Download presentation
Presentation is loading. Please wait.
1
1 Constraint Problems in Program Analysis from the sublime to the ridiculous Alex Aiken Stanford University
2
Focus Techniques used by –Type and program analysis communities –Other than SAT Warning: Personal biases ahead... 2
3
Topics Different notions of solving Algorithmics and engineering Solving vs. entailment Open problems 3
4
What’s Different NP-Hard problems: SOLVE(F) = one solution PTIME problems: SOLVE(F) = all solutions 4
5
Example: Unification 5 int ! !! ° ! ! ! ¯ ¯ Represents all solutions. =
6
Comments A single representation for all solutions A great deal of sharing among the solutions Characteristic of PTIME techniques –Intuitively, this must be the case –Exponential number of incomparable solutions requires more than PTIME But see uses of BDD’s... 6
7
Why is This Useful? F(a) { … return b } 7 ¯ constraints C Conclude: F: ! ¯ where C
8
Why is This Useful? F(a) { … return b } G(x) { … F(i) … } H(y) { … F(j) … } I(z) { … F(k) … } 8 F: ! ¯ where C If all solutions of C have a compact representation, solve C once, reuse at each call site If solutions are not compactly representable, better to reanalyze F in each calling context
9
Two Styles of Analysis Whole program –Entire program needed for analysis of any piece Compositional –Can analyze partial or “open” programs (libraries) Intimately connected to solving complexity –Leads to very different engineering issues –This is poorly understood today 9
10
Algorithms and Engineering Algorithms: PTIME is good enough Engineering: linear space is essential –Must also be close to linear time –These algorithms are applied at large scales –Linux kernel 6.2MLOC 10
11
11 Set Constraints (a fragment) Set expressions: E ::= X | c(E 1,...,E n ) Set constraints: Æ E j1 µ E j2 j
12
Applications Pointer analysis Subtyping systems Soft typing Context-free reachability Multiple reachability properties –A context free and any regular properties … 12
13
13 Constraints as Graphs abUV cc XY Constraints: Graph: c(a,b)X c(U,V) Y µ XY µ µ Rewrite rules: E 1 µ X µ E 2 ) E 1 µ E 2 c(E 1,...,E n ) µ c(E 1 ’,...E n ’) ) Æ E i µ E i ’
14
Solutions Solution size is potentially O(n 2 ) –May be the complete graph Solution time is O(n 3 ) –Each of O(n 2 ) edges may be added in O(n) ways A major engineering issue –1996: analyze 5 KLOC –2002: analyze 6MLOC now in production compilers 14
15
15 Optimization: Cycle Elimination Variables in a cycle are all equivalent X 1 µ X 2 … µ X n µ X 1 Optimization: collapse them into one variable … SS SS S
16
Discussion Good techniques for cycle-elimination known –Does not change worst-case complexity –But makes 100X time difference Specific algorithmic/implementation techniques are critical to the success of decision procedures –Even “cheap” ones –Support for such research is important 16
17
Entailment Often want to know: Does C imply some constraint(s) C’? Is every solution of C a solution of C’? –Entailment –Validity (does C imply true?) Important for –Queries (can I perform this optimization?) –Presentation (simplification of constraints) 17
18
Is there an Issue? Consider SAT solving Satisfiability: NP-complete Validity: CoNP-complete But we use the same implementation for both –Just need to know if there are 0 or > 0 solutions 18
19
The Issue For low complexity techniques entailment often very different from satisfiability Example: Conditional equality constraints ¿ 1 · ¿ 2, ¿ 1 = ? Ç ¿ 1 = ¿ 2 19
20
Conditional Equality Constraints Solving –Near linear time Entailment –Quadratic Completely different algorithms –And different engineering –Big difference between linear and super-linear... –... see previous discussion 20
21
Open Problems (Theory) The “cubic-time” set constraint fragment –Entailment is in NEXPTIME –Entailment is PSPACE-Hard Non-structural subtype entailment –Entailment is PSPACE-Hard –Decidability is open –First-order fragment is undecidable With 3 quantifier alternations 21
22
An Open Problem? (Engineering) Integer programming –NP-complete –Huge topic in analysis of software Parallelization, resource allocation, understanding arrays … Consider Minimize x subject to 3x+3y=4 What do ILP solvers do? –Answer: LP-based solvers diverge. Why? 22
23
Combining Theories Many applications use multiple kinds of constraints –And there are many such constraint theories Need good ways of combining theories –More than Nelson-Oppen 23
24
Topics Different notions of solving Algorithmics and engineering Solving vs. entailment Open problems 24
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.