) || !(__ste_Client_AddressBook0_Address0 <= 0)) || !(0 <= __ste_Client_AddressBook0_Address0)) || !(__ste_client_idCounter2 <= 3)) || !(__ste_Client_AddressBook1_Address0 == 0)) || !(0 <= __ste_Client_AddressBook0_Alias1)) || !(0 <= __ste_email_id0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(__ste_email_isSignatureVerified0 <= 0)) || !(0 <= __ste_Client_Keyring1_PublicKey0)) || !(0 <= __ste_ClientAddressBook_size0)) || !(1 <= \old(queue_empty))) || !(0 <= __SELECTED_FEATURE_Keys)) || !(\old(__ste_email_from0) <= 0)) || !(__GUIDSL_ROOT_PRODUCTION <= 0)) || !(__ste_client_forwardReceiver1 <= 0)) || !(__ste_email_body1 <= 0)) || !(__ste_Client_Keyring2_PublicKey2 <= 0)) || !(__ste_email_isEncrypted0 <= 0)) || !(__ste_client_autoResponse2 <= 0)) || !(__ste_Client_Keyring2_PublicKey0 <= 0)) || !(0 <= __ste_Client_Keyring1_User0)) || !(0 <= __ste_client_name0)) || !(0 <= __ste_client_outbuffer0)) || !(0 <= __ste_client_autoResponse1)) || !(__ste_email_encryptionKey0 <= 0)) || !(0 <= __ste_client_autoResponse0)) || !(__ste_Client_Keyring0_User0 <= 0)) || !(__ste_client_outbuffer2 == 0)) || !(0 <= \old(__ste_email_to0))) || !(0 <= __ste_Client_AddressBook0_Address1)) || !(__ste_client_name1 <= 0)) || !(__ste_email_isSignatureVerified1 <= 0)) || !(__ste_Email_counter <= 0)) || !(__ste_Client_Keyring2_User0 == 0)) || !(0 <= __ste_email_signKey0)) || !(__GUIDSL_NON_TERMINAL_main <= 0)) || !(0 <= __ste_Client_AddressBook0_Address2)) || !(__ste_Client_Keyring0_PublicKey0 <= 0)) || !(__ste_Client_Keyring1_User2 <= 0)) || !(0 <= __ste_Client_Keyring2_PublicKey2)) || !(__ste_email_isSigned0 <= 0)) || !(__ste_email_id0 <= 0)) || !(__ste_email_signKey0 <= 0)) || !(3 <= __ste_client_idCounter2)) || !(0 <= __ste_email_isEncrypted0)) || !(0 <= __ste_email_subject0) - InvariantResult [Line: 1662]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 2396]: Loop Invariant Derived loop invariant: (((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((queued_client == 0 && __ste_Client_Keyring1_User2 == 0) && __GUIDSL_NON_TERMINAL_main == 0) && __ste_email_isEncrypted1 == 0) && __ste_email_subject0 == 0) && __SELECTED_FEATURE_Sign == 0) && 0 == __ste_Client_AddressBook0_Address2) && __cil_tmp2 == 0) && __ste_client_outbuffer3 == 0) && 1 <= \result) && 1 <= \old(bob___0)) && __ste_Client_counter == 0) && __ste_Client_Keyring1_PublicKey2 == 0) && __ste_client_autoResponse1 == 0) && 2 <= rjh___0) && __ste_Client_AddressBook2_Alias0 == 0) && __cil_tmp1 == 0) && 0 == __ste_email_subject0) && __ste_Client_AddressBook2_Alias1 == 0) && __ste_Client_Keyring2_PublicKey2 == 0) && __ste_client_forwardReceiver3 == 0) && \old(bob___0) <= 1) && 1 == retValue_acc) && __ste_client_name2 == 0) && __ste_client_name1 == 0) && \old(chuck___0) <= 3) && __SELECTED_FEATURE_Verify == 0) && __ste_Client_Keyring1_User0 == 0) && __ste_client_idCounter2 <= 3) && __ste_email_body1 == 0) && __SELECTED_FEATURE_Encrypt == 0) && __ste_Client_AddressBook1_Address2 == 0) && 1 <= bob___0) && __ste_ClientAddressBook_size1 == 0) && __ste_Client_Keyring0_PublicKey0 == 0) && __ste_Email_counter == 0) && __ste_ClientKeyring_size1 == 0) && __ste_email_body0 == 0) && __ste_email_isSignatureVerified0 == 0) && __ste_Client_Keyring0_User2 == 0) && __ste_ClientAddressBook_size0 == 0) && retValue_acc <= 2147483647) && __ste_Client_Keyring0_User1 == 0) && __ste_Client_AddressBook1_Alias1 == 0) && __ste_email_to1 == 0) && __ste_client_name1 == 0) && __ste_client_privateKey1 == 0) && head == 0) && __ste_client_name0 == 0) && __ste_Client_Keyring0_PublicKey2 == 0) && __ste_Client_Keyring1_PublicKey0 == 0) && __ste_email_to0 == 0) && __ste_email_signKey0 == 0) && __SELECTED_FEATURE_Decrypt == 0) && __ste_email_encryptionKey0 == 0) && __SELECTED_FEATURE_Keys == 0) && __SELECTED_FEATURE_AddressBook == 0) && __ste_client_forwardReceiver2 == 0) && __ste_Client_Keyring0_PublicKey1 == 0) && __SELECTED_FEATURE_Forward == 0) && rjh___0 <= 2) && __ste_Client_Keyring0_User0 == 0) && __ste_email_isSigned0 == 0) && __ste_Client_Keyring2_PublicKey1 == 0) && __ste_email_isSigned1 == 0) && __ste_email_body0 == 0) && __ste_Client_AddressBook0_Alias0 == 0) && __ste_email_id0 == 0) && \old(rjh___0) <= 2) && __ste_client_privateKey0 == 0) && __ste_email_from0 == 0) && __ste_Client_Keyring2_User1 == 0) && bob___0 <= 1) && 3 <= __ste_client_idCounter2) && __ste_Client_AddressBook2_Address2 == 0) && \result <= 1) && 3 == chuck) && __ste_Client_AddressBook2_Address1 == 0) && bob == 1) && tmp <= 1) && __ste_client_forwardReceiver1 == 0) && 3 <= chuck___0) && __ste_Client_AddressBook1_Alias2 == 0) && __ste_client_outbuffer0 == 0) && queue_empty == 1) && __SELECTED_FEATURE_Base == 0) && __ste_client_forwardReceiver0 == 0) && 3 <= \old(chuck___0)) && __ste_Client_Keyring2_User0 == 0) && rjh == 2) && 0 == __ste_Client_AddressBook0_Address1) && __ste_Client_AddressBook2_Address0 == 0) && __ste_email_isSignatureVerified1 == 0) && __ste_Client_Keyring1_PublicKey1 == 0) && __ste_Client_Keyring2_PublicKey0 == 0) && __ste_Client_AddressBook1_Address0 == 0) && __ste_client_name2 == 0) && __ste_email_from1 == 0) && 2 <= \old(rjh___0)) && __ste_email_subject1 == 0) && __cil_tmp2 == 25) && __ste_Client_AddressBook1_Alias0 == 0) && __ste_Client_Keyring2_User2 == 0) && head == 0) && chuck___0 <= 3) && __ste_client_privateKey2 == 0) && __ste_Client_Keyring1_User1 == 0) && #NULL == 0) && __ste_Client_AddressBook2_Alias2 == 0) && 1 <= tmp) && __ste_email_subject1 == 0) && __ste_Client_AddressBook0_Alias2 == 0) && __ste_ClientKeyring_size0 == 0) && __ste_email_isEncrypted0 == 0) && queued_message == 0) && __ste_Client_AddressBook1_Address1 == 0) && 0 == __ste_Client_AddressBook0_Address0) && __ste_client_outbuffer1 == 0) && 0 <= 2147483648 + retValue_acc) && __ste_Client_AddressBook0_Alias1 == 0) && __GUIDSL_ROOT_PRODUCTION == 0) && __cil_tmp1 == 24) && __ste_client_name0 == 0) && __ste_email_id1 == 0) && __ste_client_outbuffer2 == 0) && 0 <= unknown-#StackHeapBarrier-unknown) && __ste_ClientAddressBook_size2 == 0) && __SELECTED_FEATURE_AutoResponder == 0) && __ste_email_encryptionKey1 == 0) && __ste_client_autoResponse0 == 0) && __ste_email_body1 == 0) && __ste_ClientKeyring_size2 == 0) && __ste_client_autoResponse2 == 0) && #NULL == 0) && __ste_email_signKey1 == 0 - InvariantResult [Line: 1867]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 2386]: Loop Invariant Derived loop invariant: (((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((queued_client == 0 && __ste_Client_Keyring1_User2 == 0) && __GUIDSL_NON_TERMINAL_main == 0) && __ste_email_isEncrypted1 == 0) && __ste_email_subject0 == 0) && __SELECTED_FEATURE_Sign == 0) && 0 == __ste_Client_AddressBook0_Address2) && __ste_client_outbuffer3 == 0) && 1 <= \result) && 1 <= \old(bob___0)) && __ste_Client_counter == 0) && __ste_Client_Keyring1_PublicKey2 == 0) && __ste_client_autoResponse1 == 0) && 2 <= rjh___0) && __ste_Client_AddressBook2_Alias0 == 0) && __cil_tmp1 == 0) && 0 == __ste_email_subject0) && __ste_client_idCounter1 <= 2) && __ste_Client_AddressBook2_Alias1 == 0) && __ste_Client_Keyring2_PublicKey2 == 0) && __ste_client_forwardReceiver3 == 0) && \old(bob___0) <= 1) && 1 == retValue_acc) && __ste_client_name2 == 0) && __ste_client_name1 == 0) && __SELECTED_FEATURE_Verify == 0) && __ste_Client_Keyring1_User0 == 0) && __ste_email_body1 == 0) && __SELECTED_FEATURE_Encrypt == 0) && __ste_Client_AddressBook1_Address2 == 0) && 1 <= bob___0) && __ste_ClientAddressBook_size1 == 0) && __ste_Client_Keyring0_PublicKey0 == 0) && __ste_Email_counter == 0) && __ste_ClientKeyring_size1 == 0) && __ste_email_body0 == 0) && __ste_email_isSignatureVerified0 == 0) && __ste_Client_Keyring0_User2 == 0) && __ste_ClientAddressBook_size0 == 0) && retValue_acc <= 2147483647) && __ste_Client_Keyring0_User1 == 0) && __ste_Client_AddressBook1_Alias1 == 0) && __ste_email_to1 == 0) && __ste_client_name1 == 0) && __ste_client_privateKey1 == 0) && head == 0) && __ste_client_name0 == 0) && __ste_Client_Keyring0_PublicKey2 == 0) && __ste_Client_Keyring1_PublicKey0 == 0) && __ste_email_to0 == 0) && __ste_email_signKey0 == 0) && __SELECTED_FEATURE_Decrypt == 0) && __ste_email_encryptionKey0 == 0) && __SELECTED_FEATURE_Keys == 0) && __SELECTED_FEATURE_AddressBook == 0) && __ste_client_forwardReceiver2 == 0) && __ste_Client_Keyring0_PublicKey1 == 0) && __SELECTED_FEATURE_Forward == 0) && rjh___0 <= 2) && __ste_Client_Keyring0_User0 == 0) && __ste_email_isSigned0 == 0) && __ste_Client_Keyring2_PublicKey1 == 0) && __ste_email_isSigned1 == 0) && __ste_email_body0 == 0) && __ste_Client_AddressBook0_Alias0 == 0) && __ste_email_id0 == 0) && \old(rjh___0) <= 2) && __ste_client_privateKey0 == 0) && __ste_email_from0 == 0) && __ste_Client_Keyring2_User1 == 0) && bob___0 <= 1) && __ste_Client_AddressBook2_Address2 == 0) && \result <= 1) && __ste_Client_AddressBook2_Address1 == 0) && bob == 1) && tmp <= 1) && __ste_client_forwardReceiver1 == 0) && __ste_Client_AddressBook1_Alias2 == 0) && 2 <= __ste_client_idCounter1) && __ste_client_outbuffer0 == 0) && queue_empty == 1) && __SELECTED_FEATURE_Base == 0) && __ste_client_forwardReceiver0 == 0) && __ste_Client_Keyring2_User0 == 0) && rjh == 2) && 0 == __ste_Client_AddressBook0_Address1) && __ste_Client_AddressBook2_Address0 == 0) && __ste_email_isSignatureVerified1 == 0) && __ste_Client_Keyring1_PublicKey1 == 0) && __ste_Client_Keyring2_PublicKey0 == 0) && __ste_Client_AddressBook1_Address0 == 0) && __ste_client_name2 == 0) && __ste_email_from1 == 0) && 2 <= \old(rjh___0)) && __ste_email_subject1 == 0) && __ste_Client_AddressBook1_Alias0 == 0) && __ste_Client_Keyring2_User2 == 0) && head == 0) && __ste_client_privateKey2 == 0) && __ste_Client_Keyring1_User1 == 0) && #NULL == 0) && __ste_Client_AddressBook2_Alias2 == 0) && 1 <= tmp) && __ste_email_subject1 == 0) && __ste_Client_AddressBook0_Alias2 == 0) && __ste_ClientKeyring_size0 == 0) && __ste_email_isEncrypted0 == 0) && queued_message == 0) && __ste_Client_AddressBook1_Address1 == 0) && 0 == __ste_Client_AddressBook0_Address0) && __ste_client_outbuffer1 == 0) && 0 <= 2147483648 + retValue_acc) && __ste_Client_AddressBook0_Alias1 == 0) && __GUIDSL_ROOT_PRODUCTION == 0) && __cil_tmp1 == 24) && chuck == 0) && __ste_client_name0 == 0) && __ste_email_id1 == 0) && __ste_client_outbuffer2 == 0) && 0 <= unknown-#StackHeapBarrier-unknown) && __ste_ClientAddressBook_size2 == 0) && __SELECTED_FEATURE_AutoResponder == 0) && __ste_email_encryptionKey1 == 0) && __ste_client_autoResponse0 == 0) && __ste_email_body1 == 0) && __ste_ClientKeyring_size2 == 0) && __ste_client_autoResponse2 == 0) && #NULL == 0) && __ste_email_signKey1 == 0 - InvariantResult [Line: 1903]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1835]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 2359]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 1757]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1820]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1914]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1632]: Loop Invariant Derived loop invariant: (((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((!(__ste_client_privateKey0 <= 0) || !(1 <= \old(client))) || !(0 <= __ste_email_subject0)) || !(__ste_Client_AddressBook1_Address2 == 0)) || !(0 <= __ste_Client_AddressBook2_Address1)) || !(0 <= \old(queued_message))) || !(__ste_email_isEncrypted1 <= 0)) || !(0 <= __ste_client_privateKey0)) || !(__ste_email_subject1 <= 0)) || !(0 <= \old(__ste_email_from0))) || !(__ste_email_signKey1 <= 0)) || !(__SELECTED_FEATURE_Verify <= 0)) || !(0 <= __ste_email_subject1)) || !(0 <= __ste_Client_AddressBook1_Address1)) || !(0 <= head)) || !(__ste_client_name2 == 0)) || !(__ste_Client_AddressBook1_Alias1 == 0)) || !(__SELECTED_FEATURE_AutoResponder <= 0)) || !(__ste_Client_AddressBook0_Alias1 <= 0)) || !(0 <= #NULL)) || !(__ste_client_privateKey1 <= 0)) || !(__ste_Client_AddressBook2_Alias0 <= 0)) || !(0 <= __ste_client_forwardReceiver1)) || !(0 <= __ste_client_privateKey1)) || !(__ste_Client_counter == 0)) || !(0 <= __ste_email_id1)) || !(__ste_Client_AddressBook2_Address1 <= 0)) || !(3 <= chuck)) || !(\old(queued_message) <= 0)) || !(__ste_ClientAddressBook_size1 <= 0)) || !(__ste_Client_Keyring1_PublicKey1 == 0)) || !(0 <= __ste_Client_Keyring0_User0)) || !(0 <= __ste_email_body1)) || !(\old(queued_client) <= 0)) || !(__ste_ClientAddressBook_size2 == 0)) || !(0 <= __ste_email_encryptionKey0)) || !(0 <= __ste_Client_Keyring1_User2)) || !(__ste_ClientKeyring_size0 <= 0)) || !(0 <= __SELECTED_FEATURE_AddressBook)) || !(__SELECTED_FEATURE_Decrypt <= 0)) || !(0 <= __ste_Client_AddressBook2_Address0)) || !(__ste_client_outbuffer1 <= 0)) || !(__ste_Client_Keyring0_User2 == 0)) || !(0 <= __GUIDSL_ROOT_PRODUCTION)) || !(head <= 0)) || !(__ste_Client_AddressBook2_Alias2 == 0)) || !(__ste_Client_Keyring0_PublicKey2 <= 0)) || !(0 <= __ste_Client_AddressBook2_Alias0)) || !(2 <= rjh)) || !(\old(msg) <= 1)) || !(bob <= 1)) || !(0 <= __ste_ClientKeyring_size1)) || !(__ste_Client_AddressBook2_Address0 <= 0)) || !(\old(client) <= 1)) || !(0 <= __SELECTED_FEATURE_AutoResponder)) || !(__ste_ClientAddressBook_size0 <= 0)) || !(rjh <= 2)) || !(0 <= __ste_Client_AddressBook0_Alias2)) || !(0 <= __ste_email_isSignatureVerified0)) || !(__SELECTED_FEATURE_Forward == 0)) || !(__ste_Client_AddressBook2_Alias1 <= 0)) || !(0 <= __ste_Client_Keyring2_PublicKey0)) || !(__ste_Client_AddressBook1_Alias0 <= 0)) || !(__ste_Client_AddressBook1_Address1 <= 0)) || !(__ste_email_body1 == 0)) || !(0 <= __SELECTED_FEATURE_Decrypt)) || !(__ste_client_forwardReceiver0 == 0)) || !(__ste_email_body0 == 0)) || !(0 <= __ste_Client_Keyring1_PublicKey2)) || !(0 <= __ste_Client_Keyring0_PublicKey2)) || !(0 <= __GUIDSL_NON_TERMINAL_main)) || !(__ste_client_name2 <= 0)) || !(1 <= bob)) || !(head == 0)) || !(__ste_email_subject0 <= 0)) || !(0 <= __ste_Client_Keyring2_User1)) || !(0 <= __ste_client_name2)) || !(__ste_client_forwardReceiver3 <= 0)) || !(\old(__ste_email_to0) <= 2)) || !(1 <= \old(msg))) || !(0 <= __ste_email_isSignatureVerified1)) || !(__SELECTED_FEATURE_Sign == 0)) || !(0 <= __ste_email_signKey1)) || !(0 <= __ste_client_outbuffer1)) || !(0 <= __ste_ClientAddressBook_size1)) || !(0 <= __ste_client_name0)) || !(0 <= \old(queued_client))) || !(0 <= __ste_Client_AddressBook1_Alias0)) || !(__ste_Client_Keyring1_User1 == 0)) || !(__ste_client_outbuffer0 <= 0)) || !(__ste_client_name0 <= 0)) || !(__ste_email_id1 <= 0)) || !(__SELECTED_FEATURE_Encrypt <= 0)) || !(__ste_client_privateKey2 <= 0)) || !(0 <= __ste_email_isSigned0)) || !(0 <= __ste_client_autoResponse2)) || !(__ste_Client_AddressBook0_Alias0 == 0)) || !(__ste_Client_Keyring1_PublicKey2 <= 0)) || !(__ste_Client_Keyring1_PublicKey0 <= 0)) || !(__ste_client_outbuffer3 == 0)) || !(__ste_client_autoResponse0 <= 0)) || !(__ste_Client_AddressBook0_Alias2 <= 0)) || !(0 <= __ste_client_privateKey2)) || !(__ste_ClientKeyring_size1 <= 0)) || !(__ste_client_name0 <= 0)) || !(__ste_Client_Keyring2_PublicKey1 == 0)) || !(__SELECTED_FEATURE_Base == 0)) || !(__ste_Client_AddressBook1_Alias2 <= 0)) || !(__ste_email_encryptionKey1 == 0)) || !(#NULL <= 0)) || !(__ste_Client_AddressBook0_Address1 <= 0)) || !(0 <= __ste_client_forwardReceiver2)) || !(__ste_email_subject0 <= 0)) || !(0 <= __ste_Email_counter)) || !(0 <= __SELECTED_FEATURE_Encrypt)) || !(__ste_Client_Keyring1_User0 <= 0)) || (((((((((((((((((((((((((((((((((((((((((((((((((((((((((2 <= tmp && \old(client) == client) && \old(client) == client) && 1 <= \old(client)) && \old(msg) <= 1) && 0 <= 2147483648 + \result) && \old(handle) == client) && \old(handle) == handle) && 1 <= msg) && \old(client) == client) && msg == \old(msg)) && client == \old(client)) && \old(client) == tmp) && queued_message <= 0) && \old(msg) == msg) && __ste_email_from0 <= 2147483647) && client == \old(client)) && 1 <= client) && 0 <= __ste_email_from0 + 2147483648) && msg == \old(msg)) && \result <= 2147483647) && client == \old(client)) && \old(msg) == msg) && queue_empty <= 1) && 1 <= handle) && \result == tmp) && \result == retValue_acc) && 1 <= \old(msg)) && msg == \old(msg)) && __ste_client_idCounter0 <= 2147483647) && msg == \old(msg)) && 1 <= queue_empty) && 0 <= retValue_acc + 2147483648) && 0 <= queued_message) && tmp <= 2) && \old(handle) <= 1) && tmp <= 2147483647) && 1 <= msg) && client <= 1) && 0 <= queued_client) && \old(msg) == msg) && msg <= 1) && msg == \old(msg)) && \old(client) <= 1) && client == \old(client)) && msg <= 1) && retValue_acc == __ste_client_autoResponse1) && retValue_acc <= 2147483647) && 1 <= \old(handle)) && handle <= 1) && client <= 1) && \result <= 2147483647) && 0 <= __ste_client_idCounter0 + 2147483648) && 2 <= __ste_email_to0) && __ste_email_to0 <= 2) && 1 <= client) && 0 <= tmp + 2147483648) && queued_client <= 0)) || !(0 <= __ste_email_isEncrypted1)) || !(#NULL == 0)) || !(__ste_Client_Keyring0_PublicKey1 == 0)) || !(__ste_Client_Keyring0_User1 == 0)) || !(0 <= __ste_ClientKeyring_size0)) || !(__ste_Client_AddressBook0_Address2 <= 0)) || !(chuck <= 3)) || !(0 <= __SELECTED_FEATURE_Verify)) || !(__ste_Client_Keyring2_User1 <= 0)) || !(0 <= __ste_client_forwardReceiver3)) || !(0 <= __ste_Client_AddressBook2_Alias1)) || !(__ste_Client_Keyring2_User2 <= 0)) || !(0 <= __ste_email_isSigned1)) || !(__SELECTED_FEATURE_AddressBook <= 0)) || !(__ste_email_subject1 == 0)) || !(0 <= __ste_Client_AddressBook1_Alias2)) || !(__ste_email_isSigned1 <= 0)) || !(__ste_Client_AddressBook2_Address2 == 0)) || !(__ste_client_name1 == 0)) || 1 == tmp) || !(__ste_client_forwardReceiver2 <= 0)) || !(0 <= __ste_Client_Keyring2_User2)) || !(__SELECTED_FEATURE_Keys <= 0)) || !(__ste_email_body0 == 0)) || !(__ste_ClientKeyring_size2 == 0)) || !(0 <= __ste_Client_Keyring0_PublicKey0)) || !(0 <= __ste_client_name1)) || !(\old(queue_empty) <= 1)) || !(__ste_Client_AddressBook0_Address0 <= 0)) || !(0 <= __ste_Client_AddressBook0_Address0)) || !(__ste_client_idCounter2 <= 3)) || !(__ste_Client_AddressBook1_Address0 == 0)) || !(0 <= __ste_Client_AddressBook0_Alias1)) || !(2 <= \old(__ste_email_to0))) || !(0 <= __ste_email_id0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(__ste_email_isSignatureVerified0 <= 0)) || !(0 <= __ste_Client_Keyring1_PublicKey0)) || !(0 <= __ste_ClientAddressBook_size0)) || !(1 <= \old(queue_empty))) || !(0 <= __SELECTED_FEATURE_Keys)) || !(\old(__ste_email_from0) <= 0)) || !(__GUIDSL_ROOT_PRODUCTION <= 0)) || !(__ste_client_forwardReceiver1 <= 0)) || !(__ste_email_body1 <= 0)) || !(__ste_Client_Keyring2_PublicKey2 <= 0)) || !(__ste_email_isEncrypted0 <= 0)) || !(__ste_client_autoResponse2 <= 0)) || !(__ste_Client_Keyring2_PublicKey0 <= 0)) || !(0 <= __ste_Client_Keyring1_User0)) || !(0 <= __ste_client_name0)) || !(0 <= __ste_client_outbuffer0)) || !(0 <= __ste_client_autoResponse1)) || !(__ste_email_encryptionKey0 <= 0)) || !(0 <= __ste_client_autoResponse0)) || !(__ste_Client_Keyring0_User0 <= 0)) || !(__ste_client_outbuffer2 == 0)) || !(0 <= __ste_Client_AddressBook0_Address1)) || !(__ste_client_name1 <= 0)) || !(__ste_email_isSignatureVerified1 <= 0)) || !(__ste_Email_counter <= 0)) || !(__ste_Client_Keyring2_User0 == 0)) || !(0 <= __ste_email_signKey0)) || !(__GUIDSL_NON_TERMINAL_main <= 0)) || !(0 <= __ste_Client_AddressBook0_Address2)) || !(__ste_Client_Keyring0_PublicKey0 <= 0)) || !(__ste_Client_Keyring1_User2 <= 0)) || !(0 <= __ste_Client_Keyring2_PublicKey2)) || !(__ste_email_isSigned0 <= 0)) || !(__ste_email_id0 <= 0)) || !(__ste_email_signKey0 <= 0)) || !(3 <= __ste_client_idCounter2)) || !(0 <= __ste_email_isEncrypted0)) || !(0 <= __ste_email_subject0) - InvariantResult [Line: 1882]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 2417]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1856]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 2336]: Loop Invariant Derived loop invariant: 1 == tmp - InvariantResult [Line: 2473]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1892]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: -1]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1831]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 2376]: Loop Invariant Derived loop invariant: (((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((queued_client == 0 && __ste_Client_Keyring1_User2 == 0) && __GUIDSL_NON_TERMINAL_main == 0) && __ste_email_isEncrypted1 == 0) && __ste_email_subject0 == 0) && __SELECTED_FEATURE_Sign == 0) && 0 == __ste_Client_AddressBook0_Address2) && __ste_client_outbuffer3 == 0) && 1 <= \result) && 1 <= \old(bob___0)) && __ste_Client_counter == 0) && rjh == 0) && __ste_Client_Keyring1_PublicKey2 == 0) && __ste_client_autoResponse1 == 0) && __ste_Client_AddressBook2_Alias0 == 0) && 0 == __ste_email_subject0) && __ste_Client_AddressBook2_Alias1 == 0) && __ste_Client_Keyring2_PublicKey2 == 0) && __ste_client_forwardReceiver3 == 0) && \old(bob___0) <= 1) && 1 == retValue_acc) && __ste_client_name2 == 0) && __ste_client_name1 == 0) && __SELECTED_FEATURE_Verify == 0) && __ste_Client_Keyring1_User0 == 0) && __ste_email_body1 == 0) && __SELECTED_FEATURE_Encrypt == 0) && __ste_Client_AddressBook1_Address2 == 0) && 1 <= bob___0) && __ste_ClientAddressBook_size1 == 0) && __ste_Client_Keyring0_PublicKey0 == 0) && __ste_Email_counter == 0) && __ste_ClientKeyring_size1 == 0) && __ste_email_body0 == 0) && __ste_email_isSignatureVerified0 == 0) && __ste_Client_Keyring0_User2 == 0) && __ste_ClientAddressBook_size0 == 0) && retValue_acc <= 2147483647) && __ste_Client_Keyring0_User1 == 0) && __ste_Client_AddressBook1_Alias1 == 0) && __ste_email_to1 == 0) && __ste_client_name1 == 0) && __ste_client_privateKey1 == 0) && head == 0) && __ste_client_name0 == 0) && __ste_Client_Keyring0_PublicKey2 == 0) && __ste_Client_Keyring1_PublicKey0 == 0) && __ste_email_to0 == 0) && __ste_email_signKey0 == 0) && __SELECTED_FEATURE_Decrypt == 0) && __ste_email_encryptionKey0 == 0) && __SELECTED_FEATURE_Keys == 0) && __SELECTED_FEATURE_AddressBook == 0) && __ste_client_forwardReceiver2 == 0) && __ste_Client_Keyring0_PublicKey1 == 0) && __SELECTED_FEATURE_Forward == 0) && __ste_Client_Keyring0_User0 == 0) && __ste_email_isSigned0 == 0) && __ste_Client_Keyring2_PublicKey1 == 0) && __ste_email_isSigned1 == 0) && __ste_email_body0 == 0) && __ste_Client_AddressBook0_Alias0 == 0) && __ste_email_id0 == 0) && __ste_client_privateKey0 == 0) && __ste_email_from0 == 0) && __ste_Client_Keyring2_User1 == 0) && bob___0 <= 1) && __ste_Client_AddressBook2_Address2 == 0) && \result <= 1) && __ste_Client_AddressBook2_Address1 == 0) && bob == 1) && tmp <= 1) && __ste_client_forwardReceiver1 == 0) && __ste_Client_AddressBook1_Alias2 == 0) && __ste_client_outbuffer0 == 0) && queue_empty == 1) && __SELECTED_FEATURE_Base == 0) && __ste_client_forwardReceiver0 == 0) && __ste_Client_Keyring2_User0 == 0) && 0 == __ste_Client_AddressBook0_Address1) && __ste_Client_AddressBook2_Address0 == 0) && __ste_email_isSignatureVerified1 == 0) && __ste_Client_Keyring1_PublicKey1 == 0) && __ste_Client_Keyring2_PublicKey0 == 0) && __ste_Client_AddressBook1_Address0 == 0) && __ste_client_name2 == 0) && __ste_email_from1 == 0) && __ste_client_idCounter0 <= 1) && __ste_email_subject1 == 0) && __ste_Client_AddressBook1_Alias0 == 0) && __ste_Client_Keyring2_User2 == 0) && head == 0) && __ste_client_privateKey2 == 0) && __ste_Client_Keyring1_User1 == 0) && #NULL == 0) && __ste_Client_AddressBook2_Alias2 == 0) && 1 <= tmp) && __ste_email_subject1 == 0) && __ste_Client_AddressBook0_Alias2 == 0) && __ste_ClientKeyring_size0 == 0) && __ste_email_isEncrypted0 == 0) && queued_message == 0) && __ste_Client_AddressBook1_Address1 == 0) && 0 == __ste_Client_AddressBook0_Address0) && 1 <= __ste_client_idCounter0) && __ste_client_outbuffer1 == 0) && 0 <= 2147483648 + retValue_acc) && __ste_Client_AddressBook0_Alias1 == 0) && __GUIDSL_ROOT_PRODUCTION == 0) && chuck == 0) && __ste_client_name0 == 0) && __ste_email_id1 == 0) && __ste_client_outbuffer2 == 0) && 0 <= unknown-#StackHeapBarrier-unknown) && __ste_ClientAddressBook_size2 == 0) && __SELECTED_FEATURE_AutoResponder == 0) && __ste_email_encryptionKey1 == 0) && __ste_client_autoResponse0 == 0) && __ste_email_body1 == 0) && __ste_ClientKeyring_size2 == 0) && __ste_client_autoResponse2 == 0) && #NULL == 0) && __ste_email_signKey1 == 0 - InvariantResult [Line: 1925]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 2406]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1600]: Loop Invariant Derived loop invariant: ((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((!(__ste_client_privateKey0 <= 0) || !(1 <= \old(client))) || !(0 <= __ste_email_subject0)) || !(__ste_Client_AddressBook1_Address2 == 0)) || !(0 <= __ste_Client_AddressBook2_Address1)) || !(0 <= \old(queued_message))) || !(__ste_email_isEncrypted1 <= 0)) || !(0 <= __ste_client_privateKey0)) || !(__ste_email_subject1 <= 0)) || !(0 <= \old(__ste_email_from0))) || !(__ste_email_signKey1 <= 0)) || !(__SELECTED_FEATURE_Verify <= 0)) || !(0 <= __ste_email_subject1)) || !(0 <= __ste_Client_AddressBook1_Address1)) || !(0 <= head)) || !(__ste_client_name2 == 0)) || !(__ste_Client_AddressBook1_Alias1 == 0)) || !(__SELECTED_FEATURE_AutoResponder <= 0)) || !(__ste_Client_AddressBook0_Alias1 <= 0)) || !(0 <= #NULL)) || !(__ste_client_privateKey1 <= 0)) || !(__ste_Client_AddressBook2_Alias0 <= 0)) || !(0 <= __ste_client_forwardReceiver1)) || !(0 <= __ste_client_privateKey1)) || !(__ste_Client_counter == 0)) || !(0 <= __ste_email_id1)) || !(__ste_Client_AddressBook2_Address1 <= 0)) || !(3 <= chuck)) || !(\old(queued_message) <= 0)) || !(__ste_ClientAddressBook_size1 <= 0)) || !(__ste_Client_Keyring1_PublicKey1 == 0)) || !(0 <= __ste_Client_Keyring0_User0)) || !(0 <= __ste_email_body1)) || !(\old(queued_client) <= 0)) || !(__ste_ClientAddressBook_size2 == 0)) || !(0 <= __ste_email_encryptionKey0)) || !(0 <= __ste_Client_Keyring1_User2)) || !(__ste_ClientKeyring_size0 <= 0)) || !(0 <= __SELECTED_FEATURE_AddressBook)) || !(__SELECTED_FEATURE_Decrypt <= 0)) || !(0 <= __ste_Client_AddressBook2_Address0)) || !(__ste_client_outbuffer1 <= 0)) || !(__ste_Client_Keyring0_User2 == 0)) || !(0 <= __GUIDSL_ROOT_PRODUCTION)) || !(head <= 0)) || !(__ste_Client_AddressBook2_Alias2 == 0)) || !(__ste_Client_Keyring0_PublicKey2 <= 0)) || !(0 <= __ste_Client_AddressBook2_Alias0)) || !(2 <= rjh)) || !(\old(msg) <= 1)) || !(bob <= 1)) || !(0 <= __ste_ClientKeyring_size1)) || !(__ste_Client_AddressBook2_Address0 <= 0)) || !(\old(client) <= 1)) || !(0 <= __SELECTED_FEATURE_AutoResponder)) || !(__ste_ClientAddressBook_size0 <= 0)) || !(rjh <= 2)) || !(0 <= __ste_Client_AddressBook0_Alias2)) || !(0 <= __ste_email_isSignatureVerified0)) || !(__SELECTED_FEATURE_Forward == 0)) || !(__ste_Client_AddressBook2_Alias1 <= 0)) || !(0 <= __ste_Client_Keyring2_PublicKey0)) || !(__ste_Client_AddressBook1_Alias0 <= 0)) || !(__ste_Client_AddressBook1_Address1 <= 0)) || !(__ste_email_body1 == 0)) || !(0 <= __SELECTED_FEATURE_Decrypt)) || !(__ste_client_forwardReceiver0 == 0)) || !(__ste_email_body0 == 0)) || !(0 <= __ste_Client_Keyring1_PublicKey2)) || !(0 <= __ste_Client_Keyring0_PublicKey2)) || !(0 <= __GUIDSL_NON_TERMINAL_main)) || !(__ste_client_name2 <= 0)) || !(1 <= bob)) || !(head == 0)) || !(__ste_email_subject0 <= 0)) || !(0 <= __ste_Client_Keyring2_User1)) || !(0 <= __ste_client_name2)) || !(__ste_client_forwardReceiver3 <= 0)) || !(\old(__ste_email_to0) <= 2)) || !(1 <= \old(msg))) || !(0 <= __ste_email_isSignatureVerified1)) || !(__SELECTED_FEATURE_Sign == 0)) || !(0 <= __ste_email_signKey1)) || !(0 <= __ste_client_outbuffer1)) || !(0 <= __ste_ClientAddressBook_size1)) || !(0 <= __ste_client_name0)) || !(0 <= \old(queued_client))) || !(0 <= __ste_Client_AddressBook1_Alias0)) || !(__ste_Client_Keyring1_User1 == 0)) || !(__ste_client_outbuffer0 <= 0)) || !(__ste_client_name0 <= 0)) || !(__ste_email_id1 <= 0)) || !(__SELECTED_FEATURE_Encrypt <= 0)) || !(__ste_client_privateKey2 <= 0)) || !(0 <= __ste_email_isSigned0)) || !(0 <= __ste_client_autoResponse2)) || !(__ste_Client_AddressBook0_Alias0 == 0)) || !(__ste_Client_Keyring1_PublicKey2 <= 0)) || !(__ste_Client_Keyring1_PublicKey0 <= 0)) || !(__ste_client_outbuffer3 == 0)) || !(__ste_client_autoResponse0 <= 0)) || !(__ste_Client_AddressBook0_Alias2 <= 0)) || !(0 <= __ste_client_privateKey2)) || !(__ste_ClientKeyring_size1 <= 0)) || !(__ste_client_name0 <= 0)) || !(__ste_Client_Keyring2_PublicKey1 == 0)) || !(__SELECTED_FEATURE_Base == 0)) || !(__ste_Client_AddressBook1_Alias2 <= 0)) || !(__ste_email_encryptionKey1 == 0)) || !(#NULL <= 0)) || !(__ste_Client_AddressBook0_Address1 <= 0)) || !(0 <= __ste_client_forwardReceiver2)) || !(__ste_email_subject0 <= 0)) || !(0 <= __ste_Email_counter)) || !(0 <= __SELECTED_FEATURE_Encrypt)) || !(__ste_Client_Keyring1_User0 <= 0)) || !(0 <= __ste_email_isEncrypted1)) || !(#NULL == 0)) || !(__ste_Client_Keyring0_PublicKey1 == 0)) || !(__ste_Client_Keyring0_User1 == 0)) || !(0 <= __ste_ClientKeyring_size0)) || !(__ste_Client_AddressBook0_Address2 <= 0)) || !(chuck <= 3)) || !(0 <= __SELECTED_FEATURE_Verify)) || !(__ste_Client_Keyring2_User1 <= 0)) || !(0 <= __ste_client_forwardReceiver3)) || !(0 <= __ste_Client_AddressBook2_Alias1)) || !(__ste_Client_Keyring2_User2 <= 0)) || ((((((queued_message == \old(queued_message) && __ste_email_to0 == \old(__ste_email_to0)) && __ste_email_to1 == \old(__ste_email_to1)) && \old(__ste_email_from0) == __ste_email_from0) && \old(__ste_email_from1) == __ste_email_from1) && \old(queue_empty) == queue_empty) && queued_client == \old(queued_client))) || !(0 <= __ste_email_isSigned1)) || !(__SELECTED_FEATURE_AddressBook <= 0)) || !(__ste_email_subject1 == 0)) || !(0 <= __ste_Client_AddressBook1_Alias2)) || !(__ste_email_isSigned1 <= 0)) || !(__ste_Client_AddressBook2_Address2 == 0)) || !(__ste_client_name1 == 0)) || !(__ste_client_forwardReceiver2 <= 0)) || !(0 <= __ste_Client_Keyring2_User2)) || !(__SELECTED_FEATURE_Keys <= 0)) || !(__ste_email_body0 == 0)) || !(__ste_ClientKeyring_size2 == 0)) || !(0 <= __ste_Client_Keyring0_PublicKey0)) || !(0 <= __ste_client_name1)) || !(\old(queue_empty) <= 1)) || !(__ste_Client_AddressBook0_Address0 <= 0)) || !(0 <= __ste_Client_AddressBook0_Address0)) || !(__ste_client_idCounter2 <= 3)) || !(__ste_Client_AddressBook1_Address0 == 0)) || !(0 <= __ste_Client_AddressBook0_Alias1)) || !(2 <= \old(__ste_email_to0))) || !(0 <= __ste_email_id0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(__ste_email_isSignatureVerified0 <= 0)) || !(0 <= __ste_Client_Keyring1_PublicKey0)) || !(0 <= __ste_ClientAddressBook_size0)) || !(1 <= \old(queue_empty))) || !(0 <= __SELECTED_FEATURE_Keys)) || !(\old(__ste_email_from0) <= 0)) || !(__GUIDSL_ROOT_PRODUCTION <= 0)) || !(__ste_client_forwardReceiver1 <= 0)) || !(__ste_email_body1 <= 0)) || !(__ste_Client_Keyring2_PublicKey2 <= 0)) || !(__ste_email_isEncrypted0 <= 0)) || !(__ste_client_autoResponse2 <= 0)) || !(__ste_Client_Keyring2_PublicKey0 <= 0)) || !(0 <= __ste_Client_Keyring1_User0)) || !(0 <= __ste_client_name0)) || !(0 <= __ste_client_outbuffer0)) || !(0 <= __ste_client_autoResponse1)) || !(__ste_email_encryptionKey0 <= 0)) || !(0 <= __ste_client_autoResponse0)) || !(__ste_Client_Keyring0_User0 <= 0)) || !(__ste_client_outbuffer2 == 0)) || !(0 <= __ste_Client_AddressBook0_Address1)) || !(__ste_client_name1 <= 0)) || !(__ste_email_isSignatureVerified1 <= 0)) || !(__ste_Email_counter <= 0)) || !(__ste_Client_Keyring2_User0 == 0)) || !(0 <= __ste_email_signKey0)) || !(__GUIDSL_NON_TERMINAL_main <= 0)) || !(0 <= __ste_Client_AddressBook0_Address2)) || !(__ste_Client_Keyring0_PublicKey0 <= 0)) || !(__ste_Client_Keyring1_User2 <= 0)) || !(0 <= __ste_Client_Keyring2_PublicKey2)) || !(__ste_email_isSigned0 <= 0)) || !(__ste_email_id0 <= 0)) || !(__ste_email_signKey0 <= 0)) || !(3 <= __ste_client_idCounter2)) || !(0 <= __ste_email_isEncrypted0)) || !(0 <= __ste_email_subject0) - InvariantResult [Line: 1812]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1845]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 2527]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1737]: Loop Invariant Derived loop invariant: 1 == tmp - InvariantResult [Line: 1878]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1811]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 2414]: Loop Invariant Derived loop invariant: 1 RESULT: Ultimate proved your program to be correct! [2022-11-20 20:41:28,411 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ea9926e5-adbd-4c42-92bb-d26dbd59aef7/bin/utaipan-6cKwYrpEi9/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE