Counterexample Explanation in Divine Model-checker
نویسنده
چکیده
The thesis focuses on counterexample explanation in model checking, which aims to provide useful information about the cause of an error so that the system designer can find and fix the error faster. We summarize some of the existing methods to deal with this problem and implement the method of Alex Groce and Willem Visser. This method describes three ways of comparing failing and unfailing runs to extract the cause of the problem. The original method was used in Java PathFinder, we implemented it in the parallel model checker DiVinE 2. The implemented method is evaluated on various models and a summary of the results is presented.
منابع مشابه
Context-Switch-Directed Verification in DIVINE
In model checking of real-life C and C++ programs, both search efficiency and counterexample readability are very important. In this paper, we suggest context-switch-directed exploration as a way to find a well-readable counterexample faster. Furthermore, we allow to limit the number of context switches used in state-space exploration if desired. The new algorithm is implemented in the DIVINE m...
متن کاملDiVinE 3.0 - An Explicit-State Model Checker for Multithreaded C & C++ Programs
We present a new release of the parallel and distributed LTL model checker DiVinE. The major improvements in this new release is an extension of the class of systems that may be verified with the model checker, while preserving the unique DiVinE feature, namely parallel and distributed-memory processing. Version 3.0 comes with support for direct model checking of (closed) multithreaded C/C++ pr...
متن کاملLearning Models from Temporal-Logic Properties via Explanations
Given a model and a property expressed in temporal logic, a model checker normally produces a counterexample in case the model does not satisfy the property. This counterexample is meant to serve as a guide for manually modifying the model so that the new model does satisfy the property. We observe that basing the modification of a model on negative information (why a formula is not true) can h...
متن کاملModel Checking C++ with Exceptions
We present an extension of the DIVINE software model checker to support programs with exception handling. The extension consists of two parts, a language-neutral implementation of the LLVM exception-handling instructions, and an adaptation of the C++ runtime for the DIVINE/LLVM exception model. This constitutes an important step towards support of both the full C++ specification and towards ver...
متن کاملExplaining Counterexamples Using Causality
When a model does not satisfy a given specification, a counterexample is produced by the model checker to demonstrate the failure. A user must then examine the counterexample trace, in order to visually identify the failure that it demonstrates. If the trace is long, or the specification is complex, finding the failure in the trace becomes a non-trivial task. In this paper, we address the probl...
متن کامل