fair termination of
play

Fair Termination of Higher-Order Functional Programs Keiichi - PowerPoint PPT Presentation

Dec 25, 2023 •367 likes •923 views

Automatically Disproving Fair Termination of Higher-Order Functional Programs Keiichi Watanabe , Ryosuke Sato Takeshi Tsukada, Naoki Kobayashi The University of Tokyo September 20 th , 2016 ICFP 2016 at Nara 1 2 Our Goal Automated method for

  1. Automatically Disproving Fair Termination of Higher-Order Functional Programs Keiichi Watanabe , Ryosuke Sato Takeshi Tsukada, Naoki Kobayashi The University of Tokyo September 20 th , 2016 ICFP 2016 at Nara 1

  2. 2 Our Goal Automated method for disproving fair-termination of higher-order functional programs cf. Prove Fair-termination [Murase+ POPL16] includes LTL properties Verification of 𝝏 -regular properties can be reduced to that of fair-termination [Vardi APAL91]

  3. 3 Outline • Termination & Fair-Termination • Importance of Fair-Termination • Our Method • Implementation and Experiments • Related Work • Conclusion

  4. 4 Outline • Termination & Fair-Termination • Importance of Fair-Termination • Our Method • Implementation and Experiments • Related Work • Conclusion

  5. 5 Plain Termination Program 𝑄 is terminating ⇔ Every execution eventually terminates main main Terminating Not Terminating

  6. 6 Fair-Termination Program 𝑄 is fair-terminating ⇔ Every fair execution eventually terminates An example of fairness in this talk: If A occurs infinitely often, so does B Fair-Terminating Not Fair-Terminating

  7. 7 Outline • Termination & Fair-Termination • Importance of Fair-Termination • Our Method • Implementation and Experiments • Related Work • Conclusion

  8. 8 Termination assuming Randomness let rand_int () = * int Terminating, assuming let rec rand_pos () = randomness of * int let x = rand_int () in if 0 < x then x else rand_pos () let main = rand_pos ()

  9. 9 Termination assuming Randomness let rand_int () = * int Terminating, assuming let rec rand_pos () = randomness of * int let x = rand_int () in if 0 < x then x Q. else rand_pos () How to incorporate randomness with let main = rand_pos () termination verification?

  10. 10 Termination assuming Randomness let rand_int () = let r = * int in if 0 < r then ( event B; r) Insert event expressions else ( event A; r) let rec rand_pos () = let x = rand_int () in if 0 < x then x else rand_pos () let main = rand_pos ()

  11. 11 Termination assuming Randomness let rand_int () = If * int never returns a positive integer, let r = * int in execution is unfair if 0 < r then A → A → A → A →… ( event B; r) else ( event A; r) let rec rand_pos () = let x = rand_int () in if 0 < x then Termination assuming x else randomness rand_pos () → Fair-termination let main = rand_pos ()

  12. 12 Our Goal (Again) Automated method for disproving fair-termination of higher-order functional programs cf. Prove Fair-termination [Murase+ POPL16] includes LTL properties Verification of 𝝏 -regular properties can be reduced to that of fair-termination [Vardi APAL91]

  13. 13 Our Goal (Again) Automated method for disproving fair-termination of higher-order functional programs Proving the existence of fair infinite executions includes LTL properties Verification of 𝝏 -regular properties can be reduced to that of fair-termination [Vardi APAL91]

  14. 14 Outline • Termination & Fair-Termination • Importance of Fair-Termination • Our Method • Overview of Method • Step 1, Step 2, Step 3 • Properties of Our Method • Implementation and Experiments • Related Work • Conclusion

  15. 15 Overview of Method Fairness Functional Constraint Program Step 1: Reduction to Step 3: Predicates Predicate Higher-Order Model Checking Discovery Tree Tree Generating Automaton Program Counterexample Step 2 : Higher-Order reject Model Checking An extension of a method for accept disproving plain termination Fair infinite executions exist! [Kuwahara+ CAV15]

  16. 16 Overview of Method Computation Tree Fairness Functional Fair infinite Constraint Program paths exist Step 1: Reduction to Step 3: Predicates Predicate Higher-Order Model Checking Discovery Tree Tree Generating Automaton Program Counterexample Step 2 : Higher-Order reject Model Checking accept Fair infinite executions exist!

  17. 17 Overview of Method Computation Tree Fairness Functional Fair infinite Constraint Program paths exist Step 1: Reduction to Step 3: Predicates Predicate Higher-Order Model Checking Discovery Abstracted Tree Tree Tree Generating Automaton Program Counterexample Accepted by the automaton Step 2 : Higher-Order reject Model Checking accept Fair infinite executions exist!

  18. 18 Overview of Method Computation Tree Fairness Functional Fair infinite Constraint Program paths exist Step 1: Reduction to Step 3: Predicates Predicate Higher-Order Sufficient condition Model Checking Discovery Abstracted Tree Tree Tree Generating Automaton Program Counterexample Accepted by the automaton Step 2 : Higher-Order reject Model Checking accept Fair infinite executions exist!

  19. 19 Overview of Method Abstracted Tree Fairness Functional Constraint Program Decide whether the automaton Step 1: Reduction to Step 3: accepts the Predicates Predicate Higher-Order abstracted tree Model Checking Discovery Tree Tree Generating Automaton Program Counterexample Step 2 : Higher-Order reject Model Checking accept Fair infinite executions exist!

  20. 20 Overview of Method Refine abstraction by Fairness Functional Constraint using counterexamples Program Step 1: Reduction to Step 3: Predicates Predicate Higher-Order Model Checking Discovery Tree Tree Generating Automaton Program Counterexample Step 2 : Higher-Order reject Model Checking accept Fair infinite executions exist!

  21. 21 Overview of Method Fairness Functional Constraint Program Step 1: Reduction to Step 3: Predicates Predicate Higher-Order Model Checking Discovery Tree Tree Generating Automaton Program Counterexample Step 2 : Higher-Order reject Model Checking accept Fair infinite executions exist!

  22. 22 Overview of Method Computation Tree Fairness Functional Fair infinite Constraint Program paths exist Step 1: Reduction to Step 3: Predicates Predicate Higher-Order Sufficient condition Model Checking Discovery Abstracted Tree Tree Tree Generating Automaton Program Counterexample Accepted by the automaton Step 2 : Higher-Order reject Model Checking accept Fair infinite executions exist!

  23. 23 Two Branching Nodes in Abstracted Trees [Kuwahara+ CAV15] ∃ -node • Represents inherent non-determinism in programs • e.g. random integer, inputs • We should check if there exists a fair infinite branch ∀ -node • Represents non-determinism introduced by abstraction • We should check if every branch is fair and infinite

  24. 24 Two Branching Nodes in Abstracted Trees [Kuwahara+ CAV15] 𝑄 Abstract by 𝒚 = 𝟏, 𝟏 < 𝒛 𝐸 let f x = let y = x+1 in let f b x=0 = if 0 < y then if b x=0 then ∀ (B(g true)) event B; g y else else ∀ (B(g true), A(g false)) event A; g y in ∃ (f true, f false) in f * int Tree ( 𝐸 ) Computation tree of 𝑄 * ∃ x=0 ¬ (x=0) ・・・ ・・・ ∀ ∀ if if if if ¬ (0<y) 0<y 0<y B A B A A B B

  25. 25 ∃ - node: Inherent Non-Determinism 𝑄 Abstract by 𝒚 = 𝟏, 𝟏 < 𝒛 𝐸 let f x = let y = x+1 in let f b x=0 = if 0 < y then if b x=0 then ∀ (B(g true)) event B; g y else else ∀ (B(g true), A(g false)) event A; g y in ∃ (f true, f false) in f * int merged Tree ( 𝐸 ) Computation tree of 𝑄 ∃ x=-1 * x=0 ¬ (x=0) x=0 ・・・ ・・・ x=-2 x=1 ∀ ∀ if if if if ¬ (0<y) 0<y 0<y B A B A A B B

  26. 26 ∃ - node: Inherent Non-Determinism 𝑄 Abstract by 𝒚 = 𝟏, 𝟏 < 𝒛 𝐸 let f x = let y = x+1 in let f b x=0 = if 0 < y then if b x=0 then ∀ (B(g true)) event B; g y else else Check if either branch is ∀ (B(g true), A(g false)) event A; g y in ∃ (f true, f false) in f * int fair and infinite Tree ( 𝐸 ) Computation tree of 𝑄 ∃ x=-1 * x=0 ¬ (x=0) x=0 ・・・ ・・・ x=-2 x=1 ∀ ∀ if if if if ¬ (0<y) 0<y 0<y B A B A A B B

  27. 27 Non-Determinism ∀ - node: introduced by Abstraction 𝑄 Abstract by 𝒚 = 𝟏, 𝟏 < 𝒛 𝐸 let f x = let y = x+1 in let f b x=0 = if 0 < y then if b x=0 then ∀ (B(g true)) event B; g y else else ∀ (B(g true), A(g false)) event A; g y in ∃ (f true, f false) in f * int Tree ( 𝐸 ) Computation tree of 𝑄 * ∃ x=0 ¬ (x=0) ・・・ ・・・ else ∀ then ∀ if if if if ¬ (0<y) else 0<y then 0<y B A A B A B B

  28. 28 Non-Determinism ∀ - node: introduced by Abstraction 𝑄 Abstract by 𝒚 = 𝟏, 𝟏 < 𝒛 𝐸 let f x = let y = x+1 in let f b x=0 = if 0 < y then if b x=0 then ∀ (B(g true)) event B; g y else else ∀ (B(g true), A(g false)) event A; g y in ∃ (f true, f false) in f * int Check if both branches are Tree ( 𝐸 ) Computation tree of 𝑄 fair and infinite * ∃ x=0 ¬ (x=0) ・・・ ・・・ else ∀ then ∀ if if if if ¬ (0<y) else 0<y then 0<y B A A B A B B

  29. 29 Parity Tree Automaton 𝐵 𝐷 If Tree ( 𝐸 ) is accepted by 𝐵 𝐷 , 𝑄 is NOT fair-terminating Tree ( 𝐸 ) is accepted by 𝐵 𝐷 if ∃ • ∃ -node ¬ (x=0) x=0 Some branches have fair infinite paths ∀ ∀ ¬ (0<y) 0<y 0<y • ∀ -node A B B All branches have fair infinite paths

Recommend

Fair Termination for Parameterized Probabilistic Concurrent Systems (TACAS17) al 1 Anthony W.

Fair Termination for Parameterized Probabilistic Concurrent Systems (TACAS17) al 1 Anthony W.

Fair Termination for Parameterized Probabilistic Concurrent Systems (TACAS17) al 1 Anthony W. Lin 2 Ond rej Leng Rupak Majumdar 3 ummer 4 Philipp R 1 Brno University of Technology, Czech Republic 2 Department of Computer Science,

1.38k views • 119 slides
Structural counter abstraction Proving fair-termination of depth bounded systems Kshitij Bansal 1

Structural counter abstraction Proving fair-termination of depth bounded systems Kshitij Bansal 1

Structural counter abstraction Proving fair-termination of depth bounded systems Kshitij Bansal 1 with Eric Koskinen 1 , Thomas Wies 1 , Damien Zufferey 2 1 New York University 2 IST Austria March 18, 2013 TACAS, Rome, Italy Introduction

714 views • 32 slides
Types of Termination Mutual With Consent Termination Automatic Termination

Types of Termination Mutual With Consent Termination Automatic Termination

Types of Termination Mutual With Consent Termination Automatic Termination Termination Termination for Convenience Without Consent Frustration /Force Majeure Contractual Breach Breach Common Law Breach

444 views • 29 slides
. Needs effective (finitary) representation .. Failed Termination Proof vs. Non- TNT:

. Needs effective (finitary) representation .. Failed Termination Proof vs. Non- TNT:

Runtime Errors Proving Non-Termination Ashutosh K. Gupta Thomas A. Henzinger Rupak Majumdar MPI-SWS EPFL UCLA Andrey Rybalchenko Ru-Gang Xu MPI-SWS UCLA 2 Non-Termination Errors Proving Non-Termination Search for infinite

402 views • 6 slides
Termination Rate Debate in Africa Dr. Christoph Stork Termination = Monopoly Monopolies

Termination Rate Debate in Africa Dr. Christoph Stork Termination = Monopoly Monopolies

Termination Rate Debate in Africa Dr. Christoph Stork Termination = Monopoly Monopolies require price regulation Termination rates at cost of efficient operator Provide incentive to invest in new technologies to reduce costs Promote

605 views • 32 slides
THE COLLEGE FAIR What is a college fair? When should I attend a fair? Why should I go

THE COLLEGE FAIR What is a college fair? When should I attend a fair? Why should I go

StreamableU Presentation THE COLLEGE FAIR What is a college fair? When should I attend a fair? Why should I go to one? 1 2 COLLEGE FAIR DOS AND DONTS HOW TO FIND A COLLEGE FAIR DONT DO NACAC - https://www.nacacfairs.org/

551 views • 5 slides
Part 6: Termination Revisited So far: Termination as a subordinate task for entailment checking.

Part 6: Termination Revisited So far: Termination as a subordinate task for entailment checking.

Part 6: Termination Revisited So far: Termination as a subordinate task for entailment checking. TRS is generated by some saturation process; ordering must be chosen before the saturation starts. Now: Termination as a main task (e. g., for

384 views • 20 slides
Conflict Termination and Prevention September 3 - Class 9 Conflict Termination Over half of

Conflict Termination and Prevention September 3 - Class 9 Conflict Termination Over half of

Conflict Termination and Prevention September 3 - Class 9 Conflict Termination Over half of all conflicts end in military victory for one side. Those that are not require other means of settlement. Negotiated Settlements Both

612 views • 24 slides
CSC2/458 Parallel and Distributed Systems Termination Detection Sreepathi Pai April 12, 2018

CSC2/458 Parallel and Distributed Systems Termination Detection Sreepathi Pai April 12, 2018

CSC2/458 Parallel and Distributed Systems Termination Detection Sreepathi Pai April 12, 2018 URCS Outline Termination Detection Ring termination (Dijkstra et al.) Misras Algorithm Outline Termination Detection Ring termination

403 views • 24 slides
2 Dispute over salaries and bonuses 3 Termination of employment by the employee 4 Termination

2 Dispute over salaries and bonuses 3 Termination of employment by the employee 4 Termination

1 Some critical issues in employment dispute resolution 2 Dispute over salaries and bonuses 3 Termination of employment by the employee 4 Termination of employment by the employer 2 1.1. Compulsory pre-litigation mediation and short statute

468 views • 21 slides
Analysis using Configurable Software Verification Sebastian Ott Termination No infinite

Analysis using Configurable Software Verification Sebastian Ott Termination No infinite

Implementing Termination Analysis using Configurable Software Verification Sebastian Ott Termination No infinite execution Liveness property Important property of programs: partial correctness termination total

375 views • 15 slides
PERSONNEL ISSUES: DISCIPLINE AND TERMINATION Personnel Issues: Discipline and Termination

PERSONNEL ISSUES: DISCIPLINE AND TERMINATION Personnel Issues: Discipline and Termination

PERSONNEL ISSUES: DISCIPLINE AND TERMINATION Personnel Issues: Discipline and Termination EMPLOYMENT LIABILITIES I. The Litigious Workforce A. Employment related lawsuits, while once very rare, have become commonplace in our present society.

678 views • 8 slides
Automated Termination Analysis J urgen Giesl LuFG Informatik 2, RWTH Aachen University,

Automated Termination Analysis J urgen Giesl LuFG Informatik 2, RWTH Aachen University,

Automated Termination Analysis J urgen Giesl LuFG Informatik 2, RWTH Aachen University, Germany VTSA 12, Saarbr ucken, Germany Overview I. Termination of Term Rewriting 1 Termination of Term Rewrite Systems 2 Non-Termination of Term

1.93k views • 148 slides
Automated Termination Analysis J urgen Giesl LuFG Informatik 2, RWTH Aachen University,

Automated Termination Analysis J urgen Giesl LuFG Informatik 2, RWTH Aachen University,

Automated Termination Analysis J urgen Giesl LuFG Informatik 2, RWTH Aachen University, Germany VTSA 12, Saarbr ucken, Germany Overview I. Termination of Term Rewriting 1 Termination of Term Rewrite Systems 2 Non-Termination of Term

1.47k views • 133 slides
The Termination Competition Claude March e Hans Zantema Orsay, France Eindhoven, The

The Termination Competition Claude March e Hans Zantema Orsay, France Eindhoven, The

Termination Competition The Termination Competition Claude March e Hans Zantema Orsay, France Eindhoven, The Netherlands June 26th, 2007 Termination Competition Short history WST03, Valencia: initiated by Albert Rubio

476 views • 13 slides
CHART | ART FAIR 29. 31. AUGUST 2014 CHART | ART FAIR IS AN INNOVATIVE ART FAIR WITH A HIGH

CHART | ART FAIR 29. 31. AUGUST 2014 CHART | ART FAIR IS AN INNOVATIVE ART FAIR WITH A HIGH

C H A R T CHART | ART FAIR KUNSTHAL CHARLOTTENBORG IN COPENHAGEN third edition www.chartartfair.com CHART | ART FAIR 29. 31. AUGUST 2014 CHART | ART FAIR IS AN INNOVATIVE ART FAIR WITH A HIGH QUALITY ART EXPERIENCE AS ITS MAIN FOCUS.

114 views • 8 slides
Termination Impossibility of any infinite sequence G 0 R G 1 R G 2 R . . . given a

Termination Impossibility of any infinite sequence G 0 R G 1 R G 2 R . . . given a

Modular Termination of Graph Transformation 1 Detlef Plump University of York, UK 1 In Graph Transformation, Specifications, and Nets: In Memory of Hartmut Ehrig . LNCS 10800, Springer, 2018 Termination Impossibility of any infinite sequence

215 views • 17 slides
Termination Dr. Liam OConnor University of Edinburgh LFCS (and UNSW) Term 2 2020 1

Termination Dr. Liam OConnor University of Edinburgh LFCS (and UNSW) Term 2 2020 1

Termination Deadlock Termination Dr. Liam OConnor University of Edinburgh LFCS (and UNSW) Term 2 2020 1 Termination Deadlock Where we are at In the last lecture, we introduced message passing and discuss simple non-compositional proof

1.11k views • 57 slides
SMT Techniques and Solvers in Automated Termination Analysis Carsten Fuhs Birkbeck, University

SMT Techniques and Solvers in Automated Termination Analysis Carsten Fuhs Birkbeck, University

SMT Techniques and Solvers in Automated Termination Analysis Carsten Fuhs Birkbeck, University of London 2 nd July 2016 14 th Workshop on SAT Modulo Theories (SMT) Coimbra, Portugal Why analyze termination? 2/25 Why analyze termination? 1

1.83k views • 113 slides
Termination Dr. Liam OConnor University of Edinburgh LFCS (and UNSW) Term 2 2020 1

Termination Dr. Liam OConnor University of Edinburgh LFCS (and UNSW) Term 2 2020 1

Termination Deadlock Termination Dr. Liam OConnor University of Edinburgh LFCS (and UNSW) Term 2 2020 1 Termination Deadlock Where we are at In the last lecture, we introduced message passing and discuss simple non-compositional proof

842 views • 34 slides
SENDING AND FORGETTING: TERMINATION OF AMNESIAC FLOODING ON A GRAPH* WALTER HUSSAK AND AMITABH

SENDING AND FORGETTING: TERMINATION OF AMNESIAC FLOODING ON A GRAPH* WALTER HUSSAK AND AMITABH

SENDING AND FORGETTING: TERMINATION OF AMNESIAC FLOODING ON A GRAPH* WALTER HUSSAK AND AMITABH TREHAN LOUGHBOROUGH UNIVERSITY On the Termination of Flooding. STACS 2020 * * On Termination of a Flooding Process (Brief Announcement). PODC 2019

542 views • 38 slides
Termination in a -calculus with Subtyping Ioana Cristescu Daniel Hirschkoff ENS Lyon Express

Termination in a -calculus with Subtyping Ioana Cristescu Daniel Hirschkoff ENS Lyon Express

Termination in a -calculus with Subtyping Ioana Cristescu Daniel Hirschkoff ENS Lyon Express 2011, 5 September 2011 Type systems for termination in -calculus Termination in a concurrent setting eventual access to shared resources

513 views • 19 slides
The Councils for Fair Tax Declaration Mary Patel, The Fair Tax Mark About the Fair Tax Mark

The Councils for Fair Tax Declaration Mary Patel, The Fair Tax Mark About the Fair Tax Mark

The Councils for Fair Tax Declaration Mary Patel, The Fair Tax Mark About the Fair Tax Mark Launched February 2014 Established as a not-for-profit social enterprise Tax UK publics number 1 corporate concern since 2013

218 views • 9 slides
Fair Testing - O Wings We are learning to carry out a fair test. What is a fair test? Fair

Fair Testing - O Wings We are learning to carry out a fair test. What is a fair test? Fair

Fair Testing - O Wings We are learning to carry out a fair test. What is a fair test? Fair testing... A fair test is a test which controls all but one variable when attempting to answer a scientific question. Only changing one variable allows

420 views • 13 slides

More recommend