Incremental Analysis of Logic Programs with Assertions and Open Predicates

Abstract

Generic components are a further abstraction over the concept of modules, introducing dependencies on other (not necessarily available) components implementing specified interfaces. They have become a key concept in large and complex software applications. Despite undeniable advantages, generic code is also anti-modular. Precise analysis (e.g., for detecting bugs or optimizing code) requires such code to be instantiated with concrete implementations, potentially leading to expensive combinatorial explosion. In this paper we claim that incremental, whole program analysis can be very beneficial in this context, and alleviate the anti-modularity nature of generic code. We propose a simple Horn-clause encoding of generic programs, using open predicates and assertions, and we introduce a new incremental, multivariant analysis algorithm that reacts incrementally not only to changes in program clauses, but also to changes in the assertions, upon which large parts of the analysis graph may depend. We also discuss the application of the proposed techniques in a number of practical use cases. In addition, as a realistic case study, we apply the proposed techniques in the analysis of the LPdoc documentation system. We argue that the proposed traits are a convenient and elegant abstraction for modular generic programming, and that our preliminary results support our thesis that the new incrementality-related features added to the analysis bring promising advantages in this context.

Research partially funded by MINECO TIN2015-67522-C3-1-R TRACES project, FPU grant 16/04811, and the Madrid P2018/TCS-4339 BLOQUES-CM program. We are also grateful to the anonymous reviewers for their useful comments.

A Assertions

Assertions may not be exactly represented in the abstract domain used by the analyzer. We recall some definitions (adapted from [22]) which are instrumental to correctly approximate the properties of the assertions during the analysis (Fig. 6).

Definition 3 (Set of Calls for which a Property Formula Trivially Succeeds (Trivial Success Set))

Given a conjunction L of property literals and the definitions for each of these properties in P, we define the trivial success set of L in P as:

Fig. 6.

Applying assertions.

where \(\theta |Var(L)\) above denotes the projection of \(\theta \) onto the variables of L, and \(\models \) denotes that \(\theta '\) is a more general constraint than \(\theta \) (entailment). Intuitively, TS(L, P) is the set of constraints \(\theta \) for which the literal L succeeds without adding new constraints to \(\theta \) (i.e., without constraining it further). For example, given the following program P:

and \(L=list(X)\), both \(\theta _1 = \{ X = [1,2] \}\) and \(\theta _2 = \{ X = [1,A] \}\) are in the trivial success set of L in P, since calling \((X=[1,2],list(X))\) returns \(X=[1,2]\) and calling \((X=[1,A],list(X))\) returns \(X=[1,A]\). However, \(\theta _3 = \{ X = [1|\_] \}\) is not, since a call to \((X = [1|Y], list(X))\) will further constrain the term [1|Y], returning \(X = [1|Y], Y=[]\). We define abstract counterparts for Definition 3:

Definition 4 (Abstract Trivial Success Subset of a Property Formula)

Under the same conditions of Definition 3, given an abstract domain \(D_\alpha \), \(\lambda ^-_{TS(L,P)} \in D_\alpha \) is an abstract trivial success subset of L in P iff \(\gamma (\lambda ^-_{TS(L,P)})\subseteq TS(L,P)\).

Definition 5 (Abstract Trivial Success Superset of a Property Formula)

Under the same conditions of Definition 4, an abstract constraint \(\lambda ^+_{TS(L,P)}\) is an abstract trivial success superset of L in P iff \(\gamma (\lambda ^+_{TS(L,P)})\supseteq TS(L,P)\).

I.e., \(\lambda ^-_{TS(L,P)}\) and \(\lambda ^+_{TS(L,P)}\) are, respectively, safe under- and over-approximations of TS(L, P). These abstractions come useful when the properties expressed in the assertions cannot be represented exactly in the abstract domain.