Many software systems are today variational: they are built as program families or Software Product Lines. They can produce a potentially huge number of related programs, known as products or variants, by selecting suitable configuration options (features) at compile time. Many such program families are safety critical, yet the appropriate tools only rarely are able to analyze them effeciently. Researchers have addressed this problem by designing specialized variability-aware static (dataflow) analyses, which allow analyzing all variants of the family, simultaneously, in a single run without generating any of the variants explicitly. They are also known as lifted or family-based analyses. They take as input the common code base, which encodes all variants of a program family, and produce precise analysis results corresponding to all variants. These analyses scale much better than “brute force” approach, where all individual variants are analyzed in isolation, one-by-one, using off-the-shelf single-program analyzers. Nevertheless, the computational cost of lifted analyses still greatly depends on the number of features and variants (which is often huge). For families with a large number of features and variants, the lifted analyses may be too costly or even infeasible. In order to speed up lifted analyses and make them computationally cheaper, variability abstractions which simplify variability away from program families and lifted analyses have been introduced. However, the space of possible variability abstractions is still intractably large to search naively, with most abstractions being either too imprecise or too costly. We introduce here a method to efficiently find suitable variability abstractions from a large space of possible abstractions for a lifted static analysis. The main idea is to use a pre-analysis to estimate the impact of variability-specific parts of the program family on the analysis’s precision. The pre-analysis is fully variability-aware while it aggressively abstracts the other semantics aspects. Then we use the pre-analysis results to find out when and where the subsequent abstract lifted analysis should turn off or on its variability-awareness. The abstraction constructed in this way is effective in discarding variability-specific program details that are irrelevant for showing the analysis’s ultimate goal. We formalize this approach and we illustrate its effectiveness on several Java case studies. The evaluation shows that our approach which consists of running a pre-analysis followed by a subsequent abstract lifted analysis achieves competitive the precision-speed tradeoff compared to the standard lifted analysis.

中文翻译：

---

为提升分析寻找合适的可变性抽象

如今，许多软件系统都是变化的：它们被构建为程序系列或软件产品线。通过在编译时选择合适的配置选项（功能），他们可以产生大量相关的程序，称为产品或变体。许多此类程序系列对安全至关重要，但适当的工具很少能够有效地分析它们。研究人员通过设计专门的可变性感知静态（数据流）分析，允许在一次运行中同时分析族的所有变体，而无需显式生成任何变体。他们也被称为举起要么以家庭为基础分析。他们将公共代码库作为输入，该代码库对程序族的所有变体进行编码，并产生与所有变体相对应的精确分析结果。这些分析的规模比“蛮力”方法要好得多，后者使用现成的单程序分析器对所有单个变体进行单独、一个接一个的分析。尽管如此，提升分析的计算成本仍然很大程度上取决于特征和变体的数量（通常是巨大的）。对于具有大量特征和变体的家庭，提升分析可能成本太高甚至不可行。为了加速提升分析并使它们的计算成本更低，引入了可变性抽象，以简化程序系列和提升分析的可变性。然而，可能的可变性抽象空间仍然很大，难以天真地搜索，大多数抽象要么太不精确，要么成本太高。我们在这里介绍了一种方法，可以有效地从大量可能的抽象空间中找到合适的可变性抽象，以进行提升的静态分析。主要思想是使用预分析估计程序族的可变性特定部分对分析精度的影响。预分析是完全可变感知的，同时它积极地抽象了其他语义方面。然后我们使用预分析结果来找出后续抽象提升分析应该在何时何地关闭或打开其可变性感知。以这种方式构建的抽象在丢弃与显示分析的最终目标无关的特定于可变性的程序细节方面是有效的。我们将这种方法形式化，并在几个 Java 案例研究中说明了它的有效性。评估表明，与标准提升分析相比，我们的方法包括运行预分析和随后的抽象提升分析，实现了具有竞争力的精度-速度权衡。