scripts/cpa.sh -heap 13000M -noout -disable-java-assertions -setprop cpa.predicate.memoryAllocationsAlwaysSucceed=true -predicateAnalysis-PredAbsRefiner-ABEl -setprop cpa.predicate.handlePointerAliasing=false -timelimit 60s -stats -spec test/programs/benchmarks/ssh/ALL.prp test/programs/benchmarks/ssh/s3_srvr.blast.08_false-unreach-call.i.cil.c -------------------------------------------------------------------------------- Running CPAchecker with Java heap of size 13000M. Running CPAchecker with the following extra VM options: -Djava.io.tmpdir=/tmp/BenchExec_run_d8dleyuk/tmp Using the following resource limits: CPU-time limit of 60s (ResourceLimitChecker.fromConfiguration, INFO) CPAchecker 1.4-svn 18912M (OpenJDK 64-Bit Server VM 1.7.0_91) started (CPAchecker.run, INFO) Handling of pointer aliasing is disabled, analysis is unsound if aliased pointers exist. (PredicateCPA:PathFormulaManagerImpl., WARNING) Using predicate analysis with SMTInterpol 2.1-224-gfd408f2-comp and JFactory 1.21. (PredicateCPA:PredicateCPA., INFO) Using refinement for predicate analysis with PredicateAbstractionRefinementStrategy strategy. (PredicateCPA:PredicateCPARefiner., INFO) The following configuration options were specified but are not used: cpa.predicate.memoryAllocationsAlwaysSucceed (CPAchecker.printConfigurationWarnings, WARNING) Starting analysis ... (CPAchecker.runAlgorithm, INFO) Program contains array, or pointer (multiple level of indirection), or field (enable handleFieldAccess and handleFieldAliasing) access; analysis is imprecise in case of aliasing. (PredicateCPA:CtoFormulaConverter.makeVariableUnsafe, WARNING) Error path found, starting counterexample check with CPACHECKER. (CounterexampleCheckAlgorithm.checkCounterexample, INFO) Using the following resource limits: CPU-time limit of 900s (CounterexampleCheck:ResourceLimitChecker.fromConfiguration, INFO) Handling of pointer aliasing is disabled, analysis is unsound if aliased pointers exist. (CounterexampleCheck:ValueAnalysisCPA:PathFormulaManagerImpl., WARNING) Error path found and confirmed by counterexample check with CPACHECKER. (CounterexampleCheckAlgorithm.checkCounterexample, INFO) Stopping analysis ... (CPAchecker.runAlgorithm, INFO) PredicateCPA statistics ----------------------- Number of abstractions: 34 (0% of all post computations) Times abstraction was reused: 0 Because of function entry/exit: 0 (0%) Because of loop head: 34 (100%) Because of join nodes: 0 (0%) Because of threshold: 0 (0%) Times precision was empty: 1 (3%) Times precision was {false}: 0 (0%) Times result was cached: 0 (0%) Times cartesian abs was used: 0 (0%) Times boolean abs was used: 33 (97%) Times result was 'false': 0 (0%) Number of strengthen sat checks: 34 Times result was 'false': 26 (76%) Number of strengthening with abstraction reuse: 0 Number of coverage checks: 5063 BDD entailment checks: 91 Number of SMT sat checks: 34 trivial: 0 cached: 0 Max ABE block size: 53 Number of predicates discovered: 68 Number of abstraction locations: 2 Max number of predicates per location: 67 Avg number of predicates per location: 34 Total predicates per abstraction: 1216 Max number of predicates per abstraction: 67 Avg number of predicates per abstraction: 36.85 Number of irrelevant predicates: 13 (1%) Number of preds handled by boolean abs: 1203 (99%) Total number of models for allsat: 5939 Max number of models for allsat: 994 Avg number of models for allsat: 179.97 Number of path formula cache hits: 9489 (68%) Time for post operator: 0.565s Time for path formula creation: 0.468s Actual computation: 0.423s Time for strengthen operator: 0.236s Time for satisfiability checks: 0.219s Time for prec operator: 6.965s Time for abstraction: 6.956s (Max: 0.633s, Count: 34) Boolean abstraction: 5.986s Solving time: 0.656s (Max: 0.059s) Model enumeration time: 4.435s Time for BDD construction: 0.714s (Max: 0.197s) Time for merge operator: 0.168s Time for coverage check: 0.011s Time for BDD entailment checks: 0.009s Total time for SMT solver (w/o itp): 5.309s Number of BDD nodes: 539742 Size of BDD node table: 605849 Size of BDD cache: 60589 Size of BDD node cleanup queue: 6171 (count: 6219, min: 0, max: 2115, avg: 0,99) Time for BDD node cleanup: 0.008s Time for BDD garbage collection: 0.000s (in 0 runs) PrecisionBootstrap statistics ----------------------------- Init. function predicates: 0 Init. global predicates: 0 Init. location predicates: 0 AutomatonAnalysis (SVCOMP) statistics ------------------------------------- Number of states: 1 Total time for successor computation: 0.126s Automaton transfers with branching: 0 Automaton transfer successors: 17602 (count: 17602, min: 1, max: 1, avg: 1,00) [1 x 17602] CPA algorithm statistics ------------------------ Number of iterations: 8630 Max size of waitlist: 93 Average size of waitlist: 37 Number of computed successors: 11530 Max successors for one state: 2 Number of times merged: 2486 Number of times stopped: 2486 Number of times breaked: 8 Total time for CPA algorithm: 9.145s (Max: 3.379s) Time for choose from waitlist: 0.032s Time for precision adjustment: 7.045s Time for transfer relation: 1.306s Time for merge operator: 0.329s Time for stop operator: 0.083s Time for adding to reached set: 0.142s Predicate-Abstraction Refiner statistics ---------------------------------------- Avg. length of target path (in blocks): 42 (count: 8, min: 2, max: 11, avg: 5,25) Number of infeasible sliced prefixes: 0 (count: 0, min: 0, max: 0, avg: 0,00) Time for refinement: 3.960s Counterexample analysis: 3.696s (Max: 1.229s, Calls: 8) Refinement sat check: 0.709s Interpolant computation: 0.000s Error path post-processing: 0.141s Path-formulas extraction: 0.000s Building the counterexample trace: 0.000s Extracting precise counterexample: 0.141s Extracting infeasible sliced prefixes: 0.000s Selecting infeasible sliced prefixes: 0.000s Predicate creation: 0.015s Precision update: 0.006s ARG update: 0.076s Length of refined path (in blocks): 29 (count: 6, min: 2, max: 8, avg: 4,83) Number of affected states: 23 (count: 6, min: 1, max: 7, avg: 3,83) Length (states) of path with itp 'true': 0 (count: 6, min: 0, max: 0, avg: 0,00) Length (states) of path with itp non-trivial itp: 23 (count: 6, min: 1, max: 7, avg: 3,83) Length (states) of path with itp 'false': 0 (count: 6, min: 0, max: 0, avg: 0,00) Different non-trivial interpolants along paths: 17 (count: 6, min: 0, max: 6, avg: 2,83) Equal non-trivial interpolants along paths: 0 (count: 6, min: 0, max: 0, avg: 0,00) Different precisions along paths: 0 (count: 0, min: 0, max: 0, avg: 0,00) Equal precisions along paths: 0 (count: 0, min: 0, max: 0, avg: 0,00) Number of refs with location-based cutoff: 0 CEGAR algorithm statistics -------------------------- Number of refinements: 8 Number of successful refinements: 7 Number of failed refinements: 0 Max. size of reached set before ref.: 2913 Max. size of reached set after ref.: 38 Avg. size of reached set before ref.: 1159.25 Avg. size of reached set after ref.: 32.71 Total time for CEGAR algorithm: 13.119s Time for refinements: 3.974s Average time for refinement: 0.496s Max time for refinement: 1.250s Counterexample-Check Algorithm statistics ----------------------------------------- Number of counterexample checks: 1 Number of infeasible paths: 0 (0%) Time for counterexample checks: 0.879s Code Coverage ----------------------------- Function coverage: 0,400 Visited lines: 549 Total lines: 592 Line coverage: 0,927 Visited conditions: 198 Total conditions: 208 Condition coverage: 0,952 CPAchecker general statistics ----------------------------- Number of program locations: 382 Number of CFA edges: 483 Number of relevant variables: 31 Number of functions: 5 Number of loops: 1 Size of reached set: 2913 Number of reached locations: 344 (90%) Avg states per location: 8 Max states per location: 10 (at node N97) Number of reached functions: 2 (40%) Number of partitions: 2904 Avg size of partitions: 1 Max size of partitions: 10 (with key [N97 (before lines 1141-1717), Function ssl3_accept called from node N33, stack depth 2 [41e9d96a], stack [main, ssl3_accept]]) Number of target states: 1 Size of final wait list 88 Time for analysis setup: 1.781s Time for loading CPAs: 0.430s Time for loading parser: 0.492s Time for CFA construction: 0.808s Time for parsing file(s): 0.362s Time for AST to CFA: 0.224s Time for CFA sanity check: 0.000s Time for post-processing: 0.116s Time for var class.: 0.000s Time for Analysis: 13.999s CPU time for analysis: 25.440s Time for analyzing result: 0.003s Total time for CPAchecker: 15.783s Total CPU time for CPAchecker: 28.370s Time for statistics: 0.136s Time for Garbage Collector: 0.269s (in 8 runs) Garbage Collector(s) used: PS MarkSweep, PS Scavenge Used heap memory: 859MB ( 820 MiB) max; 239MB ( 228 MiB) avg; 865MB ( 825 MiB) peak Used non-heap memory: 28MB ( 26 MiB) max; 23MB ( 22 MiB) avg; 28MB ( 26 MiB) peak Used in PS Old Gen pool: 34MB ( 33 MiB) max; 22MB ( 21 MiB) avg; 34MB ( 33 MiB) peak Allocated heap memory: 1266MB ( 1207 MiB) max; 652MB ( 622 MiB) avg Allocated non-heap memory: 28MB ( 27 MiB) max; 25MB ( 24 MiB) avg Total process virtual memory: 15836MB ( 15103 MiB) max; 15772MB ( 15041 MiB) avg Verification result: FALSE. Property violation (__VERIFIER_error(); called in line 1728) found by chosen configuration. More details about the verification run can be found in the directory "./output".