skip to main content
research-article

An abstract interpretation framework for termination

Authors Info & Claims
Published:25 January 2012Publication History
Skip Abstract Section

Abstract

Proof, verification and analysis methods for termination all rely on two induction principles: (1) a variant function or induction on data ensuring progress towards the end and (2) some form of induction on the program structure. The abstract interpretation design principle is first illustrated for the design of new forward and backward proof, verification and analysis methods for safety. The safety collecting semantics defining the strongest safety property of programs is first expressed in a constructive fixpoint form. Safety proof and checking/verification methods then immediately follow by fixpoint induction. Static analysis of abstract safety properties such as invariance are constructively designed by fixpoint abstraction (or approximation) to (automatically) infer safety properties. So far, no such clear design principle did exist for termination so that the existing approaches are scattered and largely not comparable with each other.

For (1), we show that this design principle applies equally well to potential and definite termination. The trace-based termination collecting semantics is given a fixpoint definition. Its abstraction yields a fixpoint definition of the best variant function. By further abstraction of this best variant function, we derive the Floyd/Turing termination proof method as well as new static analysis methods to effectively compute approximations of this best variant function.

For (2), we introduce a generalization of the syntactic notion of struc- tural induction (as found in Hoare logic) into a semantic structural induction based on the new semantic concept of inductive trace cover covering execution traces by segments, a new basis for formulating program properties. Its abstractions allow for generalized recursive proof, verification and static analysis methods by induction on both program structure, control, and data. Examples of particular instances include Floyd's handling of loop cutpoints as well as nested loops, Burstall's intermittent assertion total correctness proof method, and Podelski-Rybalchenko transition invariants.

Skip Supplemental Material Section

Supplemental Material

popl_4a_3.mp4

References

  1. I. Balaban, A. Pnueli, and L. Zuck. Modular ranking abstraction. Int. J. Found. Comput. Sci., 18(1):5--44, 2007.Google ScholarGoogle ScholarCross RefCross Ref
  2. A. Biere, A. Cimatti, E. Clarke, O. Strichman, and Y. Zhu. Bounded model checking. Advances in Computers, 58:118--149, 2003.Google ScholarGoogle Scholar
  3. R. Burstall. Program proving as hand simulation with a little induction. Information Processing, 308--312. North-Holland, 1974.Google ScholarGoogle Scholar
  4. E. Clarke, O. Grumberg, and D. Peled. Model Checking. MIT Press, 1999. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. M. Clarkson and F. Schneider. Hyperproperties. Journal of Computer Security, 18(6):1157--1210, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. B. Cook and E. Koskinen. Making prophecies with decision predicates. POPL, 399--410, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. B. Cook, A. Gotsman, A. Podelski, A. Rybalchenko, and M. Vardi. Proving that programs eventually do something good. POPL, 265--276, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. B. Cook, S. Gulwani, T. Lev-Ami, A. Rybalchenko, and M. Sagiv. Proving conditional termination. CAV, LNCS 5123, 328--340, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. B. Cook, A. Podelski, and A. Rybalchenko. Summarization for termination: no return! Form. Methods Syst. Des., 35:369--387, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. S. Cook. Soundness and completeness of an axiom system for program verification. SIAM J. Comput., 7:70--80, 1978.Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. P. Cousot. Méthodes itératives de construction et d'approximation de points fixes d'opérateurs monotones sur un treillis, analyse sémantique de programmes. Thèse d'État ès sciences math., USMG, Grenoble, 1978.Google ScholarGoogle Scholar
  12. P. Cousot. Semantic foundations of program analysis. Program Flow Analysis: Theory and Applications, ch. 10, 303--342. Prentice-Hall, 1981.Google ScholarGoogle Scholar
  13. P. Cousot. The calculational design of a generic abstract interpreter. M. Broy and R. Steinbrüggen, eds., Calculational System Design. NATO ASI Series F. IOS Press, Amsterdam, 1999.Google ScholarGoogle Scholar
  14. P. Cousot. Partial completeness of abstract fixpoint checking. SARA, LNCS 1864, 1--25, 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. P. Cousot. Constructive design of a hierarchy of semantics of a transition system by abstract interpretation. TCS, 277(1-2):47--103, 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. P. Cousot. Verification by abstract interpretation. Proc. Int. Symp. on Verification -- Theory & Practice, LNCS 2772, 243--268, 2003.Google ScholarGoogle ScholarCross RefCross Ref
  17. P. Cousot. Proving program invariance and termination by parametric abstraction, Lagrangian relaxation and semidefinite programming. VMCAI, LNCS 3385, 1--24, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. P. Cousot and R. Cousot. Static determination of dynamic properties of programs. Proc. 2nd Int. Symp. on Programming, 106--130. Dunod, Paris, 1976.Google ScholarGoogle Scholar
  19. P. Cousot and R. Cousot. Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. POPL, 238--252, 1977. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. P. Cousot and R. Cousot. Static determination of dynamic properties of recursive procedures. Formal Description of Programming Concepts, 237--277. North-Holland, 1977.Google ScholarGoogle Scholar
  21. P. Cousot and R. Cousot. Systematic design of program analysis frameworks. POPL, 269--282, 1979. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. P. Cousot and R. Cousot. Constructive versions of Tarski's fixed point theorems. P. J. of Math., 82(1):43--57, 1979.Google ScholarGoogle ScholarCross RefCross Ref
  23. P. Cousot and R. Cousot. Induction principles for proving invariance properties of programs. Tools & Notions for Program Construction: an Advanced Course, 75--119. Cambridge University Press, Cambridge, UK, 1982.Google ScholarGoogle Scholar
  24. P. Cousot and R. Cousot. "À la Floyd" induction principles for proving inevitability properties of programs. Algebraic methods in semantics, 277--312. Cambridge University Press, Cambridge, UK, 1985. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. P. Cousot and R. Cousot. Sometime = always + recursion - always, on the equivalence of the intermittent and invariant assertions methods for proving inevitability properties of programs. Acta Informatica, 24:1--31, 1987. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. P. Cousot and R. Cousot. Abstract interpretation frameworks. JLC, 2(4):511--547, 1992.Google ScholarGoogle Scholar
  27. P. Cousot and R. Cousot. Comparing the Galois connection and widening/narrowing approaches to abstract interpretation. PLILP, LNCS 631, 269--295, 1992. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. P. Cousot and R. Cousot. Inductive definitions, semantics and abstract interpretation. POPL, 83--94, 1992. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. P. Cousot and R. Cousot. "À la Burstall" intermittent assertions induction principles for proving inevitable ability properties of programs. TCS, 120(1): 123--155, 1993. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. P. Cousot and R. Cousot. Higher-order abstract interpretation (and application to comportment analysis generalizing strictness, termination, projection and PER analysis of functional languages). Int. Conf. on Comp. Lang., 95--112, 1994.Google ScholarGoogle ScholarCross RefCross Ref
  31. P. Cousot and N. Halbwachs. Automatic discovery of linear restraints among variables of a program. POPL, 84--97, 1978. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. P. Cousot, R. Cousot, and L. Mauborgne. A scalable segmented decision tree abstract domain. Time for Verification, Essays in Memory of A. Pnueli, LNCS 6200, 72--95, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. P. Cousot, R. Cousot, and F. Logozzo. A parametric segmentation functor for fully automatic and scalable array content analysis. POPL, 105--118, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. P. Cousot, R. Cousot, and F. Logozzo. Precondition inference from intermittent assertions and application to contracts on collections. VMCAI, LNCS 6538, 150--168, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. R. Cousot. Fondements des méthodes de preuve d'invariance et de fatalité de programmes parallèles. Thèse d'État ès sciences math, INPL, Nancy, 1985.Google ScholarGoogle Scholar
  36. B. Davey and H. Priestley. Introduction to Lattices and Order, 2nd Edition. Cambridge University Press, 2002.Google ScholarGoogle ScholarCross RefCross Ref
  37. E. Dijkstra. Guarded commands, nondeterminacy and formal derivation of programs. CACM, 18(8):453--457, 1975. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. E. Dijkstra. A Discipline of Programming. Prentice-Hall, 1976. Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. J. Feret. The arithmetic-geometric progression abstract domain. VMCAI, LNCS 3385, 42--58, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. R. Floyd. Assigning meaning to programs. Proc. Symp. in Applied Math., Vol. 19, 19--32. Amer. Math. Soc., 1967.Google ScholarGoogle ScholarCross RefCross Ref
  41. S. Graf and H. Saïdi. Construction of abstract state graphs with PVS. CAV, LNCS 1254, 72--83, 1997. Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. M. Heizmann, J. Hoenicke, and A. Podelski. Refinement of trace abstraction. SAS, LNCS 5673, 69--85, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  43. C. Hoare. An axiomatic basis for computer programming. Communications of the Association for Computing Machinery, 12(10):576--580, 1969. Google ScholarGoogle ScholarDigital LibraryDigital Library
  44. Z. Manna and A. Pnueli. Axiomatic approach to total correctness of programs. Acta Inf., 3:243--263, 1974.Google ScholarGoogle ScholarDigital LibraryDigital Library
  45. K. McMillan and L. Zuck. Invisible invariants and abstract interpretation. SAS, LNCS 6887, 249--262, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. A. Miné. The octagon abstract domain. HOSC, 19:31--100, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  47. D. Monniaux. Automatic modular abstractions for template numerical constraints. Logical Methods in Comp. Sci., 6(3), 2010.Google ScholarGoogle Scholar
  48. J. Morris and B. Wegbreit. Subgoal induction. CACM, 20(4):209--222, 1977. Google ScholarGoogle ScholarDigital LibraryDigital Library
  49. P. Naur. Proofs of algorithms by general snapshots. BIT, 6:310--316, 1966.Google ScholarGoogle ScholarCross RefCross Ref
  50. D. Pataria. A constructive proof of Tarski's fixed-point theorem for DCPO's. Reported by M.H. Escardó in "Joins in the frame of nuclei", Applied Categorical Structures 11 (2) 117--124, 2003.Google ScholarGoogle ScholarCross RefCross Ref
  51. G. Plotkin. A structural approach to operational semantics. Technical Report DAIMI FN-19, Aarhus University, 1981.Google ScholarGoogle Scholar
  52. A. Pnueli, A. Podelski, and A. Rybalchenko. Separating fairness and wellfoundedness for the analysis of fair discrete systems. TACAS, LNCS 3440, 124--139, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  53. A. Podelski and A. Rybalchenko. Transition invariants. LICS, 32--41, 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  54. A. Podelski and A. Rybalchenko. A complete method for the synthesis of linear ranking functions. VMCAI, LNCS 2937, 239--251, 2004.Google ScholarGoogle ScholarCross RefCross Ref
  55. A. Podelski and A. Rybalchenko. Transition predicate abstraction and fair termination. POPL, 132--144, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  56. X. Rival and L. Mauborgne. The trace partitioning abstract domain. TOPLAS, 29(5), 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  57. D. Scott and C. Strachey. Towards a mathematical semantics for computer languages. Tech. rep. PRG-6, Oxford Univ. Comp. Lab., 1971.Google ScholarGoogle Scholar
  58. A. Tarski. A lattice theoretical fixpoint theorem and its applications. P. J. of Math., 5:285--310, 1955.Google ScholarGoogle ScholarCross RefCross Ref
  59. R. Turing. Checking a large routine. Con. on High Speed Automatic Calculating Machines, Math. Lab., Cambridge, UK, 67--69, 1949.Google ScholarGoogle Scholar

Index Terms

  1. An abstract interpretation framework for termination

            Recommendations

            Comments

            Login options

            Check if you have access through your login credentials or your institution to get full access on this article.

            Sign in

            Full Access

            PDF Format

            View or Download as a PDF file.

            PDF

            eReader

            View online with eReader.

            eReader
            About Cookies On This Site

            We use cookies to ensure that we give you the best experience on our website.

            Learn more

            Got it!