The Inconsistent Labelling Problem of Stutter-Preserving Partial-Order Reduction

TL;DR

This paper identifies a flaw in the traditional understanding of stubborn sets in partial-order reduction for model checking, proposes a correction, and analyzes its implications for preserving stutter trace equivalence.

Contribution

The paper uncovers a flaw in the existing theory of stubborn sets, provides a corrected proof, and discusses the practical impact on model checking implementations.

Findings

A flaw in the previous proof of stutter trace equivalence preservation.

A corrected proof ensuring proper preservation of stutter trace equivalence.

Limited practical impact due to correct approximations in implementations.

Abstract

In model checking, partial-order reduction (POR) is an effective technique to reduce the size of the state space. Stubborn sets are an established variant of POR and have seen many applications over the past 31 years. One of the early works on stubborn sets shows that a combination of several conditions on the reduction is sufficient to preserve stutter trace equivalence, making stubborn sets suitable for model checking of linear-time properties. In this paper, we identify a flaw in the reasoning and show with a counter-example that stutter trace equivalence is not necessarily preserved. We propose a solution together with an updated correctness proof. Furthermore, we analyse in which formalisms this problem may occur. The impact on practical implementations is limited, since they all compute a correct approximation of the theory.