source code analysis and transformation
play

Source code analysis and transformation Martin Monperrus Creative - PowerPoint PPT Presentation

Jan 01, 2024 •283 likes •506 views

Source code analysis and transformation Martin Monperrus Creative Commons Attribution License Copying and modifying are authorized as long as proper credit is given to the author. version of Oct 21, 2014 Latest version at

  1. Source code analysis and transformation Martin Monperrus Creative Commons Attribution License Copying and modifying are authorized as long as proper credit is given to the author. version of Oct 21, 2014 Latest version at http://www.monperrus.net/martin/lecture-slides-source-code-analysis-and-transformation.pdf 1

  2. Slide contents ● Concepts: ● Abstract Syntax Tree ● Source code analysis ● Lint tools ● Source code transformation ● Tools ● Spoon: a Java library for analyzing and transforming Java source code 2

  3. An Example Bad practice, should be either: try { ● throw new RuntimeException(e); ● Log.log(e) // some code } catch (Exception e) { e.printStackTrace(); } Analysis 3

  4. An Example try { Text search (Grep): // some code grep "e.printStackTrace"? } catch (Exception e) { What if: e.printStackTrace(); th.printStackTrace(); ? } How to check empty catch blocks? Text search: False positives, false negatives 4

  5. Astract Syntax Tree ● An Abstract Syntax Tree is a data structure representing source code. Libraries exist to compute and manipulate ASTs. 5

  6. Astract Syntax Tree ● There can be many different ASTs for he same programming language ● Use enum instead of classes ● Groups nodes together or not ● An AST is designed for a given task (compilation, interpretation, code query, metrics, etc.) 6

  7. Tools for analyzing Astract Syntax Trees There are many tools for extracting and analyzing ASTs: ● Spoon (Inria) ● SrcML (Java/C++ to XML) ● JDT ● AST (Python library) ● Clang (frontend of the compiler) 7

  8. Example: Spoon Spoon provides Java ASTs (and a GUI to navigate through them) java spoon.Launcher -g -i srcDir public class Dojo { public int b; public double c; void foo(Object t, int i) { t.hashCode(); b=i+3; b=i-5; b=i-98; b=b+i; } } 8

  9. Example: SrcML SrcML provides XML-based ASTs that can be analyzed with any DOM technology <unit> <comment type="line">// copy the input to the output</comment> <while>while <condition>(<expr><name><name>std</name>::<name>cin</name></name> &gt;&gt; <name>n</name></expr>)</condition> <expr_stmt><expr><name><name>std</name>::<name>cout</name></name> Spoon provides a GUI to navigate through ASTs &lt;&lt; <name>n</name> &lt;&lt; '\n'</expr>;</expr_stmt></while> </unit> ● Pro: toString is valid code ● Pro: Can be loaded in any XML ready library ● Con: no complete AST (very fine grain expressions are not handled) 9

  10. AST Read versus Write ● An AST can be accessed in read and write mode. ● Static analysis is done in read mode ● Source code transformation is done in write mode ● methods: insertBegin, insertEnd, insertBefore, insertAfter, replace 10

  11. Source Code Analysis 11

  12. AST analysis AST analysis is useful is a number of different use cases: ● Lint tools / Bad smells ● Lint, FindBugs, PMD, Checkstyle, JLint ● Verification of contracts ● e.g. no explicit exception reaches the main ● Visualization 12

  13. Origins of Lint ● Lint first appeared in the seventh version (V7) of the UNIX operating system in 1979. ● Lint flagged some suspicious and non- portable constructs in C language source code. ● use before definition ● unreachable code ● ignored return values ● etc. 13

  14. Basics of AST Analysis: navigation and query // navigation class .getFields() field.getDefaultExpression() if .getThenBranch(); method.getBody(); ... // queries list1 = methodBody.getElements( new TypeFilter(CtAssignment.class)); // collecting all deprecated classes list2 = rootPackage.getElements( new AnnotationFilter( Deprecated .class)); // creating a custom filter to select all public fields list3 = rootPackage.getElements( new AbstractFilter<CtField>(CtField.class) { public boolean matches(CtField field) { return field.getModifiers.contains(ModifierKind.PUBLIC); }}); 14

  15. Spoon Analysis #1: Detecting empty catch blocks public class CatchProcessor extends AbstractProcessor<CtCatch> { public void process(CtCatch element) { if (element.getBody().getStatements().size() == 0) { getFactory().getEnvironment().report( this , Severity. WARNING , element, "empty catch clause"); } } } $ java -cp spoon.jar spoon.Launcher -i sourceFolder -p CatchProcessor 15

  16. Spoon Analysis #2: Detecting public fields public class PublicFieldProcessorWarning extends AbstractProcessor<CtField<?>>{ @Override public void process(CtField<?> arg0) { if (arg0.hasModifier(ModifierKind. PUBLIC )) { getEnvironment().report( this , Severity. WARNING , arg0, "Found a public field"); } } } 16

  17. Source Code Transformation 18

  18. API for code transformation A source code transformation tool provides you with an API. Scope Name Description generic replace(element) replaces an element by another one. generic insertBefore(eleme inserts the current element ("this") before another element nt) in a code block. generic insertAfter(element) inserts the current element ("this") after another element in a code block. block insertBegin(element adds an element at the begin of a code block. ) block insertEnd(element) appends an element at the end of a code block. throw setThrownExpressi sets the expression returning a throwable object. on(expr) assignment setAssignment(expr sets the expression to be assigned in a variable. ession) if setElseStatement(s sets the "else" statement of an if/then/else. tmt) Excerpt of Spoon's transformation API 19

  19. Spoon Transformation #1: adding not-null checks public class NotNullCheckAdderProcessor extends AbstractProcessor<CtParameter<?>> { @Override public boolean isToBeProcessed(CtParameter<?> element) { return !element.getType().isPrimitive();// only for objects } public void process(CtParameter<?> element) { // we declare a new snippet of code to be inserted CtCodeSnippetStatement snippet = getFactory().Core().createCodeSnippetStatement(); // this snippet contains an if check snippet.setValue("if(" + element.getSimpleName() + " == null " + ") throw new IllegalArgumentException( \"[Spoon inserted check] null passed as parameter\");"); // we insert the snippet at the beginning of the method boby element.getParent(CtMethod.class).getBody().insertBegin(snippet); } } 20

  20. Spoon Transformation #2 (driven by annotations) public @interface Bound { double min(); } public void openUserSpacePort(@Bound(min = 1025) int a) { // code to open a port } public class Bound2Processor extends AbstractAnnotationProcessor<Bound, CtParameter<?>> { public void process(Bound annotation, CtParameter<?> element) { // we declare a new snippet of code to be inserted CtCodeSnippetStatement snippet = getFactory().Core() .createCodeSnippetStatement(); // this snippet contains an if check snippet.setValue("if(" + element.getSimpleName() + " < " + annotation.min() + ")" +" throw new RuntimeException(\"[Spoon check] Bound violation\");"); // we insert the snippet at the beginning of the method boby element.getParent(CtMethod. class ).getBody().insertBegin(snippet); } // end process } 21

  21. Summary ● Source code analysis and transformation is powerful for automating parts of the development process ● Is sometimes more powerful at the abstract syntax tree level ● Spoon is Java library for analyzing and transforming Java source code 22

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

How to make a bridge between transformation and analysis technologies? TrafoDag Session April,

How to make a bridge between transformation and analysis technologies? TrafoDag Session April,

How to make a bridge between transformation and analysis technologies? TrafoDag Session April, 2005 Transformation and Analysis in Software Engineering Transformation Analysis Conversion Abstraction Presentation Source Code Abstractions

571 views • 8 slides
Code Transformation by Direct Transformation of ASTs 1 M. Rizun, J.-C. Bach, S. Ducasse Example

Code Transformation by Direct Transformation of ASTs 1 M. Rizun, J.-C. Bach, S. Ducasse Example

Code Transformation by Direct Transformation of ASTs 1 M. Rizun, J.-C. Bach, S. Ducasse Example of simple code transformation 2 Source code Resulting code foo foo | result a b | | result a b | a := 2. a := 2. b := 3. b := 3.

415 views • 17 slides
Tools for large-scale collection &amp; analysis of source code repositories OPEN SOURCE GIT

Tools for large-scale collection &amp; analysis of source code repositories OPEN SOURCE GIT

Tools for large-scale collection &amp; analysis of source code repositories OPEN SOURCE GIT REPOSITORY COLLECTION PIPELINE Intro Alexander Bezzubov source{d} committer &amp; PMC @ apache zeppelin startup in Madrid engineer

436 views • 25 slides
Graph-based analysis of JavaScript source code repositories Gbor Szrnyas Graph Processing

Graph-based analysis of JavaScript source code repositories Gbor Szrnyas Graph Processing

Graph-based analysis of JavaScript source code repositories Gbor Szrnyas Graph Processing devroom @ FOSDEM 2018 JAVASCRIPT Latest standard: ECMAScript 2017 STATIC ANALYSIS Static source code analysis is a software testing approach

1.09k views • 40 slides
Runtime Environments Where We Are Source Lexical Analysis Code Syntax Analysis Semantic

Runtime Environments Where We Are Source Lexical Analysis Code Syntax Analysis Semantic

Runtime Environments Where We Are Source Lexical Analysis Code Syntax Analysis Semantic Analysis IR Generation IR Optimization Code Generation Machine Optimization Code Where We Are Source Lexical Analysis Code Syntax Analysis

1.47k views • 125 slides
Compiling and Linking C code Assembly C Source C Source C Source Source .c Code Code Code

Compiling and Linking C code Assembly C Source C Source C Source Source .c Code Code Code

Advanced Programming Modular Programming in C Modular Programming Intro n It is not possible to create complex programs using a single source file: n Compiling is slow n Difficult reuse of functions n Impossible collaboration among

513 views • 17 slides
Where We Are Source code Lexical, Syntax, and if (b == 0) a = b; Semantic Analysis IR

Where We Are Source code Lexical, Syntax, and if (b == 0) a = b; Semantic Analysis IR

Where We Are Source code Lexical, Syntax, and if (b == 0) a = b; Semantic Analysis IR Generation Low-level IR code Optimizations Optimized Low-level IR code Assembly code Assembly code generation cmp $0,%rcx cmovz %rax,%rdx 1 Low IR

777 views • 42 slides
Binarylevel program analysis: Assembly basics Gang Tan CSE 597 Spring 2019 Penn State

Binarylevel program analysis: Assembly basics Gang Tan CSE 597 Spring 2019 Penn State

Binarylevel program analysis: Assembly basics Gang Tan CSE 597 Spring 2019 Penn State University 1 Source code, Assembly code, Object code, and Executable Code Source Object Assembly Compiler Assembler code code code Then a

500 views • 12 slides
Similar code fragment A code fragment that has similar part to it in source code

Similar code fragment A code fragment that has similar part to it in source code

Similar code fragment A code fragment that has similar part to it in source code introduced in source code because of various reasons. e.g. copy-and-paste makes software maintenance difficult. It is necessary to It is

488 views • 9 slides
JTransform , a Tool for Source Code Analysis Holger Eichelberger and J urgen Wolff von

JTransform , a Tool for Source Code Analysis Holger Eichelberger and J urgen Wolff von

JTransform , a Tool for Source Code Analysis Holger Eichelberger and J urgen Wolff von Gudenberg Universit at W urzburg 6. Workshop Software-Reengineering Bad Honnef, 5.5.2004 Contents 1. Architecture 2. Configuration 3.

448 views • 21 slides
Source Code Analysis for Security through LLVM Lu Zhao HP Fortify lu.zhao@hp.com Static Code

Source Code Analysis for Security through LLVM Lu Zhao HP Fortify lu.zhao@hp.com Static Code

Source Code Analysis for Security through LLVM Lu Zhao HP Fortify lu.zhao@hp.com Static Code Analyzer for Security Static Code Analyzer for Security (HP Fortify SCA) C/C++ Java Vulnerabilities LLVM Language independent Services C/C++ Swift

325 views • 31 slides
Static vs. Dynamic Analysis Static analysis: analyze source code or byte code Imprecise

Static vs. Dynamic Analysis Static analysis: analyze source code or byte code Imprecise

I NTELLI D ROID A Targeted Input Generator for the Dynamic Analysis of Android Malware Michelle Y. Wong and David Lie University of Toronto Department of Electrical and Computer Engineering NDSS Symposium 2016 ! ! ! B ACKGROUND Static vs.

1.02k views • 32 slides
Analizo: an Extensible Multi-Language Source Code Analysis and Visualization Toolkit Antonio

Analizo: an Extensible Multi-Language Source Code Analysis and Visualization Toolkit Antonio

Analizo: an Extensible Multi-Language Source Code Analysis and Visualization Toolkit Antonio Terceiro , Joenio Costa, Joo Miranda, Paulo Meirelles, Luiz Romrio Rios, Lucianna Almeida, Christina Chavez, Fabio Kon UFBA Introduction

1.27k views • 21 slides
TITRE DE LA THESE Pattern Analysis for Source-Code Performance Improvement Authors: Riyane SID

TITRE DE LA THESE Pattern Analysis for Source-Code Performance Improvement Authors: Riyane SID

Data-Layout Optimization based on Memory-Access- TITRE DE LA THESE Pattern Analysis for Source-Code Performance Improvement Authors: Riyane SID LAKHDAR, Henri-Pierre CHARLES, Maha KOOLI Univ Grenoble Alpes, CEA, List, F-38000 Grenoble, France

374 views • 35 slides
Loop-invariant code motion Example Two steps: analysis &amp; transformation x := 3 Step 1: find

Loop-invariant code motion Example Two steps: analysis &amp; transformation x := 3 Step 1: find

Loop-invariant code motion Example Two steps: analysis &amp; transformation x := 3 Step 1: find invariant computations in loop y := 4 y := 5 invariant: computes same result each time evaluated z := x * y Step 2: move them outside loop

355 views • 4 slides
in practice source code source code javac scalac groovyc jrubyc 0xCAFEBABE byte code

in practice source code source code javac scalac groovyc jrubyc 0xCAFEBABE byte code

Java byte code in practice source code source code javac scalac groovyc jrubyc 0xCAFEBABE byte code source code javac scalac groovyc jrubyc 0xCAFEBABE byte code class loader interpreter JIT compiler JVM source code javac

1.6k views • 149 slides
IP3 2 0 1 7 A NA LYT IC S FO R MEDIA February 6, 2018 I P3 2017 Ove rvie w IP3 2017

IP3 2 0 1 7 A NA LYT IC S FO R MEDIA February 6, 2018 I P3 2017 Ove rvie w IP3 2017

IP3 2 0 1 7 A NA LYT IC S FO R MEDIA February 6, 2018 I P3 2017 Ove rvie w IP3 2017 built on the success of 2016s IP3, a first of its kind industry program designed to give sellers an easy way to access the secondary market by

358 views • 11 slides
Scala Macros for Mortals, or: How I Learned To Stop Worrying and Mumbling WTF?!?! Brendan

Scala Macros for Mortals, or: How I Learned To Stop Worrying and Mumbling WTF?!?! Brendan

Scala Macros for Mortals, or: How I Learned To Stop Worrying and Mumbling WTF?!?! Brendan McAdams &lt;brendan@boldradius.com&gt; @rit 1 The &quot;WTF&quot; of Macros - NEScala '16 What Are Macros? (There's some really good

766 views • 45 slides
Rust Macros Ryan Eberhardt and Armin Namavari June 2, 2020 Logistics CS110L shouldnt be your

Rust Macros Ryan Eberhardt and Armin Namavari June 2, 2020 Logistics CS110L shouldnt be your

Rust Macros Ryan Eberhardt and Armin Namavari June 2, 2020 Logistics CS110L shouldnt be your priority right now Project 2 is out and weve updated our policy on it with regards to current circumstances please check out Ryans

561 views • 26 slides
Nishant Das Patnaik Sarathi Sahoo @dpnishant @sarathisahoo Agenda Introduction to the

Nishant Das Patnaik Sarathi Sahoo @dpnishant @sarathisahoo Agenda Introduction to the

Nishant Das Patnaik Sarathi Sahoo @dpnishant @sarathisahoo Agenda Introduction to the problem Why is it a problem? - What is the impact? - Demo - What is JSPrime? What is it? - Who is it for? - How it works? - What it

447 views • 25 slides
Open Vocabulary Learning on Source Code with a Graph-Structured Cache Milan Cvitkovic Badal

Open Vocabulary Learning on Source Code with a Graph-Structured Cache Milan Cvitkovic Badal

Open Vocabulary Learning on Source Code with a Graph-Structured Cache Milan Cvitkovic Badal Singh Anima Anandkumar Caltech, Amazon Web Services Amazon Web Services Caltech ICML, 2019-6-12 Open Vocabulary Learning Goal: Models that can

137 views • 10 slides
A Generalized Framework for Auto-tuning Stencil Computations Shoaib Kamil 1,3 , Cy Chan 4 , Samuel

A Generalized Framework for Auto-tuning Stencil Computations Shoaib Kamil 1,3 , Cy Chan 4 , Samuel

F U T U R E T E C H N O L O G I E S G R O U P A Generalized Framework for Auto-tuning Stencil Computations Shoaib Kamil 1,3 , Cy Chan 4 , Samuel Williams 1 , Leonid Oliker 1 , John Shalf 1,2 , Mark Howison 3 , E. Wes Bethel 1

508 views • 30 slides
Miri An interpreter for Rusts mid-level intermediate representation Scott Olson Supervisor:

Miri An interpreter for Rusts mid-level intermediate representation Scott Olson Supervisor:

Miri An interpreter for Rusts mid-level intermediate representation Scott Olson Supervisor: Christopher Dutchyn CMPT 400 University of Saskatchewan https://www.rust-lang.org What is Rust? [review] } } println!(&quot;{}&quot;,

630 views • 33 slides
gscc A General Search and Compare Compiler gscc is a text manipulation language that rivals

gscc A General Search and Compare Compiler gscc is a text manipulation language that rivals

gscc A General Search and Compare Compiler gscc is a text manipulation language that rivals existing Eric [G]arrido programmatic solutions. It is Russel [S]antillanes compact, intuitive and lightweight, Casey [C]allendrello giving

449 views • 26 slides

More recommend