Fighting Livelock in the i-Protocol: A Comparative Study of Verification Tools

Dong, Yunbai; Du, Xiaoqun; Ramakrishna, Y. S.; Ramakrishnan, C. R.; Ramakrishnan, I. V.; Smolka, Scott A.; Sokolsky, Oleg; Stark, Eugene W.; Warren, David S.

doi:10.1007/3-540-49059-0_6

Cited by 29 publications

(38 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Eight versions of this iprotocol model were obtained by varying window size, assumptions about the transmission channel, and the presence or absence of a patch for a known livelock error. The results as published in [1] show the XMC system to outperform the other model checking systems on most of the tests. It also contains a challenge to the builders of the other model checkers to match the results.…”

mentioning

confidence: 81%

“…The details of the i-protocol, and the various versions of the model that were built to verify it, are given in [1] and need not be repeated here. We focus on the tests as reported in [1], specifically as they relate to Spin.…”

Section: Introductionmentioning

confidence: 99%

“…We focus on the tests as reported in [1], specifically as they relate to Spin. The three main parameters that were modified to obtain the eight testcases for the i-protocol model are as follows: 1.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

The Engineering of a Model Checker: the Gnu i-Protocol Case Study Revisited.

Holzmann

1999

Theoretical and Practical Aspects of SPIN Model Checking

View full text Add to dashboard Cite

Abstract. In a recent study a series of model checkers, among which Spin [5], SMV [9], and a newer system called XMC [10], were compared on performance. The measurements used for this comparison focused on a model of the i-protocol from GNU uucp version 1.04. Eight versions of this iprotocol model were obtained by varying window size, assumptions about the transmission channel, and the presence or absence of a patch for a known livelock error. The results as published in [1] show the XMC system to outperform the other model checking systems on most of the tests. It also contains a challenge to the builders of the other model checkers to match the results. This paper answers that challenge for the Spin model checker. We show that with either default Spin verification runs, or a reasonable choice of parameter settings, the version of Spin that was used for the tests in [1] (Spin 2.9.7) can outperform the results obtained with XMC in six out of eight tests. Inspired by the comparisons, and the description in of the optimizations used in XMC, we also extended Spin with some of the same optimizations, leading to a new Spin version 3.3.0. We show that with these changes Spin can outperform XMC on all eight tests.

show abstract

mentioning

confidence: 81%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

The Engineering of a Model Checker: the Gnu i-Protocol Case Study Revisited.

Holzmann

1999

Theoretical and Practical Aspects of SPIN Model Checking

View full text Add to dashboard Cite

show abstract

“…NPC checks are often performed in formal verifications of protocols, where livelocks frequently occur. Using SPIN, livelocks were found, for instance, in the i-protocol from UUCP (see [3]) and GIOP from CORBA (see [10]), whereas DHCP was proved to be free of livelocks (see [9]). To be able to check for NPCs, desired activities of the system are marked in PROMELA by labeling the corresponding location in the process specification with a progress label: "statementi; progress: statementj;".…”

Section: Non-progress Cycle Checks By Spinmentioning

confidence: 99%

“…Since many livelocks in practice occur after very little progress -e.g., for the i-protocol (cf. [3]) after 2 sends and 1 acknowledge -DFS FIFO comprises an efficient search heuristic. Additionally, shortest (w.r.t.…”

Section: Comparisonmentioning

confidence: 99%

Improving Non-Progress Cycle Checks

Faragó

Schmitt

2009

Model Checking Software

View full text Add to dashboard Cite

Abstract. This paper introduces a new model checking algorithm that searches for non-progress cycles, used mainly to check for livelocks. The algorithm performs an incremental depth-first search, i.e., it searches through the graph incrementally deeper. It simultaneously constructs the state space and searches for non-progress cycles. The algorithm is more efficient than the method the model checker SPIN currently uses, and finds shortest (w.r.t. progress) counterexamples. Its only downside is the need for a subsequent reachability depth-first search (which is not the bottleneck) for constructing a full counterexample. The new algorithm is better combinable with partial order reduction than SPIN's method.

show abstract

A Space Efficient Engine for Subsumption-Based Tabled Evaluation of Logic Programs

Johnson

Ramakrishnan

et al. 1999

Functional and Logic Programming

View full text Add to dashboard Cite

Fighting Livelock in the i-Protocol: A Comparative Study of Verification Tools

Cited by 29 publications

References 12 publications

The Engineering of a Model Checker: the Gnu i-Protocol Case Study Revisited.

The Engineering of a Model Checker: the Gnu i-Protocol Case Study Revisited.

Improving Non-Progress Cycle Checks

A Space Efficient Engine for Subsumption-Based Tabled Evaluation of Logic Programs

Contact Info

Product

Resources

About