termination analysis of a subset of coreml
play

Termination Analysis of a subset of CoreML William Blum - PowerPoint PPT Presentation

Oct 28, 2022 •327 likes •501 views

Outline Termination Analysis of a subset of CoreML William Blum william.blum@comlab.ox.ac.uk Oxford University Computing Laboratory BCTCS Nottingham W. Blum Termination Analysis of a subset of CoreML Outline Outline Size-change Principle

  1. Outline Termination Analysis of a subset of CoreML William Blum william.blum@comlab.ox.ac.uk Oxford University Computing Laboratory BCTCS Nottingham W. Blum Termination Analysis of a subset of CoreML

  2. Outline Outline Size-change Principle for first-order programs 1 An extension for a subset of Core ML 2 W. Blum Termination Analysis of a subset of CoreML

  3. Size-change Principle for first-order programs An extension for a subset of Core ML Summary First order programs Untyped functional language recursion, Example if-then-else, primitive operators, single data type f(x) = gcd(x,18) gcd(x,y) = Call-by-value evaluation semantics : if y == 0 then x → → else gcd(y, x mod y) E [ [ f ] ] x = v f evaluates to v on input x , → → E [ [ f ] ] x = ⊥ f does not terminate on input x . f , 4 → gcd , ( 4 , 18 ) → Exact call semantics : a computation is gcd , ( 18 , 2 ) → described by a state transition sequence. gcd , ( 2 , 2 ) → gcd , ( 2 , 0 ) Finite approximation of the call semantics: the control flow graph. gcd f W. Blum Termination Analysis of a subset of CoreML

  4. Size-change Principle for first-order programs An extension for a subset of Core ML Summary Termination Characterization of termination P terminates on all input values ⇐ ⇒ Infinite state transition sequences are invalid computations. What is an invalid computation? For instance: a computation in which some positive integer variable decreases infinitely... The Size-Change Principle proves that for any computation corresponding to an infinite path in the control flow, the value of some well-founded variable decreases infinitely. W. Blum Termination Analysis of a subset of CoreML

  5. � � � � Size-change Principle for first-order programs An extension for a subset of Core ML Summary Size-change graphs (SCG) Definition : A SCG describes a program call. It consists of a source set of vertices, a target set of vertices and a set of labeled arcs. � � = � x x The SCG describes the call from f to gcd . y ↓ → arcs denote decreases in parameter value, = Safety: → arcs denote non increase in parameter value. Example : consider the call “ gcd ( y ) ”: , x mod y ���� � �� � x y         = x x x x � x x x x � � � � � = = = � � � � � �         � � � � � � � � � ↓ = ↓ � � y y y y � y y y y Only one of these SCG is not safe for this call. W. Blum Termination Analysis of a subset of CoreML

  6. � � � � � Size-change Principle for first-order programs An extension for a subset of Core ML Summary Composition of size-change graphs G 1 G 2 G 1 ; G 2 If f − → g and g − → h then f − → h G 1 G 2 G 1 ; G 2 � �� � � �� � ↓ ↓ � u = a x ≡ a u � � � � � � � � � = = = � � � � � � � � � � � � � ↓ � v y v If G is a set of size-change graphs then G denotes the composition closure of G . W. Blum Termination Analysis of a subset of CoreML

  7. � � Size-change Principle for first-order programs An extension for a subset of Core ML Summary Size-change termination (SCT) Definition Consider G a set of size-change graphs. A program P is G -SCT if G safely describes P (for every reachable call c there is a corresponding SCG G c ∈ G ) for all infinite computation cs = � c 0 c 1 . . . � , any sequence of size-change graphs G c 0 G c 1 . . . (describing safely the calls of cs ) has an infinite descending thread. = � . . . x u u x � � ↓ � � = � � � � � � � � � � y y . . . v v We assume that data-types are well-founded. Theorem If P is G -SCT then P terminates for all input values W. Blum Termination Analysis of a subset of CoreML

  8. Size-change Principle for first-order programs An extension for a subset of Core ML Summary Deciding Size-Change Termination G -SCT characterization [Jones et al. 2001] P is not G -SCT ⇐ ⇒ � � G ; G = G ∃ f G → f ∈ G such that ↓ ∀ x ∈ gb ( f ) : x → x �∈ G Hence G -SCT is decidable. And it is PSPACE-complete (see [1]) W. Blum Termination Analysis of a subset of CoreML

  9. Size-change Principle for first-order programs An extension for a subset of Core ML Summary The language L ml Grammar: value identifiers e ::= x, f boolean constants | true | false conditional | if e then e else e integer constants (n ∈ N ) | n integer equality | e = e successor and predecessor | succ e | pred e function abstraction | fun (x:ty) -> e recursively defined function | fun f=(x:ty) -> e function application | e e local variable definition | let x = e in e A program is a single closed expression. Data types: ground values + higher-order functions. W. Blum Termination Analysis of a subset of CoreML

  10. Size-change Principle for first-order programs An extension for a subset of Core ML Summary Semantics of L ml (environment based) Canonical expressions : N ∪ B ∪ { e | e is an abstraction } State = { e : ρ | e ∈ subexp ( P ) , ρ ∈ Env , fv ( e ) ⊆ dom ( ρ ) } = { e : ρ ∈ State | e canonical } Value Env = { ρ : X → Value | X finite set of variables } Let s ∈ State , v ∈ Value and ρ ∈ Env Call-by-value evaluation semantics “ s ⇓ v ” v : ρ ⇓ v : ρ ( v canonical ) e : ρ ⇓ 0 Run-time errors “ s ⊘ ” (ErrOp1) pred e : ρ ⊘ Call semantics “ s → s ′ ” (CallG) e 1 : ρ ⇓ fun (x:ty)->e 0 : ρ 0 e 2 : ρ ⇓ v 2 e 1 e 2 : ρ → c e 0 : ρ 0 [ x �→ v 2 ] W. Blum Termination Analysis of a subset of CoreML

  11. Size-change Principle for first-order programs An extension for a subset of Core ML Summary Graph generation Two SCG generated per call: G + describing higher-order values and G 0 for ground type values. The free variables of an expression correspond to the input parameters in the first-order case. We define well-founded notions of size for higher-order and ground type expressions. We extend the semantic rules to generate safe SCG: (ValueG) v ⇓ v , id = ( v = e : ρ in canonical form ) e | id = e (CallG) e 1 : ρ ⇓ fun (x:ty)->e 0 : ρ 0 , G 1 | G + e 2 : ρ ⇓ v 2 , G 2 | G + 1 2 c e 0 : ρ 0 [ x �→ v 2 ] , CallGr 0 x ( G 1 , G 2 ) | CallGr + x ( G + 1 , G + e 1 e 2 : ρ → 2 ) W. Blum Termination Analysis of a subset of CoreML

  12. Size-change Principle for first-order programs An extension for a subset of Core ML Summary Finite approximation of the call semantics We need a “control flow graph” for ML programs Solution: drop the ρ components of the states abstract integers by a single symbol “ ? int ”. We obtain a finite abstraction of the computation. The set of vertices of the control flow graph (i.e control points) is: P = subexp ( P ) ∪ { ? int } W. Blum Termination Analysis of a subset of CoreML

  13. Size-change Principle for first-order programs An extension for a subset of Core ML Summary The size-change principle What do we have: Termination characterized by infinite call sequences Well-founded order on the data values Finite approximation of call semantics We can compute two safe sets of size-change graphs describing the calls (by applying the semantic rules exhaustively). Hence the SCP can be applied! (twice) W. Blum Termination Analysis of a subset of CoreML

  14. Size-change Principle for first-order programs An extension for a subset of Core ML Summary Results Counter example let rec counter x = if x = 0 then counter (succ x) else 1 in counter 7;; is terminating but not SCT. Ackerman’s function: SCT relatively to ground-type values. Function computing the minimum of two numbers: is SCT if we use the native representation of integers provided by L ml , is not SCT if we use Church numeral to encode integers. W. Blum Termination Analysis of a subset of CoreML

  15. Size-change Principle for first-order programs An extension for a subset of Core ML Bibliography Summary Conclusion The Size-Change Principle from Neil D. Jones et al. based on a finite approximation of the call semantics, and a safe description of the calls. Extension to a higher-order functional language detects decrease on ground-type values as well as higher-order values allows local definition let handles recursion natively (no need to define a Y combinator) handles numbers natively Further direction sequential composition, storage location and references, tuples list, user defined structures, for and while loop structures. W. Blum Termination Analysis of a subset of CoreML

  16. Size-change Principle for first-order programs An extension for a subset of Core ML Bibliography Summary Bibliography Chin Soon Lee, Neil D. Jones, and Amir Ben-Amram. The Size-Change Principle for Program Termination. Principles of Programming Languages , pp. 81-92. Volume 28 of Principles of Programming Languages. ACM press 2001 Neil D. Jones and Nina Bohr Termination Analysis of the Untyped λ -Calculus. Rewriting Techniques and Applications. ,Proceedings (V van Oostrom, ed.), pp. 1-23. Volume 3091 of LNCS. Springer-Verlag 2004. Andrew M. Pitts Operational Semantics and Program Equivalence. Applied Semantics. , pp. 378-412. Volume 2395 of LNCS. Springer-Verlag 2002 W. Blum Termination Analysis of a subset of CoreML

Recommend

W4231: Analysis of Algorithms Subset Sum The Subset Sum problem is defined as follows: 11/30/99

W4231: Analysis of Algorithms Subset Sum The Subset Sum problem is defined as follows: 11/30/99

W4231: Analysis of Algorithms Subset Sum The Subset Sum problem is defined as follows: 11/30/99 Given a sequence of integers a 1 , . . . , a n and a parameter k , NP-completeness of Subset Sum, Partition, Minimum Bin Packing. Decide

214 views • 3 slides
Analysis using Configurable Software Verification Sebastian Ott Termination No infinite

Analysis using Configurable Software Verification Sebastian Ott Termination No infinite

Implementing Termination Analysis using Configurable Software Verification Sebastian Ott Termination No infinite execution Liveness property Important property of programs: partial correctness termination total

375 views • 15 slides
Automated Termination Analysis J urgen Giesl LuFG Informatik 2, RWTH Aachen University,

Automated Termination Analysis J urgen Giesl LuFG Informatik 2, RWTH Aachen University,

Automated Termination Analysis J urgen Giesl LuFG Informatik 2, RWTH Aachen University, Germany VTSA 12, Saarbr ucken, Germany Overview I. Termination of Term Rewriting 1 Termination of Term Rewrite Systems 2 Non-Termination of Term

1.47k views • 133 slides
Automated Termination Analysis J urgen Giesl LuFG Informatik 2, RWTH Aachen University,

Automated Termination Analysis J urgen Giesl LuFG Informatik 2, RWTH Aachen University,

Automated Termination Analysis J urgen Giesl LuFG Informatik 2, RWTH Aachen University, Germany VTSA 12, Saarbr ucken, Germany Overview I. Termination of Term Rewriting 1 Termination of Term Rewrite Systems 2 Non-Termination of Term

1.93k views • 148 slides
SMT Techniques and Solvers in Automated Termination Analysis Carsten Fuhs Birkbeck, University

SMT Techniques and Solvers in Automated Termination Analysis Carsten Fuhs Birkbeck, University

SMT Techniques and Solvers in Automated Termination Analysis Carsten Fuhs Birkbeck, University of London 2 nd July 2016 14 th Workshop on SAT Modulo Theories (SMT) Coimbra, Portugal Why analyze termination? 2/25 Why analyze termination? 1

1.83k views • 113 slides
Types of Termination Mutual With Consent Termination Automatic Termination

Types of Termination Mutual With Consent Termination Automatic Termination

Types of Termination Mutual With Consent Termination Automatic Termination Termination Termination for Convenience Without Consent Frustration /Force Majeure Contractual Breach Breach Common Law Breach

444 views • 29 slides
. Needs effective (finitary) representation .. Failed Termination Proof vs. Non- TNT:

. Needs effective (finitary) representation .. Failed Termination Proof vs. Non- TNT:

Runtime Errors Proving Non-Termination Ashutosh K. Gupta Thomas A. Henzinger Rupak Majumdar MPI-SWS EPFL UCLA Andrey Rybalchenko Ru-Gang Xu MPI-SWS UCLA 2 Non-Termination Errors Proving Non-Termination Search for infinite

402 views • 6 slides
Theorem 7.56 SUBSET-SUM is NP Complete ANSHUMAN MOHANTY SUBSET-SUM Problem Consider a set of

Theorem 7.56 SUBSET-SUM is NP Complete ANSHUMAN MOHANTY SUBSET-SUM Problem Consider a set of

Theorem 7.56 SUBSET-SUM is NP Complete ANSHUMAN MOHANTY SUBSET-SUM Problem Consider a set of numbers S. and a target number t. We have to determine of the exists a subset of S such that the summation of the numbers present in the subset is

353 views • 11 slides
Termination Rate Debate in Africa Dr. Christoph Stork Termination = Monopoly Monopolies

Termination Rate Debate in Africa Dr. Christoph Stork Termination = Monopoly Monopolies

Termination Rate Debate in Africa Dr. Christoph Stork Termination = Monopoly Monopolies require price regulation Termination rates at cost of efficient operator Provide incentive to invest in new technologies to reduce costs Promote

605 views • 32 slides
Quantum algorithms Subset-sum example: for the subset-sum problem Is there a subsequence of (499

Quantum algorithms Subset-sum example: for the subset-sum problem Is there a subsequence of (499

Quantum algorithms Subset-sum example: for the subset-sum problem Is there a subsequence of (499 852 1927 2535 3596 3608 D. J. Bernstein 4688 5989 6385 7353 7650 9413) University of Illinois at

2.02k views • 163 slides
Approximation Algorithms Subset Sum III Instance : X = { x 1 , . . . , x n } n integer

Approximation Algorithms Subset Sum III Instance : X = { x 1 , . . . , x n } n integer

NEW CS 473: Theory II, Fall 2015 Subset Sum Approximation Algorithms Subset Sum III Instance : X = { x 1 , . . . , x n } n integer positive num- bers, t - target number Question: subset of X s.t. sum of its elements is t ? Lecture 10

200 views • 8 slides
Proving Termination of Imperative Programs using Max-SMT Daniel Larraz, Albert Oliveras, Enric

Proving Termination of Imperative Programs using Max-SMT Daniel Larraz, Albert Oliveras, Enric

Introduction SMT/Max-SMT solving Invariant generation Termination analysis Further work Proving Termination of Imperative Programs using Max-SMT Daniel Larraz, Albert Oliveras, Enric Rodr guez-Carbonell and Albert Rubio Universitat

1.18k views • 73 slides
More Recursion Summary Topics: more recursion Subset sum: finding if a subset of an

More Recursion Summary Topics: more recursion Subset sum: finding if a subset of an

csci 210: Data Structures More Recursion Summary Topics: more recursion Subset sum: finding if a subset of an array that sum up to a given target Permute: finding all permutations of a given string Subset: finding all

436 views • 15 slides
Better termination proving through cooperation Marc Brockschmidt 1 Byron Cook 2 , 3 Carsten Fuhs 3

Better termination proving through cooperation Marc Brockschmidt 1 Byron Cook 2 , 3 Carsten Fuhs 3

Better termination proving through cooperation Marc Brockschmidt 1 Byron Cook 2 , 3 Carsten Fuhs 3 1 RWTH Aachen University 2 Microsoft Research Cambridge 3 University College London Deduktionstreffen 2013 Termination Analysis: Invariants and Rank

538 views • 37 slides
to to Termination Analysis in in Lin inear Tim ime Roman Manevich Ben-Gurion University of

to to Termination Analysis in in Lin inear Tim ime Roman Manevich Ben-Gurion University of

From Shape Analysis to to Termination Analysis in in Lin inear Tim ime Roman Manevich Ben-Gurion University of the Negev Noam Rinetzky Tel Aviv University Boris Dogadov Tel Aviv University UPGRADE YOUR SHAPE ANALYSIS 2 UPGRADE YOUR

879 views • 69 slides
Part 6: Termination Revisited So far: Termination as a subordinate task for entailment checking.

Part 6: Termination Revisited So far: Termination as a subordinate task for entailment checking.

Part 6: Termination Revisited So far: Termination as a subordinate task for entailment checking. TRS is generated by some saturation process; ordering must be chosen before the saturation starts. Now: Termination as a main task (e. g., for

384 views • 20 slides
Type-based termination analysis with disjunctive invariants Dimitrios Vytiniotis, MSR Cambridge

Type-based termination analysis with disjunctive invariants Dimitrios Vytiniotis, MSR Cambridge

Type-based termination analysis with disjunctive invariants Dimitrios Vytiniotis, MSR Cambridge with Byron Cook (MSR Cambridge) and Ranjit Jhala (UCSD) IFIP WG 2.8, Austin TX, March 2011 or, what am I doing hanging out with these people?

554 views • 18 slides
Analysis of Algorithms Amr Magdy Analyzing Algorithms Algorithm Correctness 1. Termination a.

Analysis of Algorithms Amr Magdy Analyzing Algorithms Algorithm Correctness 1. Termination a.

CS141: Intermediate Data Structures and Algorithms Analysis of Algorithms Amr Magdy Analyzing Algorithms Algorithm Correctness 1. Termination a. Produces the correct output for all possible input. b. Algorithm Performance 2. Either

1.02k views • 64 slides
Using CLP Simplifications to Improve Java Bytecode Termination Analysis Fausto SPOTO, Lunjin LU,

Using CLP Simplifications to Improve Java Bytecode Termination Analysis Fausto SPOTO, Lunjin LU,

Using CLP Simplifications to Improve Java Bytecode Termination Analysis Fausto SPOTO, Lunjin LU, and Fred MESNARD Dipartimento di Informatica, Universit` a di Verona, Italy Oakland University, U.S.A. IREMIA, universit e de la R eunion,

216 views • 17 slides
Conflict Termination and Prevention September 3 - Class 9 Conflict Termination Over half of

Conflict Termination and Prevention September 3 - Class 9 Conflict Termination Over half of

Conflict Termination and Prevention September 3 - Class 9 Conflict Termination Over half of all conflicts end in military victory for one side. Those that are not require other means of settlement. Negotiated Settlements Both

612 views • 24 slides
Part I bers, t - target number Question: Is there a subset of X such the sum of its elements is t ?

Part I bers, t - target number Question: Is there a subset of X such the sum of its elements is t ?

Subset Sum Subset Sum Instance : X = { x 1 , . . . , x n } n integer positive num- Part I bers, t - target number Question: Is there a subset of X such the sum of its elements is t ? Subset Sum SolveSubsetSum ( X , t , M ) b [ 0 . . . Mn ] -

260 views • 5 slides
CSC2/458 Parallel and Distributed Systems Termination Detection Sreepathi Pai April 12, 2018

CSC2/458 Parallel and Distributed Systems Termination Detection Sreepathi Pai April 12, 2018

CSC2/458 Parallel and Distributed Systems Termination Detection Sreepathi Pai April 12, 2018 URCS Outline Termination Detection Ring termination (Dijkstra et al.) Misras Algorithm Outline Termination Detection Ring termination

403 views • 24 slides
2 Dispute over salaries and bonuses 3 Termination of employment by the employee 4 Termination

2 Dispute over salaries and bonuses 3 Termination of employment by the employee 4 Termination

1 Some critical issues in employment dispute resolution 2 Dispute over salaries and bonuses 3 Termination of employment by the employee 4 Termination of employment by the employer 2 1.1. Compulsory pre-litigation mediation and short statute

468 views • 21 slides
Forward Analysis for Recurrent Sets Alexey Bakhirkin 1 Josh Berdine 2 Nir Piterman 1 1 University

Forward Analysis for Recurrent Sets Alexey Bakhirkin 1 Josh Berdine 2 Nir Piterman 1 1 University

Forward Analysis for Recurrent Sets Alexey Bakhirkin 1 Josh Berdine 2 Nir Piterman 1 1 University of Leicester, Department of Computer Science 2 Microsoft Research Why (non-)termination A non-termination bug in the below code made many Zune

437 views • 20 slides

More recommend