Proving Non-Termination
Gupta, Henzinger, Majumdar,
Rybalchenko, Ru-Gang Xu
presentation by erkan
Introduction and Motivation
• The focus of safety verification is on
finding counterexamples and proofs.
• For liveness verification, the focus is on
finding a proof for termination.
• This paper introduces a new approach for
finding counterexamples to nonterminating executions of programs.
• The purpose is to eliminate false positives
by adapting dynamic techniques.
Definitions and Motivating Example
• The algorithm checks if there are any
feasible lassos in the program.
• A lasso is a finite program called stem
followed by a loop.
stem
loop
• The algorithm has two steps: Finds
candidate lassos, check for feasibility
Motivating Example
Motivating Example
• The idea behind the algorithm on this example:
- a feasible program execution that reaches the
head of the loop (the conditional lo < hi on line 3)
with some state s
- executes the body of the loop (lines 4-11) and
goes back to the same state s
- In this case, we can unwind the execution of
the loop arbitrarily many times, starting at s,
executing the loop and returning to s
Motivating Example
• Symbolic execution is used to check nonterminating behaviour
(
stem
X0
)
loop
X
=
X’
• Solved by a constraint solver and it will give
constraint for the initial state
Case for Unbounded Ranges
• The previous approach is not sufficient
• Recurrent sets are used, if R is a recurrent set
(1) R satisfies the loop predicate p,
(2) some reachable state s satisfies R, and
(3) for any state s satisfying R, the successor of s
after executing the loop body is again in R.
The Algorithm
Proving Feasibility of Lassos
• A relation (execution in this case) is well-founded
if it is terminating
• the lasso induces an infinite execution if the
relation
is not well-founded.
• How to check this? Recurrent sets
Finding Recurrent Sets
1. Bitwise Analysis
if this constraint is satisfiable and can be
implemented using Boolean satisfiability
solving, it can be resolved by a bit-precise
decision procedure
Finding Recurrent Sets
2. Linear Arithmetic Analysis
The linear arithmetic analysis assumes that the
program transitions are representable using
conjunctions of linear inequalities over the
program variables. The algorithm follows a
constraint-based approach.
Finding Recurrent Sets
The algorithm requires that a template for recurrent sets is
provided. The proposed solution:
- start with a template that is a singleton conjunction
- incrementally add more conjuncts if the constraint solving
fails
Finding Recurrent Sets
• Assume we have the template
• They define a recurrent set if the following
condition holds
• Solving these constraints, we have a recurrent
set
Thanks!