Oops, replied to the wrong message (that's why there was a "(COPY)"
there).
"David L. Nicol" wrote:
>
> Steve Fink wrote:
>
> > It's standard semantic analysis. Both your taintedness analysis and my
> > reachability analyses can be fully described by specifying what things
> > generate the characteristic you're analyzing, what things block (in the
> > literature, "kill") it, and the transfer rules. It's often not the best
> > way of implementing it, since the fully general framework can be pretty
> > slow, but it's a concise way of describing things that you'll find in
> > many textbooks. They talk in terms of maintaining GEN and KILL sets and
> > describing when to add, subtract, union, and intersect the incoming &
> > outgoing GENs and KILLs.
>
> So what would be involved in adding hooks for arbitrary semantic analysis?
I suspect the hardest part is figuring out how primitive operations
describe themselves for an analysis. (It'll need a neo-XS interface,
too.)
> What language features can be described to allow for introduction of
> arbitrary SA passes? At what levels?
I was thinking these sorts of things could be the same way as my $var :
attributes. Classify attributes as explicit, default, or
compiler-generated. The compiler-generated ones would be read-only to
regular code. Or something like that.
> What's a good introductory glossary of SA terms? Things get confusing
> with many reinvented wheels rolling around.
There's a badly formatted mention at
http://www.google.com/search?q=cache:compilers.iecc.com/comparch/article/86-03-009+GEN+KILL&hl=en
(I couldn't reach the original page). They refer to Aho, Sethi, and
Ullman, in "Compilers:
Principles, Techniques, and Tools", p. 608 -- that's the dragon book. I
think that's where I first read it, though I'm not sure I liked their
description all that well.
Here's random slide that talks about it:
http://www.cs.utexas.edu/users/djimenez/cbz/node7.html
