Date post: | 17-Jan-2016 |
Category: |
Documents |
Upload: | rodger-douglas |
View: | 212 times |
Download: | 0 times |
VARIETE workshop, ITU Variational Abstract Interpretation Nov 28, 2013
Claus BrabrandIT University of Copenhagen
Jan MidtgaardAarhus Universtity
Andrzej WasowskiIT University of Copenhagen
Systematic Derivation ofStatic Analyses for
Software Product LinesVAR.ABS.INT
[ 4 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
< Outline >
Introduction
The 'IMP' and 'IMP' Languages
Abstract Interpretation of IMP
Variational Abstract Interpretation of IMP
Related Work
Conclusion
[ 5 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
Introduction
Software Product Lines:
Brute force analysis:
x := 0; #ifdef INC x := x + 1; #endif #ifdef NEG x := -x; #endif output x;
x := 0;
output x;
x := 0; x := x + 1;
output x;
x := 0;
x := -x; output x;
x := 0; x := x + 1; x := -x; output x;
x is 0
x is 1
x is -0
x is -1
Ø: {INC}: {NEG}: {INC,NEG}:
generateO(n = 2|F|)
analyze analyze analyze analyze
"generate'n'analyze"
...
[ 6 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
Analyses for SPLs
Analyses for SPLs (lifted analysis):
Previous work on:How to lift:
...efficiently:
"Intraprocedural Dataflow Analysis for Software Product Lines" ( Brabrand, Ribeiro, Toledo, Winther, Borba ) TAOSD 2012
"SPLLIFT: Statically Analyzing Software Product Lines in Minutes instead of Years" ( Bodden, Toledo, Ribeiro, Brabrand, Borba, Mezini ) PLDI 2013
x := 0; #ifdef INC x := x + 1; #endif #ifdef NEG x := -x; #endif output x;
{INC}: x is 1Ø & {NEG}: x is 0{INC,NEG}: x is -1
analyze SPL directly!
[ 7 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
MotivationSystematic liftingof other static analyses:
Correctness: derivation of correct SPL analyses:
Approximation in theanalyses on variability:
Understanding space offamily-based analyses:
x := 0; #ifdef INC x := x + 1; #endif #ifdef NEG x := -x; #endif output x;
{INC}: x is 1Ø & {NEG}: x is 0{INC,NEG}: x is -1
Systematicderivation
?
x := 0; #ifdef XYZ x := x + 1; #endif #ifdef XYZ x := -x; #endif output x;
Understanding?
Liftedanalysis
Liftedlanguage
analysislanguage
Correctness
of analysis?
Ø: x is 0{XYZ}: x is
⊤
Approximate
variability?
Lifted...■control-flow analysis?■dataflow analysis?■model checking?■type systems?■verification?■testing?■...?
[ 8 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
Abstract Interpretation
The Abstract Interpretation Process:
Collecting Semantics: Approximate Analysis: Constant Propagation:
C B A
No approximation(Undecidable)
Some approximation(Undecidable)
More approximation(Decidable!)derive derive
[ 9 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
Variational Abstract Interpretation
LIFT
Abstract Interpretation: Abstract Interpretation:
LIFT LIFT LIFTLIFT LIFT
SPL
Variational
[ 10 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
Motivation: 'Var.Abs.Int'Systematic lifting ofother kinds of analyses:
Correctness: derivation of correct SPL analyses:
Approximation in theanalyses on variability:
Understanding space offamily-based analyses:
Correctnessof
analyses!
Systematic
derivation!
Approximate
variability!Understanding
!
Lifted...■control-flow analysis?■dataflow analysis?■model checking?■type systems?■verification?■testing?■...?
[ 11 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
< Outline >
Introduction
The 'IMP' and 'IMP' Languages
Abstract Interpretation of IMP
Variational Abstract Interpretation of IMP
Related Work
Conclusion
[ 12 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
'IMP'
Syntax:
Semantics (small-step SOS):
[ 13 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
'IMP'
Syntax of (two-staged) IMP:
Set of Features:
Configurations:
Satisfiability of '#if' formulae, :
x := 0; #if INC x := x + 1; #endif #if NEG x := -x; #endif output x;
= { INC, NEG }
= { Ø, {INC}, {NEG}, {INC,NEG} }
✔
✘
k = {NEG}
[ 14 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
'IMP'
Semantics via preprocessor: x := 0; #if INC x := x + 1; #endif #if NEG x := -x; #endif output x;
x := 0;
x := -x; output x;
{NEG}:
k = {NEG}
P : IMP × ➞ IMP
[ 15 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
< Outline >
Introduction
The 'IMP' and 'IMP' Languages
Abstract Interpretation of IMP
Variational Abstract Interpretation of IMP
Related Work
Conclusion
[ 16 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
Starting Point:SOS Semantics:
CStore Store➞
Like Semantics, but working on sets of stores!Undecidable analysis prepared for subsequent approximation
Collecting Semantics:
2Store 2➞ Store
...ordered by ' '⊆
[ 17 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
Galois Connection
Galois Connection:
Pair of functions:abstraction:
concretization:
Satisfying:
relatingtwo domains
viaabstraction!(wrt info lossbtwn them)
[ 18 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
Galois Connection
Lots of interesting properties:
[ 19 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
Abstraction
From functions on C to functions on A:
Define 'F : A ➞ A' in terms of 'f : C ➞ C'1) concretize
2) apply ' f '
3) abstract
Hence:
[ 20 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
GC from C to B...
A specific Galois Connection:
Sets-of-Stores:2Store = 2Var Val➞
AbstractStore:Var 2➞ Val
abstract
output x*y;{ 2 }
output x*y;{ 1, 2,
4 }⊆
[ 21 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
From C to B !
B
CCollecting Semantics:
Approximate Analysis:
(2Var Val➞ ) ➞ (2Var Val➞ )
(Var 2➞ Val) (Var 2➞ ➞ Val)
Note: independent of C !
[ 22 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
Derivation: C to B
Systematic derivation: from C[if] to B[if] !
NB: This is also proof of correctness:
B = α ◦ C ◦ γ
expand definition of C
β reduction
α is a CJM overapproximation:C and α monotone
function compositionIH: B = α ◦ C ◦
γ
Note: independent of C !
[ 23 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
From C to B !
B
CCollecting Semantics:
Approximate Analysis:
(2Var Val➞ ) ➞ (2Var Val➞ )
(Var 2➞ Val) (Var 2➞ ➞ Val)
Note: independent of C !
Note': Still undecidable analysis!
[ 24 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
GC from B to A...
Another specific Galois Connection:
abstractb =[ x {1,2}, y {1} ]
a = αBA(b) =[ x , y 1 ]
[ 25 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
From B to A !
BApproximate Analysis:
(Var 2➞ Val) (Var 2➞ ➞ Val)
(Var Const) (Var Const)➞ ➞ ➞
AConstant Propagation:
Note: independent of B !
[ 26 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
Derivation: B to A
Systematic derivation: from B[if] to A[if] !
NB: Again, this is also proof of correctness:Note: independent of B !
Soundness:
Transitively
[ 27 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
From B to A !
BApproximate Analysis:
(Var 2➞ Val) (Var 2➞ ➞ Val)
(Var Const) (Var Const)➞ ➞ ➞
AConstant Propagation:
Note: independent of B !
Note': decidable analysis!
[ 28 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
Extracting Dataflow EquationsConstant propagation analysis:
A
Dataflow Equations:
[ 29 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
< Outline >
Introduction
The 'IMP' and 'IMP' Languages
Abstract Interpretation of IMP
Variational Abstract Interpretation of IMP
Related Work
Conclusion
[ 30 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
Lifting Domains
A domain:
is lifted to:
where
[ 31 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
Lifting GC's
Lifting Galois Connections:
Note: Pointwise lifting
[ 32 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
Lifting State Xformers
1 Complex Function
Problems:
Interference! (tuples not independent)
Complicate proofs!
|K| Simple Functions
Well-behaved subset of
Independent functions!
Intuition: runanalyses in parallel
✔However, (ab)use this notation !!!
...vs...
[ 33 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
Lifting State Xformers
Straightforward way of analyzing config, k:
Note: we end up at the bottom of the diagram!
[ 34 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
Lifting State Xformers
Straightforward way of analyzing config, k:
LIFT: Simply apply to all :
[ 35 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
From A to A !Constant Propagation:
(Var Const) (Var Const)➞ ➞ ➞
A LiftedConstant Propagation:
(Var Const)➞ K (Var Const)➞ ➞ K
A
Note: independent of A !
[ 36 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
Derivation: A to A
Systematic derivation: from A[if] to A[if] !
NB: Again, this is also proof of correctness!Note: independent of A !
[ 37 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
From A to A !Constant Propagation:
(Var Const) (Var Const)➞ ➞ ➞
A LiftedConstant Propagation:
(Var Const)➞ K (Var Const)➞ ➞ K
A
Note: independent of A !
[ 38 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
Lifted Dataflow EquationsLifted Constant Propagation:
A Lifted Dataflow Equations:
Soundness:
[ 39 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
Overview: 'Var.Abs.Int'
Commuting
Diagram !!!
[ 40 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
Contributions: 'Var.Abs.Int'Systematic lifting ofother kinds of analyses:
Correctness: derivation of correct SPL analyses:
Approximation in theanalyses on variability:
Understanding space offamily-based analyses:
Correctnessof
analyses!
Systematic
derivation!
Approximate
variability!Understanding
!
Lifted...■control-flow analysis?■dataflow analysis?■model checking?■type systems?■verification?■testing?■...?
[ 41 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
< Outline >
Introduction
The 'IMP' and 'IMP' Languages
Abstract Interpretation of IMP
Variational Abstract Interpretation of IMP
Related Work
Conclusion
[ 42 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
Related Work
Lifting representations:
Lifting dataflow analysis:
Lifting other analyses:(see citations in paper)
"The Choice Calculus: A Representation for Software Variation"( Erwig, Walkingshaw ) TOSEM 2011
"Intraprocedural Dataflow Analysis for Software Product Lines" ( Brabrand, Ribeiro, Toledo, Winther, Borba ) TAOSD 2012
"SPLLIFT: Statically Analyzing Software Product Lines in Minutes instead of Years" ( Bodden, Toledo, Ribeiro, Brabrand, Borba, Mezini ) PLDI 2013
"Variability-Aware Parsing in the Presence of Lexical Macros and Cond. Compilation" ( Kastner, Giarrusso, Rendel, Erdweg, Ostermann, Berger ) OOPSLA 2011
■Type systems■Well-formedness checking■Model checking■Verification■Testing
[ 43 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
Related Work (cont'd)
Multi-staged program analysis:
Abstract Interpretation:
"Static Analysis of Multi-Staged Programs via Unstaging Translation"( Choi, Aktemur, Yi, Tatsuta ) SIGPLAN Not., 2011
"Two-Level Functional Languages"( Nielson, Nielson ) Tracts in Theoretical Computer Science, 1992
"The Calculational Design of a Generic Abstract Interpreter"( Cousot ) Calculational System Design, 1999
"Systematic Design of Program Analysis Frameworks"( Cousot, Cousot ) POPL 1979
"Calculating Graph Algorithms for Dominance and Shortest Path"( Sergey, Midtgaard, Clarke ) MPC 2012
"A Structural Soundness Proof for Shivers’s Escape Technique: ..."( Midtgaard, Adams, Might ) SAS 2012
[ 44 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
< Outline >
Introduction
The 'IMP' and 'IMP' Languages
Abstract Interpretation of IMP
Variational Abstract Interpretation of IMP
Related Work
Conclusion
[ 45 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
Conclusion: 'Var.Abs.Int'Systematic lifting ofother kinds of analyses:
Correctness: derivation of correct SPL analyses:
Approximation in theanalyses on variability:
Understanding space offamily-based analyses:
Correctnessof
analyses!
Systematic
derivation!
Approximate
variability!Understanding
!
Lifted...■control-flow analysis?■dataflow analysis?■model checking?■type systems?■verification?■testing?■...?
[ 46 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
Learn More...
Read (and cite) our Paper:
Including 35 page Appendix (p. 13 – 47):
Apx A:Prerequisite Mathematics
Apx B:Proof overview
Apx C – P:Proofs
"Systematic Derivation of Static Analyses for Software Product Lines" ( Jan Midtgaard, Claus Brabrand, Andrzej Wasowski ) Submitted for publication
VARIETE workshop, ITU Variational Abstract Interpretation Nov 28, 2013
( THANKS )
VARIETE workshop, ITU Variational Abstract Interpretation Nov 28, 2013
BONUS SLIDES
[ 49 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
The 'Var.Abs.Int' MethodologyBASE (classic abstract interpretation):
1) Develop formal SOS semantics2) Devise collecting semantics3) Compose GC's and derive until "good analysis"
LIFT (from program to program families):4) Extend language with preprocessor5) Apply lifting combinator to get to family level6) Simplify to direct expression for lifted analysis–) Correctness (soundness) follows by construction
Variability abstractions:v1) Decide when to lift to program familiesv2) Apply lifting combinator to get to family levelv3) Devise GC's that abstract configuration space!v4) Simplify to direct expression for lifted analysis ++v–) Correctness (soundness) follows by construction
[ 50 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
independent options...
(233) > Earth's Population
[ C
. K
äst
ne
r ]
33
[ 51 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU(2320) > Atoms in Universe
[ C
. K
äst
ne
r ]
independent options...320
[ 52 ]Variational Abstract Interpretation Nov 28, 2013VARIETE workshop, ITU
[ C
. K
äst
ne
r ]
10 000 configurableoptions...
(210 000): Really BIG Bumber