Proving Non-Termination

Gupta, Henzinger, Majumdar, Rybalchenko, Ru-Gang Xu

presentation by erkan

Introduction and Motivation

• The focus of safety verification is on finding counterexamples and proofs.

• For liveness verification, the focus is on finding a proof for termination.

• This paper introduces a new approach for finding counterexamples to non-terminating executions of programs.

• The purpose is to eliminate false positives by adapting dynamic techniques.

Definitions and Motivating Example

• The algorithm checks if there are any feasible lassos in the program.

• A lasso is a finite program called stem followed by a loop.

• The algorithm has two steps: Finds candidate lassos, check for feasibility

stem

loop

Motivating Example

Motivating Example

• The idea behind the algorithm on this example:

- a feasible program execution that reaches the head of the loop (the conditional lo < hi on line 3) with some state s- executes the body of the loop (lines 4-11) and goes back to the same state s- In this case, we can unwind the execution of the loop arbitrarily many times, starting at s, executing the loop and returning to s

Motivating Example

• Symbolic execution is used to check non-terminating behaviour

• Solved by a constraint solver and it will give constraint for the initial state

X0 X

stem

X’

loop

=

( )

Case for Unbounded Ranges

• The previous approach is not sufficient• Recurrent sets are used, if R is a recurrent set (1) R satisfies the loop predicate p, (2) some reachable state s satisfies R, and (3) for any state s satisfying R, the successor of s

after executing the loop body is again in R.

The Algorithm

Proving Feasibility of Lassos• A relation (execution in this case) is well-founded

if it is terminating• the lasso induces an infinite execution if the

relation

is not well-founded.• How to check this? Recurrent sets

Finding Recurrent Sets

1. Bitwise Analysis

if this constraint is satisfiable and can be implemented using Boolean satisfiability solving, it can be resolved by a bit-precise decision procedure

Finding Recurrent Sets2.Linear Arithmetic Analysis

The linear arithmetic analysis assumes that the program transitions are representable using conjunctions of linear inequalities over the program variables. The algorithm follows a constraint-based approach.

Finding Recurrent Sets

The algorithm requires that a template for recurrent sets is provided. The proposed solution: - start with a template that is a singleton conjunction - incrementally add more conjuncts if the constraint solving fails

Finding Recurrent Sets

• Assume we have the template

• They define a recurrent set if the following condition holds

• Solving these constraints, we have a recurrent set

Thanks!