12 research outputs found
On the Hardness of Almost-Sure Termination
This paper considers the computational hardness of computing expected
outcomes and deciding (universal) (positive) almost-sure termination of
probabilistic programs. It is shown that computing lower and upper bounds of
expected outcomes is - and -complete, respectively.
Deciding (universal) almost-sure termination as well as deciding whether the
expected outcome of a program equals a given rational value is shown to be
-complete. Finally, it is shown that deciding (universal) positive
almost-sure termination is -complete (-complete).Comment: MFCS 2015. arXiv admin note: text overlap with arXiv:1410.722
Synthesizing Probabilistic Invariants via Doob's Decomposition
When analyzing probabilistic computations, a powerful approach is to first
find a martingale---an expression on the program variables whose expectation
remains invariant---and then apply the optional stopping theorem in order to
infer properties at termination time. One of the main challenges, then, is to
systematically find martingales.
We propose a novel procedure to synthesize martingale expressions from an
arbitrary initial expression. Contrary to state-of-the-art approaches, we do
not rely on constraint solving. Instead, we use a symbolic construction based
on Doob's decomposition. This procedure can produce very complex martingales,
expressed in terms of conditional expectations.
We show how to automatically generate and simplify these martingales, as well
as how to apply the optional stopping theorem to infer properties at
termination time. This last step typically involves some simplification steps,
and is usually done manually in current approaches. We implement our techniques
in a prototype tool and demonstrate our process on several classical examples.
Some of them go beyond the capability of current semi-automatic approaches
Liveness of Randomised Parameterised Systems under Arbitrary Schedulers (Technical Report)
We consider the problem of verifying liveness for systems with a finite, but
unbounded, number of processes, commonly known as parameterised systems.
Typical examples of such systems include distributed protocols (e.g. for the
dining philosopher problem). Unlike the case of verifying safety, proving
liveness is still considered extremely challenging, especially in the presence
of randomness in the system. In this paper we consider liveness under arbitrary
(including unfair) schedulers, which is often considered a desirable property
in the literature of self-stabilising systems. We introduce an automatic method
of proving liveness for randomised parameterised systems under arbitrary
schedulers. Viewing liveness as a two-player reachability game (between
Scheduler and Process), our method is a CEGAR approach that synthesises a
progress relation for Process that can be symbolically represented as a
finite-state automaton. The method is incremental and exploits both
Angluin-style L*-learning and SAT-solvers. Our experiments show that our
algorithm is able to prove liveness automatically for well-known randomised
distributed protocols, including Lehmann-Rabin Randomised Dining Philosopher
Protocol and randomised self-stabilising protocols (such as the Israeli-Jalfon
Protocol). To the best of our knowledge, this is the first fully-automatic
method that can prove liveness for randomised protocols.Comment: Full version of CAV'16 pape
A New Proof Rule for Almost-Sure Termination
An important question for a probabilistic program is whether the probability
mass of all its diverging runs is zero, that is that it terminates "almost
surely". Proving that can be hard, and this paper presents a new method for
doing so; it is expressed in a program logic, and so applies directly to source
code. The programs may contain both probabilistic- and demonic choice, and the
probabilistic choices may depend on the current state.
As do other researchers, we use variant functions (a.k.a.
"super-martingales") that are real-valued and probabilistically might decrease
on each loop iteration; but our key innovation is that the amount as well as
the probability of the decrease are parametric.
We prove the soundness of the new rule, indicate where its applicability goes
beyond existing rules, and explain its connection to classical results on
denumerable (non-demonic) Markov chains.Comment: V1 to appear in PoPL18. This version collects some existing text into
new example subsection 5.5 and adds a new example 5.6 and makes further
remarks about uncountable branching. The new example 5.6 relates to work on
lexicographic termination methods, also to appear in PoPL18 [Agrawal et al,
2018
On the Termination Problem for Probabilistic Higher-Order Recursive Programs
In the last two decades, there has been much progress on model checking of
both probabilistic systems and higher-order programs. In spite of the emergence
of higher-order probabilistic programming languages, not much has been done to
combine those two approaches. In this paper, we initiate a study on the
probabilistic higher-order model checking problem, by giving some first
theoretical and experimental results. As a first step towards our goal, we
introduce PHORS, a probabilistic extension of higher-order recursion schemes
(HORS), as a model of probabilistic higher-order programs. The model of PHORS
may alternatively be viewed as a higher-order extension of recursive Markov
chains. We then investigate the probabilistic termination problem -- or,
equivalently, the probabilistic reachability problem. We prove that almost sure
termination of order-2 PHORS is undecidable. We also provide a fixpoint
characterization of the termination probability of PHORS, and develop a sound
(but possibly incomplete) procedure for approximately computing the termination
probability. We have implemented the procedure for order-2 PHORSs, and
confirmed that the procedure works well through preliminary experiments that
are reported at the end of the article
Regular Abstractions for Array Systems
Verifying safety and liveness over array systems is a highly challenging
problem. Array systems naturally capture parameterized systems such as
distributed protocols with an unbounded number of processes. Such distributed
protocols often exploit process IDs during their computation, resulting in
array systems whose element values range over an infinite domain. In this
paper, we develop a novel framework for proving safety and liveness over array
systems. The crux of the framework is to overapproximate an array system as a
string rewriting system (i.e. over a finite alphabet) by means of a new
predicate abstraction that exploits the so-called indexed predicates. This
allows us to tap into powerful verification methods for string rewriting
systems that have been heavily developed in the last few decades (e.g. regular
model checking). We demonstrate how our method yields simple, automatically
verifiable proofs of safety and liveness properties for challenging examples,
including Dijkstra's self-stabilizing protocol and the Chang-Roberts leader
election protocol
Modular Verification for Almost-Sure Termination of Probabilistic Programs
International audienceIn this work, we consider the almost-sure termination problem for probabilistic programs that asks whether agiven probabilistic program terminates with probability 1. Scalable approaches for program analysis oftenrely on modularity as their theoretical basis. In non-probabilistic programs, the classical variant rule (V-rule)of Floyd-Hoare logic provides the foundation for modular analysis. Extension of this rule to almost-suretermination of probabilistic programs is quite tricky, and a probabilistic variant was proposed in [Fioriti andHermanns 2015]. While the proposed probabilistic variant cautiously addresses the key issue of integrability,we show that the proposed modular rule is still not sound for almost-sure termination of probabilistic programs.Besides establishing unsoundness of the previous rule, our contributions are as follows: First, we present asound modular rule for almost-sure termination of probabilistic programs. Our approach is based on a novelnotion of descent supermartingales. Second, for algorithmic approaches, we consider descent supermartingalesthat are linear and show that they can be synthesized in polynomial time. Finally, we present experimentalresults on a variety of benchmarks and several natural examples that model various types of nested whileloops in probabilistic programs and demonstrate that our approach is able to efficiently prove their almost-suretermination property