About the Execution of Marcie for QuasiCertifProtocol-PT-02
Execution Summary | |||||
Max Memory Used (MB) |
Time wait (ms) | CPU Usage (ms) | I/O Wait (ms) | Computed Result | Execution Status |
5451.720 | 7763.00 | 7923.00 | 107.80 | TTTFTTTFFTTFTTFT | normal |
Execution Chart
We display below the execution chart for this examination (boot time has been removed).
Trace from the execution
Formatting '/data/fkordon/mcc2023-input.r289-tall-167873941000862.qcow2', fmt=qcow2 size=4294967296 backing_file=/data/fkordon/mcc2023-input.qcow2 cluster_size=65536 lazy_refcounts=off refcount_bits=16
Waiting for the VM to be ready (probing ssh)
..............
=====================================================================
Generated by BenchKit 2-5348
Executing tool marcie
Input is QuasiCertifProtocol-PT-02, examination is ReachabilityCardinality
Time confinement is 3600 seconds
Memory confinement is 16384 MBytes
Number of cores is 1
Run identifier is r289-tall-167873941000862
=====================================================================
--------------------
preparation of the directory to be used:
/home/mcc/execution
total 544K
-rw-r--r-- 1 mcc users 7.0K Feb 26 01:27 CTLCardinality.txt
-rw-r--r-- 1 mcc users 64K Feb 26 01:27 CTLCardinality.xml
-rw-r--r-- 1 mcc users 6.0K Feb 26 01:26 CTLFireability.txt
-rw-r--r-- 1 mcc users 46K Feb 26 01:26 CTLFireability.xml
-rw-r--r-- 1 mcc users 4.2K Jan 29 11:40 GenericPropertiesDefinition.xml
-rw-r--r-- 1 mcc users 6.8K Jan 29 11:40 GenericPropertiesVerdict.xml
-rw-r--r-- 1 mcc users 4.6K Feb 25 16:36 LTLCardinality.txt
-rw-r--r-- 1 mcc users 29K Feb 25 16:36 LTLCardinality.xml
-rw-r--r-- 1 mcc users 2.9K Feb 25 16:37 LTLFireability.txt
-rw-r--r-- 1 mcc users 19K Feb 25 16:37 LTLFireability.xml
-rw-r--r-- 1 mcc users 17K Feb 26 01:29 ReachabilityCardinality.txt
-rw-r--r-- 1 mcc users 149K Feb 26 01:29 ReachabilityCardinality.xml
-rw-r--r-- 1 mcc users 9.8K Feb 26 01:28 ReachabilityFireability.txt
-rw-r--r-- 1 mcc users 72K Feb 26 01:28 ReachabilityFireability.xml
-rw-r--r-- 1 mcc users 1.9K Feb 25 16:37 UpperBounds.txt
-rw-r--r-- 1 mcc users 4.1K Feb 25 16:37 UpperBounds.xml
-rw-r--r-- 1 mcc users 5 Mar 5 18:23 equiv_col
-rw-r--r-- 1 mcc users 3 Mar 5 18:23 instance
-rw-r--r-- 1 mcc users 6 Mar 5 18:23 iscolored
-rw-r--r-- 1 mcc users 55K Mar 5 18:23 model.pnml
--------------------
content from stdout:
=== Data for post analysis generated by BenchKit (invocation template)
The expected result is a vector of booleans
BOOL_VECTOR
here is the order used to build the result vector(from text file)
FORMULA_NAME QuasiCertifProtocol-PT-02-ReachabilityCardinality-00
FORMULA_NAME QuasiCertifProtocol-PT-02-ReachabilityCardinality-01
FORMULA_NAME QuasiCertifProtocol-PT-02-ReachabilityCardinality-02
FORMULA_NAME QuasiCertifProtocol-PT-02-ReachabilityCardinality-03
FORMULA_NAME QuasiCertifProtocol-PT-02-ReachabilityCardinality-04
FORMULA_NAME QuasiCertifProtocol-PT-02-ReachabilityCardinality-05
FORMULA_NAME QuasiCertifProtocol-PT-02-ReachabilityCardinality-06
FORMULA_NAME QuasiCertifProtocol-PT-02-ReachabilityCardinality-07
FORMULA_NAME QuasiCertifProtocol-PT-02-ReachabilityCardinality-08
FORMULA_NAME QuasiCertifProtocol-PT-02-ReachabilityCardinality-09
FORMULA_NAME QuasiCertifProtocol-PT-02-ReachabilityCardinality-10
FORMULA_NAME QuasiCertifProtocol-PT-02-ReachabilityCardinality-11
FORMULA_NAME QuasiCertifProtocol-PT-02-ReachabilityCardinality-12
FORMULA_NAME QuasiCertifProtocol-PT-02-ReachabilityCardinality-13
FORMULA_NAME QuasiCertifProtocol-PT-02-ReachabilityCardinality-14
FORMULA_NAME QuasiCertifProtocol-PT-02-ReachabilityCardinality-15
=== Now, execution of the tool begins
BK_START 1678824818457
bash -c /home/mcc/BenchKit/BenchKit_head.sh 2> STDERR ; echo ; echo -n "BK_STOP " ; date -u +%s%3N
Invoking MCC driver with
BK_TOOL=marcie
BK_EXAMINATION=ReachabilityCardinality
BK_BIN_PATH=/home/mcc/BenchKit/bin/
BK_TIME_CONFINEMENT=3600
BK_INPUT=QuasiCertifProtocol-PT-02
Not applying reductions.
Model is PT
ReachabilityCardinality PT
timeout --kill-after=10s --signal=SIGINT 1m for testing only
Marcie built on Linux at 2019-11-18.
A model checker for Generalized Stochastic Petri nets
authors: Alex Tovchigrechko (IDD package and CTL model checking)
Martin Schwarick (Symbolic numerical analysis and CSL model checking)
Christian Rohr (Simulative and approximative numerical model checking)
marcie@informatik.tu-cottbus.de
called as: /home/mcc/BenchKit/bin//../marcie/bin/marcie --net-file=model.pnml --mcc-file=ReachabilityCardinality.xml --memory=6 --mcc-mode
parse successfull
net created successfully
Net: QuasiCertifProtocol_PT_02
(NrP: 86 NrTr: 56 NrArc: 223)
parse formulas
formulas created successfully
place and transition orderings generation:0m 0.001sec
net check time: 0m 0.000sec
init dd package: 0m 2.952sec
RS generation: 0m 0.019sec
-> reachability set: #nodes 1808 (1.8e+03) #states 1,029 (3)
starting MCC model checker
--------------------------
checking: EF [~ [Astart<=85]]
normalized: E [true U ~ [Astart<=85]]
abstracting: (Astart<=85)
states: 1,029 (3)
-> the formula is FALSE
FORMULA QuasiCertifProtocol-PT-02-ReachabilityCardinality-07 FALSE TECHNIQUES SEQUENTIAL_PROCESSING DECISION_DIAGRAMS UNFOLDING_TO_PT
MC time: 0m 0.001sec
checking: EF [s6_2<=1]
normalized: E [true U s6_2<=1]
abstracting: (s6_2<=1)
states: 1,029 (3)
-> the formula is TRUE
FORMULA QuasiCertifProtocol-PT-02-ReachabilityCardinality-10 TRUE TECHNIQUES SEQUENTIAL_PROCESSING DECISION_DIAGRAMS UNFOLDING_TO_PT
MC time: 0m 0.019sec
checking: EF [1<=SstopOK_1]
normalized: E [true U 1<=SstopOK_1]
abstracting: (1<=SstopOK_1)
states: 192
-> the formula is TRUE
FORMULA QuasiCertifProtocol-PT-02-ReachabilityCardinality-12 TRUE TECHNIQUES SEQUENTIAL_PROCESSING DECISION_DIAGRAMS UNFOLDING_TO_PT
MC time: 0m 0.015sec
checking: AG [~ [[s5_2<=1 | Cstart_0<=1]]]
normalized: ~ [E [true U [s5_2<=1 | Cstart_0<=1]]]
abstracting: (Cstart_0<=1)
states: 1,029 (3)
abstracting: (s5_2<=1)
states: 1,029 (3)
-> the formula is FALSE
FORMULA QuasiCertifProtocol-PT-02-ReachabilityCardinality-08 FALSE TECHNIQUES SEQUENTIAL_PROCESSING DECISION_DIAGRAMS UNFOLDING_TO_PT
MC time: 0m 0.004sec
checking: EF [~ [[n8_1_1<=1 & n9_2_0<=n8_1_1]]]
normalized: E [true U ~ [[n8_1_1<=1 & n9_2_0<=n8_1_1]]]
abstracting: (n9_2_0<=n8_1_1)
states: 912
abstracting: (n8_1_1<=1)
states: 1,029 (3)
-> the formula is TRUE
FORMULA QuasiCertifProtocol-PT-02-ReachabilityCardinality-09 TRUE TECHNIQUES SEQUENTIAL_PROCESSING DECISION_DIAGRAMS UNFOLDING_TO_PT
MC time: 0m 0.010sec
checking: EF [sum(n6_1, n6_2, n6_0)<=malicious_reservoir]
normalized: E [true U sum(n6_1, n6_2, n6_0)<=malicious_reservoir]
abstracting: (sum(n6_1, n6_2, n6_0)<=malicious_reservoir)
states: 411
-> the formula is TRUE
FORMULA QuasiCertifProtocol-PT-02-ReachabilityCardinality-02 TRUE TECHNIQUES SEQUENTIAL_PROCESSING DECISION_DIAGRAMS UNFOLDING_TO_PT
MC time: 0m 0.040sec
checking: EF [[[n5_0<=SstopOK_1 & [[n9_0_0<=n1_0 | n8_0_0<=0] | n5_0<=n3_1]] | ~ [s2_1<=1]]]
normalized: E [true U [~ [s2_1<=1] | [[[n9_0_0<=n1_0 | n8_0_0<=0] | n5_0<=n3_1] & n5_0<=SstopOK_1]]]
abstracting: (n5_0<=SstopOK_1)
states: 957
abstracting: (n5_0<=n3_1)
states: 957
abstracting: (n8_0_0<=0)
states: 807
abstracting: (n9_0_0<=n1_0)
states: 861
abstracting: (s2_1<=1)
states: 1,029 (3)
-> the formula is TRUE
FORMULA QuasiCertifProtocol-PT-02-ReachabilityCardinality-13 TRUE TECHNIQUES SEQUENTIAL_PROCESSING DECISION_DIAGRAMS UNFOLDING_TO_PT
MC time: 0m 0.006sec
checking: EF [~ [sum(n1_1, n1_0, n1_2)<=sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)]]
normalized: E [true U ~ [sum(n1_1, n1_0, n1_2)<=sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)]]
abstracting: (sum(n1_1, n1_0, n1_2)<=sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0))
states: 973
-> the formula is TRUE
FORMULA QuasiCertifProtocol-PT-02-ReachabilityCardinality-00 TRUE TECHNIQUES SEQUENTIAL_PROCESSING DECISION_DIAGRAMS UNFOLDING_TO_PT
MC time: 0m 0.034sec
checking: EF [[~ [[AstopOK<=n8_2_1 & ~ [[[n7_2_2<=0 | [n7_2_0<=n7_0_2 | ~ [n8_2_2<=0]]] & [[[1<=SstopOK_2 & ~ [s6_1<=n9_1_0]] & 1<=n8_0_2] | n6_2<=0]]]]] & ~ [CstopOK_1<=SstopOK_2]]]
normalized: E [true U [~ [CstopOK_1<=SstopOK_2] & ~ [[~ [[[[[~ [s6_1<=n9_1_0] & 1<=SstopOK_2] & 1<=n8_0_2] | n6_2<=0] & [[~ [n8_2_2<=0] | n7_2_0<=n7_0_2] | n7_2_2<=0]]] & AstopOK<=n8_2_1]]]]
abstracting: (AstopOK<=n8_2_1)
states: 860
abstracting: (n7_2_2<=0)
states: 893
abstracting: (n7_2_0<=n7_0_2)
states: 940
abstracting: (n8_2_2<=0)
states: 807
abstracting: (n6_2<=0)
states: 463
abstracting: (1<=n8_0_2)
states: 222
abstracting: (1<=SstopOK_2)
states: 192
abstracting: (s6_1<=n9_1_0)
states: 885
abstracting: (CstopOK_1<=SstopOK_2)
states: 1,029 (3)
-> the formula is FALSE
FORMULA QuasiCertifProtocol-PT-02-ReachabilityCardinality-11 FALSE TECHNIQUES SEQUENTIAL_PROCESSING DECISION_DIAGRAMS UNFOLDING_TO_PT
MC time: 0m 0.005sec
checking: EF [~ [[~ [n9_0_2<=0] & [~ [[s3_0<=CstopOK_2 & SstopAbort<=1]] & [[~ [[n7_0_0<=n1_0 | [n7_1_1<=n7_1_1 & 1<=CstopOK_1]]] & n8_1_2<=n8_2_1] | [[n8_0_1<=n1_2 & ~ [[a1<=1 | 1<=n8_2_0]]] | n8_0_0<=n9_0_2]]]]]]
normalized: E [true U ~ [[[[[[~ [[a1<=1 | 1<=n8_2_0]] & n8_0_1<=n1_2] | n8_0_0<=n9_0_2] | [~ [[[n7_1_1<=n7_1_1 & 1<=CstopOK_1] | n7_0_0<=n1_0]] & n8_1_2<=n8_2_1]] & ~ [[s3_0<=CstopOK_2 & SstopAbort<=1]]] & ~ [n9_0_2<=0]]]]
abstracting: (n9_0_2<=0)
states: 861
abstracting: (SstopAbort<=1)
states: 1,029 (3)
abstracting: (s3_0<=CstopOK_2)
states: 945
abstracting: (n8_1_2<=n8_2_1)
states: 885
abstracting: (n7_0_0<=n1_0)
states: 893
abstracting: (1<=CstopOK_1)
states: 24
abstracting: (n7_1_1<=n7_1_1)
states: 1,029 (3)
abstracting: (n8_0_0<=n9_0_2)
states: 807
abstracting: (n8_0_1<=n1_2)
states: 807
abstracting: (1<=n8_2_0)
states: 222
abstracting: (a1<=1)
states: 1,029 (3)
-> the formula is TRUE
FORMULA QuasiCertifProtocol-PT-02-ReachabilityCardinality-15 TRUE TECHNIQUES SEQUENTIAL_PROCESSING DECISION_DIAGRAMS UNFOLDING_TO_PT
MC time: 0m 0.005sec
checking: AG [[~ [[[79<=sum(s4_1, s4_2, s4_0) | sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0)<=98] | Astart<=sum(s2_1, s2_2, s2_0)]] & [[~ [[~ [[[AstopOK<=sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0) | sum(s2_1, s2_2, s2_0)<=8] & ~ [sum(n4_0, n4_2, n4_1)<=76]]] & ~ [sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)<=Astart]]] | CstopAbort<=13] | AstopAbort<=sum(n4_0, n4_2, n4_1)]]]
normalized: ~ [E [true U ~ [[[[~ [[~ [sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)<=Astart] & ~ [[~ [sum(n4_0, n4_2, n4_1)<=76] & [AstopOK<=sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0) | sum(s2_1, s2_2, s2_0)<=8]]]]] | CstopAbort<=13] | AstopAbort<=sum(n4_0, n4_2, n4_1)] & ~ [[[79<=sum(s4_1, s4_2, s4_0) | sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0)<=98] | Astart<=sum(s2_1, s2_2, s2_0)]]]]]]
abstracting: (Astart<=sum(s2_1, s2_2, s2_0))
states: 1,025 (3)
abstracting: (sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0)<=98)
states: 1,029 (3)
abstracting: (79<=sum(s4_1, s4_2, s4_0))
states: 0
abstracting: (AstopAbort<=sum(n4_0, n4_2, n4_1))
states: 666
abstracting: (CstopAbort<=13)
states: 1,029 (3)
abstracting: (sum(s2_1, s2_2, s2_0)<=8)
states: 1,029 (3)
abstracting: (AstopOK<=sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0))
states: 937
abstracting: (sum(n4_0, n4_2, n4_1)<=76)
states: 1,029 (3)
abstracting: (sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)<=Astart)
states: 666
-> the formula is FALSE
FORMULA QuasiCertifProtocol-PT-02-ReachabilityCardinality-03 FALSE TECHNIQUES SEQUENTIAL_PROCESSING DECISION_DIAGRAMS UNFOLDING_TO_PT
MC time: 0m 0.176sec
checking: AG [[[[[s2_2<=n9_0_2 | [[AstopAbort<=1 & [AstopAbort<=0 | ~ [1<=n5_0]]] | [~ [[~ [s4_2<=malicious_reservoir] | n9_1_2<=n7_1_2]] | [~ [1<=SstopAbort] & n5_0<=0]]]] & [[a5<=n8_2_2 | 1<=s3_2] | [[~ [[~ [1<=n5_1] & ~ [n9_0_2<=n6_2]]] & [[Cstart_0<=0 & [SstopOK_0<=n9_0_2 & CstopOK_0<=1]] | [[n7_0_2<=0 & 1<=n6_1] | s5_2<=0]]] | ~ [[[n7_2_1<=0 | n7_1_2<=n1_2] | [s4_0<=Sstart_2 & 1<=n9_2_1]]]]]] | [[[[[~ [[a5<=0 & s5_0<=1]] & 1<=n7_2_1] | n6_2<=0] | [[c1_1<=s5_0 | ~ [n8_2_2<=n2_0]] | CstopAbort<=s5_2]] & ~ [1<=n6_2]] & [n8_2_2<=n7_2_0 & ~ [[n5_2<=n9_0_0 & s6_2<=0]]]]] & ~ [a5<=SstopAbort]]]
normalized: ~ [E [true U ~ [[[[[[~ [[[s4_0<=Sstart_2 & 1<=n9_2_1] | [n7_2_1<=0 | n7_1_2<=n1_2]]] | [[[[n7_0_2<=0 & 1<=n6_1] | s5_2<=0] | [[SstopOK_0<=n9_0_2 & CstopOK_0<=1] & Cstart_0<=0]] & ~ [[~ [n9_0_2<=n6_2] & ~ [1<=n5_1]]]]] | [a5<=n8_2_2 | 1<=s3_2]] & [[[[~ [1<=SstopAbort] & n5_0<=0] | ~ [[~ [s4_2<=malicious_reservoir] | n9_1_2<=n7_1_2]]] | [[~ [1<=n5_0] | AstopAbort<=0] & AstopAbort<=1]] | s2_2<=n9_0_2]] | [[~ [[n5_2<=n9_0_0 & s6_2<=0]] & n8_2_2<=n7_2_0] & [~ [1<=n6_2] & [[[~ [n8_2_2<=n2_0] | c1_1<=s5_0] | CstopAbort<=s5_2] | [[~ [[a5<=0 & s5_0<=1]] & 1<=n7_2_1] | n6_2<=0]]]]] & ~ [a5<=SstopAbort]]]]]
abstracting: (a5<=SstopAbort)
states: 863
abstracting: (n6_2<=0)
states: 463
abstracting: (1<=n7_2_1)
states: 136
abstracting: (s5_0<=1)
states: 1,029 (3)
abstracting: (a5<=0)
states: 710
abstracting: (CstopAbort<=s5_2)
states: 840
abstracting: (c1_1<=s5_0)
states: 717
abstracting: (n8_2_2<=n2_0)
states: 807
abstracting: (1<=n6_2)
states: 566
abstracting: (n8_2_2<=n7_2_0)
states: 840
abstracting: (s6_2<=0)
states: 885
abstracting: (n5_2<=n9_0_0)
states: 957
abstracting: (s2_2<=n9_0_2)
states: 975
abstracting: (AstopAbort<=1)
states: 1,029 (3)
abstracting: (AstopAbort<=0)
states: 638
abstracting: (1<=n5_0)
states: 72
abstracting: (n9_1_2<=n7_1_2)
states: 861
abstracting: (s4_2<=malicious_reservoir)
states: 985
abstracting: (n5_0<=0)
states: 957
abstracting: (1<=SstopAbort)
states: 513
abstracting: (1<=s3_2)
states: 84
abstracting: (a5<=n8_2_2)
states: 784
abstracting: (1<=n5_1)
states: 72
abstracting: (n9_0_2<=n6_2)
states: 973
abstracting: (Cstart_0<=0)
states: 585
abstracting: (CstopOK_0<=1)
states: 1,029 (3)
abstracting: (SstopOK_0<=n9_0_2)
states: 1,005 (3)
abstracting: (s5_2<=0)
states: 738
abstracting: (1<=n6_1)
states: 566
abstracting: (n7_0_2<=0)
states: 893
abstracting: (n7_1_2<=n1_2)
states: 893
abstracting: (n7_2_1<=0)
states: 893
abstracting: (1<=n9_2_1)
states: 168
abstracting: (s4_0<=Sstart_2)
states: 963
-> the formula is FALSE
FORMULA QuasiCertifProtocol-PT-02-ReachabilityCardinality-14 FALSE TECHNIQUES SEQUENTIAL_PROCESSING DECISION_DIAGRAMS UNFOLDING_TO_PT
MC time: 0m 0.024sec
checking: EF [~ [[~ [[[[AstopAbort<=70 | ~ [a2<=malicious_reservoir]] & [[~ [sum(SstopOK_2, SstopOK_0, SstopOK_1)<=sum(CstopOK_2, CstopOK_1, CstopOK_0)] & [2<=sum(n4_0, n4_2, n4_1) | [sum(s3_2, s3_0, s3_1)<=a1 & sum(CstopOK_2, CstopOK_1, CstopOK_0)<=74]]] & 17<=sum(n1_1, n1_0, n1_2)]] | sum(s2_1, s2_2, s2_0)<=36]] | [[[[SstopAbort<=13 & 47<=a2] | [~ [[[sum(s5_2, s5_1, s5_0)<=19 & 74<=sum(n2_2, n2_1, n2_0)] | [84<=sum(n1_1, n1_0, n1_2) | sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)<=a3]]] | ~ [66<=AstopAbort]]] | sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0)<=sum(n4_0, n4_2, n4_1)] & [[[[AstopAbort<=93 | ~ [SstopAbort<=56]] & [~ [[SstopAbort<=99 & 48<=a3]] | sum(n3_2, n3_1, n3_0)<=42]] & [~ [[sum(s4_1, s4_2, s4_0)<=sum(SstopOK_2, SstopOK_0, SstopOK_1) & AstopAbort<=36]] & sum(n4_0, n4_2, n4_1)<=a5]] & [~ [[sum(s2_1, s2_2, s2_0)<=13 | ~ [AstopAbort<=87]]] & ~ [sum(n5_2, n5_1, n5_0)<=a2]]]]]]]
normalized: E [true U ~ [[[[[[~ [[sum(s4_1, s4_2, s4_0)<=sum(SstopOK_2, SstopOK_0, SstopOK_1) & AstopAbort<=36]] & sum(n4_0, n4_2, n4_1)<=a5] & [[sum(n3_2, n3_1, n3_0)<=42 | ~ [[SstopAbort<=99 & 48<=a3]]] & [~ [SstopAbort<=56] | AstopAbort<=93]]] & [~ [[sum(s2_1, s2_2, s2_0)<=13 | ~ [AstopAbort<=87]]] & ~ [sum(n5_2, n5_1, n5_0)<=a2]]] & [[[~ [[[84<=sum(n1_1, n1_0, n1_2) | sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)<=a3] | [sum(s5_2, s5_1, s5_0)<=19 & 74<=sum(n2_2, n2_1, n2_0)]]] | ~ [66<=AstopAbort]] | [SstopAbort<=13 & 47<=a2]] | sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0)<=sum(n4_0, n4_2, n4_1)]] | ~ [[[[~ [a2<=malicious_reservoir] | AstopAbort<=70] & [17<=sum(n1_1, n1_0, n1_2) & [~ [sum(SstopOK_2, SstopOK_0, SstopOK_1)<=sum(CstopOK_2, CstopOK_1, CstopOK_0)] & [[sum(s3_2, s3_0, s3_1)<=a1 & sum(CstopOK_2, CstopOK_1, CstopOK_0)<=74] | 2<=sum(n4_0, n4_2, n4_1)]]]] | sum(s2_1, s2_2, s2_0)<=36]]]]]
abstracting: (sum(s2_1, s2_2, s2_0)<=36)
states: 1,029 (3)
abstracting: (2<=sum(n4_0, n4_2, n4_1))
states: 32
abstracting: (sum(CstopOK_2, CstopOK_1, CstopOK_0)<=74)
states: 1,029 (3)
abstracting: (sum(s3_2, s3_0, s3_1)<=a1)
states: 843
abstracting: (sum(SstopOK_2, SstopOK_0, SstopOK_1)<=sum(CstopOK_2, CstopOK_1, CstopOK_0))
states: 666
abstracting: (17<=sum(n1_1, n1_0, n1_2))
states: 0
abstracting: (AstopAbort<=70)
states: 1,029 (3)
abstracting: (a2<=malicious_reservoir)
states: 1,026 (3)
abstracting: (sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0)<=sum(n4_0, n4_2, n4_1))
states: 576
abstracting: (47<=a2)
states: 0
abstracting: (SstopAbort<=13)
states: 1,029 (3)
abstracting: (66<=AstopAbort)
states: 0
abstracting: (74<=sum(n2_2, n2_1, n2_0))
states: 0
abstracting: (sum(s5_2, s5_1, s5_0)<=19)
states: 1,029 (3)
abstracting: (sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)<=a3)
states: 666
abstracting: (84<=sum(n1_1, n1_0, n1_2))
states: 0
abstracting: (sum(n5_2, n5_1, n5_0)<=a2)
states: 877
abstracting: (AstopAbort<=87)
states: 1,029 (3)
abstracting: (sum(s2_1, s2_2, s2_0)<=13)
states: 1,029 (3)
abstracting: (AstopAbort<=93)
states: 1,029 (3)
abstracting: (SstopAbort<=56)
states: 1,029 (3)
abstracting: (48<=a3)
states: 0
abstracting: (SstopAbort<=99)
states: 1,029 (3)
abstracting: (sum(n3_2, n3_1, n3_0)<=42)
states: 1,029 (3)
abstracting: (sum(n4_0, n4_2, n4_1)<=a5)
states: 973
abstracting: (AstopAbort<=36)
states: 1,029 (3)
abstracting: (sum(s4_1, s4_2, s4_0)<=sum(SstopOK_2, SstopOK_0, SstopOK_1))
states: 876
-> the formula is TRUE
FORMULA QuasiCertifProtocol-PT-02-ReachabilityCardinality-06 TRUE TECHNIQUES SEQUENTIAL_PROCESSING DECISION_DIAGRAMS UNFOLDING_TO_PT
MC time: 0m 0.378sec
checking: EF [[[~ [[[sum(SstopOK_2, SstopOK_0, SstopOK_1)<=sum(n5_2, n5_1, n5_0) & ~ [sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0)<=malicious_reservoir]] & ~ [[[sum(s3_2, s3_0, s3_1)<=sum(s4_1, s4_2, s4_0) | sum(n2_2, n2_1, n2_0)<=malicious_reservoir] & [57<=sum(c1_2, c1_1, c1_0) & [[AstopAbort<=sum(n2_2, n2_1, n2_0) | 55<=AstopAbort] | sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)<=59]]]]]] | [[[~ [malicious_reservoir<=malicious_reservoir] & [[[[33<=sum(s4_1, s4_2, s4_0) & a2<=26] & ~ [AstopOK<=sum(CstopOK_2, CstopOK_1, CstopOK_0)]] & ~ [[SstopAbort<=sum(n4_0, n4_2, n4_1) | malicious_reservoir<=39]]] | a2<=sum(CstopOK_2, CstopOK_1, CstopOK_0)]] | [38<=a1 | [a1<=SstopAbort | [[[sum(s3_2, s3_0, s3_1)<=99 | 88<=SstopAbort] | [a4<=sum(c1_2, c1_1, c1_0) & sum(s2_1, s2_2, s2_0)<=19]] | [[Astart<=68 | malicious_reservoir<=sum(CstopOK_2, CstopOK_1, CstopOK_0)] & [19<=sum(s4_1, s4_2, s4_0) & sum(n5_2, n5_1, n5_0)<=63]]]]]] | AstopOK<=86]] | 36<=sum(s6_2, s6_1, s6_0)]]
normalized: E [true U [36<=sum(s6_2, s6_1, s6_0) | [[AstopOK<=86 | [[38<=a1 | [a1<=SstopAbort | [[[19<=sum(s4_1, s4_2, s4_0) & sum(n5_2, n5_1, n5_0)<=63] & [Astart<=68 | malicious_reservoir<=sum(CstopOK_2, CstopOK_1, CstopOK_0)]] | [[a4<=sum(c1_2, c1_1, c1_0) & sum(s2_1, s2_2, s2_0)<=19] | [sum(s3_2, s3_0, s3_1)<=99 | 88<=SstopAbort]]]]] | [[a2<=sum(CstopOK_2, CstopOK_1, CstopOK_0) | [~ [[SstopAbort<=sum(n4_0, n4_2, n4_1) | malicious_reservoir<=39]] & [~ [AstopOK<=sum(CstopOK_2, CstopOK_1, CstopOK_0)] & [33<=sum(s4_1, s4_2, s4_0) & a2<=26]]]] & ~ [malicious_reservoir<=malicious_reservoir]]]] | ~ [[~ [[[57<=sum(c1_2, c1_1, c1_0) & [sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)<=59 | [AstopAbort<=sum(n2_2, n2_1, n2_0) | 55<=AstopAbort]]] & [sum(s3_2, s3_0, s3_1)<=sum(s4_1, s4_2, s4_0) | sum(n2_2, n2_1, n2_0)<=malicious_reservoir]]] & [sum(SstopOK_2, SstopOK_0, SstopOK_1)<=sum(n5_2, n5_1, n5_0) & ~ [sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0)<=malicious_reservoir]]]]]]]
abstracting: (sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0)<=malicious_reservoir)
states: 750
abstracting: (sum(SstopOK_2, SstopOK_0, SstopOK_1)<=sum(n5_2, n5_1, n5_0))
states: 663
abstracting: (sum(n2_2, n2_1, n2_0)<=malicious_reservoir)
states: 979
abstracting: (sum(s3_2, s3_0, s3_1)<=sum(s4_1, s4_2, s4_0))
states: 897
abstracting: (55<=AstopAbort)
states: 0
abstracting: (AstopAbort<=sum(n2_2, n2_1, n2_0))
states: 666
abstracting: (sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)<=59)
states: 1,029 (3)
abstracting: (57<=sum(c1_2, c1_1, c1_0))
states: 0
abstracting: (malicious_reservoir<=malicious_reservoir)
states: 1,029 (3)
abstracting: (a2<=26)
states: 1,029 (3)
abstracting: (33<=sum(s4_1, s4_2, s4_0))
states: 0
abstracting: (AstopOK<=sum(CstopOK_2, CstopOK_1, CstopOK_0))
states: 802
abstracting: (malicious_reservoir<=39)
states: 1,029 (3)
abstracting: (SstopAbort<=sum(n4_0, n4_2, n4_1))
states: 558
abstracting: (a2<=sum(CstopOK_2, CstopOK_1, CstopOK_0))
states: 1,025 (3)
abstracting: (88<=SstopAbort)
states: 0
abstracting: (sum(s3_2, s3_0, s3_1)<=99)
states: 1,029 (3)
abstracting: (sum(s2_1, s2_2, s2_0)<=19)
states: 1,029 (3)
abstracting: (a4<=sum(c1_2, c1_1, c1_0))
states: 1,025 (3)
abstracting: (malicious_reservoir<=sum(CstopOK_2, CstopOK_1, CstopOK_0))
states: 831
abstracting: (Astart<=68)
states: 1,029 (3)
abstracting: (sum(n5_2, n5_1, n5_0)<=63)
states: 1,029 (3)
abstracting: (19<=sum(s4_1, s4_2, s4_0))
states: 0
abstracting: (a1<=SstopAbort)
states: 1,021 (3)
abstracting: (38<=a1)
states: 0
abstracting: (AstopOK<=86)
states: 1,029 (3)
abstracting: (36<=sum(s6_2, s6_1, s6_0))
states: 0
-> the formula is TRUE
FORMULA QuasiCertifProtocol-PT-02-ReachabilityCardinality-01 TRUE TECHNIQUES SEQUENTIAL_PROCESSING DECISION_DIAGRAMS UNFOLDING_TO_PT
MC time: 0m 0.409sec
checking: AG [[[sum(n6_1, n6_2, n6_0)<=79 & [[[[[[~ [sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0)<=sum(n5_2, n5_1, n5_0)] | [45<=sum(n2_2, n2_1, n2_0) | sum(s4_1, s4_2, s4_0)<=79]] & sum(n4_0, n4_2, n4_1)<=95] | a5<=AstopOK] | [[~ [[sum(s5_2, s5_1, s5_0)<=AstopOK & Astart<=38]] | 13<=sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)] | [7<=AstopOK & [[89<=SstopAbort | sum(s3_2, s3_0, s3_1)<=90] | a3<=sum(n5_2, n5_1, n5_0)]]]] | sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)<=36] | ~ [[[[sum(s4_1, s4_2, s4_0)<=AstopOK & a2<=a3] | [sum(n5_2, n5_1, n5_0)<=57 & [10<=sum(n1_1, n1_0, n1_2) & [sum(s2_1, s2_2, s2_0)<=sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0) | sum(n2_2, n2_1, n2_0)<=92]]]] & [[[78<=sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0) & ~ [SstopAbort<=53]] | 71<=sum(n2_2, n2_1, n2_0)] & [62<=SstopAbort & [[99<=sum(n5_2, n5_1, n5_0) & 68<=sum(CstopOK_2, CstopOK_1, CstopOK_0)] & a2<=21]]]]]]] | [sum(n3_2, n3_1, n3_0)<=sum(Cstart_2, Cstart_0, Cstart_1) | [[[sum(n5_2, n5_1, n5_0)<=a5 & [sum(s4_1, s4_2, s4_0)<=62 | [sum(s2_1, s2_2, s2_0)<=malicious_reservoir & [~ [sum(n5_2, n5_1, n5_0)<=sum(n1_1, n1_0, n1_2)] & [a5<=80 & a1<=sum(n1_1, n1_0, n1_2)]]]]] | ~ [[~ [sum(s2_1, s2_2, s2_0)<=sum(Cstart_2, Cstart_0, Cstart_1)] & [sum(Sstart_2, Sstart_0, Sstart_1)<=sum(n2_2, n2_1, n2_0) | [[sum(s4_1, s4_2, s4_0)<=15 & sum(Cstart_2, Cstart_0, Cstart_1)<=72] | [sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)<=sum(s4_1, s4_2, s4_0) & a4<=a2]]]]]] | [[sum(Cstart_2, Cstart_0, Cstart_1)<=a1 & ~ [[[[53<=a1 & 15<=sum(CstopOK_2, CstopOK_1, CstopOK_0)] & [71<=sum(n3_2, n3_1, n3_0) | sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0)<=85]] | [~ [Astart<=16] & [sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0)<=54 & 30<=sum(SstopOK_2, SstopOK_0, SstopOK_1)]]]]] & ~ [80<=sum(Cstart_2, Cstart_0, Cstart_1)]]]]]]
normalized: ~ [E [true U ~ [[[sum(n3_2, n3_1, n3_0)<=sum(Cstart_2, Cstart_0, Cstart_1) | [[~ [80<=sum(Cstart_2, Cstart_0, Cstart_1)] & [sum(Cstart_2, Cstart_0, Cstart_1)<=a1 & ~ [[[[sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0)<=54 & 30<=sum(SstopOK_2, SstopOK_0, SstopOK_1)] & ~ [Astart<=16]] | [[71<=sum(n3_2, n3_1, n3_0) | sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0)<=85] & [53<=a1 & 15<=sum(CstopOK_2, CstopOK_1, CstopOK_0)]]]]]] | [~ [[[sum(Sstart_2, Sstart_0, Sstart_1)<=sum(n2_2, n2_1, n2_0) | [[sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)<=sum(s4_1, s4_2, s4_0) & a4<=a2] | [sum(s4_1, s4_2, s4_0)<=15 & sum(Cstart_2, Cstart_0, Cstart_1)<=72]]] & ~ [sum(s2_1, s2_2, s2_0)<=sum(Cstart_2, Cstart_0, Cstart_1)]]] | [sum(n5_2, n5_1, n5_0)<=a5 & [sum(s4_1, s4_2, s4_0)<=62 | [sum(s2_1, s2_2, s2_0)<=malicious_reservoir & [[a5<=80 & a1<=sum(n1_1, n1_0, n1_2)] & ~ [sum(n5_2, n5_1, n5_0)<=sum(n1_1, n1_0, n1_2)]]]]]]]] | [sum(n6_1, n6_2, n6_0)<=79 & [~ [[[[62<=SstopAbort & [a2<=21 & [99<=sum(n5_2, n5_1, n5_0) & 68<=sum(CstopOK_2, CstopOK_1, CstopOK_0)]]] & [71<=sum(n2_2, n2_1, n2_0) | [78<=sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0) & ~ [SstopAbort<=53]]]] & [[sum(n5_2, n5_1, n5_0)<=57 & [10<=sum(n1_1, n1_0, n1_2) & [sum(s2_1, s2_2, s2_0)<=sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0) | sum(n2_2, n2_1, n2_0)<=92]]] | [sum(s4_1, s4_2, s4_0)<=AstopOK & a2<=a3]]]] | [sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)<=36 | [[[7<=AstopOK & [a3<=sum(n5_2, n5_1, n5_0) | [89<=SstopAbort | sum(s3_2, s3_0, s3_1)<=90]]] | [13<=sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0) | ~ [[sum(s5_2, s5_1, s5_0)<=AstopOK & Astart<=38]]]] | [a5<=AstopOK | [sum(n4_0, n4_2, n4_1)<=95 & [[45<=sum(n2_2, n2_1, n2_0) | sum(s4_1, s4_2, s4_0)<=79] | ~ [sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0)<=sum(n5_2, n5_1, n5_0)]]]]]]]]]]]]
abstracting: (sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0)<=sum(n5_2, n5_1, n5_0))
states: 750
abstracting: (sum(s4_1, s4_2, s4_0)<=79)
states: 1,029 (3)
abstracting: (45<=sum(n2_2, n2_1, n2_0))
states: 0
abstracting: (sum(n4_0, n4_2, n4_1)<=95)
states: 1,029 (3)
abstracting: (a5<=AstopOK)
states: 710
abstracting: (Astart<=38)
states: 1,029 (3)
abstracting: (sum(s5_2, s5_1, s5_0)<=AstopOK)
states: 546
abstracting: (13<=sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0))
states: 0
abstracting: (sum(s3_2, s3_0, s3_1)<=90)
states: 1,029 (3)
abstracting: (89<=SstopAbort)
states: 0
abstracting: (a3<=sum(n5_2, n5_1, n5_0))
states: 997
abstracting: (7<=AstopOK)
states: 0
abstracting: (sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)<=36)
states: 1,029 (3)
abstracting: (a2<=a3)
states: 1,025 (3)
abstracting: (sum(s4_1, s4_2, s4_0)<=AstopOK)
states: 891
abstracting: (sum(n2_2, n2_1, n2_0)<=92)
states: 1,029 (3)
abstracting: (sum(s2_1, s2_2, s2_0)<=sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0))
states: 921
abstracting: (10<=sum(n1_1, n1_0, n1_2))
states: 0
abstracting: (sum(n5_2, n5_1, n5_0)<=57)
states: 1,029 (3)
abstracting: (SstopAbort<=53)
states: 1,029 (3)
abstracting: (78<=sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0))
states: 0
abstracting: (71<=sum(n2_2, n2_1, n2_0))
states: 0
abstracting: (68<=sum(CstopOK_2, CstopOK_1, CstopOK_0))
states: 0
abstracting: (99<=sum(n5_2, n5_1, n5_0))
states: 0
abstracting: (a2<=21)
states: 1,029 (3)
abstracting: (62<=SstopAbort)
states: 0
abstracting: (sum(n6_1, n6_2, n6_0)<=79)
states: 1,029 (3)
abstracting: (sum(n5_2, n5_1, n5_0)<=sum(n1_1, n1_0, n1_2))
states: 877
abstracting: (a1<=sum(n1_1, n1_0, n1_2))
states: 1,025 (3)
abstracting: (a5<=80)
states: 1,029 (3)
abstracting: (sum(s2_1, s2_2, s2_0)<=malicious_reservoir)
states: 933
abstracting: (sum(s4_1, s4_2, s4_0)<=62)
states: 1,029 (3)
abstracting: (sum(n5_2, n5_1, n5_0)<=a5)
states: 925
abstracting: (sum(s2_1, s2_2, s2_0)<=sum(Cstart_2, Cstart_0, Cstart_1))
states: 1,029 (3)
abstracting: (sum(Cstart_2, Cstart_0, Cstart_1)<=72)
states: 1,029 (3)
abstracting: (sum(s4_1, s4_2, s4_0)<=15)
states: 1,029 (3)
abstracting: (a4<=a2)
states: 1,025 (3)
abstracting: (sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)<=sum(s4_1, s4_2, s4_0))
states: 666
abstracting: (sum(Sstart_2, Sstart_0, Sstart_1)<=sum(n2_2, n2_1, n2_0))
states: 1,005 (3)
abstracting: (15<=sum(CstopOK_2, CstopOK_1, CstopOK_0))
states: 0
abstracting: (53<=a1)
states: 0
abstracting: (sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0)<=85)
states: 1,029 (3)
abstracting: (71<=sum(n3_2, n3_1, n3_0))
states: 0
abstracting: (Astart<=16)
states: 1,029 (3)
abstracting: (30<=sum(SstopOK_2, SstopOK_0, SstopOK_1))
states: 0
abstracting: (sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0)<=54)
states: 1,029 (3)
abstracting: (sum(Cstart_2, Cstart_0, Cstart_1)<=a1)
states: 534
abstracting: (80<=sum(Cstart_2, Cstart_0, Cstart_1))
states: 0
abstracting: (sum(n3_2, n3_1, n3_0)<=sum(Cstart_2, Cstart_0, Cstart_1))
states: 1,029 (3)
-> the formula is TRUE
FORMULA QuasiCertifProtocol-PT-02-ReachabilityCardinality-04 TRUE TECHNIQUES SEQUENTIAL_PROCESSING DECISION_DIAGRAMS UNFOLDING_TO_PT
MC time: 0m 0.872sec
checking: EF [~ [[[[[94<=sum(n4_0, n4_2, n4_1) & [68<=sum(c1_2, c1_1, c1_0) | [~ [sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0)<=sum(Sstart_2, Sstart_0, Sstart_1)] | 73<=sum(n3_2, n3_1, n3_0)]]] & [[22<=sum(n2_2, n2_1, n2_0) | ~ [[~ [sum(n2_2, n2_1, n2_0)<=sum(n6_1, n6_2, n6_0)] & [a2<=CstopAbort | sum(s3_2, s3_0, s3_1)<=SstopAbort]]]] & [sum(n6_1, n6_2, n6_0)<=sum(s4_1, s4_2, s4_0) | [sum(CstopOK_2, CstopOK_1, CstopOK_0)<=a3 & 24<=sum(n2_2, n2_1, n2_0)]]]] & [[[[[~ [malicious_reservoir<=61] | ~ [48<=sum(s2_1, s2_2, s2_0)]] | [[70<=sum(Cstart_2, Cstart_0, Cstart_1) | malicious_reservoir<=sum(Sstart_2, Sstart_0, Sstart_1)] | ~ [sum(n1_1, n1_0, n1_2)<=sum(n5_2, n5_1, n5_0)]]] | [[[sum(n3_2, n3_1, n3_0)<=98 & 90<=sum(s4_1, s4_2, s4_0)] | [6<=sum(n4_0, n4_2, n4_1) | sum(n2_2, n2_1, n2_0)<=40]] & [[SstopAbort<=sum(s5_2, s5_1, s5_0) & sum(s3_2, s3_0, s3_1)<=73] | ~ [86<=sum(s2_1, s2_2, s2_0)]]]] & [89<=a4 & [sum(s5_2, s5_1, s5_0)<=malicious_reservoir | [sum(n6_1, n6_2, n6_0)<=90 | [42<=sum(n5_2, n5_1, n5_0) | 25<=sum(s5_2, s5_1, s5_0)]]]]] & ~ [[94<=sum(s6_2, s6_1, s6_0) | [[[sum(n5_2, n5_1, n5_0)<=sum(s4_1, s4_2, s4_0) & sum(n6_1, n6_2, n6_0)<=26] | [sum(n4_0, n4_2, n4_1)<=47 & a5<=30]] & [[97<=sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0) & a5<=CstopAbort] | ~ [AstopOK<=74]]]]]]] & [[~ [[[[~ [sum(n5_2, n5_1, n5_0)<=sum(CstopOK_2, CstopOK_1, CstopOK_0)] | [81<=sum(n5_2, n5_1, n5_0) | 4<=sum(n4_0, n4_2, n4_1)]] | malicious_reservoir<=12] | [[sum(s6_2, s6_1, s6_0)<=17 | sum(SstopOK_2, SstopOK_0, SstopOK_1)<=CstopAbort] | [[sum(n1_1, n1_0, n1_2)<=70 | CstopAbort<=sum(SstopOK_2, SstopOK_0, SstopOK_1)] | 30<=sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)]]]] | [[[[[a2<=28 & CstopAbort<=sum(s2_1, s2_2, s2_0)] | ~ [sum(Cstart_2, Cstart_0, Cstart_1)<=32]] | ~ [sum(Cstart_2, Cstart_0, Cstart_1)<=33]] & [~ [31<=sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0)] | [[sum(n1_1, n1_0, n1_2)<=sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0) & sum(s2_1, s2_2, s2_0)<=84] & a1<=sum(s6_2, s6_1, s6_0)]]] & ~ [[~ [sum(s3_2, s3_0, s3_1)<=21] & [~ [29<=a5] & 83<=sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)]]]]] & [sum(n6_1, n6_2, n6_0)<=20 | [malicious_reservoir<=sum(CstopOK_2, CstopOK_1, CstopOK_0) | 90<=sum(CstopOK_2, CstopOK_1, CstopOK_0)]]]]]]
normalized: E [true U ~ [[[[sum(n6_1, n6_2, n6_0)<=20 | [malicious_reservoir<=sum(CstopOK_2, CstopOK_1, CstopOK_0) | 90<=sum(CstopOK_2, CstopOK_1, CstopOK_0)]] & [[~ [[[83<=sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0) & ~ [29<=a5]] & ~ [sum(s3_2, s3_0, s3_1)<=21]]] & [[[a1<=sum(s6_2, s6_1, s6_0) & [sum(n1_1, n1_0, n1_2)<=sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0) & sum(s2_1, s2_2, s2_0)<=84]] | ~ [31<=sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0)]] & [~ [sum(Cstart_2, Cstart_0, Cstart_1)<=33] | [~ [sum(Cstart_2, Cstart_0, Cstart_1)<=32] | [a2<=28 & CstopAbort<=sum(s2_1, s2_2, s2_0)]]]]] | ~ [[[[30<=sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0) | [sum(n1_1, n1_0, n1_2)<=70 | CstopAbort<=sum(SstopOK_2, SstopOK_0, SstopOK_1)]] | [sum(s6_2, s6_1, s6_0)<=17 | sum(SstopOK_2, SstopOK_0, SstopOK_1)<=CstopAbort]] | [malicious_reservoir<=12 | [[81<=sum(n5_2, n5_1, n5_0) | 4<=sum(n4_0, n4_2, n4_1)] | ~ [sum(n5_2, n5_1, n5_0)<=sum(CstopOK_2, CstopOK_1, CstopOK_0)]]]]]]] & [[~ [[94<=sum(s6_2, s6_1, s6_0) | [[~ [AstopOK<=74] | [97<=sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0) & a5<=CstopAbort]] & [[sum(n4_0, n4_2, n4_1)<=47 & a5<=30] | [sum(n5_2, n5_1, n5_0)<=sum(s4_1, s4_2, s4_0) & sum(n6_1, n6_2, n6_0)<=26]]]]] & [[89<=a4 & [sum(s5_2, s5_1, s5_0)<=malicious_reservoir | [sum(n6_1, n6_2, n6_0)<=90 | [42<=sum(n5_2, n5_1, n5_0) | 25<=sum(s5_2, s5_1, s5_0)]]]] & [[[~ [86<=sum(s2_1, s2_2, s2_0)] | [SstopAbort<=sum(s5_2, s5_1, s5_0) & sum(s3_2, s3_0, s3_1)<=73]] & [[6<=sum(n4_0, n4_2, n4_1) | sum(n2_2, n2_1, n2_0)<=40] | [sum(n3_2, n3_1, n3_0)<=98 & 90<=sum(s4_1, s4_2, s4_0)]]] | [[~ [sum(n1_1, n1_0, n1_2)<=sum(n5_2, n5_1, n5_0)] | [70<=sum(Cstart_2, Cstart_0, Cstart_1) | malicious_reservoir<=sum(Sstart_2, Sstart_0, Sstart_1)]] | [~ [48<=sum(s2_1, s2_2, s2_0)] | ~ [malicious_reservoir<=61]]]]]] & [[[sum(n6_1, n6_2, n6_0)<=sum(s4_1, s4_2, s4_0) | [sum(CstopOK_2, CstopOK_1, CstopOK_0)<=a3 & 24<=sum(n2_2, n2_1, n2_0)]] & [22<=sum(n2_2, n2_1, n2_0) | ~ [[[a2<=CstopAbort | sum(s3_2, s3_0, s3_1)<=SstopAbort] & ~ [sum(n2_2, n2_1, n2_0)<=sum(n6_1, n6_2, n6_0)]]]]] & [94<=sum(n4_0, n4_2, n4_1) & [68<=sum(c1_2, c1_1, c1_0) | [73<=sum(n3_2, n3_1, n3_0) | ~ [sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0)<=sum(Sstart_2, Sstart_0, Sstart_1)]]]]]]]]]
abstracting: (sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0)<=sum(Sstart_2, Sstart_0, Sstart_1))
states: 750
abstracting: (73<=sum(n3_2, n3_1, n3_0))
states: 0
abstracting: (68<=sum(c1_2, c1_1, c1_0))
states: 0
abstracting: (94<=sum(n4_0, n4_2, n4_1))
states: 0
abstracting: (sum(n2_2, n2_1, n2_0)<=sum(n6_1, n6_2, n6_0))
states: 973
abstracting: (sum(s3_2, s3_0, s3_1)<=SstopAbort)
states: 939
abstracting: (a2<=CstopAbort)
states: 1,025 (3)
abstracting: (22<=sum(n2_2, n2_1, n2_0))
states: 0
abstracting: (24<=sum(n2_2, n2_1, n2_0))
states: 0
abstracting: (sum(CstopOK_2, CstopOK_1, CstopOK_0)<=a3)
states: 981
abstracting: (sum(n6_1, n6_2, n6_0)<=sum(s4_1, s4_2, s4_0))
states: 431
abstracting: (malicious_reservoir<=61)
states: 1,029 (3)
abstracting: (48<=sum(s2_1, s2_2, s2_0))
states: 0
abstracting: (malicious_reservoir<=sum(Sstart_2, Sstart_0, Sstart_1))
states: 825
abstracting: (70<=sum(Cstart_2, Cstart_0, Cstart_1))
states: 0
abstracting: (sum(n1_1, n1_0, n1_2)<=sum(n5_2, n5_1, n5_0))
states: 973
abstracting: (90<=sum(s4_1, s4_2, s4_0))
states: 0
abstracting: (sum(n3_2, n3_1, n3_0)<=98)
states: 1,029 (3)
abstracting: (sum(n2_2, n2_1, n2_0)<=40)
states: 1,029 (3)
abstracting: (6<=sum(n4_0, n4_2, n4_1))
states: 0
abstracting: (sum(s3_2, s3_0, s3_1)<=73)
states: 1,029 (3)
abstracting: (SstopAbort<=sum(s5_2, s5_1, s5_0))
states: 768
abstracting: (86<=sum(s2_1, s2_2, s2_0))
states: 0
abstracting: (25<=sum(s5_2, s5_1, s5_0))
states: 0
abstracting: (42<=sum(n5_2, n5_1, n5_0))
states: 0
abstracting: (sum(n6_1, n6_2, n6_0)<=90)
states: 1,029 (3)
abstracting: (sum(s5_2, s5_1, s5_0)<=malicious_reservoir)
states: 522
abstracting: (89<=a4)
states: 0
abstracting: (sum(n6_1, n6_2, n6_0)<=26)
states: 1,029 (3)
abstracting: (sum(n5_2, n5_1, n5_0)<=sum(s4_1, s4_2, s4_0))
states: 937
abstracting: (a5<=30)
states: 1,029 (3)
abstracting: (sum(n4_0, n4_2, n4_1)<=47)
states: 1,029 (3)
abstracting: (a5<=CstopAbort)
states: 809
abstracting: (97<=sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0))
states: 0
abstracting: (AstopOK<=74)
states: 1,029 (3)
abstracting: (94<=sum(s6_2, s6_1, s6_0))
states: 0
abstracting: (sum(n5_2, n5_1, n5_0)<=sum(CstopOK_2, CstopOK_1, CstopOK_0))
states: 877
abstracting: (4<=sum(n4_0, n4_2, n4_1))
states: 0
abstracting: (81<=sum(n5_2, n5_1, n5_0))
states: 0
abstracting: (malicious_reservoir<=12)
states: 1,029 (3)
abstracting: (sum(SstopOK_2, SstopOK_0, SstopOK_1)<=CstopAbort)
states: 771
abstracting: (sum(s6_2, s6_1, s6_0)<=17)
states: 1,029 (3)
abstracting: (CstopAbort<=sum(SstopOK_2, SstopOK_0, SstopOK_1))
states: 930
abstracting: (sum(n1_1, n1_0, n1_2)<=70)
states: 1,029 (3)
abstracting: (30<=sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0))
states: 0
abstracting: (CstopAbort<=sum(s2_1, s2_2, s2_0))
states: 732
abstracting: (a2<=28)
states: 1,029 (3)
abstracting: (sum(Cstart_2, Cstart_0, Cstart_1)<=32)
states: 1,029 (3)
abstracting: (sum(Cstart_2, Cstart_0, Cstart_1)<=33)
states: 1,029 (3)
abstracting: (31<=sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0))
states: 0
abstracting: (sum(s2_1, s2_2, s2_0)<=84)
states: 1,029 (3)
abstracting: (sum(n1_1, n1_0, n1_2)<=sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0))
states: 973
abstracting: (a1<=sum(s6_2, s6_1, s6_0))
states: 997
abstracting: (sum(s3_2, s3_0, s3_1)<=21)
states: 1,029 (3)
abstracting: (29<=a5)
states: 0
abstracting: (83<=sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0))
states: 0
abstracting: (90<=sum(CstopOK_2, CstopOK_1, CstopOK_0))
states: 0
abstracting: (malicious_reservoir<=sum(CstopOK_2, CstopOK_1, CstopOK_0))
states: 831
abstracting: (sum(n6_1, n6_2, n6_0)<=20)
states: 1,029 (3)
-> the formula is TRUE
FORMULA QuasiCertifProtocol-PT-02-ReachabilityCardinality-05 TRUE TECHNIQUES SEQUENTIAL_PROCESSING DECISION_DIAGRAMS UNFOLDING_TO_PT
MC time: 0m 1.091sec
totally nodes used: 75866 (7.6e+04)
number of garbage collections: 0
fire ops cache: hits/miss/sum: 31860 234239 266099
used/not used/entry size/cache size: 276778 66832086 16 1024MB
basic ops cache: hits/miss/sum: 34035 252614 286649
used/not used/entry size/cache size: 333080 16444136 12 192MB
unary ops cache: hits/miss/sum: 0 0 0
used/not used/entry size/cache size: 0 16777216 8 128MB
abstract ops cache: hits/miss/sum: 0 40094 40094
used/not used/entry size/cache size: 1 16777215 12 192MB
state nr cache: hits/miss/sum: 3932 16373 20305
used/not used/entry size/cache size: 16368 8372240 32 256MB
max state cache: hits/miss/sum: 0 0 0
used/not used/entry size/cache size: 0 8388608 32 256MB
uniqueHash elements/entry size/size: 67108864 4 256MB
0 67034449
1 73010
2 1375
3 22
4 3
5 2
6 3
7 0
8 0
9 0
>= 10 0
Total processing time: 0m 7.703sec
BK_STOP 1678824826220
--------------------
content from stderr:
check for maximal unmarked siphon
ok
check for constant places
ok
check if there are places and transitions
ok
check if there are transitions without pre-places
ok
check if at least one transition is enabled in m0
ok
check if there are transitions that can never fire
ok
initing FirstDep: 0m 0.000sec
iterations count:899 (16), effective:56 (1)
initing FirstDep: 0m 0.000sec
iterations count:56 (1), effective:0 (0)
iterations count:181 (3), effective:22 (0)
iterations count:56 (1), effective:0 (0)
iterations count:195 (3), effective:23 (0)
iterations count:83 (1), effective:4 (0)
iterations count:61 (1), effective:1 (0)
iterations count:57 (1), effective:1 (0)
iterations count:56 (1), effective:0 (0)
iterations count:56 (1), effective:0 (0)
iterations count:62 (1), effective:1 (0)
iterations count:56 (1), effective:0 (0)
iterations count:56 (1), effective:0 (0)
iterations count:56 (1), effective:0 (0)
Sequence of Actions to be Executed by the VM
This is useful if one wants to reexecute the tool in the VM from the submitted image disk.
set -x
# this is for BenchKit: configuration of major elements for the test
export BK_INPUT="QuasiCertifProtocol-PT-02"
export BK_EXAMINATION="ReachabilityCardinality"
export BK_TOOL="marcie"
export BK_RESULT_DIR="/tmp/BK_RESULTS/OUTPUTS"
export BK_TIME_CONFINEMENT="3600"
export BK_MEMORY_CONFINEMENT="16384"
export BK_BIN_PATH="/home/mcc/BenchKit/bin/"
# this is specific to your benchmark or test
export BIN_DIR="$HOME/BenchKit/bin"
# remove the execution directoty if it exists (to avoid increse of .vmdk images)
if [ -d execution ] ; then
rm -rf execution
fi
# this is for BenchKit: explicit launching of the test
echo "====================================================================="
echo " Generated by BenchKit 2-5348"
echo " Executing tool marcie"
echo " Input is QuasiCertifProtocol-PT-02, examination is ReachabilityCardinality"
echo " Time confinement is $BK_TIME_CONFINEMENT seconds"
echo " Memory confinement is 16384 MBytes"
echo " Number of cores is 1"
echo " Run identifier is r289-tall-167873941000862"
echo "====================================================================="
echo
echo "--------------------"
echo "preparation of the directory to be used:"
tar xzf /home/mcc/BenchKit/INPUTS/QuasiCertifProtocol-PT-02.tgz
mv QuasiCertifProtocol-PT-02 execution
cd execution
if [ "ReachabilityCardinality" = "ReachabilityDeadlock" ] || [ "ReachabilityCardinality" = "UpperBounds" ] || [ "ReachabilityCardinality" = "QuasiLiveness" ] || [ "ReachabilityCardinality" = "StableMarking" ] || [ "ReachabilityCardinality" = "Liveness" ] || [ "ReachabilityCardinality" = "OneSafe" ] || [ "ReachabilityCardinality" = "StateSpace" ]; then
rm -f GenericPropertiesVerdict.xml
fi
pwd
ls -lh
echo
echo "--------------------"
echo "content from stdout:"
echo
echo "=== Data for post analysis generated by BenchKit (invocation template)"
echo
if [ "ReachabilityCardinality" = "UpperBounds" ] ; then
echo "The expected result is a vector of positive values"
echo NUM_VECTOR
elif [ "ReachabilityCardinality" != "StateSpace" ] ; then
echo "The expected result is a vector of booleans"
echo BOOL_VECTOR
else
echo "no data necessary for post analysis"
fi
echo
if [ -f "ReachabilityCardinality.txt" ] ; then
echo "here is the order used to build the result vector(from text file)"
for x in $(grep Property ReachabilityCardinality.txt | cut -d ' ' -f 2 | sort -u) ; do
echo "FORMULA_NAME $x"
done
elif [ -f "ReachabilityCardinality.xml" ] ; then # for cunf (txt files deleted;-)
echo echo "here is the order used to build the result vector(from xml file)"
for x in $(grep '
echo "FORMULA_NAME $x"
done
elif [ "ReachabilityCardinality" = "ReachabilityDeadlock" ] || [ "ReachabilityCardinality" = "QuasiLiveness" ] || [ "ReachabilityCardinality" = "StableMarking" ] || [ "ReachabilityCardinality" = "Liveness" ] || [ "ReachabilityCardinality" = "OneSafe" ] ; then
echo "FORMULA_NAME ReachabilityCardinality"
fi
echo
echo "=== Now, execution of the tool begins"
echo
echo -n "BK_START "
date -u +%s%3N
echo
timeout -s 9 $BK_TIME_CONFINEMENT bash -c "/home/mcc/BenchKit/BenchKit_head.sh 2> STDERR ; echo ; echo -n \"BK_STOP \" ; date -u +%s%3N"
if [ $? -eq 137 ] ; then
echo
echo "BK_TIME_CONFINEMENT_REACHED"
fi
echo
echo "--------------------"
echo "content from stderr:"
echo
cat STDERR ;