l11-12 - CS 267: Automated Verification Lectures 11 and 12:...

Info iconThis preview shows pages 1–7. Sign up to view the full content.

View Full Document Right Arrow Icon
CS 267: Automated Verification Lectures 11 and 12: Counter-Example Generation Revisited, Bit-State Hashing, On- The-Fly Model Checking, Partial Order Reduction Instructor: Tevfik Bultan
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Nested DFS with Interleaving main() { Stack1 = Q_0; Stack2 = {}; StateSpace = {}; search1(); } search2() { if Stack2 is empty return(); s = top(Stack2); add (s,2) to StateSpace; for each successor t of s do { if (t,2) not in StateSpace { push t to Stack2; search2(); } else if (t == seed) report_cycle(); } remove s from Stack2; } search1() { if Stack1 is empty return(); s = top(Stack1); add (s,1) to StateSpace; for each successor t of s do { if (t,1) not in StateSpace { push t to Stack1; search1(); } } if accepting(s) { seed = s; push s to Stack2; search2(); } remove s from Stack1; }
Background image of page 2
The Explicit Stack Why do we keep an explicit stack during the depth first search (in addition to the control stack that is automatically handled via recursive procedure calls)? In the report_cycle() procedure we use the contents of Stack1 and Stack2 to print the counter-example path Note that if we print the states in Stack1 and Stack2 in the order they are pushed to the stack then we end up printing a counter-example path.
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Bit State Hashing We are storing visited states in the StateSpace Each state can be inserted to the StateSpace twice (once for the first search and once for the second search) Assume that we have M bytes of memory we use K bytes of storage per state the transition systems has R reachable states Then the portion of state space we can cover is M / (2 × K × R) The idea in bit-state hashing is to improve the coverage of the state space using an hash function However this may cause us miss some bugs!
Background image of page 4
Bit State Hashing The idea is to use two boolean arrays as hash tables and use a hash function to mark these arrays When we visit a state we will compute the hash value for that state and we will mark the entry that corresponds to the hash value in the hash table as visited If later on another state is mapped to the same hash value it will not be explored since that entry has been marked as visited Note that normally we would store the value (i.e., the state) in the hash table to resolve conflicts. In bit state hashing we are discarding the value to save memory. When there is a hash collision some states are not explored since the entry corresponding to them are marked as visited earlier by another state.
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Bit State Hashing Bit state hashing is better than partial depth first search for two reasons: the states that are ignored during bit state hashing are randomly distributed we can explore more states using bit state hashing since we are using less memory per state The portion of state space we can cover using bit state hashing is (M × 4) / R Remember that without bit state hashing the portion of the state space we can cover was M / (2 × K × R)
Background image of page 6
Image of page 7
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 31

l11-12 - CS 267: Automated Verification Lectures 11 and 12:...

This preview shows document pages 1 - 7. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online