A Generic Framework for Interprocedural Analysis of Numerical - - PowerPoint PPT Presentation

A Generic Framework for Interprocedural Analysis of Numerical Properties

Markus Müller-Olm + Helmut Seidl Münster + München PUMA Ringvorlesung, 2009

1

Outline:

• Background
• The framework for affine relations
• Granger’s analysis
• Procedures
• Guards
• Conclusion

2

Outline:

• Background
• The framework for affine relations
• Granger’s analysis
• Procedures
• Guards
• Conclusion

3

Dream:

Check

• everything
• in every program
• in no time

:-)

4

Dream:

Check

• everything
• in many programs
• in no time

;-)

5

Dream:

Check

• certain properties
• in many programs
• in no time

;-}

6

Dream:

Check

• certain properties
• in many programs
• in acceptable time ...

7

Dream:

Check

• affine properties
• in affine programs
• in polynomial time

;-}

8

An Affine Program:

2 1

x2 := 4 x1 := 2 x1 := x1 + x2 x2 := x2 − 2x1

9

More Generally:

Affine programs consist of

• affine assignments:

x1 := x1 + x2 − 7;

• non-deterministic instead of conditional choice ...

extended with

• nondeterministic assignments:

x3 := ?;

• recursive procedures;
• equality guards

;-)

10

More Generally:

Affine programs consist of

• affine assignments:

x1 := x1 + x2 − 7;

• non-deterministic instead of conditional choice ...

extended with

• nondeterministic assignments:

x3 := ?;

• recursive procedures;
• equality guards

;-)

11

Questions:

Karr, 1976

→ What is the value of x1 at program exit? → Where is 5 + 2x1 − x2 = 0 ? → Which of the variables x1, x2 and x3 are equal at program point 2 ? = = ⇒

affine relations

12

Questions:

Karr, 1976

→ What is the value of x1 at program exit? → Where is 5 + 2x1 − x2 = 0 ? → Which of the variables x1, x2 and x3 are equal at program point 2 ? = = ⇒

affine relations

13

Applications:

• constant propagation;
• data alignment properties;
• induction variable detection;
• loop transformations;
• program verification

:-))

Goal:

Determine all valid affine relations between variables ... in polynomial time :-)

14

Applications:

• constant propagation;
• data alignment properties;
• induction variable detection;
• loop transformations;
• program verification

:-))

Goal:

Determine all valid affine relations between variables ... in polynomial time :-)

15

Applications:

• constant propagation;
• data alignment properties;
• induction variable detection;
• loop transformations;
• program verification

:-))

Goal:

Determine all valid affine relations between variables ... in polynomial time :-)

16

Results for Intraprocedural Analysis:

Karr fields 1976 Gulwani, Necula random Zp 2003 MMO., S. fields 2004 MMO., S. Zm, m = 2w 2005

Why not ...

• Re-use algorithm !
• Just exchange ring

:-)

17

Results for Intraprocedural Analysis:

Karr fields 1976 Gulwani, Necula random Zp 2003 MMO., S. fields 2004 MMO., S. Zm, m = 2w 2005

Why not ...

• Re-use algorithm !
• Just exchange the ring

:-)

18

Principal Ideal Rings

Ideal: I ⊆ R such that: a + b ∈ I if a, b ∈ I r · a ∈ I if r ∈ R, a ∈ I PIR: R such that I = aR = {r · a | r ∈ R} for every ideal I ⊆ R.

19

Examples:

• All fields such as

Q , Zp (p prime) , R

• integral domains such as

Z , Q[t] :-)

• the modular ring

Z2w;

• the modular rings

Zm for arbitrary m

• ...

20

Examples:

• All fields such as

Q , Zp (p prime) , R

• integral domains such as

Z , Q[t] :-)

• the modular ring

Z2w;

• the modular rings

Zm for arbitrary m

• ...

21

Properties of PIRs:

The homogeneous equation a · x = 0 can be solved ... = = ⇒ Find all annihilators !

Example:

has the solutions {0, 5, 10, 15, 20, 25} :-)

22

Properties of PIRs:

The homogeneous equation a · x = 0 can be solved ... = = ⇒ Find all annihilators !

Example: R = Z32

12 · x = 0 has the solutions {0, 8, 16, 24} :-)

23

Properties of PIRs:

The homogeneous equation a · x = 0 can be solved ... = = ⇒ Find all annihilators !

Example: R = Z30

6 · x = 0 has the solutions {0, 5, 10, 15, 20, 25} :-)

24

Properties of PIRs (2):

The inhomogeneous equation a · x = b can be solved ... = = ⇒ Check for ideal membership !

Example:

has the solutions 5 + {10, 20} :-)

25

Properties of PIRs (2):

The inhomogeneous equation a · x = b can be solved ... = = ⇒ Check for ideal membership !

Example: R = Z32

12 · x = 4 has the solutions 11 + {0, 8, 16, 24} :-)

26

Properties of PIRs (2):

The inhomogeneous equation a · x = b can be solved ... = = ⇒ Check for ideal membership !

Example: R = Z30

3 · x = 15 has the solutions 5 + {10, 20} :-)

27

Properties of PIRs (3):

For every a, b ∈ R, there is a gcd: a, bR = dR. Even more:

• t11

t12 t21 t22

• ·
• a

b

• =
• d
• for some tij with

t11t22 − t12t21 = 1 ... fill!

28

Consequence:

Hafner, McCurley, 1991 Storjohann, 2000 Any linear equation system over a PIR can be solved using modified Gaussian elimination :-)

29

Outline:

• Background
• The framework for affine relations
• Granger’s analysis
• Procedures
• Guards
• Conclusion

30

General Setting:

1 x := 1 y := q

2

x := 4q − 1 x := q + 1 y := x − 2q

semantics collecting property

31

General Setting:

1

?

2

x := 1 y := q x := 4q − 1 y := x − 2q x := q + 1

semantics collecting property

32

Abstract Interpretation:

Cousot/Cousot, 1977

1

?

2

x := 1 y := q x := q + 1 y := x − 2q x := 4q − 1

semantics abstract semantics collecting property

33

Precise Abstract Interpretation:

1

?

2

x := 1 y := q x := q + 1 y := x − 2q x := 4q − 1

semantics collecting property semantics abstract lossless

34

The Collecting Semantics

• For every program point determine the set of reachable

states [x1, . . . , xk]t.

• Every assignment

xj := t induces a affine transformation of the state: [ [x1 := x1 + x2 + 1] ]

• x1

x2

• =
• 1

1 1

• ·
• x1

x2

• +
• 1
• 35

Simplified Collecting Semantics

• For every program point determine the set of reachable

extended states [1, x1, . . . , xk]t.

• Every assignment

xj := t induces a linear transformation of the state: [ [x1 := x1 + x2 + 1] ]     x0 x1 x2     =     1 1 1 1 1     ·     x0 x1 x2    

36

Constraint System:

C[start] ⊇ {1} × Rk C[v] ⊇ [ [xj := t] ] (C[u]) (u, xj := t, v) control-flow edge

37

The Abstraction:

αR(X) = {r1x(1) + . . . + rmx(m) | ri ∈ R, x(i) ∈ X} the R-module generated by X :-)

38

The Abstraction:

αR(X) = {r1x(1) + . . . + rmx(m) | ri ∈ R, x(i) ∈ X} =: XR the R-module generated by X :-)

39

Properties:

• αR

maps sets of extended states into R-modules.

• The R-modules

M ⊆ Rk+1 form a complete lattice: least element: ∅R = {0} least upper bound: M1 ⊔ M2 = {m1 + m2 | mi ∈ Mi}

40

Properties (2):

• If

R is a PIR, then every ascending chain: M0 ⊑ . . . ⊑ Mi ⊑ . . . ⊑ Rk+1 is ultimately stable :-))

Examples:

41

Properties (2):

• If

R is a PIR, then every ascending chain: M0 ⊑ . . . ⊑ Mi ⊑ . . . ⊑ Rk+1 is ultimately stable :-))

Examples:

R height field k + 1 Zm log(m) · (k + 1) Z unbounded

42

Idea:

Apply αR to constraint system ...

43

Idea:

Apply αR to constraint system ...

C♯

R[start]

⊒ Rk+1 C♯

R[v]

⊒ [ [xj := t] ] (C♯

R[u])

(u, xj := t, v) control-flow edge

44

Our Example:

R = Q

1 1 1 1 1

2 1

x2 := 4 x1 := 2 x1 := x1 + x2 x2 := x2 − 2x1

45

Our Example:

R = Q

4 1 2 4 1 6 1 1 1 1 1

2 1

x2 := 4 x1 := 2 x1 := x1 + x2 x2 := x2 − 2x1

46

Our Example:

R = Q

4 1 2 1 6 −8 4 1 6 1 −2 −8 1 1 1 1 1

2 1

x2 := 4 x1 := 2 x1 := x1 + x2 x2 := x2 − 2x1

47

Our Example:

R = Q

4 1 6 1 −2 −8 1 −6 −4 4 1 2 1 6 −8 1 −2 −4 1 1 1 1 1

2 1

x2 := 4 x1 := 2 x1 := x1 + x2 x2 := x2 − 2x1

48

Fact:

. . .R commutes with “⊔” and “·”:

X1 ∪ X2R = X1R ⊔ X2R {A · x | x ∈ X}R = {A · x | x ∈ XR}R for matrix A and sets X, X1, X2 of vectors :-)

49

Theorem 1:

• C♯

R

precisely yields the linear closure of C :-)

• If R is a PIR, the values

C♯

R[u]

are computable :-)

50

Theorem 1:

• C♯

R

precisely yields the linear closure of C :-)

• If R is a PIR, the values

C♯

R[u]

are computable :-)

R Complexity field n · k3 Zm n · k3 · log(m)

51

Exploiting the Abstraction:

• 5 + 2x1 − 13x2 = 0

⇐ = ⇒ [5, 2, −13]

• An affine relation

a holds for [x1, . . . , xk]t iff a · x = 0 for x = [1, x1, . . . , xk]t. Thus, affine relation of the state ⇐ = ⇒ linear relation of the extended state :-)

52

Exploiting the Abstraction:

• 5 + 2x1 − 13x2 = 0

⇐ = ⇒ [5, 2, −13]

• An affine relation

a holds for [x1, . . . , xk]t iff a · x = 0 for x = [1, x1, . . . , xk]t. Thus, affine relation of the state ⇐ = ⇒ linear relation of the extended state :-)

53

Observation:

The following statements are equivalent for X ⊆ Rk+1: a · x = for all x ∈ X (1) a · x = for all x ∈ XR (2) = = ⇒ The abstraction αR is lossless :-)

54

Observation:

The following statements are equivalent for X ⊆ Rk+1: a · x = for all x ∈ X (1) a · x = for all x ∈ XR (2) = = ⇒ The abstraction αR is lossless :-)

55

Our Example:

R = Q

A relation is valid at point 2 iff it satisfies: a0 + 2a1 + 4a2 = a0 + 6a1 − 8a2 = a0 − 2a1 − 4a2 = = = ⇒ No affine relation holds :-)

56

Our Example:

R = Q

A relation is valid at point 2 iff it satisfies: a0 + 2a1 + 4a2 = a0 + 6a1 − 8a2 = a0 − 2a1 − 4a2 = = = ⇒ No affine relation holds :-)

57

Corollary:

For every PIR R, the set of all affine relations which are valid at a program point can be computed.

R Complexity field n · k3 Zm n · k3 · log(m)

58

Outline:

• Background
• The framework for affine relations
• Granger’s analysis
• Procedures
• Guards
• Conclusion

59

The Particular Case R = Z:

The following statements are equivalent for X ⊆ Zk+1: a · x = for all x ∈ X (1) a · x = for all x ∈ XZ (2) = = ⇒ The abstraction αQ is good enough !!!

60

The Particular Case R = Z:

The following statements are equivalent for X ⊆ Zk+1: a · x = for all x ∈ X (1) a · x = for all x ∈ XZ (2) a · x = for all x ∈ XQ (3) = = ⇒ The abstraction αQ is good enough !!!

61

Observation:

Granger 1991

The Z-linear closure allows to derive ...

• all valid linear relations;

and furthermore,

• all valid linear relations modulo any

m such as 10 + 3x1 + x2 = 0 [20] = = ⇒

linear congruence relations

62

Observation:

Granger 1991

The Z-linear closure allows to derive ...

• all valid linear relations;
• all valid linear relations modulo any

m such as 10 + 3x1 + x2 = 0 [20] = = ⇒

linear congruence relations

63

Our Example:

R = Z16

A relation is valid at point 2 iff it satisfies: a0 + 2a1 + 4a2 = [16] a0 + 6a1 − 8a2 = [16] a0 − 2a1 − 4a2 = [16] Valid affine relations: [0, 0, 4] , [8, 4, 0] :-)

64

Our Example:

R = Z16

A relation is valid at point 2 iff it satisfies: a0 + 2a1 + 4a2 = [16] a0 + 6a1 − 8a2 = [16] a0 − 2a1 − 4a2 = [16] Valid affine relations: [0, 0, 4] , [8, 4, 0] :-)

65

Observation:

MMO, Seidl 2005 (1) Every Z-module M ⊆ Zk+1 can be characterized by:

• all valid linear equalities; together with
• all valid linear equalities modulo one suitable

m :-) (2) Every other valid congruence relation can be deduced :-)

66

Observation:

MMO, Seidl 2005 (1) Every Z-module M ⊆ Zk+1 can be characterized by:

• all valid linear equalities; together with
• all valid linear equalities modulo one suitable

m :-) (2) Every other valid congruence relation can be deduced :-)

67

Our Example:

M = GZ

where G =            1 2 4     ,     1 6 −8     ,     1 −2 −4           

Idea:

Choose m as the determinant :-) = = ⇒ m = 80

68

Our Example:

M = GZ

The valid relations modulo m therefore must satisfy: a0 + 2a1 + 4a2 = [80] a0 + 6a1 − 8a2 = [80] a0 − 2a1 − 4a2 = [80] These are: [40, 20, 0] , [8, 68, 4]

69

The Algorithm:

(1) Compute the least solution of C♯

Q;

(2) Determine for every u, all valid linear equalities; (3) Determine for every u, a suitable modulus m(u); (4) For m = m(u), determine C♯

Zm[u];

(5) Determine the valid Zm-linear equalities at u.

70

The Algorithm:

(1) Compute the least solution of C♯

Q;

(2) Determine for every u, all valid linear equalities; (3) Determine for every u, a suitable modulus m(u); (4) For m = m(u), determine C♯

Zm[u];

(5) Determine the valid Zm-linear equalities at u.

71

Theorem 2:

MMO., Seidl 2005

• If

C♯

Q[u] = GQ

for some linearly independent G ⊆ C[u] , then m(u) can be chosen as the determinant of G.

• The set of all valid linear congruence equations at

program point u can be computed in polynomial time :-)

72

Theorem 2:

MMO., Seidl 2005

• If

C♯

Q[u] = GQ

for some linearly independent G ⊆ C[u] , then m(u) can be chosen as the determinant of G.

• The set of all valid linear congruence equations at

program point u can be computed in polynomial time :-)

73

Outline:

• Background
• The framework for affine relations
• Granger’s analysis
• Procedures
• Guards
• Conclusion

74

An Example Program:

1 2 3 4 5 6

Main : q()

x2 := 0 x1 := 2

q : q()

x2 := x1 + x2 x2 := x1 + x2 x1 := 3 ∗ x1 x1 := 5 ∗ x1

75

Interprocedural Analysis for Affine Programs:

Horwitz et al. linear constants 1996 MMO., S. affine relations over fields 2003 Gulwani, Necula affine relations over random Zp 2005 MMO., S. affine relations over Zm 2005 MMO., S. affine relations over PIRs 2005

76

Interprocedural Analysis for Affine Programs:

Horwitz et al. linear constants 1996 MMO., S. affine relations over fields 2003 Gulwani, Necula affine relations over random Zp 2005 MMO., S. affine relations over Zm 2005 MMO., S. affine relations over PIRs 2005

77

The Collecting Semantics

• A run through a procedure is a linear transformation of

the extended program state :-)

• The effect of a procedure is a set of linear

transformations :-)

• These sets can be described by a constraint system

...

78

Constraint System:

E[startq] ⊇ {Id} E[q] ⊇ E[returnq] E[v] ⊇ [ [xj := t] ] · E[u] (u, xj := t, v) control-flow edge E[v] ⊇ E[q] · E[u] (u, q, v) control-flow edge

79

Idea:

Apply αR to Sets of Matrices !!!

80

Idea:

Apply αR to Sets of Matrices !!!

E♯

R[startq]

⊒ IdR E♯

R[q]

⊒ E♯

R[returnq]

E♯

R[v]

⊒ [ [xj := t] ] · E♯

R[u]

(u, xj := t, v) control-flow edge E♯

R[v]

⊒ E♯

R[q] · E♯ R[u]

(u, q, v) control-flow edge

81

The Example:

1 1 1 0 0

1 2 3

q : q()

x2 := x1 + x2 x2 := x1 + x2 x1 := 3 ∗ x1 x1 := 5 ∗ x1

82

The Example:

1 1 1 0 0 1 1 1 0 0

1 2 3

q : q()

x2 := x1 + x2 x2 := x1 + x2 x1 := 3 ∗ x1 x1 := 5 ∗ x1

83

The Example:

1 1 1 0 0 1 3 1 3 0 0 1 1 1 0 0 1 1 18 15 1 3 1 3 0 0

1 2 3

q : q()

x2 := x1 + x2 x2 := x1 + x2 x1 := 3 ∗ x1 x1 := 5 ∗ x1

84

The Example:

1 1 1 0 0 1 3 1 3 0 0 1 1 1 0 0 1 1 18 15 1 1 225 282 1 3 1 3 0 0 1 1 57 45

1 2 3

q : q()

x2 := x1 + x2 x2 := x1 + x2 x1 := 3 ∗ x1 x1 := 5 ∗ x1

85

The Example:

1 3 1 3 0 0 1 1 57 45 1 1 675 849 1 1 1 0 0 1 3 1 3 0 0 1 1 1 0 0 1 1 18 15 1 1 225 282

1 2 3

q : q()

x2 := x1 + x2 x2 := x1 + x2 x1 := 3 ∗ x1 x1 := 5 ∗ x1

86

The abstract effects E♯

R[q]

can be used to determine the precise linear closure of the reachable extended states: C♯

R[Main]

⊒ Rk+1 C♯

R[startq]

⊒ C♯

R[q]

87

The abstract effects E♯

R[q]

can be used to determine the precise linear closure of the reachable extended states: C♯

R[Main]

⊒ Rk+1 C♯

R[startq]

⊒ C♯

R[q]

C♯

R[v]

⊒ [ [xj := t] ] (C♯

R[u])

(u, xj := t, v) control-flow edge

88

The abstract effects E♯

R[q]

can be used to determine the precise linear closure of the reachable extended states: C♯

R[Main]

⊒ Rk+1 C♯

R[startq]

⊒ C♯

R[q]

C♯

R[v]

⊒ [ [xj := t] ] (C♯

R[u])

(u, xj := t, v) control-flow edge C♯

R[v]

⊒ E♯

R[q] (C♯ R[u]) ,

and C♯

R[q]

⊒ C♯

R[u] ,

(u, q, v) control-flow edge

89

Our Example:

1 1 1 0 0 1 1 225 282 1 1 18 15 1 1 1 1 1

1 2 3 4 5 6

Main : q()

x2 := 0 x1 := 2

q()

x2 := x1 + x2 x2 := x1 + x2 x1 := 3 ∗ x1 x1 := 5 ∗ x1

q :

90

Our Example:

1 1 1 0 0 1 1 225 282 1 1 18 15 2 1 1 1 1 1 1

1 2 3 4 5 6

Main : q()

x2 := 0 x1 := 2

q()

x2 := x1 + x2 x2 := x1 + x2 x1 := 3 ∗ x1 x1 := 5 ∗ x1

q :

91

Our Example:

1 1 1 0 0 1 1 225 282 1 1 18 15 2 1 1 1 1 1 1 2 1 564 450 1 36 30 1

1 2 3 4 5 6

Main : q()

x2 := 0 x1 := 2

q()

x2 := x1 + x2 x2 := x1 + x2 x1 := 3 ∗ x1 x1 := 5 ∗ x1

q :

92

Theorem 3:

• E♯

R

precisely yields the linear closure of E :-)

• C♯

R

precisely yields the linear closure of C :-)

• If R is a PIR, the values

E♯

R[p] , C♯ R[u]

are computable :-)

R Complexity field n · k8 Zm n · k8 · log(m)

93

Corollary:

For every PIR R, the set of all affine relations which are valid at a program point can be computed.

R Complexity field n · k8 Zm n · k8 · log(m) Z n2 · k8 · ∆

94

Local Variables, Parameters, Return Values

For simplicity assume,

• All procedures have equally many locals;
• All locals are passed as parameters;
• Return values are are passed in global variables.

95

Local Variables, Parameters, Return Values

For simplicity assume,

• All procedures have equally many locals;
• All locals are passed as parameters;
• Return values are are passed in global variables.

Idea: Projections

96

Example:

Globals: x1, x2 Locals: x3 Πglob =        1 1 1        Πlocs =        1       

97

Example:

Globals: x1, x2 Locals: x3 Πglob =        1 1 1        Πlocs =        1        The effect of a call f() is obtained by the operator: H(A1, . . . , ArR) = Πlocs + ΠGlob · Ai | i = 1, . . . , rR

98

Outline:

• Background
• The framework for affine relations
• Granger’s analysis
• Procedures
• Guards
• Conclusion

99

Example:

1 2

x1 := x1 + 1 x1 = 10? x1 := 0

100

Remarks:

• For a program with guards, it is undecidable whether

x1 = 0 holds at some u. = = ⇒ Abstraction is inevitable :-(

• An abstract semantics over any

R can model guards g = 0? with intersections ... = = ⇒ through solving a linear system of equations. = = ⇒ sizes of numbers may explode !!!

101

Remarks:

• For a program with guards, it is undecidable whether

x1 = 0 holds at some u. = = ⇒ Abstraction is inevitable :-(

• An abstract semantics over any

R can model guards g = 0? with intersections ... C♯

R[v]

⊒ {x | g · x = 0} ∩ C♯

R[u]

= = ⇒ through solving a linear system of equations. = = ⇒ sizes of numbers may explode !!!

102

Remarks:

• For a program with guards, it is undecidable whether

x1 = 0 holds at some u. = = ⇒ Abstraction is inevitable :-(

• An abstract semantics over any

R can model guards g = 0? with intersections ... C♯

R[v]

⊒ {x | g · x = 0} ∩ C♯

R[u]

= = ⇒ through solving a linear system of equations = = ⇒ sizes of numbers may explode !!!

103

Interprocedural Treatment:

How to do intersections for transformers ???

Idea:

• Postpone intersections

:-)

• Accumulate value of guard g in a variable xg.
• Insist on

xg = 0 after each call !!!

104

Interprocedural Treatment:

How to do intersections for transformers ???

Idea:

• Postpone intersections

:-)

• Accumulate value of guard g in a variable xg.
• Insist on

xg = 0 after each call !!!

105

Example:

1 2

x1 := x1 + 1 x1 = 10? x1 := 0

q()

106

Example:

1 2

x1 := x1 + 1 x1 := 0

q()

x2 := x1 − 10

107

Modified Call:

C♯

R[v]

⊒ {x | ∀ g : xg = 0} ∩ E♯

R[q] (C♯ R[u]) ,

(u, q, v) control-flow edge

108

Outline:

• Background
• The framework for affine relations
• Granger’s analysis
• Procedures
• Guards
• Conclusion

109

Summary:

• We presented a framework for interprocedural analysis

which is parametric in the ring R.

• The framework works whenever R is a PIR.
• The framework covers the best known algorithms for

inferring affine equalities :-)

• It provides a variant of Granger’s linear congruence

relation analysis which is polynomial.

• It provides a uniform and interprocedural treatment of

equality guards.

110

Extensions:

⇒ assignments xj :=? :-) ⇒ inferring all valid polynomial relations such as: x2x3 − x1 + x2 + x3 = 0 ... of degree at most d :-) ⇒ interprocedural negative equality guards ?! ⇒ interprocedural polynomial programs ?! ⇒ What, if we are interested in weaker invariants ???

111

Extensions:

⇒ assignments xj :=? :-) ⇒ inferring all valid polynomial relations such as: x2x3 − x1 + x2 + x3 = 0 ... of degree at most d :-) ⇒ interprocedural negative equality guards ?! ⇒ interprocedural polynomial programs ?! ⇒ What, if we are interested in weaker invariants ???

112

Extensions:

⇒ assignments xj :=? :-) ⇒ inferring all valid polynomial relations such as: x2x3 − x1 + x2 + x3 = 0 ... of degree at most d :-) ⇒ interprocedural negative equality guards ?! ⇒ interprocedural polynomial programs ?! ⇒ What, if we are interested in weaker invariants ???

113