needs effective finitary representation failed
play

. Needs effective (finitary) representation .. Failed Termination - PDF document

Oct 12, 2022 •331 likes •402 views

Runtime Errors Proving Non-Termination Ashutosh K. Gupta Thomas A. Henzinger Rupak Majumdar MPI-SWS EPFL UCLA Andrey Rybalchenko Ru-Gang Xu MPI-SWS UCLA 2 Non-Termination Errors Proving Non-Termination Search for infinite

  1. Runtime Errors Proving Non-Termination Ashutosh K. Gupta Thomas A. Henzinger Rupak Majumdar MPI-SWS EPFL UCLA Andrey Rybalchenko Ru-Gang Xu MPI-SWS UCLA 2 Non-Termination Errors Proving Non-Termination • Search for infinite executions …. • Needs effective (finitary) representation .. Failed Termination Proof vs. Non- TNT: Testing Non-Termination Termination • Successful termination provers: Tool for proving non-termination PolyRank, Terminator, ACL2, TerminWeb, AProVE, … • Inherently incomplete algorithms Input leading to C program • Failed termination proof ≠ non-termination TNT non-termination Don’t know Proved Proved Non- Proved Non- Terminating Terminating Terminating Terminating Non-Terminating Terminating Non-Terminating

  2. Outline Example: Non-termination Error • Input to TNT: – Mondriaan memory protection system • Example: • (early version courtesy: E. Witchel) – Uses recursion for basic operation – Non-termination error in a memory protection system – Termination required • TNT algorithm: • Output by TNT: – Lasso search – non-termination bug (now fixed) in _mmpt_insert procedure: – Recurrent set computation cyclic sequences of calls to _mmpt_insert ( … , 0, 3, … …, TAB_ROOT , 0, … ) Non-Termination in _mmpt_insert Non-Termination in _mmpt_insert (first call) void _mmpt_insert (struct* mmpt, base, len, prot, tab_t* tab, level, … ) { void _mmpt_insert (struct* mmpt, 0, 3, prot, TAB_ROOT , 0, … ) { if(len == 0) return; // Exit condition if(len == 0) return; // Exit condition int idx = make_idx(mmpt, base, level); int idx = make_idx(mmpt, base, level); if(level < 2 && … … … && len >= tab_len(mmpt, level + 1)) { if(level < 2 && … … … && len >= tab_len(mmpt, level + 1)) { … … … … … … } else if(level < 2 && tab[idx] && !uentry_is_data(mmpt, tab[idx])) { } else if(level < 2 && tab[idx] && !uentry_is_data(mmpt, tab[idx])) { _mmpt_insert (mmpt, base, len, prot, (tab_t*)tab[idx], level + 1, …); _mmpt_insert (mmpt, base, len, prot, (tab_t*)tab[idx], level + 1, …); } else if(level < 2 && … … … ) { } else if(level < 2 && … … … ) { … … … … … … } else { } else { for(; len >= subblock_len(mmpt, level) && … … … ; … … … ) { for(; len >= subblock_len(mmpt, level) && … … … ; … … … ) { … … … … … … } } _mmpt_insert (mmpt, base, len, prot, mmpt->tab, 0, …); _mmpt_insert (mmpt, base, len, prot, mmpt->tab, 0, …); } } } } Non-Termination in _mmpt_insert Non-Termination in _mmpt_insert (first call) (second call) void _mmpt_insert (struct* mmpt, 0, 3, prot, TAB_ROOT , 0, … ) { void _mmpt_insert (struct* mmpt, 0, 3, prot, TAB_MID , 1, … ) { if( 3 == 0) return; // Exit condition if(len == 0) return; // Exit condition int 0 = make_idx(mmpt, 0, 0); int idx = make_idx(mmpt, base, level); if( 0 < 2 && … … … && 3 >= 4MB ) { if(level < 2 && … … … && len >= tab_len(mmpt, level + 1)) { … … … … … … } else if( 0 < 2 && tab[ 0 ] && !uentry_is_data(mmpt, tab[ 0 ])) { } else if(level < 2 && tab[idx] && !uentry_is_data(mmpt, tab[idx])) { _mmpt_insert (mmpt, 0, 3, prot, (tab_t*)tab[ 0 ], 0 + 1, …); _mmpt_insert (mmpt, base, len, prot, (tab_t*)tab[idx], level + 1, …); } else if(level < 2 && … … … ) { } else if(level < 2 && … … … ) { … … … … … … } else { } else { for(; len >= subblock_len(mmpt, level) && … … … ; … … … ) { for(; len >= subblock_len(mmpt, level) && … … … ; … … … ) { … … … … … … } } _mmpt_insert (mmpt, base, len, prot, mmpt->tab, 0, …); _mmpt_insert (mmpt, base, len, prot, mmpt->tab, 0, …); } } } }

  3. Non-Termination in _mmpt_insert Non-Termination in _mmpt_insert (second call) (third call) void _mmpt_insert (struct* mmpt, 0, 3, prot, TAB_MID , 1, … ) { void _mmpt_insert (struct* mmpt, 0, 3, prot, TAB_LEAF , 2, … ) { if( 3 == 0) return; // Exit condition if(len == 0) return; // Exit condition int 0 = make_idx(mmpt, 0, 1); int idx = make_idx(mmpt, base, level); if( 1 < 2 && … … … && 3 >= 4KB ) { if( level < 2 && … … … && len >= tab_len(mmpt, level + 1)) { … … … … … … } else if( 1 < 2 && tab[ 0 ] && !uentry_is_data(mmpt, tab[ 0 ])) { } else if( level < 2 && tab[idx] && !uentry_is_data(mmpt, tab[idx])) { _mmpt_insert (mmpt, 0, 3, prot, (tab_t*)tab[ 0 ], 1 + 1, …); _mmpt_insert (mmpt, base, len, prot, (tab_t*)tab[idx], level + 1, …); } else if(level < 2 && … … … ) { } else if( level < 2 && … … … ) { … … … … … … } else { } else { for(; len >= subblock_len(mmpt, level) && … … … ; … … … ) { for(; len >= subblock_len(mmpt, level) && … … … ; … … … ) { … … … … … … } } _mmpt_insert (mmpt, base, len, prot, mmpt->tab, 0, …); _mmpt_insert (mmpt, base, len, prot, mmpt->tab, 0, …); } } } } Non-Termination in _mmpt_insert What does TNT do? (third call) void _mmpt_insert (struct* mmpt, 0, 3, prot, TAB_LEAF , 2, … ) { if( 3 == 0) return; // Exit condition • TNT finds a cyclic sequence of calls to _mmpt_insert int 0 = make_idx(mmpt, 0, 2); if( 2 < 2 && … … … && 3 >= tab_len(mmpt, 2 + 1)) { • The sequence is lasso – shaped … … … } else if( 2 < 2 && tab[idx] && !uentry_is_data(mmpt, tab[idx])) { level=0 level=1 level=2 level=0 _mmpt_insert (mmpt, base, len, prot, (tab_t*)tab[idx], level + 1, …); } else if( 2 < 2 && … … … ) { … … … Recursive call sequence } else { for(; 3 >= 4 && … … … ; … … … ) { • Non-termination is proved by analyzing the lasso Same … … … – same valuation of input parameters after the call cycle Parameters as } we started _mmpt_insert (mmpt, 0, 3, prot, TAB_ROOT , 0, …); } } Paths and Executions Outline: a: x = 0; x=0 b: while(x>=0){ c: x=x + 1; x=1 x=2 x=3 } • Search for lassos a: x = 0; x=0 • Prove a lasso is non-terminating through recurrent sets c: x=x + 1; x=1 c: x=x + 1; x=2 c: x=x + 1; x=3 Path = seq. of statements Execution = seq. of states

  4. Lassos What do infinite paths look like? Stem • Pair of paths: (stem, loop) • General paths: • Represents infinite periodic path: e.g. stmtA Loop a: stmtA stem(loop) ω stmtB 2 stmtC 3 stmtB 5 stmtC 7 … while( … ){ Stem a if( … ) a: x = 0; • Periodic paths or Lassos: x=0; x=0; b: stmtB b: while(x>=0){ e.g. stmtA stmtB stmtC stmtB stmtC b else c: x=x + 1; … c: stmtC } Loop assume(x>=0); assume(x>=0); x=x+1; } c c x=x+1; stmtA(stmtB stmtC) ω • Lasso = ( x=0; , assume(x>=0) ; x=x+1; ) • TNT only considers periodic paths TNT Algorithm Lasso Search • Find lassos by symbolic execution • Implementation similar to DART, CUTE, SAGE, … • Two-step algorithm: 1. Search for feasible lassos Stem • Uses symbolic execution … … a: while( … ){ • Quickly find candidates for non-termination b: while( … ){ … … Loo } 2. Check each lasso for non-termination p } • Uses SAT and constraint solving … • Precise reasoning on small program fragments Recurrent Sets Outline: • Proves non-termination using inductive argument • Set of states RecSet is recurrent for relation ρ (x, x’) if: • Lasso search – non-empty � – some successor RecSet � of each state is in RecSet • Recurrent set computation � Theorem: ρ (x, x’) is non-terminating iff there exists RecSet . 24

Recommend

On the finitary infinite Ramseys theorem Florian Pelupessy Tohoku University CTFM,

On the finitary infinite Ramseys theorem Florian Pelupessy Tohoku University CTFM,

On the finitary infinite Ramseys theorem Florian Pelupessy Tohoku University CTFM, Tokyo, 8 September 2015 Overview: 1 Motivation 2 finitary Ramsey 3 Inserting the parameter in finitary Ramsey 4 Some logical strengths for

1.13k views • 26 slides
CLOSED SETS OF FINITARY FUNCTIONS BETWEEN FINITE FIELDS OF COPRIME ORDER. Stefano Fioravanti

CLOSED SETS OF FINITARY FUNCTIONS BETWEEN FINITE FIELDS OF COPRIME ORDER. Stefano Fioravanti

CLOSED SETS OF FINITARY FUNCTIONS BETWEEN FINITE FIELDS OF COPRIME ORDER. Stefano Fioravanti September 2019, YRAC2019 Institute for Algebra Austrian Science Fund FWF P29931 0/11 ( F p , F q ) -linear closed clonoids Definition Let p and q be

376 views • 34 slides
Modelling and Simulation examples that failed to meet regulator's expectations failed to meet

Modelling and Simulation examples that failed to meet regulator's expectations failed to meet

Modelling and Simulation examples that failed to meet regulator's expectations failed to meet regulator s expectations M Monica Edholm i Edh l Medical Products Agency An agency of the European Union Disclaimer The views expressed in this

357 views • 35 slides
A Finitary Analogue of the Downward L owenheim-Skolem Property Abhisekh Sankaran IMSc,

A Finitary Analogue of the Downward L owenheim-Skolem Property Abhisekh Sankaran IMSc,

A Finitary Analogue of the Downward L owenheim-Skolem Property Abhisekh Sankaran IMSc, Chennai Formal Methods Update Meet IIT Mandi July 18, 2017 Introduction The Downward L owenheim-Skolem theorem (DLS) is amongst the earliest

922 views • 79 slides
Finitary characterizations of sets of lower previsions Erik Quaeghebeur SYSTeMS Research Group

Finitary characterizations of sets of lower previsions Erik Quaeghebeur SYSTeMS Research Group

Finitary characterizations of sets of lower previsions Erik Quaeghebeur SYSTeMS Research Group Ghent University Belgium P on K is coherent iff h K h Ph max h K h h for all in R K with at most one strictly

905 views • 71 slides
Towards a Theory of Information Flow -Transducers in the Finitary Process Soup Dynamics

Towards a Theory of Information Flow -Transducers in the Finitary Process Soup Dynamics

Information Flow Spencer Mathews Towards a Theory of Information Flow -Transducers in the Finitary Process Soup Dynamics Single State Soup Evolution Channel Capacity Spencer Mathews Partitioning Metamachine Department of Computer

457 views • 29 slides
Isomorphism of Finitary Inductive Types Christian Sattler joint work (in progress) with Nicolai

Isomorphism of Finitary Inductive Types Christian Sattler joint work (in progress) with Nicolai

Isomorphism of Finitary Inductive Types Christian Sattler joint work (in progress) with Nicolai Kraus University of Nottingham May 2014 Motivating Example Generic data may be represented in a multitude of ways. Motivating Example Generic

593 views • 33 slides
Effective Feature Representation for Clinical Text Concept Extraction Yifeng Tao 1,2 , Bruno

Effective Feature Representation for Clinical Text Concept Extraction Yifeng Tao 1,2 , Bruno

Effective Feature Representation for Clinical Text Concept Extraction Yifeng Tao 1,2 , Bruno Godefroy 1 , Guillaume Genthial 1 , Christopher Potts 1,3,* 1 Roam Analytics 2 Carnegie Mellon University 3 Stanford University Yifeng Tao et al. NAACL

306 views • 17 slides
Comment Legal Knowledge and Skill Thoroughness and Preparation [5] Competent handling of a

Comment Legal Knowledge and Skill Thoroughness and Preparation [5] Competent handling of a

Talking Out the Side of You Neck ... Effective Communication for Effective Representation of Legal Clients Old Dominion Bar Association Annual Meeting and Conference ~ Virginia Beach, VA ~ May 31, 2013 Speaker: Helivi L. Holland, Esq ., City

313 views • 5 slides
How to avoid a failed Edward D. Churchill, 1931 parathyroidectomy Postgraduate Course in

How to avoid a failed Edward D. Churchill, 1931 parathyroidectomy Postgraduate Course in

5/18/2013 Avoiding failed parathyroidectomy the success of parathyroid surgery must lie in the ability of the surgeon to know a parathyroid gland when he sees it, to know the distribution of the knowledge glands,

241 views • 7 slides
X why we have failed 20 years ago 25 Massimo Massaia

X why we have failed 20 years ago 25 Massimo Massaia

Idiotypic vaccina0on: X why we have failed 20 years ago 25 Massimo Massaia SC Ematologia - AO S. Croce e Carle Cuneo, Italy Laboratorio di Immunologia dei Tumori del Sangue, CIRBM

579 views • 30 slides
Overview of the CASA Compact January 2019 The Bay Area faces a housing crisis because we have

Overview of the CASA Compact January 2019 The Bay Area faces a housing crisis because we have

Overview of the CASA Compact January 2019 The Bay Area faces a housing crisis because we have failed at three tasks: Failed to produce enough housing for residents of all income levels Failed to preserve existing affordable housing

208 views • 18 slides
Concepts for C++1y: The Challenge (Why C++0x Concepts failed and what to do about that) Bjarne

Concepts for C++1y: The Challenge (Why C++0x Concepts failed and what to do about that) Bjarne

Concepts for C++1y: The Challenge (Why C++0x Concepts failed and what to do about that) Bjarne Stroustrup Texas A&amp;M University http://www.research.att.com/~bs Abstract One of the major goals of the language part of C++0x is to provide

799 views • 38 slides
Effective Semantics for Engineering NLP Systems Andr Freitas Lancaster, May 2018 Goals of this

Effective Semantics for Engineering NLP Systems Andr Freitas Lancaster, May 2018 Goals of this

Effective Semantics for Engineering NLP Systems Andr Freitas Lancaster, May 2018 Goals of this Talk Provide a synthesis of the emerging representation trends behind NLP systems. Shift in perspective: Effective engineering (task driven,

1.4k views • 110 slides
General LTL Specification Mining Caroline Lemieux , Dennis Park and Ivan Beschastnikh University

General LTL Specification Mining Caroline Lemieux , Dennis Park and Ivan Beschastnikh University

login attempt auth failed login attempt guest login login attempt authorized Texada auth failed login attempt G( x XF y ) login attempt G( guest login XF authorized ) guest login authorized auth failed login attempt Authorized

1.11k views • 59 slides
A Failed Rift: A Comprehensive Seismic Investigation of the

A Failed Rift: A Comprehensive Seismic Investigation of the

A Failed Rift: A Comprehensive Seismic Investigation of the Mid-Continent Rift from USArry and SPREE Weisen Shen, Douglas Wiens, Ghassan Aleqabi, Michael Wysession Suzan

618 views • 38 slides
I CONFESS: I Have Failed Retirement .For 10 Years BUT I AM NOT ALONE SOME

I CONFESS: I Have Failed Retirement .For 10 Years BUT I AM NOT ALONE SOME

I CONFESS: I Have Failed Retirement .For 10 Years BUT I AM NOT ALONE SOME QUOTES I need to retire from retirement . ~Sandra Day OConnor Retirement is the ugliest word in the language. ~Ernest Hemingway Retirement

56 views • 5 slides
From failed tar gets to unpredictable success 1 What were skipping today ... NATOs

From failed tar gets to unpredictable success 1 What were skipping today ... NATOs

From failed tar gets to unpredictable success 1 What were skipping today ... NATOs post-2015 strategic narrative Qualitative material with quant analysis Colombia govt finding peace with FARC Metaphor-based command languages Serbia

273 views • 26 slides
Precise and Approximate Representation of Numbers The Cartesian-Lagrangian representation of

Precise and Approximate Representation of Numbers The Cartesian-Lagrangian representation of

Precise and Approximate Representation of Numbers The Cartesian-Lagrangian representation of numbers. The homotopic representation of numbers Loops and deck transformations The maximal ideal representation The place

731 views • 24 slides
Why Some New World Colonies Succeeded and Others Failed An Online Professional Development

Why Some New World Colonies Succeeded and Others Failed An Online Professional Development

Why Some New World Colonies Succeeded and Others Failed An Online Professional Development Seminar Sponsored by the Library of Congress Teaching with Primary Sources Eastern Region Program, coordinated by Waynesburg University. We will begin

519 views • 33 slides
The Failed Hip Arthroscopic Patient: Principles of Revision- How to Succeed: 5 Tips in 10

The Failed Hip Arthroscopic Patient: Principles of Revision- How to Succeed: 5 Tips in 10

The Failed Hip Arthroscopic Patient: Principles of Revision- How to Succeed: 5 Tips in 10 minutes J. W W. T Thom homas as B Byr yrd, MD MD Advan anced Pr Pract ctit itio ioner Su Summ mmit it The he H Hip p Orthop

791 views • 39 slides
FDIC Lawsuits Against Failed Banks' Law Firms g and Other Outside Professionals Protecting

FDIC Lawsuits Against Failed Banks' Law Firms g and Other Outside Professionals Protecting

Presenting a live 90 minute webinar with interactive Q&amp;A FDIC Lawsuits Against Failed Banks' Law Firms g and Other Outside Professionals Protecting Borrowers' and Lenders' Interests Under UCC Article 9 WEDNES DAY, MAY 18, 2011 1pm

1.12k views • 73 slides
Decision Making: Easy 89 yo Non-ambulatory Multiple failed interventions Forefoot and

Decision Making: Easy 89 yo Non-ambulatory Multiple failed interventions Forefoot and

4/8/19 Survival Predictions in CLTI: How to Use it in Clinical Decision Making Andres Schanzer, MD University of Massachusetts Medical School UCSF Vascular Symposium Decision Making: Easy 89 yo Non-ambulatory Multiple failed

378 views • 22 slides
New Staff Training Effective Use of PAs Effective Use of PAs How to Use PAs Effectively

New Staff Training Effective Use of PAs Effective Use of PAs How to Use PAs Effectively

Changing lives. Making a difference. New Staff Training Effective Use of PAs Effective Use of PAs How to Use PAs Effectively Performance Measure 2 Effective Use of PAs Introduction Roles and Limitations of a PA Who Is a

519 views • 15 slides

More recommend