Download - Dataflow Analysis for Software Product Lines
Dataflow Analysis for Software Product Lines May, 2013SSS
Dataflow Analysis forSoftware Product LinesDFA-4-SPLClaus Brabrand
IT University of CopenhagenUniversidade Federal de Pernambuco
Márcio RibeiroUniversidade Federal de Alagoas
Universidade Federal de Pernambuco[ [email protected] ]
Paulo BorbaUniversidade Federal de Pernambuco
Társis ToledoUniversidade Federal de Pernambuco
AOSD 2012 and TAOSD 2013
Dataflow Analysis for Software Product Lines May, 2013SSS
Statically AnalyzingSoftware Product Linesin Minutes instead of YearsSPLLIFTEric Bodden
Technische Universität Darmstadt[ [email protected] ]
Társis TolêdoUniversidade Federal de Pernambuco
Márcio RibeiroUniversidade Federal de Alagoas[ [email protected] ]
Mira MeziniTechnische Universität Darmstadt[ [email protected] ]
Claus BrabrandIT University of Copenhagen[ [email protected] ]
Paulo BorbaUniversidade Federal de Pernambuco
PLDI 2013
[ 4 ]Dataflow Analysis for Software Product Lines May, 2013SSS
< Outline >Introduction:
Software Product Lines (SPL)Dataflow Analysis (DFA)
DFA-4-SPL:A0 (brute force): (feature in-sensitive)A1 (consecutive): (feature sensitive)A2 (simultaneous): (feature sensitive)A3 (shared simultaneous): (feature sensitive)SPLLIFT (graph encoding):
Evaluation and Results:A1 vs SPLLIFT
[ 5 ]Dataflow Analysis for Software Product Lines May, 2013SSS
Introduction
1x CAR
=
1x CELL PHONE
=
1x APPLICATION
=
CARS CELL PHONES APPLICATIONS
Traditional Software Development:One program = One product
Product Line:A ”family” of products (of N ”similar” products):
customizeSPL:
(Family ofPrograms)
[ 6 ]Dataflow Analysis for Software Product Lines May, 2013SSS
Software Product LineSPLs based on Conditional Compilation:
#ifdef ( )
...
#endif
Logo logo;...
...logo.use();
#ifdef (VIDEO) logo = new Logo();#endif
Exam
ple
(SPL
frag
men
t)
: fF | |
[ 7 ]Dataflow Analysis for Software Product Lines May, 2013SSS
Software Product LineSPL:
Feature Model: (e.g.: ψFM ≡ VIDEO COLOR)
Family ofPrograms:
COLOR
VIDEO
COLORVIDEO
VID
EO
Ø
{ Video }
{ Color, Video }
Configurations:Ø, {Color}, {Video}, {Color,Video}VALID
{ Color }
customize
2F
Set of Features:F = { COLOR, VIDEO }
2F
[ 8 ]Dataflow Analysis for Software Product Lines May, 2013SSS
Software Product LineSPLs based on Conditional Compilation:
#ifdef ( )
...
#endif
Logo logo;...
...logo.use();
#ifdef (VIDEO) logo = new Logo();#endif
Exam
ple
(SPL
frag
men
t) *** null-pointer exception!in configurations: {Ø, {COLOR}}
: fF | |
[ 9 ]Dataflow Analysis for Software Product Lines May, 2013SSS
resultresult
0100101111011010100111110111
0100101111011010100111110111
Analysis of SPLsThe Compilation Process:
...and for Software Product Lines:
0100101111011010100111110111
resultcompile run
ERROR!
generate 0100101111011010100111110111
resultrun
ERROR!
ANALYZE!
ANALYZE!
Feature-sensitive data-flow analysis !
runruncompilecompilecompile
ANALYZE!ANALYZE! ERROR!ERROR!
2F
[ 10 ]Dataflow Analysis for Software Product Lines May, 2013SSS
Dataflow AnalysisDataflow Analysis:
1) Control-flow graph2) Lattice (finite height)3) Transfer functions (monotone)
L
Example:"sign-of-x analysis"
[ 11 ]Dataflow Analysis for Software Product Lines May, 2013SSS
Analyzing a Program1) Program 2) Build CFG 3) Make Equations
4) Solve equations: fixed-point computation (iteration)
5) SOLUTION (least fixed point):
Annotated with program points
[ 12 ]Dataflow Analysis for Software Product Lines May, 2013SSS
< Outline >Introduction:
Software Product Lines (SPL)Dataflow Analysis (DFA)
DFA-4-SPL:A0 (brute force): (feature in-sensitive)A1 (consecutive): (feature sensitive)A2 (simultaneous): (feature sensitive)A3 (shared simultaneous): (feature sensitive)SPLLIFT (graph encoding):
Evaluation and Results:A1 vs SPLLIFT
[ 13 ]Dataflow Analysis for Software Product Lines May, 2013SSS
A0A0 (brute force):
void m() { int x=0; ifdef(A) x++; ifdef(B) x--;}
c = {A}: c = {B}: c = {A,B}:
int x = 0;
x++;
x--;
int x = 0;
x++;
x--;
int x = 0;
x++;
x--;
0
_|
+
0
_|
-
0
_|
0/+
+
ψFM = A B∨
Lfeature in-sensitive!
N = O(2F) compilations!
[ 14 ]Dataflow Analysis for Software Product Lines May, 2013SSS
int x = 0;
x++;
x--;
A:
B:
int x = 0;
x++;
x--;
A:
B:
int x = 0;
x++;
x--;
A:
B:
A1A1 (consecutive):
void m() { int x=0; ifdef(A) x++; ifdef(B) x--;}
c = {A}:
0
_|
+
✗
✓
✓
ψFM = A B∨
L
c = {B}: c = {A,B}:
0
_|
-
0
_|
0/+
+✗
✓ ✓
✓
✓ ✓
+
0
feature sensitive!
[ 15 ]Dataflow Analysis for Software Product Lines May, 2013SSS
x++;
+({A} = , {B} = , {A,B} = )
({A} = , {B} = , {A,B} = )
({A} = , {B} = , {A,B} = )
A2A2 (simultaneous):
void m() { int x=0; ifdef(A) x++; ifdef(B) x--;}
∀c ∈ {{A},{B},{A,B}}:
int x = 0;
x--;
0
_|
0
_|
-
0
_|
0/+
+
A:
B:
✓({A} = , {B} = , {A,B} = )✓✓
✓✓
✓✓
✗
✗
ψFM = A B∨
L
0
+
feature sensitive!
[ 16 ]Dataflow Analysis for Software Product Lines May, 2013SSS
x--;
+
x++;
0
( [[ψ ¬A ]] = , [[∧ ψ A ]] = , [[∧ ψ ¬A ]] = , [[∧ ψ A ]] = )∧
( [[ψ ]] = , [[ψ ]] = )
A3A3 (shared):
void m() { int x=0; ifdef(A) x++; ifdef(B) x--;}
ψFM = A B:∨
int x = 0;
A:
B:
_|( [[ψ]] = )
0( [[ψ]] = )
(A B) ¬A ¬B ≡ ∨ ∧ ∧ false
can use BDDrepresentation !(compact+efficient)
- 0/+
i.e., invalid given wrt.the feature model, ψ !
ψFM = A B∨
L
0∧¬A ∧A +
∧¬B ∧¬B ∧B ∧B
feature sensitive!
[ 17 ]Dataflow Analysis for Software Product Lines May, 2013SSS
true
[ (A B)∧ ¬A∧ ] ∨ [ true A∧ ]
= A
true A B∧
true ¬A∧ = ¬A
true
SPLLIFTIFDS:A0:
λS . (S – {x}) {y}∪
{x}
{y}
SPLLIFT (IFDS ➞ IDE):A2:( {A} = {x} , {B} = {x} , {A,B} = {x,y} )
0 x y
0 x y
0 x y
0 x y
λS . (S – {x}) {y}∪A:#ifdef (A)
( {A} = {y} , {B} = {x} , {A,B} = {y} )
A ¬A¬A
LIFT:
■ Reps■ Horwitz■ Sagiv
fixed-pointiteration
graphreachability➔
¬A A
[ 18 ]Dataflow Analysis for Software Product Lines May, 2013SSS
< Outline >Introduction:
Software Product Lines (SPL)Dataflow Analysis (DFA)
DFA-4-SPL:A0 (brute force): (feature in-sensitive)A1 (consecutive): (feature sensitive)A2 (simultaneous): (feature sensitive)A3 (shared simultaneous): (feature sensitive)SPLLIFT (graph encoding):
Evaluation and Results:A1 vs SPLLIFT
[ 19 ]Dataflow Analysis for Software Product Lines May, 2013SSS
ResultsResults for SPLLIFT (interprocedural analysis):
In fact, analyzing all valid configs is only slightly slower than analyzing one config !
"Statically Analyzing Software Product Lines...
in Minutes instead of Years" :-)
Reaching Definitions Possible Types Uninitialized VariablesSPL
benchmark# validconfigs
A1 SPLLIFT A1 SPLLIFT A1 SPLLIFT
Lampiro 4 3m30s 42s 13s 4s 3m09s 1m25s
MM 08 26 24m29s 59s 2m06s 3s 27m39s 2m13s
GPL 1,872 days 8m48s 9h03m39s 42s days 7m09s
Berkeley DB unknown years 12m04s years 24s years 10m18s
Dataflow Analysis for Software Product Lines May, 2013SSS
< Obrigado* >
*) Thanks
Dataflow Analysis for Software Product Lines May, 2013SSS
BONUS SLIDES
[ 22 ]Dataflow Analysis for Software Product Lines May, 2013SSS
Overview
A0 (brute force)
A1 (consecutive)
A2 (simultaneous)
A3 (shared)
A* (combo)
IFDS IDE➞ (lift)
FAST
ER
(intra-procedural)
PLDI 2013
IFDS (graph repr)
A3+BDD (esp. inter- procedural)
no re-compile!
caching!
sharing!
combo!
graphencoding!
repr!AOSD2012
TAOSD 2013
[ 23 ]Dataflow Analysis for Software Product Lines May, 2013SSS
ErrorsLogo logo;
logo.use();
#ifdef (VIDEO) logo = new Logo();#endif
*** null-pointer exception!in configurations: {Ø, {COLOR}}
Logo logo;
print(logo);
#ifdef (VIDEO) logo = new Logo();#endif
*** uninitialized variable!in configurations: {Ø, {COLOR}}
Logo logo;
...
#ifdef (VIDEO) logo = new Logo();#endif
*** unused variable!in configurations: {Ø, {COLOR}}
[ 24 ]Dataflow Analysis for Software Product Lines May, 2013SSS
Related Work (DFA)Path-sensitive DFA:
Idea of “conditionally executed statements”Compute different analysis info along different paths (~ A1, A2, A3) to improve precision or to optimize “hot paths”
Predicated DFA:
Guard lattice values by propositional logic predicates (~ A3), yielding “optimistic dataflow values” that are kept distinct during analysis (~ A2 and A3)
“Constant Propagation with Conditional Branches”( Wegman and Zadeck ) TOPLAS 1991
“Predicated Array Data-Flow Analysis for Run-time Parallelization”( Moon, Hall, and Murphy ) ICS 1998
Our work: Automatically lift any DFA to SPLs (with ψFM) ⇒feature-sensitive analysis for analyzing entire program family
[ 25 ]Dataflow Analysis for Software Product Lines May, 2013SSS
Related Work (Lifting for SPLs)Model Checking:
Type Checking:
Parsing:
Testing:
Model Checking Lots of Systems: Efficient Verification of Temporal Properties in Software Product Lines”( Classen, Heymans, Schobbens, Legay, and Raskin ) ICSE 2010
Model checks all SPLs at the same time (3.5x faster) than one by one! (similar goal, diff techniques)
Type checking ↔ DFA (similar goal, diff techniques)Our: auto lift any DFA (uninit vars, null pointers, ...)
“Type Safety for Feature-Oriented Product Lines”( Apel, Kastner, Grösslinger, and Lengauer ) ASE 2010
“Type-Checking Software Product Lines - A Formal Approach”( Kastner and Apel ) ASE 2008
“Variability-Aware Parsing in the Presence of Lexical Macros & C.C.”( Kastner, Giarrusso, Rendel, Erdweg, Ostermann, and Berger ) OOPSLA 2011
“Reducing Combinatorics in Testing Product Lines”( Hwan, Kim, Batory, and Khurshid ) AOSD 2011
Select relevant feature combinations for a given test caseUses (hardwired) DFA (w/o FM) to compute reachability
(similar techniques, diff goal):Split and merging parsing (~A3) and also uses instrumentation
[ 26 ]Dataflow Analysis for Software Product Lines May, 2013SSS
Emerging Interfaces
[ 27 ]Dataflow Analysis for Software Product Lines May, 2013SSS
Emerging Interfaces
"A Tool for Improving Maintainability of Preprocessor-based Product Lines"( Márcio Ribeiro, Társis Tolêdo, Paulo Borba, Claus Brabrand )
*** Best Tool Award ***CBSoft 2011:
[ 28 ]Dataflow Analysis for Software Product Lines May, 2013SSS
Summary
A0 A1
A2
A3void m() { int x=0; ifdef(A) x++; ifdef(B) x--;}
Analyzing program:
ψFM = A B∨
[ 29 ]Dataflow Analysis for Software Product Lines May, 2013SSS
Specification: A0, A1, A2, A3
A0
A1
A2
A3
[ 30 ]Dataflow Analysis for Software Product Lines May, 2013SSS
EvaluationFive (qualitatively different) SPL benchmarks:
[ 31 ]Dataflow Analysis for Software Product Lines May, 2013SSS
Total Time (incl. compile)In practice:
4x
(Reaching Definitions)
7x
3x
1x1x
(no re-compile!)
Feature sensitive(A1, A2, and A3)all faster than A0
[ 32 ]Dataflow Analysis for Software Product Lines May, 2013SSS
Analysis Time (excl. compile)In practice: (caching!)(Reaching Definitions)
A2 faster than A1
A3 faster than A2(sharing!)
[ 33 ]Dataflow Analysis for Software Product Lines May, 2013SSS
Beyond the Sum of all MethodsFor a method with x # valid configurations, which of analyses A1 vs A2 vs A3 is fastest?
Statistically significant differences between A1, A2, and A3 for all N,except between A2 and A3 for N=4 (underlined above).
[ 34 ]Dataflow Analysis for Software Product Lines May, 2013SSS
Combo Analysis Strategy: A*Intraprocedurally combinedanalysis strategy, A*:
A* consistently fastest(combo!)
[ 35 ]Dataflow Analysis for Software Product Lines May, 2013SSS
Analysis Time (excl. compile)In theory:
In practice: TIME(A3) : Depends ondegree of sharing in SPL !
(caching!)
(Reaching Definitions) A2 faster than A1
A3 faster than A2(sharing!)
[ 36 ]Dataflow Analysis for Software Product Lines May, 2013SSS
Memory UsageIn theory:
In practice:(Reaching Definitions)SPACE(A3) : Depends ondegree of sharing in SPL !
[ 37 ]Dataflow Analysis for Software Product Lines May, 2013SSS
Analysis Time (excl. compile)
In practice:(Reaching Definitions)
Nx1 ≠ 1xN ?!Caching!A2 faster than A1
[ 38 ]Dataflow Analysis for Software Product Lines May, 2013SSS
Caching (A1 vs A2)Cache misses (A1 vs A2):
Cache enabled:This is the "normal condition" (for reference)
Cache disabled*:As hypothesized, this indeed affects A1 more than A2
i.e., A2 has better cache properties than A1
*) we flush the L2 cache, by traversing an 8MB “bogus array” to invalidate cache!
[ 39 ]Dataflow Analysis for Software Product Lines May, 2013SSS
IFDEF normalizationRefactor "undisciplined" (lexical) ifdefs into "disciplined" (syntactic) ifdefs:
Normalize "ifdef"s (by transformation):
[ 40 ]Dataflow Analysis for Software Product Lines May, 2013SSS
Lexical #ifdef Syntactic ifdefSimple transformation:
We do not handle non-syntactic '#ifdef's:
Fair assumption(also in CIDE)
Nested ifdef's also give rise to a conj.of formulas
[ 41 ]Dataflow Analysis for Software Product Lines May, 2013SSS
BDD (Binary Decision Diagram)Compact and efficient representation forboolean functions (aka., set of set of names)
FAST: negation, conjunction, disjunction, equality !
= F(A,B,C) = A(BC)
A
C
minimized BDD
B
A
BB
C C C C
BDD
[ 42 ]Dataflow Analysis for Software Product Lines May, 2013SSS
Formula ~ Set of ConfigurationsDefinitions (given F, set of feature names):
f F feature namec 2F configuration (set of feature names) c FX 22 set of config's (set of set of feature names) X 2F
Exampleifdefs:
F
[[ BA ]]
[[ A(BC) ]]
F = {A,B}
F = {A,B,C}
= { {A}, {B}, {A,B} }
= { {A,B}, {A,C}, {A,B,C} }
[ 43 ]Dataflow Analysis for Software Product Lines May, 2013SSS
Feature Model (Example)Feature Model:
Feature set:
Formula:
Set of configurations:
FM Car Engine (1.01.4) Air1.4
{ {Car, Engine, 1.0}, {Car, Engine, 1.4}, {Car, Engine, 1.4, Air} }
F = {Car, Engine, 1.0, 1.4, Air}
Note:| [[FM]] | = 3 < 32 = |2F |
[[ ]] =
Engine
1.0
Air
Air
1.4
[ 44 ]Dataflow Analysis for Software Product Lines May, 2013SSS
Conditional CompilationThe 'ifdef' construction:
Syntactic variant of lexical #ifdef
Propositional Logic: where fF (finite set of feature names)
Example:
STM : 'ifdef' '(' ')' STM
: fF | |
status.print("you die");ifdef (DeluxeVersion && ColorDisplay) { player.redraw(Color.red); Audio.play("crash.wav");}lives = lives - 1;
A
ifdef (A) { ...}
[ 45 ]Dataflow Analysis for Software Product Lines May, 2013SSS
CASE 1: "COPY"A3: Lazy Splitting (using BDDs)
CASE 2: "APPLY" CASE 3: "SPLIT"
: S
[ =l , ... ]
[ =l , ... ]
l ' = fS(l )
: S
[ =l , ... ]
[ =l ', ... ]
l ' = fS(l )
: S
[ =l , ... ]
[ =l, =l' ,...]
l ' = fS(l )
= Ø = Ø
[ 46 ]Dataflow Analysis for Software Product Lines May, 2013SSS
A0, A1, A2, and A3A0 A1
A2 A3