VeriSoft (Godefroid, 2005) is a model checker for C and C++; other languages can be used, but components in other languages are treated as black boxes. VeriSoft has been used to find defects in very large telecommunications programs (Chandra, Godefroid, and Palm 2002). It is available for download at the VeriSoft website. This package includes a version of VeriSoft for analyzing multiprocess C or C++ programs whose processes communicate via a predefined set of types of communication objects. It is a “stateless” model checker, in that visited states are not saved. It uses clever partial-order reduction search algorithms utilizing program analysis to avoid revisiting states, and guarantees complete coverage of the state space to some depth, while preserving correctness properties. Verisoft can search for four basic types of errors:
- Deadlocks.
- Divergences. A divergence occurs when a process does not attempt to communicate with the rest of the system for more than a given (user-specified) amount of time.
- �Livelocks. A livelock occurs when a process is blocked during a sequence of more than a given (user-specified) number of successive states in the state space.
- Violations of state assertions, the assertions having been stated using a special operation VS_assert(boolean_expr).
To represent non-determinism in the model or environment, VeriSoft provides a special operation VS_toss to express non-deterministic choice, which is like Verify.random in Java PathFinder.