termination analysis of a subset of coreml
play

Termination Analysis of a subset of CoreML William Blum - PowerPoint PPT Presentation

Oct 28, 2022 •327 likes •501 views

Outline Termination Analysis of a subset of CoreML William Blum william.blum@comlab.ox.ac.uk Oxford University Computing Laboratory BCTCS Nottingham W. Blum Termination Analysis of a subset of CoreML Outline Outline Size-change Principle

  1. Outline Termination Analysis of a subset of CoreML William Blum william.blum@comlab.ox.ac.uk Oxford University Computing Laboratory BCTCS Nottingham W. Blum Termination Analysis of a subset of CoreML

  2. Outline Outline Size-change Principle for first-order programs 1 An extension for a subset of Core ML 2 W. Blum Termination Analysis of a subset of CoreML

  3. Size-change Principle for first-order programs An extension for a subset of Core ML Summary First order programs Untyped functional language recursion, Example if-then-else, primitive operators, single data type f(x) = gcd(x,18) gcd(x,y) = Call-by-value evaluation semantics : if y == 0 then x → → else gcd(y, x mod y) E [ [ f ] ] x = v f evaluates to v on input x , → → E [ [ f ] ] x = ⊥ f does not terminate on input x . f , 4 → gcd , ( 4 , 18 ) → Exact call semantics : a computation is gcd , ( 18 , 2 ) → described by a state transition sequence. gcd , ( 2 , 2 ) → gcd , ( 2 , 0 ) Finite approximation of the call semantics: the control flow graph. gcd f W. Blum Termination Analysis of a subset of CoreML

  4. Size-change Principle for first-order programs An extension for a subset of Core ML Summary Termination Characterization of termination P terminates on all input values ⇐ ⇒ Infinite state transition sequences are invalid computations. What is an invalid computation? For instance: a computation in which some positive integer variable decreases infinitely... The Size-Change Principle proves that for any computation corresponding to an infinite path in the control flow, the value of some well-founded variable decreases infinitely. W. Blum Termination Analysis of a subset of CoreML

  5. � � � � Size-change Principle for first-order programs An extension for a subset of Core ML Summary Size-change graphs (SCG) Definition : A SCG describes a program call. It consists of a source set of vertices, a target set of vertices and a set of labeled arcs. � � = � x x The SCG describes the call from f to gcd . y ↓ → arcs denote decreases in parameter value, = Safety: → arcs denote non increase in parameter value. Example : consider the call “ gcd ( y ) ”: , x mod y ���� � �� � x y         = x x x x � x x x x � � � � � = = = � � � � � �         � � � � � � � � � ↓ = ↓ � � y y y y � y y y y Only one of these SCG is not safe for this call. W. Blum Termination Analysis of a subset of CoreML

  6. � � � � � Size-change Principle for first-order programs An extension for a subset of Core ML Summary Composition of size-change graphs G 1 G 2 G 1 ; G 2 If f − → g and g − → h then f − → h G 1 G 2 G 1 ; G 2 � �� � � �� � ↓ ↓ � u = a x ≡ a u � � � � � � � � � = = = � � � � � � � � � � � � � ↓ � v y v If G is a set of size-change graphs then G denotes the composition closure of G . W. Blum Termination Analysis of a subset of CoreML

  7. � � Size-change Principle for first-order programs An extension for a subset of Core ML Summary Size-change termination (SCT) Definition Consider G a set of size-change graphs. A program P is G -SCT if G safely describes P (for every reachable call c there is a corresponding SCG G c ∈ G ) for all infinite computation cs = � c 0 c 1 . . . � , any sequence of size-change graphs G c 0 G c 1 . . . (describing safely the calls of cs ) has an infinite descending thread. = � . . . x u u x � � ↓ � � = � � � � � � � � � � y y . . . v v We assume that data-types are well-founded. Theorem If P is G -SCT then P terminates for all input values W. Blum Termination Analysis of a subset of CoreML

  8. Size-change Principle for first-order programs An extension for a subset of Core ML Summary Deciding Size-Change Termination G -SCT characterization [Jones et al. 2001] P is not G -SCT ⇐ ⇒ � � G ; G = G ∃ f G → f ∈ G such that ↓ ∀ x ∈ gb ( f ) : x → x �∈ G Hence G -SCT is decidable. And it is PSPACE-complete (see [1]) W. Blum Termination Analysis of a subset of CoreML

  9. Size-change Principle for first-order programs An extension for a subset of Core ML Summary The language L ml Grammar: value identifiers e ::= x, f boolean constants | true | false conditional | if e then e else e integer constants (n ∈ N ) | n integer equality | e = e successor and predecessor | succ e | pred e function abstraction | fun (x:ty) -> e recursively defined function | fun f=(x:ty) -> e function application | e e local variable definition | let x = e in e A program is a single closed expression. Data types: ground values + higher-order functions. W. Blum Termination Analysis of a subset of CoreML

  10. Size-change Principle for first-order programs An extension for a subset of Core ML Summary Semantics of L ml (environment based) Canonical expressions : N ∪ B ∪ { e | e is an abstraction } State = { e : ρ | e ∈ subexp ( P ) , ρ ∈ Env , fv ( e ) ⊆ dom ( ρ ) } = { e : ρ ∈ State | e canonical } Value Env = { ρ : X → Value | X finite set of variables } Let s ∈ State , v ∈ Value and ρ ∈ Env Call-by-value evaluation semantics “ s ⇓ v ” v : ρ ⇓ v : ρ ( v canonical ) e : ρ ⇓ 0 Run-time errors “ s ⊘ ” (ErrOp1) pred e : ρ ⊘ Call semantics “ s → s ′ ” (CallG) e 1 : ρ ⇓ fun (x:ty)->e 0 : ρ 0 e 2 : ρ ⇓ v 2 e 1 e 2 : ρ → c e 0 : ρ 0 [ x �→ v 2 ] W. Blum Termination Analysis of a subset of CoreML

  11. Size-change Principle for first-order programs An extension for a subset of Core ML Summary Graph generation Two SCG generated per call: G + describing higher-order values and G 0 for ground type values. The free variables of an expression correspond to the input parameters in the first-order case. We define well-founded notions of size for higher-order and ground type expressions. We extend the semantic rules to generate safe SCG: (ValueG) v ⇓ v , id = ( v = e : ρ in canonical form ) e | id = e (CallG) e 1 : ρ ⇓ fun (x:ty)->e 0 : ρ 0 , G 1 | G + e 2 : ρ ⇓ v 2 , G 2 | G + 1 2 c e 0 : ρ 0 [ x �→ v 2 ] , CallGr 0 x ( G 1 , G 2 ) | CallGr + x ( G + 1 , G + e 1 e 2 : ρ → 2 ) W. Blum Termination Analysis of a subset of CoreML

  12. Size-change Principle for first-order programs An extension for a subset of Core ML Summary Finite approximation of the call semantics We need a “control flow graph” for ML programs Solution: drop the ρ components of the states abstract integers by a single symbol “ ? int ”. We obtain a finite abstraction of the computation. The set of vertices of the control flow graph (i.e control points) is: P = subexp ( P ) ∪ { ? int } W. Blum Termination Analysis of a subset of CoreML

  13. Size-change Principle for first-order programs An extension for a subset of Core ML Summary The size-change principle What do we have: Termination characterized by infinite call sequences Well-founded order on the data values Finite approximation of call semantics We can compute two safe sets of size-change graphs describing the calls (by applying the semantic rules exhaustively). Hence the SCP can be applied! (twice) W. Blum Termination Analysis of a subset of CoreML

  14. Size-change Principle for first-order programs An extension for a subset of Core ML Summary Results Counter example let rec counter x = if x = 0 then counter (succ x) else 1 in counter 7;; is terminating but not SCT. Ackerman’s function: SCT relatively to ground-type values. Function computing the minimum of two numbers: is SCT if we use the native representation of integers provided by L ml , is not SCT if we use Church numeral to encode integers. W. Blum Termination Analysis of a subset of CoreML

  15. Size-change Principle for first-order programs An extension for a subset of Core ML Bibliography Summary Conclusion The Size-Change Principle from Neil D. Jones et al. based on a finite approximation of the call semantics, and a safe description of the calls. Extension to a higher-order functional language detects decrease on ground-type values as well as higher-order values allows local definition let handles recursion natively (no need to define a Y combinator) handles numbers natively Further direction sequential composition, storage location and references, tuples list, user defined structures, for and while loop structures. W. Blum Termination Analysis of a subset of CoreML

  16. Size-change Principle for first-order programs An extension for a subset of Core ML Bibliography Summary Bibliography Chin Soon Lee, Neil D. Jones, and Amir Ben-Amram. The Size-Change Principle for Program Termination. Principles of Programming Languages , pp. 81-92. Volume 28 of Principles of Programming Languages. ACM press 2001 Neil D. Jones and Nina Bohr Termination Analysis of the Untyped λ -Calculus. Rewriting Techniques and Applications. ,Proceedings (V van Oostrom, ed.), pp. 1-23. Volume 3091 of LNCS. Springer-Verlag 2004. Andrew M. Pitts Operational Semantics and Program Equivalence. Applied Semantics. , pp. 378-412. Volume 2395 of LNCS. Springer-Verlag 2002 W. Blum Termination Analysis of a subset of CoreML

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

W4231: Analysis of Algorithms Subset Sum The Subset Sum problem is defined as follows: 11/30/99

W4231: Analysis of Algorithms Subset Sum The Subset Sum problem is defined as follows: 11/30/99

W4231: Analysis of Algorithms Subset Sum The Subset Sum problem is defined as follows: 11/30/99 Given a sequence of integers a 1 , . . . , a n and a parameter k , NP-completeness of Subset Sum, Partition, Minimum Bin Packing. Decide

214 views • 3 slides
Analysis using Configurable Software Verification Sebastian Ott Termination No infinite

Analysis using Configurable Software Verification Sebastian Ott Termination No infinite

Implementing Termination Analysis using Configurable Software Verification Sebastian Ott Termination No infinite execution Liveness property Important property of programs: partial correctness termination total

375 views • 15 slides
Automated Termination Analysis J urgen Giesl LuFG Informatik 2, RWTH Aachen University,

Automated Termination Analysis J urgen Giesl LuFG Informatik 2, RWTH Aachen University,

Automated Termination Analysis J urgen Giesl LuFG Informatik 2, RWTH Aachen University, Germany VTSA 12, Saarbr ucken, Germany Overview I. Termination of Term Rewriting 1 Termination of Term Rewrite Systems 2 Non-Termination of Term

1.47k views • 133 slides
Automated Termination Analysis J urgen Giesl LuFG Informatik 2, RWTH Aachen University,

Automated Termination Analysis J urgen Giesl LuFG Informatik 2, RWTH Aachen University,

Automated Termination Analysis J urgen Giesl LuFG Informatik 2, RWTH Aachen University, Germany VTSA 12, Saarbr ucken, Germany Overview I. Termination of Term Rewriting 1 Termination of Term Rewrite Systems 2 Non-Termination of Term

1.93k views • 148 slides
SMT Techniques and Solvers in Automated Termination Analysis Carsten Fuhs Birkbeck, University

SMT Techniques and Solvers in Automated Termination Analysis Carsten Fuhs Birkbeck, University

SMT Techniques and Solvers in Automated Termination Analysis Carsten Fuhs Birkbeck, University of London 2 nd July 2016 14 th Workshop on SAT Modulo Theories (SMT) Coimbra, Portugal Why analyze termination? 2/25 Why analyze termination? 1

1.83k views • 113 slides
Types of Termination Mutual With Consent Termination Automatic Termination

Types of Termination Mutual With Consent Termination Automatic Termination

Types of Termination Mutual With Consent Termination Automatic Termination Termination Termination for Convenience Without Consent Frustration /Force Majeure Contractual Breach Breach Common Law Breach

444 views • 29 slides
. Needs effective (finitary) representation .. Failed Termination Proof vs. Non- TNT:

. Needs effective (finitary) representation .. Failed Termination Proof vs. Non- TNT:

Runtime Errors Proving Non-Termination Ashutosh K. Gupta Thomas A. Henzinger Rupak Majumdar MPI-SWS EPFL UCLA Andrey Rybalchenko Ru-Gang Xu MPI-SWS UCLA 2 Non-Termination Errors Proving Non-Termination Search for infinite

402 views • 6 slides
Theorem 7.56 SUBSET-SUM is NP Complete ANSHUMAN MOHANTY SUBSET-SUM Problem Consider a set of

Theorem 7.56 SUBSET-SUM is NP Complete ANSHUMAN MOHANTY SUBSET-SUM Problem Consider a set of

Theorem 7.56 SUBSET-SUM is NP Complete ANSHUMAN MOHANTY SUBSET-SUM Problem Consider a set of numbers S. and a target number t. We have to determine of the exists a subset of S such that the summation of the numbers present in the subset is

353 views • 11 slides
Termination Rate Debate in Africa Dr. Christoph Stork Termination = Monopoly Monopolies

Termination Rate Debate in Africa Dr. Christoph Stork Termination = Monopoly Monopolies

Termination Rate Debate in Africa Dr. Christoph Stork Termination = Monopoly Monopolies require price regulation Termination rates at cost of efficient operator Provide incentive to invest in new technologies to reduce costs Promote

605 views • 32 slides
Quantum algorithms Subset-sum example: for the subset-sum problem Is there a subsequence of (499

Quantum algorithms Subset-sum example: for the subset-sum problem Is there a subsequence of (499

Quantum algorithms Subset-sum example: for the subset-sum problem Is there a subsequence of (499 852 1927 2535 3596 3608 D. J. Bernstein 4688 5989 6385 7353 7650 9413) University of Illinois at

2.02k views • 163 slides
Approximation Algorithms Subset Sum III Instance : X = { x 1 , . . . , x n } n integer

Approximation Algorithms Subset Sum III Instance : X = { x 1 , . . . , x n } n integer

NEW CS 473: Theory II, Fall 2015 Subset Sum Approximation Algorithms Subset Sum III Instance : X = { x 1 , . . . , x n } n integer positive num- bers, t - target number Question: subset of X s.t. sum of its elements is t ? Lecture 10

200 views • 8 slides
Proving Termination of Imperative Programs using Max-SMT Daniel Larraz, Albert Oliveras, Enric

Proving Termination of Imperative Programs using Max-SMT Daniel Larraz, Albert Oliveras, Enric

Introduction SMT/Max-SMT solving Invariant generation Termination analysis Further work Proving Termination of Imperative Programs using Max-SMT Daniel Larraz, Albert Oliveras, Enric Rodr guez-Carbonell and Albert Rubio Universitat

1.18k views • 73 slides
More Recursion Summary Topics: more recursion Subset sum: finding if a subset of an

More Recursion Summary Topics: more recursion Subset sum: finding if a subset of an

csci 210: Data Structures More Recursion Summary Topics: more recursion Subset sum: finding if a subset of an array that sum up to a given target Permute: finding all permutations of a given string Subset: finding all

436 views • 15 slides
Better termination proving through cooperation Marc Brockschmidt 1 Byron Cook 2 , 3 Carsten Fuhs 3

Better termination proving through cooperation Marc Brockschmidt 1 Byron Cook 2 , 3 Carsten Fuhs 3

Better termination proving through cooperation Marc Brockschmidt 1 Byron Cook 2 , 3 Carsten Fuhs 3 1 RWTH Aachen University 2 Microsoft Research Cambridge 3 University College London Deduktionstreffen 2013 Termination Analysis: Invariants and Rank

538 views • 37 slides
to to Termination Analysis in in Lin inear Tim ime Roman Manevich Ben-Gurion University of

to to Termination Analysis in in Lin inear Tim ime Roman Manevich Ben-Gurion University of

From Shape Analysis to to Termination Analysis in in Lin inear Tim ime Roman Manevich Ben-Gurion University of the Negev Noam Rinetzky Tel Aviv University Boris Dogadov Tel Aviv University UPGRADE YOUR SHAPE ANALYSIS 2 UPGRADE YOUR

879 views • 69 slides
Part 6: Termination Revisited So far: Termination as a subordinate task for entailment checking.

Part 6: Termination Revisited So far: Termination as a subordinate task for entailment checking.

Part 6: Termination Revisited So far: Termination as a subordinate task for entailment checking. TRS is generated by some saturation process; ordering must be chosen before the saturation starts. Now: Termination as a main task (e. g., for

384 views • 20 slides
Unification Modulo Observational Equivalence over simply-typed -terms in call-by-value semantics

Unification Modulo Observational Equivalence over simply-typed -terms in call-by-value semantics

Higher Order Unification Unification Modulo Observational Equivalence Solution Unification Modulo Observational Equivalence over simply-typed -terms in call-by-value semantics St ephane Gimenez, Joe Wells 18/08/04 St ephane Gimenez,

656 views • 50 slides
No solvable lambda-value term left behind erez and Pablo Nogueira Alvaro Garc a P

No solvable lambda-value term left behind erez and Pablo Nogueira Alvaro Garc a P

No solvable lambda-value term left behind erez and Pablo Nogueira Alvaro Garc a P Reykjavik University IMDEA Software Institute ICE-TCS Theory Week, May 27th 2016 1 / 13 Computable functions and pure lambda calculus f N N f = {

939 views • 66 slides
Probabilistic Applicative Bisimulation and Call-by-Value Lambda Calculi Joint work with Ugo Dal

Probabilistic Applicative Bisimulation and Call-by-Value Lambda Calculi Joint work with Ugo Dal

Bisimulation Context Equivalence vs. Bisimulation Conclusions Probabilistic Applicative Bisimulation and Call-by-Value Lambda Calculi Joint work with Ugo Dal Lago Raphalle Crubill ENS Lyon February 9, 2014 Raphalle Crubill

875 views • 76 slides
C++ Memory Pointers and joy! January 07, 2019 Cinda Heeren / Will Evans / Geoffrey Tien 1

C++ Memory Pointers and joy! January 07, 2019 Cinda Heeren / Will Evans / Geoffrey Tien 1

C++ Memory Pointers and joy! January 07, 2019 Cinda Heeren / Will Evans / Geoffrey Tien 1 Announcements HW1 corrections please check pinned Piazza post Gradescope registrations will start today check your ugrad e-mail for

562 views • 20 slides
Supporting Procedure Call Supporting Procedure Call Procedures (or functions) are a crucial

Supporting Procedure Call Supporting Procedure Call Procedures (or functions) are a crucial

Supporting Procedure Call Supporting Procedure Call Procedures (or functions) are a crucial program structuring mechanism. To support procedures we need to define a calling convention: a sequence of steps followed by the calling procedure

274 views • 5 slides
CPSC 213 Concurrent Programming with Threads 2ed: 12.3 1ed: 13.3 Introduction to

CPSC 213 Concurrent Programming with Threads 2ed: 12.3 1ed: 13.3 Introduction to

Reading Text CPSC 213 Concurrent Programming with Threads 2ed: 12.3 1ed: 13.3 Introduction to Computer Systems Unit 2b Threads 1 2 The Virtual Processor Illusion of Synchrony Originated with Edsger Dijkstra in the THE

378 views • 9 slides
Compilers Code Generation II Alex Aiken Code Generation II A language with integers and integer

Compilers Code Generation II Alex Aiken Code Generation II A language with integers and integer

Compilers Code Generation II Alex Aiken Code Generation II A language with integers and integer operations P D; P | D D def id(ARGS) = E; ARGS id, ARGS | id E int | id | if E 1 = E 2 then E 3 else E 4 | E 1 + E 2 | E 1 E 2

426 views • 15 slides
Communication Middleware Software Layers 1.1 A distributed system organized as middleware. Note

Communication Middleware Software Layers 1.1 A distributed system organized as middleware. Note

Communication Middleware Software Layers 1.1 A distributed system organized as middleware. Note that the middleware layer extends over multiple machines. 2 Communication Alternatives Raw message passing TCP/IP: reliable byte stream

875 views • 26 slides

More recommend