Using Datalog with Binary Decision Diagrams for Program Analysis

  • John Whaley
  • Dzintars Avots
  • Michael Carbin
  • Monica S. Lam
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3780)

Abstract

Many problems in program analysis can be expressed naturally and concisely in a declarative language like Datalog. This makes it easy to specify new analyses or extend or compose existing analyses. However, previous implementations of declarative languages perform poorly compared with traditional implementations. This paper describes bddbddb, a BDD-Based Deductive DataBase, which implements the declarative language Datalog with stratified negation, totally-ordered finite domains and comparison operators. bddbddb uses binary decision diagrams (BDDs) to efficiently represent large relations. BDD operations take time proportional to the size of the data structure, not the number of tuples in a relation, which leads to fast execution times. bddbddb is an effective tool for implementing a large class of program analyses. We show that a context-insensitive points-to analysis implemented with bddbddb is about twice as fast as a carefully hand-tuned version. The use of BDDs also allows us to solve heretofore unsolved problems, like context-sensitive pointer analysis for large programs.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Avots, D., Dalton, M., Livshits, V.B., Lam, M.S.: Improving software security with a C pointer analysis. In: ICSE 2005: Proceedings of the 27th International Conference on Software Engineering. ACM Press, New York (2005)Google Scholar
  2. 2.
    Ball, T., Rajamani, S.K.: Bebop: A symbolic model checker for boolean programs. In: Proceedings of the 7th International SPIN Workshop on SPIN Model Checking and Software Verification, pp. 113–130. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  3. 3.
    Ball, T., Rajamani, S.K.: Automatically validating temporal safety properties of interfaces. In: Dwyer, M.B. (ed.) SPIN 2001. LNCS, vol. 2057, pp. 103–122. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  4. 4.
    Bancilhon, F., Maier, D., Sagiv, Y., Ullman, J.D.: Magic sets and other strange ways to implement logic programs (extended abstract). In: PODS 1986: Proceedings of the Fifth ACM SIGACT-SIGMOD Symposium on Principles of Database Systems, pp. 1–15. ACM Press, New York (1986)CrossRefGoogle Scholar
  5. 5.
    Berndl, M., Lhoták, O., Qian, F., Hendren, L., Umanee, N.: Points-to analysis using BDDs. In: PLDI 2003: Proceedings of the ACM SIGPLAN 2003 Conference on Programming Language Design and Implementation, pp. 103–114. ACM Press, New York (2003)CrossRefGoogle Scholar
  6. 6.
    Besson, F., Jensen, T.: Modular class analysis with datalog. In: Cousot, R. (ed.) SAS 2003. LNCS, vol. 2694, pp. 19–36. Springer, Heidelberg (2003), http://www.irisa.fr/lande/fbesson/fbesson.html CrossRefGoogle Scholar
  7. 7.
    Beyer, D., Noack, A., Lewerentz, C.: Simple and efficient relational querying of software structures. In: Proceedings of the 10th IEEE Working Conference on Reverse Engineering (November 2003)Google Scholar
  8. 8.
    Bryant, R.E.: Graph-based algorithms for boolean function manipulation. IEEE Transactions on Computers 35(8), 677–691 (1986)MATHCrossRefGoogle Scholar
  9. 9.
    Carbin, M., Whaley, J., Lam, M.S.: Finding effective variable orderings for BDD-based program analysis (2005) (To be submitted for publication)Google Scholar
  10. 10.
    Ceri, S., Gottlob, G., Tanca, L.: Logic programming and databases. Springer, New York (1990)Google Scholar
  11. 11.
    Chandra, A., Harel, D.: Horn clauses and generalizations. Journal of Logic Programming 2(1), 1–15 (1985)MATHCrossRefMathSciNetGoogle Scholar
  12. 12.
    Chen, W., Warren, D.S.: Tabled evaluation with delaying for general logic programs. J. ACM 43(1), 20–74 (1996)MATHCrossRefMathSciNetGoogle Scholar
  13. 13.
    Corsini, M.-M., Musumbu, K., Rauzy, A., Charlier, B.L.: Efficient bottom-up abstract interpretation of prolog by means of constraint solving over symbolic finite domains. In: Penjam, J., Bruynooghe, M. (eds.) PLILP 1993. LNCS, vol. 714, pp. 75–91. Springer, Heidelberg (1993)Google Scholar
  14. 14.
    Dawson, S., Ramakrishnan, C.R., Warren, D.S.: Practical program analysis using general purpose logic programming systemsa case study. In: PLDI 1996: Proceedings of the ACM SIGPLAN 1996 Conference on Programming Language Design and Implementation, pp. 117–126. ACM Press, New York (1996)CrossRefGoogle Scholar
  15. 15.
    Gelder, A.V., Ross, K.A., Schlipf, J.S.: The well-founded semantics for general logic programs. J. ACM 38(3), 619–649 (1991)CrossRefGoogle Scholar
  16. 16.
    Halevy, A.Y., Mumick, I.S., Sagiv, Y., Shmueli, O.: Static analysis in datalog extensions. J. ACM 48(5), 971–1012 (2001)CrossRefMathSciNetGoogle Scholar
  17. 17.
    Iwaihara, M., Inoue, Y.: Bottom-up evaluation of logic programs using binary decision diagrams. In: ICDE 1995: Proceedings of the Eleventh International Conference on Data Engineering, pp. 467–474. IEEE Computer Society, Los Alamitos (1995)CrossRefGoogle Scholar
  18. 18.
    Lam, M.S., Whaley, J., Livshits, V.B., Martin, M.C., Avots, D., Carbin, M., Unkel, C.: Context-sensitive program analysis as database queries. In: Proceedings of the Twenty-fourth ACM SIGACT-SIGMOD-SIGART Symposium on Principles of Database Systems, June 2005. ACM, New York (2005)Google Scholar
  19. 19.
    Lhoták, O., Hendren, L.: Jedd: a BDD-based relational extension of Java. In: PLDI 2004: Proceedings of the ACM SIGPLAN 2004 Conference on Programming Language Design and Implementation, pp. 158–169. ACM Press, New York (2004)CrossRefGoogle Scholar
  20. 20.
    Lind-Nielsen, J.: BuDDy, a binary decision diagram package, http://buddy.sourceforge.net
  21. 21.
    Liu, Y.A., Stoller, S.D.: From datalog rules to efficient programs with time and space guarantees. In: PPDP 2003: Proceedings of the 5th ACM SIGPLAN International Conference on Principles and Practice of Declarative Programming, pp. 172–183. ACM Press, New York (2003)CrossRefGoogle Scholar
  22. 22.
    Livshits, V.B., Lam, M.S.: Finding security vulnerabilities in java applications with static analysis. In: 14th USENIX Security Symposium, August 2005. USENIX (2005)Google Scholar
  23. 23.
    Martin, M.C., Livshits, V.B., Lam, M.S.: Finding application errors using PQL: a program query language. In: Proceedings of the ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA) (October 2005)Google Scholar
  24. 24.
    Naughton, J.F., Ramakrishnan, R.: Bottom-up evaluation of logic programs. In: Computational Logic - Essays in Honor of Alan Robinson, pp. 640–700 (1991)Google Scholar
  25. 25.
    Naughton, J.F., Ramakrishnan, R., Sagiv, Y., Ullman, J.D.: Efficient evaluation of right-, left-, and multi-linear rules. In: SIGMOD 1989: Proceedings of the 1989 ACM SIGMOD International Conference on Management of Data, pp. 235–242. ACM Press, New York (1989)CrossRefGoogle Scholar
  26. 26.
    Ramakrishnan, R., Srivastava, D., Sudarshan, S.: Rule ordering in bottom-up fixpoint evaluation of logic programs. In: Proceedings of the 16th International Conference on Very Large Data Bases, pp. 359–371. Morgan Kaufmann Publishers Inc., San Francisco (1990)Google Scholar
  27. 27.
    Ramakrishnan, R., Ullman, J.D.: A survey of research on deductive database systems. J. Logic Programming 23(2), 125–149 (1993)CrossRefMathSciNetGoogle Scholar
  28. 28.
    Ramalingam, G.: Identifying loops in almost linear time. ACM Transactions on Programming Languages and Systems 21(2), 175–188 (1999)CrossRefMathSciNetGoogle Scholar
  29. 29.
    Reps, T.W.: Demand Interprocedural Program Analysis Using Logic Databases, pp. 163–196. Kluwer, Dordrecht (1994)Google Scholar
  30. 30.
    Sagiv, Y.: Optimizing datalog programs. In: PODS 1987: Proceedings of the Sixth ACM SIGACT-SIGMOD-SIGART Symposium on Principles of Database Systems, pp. 349–362. ACM Press, New York (1987)CrossRefGoogle Scholar
  31. 31.
    Sagonas, K., Swift, T., Warren, D.S.: Xsb as an efficient deductive database engine. In: SIGMOD 1994: Proceedings of the 1994 ACM SIGMOD International Conference on Management of Data, pp. 442–453. ACM Press, New York (1994)CrossRefGoogle Scholar
  32. 32.
    Sittampalam, G., de Moor, O., Larsen, K.F.: Incremental execution of transformation specifications. In: POPL 2004: Proceedings of the 31st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 26–38. ACM Press, New York (2004)CrossRefGoogle Scholar
  33. 33.
    Tamaki, H., Sato, T.: Old resolution with tabulation. In: Proceedings on Third International Conference on Logic Programming, pp. 84–98. Springer, New York (1986)Google Scholar
  34. 34.
    Tarjan, R.E.: Testing flow graph reducibility. Journal of Computer and System Sciences 9(3), 355–365 (1974)MATHMathSciNetCrossRefGoogle Scholar
  35. 35.
    Ullman, J.D.: Bottom-up beats top-down for datalog. In: PODS 1989: Proceedings of the Eighth ACM SIGACT-SIGMOD-SIGART Symposium on Principles of Database Systems, pp. 140–149. ACM Press, New York (1989)CrossRefGoogle Scholar
  36. 36.
    Ullman, J.D.: Principles of Database and Knowledge-Base Systems, 2nd edn. Computer Science Press, Rockville (1989)Google Scholar
  37. 37.
    Whaley, J.: JavaBDD library, http://javabdd.sourceforge.net
  38. 38.
    Whaley, J., Lam, M.S.: Cloning-based context-sensitive pointer alias analysis using binary decision diagrams. In: PLDI 2004: Proceedings of the ACM SIGPLAN 2004 Conference on Programming Language Design and Implementation, pp. 131–144. ACM Press, New York (2004)CrossRefGoogle Scholar
  39. 39.
    Zhou, N.-F., Sato, T.: Efficient fixpoint computation in linear tabling. In: PPDP 2003: Proceedings of the 5th ACM SIGPLAN International Conference on Principles and Practice of Declarative Programming, pp. 275–283. ACM Press, New York (2003)CrossRefGoogle Scholar
  40. 40.
    Zhu, J.: Symbolic pointer analysis. In: ICCAD 2002: Proceedings of the 2002 IEEE/ACM International Conference on Computer-Aided Design, pp. 150–157. ACM Press, New York (2002)CrossRefGoogle Scholar
  41. 41.
    Zhu, J., Calman, S.: Symbolic pointer analysis revisited. In: PLDI 2004: Proceedings of the ACM SIGPLAN 2004 Conference on Programming Language Design and Implementation, pp. 145–157. ACM Press, New York (2004)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • John Whaley
    • 1
  • Dzintars Avots
    • 1
  • Michael Carbin
    • 1
  • Monica S. Lam
    • 1
  1. 1.Computer Science DepartmentStanford UniversityStanfordUSA

Personalised recommendations