1 termination and shape-shifting heaps byron cook [email protected] microsoft research, cambridge...

1

Termination and shape-shifting heaps

Byron Cook

[email protected]

Microsoft Research, Cambridge

Joint work with Josh Berdine, Dino Distefano, and Peter O’Hearn

2

0

5

10

15

20

25

30

35

40

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23

0

10

20

30

40

50

60

70

80

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23

Lines of code (x1000)

Cut-point set size

Experimental results with Terminator [CAV’06,PLDI’06,SAS’05]

3

0

5

10

15

20

25

30

35

40

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23

0

10

20

30

40

50

60

70

80

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23


Cut-point set size

0

2

4

6

8

10

12

1 3 5 7 9 11 13 15 17 19 21 23

True bugs

False bugs


4

0

5

10

15

20

25

30

35

40

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23

0

10

20

30

40

50

60

70

80

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23


Cut-point set size

0

2

4

6

8

10

12

1 3 5 7 9 11 13 15 17 19 21 23

True bugs

False bugs


5

0

5

10

15

20

25

30

35

40

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23

0

10

20

30

40

50

60

70

80

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23


Cut-point set size

0

2

4

6

8

10

12

1 3 5 7 9 11 13 15 17 19 21 23

True bugs

False bugs


6


0

5

10

15

20

25

30

35

40

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23

0

10

20

30

40

50

60

70

80

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23


Cut-point set size

0

2

4

6

8

10

12

1 3 5 7 9 11 13 15 17 19 21 23

True bugs

False bugs

7

Outline

Introduction

TERMINATOR’s proof rule

MUTANT/TERMINATOR

Experimental results

Conclusion & Discussion

8

Outline

Introduction


MUTANT/TERMINATOR



9


10


11


12


13


14


Ø

15


Ø

16


17


18


19


20


21


22


23


24

Outline

Introduction


MUTANT/TERMINATOR



25

Outline

Introduction


MUTANT/TERMINATOR



26

Reversing the strategy

27


28


29


30


31


32

Mutant

33

Mutant

34

Mutant example

35

Mutant example

36

Mutant example

37

Mutant example

38

Mutant example

39

Mutant example

40

Outline

Introduction


MUTANT/TERMINATOR



41

Outline

Introduction


MUTANT/TERMINATOR



42


Revisiting loops falsely accused with TERMINATOR:

43

Introduction

44

Introduction

45

Introduction

46

Introduction

47

Introduction

48

Introduction

49

Introduction

50

Introduction

51

Introduction

52

Introduction

53

Introduction

54

Introduction

55

Introduction

56

Introduction

57

Introduction

58

Introduction

59

Introduction

60

Outline

Introduction


MUTANT/TERMINATOR



61

Outline

Introduction


MUTANT/TERMINATOR



62


Constructing automatic termination provers out of abstract interpreters: Over-approximate binary reachability using encoding into states Prove each state (partitioning of over-approximation) well-founded

MUTANT/TERMINATOR: Application using separation logic based abstract interpretation

63


What’s next: combining termination analysis engines: Integer linear programs (TERMINATOR, roughly speaking) Mutating heaps (MUTANT) Non-linear programs (ZIGZAG)

64



65



66



67


See http://research.microsoft.com/TERMINATOR Not-quite-camera-ready copy of CAV’06 paper about MUTANT Papers about TERMINATOR (PLDI’06, SAS’06, CAV’06)

Questions?

1 termination and shape-shifting heaps byron cook [email protected] microsoft research, cambridge...

Documents