Systematic Derivation of Static Analyses for Software Product Lines

VARIETE workshop, ITU Variational Abstract Interpretation Nov 28, 2013

Claus BrabrandIT University of Copenhagen

Jan MidtgaardAarhus Universtity

Andrzej WasowskiIT University of Copenhagen

Systematic Derivation ofStatic Analyses for

Software Product LinesVAR.ABS.INT

[ 4 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU

< Outline >

Introduction

The 'IMP' and 'IMP' Languages

Abstract Interpretation of IMP

Variational Abstract Interpretation of IMP

Related Work

Conclusion


Introduction

Software Product Lines:

Brute force analysis:

x := 0; #ifdef INC x := x + 1; #endif #ifdef NEG x := -x; #endif output x;

x := 0;

output x;

x := 0; x := x + 1;

output x;

x := 0;

x := -x; output x;

x := 0; x := x + 1; x := -x; output x;

x is 0

x is 1

x is -0

x is -1

Ø: {INC}: {NEG}: {INC,NEG}:

generateO(n = 2|F|)

analyze analyze analyze analyze

"generate'n'analyze"

...


Analyses for SPLs

Analyses for SPLs (lifted analysis):

Previous work on:How to lift:

...efficiently:

"Intraprocedural Dataflow Analysis for Software Product Lines" ( Brabrand, Ribeiro, Toledo, Winther, Borba ) TAOSD 2012

"SPLLIFT: Statically Analyzing Software Product Lines in Minutes instead of Years" ( Bodden, Toledo, Ribeiro, Brabrand, Borba, Mezini ) PLDI 2013


{INC}: x is 1Ø & {NEG}: x is 0{INC,NEG}: x is -1

analyze SPL directly!


MotivationSystematic liftingof other static analyses:

Correctness: derivation of correct SPL analyses:

Approximation in theanalyses on variability:

Understanding space offamily-based analyses:


{INC}: x is 1Ø & {NEG}: x is 0{INC,NEG}: x is -1

Systematicderivation

?

x := 0; #ifdef XYZ x := x + 1; #endif #ifdef XYZ x := -x; #endif output x;

Understanding?

Liftedanalysis

Liftedlanguage

analysislanguage

Correctness

of analysis?

Ø: x is 0{XYZ}: x is

⊤

Approximate

variability?

Lifted...■control-flow analysis?■dataflow analysis?■model checking?■type systems?■verification?■testing?■...?


Abstract Interpretation

The Abstract Interpretation Process:

Collecting Semantics: Approximate Analysis: Constant Propagation:

C B A

No approximation(Undecidable)

Some approximation(Undecidable)

More approximation(Decidable!)derive derive


Variational Abstract Interpretation

LIFT

Abstract Interpretation: Abstract Interpretation:

LIFT LIFT LIFTLIFT LIFT

SPL

Variational


Motivation: 'Var.Abs.Int'Systematic lifting ofother kinds of analyses:




Correctnessof

analyses!

Systematic

derivation!

Approximate

variability!Understanding

!



< Outline >

Introduction




Related Work

Conclusion


'IMP'

Syntax:

Semantics (small-step SOS):


'IMP'

Syntax of (two-staged) IMP:

Set of Features:

Configurations:

Satisfiability of '#if' formulae, :

x := 0; #if INC x := x + 1; #endif #if NEG x := -x; #endif output x;

= { INC, NEG }

= { Ø, {INC}, {NEG}, {INC,NEG} }

✔

✘

k = {NEG}


'IMP'

Semantics via preprocessor: x := 0; #if INC x := x + 1; #endif #if NEG x := -x; #endif output x;

x := 0;

x := -x; output x;

{NEG}:

k = {NEG}

P : IMP × ➞ IMP


< Outline >

Introduction




Related Work

Conclusion


Starting Point:SOS Semantics:

CStore Store➞

Like Semantics, but working on sets of stores!Undecidable analysis prepared for subsequent approximation

Collecting Semantics:

2Store 2➞ Store

...ordered by ' '⊆


Galois Connection

Galois Connection:

Pair of functions:abstraction:

concretization:

Satisfying:

relatingtwo domains

viaabstraction!(wrt info lossbtwn them)


Galois Connection

Lots of interesting properties:


Abstraction

From functions on C to functions on A:

Define 'F : A ➞ A' in terms of 'f : C ➞ C'1) concretize

2) apply ' f '

3) abstract

Hence:


GC from C to B...

A specific Galois Connection:

Sets-of-Stores:2Store = 2Var Val➞

AbstractStore:Var 2➞ Val

abstract

output x*y;{ 2 }

output x*y;{ 1, 2,

4 }⊆


From C to B !

B

CCollecting Semantics:

Approximate Analysis:

(2Var Val➞ ) ➞ (2Var Val➞ )

(Var 2➞ Val) (Var 2➞ ➞ Val)

Note: independent of C !


Derivation: C to B

Systematic derivation: from C[if] to B[if] !

NB: This is also proof of correctness:

B = α ◦ C ◦ γ

expand definition of C

β reduction

α is a CJM overapproximation:C and α monotone

function compositionIH: B = α ◦ C ◦

γ



From C to B !

B

CCollecting Semantics:

Approximate Analysis:

(2Var Val➞ ) ➞ (2Var Val➞ )



Note': Still undecidable analysis!


GC from B to A...

Another specific Galois Connection:

abstractb =[ x {1,2}, y {1} ]

a = αBA(b) =[ x , y 1 ]


From B to A !

BApproximate Analysis:


(Var Const) (Var Const)➞ ➞ ➞

AConstant Propagation:

Note: independent of B !


Derivation: B to A

Systematic derivation: from B[if] to A[if] !

NB: Again, this is also proof of correctness:Note: independent of B !

Soundness:

Transitively


From B to A !

BApproximate Analysis:



AConstant Propagation:

Note: independent of B !

Note': decidable analysis!


Extracting Dataflow EquationsConstant propagation analysis:

A

Dataflow Equations:


< Outline >

Introduction




Related Work

Conclusion


Lifting Domains

A domain:

is lifted to:

where


Lifting GC's

Lifting Galois Connections:

Note: Pointwise lifting


Lifting State Xformers

1 Complex Function

Problems:

Interference! (tuples not independent)

Complicate proofs!

|K| Simple Functions

Well-behaved subset of

Independent functions!

Intuition: runanalyses in parallel

✔However, (ab)use this notation !!!

...vs...



Straightforward way of analyzing config, k:

Note: we end up at the bottom of the diagram!



Straightforward way of analyzing config, k:

LIFT: Simply apply to all :


From A to A !Constant Propagation:


A LiftedConstant Propagation:

(Var Const)➞ K (Var Const)➞ ➞ K

A

Note: independent of A !


Derivation: A to A

Systematic derivation: from A[if] to A[if] !

NB: Again, this is also proof of correctness!Note: independent of A !


From A to A !Constant Propagation:


A LiftedConstant Propagation:

(Var Const)➞ K (Var Const)➞ ➞ K

A

Note: independent of A !


Lifted Dataflow EquationsLifted Constant Propagation:

A Lifted Dataflow Equations:

Soundness:


Overview: 'Var.Abs.Int'

Commuting

Diagram !!!


Contributions: 'Var.Abs.Int'Systematic lifting ofother kinds of analyses:




Correctnessof

analyses!

Systematic

derivation!

Approximate


!



< Outline >

Introduction




Related Work

Conclusion


Related Work

Lifting representations:

Lifting dataflow analysis:

Lifting other analyses:(see citations in paper)

"The Choice Calculus: A Representation for Software Variation"( Erwig, Walkingshaw ) TOSEM 2011

"Intraprocedural Dataflow Analysis for Software Product Lines" ( Brabrand, Ribeiro, Toledo, Winther, Borba ) TAOSD 2012

"SPLLIFT: Statically Analyzing Software Product Lines in Minutes instead of Years" ( Bodden, Toledo, Ribeiro, Brabrand, Borba, Mezini ) PLDI 2013

"Variability-Aware Parsing in the Presence of Lexical Macros and Cond. Compilation" ( Kastner, Giarrusso, Rendel, Erdweg, Ostermann, Berger ) OOPSLA 2011

■Type systems■Well-formedness checking■Model checking■Verification■Testing


Related Work (cont'd)

Multi-staged program analysis:

Abstract Interpretation:

"Static Analysis of Multi-Staged Programs via Unstaging Translation"( Choi, Aktemur, Yi, Tatsuta ) SIGPLAN Not., 2011

"Two-Level Functional Languages"( Nielson, Nielson ) Tracts in Theoretical Computer Science, 1992

"The Calculational Design of a Generic Abstract Interpreter"( Cousot ) Calculational System Design, 1999

"Systematic Design of Program Analysis Frameworks"( Cousot, Cousot ) POPL 1979

"Calculating Graph Algorithms for Dominance and Shortest Path"( Sergey, Midtgaard, Clarke ) MPC 2012

"A Structural Soundness Proof for Shivers’s Escape Technique: ..."( Midtgaard, Adams, Might ) SAS 2012


< Outline >

Introduction




Related Work

Conclusion


Conclusion: 'Var.Abs.Int'Systematic lifting ofother kinds of analyses:




Correctnessof

analyses!

Systematic

derivation!

Approximate


!



Learn More...

Read (and cite) our Paper:

Including 35 page Appendix (p. 13 – 47):

Apx A:Prerequisite Mathematics

Apx B:Proof overview

Apx C – P:Proofs

"Systematic Derivation of Static Analyses for Software Product Lines" ( Jan Midtgaard, Claus Brabrand, Andrzej Wasowski ) Submitted for publication


( THANKS )


BONUS SLIDES


The 'Var.Abs.Int' MethodologyBASE (classic abstract interpretation):

1) Develop formal SOS semantics2) Devise collecting semantics3) Compose GC's and derive until "good analysis"

LIFT (from program to program families):4) Extend language with preprocessor5) Apply lifting combinator to get to family level6) Simplify to direct expression for lifted analysis–) Correctness (soundness) follows by construction

Variability abstractions:v1) Decide when to lift to program familiesv2) Apply lifting combinator to get to family levelv3) Devise GC's that abstract configuration space!v4) Simplify to direct expression for lifted analysis ++v–) Correctness (soundness) follows by construction


independent options...

(233) > Earth's Population

[ C

. K

äst

ne

r ]

33

[ 51 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU(2320) > Atoms in Universe

[ C

. K

äst

ne

r ]

independent options...320


[ C

. K

äst

ne

r ]

10 000 configurableoptions...

(210 000): Really BIG Bumber

Date post:	30-Dec-2015
Category:	Documents
Upload:	april-harrison
View:	26 times
Download:	3 times

Systematic Derivation of Static Analyses for Software Product Lines

Documents