500 likes | 635 Views
V AR . A BS . I NT. Systematic Derivation of Static Analyses for Software Product Lines. Jan Midtgaard Aarhus Universtity. Claus Brabrand IT University of Copenhagen. Andrzej Wasowski IT University of Copenhagen. < Outline >. Introduction The ' IMP ' and ' IMP ' Language s
E N D
VAR.ABS.INT Systematic Derivation ofStatic Analyses forSoftware Product Lines Jan Midtgaard Aarhus Universtity • Claus Brabrand • IT University of Copenhagen • AndrzejWasowski • IT University of Copenhagen
< Outline > • Introduction • The 'IMP' and 'IMP' Languages • Abstract Interpretation of IMP • VariationalAbstract Interpretation of IMP • Related Work • Conclusion
Introduction x := 0; #ifdef INC x := x + 1; #endif #ifdef NEG x := -x; #endif output x; • Software Product Lines: • Brute force analysis: ... generate O(n = 2|F|) "generate'n'analyze" Ø: {INC}: {NEG}: {INC,NEG}: x := 0; output x; x := 0; x := x + 1; output x; x := 0; x := -x; output x; x := 0; x := x + 1; x := -x; output x; analyze analyze analyze analyze x is 0 x is 1 x is -0 x is -1
Analyses for SPLs • Analyses for SPLs (lifted analysis): • Previous work on: • How to lift: • ...efficiently: x := 0; #ifdef INC x := x + 1; #endif #ifdef NEG x := -x; #endif output x; analyze SPL directly! {INC}: x is 1 • Ø&{NEG}: x is 0 {INC,NEG}: x is -1 "IntraproceduralDataflow Analysis for Software Product Lines" ( Brabrand, Ribeiro, Toledo, Winther, Borba ) TAOSD 2012 "SPLLIFT: Statically Analyzing Software Product Lines in Minutes instead of Years" ( Bodden, Toledo, Ribeiro, Brabrand, Borba, Mezini) PLDI 2013
Motivation Systematic liftingof other static analyses: Correctness: derivation of correct SPL analyses: • Lifted... • control-flow analysis? • dataflow analysis? • model checking? • type systems? • verification? • testing? • ...? x := 0; #ifdefINC x := x + 1; #endif #ifdefNEG x := -x; #endif output x; Correctness of analysis? Systematic derivation? {INC}: x is 1 • Ø&{NEG}: x is 0 {INC,NEG}: x is -1 Approximation in the analyses on variability: Understanding space of family-based analyses: x := 0; #ifdefXYZ x := x + 1; #endif #ifdef XYZ x := -x; #endif output x; Lifted analysis Lifted language Approximate variability? Understanding? • Ø: x is 0 {XYZ}: x is ⊤ analysis language
Abstract Interpretation • The Abstract Interpretation Process: Approximate Analysis: Collecting Semantics: Constant Propagation: C A B No approximation (Undecidable) • Some approximation • (Undecidable) • More approximation • (Decidable!) derive derive
VariationalAbstract Interpretation • Abstract Interpretation: Abstract Interpretation: Variational SPL LIFT LIFT LIFT LIFT LIFT LIFT
Motivation: 'Var.Abs.Int' Systematic lifting ofother kinds of analyses: Correctness: derivation of correct SPL analyses: • Lifted... • control-flow analysis? • dataflow analysis? • model checking? • type systems? • verification? • testing? • ...? Systematic derivation! Correctness of analyses! Approximation in the analyses on variability: Understanding space of family-based analyses: Approximate variability! Understanding!
< Outline > • Introduction • The 'IMP' and 'IMP' Languages • Abstract Interpretation of IMP • VariationalAbstract Interpretation of IMP • Related Work • Conclusion
'IMP' • Syntax: • Semantics (small-step SOS):
'IMP' • Syntax of (two-staged) IMP: • Set of Features: • Configurations: • Satisfiability of '#if' formulae, : x := 0; #if INC x := x + 1; #endif #if NEG x := -x; #endif output x; ✘ ✔ = { INC, NEG } k = {NEG} = { Ø, {INC}, {NEG}, {INC,NEG} }
'IMP' • Semantics via preprocessor: x := 0; #if INC x := x + 1; #endif #if NEG x := -x; #endif output x; k = {NEG} • P : IMP × ➞ IMP {NEG}: x := 0; x := -x; output x;
< Outline > • Introduction • The 'IMP' and 'IMP' Languages • Abstract Interpretation of IMP • VariationalAbstract Interpretation of IMP • Related Work • Conclusion
Starting Point: • SOS Semantics: Collecting Semantics: C ...ordered by '⊆' Store ➞ Store 2Store ➞ 2Store • Like Semantics, but working on sets of stores! • Undecidable analysis prepared for subsequent approximation
Galois Connection • Galois Connection: • Pair of functions: • abstraction: • concretization: • Satisfying: relating two domains via abstraction! (wrt info loss btwn them)
Galois Connection • Lots of interesting properties:
Abstraction • From functions on Cto functions on A: • Define 'F : A➞A' in terms of 'f : C➞C' • 1) concretize • 2) apply 'f' • 3) abstract Hence:
GC from C to B... • A specific Galois Connection: Sets-of-Stores: 2Store = 2Var➞Val AbstractStore: Var ➞ 2Val abstract output x*y; output x*y; ⊆ { 2 } { 1, 2, 4 }
From C to B! • Collecting Semantics: C Approximate Analysis: B (2Var➞Val) ➞(2Var➞Val) (Var ➞ 2Val)➞ (Var ➞ 2Val) Note: independent of C !
Derivation: C to B • Systematic derivation: from C[if] to B[if] ! • NB: This is also proof of correctness: B = α◦C◦γ βreduction • expand definition of C αis a CJM overapproximation: C and α monotone function composition Note: independent of C ! IH: B= α◦C◦γ
From C to B! • Collecting Semantics: C Approximate Analysis: B (2Var➞Val) ➞(2Var➞Val) (Var ➞ 2Val)➞ (Var ➞ 2Val) Note: independent of C ! Note': Still undecidableanalysis!
GC from B to A... • Another specific Galois Connection: b = [ x {1,2}, y {1} ] a = αBA(b) = [ x , y 1 ] abstract
From B to A ! Approximate Analysis: B Constant Propagation: A (Var ➞ 2Val)➞ (Var ➞ 2Val) (Var ➞ Const) ➞ (Var ➞ Const) Note: independent of B !
Derivation: B to A Soundness: Transitively • Systematic derivation: from B[if] to A[if]! • NB: Again, this is also proof of correctness: Note: independent of B !
From B to A ! Approximate Analysis: B Constant Propagation: A (Var ➞ 2Val)➞ (Var ➞ 2Val) (Var ➞ Const) ➞ (Var ➞ Const) Note: independent of B ! Note': decidableanalysis!
Extracting Dataflow Equations • Constant propagation analysis: A Dataflow Equations:
< Outline > • Introduction • The 'IMP' and 'IMP' Languages • Abstract Interpretation of IMP • VariationalAbstract Interpretation of IMP • Related Work • Conclusion
Lifting Domains • A domain: • is lifted to: • where
Lifting GC's • Lifting Galois Connections: Note: Pointwise lifting
Lifting State Xformers • 1 Complex Function Problems: • Interference! (tuples not independent) • Complicate proofs! • |K| Simple Functions • Well-behaved subset of • Independent functions! • Intuition: runanalyses in parallel ...vs... ✔ However, (ab)use this notation !!!
Lifting State Xformers • Straightforward way of analyzing config, k: Note: we end up at the bottom of the diagram!
Lifting State Xformers • Straightforward way of analyzing config, k: • LIFT: Simply apply to all :
From A to A ! Constant Propagation: A LiftedConstant Propagation: A (Var ➞ Const) ➞ (Var ➞ Const) (Var ➞ Const)K ➞ (Var ➞ Const)K Note: independent of A !
Derivation: A to A • Systematic derivation: from A[if] to A[if] ! • NB: Again, this is also proof of correctness! Note: independent of A !
From A to A ! Constant Propagation: A LiftedConstant Propagation: A (Var ➞ Const) ➞ (Var ➞ Const) (Var ➞ Const)K ➞ (Var ➞ Const)K Note: independent of A !
Lifted Dataflow Equations Lifted Constant Propagation: A Lifted Dataflow Equations: Soundness:
Overview: 'Var.Abs.Int' Commuting Diagram !!!
Contributions: 'Var.Abs.Int' Systematic lifting ofother kinds of analyses: Correctness: derivation of correct SPL analyses: • Lifted... • control-flow analysis? • dataflow analysis? • model checking? • type systems? • verification? • testing? • ...? Systematic derivation! Correctness of analyses! Approximation in the analyses on variability: Understanding space of family-based analyses: Approximate variability! Understanding!
< Outline > • Introduction • The 'IMP' and 'IMP' Languages • Abstract Interpretation of IMP • VariationalAbstract Interpretation of IMP • Related Work • Conclusion
Related Work • Lifting representations: • Lifting dataflow analysis: • Lifting other analyses:(see citations in paper) "The Choice Calculus: A Representation for Software Variation" ( Erwig, Walkingshaw ) TOSEM 2011 "Variability-Aware Parsing in the Presence of Lexical Macros and Cond. Compilation" ( Kästner, Giarrusso, Rendel, Erdweg, Ostermann, Berger ) OOPSLA 2011 "IntraproceduralDataflow Analysis for Software Product Lines" ( Brabrand, Ribeiro, Toledo, Winther, Borba ) TAOSD 2012 "SPLLIFT: Statically Analyzing Software Product Lines in Minutes instead of Years" ( Bodden, Toledo, Ribeiro, Brabrand, Borba, Mezini) PLDI 2013 • Type systems • Well-formedness checking • Model checking • Verification • Testing
Related Work (cont'd) • Multi-staged program analysis: • Abstract Interpretation: "Two-Level Functional Languages" ( Nielson, Nielson )Tracts in Theoretical Computer Science, 1992 "Static Analysis of Multi-Staged Programs via UnstagingTranslation" ( Choi, Aktemur, Yi, Tatsuta ) SIGPLAN Not., 2011 "Systematic Design of Program Analysis Frameworks" ( Cousot, Cousot ) POPL 1979 "The Calculational Design of a Generic Abstract Interpreter" ( Cousot )CalculationalSystem Design, 1999 "Calculating Graph Algorithms for Dominance and Shortest Path" ( Sergey, Midtgaard, Clarke ) MPC 2012 "A Structural Soundness Proof for Shivers’sEscape Technique: ..." ( Midtgaard, Adams, Might ) SAS 2012
< Outline > • Introduction • The 'IMP' and 'IMP' Languages • Abstract Interpretation of IMP • VariationalAbstract Interpretation of IMP • Related Work • Conclusion
Conclusion: 'Var.Abs.Int' Systematic lifting ofother kinds of analyses: Correctness: derivation of correct SPL analyses: • Lifted... • control-flow analysis? • dataflow analysis? • model checking? • type systems? • verification? • testing? • ...? Systematic derivation! Correctness of analyses! Approximation in the analyses on variability: Understanding space of family-based analyses: Approximate variability! Understanding!
Learn More... • Read (and cite) our Paper: • Including 35 page Appendix (p. 13 – 47): "Systematic Derivation of Static Analyses for Software Product Lines" ( Jan Midtgaard, Claus Brabrand, AndrzejWasowski ) Submitted for publication • Apx A: • Prerequisite Mathematics • Apx B: • Proof overview • Apx C – P: • Proofs
The 'Var.Abs.Int' Methodology BASE(classic abstract interpretation): • 1) Develop formal SOS semantics • 2) Devise collecting semantics • 3) Compose GC's and derive until "good analysis" LIFT(from program to program families): • 4) Extend language with preprocessor • 5) Apply lifting combinator to get to family level • 6) Simplify to direct expression for lifted analysis • –) Correctness (soundness) follows by construction Variability abstractions: • v1) Decide when to lift to program families • v2) Apply lifting combinator to get to family level • v3) Devise GC's that abstract configuration space! • v4) Simplify to direct expression for lifted analysis ++ • v–) Correctness (soundness) follows by construction
33 independent options... [ C. Kästner ] (233) > Earth's Population
320 independent options... [ C. Kästner ] (2320) > Atoms in Universe
10000 configurable options... [ C. Kästner ] (210000): Really BIG Bumber