TEA: Automatically Proving Termination of Programs in a Non-strict Higher-Order Functional Language

reduction e e0 if e!# e0 Approximation C[e] C[Ti] j e Ti is a new variable. Argument saturation e e Ti where Ti is a new variable. If e is a HNF where the head is a supercombinator Branching C[caseA T1 e1 : : : em] fT1 7! (cA;1 T1;1 : : : T1;n1)gC[e1 T1;1 : : : T1;n1 ] j : : : j fT1 7! (cA;m Tm;1 : : : Tm;nm)gC[em Tm;1 : : : Tm;nm ] Where Ti;j are new variables, m is the number of constructors of type A cA;j are the constructors of the type A, nj is the arity of cA;j and the case-expression is a normal order redex. The substitution fT1 7! (cA;j Tj;1 : : : Tj;nj )g is also called split-substitution. Fig. 1. Expansion rules for termination-tableaux. { If e at a leaf is dynamically ill-typed, then label the leaf as \closed". { If for e at a leaf Pnft(e) holds, then label the leaf as \closed". { If the expression tL at the leaf L is of the form C[e1; : : : en], where C[: : :] does not contain abstract variables, Pnft(ei) holds for i = 1; : : : ; n, and there is an ancestor node N labelled C[T1; : : : Tn], such that Ti Tj ) ei ej , then label L with the pair (\closed"; N). A termination tableau in which every leaf is labelled \closed", is called preclosed. The subsuming ancestor nodes are also called recursion ancestor nodes. Note that di erent leaves may have the same recursion ancestor node. De nition 12. A termination ordering is a Noetherian partial order > on ( NF )n for some n, which is invariant w.r.t. reduction, i.e., If s ! s0; t ! t0, then s > t is equivalent to s0 > t0, De nition 13. Let (s1; : : : ; sn) and (t1; : : : ; tn) be n-tuples of #-expressions and let R be a relation name. Then (s1; : : : ; sn) R (t1; : : : ; tn) is an ordering constraint. A set S of ordering constraints can be partitioned into the sets SR for all the relation names R occurring in S. The set SR consists of all ordering constraints in S with the same relation name R. A component SR is satis able, if there is a termination ordering >R on ( NF )n, where n is the arity of the tuples in SR such that for all concretization maps and for all ordering constraints (s1; : : : ; sn) R (t1; : : : ; tn): WT ( (s1; : : : ; sn)) and WT ( (t1; : : : ; tn)) imply (s1; : : : ; sn) >R (t1; : : : ; tn). A set S of ordering constraints is satis able, i for every relation name R, the sets SR of ordering constraints are satis able. The ordering constraints are also called termination hypotheses in the work on termination of strict functional languages. Let T be a preclosed termination tableau. Let L be a leaf with ancestor node N , let the terms be TL C[t1; : : : ; tn] and TN C[T1; : : : ; Tn] and let be the composition of the split-substitutions on the path from N to L. Then the corresponding ordering constraint is: (T1; : : : ; Tn) >N (t1; : : : ; tn). The set of all ordering constraints of T is OC(T ). De nition 14. Let T be a preclosed termination tableau, such that for every path from a recursion ancestor node to one of its subsumed leaves, there is no further recursion ancestor node on the path. If moreover for every recursive ancestor node the same context is used for subsuming all corresponding leaves, then we say the preclosed termination tableau is without crossings. De nition 15. A termination tableau T is called closed, if it is preclosed, without crossings and OC(T ) is satis able. 3.2 Correctness of Termination Tableaux In this subsection we argue that the method for proving termination is correct. I.e., if a closed tableau can be constructed for an abstract term at the root node, then this term represents only nf-terminating terms. Lemma16. Let e be a non-leaf node in a termination tableau. Let be any concretization map such that WT ( (e)) and (e) is not nf-terminating. Then there is a direct son e0 of e, such that one of the following holds: { The expansion rule is \Abstract reduction", WT ( (e0)) and (e0) is not nfterminating. { The expansion rule is \Approximation" or \Argument saturation" and there is a concretization map 0 with 0(T ) = (T ) for all variables T 2 AV (e), WT ( 0(e0)) and 0(e0) is not nf-terminating. { The expansion rule is \Branching", the substitution on the path from e to e0 is , and there is a concretization map 0 with 0( (Ti)) = (Ti) for all variables Ti 2 AV (e), WT ( 0(e0)) and 0(e0) is not nf-terminating. Proof. By inspecting the rules and using that WT is admissible. Lemma17. Let e be a non-leaf node in a termination tableau, let be any concretization map such that WT ( (e)) and (e) is not nf-terminating. Then there is a descendant leaf e0, where is the substitution on the path from e to e0, a concretization map , such that ( (T )) = (T ) for all T 2 AV (e) and such that WT ( (e0)) and (e0) is not nf-terminating Proof. This follows from Lemma 16 by induction on the length of the path. Theorem18. Let T be a closed termination tableau with root t0. Then t0 is nf-terminating. Proof. Let there be xed termination orderings >N on the tupels over NF for every recursion ancestor node N , which satisfy the ordering constraints for the closed tableau. Assume that there is a concretization map 0, such that WT ( 0(t0)) and 0(t0) is not nf-terminating. Then Lemma 17 shows that there is some leaf with a well-typed but not nf-terminating concretization. This leaf must have a recursion ancestor node. Select a leaf L with term C[t1; : : : ; tn] and recursion ancestor N , and a concretization map such that WT ( (C[t1; : : : ; tn])), (C[t1; : : : ; tn]) is not nf-terminating, and the following holds: { The distance (measured in number of edges) of the root to the ancestor node corresponding to the leaf L is maximal. { (t1; : : : ; tn) is minimal w.r.t >N . The concretization (C[t1; : : : ; tn]) is also a concretization of the term (C[T1; : : : ; Tn]), i.e., there is a concretization map , such that (C[t1; : : : ; tn]) = (C[T1; : : : ; Tn]), since all ti are nf-terminating and WT ( (ti)). Lemma 17 shows that there is a leaf L0 that is a descendant of N , and which has a non-nf-terminating instance. Since T is without crossings and due to our minimal choice, N is also a recursion ancestor for L0 with the same context. Hence the term at L0 is C[t01; : : : ; t0n], there is a concretization map , such that ( (Ti)) = (Ti) for all Ti 2 AV (tN ), and (C[t01; : : : ; t0n]) is well-typed and not nf-terminating. The ordering constraints are satis ed, which means (T1; : : : ; Tn) >N (t01; : : : t0n). This implies ( (T1; : : : ; Tn)) >N (t1; : : : tn), and hence (T1; : : : ; Tn)) >N (t01; : : : t0n). We obtain (t1; : : : ; tn) = (T1; : : : ; Tn) >N (t01; : : : t0n). This is a contradiction to the minimal choice of L and . The nal contradiction shows that the expression t0 at the root is nf-terminating. Since the problem of proving nf-termination is undecidable, (it is in fact nonr.e.), there are cases, where the construction of a preclosed termination tableau for an nf-terminating expression does not succeed. The construction is then nonterminating, since either there are paths without recursion ancestor, or there are recursion ancestors, but with crossings. The restriction to preclosed trableaux without crossings is necessary. For a counterexample see [Pan97]. To illustrate the calculus we will give a simple example: Example 1. We want to prove that the result of applying the length function to a nite list is a de ned number, even if there are unde ned elements in the list: bot = bot mkbot x = bot fin = map mkbot T map f xs = case xs Nil (map2 f) map2 f x xs = Cons (f x) (map f xs) length xs = case xs 0 length2 length2 length2 x xs = 1 + length xs A preclosed tableau for the application of length to nite lists is given in gure 2. The tableau makes use of the fact that the built-in function + nf-terminates. 0 length n Ta 7! (Cons Ta1 Ta2 ) 1 case Nil 0 length2 case (map mkbot Ta) 0 length2 case (case Ta Nil (map2 mkbot)) 0 length2 Ta 7! Nil case (map2 mkbot Ta1 Ta2 ) 0 length2 case (Cons (mkbot Ta1 ) (map mkbot Ta2 )) 0 length2 length2 (mkbot Ta1 ) (map mkbot Ta2 ) 1 + (length (map mkbot Ta2 )) T1 T+ Tlm length (map mkbot Ta2 ) case (map mkbot Ta2 ) 0 length2 Fig. 2. A preclosed tableau for the application of length to nite lists. 4 Termination orderings on We will interpret constructors, and hence normal forms, as functions over the nonnegative integers. For non-strict functional languages, interpreting supercombinators as integer functions is too restrictive, since this precludes the use of subexpressions without normal form like in nite lists. An n-ary function p on integers is called nonnegative, i p(a1; : : : ; an) 0 for all nonnegative ai. p is called strictly monotonous, i y > z implies p(x1; : : : ; xi 1; y; xi+1; : : : ; xn) > p(x1; : : : ; xi 1; z; xi+1; : : : ; xn) for all nonnegative integers xi; y; z, and all i. Let be an interpretation of the normal forms, where every constructor c of arity n is interpreted as a nonnegative function that is strictly monotonous for all arguments at positions in Ic;sm and constant for the arguments in position [1; n] n Ic;con. Expressions in HNF that have a supercombinator as head are interpreted as zero. The interpretation can be extended to all well-typed -expressions t having a normal form by (t) := (t+). A termination ordering > is induced on nf-terminating -expressions by de ning s > t i (s) > (t). We describe a proof method which given an interpretation for the normal forms, shows that the ordering constraint s R t is satis ed by > . Though termination tableaux as described in section 3 issue only ordering constraints where the left hand sides consist of a tuple of variables, we permit more general ordering constraints. TEA makes only use of linear polynomial interpretations with small coe cients. Though this de nes only a very restricted class of orderings, Figure 3 shows that this is in practice su cient. In the following due to space limitations we will not explore the syntactic nature of ordering tableaux in detail, but rather introduce the semantical ideas and the correctness proof. 4.1 Verifying ordering constraints We assume a given interpretation of constructors. The top level tupels in ordering constraints are treated like constructed objects with a special constructor. Given an ordering constraint, the veri cation algorithm has the task to check that the ordering constraint is satis ed. In this section, we assume that the abstract variables may be instantiable with arbitrary expressions. We denote the inequations used in the algorithm as plhs1; : : : ; sni prht1; : : : ; tmi, where the nonnegative, strictly monotonous functions pl; pr are assumed to be known, are of arity n and m, respectively, and the expressions si; ti are #-expressions. De nition 19. Let f1; f2; g1; g2 be functions. Let xi; yi be variables, where equal variables are permitted. We say f1(x1; : : : ; xm) f2(y1; : : : ; yn) is valid, if for all replacements of nonnegative integers for the variables the inequation holds. We say f1(x1; : : : ; xm) f2(y1; : : : ; yn) implies g1(x01; : : : ; x0m) g2(y0 1; : : : ; y0 n), i for all replacements of nonnegative integers for the variables: If f1( (x1); : : : ; (xm)) f2( (y1); : : : ; (yn)) holds, then g1( (x01); : : : ; (x0m)) g2( (y0 1); : : : ; (y0 n)) holds. We say f1hs1; : : : ; smi f2ht1; : : : ; tni is valid, if f1(x1; : : : ; xm) f2(y1; : : : ; yn) is valid after replacing the terms si; ti by variables, where equal (di erent) terms have to be replaced with equal (di erent) variables. Similarly, we de ne f1hs1; : : : ; smi f2ht1; : : : ; tni implies g1hs01; : : : ; s0mi g2ht01; : : : ; ty0 ni i f1(x1; : : : ; xm) f2(y1; : : : ; yn) implies g1(x01; : : : ; x0m) g2(y0 1; : : : ; y0 n), where equal (di erent) terms have to be replaced with equal (different) variables. The veri cation method is based on abstract reduction to built up a tree of possible reductions (called an ordering tableau). I.e., a tree which is labelled with inequations, and which is generated by placing the initial inequation at the root, using expansion and closing rules described below. Initially, the veri cation algorithm starts with lhs > rhs, which is easily translated into lhs rhs+ 1. The following simpli cations are performed with high priority: 1. simplify-comb: A leftor right side of the following form is immediately simpli ed: phs1; : : : ; si 1; (c si;1 : : : si;k); si+1; : : : ; sni simpli es to qhs1; : : : ; si 1, si;j1 ; : : : ; si;jh ; si+1; : : : ; sni, where q(x1; : : : ; xi 1,xi;j1 ; : : : ; xi;jh ,xi+1; : : : ; xn) := p(x1; : : : ; xi 1,pc(xi;1; : : : ; xi;k),xi+1; : : : ; xn), and Ic;sm = fj1; : : : ; jhg. 2. simplify-zero: A leftor right side, where si is in HNF but without a constructor as head is immediately simpli ed: phs1; : : : ; si 1,si; si+1; : : : ; sni simpli es to qhs1; : : : ; si 1,si+1; : : : ; sni, where q(x1; : : : ; xi 1; xi+1; : : : ; xn) := p(x1; : : : ; xi 1; 0; xi+1; : : : ; xn). Note that the de ned function q is nonnegative and strictly monotonous. De nition 20. The expansion rules for expanding the ordering tableau are \abstract reduction" and \branching" (cf. termination tableau) applied to ordering constraints, where the rules are to be applied only to normal order redexes. In the following closing rules we assume that there are sound and e ectively computable predicates to recognize \valid" and \implies": { If one of the #-expressions is dynamically ill-typed, then label the leaf as \closed". { If the inequation at the leaf is valid, then label the leaf as \closed". { Let L be a leaf labelled with pL;lhsL;1; : : : ; sL;ni pL;rhtL;1; : : : ; tL;mi. Let there be an ancestor N of L, which is labelled with pN;lhsN;1; : : : ; sN;ni pN;rhtN;1; : : : ; tN;mi, such that the following holds: There exists a subsuming substitution , such that (sN;i) sL;i, and (tN;j) tL;j for i = 1; : : : ; n; j = 1; : : : ;m. The inequation (pN;lhsN;1; : : : ; sN;ni) (pN;rhtN;1; : : : ; tN;mi) implies pL;lhsL;1; : : : ; sL;ni pL;rhtL;1; : : : ; tL;mi. Then label the leaf L by (N; \closed"). Note that the implementation is also able to exploit symmetries of the functions in the subsumption check. De nition 21. An ordering tableau is closed, i every leaf is closed. Now we can show that a closed ordering tableau is a proof that the ordering > satis es a given ordering constraint. Theorem22. Let s > t be an ordering constraint. If a closed ordering tableau for ( z:z)hsi ( z:z+1)hti can be constructed using the rules in De nition 20, then s > t is satis ed by the ordering > . Proof. Assume that the theorem is false. Then there is a closed ordering tableau for ( z:z)hsi ( z:z+1)hti, but s > t is not satis ed by > . There is a ground substitution , such that (s); (t) are nf-terminating ground expressions, and ( (s)) < (rho(t)) + 1. It is easy to see that the expansion rules of the tableau permit to nd a witness of a wrong instance of an inequation at some son, if the father has a wrong instance of its inequation. This is obvious for the reduction, and also for the branching rule, since it is only used for normal order redexes, and it is assumed that witnesses are well-typed. Hence there is some leaf, such that the inequation has a wrong instance. This leaf must be closed by the subsumption rule. Among the leaves with non-valid inequations select a leaf and a corresponding instance which is minimal w.r.t. the minimal number of normal order reductions to compute its -value. This number is de ned, since we assumed that the instance is nf-terminating at the root, which is inherited to the corresponding leaf. This leaf has a subsuming ancestor N , which is labelled by a wrong inequation, and which requires the same number of normal order reductions to normal form. We reduce again until a further leaf L0 with a wrong instance is found. Since at least one normal order step was performed on the path from N to L0, the instance at the new leaf L0 requires a smaller number of normal order reductions for the computation. Hence we have a contradiction to the minimal choice. 5 Extensions We describe some extensions and modi cations of the termination analysis. 5.1 Lazy Termination There are sensible functions in a lazy functional language, like repeat, which are not nf-terminating. In order to apply the termination analysis also to these functions, it will turn out that a simple test on a preclosed tableau is a su cient condition that a function is lazy terminating. De nition 23. Every well-typed expression is 0-lazy-terminating. A well-typed expression e is n-lazy-terminating, i either e has a HNF with a supercombinator as head and e is nf-terminating, or e has HNF (c e1 : : : ek), c is a constructor and every ei is (n 1)-lazy-terminating. An expression e is lazy terminating, i for all n, e is n-lazy-terminating. We lift the notion of lazy termination to # via concretization maps in the natural way. It is obvious that nf-termination implies lazy termination. An example for a lazy terminating expression is (repeat 1) with de nition repeat x = x : repeat x. The following simple criterion is su cient for lazy termination: Theorem24. Let e be an expression, and let there be a preclosed termination tableau with root e, such that for every leaf L with subsuming ancestor N , on the path from N to L the only permitted use of the approximation rule is: c e1 : : : en e1 j : : : j en , where c is a constructor, there is at least one such application on the path, and there is no argument saturation on the path. Then e is lazy terminating Proof. Assume that the theorem is false. Then there is some e, a preclosed tableau and a concretization (e) that is not lazy terminating. Similarly as in the proof of Theorem 18 we can nd a leaf that is not lazy terminating. This leaf is closed using using the criterion for a subsuming ancestor, since nf-termination implies lazy termination. We select a leaf L such that there is an instance that is not n-lazy-terminating with minimal n. We follow a witnessing instance: going from L to its subsuming ancestor N , again reducing down to a new leaf L0, we see that L0 has a smaller witnessing instance, which is a contradiction. 5.2 Errors Usually, programs contain error-cases, for example taking the head of a list is not de ned for the empty list, or division by zero is unde ned. The standard behavior in these cases is that the evaluation stops, and an error message is displayed. For semantic purposes, this is often treated as ?, which is also used for nonterminating object. However, from a pragmatic point of view there is a di erence: a programmer does not write non-terminating programs intentionally, whereas error-cases are often useful and sensible. Thus, it makes sense to treat error cases as terminating cases, since a program terminates by displaying something. The implementation of TEA usually treats errors as termination and thus it marks the built-in division and missing cases in a case-expression as nf-terminating exits. 5.3 Strict evaluation Theorem 18 as it stands is not applicable for a functional language with strict evaluation. However, the construction of termination tableaux can be modi ed, such that also strict (nf-)termination can be proved. The only necessary modi cation is to restrict all reductions to applicative order reductions, in the expansion of the termination tableau as well as for the ordering tableau. Since the behavior of normal order and applicative order reduction are di erent, the heuristics and strategies have to be di erent: The rule for approximation has to be preferred in several cases in order to make redexes top level terms in the tableau. 6 Implementation and Experiments TEA is a Haskell-implementation of the termination analysis as described in this paper [Kic97, Pan97]. Optimizations and special rules for treating nested recursive functions are included. Abstract reduction is implemented by a template instantiation machine. The strategy for automatic analysis is as follows. Firstthere is a dependency analysis that determines the sequence of analyzing thefunctions. Then there are two passes of the script in the determined sequence,where successively for every function there is an attempt to construct a closedtermination tableaux. The obtained termination information is used eagerly inthe rst pass, where the strategy for the application of the approximation is ap-proximate only nf-terminating expressions, such that no branching is necessary.The second pass avoids this eager use of nf-termination knowledge. The gener-ated ordering constraints are then handed over to the ordering tableau-modulethat tries to construct and verify an ordering based on a linear polynomial in-terpretation for normal forms. If for a function the detection of nf-terminationfails, but there is a preclosed tableau, then the criterion for lazy termination ischecked. If a function is neither nf-terminating nor lazy terminating, but there isa preclosed termination tableau, then the program is able to give hints where apossible non-termination may occur by displaying the ordering constraints andthe corresponding path.The implementation incorporates strict built-in functions on integers in the corelanguage and makes use of their termination behavior (see example 2).To guarantee termination of tableau expansion, there is a maximal possiblelength of paths in the termination tableau, a practical value being around 40.A restriction for the ordering is that the polynomials are linear, the coe cientsmay be 0,1, or 2, and there is also a depth bound. Since the rules are non-deterministic, heuristics are used to optimize the probability of constructing apreclosed tableau.We tested the implementation on three program scripts. The example t10.coreis taken from the examples for strictness analysis in [Sch94]. It is generated froma script containing almost all the function of the Gofer [Jon94] prelude plussome other functions, the example Rewrite.core is one of the modules writtenfor manipulating and reducing expressions for constructing an ordering tableau,and Misc.core is a set of standard functions on lists and trees, like di erentsorting algorithms, a combinator parser, functions generating an in nite lists ofprimes, and further functions (see [Pan97]). In the following gure the number offunctions and the obtained results and the time on a HP C160 is recorded. Thelast column gives the number of functions where the termination informationcould not be detected.Example# nf-term. nf-term + lazy preclosed min. not detectedt10.core212 191 (90%) 200 (94.3%) 205 (96.7%) 0:49 14 (6.6%)Rewrite.core 79 76 (96%) 76 (96%) 78 (98.7%) 7:38 2 (2.5%)Misc.core121 95 (78,5%) 101 (83,4%) 110 (90,9%) 3:04 13 (10.7%)Fig. 3. Results on example les. The results are promising: TEA detects almost all nf-terminating functions inRewrite.core.It is possible to improve the success rate by modifying the strategy. We ana-lyzed the failure cases in order to learn about possible improvements. Using aninteractive mode it is possible to improve the results slightly, which means thatadding some passes with di erent strategies may help a bit. There are some (nf-terminating) functions in the prelude which are not detected as nf-terminating.Their termination behavior depends on the value returned by built-in functions.This could be remedied, but is omitted in our prototype implementation. Anexample for a function that cannot be proved nf-terminating by TEA is thefunction tak. However, tak is an arti cial function and it is not easy to proveits termination.Our prototype implementation and the results justify the hope that it is pos-sible to include powerful tools into compilers which are able to detect a largeamount of nf-termination and/or lazy termination in scripts of non-strict func-tional programs. This information is useful for a programmer as well as forprogram optimizations.AcknowledgmentWe would like to thank Marko Schutz for his helpful remarks in discussions.References[AG97] T. Arts and J. Giesl. Automatically proving termination where simpli ca-tion orderings fail. In Michel Bidoit & Max Dauchet, editor, Proceedings ofthe 7th International Joint Conference on Theory and Practice of SoftwareDevelopment (TAPSOFT '97), number 1214 in Lecture Notes in ComputerScience, pages 261{272, Lille, France, 1997. Springer{Verlag.[AH87] S. Abramsky and C. L. Hankin, editors. Abstract Interpretation of Declar-ative Languages. Ellis Horwood, 1987.[AH96] P.H. Andersen and C.K. Holst. Termination analysis for o ine partial eval-uation of a higher order functional language. In Static Analysis, third in-ternational symposium, volume 1145 of Lecture Notes in Computer Science,pages 67{82. Springer-Verlag, 1996.[BM79] R. S. Boyer and J S. Moore. A Computational Logic. Academic Press, 1979.[Bur91] Geo rey Burn. Lazy Functional Languages: Abstract Interpretation andCompilation. Pitman, London, 1991.[CC77] Patrick Cousot and Radhia Cousot. Abstract interpretation: A uni ed lat-tice model for static analysis of programs by construction or approximationof xpoints. In Conference Record of the Fourth ACM Symposium on Prin-ciples of Programming Languages, pages 252{252. ACM Press, 1977.[Der87] N. Dershowitz. Termination of rewriting. Journal of Symbolic Computation,3(1):69{116, 1987.[Gie95a] J. Giesl. Automatisierung von Terminierungsbeweisen fur rekursiv de nier-te Algorithmen. PhD thesis, Technische Hochschule Darmstadt, 1995. [Gie95b] J. Giesl. Termination analysis for functional programs using term orderings.In Alan Mycroft, editor, Static Analysis Symposium '95, number 984 inLecture Notes in Computer Science, pages 154{171. Springer, 1995.[HAB+96] K. Hammond, L. Augustsson, B. Boutel, W. Burton, J. Fairbairn, J. Fasel,A. Gordon, M. Guzman, J. Hughes, P. Hudak, T. Johnsson, M. Jones,D. Kieburtz, R. Nikhil, W. Partain, J. Peterson, S. Peyton Jones, andP Wadler. Report on the programming language Haskell 1.3. Technicalreport, Department of Computer Science, University of Glasgow, 1996.[Jon94] Mark P. Jones. The implementation of the Gofer functional programmingsystem. Research Report YALEU/DCS/RR-1030, Yale University, Depart-ment of Computer Science, May 1994.[Kah95] S. Kahrs. Towards a domain theory for termination proofs. In Proceedings ofthe 6th International Conference on Rewriting Techniques and Applications,volume 914 of Lecture Notes in Computer Science, pages 241{255. Springer-Verlag, 1995.[Kic97] Hubert Kick. Terminierungsanalyse fur den Sprachkern einer nicht-striktenfunktionalen Programmiersprache unter Verwendung eines Tableaukalkulsfur abstrakte Reduktion. Master's thesis, Johann Wolfgang Goethe-Univer-sitat, Frankfurt, 1997.[Noc93] Eric Nocker. Strictness analysis using abstract reduction. In FunctionalProgramming Languages and Computer Architecture, pages 255{265. ACMPress, 1993.[Pan97] S. E. Panitz. Generierung statischer Programminformation zur Kompilie-rung verzogert ausgewerteter funktionaler Programmiersprachen. (Disserta-tion), Universitat Frankfurt, 1997. preliminary version, in German.[Sch94] Marko Schutz. Striktheits-Analyse mittels abstrakter Reduktion fur denSprachkern einer nicht-strikten funktionalen Programmiersprache. Master'sthesis, Johann Wolfgang Goethe-Universitat, Frankfurt, 1994.[SNN94] Kirsten Lackner Solberg, Hanne Riis Nielson, and Flemming Nielson. Strict-ness and totality analysis. In Baudouin Le Charlier, editor, Static Analysis,number 864 in Lecture Notes in Computer Science, pages 408{422. Springer,1994.[SSPS95] M. Schmidt-Schau , S.E. Panitz, and M. Schutz. Strictness analysis by ab-stract reduction using a tableau calculus. In Alan Mycroft, editor, StaticAnalysis Symposium '95, number 983 in Lecture Notes in Computer Science,pages 348{365. Springer, 1995.[Ste95] J. Steinbach. Automatic termination proofs with transformation orderings.In Proceedings of the 6th International Conference on Rewriting Techniquesand Applications, volume 914 of Lecture Notes in Computer Science, pages11{25. Springer-Verlag, 1995.[Wal91] Chr. Walther. Automatisierung von Terminierungsbeweisen. Kunstliche In-telligenz. Vieweg, Braunschweig, 1991.[Wal94] Chr. Walther. On proving the termination of algorithms by machine. Arti-cial Intelligence, 71:101{157, 1994.This article was processed using theLATEX macro package with LLNCS style