SLIDE 1 Better termination proving through cooperation
Marc Brockschmidt 1 Byron Cook 2,3 Carsten Fuhs 3
1RWTH Aachen University 2Microsoft Research Cambridge 3University College London
Deduktionstreffen 2013
SLIDE 2 Termination Analysis: Invariants and Rank Functions
Example y := 1; while x > 0 do x := x − y; y := y + 1; done Invariant y > 0 and rank function x prove termination How do we know that we need y > 0?
SLIDE 3 Termination Analysis: Invariants and Rank Functions
Example y := 1; while x > 0 do x := x − y; y := y + 1; done Invariant y > 0 and rank function x prove termination How do we know that we need y > 0?
How do we know that x is a RF?
SLIDE 4
Termination by iterative strengthening: Idea
1 Safety: Provide samples (Counterexamples) 2 Rank tool: Find specific termination argument 3 Safety: Prove generality, or 1
SLIDE 5
Termination by iterative strengthening: Idea
1 Safety: Provide samples (Counterexamples) 2 Rank tool: Find specific termination argument 3 Safety: Prove generality, or 1
SLIDE 6
Termination by iterative strengthening
Loop states Find counterexample then strengthen argument
SLIDE 7
Termination by iterative strengthening
Loop states Execution Find counterexample then strengthen argument
SLIDE 8
Termination by iterative strengthening
Loop states Terminating states Execution Find counterexample then strengthen argument
SLIDE 9
Termination by iterative strengthening
Loop states Terminating states Terminating states Execution Find counterexample then strengthen argument
SLIDE 10
Termination by iterative strengthening
Loop states Terminating states Terminating states T e r m i n a t i n g s t a t e s Find counterexample then strengthen argument
SLIDE 11
Termination by iterative strengthening: Worst case
1 Safety: Look at everything, then return old sample 2 Rank tool: Find too specific termination argument 3 Safety: Can’t prove generality, repeat 1
SLIDE 12
Termination by iterative strengthening: Worst case
1 Safety: Look at everything, then return old sample 2 Rank tool: Find too specific termination argument 3 Safety: Can’t prove generality, repeat 1
SLIDE 13
Termination by iterative simplification
Loop trans.
SLIDE 14
Termination by iterative simplification
Loop trans. Execution
SLIDE 15
Termination by iterative simplification
Loop trans. Execution Find rank function for SCC
SLIDE 16
Termination by iterative simplification
Loop trans. Execution Find rank function for SCC then remove transitions
SLIDE 17
Termination by iterative simplification
Loop trans. Execution Find rank function for SCC then remove transitions
SLIDE 18
Termination by iterative simplification
Loop trans. Execution Find rank function for SCC then remove transitions
SLIDE 19
Termination by cooperation
1 Safety: Provide samples (Counterexamples) 2 Rank tool: Find termination argument in context 3 Rank tool: Mark definitely terminating parts 4 Safety: Prove generality for rest, or 1
SLIDE 20
Cooperation: High-level view
Safety Termination
SLIDE 21
Cooperation: High-level view
Safety
Termination
SLIDE 22
Cooperation: High-level view
Safety
Termination Terminating states
SLIDE 23 Cooperation: High-level view
Safety
Termination
Terminating states
SLIDE 24 Cooperation: High-level view
Safety
Termination
Terminating states
SLIDE 25 Cooperation: High-level view
start
ℓ1 ℓ2
τ0 : if(k ≥ 1); i := 0; τ1 : if(i < n); j := 0; τ2 : if(j > i); i := i + 1; τ3 : if(j ≤ i); j := j + k;
ℓt
1
ℓt
2
ℓd
1
ℓd
2
maybe take a snapshot maybe take a snapshot check decrease check decrease
τ t
1 : if(i < n);
j := 0; τ t
3 : if(j ≤ i);
j := j + k; τ t
2 : if(j > i);
i := i + 1;
SLIDE 26
Cooperation: High-level view
Intuition: Safety subgraph: original program Termination subgraph: instrumented copy
SLIDE 27
Cooperation: High-level view
Intuition: Safety subgraph: original program Termination subgraph: instrumented copy Ranking: Simplify problem, “point out hard bits”
SLIDE 28
Cooperation: High-level view
Intuition: Safety subgraph: original program Termination subgraph: instrumented copy Ranking: Simplify problem, “point out hard bits” Safety: Analyze whole program, “point out invariants”
SLIDE 29
Cooperation: High-level view
Intuition: Safety subgraph: original program Termination subgraph: instrumented copy Ranking: Simplify problem, “point out hard bits” Safety: Analyze whole program, “point out invariants” Approach: Analyze whole SCC, not counterexample slice
SLIDE 30
Cooperation: High-level view
Intuition: Safety subgraph: original program Termination subgraph: instrumented copy Ranking: Simplify problem, “point out hard bits” Safety: Analyze whole program, “point out invariants” Approach: Analyze whole SCC, not counterexample slice Remove transitions after proof
SLIDE 31
Cooperation: Evaluation
Evaluated on 449 termination proving benchmarks 260 known terminating, 181 known non-terminating, 8 unknown Sources: Windows drivers, Apache, PostgreSQL, . . .
SLIDE 32
Cooperation: Evaluation
Evaluated on 449 termination proving benchmarks 260 known terminating, 181 known non-terminating, 8 unknown Sources: Windows drivers, Apache, PostgreSQL, . . .
Term (#) Term (avg. s) Cooperating-T2 245 3.42 AProVE 197 2.21 KITTeL 196 4.65 T2 189 5.15 AProVE+Interproc 185 1.53 Terminator 177 4.99 Size-Change/MCNP 156 17.50 ARMC 138 16.16
SLIDE 33
Cooperation: Evaluation
0.5 1 5 10 30 60 120 300 NR 0.5 1 5 10 30 60 120 300 NR Cooperating-T2 (s) + T2
SLIDE 34 Cooperation: Evaluation
0.5 1 5 10 30 60 120 300 NR 0.5 1 5 10 30 60 120 300 NR Cooperating-T2 (s)
SLIDE 35
Cooperation: Evaluation
0.5 1 5 10 30 60 120 300 NR 0.5 1 5 10 30 60 120 300 NR Cooperating-T2 (s) x AProVE
SLIDE 36 Cooperation: Evaluation
0.5 1 5 10 30 60 120 300 NR 0.5 1 5 10 30 60 120 300 NR Cooperating-T2 (s)
| + T2 | x AProVE
SLIDE 37
Cooperation: Evaluation
Evaluated on 449 termination proving benchmarks 260 known terminating, 181 known non-terminating, 8 unknown Sources: Windows drivers, Apache, PostgreSQL, . . .
Term (#) Term (avg. s) Cooperating-T2 245 3.42 AProVE 197 2.21 KITTeL 196 4.65 T2 189 5.15 AProVE+Interproc 185 1.53 Terminator 177 4.99 Size-Change/MCNP 156 17.50 ARMC 138 16.16
Sources available: http://research.microsoft.com/en-us/projects/t2/
