Gateway Decompositions for Constrained Reachability Problems

  • Bastian Katz
  • Marcus Krug
  • Andreas Lochbihler
  • Ignaz Rutter
  • Gregor Snelting
  • Dorothea Wagner
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6049)


Given a directed graph whose vertices are labeled with propositional constraints, is there a variable assignment that connects two given vertices by a path of vertices that evaluate to true? Constrained reachability is a powerful generalization of reachability and satisfiability problems and a cornerstone problem in program analysis. The key ingredient to tackle these computationally hard problems in large graphs is the efficient construction of a short path condition: A formula whose satisfiability is equivalent to constrained reachability and which can be fed into a state-of-the-art constraint solver.

In this work, we introduce a new paradigm of decompositions of digraphs with a source and a target, called gateway decompositions. Based on this paradigm, we provide a framework for the modular generation of path conditions and an efficient algorithm to compute a fine-grained gateway decomposition. In benchmarks, we show that especially the combination of our decomposition and a novel arc filtering technique considerably reduces the size of path conditions and the runtime of a standard SAT solver on real-world program dependency graphs.


Conjunctive Normal Form Truth Assignment Variable Assignment Path Condition Propositional Formula 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Attali, P.I.I., Jensen, T., Cards, J.O.S., Bieber, P., Cazin, J., El-marouani, A., Girard, P., louis Lanet, J., Wiels, V., Zanon, G.: The PACAP Prototype: a Tool for Detecting Java Card Illegal Flow (2001)Google Scholar
  2. 2.
    Buchsbaum, A.L., Kaplan, H., Rogers, A., Westbrook, J.R.: Linear-Time Pointer-Machine Algorithms for Least Common Ancestors, MST Verification, and Dominators. ACM TOPLAS 20(6), 1265–1296 (1998)CrossRefGoogle Scholar
  3. 3.
    Cormen, T.H., Leiserson, C.E., Rivest, R.L., Stein, C.: Introduction to Algorithms. The MIT Press, Cambridge (2001)zbMATHGoogle Scholar
  4. 4.
    Een, N., Mishchenko, A., Sörensson, N.: Applying Logic Synthesis for Speeding Up SAT. In: Marques-Silva, J., Sakallah, K.A. (eds.) SAT 2007. LNCS, vol. 4501, pp. 272–286. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  5. 5.
    Een, N., Sörensson, N.: An extensible SAT-solver. In: Giunchiglia, E., Tacchella, A. (eds.) SAT 2003. LNCS, vol. 2919, pp. 333–336. Springer, Heidelberg (2004)Google Scholar
  6. 6.
    Fortune, S., Hopcroft, J., Wyllie, J.: The Directed Subgraph Homeomorphism Problem. Theoretical Computer Science 10(2), 111–121 (1980)zbMATHCrossRefMathSciNetGoogle Scholar
  7. 7.
    Giffhorn, D., Hammer, C.: Precise Analysis of Java Programs using JOANA (Tool Demonstration). In: 8th IEEE Int’l. Working Conference on Source Code Analysis and Manipulation, pp. 267–268 (2008)Google Scholar
  8. 8.
    Hammer, C.: Information Flow Control for Java - A Comprehensive Approach based on Path Conditions in Dependence Graphs. PhD thesis, Universität Karlsruhe (TH), Fak. f. Informatik (July 2009) ISBN 978-3-86644-398-3Google Scholar
  9. 9.
    Havlak, P.: Nesting of Reducible and Irreducible Loops. ACM Trans. Program. Lang. Syst. 19(4), 557–567 (1997)CrossRefGoogle Scholar
  10. 10.
    Hermann, M.: Constrained Reachability is NP-complete (March 1998) (manuscript)Google Scholar
  11. 11.
    Larsen, L., Harrold, M.J.: Slicing Object-Oriented Software. In: ICSE 1996: Proc. of the 18th Int’l. Conf. on Software Engineering, pp. 495–505. IEEE, Los Alamitos (1996)Google Scholar
  12. 12.
    Lengauer, T., Tarjan, R.E.: A Fast Algorithm for Finding Dominators in a Flowgraph. ACM TOPLAS 1(1), 121–141 (1979)zbMATHCrossRefGoogle Scholar
  13. 13.
    Ramalingam, G.: On Loops, Dominators, and Dominance Frontier. In: PLDI 2000: Proc. of the ACM SIGPLAN 2000 Conf. on Programming Language Design and Implementation (2000)Google Scholar
  14. 14.
    Robschink, T.: Pfadbedingungen in Abhängigkeitgraphen und ihre Anwendung in der Softwaresicherheitstechnik. PhD thesis, Universität Passau (2004)Google Scholar
  15. 15.
    Santoro, N., Khatib, R.: Labelling and Implicit Routing in Networks. The Computer Journal 28(1), 5–8 (1985)zbMATHCrossRefMathSciNetGoogle Scholar
  16. 16.
    Snelting, G., Robschink, T., Krinke, J.: Efficient Path Conditions in Dependence Graphs for Software Safety Analysis. ACM TOSEM 14(4), 410–457 (2006)CrossRefGoogle Scholar
  17. 17.
    Sreedhar, V.C., Gao, G.R., Lee, Y.-F.: Identifying Loops Using DJ Graphs. ACM Transactions on Programming Languages and Systems 18(6), 649–658 (1996)CrossRefGoogle Scholar
  18. 18.
    Steensgaard, B.: Sequentializing Program Dependence Graphs for Irreducible Programs. Technical report, Microsoft Research, Redmond (1993)Google Scholar
  19. 19.
    Tarjan, R.E.: Testing flow graph reducibility. J. Comput. Sci. 9, 355–365 (1974)zbMATHMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Bastian Katz
    • 1
  • Marcus Krug
    • 1
  • Andreas Lochbihler
    • 2
  • Ignaz Rutter
    • 1
  • Gregor Snelting
    • 2
  • Dorothea Wagner
    • 1
  1. 1.Institute of Theoretical Informatics 
  2. 2.Institute for Program Structures and Data OrganizationKarlsruhe Institute of Technology (KIT)KarlsruheGermany

Personalised recommendations