Accuracy info for numerical results is computed and stored during model checking. For now,
it is always the worst-case accuracy over all states for which results are computed. The
information is stored in a class prism.Accuracy, instances of which are created in a
consistent fashion using prism.AccuracyFactory. Accuracy info is stored in the
prism.Result class.
Accuracy information is generated for all 4 main engines (sparse/hybrid/MTBDD/explicit),
and attached to the Result object when model checking the filter that is wrapped around a
property (currently, just for the default "state" filter). The accuracy is printed with
the main result at the end of model checking. e.g.:
Result: 0.1666666865348816 (+/- 1.1920928955078125E-7; rel err 7.152556520395694E-7)
For now, accuracy info is generated for the majority of properties for DTMCs and MDPs
(no support yet for multi-objective model checking). For methods like value iteration,
where a guaranteed error bound is not generated, convergence information is used, but
reported as being only an estimate.
Test mode has been updated (code in prism.ResultTesting) to use the reported accuracy of
a result to check correctness against a reference result. If it is missing, or only
estimated, the old approach of using default check of 1e-5 with relative error is used.
For the explicit engine, accuracy info is stored in explicit.ModelCheckerResult, returned
by most numerical computation methods i.e. those in the explicit.ModelChecker and
explicit.IterationMethod (sub)classes. At a higher level, the accuracy info is then stored
in explicit.StateValues, when this created from ModelCheckerResult in
explicit.ProbModelChecker.
For symbolic (sparse/hybrid/MTBDD) engines, the error bound info from C++ code is stored
in a variable last_error_bound that be accessed (or reset) from prism.PrismNative, using
the methods getLastErrorBound() and resetModelCheckingInfo(). At a higher level, this is
then stored in subclasses of prism.StateValues, which are created in the
prism.*ModelChecker classes from the results of computations.
In the C++ code, use |v1-v2/v1| rather than |v1-v2/v2|.
In the Java code, remove the special case where v1 and v2 are < 1e-12.
Should have minimal effect on convergence in practice,
but makes debugging easier to have engines consistent.
The HTML file generated by the iteration export loads Javascript and
CSS resources from www.prismmodelchecker.org. Previously, those URLs
used http as the protocol. If such a generated HTML file was loaded
via an https-connections, current browsers would reasonably block
access to the Javascript, as it's not be loaded over a secure
connection.
As the prismmodelchecker.org site now supports https, we switch to
https for loading those resources.
As noted in #68, the javah tool has been removed in JDK10. Here, we switch to the new way of generating the JNI .h files, using the -h option of the regular javac compiler.
We have to adapt all Makefiles (not only those in directories that contain classes with native methods), as javac compiles all required classes (and generates their JNI headers) beyond the directory with the Makefile.
The .h files generated by javac -h had a different naming scheme, now there is a prefix for the package name. To avoid having to touch all the #includes, we generate the new .h files in prism/include/jni and provide legacy headers in the old location and with the old name, forwarding the the corresponding new header. In the future, at an appropriate moment, those legacy headers can be removed and replace with direct includes.
Currently, there is a post-processing step on Windows: After the .h file is generated, dos2unix is called to replace the Windows CRLF line endings. Otherwise, the generated headers show up as changed files in version control. As now there are no special targets for the generation of the .h files anymore, we move to a global post-processing step and call dos2unix on prism/include/jni/*.h at the end of building.
GCC / CLang offer checking for consistency between format strings and the variable argument parameters that
are passed to printf-like functions. For these compilers, we add the necessary function attribute (use with -Wformat).
For MinGW, we have to be a bit more specific, as both a STDIO implementation by Microsoft as well
as a POSIX compatible implementation are supported. Generally, for C++, the POSIX library is used. We check the
MinGW compiler definition that selects the STDIO implementation and use the corresponding format specification
(gnu_printf vs ms_printf).
git-svn-id: https://www.prismmodelchecker.org/svn/prism/prism/trunk@12178 bbc10eb1-c90d-0410-af57-cb519fbb1720
Generates HTML file with the individual steps of the iterative procedures.
Relies on external JavaScript and CSS.
Is already prepared for exporting interval iteration steps (possibility
to export multiple vectors with type flag per iteration step)
git-svn-id: https://www.prismmodelchecker.org/svn/prism/prism/trunk@12073 bbc10eb1-c90d-0410-af57-cb519fbb1720
Before, the ODD offsets (for indexing into the reachable states) were
stored as longs, resulting in inconsistent numbers of (symbolic)
states that can be treated. In particular, on Win64, long is 32bit.
We switch to int64_t for the ODD offsets everywhere, allowing
MTBDD computations for models with >2^31 states.
Additionally, we check for arithmetic overflow in the offset
computations. Due to the symbolic storage for the models and the
state space explosion, it's possible to construct simple model files
that reach the 2^63 states limit.
If this limit is reached, we now throw an error message. In the future
it might be worthwile to ensure that PRISM can deal with the absence
of an ODD for all the computations that don't absolutely require it
and carry on (most MTBDD engine algorithms should be fine).
git-svn-id: https://www.prismmodelchecker.org/svn/prism/prism/trunk@12019 bbc10eb1-c90d-0410-af57-cb519fbb1720
The order of the content of the prism/include/DebugJDD.h header (auto-generated
by javah) sometimes changes nondeterministically. This seems to be due to the
combination of JNI methods and internal classes in DebugJDD.
We move the two DebugJDD JNI methods to JDD instead and remove the
prism/include/DebugJDD.h header, as well as the generation in the Makefile.
git-svn-id: https://www.prismmodelchecker.org/svn/prism/prism/trunk@11455 bbc10eb1-c90d-0410-af57-cb519fbb1720
The DebugJDD class provides Java-side reference counting for
JDDNodes and tries to detect problems with the reference counting,
such as to many derefs (can lead to crashes during garbage collection)
or too few derefs (leads to memory leakage and a warning when exiting
PRISM).
When debugging is enabled, each JDDNode is assigned a unique, sequential
ID that should be stable across runs of PRISM with the same command-line
arguments, in contrast to the underlying CUDD DDNode pointers, which can
and do change with each invokation.
A tracing mechanism allows to print all the ref/deref events for a particular
JDDNode.
git-svn-id: https://www.prismmodelchecker.org/svn/prism/prism/trunk@10506 bbc10eb1-c90d-0410-af57-cb519fbb1720
Analyze the BDD and return the implied number of external references per node
in a map (node -> count). Only return nodes with non-zero external references.
git-svn-id: https://www.prismmodelchecker.org/svn/prism/prism/trunk@10505 bbc10eb1-c90d-0410-af57-cb519fbb1720
For DD functions that return a DdNode*, errors can be reported by returning NULL.
Functions that have no return value (printing, etc) or a data value (double, etc)
should set the flag, which can be converted into an CuddOutOfMemoryException on
the PRISM side using JDD.checkForCuddError()
git-svn-id: https://www.prismmodelchecker.org/svn/prism/prism/trunk@10474 bbc10eb1-c90d-0410-af57-cb519fbb1720
The native DD/CuDD methods return NULL to indicate that
an out-of-memory error in CuDD has occurred. Before, we
constructed a JDDNode for this NULL ptr, which would lead
to a SIGSEGV crash the next time any operation
(ref, deref, etc) would be performed on that JDDNode.
git-svn-id: https://www.prismmodelchecker.org/svn/prism/prism/trunk@10472 bbc10eb1-c90d-0410-af57-cb519fbb1720
Dave Parker