Proving mutual termination

Dima Elenbogen, Shmuel Katz, Ofer Strichman

Research output: Contribution to journalArticlepeer-review

Abstract

Two programs are said to be mutually terminating if they terminate on exactly the same inputs. We suggest inference rules and a proof system for proving mutual termination of a given pair of procedures ⟨f, f⟩ and the respective subprograms that they call under a free context. Given a (possibly partial) mapping between the procedures of the two programs, the premise of the rule requires proving that given the same arbitrary input in, f(in) and f(in) call procedures mapped in the mapping with the same arguments. A variant of this proof rule with a weaker premise allows to prove termination of one of the programs if the other is known to terminate. In addition, we suggest various techniques for battling the inherent incompleteness of our solution, including a case in which the interface of the two procedures is not identical, and a case in which partial equivalence (the equivalence of their input/output behavior) has only been proven for some, but not all, the outputs of the two given procedures. We present an algorithm for decomposing the verification problem of whole programs to that of proving mutual termination of individual procedures, based on our suggested inference rules. The reported prototype implementation of this algorithm is the first to deal with the mutual termination problem.

Original languageEnglish
Pages (from-to)204-229
Number of pages26
JournalFormal Methods in System Design
Volume47
Issue number2
DOIs
StatePublished - 29 Oct 2015

Keywords

  • Mutual termination
  • Program termination
  • Regression-verification

All Science Journal Classification (ASJC) codes

  • Software
  • Theoretical Computer Science
  • Hardware and Architecture

Fingerprint

Dive into the research topics of 'Proving mutual termination'. Together they form a unique fingerprint.

Cite this