termination analysis for imperative programs operating … · termination analysis for imperative...
TRANSCRIPT
![Page 1: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/1.jpg)
Termination Analysis for Imperative Programs Operatingon the Heap
Marc Brockschmidt
November 2013
![Page 2: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/2.jpg)
Termination! What is it good for?
1 Program: produces result
2 Input handler: system reacts
3 Mathematical proofs: induction is valid
4 Biological process: reaches stable state
Variations of same problem:
2 special case of 1
3 can be interpreted as 1
4 probabilistic version of 1
![Page 3: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/3.jpg)
Termination! What is it good for?
1 Program: produces result
2 Input handler: system reacts
3 Mathematical proofs: induction is valid
4 Biological process: reaches stable state
Variations of same problem:
2 special case of 1
3 can be interpreted as 1
4 probabilistic version of 1
![Page 4: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/4.jpg)
Termination! What is it good for?
1 Program: produces result
2 Input handler: system reacts
3 Mathematical proofs: induction is valid
4 Biological process: reaches stable state
Variations of same problem:
2 special case of 1
3 can be interpreted as 1
4 probabilistic version of 1
![Page 5: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/5.jpg)
Termination! What is it good for?
1 Program: produces result
2 Input handler: system reacts
3 Mathematical proofs: induction is valid
4 Biological process: reaches stable state
Variations of same problem:
2 special case of 1
3 can be interpreted as 1
4 probabilistic version of 1
![Page 6: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/6.jpg)
Termination! What is it good for?
1 Program: produces result
2 Input handler: system reacts
3 Mathematical proofs: induction is valid
4 Biological process: reaches stable state
Variations of same problem:
2 special case of 1
3 can be interpreted as 1
4 probabilistic version of 1
![Page 7: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/7.jpg)
Termination! What is it good for?
1 Program: produces result
2 Input handler: system reacts
3 Mathematical proofs: induction is valid
4 Biological process: reaches stable state
Variations of same problem:
2 special case of 1
3 can be interpreted as 1
4 probabilistic version of 1
![Page 8: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/8.jpg)
Program termination: Overview
Turing 1949
“Finally the checker has to verify that the process comes to an end. [...]This may take the form of a quantity which is asserted to decreasecontinually and vanish when the machine stops.”
1 Find rank function f (“quantity”)
2 Prove f to have a lower bound (“vanishes when the machine stops”)
3 Prove f to decrease over time
Example (Termination can be simple)
while x > 0 dox = x - 1
done
![Page 9: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/9.jpg)
Program termination: Overview
Turing 1949
“Finally the checker has to verify that the process comes to an end. [...]This may take the form of a quantity which is asserted to decreasecontinually and vanish when the machine stops.”
1 Find rank function f (“quantity”)
2 Prove f to have a lower bound (“vanishes when the machine stops”)
3 Prove f to decrease over time
Example (Termination can be simple)
while x > 0 dox = x - 1
done
![Page 10: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/10.jpg)
Program termination: Overview
Turing 1949
“Finally the checker has to verify that the process comes to an end. [...]This may take the form of a quantity which is asserted to decreasecontinually and vanish when the machine stops.”
1 Find rank function f (“quantity”)
2 Prove f to have a lower bound (“vanishes when the machine stops”)
3 Prove f to decrease over time
Example (Termination can be simple)
while x > 0 dox = x - 1
done
![Page 11: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/11.jpg)
Program termination: Overview
Turing 1949
“Finally the checker has to verify that the process comes to an end. [...]This may take the form of a quantity which is asserted to decreasecontinually and vanish when the machine stops.”
1 Find rank function f (“quantity”)
2 Prove f to have a lower bound (“vanishes when the machine stops”)
3 Prove f to decrease over time
Example (Termination can be simple)
while x > 0 dox = x - 1
done
![Page 12: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/12.jpg)
Program termination: Challenges
Real programs have
Sharing: Changing variable x influences y
User-defined data types: Data has unknown shape
Dynamic dispatch: Executed code chosen only at runtime
Example (Termination not always simple)
y = x
while not y.isEmpty() dox.pop()
done
![Page 13: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/13.jpg)
Program termination: Challenges
Real programs have
Sharing: Changing variable x influences y
User-defined data types: Data has unknown shape
Dynamic dispatch: Executed code chosen only at runtime
Example (Termination not always simple)
y = x
while not y.isEmpty() dox.pop()
done
![Page 14: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/14.jpg)
Program termination: Challenges
Real programs have
Sharing: Changing variable x influences y
User-defined data types: Data has unknown shape
Dynamic dispatch: Executed code chosen only at runtime
Example (Termination not always simple)
y = x
while not y.isEmpty() dox.pop()
done
![Page 15: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/15.jpg)
Program termination: Challenges
Real programs have
Sharing: Changing variable x influences y
User-defined data types: Data has unknown shape
Dynamic dispatch: Executed code chosen only at runtime
Example (Termination not always simple)
y = x
while not y.isEmpty() dox.pop()
done
![Page 16: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/16.jpg)
Program termination: Our approach
Program
1 Symbolic evaluation & abstraction
2 Translate graph edges to rules, data to terms
![Page 17: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/17.jpg)
Program termination: Our approach
Program Termination Graph
1 Symbolic evaluation & abstraction
2 Translate graph edges to rules, data to terms
![Page 18: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/18.jpg)
Program termination: Our approach
Program Termination Graph Simple Program
1 Symbolic evaluation & abstraction
2 Translate graph edges to rules, data to terms
![Page 19: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/19.jpg)
Program termination: Our approach
Java Termination Graph Simple Program
while (x > 0)
x = x - 1;
1 Symbolic evaluation & abstraction
2 Translate graph edges to rules, data to terms
![Page 20: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/20.jpg)
Program termination: Our approach
Java Termination Graph1 Simple Program
while (x > 0)
x = x - 1;
. . .A
. . .B
. . .D
. . .C
x > 0x≤
0
x=x−1
1 Symbolic evaluation & abstraction
2 Translate graph edges to rules, data to terms
![Page 21: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/21.jpg)
Program termination: Our approach
Java Termination Graph1intTRS
2
while (x > 0)
x = x - 1;
. . .A
. . .B
. . .D
. . .C
x > 0x≤
0
x=x−1
fA(x)→ fA(x − 1)J x > 0 K
fA(x)→ fC(x)J x ≤ 0 K
1 Symbolic evaluation & abstraction
2 Translate graph edges to rules, data to terms
![Page 22: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/22.jpg)
intTRS termination: Our approach
intTRS
g(List(n), i)→ g(n, i − 1)J i > 0 K
1 Restrict to terms
2 Restrict to integers (and/or replacing terms by their “sizes”)
![Page 23: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/23.jpg)
intTRS termination: Our approach
intTRS
TRS
Integer Trans. Systemg(List(n), i)→ g(n, i − 1)
J i > 0 K
1 Restrict to terms
2 Restrict to integers (and/or replacing terms by their “sizes”)
![Page 24: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/24.jpg)
intTRS termination: Our approach
intTRS
TRS
Integer Trans. System
1
g(List(n), i)→ g(n, i − 1)J i > 0 K
g(List(n))→ g(n)
1 Restrict to terms
2 Restrict to integers (and/or replacing terms by their “sizes”)
![Page 25: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/25.jpg)
intTRS termination: Our approach
intTRS
TRS
Integer Trans. System
1
2
g(List(n), i)→ g(n, i − 1)J i > 0 K
g(List(n))→ g(n)
g
i > 0∧ i ′ = i − 1
1 Restrict to terms
2 Restrict to integers (and/or replacing terms by their “sizes”)
![Page 26: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/26.jpg)
Integer Transition System termination: Our approach
ITS
1 Instrumentation (check initially empty termination argument)
2 Check termination argument
3 Synthesise better termination argument
4 Simplification & Instrumentation (check better termination argument)
![Page 27: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/27.jpg)
Integer Transition System termination: Our approach
ITS Instrumented ITS1
1 Instrumentation (check initially empty termination argument)
2 Check termination argument
3 Synthesise better termination argument
4 Simplification & Instrumentation (check better termination argument)
![Page 28: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/28.jpg)
Integer Transition System termination: Our approach
ITS Instrumented ITS
Counterexample
1
2
1 Instrumentation (check initially empty termination argument)
2 Check termination argument
3 Synthesise better termination argument
4 Simplification & Instrumentation (check better termination argument)
![Page 29: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/29.jpg)
Integer Transition System termination: Our approach
ITS Instrumented ITS
Counterexample
Term. argument
1
2
3
1 Instrumentation (check initially empty termination argument)
2 Check termination argument
3 Synthesise better termination argument
4 Simplification & Instrumentation (check better termination argument)
![Page 30: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/30.jpg)
Integer Transition System termination: Our approach
ITS Instrumented ITS
Counterexample
Term. argument
1
2
3
4
1 Instrumentation (check initially empty termination argument)
2 Check termination argument
3 Synthesise better termination argument
4 Simplification & Instrumentation (check better termination argument)
![Page 31: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/31.jpg)
Related Work
Symbolic execution in program analysis:I Abstract InterpretationI Termination Graphs for Haskell, Prolog (AProVE)
Termination with heap:I Path-length (COSTA, Julia)I Separation Logic (Mutant, Thor, Cyclist)
Combining termination arguments:I Lexicographic (PolyRank, Rank, T2)I Dependency Pair Framework (AProVE, TTT2, Mu-Term,
CiME, Matchbox, KITTeL)I Transition Invariants (Terminator, ARMC, CProver,
TRex, T2, HSF, Acabar)
![Page 32: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/32.jpg)
Related Work
Symbolic execution in program analysis:I Abstract InterpretationI Termination Graphs for Haskell, Prolog (AProVE)
Termination with heap:I Path-length (COSTA, Julia)I Separation Logic (Mutant, Thor, Cyclist)
Combining termination arguments:I Lexicographic (PolyRank, Rank, T2)I Dependency Pair Framework (AProVE, TTT2, Mu-Term,
CiME, Matchbox, KITTeL)I Transition Invariants (Terminator, ARMC, CProver,
TRex, T2, HSF, Acabar)
![Page 33: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/33.jpg)
Related Work
Symbolic execution in program analysis:I Abstract InterpretationI Termination Graphs for Haskell, Prolog (AProVE)
Termination with heap:I Path-length (COSTA, Julia)I Separation Logic (Mutant, Thor, Cyclist)
Combining termination arguments:I Lexicographic (PolyRank, Rank, T2)I Dependency Pair Framework (AProVE, TTT2, Mu-Term,
CiME, Matchbox, KITTeL)I Transition Invariants (Terminator, ARMC, CProver,
TRex, T2, HSF, Acabar)
![Page 34: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/34.jpg)
Overview
1 Introduction
2 Termination of JavaSymbolic statesConstructing Termination GraphsGenerating intTRSs from Termination Graphs
3 Termination of Integer Transition SystemsTermination by iterative strengtheningTermination by iterative simplificationCooperative termination proving
4 Conclusion
![Page 35: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/35.jpg)
From Java to intTRSs: Challenges
Terms cannot fully represent the heap
:
1 Side-effects via sharing
2 No representation for cyclic structures
3 No measure of distances
Solutions:
1 Overapproximate
2 Handle in symbolic evaluation
3 Post-process: Make distances/cycles explicit via counters
![Page 36: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/36.jpg)
From Java to intTRSs: Challenges
Terms cannot fully represent the heap:
1 Side-effects via sharing
2 No representation for cyclic structures
3 No measure of distances
Solutions:
1 Overapproximate
2 Handle in symbolic evaluation
3 Post-process: Make distances/cycles explicit via counters
![Page 37: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/37.jpg)
From Java to intTRSs: Challenges
Terms cannot fully represent the heap:
1 Side-effects via sharing
2 No representation for cyclic structures
3 No measure of distances
Solutions:
1 Overapproximate
2 Handle in symbolic evaluation
3 Post-process: Make distances/cycles explicit via counters
![Page 38: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/38.jpg)
length: the example
class L {L p, n;
static int length(L x) {int r = 0;
while (x != null) {x = x.n;
r++;
}return r; }}
![Page 39: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/39.jpg)
length: the example
class L {L p, n;
static int length(L x) {int r = 0;
while (x != null) {x = x.n;
r++;
}return r; }}
null null
n n n
ppp
![Page 40: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/40.jpg)
length: the example
class L {L p, n;
static int length(L x) {int r = 0;
while (x != null) {x = x.n;
r++;
}return r; }}
null null
x
n n n
ppp
![Page 41: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/41.jpg)
length: the example
class L {L p, n;
static int length(L x) {int r = 0;
while (x != null) {x = x.n;
r++;
}return r; }}
null null
x
n n n
ppp
![Page 42: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/42.jpg)
length: the example
class L {L p, n;
static int length(L x) {int r = 0;
while (x != null) {x = x.n;
r++;
}return r; }}
null null
x
n n n
ppp
![Page 43: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/43.jpg)
length: the example
class L {L p, n;
static int length(L x) {int r = 0;
while (x != null) {x = x.n;
r++;
}return r; }}
null null
x
n n n
ppp
![Page 44: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/44.jpg)
length: the example
class L {L p, n;
static int length(L x) {int r = 0;
while (x != null) {x = x.n;
r++;
}return r; }}
00: iconst 0 #load 0
01: istore 1 #store to r
02: aload 0 #load x
03: ifnull 17 #jump if x null
06: aload 0 #load x
07: getfield n #get n from x
10: astore 0 #store to x
11: iinc 1, 1 #increment r
14: goto 2
17: iload 1 #load r
18: ireturn #return r
![Page 45: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/45.jpg)
The abstract domain: symbolic states
class L {L p, n;
static int length(L x) {int r = 0;
while (x != null) {x = x.n;
r++;
}return r; }}
00: iconst 0 #load 0
01: istore 1 #store to r
02: aload 0 #load x
03: ifnull 17 #jump if x null
06: aload 0 #load x
07: getfield n #get n from x
10: astore 0 #store to x
11: iinc 1, 1 #increment r
14: goto 2
17: iload 1 #load r
18: ireturn #return r
![Page 46: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/46.jpg)
The abstract domain: symbolic states
class L {L p, n;
static int length(L x) {int r = 0;
while (x != null) {x = x.n;
r++;
}return r; }}
00: iconst 0 #load 0
01: istore 1 #store to r
02: aload 0 #load x
03: ifnull 17 #jump if x null
06: aload 0 #load x
07: getfield n #get n from x
10: astore 0 #store to x
11: iinc 1, 1 #increment r
14: goto 2
17: iload 1 #load r
18: ireturn #return r
00 | x :o1 | εo1:L(?) o1 {p,n}Stack frame:
Next program instruction
Local variables
Operand stack
Heap information:
o1 is L object or null
Known L object: o2 : L(p=o3,n=o4)
Symbolic integers: i1 : Z i2 : [>0]
Heap predicates:
Two references may be equal: o1 =? o2
Two references may share: o1%$o2Reference might have cycles containingall fields F : o1 F
![Page 47: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/47.jpg)
The abstract domain: symbolic states
class L {L p, n;
static int length(L x) {int r = 0;
while (x != null) {x = x.n;
r++;
}return r; }}
00: iconst 0 #load 0
01: istore 1 #store to r
02: aload 0 #load x
03: ifnull 17 #jump if x null
06: aload 0 #load x
07: getfield n #get n from x
10: astore 0 #store to x
11: iinc 1, 1 #increment r
14: goto 2
17: iload 1 #load r
18: ireturn #return r
00 | x :o1 | εo1:L(?) o1 {p,n}Stack frame:
Next program instruction
Local variables
Operand stack
Heap information:
o1 is L object or null
Known L object: o2 : L(p=o3,n=o4)
Symbolic integers: i1 : Z i2 : [>0]
Heap predicates:
Two references may be equal: o1 =? o2
Two references may share: o1%$o2Reference might have cycles containingall fields F : o1 F
![Page 48: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/48.jpg)
The abstract domain: symbolic states
class L {L p, n;
static int length(L x) {int r = 0;
while (x != null) {x = x.n;
r++;
}return r; }}
00: iconst 0 #load 0
01: istore 1 #store to r
02: aload 0 #load x
03: ifnull 17 #jump if x null
06: aload 0 #load x
07: getfield n #get n from x
10: astore 0 #store to x
11: iinc 1, 1 #increment r
14: goto 2
17: iload 1 #load r
18: ireturn #return r
00 | x :o1 | εo1:L(?) o1 {p,n}Stack frame:
Next program instruction
Local variables
Operand stack
Heap information:
o1 is L object or null
Known L object: o2 : L(p=o3,n=o4)
Symbolic integers: i1 : Z i2 : [>0]
Heap predicates:
Two references may be equal: o1 =? o2
Two references may share: o1%$o2Reference might have cycles containingall fields F : o1 F
![Page 49: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/49.jpg)
The abstract domain: symbolic states
class L {L p, n;
static int length(L x) {int r = 0;
while (x != null) {x = x.n;
r++;
}return r; }}
00: iconst 0 #load 0
01: istore 1 #store to r
02: aload 0 #load x
03: ifnull 17 #jump if x null
06: aload 0 #load x
07: getfield n #get n from x
10: astore 0 #store to x
11: iinc 1, 1 #increment r
14: goto 2
17: iload 1 #load r
18: ireturn #return r
00 | x :o1 | εo1:L(?) o1 {p,n}Stack frame:
Next program instruction
Local variables
Operand stack
Heap information:
o1 is L object or null
Known L object: o2 : L(p=o3,n=o4)
Symbolic integers: i1 : Z i2 : [>0]
Heap predicates:
Two references may be equal: o1 =? o2
Two references may share: o1%$o2Reference might have cycles containingall fields F : o1 F
![Page 50: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/50.jpg)
The abstract domain: symbolic states
class L {L p, n;
static int length(L x) {int r = 0;
while (x != null) {x = x.n;
r++;
}return r; }}
00: iconst 0 #load 0
01: istore 1 #store to r
02: aload 0 #load x
03: ifnull 17 #jump if x null
06: aload 0 #load x
07: getfield n #get n from x
10: astore 0 #store to x
11: iinc 1, 1 #increment r
14: goto 2
17: iload 1 #load r
18: ireturn #return r
00 | x :o1 | εo1:L(?) o1 {p,n}Stack frame:
Next program instruction
Local variables
Operand stack
Heap information:
o1 is L object or null
Known L object: o2 : L(p=o3,n=o4)
Symbolic integers: i1 : Z i2 : [>0]
Heap predicates:
Two references may be equal: o1 =? o2
Two references may share: o1%$o2Reference might have cycles containingall fields F : o1 F
![Page 51: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/51.jpg)
The abstract domain: symbolic states
class L {L p, n;
static int length(L x) {int r = 0;
while (x != null) {x = x.n;
r++;
}return r; }}
00: iconst 0 #load 0
01: istore 1 #store to r
02: aload 0 #load x
03: ifnull 17 #jump if x null
06: aload 0 #load x
07: getfield n #get n from x
10: astore 0 #store to x
11: iinc 1, 1 #increment r
14: goto 2
17: iload 1 #load r
18: ireturn #return r
00 | x :o1 | εo1:L(?) o1 {p,n}Stack frame:
Next program instruction
Local variables
Operand stack
Heap information:
o1 is L object or null
Known L object: o2 : L(p=o3,n=o4)
Symbolic integers: i1 : Z i2 : [>0]
Heap predicates:
Two references may be equal: o1 =? o2
Two references may share: o1%$o2Reference might have cycles containingall fields F : o1 F
![Page 52: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/52.jpg)
The abstract domain: symbolic states
class L {L p, n;
static int length(L x) {int r = 0;
while (x != null) {x = x.n;
r++;
}return r; }}
00: iconst 0 #load 0
01: istore 1 #store to r
02: aload 0 #load x
03: ifnull 17 #jump if x null
06: aload 0 #load x
07: getfield n #get n from x
10: astore 0 #store to x
11: iinc 1, 1 #increment r
14: goto 2
17: iload 1 #load r
18: ireturn #return r
00 | x :o1 | εo1:L(?) o1 {p,n}Stack frame:
Next program instruction
Local variables
Operand stack
Heap information:
o1 is L object or null
Known L object: o2 : L(p=o3,n=o4)
Symbolic integers: i1 : Z i2 : [>0]
Heap predicates:
Two references may be equal: o1 =? o2
Two references may share: o1%$o2Reference might have cycles containingall fields F : o1 F
Only explicit sharing
![Page 53: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/53.jpg)
The abstract domain: symbolic states
class L {L p, n;
static int length(L x) {int r = 0;
while (x != null) {x = x.n;
r++;
}return r; }}
00: iconst 0 #load 0
01: istore 1 #store to r
02: aload 0 #load x
03: ifnull 17 #jump if x null
06: aload 0 #load x
07: getfield n #get n from x
10: astore 0 #store to x
11: iinc 1, 1 #increment r
14: goto 2
17: iload 1 #load r
18: ireturn #return r
00 | x :o1 | εo1:L(?) o1 {p,n}Stack frame:
Next program instruction
Local variables
Operand stack
Heap information:
o1 is L object or null
Known L object: o2 : L(p=o3,n=o4)
Symbolic integers: i1 : Z i2 : [>0]
Heap predicates:
Two references may be equal: o1 =? o2
Two references may share: o1%$o2Reference might have cycles containingall fields F : o1 F
Only explicit sharing
![Page 54: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/54.jpg)
The abstract domain: symbolic states
class L {L p, n;
static int length(L x) {int r = 0;
while (x != null) {x = x.n;
r++;
}return r; }}
00: iconst 0 #load 0
01: istore 1 #store to r
02: aload 0 #load x
03: ifnull 17 #jump if x null
06: aload 0 #load x
07: getfield n #get n from x
10: astore 0 #store to x
11: iinc 1, 1 #increment r
14: goto 2
17: iload 1 #load r
18: ireturn #return r
00 | x :o1 | εo1:L(?) o1 {p,n}Stack frame:
Next program instruction
Local variables
Operand stack
Heap information:
o1 is L object or null
Known L object: o2 : L(p=o3,n=o4)
Symbolic integers: i1 : Z i2 : [>0]
Heap predicates:
Two references may be equal: o1 =? o2
Two references may share: o1%$o2
Reference might have cycles containingall fields F : o1 F
Only explicit sharing
![Page 55: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/55.jpg)
The abstract domain: symbolic states
class L {L p, n;
static int length(L x) {int r = 0;
while (x != null) {x = x.n;
r++;
}return r; }}
00: iconst 0 #load 0
01: istore 1 #store to r
02: aload 0 #load x
03: ifnull 17 #jump if x null
06: aload 0 #load x
07: getfield n #get n from x
10: astore 0 #store to x
11: iinc 1, 1 #increment r
14: goto 2
17: iload 1 #load r
18: ireturn #return r
00 | x :o1 | εo1:L(?) o1 {p,n}Stack frame:
Next program instruction
Local variables
Operand stack
Heap information:
o1 is L object or null
Known L object: o2 : L(p=o3,n=o4)
Symbolic integers: i1 : Z i2 : [>0]
Heap predicates:
Two references may be equal: o1 =? o2
Two references may share: o1%$o2Reference might have cycles containingall fields F : o1 F
Only explicit sharing
![Page 56: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/56.jpg)
00: iconst 0
01: istore 1
02: aload 0
03: ifnull 17
06: aload 0
07: getfield n
10: astore 0
11: iinc 1, 1
14: goto 2
17: iload 1
18: ireturn
00 |x :o1 |εo1:L(?) o1 {p,n}
A
State A:
x some list, might contain cycles using p and n
State B:
Initialized variable r to 0
State
s
C , D, E :
x (o1) null? We do not know!
⇒ RefinementI In D: o1 is null (y program ends)I In E : o1 replaced by o2, which exists and has fields:
Field values can share (y add %$)Field values can be cyclic again (y add )
int length(L x) {int r = 0;
while (x != null) {x = x.n; r++; }
return r; }
![Page 57: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/57.jpg)
00: iconst 0
01: istore 1
02: aload 0
03: ifnull 17
06: aload 0
07: getfield n
10: astore 0
11: iinc 1, 1
14: goto 2
17: iload 1
18: ireturn
00 |x :o1 |εo1:L(?) o1 {p,n}
A
02 |x :o1, r : 0 |εo1:L(?) o1 {p,n}
B
State A:
x some list, might contain cycles using p and n
State B:
Initialized variable r to 0
State
s
C , D, E :
x (o1) null? We do not know!
⇒ RefinementI In D: o1 is null (y program ends)I In E : o1 replaced by o2, which exists and has fields:
Field values can share (y add %$)Field values can be cyclic again (y add )
int length(L x) {int r = 0;
while (x != null) {x = x.n; r++; }
return r; }
![Page 58: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/58.jpg)
00: iconst 0
01: istore 1
02: aload 0
03: ifnull 17
06: aload 0
07: getfield n
10: astore 0
11: iinc 1, 1
14: goto 2
17: iload 1
18: ireturn
00 |x :o1 |εo1:L(?) o1 {p,n}
A
02 |x :o1, r : 0 |εo1:L(?) o1 {p,n}
B
03 |x :o1, r : 0 |o1o1:L(?) o1 {p,n}
C
State A:
x some list, might contain cycles using p and n
State B:
Initialized variable r to 0
State
s
C :
x (o1) null? We do not know!
⇒ RefinementI In D: o1 is null (y program ends)I In E : o1 replaced by o2, which exists and has fields:
Field values can share (y add %$)Field values can be cyclic again (y add )
int length(L x) {int r = 0;
while (x != null) {x = x.n; r++; }
return r; }
![Page 59: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/59.jpg)
00: iconst 0
01: istore 1
02: aload 0
03: ifnull 17
06: aload 0
07: getfield n
10: astore 0
11: iinc 1, 1
14: goto 2
17: iload 1
18: ireturn
00 |x :o1 |εo1:L(?) o1 {p,n}
A
02 |x :o1, r : 0 |εo1:L(?) o1 {p,n}
B
03 |x :o1, r : 0 |o1o1:L(?) o1 {p,n}
C
03 |x :null, r : 0 |null D
03 |x :o2, r : 0 |o2o2:L(p=o3, n=o4)o3:L(?) o4:L(?)o2%$o3 o2%$o4 o3%$o4o2, o3, o4 {p,n}
E
State A:
x some list, might contain cycles using p and n
State B:
Initialized variable r to 0
States C , D, E :
x (o1) null? We do not know!
⇒ RefinementI In D: o1 is null (y program ends)I In E : o1 replaced by o2, which exists and has fields:
Field values can share (y add %$)Field values can be cyclic again (y add )
int length(L x) {int r = 0;
while (x != null) {x = x.n; r++; }
return r; }
![Page 60: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/60.jpg)
00: iconst 0
01: istore 1
02: aload 0
03: ifnull 17
06: aload 0
07: getfield n
10: astore 0
11: iinc 1, 1
14: goto 2
17: iload 1
18: ireturn
00 |x :o1 |εo1:L(?) o1 {p,n}
A
02 |x :o1, r : 0 |εo1:L(?) o1 {p,n}
B
03 |x :o1, r : 0 |o1o1:L(?) o1 {p,n}
C
03 |x :null, r : 0 |null D
03 |x :o2, r : 0 |o2o2:L(p=o3, n=o4)o3:L(?) o4:L(?)o2%$o3 o2%$o4 o3%$o4o2, o3, o4 {p,n}
E 11 |x :o4, r : 0 |εo4:L(?) o4 {p,n}
F
State F :
Stored x.n to x (allowing for GC)
State
s
G , B ′:
Incremented r, back to position 02 (as B)
⇒ Generalization: “Merge” states B, G
States C ′,G ′:
Repetition of C ,G
int length(L x) {int r = 0;
while (x != null) {x = x.n; r++; }
return r; }
![Page 61: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/61.jpg)
00: iconst 0
01: istore 1
02: aload 0
03: ifnull 17
06: aload 0
07: getfield n
10: astore 0
11: iinc 1, 1
14: goto 2
17: iload 1
18: ireturn
00 |x :o1 |εo1:L(?) o1 {p,n}
A
02 |x :o1, r : 0 |εo1:L(?) o1 {p,n}
B
03 |x :o1, r : 0 |o1o1:L(?) o1 {p,n}
C
03 |x :null, r : 0 |null D
03 |x :o2, r : 0 |o2o2:L(p=o3, n=o4)o3:L(?) o4:L(?)o2%$o3 o2%$o4 o3%$o4o2, o3, o4 {p,n}
E 11 |x :o4, r : 0 |εo4:L(?) o4 {p,n}
F
02 |x :o4, r : 1 |εo4:L(?) o4 {p,n}
G
State F :
Stored x.n to x (allowing for GC)
State
s
G :
Incremented r, back to position 02 (as B)
⇒ Generalization: “Merge” states B, G
States C ′,G ′:
Repetition of C ,G
int length(L x) {int r = 0;
while (x != null) {x = x.n; r++; }
return r; }
![Page 62: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/62.jpg)
00: iconst 0
01: istore 1
02: aload 0
03: ifnull 17
06: aload 0
07: getfield n
10: astore 0
11: iinc 1, 1
14: goto 2
17: iload 1
18: ireturn
00 |x :o1 |εo1:L(?) o1 {p,n}
A
02 |x :o1, r : 0 |εo1:L(?) o1 {p,n}
B
03 |x :o1, r : 0 |o1o1:L(?) o1 {p,n}
C
03 |x :null, r : 0 |null D
03 |x :o2, r : 0 |o2o2:L(p=o3, n=o4)o3:L(?) o4:L(?)o2%$o3 o2%$o4 o3%$o4o2, o3, o4 {p,n}
E 11 |x :o4, r : 0 |εo4:L(?) o4 {p,n}
F
02 |x :o4, r : 1 |εo4:L(?) o4 {p,n}
G02 |x :o′1, r : i1 |εo′1:L(?) o′1 {p,n} i1: [≥0]
B′
State F :
Stored x.n to x (allowing for GC)
States G , B ′:
Incremented r, back to position 02 (as B)
⇒ Generalization: “Merge” states B, G
States C ′,G ′:
Repetition of C ,G
int length(L x) {int r = 0;
while (x != null) {x = x.n; r++; }
return r; }
![Page 63: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/63.jpg)
00: iconst 0
01: istore 1
02: aload 0
03: ifnull 17
06: aload 0
07: getfield n
10: astore 0
11: iinc 1, 1
14: goto 2
17: iload 1
18: ireturn
00 |x :o1 |εo1:L(?) o1 {p,n}
A
02 |x :o1, r : 0 |εo1:L(?) o1 {p,n}
B
03 |x :o1, r : 0 |o1o1:L(?) o1 {p,n}
C
03 |x :null, r : 0 |null D
03 |x :o2, r : 0 |o2o2:L(p=o3, n=o4)o3:L(?) o4:L(?)o2%$o3 o2%$o4 o3%$o4o2, o3, o4 {p,n}
E 11 |x :o4, r : 0 |εo4:L(?) o4 {p,n}
F
02 |x :o4, r : 1 |εo4:L(?) o4 {p,n}
G02 |x :o′1, r : i1 |εo′1:L(?) o′1 {p,n} i1: [≥0]
B′
03 |x :o′1, r : i1 |o′1
o′1:L(?) o′1 {p,n} i1: [≥0]C ′
02 |x :o′4, r : i2 |o′4
o′4:L(?) o′4 {p,n} i2: [≥1]
G ′
i2= i1 + 1
State F :
Stored x.n to x (allowing for GC)
States G , B ′:
Incremented r, back to position 02 (as B)
⇒ Generalization: “Merge” states B, G
States C ′,G ′:
Repetition of C ,G
int length(L x) {int r = 0;
while (x != null) {x = x.n; r++; }
return r; }
![Page 64: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/64.jpg)
00: iconst 0
01: istore 1
02: aload 0
03: ifnull 17
06: aload 0
07: getfield n
10: astore 0
11: iinc 1, 1
14: goto 2
17: iload 1
18: ireturn
00 |x :o1 |εo1:L(?) o1 {p,n}
A
02 |x :o1, r : 0 |εo1:L(?) o1 {p,n}
B
03 |x :o1, r : 0 |o1o1:L(?) o1 {p,n}
C
03 |x :null, r : 0 |null D
03 |x :o2, r : 0 |o2o2:L(p=o3, n=o4)o3:L(?) o4:L(?)o2%$o3 o2%$o4 o3%$o4o2, o3, o4 {p,n}
E 11 |x :o4, r : 0 |εo4:L(?) o4 {p,n}
F
02 |x :o4, r : 1 |εo4:L(?) o4 {p,n}
G02 |x :o′1, r : i1 |εo′1:L(?) o′1 {p,n} i1: [≥0]
B′
03 |x :o′1, r : i1 |o′1
o′1:L(?) o′1 {p,n} i1: [≥0]C ′
02 |x :o′4, r : i2 |o′4
o′4:L(?) o′4 {p,n} i2: [≥1]
G ′
i2= i1 + 1
State F :
Stored x.n to x (allowing for GC)
States G , B ′:
Incremented r, back to position 02 (as B)
⇒ Generalization: “Merge” states B, G
States C ′,G ′:
Repetition of C ,G
int length(L x) {int r = 0;
while (x != null) {x = x.n; r++; }
return r; }
![Page 65: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/65.jpg)
Orientation: Term Rewriting
Generalized Functional Programming
Rules R define rewrite relation:
app(Cons(x , xs), ys)→ Cons(x , app(xs, ys)) (1)
app(Nil, ys)→ ys (2)
Rewriting of term t with rule l → r :1 Find subterm s of t2 Find variable instantiation σ with σ(l) = s3 Result t ′ is t with s replaced by σ(r)
app(Cons(1,Nil),Cons(2,Nil)) with (1), x = 1, xs = Nil,
ys = Cons(2,Nil)
→ Cons(1, app(Nil,Cons(2,Nil))) with (2), ys = Cons(2,Nil)
→ Cons(1,Cons(2,Nil))
![Page 66: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/66.jpg)
Orientation: Term Rewriting
Generalized Functional ProgrammingRules R define rewrite relation:
app(Cons(x , xs), ys)→ Cons(x , app(xs, ys)) (1)
app(Nil, ys)→ ys (2)
Rewriting of term t with rule l → r :1 Find subterm s of t2 Find variable instantiation σ with σ(l) = s3 Result t ′ is t with s replaced by σ(r)
app(Cons(1,Nil),Cons(2,Nil)) with (1), x = 1, xs = Nil,
ys = Cons(2,Nil)
→ Cons(1, app(Nil,Cons(2,Nil))) with (2), ys = Cons(2,Nil)
→ Cons(1,Cons(2,Nil))
![Page 67: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/67.jpg)
Orientation: Term Rewriting
Generalized Functional ProgrammingRules R define rewrite relation:
app(Cons(x , xs), ys)→ Cons(x , app(xs, ys)) (1)
app(Nil, ys)→ ys (2)
Rewriting of term t with rule l → r :1 Find subterm s of t2 Find variable instantiation σ with σ(l) = s3 Result t ′ is t with s replaced by σ(r)
app(Cons(1,Nil),Cons(2,Nil)) with (1), x = 1, xs = Nil,
ys = Cons(2,Nil)
→ Cons(1, app(Nil,Cons(2,Nil))) with (2), ys = Cons(2,Nil)
→ Cons(1,Cons(2,Nil))
![Page 68: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/68.jpg)
Transforming values to terms
03 |x :o2, r :0 |o2o2:L(p=o3, n=o4)o3:L(?) o4:L(?)o2%$o3 o2%$o4 o3%$o4o2, o3, o4 {p,n}
E
Known integers transformed to themselves
Unknown values transformed to variables
Data structures transformed to nested constructor terms:Class Cl with n fields y symbol Cl of arity n
Encoding cycles: Special symbol © for repetition
fE (
o2︷ ︸︸ ︷
L(
o3,
o4), 0,
o2︷ ︸︸ ︷L(
o3,
o4)
) → fF (o4
′
, 0)
![Page 69: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/69.jpg)
Transforming values to terms
03 |x :o2, r :0 |o2o2:L(p=o3, n=o4)o3:L(?) o4:L(?)o2%$o3 o2%$o4 o3%$o4o2, o3, o4 {p,n}
E
Known integers transformed to themselves
Unknown values transformed to variables
Data structures transformed to nested constructor terms:Class Cl with n fields y symbol Cl of arity n
Encoding cycles: Special symbol © for repetition
fE (
o2︷ ︸︸ ︷
L(
o3,
o4),
0
,
o2︷ ︸︸ ︷L(
o3,
o4)
) → fF (o4
′
, 0)
![Page 70: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/70.jpg)
Transforming values to terms
03 |x :o2, r :0 |o2o2:L(p=o3, n=o4)o3:L(?) o4:L(?)o2%$o3 o2%$o4 o3%$o4o2, o3, o4 {p,n}
E
Known integers transformed to themselves
Unknown values transformed to variables
Data structures transformed to nested constructor terms:Class Cl with n fields y symbol Cl of arity n
Encoding cycles: Special symbol © for repetition
fE (
o2︷ ︸︸ ︷
L(
o3, o4
),
0
,
o2︷ ︸︸ ︷L(
o3,
o4)
) → fF (o4
′
, 0)
![Page 71: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/71.jpg)
Transforming values to terms
03 |x :o2, r :0 |o2o2:L(p=o3, n=o4)o3:L(?) o4:L(?)o2%$o3 o2%$o4 o3%$o4o2, o3, o4 {p,n}
E
Known integers transformed to themselves
Unknown values transformed to variables
Data structures transformed to nested constructor terms:Class Cl with n fields y symbol Cl of arity n
Encoding cycles: Special symbol © for repetition
fE (
o2︷ ︸︸ ︷L(o3, o4)
,
0
,
o2︷ ︸︸ ︷L(
o3,
o4)
) → fF (o4
′
, 0)
![Page 72: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/72.jpg)
Transforming values to terms
03 |x :o2, r :0 |o2o2:L(p=o3, n=o4)o3:L(?) o4:L(?)o2%$o3 o2%$o4 o3%$o4o2, o3, o4 {p,n}
E
Known integers transformed to themselves
Unknown values transformed to variables
Data structures transformed to nested constructor terms:Class Cl with n fields y symbol Cl of arity n
Encoding cycles: Special symbol © for repetition
fE (
o2︷ ︸︸ ︷
L(
o3,
o4), 0,
o2︷ ︸︸ ︷L(
o3,
o4)
) → fF (o4
′
, 0)
o5:L(p=null, n=o6)o6:L(p=o5, n=o7)o7:L(p=o6, n=null) null o5 o6 o7 null
n n n
ppp
Encoding of o5: L(null, L(©, L(©, null)))Encoding of o6: L(L(null,©), L(©, null))
![Page 73: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/73.jpg)
Transforming states to terms
03 |x :o2, r :0 |o2o2:L(p=o3, n=o4)o3:L(?) o4:L(?)o2%$o3 o2%$o4 o3%$o4o2, o3, o4 {p,n}
E
State s term encoding:I Root symbol (≡ program position) fsI All local variables, stack entries as arguments
Evaluation edges: Encode states, put in →
I Problem: Cycle encoding changes y free var on rhsI Solution: Filter: Only encode non-cyclic parts!
Refinement edges: Encode target state twice, relabel
Instantiation edges: Encode source state twice, relabel
fE (
o2︷ ︸︸ ︷L(o3, o4), 0,
o2︷ ︸︸ ︷L(o3, o4))
→ fF (o4
′
, 0)
![Page 74: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/74.jpg)
Transforming edges to rules
03 |x :o2, r :0 |o2o2:L(p=o3, n=o4)o3:L(?) o4:L(?)o2%$o3 o2%$o4 o3%$o4o2, o3, o4 {p,n}
E 11 |x :o4, r :0 |εo4 : L(?)o4 {p,n}
F
State s term encoding:I Root symbol (≡ program position) fsI All local variables, stack entries as arguments
Evaluation edges: Encode states, put in →
I Problem: Cycle encoding changes y free var on rhsI Solution: Filter: Only encode non-cyclic parts!
Refinement edges: Encode target state twice, relabel
Instantiation edges: Encode source state twice, relabel
fE (
o2︷ ︸︸ ︷L(o3, o4), 0,
o2︷ ︸︸ ︷L(o3, o4)) → fF (o4
′
, 0)
![Page 75: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/75.jpg)
Transforming edges to rules
03 |x :o2, r :0 |o2o2:L(p=o3, n=o4)o3:L(?) o4:L(?)o2%$o3 o2%$o4 o3%$o4o2, o3, o4 {p,n}
E 11 |x :o4, r :0 |εo4 : L(?)o4 {p,n}
F
State s term encoding:I Root symbol (≡ program position) fsI All local variables, stack entries as arguments
Evaluation edges: Encode states, put in →I Problem: Cycle encoding changes y free var on rhs
I Solution: Filter: Only encode non-cyclic parts!
Refinement edges: Encode target state twice, relabel
Instantiation edges: Encode source state twice, relabel
fE (
o2︷ ︸︸ ︷L(o3, o4), 0,
o2︷ ︸︸ ︷L(o3, o4)) → fF (o4
′, 0)
![Page 76: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/76.jpg)
Transforming edges to rules
03 |x :o2, r :0 |o2o2:L(p=o3, n=o4)o3:L(?) o4:L(?)o2%$o3 o2%$o4 o3%$o4o2, o3, o4 {p,n}
E 11 |x :o4, r :0 |εo4 : L(?)o4 {p,n}
F
State s term encoding:I Root symbol (≡ program position) fsI All local variables, stack entries as arguments
Evaluation edges: Encode states, put in →I Problem: Cycle encoding changes y free var on rhsI Solution: Filter: Only encode non-cyclic parts!
Refinement edges: Encode target state twice, relabel
Instantiation edges: Encode source state twice, relabel
fE (
o2︷ ︸︸ ︷L(
o3,
o4), 0,
o2︷ ︸︸ ︷L(
o3,
o4)) → fF (o4
′
, 0)
![Page 77: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/77.jpg)
Transforming edges to rules
03 |x :o1, r :0 |o1o1 : L(?)o1 {p,n}
C
03 |x :o2, r :0 |o2o2:L(p=o3, n=o4)o3:L(?) o4:L(?)o2%$o3 o2%$o4 o3%$o4o2, o3, o4 {p,n}
E
State s term encoding:I Root symbol (≡ program position) fsI All local variables, stack entries as arguments
Evaluation edges: Encode states, put in →I Problem: Cycle encoding changes y free var on rhsI Solution: Filter: Only encode non-cyclic parts!
Refinement edges: Encode target state twice, relabel
Instantiation edges: Encode source state twice, relabel
fC (L(o4), 0, L(o4)) → fE (L(o4), 0, L(o4))
![Page 78: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/78.jpg)
Transforming edges to rules
02 |x :o4, r :1 |εo4 : L(?)o4 {p,n}
G 02 |x :o ′1, r : i1 |εo ′1:L(?) o ′1 {p,n} i1: [≥0]
B ′
State s term encoding:I Root symbol (≡ program position) fsI All local variables, stack entries as arguments
Evaluation edges: Encode states, put in →I Problem: Cycle encoding changes y free var on rhsI Solution: Filter: Only encode non-cyclic parts!
Refinement edges: Encode target state twice, relabel
Instantiation edges: Encode source state twice, relabel
fG (o4, 2) → fB′(o4, 2)
![Page 79: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/79.jpg)
The example TRS
00: iconst 1
01: istore 1
02: aload 0
03: ifnull 17
06: aload 0
07: getfield n
10: astore 0
11: iinc 1, 1
14: goto 2
17: iload 1
18: ireturn
00 |x :o1 |εo1:L(?) o1 {p,n}
A
02 |x :o1, r : 1 |εo1:L(?) o1 {p,n}
B
03 |x :o1, r : 1 |o1o1:L(?) o1 {p,n}
C
03 |x :null, r : 1 |null D
03 |x :o2, r : 1 |o2o2:L(p=o3, n=o4)o3:L(?) o4:L(?)o2%$o3 o2%$o4 o3%$o4o2, o3, o4 {p,n}
E 11 |x :o4, r : 1 |εo4:L(?) o4 {p,n}
F
02 |x :o4, r : 2 |εo4:L(?) o4 {p,n}
G02 |x :o′1, r : i1 |εo′1:L(?) o′1 {p,n} i1: [>0]
B′
03 |x :o′1, r : i1 |o′1
o′1:L(?) o′1 {p,n} i1: [>0]
C ′02 |x :o′4, r : i2 |o
′4
o′4:L(?) o′4 {p,n} i2: [>1]
G ′
i2= i1 + 1
1 Only consider SCCs!
2 Transform all edges as before, simplify:
fB′(L(o ′4), i1) → fB′(o′4, i1 + 1)
![Page 80: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/80.jpg)
The example TRS
00: iconst 1
01: istore 1
02: aload 0
03: ifnull 17
06: aload 0
07: getfield n
10: astore 0
11: iinc 1, 1
14: goto 2
17: iload 1
18: ireturn
02 |x :o′1, r : i1 |εo′1:L(?) o′1 {p,n} i1: [>0]
B′
03 |x :o′1, r : i1 |o′1
o′1:L(?) o′1 {p,n} i1: [>0]
C ′02 |x :o′4, r : i2 |o
′4
o′4:L(?) o′4 {p,n} i2: [>1]
G ′
i2= i1 + 1
1 Only consider SCCs!
2 Transform all edges as before, simplify:
fB′(L(o ′4), i1) → fB′(o′4, i1 + 1)
![Page 81: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/81.jpg)
The example TRS
00: iconst 1
01: istore 1
02: aload 0
03: ifnull 17
06: aload 0
07: getfield n
10: astore 0
11: iinc 1, 1
14: goto 2
17: iload 1
18: ireturn
02 |x :o′1, r : i1 |εo′1:L(?) o′1 {p,n} i1: [>0]
B′
03 |x :o′1, r : i1 |o′1
o′1:L(?) o′1 {p,n} i1: [>0]
C ′02 |x :o′4, r : i2 |o
′4
o′4:L(?) o′4 {p,n} i2: [>1]
G ′
i2= i1 + 1
1 Only consider SCCs!
2 Transform all edges as before, simplify:
fB′(L(o ′4), i1) → fB′(o′4, i1 + 1)
![Page 82: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/82.jpg)
AProVE features for Java
Implementation for full Java without reflection and multithreading
Correctness proof w.r.t. JINJA [VITA’10]
Built-in, implicit analyses for nullness, aliasing, sharing, cyclicity
Termination analysis for algorithms
I on integers [RTA’10]I on acyclic user-defined data structures (trees, DAGs, . . . ) [RTA’10]I using recursion [RTA’11]I on cyclic data [CAV’12]
by measuring distancesby detecting (and ignoring) irrelevant cyclicityby automatically finding and counting markers
Non-termination analysis [FoVeOOS’11]
![Page 83: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/83.jpg)
AProVE features for Java
Implementation for full Java without reflection and multithreading
Correctness proof w.r.t. JINJA [VITA’10]
Built-in, implicit analyses for nullness, aliasing, sharing, cyclicity
Termination analysis for algorithms
I on integers [RTA’10]I on acyclic user-defined data structures (trees, DAGs, . . . ) [RTA’10]I using recursion [RTA’11]I on cyclic data [CAV’12]
by measuring distancesby detecting (and ignoring) irrelevant cyclicityby automatically finding and counting markers
Non-termination analysis [FoVeOOS’11]
![Page 84: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/84.jpg)
AProVE features for Java
Implementation for full Java without reflection and multithreading
Correctness proof w.r.t. JINJA [VITA’10]
Built-in, implicit analyses for nullness, aliasing, sharing, cyclicity
Termination analysis for algorithmsI on integers [RTA’10]I on acyclic user-defined data structures (trees, DAGs, . . . ) [RTA’10]
I using recursion [RTA’11]I on cyclic data [CAV’12]
by measuring distancesby detecting (and ignoring) irrelevant cyclicityby automatically finding and counting markers
Non-termination analysis [FoVeOOS’11]
![Page 85: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/85.jpg)
AProVE features for Java
Implementation for full Java without reflection and multithreading
Correctness proof w.r.t. JINJA [VITA’10]
Built-in, implicit analyses for nullness, aliasing, sharing, cyclicity
Termination analysis for algorithmsI on integers [RTA’10]I on acyclic user-defined data structures (trees, DAGs, . . . ) [RTA’10]I using recursion [RTA’11]
I on cyclic data [CAV’12]
by measuring distancesby detecting (and ignoring) irrelevant cyclicityby automatically finding and counting markers
Non-termination analysis [FoVeOOS’11]
![Page 86: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/86.jpg)
AProVE features for Java
Implementation for full Java without reflection and multithreading
Correctness proof w.r.t. JINJA [VITA’10]
Built-in, implicit analyses for nullness, aliasing, sharing, cyclicity
Termination analysis for algorithmsI on integers [RTA’10]I on acyclic user-defined data structures (trees, DAGs, . . . ) [RTA’10]I using recursion [RTA’11]I on cyclic data [CAV’12]
by measuring distancesby detecting (and ignoring) irrelevant cyclicityby automatically finding and counting markers
Non-termination analysis [FoVeOOS’11]
![Page 87: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/87.jpg)
AProVE features for Java
Implementation for full Java without reflection and multithreading
Correctness proof w.r.t. JINJA [VITA’10]
Built-in, implicit analyses for nullness, aliasing, sharing, cyclicity
Termination analysis for algorithmsI on integers [RTA’10]I on acyclic user-defined data structures (trees, DAGs, . . . ) [RTA’10]I using recursion [RTA’11]I on cyclic data [CAV’12]
by measuring distancesby detecting (and ignoring) irrelevant cyclicityby automatically finding and counting markers
Non-termination analysis [FoVeOOS’11]
![Page 88: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/88.jpg)
Experimental results
Evaluated on collection of 441 programs from Termination ProblemData Base
Yes No Fail Run (s)
AProVE 289 125 27 16.6Julia 205 79 157 6.5COSTA 163 0 278 13.1
Won Termination Competition 2012/2013
Open problems:I Abstraction refinementI Modular analysis
Specialized abstract domains:
easy to automate
very effective
![Page 89: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/89.jpg)
Experimental results
Evaluated on collection of 441 programs from Termination ProblemData Base
Yes No Fail Run (s)
AProVE 289 125 27 16.6Julia 205 79 157 6.5COSTA 163 0 278 13.1
Won Termination Competition 2012/2013
Open problems:I Abstraction refinementI Modular analysis
Specialized abstract domains:
easy to automate
very effective
![Page 90: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/90.jpg)
Experimental results
Evaluated on collection of 441 programs from Termination ProblemData Base
Yes No Fail Run (s)
AProVE 289 125 27 16.6Julia 205 79 157 6.5COSTA 163 0 278 13.1
Won Termination Competition 2012/2013
Open problems:I Abstraction refinementI Modular analysis
Specialized abstract domains:
easy to automate
very effective
![Page 91: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/91.jpg)
Experimental results
Evaluated on collection of 441 programs from Termination ProblemData Base
Yes No Fail Run (s)
AProVE 289 125 27 16.6Julia 205 79 157 6.5COSTA 163 0 278 13.1
Won Termination Competition 2012/2013
Open problems:I Abstraction refinementI Modular analysis
Specialized abstract domains:
easy to automate
very effective
![Page 92: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/92.jpg)
Termination Analysis: Invariants and Rank Functions
Example
y := 1;while x > 0 do
x := x − y;y := y + 1;
done
Invariant y > 0 and rank function x prove termination
How do we know that we need y > 0? y x requires it
How do we know that x is a RF? y y > 0 proves it
![Page 93: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/93.jpg)
Termination Analysis: Invariants and Rank Functions
Example
y := 1;while x > 0 do
x := x − y;y := y + 1;
done
Invariant y > 0 and rank function x prove termination
How do we know that we need y > 0? y x requires it
How do we know that x is a RF? y y > 0 proves it
![Page 94: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/94.jpg)
Termination by iterative strengthening: Idea
1 Safety: Provide samples (Counterexamples)
2 Rank tool: Find specific termination argument
3 Safety: Prove generality, or 1
![Page 95: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/95.jpg)
Termination by iterative strengthening: Idea
1 Safety: Provide samples (Counterexamples)
2 Rank tool: Find specific termination argument
3 Safety: Prove generality, or 1
![Page 96: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/96.jpg)
Termination by iterative strengthening
Loop states
Find counterexample
then strengthen argument
![Page 97: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/97.jpg)
Termination by iterative strengthening
Loop states
Execution
Find counterexample
then strengthen argument
![Page 98: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/98.jpg)
Termination by iterative strengthening
Loop statesTerminating states
Execution
Find counterexample
then strengthen argument
![Page 99: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/99.jpg)
Termination by iterative strengthening
Loop statesTerminating states
Terminating states
Execution
Find counterexample
then strengthen argument
![Page 100: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/100.jpg)
Termination by iterative strengthening
Loop statesTerminating states
Terminating states
Term
inat
ing
stat
esFind counterexample
then strengthen argument
![Page 101: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/101.jpg)
Termination by iterative strengthening: Worst case
1 Safety: Look at everything, then return old sample
2 Rank tool: Find too specific termination argument
3 Safety: Can’t prove generality, repeat 1
![Page 102: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/102.jpg)
Termination by iterative strengthening: Worst case
1 Safety: Look at everything, then return old sample
2 Rank tool: Find too specific termination argument
3 Safety: Can’t prove generality, repeat 1
![Page 103: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/103.jpg)
Termination by iterative simplification
Loop trans.
![Page 104: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/104.jpg)
Termination by iterative simplification
Loop trans.
Execution
![Page 105: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/105.jpg)
Termination by iterative simplification
Loop trans.
Execution
Find rank function for SCC
![Page 106: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/106.jpg)
Termination by iterative simplification
Loop trans.
Execution
Find rank function for SCC
then remove transitions
![Page 107: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/107.jpg)
Termination by iterative simplification
Loop trans.
Execution
Find rank function for SCC
then remove transitions
![Page 108: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/108.jpg)
Termination by iterative simplification
Looptrans.
Execution
Find rank function for SCC
then remove transitions
![Page 109: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/109.jpg)
Termination by cooperation
1 Safety: Provide samples (Counterexamples)
2 Rank tool: Find termination argument in context
3 Rank tool: Mark definitely terminating parts (simplify)
4 Safety: Prove generality for rest, or 1
![Page 110: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/110.jpg)
Cooperation: High-level view
Safety Termination
![Page 111: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/111.jpg)
Cooperation: High-level view
Safety Termination
![Page 112: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/112.jpg)
Cooperation: High-level view
Safety Termination
Term
inat
ing
stat
es
![Page 113: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/113.jpg)
Cooperation: High-level view
Safety Termination
Term
inat
ing
stat
es
![Page 114: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/114.jpg)
Cooperation: High-level view
start
`1
`2
τ0 : if(k ≥ 1);i := 0;
τ1 : if(i < n);j := 0;
τ2 : if(j > i);i := i + 1;
τ3 : if(j ≤ i);j := j + k;
Example (Source)
if k ≥ 1 theni := 0;
`1 while i < n do
j := 0;
`2 while j ≤ i do
j := j + k;done
i := i + 1;done
fi
![Page 115: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/115.jpg)
Cooperation: High-level view
start
`1
`2
τ0 : if(k ≥ 1);i := 0;
τ1 : if(i < n);j := 0;
τ2 : if(j > i);i := i + 1;
τ3 : if(j ≤ i);j := j + k;
`t1
`t2
`d1
`d2
maybe take a
snapshot
maybe take a
snapshot
check decrease
check decrease
τt1: if(i<n);
j :=0;
τ t3 : if(j ≤ i);j := j + k;
τ t2 : if(j >
i);
i :=i +
1;
![Page 116: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/116.jpg)
Cooperation
Intuition:
Safety subgraph: original program
Termination subgraph: instrumented copy
Ranking: Simplify problem, “point out hard bits”
Safety: Analyze whole program, “point out invariants”
Approach:
Analyze whole SCC, not counterexample slice
Remove transitions after proof
![Page 117: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/117.jpg)
Cooperation
Intuition:
Safety subgraph: original program
Termination subgraph: instrumented copy
Ranking: Simplify problem, “point out hard bits”
Safety: Analyze whole program, “point out invariants”
Approach:
Analyze whole SCC, not counterexample slice
Remove transitions after proof
![Page 118: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/118.jpg)
Cooperation
Intuition:
Safety subgraph: original program
Termination subgraph: instrumented copy
Ranking: Simplify problem, “point out hard bits”
Safety: Analyze whole program, “point out invariants”
Approach:
Analyze whole SCC, not counterexample slice
Remove transitions after proof
![Page 119: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/119.jpg)
Cooperation
Intuition:
Safety subgraph: original program
Termination subgraph: instrumented copy
Ranking: Simplify problem, “point out hard bits”
Safety: Analyze whole program, “point out invariants”
Approach:
Analyze whole SCC, not counterexample slice
Remove transitions after proof
![Page 120: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/120.jpg)
Cooperation
Intuition:
Safety subgraph: original program
Termination subgraph: instrumented copy
Ranking: Simplify problem, “point out hard bits”
Safety: Analyze whole program, “point out invariants”
Approach:
Analyze whole SCC, not counterexample slice
Remove transitions after proof
![Page 121: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/121.jpg)
Cooperation: Simplification
start
`1
`2
τ0 : if(k ≥ 1);i := 0;
τ1 : if(i < n);j := 0;
τ2 : if(j > i);i := i + 1;
τ3 : if(j ≤ i);j := j + k;
`t1
`t2
`d1
`d2
maybe take a
snapshot
maybe take a
snapshot
check decrease
check decrease
τt1: if(i<n);
j :=0;
τ t3 : if(j ≤ i);j := j + k;
τ t2 : if(j >
i);
i :=i +
1;
![Page 122: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/122.jpg)
Cooperation: Simplification
start
`1
`2
`t1
`t2
`d1
`d2
maybe take a
snapshot
maybe take a
snapshot
check decrease
check decrease
τt1: if(i<n);
j :=0;
τ t3 : if(j ≤ i);j := j + k;
τ t2 : if(j >
i);
i :=i +
1;
Simplification
1 Find SCC S intermination graph:
`t1, `d1 , `
t2, `
d2
2 Find S-orienting RF:
f 1`t1(i,j,k,n) = n− i + 1
f 1`d1
(i,j,k,n) = n− i + 1
f 1`t2(i,j,k,n) = n− i
f 1`d2
(i,j,k,n) = n− i
3 Delete decr./bounded
4 Clean up
![Page 123: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/123.jpg)
Cooperation: Simplification
start
`1
`2
`t1
`t2
`d1
`d2
maybe take a
snapshot
maybe take a
snapshot
check decrease
check decrease
τt1: if(i<n);
j :=0;
τ t3 : if(j ≤ i);j := j + k;
τ t2 : if(j >
i);
i :=i +
1;
Simplification1 Find SCC S in
termination graph:
`t1, `d1 , `
t2, `
d2
2 Find S-orienting RF:
f 1`t1(i,j,k,n) = n− i + 1
f 1`d1
(i,j,k,n) = n− i + 1
f 1`t2(i,j,k,n) = n− i
f 1`d2
(i,j,k,n) = n− i
3 Delete decr./bounded
4 Clean up
![Page 124: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/124.jpg)
Cooperation: Simplification
start
`1
`2
`t1
`t2
`d1
`d2
maybe take a
snapshot
maybe take a
snapshot
check decrease
check decrease
τt1: if(i<n);
j :=0;
τ t3 : if(j ≤ i);j := j + k;
τ t2 : if(j >
i);
i :=i +
1;
Simplification1 Find SCC S in
termination graph:
`t1, `d1 , `
t2, `
d2
2 Find S-orienting RF:
f 1`t1(i,j,k,n) = n− i + 1
f 1`d1
(i,j,k,n) = n− i + 1
f 1`t2(i,j,k,n) = n− i
f 1`d2
(i,j,k,n) = n− i
3 Delete decr./bounded
4 Clean up
![Page 125: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/125.jpg)
Cooperation: Simplification
start
`1
`2
`t1
`t2
`d1
`d2
maybe take a
snapshot
maybe take a
snapshot
check decrease
check decrease
τt1: if(i<n);
j :=0;
τ t3 : if(j ≤ i);j := j + k;
τ t2 : if(j >
i);
i :=i +
1;
Simplification1 Find SCC S in
termination graph:
`t1, `d1 , `
t2, `
d2
2 Find S-orienting RF:
f 1`t1(i,j,k,n) = n− i + 1
f 1`d1
(i,j,k,n) = n− i + 1
f 1`t2(i,j,k,n) = n− i
f 1`d2
(i,j,k,n) = n− i
3 Delete decr./bounded
4 Clean up
![Page 126: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/126.jpg)
Cooperation: Simplification
start
`1
`2
`t1
`t2
`d1
`d2
maybe take a
snapshot
maybe take a
snapshot
check decrease
check decrease
τ t3 : if(j ≤ i);j := j + k;
τ t2 : if(j >
i);
i :=i +
1;
Simplification1 Find SCC S in
termination graph:
`t1, `d1 , `
t2, `
d2
2 Find S-orienting RF:
f 1`t1(i,j,k,n) = n− i + 1
f 1`d1
(i,j,k,n) = n− i + 1
f 1`t2(i,j,k,n) = n− i
f 1`d2
(i,j,k,n) = n− i
3 Delete decr./bounded
4 Clean up
![Page 127: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/127.jpg)
Cooperation: Simplification
start
`1
`2 `t2 `d2
maybe take a
snapshotcheck decrease
τ t3 : if(j ≤ i);j := j + k;
Simplification1 Find SCC S in
termination graph:
`t1, `d1 , `
t2, `
d2
2 Find S-orienting RF:
f 1`t1(i,j,k,n) = n− i + 1
f 1`d1
(i,j,k,n) = n− i + 1
f 1`t2(i,j,k,n) = n− i
f 1`d2
(i,j,k,n) = n− i
3 Delete decr./bounded
4 Clean up
![Page 128: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/128.jpg)
Cooperation
start
`1
`2
τ0 : if(k ≥ 1);i := 0;
τ1 : if(i < n);j := 0;
τ2 : if(j > i);i := i + 1;
τ3 : if(j ≤ i);j := j + k;
`t2 `d2
maybe take a
snapshotcheck decrease
τ t3 : if(j ≤ i);j := j + k;
![Page 129: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/129.jpg)
Cooperation: Invariants
start
`1
`2
τ0 : if(k ≥ 1);i := 0;
τ1 : if(i < n);j := 0;
τ2 : if(j > i);i := i + 1;
τ3 : if(j ≤ i);j := j + k;
`t2 `d2
maybe take a
snapshotcheck decrease
τ t3 : if(j ≤ i);j := j + k;
Construction/Checking1 No simplification possible
2 Obtain counterexample:
τ0 τ1 (snapshot) τ t3
3 Compute RF:
f 1`t2(i,j,k,n) = i− j
4 Add to instrumentation
![Page 130: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/130.jpg)
Cooperation: Invariants
start
`1
`2
τ0 : if(k ≥ 1);i := 0;
τ1 : if(i < n);j := 0;
τ2 : if(j > i);i := i + 1;
τ3 : if(j ≤ i);j := j + k;
`t2 `d2
maybe take a
snapshotcheck decrease
τ t3 : if(j ≤ i);j := j + k;
Construction/Checking1 No simplification possible
2 Obtain counterexample:
τ0 τ1 (snapshot) τ t3
3 Compute RF:
f 1`t2(i,j,k,n) = i− j
4 Add to instrumentation
![Page 131: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/131.jpg)
Cooperation: Invariants
start
`1
`2
τ0 : if(k ≥ 1);i := 0;
τ1 : if(i < n);j := 0;
τ2 : if(j > i);i := i + 1;
τ3 : if(j ≤ i);j := j + k;
`t2 `d2
maybe take a
snapshotcheck decrease
τ t3 : if(j ≤ i);j := j + k;
Construction/Checking1 No simplification possible
2 Obtain counterexample:
τ0 τ1 (snapshot) τ t3
3 Compute RF:
f 1`t2(i,j,k,n) = i− j
4 Add to instrumentation
![Page 132: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/132.jpg)
Cooperation: Invariants
start
`1
`2
τ0 : if(k ≥ 1);i := 0;
τ1 : if(i < n);j := 0;
τ2 : if(j > i);i := i + 1;
τ3 : if(j ≤ i);j := j + k;
`t2 `d2
maybe take a
snapshotcheck decrease
τ t3 : if(j ≤ i);j := j + k;
Construction/Checking1 No simplification possible
2 Obtain counterexample:
τ0 τ1 (snapshot) τ t3
3 Compute RF:
f 1`t2(i,j,k,n) = i− j
4 Add to instrumentation
![Page 133: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/133.jpg)
Cooperation: Invariants
start
`1
`2
τ0 : if(k ≥ 1);i := 0;
τ1 : if(i < n);j := 0;
τ2 : if(j > i);i := i + 1;
τ3 : if(j ≤ i);j := j + k;
`t2 `d2
ρ′2: i
f(cp
2≥1);
if(¬(ic−jc>i−
j));
if(¬(ic−jc>0));
maybe take a
snapshot
τ t3 : if(j ≤ i);j := j + k;
![Page 134: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/134.jpg)
Cooperation: Evaluation
Evaluated on 449 termination proving benchmarks260 known terminating, 181 known non-terminating, 8 unknownSources: Windows drivers, Apache, PostgreSQL, . . .
Term (#) Term (avg. s)
Cooperating-T2 245 3.42AProVE 197 2.21KITTeL 196 4.65T2 189 5.15AProVE+Interproc 185 1.53Terminator 177 4.99Size-Change/MCNP 156 17.50ARMC 138 16.16
Sources available: http://research.microsoft.com/en-us/projects/t2/
![Page 135: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/135.jpg)
Cooperation: Evaluation
Evaluated on 449 termination proving benchmarks260 known terminating, 181 known non-terminating, 8 unknownSources: Windows drivers, Apache, PostgreSQL, . . .
Term (#) Term (avg. s)
Cooperating-T2 245 3.42AProVE 197 2.21KITTeL 196 4.65T2 189 5.15AProVE+Interproc 185 1.53Terminator 177 4.99Size-Change/MCNP 156 17.50ARMC 138 16.16
Sources available: http://research.microsoft.com/en-us/projects/t2/
![Page 136: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/136.jpg)
Cooperation: Evaluation
Evaluated on 449 termination proving benchmarks260 known terminating, 181 known non-terminating, 8 unknownSources: Windows drivers, Apache, PostgreSQL, . . .
Term (#) Term (avg. s)
Cooperating-T2 245 3.42AProVE 197 2.21KITTeL 196 4.65T2 189 5.15AProVE+Interproc 185 1.53Terminator 177 4.99Size-Change/MCNP 156 17.50ARMC 138 16.16
Sources available: http://research.microsoft.com/en-us/projects/t2/
![Page 137: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/137.jpg)
Program termination: Our approach
Java Termination Graph1intTRS
2
1 Symbolic evaluation
2 Translation + post-processing
3 Restriction to terms
4 Restriction to integers & replacing terms by their “sizes”
![Page 138: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/138.jpg)
Program termination: Our approach
Java Termination Graph1intTRS
2
TRS
3
ITS
4
1 Symbolic evaluation
2 Translation + post-processing
3 Restriction to terms
4 Restriction to integers & replacing terms by their “sizes”
![Page 139: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/139.jpg)
Program termination: Contributions of this thesis
Proving termination of Java:1 Translation from Termination Graph to intTRS2 Post-processing Termination Graphs: Handle cycles, distances3 Non-termination proofs on Termination Graphs
Proving termination of intTRSs:4 Simplification of automatically generated intTRSs5 Abstracting terms to their height6 Termination proofs by alternating TRS/ITS techniques
Proving termination of Integer Transition Systems:7 Cooperative termination proving8 Alternating termination/non-termination proving
Implementations, most powerful in their fields:a AProVE: 1 - 6
b T2: 7 - 8
![Page 140: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/140.jpg)
Program termination: Contributions of this thesis
Proving termination of Java:1 Translation from Termination Graph to intTRS2 Post-processing Termination Graphs: Handle cycles, distances3 Non-termination proofs on Termination Graphs
Proving termination of intTRSs:4 Simplification of automatically generated intTRSs5 Abstracting terms to their height6 Termination proofs by alternating TRS/ITS techniques
Proving termination of Integer Transition Systems:7 Cooperative termination proving8 Alternating termination/non-termination proving
Implementations, most powerful in their fields:a AProVE: 1 - 6
b T2: 7 - 8
![Page 141: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/141.jpg)
Program termination: Contributions of this thesis
Proving termination of Java:1 Translation from Termination Graph to intTRS2 Post-processing Termination Graphs: Handle cycles, distances3 Non-termination proofs on Termination Graphs
Proving termination of intTRSs:4 Simplification of automatically generated intTRSs5 Abstracting terms to their height6 Termination proofs by alternating TRS/ITS techniques
Proving termination of Integer Transition Systems:7 Cooperative termination proving8 Alternating termination/non-termination proving
Implementations, most powerful in their fields:a AProVE: 1 - 6
b T2: 7 - 8
![Page 142: Termination Analysis for Imperative Programs Operating … · Termination Analysis for Imperative Programs Operating on the Heap ... Prolog (AProVE) Termination with heap: I Path-length](https://reader033.vdocuments.us/reader033/viewer/2022052918/5ae45d0f7f8b9ad47c8f90f9/html5/thumbnails/142.jpg)
Program termination: Contributions of this thesis
Proving termination of Java:1 Translation from Termination Graph to intTRS2 Post-processing Termination Graphs: Handle cycles, distances3 Non-termination proofs on Termination Graphs
Proving termination of intTRSs:4 Simplification of automatically generated intTRSs5 Abstracting terms to their height6 Termination proofs by alternating TRS/ITS techniques
Proving termination of Integer Transition Systems:7 Cooperative termination proving8 Alternating termination/non-termination proving
Implementations, most powerful in their fields:a AProVE: 1 - 6
b T2: 7 - 8