"Analyzing SPLs in Minutes instead of Years" May 24, 2013 Aarhus Uni (DAIMI) Statically Analyzing...

"Analyzing SPLs in Minutes instead of Years" May 24, 2013Aarhus Uni (DAIMI)

Statically AnalyzingSoftware Product Lines

in Minutes instead of YearsSPLLIFT

Eric BoddenTechnische Universität Darmstadt

[ bodden@acm.org ]

Társis TolêdoUniversidade Federal de Pernambuco

[ twt@cin.ufpe.br ]

Márcio RibeiroUniversidade Federal de Alagoas[ mmr3@cin.ufpe.br ]

Mira MeziniTechnische Universität Darmstadt[ mira.mezini@cased.de]

Claus BrabrandIT University of Copenhagen[ brabrand@itu.dk ]

Paulo BorbaUniversidade Federal de Pernambuco

[ phmb@cin.ufpe.br ]

- PLDI 2013 -

IntraproceduralDataflow Analysis for

Software Product LinesDFA-4-SPLClaus Brabrand

IT University of CopenhagenUniversidade Federal de Pernambuco

[ brabrand@itu.dk ]

Márcio RibeiroUniversidade Federal de Alagoas

Universidade Federal de Pernambuco[ mmr3@cin.ufpe.br ]

Társis ToledoUniversidade Federal de Pernambuco

[ twt@cin.ufpe.br ]

- AOSD 2012 -

IntraproceduralDataflow Analysis for

Software Product Lines

- TAOSD 2013 -

Társis TolêdoUniversidade Federal de Pernambuco

[ mmr3@cin.ufpe.br ]

Márcio RibeiroUniversidade Federal de Alagoas[ twt@cin.ufpe.br ]

Claus BrabrandIT University of Copenhagen[ brabrand@itu.dk ]

Johnni WinterAarhus University

[ jw@cs.au.dk ]

[ 5 ]"Analyzing SPLs in Minutes instead of Years" May 24, 2013Aarhus Uni (DAIMI)

< Outline >

Introduction:Dataflow Analysis and Software Product Lines

DFA-4-SPL:A0 (brute force): (feature in-sensitive)

A1 (consecutive): (feature sensitive)

A2 (simultaneous): (feature sensitive)

A3 (shared simultaneous): (feature sensitive)

Evaluation and ResultsSPLLIFT (graph encoding):

Related Work

Conclusion

Introduction

1x CAR

1x CELL PHONE

1x APPLICATION

CARS CELL PHONES APPLICATIONS

Traditional Software Development:One program = One product

Product Line:A ”family” of products (of N ”similar” products):

customize

SPL:(Family ofPrograms)

Software Product Line

SPLs based on Conditional Compilation:

#ifdef ( )

#endif

Logo logo;...

...logo.use();

#ifdef (VIDEO) logo = new Logo();#endif

: fF | |

Feature Model: (e.g.: ψFM ≡ VIDEO COLOR)

Family ofPrograms:

COLORVIDEO

{ Video }

{ Color, Video }

Configurations:Ø, {Color}, {Video}, {Color,Video}VALID

{ Color }

customize

Set of Features:F = { COLOR, VIDEO }

SPLs based on Conditional Compilation:

#ifdef ( )

#endif

Logo logo;...

...logo.use();

ent) *** null-pointer exception!

in configurations: {Ø, {COLOR}}

: fF | |

resultresult

0100101111011010100111110111

Analysis of SPLs

The Compilation Process:

...and for Software Product Lines:

0100101111011010100111110111

resultcompile run

ERROR!

generate 0100101111011010100111110111

result

ERROR!

ANALYZE!

Feature-sensitive data-flow analysis !

runruncompilecompilecompile

ANALYZE!ANALYZE! ERROR!ERROR!

Dataflow Analysis

Dataflow Analysis:1) Control-flow graph

2) Lattice (finite height)

3) Transfer functions (monotone)

Example:"sign-of-x analysis"

Analyzing a Program1) Program 2) Build CFG 3) Make Equations

4) Solve equations: fixed-point computation (iteration)

5) SOLUTION (least fixed point):

Annotated with program points

< Outline >

Related Work

Conclusion

A0 (brute force):void m() { int x=0; ifdef(A) x++; ifdef(B) x--;}

c = {A}: c = {B}: c = {A,B}:

int x = 0;

ψFM = A B∨

Lfeature in-sensitive!

N = O(2F) compilations!

int x = 0;

A1 (consecutive):void m() { int x=0; ifdef(A) x++; ifdef(B) x--;}

c = {A}:

ψFM = A B∨

c = {B}: c = {A,B}:

✓ ✓

feature sensitive!

+({A} = , {B} = , {A,B} = )

({A} = , {B} = , {A,B} = )

A2 (simultaneous):void m() { int x=0; ifdef(A) x++; ifdef(B) x--;}

∀c ∈ {{A},{B},{A,B}}:

int x = 0;

✓({A} = , {B} = , {A,B} = )

✓✓

ψFM = A B∨

feature sensitive!

( [[ψ ¬A ]] = , [[∧ ψ A ]] = , [[∧ ψ ¬A ]] = , [[∧ ψ A ]] = )∧

( [[ψ ]] = , [[ψ ]] = )

A3 (shared):void m() { int x=0; ifdef(A) x++; ifdef(B) x--;}

ψFM = A B:∨

int x = 0;

_|( [[ψ]] = )

0( [[ψ]] = )

(A B) ¬A ¬B ≡ ∨ ∧ ∧ false

can use BDDrepresentation !(compact+efficient)

i.e., invalid given wrt.the feature model, ψ !

ψFM = A B∨

0∧¬A ∧A +

∧¬B ∧¬B ∧B ∧B

feature sensitive!

< Outline >

Related Work

Conclusion

Evaluation

Five (qualitatively different) SPL benchmarks:

Results (intra)

In practice:

(Reaching Definitions)(Total time, incl. compile)

(no re-compile!)

Feature sensitive(A1, A2, and A3)all faster than A0

Overview

A0 (brute force)

A1 (consecutive)

A2 (simultaneous)

A3 (shared)

A* (combo)

FASTER

(intra-procedural)

no re-compile!

caching!

sharing!

combo!

AOSD2012

TAOSD 2013

Beyond the Sum of all Methods

For a method with K valid configurations, which of analyses A1 vs A2 vs A3 is fastest?

Statistically significant differences between A1, A2, and A3 for all N,except between A2 and A3 for N=4 (underlined above).

Combo Analysis Strategy: A*

Intraprocedurally combinedanalysis strategy, A*:

A* consistently fastest(combo!)

Overview (cont'd)

A0 (brute force)

A1 (consecutive)

A2 (simultaneous)

A3 (shared)

A* (combo)

SPLLIFT

FASTER

(intra-procedural)

PLDI 2013

IFDS (graph repr)

A3+BDD (esp. interprocedural)

no re-compile!

caching!

sharing!

combo!

graphencoding!

AOSD2012

TAOSD 2013

[ (A B)∧ ¬A∧ ] ∨ [ true A∧ ]

true A B∧

true ¬A∧ = ¬A

SPLLIFT

IFDS:A0:

λS . (S – {x}) {y}∪

SPLLIFT:A2:

( {A} = {x} , {B} = {x} , {A,B} = {x,y} )

λS . (S – {x}) {y}∪A:

#ifdef (A)

( {A} = {y} , {B} = {x} , {A,B} = {y} )

A ¬A¬A

■ Reps■ Horwitz■ Sagiv

fixed-pointiteration

graphreachability➔

Example SPL

config = {G}(¬F G ¬H)∧ ∧

customize(instantiate)(preprocess)

Software Product Line: Conventional Program:

Exploded Super Graph...for Program:

Lifted Exploded Super Graph...for SPL:

Results (inter)

Results for SPLLIFT (interprocedural analysis):

In fact, analyzing all valid configurations is only slightly slower than analyzing one configuration !

Conclusion:Analyze SPLs in Minutes instead of Years!

Reaching Definitions Possible Types Uninitialized Vars

SPL |F| # validconfigs

A1 SPLLIFT A1 SPLLIFT A1 SPLLIFT

Lampiro 2 4 3m30s 42s 13s 4s 3m09s 1m25s

MM 08 9 26 24m29s 59s 2m06s 3s 27m39s 2m13s

GPL 19 1,872 days 8m48s 9h03m39s 42s days 7m09s

BerkeleyDB 39 unknown

years 12m04s years 24s years 10m18s

< Outline >

Related Work

Conclusion

Related Work (DFA)

Path-sensitive DFA:

Idea of “conditionally executed statements”

Compute different analysis info along different paths (~ A1, A2, A3) to improve precision or to optimize “hot paths”

Predicated DFA:

Guard lattice values by propositional logic predicates (~ A3), yielding “optimistic dataflow values” that are kept distinct during analysis (~ A2 and A3)

“Constant Propagation with Conditional Branches”( Wegman and Zadeck ) TOPLAS 1991

“Predicated Array Data-Flow Analysis for Run-time Parallelization”( Moon, Hall, and Murphy ) ICS 1998

Our work: Automatically lift any DFA to SPLs (with ψFM) ⇒feature-sensitive analysis for analyzing entire program family

Related Work (Lifting for SPLs)

Model Checking:

Type Checking:

Parsing:

Testing:

Model Checking Lots of Systems: Efficient Verification of Temporal Properties in Software Product Lines”( Classen, Heymans, Schobbens, Legay, and Raskin ) ICSE 2010

Model checks all SPLs at the same time (3.5x faster) than one by one! (similar goal, diff techniques)

Type checking ↔ DFA (similar goal, diff techniques)Our: auto lift any DFA (uninit vars, null pointers, ...)

“Type Safety for Feature-Oriented Product Lines”( Apel, Kastner, Grösslinger, and Lengauer ) ASE 2010

“Type-Checking Software Product Lines - A Formal Approach”( Kastner and Apel ) ASE 2008

“Variability-Aware Parsing in the Presence of Lexical Macros & C.C.”( Kastner, Giarrusso, Rendel, Erdweg, Ostermann, and Berger ) OOPSLA 2011

“Reducing Combinatorics in Testing Product Lines”( Hwan, Kim, Batory, and Khurshid ) AOSD 2011

Select relevant feature combinations for a given test caseUses (hardwired) DFA (w/o FM) to compute reachability

(similar techniques, diff goal):Split and merging parsing (~A3) and also uses instrumentation

Emerging Interfaces

"A Tool for Improving Maintainability of Preprocessor-based Product Lines"( Márcio Ribeiro, Társis Tolêdo, Paulo Borba, Claus Brabrand )

*** Best Tool Award ***CBSoft 2011:

< Outline >

A3 (shared simultaneous): (feature sensitive)SPLLIFT (graph encoding):

Evaluation and Results

Related Work

Conclusion

Statically Analyze SPLs in Minutes instead of Years

Scalable!

< Obrigado* >

*) Thanks

BONUS SLIDES

ErrorsLogo logo;

logo.use();

*** null-pointer exception!in configurations: {Ø, {COLOR}}

Logo logo;

print(logo);

*** uninitialized variable!in configurations: {Ø, {COLOR}}

Logo logo;

*** unused variable!in configurations: {Ø, {COLOR}}

Summary

void m() { int x=0; ifdef(A) x++; ifdef(B) x--;}

Analyzing program:

ψFM = A B∨

Specification: A0, A1, A2, A3

Analysis Time (excl. compile)

In practice: (caching!)(Reaching Definitions)

A2 faster than A1

A3 faster than A2(sharing!)

In theory:

In practice: TIME(A3) : Depends ondegree of sharing in SPL !

(caching!)

(Reaching Definitions) A2 faster than A1

A3 faster than A2(sharing!)

Memory Usage

In theory:

In practice:(Reaching Definitions)

SPACE(A3) : Depends ondegree of sharing in SPL !

In practice:(Reaching Definitions)

Nx1 ≠ 1xN ?!

Caching!A2 faster than A1

Caching (A1 vs A2)

Cache misses (A1 vs A2):

Cache enabled:This is the "normal condition" (for reference)

Cache disabled*:As hypothesized, this indeed affects A1 more than A2

i.e., A2 has better cache properties than A1

*) we flush the L2 cache, by traversing an 8MB “bogus array” to invalidate cache!

IFDEF normalization

Refactor "undisciplined" (lexical) ifdefs into "disciplined" (syntactic) ifdefs:

Normalize "ifdef"s (by transformation):

Lexical #ifdef Syntactic ifdef

Simple transformation:

We do not handle non-syntactic '#ifdef's:

Fair assumption(also in CIDE)

Nested ifdef's also give rise to a conj.of formulas

BDD (Binary Decision Diagram)

Compact and efficient representation forboolean functions (aka., set of set of names)

FAST: negation, conjunction, disjunction, equality !

= F(A,B,C) = A(BC)

minimized BDD

C C C C

Formula ~ Set of Configurations

Definitions (given F, set of feature names):f F feature namec 2F configuration (set of feature names) c FX 22 set of config's (set of set of feature names) X 2F

Exampleifdefs:

[[ BA ]]

[[ A(BC) ]]

F = {A,B}

F = {A,B,C}

= { {A}, {B}, {A,B} }

= { {A,B}, {A,C}, {A,B,C} }

Feature Model (Example)

Feature Model:

Feature set:

Formula:

Set of configurations:FM Car Engine (1.01.4) Air1.4

{ {Car, Engine, 1.0}, {Car, Engine, 1.4}, {Car, Engine, 1.4, Air} }

F = {Car, Engine, 1.0, 1.4, Air}

Note:| [[FM]] | = 3 < 32 = |2F |

[[ ]] =

Engine

Conditional Compilation

The 'ifdef' construction:

Syntactic variant of lexical #ifdef

Propositional Logic:

where fF (finite set of feature names)

Example:

STM : 'ifdef' '(' ')' STM

: fF | |

status.print("you die");ifdef (DeluxeVersion && ColorDisplay) { player.redraw(Color.red); Audio.play("crash.wav");}lives = lives - 1;

ifdef (A) { ...

CASE 1: "COPY"

A3: Lazy Splitting (using BDDs)CASE 2: "APPLY" CASE 3: "SPLIT"

[ =l , ... ]

l ' = fS(l )

[ =l , ... ]

[ =l ', ... ]

l ' = fS(l )

[ =l , ... ]

[ =l, =l' ,...]

l ' = fS(l )

= Ø = Ø

A0, A1, A2, and A3A0 A1

IFDS Graph Encoding

IFDS Transfer Functions:"Graph encoding":

SPLLIFT Transfer Functions

"Analyzing SPLs in Minutes instead of Years" May 24, 2013 Aarhus Uni (DAIMI) Statically Analyzing...

Documents

Transcript of "Analyzing SPLs in Minutes instead of Years" May 24, 2013 Aarhus Uni (DAIMI) Statically Analyzing...

Temporal Patterns of Motifs - GitHub Pages · 3.2 Higher order organization Motifs provide rich extensions for analyzing higher order organization of a net-work. Instead of edges,

MiniDraw - Løbner.dkkurser.lobner.dk/dSoftArk/Slides/w48-49/1_30,29,28_minidraw.pdf · ideas we now call design patterns and frameworks. DAIMI Henrik Bærbak Christensen 5 ... compositional

Lesson 4 Part 1: Introduction CCLS Analyzing Key Ideas in a … · entertain or to make a point. ... to find a settlement of small pueblos instead of a golden city. ... Analyzing

Distributed Loading · PDF fileDistributed Loading . What is a Distributed Load? •A load applied across a length or area instead of at one point . Analyzing Distributed Loads

Visit our Website · according to its current valuation instead of analyzing historical data such as credit and company financials. This allows for a quick and easy transaction process

Compiling Java for Low-End Embedded Systems Ulrik P. Schultz ISIS/DAIMI University of Aarhus Kim Burgaard Systematic Software Engineering A/S Flemming.

Editor Kevin˜Daimi Associate Editors Guillermo Francia ...download.e-bookshelf.de/download/0010/1675/13/L-G-0010167513...Arash Habibi Lashkari, University of New Brunswick, Canada

Work in Fitness Instead of… Do… Instead of taking the elevator… Instead of watching sports on TV… Instead of talking on the phone with a friend… Instead.

Module 6: Recursioncytron/cse131/slides/6.pdf · 6.0 Introduction • The material we study here involves no new syntax • Instead, we will be analyzing and writing methods, such

Analyzing Political Cartoons. Analyzing Political Cartoons.

DAIMI(c) Henrik Bærbak Christensen1 Software Architecture Quality Attributes.

Joakim Rydell - DiVA portalliu.diva-portal.org/smash/get/diva2:16792/FULLTEXT01.pdf · measured. Instead, they are obtained by post-processing and analyzing images or image sequences

Cognitive and Social Benefits Among Underrepresented First ... · instead encourages higher-level thinking (sensu Bloom’s taxonomy; Airasian et al., 2001) such as applying, analyzing,

Editors Selim Aissi Hamid R. Arabnia - CS …turgut/Research/Publications/Download/SAM07... · Editors Selim Aissi Hamid R. Arabnia Associate Editors Kevin Daimi Danilo Gligoroski,

Statically Analyzing Software Product Lines in Minutes instead of Years

C LAUS B RABRAND DAIMI SANDBJERG A UG 23, 2006 C LAUS B RABRAND © BRICS / DAIMI 2006 Department of Computer Science University of Aarhus, Denmark D IDACTIC.

Reporting and Analyzing Intercorporate Investments Reporting and Analyzing Intercorporate Investments Reporting and Analyzing Intercorporate Investments.

SPOCK My decisions are completely logical. Patient…Elliot analyzing analyzing analyzing analyzing analyzing analyzing.

DAIMI(c) Henrik Bærbak Christensen1 Integration Testing.

MACRO ECONOMICS - WikispacesMacro+Unit+2... · MACRO ECONOMICS 1 . ... • Instead of analyzing one consumer, ... Unit 2: Macro Measures and International Trade 3 . 1. Promote Economic