/usr/bin/java -Xmx8000000000 -Xss4m -jar ./plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata ./data -s ../../../trunk/examples/settings/gemcutter/NewStatesSleepPersistentFixedOrder-VarAbsGlobalSyntactic.epf --traceabstraction.cegar.restart.behaviour ONE_CEGAR_PER_ERROR_LOCATION --traceabstraction.cegar.restart.behaviour ONE_CEGAR_PER_THREAD_INSTANCE -tc ../../../trunk/examples/toolchains/AutomizerCInline.xml --cacsl2boogietranslator.check.unreachability.of.error.function.in.sv-comp.mode false --cacsl2boogietranslator.check.absence.of.signed.integer.overflows true -i ../../../trunk/examples/svcomp/weaver/parallel-bakery-3.wvr.c -------------------------------------------------------------------------------- This is Ultimate 0.2.2-dev-9868fc6-m [2022-11-15 13:11:07,781 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-15 13:11:07,783 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-15 13:11:07,810 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-15 13:11:07,811 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-15 13:11:07,813 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-15 13:11:07,815 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-15 13:11:07,818 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-15 13:11:07,819 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-15 13:11:07,822 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-15 13:11:07,823 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-15 13:11:07,824 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-15 13:11:07,824 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-15 13:11:07,826 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-15 13:11:07,827 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-15 13:11:07,828 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-15 13:11:07,828 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-15 13:11:07,829 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-15 13:11:07,830 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-15 13:11:07,834 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-15 13:11:07,835 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-15 13:11:07,836 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-15 13:11:07,837 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-15 13:11:07,837 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-15 13:11:07,842 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-15 13:11:07,842 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-15 13:11:07,842 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-15 13:11:07,843 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-15 13:11:07,843 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-15 13:11:07,844 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-15 13:11:07,844 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-15 13:11:07,844 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-15 13:11:07,845 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-15 13:11:07,846 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-15 13:11:07,846 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-15 13:11:07,846 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-15 13:11:07,847 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-15 13:11:07,847 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-15 13:11:07,847 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-15 13:11:07,847 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-15 13:11:07,848 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-15 13:11:07,848 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/settings/gemcutter/NewStatesSleepPersistentFixedOrder-VarAbsGlobalSyntactic.epf [2022-11-15 13:11:07,869 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-15 13:11:07,870 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-15 13:11:07,870 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-15 13:11:07,870 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-15 13:11:07,871 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-15 13:11:07,871 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-15 13:11:07,871 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-11-15 13:11:07,871 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-11-15 13:11:07,871 INFO L138 SettingsManager]: * Use SBE=true [2022-11-15 13:11:07,871 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-15 13:11:07,872 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-15 13:11:07,872 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-15 13:11:07,872 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-15 13:11:07,872 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-15 13:11:07,872 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-15 13:11:07,872 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-15 13:11:07,872 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-15 13:11:07,872 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-15 13:11:07,872 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-15 13:11:07,873 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-15 13:11:07,873 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-15 13:11:07,873 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-15 13:11:07,873 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-11-15 13:11:07,873 INFO L138 SettingsManager]: * To the following directory=./dump/ [2022-11-15 13:11:07,873 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-15 13:11:07,873 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-15 13:11:07,873 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-15 13:11:07,873 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-15 13:11:07,873 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-15 13:11:07,873 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-11-15 13:11:07,874 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-15 13:11:07,874 INFO L138 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2022-11-15 13:11:07,874 INFO L138 SettingsManager]: * Abstraction used for commutativity in POR=VARIABLES_GLOBAL [2022-11-15 13:11:07,874 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PARTIAL_ORDER_FA [2022-11-15 13:11:07,874 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-15 13:11:07,874 INFO L138 SettingsManager]: * CEGAR restart behaviour=ONE_CEGAR_PER_THREAD_INSTANCE [2022-11-15 13:11:07,874 INFO L138 SettingsManager]: * Partial Order Reduction in concurrent analysis=PERSISTENT_SLEEP_NEW_STATES_FIXEDORDER [2022-11-15 13:11:07,874 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2022-11-15 13:11:07,874 INFO L138 SettingsManager]: * Independence relation used for POR in concurrent analysis=SYNTACTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: CEGAR restart behaviour -> ONE_CEGAR_PER_ERROR_LOCATION You already specified option traceabstraction.cegar.restart.behaviour for an option of type Combo. Only options of type KeyValue can be specified multiple times. Arguments were "-ultimatedata ./data -s ../../../trunk/examples/settings/gemcutter/NewStatesSleepPersistentFixedOrder-VarAbsGlobalSyntactic.epf --traceabstraction.cegar.restart.behaviour ONE_CEGAR_PER_ERROR_LOCATION --traceabstraction.cegar.restart.behaviour ONE_CEGAR_PER_THREAD_INSTANCE -tc ../../../trunk/examples/toolchains/AutomizerCInline.xml --cacsl2boogietranslator.check.unreachability.of.error.function.in.sv-comp.mode false --cacsl2boogietranslator.check.absence.of.signed.integer.overflows true -i ../../../trunk/examples/svcomp/weaver/parallel-bakery-3.wvr.c" -- usage: Ultimate [OPTIONS] -tc -i [ ...] -tc,--toolchain Specify the path to an Ultimate toolchain file. Depending on the toolchain, you may have more options. -i,--input -s,--settings --generate-csv Generate .csv files from Statistics results and dump them to a directory (the directory name is chosen based on the filenames of input, toolchain and settings). The .csv files will also contain four additional columns in the beginning for Toolchainfile, Settingsfile, Inputfile, Result --csv-dir Specify the path to a directory where the generated .csv files should be stored. -h,--help --version --experimental Also show experimental options (even if they do not have a description). --core.print.statistic.results Print results of type StatisticsResult This option can either be true or false. The default value is true. --core.toolchain.timeout.in.seconds Specify the time in seconds after which Ultimate will terminate due to a timeout. The value has to be larger or equal to 0. A value of 0 disables the timeout. is a string representing an integer. The default value is 0. --procedureinliner.inline.calls.to.unimplemented.procedures Inline calls to unimplemented procedures. This option can either be true or false. The default value is false. --procedureinliner.inline.calls.to.implemented.procedures When to inline calls to implemented procedures. is a pre-defined value. Valid choices for are "ALWAYS", "NEVER", "ONLY_FOR_CONCURRENT_PROGRAMS", "ONLY_FOR_SEQUENTIAL_PROGRAMS". The default value is ALWAYS. --procedureinliner.ignore.calls.with.forall.modifier Do not inline calls with forall-star modifier (attempting to inline these can cause exceptions). This option can either be true or false. The default value is true. --procedureinliner.ignore.calls.to.procedures.with.free.requires.specifications Do not inline calls to procedures with free-requires specification (attempting to inline these can cause exceptions). This option can either be true or false. The default value is true. --procedureinliner.ignore.calls.to.and.inside.polymorphic.procedures Do not inline calls to and inside polymorphic procedures (attempting to inline these can cause exceptions). This option can either be true or false. The default value is true. --procedureinliner.ignore.calls.to.recursive.procedures Do not inline calls to recursive procedures (attempting to inline these can cause exceptions). This option can either be true or false. The default value is true. --procedureinliner.ignore.calls.to.procedures.called.more.than.once When to ignore calls to procedures called more than once. is a pre-defined value. Valid choices for are "ALWAYS", "NEVER", "ONLY_FOR_CONCURRENT_PROGRAMS", "ONLY_FOR_SEQUENTIAL_PROGRAMS". The default value is NEVER. --procedureinliner.user.list.type There are 3 sets of calls: ALL: All calls from the program PREF: Calls, selected by the other preferences LIST: Calls to procedures from the user list The user list type defines, how the are mixed: DISABLED = PREF BLACKLIST_RESTRICT = PREF \ LIST BLACKLIST_ONLY = ALL \ LIST WHITELIST_EXTEND = PREF u LIST WHITELIST_RESTRICT = PREF n LIST WHITELIST_ONLY = LIST is a pre-defined value. Valid choices for are "DISABLED", "BLACKLIST_RESTRICT", "BLACKLIST_ONLY", "WHITELIST_EXTEND", "WHITELIST_RESTRICT", "WHITELIST_ONLY". The default value is BLACKLIST_RESTRICT. --procedureinliner.user.list Procedure IDs/names separated by whitespace is a single line of text. The default value is . --procedureinliner.entry.procedures Procedure IDs/names separated by whitespace. is a single line of text. The default value is ULTIMATE.start. --procedureinliner.fallback.to.processing.everything If no entry procedure can be found, just treat every procedure as potential entry procedure. This option can either be true or false. The default value is true. --procedureinliner.remove.dead.code Eliminate dead code after inlining. This option can either be true or false. The default value is true. --abstractinterpretationv2.run.as.pre-analysis Do not report any results, suppress all exceptions except OOM, use 20% of available time. This option can either be true or false. The default value is false. --abstractinterpretationv2.use.the.rcfg-of-the-future.interface Instead of analysing Boogie, analyse transition formulas if run as stand-alone plugin (experimental) This option can either be true or false. The default value is false. --abstractinterpretationv2.threshold.for.exponential.widening Exponential widening will set matrix entries above this threshold to infinity. You may want to double the threshold, since interval bounds are stored with factor 2. is a single line of text. The default value is 131072. --abstractinterpretationv2.underlying.domain Select the abstract domain that provides predicates to the array domain is a pre-defined value. Valid choices for are "IntervalDomain", "OctagonDomain", "CongruenceDomain", "CompoundDomain". The default value is CompoundDomain. --abstractinterpretationv2.weq.fattening Fatten using full WeqCc ground truth before projectAway, if false only the ground Cc is used for fattening there. (more precise but costly, only makes a difference if weak equivalences are not deactivated) This option can either be true or false. The default value is false. --abstractinterpretationv2.deactivate.weak.equivalences Don't use any weak equivalences, perform the analysis based on congruence closure only This option can either be true or false. The default value is false. --abstractinterpretationv2.flatten.before.fatten Before doing a fattening weq fattening, of one weq edge, flatten all disjunctions on the weq graph to be fattened with. (only makes a difference when WeqFattening and weak equivalences are active This option can either be true or false. The default value is false. --abstractinterpretationv2.precise.comparison.operator Our comparison on (Weq)CongruenceClosure objects is imprecise, if this flag is set, we use the SMT solver instead, make precise comparisons This option can either be true or false. The default value is false. --abstractinterpretationv2.use.strongman Use SP to calculate post and then abstract the result instead of abstracting the transformula This option can either be true or false. The default value is false. --sifa.fluid Decides when to apply abstraction is a pre-defined value. Valid choices for are "NeverFluid", "SizeLimitFluid", "AlwaysFluid", "LogSizeWrapperFluid". The default value is SizeLimitFluid. --sifa.compounddomain.intern.domains List subdomains separated by `;`. Valid subdomains are ExplicitValueDomain IntervalDomain is a single line of text. The default value is ExplicitValueDomain;IntervalDomain. --sifa.sizelimitfluid.max.dag.size Abstract when formula's dag size exceeds (negative numbers disable this limit) is a string representing an integer. The default value is -1. --sifa.sizelimitfluid.max.disjunctions Abstract when formula has more disjuncts than (negative numbers disable this limit) is a string representing an integer. The default value is 8. --pea2boogie.pea.transformation.mode Switches between checking requirements and generating tests for requirements. is a pre-defined value. Valid choices for are "REQ_CHECK", "REQ_TEST". The default value is REQ_CHECK. --pea2boogie.report.trivial.rt-consistency Generate a result even if rt-consistency is shown during the generation of the assertion This option can either be true or false. The default value is false. --pea2boogie.rt-inconsistency.range How many requirements should be checked for rt-inconsistency at the same time? Allows only positive integer values. Note: This value increases the runtime exponentially!Note: A value of one can be used to check rt-inconsistency with invariants. is a string representing an integer. The default value is 2. --pea2boogie.always.use.all.invariants.during.rt-inconsistency.checks This setting controls whether invariant requirements are included in every rt-inconsistency check or if they are treated as separate requirements. If enabled, each rt-inconsistency check is of the form Invariants ��� (check over all remaining requirements). If disabled, invariants are not treated separately. This option can either be true or false. The default value is true. --pea2boogie.use.heuristic.to.find.input/output.definitions.if.none.are.given. If there is no explicit definition of inputs, outputs and internalvariables in the Requirements file (i.e. only inputs), use the follwing heuristics:Every variable that is never influenced by a requirement is an inputEvery variable that is never used in the precondition of a requirement is an outputThe rest is internal. Note: this is the most conservative assignment suited for demos, but usually not helpful in the wild This option can either be true or false. The default value is true. --pea2boogie.guess.initial.output.assignment Allow for the test generator to initially guess an arbitraryvalue for all output variables. This shall help finding tests for systems with feedback loops i.e. that require a previosu state to determine the successor state. Note: this will only work for the very firststep independend of length or usefulness. This option can either be true or false. The default value is false. --buchiautomizer.use.old.map.elimination Use either Matthias' (old) or Frank's (new) implementation of a map elimination algorithm This option can either be true or false. The default value is true. --cacsl2boogietranslator.entry.function Specify the entry function of the program. Use an empty string for library mode (i.e., assume all globals are non-deterministic and verify each function in isolation). is a single line of text. The default value is main. --cacsl2boogietranslator.sv-comp.memtrack.compatibility.mode Report UNKNOWN instead of UNSAFE if not all allocated memory was freed at the end of the main procedure. Rationale: at the SV-COMP we have to check if the program lost track of allocated memory. If this is set to false we are unsound (at SV-COMP) in cases where not all memory is freed but pointers to that memory are live at the end of the main procedure. This option can either be true or false. The default value is false. --cacsl2boogietranslator.overapproximate.operations.on.floating.types Overapproximate all operations on floats (including plus, minus, multiplication, conversions, etc.) by havoc. The resulting analysis will be fast and sound, but the result is UNKNOWN if such an operation occurs in a counterexample. This option can either be true or false. The default value is false. --cacsl2boogietranslator.let.fesetround.change.the.rounding.mode If enabled, fesetround can change the current rounding mode. If disabled, fesetround does nothing and always returns non-zero (no success). This option can either be true or false. The default value is true. --cacsl2boogietranslator.initial.rounding.mode Use the specified rounding mode as initial float rounding mode. is a pre-defined value. Valid choices for are "FE_DOWNWARD", "FE_TONEAREST", "FE_TOWARDZERO", "FE_UPWARD". The default value is FE_TONEAREST. --cacsl2boogietranslator.use.constant.arrays Use SMT constant arrays for default initialization of variables. This option can either be true or false. The default value is false. --cacsl2boogietranslator.use.store.chains Only for benchmarking -- do not use This option can either be true or false. The default value is false. --cacsl2boogietranslator.adapt.memory.model.on.pointer.casts.if.necessary When a pointer to a value with a small type (e.g. char) is cast to a larger pointer type (e.g. int*), and the memory model resolution is larger than the values's pointed to type size (for char: 1 Byte), the memory model is unsound. When this setting is on we attempt to detect this case, and automatically set the memory model to a higher resolution. This option can either be true or false. The default value is false. --cacsl2boogietranslator.string.overapproximation.threshold String literals that require this number of bytes or more are overapproximated, i.e., Ultimate assumes that the string can contain arbitrary bytes. is a string representing an integer. The default value is 9. --codecheck.use.predicate.trie.based.predicate.unification Use the newer predicate-trie based predicate unification algorithm. This option can either be true or false. The default value is false. --rcfgbuilder.add.additional.assume.for.each.assert While checking some specification, assume that all other specifications hold. This is only sound in a setting where the verification process stops after the first violated specification was found. This option can either be true or false. The default value is true. --rcfgbuilder.remove.assume.true.statements Removes all assume true statements while building the RCFG graph. This is in particular useful for concurrent programs. This option can either be true or false. The default value is true. --rcfgbuilder.compress.dumped.smt.script Compress the written .smt2 script with GZip This option can either be true or false. The default value is false. --traceabstraction.stop.after.first.violation.was.found Stop the analysis after the first violation was found. This option can either be true or false. The default value is true. --traceabstraction.cegar.restart.behaviour Control how many error locations are analyzed by a single CEGAR loop: all, only one, or other subsets. is a pre-defined value. Valid choices for are "ONLY_ONE_CEGAR", "ONE_CEGAR_PER_THREAD_INSTANCE", "ONE_CEGAR_PER_ERROR_LOCATION". The default value is ONLY_ONE_CEGAR. --traceabstraction.error.locations.removal.mode If "CEGAR restart behaviour" is not "ONE_CEGAR_PER_ERROR_LOCATION", i.e., if one CEGAR loop analyzes multiple error locations, reachable error locations are removed by refinining the abstraction with an error automaton specified by this mode. is a pre-defined value. Valid choices for are "SIMPLE_ERROR_AUTOMATON", "ERROR_AUTOMATON", "DANGER_AUTOMATON". The default value is SIMPLE_ERROR_AUTOMATON. --traceabstraction.reuse.of.floyd-hoare.automata Try to re-use interpolant automata from input files and/or previous runs. NONE disables the re-use, all other settings enable it. You can specifiy additional .ats files as input and the containing NWAs will be treated as additional interpolant automata. When Stop after first violation was found is false, this setting will additionally try to re-use the automata from previous runs. EAGER will compute the difference with the initial abstraction and all additional interpolant automatas before the first iteration of a run. LAZY_IN_ORDER tries in each iteration after a potential counterexample is found if one of the re-usable interpolant automata accepts the counterexample. If this is the case, this automaton is substracted from the current abstraction and removed from the set of reusable interpolant automata. is a pre-defined value. Valid choices for are "NONE", "EAGER", "LAZY_IN_ORDER". The default value is NONE. --traceabstraction.enhance.during.reuse.of.floyd-hoare.automata Specifies how to compute successors on-demand for re-use interpolant automata. is a pre-defined value. Valid choices for are "NONE", "AS_USUAL", "ONLY_NEW_LETTERS", "ONLY_NEW_LETTERS_SOLVER". The default value is NONE. --traceabstraction.limit.iterations Abort the analysis of either a single error location or the whole program if more than the specified amount of iterations occured. 0 disables this limit. is a string representing an integer. The default value is 1000000. --traceabstraction.limit.analysis.time Abort the analysis of either a single error location or the whole program if more time than specified has elapsed. Time is specified in seconds. 0 disables this limit. is a string representing an integer. The default value is 0. --traceabstraction.limit.path.program.analysis.attempts Abort the analysis of either a single error location or the whole program if the same path program has been induced by spurious counterexamples more than the specified amount of times. 0 disables this limit. is a string representing an integer. The default value is 0. --traceabstraction.limit.trace.histogram.size Abort the analysis of either a single error location or the whole program if the trace histogram of the current counterexample is larger than this value. 0 disables this limit. is a string representing an integer. The default value is 0. --traceabstraction.use.predicate.trie.based.predicate.unification Use the newer predicate-trie based predicate unification algorithm. This option can either be true or false. The default value is false. --traceabstraction.compress.dumped.smt.script Compress the written .smt2 script with GZip This option can either be true or false. The default value is false. --traceabstraction.assert.codeblocks.term.scoring.heuristic if Assert CodeBlocks is set to SMT_FEATURE_HEURISTIC, each term in a trace is scored. This setting defines which scoring method is used to score traces is a pre-defined value. Valid choices for are "NUM_FUNCTIONS", "NUM_VARIABLES", "DAGSIZE", "DEPENDENCY", "BIGGEST_EQUIVALENCE_CLASS", "AVERAGE_EQUIVALENCE_CLASS", "NUMBER_OF_EQUIVALENCE_CLASSES", "NUMBER_OF_SELECT_FUNCTIONS", "NUMBER_OF_STORE_FUNCTIONS", "COMPARE_FEATURES". The default value is NUM_FUNCTIONS. --traceabstraction.assert.codeblocks.term.scoring.heuristic.partitioning.strategy if Assert CodeBlocks is set to SMT_FEATURE_HEURISTIC, this setting defines which partitioning strategy is used. is a pre-defined value. Valid choices for are "FIXED_NUM_PARTITIONS", "THRESHOLD". The default value is FIXED_NUM_PARTITIONS. --traceabstraction.assert.codeblocks.term.scoring.heuristic.number.of.partitions If Assert CodeBlocks is set to SMT_FEATURE_HEURISTIC and partitioning strategy is FIXED_NUM_PARTITIONS, this setting defines the amount of partitions. is a string representing an integer. The default value is 4. --traceabstraction.assert.codeblocks.term.scoring.heuristic.score.threshold If Assert CodeBlocks is set to SMT_FEATURE_HEURISTIC and partitioning strategy is THRESHOLD, two partitions are created, one partition contains all terms >= threshold and one all terms < threshold The default value is 0.75. --traceabstraction.dump.only.reuse-automata When dumping automata is enabled, we only dump the interpolant automaton and add to that file if it exists s.t. it can be reused by later verification runs. This option can either be true or false. The default value is false. --traceabstraction.highlight.relevant.statements.in.error.traces Analyse error traces and identify relevant statements. Warning: For programs with floats, arrays, or pointers this analysis may take a significant amount of time. is a pre-defined value. Valid choices for are "NONE", "SINGLE_TRACE", "MULTI_TRACE". The default value is NONE. --traceabstraction.angelic.verification.mode Assume that unspecified inputs (e.g., external functions) return "safe" values during error trace relevance analysis. This option can either be true or false. The default value is false. --traceabstraction.trace.refinement.exception.blacklist Sets the category of solver result for which the verification is aborted (even if another solver is available). When set to ALL, every unusable solver result aborts the verification, if set to NONE none of them do. is a pre-defined value. Valid choices for are "NONE", "UNKNOWN", "DEPENDING", "ALL". The default value is DEPENDING. --traceabstraction.use.heuristic.emptiness.check Use heuristics to traverse/explorew a NWA during the check emptiness This option can either be true or false. The default value is false. --traceabstraction.astar.heuristic.to.use.during.heuristic.emptiness.check Defines which Heuristic is used by AStar during exploration of a NWA during the emptiness check. is a pre-defined value. Valid choices for are "ZERO", "RANDOM_HALF", "RANDOM_FULL", "SMT_FEATURE_COMPARISON". The default value is ZERO. --traceabstraction.astar.random.heuristic.seed Defines which seed is used for RANDOM_HALF and RANDOM_FULL heuristic is a string representing an integer. The default value is 1337. --traceabstraction.scoring.method.to.use.during.heuristic.emptiness.check Defines what Scoring method is used to score outgoing transitions of a NWA during the emptiness check. is a pre-defined value. Valid choices for are "NUM_FUNCTIONS", "NUM_VARIABLES", "DAGSIZE", "DEPENDENCY", "BIGGEST_EQUIVALENCE_CLASS", "AVERAGE_EQUIVALENCE_CLASS", "NUMBER_OF_EQUIVALENCE_CLASSES", "NUMBER_OF_SELECT_FUNCTIONS", "NUMBER_OF_STORE_FUNCTIONS", "COMPARE_FEATURES". The default value is DAGSIZE. --traceabstraction.extract.smt.features.during.analysis We Extract SMT features during analysis and dump them. This option can either be true or false. The default value is false. --traceabstraction.smt.feature.extraction.dump.path. We Extract SMT features during analysis and dump them to the given path is a string representing an absolute path to a single directory on the local file system. The default value is .. --traceabstraction.use.minimal.unsat.core.enumeration Highly experimental. Enable minimal unsat core enumeration with SMTInterpol. You can specify which heuristics should be used by setting appropriate SMT-LIB options. Contact Jochen Hoenicke or Leonard Fichtner for more information. This option can either be true or false. The default value is false. --icfgtransformation.fastupr.replacement.mode REPLACE_LOOP_EDGE replaces the loop edge in place (might be slow), REPLACE_EXIT_EDGE replaces the exit edge with a merge of the loop edge and the exit edge (unknown behavior for already transformed Icfg - e.g. if the exit edge was already merged with other edges) is a pre-defined value. Valid choices for are "REPLACE_LOOP_EDGE", "REPLACE_EXIT_EDGE". The default value is REPLACE_EXIT_EDGE. --icfgtransformation.loopacceleration.biesenbach.mode THROW_EXEPTION throws an exception whenever a loop could not be accelerated with a valid underapproximation, MARK_AS_OVERAPPROX allows underapproximations that contain overapproximations of single variables and ignores all other not-accelerabe loops, and DO_NOT_ACCELERATE only accelerates loops for which a valid underapproximation could be found. is a pre-defined value. Valid choices for are "THROW_EXEPTION", "MARK_AS_OVERAPPROX", "DO_NOT_ACCELERATE". The default value is MARK_AS_OVERAPPROX. --icfgtransformation.map.elimination.also.add.inequalities If true, inequalities provided by the IndexAnalysis are also added as conjuncts to the transformula (should be disabled for LassoRanker). This option can either be true or false. The default value is false. --icfgtransformation.map.elimination.add.only.trivial.implications.for.modified.arguments If true, implications such as (i = j) => (a[i] = a[j]), that occur during handling assignments of indices, are only added as conjuncts to the transformula, if the invariant i = j holds (so in this case only a[i] = a[j] is added). This option can either be true or false. The default value is true. --icfgtransformation.map.elimination.add.only.trivial.implications.for.array.writes If true, implications such as (i = j) => (a[i] = a[j]), that occur during handling array-writes, are only added as conjuncts to the transformula, if the invariant i = j holds (so in this case only a[i] = a[j] is added). This option can either be true or false. The default value is true. --icfgtransformation.map.elimination.add.only.implications.when.all.vars.are.in.transformula If true, implications such as (i = j) => (a[i] = a[j]) are only added as conjuncts to the transformula, if all free-vars of i and j occur in the transformula. This option can either be true or false. The default value is false. --icfgtransformation.map.elimination.monniaux.number.of.cells The number of cells that should be used to abstract a map. Must be non-zero positive. is a string representing an integer. The default value is 1. --witnessprinter.witness.directory Write witness to the specified directory. is a string representing an absolute path to a single directory on the local file system. The default value is .. --witnessprinter.witness.filename The filename of the generated witness. is a single line of text. The default value is witness.graphml. --witnessprinter.write.witness.besides.input.file Write witness as "-witness.graphml" in the same directory as the input file. All other output options are ignored. This option can either be true or false. The default value is true. --witnessprinter.command.to.execute.witness.verifier The command gets a witness file as first and an input file as second parameter.For CPA Checker, you should additionally set CPACHECKER_HOME is a single line of text. The default value is . --witnessprinter.path.to.prp.file Only for CPAChecker. The path to the .prp file may be relative to CPACHECKER_HOME. is a single line of text. The default value is . --witnessprinter.do.not.use.acsl Prevent the generation of invariants which require ACSL syntax This option can either be true or false. The default value is true. --witnessprinter.graph.data.specification Write the value of this option to the witness graph data attribute "specification" is a single line of text. The default value is UNUSED. --witnessprinter.graph.data.programhash Write the value of this option to the witness graph data attribute "programhash" is a single line of text. The default value is UNUSED. --witnessprinter.graph.data.architecture Write the value of this option to the witness graph data attribute "architecture" is a single line of text. The default value is UNUSED. --witnessprinter.graph.data.producer Write the value of this option to the witness graph data attribute "Producer" is a single line of text. The default value is UNUSED. --smtparser.smtparser.mode GenericSmtSolver: Apply some SMT solver. MSODSolver: Presume that input uses our MSO logic, apply our MSO Solver. UltimateEliminator: Run UltimateElimintor. UltimateTreeAutomizer: Presume that input contains Horn clauses, run UltimateTreeAutomizer. is a pre-defined value. Valid choices for are "GenericSmtSolver", "MSODSolver", "UltimateEliminator", "UltimateTreeAutomizer". The default value is GenericSmtSolver. --witnessparser.only.consider.loop.invariants When reading correctness witnesses, only consider invariants at nodes that can be entered with a transition that is labeled with enterLoopHead=true This option can either be true or false. The default value is true. [2022-11-15 13:11:08,065 WARN L251 UltimateCore]: Preparing to exit Ultimate with return code -1