Showing papers on "Program analysis published in 1979"
1 Jan 1979
TL;DR: The systematic and correct design of program analysis frameworks with respect to a formal semantics is devoted to the main elements of the lattice theoretic approach to approximate semantic analysis of programs.
Abstract: Semantic analysis of programs is essential in optimizing compilers and program verification systems. It encompasses data flow analysis, data type determination, generation of approximate invariant assertions, etc. Several recent papers (among others Cousot & Cousot[77a], Graham & Wegman[76], Kam & Ullman[76], Kildall[73], Rosen[78], Tarjan[76], Wegbreit[75]) have introduced abstract approaches to program analysis which are tantamount to the use of a program analysis framework (A,t,a) where A is a lattice of (approximate) assertions, t is an (approximate) predicate transformer and a is an often implicit function specifying the meaning of the elements of A. This paper is devoted to the systematic and correct design of program analysis frameworks with respect to a formal semantics. Preliminary definitions are given in Section 2 concerning the merge over all paths and (least) fixpoint program-wide analysis methods. In Section 3 we briefly define the (forward and backward) deductive semantics of programs which is later used as a formal basis in order to prove the correctness of the approximate program analysis frameworks. Section 4 very shortly recall the main elements of the lattice theoretic approach to approximate semantic analysis of programs. The design of a space of approximate assertions A is studied in Section 5. We first justify the very reasonable assumption that A must be chosen such that the exact invariant assertions of any program must have an upper approximation in A and that the approximate analysis of any program must be performed using a deterministic process. These assumptions are shown to imply that A is a Moore family, that the approximation operator (wich defines the least upper approximation of any assertion) is an upper closure operator and that A is necessarily a complete lattice. We next show that the connection between a space of approximate assertions and a computer representation is naturally made using a pair of isotone adjoined functions. This type of connection between two complete lattices is related to Galois connections thus making available classical mathematical results. Additional results are proved, they hold when no two approximate assertions have the same meaning. In Section 6 we study and examplify various methods which can be used in order to define a space of approximate assertions or equivalently an approximation function. They include the characterization of the least Moore family containing an arbitrary set of assertions, the construction of the least closure operator greater than or equal to an arbitrary approximation function, the definition of closure operators by composition, the definition of a space of approximate assertions by means of a complete join congruence relation or by means of a family of principal ideals. Section 7 is dedicated to the design of the approximate predicate transformer induced by a space of approximate assertions. First we look for a reasonable definition of the correctness of approximate predicate transformers and show that a local correctness condition can be given which has to be verified for every type of elementary statement. This local correctness condition ensures that the (merge over all paths or fixpoint) global analysis of any program is correct. Since isotony is not required for approximate predicate transformers to be correct it is shown that non-isotone program analysis frameworks are manageable although it is later argued that the isotony hypothesis is natural. We next show that among all possible approximate predicate transformers which can be used with a given space of approximate assertions there exists a best one which provides the maximum information relative to a program-wide analysis method. The best approximate predicate transformer induced by a space of approximate assertions turns out to be isotone. Some interesting consequences of the existence of a best predicate transformer are examined. One is that we have in hand a formal specification of the programs which have to be written in order to implement a program analysis framework once a representation of the space of approximate assertions has been chosen. Examples are given, including ones where the semantics of programs is formalized using Hoare[78]'s sets of traces. In Section 8 we show that a hierarchy of approximate analyses can be defined according to the fineness of the approximations specified by a program analysis framework. Some elements of the hierarchy are shortly exhibited and related to the relevant literature. In Section 9 we consider global program analysis methods. The distinction between "distributive" and "non-distributive" program analysis frameworks is studied. It is shown that when the best approximate predicate transformer is considered the coincidence or not of the merge over all paths and least fixpoint global analyses of programs is a consequence of the choice of the space of approximate assertions. It is shown that the space of approximate assertions can always be refined so that the merge over all paths analysis of a program can be defined by means of a least fixpoint of isotone equations. Section 10 is devoted to the combination of program analysis frameworks. We study and examplify how to perform the "sum", "product" and "power" of program analysis frameworks. It is shown that combined analyses lead to more accurate information than the conjunction of the corresponding separate analyses but this can only be achieved by a new design of the approximate predicate transformer induced by the combined program analysis frameworks.
1,854 citations
TL;DR: A symbolic evaluator uses conditional expressions to represent the uncertainty that arises from branching and develops and attempts to solve recurrence relations that describe the behavior of loop variables.
Abstract: Symbolic evaluation is a form of static program analysis in which symbolic expressions are used to denote the values of program variables and computations. It does not require the user to specify which path at a conditional branch to follow nor how many cycles of a loop to consider. Instead, a symbolic evaluator uses conditional expressions to represent the uncertainty that arises from branching and develops and attempts to solve recurrence relations that describe the behavior of loop variables.
110 citations
TL;DR: This paper presents a method for automatically analyzing loops, and discusses why it is a useful way to look at loops and the relationship between the structure building methods presented and programming language constructs.
Abstract: This paper presents a method for automatically analyzing loops, and discusses why it is a useful way to look at loops. The method is based on the idea that there are four basic ways in which the logical structure of a loop is built up. An experiment is presented which shows that this accounts for the structure of a large class of loops. The paper discusses how the method can be used to automatically analyze the structure of a loop, and how the resulting analysis can be used to guide a proof of correctness for the loop. An automatic system is described which performs this type of analysis. The paper discusses the relationship between the structure building methods presented and programming language constructs. A system is described which is designed to assist a person who is writing a program. The intent is that the system will cooperate with a programmer throughout aUl phases of work on a program and be able to communicate with the programmer about it.
95 citations
17 Sep 1979
TL;DR: The Program Development System is a programming environment, an integrated collection of interactive tools that support the process of program definition, testing, and maintenance intended to aid the development of large programs, especially program families whose members must be maintained in synchrony.
Abstract: The Program Development System (PDS) is a programming environment, an integrated collection of interactive tools that support the process of program definition, testing, and maintenance. The PDS is intended to aid the development of large programs, especially program families whose members must be maintained in synchrony. The system facilitates implementation by stepwise refinement, and it keeps a refinement history that allows program modifications made at a high level of abstraction to be reflected efficiently and automatically in the corresponding low level code. Analysis tools are used both to support program validation and to guide program refinement.We describe the PDS and the tools incorporated in it, and we conclude with an example of its use.
43 citations
TL;DR: The complete test set construction algorithm for commercially oriented data processing programs is outlined, and the results of its functioning on real programs are analyzed.
Abstract: The possibility of automatic construction of a complete set of program tests is considered. A test set system is said to be complete if every feasible program branch (segment) is executed by it. The complete test set construction algorithm for commercially oriented data processing programs is outlined, and the results of its functioning on real programs are analyzed.
41 citations
TL;DR: A system that reasons about changes must build a detailed model of each development and be able to apply its knowledge, the same kind of knowledge an expert would have, to integrate new or changed information into an existing model.
Abstract: Since developing and maintaining formally verified programs is an incremental activity, one is not only faced with the problem of constructing specifications, programs, and proofs, but also with the complex problem of determining what previous work remains valid following incremental changes. A system that reasons about changes must build a detailed model of each development and be able to apply its knowledge, the same kind of knowledge an expert would have, to integrate new or changed information into an existing model.
30 citations
1 Jan 1979
TL;DR: This paper extends flow analysis techniques developed for sequential programs to the analysis of communicating, concurrent processes.
Abstract: Data flow analysis is a technique essential to the compile-time optimization of computer programs, wherein facts relevant to program optimizations are discovered by the global propagation of facts obvious locally.This paper extends flow analysis techniques developed for sequential programs to the analysis of communicating, concurrent processes.
28 citations
TL;DR: This research applies to: a) the setting of threshold values of complexity in software production in order to avoid undue difficulty with program debugging; b) the use of complexity as an index for allocating resources during the test phase of software development; c) theUse of complexity for developing test strategies and the selection of test data.
Abstract: Several research studies have shown a strong relationship between program complexity, as measured by the structural properties of a program, and its error properties, as measured by number and types of errors and error detection and correction times. This research applies to: a) the setting of threshold values of complexity in software production in order to avoid undue difficulty with program debugging; b) the use of complexity as an index for allocating resources during the test phase of software development; c) the use of complexity for developing test strategies and the selection of test data. Application #c uses the directed graph representation of a program and its complexity measures to decompose the program into its basic constructs. The identification of the constructs serves to identify a) the components of the program which must be tested, and b) the selection of test data which are needed to exercise these components. Directed-graph properties which apply to program development and testing are defined; examples of the application of graph properties for program development and testing are given; the results of program complexity and error measurements are presented; and a procedure for complexity measurement and its use in programming and testing is summarized.
21 citations
TL;DR: A formal specification is given for a simple calendar program, and the derivation and proof of correctness of the program are sketched.
Abstract: A formal specification is given for a simple calendar program, and the derivation and proof of correctness of the program are sketched. The specification is easy to understand, and its correctness is manifest to humans.
15 citations
6 Nov 1979
TL;DR: A set of 30 Algol 68 programs written by students in an upper-level course was graded by hand for readability and the results compared with a set of program parameters extracted by a SNOBOL program showed a combination of parameters with maximum predictive value to be effective in predicting readability.
Abstract: In comparison with such objective aspects of program quality as efficiency and correctness, readability is elusive and hard-to-measure. Since it is surely an important factor in the cost of maintaining a program over its lifetime, the usefulness of an accurate and inexpensive measure of readability is obvious. In an attempt to find such a measure, a set of 30 Algol 68 programs written by students in an upper-level course was graded by hand for readability and the results compared with a set of program parameters extracted by a SNOBOL program. Correlation and multiple regression techniques were used to test hypotheses suggested in the literature on program quality, and to find a combination of parameters with maximum predictive value. A set of three variables was found to be effective in predicting readability.
1 Jan 1979
TL;DR: This paper presents a summary of how plans can be used in program analysis in the form of a hypothetical monologue and shows a small catalogue of plans which are characteristic of AI programming.
Abstract: : Automated Program Analysis is the process of discovering decomposition of a system into sub-units such that the behavior of its parts. Analysis can be employed to increase the explanatory power of a program understanding system. We identify several techniques which are useful for automated program analysis. Chief among these is the identification and classification of the the macro-scale units of programming knowledge which are characteristics of the problem domain. We call these plans. This paper presents a summary of how plans can be used in program analysis in the form of a hypothetical monologue. We also show a small catalogue of plans which are characteristic of AI programming. Finally, we present some techniques which facilitate plan recognition. (Author)
1 Jan 1979
TL;DR: This report discusses the automatic generation of an executable program from a high-level abstract specification; in the process, the generated program can be tailored to the program environment in which it will be used.
Abstract: Library software should be adaptable in order to be efficient for use in production programs. This report discusses the automatic generation of an executable program from a high-level abstract specification; in the process, the generated program can be tailored to the program environment in which it will be used. Principles behind program adaptation and transformations (rewrite rules that manipulate the nontextual representation of the computer program) are given. (RWR)
Book•
1 Jan 1979
TL;DR: The key to the solution is a framework for incremental program acquisition that includes a formal language for expressing program fragments that contain informalities; a control structure for the incremental recognition and assimilation of such fragments; and a knowledge base of rules for acquiring programs specified with informalities.
Abstract: : Program acquisition is the transformation of a program specification into an executable, but not necessarily efficient, program that meets the given specification. This thesis presents a solution to one aspect of the program acquisition problem; the incremental construction of program models from informal descriptions. The key to the solution is a framework for incremental program acquisition that includes a formal language for expressing program fragments that contain informalities; a control structure for the incremental recognition and assimilation of such fragments; and a knowledge base of rules for acquiring programs specified with informalities. The thesis describes a LISP based computer system called the Program Model Builder (PMB), which receives informal program fragments incrementally and assembles them into a very high level program model that is complete, semantically consistent, unambiguous, and executable. The program specification comes in the form of partial program fragments that arrive in any order and may exhibit such informalities as inconsistencies and ambiguous references. Possible sources of fragments are a natural language parser or a parser for a surface form of the fragments. PMB produces a program model that is a complete and executable computer program. the program fragment language used for specifications is a superset of the language in which program models are built. This program modelling language is a very high level programming language for symbolic processing that deals with such information structures as sets and mappings. The recognition paradigm used by PMB is a form of subgoaling that allows the parts of the program to be specified in an order chosen by the user, rather than dictated by the system.
TL;DR: Questions in program synthesis are discussed by relating the idea of systematic program derivation with the concepts of data type and correctness of data representation and the notion of an incomplete definition of a data type at a high level of abstraction.
Abstract: The present paper discusses some issues in program synthesis by relating the idea of systematic program derivation with the concepts of data type and correctness of data representation. The notion of an incomplete definition of a data type at a high level of abstraction is introduced. The ideas are illustrated through an example previously discussed in the literature by D. Gries.
TL;DR: Information is provided about data types, formal specification, correctness of data representations, and program verification in the context of data types and formal specification.
17 Sep 1979
TL;DR: The core of the analyzing package is described, the Symbolic Evaluator, which has incorporated pragmatic methods for handling data sharing patterns, and for characterizing and reasoning about the behaviour of loops and procedures.
Abstract: The Program Development System (PDS) is a collection of programming tools created as an extension of the ECL programming system23. It contains components that assist the programmer in the definition and modular structuring of large programs at different levels of algorithmic abstraction. These components are supplemented by a program analysis package that produces an information pool to be used for such tasks as source-to-source optimization, semi-automated program documentation, fault detection and program verification.This paper describes the core of the analyzing package, the Symbolic Evaluator. In its implementation we have incorporated pragmatic methods for handling data sharing patterns, and for characterizing and reasoning about the behaviour of loops and procedures.The impact of these methods upon program verification techniques is briefly discussed.
22 Jan 1979
TL;DR: A focussing system emits an infrared light beam towards the subject, the reflected beam passing through an infrared filter and being projected by a spot optics as a small spot onto a pair of photosensitive elements.
3 Sep 1979
6 Nov 1979
TL;DR: This paper proposes two new test criteria which suggest how to select test data to obtain confidence on program correctness beyond the requirement of having each statement, branch, or path to be executed at least once.
Abstract: There are three commonly used criteria for program testing: each and every statement (branch) (path) in a program is executed at least once. This paper explores the complexity of proving the correctness of several classes of programs by testing. It turns out that even for very restrictive classes of programs, none of the commonly used test criteria is nearly sufficient to guarantee absence of errors. Then this paper proposes two new test criteria which suggest how to select test data to obtain confidence on program correctness beyond the requirement of having each statement, branch, or path to be executed at least once.
1 Jul 1979
TL;DR: This interim report summarizes the research performed by Polytechnic Institute of New York for Rome Air Development Center on development of new measures of program complexity based upon information theory, models of software management and organizational structure, and statistical measures relating the probability of finding a program error to the testing of that program.
Abstract: : This interim report summarizes the research performed by Polytechnic Institute of New York for Rome Air Development Center. The principal topics covered are (1) software test models and implementation of Automated test drivers to force-execute every program path, (2) development of new measures of program complexity based upon information theory, (3) models of software management and organizational structure, and (4) statistical measures relating the probability of finding a program error to the testing of that program.
1 Jan 1979
TL;DR: The paper discusses therelationship between thestructure building methods presented and programming language constructs, and how the method can be used toautomatically analyze the structure ofaloop, andhow the resulting analysis can beused to guide a proof ofcorrectness for theloop.
Abstract: This paperpresents amethodforautomatically analyzing loops, anddiscusses whyitisauseful waytolookatloops. The method isbased ontheidea that there arefour basic waysinwhichthe logical structure ofaloopisbuilt up.Anexperiment ispresented which shows thatthis accounts forthestructure ofalarge class ofloops. The paperdiscusses howthemethod canbeusedtoautomatically analyze thestructure ofaloop, andhowtheresulting analysis canbeusedto guide aproof ofcorrectness fortheloop.Anautomatic system is described whichperforms this typeofanalysis. Thepaperdiscusses therelationship between thestructure building methods presented and programming language constructs. A system isdescribed whichis designed toassist aperson whoiswriting aprogram. Theintent isthat thesystem will cooperate withaprogrammer throughout aUl phases of workonaprogram andbeabletocommunicate withtheprogrammer about it. IndexTerms-Loops, plans, program analysis, program verification, program understanding.
Book•
1 Jan 1979
TL;DR: This report reproduces a disserttion submitted to the Departent of Computer Science and the Committee on Grauate Studies of Stanford University in parial fulfilment of the requirements for the degree of Doctor of Philosophy.
Abstract: See next page This report reproduces a disserttion submitted to the Departent of Computer Science and the Committee on Grauate Studies of Stanford University in parial fulfilment of the requirements for the degree of Doctor of Philosophy.