Presentation is loading. Please wait.

Presentation is loading. Please wait.

Using Datalog with Binary Decision Diagrams for Program Analysis John Whaley, Dzintars Avots, Michael Carbin, Monica S. Lam Stanford University November.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Using Datalog with Binary Decision Diagrams for Program Analysis John Whaley, Dzintars Avots, Michael Carbin, Monica S. Lam Stanford University November."— Presentation transcript:

1 Using Datalog with Binary Decision Diagrams for Program Analysis John Whaley, Dzintars Avots, Michael Carbin, Monica S. Lam Stanford University November 5, 2005

2 Using Datalog with BDDs for Program Analysis 1 Implementing Program Analysis …56 pages! vs. 2x faster Fewer bugs Extensible

3 November 5, 2005Using Datalog with BDDs for Program Analysis 2 Outline Introduction Program Analysis in Datalog –Example of Pointer Analysis Binary Decision Diagrams (BDDs) Datalog to Efficient BDDs Experimental Results Conclusion

4 November 5, 2005Using Datalog with BDDs for Program Analysis 3 Program Analysis in Datalog

5 November 5, 2005Using Datalog with BDDs for Program Analysis 4 Datalog Declarative language for deductive databases [Ullman 1989] –Like Prolog, but no function symbols, no predefined evaluation strategy Semantics of negation –No negation allowed [Ullman 1988] –Stratified Datalog [Chandra 1985] –Well-founded semantics [Van Gelder 1991] Evaluation strategy –Top-down (goal-directed) [Ullman 1985] –Bottom-up (infer from base facts) [Ullman 1989] Additional restriction: finite domains

6 November 5, 2005Using Datalog with BDDs for Program Analysis 5 Flow-Insensitive Pointer Analysis o 1 : p = new Object(); o 2 : q = new Object(); p.f = q; r = p.f; po1o1 qo2o2 f r Input Tuples vPointsTo(p, o 1 ) vPointsTo(q, o 2 ) Store(p, f, q) Load(p, f, r) Output Relations hPointsTo(o 1, f, o 2 ) vPointsTo(r, o 2 )

7 November 5, 2005Using Datalog with BDDs for Program Analysis 6 vPointsTo(v 1, o):- Assign(v 1, v 2 ), vPointsTo(v 2, o). v1v1 ov2v2 Inference Rule in Datalog v 1 = v 2 ; Assignments:

8 November 5, 2005Using Datalog with BDDs for Program Analysis 7 hPointsTo(o 1, f, o 2 ):- Store(v 1, f, v 2 ), vPointsTo(v 1, o 1 ), vPointsTo(v 2, o 2 ). v1v1 o1o1 v2v2 o2o2 f Inference Rule in Datalog v 1.f = v 2 ; Stores:

9 November 5, 2005Using Datalog with BDDs for Program Analysis 8 vPointsTo(v 2, o 2 ):- Load(v 1, f, v 2 ), vPointsTo(v 1, o 1 ), hPointsTo(o 1, f, o 2 ). v1v1 o1o1 v2v2 o2o2 f Inference Rule in Datalog v 2 = v 1.f; Loads:

10 November 5, 2005Using Datalog with BDDs for Program Analysis 9 The Whole Algorithm vPointsTo(v 1, o):- Assign(v 1, v 2 ), vPointsTo(v 2, o). hPointsTo(o 1, f, o 2 ):- Store(v 1, f, v 2 ), vPointsTo(v 1, o 1 ), vPointsTo(v 2, o 2 ). vPointsTo(v 2, o 2 ):- Load(v 1, f, v 2 ), vPointsTo(v 1, o 1 ), hPointsTo(o 1, f, o 2 ). vPointsTo(v, o):- vPointsTo 0 (v, o).

11 November 5, 2005Using Datalog with BDDs for Program Analysis 10 Inference Rules Datalog rules directly correspond to inference rules! Assign(v 1, v 2 ), vPointsTo(v 2, o)Assign(v 1, v 2 ), vPointsTo(v 2, o). vPointsTo(v 1, o) :-

12 November 5, 2005Using Datalog with BDDs for Program Analysis 11 Binary Decision Diagrams

13 November 5, 2005Using Datalog with BDDs for Program Analysis 12 Call graph relation Call graph expressed as a relation. –Five edges: Calls(A,B) Calls(A,C) Calls(A,D) Calls(B,D) Calls(C,D) B D C A

14 November 5, 2005Using Datalog with BDDs for Program Analysis 13 Call graph relation Relation expressed as a binary function. –A=00, B=01, C=10, D=11 B D C A 00 1001 11 Calls(A,B) Calls(A,C) Calls(A,D) Calls(B,D) Calls(C,D) → 00 01 → 00 10 → 00 11 → 01 11 → 10 11

15 November 5, 2005Using Datalog with BDDs for Program Analysis 14 Call graph relation Relation expressed as a binary function. –A=00, B=01, C=10, D=11 fromto x1x1 x2x2 x3x3 x4x4 f 00000 00011 00101 00111 01000 01010 01100 01111 10000 10010 10100 10111 11000 11010 11100 11110 B D C A 00 1001 11

16 November 5, 2005Using Datalog with BDDs for Program Analysis 15 Binary Decision Diagrams (Bryant 1986) Graphical encoding of a truth table. x2x2 x4x4 x3x3 x3x3 x4x4 x4x4 x4x4 00010000 x2x2 x4x4 x3x3 x3x3 x4x4 x4x4 x4x4 01110001 x1x1 0 edge 1 edge

17 November 5, 2005Using Datalog with BDDs for Program Analysis 16 Binary Decision Diagrams Collapse redundant nodes. x2x2 x4x4 x3x3 x3x3 x4x4 x4x4 x4x4 0000000 x2x2 x4x4 x3x3 x3x3 x4x4 x4x4 x4x4 0000 x1x1 11111 0 edge 1 edge

18 November 5, 2005Using Datalog with BDDs for Program Analysis 17 Binary Decision Diagrams Collapse redundant nodes. x2x2 x4x4 x3x3 x3x3 x4x4 x4x4 x4x4 x2x2 x4x4 x3x3 x3x3 x4x4 x4x4 x4x4 0 x1x1 1 0 edge 1 edge

19 November 5, 2005Using Datalog with BDDs for Program Analysis 18 Binary Decision Diagrams Collapse redundant nodes. x2x2 x4x4 x3x3 x3x3 x2x2 x3x3 x3x3 x4x4 x4x4 0 x1x1 1 0 edge 1 edge

20 November 5, 2005Using Datalog with BDDs for Program Analysis 19 Binary Decision Diagrams Collapse redundant nodes. x2x2 x4x4 x3x3 x3x3 x2x2 x3x3 x4x4 x4x4 0 x1x1 1 0 edge 1 edge

21 November 5, 2005Using Datalog with BDDs for Program Analysis 20 Binary Decision Diagrams Eliminate unnecessary nodes. x2x2 x4x4 x3x3 x3x3 x2x2 x3x3 x4x4 x4x4 0 x1x1 1 0 edge 1 edge

22 November 5, 2005Using Datalog with BDDs for Program Analysis 21 Binary Decision Diagrams Eliminate unnecessary nodes. x2x2 x3x3 x2x2 x3x3 x4x4 0 x1x1 1 0 edge 1 edge

23 November 5, 2005Using Datalog with BDDs for Program Analysis 22 Binary Decision Diagrams Size depends on amount of redundancy, NOT size of relation. –Identical subtrees share the same representation. –As set gets very large, more nodes have identical zero and one successors, so the size decreases.

24 November 5, 2005Using Datalog with BDDs for Program Analysis 23 BDD Variable Order is Important! x1x1 x3x3 x4x4 01 x2x2 x 1 x 2 + x 3 x 4 x 1 <x 2 <x 3 <x 4 x 1 <x 3 <x 2 <x 4 x1x1 x3x3 x4x4 01 x2x2 x3x3 x2x2

25 November 5, 2005Using Datalog with BDDs for Program Analysis 24 bddbddb (BDD-based deductive database)

26 November 5, 2005Using Datalog with BDDs for Program Analysis 25 bddbddb System Overview Joeq frontend Java bytecode Datalog program Input relations Output relations

27 November 5, 2005Using Datalog with BDDs for Program Analysis 26 Datalog  BDDs DatalogBDDs RelationsBoolean functions Relation ops: ⋈, ∪, select, project Boolean function ops: ∧, ∨, −, ∼ Relation at a timeFunction at a time Semi-naïve evaluationIncrementalization Fixed-pointIterate until stable

28 November 5, 2005Using Datalog with BDDs for Program Analysis 27 Compiling Datalog to BDDs 1.Apply Datalog source level transforms. 2.Stratify and determine iteration order. 3.Translate into relational algebra IR. 4.Optimize IR and replace relational algebra ops with equivalent BDD ops. 5.Assign relation attributes to physical BDD domains. 6.Perform more optimizations after domain assignment. 7.Interpret the resulting program.

29 November 5, 2005Using Datalog with BDDs for Program Analysis 28 High-Level Transform: Magic Set Transformation Add “magic” predicates to control generated tuples [Bancilhon 1986, Beeri 1987] –Combines ideas from top-down and bottom- up evaluation Doesn’t always help –Leads to more iterations –BDDs are good at large operations Rely on user specification

30 November 5, 2005Using Datalog with BDDs for Program Analysis 29 Predicate Dependency Graph vPointsTo hPointsTo Store Load vPointsTo 0 Assign vPointsTo(v, o):- vPointsTo 0 (v, o). add edge from RHS to LHS vPointsTo(v 1, o):- Assign(v 1, v 2 ), vPointsTo(v 2, o). hPointsTo(o 1, f, o 2 ):- Store(v 1, f, v 2 ), vPointsTo(v 1, o 1 ), vPointsTo(v 2, o 2 ). vPointsTo(v 2, o 2 ):- Load(v 1, f, v 2 ), vPointsTo(v 1, o 1 ), hPointsTo(o 1, f, o 2 ).

31 November 5, 2005Using Datalog with BDDs for Program Analysis 30 Determining Iteration Order Tradeoff between faster convergence and BDD cache locality Static heuristic –Visit rules in reverse post-order –Iterate shorter loops before longer loops Profile-directed feedback User can control iteration order

32 November 5, 2005Using Datalog with BDDs for Program Analysis 31 Predicate Dependency Graph vPointsTo hPointsTo Store Load vPointsTo 0 Assign

33 November 5, 2005Using Datalog with BDDs for Program Analysis 32 Datalog to Relational Algebra vPointsTo(v 1, o):- Assign(v 1, v 2 ), vPointsTo(v 2, o). t 1 = ρ variable→source (vPointsTo); t 2 = assign ⋈ t 1 ; t 3 = π source (t 2 ); t 4 = ρ dest→variable (t 3 ); vPointsTo = vPointsTo ∪ t 4 ;

34 November 5, 2005Using Datalog with BDDs for Program Analysis 33 Incrementalization t 1 = ρ variable→source (vP); t 2 = assign ⋈ t 1 ; t 3 = π source (t 2 ); t 4 = ρ dest→variable (t 3 ); vP = vP ∪ t 4 ; vP ’’ = vP – vP ’ ; vP ’ = vP; assign ’’ = assign – assign ’ ; assign ’ = assign; t 1 = ρ variable→source (vP ’’ ); t 2 = assign ⋈ t 1 ; t 5 = ρ variable→source (vP); t 6 = assign ’’ ⋈ t 5 ; t 7 = t 2 ∪ t 6 ; t 3 = π source (t 7 ); t 4 = ρ dest→variable (t 3 ); vP = vP ∪ t 4 ;

35 November 5, 2005Using Datalog with BDDs for Program Analysis 34 Optimize into BDD operations vP ’’ = vP – vP ’ ; vP ’ = vP; assign ’’ = assign – assign ’ ; assign ’ = assign; t 1 = ρ variable→source (vP ’’ ); t 2 = assign ⋈ t 1 ; t 5 = ρ variable→source (vP); t 6 = assign ’’ ⋈ t 5 ; t 7 = t 2 ∪ t 6 ; t 3 = π source (t 7 ); t 4 = ρ dest→variable (t 3 ); vP = vP ∪ t 4 ; vP ’’ = diff(vP, vP ’ ); vP ’ = copy(vP); t 1 = replace(vP ’’, variable→source ); t 3 = relprod(t 1,assign, source ); t 4 = replace(t 3, dest→variable ); vP = or(vP, t 4 );

36 November 5, 2005Using Datalog with BDDs for Program Analysis 35 Physical domain assignment vP ’’ = diff(vP, vP ’ ); vP ’ = copy(vP); t 1 = replace(vP ’’, variable→source ); t 3 = relprod(t 1,assign, source ); t 4 = replace(t 3, dest→variable ); vP = or(vP, t 4 ); vP ’’ = diff(vP, vP ’ ); vP ’ = copy(vP); t 3 = relprod(vP ’’,assign,V0); t 4 = replace(t 3, V1→V0); vP = or(vP, t 4 ); Minimizing renames is NP-complete Renames have vastly different costs Priority-based assignment algorithm

37 November 5, 2005Using Datalog with BDDs for Program Analysis 36 Other optimizations Dead code elimination Constant propagation Definition-use chaining Redundancy elimination Global value numbering Copy propagation Liveness analysis

38 November 5, 2005Using Datalog with BDDs for Program Analysis 37 Variable Numbering: Active Machine Learning Must be determined dynamically Limit trials with properties of relations Each trial may take a long time Active learning: select trials based on uncertainty Several hours Comparable to exhaustive for small apps

39 November 5, 2005Using Datalog with BDDs for Program Analysis 38 Experimental Results

40 November 5, 2005Using Datalog with BDDs for Program Analysis 39 Experimental Results

41 November 5, 2005Using Datalog with BDDs for Program Analysis 40 Experimental Results

42 November 5, 2005Using Datalog with BDDs for Program Analysis 41 Experimental Results

43 November 5, 2005Using Datalog with BDDs for Program Analysis 42 Experimental Results

44 November 5, 2005Using Datalog with BDDs for Program Analysis 43 Experimental Results

45 November 5, 2005Using Datalog with BDDs for Program Analysis 44 Experimental Results

46 November 5, 2005Using Datalog with BDDs for Program Analysis 45 Experimental Results

47 November 5, 2005Using Datalog with BDDs for Program Analysis 46 Experimental Results

48 November 5, 2005Using Datalog with BDDs for Program Analysis 47 Experimental Results

49 November 5, 2005Using Datalog with BDDs for Program Analysis 48 Experimental Results

50 November 5, 2005Using Datalog with BDDs for Program Analysis 49 Experimental Results

51 November 5, 2005Using Datalog with BDDs for Program Analysis 50 Related Work Datalog in Program Analysis –Specify as Datalog query [Ullman 1989] –Toupie system [Corsini 1993] –Demand-driven using magic sets [Reps 1994] –Program analysis with logic programming [Dawson 1996] –Crocopat system [Beyer 2003] –Modular class analysis [Besson 2003] BDDs in Program Analysis –Predicate abstraction [Ball 2000] –Shape analysis [Manevich 2002, Yavuz-Kahveci 2002] –Pointer Analysis [Zhu 2002, Berndl 2003, Zhu 2004] –Jedd system [Lhotak 2004]

52 November 5, 2005Using Datalog with BDDs for Program Analysis 51 Related Work BDD Variable Ordering –Variable ordering is NP-complete [Bollig 1996] –Interleaving [Fujii 1993] –Sifting [Rudell 1993] –Genetic algorithms [Drechsler 1995] –Machine learning for BDD orders [Grumberg 2003] Efficient Evaluation of Datalog –Semi-naïve evaluation [Balbin 1987] –Bottom-up evaluation [Ullman 1989, Ceri 1990, Naughton 1991] –Top-down evaluation with tabling [Tamaki 1986, Chen 1996] –Rule ordering [Ramakrishnan 1990] –Magic sets transformation [Bancilhon 1986] –Computing with BDDs [Iwaihara 1995] –Time and space guarantees [Liu 2003]

53 November 5, 2005Using Datalog with BDDs for Program Analysis 52 Program Analysis with bddbddb Context-sensitive Java pointer analysis C pointer analysis Escape analysis Type analysis External lock analysis Finding memory leaks Interprocedural def-use Interprocedural mod-ref Object-sensitive analysis Cartesian product algorithm Resolving Java reflection Bounds check elimination Finding race conditions Finding Java security vulnerabilities And many more… Performance better than handcoded!

54 November 5, 2005Using Datalog with BDDs for Program Analysis 53 Conclusion bddbddb: new paradigm in program analysis –Datalog compiled into optimized BDD operations –Efficiently and easily implement context-sensitive analyses –Easier to develop correct analyses –Easily experiment with new ideas –Growing library of program analyses –Easily use and build upon work of others Available as open-source LGPL: http://bddbddb.sourceforge.net

55 November 5, 2005Using Datalog with BDDs for Program Analysis 54 That’s all, folks! Thanks for sticking around for all 54 slides!

56 November 5, 2005Using Datalog with BDDs for Program Analysis 55 My Contribution (2) –Pointer analysis in 6 lines of Datalog (a database language) Hard to create & debug efficient BDD-based algorithms (3451 lines, 1 man-year) Automatic optimizations in bddbddb –Easy to create context-sensitive analyses using pointer analysis results (a few lines) –Created many analyses using bddbddb bddbddb (BDD-based deductive database)

57 November 5, 2005Using Datalog with BDDs for Program Analysis 56 Outline Pointer Analysis –Problem Overview –Brief History –Pointer Analysis in Datalog Context Sensitivity Improving Performance bddbddb: BDD-based deductive database Experimental Results –Analysis Time –Analysis Memory –Analysis Accuracy Conclusion

58 November 5, 2005Using Datalog with BDDs for Program Analysis 57 Performance is Tricky! Context-sensitive numbering scheme –Modify BDD library to add special operations. –Can’t even analyze small programs. Time:  Improved variable ordering –Group similar BDD variables together. –Interleave equivalence relations. –Move common subsets to edges of variable order. Time: 40h Incrementalize outermost loop –Very tricky, many bugs.Time: 36h Factor away control flow, assignments –Reduces number of variables.Time: 32h

59 November 5, 2005Using Datalog with BDDs for Program Analysis 58 Performance is Tricky! Exhaustive search for best BDD order –Limit search space by not considering intradomain orderings.Time: 10h Eliminate expensive rename operations –When rename changes relative order, result is not isomorphic.Time: 7h Improved BDD memory layout –Preallocate to guarantee contiguous.Time: 6h BDD operation cache tuning –Too small: redo work, too big: bad locality –Parameter sweep to find best values.Time: 2h

60 November 5, 2005Using Datalog with BDDs for Program Analysis 59 Performance is Tricky! Simplified treatment of exceptions –Reduce number of variables, iterations necessary for convergence.Time: 1h Change iteration order –Required redoing much of the code.Time: 48m Eliminate redundant operations –Introduced subtle bugs.Time: 45m Specialized caches for different operations –Different caches for and, or, etc.Time: 41m

61 November 5, 2005Using Datalog with BDDs for Program Analysis 60 Performance is Tricky! Compacted BDD nodes –20 bytes  16 bytesTime: 38m Improved BDD hashing function –Simpler hash function.Time: 37m Total development time: 1 year –1 year per analysis?!? Optimizations obscured the algorithm. Many bugs discovered, maybe still more.

62 November 5, 2005Using Datalog with BDDs for Program Analysis 61 bddbddb: BDD-Based Deductive DataBase Automatically generate from Datalog –Optimizations based on my experience with handcoded version. –Plus traditional compiler algorithms. bddbddb even better than handcoded! –handcoded: 37mbddbddb: 19m

63 November 5, 2005Using Datalog with BDDs for Program Analysis 62 due to V. Benjamin Livshits Java Security Vulnerabilities ApplicationReported ErrorsActual NameClasses context- insensitive context- sensitive Errors blueblog306111 webgoat3498166 blojsom4284822 personalblog61135022 snipsnap653>3212715 road2hiberna8671511 pebble88942711 roller989>26711 Total 5356>15084129

64 November 5, 2005Using Datalog with BDDs for Program Analysis 63 Vulnerabilities Found SQL injection HTTP splitting Cross-site scripting Path traversal Total Header 0 64010 Parameter 6 50213 Cookie 1 000 1 Non-Web 2 003 5 Total 9114529

65 November 5, 2005Using Datalog with BDDs for Program Analysis 64 Summary of Contributions The first scalable context-sensitive subset-based pointer analysis. –Cloning-based technique using BDDs –Clever context numbering –Experimental results on the effects of context sensitivity bddbddb: new paradigm in program analysis –Efficiently and easily implement context-sensitive analyses –Datalog compiled into optimized BDD operations –Library of program analyses (with many others) –Active learning for BDD variable orders (with M. Carbin) Artifacts: –Joeq compiler and virtual machine –JavaBDD library and BuDDy library –bddbddb tool

66 November 5, 2005Using Datalog with BDDs for Program Analysis 65 Looking Forward Program analysis for the masses –Integrate into software development process –Programmers, domain-specialists specify their own “patterns” Important work still to come –Technology issues –User-interface issues –Programmer culture issues

67 November 5, 2005Using Datalog with BDDs for Program Analysis 66 Conclusion The first scalable context-sensitive subset-based pointer analysis. –Accurate: Results for up to 10 14 contexts. –Scales to large programs. bddbddb: a new paradigm in prog analysis –High-level spec  Efficient implementation System is publicly available at: http://bddbddb.sourceforge.net

Download ppt "Using Datalog with Binary Decision Diagrams for Program Analysis John Whaley, Dzintars Avots, Michael Carbin, Monica S. Lam Stanford University November."

Similar presentations

Objects and Classes David Walker CS 320. Advanced Languages advanced programming features –ML data types, exceptions, modules, objects, concurrency,...

Objects and Classes David Walker CS 320. Advanced Languages advanced programming features –ML data types, exceptions, modules, objects, concurrency,...
Representing Boolean Functions for Symbolic Model Checking Supratik Chakraborty IIT Bombay.

Representing Boolean Functions for Symbolic Model Checking Supratik Chakraborty IIT Bombay.
7. Optimization Prof. O. Nierstrasz Lecture notes by Marcus Denker.

7. Optimization Prof. O. Nierstrasz Lecture notes by Marcus Denker.
Context-Sensitive Interprocedural Points-to Analysis in the Presence of Function Pointers Presentation by Patrick Kaleem Justin.

Context-Sensitive Interprocedural Points-to Analysis in the Presence of Function Pointers Presentation by Patrick Kaleem Justin.
Course Outline Traditional Static Program Analysis –Theory Compiler Optimizations; Control Flow Graphs Data-flow Analysis – today’s class –Classic analyses.

Course Outline Traditional Static Program Analysis –Theory Compiler Optimizations; Control Flow Graphs Data-flow Analysis – today’s class –Classic analyses.
Finding Application Errors and Security Flaws Using PQL: a Program Query Language MICHAEL MARTIN, BENJAMIN LIVSHITS, MONICA S. LAM PRESENTED BY SATHISHKUMAR.

Finding Application Errors and Security Flaws Using PQL: a Program Query Language MICHAEL MARTIN, BENJAMIN LIVSHITS, MONICA S. LAM PRESENTED BY SATHISHKUMAR.
CS357 Lecture: BDD basics David Dill 1. 2 BDDs (Boolean/binary decision diagrams) BDDs are a very successful representation for Boolean functions. A BDD.

CS357 Lecture: BDD basics David Dill 1. 2 BDDs (Boolean/binary decision diagrams) BDDs are a very successful representation for Boolean functions. A BDD.
Bebop: A Symbolic Model Checker for Boolean Programs Thomas Ball Sriram K. Rajamani

Bebop: A Symbolic Model Checker for Boolean Programs Thomas Ball Sriram K. Rajamani
GATEKEEPER MOSTLY STATIC ENFORCEMENT OF SECURITY AND RELIABILITY PROPERTIES FOR JAVASCRIPT CODE Salvatore Guarnieri & Benjamin Livshits Presented by Michael.

GATEKEEPER MOSTLY STATIC ENFORCEMENT OF SECURITY AND RELIABILITY PROPERTIES FOR JAVASCRIPT CODE Salvatore Guarnieri & Benjamin Livshits Presented by Michael.
Parallel Inclusion-based Points-to Analysis Mario Méndez-Lojo Augustine Mathew Keshav Pingali The University of Texas at Austin (USA) 1.

Parallel Inclusion-based Points-to Analysis Mario Méndez-Lojo Augustine Mathew Keshav Pingali The University of Texas at Austin (USA) 1.
Using Programmer-Written Compiler Extensions to Catch Security Holes Authors: Ken Ashcraft and Dawson Engler Presented by : Hong Chen CS590F 2/7/2007.

Using Programmer-Written Compiler Extensions to Catch Security Holes Authors: Ken Ashcraft and Dawson Engler Presented by : Hong Chen CS590F 2/7/2007.
Faculty of Computer Science LCPC 2007 Using ZBDDs in Points-to Analysis Stephen Curial Jose Nelson Amaral Department of Computing Science University of.

Faculty of Computer Science LCPC 2007 Using ZBDDs in Points-to Analysis Stephen Curial Jose Nelson Amaral Department of Computing Science University of.
Semi-Sparse Flow-Sensitive Pointer Analysis Ben Hardekopf Calvin Lin The University of Texas at Austin POPL ’09 Simplified by Eric Villasenor.

Semi-Sparse Flow-Sensitive Pointer Analysis Ben Hardekopf Calvin Lin The University of Texas at Austin POPL ’09 Simplified by Eric Villasenor.
Constraint Logic Programming Ryan Kinworthy. Overview Introduction Logic Programming LP as a constraint programming language Constraint Logic Programming.

Constraint Logic Programming Ryan Kinworthy. Overview Introduction Logic Programming LP as a constraint programming language Constraint Logic Programming.
Recap from last time We were trying to do Common Subexpression Elimination Compute expressions that are available at each program point.

Recap from last time We were trying to do Common Subexpression Elimination Compute expressions that are available at each program point.
Pointer and Shape Analysis Seminar Context-sensitive points-to analysis: is it worth it? Article by Ondřej Lhoták & Laurie Hendren from McGill University.

Pointer and Shape Analysis Seminar Context-sensitive points-to analysis: is it worth it? Article by Ondřej Lhoták & Laurie Hendren from McGill University.
1 HOIST: A System for Automatically Deriving Static Analyzers for Embedded Systems John Regehr Alastair Reid School of Computing, University of Utah.

1 HOIST: A System for Automatically Deriving Static Analyzers for Embedded Systems John Regehr Alastair Reid School of Computing, University of Utah.
Improving code generation. Better code generation requires greater context Over expressions: optimal ordering of subtrees Over basic blocks: Common subexpression.

Improving code generation. Better code generation requires greater context Over expressions: optimal ordering of subtrees Over basic blocks: Common subexpression.
CS 536 Spring 20011 Intermediate Code. Local Optimizations. Lecture 22.

CS 536 Spring Intermediate Code. Local Optimizations. Lecture 22.
Previous finals up on the web page use them as practice problems look at them early.

Previous finals up on the web page use them as practice problems look at them early.

Similar presentations

Ads by Google