More Data Flow Analyses Reading: NNH 2.1 17-654/17-765 Analysis - PowerPoint PPT Presentation

More Data Flow Analyses Reading: NNH 2.1 17-654/17-765 Analysis of Software Artifacts Jonathan Aldrich

General Monotonicity Proofs • We proved RD was monotone for data flow equations for a specific program • Here’s a more general proof, for the assignment flow function: – To show: If RD entry ( ℓ ) ⊆ RD entry ’( ℓ ) then RD exit ( ℓ ) ⊆ RD exit ’( ℓ ) • case: B ℓ = [x := a] ℓ – Assume RD entry ( ℓ ) ⊆ RD entry ’( ℓ ) – Now kill RD ([x := a] ℓ ) = { (x, *) } (where * is any label or ?) – Thus RD entry ( ℓ ) \ kill RD (B ℓ ) ⊆ RD entry ’( ℓ ) \ kill RD (B ℓ ) – And gen RD ([x := a] ℓ ) = { (x, ℓ ) } – Therefore (RD entry ( ℓ ) \ kill RD (B ℓ )) ∪ gen RD (B ℓ ) ⊆ (RD entry ’( ℓ ) \ kill RD (B ℓ )) ∪ gen RD (B ℓ ) • And we are done with the case for [x := a] ℓ 1/27/2005 2

Live Variables Analysis A variable is live at program point p if there exists a path from p to a use of the variable that does not re-define the variable. • Live Variables Analysis – Determines which variables may be live at each program point 1/27/2005 3

Live Variable Analysis Example [y := x] 1 ; LV enter (1) = [z := 1] 2 ; LV exit (1) = while [y>1] 3 do [z := z * y] 4 ; LV exit (2) = [y := y – 1] 5 ; LV exit (3) = [y := 0] 6 ; LV exit (4) = LV exit (5) = LV exit (6) = 1/27/2005 4

Live Variable Analysis Example [y := x] 1 ; LV enter (1) = { x } [z := 1] 2 ; LV exit (1) = { y } while [y>1] 3 do [z := z * y] 4 ; LV exit (2) = { y, z } [y := y – 1] 5 ; LV exit (3) = { y, z } [y := 0] 6 ; LV exit (4) = { y, z } LV exit (5) = { y, z } LV exit (6) = ∅ 1/27/2005 5

Live Variable Analysis Equations LV exit (1) = [y := x] 1 ; LV exit (2) = [z := 1] 2 ; LV exit (3) = while [y>1] 3 do LV exit (4) = [z := z * y] 4 ; LV exit (5) = [y := y – 1] 5 ; LV exit (6) = [y := 0] 6 ; LV enter (1) = LV enter (2) = LV enter (3) = LV enter (4) = LV enter (5) = LV enter (6) = 1/27/2005 6

Live Variable Analysis Equations LV exit (1) = LV enter (2) [y := x] 1 ; LV exit (2) = LV enter (3) [z := 1] 2 ; LV exit (3) = LV enter (4) ∪ LV enter (6) while [y>1] 3 do LV exit (4) = LV enter (5) [z := z * y] 4 ; LV exit (5) = LV enter (3) [y := y – 1] 5 ; LV exit (6) = ∅ [y := 0] 6 ; LV enter (1) = (LV exit (1) \ { y }) ∪ { x } LV enter (2) = (LV exit (2) \ { z }) ∪ ∅ ∅ ) ∪ { y } LV enter (3) = (LV exit (3) \ LV enter (4) = (LV exit (4) \ { z }) ∪ { y, z } LV enter (5) = (LV exit (5) \ { y }) ∪ { y } LV enter (6) = (LV exit (6) \ { y }) ∪ ∅ 1/27/2005 7

General LVA Equations ∅ if ( ℓ ∈ final (S * )) LV exit ( ℓ ) = = ∪ { LV entry ( ℓ ) | ( ℓ , ℓ ’ ) ∈ flow R (S * ) } otherwise = (LV exit ( ℓ ) \ kill LV (B ℓ )) ∪ gen LV (B ℓ ) LV entry ( ℓ ) kill LV ([x := a] ℓ ) = kill LV ([skip] ℓ ) = kill LV ([b] ℓ ) = gen LV ([x := a] ℓ )= gen LV ([skip] ℓ ) = gen LV ([b] ℓ ) = 1/27/2005 8

General LVA Equations ∅ if ( ℓ ∈ final (S * )) LV exit ( ℓ ) = = ∪ { LV entry ( ℓ ) | ( ℓ , ℓ ’ ) ∈ flow R (S * ) } otherwise = (LV exit ( ℓ ) \ kill LV (B ℓ )) ∪ gen LV (B ℓ ) LV entry ( ℓ ) kill LV ([x := a] ℓ ) = { x } = ∅ kill LV ([skip] ℓ ) = ∅ kill LV ([b] ℓ ) gen LV ([x := a] ℓ )= FV (a) gen LV ([skip] ℓ ) = ∅ gen LV ([b] ℓ ) = FV (b) 1/27/2005 9

Data Flow Analysis Characteristics Type May Must Reaching Available Forward Definitions Expressions Direction Live Very Busy Backward Variables Exp (text) 1/27/2005 10

Monotone Frameworks Reading: NNH 2.3, Appendix A.1-A.3 17-654/17-765 Analysis of Software Artifacts Jonathan Aldrich

Monotone Framework Reaching Definitions = {(x,?) | x ∈ FV( S * )} if ℓ = init (S * ) RD entry ( ℓ ) = ∪ { RD exit ( ℓ ’ ) | ( ℓ ’ , ℓ ) ∈ flow (S * ) } otherwise = (RD entry ( ℓ ) \ kill RD (B ℓ )) ∪ gen RD (B ℓ ) RD exit ( ℓ ) Monotone Framework: A Generalization if ℓ ∈ E = ι Analysis ○ ( ℓ ) = ⊔ { Analysis ● ( ℓ ’ ) | ( ℓ ’ , ℓ ) ∈ F } otherwise = ƒ ℓ (Analysis ○ ( ℓ )) Analysis ● ( ℓ ) 1/27/2005 12

Monotone Framework if ℓ ∈ E ι Analysis ○ ( ℓ ) = ⊔ { Analysis ● ( ℓ ’ ) | ( ℓ ’ , ℓ ) ∈ F } = otherwise ƒ ℓ (Analysis ○ ( ℓ )) Analysis ● ( ℓ ) = where: – ○ means entry (forward) or exit (backward) – ● means exit (forward) or entry (backward) – ⊔ is ∪ (may) or ∩ (must) – F is flow (S * ) (forward) or flow R (S * ) ( backward ) – E is { init (S * ) } (forward) or final (S * ) ( backward ) – ι specifies initial or final analysis information, and – ƒ ℓ is a transfer function • Typically ƒ ℓ (x) = x \ kill Analysis (B ℓ ) ∪ gen Analysis (B ℓ ) 1/27/2005 13

Monotone Framework if ℓ ∈ E Analysis ○ ( ℓ ) = ι = ⊔ { Analysis ● ( ℓ ’ ) | ( ℓ ’ , ℓ ) ∈ F } otherwise Analysis ● ( ℓ ) = ƒ ℓ (Analysis ○ ( ℓ )) RD AE LV ⊔ F E ι 1/27/2005 14

Monotone Framework if ℓ ∈ E Analysis ○ ( ℓ ) = ι = ⊔ { Analysis ● ( ℓ ’ ) | ( ℓ ’ , ℓ ) ∈ F } otherwise Analysis ● ( ℓ ) = ƒ ℓ (Analysis ○ ( ℓ )) RD AE LV ⊔ ∪ ∩ ∪ F flow ( S * ) flow ( S * ) flow R ( S * ) { init ( S * ) } { init ( S * ) } final ( S * ) E ι { (x,?) | x ∈ FV( S * ) } ∅ ∅ 1/27/2005 15

Complete Lattice ⊤ • Not all data flow analyses use sets – Lattice: a more general concept a b e • A set L with: – A partial order ⊑ c d f – A combination operator ⊔ ⊥ – A least element ⊥ = ⊔ (∅) – A greatest element ⊤ = ⊔ ( L ) – Each subset Y of L has a least upper bound ⊔ ( Y ) • Typically we want the lattice to have finite height – A finite number of elements on each path from ⊥ to ⊤ • See NNH Appendix A.3 1/27/2005 16

Example: Subset Lattice ⊤ ={a,b,c} {a,b} {a,c} {b,c} {a} {b} {c} • Reaching Definitions • The set L = P ({a,b,c}) with: ⊥ = ∅ – ⊑ = ⊆ – ⊔ = = ∪ = = (may analysis) – ⊥ = ∅ (the most precise and starting element) – ⊤ = {a,b,c} (the least precise element) 1/27/2005 17

Example: Superset Lattice ⊤ = ∅ {a} {b} {c} {a,b} {a,c} {b,c} • Available Expressions • The set L = P ({a,b,c}) with: ⊥ = {a,b,c} – ⊑ = ⊇ – ⊔ = = ∩ = = (must analysis) – ⊥ = {a,b,c} (the most precise and starting element) – ⊤ = ∅ (the least precise element) 1/27/2005 18

Constant Propagation Lattice ⊤ … -2 -1 0 1 2 … ⊥ • More efficient than the set of possible values – Don’t want to store sets – If more than one value, give up and assume any ( ⊤ ) • The set L ={ ⊥ , ⊤ } ∪ N AT with: – x ⊑ ⊤ , ⊥ ⊑ x, x ⊑ x – x ⊔ ⊥ = = x, x ⊔ ⊤ = = = = = = ⊤ , n ⊔ m = ⊤ (for n ≠ m) • ι = = = = ⊤ 1/27/2005 19

Tuple Lattices • Motivation: Constant Propagation – Need to hold constants for each variable in the program • L T = L 1 × L 2 × L 3 × … × L N – element of tuple lattice is a tuple of elements from each variable’s lattice – i th component of tuple is info about i th variable/stmt • ⊑ T and ⊔ T are defined pointwise – <…,e i , …,> ⊑ T <…,f i , …,> ≡ ∀ i . e i ⊑ f i – <…,e i , …,> ⊔ T <…,f i , …,> ≡ <…, e i ⊔ f i , …,> • ⊤ T = < ⊤ , …, ⊤ > • ⊥ T = < ⊥ , …, ⊥ > • ι T = = = < ι 1 , …, ι n > = 1/27/2005 20

Constant Propagation Transfer Fns ⊤ … -2 -1 0 1 2 … ⊥ ƒ CP � x := a � ( σ ) = σ [x ↦ CP � a � ( σ )] • ƒ CP � skip � ( σ ) = σ • ƒ CP � b � ( σ ) = σ • CP � n � ( σ ) = n • CP � x � ( σ ) = σ (x) • CP � a 1 op a a 2 � ( σ ) = CP � a 1 � ( σ ) op a CP � a 2 � ( σ ) • • z 1 op a z 2 = z 1 op a z 2 if z 1 , z 2 ∈ N AT = ⊤ if z 1 = ⊤ or z 2 = ⊤ = z 1 ( z 2 ) if z 2 ( z 1 ) = ⊥ 1/27/2005 21

Example Iter Position a b ⊥ ⊥ 0 -- [a := 1] 1 ⊤ ⊤ 1 entry(1) ⊤ [b := 2] 2 2 exit(1) 1 ⊤ 3 entry(2) 1 while [a < 2] 3 do 4 exit(2) 1 2 5 entry(3) 1 2 [b := b * 1] 4 ; 6 exit(3) 1 2 7 entry(4) 1 2 [a := a + 1] 5 ; 8 exit(4) 1 2 9 entry(5) 1 2 10 exit(5) 2 2 ⊤ 11 entry(3) 2 ⊤ 12 exit(3) 2 ⊤ 13 entry(4) 2 ⊤ 14 exit(4) 2 ⊤ 15 entry(5) 2 ⊤ 17 exit(5) 2 1/27/2005 22

Monotonicity Condition • If σ 1 ⊑ σ 2 then ƒ ℓ ( σ 1 ) ⊑ ƒ ℓ ( σ 2 ) • Check for ƒ CP � x := a � ( σ ) – Assume σ 1 ⊑ σ 2 – Lemma: CP � a � ( σ 1 ) ⊑ CP � a � ( σ 2 ) • Proof by induction on the structure of a • Base case: CP � n � ( σ 1 ) = CP � n � ( σ 2 ) = n • Base case: CP � x � ( σ 1 ) = σ 1 (x) ⊑ σ 2 (x) = CP � x � ( σ 2 ) • Inductive case: CP � a 1 op a a 2 � ( σ ) – By the induction hypothesis we have: » CP � a 1 � ( σ 1 ) ⊑ CP � a 1 � ( σ 2 ) » CP � a 2 � ( σ 1 ) ⊑ CP � a 2 � ( σ 2 ) – By case analysis on the definition of op a we can prove » CP � a 1 � ( σ 1 ) op a CP � a 2 � ( σ 1 ) ⊑ CP � a 1 � ( σ 2 ) op a CP � a 2 � ( σ 2 ) – Therefore CP � a 1 op a a 2 � ( σ 1 ) ⊑ CP � a 1 op a a 2 � ( σ 2 ) – Therefore: σ 1 [x ↦ CP � a � ( σ 1 )] ⊑ σ 2 [x ↦ CP � a � ( σ 2 )] • Must check for other ƒ CP as well 1/27/2005 23