An empirical study of real-world variability bugs detected by variability-oblivious tools

Many critical software systems developed in C utilize compile-time configurability. The many possible configurations of this software make bug detection through static analysis difficult. While variability-aware static analyses have been developed, there remains a gap between those and state-of-the-art static bug detection tools. In order to collect data on how such tools may perform and to develop real-world benchmarks, we present a way to leverage configuration sampling, off-the-shelf “variability-oblivious” bug detectors, and automatic feature identification techniques to simulate a variability-aware analysis. We instantiate our approach using four popular static analysis tools on three highly configurable, real-world C projects, obtaining 36,061 warnings, 80% of which are variability warnings. We analyze the warnings we collect from these experiments, finding that most results are variability warnings of a variety of kinds such as NULL dereference. We then manually investigate these warnings to produce a benchmark of 77 confirmed true bugs (52 of which are variability bugs) useful for future development of variability-aware analyses.

[1]  Arnaud Gotlieb,et al.  Practical pairwise testing for software product lines , 2013, SPLC '13.

[2]  P. Alam ‘A’ , 2021, Composites Engineering: An A–Z Guide.

[3]  Sebastian Oster,et al.  Automated Incremental Pairwise Testing of Software Product Lines , 2010, SPLC.

[4]  Jafar M. Al-Kofahi,et al.  Extracting Configuration Knowledge from Build Files with Symbolic Analysis , 2015, 2015 IEEE/ACM 3rd International Workshop on Release Engineering.

[5]  Sven Apel,et al.  Scalable analysis of variable software , 2013, ESEC/FSE 2013.

[6]  W. Hager,et al.  and s , 2019, Shallow Water Hydraulics.

[7]  Krzysztof Czarnecki,et al.  Where Do Configuration Constraints Stem From? An Extraction Approach and an Empirical Study , 2015, IEEE Transactions on Software Engineering.

[8]  Cemal Yilmaz,et al.  Approaches for computing test‐case‐aware covering arrays , 2018, Softw. Test. Verification Reliab..

[9]  Claus Brabrand,et al.  Variability through the Eyes of the Programmer , 2017, 2017 IEEE/ACM 25th International Conference on Program Comprehension (ICPC).

[10]  Klaus Pohl,et al.  Model Checking of Domain Artifacts in Product Line Engineering , 2009, 2009 IEEE/ACM International Conference on Automated Software Engineering.

[11]  Sven Apel,et al.  Variational Data Structures: Exploring Tradeoffs in Computing with Variability , 2014, Onward!.

[12]  Krzysztof Czarnecki,et al.  Mining configuration constraints: static analyses and empirical results , 2014, ICSE.

[13]  Ondrej Lhoták,et al.  In defense of soundiness , 2015, Commun. ACM.

[14]  Hareton K. N. Leung,et al.  A survey of combinatorial testing , 2011, CSUR.

[15]  Sebastian Erdweg,et al.  Variability-aware parsing in the presence of lexical macros and conditional compilation , 2011, OOPSLA '11.

[16]  Wolfgang Schröder-Preikschat,et al.  A robust approach for variability extraction from the Linux build system , 2012, SPLC '12.

[17]  Christian Dietrich,et al.  Configuration coverage in the analysis of large-scale system software , 2011, PLOS '11.

[18]  Myra B. Cohen,et al.  Moving Forward with Combinatorial Interaction Testing , 2014, Computer.

[19]  Gunter Saake,et al.  Type checking annotation-based product lines , 2012, TSEM.

[20]  Lei,et al.  A Test Generation Strategy for Pairwise TestingYu , .

[21]  Adam A. Porter,et al.  iGen: dynamic interaction inference for configurable software , 2016, SIGSOFT FSE.

[22]  Øystein Haugen,et al.  An algorithm for generating t-wise covering arrays from large feature models , 2012, SPLC '12.

[23]  Sebastian Erdweg,et al.  A variability-aware module system , 2012, OOPSLA '12.

[24]  Eric Bodden,et al.  Tracking Load-Time Configuration Options , 2018, IEEE Trans. Software Eng..

[25]  Myra B. Cohen,et al.  An Improved Meta-heuristic Search for Constrained Interaction Testing , 2009, 2009 1st International Symposium on Search Based Software Engineering.

[26]  ApelSven,et al.  Variability-Aware Static Analysis at Scale , 2018 .

[27]  Wolfgang Schröder-Preikschat,et al.  Static Analysis of Variability in System Software: The 90, 000 #ifdefs Issue , 2014, USENIX Annual Technical Conference.

[28]  Robert Grimm,et al.  SuperC: parsing all of C by taming the preprocessor , 2012, PLDI.

[29]  Thomas de Quincey [C] , 2000, The Works of Thomas De Quincey, Vol. 1: Writings, 1799–1820.

[30]  Gunter Saake,et al.  Analysis Strategies for Software Product Lines , 2012 .

[31]  Yu Lei,et al.  A Combinatorial Testing-Based Approach to Fault Localization , 2020, IEEE Transactions on Software Engineering.

[32]  Michael L. Fredman,et al.  The AETG System: An Approach to Testing Based on Combinatiorial Design , 1997, IEEE Trans. Software Eng..

[33]  Claus Brabrand,et al.  A Quantitative Analysis of Variability Warnings in Linux , 2016, VaMoS.

[34]  Sven Apel,et al.  Type-Safe Feature-Oriented Product Lines , 2010, ArXiv.

[35]  Yu Lei,et al.  A Test Generation Strategy for Pairwise Testing , 2002, IEEE Trans. Software Eng..

[36]  Krzysztof Czarnecki,et al.  A Study of Variability Models and Languages in the Systems Software Domain , 2013, IEEE Transactions on Software Engineering.

[37]  Pierre-Yves Schobbens,et al.  Model checking lots of systems: efficient verification of temporal properties in software product lines , 2010, 2010 ACM/IEEE 32nd International Conference on Software Engineering.

[38]  Sven Apel,et al.  A Comparison of 10 Sampling Algorithms for Configurable Systems , 2016, 2016 IEEE/ACM 38th International Conference on Software Engineering (ICSE).

[39]  Yves Le Traon,et al.  Combining Multi-Objective Search and Constraint Solving for Configuring Large Software Product Lines , 2015, 2015 IEEE/ACM 37th IEEE International Conference on Software Engineering.

[40]  Gunter Saake,et al.  On essential configuration complexity: Measuring interactions in highly-configurable systems , 2016, 2016 31st IEEE/ACM International Conference on Automated Software Engineering (ASE).

[41]  AbalIago,et al.  Variability Bugs in Highly Configurable Systems , 2018 .

[42]  Myra B. Cohen,et al.  Constructing test suites for interaction testing , 2003, 25th International Conference on Software Engineering, 2003. Proceedings..

[43]  Charles J. Colbourn,et al.  Prioritized interaction testing for pair-wise coverage with seeding and constraints , 2006, Inf. Softw. Technol..

[44]  Mira Mezini,et al.  SPLLIFT: statically analyzing software product lines in minutes instead of years , 2013, Software Engineering.

[45]  Sven Apel,et al.  Do #ifdefs influence the occurrence of vulnerabilities? an empirical study of the linux kernel , 2016, SPLC.

[46]  Sven Apel,et al.  An analysis of the variability in forty preprocessor-based software product lines , 2010, 2010 ACM/IEEE 32nd International Conference on Software Engineering.

[47]  Charles Song,et al.  iTree: efficiently discovering high-coverage configurations using interaction trees , 2012, ICSE 2012.

[48]  Sven Apel,et al.  Type safety for feature-oriented product lines , 2010, Automated Software Engineering.

[49]  R. Sarpong,et al.  Bio-inspired synthesis of xishacorenes A, B, and C, and a new congener from fuscol† †Electronic supplementary information (ESI) available. See DOI: 10.1039/c9sc02572c , 2019, Chemical science.

[50]  Sarah Nadi,et al.  Exploring feature interactions without specifications: a controlled experiment , 2018, GPCE.

[51]  Myra B. Cohen,et al.  Reducing Masking Effects in CombinatorialInteraction Testing: A Feedback DrivenAdaptive Approach , 2014, IEEE Transactions on Software Engineering.

[52]  Aaas News,et al.  Book Reviews , 1893, Buffalo Medical and Surgical Journal.

[53]  Marc Thurley,et al.  sharpSAT - Counting Models with Advanced Component Caching and Implicit BCP , 2006, SAT.

[54]  Iago Abal,et al.  42 variability bugs in the linux kernel: a qualitative analysis , 2014, ASE.

[55]  Lucia Moura,et al.  Covering arrays avoiding forbidden edges , 2009, Theor. Comput. Sci..

[56]  Paul Gazzillo,et al.  Kmax: finding all configurations of Kbuild makefiles statically , 2017, ESEC/SIGSOFT FSE.

[57]  Robert Brownlie,et al.  Robust testing of AT&T PMX/StarMAIL using OATS , 1992, AT&T Technical Journal.

[58]  Michael D. Ernst,et al.  An Empirical Analysis of C Preprocessor Use , 2002, IEEE Trans. Software Eng..

[59]  Claus Brabrand,et al.  How Does the Degree of Variability Affect Bug Finding? , 2016, 2016 IEEE/ACM 38th International Conference on Software Engineering (ICSE).

[60]  Marijn J. H. Heule,et al.  Uniform Sampling from Kconfig Feature Models , 2019 .

[61]  Cemal Yilmaz Test Case-Aware Combinatorial Interaction Testing , 2013, IEEE Transactions on Software Engineering.

[62]  Gülsen Demiröz Cost-aware combinatorial interaction testing (doctoral symposium) , 2015, ISSTA.

[63]  Claus Brabrand,et al.  Effective Analysis of C Programs by Rewriting Variability , 2017, Art Sci. Eng. Program..

[64]  Ralph E. Johnson,et al.  Analyzing multiple configurations of a C program , 2005, 21st IEEE International Conference on Software Maintenance (ICSM'05).

[65]  Márcio Ribeiro,et al.  An empirical study on configuration-related issues: investigating undeclared and unused identifiers , 2015, GPCE.

[66]  Baldoino Fonseca dos Santos Neto,et al.  A Qualitative Analysis of Variability Weaknesses in Configurable Systems with #ifdefs , 2018, VaMoS.

[67]  W. Marsden I and J , 2012 .