Inferring Termination Conditions for Logic Programs using Backwards Analysis

This paper focuses on the inference of modes for which a logic program is guaranteed to terminate. This generalises traditional termination analysis where an analyser tries to verify termination for a specified mode. Our contribution is a methodology in which components of traditional termination analysis are combined with backwards analysis to obtain an analyser for termination inference. We identify a condition on the components of the analyser which guarantees that termination inference will infer all modes which can be checked to terminate. The application of this methodology to enhance a traditional termination analyser to perform also termination inference is demonstrated

Transforming floundering into success

We show how logic programs with "delays" can be transformed to programs without delays in a way which preserves information concerning floundering (also known as deadlock). This allows a declarative (model-theoretic), bottom-up or goal independent approach to be used for analysis and debugging of properties related to floundering. We rely on some previously introduced restrictions on delay primitives and a key observation which allows properties such as groundness to be analysed by approximating the (ground) success set. This paper is to appear in Theory and Practice of Logic Programming (TPLP). Keywords: Floundering, delays, coroutining, program analysis, abstract interpretation, program transformation, declarative debuggingComment: Number of pages: 24 Number of figures: 9 Number of tables: non

A Backward Analysis for Constraint Logic Programs

One recurring problem in program development is that of understanding how to re-use code developed by a third party. In the context of (constraint) logic programming, part of this problem reduces to figuring out how to query a program. If the logic program does not come with any documentation, then the programmer is forced to either experiment with queries in an ad hoc fashion or trace the control-flow of the program (backward) to infer the modes in which a predicate must be called so as to avoid an instantiation error. This paper presents an abstract interpretation scheme that automates the latter technique. The analysis presented in this paper can infer moding properties which if satisfied by the initial query, come with the guarantee that the program and query can never generate any moding or instantiation errors. Other applications of the analysis are discussed. The paper explains how abstract domains with certain computational properties (they condense) can be used to trace control-flow backward (right-to-left) to infer useful properties of initial queries. A correctness argument is presented and an implementation is reported.Comment: 32 page

Efficient Algorithms on the Family Associated to an Implicational System

International audienceAn implication system (IS) on a finite set S is a set of rules called Σ -implications of the kind A →_Σ B, with A,B ⊆ S. A subset X ⊆ S satisfies A →_Σ B when ''A ⊆ X implies B ⊆ X'' holds, so ISs can be used to describe constraints on sets of elements, such as dependency or causality. ISs are formally closely linked to the well known notions of closure operators and Moore families. This paper focuses on their algorithmic aspects. A number of problems issued from an IS Σ (e.g. is it minimal, is a given implication entailed by the system) can be reduced to the computation of closures φ _Σ (X), where φ _Σ is the closure operator associated to Σ . We propose a new approach to compute such closures, based on the characterization of the direct-optimal IS Σ _do which has the following properties: \beginenumerate ıtemit is equivalent to Σ ıtemφ _Σ _do(X) (thus φ _Σ (X)) can be computed by a single scanning of Σ _do-implications ıtemit is of minimal size with respect to ISs satisfying 1. and 2. \endenumerate We give algorithms that compute Σ _do, and from Σ _do closures φ _Σ (X) and the Moore family associated to φ _Σ

Transforming semantics by abstract interpretation

In 1997, Cousot introduced a hierarchy where semantics are related with each other by abstract interpretation. In this field we consider the standard abstract domain transformers, devoted to refine abstract domains in order to include attribute independent and relational information, respectively the reduced product and power of abstract domains, as domain operations to systematically design and compare semantics of programming languages by abstract interpretation. We first prove that natural semantics can be decomposed in terms of complementary attribute independent observables, leading to an algebraic characterization of the symmetric structure of the hierarchy. Moreover, we characterize some structural property of semantics, such as their compositionality, in terms of simple abstract domain equations. This provides an equational presentation of most well known semantics, which is parametric on the observable and structural property of the semantics, making it possible to systematically derive abstract semantics, e.g. for program analysis, as solutions of abstract domain equations

Affine Disjunctive Invariant Generation with Farkas' Lemma

Invariant generation is the classical problem that aims at automated generation of assertions that over-approximates the set of reachable program states in a program. We consider the problem of generating affine invariants over affine while loops (i.e., loops with affine loop guards, conditional branches and assignment statements), and explore the automated generation of disjunctive affine invariants. Disjunctive invariants are an important class of invariants that capture disjunctive features in programs such as multiple phases, transitions between different modes, etc., and are typically more precise than conjunctive invariants over programs with these features. To generate tight affine invariants, existing constraint-solving approaches have investigated the application of Farkas' Lemma to conjunctive affine invariant generation, but none of them considers disjunctive affine invariants

Optimality and Condensing of Information Flow through Linear Refinement

Detecting information flows inside a program is useful to check non-interference or independence of program variables, an important aspect of software security. In this paper we present a new abstract domain C expressing constancy of program variables. We then apply Giacobazzi and Scozzari's linear refinement to build a domain C->C which contains all input/output dependences between the constancy of program variables. We show that C->C is optimal, in the sense that it cannot be further linearly refined, andcondensing, in the sense that a compositional, input-independent static analysis over C->C has the same precision as a non-compositional, input-driven analysis. Moreover, we show that C->C has a natural representation in terms of Boolean formulas, which is important since it allows one to use the efficient binary decision diagrams in its implementation. We then prove that C-.C coincides with Genaim, Giacobazzi andMastroeni's IF domain for information flows and with Amtoft and Banerjee's Indep domain for independence. This lets us extend to IF and Indep the properties that we proved for C->C: optimality, condensing and representation in terms of Boolean formulas. As a secondary result, it lets us conclude that IF and Indep are actually the same abstract domain, although completely different static analyses have been based on them

A Theoretical Foundation of Sensitivity in an Abstract Interpretation Framework

International audienceProgram analyses often utilize various forms of sensitivity such as context sensitivity, call-site sensitivity, and object sensitivity. These techniques all allow for more precise program analyses, that are able to compute more precise program invariants, and to verify stronger properties. Despite the fact that sensitivity techniques are now part of the standard toolkit of static analyses designers and implementers, no comprehensive frameworks allow the description of all common forms of sensitivity. As a consequence, the soundness proofs of static analysis tools involving sensitivity often rely on ad hoc formalization, which are not always carried out in an abstract interpretation framework. Moreover, this also means that opportunities to identify similarities between analysis techniques to better improve abstractions or to tune static analysis tools can easily be missed. In this paper, we present and formalize a framework for the description of sensitivity in static analysis. Our framework is based on a powerful abstract domain construction, and utilizes reduced cardinal power to tie basic abstract predicates to the properties analyses are sensitive to. We formalize this abstraction, and the main abstract operations that are needed to turn it into a generic abstract domain construction. We demonstrate that our approach can allow for a more precise description of program states, and that it can also describe a large set of sensitivity techniques, both when sensitivity criteria are static (known before the analysis) or dynamic (inferred as part of the analysis), and sensitive analysis tuning parameters. Last, we show that sensitivity techniques used in state of the art static analysis tools can be described in our framework