Abstract
The i-protocol, an optimized sliding-window protocol for GNU uucp, first came to our attention in 1995 when we used the Concurrency Factory’s local model checker to detect, locate, and correct a non-trivial livelock in version 1.04 of the protocol. Since then, we have conducted a systematic case study on the protocol using four verification tools, viz. Cospan, Murϕ, Spin, and XMC, each of which supports some form of explicit-state model checking. Our results show that although the i-protocol is inherently complex – the size of its state space grows exponentially in the window size and it deploys several sophisticated optimizations aimed at minimizing control-message and retransmission overhead – it is nonetheless amenable to a number of general-purpose abstraction techniques whose application can significantly reduce the size of the protocol’s state space.
Similar content being viewed by others
References
Alur, R., Henzinger, T.A.: Computer Aided Verification (CAV ’96), Lecture Notes in Computer Science, vol. 1102. Springer, Berlin Heidelberg New York, 1996
Chamillard, A.T., Clarke, L.A., Avrunin, G.S.: Experimental design for comparing static concurrency analysis techniques. Technical Report 96-084, Computer Science Department, University of Massachusetts at Amherst, 1996
Clarke, E.M., Emerson, E.A., Sistla, A.P.: Automatic verification of finite-state concurrent systems using temporal logic specifications. ACM TOPLAS 8(2):244–263, 1986
Cleaveland, R., Lewis, P.M., Smolka, S.A., Sokolsky, O.: The Concurrency Factory: a development environment for concurrent systems. In: Alur, Henzinger, (eds.), [1], pp. 398–401
Chandy, K.M., Misra, J.: Parallel program design – a foundation. Addison-Wesley, Reading, Mass., USA, 1988
Corbett, J.C.: Evaluating deadlock detection methods for concurrent software. IEEE Transactions on Software Engineering 22(3):161–180, March 1996
Clarke, E.M., Wing, J.M.: Formal methods: State of the art and future directions. ACM Comput Surv 28(4):626–643, 1996
Dong, Y: i-Protocol case study web sitehttp://www.cs.sunysb.edu/∼lmc/iproto/, 2000
Dong, Y., Du, X., Ramakrishna, Y.S., Ramakrishnan, C.R., Ramakrishnan, I.V., Smolka, S.A., Sokolsky, O., Stark, E.W., Warren, D.S.: Fighting livelock in the i-Protocol: a comparative study of verification tools. In: Tools and Algorithms for the Construction and Analysis of Algorithms (TACAS ’99), Lecture Notes in Computer Science. Springer, Berlin Heidelberg New York, 1999
Dill, D.L.: The Murϕ verification system. In: Alur, Henzinger, (eds.), [1], pp. 390–393
Dong, Y., Ramakrishnan, C.R.: An optimizing compiler for efficient model checking. In: Proc. FORTE/PSTV ’99 1999
Emerson, E.A., Clarke, E.M.: Characterizing correctness properties of parallel programs as fixpoints. In: Proc. 7th International Colloquium on Automata, Languages and Programming, Lecture Notes in Computer Science, vol. 85. Springer, Berlin Heidelberg New York, 1981
Hu, A., Dill, D.: Efficient verification with BDDs using implicitly conjoined invariants. In: Courcoubetis, C., (ed.), Computer Aided Verification (CAV ’93), Lecture Notes in Computer Science, vol. 693. Springer, Berlin Heidelberg New York, 1993, pp. 3–14
Hardin, R.H., Har’El, Z., Kurshan, R.P.: COSPAN. In: Alur, Henzinger, (eds.), [1], pp. 423–427
Holzmann, G.J.: The model checker SPIN. IEEE Trans Software Eng 23(5): 279–295, 1997
Holzmann, G.J.: Designing executable abstractions. In: Proc. Workshop on Formal Methods in Software Practice Clearwater Beach, Fla., USA, March 1998. ACM, New York
Holzmann, G.J.: The engineering of a model checker: the Gnu i-protocol case study revisited. In: Dams, D., Gerth, R., Leue, S., Massink, M., (eds.), Theoretical and Practical Aspects of SPIN Model Checking, Lecture Notes in Computer Science, vol. 1680. Springer, Berlin Heidelberg New York, 1999
McMillan, K.L.: Symbolic model checking. Kluwer Academic, Boston, Mass., USA, 1993
Milner, R.: Communication and concurrency. International Series in Computer Science. Prentice-Hall, N.J., USA, 1989
Queille, J.P., Sifakis, J.: Specification and verification of concurrent systems in Cesar. In: Proc. International Symposium in Programming, Lecture Notes in Computer Science, vol. 137. Springer, Berlin Heidelberg New York, 1982
Ramakrishna, Y.S., Ramakrishnan, C.R., Ramakrishnan, I.V., Smolka, S.A., Swift, T.W., Warren D.S.: Efficient model checking using tabled resolution. In: Proc. 9th International Conference on Computer-Aided Verification (CAV ’97) Haifa, Israel, July 1997. Springer, Berlin Heidelberg New York
Ramakrishna, Y.S., Smolka, S.A.: Partial-order reduction in the weak modal mu-calculus. In: Mazurkiewicz, A. Winkowski, J., (eds.), Proc. 8th International Conference on Concurrency Theory (CONCUR ’97), Lecture Notes in Computer Science, vol. 1243. Springer, Berlin Heidelberg New York, 1997
Spin Web Site.:http://netlib.bell-labs.com/netlib/spin/whatispin.html
Tanenbaum, A.S.: Computer networks. Prentice-Hall, Reading, Mass., USA, 1996
Thomas, W.: Automata on infinite objects. In: Handbook of Theoretical Computer Science, vol. B. Elsevier Science, Amsterdam, Holland, 1990
Vardi, M., Wolper, P.: An automata-theoretic approach to automatic program verification. In: Symposium on Logic in Computer Science (LICS ’86) pp. 332–344, Cambridge, Mass., USA, June 1986. Computer Society, New York
Wolper, P.: Expressing interesting properties of programs in propositional temporal logic. In: Proc. 13th ACM Symp. on Principles of Programming Languages pp. 184–192, St. Petersburgh, Russia, January 1986
XSB.: The XSB logic programming system v2.01, 1999. Available by anonymous ftp at: ftp.cs.sunysb.edu
Author information
Authors and Affiliations
Rights and permissions
About this article
Cite this article
Dong , Y., Du , X., Holzmann , G. et al. Fighting livelock in the GNU i-protocol: a case study in explicit-state model checking. STTT 4, 505–528 (2003). https://doi.org/10.1007/s10009-002-0092-3
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10009-002-0092-3