Experiments with a Convex Polyhedral Analysis Tool for Logic Programs

Convex polyhedral abstractions of logic programs have been found very useful in deriving numeric relationships between program arguments in order to prove program properties and in other areas such as termination and complexity analysis. We present a tool for constructing polyhedral analyses of (constraint) logic programs. The aim of the tool is to make available, with a convenient interface, state-of-the-art techniques for polyhedral analysis such as delayed widening, narrowing, "widening up-to", and enhanced automatic selection of widening points. The tool is accessible on the web, permits user programs to be uploaded and analysed, and is integrated with related program transformations such as size abstractions and query-answer transformation. We then report some experiments using the tool, showing how it can be conveniently used to analyse transition systems arising from models of embedded systems, and an emulator for a PIC microcontroller which is used for example in wearable computing systems. We discuss issues including scalability, tradeoffs of precision and computation time, and other program transformations that can enhance the results of analysis.Comment: Paper presented at the 17th Workshop on Logic-based Methods in Programming Environments (WLPE2007

Analysis and Transformation Tools for Constrained Horn Clause Verification

Several techniques and tools have been developed for verification of properties expressed as Horn clauses with constraints over a background theory (CHC). Current CHC verification tools implement intricate algorithms and are often limited to certain subclasses of CHC problems. Our aim in this work is to investigate the use of a combination of off-the-shelf techniques from the literature in analysis and transformation of Constraint Logic Programs (CLPs) to solve challenging CHC verification problems. We find that many problems can be solved using a combination of tools based on well-known techniques from abstract interpretation, semantics-preserving transformations, program specialisation and query-answer transformations. This gives insights into the design of automatic, more general CHC verification tools based on a library of components.Comment: To appear in Theory and Practice of Logic Programming (TPLP

Efficient Groundness Analysis in Prolog

Boolean functions can be used to express the groundness of, and trace grounding dependencies between, program variables in (constraint) logic programs. In this paper, a variety of issues pertaining to the efficient Prolog implementation of groundness analysis are investigated, focusing on the domain of definite Boolean functions, Def. The systematic design of the representation of an abstract domain is discussed in relation to its impact on the algorithmic complexity of the domain operations; the most frequently called operations should be the most lightweight. This methodology is applied to Def, resulting in a new representation, together with new algorithms for its domain operations utilising previously unexploited properties of Def -- for instance, quadratic-time entailment checking. The iteration strategy driving the analysis is also discussed and a simple, but very effective, optimisation of induced magic is described. The analysis can be implemented straightforwardly in Prolog and the use of a non-ground representation results in an efficient, scalable tool which does not require widening to be invoked, even on the largest benchmarks. An extensive experimental evaluation is givenComment: 31 pages To appear in Theory and Practice of Logic Programmin

Efficient Goal Directed Bottom-up Evaluation of Logic Programs

This paper introduces a new strategy for the efficient goal directed bottomup evaluation of logic programs. Instead of combining a standard bottomup evaluation strategy with a Magic-set transformation, the evaluation strategy is specialized for the application to Magic-set programs which are characterized by clause bodies with a high degree of overlapping. The approach is similar to other techniques which avoid re-computation by maintaining and reusing partial solutions to clause bodies. However, the overhead is considerably reduced as these are maintained implicitly by the underlying Prolog implementation. The technique is presented as a simple meta-interpreter for goal directed bottom-up evaluation. No Magic-set transformation is involved as the dependencies between calls and answers are expressed directly within the interpreter. The proposed technique has been implemented and shown to provide substantial speed-ups in applications of semantic based program analysis based on bottom-up..

Magic-sets for localised analysis of Java bytecode

Static analyses based on denotational semantics can naturally modelfunctional behaviours of the code in a compositionaland completely context and flow sensitive way. But theyonly model the functional, ie., input/output behaviour of a program P,not enough if one needs P's internal behaviours,ie., from the input to some internal program points.This is, however, a frequent requirement for a useful staticanalysis. In this paper, weovercome this limitation, for the case of mono-threaded Java bytecode,with a technique used up to nowfor logic programs only. Namely, we define a programtransformation that adds new "magic" blocks of code to theprogram P, whose functional behaviours are the internal behaviours of P.We prove the transformation correct wrt. an operationalsemantics and define an equivalent denotational semantics, devised forabstract interpretation, whosedenotations for the magic blocks are hence the internal behavioursof P. We implement our transformationand instantiate it with abstract domains modellingsharing of two variables, non-cyclicity of variables,nullness of variables, class initialisation informationand size of the values bound to program variables.We get a static analyser for full mono-threaded Java bytecode that is faster andscales better than another operational pair-sharing analyser.It has the same speed but is more precisethan a constraint-based nullness analyser. It makes a polyhedralsize analysis of Java bytecode scale up to 1300 methods in a coupleof minutes and a zone-based size analysis scale to still largerapplications