Com S 641 Lecture -*- Outline -*- * Monotone Frameworks (2.3) ** general pattern ------------------------------------------ GENERAL PATTERN A_o(l) = if l \in E then i else \bigsqcup {Analysis_.(l') | (l',l) \in F} A_.(l) = f(l)(Analysis_o(l)) where \bigsqcup is either \bigcup or \bigcap F is either flow(S*) or flow^R(S*) E is {init(S*)} or final(S*) i is initial/final information f_l is the transfer function for blocks B^l \in blocks(S*) For a forward analysis: F is flow(S*) A_o gives the entry conditions A_. gives the exit conditions For a backward analysis: F is flow^R(S*) A_o gives the exit conditions A_. gives the entry conditions ------------------------------------------ Think of f_l as f applied to l. The transfer functions are key. ** basic definitions (2.3.1) *** property space ------------------------------------------ PROPERTY SPACES def: a *propery space*, L = (L, \bigsqcup), is a set with \bigsqcup: Powerset(L) -> L a join operation that makes it a complete lattice. Thus: l1 \sqcup l2 = \bigsqcup { l1, l2 } \bot = \bigsqcup {} l1 \sqsubseteq l2 = (l1 \sqcup l2 = l2) Examples: For reaching definitions: L = Powerset(Var* x Lab^?_*) \sqcup = \cup \sqsubseteq = \subseteq For available expressions: L = Powerset(AExp*) \sqcup = \cap \sqsubseteq = \supseteq ------------------------------------------ def: A complete lattice is a partially ordered set in which all subsets have a least upper bound. Sometimes we also require that a property space satisfy the ascending chain condition... An ascending chain is a sequence (l_n)_{n \in N} such that n <= m ==> l_n \sqsubseteq l_m. def: L satisfies the ascending chain condition iff every ascending chain in L has a least upper bound that is an element of the chain. i.e., for all ascending chains (l_n)_{n \in N} (\exists n0 \in N :: (\forall n \in N : n >= n0 : l_n = l_n0)) *** transfer functions ------------------------------------------ TRANSFER FUNCTION SPACE def: Let L be a partially-ordered set. Then Funs is a *transfer function space for L* iff f \in Funs ==> f : L -> L and f is monotone, f,g \in Funs ==> f o g \in Funs, and id_L \in Funs. ------------------------------------------ *** monotone framework ------------------------------------------ MONOTONE FRAMEWORK def: (L, Funs) is a monotone framework iff L is a property space and Funs is a transfer function space for L. def: (L, Funs, F, E, i, f_.) is an *instance of a monotone framework* if and only if: - (L, Funs) is a monotone framework, - F is a finite set of pairs (of flows), - E is a finite set of extremal labels, - i \in L is an extremal value, - f_. : (dom(F) \cup E) -> (L -> L) s.t. for l in (dom(F) \cup E) f_l \in Funs ------------------------------------------ The first argument, the label, to the transfer functions is written as a subscript. ** examples (2.3.2) see figure 2.6 ** equation solving (2.4) *** MFP solution (2.4.1) See table 2.8 This is a work list algorithm that always terminates and computes the least solution to an instance of a monotone framework. (Lemma 2.29) The least solution is thus called the MFP solution (even though MFP stands for "maximal fixed point", because historically studied must analyses where \sqcup is \cap) The running time is approximately cubic in the number of program labels. *** MOP solution (2.4.2) (skip) propagates information over all paths in the program a MOP solution is always safely approximated by the MFP (least) solution, so the MOP solution is not always correct! always possible to use MFP, and MOP isn't always comparable, so MOP isn't very interesting...