Transitive Closures of Affine Integer Tuple Relations and their - PowerPoint PPT Presentation

Transitive Closures of Affine Integer Tuple Relations and their Overapproximations Sven Verdoolaege Albert Cohen Anna Beletska PARKAS group, INRIA and ´ Ecole Normale Sup´ erieure de Paris, France September 15, 2011 1 / 30

Outline 1 Motivating Applications Iteration Space Slicing Equivalence Checking Problem Formulation 2 Reachability Analysis 3 Technical Contribution 4 5 Experimental Results Conclusion and Perspectives 6 2 / 30

Iteration Space Slicing: Beletska et al. Can we parallelize this code? for (i = 1; i <= n; ++i) a[i] = f(a[i-3]); 3 / 30

Iteration Space Slicing: Beletska et al. Can we parallelize this code? for (i = 1; i <= n; ++i) a[i] = f(a[i-3]); Dependences: i 3 / 30

Iteration Space Slicing: Beletska et al. Can we parallelize this code? for (i = 1; i <= n; ++i) a[i] = f(a[i-3]); Dependences: i 3 / 30

Iteration Space Slicing: Beletska et al. Can we parallelize this code? for (i = 1; i <= n; ++i) a[i] = f(a[i-3]); Dependences: i for (i = 1; i <= min(n-3,3); ++i) { // parallel loop a[i] = f(a[i-3]); for (j = i + 3; j <= n; j += 3) a[j] = f(a[j-3]); } ⇒ partition iterations according to dependences ⇒ compute transitive closure of dependences 3 / 30

Equivalence Checking: Barthou et al. Are the following two programs equivalent? for (i = 0; i < 10; ++i) c[0] = 0; b[i] = f(a[i]); b[0] = f(a[0]); for (i = 10; i < 20; ++i) for (i = 0; i < 19; ++i) { b[i] = f(a[i]); i1 = i+1; c[0] = 0; b[i1] = f(a[i1]); for (i = 1; i < 20; ++i) c[i1] = b[i]; c[i] = b[i-1]; } 4 / 30

Equivalence Checking: Barthou et al. Are the following two programs equivalent? for (i = 0; i < 10; ++i) c[0] = 0; b[i] = f(a[i]); b[0] = f(a[0]); for (i = 10; i < 20; ++i) for (i = 0; i < 19; ++i) { b[i] = f(a[i]); i1 = i+1; c[0] = 0; b[i1] = f(a[i1]); for (i = 1; i < 20; ++i) c[i1] = b[i]; c[i] = b[i-1]; } Construct Minsky machine ( � cross product of dependence graphs) 1 ◮ initial state: outputs are equal ◮ transition: exiting state equality requires entering state equality ◮ final failure states (e.g., different function called) ◮ final success states: inputs are equal 4 / 30

Equivalence Checking: Barthou et al. Are the following two programs equivalent? for (i = 0; i < 10; ++i) c[0] = 0; b[i] = f(a[i]); b[0] = f(a[0]); for (i = 10; i < 20; ++i) for (i = 0; i < 19; ++i) { b[i] = f(a[i]); i1 = i+1; c[0] = 0; b[i1] = f(a[i1]); for (i = 1; i < 20; ++i) c[i1] = b[i]; c[i] = b[i-1]; } Construct Minsky machine ( � cross product of dependence graphs) 1 ◮ initial state: outputs are equal ◮ transition: exiting state equality requires entering state equality ◮ final failure states (e.g., different function called) ◮ final success states: inputs are equal Derive accessibility relation from regular expression 2 concatenation → composition branches → union cycles → transitive closure 4 / 30

Equivalence Checking: Barthou et al. Are the following two programs equivalent? for (i = 0; i < 10; ++i) c[0] = 0; b[i] = f(a[i]); b[0] = f(a[0]); for (i = 10; i < 20; ++i) for (i = 0; i < 19; ++i) { b[i] = f(a[i]); i1 = i+1; c[0] = 0; b[i1] = f(a[i1]); for (i = 1; i < 20; ++i) c[i1] = b[i]; c[i] = b[i-1]; } Construct Minsky machine ( � cross product of dependence graphs) 1 ◮ initial state: outputs are equal ◮ transition: exiting state equality requires entering state equality ◮ final failure states (e.g., different function called) ◮ final success states: inputs are equal Derive accessibility relation from regular expression 2 concatenation → composition branches → union cycles → transitive closure � failure states: empty relation Equivalent iff 3 success states: relation covered by equality of array indices 4 / 30

Outline Motivating Applications 1 Problem Formulation 2 Quasi-affine Integer Tuple Sets and Relations Powers and Transitive Closures Approximation Reachability Analysis 3 Technical Contribution 4 Experimental Results 5 6 Conclusion and Perspectives 5 / 30

Quasi-affine Integer Tuple Sets and Relations Quasi-affine integer sets and relations S ( s ) = { x ∈ Z d | ∃ z ∈ Z e : A x + B s + D z ≥ c } R ( s ) = { x 1 → x 2 ∈ Z d 1 × Z d 2 | ∃ z ∈ Z e : A 1 x 1 + A 2 x 2 + B s + D z ≥ c } “basic” types: “convex” sets and maps (relations) ◮ affine equality + inequality constraints ◮ parameters s ◮ (optional) explicit representation of existentially quantified variables as integer divisions union types: sets and maps ⇒ (disjoint) unions of basic sets/maps Note: any relation in Presburger arithmetic can be put into this form 6 / 30

Quasi-affine Integer Tuple Sets and Relations Quasi-affine integer sets and relations S ( s ) = { x ∈ Z d | ∃ z ∈ Z e : A x + B s + D z ≥ c } R ( s ) = { x 1 → x 2 ∈ Z d 1 × Z d 2 | ∃ z ∈ Z e : A 1 x 1 + A 2 x 2 + B s + D z ≥ c } “basic” types: “convex” sets and maps (relations) ◮ affine equality + inequality constraints ◮ parameters s ◮ (optional) explicit representation of existentially quantified variables as integer divisions union types: sets and maps ⇒ (disjoint) unions of basic sets/maps Note: any relation in Presburger arithmetic can be put into this form 6 / 30

Quasi-affine Integer Tuple Sets and Relations Quasi-affine integer sets and relations S ( s ) = { x ∈ Z d | ∃ z ∈ Z e : A x + B s + D z ≥ c } R ( s ) = { x 1 → x 2 ∈ Z d 1 × Z d 2 | ∃ z ∈ Z e : A 1 x 1 + A 2 x 2 + B s + D z ≥ c } “basic” types: “convex” sets and maps (relations) ◮ affine equality + inequality constraints ◮ parameters s ◮ (optional) explicit representation of existentially quantified variables as integer divisions union types: sets and maps ⇒ (disjoint) unions of basic sets/maps Note: any relation in Presburger arithmetic can be put into this form 6 / 30

Quasi-affine Integer Tuple Sets and Relations Quasi-affine integer sets and relations S ( s ) = { x ∈ Z d | ∃ z ∈ Z e : A x + B s + D z ≥ c } R ( s ) = { x 1 → x 2 ∈ Z d 1 × Z d 2 | ∃ z ∈ Z e : A 1 x 1 + A 2 x 2 + B s + D z ≥ c } “basic” types: “convex” sets and maps (relations) ◮ affine equality + inequality constraints ◮ parameters s ◮ (optional) explicit representation of existentially quantified variables as integer divisions union types: sets and maps ⇒ (disjoint) unions of basic sets/maps Note: any relation in Presburger arithmetic can be put into this form 6 / 30

Remarks need not be a function Example { x → y | y ≥ 3 + x ∧ y ≤ 4 + x } 7 / 30

Remarks need not be a function Example { x → y | y ≥ 3 + x ∧ y ≤ 4 + x } may involve parameters Example n → { ( x , y ) → ( 1 + x , 1 − n + y ) | n ≥ 2 } 7 / 30

Remarks need not be a function Example { x → y | y ≥ 3 + x ∧ y ≤ 4 + x } may involve parameters Example n → { ( x , y ) → ( 1 + x , 1 − n + y ) | n ≥ 2 } may involve existentially quantified variables Example n → { x → y | ∃ α , β : 7 α = − 2 + n ∧ 5 β = − 1 − x + y ∧ y ≥ 6 + x } 7 / 30

Remarks need not be a function Example { x → y | y ≥ 3 + x ∧ y ≤ 4 + x } may involve parameters Example n → { ( x , y ) → ( 1 + x , 1 − n + y ) | n ≥ 2 } may involve existentially quantified variables Example n → { x → y | ∃ α , β : 7 α = − 2 + n ∧ 5 β = − 1 − x + y ∧ y ≥ 6 + x } may involve unions 7 / 30

Powers Definition (Power of a Relation) Let R ∈ Z n → 2 Z d → Z d be a relation and k ∈ Z ≥ 1 a positive number, then power k of relation R is defined as � if k = 1 R △ R k = R ◦ R k − 1 if k ≥ 2 8 / 30

Powers Definition (Power of a Relation) Let R ∈ Z n → 2 Z d → Z d be a relation and k ∈ Z ≥ 1 a positive number, then power k of relation R is defined as � if k = 1 R △ R k = R ◦ R k − 1 if k ≥ 2 Example R = { x → x + 1 } R k = { x → x + k | k ≥ 1 } 8 / 30

Transitive Closures Definition (Transitive Closure of a Relation) Let R ∈ Z n → 2 Z d → Z d be a relation, then the transitive closure R + of R is the union of all positive powers of R , R + △ R k � = k ≥ 1 State of the art: algorithm by Kelly et al. implemented in Omega calculator 9 / 30

Transitive Closures Definition (Transitive Closure of a Relation) Let R ∈ Z n → 2 Z d → Z d be a relation, then the transitive closure R + of R is the union of all positive powers of R , R + △ R k � = k ≥ 1 State of the art: algorithm by Kelly et al. implemented in Omega calculator Example R = { x → x + 1 } R k = { x → x + k | k ≥ 1 } R + = { x → y | ∃ k ≥ 1 : y = x + k } = { x → y | y ≥ x + 1 } 9 / 30

Approximation Fact Given an affine relation R, the power R k (with k a parameter) and the transitive closure R + may not be affine relations, or even computable Example R = { x → 2 x } R k = { x → 2 k x } 10 / 30

Approximation Fact Given an affine relation R, the power R k (with k a parameter) and the transitive closure R + may not be affine relations, or even computable Example R = { x → 2 x } R k = { x → 2 k x } ⇒ we need to accept approximate results Our target applications require overapproximations ⇒ compute relation T ( R ) such that R + ⊆ T ( R ) T ( R ) should be as close to R + as possible we want to know when the result is exact, i.e., when T ( R ) = R + 10 / 30