Many software systems today are highly configurable. They can produce a potentially large variety of related programs (variants) by selecting suitable configuration options (features) at compile time. Recently, specialized variability-aware (lifted, family-based) static analyses based on abstract interpretation have been developed. They allow analyzing all variants of a program family (or, any other configurable software system), simultaneously, in a single run without generating any of the variants explicitly. In effect, they produce precise analysis results for all individual variants. The elements of the underlying lifted analysis domain represent tuples (i.e. disjunction of properties), which maintain one property from an existing single-program analysis domain per variant. Nevertheless, explicit property enumeration in tuples, one by one for all variants, immediately yields to combinatorial explosion given that the number of variants can grow exponentially with the number of features. Therefore, such lifted analyses may be too costly or even infeasible for program families with a large number of variants.

In this work, we propose a more efficient lifted static analysis of program families with Boolean features, where sharing is explicitly possible between analysis elements corresponding to different variants. This is achieved by giving a symbolic representation of the lifted analysis domain, which can efficiently handle disjunctive properties in program families. The elements of the new lifted domain are binary decision diagrams, where decision nodes are labeled with Boolean features and leaf nodes belong to an existing single-program analysis domain. The lifted domain is parametric in the choice of the abstract (property) domain for leaf nodes. To illustrate the potential of this representation, we have implemented a lifted static analyzer that uses a combination of forward and backward analyses for inferring numerical invariants and necessary preconditions of C program families. It uses APRON  and BDDAPRON  libraries for implementing the new lifted analysis domain. The APRON  library, used for the leaves, is a widely accepted API for numerical abstract domains (e.g. polyhedra, octagons, intervals), while the BDDAPRON  is an extension of APRON  which adds the power domain of Boolean formulae and any APRON  domain. An empirical evaluation on C benchmarks taken from SV-COMP  and BusyBox  indicates that our binary decision diagram-based approach is effective and outperforms the baseline tuple-based approach.

当今许多软件系统都是高度可配置的。通过在编译时选择合适的配置选项（功能），它们可以产生大量潜在的相关程序（变体）。近日，专业变化感知（解禁，以家庭为基础）已开发出基于抽象解释的静态分析。它们允许在一次运行中同时分析程序系列（或任何其他可配置软件系统）的所有变体，而无需显式生成任何变体。实际上，它们可以为所有单个变体产生精确的分析结果。底层提升的分析域的元素表示元组（即，属性的析取），每个元组从现有的单程序分析域中保留一个属性。然而，鉴于变量的数量可以随特征的数量成指数增长，在元组中显式的属性枚举（对所有变体一一对应）会立即产生组合爆炸。所以，

在这项工作中，我们提出了一个具有布尔特征的程序族的更有效的提升静态分析，其中在与不同变体相对应的分析元素之间明确地可以共享。这是通过提供提升的分析域的符号表示来实现的，该符号表示可以有效处理程序族中的析取属性。新提升域的元素是二进制决策图，其中决策节点被标记为布尔特征，叶节点属于现有的单程序分析域。在选择叶节点的抽象（属性）域时，提升域是参数化的。为了说明这种表示方法的潜力，我们实现了一个提升的静态分析器，该分析器使用前向和后向分析的组合来推断数值不变量和C程序族的必要前提。它使用APRON  和BDDAPRON  库来实现新的提升的分析域。所述围裙  库，用于叶，为数值抽象域被广泛接受的API（例如多面体，八边形，间隔），而BDDAPRON  是的延伸围裙  它将布尔公式的幂域和任何APRON  域相加。对来自SV-COMP  和BusyBox的  C基准进行的经验评估表明，基于二进制决策图的方法是有效的，并且优于基于基线元组的方法。