Peter Schachte

Two classes of Boolean functions for dependency analysis

Many static analyses for declarative programming/database languages use Boolean functions to express dependencies among variables or argument positions. Examples include groundness analysis, arguably the most important analysis for logic programs, finiteness analysis and functional dependency analysis for databases. We identify two classes of Boolean functions that have been used: positive and definite functions, and we systematically investigate these classes and their efficient implementation for dependency analyses. On the theoretical side, we provide syntactic characterizations and study the expressiveness and algebraic properties of the classes. In particular, we show that both are closed under existential quantification. On the practical side, we investigate various representations for the classes based on reduced ordered binary decision diagrams (ROBDDs), disjunctive normal form, conjunctive normal form, Blake canonical form, dual Blake canonical form, and a form specific to definite functions. We compare the resulting implementations of groundness analyzers based on the representations for precision and efficiency.

Boolean functions for dependency analysis: Algebraic properties and efficient representation

Many analyses for logic programming languages use Boolean functions to express dependencies between variables or argument positions. Examples include groundness analysis, arguably the most important analysis for logic programs, finiteness analysis and functional dependency analysis. We identify two classes of Boolean functions that have been used: positive and definite functions, and we systematically investigate these classes and their efficient implementation for dependency analyses. We provide syntactic characterizations and study their algebraic properties. In particular, we show that both classes are closed under existential quantification. We investigate representations for these classes based on: reduced ordered binary decision diagrams (ROBDDs), disjunctive normal form, conjunctive normal form, Blake canonical form, dual Blake canonical form, and a form specific to definite functions. We give an empirical comparison of these different representations for groundness analysis.

A Secure Event Agreement (SEA) protocol for peer-to-peer games

Secure updates in a peer-to-peer game where all of the players are untrusted offers a unique challenge. We analyse the NEO protocol which was designed to accomplish the exchange of update information among players in a fair and authenticated manner. We show that of the five forms of cheating it was designed to prevent, it prevents only three. We then propose an improved protocol which we call Secure Event Agreement (SEA) which prevents all five types of cheating as well as meeting some additional security criteria. We also show that the performance of SEA is at worst equal to NEO and in some cases better.

A Secure Group Agreement (SGA) Protocol for Peer-to-Peer Applications

The lack of a trusted central authority poses a unique security challenge to peer-to-peer networks. It must be assumed that some fraction of all peers in a network are corrupt and may collude to try to derive an advantage. Nonetheless, in some circumstances it is necessary to select a subset of the peer-to-peer network in such a way that all members of the selected group can be confident that most group members are honest. We propose a secure protocol for the selection of a subset of peers from the network without a trusted authority. Our protocol ensures, with any desired probability, that the percentage of corrupt members in the subset is no greater than a selected limit (up to the total percentage of corrupt peers). We then discuss the use of this protocol in the context of a peer-to-peer game.

Factorizing Equivalent Variable Pairs in ROBDD-Based Implementations of Pos

The subject of groundness analysis for (constraint) logic programs has been widely studied, and interesting domains have been proposed. Pos has been recognized as the most suitable domain for capturing the kind of dependencies arising in groundness analysis, and Reduced Ordered Binary Decision Diagrams (ROBDDs) are generally accepted to be the most efficient representation for Pos. Unfortunately, the size of an ROBDDs is, in the worst case, exponential in the number of variables it depends upon. Earlier work [2] has shown that a hybrid representation that separates the definite information from the dependency information is considerably more efficient than keeping the two together. The aim of the present paper is to push this idea further, also separating out certain dependency information, in particular all pairs of variables that are always either both ground or neither ground. We find that this new hybrid representation is a significant improvement over previous work.

Signedness-Agnostic Program Analysis: Precise Integer Bounds for Low-Level Code

Many compilers target common back-ends, thereby avoiding the need to implement the same analyses for many different source languages. This has led to interest in static analysis of LLVM code. In LLVM (and similar languages) most signedness information associated with variables has been compiled away. Current analyses of LLVM code tend to assume that either all values are signed or all are unsigned (except where the code specifies the signedness). We show how program analysis can simultaneously consider each bit-string to be both signed and unsigned, thus improving precision, and we implement the idea for the specific case of integer bounds analysis. Experimental evaluation shows that this provides higher precision at little extra cost. Our approach turns out to be beneficial even when all signedness information is available, such as when analysing C or Java code.

Abstract Interpretation over Non-lattice Abstract Domains

The classical theoretical framework for static analysis of programs is abstract interpretation. Much of the power and elegance of that framework rests on the assumption that an abstract domain is a lattice. Nonetheless, and for good reason, the literature on program analysis provides many examples of non-lattice domains, including non-convex numeric domains. The lack of domain structure, however, has negative consequences, both for the precision of program analysis and for the termination of standard Kleene iteration. In this paper we explore these consequences and present general remedies.

Failure tabled constraint logic programming by interpolation

We present a new execution strategy for constraint logic programs called Failure Tabled CLP. Similarly to Tabled CLP our strategy records certain derivations in order to prune further derivations. However, our method only learns from failed derivations. This allows us to compute interpolants rather than constraint projection for generation of reuse conditions. As a result, our technique can be used where projection is too expensive or does not exist. Our experiments indicate that Failure Tabling can speed up the execution of programs with many redundant failed derivations as well as achieve termination in the presence of infinite executions.

Unbounded model-checking with interpolation for regular language constraints

We present a decision procedure for the problem of, given a set of regular expressions R1, …, Rn, determining whether R=R1∩⋯∩Rn is empty. Our solver, revenant, finitely unrolls automata for R1, …, Rn, encoding each as a set of propositional constraints. If a SAT solver determines satisfiability then R is non-empty. Otherwise our solver uses unbounded model checking techniques to extract an interpolant from the bounded proof. This interpolant serves as an overapproximation of R. If the solver reaches a fixed-point with the constraints remaining unsatisfiable, it has proven R to be empty. Otherwise, it increases the unrolling depth and repeats. We compare revenant with other state-of-the-art string solvers. Evaluation suggests that it behaves better for constraints that express the intersection of sets of regular languages, a case of interest in the context of verification.

Exploiting Sparsity in Difference-Bound Matrices

Relational numeric abstract domains are very important in program analysis. Common domains, such as Zones and Octagons, are usually conceptualised with weighted digraphs and implemented using difference-bound matrices (DBMs). Unfortunately, though conceptually simple, direct implementations of graph-based domains tend to perform poorly in practice, and are impractical for analyzing large code-bases. We propose new DBM algorithms that exploit sparsity and closed operands. In particular, a new representation which we call split normal form reduces graph density on typical abstract states. We compare the resulting implementation with several existing DBM-based abstract domains, and show that we can substantially reduce the time to perform full DBM analysis, without sacrificing precision.