Abstract Program Slicing: an Abstract Interpretation-based approach to Program Slicing

In the present paper we formally define the notion of abstract program slicing, a general form of program slicing where properties of data are considered instead of their exact value. This approach is applied to a language with numeric and reference values, and relies on the notion of abstract dependencies between program components (statements). The different forms of (backward) abstract slicing are added to an existing formal framework where traditional, non-abstract forms of slicing could be compared. The extended framework allows us to appreciate that abstract slicing is a generalization of traditional slicing, since traditional slicing (dealing with syntactic dependencies) is generalized by (semantic) non-abstract forms of slicing, which are actually equivalent to an abstract form where the identity abstraction is performed on data. Sound algorithms for computing abstract dependencies and a systematic characterization of program slices are provided, which rely on the notion of agreement between program states

Reachability-based acyclicity analysis by Abstract Interpretation

In programming languages with dynamic use of memory, such as Java, knowing that a reference variable x points to an acyclic data structure is valuable for the analysis of termination and resource usage (e.g., execution time or memory consumption). For instance, this information guarantees that the depth of the data structure to which x points is greater than the depth of the data structure pointed to by x.f for any field f of x. This, in turn, allows bounding the number of iterations of a loop which traverses the structure by its depth, which is essential in order to prove the termination or infer the resource usage of the loop. The present paper provides an Abstract-Interpretation-based formalization of a static analysis for inferring acyclicity, which works on the reduced product of two abstract domains: reachability, which models the property that the location pointed to by a variable w can be reached by dereferencing another variable v (in this case, v is said to reach w); and cyclicity, modeling the property that v can point to a cyclic data structure. The analysis is proven to be sound and optimal with respect to the chosen abstraction

Abstract Program Slicing: An Abstract Interpretation-Based Approach to Program Slicing

n the present article, we formally define the notion of abstract program slicing, a general form of program slicing where properties of data are considered instead of their exact value. This approach is applied to a language with numeric and reference values and relies on the notion of abstract dependencies between program statements. The different forms of (backward) abstract slicing are added to an existing formal framework where traditional, nonabstract forms of slicing could be compared. The extended framework allows us to appreciate that abstract slicing is a generalization of traditional slicing, since each form of traditional slicing (dealing with syntactic dependencies) is generalized by a semantic (nonabstract) form of slicing, which is actually equivalent to an abstract form where the identity abstraction is performed on data. Sound algorithms for computing abstract dependencies and a systematic characterization of program slices are provided, which rely on the notion of agreement between program states

Estimación del riesgo de no superar una asignatura de evaluación continua mediante aprendizaje automático [Estimating the risk of not passing a continuous evaluation module by machine learning]

Este trabajo aplica técnicas de minería de datos para estimar el riesgo de suspender la asignatura de Lógica impartida en la ETSIINF UPM (Ingeniería Informática), partiendo de las calificaciones obtenidas por el alumno dentro del proceso de evaluación continua. Lo que se pretende es cuantificar la probabilidad de un alumno tiene de suspender conociendo las calificaciones obtenidas, por ejemplo, durante el primer mes de curso. El conjunto de datos estudiado son las notas (parciales y finales) de los alumnos en los años anteriores. Se ha desarrollado una aplicación web para que el alumno pueda ingresar las calificaciones obtenidas hasta el momento y saber qué probabilidad tiene de aprobar finalmente la asignatura. [The present work uses data mining in order to estimate how likely it is that a student will fail the exam of Logic in the Computer Science Degree at the ETSIINF, UPM. This is done starting from his or her previous grades during the semester (continuous evaluation is used in this course). Previous knowledge used in the learning process comes in the form of grades obtained by students in previous years: based on this, data mining techniques extract relevant patterns and predict the probability for the current student to pass or fail. A web application has been developed, which allows a student to insert grades obtained so far (for example, during the first month) and see the probability to finally pass or fail the course according to the results of previous years.

Termination and Cost Analysis with COSTA and its User Interfaces

COSTA is a static analyzer for Java bytecode which is able to infer cost and termination information for large classes of programs. The analyzer takes as input a program and a resource of interest, in the form of a cost model, and aims at obtaining an upper bound on the execution cost with respect to the resource and at proving program termination. The costa system has reached a considerable degree of maturity in that (1) it includes state-of-the-art techniques for statically estimating the resource consumption and the termination behavior of programs, plus a number of specialized techniques which are required for achieving accurate results in the context of object-oriented programs, such as handling numeric fields in value analysis; (2) it provides several nontrivial notions of cost (resource consumption) including, in addition to the number of execution steps, the amount of memory allocated in the heap or the number of calls to some user-specified method; (3) it provides several user interfaces: a classical command line, a Web interface which allows experimenting remotely with the system without the need of installing it locally, and a recently developed Eclipse plugin which facilitates the usage of the analyzer, even during the development phase; (4) it can deal with both the Standard and Micro editions of Java. In the tool demonstration, we will show that costa is able to produce meaningful results for non-trivial programs, possibly using Java libraries. Such results can then be used in many applications, including program development, resource usage certification, program optimization, etc

Cost analysis of object-oriented bytecode programs

AbstractCost analysis statically approximates the cost of programs in terms of their input data size. This paper presents, to the best of our knowledge, the first approach to the automatic cost analysis of object-oriented bytecode programs. In languages such as Java and C#, analyzing bytecode has a much wider application area than analyzing source code since the latter is often not available. Cost analysis in this context has to consider, among others, dynamic dispatch, jumps, the operand stack, and the heap. Our method takes a bytecode program and a cost model specifying the resource of interest, and generates cost relations which approximate the execution cost of the program with respect to such resource. We report on COSTA, an implementation for Java bytecode which can obtain upper bounds on cost for a large class of programs and complexity classes. Our basic techniques can be directly applied to infer cost relations for other object-oriented imperative languages, not necessarily in bytecode form

Upper Bounds on Memory Usage for Garbage-Collected Languages

Cost Analysis is the automatic study of program efficiency (or the resource consumption). ◮ Its aim is to statically estimate the cost of a program execution in terms of the size of its input args. Cost Analysis is the automatic study of program efficiency (or the resource consumption). ◮ Its aim is to statically estimate the cost of a program execution in terms of the size of its input args. The cost can be defined w.r.t. different cost models: ◮ number of instructions executed ◮ memory allocated ◮ number calls to certain methods: billable events on a mobile

Abstract non-interference in a fragment of Java bytecode

Non-Interference is an information ow property which is weaker and more general than standard Non-Interference, since it can allow some selected parts of secret information to ow into the public part of a program. The motivation for such a weakening is that some ows are indeed useful in real-life applications. The amount of allowed ows is en-coded into abstract domains, which characterize the degree of precision of a potential attacker in observing data; ows are forbidden as long as they can be observed and exploited by attackers. Abstract values describe possible values of pro-grams in dierent executions. Basic features of Java byte-code are considered; advanced topics, such as method calls, objects and exceptions, are also discussed. A program is said to be secure if analysis computes a state which does not contain private information in public places; informa-tion ows can exist only as long as the attacker has not enough observational power to see and exploit them. 1

Data Dependencies and Program Slicing: from Syntax to Abstract Semantics

We propose an algorithm to over-approximate data dependencies with respect to abstract properties of data, described as abstract domains. To the best of our knowledge, no other explicit calculi of abstract dependencies exist in the literature. In our setting, relevant variables are those which may affect abstract properties of expressions they occur in. Unlike its non-abstracted counterpart, the calculus of abstract dependencies is forced to rely on semantics: the syntactic occurrence of a variable is not sufficient to decide whether an expression depends on it. The algorithm computes the set of relevant variables for an expression, w.r.t. an abstract domain; it is proved to be sound, that is, the computed set is an over approximation of truly (semantically) relevant variables. We exploit static analysis techniques, together with our knowledge of the structure of expressions and domains, in order to improve efficiency. Applications to program slicing (w.r.t. abstract properties) and to abstract non-interference are discussed; moreover, we propose a domain transformer which approximates the most precise domain ruling out a given set of dependencies