COP 5021 Lecture -*- Outline -*- * Approximation of Fixed Points (4.2) Q: What is a complete lattice? A poset in which all subsets have lubs (and glbs), see appendix A We assume from now on that all property spaces (L, M) are complete lattices Q: Why do we need to worry about finding fixed points? When doing an analysis where the data is from an infinite domain (e.g., integers, functions on integers, or intervals of integers...) ** Example lattice (4.10) to motivate need for approximations ------------------------------------------ INTERVAL LATTICE (EXAMPLE 4.10) Interval = { _|_ } \cup {[z1,z2] | z1 <= z2, z1 in Z-, z2 in Z+} Z- = Z \cup {-\infty} Z+ = Z \cup {\infty} _|_ denotes the empty interval <= ordering on Interval is: where (for integers z1, z2): inf(_|_) = \infty inf([z1,z2]) = z1 sup(_|_) = -\infty sup([z1,z2]) = z2 ------------------------------------------ ... \subseteq in essence but technically int1 <= int2 iff inf(int2) <= inf(int1) /\ sup(int1) <= sup(int2) Q: Why is Interval a lattice? How to define |_| ? need to show that each subset has a least upper bound. |_| {} = _|_ |_| {_|_} = _|_ |_| Y = [inf'{inf(int) | int in Y}, sup'{sup(int) | int in |Y}] if not(Y <= {_|_}) where inf'({}) = \infty inf'(Q) = z', if z' is the least element of Q inf'(Q) = -\infty, if Z has no least element sup'({}) = -\infty sup'(Q) = z', if z' is the greatest element of Q sup'(Q) = \infty, if Z has no greatest element (for all sets of intervals Q) Q: What is \top in this lattice? [-\infty, \infty] ** Why fixed points? ------------------------------------------ WHY FIXED POINTS? Analysis transforms properties: f: L -> L where f is monotone. E.g., for reaching definitions: F(RD_1,...,RD_n) = (F_1(RD_1,...,RD_n), ..., F_n(RD_1...,RD_n)) Want least fixed point, lfp(f) for: - recursive programs - programs with loops But iterating doesn't necessarily: - reach a fixed point (stabilize) - stabilize at the least fixed point ------------------------------------------ Q: Why not? monotonicity isn't enough (don't have ascending chain condition, don't have continuity). E.g., f: Interval -> Interval f(_|_) = [0,0] f([z1,z2]) = [z1,z2+1] (this is extensive, not reductive) ** Widening Operators (4.2.1) This tries to answer the question of what to do if we don't have a fixed points automatically. *** idea ------------------------------------------ IDEA How to approximate lfp(f)? use sequence (f^n_V)n - which must stabalize - which will safely approximate lfp(f) The V (\nabla) is a widening operator ------------------------------------------ *** upper bound operators ------------------------------------------ UPPER BOUND OPERATORS def: Suppose (L,<=) is a complete lattice. Then an operation ub: L x L -> L is an upper bound operator iff for all l1, l2 in L, l1 <= ub(l1,l2) and l2 <= ub(l1,l2). Example (4.12): Let int be a fixed interval e.g., int02 = [0,2] define: ub^int(int1, int2) = if int1 <= int or int2 <= int1 then int1 |_| int2 else [-\infty, \infty] e.g., with int02 = [0,2] ub^int02(int1, int2) = if int1 <= [0,2] or int2 <= int1 then int1 |_| int2 else [-\infty, \infty] so ub^int02([1,2],[2,3]) = but ub^int02([2,3],[1,2]) = ------------------------------------------ ... [1,3] (because [1,2] <= [0,2] and [1,2] |_| [2,3] = [1,3]) ... [-\infty, \infty] (because not([2,3] <= [0,2] and not([1,2] <= [2,3]) Q: Is an upper bound operator monotone? commutative? associative? no, doesn't have to be (but could be) not even the case that ub(l,l) = l. e.g., ub(l1,l2) = \top is an upper bound operator (trivially) Q: Is ub^int symmetric for all intervals, int? no: ub^int02([1,2], [2,3]) = [1,3] ub^int02([[2,3],[1,2]) = [-\infty, \infty] Q: Why is ub^int an upper bound operator? because the result contains both arguments ------------------------------------------ MAKING ASCENDING CHAINS def: Let (l_n)n = (l_0, l_1, ...) be a sequence of elements in L. Let phi: (L x L) -> L be a total function Then bapply(phi, (l_n)n) = (m_n)n where m_0 = l_0 m_n = phi(m_{n-1}, l_n), for n > 0 Notation: (bapply(phi, (l_n)n) is written (l^{phi}_n)n Fact 4.11 If (l_n)n is a sequence and ub is an upper bound operator, then (bapply(ub, (l_n)n) is an ascending chain. ------------------------------------------ Q: What happens if we bapply an an upper bound operator to a sequence? we get an ascending chain. Why? (proof by induction, on page 225) Q: Does that chain eventually stabalize? no, consider ub^{[0,\infty]}, as in example 4.12 when that is bapplied to [0,0], [1,1], [2,2], ... gives [0,0], [0,1], [0,2], ... however ub^{[0,2]} does work to stabilize that chain. *** widening operators ------------------------------------------ WIDENING OPERATORS def: Let L be a complete lattice. Then V: L x L -> L is a *widening operator* iff: - V is an upper bound operator, and - for all ascending chains (l_n)n, the chain bapply(V, (l_n)n) eventually stabilizes ------------------------------------------ Q: Is bapply(V, (l_n)n) an ascending chain? Yes, by fact 4.11 ------------------------------------------ USING WIDENING TO SAFELY APPROXIMATE LFP Given: monotone f: L -> L widening operator V: L x L -> L Goal: find lfp_V(f), such that: (a) f(lfp_V(f)) <= lfp_V(f), and (b) lfp_V(f) >= lfp(f) Define lfp_V(f) = f_V^m, where m >= 0 is the least number such that: f(f_V^m) <= f_V^m where for all n >= 0 f_V^0 = _|_ f_V^{n+1} = f_V^{n}, if f(f_V^{n}) <= f_V^{n} f_V^{n+1} = f_V^{n} V f(f_V^{n}), otherwise ------------------------------------------ Show and discuss figure 4.4 Q: Why does f_V^n eventually become reductive? because the widening operator forces it (by def). Prop 4.13 says this. ------------------------------------------ EXAMPLE 4.15 Consider lattice Interval. For K a finite set of integers, widening operator V_K defined by: _|_ V_K _|_ = _|_ int1 V_K int2 = [LB_K(inf(int1), inf(int2)), UB_K(sup(int1), sup(int2))] where LB_K(z1,z3) = z1, if z1 <= z3 k, if z3 < z1 /\ k = max{k \in K | k <= z3} -\infty, if z3 < z1 /\ (k \in K ==> z3 < k) UB_K(z2,z4) = z2, if z4 <= z2 k, if z2 < z4 /\ k = min{k \in K | z4 <= k} \infty, if z2 < z4 /\ (k \in K ==> k < z4) E.g., suppose K = {5, 0, 2, 1}, and consider (int_n)n defined by [0,1],[0,2],[0,3],... then (int^{V_K}_n)n is: ------------------------------------------ ... [0,1], [0,2], [0,5], [0,5], [0,5], [0,\infty], [0, \infty], ... Q: What set of integers would work? those mentioned in a program Q: Why is V_K an upper bound operator? It always returns an interval that contains the given ones Q: Why is V_K a widening operator? consider an ascending chain (int_n)n use proof by contradiction. ** narrowing operators (4.2.2) ------------------------------------------ NARROWING OPERATORS (4.2.2) Widening operator V gives an m such that f(f_V^m) <= f_V^m Note that - f_V^m may not be a fixed point of f - f_V^m >= lfp(f) Goal: get better approx to lfp(f) Idea: f_V^m in Red(f) So search by computing f(f_V^m) f(f(f_V^m)) ... f^n(f_V^m) ------------------------------------------ Q: Will this stabilize? might not Q: When can we stop? safe anytime... ------------------------------------------ NARROWING OPERATOR def: D: L x L -> L is a narrowing operator iff: - for all l1, l2 in L, l2 <= l1 ==> l2 <= (l1 D l2) and (l1 D l2) <= l1 - for all descending chains (l_n)n, the sequence bapply(D, (l_n)n) eventually stabalizes. ------------------------------------------ Show picture 4.5 Look at lemma 4.16