research-article

Proving non-termination

Authors:
Ashutosh Gupta

Max Planck Institute, Saarbruecken, Germany

Max Planck Institute, Saarbruecken, Germany
View Profile

,
Thomas A. Henzinger

EPFL, Lausanne, Switzerland

EPFL, Lausanne, Switzerland
View Profile

,
Rupak Majumdar

UC Los Angeles, Los Angeles, CA

UC Los Angeles, Los Angeles, CA
View Profile

,
Andrey Rybalchenko

Max Planck Institute, Saarbruecken, Germany

Max Planck Institute, Saarbruecken, Germany
View Profile

,
Ru-Gang Xu

UC Los Angeles, Los Angeles, CA

UC Los Angeles, Los Angeles, CA
View Profile

Authors Info & Claims

ACM SIGPLAN Notices Volume 43 Issue 1January 2008pp 147–158https://doi.org/10.1145/1328897.1328459

Published:07 January 2008Publication History

ACM SIGPLAN Notices

Abstract

The search for proof and the search for counterexamples (bugs) are complementary activities that need to be pursued concurrently in order to maximize the practical success rate of verification tools.While this is well-understood in safety verification, the current focus of liveness verification has been almost exclusively on the search for termination proofs. A counterexample to termination is an infinite programexecution. In this paper, we propose a method to search for such counterexamples. The search proceeds in two phases. We first dynamically enumerate lasso-shaped candidate paths for counterexamples, and then statically prove their feasibility. We illustrate the utility of our nontermination prover, called TNT, on several nontrivial examples, some of which require bit-level reasoning about integer representations.

References

A.V. Aho, R. Sethi, and J.D. Ullman. Compilers: Principles, Techniques, and Tools. Addison-Wesley, 1986. Google ScholarDigital Library
T. Ball and S.K. Rajamani. The Slam project: Debugging system software via static analysis. In Proc. POPL, pages 1--3. ACM, 2002. Google ScholarDigital Library
Joshua Bloch. Nearly all binary searches and mergesorts are broken, June 2006. http://googleresearch.blogspot.com/2006/06/extra-extra-read-all-about-it-nearly.html.Google Scholar
A. Bradley, Z. Manna, and H. Sipma. The polyranking principle. In Proc. ICALP, LNCS 3580, pages 1349--1361. Springer, 2005. Google ScholarDigital Library
E.M. Clarke, A. Biere, R. Raimi, and Y. Zhu. Bounded model checking using satisfiability solving. Formal Methods in System Design, 19 (1): 7--34, 2001. Google ScholarDigital Library
M. Colon and H. Sipma. Practical methods for proving program termination. In Proc. CAV, LNCS 2404, pages 442--454. Springer, 2002. Google ScholarDigital Library
M. Colon, S. Sankaranarayanan, and H.B. Sipma. Linear invariant generation using non-linear constraint solving. In Proc. CAV, LNCS~2725, pages 420--432. Springer, 2003.Google Scholar
B. Cook, D. Kroening, and N. Sharygina. Cogent: Accurate theorem proving for program verification. In Proc. CAV, LNCS~3576, pages 296--300. Springer, 2005. Google ScholarDigital Library
B. Cook, A. Podelski, and A. Rybalchenko. Termination proofs for systems code. In Proc. PLDI, pages 415--426. ACM, 2006. Google ScholarDigital Library
P. Cousot. Proving program invariance and termination by parametric abstraction, Lagrangian relaxation and semidefinite programming. In Proc. VMCAI, LNCS 3385, pages 1--24. Springer, 2005. Google ScholarDigital Library
M. d'Amorim and G. Rosu. Efficient monitoring of omega-languages. In Proc. CAV, LNCS 3576, pages 364--378. Springer, 2005. Google ScholarDigital Library
V. Ganesh and D.L. Dill. A decision procedure for bit-vectors and arrays. In Proc. CAV, LNCS 4590, pages 519--531. Springer, 2007. Google ScholarDigital Library
P. Godefroid. The soundness of bugs is what matters (position statement). In BUGS'2005 (PLDI'2005 Workshop on the Evaluation of Software Defect Detection Tools), 2005.Google Scholar
P. Godefroid, N. Klarlund, and K. Sen. Dart: Directed automated random testing. In Proc. PLDI, pages 213--223. ACM, 2005. Google ScholarDigital Library
B. Gulavani, T.A. Henzinger, Y. Kannan, A. Nori, and S.K. Rajamani. Synergy: A new algorithm for property checking. In Proc. FSE, pages 117--127. ACM, 2006. Google ScholarDigital Library
T.A. Henzinger, R. Jhala, R. Majumdar, and G. Sutre. Lazy abstraction. In Proc. POPL, pages 58--70. ACM, 2002. Google ScholarDigital Library
C. Holzbaur. OFAI clp(q,r) Manual, Edition 1.3.3. Austrian Research Institute for Artificial Intelligence, Vienna, 1995. TR-95-09.Google Scholar
D. Kapur. Automatically generating loop invariants using quantifier elimination. Technical Report 05431 (Deduction and Applications), IBFI Schloss Dagstuhl, 2006.Google Scholar
T. Kremenek and D.R. Engler. Z-ranking: Using statistical analysis to counter the impact of static analysis approximations. In Proc. SAS, LNCS 2694, pages 295--315. Springer, 2003. Google ScholarDigital Library
A. Pnueli, A. Zaks, and L.D. Zuck. Monitoring interfaces for faults. Electr. Notes Theor. Comput. Sci., 144(4): 73--89, 2006. Google ScholarDigital Library
S. Sankaranarayanan, H.B. Sipma, and Z. Manna. Non-linear loop invariant generation using Grobner bases. In Proc. POPL, pages 318--329. ACM, 2004. Google ScholarDigital Library
A. Schrijver. Theory of Linear and Integer Programming. Wiley, 1986. Google ScholarDigital Library
K. Sen, A. Vardhan, G. Agha, and G. Rosu. Efficient decentralized monitoring of safety in distributed systems. In Proc. ICSE, pages 418--427. ACM, 2004. Google ScholarDigital Library
K. Sen, D. Marinov, and G. Agha. Cute: A concolic unit testing engine for C. In Proc. ESEC/FSE, pages 263--272. ACM, 2005. Google ScholarDigital Library
H. Velroyen. Automatic non-termination analysis of imperative programs. Master's thesis, Chalmers University of Technology, Aachen Technical University, 2007.Google Scholar
E. Witchel. Mondriaan Memory Protection. PhD thesis, Massachusetts Institute of Technologys, 2004. Google ScholarDigital Library
E. Witchel, J. Cates, and K. Asanovic. Mondrian memory protection. In Proc. ASPLOS, pages 304--316. ACM, 2002. Google ScholarDigital Library
E. Witchel, J. Rhee, and K. Asanovic. Mondrix: memory isolation for linux using mondriaan memory protection. In Proc. SOSP, pages 31--44. ACM, 2005. Google ScholarDigital Library
Y. Xie and A. Aiken. Saturn: A SAT-based tool for bug detection. In Proc. CAV, LNCS 3576, pages 139--143. Springer, 2005. Google ScholarDigital Library

Index Terms

Proving non-termination
1. General and reference
  1. Cross-computing tools and techniques
    1. Reliability
2. Software and its engineering
  1. Software creation and management
    1. Software verification and validation
      1. Software defect analysis
        Software testing and debugging
  2. Software organization and properties
    1. Extra-functional properties
      1. Software reliability

Recommendations

Proving non-termination
POPL '08: Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages

The search for proof and the search for counterexamples (bugs) are complementary activities that need to be pursued concurrently in order to maximize the practical success rate of verification tools.While this is well-understood in safety verification, ...
Read More
Proving thread termination
Proceedings of the 2007 PLDI conference

Concurrent programs are often designed such that certain functions executing within critical threads must terminate. Examples of such cases can be found in operating systems, web servers, e-mail clients, etc. Unfortunately, no known automatic program ...
Read More
Formal Verification for C Program

Iterative abstraction refinement has emerged in the last few years as the leading approach to software model checking. We present an approach for automatically verifying C programs against safety specifications based on finite state machine. The ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in
ACM SIGPLAN Notices Volume 43, Issue 1
POPL '08
January 2008
420 pages
ISSN:0362-1340
EISSN:1558-1160
DOI:10.1145/1328897
Issue’s Table of Contents
POPL '08: Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
January 2008
448 pages
ISBN:9781595936899
DOI:10.1145/1328438
General Chair:
George Necula
University of California, Berkeley
,
Program Chair:
Philip Wadler
University of Edinburgh
Copyright © 2008 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 7 January 2008
Check for updates
Author Tags
model checking
non-termination
program verification
recurrent sets
testing
Qualifiers
- research-article
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 143
  Total Citations
  View Citations
- 909
  Total Downloads
- Downloads (Last 12 months)67
- Downloads (Last 6 weeks)7
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Proving non-termination

ACM SIGPLAN Notices

Abstract

References

Cited By

Index Terms

Recommendations

Proving non-termination

Proving thread termination

Formal Verification for C Program