Skip to main content
SpringerLink
Log in

Depth-First Heuristic Search for Software Model Checking

  • Conference paper
  • First Online:
Computer and Information Science 2015

Part of the book series: Studies in Computational Intelligence ((SCI,volume 614))

Abstract

Software model checkers , such as Java PathFinder (JPF), can be used to detect failures in software. However, the state space explosion is a serious problem because the size of the state space of complex software is very large. Various heuristic search algorithms, which explore the state space in the order of the given priority function, have been proposed to solve this problem. However, they are not compatible with linear temporal logic (LTL) verification algorithms. This paper proposes an algorithm called depth-first heuristic search (DFHS), which performs depth-first search but backtracks at states that unlikely lead to an error. The likelihood is evaluated using cut-off functions defined by the user. We enhanced the search engine of JPF to implement DFHS and LTL search. Experimental results show that DFHS performs better than current algorithms for both safety and LTL properties of programs in many cases.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Java is a registered trademark of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.

  2. 2.

    The correctness of NDFS depends on the fact that blue DFS visits all children of a state before red DFS starts for the state. By applying a cut-off function to NDFS, DFHS does not guarantee this condition. However, a reported counterexample with DFHS is still correct, which is sufficient for our purpose to find errors.

  3. 3.

    The number of states is related to elapsed time and reproducible while the elapsed time differs at every executions. Therefore we omit the elapsed time field in the following tables to save space.

  4. 4.

    We omitted AlarmClock from the table, which throws an uncaught exception.

References

  1. Barnat, J., Brim, L., Chaloupka, J.: Parallel breadth-first search LTL model-checking. In: Proceedings of 18th IEEE International Conference on Automated Software Engineering, pp. 106–115. IEEE Computer Society (2003)

    Google Scholar 

  2. Concurrency tool comparison site. https://facwiki.cs.byu.edu/vv-lab/index.php/Concurrency_Tool_Comparison

  3. Courcoubetis, C., Vardi, M.Y., Wolper, P., Yannakakis, M.: Memory efficient algorithms for the verification of temporal properties. In: Proceedings of 2nd International Workshop on Computer Aided Verification. LNCS, vol. 531, pp. 233–242. Springer (1990)

    Google Scholar 

  4. Couvreur, J.M.: On-the-fly verification of linear temporal logic. In: Proceedings of World Congress on Formal Methods. LNCS, vol. 1708, pp. 253–271. Springer (1999)

    Google Scholar 

  5. Couvreur, J., Duret-Lutz, A., Poitrenaud, D.: On-the-fly emptiness checks for generalized Büchi automata. In: Proceedings of 12th International SPIN Workshop on Model Checking Software. LNCS, vol. 3639, pp. 169–184. Springer (2005)

    Google Scholar 

  6. Cuong, N.A., Cheng, K.S.: Towards Automation of LTL Verification for Java Pathfnder. National University of Singapore (2008)

    Google Scholar 

  7. Duret-Lutz, A., Poitrenaud, D., Couvreur, J.M.: On-the-fly emptiness check of transition-based Streett automata. In: Proceedings of 7th International Symposium on Automated Technology for Verification and Analysis. LNCS, vol. 5799, pp. 213–227. Springer (2009)

    Google Scholar 

  8. Edelkamp, S., Lluch-Lafuente, A., Leue, S.: Trail-directed model checking. Electron. Notes Theor. Comput. Sci. 55(3), 343–356 (2001)

    Article  Google Scholar 

  9. Edelkamp, S., Schuppan, V., Bosnacki, D., Wijs, A., Fehnker, A., Aljazzar, H.: Survey on directed model checking. In: Proceedings of 5th International Workshop on Model Checking and Artificial Intelligence. LNCS, vol. 5348, pp. 65–89. Springer (2008)

    Google Scholar 

  10. Geldenhuys, J., Valmari, A.: More efficient on-the-fly LTL verification with Tarjan’s algorithm. Theor. Comput. Sci. 345(1), 60–82 (2005)

    Article  MATH  MathSciNet  Google Scholar 

  11. Groce, A., Visser, W.: Heuristics for model checking Java programs. Int. J. Softw. Tools Technol. Transf. 6(4), 260–276 (2004)

    Article  Google Scholar 

  12. Holzmann, G.J.: The SPIN Model Checker—Primer and Reference Manual. Addison-Wesley, Boston (2004)

    Google Scholar 

  13. Lombardi, M.: https://bitbucket.org/michelelombardi/jpf-ltl

  14. McMillan, K.L.: Symbolic Model Checking. Kluwer, Boston (1993)

    Book  MATH  Google Scholar 

  15. Musuvathi, M., Qadeer, S.: Iterative context bounding for systematic testing of multithreaded programs. In: SIGPLAN 2007 Conference on Programming Language Design and Implementation, pp. 446–455. ACM (2007)

    Google Scholar 

  16. Parízek, P., Lhoták, O.: Randomized backtracking in state space traversal. In: Proceedings of 18th International SPIN Workshop. LNCS, vol. 6823, pp. 75–89. Springer (2011)

    Google Scholar 

  17. Renault, E., Duret-Lutz, A., Kordon, F., Poitrenaud, D.: Three SCC-based emptiness checks for generalized Büchi automata. In: Proceedings of 19th International Conference on Logic for Programming, Artificial Intelligence, and Reasoning. LNCS, vol. 8312, pp. 668–682. Springer (2013)

    Google Scholar 

  18. Rungta, N., Mercer, E.G.: A meta heuristic for effectively detecting concurrency errors. In: Proceedings of 4th International Haifa Verification Conference. LNCS, vol. 5394, pp. 23–37. Springer (2008)

    Google Scholar 

  19. Rungta, N., Mercer, E.G.: Clash of the Titans: tools and techniques for hunting bugs in concurrent programs. In: Proceedings of 7th Workshop on Parallel and Distributed Systems: Testing, Analysis, and Debugging. ACM (2009)

    Google Scholar 

  20. Russell, S.J., Norvig, P.: Artificial Intelligence—A Modern Approach, 3rd edn. Pearson Education, Upper Saddle River (2010)

    Google Scholar 

  21. Sun, J., Liu, Y., Dong, J.S., Pang, J.: PAT: towards flexible verification under fairness. In: Proceedings of 21st International Conference on Computer Aided Verification. LNCS, vol. 5643, pp. 709–714. Springer (2009)

    Google Scholar 

  22. Vardi, M.Y., Wolper, P.: Automata-theoretic techniques for modal logics of programs. J. Comput. Syst. Sci. 32(2), 183–221 (1986)

    Article  MATH  MathSciNet  Google Scholar 

  23. Visser, W., Havelund, K., Brat, G.P., Park, S., Lerda, F.: Model checking programs. Autom. Softw. Eng. 10(2), 203–232 (2003)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Research and Development Group, Hitachi, Ltd., 292 Yoshida-cho, Totsuka-ku, Yokohama-shi, Kanagawa, 244-0817, Japan

    Jun Maeoka

  2. The University of Electro-Communications, 1-5-1 Chofugaoka, Chofu-shi, Tokyo, 182-8585, Japan

    Jun Maeoka & Fuyuki Ishikawa

  3. Tsurumi University, 2-1-3 Tsurumi, Tsurumi-ku, Yokohama-shi, Kanagawa, 230-8501, Japan

    Yoshinori Tanabe

  4. National Institute of Informatics, 2-1-2 Hitotsubashi, Chiyoda-ku, Tokyo, 101-8430, Japan

    Fuyuki Ishikawa

Authors
  1. Jun Maeoka
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yoshinori Tanabe
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Fuyuki Ishikawa
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Jun Maeoka , Yoshinori Tanabe or Fuyuki Ishikawa .

Editor information

Editors and Affiliations

  1. Software Engineering and Information Institute, Central Michigan University, Mount Pleasant, Michigan, USA

    Roger Lee

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this paper

Cite this paper

Maeoka, J., Tanabe, Y., Ishikawa, F. (2016). Depth-First Heuristic Search for Software Model Checking. In: Lee, R. (eds) Computer and Information Science 2015. Studies in Computational Intelligence, vol 614. Springer, Cham. https://doi.org/10.1007/978-3-319-23467-0_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-23467-0_6

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-23466-3

  • Online ISBN: 978-3-319-23467-0

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation