AOSD 2012 and TAOSD 2013 DFA4 SPL Dataflow

  • Slides: 45
Download presentation
AOSD 2012 and TAOSD 2013 DFA-4 -SPL Dataflow Analysis for Software Product Lines SSS

AOSD 2012 and TAOSD 2013 DFA-4 -SPL Dataflow Analysis for Software Product Lines SSS Claus Brabrand Márcio Ribeiro IT University of Copenhagen Universidade Federal de Pernambuco Universidade Federal de Alagoas Universidade Federal de Pernambuco [ brabrand@itu. dk ] [ mmr 3@cin. ufpe. br ] Paulo Borba Társis Toledo Universidade Federal de Pernambuco [ phmb@cin. ufpe. br ] [ twt@cin. ufpe. br ] Dataflow Analysis for Software Product Lines May, 2013

PLDI 2013 SPL Statically Analyzing LIFTLines Software Product in Minutes instead of Years SSS

PLDI 2013 SPL Statically Analyzing LIFTLines Software Product in Minutes instead of Years SSS Eric Bodden Társis Tolêdo Technische Universität Darmstadt Universidade Federal de Pernambuco [ bodden@acm. org ] [ mmr 3@cin. ufpe. br ] Márcio Ribeiro Claus Brabrand Universidade Federal de Alagoas IT University of Copenhagen [ twt@cin. ufpe. br ] [ brabrand@itu. dk ] Paulo Borba Mira Mezini Universidade Federal de Pernambuco Technische Universität Darmstadt [ phmb@cin. ufpe. br ] Dataflow Analysis for Software Product Lines May, 2013

< Outline > Introduction: Software Product Lines (SPL) Dataflow Analysis (DFA) DFA-4 -SPL: A

< Outline > Introduction: Software Product Lines (SPL) Dataflow Analysis (DFA) DFA-4 -SPL: A 0 (brute force): A 1 (consecutive): A 2 (simultaneous): A 3 (shared simultaneous): (feature in-sensitive) (feature sensitive) SPLLIFT (graph encoding): Evaluation and Results: A 1 vs SPLLIFT SSS Dataflow Analysis for Software Product Lines [4] May, 2013

Introduction Traditional Software Development: One program = One product = = 1 x CAR

Introduction Traditional Software Development: One program = One product = = 1 x CAR 1 x CELL PHONE = 1 x APPLICATION Product Line: A ”family” of products (of N ”similar” products): CARS CELL PHONES customize APPLICATIONS SPL: (Family of Programs) SSS Dataflow Analysis for Software Product Lines [5] May, 2013

Software Product Line SPLs based on Conditional Compilation: : f F | | #ifdef

Software Product Line SPLs based on Conditional Compilation: : f F | | #ifdef ( ). . . (SPL fragment) Example #endif SSS Logo logo; . . . #ifdef (VIDEO) logo = new Logo(); #endif. . . logo. use(); Dataflow Analysis for Software Product Lines [6] May, 2013

Software Product Line SPL: COLOR Ø cus VIDEO Family of Programs: ize m to

Software Product Line SPL: COLOR Ø cus VIDEO Family of Programs: ize m to { Color } 2 F COLOR VIDEO { Video } VIDEO Set of Features: F = { COLOR, VIDEO } { Color, Video } Feature Model: (e. g. : ψFM ≡ VIDEO COLOR) SSS VALID Configurations: 2 F Ø, {Color}, {Video}, {Color, Video} Dataflow Analysis for Software Product Lines [7] May, 2013

Software Product Line SPLs based on Conditional Compilation: : f F | | #ifdef

Software Product Line SPLs based on Conditional Compilation: : f F | | #ifdef ( ). . . (SPL fragment) Example #endif SSS Logo logo; . . . #ifdef (VIDEO) logo = new Logo(); #endif *** null-pointer exception! in configurations: {Ø, {COLOR}} . . . logo. use(); Dataflow Analysis for Software Product Lines [8] May, 2013

Analysis of SPLs The Compilation Process: compile 0100101 1110110 1010011 1110111 run result ERROR!

Analysis of SPLs The Compilation Process: compile 0100101 1110110 1010011 1110111 run result ERROR! ANALYZE! . . . and for Software Product Lines: ate gener compile 2 F ANALYZE! 0100101 1110110 1010011 1110111 run run result ERROR! Feature-sensitive data-flow analysis ! SSS Dataflow Analysis for Software Product Lines [9] May, 2013

Dataflow Analysis: Example: "sign-of-x analysis" 1) Control-flow graph 2) Lattice (finite height) 3) Transfer

Dataflow Analysis: Example: "sign-of-x analysis" 1) Control-flow graph 2) Lattice (finite height) 3) Transfer functions (monotone) L SSS Dataflow Analysis for Software Product Lines [ 10 ] May, 2013

Analyzing a Program 1) Program 2) Build CFG 3) Make Equations Annotated with program

Analyzing a Program 1) Program 2) Build CFG 3) Make Equations Annotated with program points 4) Solve equations: fixed-point computation (iteration) 5) SOLUTION (least fixed point): SSS Dataflow Analysis for Software Product Lines [ 11 ] May, 2013

< Outline > Introduction: Software Product Lines (SPL) Dataflow Analysis (DFA) DFA-4 -SPL: A

< Outline > Introduction: Software Product Lines (SPL) Dataflow Analysis (DFA) DFA-4 -SPL: A 0 (brute force): A 1 (consecutive): A 2 (simultaneous): A 3 (shared simultaneous): (feature in-sensitive) (feature sensitive) SPLLIFT (graph encoding): Evaluation and Results: A 1 vs SPLLIFT SSS Dataflow Analysis for Software Product Lines [ 12 ] May, 2013

A 0 feature in-sensitive! L A 0 (brute force): N = O(2 F) compilations!

A 0 feature in-sensitive! L A 0 (brute force): N = O(2 F) compilations! void m() { int x=0; ifdef(A) x++; ifdef(B) x--; } ψFM = A∨B c = {A}: c = {B}: c = {A, B}: _| _| _| int x = 0; 0 0 0 x++; + SSS x--; + - 0/+ Dataflow Analysis for Software Product Lines [ 13 ] May, 2013

A 1 feature sensitive! L A 1 (consecutive): c = {A}: c = {B}:

A 1 feature sensitive! L A 1 (consecutive): c = {A}: c = {B}: c = {A, B}: _| _| _| int x = 0; ✓ int x = 0; 0 A: void m() { int x=0; ifdef(A) x++; ifdef(B) x--; } ψFM = A∨B x++; ✓ 0 0 ✓ A: x++; ✓ ✓ ✗ + + B: x--; ✗ B: x--; SSS ✓ ✓ Dataflow Analysis for Software Product Lines 0/+ [ 14 ] May, 2013

A 2 feature sensitive! L A 2 (simultaneous): void m() { int x=0; ifdef(A)

A 2 feature sensitive! L A 2 (simultaneous): void m() { int x=0; ifdef(A) x++; ifdef(B) x--; } ψFM = A∨B ∀c ∈{{A}, {B}, {A, B}}: ({A} = _| , ✓ {B} = _| , ✓ {A, B} = _| ) ✓ int x = 0; ({A} = 0, ✓ A: ({A} = SSS ✗ {A, B} = 0) ✓ x++; +, ✗ B: ({A} = {B} = 0 , {B} = , ✓ {A, B} = +) ✓ x--; , {B} = -, {A, B} = 0/+ ) Dataflow Analysis for Software Product Lines [ 15 ] May, 2013

A 3 feature sensitive! L A 3 (shared): void m() { int x=0; ifdef(A)

A 3 feature sensitive! L A 3 (shared): void m() { int x=0; ifdef(A) x++; ifdef(B) x--; } ψFM = A∨B: ( [[ψ]] = _| ) int x = 0; can use BDD ( [[ψ]] = 0 ) (A∨B)∧¬A∧¬B ≡ false i. e. , invalid given wrt. the feature model, ψ ! A: ( [[ψ∧¬A]] = B: ( [[ψ∧¬A ∧¬B ]] = SSS , [[ψ∧A∧¬B ]] = representation ! x++; 0 , [[ψ∧A]] = (compact+efficient) +) x--; , [[ψ∧¬A∧B ]] = - , [[ψ∧A∧B ]] = Dataflow Analysis for Software Product Lines [ 16 ] 0/+ ) May, 2013

SPLLIFT A 0: IFDS: {x} ■ Reps ■ Horwitz ■ Sagiv λS. (S –

SPLLIFT A 0: IFDS: {x} ■ Reps ■ Horwitz ■ Sagiv λS. (S – {x}) ∪ {y} fixed-point➔ graph iteration reachability 0 x y LIFT: A 2: SPLLIFT (IFDS ➞ IDE): ( {A} = {x} , {B} = {x} , {A, B} = {x, y} ) true 0 #ifdef (A) A: λS. (S – {x}) ∪ {y} ( {A} = {y} , {B} = {x} , {A, B} = {y} ) SSS true A∧B x y ¬A A ¬A ¬A A 0 x true∧¬A = ¬A [ (A∧B)∧¬A] ∨ [ true∧A] =A [ 17 ] May, 2013 Dataflow Analysis for Software Product Lines y

< Outline > Introduction: Software Product Lines (SPL) Dataflow Analysis (DFA) DFA-4 -SPL: A

< Outline > Introduction: Software Product Lines (SPL) Dataflow Analysis (DFA) DFA-4 -SPL: A 0 (brute force): A 1 (consecutive): A 2 (simultaneous): A 3 (shared simultaneous): (feature in-sensitive) (feature sensitive) SPLLIFT (graph encoding): Evaluation and Results: A 1 vs SPLLIFT SSS Dataflow Analysis for Software Product Lines [ 18 ] May, 2013

Results for SPLLIFT (interprocedural analysis): Reaching Definitions SPL benchmark # valid configs A 1

Results for SPLLIFT (interprocedural analysis): Reaching Definitions SPL benchmark # valid configs A 1 SPLLIFT Possible Types A 1 Uninitialized Variables SPLLIFT A 1 SPLLIFT Lampiro 4 3 m 30 s 42 s 13 s 4 s 3 m 09 s 1 m 25 s MM 08 26 24 m 29 s 59 s 2 m 06 s 3 s 27 m 39 s 2 m 13 s 1, 872 days 8 m 48 s 9 h 03 m 39 s 42 s days 7 m 09 s unknown years 12 m 04 s years 24 s years 10 m 18 s GPL Berkeley DB In fact, analyzing all valid configs is only slightly slower than analyzing one config ! "Statically Analyzing Software Product Lines. . . in Minutes instead of Years" : -) SSS Dataflow Analysis for Software Product Lines [ 19 ] May, 2013

< Obrigado* > *) Thanks SSS Dataflow Analysis for Software Product Lines May, 2013

< Obrigado* > *) Thanks SSS Dataflow Analysis for Software Product Lines May, 2013

BONUS SLIDES SSS Dataflow Analysis for Software Product Lines May, 2013

BONUS SLIDES SSS Dataflow Analysis for Software Product Lines May, 2013

Overview PLDI 2013 IFDS➞IDE (lift) TAOSD 2013 A* (combo) FASTER (intra-procedural) A 3+BDD combo!

Overview PLDI 2013 IFDS➞IDE (lift) TAOSD 2013 A* (combo) FASTER (intra-procedural) A 3+BDD combo! AOSD 2012 (esp. interprocedural) repr! A 3 (shared) sharing! A 2 (simultaneous) caching! A 1 (consecutive) no re-compile! IFDS (graph repr) graph encoding! A 0 (brute force) SSS Dataflow Analysis for Software Product Lines [ 22 ] May, 2013

Errors Logo logo; #ifdef (VIDEO) logo = new Logo(); #endif *** null-pointer exception! in

Errors Logo logo; #ifdef (VIDEO) logo = new Logo(); #endif *** null-pointer exception! in configurations: {Ø, {COLOR}} logo. use(); Logo logo; #ifdef (VIDEO) logo = new Logo(); #endif *** uninitialized variable! in configurations: {Ø, {COLOR}} print(logo); Logo logo; #ifdef (VIDEO) logo = new Logo(); #endif *** unused variable! in configurations: {Ø, {COLOR}} . . . SSS Dataflow Analysis for Software Product Lines [ 23 ] May, 2013

Related Work (DFA) Path-sensitive DFA: “Constant Propagation with Conditional Branches” ( Wegman and Zadeck

Related Work (DFA) Path-sensitive DFA: “Constant Propagation with Conditional Branches” ( Wegman and Zadeck ) TOPLAS 1991 Idea of “conditionally executed statements” Compute different analysis info along different paths (~ A 1, A 2, A 3) to improve precision or to optimize “hot paths” Predicated DFA: “Predicated Array Data-Flow Analysis for Run-time Parallelization” ( Moon, Hall, and Murphy ) ICS 1998 Guard lattice values by propositional logic predicates (~ A 3), yielding “optimistic dataflow values” that are kept distinct during analysis (~ A 2 and A 3) Our work: Automatically lift any DFA to SPLs (with ψFM) ⇒ feature-sensitive analysis for analyzing entire program family SSS Dataflow Analysis for Software Product Lines [ 24 ] May, 2013

Related Work (Lifting for SPLs) Model Checking: Model checks all SPLs at the same

Related Work (Lifting for SPLs) Model Checking: Model checks all SPLs at the same time (3. 5 x faster) than one by one! (similar goal, diff techniques) Model Checking Lots of Systems: Efficient Verification of Temporal Properties in Software Product Lines” ( Classen, Heymans, Schobbens, Legay, and Raskin ) ICSE 2010 Type Checking: Type checking ↔ DFA (similar goal, diff techniques) Our: auto lift any DFA (uninit vars, null pointers, . . . ) “Type-Checking Software Product Lines - A Formal Approach” ( Kastner and Apel ) ASE 2008 “Type Safety for Feature-Oriented Product Lines” ( Apel, Kastner, Grösslinger, and Lengauer ) ASE 2010 Parsing: (similar techniques, diff goal): Split and merging parsing (~A 3) and also uses instrumentation “Variability-Aware Parsing in the Presence of Lexical Macros & C. C. ” ( Kastner, Giarrusso, Rendel, Erdweg, Ostermann, and Berger ) OOPSLA 2011 Select relevant feature combinations for a given test case Testing: Uses (hardwired) DFA (w/o FM) to compute reachability “Reducing Combinatorics in Testing Product Lines” ( Hwan, Kim, Batory, and Khurshid ) SSS Dataflow Analysis for Software Product Lines AOSD 2011 [ 25 ] May, 2013

Emerging Interfaces SSS Dataflow Analysis for Software Product Lines [ 26 ] May, 2013

Emerging Interfaces SSS Dataflow Analysis for Software Product Lines [ 26 ] May, 2013

Emerging Interfaces CBSoft 2011: *** Best Tool Award *** "A Tool for Improving Maintainability

Emerging Interfaces CBSoft 2011: *** Best Tool Award *** "A Tool for Improving Maintainability of Preprocessor-based Product Lines" ( Márcio Ribeiro, Társis Tolêdo, Paulo Borba, Claus Brabrand ) SSS Dataflow Analysis for Software Product Lines [ 27 ] May, 2013

Summary A 1 A 0 A 3 A 2 SSS Analyzing program: void m()

Summary A 1 A 0 A 3 A 2 SSS Analyzing program: void m() { int x=0; ifdef(A) x++; ifdef(B) x--; } ψFM = A∨B Dataflow Analysis for Software Product Lines [ 28 ] May, 2013

Specification: A 0, A 1, A 2, A 3 A 0 A 1 A

Specification: A 0, A 1, A 2, A 3 A 0 A 1 A 2 A 3 SSS Dataflow Analysis for Software Product Lines [ 29 ] May, 2013

Evaluation Five (qualitatively different) SPL benchmarks: SSS Dataflow Analysis for Software Product Lines [

Evaluation Five (qualitatively different) SPL benchmarks: SSS Dataflow Analysis for Software Product Lines [ 30 ] May, 2013

Total Time (incl. compile) In practice: Feature sensitive (A 1, A 2, and A

Total Time (incl. compile) In practice: Feature sensitive (A 1, A 2, and A 3) all faster than A 0 (Reaching Definitions) (no re-compile!) 4 x 7 x 1 x 1 x 3 x SSS Dataflow Analysis for Software Product Lines [ 31 ] May, 2013

Analysis Time (excl. compile) In practice: A 2 faster than A 1 (caching!) (Reaching

Analysis Time (excl. compile) In practice: A 2 faster than A 1 (caching!) (Reaching Definitions) A 3 faster than A 2 (sharing!) SSS Dataflow Analysis for Software Product Lines [ 32 ] May, 2013

Beyond the Sum of all Methods For a method with x # valid configurations,

Beyond the Sum of all Methods For a method with x # valid configurations, which of analyses A 1 vs A 2 vs A 3 is fastest? Statistically significant differences between A 1, A 2, and A 3 for all N, except between A 2 and A 3 for N=4 (underlined above). SSS Dataflow Analysis for Software Product Lines [ 33 ] May, 2013

Combo Analysis Strategy: A* Intraprocedurally combined analysis strategy, A*: A* consistently fastest (combo!) SSS

Combo Analysis Strategy: A* Intraprocedurally combined analysis strategy, A*: A* consistently fastest (combo!) SSS Dataflow Analysis for Software Product Lines [ 34 ] May, 2013

Analysis Time (excl. compile) In theory: In practice: (Reaching Definitions) TIME(A 3) : Depends

Analysis Time (excl. compile) In theory: In practice: (Reaching Definitions) TIME(A 3) : Depends on degree of sharing in SPL ! A 2 faster than A 1 (caching!) A 3 faster than A 2 (sharing!) SSS Dataflow Analysis for Software Product Lines [ 35 ] May, 2013

Memory Usage In theory: In practice: (Reaching Definitions) SSS SPACE(A 3) : Depends on

Memory Usage In theory: In practice: (Reaching Definitions) SSS SPACE(A 3) : Depends on degree of sharing in SPL ! Dataflow Analysis for Software Product Lines [ 36 ] May, 2013

Analysis Time (excl. compile) Nx 1 ≠ 1 x. N ? ! In practice:

Analysis Time (excl. compile) Nx 1 ≠ 1 x. N ? ! In practice: (Reaching Definitions) A 2 faster than A 1 Caching! SSS Dataflow Analysis for Software Product Lines [ 37 ] May, 2013

Caching (A 1 vs A 2) Cache misses (A 1 vs A 2): Cache

Caching (A 1 vs A 2) Cache misses (A 1 vs A 2): Cache enabled: This is the "normal condition" (for reference) Cache disabled*: *) we flush the L 2 cache, by traversing an 8 MB “bogus array” to invalidate cache! As hypothesized, this indeed affects A 1 more than A 2 i. e. , A 2 has better cache properties than A 1 SSS Dataflow Analysis for Software Product Lines [ 38 ] May, 2013

IFDEF normalization Refactor "undisciplined" (lexical) ifdefs into "disciplined" (syntactic) ifdefs: Normalize "ifdef"s (by transformation):

IFDEF normalization Refactor "undisciplined" (lexical) ifdefs into "disciplined" (syntactic) ifdefs: Normalize "ifdef"s (by transformation): SSS Dataflow Analysis for Software Product Lines [ 39 ] May, 2013

Lexical #ifdef Syntactic ifdef Simple transformation: Nested ifdef's also give rise to a conj.

Lexical #ifdef Syntactic ifdef Simple transformation: Nested ifdef's also give rise to a conj. of formulas We do not handle non-syntactic '#ifdef's: Fair assumption (also in CIDE) SSS Dataflow Analysis for Software Product Lines [ 40 ] May, 2013

BDD (Binary Decision Diagram) Compact and efficient representation for boolean functions (aka. , set

BDD (Binary Decision Diagram) Compact and efficient representation for boolean functions (aka. , set of names) F(A, B, C) = A BDD B C = A B C A (B C) C C �� �� minimized BDD B C � � FAST: negation, conjunction, disjunction, equality ! SSS Dataflow Analysis for Software Product Lines [ 41 ] May, 2013

Formula ~ Set of Configurations Definitions (given F, set of feature names): f F

Formula ~ Set of Configurations Definitions (given F, set of feature names): f F feature name c 2 F configuration (set of feature names) X 22 F set of config's (set of feature names) Example ifdefs: SSS [[ B A ]] = { {A}, {B}, {A, B} } [[ A (B C) ]] = { {A, B}, {A, C}, {A, B, C} } Dataflow Analysis for Software Product Lines c F X 2 F F = {A, B} F = {A, B, C} [ 42 ] May, 2013

Feature Model (Example) Air Feature Model: Note: | [[ FM]] | = 3 <

Feature Model (Example) Air Feature Model: Note: | [[ FM]] | = 3 < 32 = |2 F | Engine Feature set: F = {Car, Engine, 1. 0, 1. 4, Air} Air 1. 0 Formula: [[ FM Car Engine (1. 0 1. 4) Air 1. 4 Set of configurations: 1. 4 ]] = { {Car, Engine, 1. 0}, {Car, Engine, 1. 4, Air} } SSS Dataflow Analysis for Software Product Lines [ 43 ] May, 2013

Conditional Compilation The 'ifdef' construction: STM : A 'ifdef' '(' ')' STM Syntactic variant

Conditional Compilation The 'ifdef' construction: STM : A 'ifdef' '(' ')' STM Syntactic variant of lexical #ifdef (A) {. . . } Propositional Logic: : f F | | where f F (finite set of feature names) Example: SSS status. print("you die"); ifdef (Deluxe. Version && Color. Display) { player. redraw(Color. red); Audio. play("crash. wav"); } lives = lives - 1; Dataflow Analysis for Software Product Lines [ 44 ] May, 2013

A 3: Lazy Splitting (using BDDs) CASE 1: "COPY" CASE 2: "APPLY" = =

A 3: Lazy Splitting (using BDDs) CASE 1: "COPY" CASE 2: "APPLY" = = Ø S [ =l , . . . ] SSS Ø [ =l , . . . ] l ' = f. S(l ) : S [ =l ', . . . ] [ =l , . . . ] : CASE 3: "SPLIT" [ =l , . . . ] l ' = f. S(l ) : l ' = f. S(l ) S [ =l, =l' , . . . ] Dataflow Analysis for Software Product Lines [ 45 ] May, 2013

A 0 A 2 SSS A 0, A 1, A 2, and A 3

A 0 A 2 SSS A 0, A 1, A 2, and A 3 Dataflow Analysis for Software Product Lines A 1 [ 46 ] A 3 May, 2013