scripts/cpa.sh -heap 3000M -noout -disable-java-assertions -predicateAnalysis-PredAbsRefiner-ABEl -setprop cpa.predicate.handlePointerAliasing=false -64 -timelimit 900s -stats -spec test/programs/benchmarks/ldv-linux-3.4-simple/ALL.prp test/programs/benchmarks/ldv-linux-3.4-simple/32_1_cilled_true-unreach-call_ok_nondet_linux-3.4-32_1-drivers--rtc--rtc-mc13xxx.ko-ldv_main0_sequence_infinite_withcheck_stateful.cil.out.c -------------------------------------------------------------------------------- Running CPAchecker with Java heap of size 3000M. Using the following resource limits: CPU-time limit of 900s (ResourceLimitChecker.fromConfiguration, INFO) CPAchecker 1.4-svn (OpenJDK 64-Bit Server VM 1.7.0_65) started (CPAchecker.run, INFO) Handling of pointer aliasing is disabled, analysis is unsound if aliased pointers exist. (PredicateCPA:PathFormulaManagerImpl., WARNING) Using predicate analysis with SMTInterpol 2.1-174-ga199d47-comp and JFactory 1.21. (PredicateCPA:PredicateCPA., INFO) Using refinement for predicate analysis with PredicateAbstractionRefinementStrategy strategy. (PredicateCPA:PredicateCPARefiner., INFO) The following configuration options were specified but are not used: cpa.predicate.memoryAllocationsAlwaysSucceed cpa.predicate.maxPreFilledAllocationSize (CPAchecker.printConfigurationWarnings, WARNING) Starting analysis ... (CPAchecker.runAlgorithm, INFO) Assuming external function ldv_initialize to be a constant function. (PredicateCPA:ExpressionToFormulaVisitor.visit, INFO) Assuming external function platform_driver_probe to be a pure function. (PredicateCPA:ExpressionToFormulaVisitor.visit, INFO) Assuming external function __dynamic_dev_dbg to be a pure function. (PredicateCPA:ExpressionToFormulaVisitor.visit, INFO) Assuming external function rtc_update_irq to be a pure function. (PredicateCPA:ExpressionToFormulaVisitor.visit, INFO) Assuming external function mc13xxx_irq_ack to be a pure function. (PredicateCPA:ExpressionToFormulaVisitor.visit, INFO) Program contains array, or pointer (multiple level of indirection), or field (enable handleFieldAccess and handleFieldAliasing) access; analysis is imprecise in case of aliasing. (PredicateCPA:CtoFormulaConverter.makeVariableUnsafe, WARNING) Assuming external function mc13xxx_irq_mask to be a pure function. (PredicateCPA:ExpressionToFormulaVisitor.visit, INFO) Assuming external function dev_get_drvdata to be a pure function. (PredicateCPA:ExpressionToFormulaVisitor.visit, INFO) Assuming external function mc13xxx_lock to be a pure function. (PredicateCPA:ExpressionToFormulaVisitor.visit, INFO) line 2469: Function pointer mc13xxx_rtc_irq_enable_unlocked::func points to mc13xxx_irq_unmask, but no corresponding call edge was created during preprocessing. Ignoring function pointer call: tmp___0 = (*func)(__cil_tmp14, irq); (FunctionPointerCPA:FunctionPointerTransferRelation.getAbstractSuccessorsForEdge, WARNING) line 2469: Ignoring function call through function pointer *func: tmp___0 = (*func)(__cil_tmp14, irq); (PredicateCPA:ExpressionToFormulaVisitor.visit, WARNING) line 2469: Function pointer mc13xxx_rtc_irq_enable_unlocked::func points to mc13xxx_irq_mask, but no corresponding call edge was created during preprocessing. Ignoring function pointer call: tmp___0 = (*func)(__cil_tmp14, irq); (FunctionPointerCPA:FunctionPointerTransferRelation.getAbstractSuccessorsForEdge, WARNING) Assuming external function mc13xxx_unlock to be a pure function. (PredicateCPA:ExpressionToFormulaVisitor.visit, INFO) Assuming external function mc13xxx_reg_write to be a pure function. (PredicateCPA:ExpressionToFormulaVisitor.visit, INFO) Assuming external function rtc_tm_to_time to be a pure function. (PredicateCPA:ExpressionToFormulaVisitor.visit, INFO) Assuming external function mc13xxx_reg_read to be a pure function. (PredicateCPA:ExpressionToFormulaVisitor.visit, INFO) Assuming external function mc13xxx_irq_status to be a pure function. (PredicateCPA:ExpressionToFormulaVisitor.visit, INFO) Assuming external function rtc_time_to_tm to be a pure function. (PredicateCPA:ExpressionToFormulaVisitor.visit, INFO) Assuming external function mc13xxx_irq_unmask to be a pure function. (PredicateCPA:ExpressionToFormulaVisitor.visit, INFO) Assuming external function platform_driver_unregister to be a pure function. (PredicateCPA:ExpressionToFormulaVisitor.visit, INFO) Stopping analysis ... (CPAchecker.runAlgorithm, INFO) PredicateCPA statistics ----------------------- Number of abstractions: 4 (0% of all post computations) Times abstraction was reused: 0 Because of function entry/exit: 0 (0%) Because of loop head: 4 (100%) Because of join nodes: 0 (0%) Because of threshold: 0 (0%) Times precision was empty: 2 (50%) Times precision was {false}: 0 (0%) Times result was cached: 0 (0%) Times cartesian abs was used: 0 (0%) Times boolean abs was used: 2 (50%) Times result was 'false': 0 (0%) Number of strengthen sat checks: 4 Times result was 'false': 3 (75%) Number of coverage checks: 174 BDD entailment checks: 2 Number of SMT sat checks: 4 trivial: 0 cached: 1 Max ABE block size: 70 Number of predicates discovered: 2 Number of abstraction locations: 0 Max number of predicates per location: 0 Avg number of predicates per location: 0 Total predicates per abstraction: 4 Max number of predicates per abstraction: 2 Avg number of predicates per abstraction: 2.00 Number of irrelevant predicates: 0 (0%) Number of preds handled by boolean abs: 4 (100%) Total number of models for allsat: 2 Max number of models for allsat: 1 Avg number of models for allsat: 1.00 Number of path formula cache hits: 560 (52%) Time for post operator: 0.182s Time for path formula creation: 0.157s Actual computation: 0.152s Time for strengthen operator: 0.035s Time for satisfiability checks: 0.028s Time for prec operator: 0.875s Time for abstraction: 0.875s (Max: 0.602s, Count: 4) Boolean abstraction: 0.155s Solving time: 0.122s (Max: 0.121s) Model enumeration time: 0.027s Time for BDD construction: 0.003s (Max: 0.003s) Time for merge operator: 0.225s Time for coverage check: 0.001s Time for BDD entailment checks: 0.001s Total time for SMT solver (w/o itp): 0.177s Number of BDD nodes: 203 Size of BDD node table: 10007 Size of BDD node cleanup queue: 0 (count: 19, min: 0, max: 0, avg: 0,00) Time for BDD node cleanup: 0.000s Time for BDD garbage collection: 0.000s (in 0 runs) PrecisionBootstrap statistics ----------------------------- Init. function predicates: 0 Init. global predicates: 0 Init. location predicates: 0 AutomatonAnalysis (SVCOMP) statistics ------------------------------------- Number of states: 1 Total time for successor computation: 0.058s Automaton transfers with branching: 0 Automaton transfer successors: 3339 (count: 3339, min: 1, max: 1, avg: 1,00) [1 x 3339] CPA algorithm statistics ------------------------ Number of iterations: 943 Max size of waitlist: 12 Average size of waitlist: 7 Number of computed successors: 1032 Max successors for one state: 2 Number of times merged: 86 Number of times stopped: 88 Number of times breaked: 1 Total time for CPA algorithm: 1.638s (Max: 0.866s) Time for choose from waitlist: 0.006s Time for precision adjustment: 0.911s Time for transfer relation: 0.384s Time for merge operator: 0.238s Time for stop operator: 0.035s Time for adding to reached set: 0.017s Predicate-Abstraction Refiner statistics ---------------------------------------- Avg. length of target path (in blocks): 2 (count: 1, min: 2, max: 2, avg: 2,00) Time for refinement: 0.015s Counterexample analysis: 0.006s (Max: 0.006s, Calls: 1) Refinement sat check: 0.004s Interpolant computation: 0.000s Error path post-processing: 0.000s Path-formulas extraction: 0.000s Building the counterexample trace: 0.006s Extracting precise counterexample: 0.000s Predicate creation: 0.000s Precision update: 0.000s ARG update: 0.000s Length of refined path (in blocks): 0 (count: 0, min: 0, max: 0, avg: 0,00) Number of affected states: 0 (count: 0, min: 0, max: 0, avg: 0,00) Length (states) of path with itp 'true': 0 (count: 0, min: 0, max: 0, avg: 0,00) Length (states) of path with itp non-trivial itp: 0 (count: 0, min: 0, max: 0, avg: 0,00) Length (states) of path with itp 'false': 0 (count: 0, min: 0, max: 0, avg: 0,00) Different non-trivial interpolants along paths: 0 (count: 0, min: 0, max: 0, avg: 0,00) Equal non-trivial interpolants along paths: 0 (count: 0, min: 0, max: 0, avg: 0,00) Different precisions along paths: 0 (count: 0, min: 0, max: 0, avg: 0,00) Equal precisions along paths: 0 (count: 0, min: 0, max: 0, avg: 0,00) Number of refs with location-based cutoff: 0 CEGAR algorithm statistics -------------------------- Number of refinements: 1 Number of successful refinements: 1 Number of failed refinements: 0 Max. size of reached set before ref.: 471 Max. size of reached set after ref.: 1 Avg. size of reached set before ref.: 471.00 Avg. size of reached set after ref.: 1.00 Total time for CEGAR algorithm: 1.667s Time for refinements: 0.018s Average time for refinement: 0.018s Max time for refinement: 0.018s Counterexample-Check Algorithm statistics ----------------------------------------- Number of counterexample checks: 0 CPAchecker general statistics ----------------------------- Number of program locations: 554 Number of functions: 32 Number of loops: 1 Size of reached set: 475 Number of reached locations: 376 (68%) Avg states per location: 1 Max states per location: 21 (at node N1399) Number of reached functions: 16 (50%) Number of partitions: 463 Avg size of partitions: 1 Max size of partitions: 3 (with key [N57 (exit of function mc13xxx_rtc_irq_enable_unlocked in lines 2415-2474), Function mc13xxx_rtc_irq_enable_unlocked called from node N110, stack depth 4 [5cfdcbff], stack [main, mc13xxx_rtc_alarm_irq_enable, mc13xxx_rtc_irq_enable, mc13xxx_rtc_irq_enable_unlocked], ABS4, Init]) Number of target states: 0 Time for analysis setup: 3.054s Time for loading CPAs: 0.549s Time for loading parser: 0.766s Time for CFA construction: 1.682s Time for parsing file(s): 0.738s Time for AST to CFA: 0.465s Time for CFA sanity check: 0.000s Time for post-processing: 0.239s Time for var class.: 0.000s Time for Analysis: 1.668s CPU time for analysis: 1.670s Total time for CPAchecker: 4.723s Total CPU time for CPAchecker: 4.720s Time for Garbage Collector: 0.084s (in 1 runs) Garbage Collector(s) used: PS MarkSweep, PS Scavenge Used heap memory: 132MB ( 126 MiB) max; 61MB ( 58 MiB) avg; 152MB ( 145 MiB) peak Used non-heap memory: 21MB ( 20 MiB) max; 15MB ( 15 MiB) avg; 21MB ( 20 MiB) peak Used in PS Old Gen pool: 0MB ( 0 MiB) max; 0MB ( 0 MiB) avg; 0MB ( 0 MiB) peak Allocated heap memory: 504MB ( 481 MiB) max; 504MB ( 481 MiB) avg Allocated non-heap memory: 24MB ( 23 MiB) max; 24MB ( 23 MiB) avg Total process virtual memory: 4899MB ( 4672 MiB) max; 4899MB ( 4672 MiB) avg Verification result: TRUE. No property violation found by chosen configuration. More details about the verification run can be found in the directory "./output".