1. Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU Dataflow Analysis for Software Product Lines Claus Brabrand IT University of Copenhagen Universidade Federal de Pernambuco [ brabrand@itu.dk ] Márcio Ribeiro Universidade Federal de Alagoas Universidade Federal de Pernambuco [ mmr3@cin.ufpe.br ] Paulo Borba Universidade Federal de Pernambuco [ phmb@cin.ufpe.br ] Társis Tolêdo Universidade Federal de Pernambuco [ twt@cin.ufpe.br ]

2. [ 2 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU Abstract Software product lines (SPLs) are commonly developed using annotative approaches such as conditional compilation that come with an inherent risk of constructing erroneous products. For this reason, it is essential to be able to analyze SPLs. However, as dataflow analysis techniques are not able to deal with SPLs, developers must generate and analyze /all/ valid methods individually, which is expensive for non-trivial SPLs. In this paper, we demonstrate how to take any intraprocedural standard dataflow analysis and automatically turn it into a /feature-sensitive/ dataflow analysis in three different ways. All are capable of analyzing all valid methods of an SPL without having to generate all of them explicitly. We have implemented all analyses as extensions of SOOT's intraprocedural dataflow analysis framework and experimentally evaluated their performance and memory characteristics on four qualitatively different SPLs. The results indicate that the feature-sensitive analyses are respectively on average three, four, and five times faster than the naive brute force approach on our SPLs, and that they have different time and space tradeoffs.

3. [ 3 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU Introduction Software Product Lines Dataflow Analysis (recap) Dataflow Analyses for Software Product Lines: feature in-sensitive (A1) vs feature sensitive (A2, A3, A4) Results: A1 vs A2 vs A3 vs A4 (in theory and practice) Related Work Conclusion

4. [ 4 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU Introduction Traditional Software Development: One program = One product Product Line: A ”family” of products (of N ”similar” products): customize SPL: (Family of Programs)

5. [ 5 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU Software Product Line SPL: Feature Model: (e.g.: ψ FM ≡ VIDEO  COLOR ) Family of Programs: COLOR VIDEO COLOR  VIDEO VIDEO Ø { Video } { Color, Video } Configurations: Ø, {Color}, {Video}, {Color,Video} VALID { Color } customize 2F2F Set of Features: F = { COLOR, VIDEO } 2F2F

6. [ 6 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU Software Product Line SPL: Family of s: COLOR VIDEO COLOR  VIDEO VIDEO Program Conditional compilation: #ifdef (  )... #endif Alternatively, via Aspects (as in AOSD) Logo logo;... logo.use(); #ifdef (VIDEO) logo = new Logo(); #endif Example (SPL fragment) Similarly for; e.g.: ■ uninitialized vars ■ unused variables ■... *** null-pointer exception! in configurations: {Ø, {COLOR}}  : f  F |  | 

7. [ 7 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU Errors Logo logo; logo.use(); #ifdef (VIDEO) logo = new Logo(); #endif *** null-pointer exception! in configurations: {Ø, {COLOR}} Logo logo; print(logo); #ifdef (VIDEO) logo = new Logo(); #endif *** uninitialized variable! in configurations: {Ø, {COLOR}} Logo logo;... #ifdef (VIDEO) logo = new Logo(); #endif *** unused variable! in configurations: {Ø, {COLOR}}

8. [ 8 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU result 0100101 1110110 1010011 1110111 0100101 1110110 1010011 1110111 Analysis of SPLs The Compilation Process:...and for Software Product Lines: 0100101 1110110 1010011 1110111 result compile run ERROR! customize 0100101 1110110 1010011 1110111 result run ERROR! ANALYZE! Feature-sensitive data-flow analysis ! run compile ANALYZE! ERROR! 2F2F

9. [ 9 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU Introduction Software Product Lines Dataflow Analysis (recap) Dataflow Analyses for Software Product Lines: feature in-sensitive (A1) vs feature sensitive (A2, A3, A4) Results: A1 vs A2 vs A3 vs A4 (in theory and practice) Related Work Conclusion

10. [ 10 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU Dataflow Analysis Dataflow Analysis: 1) Control-flow graph 2) Lattice (finite height) 3) Transfer functions (monotone) L Example: "sign-of-x analysis"

11. [ 11 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU Analyzing a Program 1) Program 2) Build CFG 3) Make Equations 4) Solve equations: fixed-point computation (iteration) 5) SOLUTION (least fixed point): Annotated with program points

12. [ 12 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU Introduction Software Product Lines Dataflow Analysis (recap) Dataflow Analyses for Software Product Lines: feature in-sensitive (A1) vs feature sensitive (A2, A3, A4) Results: A1 vs A2 vs A3 vs A4 (in theory and practice) Related Work Conclusion

13. [ 13 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU A1 (brute force) A1 (feature in-sensitive): N = 2 F compilations! void m() { int x=0; ifdef(A) x++; ifdef(B) x--; } c = {A}:c = {B}:c = {A,B}: int x = 0; x++; x--;int x = 0; x++; x--;int x = 0; x++; x--; 0 _ | + 0 _ | - 0 _ | 0/+ + ψ FM = A ∨ B L

14. [ 14 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU A2 (consecutive) A2 (feature sensitive!): void m() { int x=0; ifdef(A) x++; ifdef(B) x--; } c = {A}:c = {B}:c = {A,B}: int x = 0; x++; x--;int x = 0; x++; x--;int x = 0; x++; x--; 0 _ | + 0 _ | - 0 _ | 0/+ + A: B: A: B: A: B: 0+ ✗ ✓ ✓ ✗ ✓✓ ✓ ✓ ✓ ψ FM = A ∨ B L

15. [ 15 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU A3 (simultaneous) A3 (feature sensitive!): void m() { int x=0; ifdef(A) x++; ifdef(B) x--; } ∀ c ∈ {{A},{B},{A,B}}: int x = 0; x++; x--; 0 _ | + 0 _ | - 0 _ | 0/+ + A: B: 0+ ✓ ({A} =, {B} =, {A,B} = ) ✓✓ ✓✓ ✓✓ ✗ ✗ ψ FM = A ∨ B L

16. [ 16 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU A4 (shared) A4 (feature sensitive!): void m() { int x=0; ifdef(A) x++; ifdef(B) x--; } ψ FM = A ∨ B: int x = 0; x++; x--; A: B: _ | ( [[ψ]] = ) 0+ ( [[ψ ∧ ¬A]] =, [[ψ ∧ A]] = ) 0 ( [[ψ]] = ) (A ∨ B) ∧ ¬A ∧ ¬B ≡ false …using BDD representation! (compact+efficient) + - 0/+ ( [[ψ ∧ ¬A ∧ ¬B]] =, [[ψ ∧ A ∧ ¬B]] =, [[ψ ∧ ¬A ∧ B]] =, [[ψ ∧ A ∧ B]] = ) 0 i.e., invalid given wrt. the feature model, ψ ! ψ FM = A ∨ B L

17. [ 17 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU Specification: A1, A2, A3, A4 A1 A2 A3 A4

18. [ 18 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU A1, A2, A3, and A4 A1 A2 A3 A4

19. [ 19 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU Introduction Software Product Lines Dataflow Analysis (recap) Dataflow Analyses for Software Product Lines: feature in-sensitive (A1) vs feature sensitive (A2, A3, A4) Results: A1 vs A2 vs A3 vs A4 (in theory and practice) Related Work Conclusion

20. [ 20 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU Intraprocedural Evaluation Four (qualitatively different) SPL benchmarks: Implementation: A1, A2, A3, A4 in SOOT + CIDE Evaluation: total time, analysis time, memory usage

21. [ 21 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU Results (total time) In theory: In practice: 6x 8x 14x 3x 5x 3x 1x 2x 2½x 2x A2 (3x), A3 (4x), A4 (5x) Feature sensitive (avg. gain factor): (Reaching Definitions) 2F2F 2F2F 2F2F

22. [ 22 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU Results (analysis time) In theory: In practice: T IME ( A 4 ) : Depends on degree of sharing in SPL ! ( caching !) (Reaching Definitions) A3 (1.5x) faster On average (A2 vs A3): A2 A3 vs 2F2F

23. [ 23 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU Results (memory usage) In theory: In practice: (Reaching Definitions) 6.3 : 1 Average 2F2F A2 A3 vs S PACE ( A 4 ) : Depends on degree of sharing in SPL !

24. [ 24 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU Introduction Software Product Lines Dataflow Analysis (recap) Dataflow Analyses for Software Product Lines: feature in-sensitive (A1) vs feature sensitive (A2, A3, A4) Results: A1 vs A2 vs A3 vs A4 (in theory and practice) Related Work Conclusion

25. [ 25 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU Related Work (DFA) Path-sensitive DFA: Idea of “conditionally executed statements” Compute different analysis info along different paths (~ A2, A3, A4) to improve precision or to optimize “hot paths” Predicated DFA: Guard lattice values by propositional logic predicates (~ A4), yielding “optimistic dataflow values” that are kept distinct during analysis (~ A3 and A4) “Constant Propagation with Conditional Branches” ( Wegman and Zadeck ) TOPLAS 1991 “Predicated Array Data-Flow Analysis for Run-time Parallelization” ( Moon, Hall, and Murphy ) ICS 1998 Our work: Automatically lift any DFA to SPLs (with ψ FM ) ⇒ feature-sensitive analysis for analyzing entire program family

26. [ 26 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU Related Work (Lifting for SPLs) Model Checking: Type Checking: Parsing: Testing: Model Checking Lots of Systems: Efficient Verification of Temporal Properties in Software Product Lines” ( Classen, Heymans, Schobbens, Legay, and Raskin ) ICSE 2010 Model checks all SPLs at the same time (3.5x faster) than one by one! (similar goal, diff techniques) Type checking ↔ DFA (similar goal, diff techniques) Our: auto lift any DFA (uninit vars, null pointers,...) “Type Safety for Feature-Oriented Product Lines” ( Apel, Kastner, Grösslinger, and Lengauer ) ASE 2010 “Type-Checking Software Product Lines - A Formal Approach” ( Kastner and Apel ) ASE 2008 “Variability-Aware Parsing in the Presence of Lexical Macros & C.C.” ( Kastner, Giarrusso, Rendel, Erdweg, Ostermann, and Berger ) OOPSLA 2011 “Reducing Combinatorics in Testing Product Lines” ( Hwan, Kim, Batory, and Khurshid ) AOSD 2011 Select relevant feature combinations for a given test case Uses (hardwired) DFA (w/o FM) to compute reachability (similar techniques, diff goal): Split and merging parsing (~A4) and also uses instrumentation

27. [ 27 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU Emerging Interfaces

28. [ 28 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU Emerging Interfaces "A Tool for Improving Maintainability of Preprocessor-based Product Lines" ( Márcio Ribeiro, Társis Tolêdo, Paulo Borba, Claus Brabrand ) *** Best Tool Award *** CBSoft 2011:

29. [ 29 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU Introduction Software Product Lines Dataflow Analysis (recap) Dataflow Analyses for Software Product Lines: feature in-sensitive (A1) vs feature sensitive (A2, A3, A4) Results: A1 vs A2 vs A3 vs A4 (in theory and practice) Related Work Conclusion

30. [ 30 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU Conclusion(s) It is possible to analyze SPLs using DFAs We can automatically "lift" any dataflow analysis and make it feature sensitive: A2) Consecutive A3) Simultaneous A4) Shared Simultaneous A2,A3,A4 much faster (3x,4x,5x) than naive A1 A3 is (1.5x) faster than A2 (caching!) A4 saves lots of memory vs A3 (sharing!) 6.3 : 1

31. [ 31 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU Future Work Explore how all this scales to…: In particular: …relative speed of A1 vs A2 vs A3 vs A4 ? …which analyses are feasible vs in-feasible ? INTER-procedural data-flow analysis In progress...!

32. Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU *) Thanks

33. Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU BONUS SLIDES

34. [ 34 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU Results (analysis time) In theory: In practice: T IME ( A 4 ) : Depends on degree of sharing in SPL ! Nx1 ≠ 1xN ?! ( caching !) (Reaching Definitions) A3 (1.5x) faster On average (A2 vs A3): A2 A3 vs 2F2F 2F2F

35. [ 35 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU A2 vs A3 (caching) Cache misses in A2 vs A3: Normal cache: As expected, A2 incurs more cache misses ( ⇒ slower!) Full/no cache*: As hypothesized, this indeed affects A2 more than A3 i.e., A3 has better cache properties than A2 *) we flush the L2 cache, by traversing an 8MB “bogus array” to invalidate cache! A2 A3 vs

36. [ 36 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU IFDEF normalization Refactor "undisciplined" (lexical) ifdefs into "disciplined" (syntactic) ifdefs: Normalize "ifdef"s (by transformation):

37. [ 37 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU Example Bug from Lampiro Lampiro SPL (IM client for XMPP protocol): *** uninitialized variable "logo" (if feature " GLIDER " is defined) Similar problems with: undeclared variables, unused variables, null pointers,...

38. [ 38 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU BDD (Binary Decision Diagram) Compact and efficient representation for boolean functions (aka., set of set of names) FAST: negation, conjunction, disjunction, equality !  =  F(A,B,C) =F(A,B,C) = A  (B  C)   A C minimized BDD B    A BB CCCC BDD

39. [ 39 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU Formula ~ Set of Configurations Definitions (given F, set of feature names): f  F feature name c  2 F configuration ( set of feature names ) c  F X  2 2 set of config's ( set of set of feature names ) X  2 F Example ifdef s: F [[ B  A ]] [[ A  (B  C) ]] F = {A,B} F = {A,B,C} = { {A}, {B}, {A,B} } = { {A,B}, {A,C}, {A,B,C} }

40. [ 40 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU Feature Model (Example) Feature Model: Feature set: Formula: Set of configurations:  FM  Car  Engine  (1.0  1.4)  Air  1.4 { { Car, Engine, 1.0 }, { Car, Engine, 1.4 }, { Car, Engine, 1.4, Air } } F = {Car, Engine, 1.0, 1.4, Air} Note: | [[  FM ]] | = 3 < 32 = |2 F | [[ ]] = Engine 1.0 Air 1.4

41. [ 41 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU Conditional Compilation The ' ifdef ' construction: Syntactic variant of lexical #ifdef Propositional Logic: where f  F (finite set of feature names) Example: STM : 'ifdef' '('  ')' STM  : f  F |  |  status.print("you die"); ifdef (DeluxeVersion && ColorDisplay) { player.redraw(Color.red); Audio.play("crash.wav"); } lives = lives - 1; A ifdef (A) {... }

42. [ 42 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU Lexical #ifdef  Syntactic ifdef Simple transformation: We do not handle non-syntactic '#ifdef's: Fair assumption (also in CIDE) Nested ifdef's also give rise to a conj. of formulas

43. [ 43 ] Dataflow Analysis for Software Product Lines May 24, 2012 COPLAS, DIKU CASE 1: "COPY" A4: Lazy Splitting (using BDDs) CASE 2: "APPLY"CASE 3: "SPLIT"  : S [  = l,... ] l ' = f S ( l )      : S [  = l,... ] [  = l ',... ] l ' = f S ( l )  : S [  = l,... ] [  = l,  = l',...] l ' = f S ( l )   = Ø  =  Ø    