needs effective finitary representation failed
play

. Needs effective (finitary) representation .. Failed Termination - PDF document

Oct 12, 2022 •331 likes •402 views

Runtime Errors Proving Non-Termination Ashutosh K. Gupta Thomas A. Henzinger Rupak Majumdar MPI-SWS EPFL UCLA Andrey Rybalchenko Ru-Gang Xu MPI-SWS UCLA 2 Non-Termination Errors Proving Non-Termination Search for infinite

  1. Runtime Errors Proving Non-Termination Ashutosh K. Gupta Thomas A. Henzinger Rupak Majumdar MPI-SWS EPFL UCLA Andrey Rybalchenko Ru-Gang Xu MPI-SWS UCLA 2 Non-Termination Errors Proving Non-Termination • Search for infinite executions …. • Needs effective (finitary) representation .. Failed Termination Proof vs. Non- TNT: Testing Non-Termination Termination • Successful termination provers: Tool for proving non-termination PolyRank, Terminator, ACL2, TerminWeb, AProVE, … • Inherently incomplete algorithms Input leading to C program • Failed termination proof ≠ non-termination TNT non-termination Don’t know Proved Proved Non- Proved Non- Terminating Terminating Terminating Terminating Non-Terminating Terminating Non-Terminating

  2. Outline Example: Non-termination Error • Input to TNT: – Mondriaan memory protection system • Example: • (early version courtesy: E. Witchel) – Uses recursion for basic operation – Non-termination error in a memory protection system – Termination required • TNT algorithm: • Output by TNT: – Lasso search – non-termination bug (now fixed) in _mmpt_insert procedure: – Recurrent set computation cyclic sequences of calls to _mmpt_insert ( … , 0, 3, … …, TAB_ROOT , 0, … ) Non-Termination in _mmpt_insert Non-Termination in _mmpt_insert (first call) void _mmpt_insert (struct* mmpt, base, len, prot, tab_t* tab, level, … ) { void _mmpt_insert (struct* mmpt, 0, 3, prot, TAB_ROOT , 0, … ) { if(len == 0) return; // Exit condition if(len == 0) return; // Exit condition int idx = make_idx(mmpt, base, level); int idx = make_idx(mmpt, base, level); if(level < 2 && … … … && len >= tab_len(mmpt, level + 1)) { if(level < 2 && … … … && len >= tab_len(mmpt, level + 1)) { … … … … … … } else if(level < 2 && tab[idx] && !uentry_is_data(mmpt, tab[idx])) { } else if(level < 2 && tab[idx] && !uentry_is_data(mmpt, tab[idx])) { _mmpt_insert (mmpt, base, len, prot, (tab_t*)tab[idx], level + 1, …); _mmpt_insert (mmpt, base, len, prot, (tab_t*)tab[idx], level + 1, …); } else if(level < 2 && … … … ) { } else if(level < 2 && … … … ) { … … … … … … } else { } else { for(; len >= subblock_len(mmpt, level) && … … … ; … … … ) { for(; len >= subblock_len(mmpt, level) && … … … ; … … … ) { … … … … … … } } _mmpt_insert (mmpt, base, len, prot, mmpt->tab, 0, …); _mmpt_insert (mmpt, base, len, prot, mmpt->tab, 0, …); } } } } Non-Termination in _mmpt_insert Non-Termination in _mmpt_insert (first call) (second call) void _mmpt_insert (struct* mmpt, 0, 3, prot, TAB_ROOT , 0, … ) { void _mmpt_insert (struct* mmpt, 0, 3, prot, TAB_MID , 1, … ) { if( 3 == 0) return; // Exit condition if(len == 0) return; // Exit condition int 0 = make_idx(mmpt, 0, 0); int idx = make_idx(mmpt, base, level); if( 0 < 2 && … … … && 3 >= 4MB ) { if(level < 2 && … … … && len >= tab_len(mmpt, level + 1)) { … … … … … … } else if( 0 < 2 && tab[ 0 ] && !uentry_is_data(mmpt, tab[ 0 ])) { } else if(level < 2 && tab[idx] && !uentry_is_data(mmpt, tab[idx])) { _mmpt_insert (mmpt, 0, 3, prot, (tab_t*)tab[ 0 ], 0 + 1, …); _mmpt_insert (mmpt, base, len, prot, (tab_t*)tab[idx], level + 1, …); } else if(level < 2 && … … … ) { } else if(level < 2 && … … … ) { … … … … … … } else { } else { for(; len >= subblock_len(mmpt, level) && … … … ; … … … ) { for(; len >= subblock_len(mmpt, level) && … … … ; … … … ) { … … … … … … } } _mmpt_insert (mmpt, base, len, prot, mmpt->tab, 0, …); _mmpt_insert (mmpt, base, len, prot, mmpt->tab, 0, …); } } } }

  3. Non-Termination in _mmpt_insert Non-Termination in _mmpt_insert (second call) (third call) void _mmpt_insert (struct* mmpt, 0, 3, prot, TAB_MID , 1, … ) { void _mmpt_insert (struct* mmpt, 0, 3, prot, TAB_LEAF , 2, … ) { if( 3 == 0) return; // Exit condition if(len == 0) return; // Exit condition int 0 = make_idx(mmpt, 0, 1); int idx = make_idx(mmpt, base, level); if( 1 < 2 && … … … && 3 >= 4KB ) { if( level < 2 && … … … && len >= tab_len(mmpt, level + 1)) { … … … … … … } else if( 1 < 2 && tab[ 0 ] && !uentry_is_data(mmpt, tab[ 0 ])) { } else if( level < 2 && tab[idx] && !uentry_is_data(mmpt, tab[idx])) { _mmpt_insert (mmpt, 0, 3, prot, (tab_t*)tab[ 0 ], 1 + 1, …); _mmpt_insert (mmpt, base, len, prot, (tab_t*)tab[idx], level + 1, …); } else if(level < 2 && … … … ) { } else if( level < 2 && … … … ) { … … … … … … } else { } else { for(; len >= subblock_len(mmpt, level) && … … … ; … … … ) { for(; len >= subblock_len(mmpt, level) && … … … ; … … … ) { … … … … … … } } _mmpt_insert (mmpt, base, len, prot, mmpt->tab, 0, …); _mmpt_insert (mmpt, base, len, prot, mmpt->tab, 0, …); } } } } Non-Termination in _mmpt_insert What does TNT do? (third call) void _mmpt_insert (struct* mmpt, 0, 3, prot, TAB_LEAF , 2, … ) { if( 3 == 0) return; // Exit condition • TNT finds a cyclic sequence of calls to _mmpt_insert int 0 = make_idx(mmpt, 0, 2); if( 2 < 2 && … … … && 3 >= tab_len(mmpt, 2 + 1)) { • The sequence is lasso – shaped … … … } else if( 2 < 2 && tab[idx] && !uentry_is_data(mmpt, tab[idx])) { level=0 level=1 level=2 level=0 _mmpt_insert (mmpt, base, len, prot, (tab_t*)tab[idx], level + 1, …); } else if( 2 < 2 && … … … ) { … … … Recursive call sequence } else { for(; 3 >= 4 && … … … ; … … … ) { • Non-termination is proved by analyzing the lasso Same … … … – same valuation of input parameters after the call cycle Parameters as } we started _mmpt_insert (mmpt, 0, 3, prot, TAB_ROOT , 0, …); } } Paths and Executions Outline: a: x = 0; x=0 b: while(x>=0){ c: x=x + 1; x=1 x=2 x=3 } • Search for lassos a: x = 0; x=0 • Prove a lasso is non-terminating through recurrent sets c: x=x + 1; x=1 c: x=x + 1; x=2 c: x=x + 1; x=3 Path = seq. of statements Execution = seq. of states

  4. Lassos What do infinite paths look like? Stem • Pair of paths: (stem, loop) • General paths: • Represents infinite periodic path: e.g. stmtA Loop a: stmtA stem(loop) ω stmtB 2 stmtC 3 stmtB 5 stmtC 7 … while( … ){ Stem a if( … ) a: x = 0; • Periodic paths or Lassos: x=0; x=0; b: stmtB b: while(x>=0){ e.g. stmtA stmtB stmtC stmtB stmtC b else c: x=x + 1; … c: stmtC } Loop assume(x>=0); assume(x>=0); x=x+1; } c c x=x+1; stmtA(stmtB stmtC) ω • Lasso = ( x=0; , assume(x>=0) ; x=x+1; ) • TNT only considers periodic paths TNT Algorithm Lasso Search • Find lassos by symbolic execution • Implementation similar to DART, CUTE, SAGE, … • Two-step algorithm: 1. Search for feasible lassos Stem • Uses symbolic execution … … a: while( … ){ • Quickly find candidates for non-termination b: while( … ){ … … Loo } 2. Check each lasso for non-termination p } • Uses SAT and constraint solving … • Precise reasoning on small program fragments Recurrent Sets Outline: • Proves non-termination using inductive argument • Set of states RecSet is recurrent for relation ρ (x, x’) if: • Lasso search – non-empty � – some successor RecSet � of each state is in RecSet • Recurrent set computation � Theorem: ρ (x, x’) is non-terminating iff there exists RecSet . 24

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

On the finitary infinite Ramseys theorem Florian Pelupessy Tohoku University CTFM,

On the finitary infinite Ramseys theorem Florian Pelupessy Tohoku University CTFM,

On the finitary infinite Ramseys theorem Florian Pelupessy Tohoku University CTFM, Tokyo, 8 September 2015 Overview: 1 Motivation 2 finitary Ramsey 3 Inserting the parameter in finitary Ramsey 4 Some logical strengths for

1.13k views • 26 slides
CLOSED SETS OF FINITARY FUNCTIONS BETWEEN FINITE FIELDS OF COPRIME ORDER. Stefano Fioravanti

CLOSED SETS OF FINITARY FUNCTIONS BETWEEN FINITE FIELDS OF COPRIME ORDER. Stefano Fioravanti

CLOSED SETS OF FINITARY FUNCTIONS BETWEEN FINITE FIELDS OF COPRIME ORDER. Stefano Fioravanti September 2019, YRAC2019 Institute for Algebra Austrian Science Fund FWF P29931 0/11 ( F p , F q ) -linear closed clonoids Definition Let p and q be

376 views • 34 slides
Modelling and Simulation examples that failed to meet regulator's expectations failed to meet

Modelling and Simulation examples that failed to meet regulator's expectations failed to meet

Modelling and Simulation examples that failed to meet regulator's expectations failed to meet regulator s expectations M Monica Edholm i Edh l Medical Products Agency An agency of the European Union Disclaimer The views expressed in this

356 views • 35 slides
A Finitary Analogue of the Downward L owenheim-Skolem Property Abhisekh Sankaran IMSc,

A Finitary Analogue of the Downward L owenheim-Skolem Property Abhisekh Sankaran IMSc,

A Finitary Analogue of the Downward L owenheim-Skolem Property Abhisekh Sankaran IMSc, Chennai Formal Methods Update Meet IIT Mandi July 18, 2017 Introduction The Downward L owenheim-Skolem theorem (DLS) is amongst the earliest

922 views • 79 slides
Finitary characterizations of sets of lower previsions Erik Quaeghebeur SYSTeMS Research Group

Finitary characterizations of sets of lower previsions Erik Quaeghebeur SYSTeMS Research Group

Finitary characterizations of sets of lower previsions Erik Quaeghebeur SYSTeMS Research Group Ghent University Belgium P on K is coherent iff h K h Ph max h K h h for all in R K with at most one strictly

905 views • 71 slides
Towards a Theory of Information Flow -Transducers in the Finitary Process Soup Dynamics

Towards a Theory of Information Flow -Transducers in the Finitary Process Soup Dynamics

Information Flow Spencer Mathews Towards a Theory of Information Flow -Transducers in the Finitary Process Soup Dynamics Single State Soup Evolution Channel Capacity Spencer Mathews Partitioning Metamachine Department of Computer

457 views • 29 slides
Isomorphism of Finitary Inductive Types Christian Sattler joint work (in progress) with Nicolai

Isomorphism of Finitary Inductive Types Christian Sattler joint work (in progress) with Nicolai

Isomorphism of Finitary Inductive Types Christian Sattler joint work (in progress) with Nicolai Kraus University of Nottingham May 2014 Motivating Example Generic data may be represented in a multitude of ways. Motivating Example Generic

593 views • 33 slides
Effective Feature Representation for Clinical Text Concept Extraction Yifeng Tao 1,2 , Bruno

Effective Feature Representation for Clinical Text Concept Extraction Yifeng Tao 1,2 , Bruno

Effective Feature Representation for Clinical Text Concept Extraction Yifeng Tao 1,2 , Bruno Godefroy 1 , Guillaume Genthial 1 , Christopher Potts 1,3,* 1 Roam Analytics 2 Carnegie Mellon University 3 Stanford University Yifeng Tao et al. NAACL

306 views • 17 slides
Comment Legal Knowledge and Skill Thoroughness and Preparation [5] Competent handling of a

Comment Legal Knowledge and Skill Thoroughness and Preparation [5] Competent handling of a

Talking Out the Side of You Neck ... Effective Communication for Effective Representation of Legal Clients Old Dominion Bar Association Annual Meeting and Conference ~ Virginia Beach, VA ~ May 31, 2013 Speaker: Helivi L. Holland, Esq ., City

313 views • 5 slides
How to avoid a failed Edward D. Churchill, 1931 parathyroidectomy Postgraduate Course in

How to avoid a failed Edward D. Churchill, 1931 parathyroidectomy Postgraduate Course in

5/18/2013 Avoiding failed parathyroidectomy the success of parathyroid surgery must lie in the ability of the surgeon to know a parathyroid gland when he sees it, to know the distribution of the knowledge glands,

241 views • 7 slides
X why we have failed 20 years ago 25 Massimo Massaia

X why we have failed 20 years ago 25 Massimo Massaia

Idiotypic vaccina0on: X why we have failed 20 years ago 25 Massimo Massaia SC Ematologia - AO S. Croce e Carle Cuneo, Italy Laboratorio di Immunologia dei Tumori del Sangue, CIRBM

579 views • 30 slides
Overview of the CASA Compact January 2019 The Bay Area faces a housing crisis because we have

Overview of the CASA Compact January 2019 The Bay Area faces a housing crisis because we have

Overview of the CASA Compact January 2019 The Bay Area faces a housing crisis because we have failed at three tasks: Failed to produce enough housing for residents of all income levels Failed to preserve existing affordable housing

208 views • 18 slides
Concepts for C++1y: The Challenge (Why C++0x Concepts failed and what to do about that) Bjarne

Concepts for C++1y: The Challenge (Why C++0x Concepts failed and what to do about that) Bjarne

Concepts for C++1y: The Challenge (Why C++0x Concepts failed and what to do about that) Bjarne Stroustrup Texas A&amp;M University http://www.research.att.com/~bs Abstract One of the major goals of the language part of C++0x is to provide

799 views • 38 slides
Effective Semantics for Engineering NLP Systems Andr Freitas Lancaster, May 2018 Goals of this

Effective Semantics for Engineering NLP Systems Andr Freitas Lancaster, May 2018 Goals of this

Effective Semantics for Engineering NLP Systems Andr Freitas Lancaster, May 2018 Goals of this Talk Provide a synthesis of the emerging representation trends behind NLP systems. Shift in perspective: Effective engineering (task driven,

1.4k views • 110 slides
General LTL Specification Mining Caroline Lemieux , Dennis Park and Ivan Beschastnikh University

General LTL Specification Mining Caroline Lemieux , Dennis Park and Ivan Beschastnikh University

login attempt auth failed login attempt guest login login attempt authorized Texada auth failed login attempt G( x XF y ) login attempt G( guest login XF authorized ) guest login authorized auth failed login attempt Authorized

1.11k views • 59 slides
A Failed Rift: A Comprehensive Seismic Investigation of the

A Failed Rift: A Comprehensive Seismic Investigation of the

A Failed Rift: A Comprehensive Seismic Investigation of the Mid-Continent Rift from USArry and SPREE Weisen Shen, Douglas Wiens, Ghassan Aleqabi, Michael Wysession Suzan

618 views • 38 slides
Class Structure Last time: Midterm! This time: Exploration and Exploitation Next time: Batch RL

Class Structure Last time: Midterm! This time: Exploration and Exploitation Next time: Batch RL

Lecture 11: Fast Reinforcement Learning 2 Emma Brunskill CS234 Reinforcement Learning. Winter 2018 2 With many slides from or derived from David Silver Lecture 11: Fast Reinforcement Learning 3 Emma Brunskill (CS234 Reinforcement Learning. )

887 views • 66 slides
Scheduling and routing problems at TNT Some solutions and some future research directions orensen

Scheduling and routing problems at TNT Some solutions and some future research directions orensen

Vehicle routing at TNT Algorithm Future research Scheduling and routing problems at TNT Some solutions and some future research directions orensen 1 J. Vandenbergh 1 D. Cattrysse 1 M. Sevaux 2 K. S 1 Centre for Industrial Management, KULeuven

187 views • 16 slides
Formal Theory, Informally Jonathan Worthington French Perl Workshop 2006 Formal Theory,

Formal Theory, Informally Jonathan Worthington French Perl Workshop 2006 Formal Theory,

Formal Theory, Informally Jonathan Worthington French Perl Workshop 2006 Formal Theory, Informally I need rat poison and beer to drink. Formal Theory, Informally I need [rat poison] and [beer to drink]. Formal Theory,

1.01k views • 85 slides
Tidying and exploring data Workshop 5 2 Objectives By doing this workshop and carrying out the

Tidying and exploring data Workshop 5 2 Objectives By doing this workshop and carrying out the

1 Tidying and exploring data Workshop 5 2 Objectives By doing this workshop and carrying out the independent study the successful student will be able to: - Explain what is meant by tidy data - Devise reproducible strategies to tidy

377 views • 12 slides
Rapid Computation of I-vector Longting XU 1,2 , Kong Aik LEE 1 , Haizhou Li 1 and Zhen Yang 2 1

Rapid Computation of I-vector Longting XU 1,2 , Kong Aik LEE 1 , Haizhou Li 1 and Zhen Yang 2 1

Rapid Computation of I-vector Longting XU 1,2 , Kong Aik LEE 1 , Haizhou Li 1 and Zhen Yang 2 1 Institute for Infocomm Research ( I 2 R ) , Singapore 2 Nanjing University of Posts and Telecomm, China Introduction Compression process an

253 views • 23 slides
Perlen der Informatik I Jan K ret nsk y Technische Universit at M unchen Winter

Perlen der Informatik I Jan K ret nsk y Technische Universit at M unchen Winter

Perlen der Informatik I Jan K ret nsk y Technische Universit at M unchen Winter 2020/2021 Overview 2/65 language: English/German voluntary course lecture on Tuesday, in the slot 10 a.m. 12 p.m.

1.2k views • 98 slides
RECURSIVE LEAST SQUARES ALGORITHM DEDICATED TO EARLY RECOGNITION OF EXPLOSIVE COMPOUNDS THANKS TO

RECURSIVE LEAST SQUARES ALGORITHM DEDICATED TO EARLY RECOGNITION OF EXPLOSIVE COMPOUNDS THANKS TO

RECURSIVE LEAST SQUARES ALGORITHM DEDICATED TO EARLY RECOGNITION OF EXPLOSIVE COMPOUNDS THANKS TO MULTI- TECHNOLOGY SENSORS Aurlien MAYOUE, Aurlie MARTIN, Guillaume LEBRUN and Anthony LARUE ICASSP 2013, VANCOUVER OUTLINE OVERVIEW

316 views • 14 slides
Bring = = - 1-1 Tz=TzT , /\ . Tz Tz T : : ' . , = = : /\

Bring = = - 1-1 Tz=TzT , /\ . Tz Tz T : : ' . , = = : /\

ID Bring = = - 1-1 Tz=TzT , /\ . Tz Tz T : : ' . , = = : /\ 11 Ty Ts Is % : . / o/\o T5=T4 .T} Tuft .Tz } 3 &gt; : /\ For n I 2=2 3-2=1 &quot; ' 9\ Ty Ts

619 views • 29 slides

More recommend