27 research outputs found
A New Proof Rule for Almost-Sure Termination
An important question for a probabilistic program is whether the probability
mass of all its diverging runs is zero, that is that it terminates "almost
surely". Proving that can be hard, and this paper presents a new method for
doing so; it is expressed in a program logic, and so applies directly to source
code. The programs may contain both probabilistic- and demonic choice, and the
probabilistic choices may depend on the current state.
As do other researchers, we use variant functions (a.k.a.
"super-martingales") that are real-valued and probabilistically might decrease
on each loop iteration; but our key innovation is that the amount as well as
the probability of the decrease are parametric.
We prove the soundness of the new rule, indicate where its applicability goes
beyond existing rules, and explain its connection to classical results on
denumerable (non-demonic) Markov chains.Comment: V1 to appear in PoPL18. This version collects some existing text into
new example subsection 5.5 and adds a new example 5.6 and makes further
remarks about uncountable branching. The new example 5.6 relates to work on
lexicographic termination methods, also to appear in PoPL18 [Agrawal et al,
2018
A Deductive Verification Infrastructure for Probabilistic Programs
This paper presents a quantitative program verification infrastructure for
discrete probabilistic programs. Our infrastructure can be viewed as the
probabilistic analogue of Boogie: its central components are an intermediate
verification language (IVL) together with a real-valued logic. Our IVL provides
a programming-language-style for expressing verification conditions whose
validity implies the correctness of a program under investigation. As our focus
is on verifying quantitative properties such as bounds on expected outcomes,
expected run-times, or termination probabilities, off-the-shelf IVLs based on
Boolean first-order logic do not suffice. Instead, a paradigm shift from the
standard Boolean to a real-valued domain is required.
Our IVL features quantitative generalizations of standard verification
constructs such as assume- and assert-statements. Verification conditions are
generated by a weakest-precondition-style semantics, based on our real-valued
logic. We show that our verification infrastructure supports natural encodings
of numerous verification techniques from the literature. With our SMT-based
implementation, we automatically verify a variety of benchmarks. To the best of
our knowledge, this establishes the first deductive verification infrastructure
for expectation-based reasoning about probabilistic programs
Automated Expected Amortised Cost Analysis of Probabilistic Data Structures
In this paper, we present the first fully-automated expected amortised cost
analysis of self-adjusting data structures, that is, of randomised splay trees,
randomised splay heaps and randomised meldable heaps, which so far have only
(semi-) manually been analysed in the literature. Our analysis is stated as a
type-and-effect system for a first-order functional programming language with
support for sampling over discrete distributions, non-deterministic choice and
a ticking operator. The latter allows for the specification of fine-grained
cost models. We state two soundness theorems based on two different -- but
strongly related -- typing rules of ticking, which account differently for the
cost of non-terminating computations. Finally we provide a prototype
implementation able to fully automatically analyse the aforementioned case
studies.Comment: 39 page
Learning Probabilistic Termination Proofs
We present the first machine learning approach to the termination analysis
of probabilistic programs. Ranking supermartingales (RSMs) prove that
probabilistic programs halt, in expectation, within a finite number of steps.
While previously RSMs were directly synthesised from source code,
our method learns them from sampled execution traces.
We introduce the neural ranking supermartingale:
we let a neural network fit
an RSM over execution traces and then we
verify it over the source code using satisfiability modulo theories (SMT);
if the latter step produces a counterexample, we generate from it
new sample traces and repeat learning in a
counterexample-guided inductive synthesis loop,
until the SMT solver confirms the validity of the RSM.
The result is thus a sound witness of probabilistic termination.
Our learning strategy is agnostic to the source code and its
verification counterpart supports the widest range of probabilistic
single-loop programs that any existing tool can handle to date.
We demonstrate the efficacy of our method over a range of benchmarks that
include linear and polynomial programs with discrete, continuous, state-dependent,
multi-variate, hierarchical distributions, and distributions with
undefined moments
Correctness by construction for probabilistic programs
The "correct by construction" paradigm is an important component of modern
Formal Methods, and here we use the probabilistic Guarded-Command Language
to illustrate its application to
programming. extends Dijkstra's guarded-command language
with probabilistic choice, and is equipped with a
correctness-preserving refinement relation that enables
compact, abstract specifications of probabilistic properties to be transformed
gradually to concrete, executable code by applying mathematical insights in a
systematic and layered way. Characteristically for "correctness by
construction", as far as possible the reasoning in each refinement-step layer
does not depend on earlier layers, and does not affect later ones. We
demonstrate the technique by deriving a fair-coin implementation of any given
discrete probability distribution. In the special case of simulating a fair
die, our correct-by-construction algorithm turns out to be "within spitting
distance" of Knuth and Yao's optimal solution
Generating Functions for Probabilistic Programs
This paper investigates the usage of generating functions (GFs) encoding
measures over the program variables for reasoning about discrete probabilistic
programs. To that end, we define a denotational GF-transformer semantics for
probabilistic while-programs, and show that it instantiates Kozen's seminal
distribution transformer semantics. We then study the effective usage of GFs
for program analysis. We show that finitely expressible GFs enable checking
super-invariants by means of computer algebra tools, and that they can be used
to determine termination probabilities. The paper concludes by characterizing a
class of -- possibly infinite-state -- programs whose semantics is a rational
GF encoding a discrete phase-type distribution
On probabilistic term rewriting
open3siThis work is partially supported by the ANR projects 14CE250005 ELICA and 16CE250011 REPAS, the FWF project Y757, the JSPS-INRIA bilateral joint research project “CRECOGI”, the ERC Consolidator Grant DLV-818616 DIAPASoN, and JST ERATO HASUO Metamathematics for Systems Design Project (No. JPMJER1603).We study the termination problem for probabilistic term rewrite systems. We prove that the interpretation method is sound and complete for a strengthening of positive almost sure termination, when abstract reduction systems and term rewrite systems are considered. Two instances of the interpretation method—polynomial and matrix interpretations—are analyzed and shown to capture interesting and nontrivial examples when automated. We capture probabilistic computation in a novel way by means of multidistribution reduction sequences, thus accounting for both the nondeterminism in the choice of the redex and the probabilism intrinsic in firing each rule.openAvanzini M.; Dal Lago U.; Yamada A.Avanzini M.; Dal Lago U.; Yamada A
On the Termination Problem for Probabilistic Higher-Order Recursive Programs
In the last two decades, there has been much progress on model checking of
both probabilistic systems and higher-order programs. In spite of the emergence
of higher-order probabilistic programming languages, not much has been done to
combine those two approaches. In this paper, we initiate a study on the
probabilistic higher-order model checking problem, by giving some first
theoretical and experimental results. As a first step towards our goal, we
introduce PHORS, a probabilistic extension of higher-order recursion schemes
(HORS), as a model of probabilistic higher-order programs. The model of PHORS
may alternatively be viewed as a higher-order extension of recursive Markov
chains. We then investigate the probabilistic termination problem -- or,
equivalently, the probabilistic reachability problem. We prove that almost sure
termination of order-2 PHORS is undecidable. We also provide a fixpoint
characterization of the termination probability of PHORS, and develop a sound
(but possibly incomplete) procedure for approximately computing the termination
probability. We have implemented the procedure for order-2 PHORSs, and
confirmed that the procedure works well through preliminary experiments that
are reported at the end of the article