Dataflow Analysis for Software Product Lines

Dataflow Analysis for Software Product Lines May, 2013SSS

Dataflow Analysis forSoftware Product LinesDFA-4-SPLClaus Brabrand

IT University of CopenhagenUniversidade Federal de Pernambuco

[ [email protected] ]

Márcio RibeiroUniversidade Federal de Alagoas

Universidade Federal de Pernambuco[ [email protected] ]

Paulo BorbaUniversidade Federal de Pernambuco


Társis ToledoUniversidade Federal de Pernambuco


AOSD 2012 and TAOSD 2013

http://images.google.com/imgres?imgurl=http://supportdenmark.com/FlagBig.png&imgrefurl=http://supportdenmark.com/&h=413&w=579&sz=193&hl=en&start=2&um=1&tbnid=6F8YHc3c56TZOM:&tbnh=96&tbnw=134&prev=/images?q=danish+flag&svnum=10&um=1&hl=en&rls=com.microsoft:en-US


Statically AnalyzingSoftware Product Linesin Minutes instead of YearsSPLLIFTEric Bodden

Technische Universität Darmstadt[ [email protected] ]

Társis TolêdoUniversidade Federal de Pernambuco


Márcio RibeiroUniversidade Federal de Alagoas[ [email protected] ]

Mira MeziniTechnische Universität Darmstadt[ [email protected] ]

Claus BrabrandIT University of Copenhagen[ [email protected] ]

Paulo BorbaUniversidade Federal de Pernambuco


PLDI 2013

http://images.google.com/imgres?imgurl=http://supportdenmark.com/FlagBig.png&imgrefurl=http://supportdenmark.com/&h=413&w=579&sz=193&hl=en&start=2&um=1&tbnid=6F8YHc3c56TZOM:&tbnh=96&tbnw=134&prev=/images?q=danish+flag&svnum=10&um=1&hl=en&rls=com.microsoft:en-US

[ 4 ]Dataflow Analysis for Software Product Lines May, 2013SSS

< Outline >Introduction:

Software Product Lines (SPL)Dataflow Analysis (DFA)

DFA-4-SPL:A0 (brute force): (feature in-sensitive)A1 (consecutive): (feature sensitive)A2 (simultaneous): (feature sensitive)A3 (shared simultaneous): (feature sensitive)SPLLIFT (graph encoding):

Evaluation and Results:A1 vs SPLLIFT


Introduction

1x CAR

=

1x CELL PHONE

=

1x APPLICATION

=

CARS CELL PHONES APPLICATIONS

Traditional Software Development:One program = One product

Product Line:A ”family” of products (of N ”similar” products):

customizeSPL:

(Family ofPrograms)


Software Product LineSPLs based on Conditional Compilation:

#ifdef ( )

...

#endif

Logo logo;...

...logo.use();

#ifdef (VIDEO) logo = new Logo();#endif

Exam

ple

(SPL

frag

men

t)

: fF | |


Software Product LineSPL:

Feature Model: (e.g.: ψFM ≡ VIDEO COLOR)

Family ofPrograms:

COLOR

VIDEO

COLORVIDEO

VID

EO

Ø

{ Video }

{ Color, Video }

Configurations:Ø, {Color}, {Video}, {Color,Video}VALID

{ Color }

customize

2F

Set of Features:F = { COLOR, VIDEO }

2F


Software Product LineSPLs based on Conditional Compilation:

#ifdef ( )

...

#endif

Logo logo;...

...logo.use();


Exam

ple

(SPL

frag

men

t) *** null-pointer exception!in configurations: {Ø, {COLOR}}

: fF | |


resultresult

0100101111011010100111110111

0100101111011010100111110111

Analysis of SPLsThe Compilation Process:

...and for Software Product Lines:

0100101111011010100111110111

resultcompile run

ERROR!

generate 0100101111011010100111110111

resultrun

ERROR!

ANALYZE!

ANALYZE!

Feature-sensitive data-flow analysis !

runruncompilecompilecompile

ANALYZE!ANALYZE! ERROR!ERROR!

2F


Dataflow AnalysisDataflow Analysis:

1) Control-flow graph2) Lattice (finite height)3) Transfer functions (monotone)

L

Example:"sign-of-x analysis"


Analyzing a Program1) Program 2) Build CFG 3) Make Equations

4) Solve equations: fixed-point computation (iteration)

5) SOLUTION (least fixed point):

Annotated with program points







A0A0 (brute force):

void m() { int x=0; ifdef(A) x++; ifdef(B) x--;}

c = {A}: c = {B}: c = {A,B}:

int x = 0;

x++;

x--;

int x = 0;

x++;

x--;

int x = 0;

x++;

x--;

0

_|

+

0

_|

-

0

_|

0/+

+

ψFM = A B∨

Lfeature in-sensitive!

N = O(2F) compilations!


int x = 0;

x++;

x--;

A:

B:

int x = 0;

x++;

x--;

A:

B:

int x = 0;

x++;

x--;

A:

B:

A1A1 (consecutive):


c = {A}:

0

_|

+

✗

✓

✓

ψFM = A B∨

L

c = {B}: c = {A,B}:

0

_|

-

0

_|

0/+

+✗

✓ ✓

✓

✓ ✓

+

0

feature sensitive!


x++;

+({A} = , {B} = , {A,B} = )

({A} = , {B} = , {A,B} = )

({A} = , {B} = , {A,B} = )

A2A2 (simultaneous):


∀c ∈ {{A},{B},{A,B}}:

int x = 0;

x--;

0

_|

0

_|

-

0

_|

0/+

+

A:

B:

✓({A} = , {B} = , {A,B} = )✓✓

✓✓

✓✓

✗

✗

ψFM = A B∨

L

0

+

feature sensitive!


x--;

+

x++;

0

( [[ψ ¬A ]] = , [[∧ ψ A ]] = , [[∧ ψ ¬A ]] = , [[∧ ψ A ]] = )∧

( [[ψ ]] = , [[ψ ]] = )

A3A3 (shared):


ψFM = A B:∨

int x = 0;

A:

B:

_|( [[ψ]] = )

0( [[ψ]] = )

(A B) ¬A ¬B ≡ ∨ ∧ ∧ false

can use BDDrepresentation !(compact+efficient)

- 0/+

i.e., invalid given wrt.the feature model, ψ !

ψFM = A B∨

L

0∧¬A ∧A +

∧¬B ∧¬B ∧B ∧B

feature sensitive!


true

[ (A B)∧ ¬A∧ ] ∨ [ true A∧ ]

= A

true A B∧

true ¬A∧ = ¬A

true

SPLLIFTIFDS:A0:

λS . (S – {x}) {y}∪

{x}

{y}

SPLLIFT (IFDS ➞ IDE):A2:( {A} = {x} , {B} = {x} , {A,B} = {x,y} )

0 x y

0 x y

0 x y

0 x y

λS . (S – {x}) {y}∪A:#ifdef (A)

( {A} = {y} , {B} = {x} , {A,B} = {y} )

A ¬A¬A

LIFT:

■ Reps■ Horwitz■ Sagiv

fixed-pointiteration

graphreachability➔

¬A A







ResultsResults for SPLLIFT (interprocedural analysis):

In fact, analyzing all valid configs is only slightly slower than analyzing one config !

"Statically Analyzing Software Product Lines...

in Minutes instead of Years" :-)

Reaching Definitions Possible Types Uninitialized VariablesSPL

benchmark# validconfigs

A1 SPLLIFT A1 SPLLIFT A1 SPLLIFT

Lampiro 4 3m30s 42s 13s 4s 3m09s 1m25s

MM 08 26 24m29s 59s 2m06s 3s 27m39s 2m13s

GPL 1,872 days 8m48s 9h03m39s 42s days 7m09s

Berkeley DB unknown years 12m04s years 24s years 10m18s


< Obrigado* >

*) Thanks


BONUS SLIDES


Overview

A0 (brute force)

A1 (consecutive)

A2 (simultaneous)

A3 (shared)

A* (combo)

IFDS IDE➞ (lift)

FAST

ER

(intra-procedural)

PLDI 2013

IFDS (graph repr)

A3+BDD (esp. interprocedural)

no re-compile!

caching!

sharing!

combo!

graphencoding!

repr!AOSD2012

TAOSD 2013


ErrorsLogo logo;

logo.use();


*** null-pointer exception!in configurations: {Ø, {COLOR}}

Logo logo;

print(logo);


*** uninitialized variable!in configurations: {Ø, {COLOR}}

Logo logo;

...


*** unused variable!in configurations: {Ø, {COLOR}}


Related Work (DFA)Path-sensitive DFA:

Idea of “conditionally executed statements”Compute different analysis info along different paths (~ A1, A2, A3) to improve precision or to optimize “hot paths”

Predicated DFA:

Guard lattice values by propositional logic predicates (~ A3), yielding “optimistic dataflow values” that are kept distinct during analysis (~ A2 and A3)

“Constant Propagation with Conditional Branches”( Wegman and Zadeck ) TOPLAS 1991

“Predicated Array Data-Flow Analysis for Run-time Parallelization”( Moon, Hall, and Murphy ) ICS 1998

Our work: Automatically lift any DFA to SPLs (with ψFM) ⇒feature-sensitive analysis for analyzing entire program family


Related Work (Lifting for SPLs)Model Checking:

Type Checking:

Parsing:

Testing:

Model Checking Lots of Systems: Efficient Verification of Temporal Properties in Software Product Lines”( Classen, Heymans, Schobbens, Legay, and Raskin ) ICSE 2010

Model checks all SPLs at the same time (3.5x faster) than one by one! (similar goal, diff techniques)

Type checking ↔ DFA (similar goal, diff techniques)Our: auto lift any DFA (uninit vars, null pointers, ...)

“Type Safety for Feature-Oriented Product Lines”( Apel, Kastner, Grösslinger, and Lengauer ) ASE 2010

“Type-Checking Software Product Lines - A Formal Approach”( Kastner and Apel ) ASE 2008

“Variability-Aware Parsing in the Presence of Lexical Macros & C.C.”( Kastner, Giarrusso, Rendel, Erdweg, Ostermann, and Berger ) OOPSLA 2011

“Reducing Combinatorics in Testing Product Lines”( Hwan, Kim, Batory, and Khurshid ) AOSD 2011

Select relevant feature combinations for a given test caseUses (hardwired) DFA (w/o FM) to compute reachability

(similar techniques, diff goal):Split and merging parsing (~A3) and also uses instrumentation


Emerging Interfaces


Emerging Interfaces

"A Tool for Improving Maintainability of Preprocessor-based Product Lines"( Márcio Ribeiro, Társis Tolêdo, Paulo Borba, Claus Brabrand )

*** Best Tool Award ***CBSoft 2011:


Summary

A0 A1

A2

A3void m() { int x=0; ifdef(A) x++; ifdef(B) x--;}

Analyzing program:

ψFM = A B∨


Specification: A0, A1, A2, A3

A0

A1

A2

A3


EvaluationFive (qualitatively different) SPL benchmarks:


Total Time (incl. compile)In practice:

4x

(Reaching Definitions)

7x

3x

1x1x

(no re-compile!)

Feature sensitive(A1, A2, and A3)all faster than A0


Analysis Time (excl. compile)In practice: (caching!)(Reaching Definitions)

A2 faster than A1

A3 faster than A2(sharing!)


Beyond the Sum of all MethodsFor a method with x # valid configurations, which of analyses A1 vs A2 vs A3 is fastest?

Statistically significant differences between A1, A2, and A3 for all N,except between A2 and A3 for N=4 (underlined above).


Combo Analysis Strategy: A*Intraprocedurally combinedanalysis strategy, A*:

A* consistently fastest(combo!)


Analysis Time (excl. compile)In theory:

In practice: TIME(A3) : Depends ondegree of sharing in SPL !

(caching!)

(Reaching Definitions) A2 faster than A1

A3 faster than A2(sharing!)


Memory UsageIn theory:

In practice:(Reaching Definitions)SPACE(A3) : Depends ondegree of sharing in SPL !


Analysis Time (excl. compile)

In practice:(Reaching Definitions)

Nx1 ≠ 1xN ?!Caching!A2 faster than A1


Caching (A1 vs A2)Cache misses (A1 vs A2):

Cache enabled:This is the "normal condition" (for reference)

Cache disabled*:As hypothesized, this indeed affects A1 more than A2

i.e., A2 has better cache properties than A1

*) we flush the L2 cache, by traversing an 8MB “bogus array” to invalidate cache!


IFDEF normalizationRefactor "undisciplined" (lexical) ifdefs into "disciplined" (syntactic) ifdefs:

Normalize "ifdef"s (by transformation):


Lexical #ifdef Syntactic ifdefSimple transformation:

We do not handle non-syntactic '#ifdef's:

Fair assumption(also in CIDE)

Nested ifdef's also give rise to a conj.of formulas


BDD (Binary Decision Diagram)Compact and efficient representation forboolean functions (aka., set of set of names)

FAST: negation, conjunction, disjunction, equality !

= F(A,B,C) = A(BC)

A

C

minimized BDD

B

A

BB

C C C C

BDD


Formula ~ Set of ConfigurationsDefinitions (given F, set of feature names):

f F feature namec 2F configuration (set of feature names) c FX 22 set of config's (set of set of feature names) X 2F

Exampleifdefs:

F

[[ BA ]]

[[ A(BC) ]]

F = {A,B}

F = {A,B,C}

= { {A}, {B}, {A,B} }

= { {A,B}, {A,C}, {A,B,C} }


Feature Model (Example)Feature Model:

Feature set:

Formula:

Set of configurations:

FM Car Engine (1.01.4) Air1.4

{ {Car, Engine, 1.0}, {Car, Engine, 1.4}, {Car, Engine, 1.4, Air} }

F = {Car, Engine, 1.0, 1.4, Air}

Note:| [[FM]] | = 3 < 32 = |2F |

[[ ]] =

Engine

1.0

Air

Air

1.4


Conditional CompilationThe 'ifdef' construction:

Syntactic variant of lexical #ifdef

Propositional Logic: where fF (finite set of feature names)

Example:

STM : 'ifdef' '(' ')' STM

: fF | |

status.print("you die");ifdef (DeluxeVersion && ColorDisplay) { player.redraw(Color.red); Audio.play("crash.wav");}lives = lives - 1;

A

ifdef (A) { ...}


CASE 1: "COPY"A3: Lazy Splitting (using BDDs)

CASE 2: "APPLY" CASE 3: "SPLIT"

: S

[ =l , ... ]

[ =l , ... ]

l ' = fS(l )

: S

[ =l , ... ]

[ =l ', ... ]

l ' = fS(l )

: S

[ =l , ... ]

[ =l, =l' ,...]

l ' = fS(l )

= Ø = Ø


A0, A1, A2, and A3A0 A1

A2 A3

Documents

Dataflow Analysis for Software Product Lines