Download - External Program Model Checking
![Page 1: External Program Model Checking](https://reader036.vdocuments.site/reader036/viewer/2022062422/56813aec550346895da3586b/html5/thumbnails/1.jpg)
External Program Model Checking
Stefan Edelkamp, Shahid Jabar, Dino Midzic, Daniel Rikowski and Damian Sulewski
Computer Science Department
University of Dortmund
Otto-Hahn Straße 14
![Page 2: External Program Model Checking](https://reader036.vdocuments.site/reader036/viewer/2022062422/56813aec550346895da3586b/html5/thumbnails/2.jpg)
- Why software model checking
- States in our program model checker StEAM
- Externalization Algorithm
- Experimental results
Motivation - Overview
![Page 3: External Program Model Checking](https://reader036.vdocuments.site/reader036/viewer/2022062422/56813aec550346895da3586b/html5/thumbnails/3.jpg)
Int main(int argc, char ** argv) {
int a = 0;
int b = 7;
int c = b / a;
}
Int main(int argc, char ** argv) {
int a = 0;
int b = 7;
int c = b / a;
}
Model checker
Formal specification of code
manual rewriting
Checking a software implementation rather then a formal specification
![Page 4: External Program Model Checking](https://reader036.vdocuments.site/reader036/viewer/2022062422/56813aec550346895da3586b/html5/thumbnails/4.jpg)
Formal specification of code
manual rewriting
Checking a software implementation rather then a formal specification
Int main(int argc, char ** argv) {
int a = 0;
int b = 7;
int c = b / a;
}
Model checker
![Page 5: External Program Model Checking](https://reader036.vdocuments.site/reader036/viewer/2022062422/56813aec550346895da3586b/html5/thumbnails/5.jpg)
Int main(int argc, char ** argv) {
int a = 0;
int b = 7;
int c = b / a;
}
Error trail
manual rewriting
Checking a software implementation rather then a formal specification
Model checker
Int main(int argc, char ** argv) {
int a = 0;
int b = 7;
int c = b / a;
}
![Page 6: External Program Model Checking](https://reader036.vdocuments.site/reader036/viewer/2022062422/56813aec550346895da3586b/html5/thumbnails/6.jpg)
Int main(int argc, char ** argv) {
int a = 0;
int b = 7;
int c = b / a;
}
Model checker
Virtual Machine Compiler
Using a virtual machine to explore a model
Int main(int argc, char ** argv) {
int a = 0;
int b = 7;
int c = b / a;
}
![Page 7: External Program Model Checking](https://reader036.vdocuments.site/reader036/viewer/2022062422/56813aec550346895da3586b/html5/thumbnails/7.jpg)
Model checker
Virtual Machine
Model checker
Virtual Machine
Assumes an error free virtual machine
+ Can detect errors in the implementation
+ User is not required to be familiar with modeling language
- Exceeds the available memory
- Slows down the exploration
Using a virtual machine to explore a model
Int main(int argc, char ** argv) {
int a = 0;
int b = 7;
int c = b / a;
}
Compiler
Int main(int argc, char ** argv) {
int a = 0;
int b = 7;
int c = b / a;
}
![Page 8: External Program Model Checking](https://reader036.vdocuments.site/reader036/viewer/2022062422/56813aec550346895da3586b/html5/thumbnails/8.jpg)
Model checker
Virtual Machine
Techniques for state space compression
- Partial order reduction
- Minimal binary state encoding
- Abstraction methods
- Bit-state hashing
- Search heuristics
![Page 9: External Program Model Checking](https://reader036.vdocuments.site/reader036/viewer/2022062422/56813aec550346895da3586b/html5/thumbnails/9.jpg)
External model checking
- Using virtual memory can slow down the performance significantly
- General purpose virtual memory scheme is used
- External memory algorithms are more informed about the states
- Show remarkable performance in the large-scale analysis of games
- Introduced in explicit-state model checker SPIN
![Page 10: External Program Model Checking](https://reader036.vdocuments.site/reader036/viewer/2022062422/56813aec550346895da3586b/html5/thumbnails/10.jpg)
=physical memory = VM_memory
PCFPSPR0…
FP0
m1
s1
Obj. file mem. Image(MI)
------------------------zero ebd<_erno>move (4,%r2),%r3……------------------------Int a,b,c …------------------------Int d=12Int e=17Int f=-1…------------------------
Code-Section
BSS-Section
Data-Sectiona=4b=6c=12
BSS-memory
=program memory
dyn. alloc.regions
States in StEAM
PCFPSPR0…
FP0
m2
s2
mn1
mn2
mn3
memory-pool
li1
li2
li3
lock-pool
PCFPSPR0…
FP0
mn
sn
![Page 11: External Program Model Checking](https://reader036.vdocuments.site/reader036/viewer/2022062422/56813aec550346895da3586b/html5/thumbnails/11.jpg)
The externalization algorithm
- Relaxed the requirement of a constant main memory
- Mini-states
- Pointer to a full system state on the secondary memory
- Its predecessor information
- Constant size in contrast to a full state
![Page 12: External Program Model Checking](https://reader036.vdocuments.site/reader036/viewer/2022062422/56813aec550346895da3586b/html5/thumbnails/12.jpg)
The externalization algorithm
CacheMini-states Secondary memory
Internal memory
![Page 13: External Program Model Checking](https://reader036.vdocuments.site/reader036/viewer/2022062422/56813aec550346895da3586b/html5/thumbnails/13.jpg)
The externalization algorithm
Cache Secondary memoryMini-states
Internal memory
![Page 14: External Program Model Checking](https://reader036.vdocuments.site/reader036/viewer/2022062422/56813aec550346895da3586b/html5/thumbnails/14.jpg)
The externalization algorithm
Cache Secondary memoryMini-states
Internal memory
![Page 15: External Program Model Checking](https://reader036.vdocuments.site/reader036/viewer/2022062422/56813aec550346895da3586b/html5/thumbnails/15.jpg)
The externalization algorithm
Cache Secondary memoryMini-states
Internal memory
![Page 16: External Program Model Checking](https://reader036.vdocuments.site/reader036/viewer/2022062422/56813aec550346895da3586b/html5/thumbnails/16.jpg)
The externalization algorithm
Cache Secondary memoryMini-states
Internal memory
![Page 17: External Program Model Checking](https://reader036.vdocuments.site/reader036/viewer/2022062422/56813aec550346895da3586b/html5/thumbnails/17.jpg)
The externalization algorithm - external collapse compression
Full stateCaches Files
Data - Section
BSS - Section
Stack
Fixed values
![Page 18: External Program Model Checking](https://reader036.vdocuments.site/reader036/viewer/2022062422/56813aec550346895da3586b/html5/thumbnails/18.jpg)
Experimental results
- first running case study: the Dining Philosophers
![Page 19: External Program Model Checking](https://reader036.vdocuments.site/reader036/viewer/2022062422/56813aec550346895da3586b/html5/thumbnails/19.jpg)
0
200
400
600
800
1000
1200
1400
25 50 100 150 200 250 300
external
collapse
original
Experimental results – Philosophers using most blocked heuristic
Internal memory in MB
Philosophers
![Page 20: External Program Model Checking](https://reader036.vdocuments.site/reader036/viewer/2022062422/56813aec550346895da3586b/html5/thumbnails/20.jpg)
0
50000
100000
150000
200000
250000
300000
350000
400000
50 100 150 200 250 300
external
collapse
original
Experimental results – Philosophers using most blocked heuristic
Time in seconds
Philosophers
![Page 21: External Program Model Checking](https://reader036.vdocuments.site/reader036/viewer/2022062422/56813aec550346895da3586b/html5/thumbnails/21.jpg)
0
10000
20000
30000
40000
50000
60000
70000
80000
90000
50 100 150
external
collapse
original
Experimental results – Philosophers using most blocked heuristic
Time in seconds
Philosophers
![Page 22: External Program Model Checking](https://reader036.vdocuments.site/reader036/viewer/2022062422/56813aec550346895da3586b/html5/thumbnails/22.jpg)
8
7 6
5
4
3
2 1
Experimental results
- second running case study: the 8-Puzzle
![Page 23: External Program Model Checking](https://reader036.vdocuments.site/reader036/viewer/2022062422/56813aec550346895da3586b/html5/thumbnails/23.jpg)
0
10000
20000
30000
40000
50000
60000
70000
15 16 17 18 19 20 21
extern
collapse
original
Experimental results – 8-Puzzle using Breath First Search
Time in seconds
Moves
![Page 24: External Program Model Checking](https://reader036.vdocuments.site/reader036/viewer/2022062422/56813aec550346895da3586b/html5/thumbnails/24.jpg)
0
500
1000
1500
2000
2500
15 16 17 18 19 20 21
extern
collapse
original
Experimental results – 8-Puzzle using Breath First Search
Internal memory in MB
Moves
![Page 25: External Program Model Checking](https://reader036.vdocuments.site/reader036/viewer/2022062422/56813aec550346895da3586b/html5/thumbnails/25.jpg)
Conclusion and future work
- StEAM is the first external program model checker
- Largest exploration in program model checking
- Software still experimental
- Can be used for non-deterministic programs
- Further information on
http://bugfinder.sourceforge.net