The document discusses variability, bugs, and cognition. It summarizes findings from analyzing known variability bugs. Key findings include: bugs often appear in unanticipated configurations that were not considered by programmers; many bugs involve features defined across subsystems rather than locally; and managing variability and large numbers of configurations can negatively impact understandability and maintainability. Controlled experiments are proposed to study how variability affects the time and accuracy of bug finding.
The trials and tribulations of providing engineering infrastructure TechExeter
The document discusses lessons learned from running engineering infrastructure at Arm. It discusses several key points:
1) Shared infrastructure can lead to compromise and additional effort with no value if used for multiple disciplines. Specialized environments for each discipline are preferred.
2) Automation is critical to avoid inefficiencies from rapid growth outpacing manual processes. Automate where possible.
3) Ubiquitous shared storage breeds laziness and poor data management practices that do not scale. More controlled use of storage is needed.
4) Educating engineers on responsible infrastructure use is important, as not all have expertise in large-scale systems. Partnership and guidance is preferred over being solely "the police".
Software Bertillonage: Finding the Provenance of an Entitymigod
Slides from the paper presented at the 2011 IEEE Intl Conf on Mining Software Repositories, by Julius Davies, Daniel German, Mike Godfrey, and Abram Hindle
Simple Bugs and Vulnerabilities in Linux DistributionsSilvio Cesare
This talk discusses automated techniques for finding bugs and vulnerabilities in Linux software packages. The techniques were able to find:
- 27+ bug reports submitted to Debian after scanning for memset function bugs
- 741 programs that crashed when passed a null argv[0] parameter in Debian (27% crash rate)
- 3 segmentation faults when fuzzing most SUID/SGID programs in Debian
- 16 vulnerabilities found in Debian packages and 15 in Fedora packages after scanning for signatures of embedded vulnerable libraries
Linux distributions are using the results to improve security testing and patch vulnerabilities.
MODERN MALWARE: OBFUSCATION AND EMULATION DEF CON CHINA 1.0 (2019)Alexandre Borges
Modern advanced malware samples are used to infect countries and they make part of the current cyber war, cyber espionage and financial attacks. Furthermore, critical actors, who write these malicious codes, try to make the static and dynamic analysis really hard by heavily obfuscating and, eventually, virtualizing codes using techniques such as CFG, call stack manipulation, dead code, opaque predicate and so on. Understanding these concepts and how they are used with virtualized packers is an advantage to learn the main anti-reversing techniques.
Therefore, to manage complex scenarios as exposed above, we are able to use frameworks such as METASM, MIASM and several dynamic static emulation techniques to make code simpler. At end, the goal is to reduce the code (most of time by using symbolic analysis), making us able to get a better understanding about the threat. Additionally, the introduction of dynamic tracing (DTrace) on Windows can help us to having a better understanding about programs and their behavior.
This presentation aims to show concepts and a practical approach on how to handle these reverse engineering challenges and techniques
1. The document discusses modern techniques used by malware to obfuscate code, such as virtualization, encryption, and anti-reversing tricks.
2. Packers and protectors like VMProtect, Themida, and Arxan use virtual machines and other techniques to transform and encrypt code, making static analysis very difficult.
3. Reversing obfuscated code involves understanding how the virtual machine works, including how it fetches, decodes, and dispatches instructions to handlers. The document provides examples of how virtualized code is structured and executed.
Ten years analysing large code bases: a perspectiveRoberto Di Cosmo
The document discusses the author's 10 years of experience analyzing large code bases, with a focus on improving package quality assurance (QA) for GNU/Linux distributions. It describes how distributions industrialized free software by acting as intermediaries between developers and users. It then outlines the author's work studying and developing tools to help distributions more efficiently ensure package installability, find incompatible packages, and predict issues from repository updates. The talk concludes with a call to action to address software fragility and a discussion of the Software Heritage project.
Geared towards bioinformatics students and taking a somewhat humoristic point of view, this presentation explains what bioinformaticians are and what they do.
A Survey of NGS Data Analysis on HadoopChung-Tsai Su
This document discusses approaches to analyzing next-generation sequencing (NGS) data on Hadoop. It summarizes three tools - CloudBurst, CloudAligner, and DistMap - that use distributed computing for mapping DNA reads to a reference genome. It also discusses challenges related to processing large NGS datasets and the need for scalable solutions. Hardware approaches like the bina processor are presented as ways to accelerate NGS analysis. Overall, the document outlines the rise of NGS as generating big genomic data and the computational challenges in analyzing this data at scale.
The trials and tribulations of providing engineering infrastructure TechExeter
The document discusses lessons learned from running engineering infrastructure at Arm. It discusses several key points:
1) Shared infrastructure can lead to compromise and additional effort with no value if used for multiple disciplines. Specialized environments for each discipline are preferred.
2) Automation is critical to avoid inefficiencies from rapid growth outpacing manual processes. Automate where possible.
3) Ubiquitous shared storage breeds laziness and poor data management practices that do not scale. More controlled use of storage is needed.
4) Educating engineers on responsible infrastructure use is important, as not all have expertise in large-scale systems. Partnership and guidance is preferred over being solely "the police".
Software Bertillonage: Finding the Provenance of an Entitymigod
Slides from the paper presented at the 2011 IEEE Intl Conf on Mining Software Repositories, by Julius Davies, Daniel German, Mike Godfrey, and Abram Hindle
Simple Bugs and Vulnerabilities in Linux DistributionsSilvio Cesare
This talk discusses automated techniques for finding bugs and vulnerabilities in Linux software packages. The techniques were able to find:
- 27+ bug reports submitted to Debian after scanning for memset function bugs
- 741 programs that crashed when passed a null argv[0] parameter in Debian (27% crash rate)
- 3 segmentation faults when fuzzing most SUID/SGID programs in Debian
- 16 vulnerabilities found in Debian packages and 15 in Fedora packages after scanning for signatures of embedded vulnerable libraries
Linux distributions are using the results to improve security testing and patch vulnerabilities.
MODERN MALWARE: OBFUSCATION AND EMULATION DEF CON CHINA 1.0 (2019)Alexandre Borges
Modern advanced malware samples are used to infect countries and they make part of the current cyber war, cyber espionage and financial attacks. Furthermore, critical actors, who write these malicious codes, try to make the static and dynamic analysis really hard by heavily obfuscating and, eventually, virtualizing codes using techniques such as CFG, call stack manipulation, dead code, opaque predicate and so on. Understanding these concepts and how they are used with virtualized packers is an advantage to learn the main anti-reversing techniques.
Therefore, to manage complex scenarios as exposed above, we are able to use frameworks such as METASM, MIASM and several dynamic static emulation techniques to make code simpler. At end, the goal is to reduce the code (most of time by using symbolic analysis), making us able to get a better understanding about the threat. Additionally, the introduction of dynamic tracing (DTrace) on Windows can help us to having a better understanding about programs and their behavior.
This presentation aims to show concepts and a practical approach on how to handle these reverse engineering challenges and techniques
1. The document discusses modern techniques used by malware to obfuscate code, such as virtualization, encryption, and anti-reversing tricks.
2. Packers and protectors like VMProtect, Themida, and Arxan use virtual machines and other techniques to transform and encrypt code, making static analysis very difficult.
3. Reversing obfuscated code involves understanding how the virtual machine works, including how it fetches, decodes, and dispatches instructions to handlers. The document provides examples of how virtualized code is structured and executed.
Ten years analysing large code bases: a perspectiveRoberto Di Cosmo
The document discusses the author's 10 years of experience analyzing large code bases, with a focus on improving package quality assurance (QA) for GNU/Linux distributions. It describes how distributions industrialized free software by acting as intermediaries between developers and users. It then outlines the author's work studying and developing tools to help distributions more efficiently ensure package installability, find incompatible packages, and predict issues from repository updates. The talk concludes with a call to action to address software fragility and a discussion of the Software Heritage project.
Geared towards bioinformatics students and taking a somewhat humoristic point of view, this presentation explains what bioinformaticians are and what they do.
A Survey of NGS Data Analysis on HadoopChung-Tsai Su
This document discusses approaches to analyzing next-generation sequencing (NGS) data on Hadoop. It summarizes three tools - CloudBurst, CloudAligner, and DistMap - that use distributed computing for mapping DNA reads to a reference genome. It also discusses challenges related to processing large NGS datasets and the need for scalable solutions. Hardware approaches like the bina processor are presented as ways to accelerate NGS analysis. Overall, the document outlines the rise of NGS as generating big genomic data and the computational challenges in analyzing this data at scale.
Software has bugs and it seems to be unavoidable. To find them we often use code reviews and software testing. However, test an application and find no bugs does not mean the application is correct. Model checking is an automatic technique that can guarantee the absence of bugs (i.e. the correctness of a system) given a formal specification. This presentation shows the results of an empirical study on Bounded Model Checking in security context to verify its ability in identifying vulnerable code regions where multiple vulnerabilities in the code can affect each other in their detection.
La préservation des logiciels: défis et opportunités pour la reproductibilité...Roberto Di Cosmo
This document discusses the challenges of software preservation and reproducibility in science and technology. It outlines how software is a key component of modern research but is fragile and can be lost. The state of software reproducibility in computer systems research is examined, finding that the majority of papers could not be reproduced. The Software Heritage project is introduced which aims to collect, organize, preserve and share all software to address these issues and support reproducibility. Open source software and replication are advocated for as important principles for software preservation platforms. Collaboration from the community is needed to integrate software preservation into development and publishing workflows while addressing legal and licensing issues.
SAST and Application Security: how to fight vulnerabilities in the codeAndrey Karpov
The problem: The amount of code is growing; Error density grows non-linearly; Everybody wants quality and SAFE code; Old QA methods are not good enough.
Reproducible bioinformatics pipelines with Docker and AndurilChristian Frech
Christian Frech presented on using Docker and Anduril to create reproducible bioinformatics pipelines. Anduril is a pipeline framework that aims to make pipelines modular, bundled with their execution environment, and able to be run on clusters. It uses a proprietary scripting language but can embed other languages. Frech demonstrated an RNA-seq analysis pipeline built in Anduril, which generated QC plots, differential expression results, network and enrichment analyses. While adoption of Anduril has been limited by its scripting language, Docker can be used to containerize components and make pipelines fully reproducible and portable.
This document provides an outline for a presentation on RNA sequencing. It discusses the history of DNA sequencing and 64-bit computing advances that enabled RNA sequencing. It then describes the RNA sequencing workflow, challenges like detecting signal vs noise, and visualization tools for mapped RNA sequencing results like the UCSC Genome Browser.
IDA Vulnerabilities and Bug Bounty by Masaaki ChidaCODE BLUE
IDA Pro is an advanced disassembler software and often used in vulnerability research and malware analysis. IDA Pro is used to analyse software behavior in detail, if there was a vulnerability and the user is attacked not only can it have impact in a social sense but also impact legal proceedings. In this presentation I will discuss the vulnerabilities found and attacks leveraging the vulnerabilities and Hex-rays's remediation process and dialogue I had with them.
http://codeblue.jp/en-speaker.html#MasaakiChida
LUGM-Update of the Illumina Analysis PipelineHai-Wei Yen
Illumina VariantStudio is a powerful annotation tool for analyzing and interpreting variants from NGS data. It allows users to import VCF or gVCF files, annotate variants using various databases, filter variants, classify variants, and generate customizable reports. VariantStudio streamlines the analysis workflow from raw data to meaningful biological insights.
Finding Resource Manipulation Bugs in Linux CodeAndrzej Wasowski
This document discusses finding bugs in Linux kernel code using type-and-effect abstraction. It describes how type and effect inference can be used to model Linux kernel code and detect bugs related to memory safety, data races, and other issues. The approach has been implemented in a tool called the Effect-Based Analyzer (EBA) and has found several new bugs in Linux driver code. Handling preprocessor directives (#ifdefs) is important for analyzing highly-configurable systems like the Linux kernel and is an area of ongoing work.
Slides of my inaugural lecture as professor of Software Engineering at IT University of Copenhagen. An attempt to explain what software engineering research is (for me) by example. Presented on December 1st, 2016 at IT University.
Dependency Bugs The Dark Side Of Variability, Reuse, and ModularityAndrzej Wasowski
This document discusses dependency bugs in ROS (Robot Operating System), an open-source robotics middleware. The authors define dependency bugs and analyze their prevalence and impact based on a study of over 100 bugs reports. They find that 53% of ROS packages are affected by dependency bugs, which attract more discussion than other bugs. While each dependency bug may seem simple to fix, together they represent a significant and ongoing problem due to the complex web of dependencies in ROS. The document calls for more work to reduce the occurrence of these bugs.
An Empirical Study on Inconsistent Changes to Code Clones at Release LevelNicolas Bettenburg
This is a talk I gave at the 2009 Working Conference on Reverse Engineering in Lille, France about our work on the effects of inconsistent changes on software quality if we observe them at a release level.
Research seminar slides at URJC June 6. Briefly: social analysis; more detailed: static analysis and co-evolution (joint w Landman, Vinju, Muske; Businge).
The document summarizes a working session on software engineering myths held on October 4, 2007 in Paris. The session included discussions of common myths in areas such as complexity, bugs, clones, aspect-oriented programming, and project management. Participants shared and debated myths in small group discussions. Some examples of myths discussed include the ideas that complexity leads to more bugs, clones are always bad, and aspect-oriented programs are inherently easier to maintain. The session aimed to evaluate whether such perceptions are truly myths or if aspects of them have been found to hold true in various studies.
Archeology for Entertainment, or Checking Microsoft Word 1.1a with PVS-StudioAndrey Karpov
The document discusses analyzing the source code of Microsoft Word 1.1a from 1990 using the PVS-Studio static analyzer. Some key findings include:
1. An infinite loop was found in a function due to an unsigned variable being decreased indefinitely.
2. A typo led to an array overrun by accessing beyond the bounds of a 5 element array.
3. Several instances of undefined behavior were discovered where variables were modified between uses.
4. Other issues included uninitialized variables, incorrect format strings in printf, and logical errors in conditions.
Despite the age of the code, the analysis revealed several bugs, demonstrating static analysis remains useful on older code bases.
The document discusses various tools and methods for managing variability in software, including clone-and-own with version control, interpreted configuration files, feature modeling and compile-time variability, and domain-specific languages. It provides examples of each technique using code snippets from Linux kernel configuration and a fire alarm system model. The key tradeoffs between static and dynamic variability techniques are explored, as well as when each approach is most applicable and beneficial.
Learning to Spot and Refactor Inconsistent Method NamesDongsun Kim
To ensure code readability and facilitate software maintenance, program methods must be named properly. In particular, method names must be consistent with the corresponding method implementations. Debugging method names remains an important topic in the literature, where various approaches analyze commonalities among method names in a large dataset to detect inconsistent method names and suggest better ones. We note that the state-of-the-art does not analyze the implemented code itself to assess consistency. We thus propose a novel automated approach to debugging method names based on the analysis of consistency between method names and method code. The approach leverages deep feature representation techniques adapted to the nature of each artifact. Experimental results on over 2.1 million Java methods show that we can achieve up to 15 percentage points improvement over the state-of-the-art, establishing a record performance of 67.9% F1-measure in identifying inconsistent method names. We further demonstrate that our approach yields up to 25% accuracy in suggesting full names, while the state-of-the-art lags far behind at 1.1% accuracy. Finally, we report on our success in fixing 66 inconsistent method names in a live study on projects in the wild.
Introduction into Fault-tolerant Distributed Algorithms and their Modeling (P...Iosif Itkin
The document discusses the challenges of modeling and verifying fault-tolerant distributed algorithms. It notes that subtle bugs can hide in complex concurrent systems even with extensive testing. It advocates using a precise high-level description of a design and sound verification methods to analyze these algorithms more thoroughly. The key challenges identified include modeling diverse fault models, parameterized systems, and the interplay of safety and liveness properties.
Pitfalls and limits of dynamic malware analysisTamas K Lengyel
This document discusses the pitfalls and limits of dynamic malware analysis. It summarizes that dynamic analysis aims to observe malware execution but is challenging due to evasion techniques. Several problems are outlined, including the difficulty of scalability, isolation, and stealth when analyzing malware. The document also discusses issues with using debuggers, emulators, and hypervisor introspection for dynamic analysis. It notes that complete stealth is not feasible and that halting and evasion problems cannot be fully solved.
This document introduces EMBA, a free and open-source firmware analysis tool. It describes EMBA's extraction and analysis modules that can extract firmware components like Linux filesystems, decrypt images, and analyze the firmware using tools like binwalk and Yara rules. EMBA aims to automate common firmware analysis tasks and identify security issues like outdated components, weak configurations, and potential 0-day vulnerabilities through static and dynamic analysis techniques.
This document discusses non-blocking synchronization as an alternative to lock-based synchronization for parallel applications. It begins by asking whether non-blocking synchronization can provide performance benefits over lock-based approaches for scientific applications. It then describes NOBLE, a non-blocking synchronization interface designed to make non-blocking techniques more accessible to parallel programmers. The document concludes by discussing evaluations of applications modified to use non-blocking synchronization and the performance improvements observed.
Software has bugs and it seems to be unavoidable. To find them we often use code reviews and software testing. However, test an application and find no bugs does not mean the application is correct. Model checking is an automatic technique that can guarantee the absence of bugs (i.e. the correctness of a system) given a formal specification. This presentation shows the results of an empirical study on Bounded Model Checking in security context to verify its ability in identifying vulnerable code regions where multiple vulnerabilities in the code can affect each other in their detection.
La préservation des logiciels: défis et opportunités pour la reproductibilité...Roberto Di Cosmo
This document discusses the challenges of software preservation and reproducibility in science and technology. It outlines how software is a key component of modern research but is fragile and can be lost. The state of software reproducibility in computer systems research is examined, finding that the majority of papers could not be reproduced. The Software Heritage project is introduced which aims to collect, organize, preserve and share all software to address these issues and support reproducibility. Open source software and replication are advocated for as important principles for software preservation platforms. Collaboration from the community is needed to integrate software preservation into development and publishing workflows while addressing legal and licensing issues.
SAST and Application Security: how to fight vulnerabilities in the codeAndrey Karpov
The problem: The amount of code is growing; Error density grows non-linearly; Everybody wants quality and SAFE code; Old QA methods are not good enough.
Reproducible bioinformatics pipelines with Docker and AndurilChristian Frech
Christian Frech presented on using Docker and Anduril to create reproducible bioinformatics pipelines. Anduril is a pipeline framework that aims to make pipelines modular, bundled with their execution environment, and able to be run on clusters. It uses a proprietary scripting language but can embed other languages. Frech demonstrated an RNA-seq analysis pipeline built in Anduril, which generated QC plots, differential expression results, network and enrichment analyses. While adoption of Anduril has been limited by its scripting language, Docker can be used to containerize components and make pipelines fully reproducible and portable.
This document provides an outline for a presentation on RNA sequencing. It discusses the history of DNA sequencing and 64-bit computing advances that enabled RNA sequencing. It then describes the RNA sequencing workflow, challenges like detecting signal vs noise, and visualization tools for mapped RNA sequencing results like the UCSC Genome Browser.
IDA Vulnerabilities and Bug Bounty by Masaaki ChidaCODE BLUE
IDA Pro is an advanced disassembler software and often used in vulnerability research and malware analysis. IDA Pro is used to analyse software behavior in detail, if there was a vulnerability and the user is attacked not only can it have impact in a social sense but also impact legal proceedings. In this presentation I will discuss the vulnerabilities found and attacks leveraging the vulnerabilities and Hex-rays's remediation process and dialogue I had with them.
http://codeblue.jp/en-speaker.html#MasaakiChida
LUGM-Update of the Illumina Analysis PipelineHai-Wei Yen
Illumina VariantStudio is a powerful annotation tool for analyzing and interpreting variants from NGS data. It allows users to import VCF or gVCF files, annotate variants using various databases, filter variants, classify variants, and generate customizable reports. VariantStudio streamlines the analysis workflow from raw data to meaningful biological insights.
Finding Resource Manipulation Bugs in Linux CodeAndrzej Wasowski
This document discusses finding bugs in Linux kernel code using type-and-effect abstraction. It describes how type and effect inference can be used to model Linux kernel code and detect bugs related to memory safety, data races, and other issues. The approach has been implemented in a tool called the Effect-Based Analyzer (EBA) and has found several new bugs in Linux driver code. Handling preprocessor directives (#ifdefs) is important for analyzing highly-configurable systems like the Linux kernel and is an area of ongoing work.
Slides of my inaugural lecture as professor of Software Engineering at IT University of Copenhagen. An attempt to explain what software engineering research is (for me) by example. Presented on December 1st, 2016 at IT University.
Dependency Bugs The Dark Side Of Variability, Reuse, and ModularityAndrzej Wasowski
This document discusses dependency bugs in ROS (Robot Operating System), an open-source robotics middleware. The authors define dependency bugs and analyze their prevalence and impact based on a study of over 100 bugs reports. They find that 53% of ROS packages are affected by dependency bugs, which attract more discussion than other bugs. While each dependency bug may seem simple to fix, together they represent a significant and ongoing problem due to the complex web of dependencies in ROS. The document calls for more work to reduce the occurrence of these bugs.
An Empirical Study on Inconsistent Changes to Code Clones at Release LevelNicolas Bettenburg
This is a talk I gave at the 2009 Working Conference on Reverse Engineering in Lille, France about our work on the effects of inconsistent changes on software quality if we observe them at a release level.
Research seminar slides at URJC June 6. Briefly: social analysis; more detailed: static analysis and co-evolution (joint w Landman, Vinju, Muske; Businge).
The document summarizes a working session on software engineering myths held on October 4, 2007 in Paris. The session included discussions of common myths in areas such as complexity, bugs, clones, aspect-oriented programming, and project management. Participants shared and debated myths in small group discussions. Some examples of myths discussed include the ideas that complexity leads to more bugs, clones are always bad, and aspect-oriented programs are inherently easier to maintain. The session aimed to evaluate whether such perceptions are truly myths or if aspects of them have been found to hold true in various studies.
Archeology for Entertainment, or Checking Microsoft Word 1.1a with PVS-StudioAndrey Karpov
The document discusses analyzing the source code of Microsoft Word 1.1a from 1990 using the PVS-Studio static analyzer. Some key findings include:
1. An infinite loop was found in a function due to an unsigned variable being decreased indefinitely.
2. A typo led to an array overrun by accessing beyond the bounds of a 5 element array.
3. Several instances of undefined behavior were discovered where variables were modified between uses.
4. Other issues included uninitialized variables, incorrect format strings in printf, and logical errors in conditions.
Despite the age of the code, the analysis revealed several bugs, demonstrating static analysis remains useful on older code bases.
The document discusses various tools and methods for managing variability in software, including clone-and-own with version control, interpreted configuration files, feature modeling and compile-time variability, and domain-specific languages. It provides examples of each technique using code snippets from Linux kernel configuration and a fire alarm system model. The key tradeoffs between static and dynamic variability techniques are explored, as well as when each approach is most applicable and beneficial.
Learning to Spot and Refactor Inconsistent Method NamesDongsun Kim
To ensure code readability and facilitate software maintenance, program methods must be named properly. In particular, method names must be consistent with the corresponding method implementations. Debugging method names remains an important topic in the literature, where various approaches analyze commonalities among method names in a large dataset to detect inconsistent method names and suggest better ones. We note that the state-of-the-art does not analyze the implemented code itself to assess consistency. We thus propose a novel automated approach to debugging method names based on the analysis of consistency between method names and method code. The approach leverages deep feature representation techniques adapted to the nature of each artifact. Experimental results on over 2.1 million Java methods show that we can achieve up to 15 percentage points improvement over the state-of-the-art, establishing a record performance of 67.9% F1-measure in identifying inconsistent method names. We further demonstrate that our approach yields up to 25% accuracy in suggesting full names, while the state-of-the-art lags far behind at 1.1% accuracy. Finally, we report on our success in fixing 66 inconsistent method names in a live study on projects in the wild.
Introduction into Fault-tolerant Distributed Algorithms and their Modeling (P...Iosif Itkin
The document discusses the challenges of modeling and verifying fault-tolerant distributed algorithms. It notes that subtle bugs can hide in complex concurrent systems even with extensive testing. It advocates using a precise high-level description of a design and sound verification methods to analyze these algorithms more thoroughly. The key challenges identified include modeling diverse fault models, parameterized systems, and the interplay of safety and liveness properties.
Pitfalls and limits of dynamic malware analysisTamas K Lengyel
This document discusses the pitfalls and limits of dynamic malware analysis. It summarizes that dynamic analysis aims to observe malware execution but is challenging due to evasion techniques. Several problems are outlined, including the difficulty of scalability, isolation, and stealth when analyzing malware. The document also discusses issues with using debuggers, emulators, and hypervisor introspection for dynamic analysis. It notes that complete stealth is not feasible and that halting and evasion problems cannot be fully solved.
This document introduces EMBA, a free and open-source firmware analysis tool. It describes EMBA's extraction and analysis modules that can extract firmware components like Linux filesystems, decrypt images, and analyze the firmware using tools like binwalk and Yara rules. EMBA aims to automate common firmware analysis tasks and identify security issues like outdated components, weak configurations, and potential 0-day vulnerabilities through static and dynamic analysis techniques.
This document discusses non-blocking synchronization as an alternative to lock-based synchronization for parallel applications. It begins by asking whether non-blocking synchronization can provide performance benefits over lock-based approaches for scientific applications. It then describes NOBLE, a non-blocking synchronization interface designed to make non-blocking techniques more accessible to parallel programmers. The document concludes by discussing evaluations of applications modified to use non-blocking synchronization and the performance improvements observed.
The Hacking Games - Operation System Vulnerabilities Meetup 29112022lior mazor
Our technology, work processes, and activities all are depend based on Operation Systems to be safe and secure. Join us virtually for our upcoming "The Hacking Games - Operation System Vulnerabilities" Meetup to learn how hacker can compromise Operation System, bypass AntiVirus protection layer and exploiting Linux eBPF.
Stuxnet was a sophisticated malware targeting industrial control systems that was attributed to nation-state sponsorship. The document discusses techniques for attributing malware through analysis of exploits, code quality, debug symbols, and automation. Attribution aims to profile adversary capabilities and differentiate between state-sponsored and criminal actors. Analysis of Stuxnet found use of older vulnerabilities, custom payloads, and insider knowledge of target systems, suggesting a high level of technical skill and resources from a nation state.
Software Preservation: challenges and opportunities for reproductibility (Sci...Roberto Di Cosmo
The document discusses the challenges of preserving software to ensure reproducibility in science. It notes that 81% of computer science papers studied were found to be non-reproducible due to a lack of available source code and documentation. Preserving software is complex as it often has dependencies on other software and hardware. However, software embodies much of our scientific and technical knowledge, so efforts must be made to preserve and provide access to source code in order to establish reproducibility as the foundation of scientific inquiry.
"Keynote - Preserving Software: Challenges and Opportunities for Reproducibility of Science and Technology"
By Roberto Di Cosmo, Irill for ScilabTEC 2015
Containers improve portability and reproducibility of scientific software and analyses. They allow researchers to easily share and rerun analyses across different computing environments without needing to configure software dependencies. Container technologies like Docker and Singularity package code, dependencies, and configuration in a portable image. This allows analyses to be run identically on laptops, clusters, and collaborators' systems. Containers also help distribute complex pipelines and collections of analyses, and enable on-demand analyses through platforms like OpenNeuro.
The debris of the ‘last major merger’ is dynamically youngSérgio Sacani
The Milky Way’s (MW) inner stellar halo contains an [Fe/H]-rich component with highly eccentric orbits, often referred to as the
‘last major merger.’ Hypotheses for the origin of this component include Gaia-Sausage/Enceladus (GSE), where the progenitor
collided with the MW proto-disc 8–11 Gyr ago, and the Virgo Radial Merger (VRM), where the progenitor collided with the
MW disc within the last 3 Gyr. These two scenarios make different predictions about observable structure in local phase space,
because the morphology of debris depends on how long it has had to phase mix. The recently identified phase-space folds in Gaia
DR3 have positive caustic velocities, making them fundamentally different than the phase-mixed chevrons found in simulations
at late times. Roughly 20 per cent of the stars in the prograde local stellar halo are associated with the observed caustics. Based
on a simple phase-mixing model, the observed number of caustics are consistent with a merger that occurred 1–2 Gyr ago.
We also compare the observed phase-space distribution to FIRE-2 Latte simulations of GSE-like mergers, using a quantitative
measurement of phase mixing (2D causticality). The observed local phase-space distribution best matches the simulated data
1–2 Gyr after collision, and certainly not later than 3 Gyr. This is further evidence that the progenitor of the ‘last major merger’
did not collide with the MW proto-disc at early times, as is thought for the GSE, but instead collided with the MW disc within
the last few Gyr, consistent with the body of work surrounding the VRM.
When I was asked to give a companion lecture in support of ‘The Philosophy of Science’ (https://shorturl.at/4pUXz) I decided not to walk through the detail of the many methodologies in order of use. Instead, I chose to employ a long standing, and ongoing, scientific development as an exemplar. And so, I chose the ever evolving story of Thermodynamics as a scientific investigation at its best.
Conducted over a period of >200 years, Thermodynamics R&D, and application, benefitted from the highest levels of professionalism, collaboration, and technical thoroughness. New layers of application, methodology, and practice were made possible by the progressive advance of technology. In turn, this has seen measurement and modelling accuracy continually improved at a micro and macro level.
Perhaps most importantly, Thermodynamics rapidly became a primary tool in the advance of applied science/engineering/technology, spanning micro-tech, to aerospace and cosmology. I can think of no better a story to illustrate the breadth of scientific methodologies and applications at their best.
Immersive Learning That Works: Research Grounding and Paths ForwardLeonel Morgado
We will metaverse into the essence of immersive learning, into its three dimensions and conceptual models. This approach encompasses elements from teaching methodologies to social involvement, through organizational concerns and technologies. Challenging the perception of learning as knowledge transfer, we introduce a 'Uses, Practices & Strategies' model operationalized by the 'Immersive Learning Brain' and ‘Immersion Cube’ frameworks. This approach offers a comprehensive guide through the intricacies of immersive educational experiences and spotlighting research frontiers, along the immersion dimensions of system, narrative, and agency. Our discourse extends to stakeholders beyond the academic sphere, addressing the interests of technologists, instructional designers, and policymakers. We span various contexts, from formal education to organizational transformation to the new horizon of an AI-pervasive society. This keynote aims to unite the iLRN community in a collaborative journey towards a future where immersive learning research and practice coalesce, paving the way for innovative educational research and practice landscapes.
The use of Nauplii and metanauplii artemia in aquaculture (brine shrimp).pptxMAGOTI ERNEST
Although Artemia has been known to man for centuries, its use as a food for the culture of larval organisms apparently began only in the 1930s, when several investigators found that it made an excellent food for newly hatched fish larvae (Litvinenko et al., 2023). As aquaculture developed in the 1960s and ‘70s, the use of Artemia also became more widespread, due both to its convenience and to its nutritional value for larval organisms (Arenas-Pardo et al., 2024). The fact that Artemia dormant cysts can be stored for long periods in cans, and then used as an off-the-shelf food requiring only 24 h of incubation makes them the most convenient, least labor-intensive, live food available for aquaculture (Sorgeloos & Roubach, 2021). The nutritional value of Artemia, especially for marine organisms, is not constant, but varies both geographically and temporally. During the last decade, however, both the causes of Artemia nutritional variability and methods to improve poorquality Artemia have been identified (Loufi et al., 2024).
Brine shrimp (Artemia spp.) are used in marine aquaculture worldwide. Annually, more than 2,000 metric tons of dry cysts are used for cultivation of fish, crustacean, and shellfish larva. Brine shrimp are important to aquaculture because newly hatched brine shrimp nauplii (larvae) provide a food source for many fish fry (Mozanzadeh et al., 2021). Culture and harvesting of brine shrimp eggs represents another aspect of the aquaculture industry. Nauplii and metanauplii of Artemia, commonly known as brine shrimp, play a crucial role in aquaculture due to their nutritional value and suitability as live feed for many aquatic species, particularly in larval stages (Sorgeloos & Roubach, 2021).
ESPP presentation to EU Waste Water Network, 4th June 2024 “EU policies driving nutrient removal and recycling
and the revised UWWTD (Urban Waste Water Treatment Directive)”
EWOCS-I: The catalog of X-ray sources in Westerlund 1 from the Extended Weste...Sérgio Sacani
Context. With a mass exceeding several 104 M⊙ and a rich and dense population of massive stars, supermassive young star clusters
represent the most massive star-forming environment that is dominated by the feedback from massive stars and gravitational interactions
among stars.
Aims. In this paper we present the Extended Westerlund 1 and 2 Open Clusters Survey (EWOCS) project, which aims to investigate
the influence of the starburst environment on the formation of stars and planets, and on the evolution of both low and high mass stars.
The primary targets of this project are Westerlund 1 and 2, the closest supermassive star clusters to the Sun.
Methods. The project is based primarily on recent observations conducted with the Chandra and JWST observatories. Specifically,
the Chandra survey of Westerlund 1 consists of 36 new ACIS-I observations, nearly co-pointed, for a total exposure time of 1 Msec.
Additionally, we included 8 archival Chandra/ACIS-S observations. This paper presents the resulting catalog of X-ray sources within
and around Westerlund 1. Sources were detected by combining various existing methods, and photon extraction and source validation
were carried out using the ACIS-Extract software.
Results. The EWOCS X-ray catalog comprises 5963 validated sources out of the 9420 initially provided to ACIS-Extract, reaching a
photon flux threshold of approximately 2 × 10−8 photons cm−2
s
−1
. The X-ray sources exhibit a highly concentrated spatial distribution,
with 1075 sources located within the central 1 arcmin. We have successfully detected X-ray emissions from 126 out of the 166 known
massive stars of the cluster, and we have collected over 71 000 photons from the magnetar CXO J164710.20-455217.
Describing and Interpreting an Immersive Learning Case with the Immersion Cub...Leonel Morgado
Current descriptions of immersive learning cases are often difficult or impossible to compare. This is due to a myriad of different options on what details to include, which aspects are relevant, and on the descriptive approaches employed. Also, these aspects often combine very specific details with more general guidelines or indicate intents and rationales without clarifying their implementation. In this paper we provide a method to describe immersive learning cases that is structured to enable comparisons, yet flexible enough to allow researchers and practitioners to decide which aspects to include. This method leverages a taxonomy that classifies educational aspects at three levels (uses, practices, and strategies) and then utilizes two frameworks, the Immersive Learning Brain and the Immersion Cube, to enable a structured description and interpretation of immersive learning cases. The method is then demonstrated on a published immersive learning case on training for wind turbine maintenance using virtual reality. Applying the method results in a structured artifact, the Immersive Learning Case Sheet, that tags the case with its proximal uses, practices, and strategies, and refines the free text case description to ensure that matching details are included. This contribution is thus a case description method in support of future comparative research of immersive learning cases. We then discuss how the resulting description and interpretation can be leveraged to change immersion learning cases, by enriching them (considering low-effort changes or additions) or innovating (exploring more challenging avenues of transformation). The method holds significant promise to support better-grounded research in immersive learning.
The ability to recreate computational results with minimal effort and actionable metrics provides a solid foundation for scientific research and software development. When people can replicate an analysis at the touch of a button using open-source software, open data, and methods to assess and compare proposals, it significantly eases verification of results, engagement with a diverse range of contributors, and progress. However, we have yet to fully achieve this; there are still many sociotechnical frictions.
Inspired by David Donoho's vision, this talk aims to revisit the three crucial pillars of frictionless reproducibility (data sharing, code sharing, and competitive challenges) with the perspective of deep software variability.
Our observation is that multiple layers — hardware, operating systems, third-party libraries, software versions, input data, compile-time options, and parameters — are subject to variability that exacerbates frictions but is also essential for achieving robust, generalizable results and fostering innovation. I will first review the literature, providing evidence of how the complex variability interactions across these layers affect qualitative and quantitative software properties, thereby complicating the reproduction and replication of scientific studies in various fields.
I will then present some software engineering and AI techniques that can support the strategic exploration of variability spaces. These include the use of abstractions and models (e.g., feature models), sampling strategies (e.g., uniform, random), cost-effective measurements (e.g., incremental build of software configurations), and dimensionality reduction methods (e.g., transfer learning, feature selection, software debloating).
I will finally argue that deep variability is both the problem and solution of frictionless reproducibility, calling the software science community to develop new methods and tools to manage variability and foster reproducibility in software systems.
Exposé invité Journées Nationales du GDR GPL 2024
Deep Software Variability and Frictionless Reproducibility
Variability, Bugs, and Cognition
1. Variability,
Bugs,
and Cognition
Jean Melo
Iago Abal
Claus Brabrand
Stefan Stanciulescu
Andrzej W ˛asowski
@AndrzejWasowski
pyrrhocoris apterus (firebug)
c Andrzej W ˛asowski, IT University of Copenhagen 1
2. Bug-finding is a time-consuming and tedious task
in the presence of variability.
c Andrzej W ˛asowski, IT University of Copenhagen 2
3. Bug-finding is a time-consuming and tedious task
in the presence of variability.
Managing variability can become complex.
c Andrzej W ˛asowski, IT University of Copenhagen 2
4. Bug-finding is a time-consuming and tedious task
in the presence of variability.
Managing variability can become complex.
Variability specifications and realizations tend to
erode [..and..] become overly complex.
c Andrzej W ˛asowski, IT University of Copenhagen 2
5. Bug-finding is a time-consuming and tedious task
in the presence of variability.
Managing variability can become complex.
Variability specifications and realizations tend to
erode [..and..] become overly complex.
Understandability and maintainability may be
negatively affected.
c Andrzej W ˛asowski, IT University of Copenhagen 2
9. Problem → Solution
Problem ← Understanding
Why variability bugs appear ?
c Andrzej W ˛asowski, IT University of Copenhagen 3
10. Problem → Solution
Problem ← Understanding
Why variability bugs appear ?
Why #ifs research ? Aren’t #ifs just ifs?
c Andrzej W ˛asowski, IT University of Copenhagen 3
11. Problem → Solution
Problem ← Understanding
Why variability bugs appear ?
Why #ifs research ? Aren’t #ifs just ifs?
Special bug finding tools for variability?
c Andrzej W ˛asowski, IT University of Copenhagen 3
12. Problem → Solution
Problem ← Understanding
Why variability bugs appear ?
Why #ifs research ? Aren’t #ifs just ifs?
Special bug finding tools for variability?
Does the sheer # of configurations contribute to errors ?
c Andrzej W ˛asowski, IT University of Copenhagen 3
13. AGENDA
An artifact study of historical bugs (sketchy)
c Andrzej W ˛asowski, IT University of Copenhagen 4
14. AGENDA
An artifact study of historical bugs (sketchy)
Controlled Experiment I
Does variability affects time and accuracy of bug finding?
c Andrzej W ˛asowski, IT University of Copenhagen 4
15. AGENDA
An artifact study of historical bugs (sketchy)
Controlled Experiment I
Does variability affects time and accuracy of bug finding?
Controlled Experiment II
How does variability affects time and accuracy of bug finding?
c Andrzej W ˛asowski, IT University of Copenhagen 4
16. Let’s look at a bug
Dereferencing uninitialized pointer causes Kernel crash
1
2 if (inode->i_sb->s_magic == ... ) . . .
3
Bug 7acf6cd, see http://vbdb.itu.dk/#bug/linux/7acf6cd
Iago Abal. Claus Brabrand. Andrzej W ˛asowski.
42 variability bugs in the Linux kernel: A qualitative analysis. ASE 2014 + a journal submission c Andrzej W ˛asowski, IT University of Copenhagen 5
17. Let’s look at a bug
Dereferencing uninitialized pointer causes Kernel crash
1 #ifdef CONFIG_DEVPTS_MULTIPLE_INSTANCES
2 if (inode->i_sb->s_magic == ... ) . . .
3 #endif
void pts_sb_from_inode(struct inode * inode)
Bug 7acf6cd, see http://vbdb.itu.dk/#bug/linux/7acf6cd
Iago Abal. Claus Brabrand. Andrzej W ˛asowski.
42 variability bugs in the Linux kernel: A qualitative analysis. ASE 2014 + a journal submission c Andrzej W ˛asowski, IT University of Copenhagen 5
18. Let’s look at a bug
Dereferencing uninitialized pointer causes Kernel crash
1 #ifdef CONFIG_DEVPTS_MULTIPLE_INSTANCES
2 if (inode->i_sb->s_magic == ... ) . . .
3 #endif
void pts_sb_from_inode(struct inode * inode)
4
5 pts_sb_from_inode (tty->driver_data);
6
Bug 7acf6cd, see http://vbdb.itu.dk/#bug/linux/7acf6cd
Iago Abal. Claus Brabrand. Andrzej W ˛asowski.
42 variability bugs in the Linux kernel: A qualitative analysis. ASE 2014 + a journal submission c Andrzej W ˛asowski, IT University of Copenhagen 5
19. Let’s look at a bug
Dereferencing uninitialized pointer causes Kernel crash
1 #ifdef CONFIG_DEVPTS_MULTIPLE_INSTANCES
2 if (inode->i_sb->s_magic == ... ) . . .
3 #endif
void pts_sb_from_inode(struct inode * inode)
4 #ifdef CONFIG_UNIX98_PTYS
5 pts_sb_from_inode (tty->driver_data);
6 #endif
void pty_close(struct tty_struct * tty)
Bug 7acf6cd, see http://vbdb.itu.dk/#bug/linux/7acf6cd
Iago Abal. Claus Brabrand. Andrzej W ˛asowski.
42 variability bugs in the Linux kernel: A qualitative analysis. ASE 2014 + a journal submission c Andrzej W ˛asowski, IT University of Copenhagen 5
20. Let’s look at a bug
Dereferencing uninitialized pointer causes Kernel crash
1 #ifdef CONFIG_DEVPTS_MULTIPLE_INSTANCES
2 if (inode->i_sb->s_magic == ... ) . . .
3 #endif
void pts_sb_from_inode(struct inode * inode)
4 #ifdef CONFIG_UNIX98_PTYS
5 pts_sb_from_inode (tty->driver_data);
6 #endif
void pty_close(struct tty_struct * tty)
7
8 pty_close (tty)
Bug 7acf6cd, see http://vbdb.itu.dk/#bug/linux/7acf6cd
Iago Abal. Claus Brabrand. Andrzej W ˛asowski.
42 variability bugs in the Linux kernel: A qualitative analysis. ASE 2014 + a journal submission c Andrzej W ˛asowski, IT University of Copenhagen 5
21. Let’s look at a bug
Dereferencing uninitialized pointer causes Kernel crash
1 #ifdef CONFIG_DEVPTS_MULTIPLE_INSTANCES
2 if (inode->i_sb->s_magic == ... ) . . .
3 #endif
void pts_sb_from_inode(struct inode * inode)
4 #ifdef CONFIG_UNIX98_PTYS
5 pts_sb_from_inode (tty->driver_data);
6 #endif
void pty_close(struct tty_struct * tty)
7 tty = kzalloc(sizeof (*tty), GFP_KERNEL);
8 pty_close (tty)
· · ·
Bug 7acf6cd, see http://vbdb.itu.dk/#bug/linux/7acf6cd
Iago Abal. Claus Brabrand. Andrzej W ˛asowski.
42 variability bugs in the Linux kernel: A qualitative analysis. ASE 2014 + a journal submission c Andrzej W ˛asowski, IT University of Copenhagen 5
22. A Study of Known Variability Bugs
(Sizes below as of December 2015)
System Domain LOC #Features #Commits
Marlin 3D-printer firmware 0.04M 821 2,783
BusyBox UNIX utilities 0.20M 551 13,878
Apache Web Server 0.20M 681 27,677
Linux kernel Operating system 12.70M 14,295 448,314
Iago Abal. Claus Brabrand. Andrzej W ˛asowski.
42 variability bugs in the Linux kernel: A qualitative analysis. ASE 2014 + a journal submission c Andrzej W ˛asowski, IT University of Copenhagen 6
23. A Study of Known Variability Bugs
(Sizes below as of December 2015)
System Domain LOC #Features #Commits
Marlin 3D-printer firmware 0.04M 821 2,783
BusyBox UNIX utilities 0.20M 551 13,878
Apache Web Server 0.20M 681 27,677
Linux kernel Operating system 12.70M 14,295 448,314 interview
Iago Abal. Claus Brabrand. Andrzej W ˛asowski.
42 variability bugs in the Linux kernel: A qualitative analysis. ASE 2014 + a journal submission c Andrzej W ˛asowski, IT University of Copenhagen 6
24. A Study of Known Variability Bugs
(Sizes below as of December 2015)
System Domain LOC #Features #Commits
Marlin 3D-printer firmware 0.04M 821 2,783
BusyBox UNIX utilities 0.20M 551 13,878
Apache Web Server 0.20M 681 27,677
Linux kernel Operating system 12.70M 14,295 448,314 interview
The original research questions:
RQ1: Are variability bugs limited to specific type of bugs, features, or locations?
RQ2: In what ways does variability affect bugs?
But today, I will fish answers to other RQs ...
Iago Abal. Claus Brabrand. Andrzej W ˛asowski.
42 variability bugs in the Linux kernel: A qualitative analysis. ASE 2014 + a journal submission c Andrzej W ˛asowski, IT University of Copenhagen 6
25. Let’s have a look at a bug
http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=7acf6cd80b201f77371a5374a786144153629be8
c Andrzej W ˛asowski, IT University of Copenhagen 7
26. Let’s have a look at a bug
http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=7acf6cd80b201f77371a5374a786144153629be8
c Andrzej W ˛asowski, IT University of Copenhagen 7
28. What do we find in these variability bugs ?
A quick extract
Bugs “in” the correct code (in some correct configuration)
The programmer got his configuration right
Iago Abal. Claus Brabrand. Andrzej W ˛asowski.
42 variability bugs in the Linux kernel: A qualitative analysis. ASE 2014 + a journal submission c Andrzej W ˛asowski, IT University of Copenhagen 9
29. What do we find in these variability bugs ?
A quick extract
Bugs “in” the correct code (in some correct configuration)
The programmer got his configuration right
Iago Abal. Claus Brabrand. Andrzej W ˛asowski.
42 variability bugs in the Linux kernel: A qualitative analysis. ASE 2014 + a journal submission c Andrzej W ˛asowski, IT University of Copenhagen 9
30. What do we find in these variability bugs ?
A quick extract
Bugs “in” the correct code (in some correct configuration)
The programmer got his configuration right
Bugs appear in unanticipated configurations
The programmer did not think about other configurations
Essentially all 98 bugs appear to be such ...
Iago Abal. Claus Brabrand. Andrzej W ˛asowski.
42 variability bugs in the Linux kernel: A qualitative analysis. ASE 2014 + a journal submission c Andrzej W ˛asowski, IT University of Copenhagen 9
31. What do we find in these variability bugs ?
A quick extract
Bugs “in” the correct code (in some correct configuration)
The programmer got his configuration right
Bugs appear in unanticipated configurations
The programmer did not think about other configurations
Essentially all 98 bugs appear to be such ...
Iago Abal. Claus Brabrand. Andrzej W ˛asowski.
42 variability bugs in the Linux kernel: A qualitative analysis. ASE 2014 + a journal submission c Andrzej W ˛asowski, IT University of Copenhagen 9
32. What do we find in these variability bugs ?
A quick extract
Bugs “in” the correct code (in some correct configuration)
The programmer got his configuration right
Bugs appear in unanticipated configurations
The programmer did not think about other configurations
Essentially all 98 bugs appear to be such ...
Bugs may involve non-locally defined features (defined in other subsystems)
30 out of 43 Linux bugs in VBDB have this feature
Iago Abal. Claus Brabrand. Andrzej W ˛asowski.
42 variability bugs in the Linux kernel: A qualitative analysis. ASE 2014 + a journal submission c Andrzej W ˛asowski, IT University of Copenhagen 9
33. What do we find in these variability bugs ?
A quick extract
Bugs “in” the correct code (in some correct configuration)
The programmer got his configuration right
Bugs appear in unanticipated configurations
The programmer did not think about other configurations
Essentially all 98 bugs appear to be such ...
Bugs may involve non-locally defined features (defined in other subsystems)
30 out of 43 Linux bugs in VBDB have this feature
Iago Abal. Claus Brabrand. Andrzej W ˛asowski.
42 variability bugs in the Linux kernel: A qualitative analysis. ASE 2014 + a journal submission c Andrzej W ˛asowski, IT University of Copenhagen 9
34. What do we find in these variability bugs ?
A quick extract
Bugs “in” the correct code (in some correct configuration)
The programmer got his configuration right
Bugs appear in unanticipated configurations
The programmer did not think about other configurations
Essentially all 98 bugs appear to be such ...
Bugs may involve non-locally defined features (defined in other subsystems)
30 out of 43 Linux bugs in VBDB have this feature
The interviewed developer: cross-cutting features are a frequent source of
problems; Developers are often experts only in a particular subsystem.
Iago Abal. Claus Brabrand. Andrzej W ˛asowski.
42 variability bugs in the Linux kernel: A qualitative analysis. ASE 2014 + a journal submission c Andrzej W ˛asowski, IT University of Copenhagen 9
35. What do we find in these variability bugs ?
A quick extract
Bugs “in” the correct code (in some correct configuration)
The programmer got his configuration right
Bugs appear in unanticipated configurations
The programmer did not think about other configurations
Essentially all 98 bugs appear to be such ...
Bugs may involve non-locally defined features (defined in other subsystems)
30 out of 43 Linux bugs in VBDB have this feature
The interviewed developer: cross-cutting features are a frequent source of
problems; Developers are often experts only in a particular subsystem.
Iago Abal. Claus Brabrand. Andrzej W ˛asowski.
42 variability bugs in the Linux kernel: A qualitative analysis. ASE 2014 + a journal submission c Andrzej W ˛asowski, IT University of Copenhagen 9
36. What do we find in these variability bugs ?
A quick extract
Bugs “in” the correct code (in some correct configuration)
The programmer got his configuration right
Bugs appear in unanticipated configurations
The programmer did not think about other configurations
Essentially all 98 bugs appear to be such ...
Bugs may involve non-locally defined features (defined in other subsystems)
30 out of 43 Linux bugs in VBDB have this feature
The interviewed developer: cross-cutting features are a frequent source of
problems; Developers are often experts only in a particular subsystem.
“Code cluttered with ifdefs is difficult to read and maintain. Don’t do it.
Instead put your ifdefs in a header, and conditionally define ‘static inline’
functions or macros, which are used in the code.” [submitting patches]
Iago Abal. Claus Brabrand. Andrzej W ˛asowski.
42 variability bugs in the Linux kernel: A qualitative analysis. ASE 2014 + a journal submission c Andrzej W ˛asowski, IT University of Copenhagen 9
37. What do we find in these variability bugs ?
A quick extract
Bugs “in” the correct code (in some correct configuration)
The programmer got his configuration right
Bugs appear in unanticipated configurations
The programmer did not think about other configurations
Essentially all 98 bugs appear to be such ...
Bugs may involve non-locally defined features (defined in other subsystems)
30 out of 43 Linux bugs in VBDB have this feature
The interviewed developer: cross-cutting features are a frequent source of
problems; Developers are often experts only in a particular subsystem.
“Code cluttered with ifdefs is difficult to read and maintain. Don’t do it.
Instead put your ifdefs in a header, and conditionally define ‘static inline’
functions or macros, which are used in the code.” [submitting patches]
Iago Abal. Claus Brabrand. Andrzej W ˛asowski.
42 variability bugs in the Linux kernel: A qualitative analysis. ASE 2014 + a journal submission c Andrzej W ˛asowski, IT University of Copenhagen 9
38. An interesting pattern with negative conditions
(a presence conditions for a bug to trigger)
49 some-enabled
21 a
21 a ∧ b
6 a ∧ b ∧ c
1 a ∧ b ∧ c ∧ d ∧ e
45 some-enabled-one-disabled
20 ¬a
20 a ∧ ¬b incl.: (a ∨ a ) ∧ ¬b
4 a ∧ b ∧ ¬c
1 a ∧ b ∧ c ∧ d ∧ ¬e
4 other configurations
1 ¬a ∧ ¬b
1 a ∧ ¬b ∧ ¬c
2 a ∧ ¬b ∧ ¬c ∧ ¬d ∧ ¬e
structure of the sufficient presence condition for the bug
Iago Abal. Claus Brabrand. Andrzej W ˛asowski.
42 variability bugs in the Linux kernel: A qualitative analysis. ASE 2014 + a journal submission c Andrzej W ˛asowski, IT University of Copenhagen 10
39. An interesting pattern with negative conditions
(a presence conditions for a bug to trigger)
49 some-enabled
21 a
21 a ∧ b
6 a ∧ b ∧ c
1 a ∧ b ∧ c ∧ d ∧ e
45 some-enabled-one-disabled
20 ¬a
20 a ∧ ¬b incl.: (a ∨ a ) ∧ ¬b
4 a ∧ b ∧ ¬c
1 a ∧ b ∧ c ∧ d ∧ ¬e
4 other configurations
1 ¬a ∧ ¬b
1 a ∧ ¬b ∧ ¬c
2 a ∧ ¬b ∧ ¬c ∧ ¬d ∧ ¬e
structure of the sufficient presence condition for the bug
pattern frequency in our bug collection
Iago Abal. Claus Brabrand. Andrzej W ˛asowski.
42 variability bugs in the Linux kernel: A qualitative analysis. ASE 2014 + a journal submission c Andrzej W ˛asowski, IT University of Copenhagen 10
40. An interesting pattern with negative conditions
(a presence conditions for a bug to trigger)
49 some-enabled
21 a
21 a ∧ b
6 a ∧ b ∧ c
1 a ∧ b ∧ c ∧ d ∧ e
45 some-enabled-one-disabled
20 ¬a
20 a ∧ ¬b incl.: (a ∨ a ) ∧ ¬b
4 a ∧ b ∧ ¬c
1 a ∧ b ∧ c ∧ d ∧ ¬e
4 other configurations
1 ¬a ∧ ¬b
1 a ∧ ¬b ∧ ¬c
2 a ∧ ¬b ∧ ¬c ∧ ¬d ∧ ¬e
structure of the sufficient presence condition for the bug
pattern frequency in our bug collection
Iago Abal. Claus Brabrand. Andrzej W ˛asowski.
42 variability bugs in the Linux kernel: A qualitative analysis. ASE 2014 + a journal submission c Andrzej W ˛asowski, IT University of Copenhagen 10
41. An interesting pattern with negative conditions
(a presence conditions for a bug to trigger)
49 some-enabled
21 a
21 a ∧ b
6 a ∧ b ∧ c
1 a ∧ b ∧ c ∧ d ∧ e
45 some-enabled-one-disabled
20 ¬a
20 a ∧ ¬b incl.: (a ∨ a ) ∧ ¬b
4 a ∧ b ∧ ¬c
1 a ∧ b ∧ c ∧ d ∧ ¬e
4 other configurations
1 ¬a ∧ ¬b
1 a ∧ ¬b ∧ ¬c
2 a ∧ ¬b ∧ ¬c ∧ ¬d ∧ ¬e
structure of the sufficient presence condition for the bug
pattern frequency in our bug collection
In Linux commit 60e233a5660 function
add_uevent_var with HOTPLUG disabled overflows a
buffer
Iago Abal. Claus Brabrand. Andrzej W ˛asowski.
42 variability bugs in the Linux kernel: A qualitative analysis. ASE 2014 + a journal submission c Andrzej W ˛asowski, IT University of Copenhagen 10
42. An interesting pattern with negative conditions
(a presence conditions for a bug to trigger)
49 some-enabled
21 a
21 a ∧ b
6 a ∧ b ∧ c
1 a ∧ b ∧ c ∧ d ∧ e
45 some-enabled-one-disabled
20 ¬a
20 a ∧ ¬b incl.: (a ∨ a ) ∧ ¬b
4 a ∧ b ∧ ¬c
1 a ∧ b ∧ c ∧ d ∧ ¬e
4 other configurations
1 ¬a ∧ ¬b
1 a ∧ ¬b ∧ ¬c
2 a ∧ ¬b ∧ ¬c ∧ ¬d ∧ ¬e
structure of the sufficient presence condition for the bug
pattern frequency in our bug collection
In Linux commit 60e233a5660 function
add_uevent_var with HOTPLUG disabled overflows a
buffer
Originally we spinned this for testing and sampling
Iago Abal. Claus Brabrand. Andrzej W ˛asowski.
42 variability bugs in the Linux kernel: A qualitative analysis. ASE 2014 + a journal submission c Andrzej W ˛asowski, IT University of Copenhagen 10
43. An interesting pattern with negative conditions
(a presence conditions for a bug to trigger)
49 some-enabled
21 a
21 a ∧ b
6 a ∧ b ∧ c
1 a ∧ b ∧ c ∧ d ∧ e
45 some-enabled-one-disabled
20 ¬a
20 a ∧ ¬b incl.: (a ∨ a ) ∧ ¬b
4 a ∧ b ∧ ¬c
1 a ∧ b ∧ c ∧ d ∧ ¬e
4 other configurations
1 ¬a ∧ ¬b
1 a ∧ ¬b ∧ ¬c
2 a ∧ ¬b ∧ ¬c ∧ ¬d ∧ ¬e
structure of the sufficient presence condition for the bug
pattern frequency in our bug collection
In Linux commit 60e233a5660 function
add_uevent_var with HOTPLUG disabled overflows a
buffer
Originally we spinned this for testing and sampling
Second thought: isn’t this a symptom of forgetting
to “mentally” enable/disable a feature?
Iago Abal. Claus Brabrand. Andrzej W ˛asowski.
42 variability bugs in the Linux kernel: A qualitative analysis. ASE 2014 + a journal submission c Andrzej W ˛asowski, IT University of Copenhagen 10
44. An interesting pattern with negative conditions
(a presence conditions for a bug to trigger)
49 some-enabled
21 a
21 a ∧ b
6 a ∧ b ∧ c
1 a ∧ b ∧ c ∧ d ∧ e
45 some-enabled-one-disabled
20 ¬a
20 a ∧ ¬b incl.: (a ∨ a ) ∧ ¬b
4 a ∧ b ∧ ¬c
1 a ∧ b ∧ c ∧ d ∧ ¬e
4 other configurations
1 ¬a ∧ ¬b
1 a ∧ ¬b ∧ ¬c
2 a ∧ ¬b ∧ ¬c ∧ ¬d ∧ ¬e
structure of the sufficient presence condition for the bug
pattern frequency in our bug collection
In Linux commit 60e233a5660 function
add_uevent_var with HOTPLUG disabled overflows a
buffer
Originally we spinned this for testing and sampling
Second thought: isn’t this a symptom of forgetting
to “mentally” enable/disable a feature?
The kernel developer: you hardly can think of more
than 5 involved configs (features) when coding,
debugging or profiling.
Iago Abal. Claus Brabrand. Andrzej W ˛asowski.
42 variability bugs in the Linux kernel: A qualitative analysis. ASE 2014 + a journal submission c Andrzej W ˛asowski, IT University of Copenhagen 10
46. This program contains a
simple coding bug
How would you debug it?
Where is the bug?
What configurations
contain the bug?
import java.util.Random;
public class Http {
String subject = null;
int totalLength = 600;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
public void sendHeaders(int responseNum) {
int buf = 0;
buf = totalLength - responseNum;
subject = "response header";
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = new Random().nextBoolean();
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
c Andrzej W ˛asowski, IT University of Copenhagen 12
47. Controlled Experiment I
How does the degree of variability affect ...
... the time of bug finding?
... the accuracy of bug finding?
RQs
Jean Melo. Claus Brabrand. Andrzej W ˛asowski.
How does the degree of variability affect bug finding? ICSE 2016 c Andrzej W ˛asowski, IT University of Copenhagen 13
48. Controlled Experiment I
How does the degree of variability affect ...
... the time of bug finding?
... the accuracy of bug finding?
RQs public class Netpoll {
boolean UNK_FALSE = true;
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
if (UNK_FALSE)
type = false;
if (type){
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
NO (|F| = 0)
P1
Jean Melo. Claus Brabrand. Andrzej W ˛asowski.
How does the degree of variability affect bug finding? ICSE 2016 c Andrzej W ˛asowski, IT University of Copenhagen 13
49. Controlled Experiment I
How does the degree of variability affect ...
... the time of bug finding?
... the accuracy of bug finding?
RQs public class Netpoll {
boolean UNK_FALSE = true;
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
if (UNK_FALSE)
type = false;
if (type){
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
NO (|F| = 0)
P1
public class Netpoll {
boolean UNK_FALSE = false;
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
if(UNK_FALSE)
type = false;
if (type) {
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
LO (|F| = 1)
Jean Melo. Claus Brabrand. Andrzej W ˛asowski.
How does the degree of variability affect bug finding? ICSE 2016 c Andrzej W ˛asowski, IT University of Copenhagen 13
50. Controlled Experiment I
How does the degree of variability affect ...
... the time of bug finding?
... the accuracy of bug finding?
RQs public class Netpoll {
boolean UNK_FALSE = true;
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
if (UNK_FALSE)
type = false;
if (type){
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
NO (|F| = 0)
P1
public class Netpoll {
boolean UNK_FALSE = false;
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
if(UNK_FALSE)
type = false;
if (type) {
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
LO (|F| = 1)
public class Netpoll {
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
type = false;
if (type) {
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
HI (|F| = 3)
Jean Melo. Claus Brabrand. Andrzej W ˛asowski.
How does the degree of variability affect bug finding? ICSE 2016 c Andrzej W ˛asowski, IT University of Copenhagen 13
51. Controlled Experiment I
How does the degree of variability affect ...
... the time of bug finding?
... the accuracy of bug finding?
RQs public class Netpoll {
boolean UNK_FALSE = true;
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
if (UNK_FALSE)
type = false;
if (type){
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
NO (|F| = 0)
P1
public class Netpoll {
boolean UNK_FALSE = false;
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
if(UNK_FALSE)
type = false;
if (type) {
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
LO (|F| = 1)
public class Netpoll {
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
type = false;
if (type) {
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
HI (|F| = 3)
public class Http {
String subject = null;
int totalLength = 600;
boolean LARGE_FORMAT = false;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
private void sendHeaders(int responseNum) {
int buf = 0;
if (LARGE_FORMAT) {
buf = totalLength - responseNum;
subject = "Response";
}
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = false;
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
P2
Jean Melo. Claus Brabrand. Andrzej W ˛asowski.
How does the degree of variability affect bug finding? ICSE 2016 c Andrzej W ˛asowski, IT University of Copenhagen 13
52. Controlled Experiment I
How does the degree of variability affect ...
... the time of bug finding?
... the accuracy of bug finding?
RQs public class Netpoll {
boolean UNK_FALSE = true;
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
if (UNK_FALSE)
type = false;
if (type){
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
NO (|F| = 0)
P1
public class Netpoll {
boolean UNK_FALSE = false;
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
if(UNK_FALSE)
type = false;
if (type) {
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
LO (|F| = 1)
public class Netpoll {
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
type = false;
if (type) {
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
HI (|F| = 3)
public class Http {
String subject = null;
int totalLength = 600;
boolean LARGE_FORMAT = false;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
private void sendHeaders(int responseNum) {
int buf = 0;
if (LARGE_FORMAT) {
buf = totalLength - responseNum;
subject = "Response";
}
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = false;
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
P2
import java.util.Random;
public class Http {
String subject = null;
int totalLength = 600;
boolean LARGE_FORMAT = false;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
private void sendHeaders(int responseNum) {
int buf = 0;
if (LARGE_FORMAT) {
buf = totalLength - responseNum;
subject = "Response";
}
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = new
Random().nextBoolean();
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
Jean Melo. Claus Brabrand. Andrzej W ˛asowski.
How does the degree of variability affect bug finding? ICSE 2016 c Andrzej W ˛asowski, IT University of Copenhagen 13
53. Controlled Experiment I
How does the degree of variability affect ...
... the time of bug finding?
... the accuracy of bug finding?
RQs public class Netpoll {
boolean UNK_FALSE = true;
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
if (UNK_FALSE)
type = false;
if (type){
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
NO (|F| = 0)
P1
public class Netpoll {
boolean UNK_FALSE = false;
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
if(UNK_FALSE)
type = false;
if (type) {
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
LO (|F| = 1)
public class Netpoll {
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
type = false;
if (type) {
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
HI (|F| = 3)
public class Http {
String subject = null;
int totalLength = 600;
boolean LARGE_FORMAT = false;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
private void sendHeaders(int responseNum) {
int buf = 0;
if (LARGE_FORMAT) {
buf = totalLength - responseNum;
subject = "Response";
}
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = false;
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
P2
import java.util.Random;
public class Http {
String subject = null;
int totalLength = 600;
boolean LARGE_FORMAT = false;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
private void sendHeaders(int responseNum) {
int buf = 0;
if (LARGE_FORMAT) {
buf = totalLength - responseNum;
subject = "Response";
}
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = new
Random().nextBoolean();
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
import java.util.Random;
public class Http {
String subject = null;
int totalLength = 600;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
public void sendHeaders(int responseNum) {
int buf = 0;
buf = totalLength - responseNum;
subject = "response header";
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = new
Random().nextBoolean();
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
Jean Melo. Claus Brabrand. Andrzej W ˛asowski.
How does the degree of variability affect bug finding? ICSE 2016 c Andrzej W ˛asowski, IT University of Copenhagen 13
54. Controlled Experiment I
How does the degree of variability affect ...
... the time of bug finding?
... the accuracy of bug finding?
RQs public class Netpoll {
boolean UNK_FALSE = true;
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
if (UNK_FALSE)
type = false;
if (type){
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
NO (|F| = 0)
P1
public class Netpoll {
boolean UNK_FALSE = false;
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
if(UNK_FALSE)
type = false;
if (type) {
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
LO (|F| = 1)
public class Netpoll {
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
type = false;
if (type) {
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
HI (|F| = 3)
public class Http {
String subject = null;
int totalLength = 600;
boolean LARGE_FORMAT = false;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
private void sendHeaders(int responseNum) {
int buf = 0;
if (LARGE_FORMAT) {
buf = totalLength - responseNum;
subject = "Response";
}
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = false;
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
P2
import java.util.Random;
public class Http {
String subject = null;
int totalLength = 600;
boolean LARGE_FORMAT = false;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
private void sendHeaders(int responseNum) {
int buf = 0;
if (LARGE_FORMAT) {
buf = totalLength - responseNum;
subject = "Response";
}
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = new
Random().nextBoolean();
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
import java.util.Random;
public class Http {
String subject = null;
int totalLength = 600;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
public void sendHeaders(int responseNum) {
int buf = 0;
buf = totalLength - responseNum;
subject = "response header";
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = new
Random().nextBoolean();
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
public class GameScreen {
private int totalScore = 0;
private int penalty;
private final int TIME_BONUS = 2;
private final int PERFECT_CURVE = 4;
private final int PERFECT_STRAIGHT = 1;
private void setScore(int score) {
if(score >= 0) {
totalScore = score;
} else {
totalScore = 0;
}
}
private void setPenalty(int penalty) {
this.penalty = penalty;
}
private void gc_computeLevelScore() {
assert totalScore == 0;
totalScore = PERFECT_CURVE + PERFECT_STRAIGHT;
totalScore += TIME_BONUS;
totalScore -= penalty;
assert totalScore != 0;
setScore(totalScore);
assert totalScore < 0;
}
public static void main(String[] args) {
GameScreen game = new GameScreen();
game.setPenalty(10);
game.gc_computeLevelScore();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
P3
Jean Melo. Claus Brabrand. Andrzej W ˛asowski.
How does the degree of variability affect bug finding? ICSE 2016 c Andrzej W ˛asowski, IT University of Copenhagen 13
55. Controlled Experiment I
How does the degree of variability affect ...
... the time of bug finding?
... the accuracy of bug finding?
RQs public class Netpoll {
boolean UNK_FALSE = true;
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
if (UNK_FALSE)
type = false;
if (type){
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
NO (|F| = 0)
P1
public class Netpoll {
boolean UNK_FALSE = false;
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
if(UNK_FALSE)
type = false;
if (type) {
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
LO (|F| = 1)
public class Netpoll {
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
type = false;
if (type) {
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
HI (|F| = 3)
public class Http {
String subject = null;
int totalLength = 600;
boolean LARGE_FORMAT = false;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
private void sendHeaders(int responseNum) {
int buf = 0;
if (LARGE_FORMAT) {
buf = totalLength - responseNum;
subject = "Response";
}
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = false;
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
P2
import java.util.Random;
public class Http {
String subject = null;
int totalLength = 600;
boolean LARGE_FORMAT = false;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
private void sendHeaders(int responseNum) {
int buf = 0;
if (LARGE_FORMAT) {
buf = totalLength - responseNum;
subject = "Response";
}
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = new
Random().nextBoolean();
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
import java.util.Random;
public class Http {
String subject = null;
int totalLength = 600;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
public void sendHeaders(int responseNum) {
int buf = 0;
buf = totalLength - responseNum;
subject = "response header";
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = new
Random().nextBoolean();
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
public class GameScreen {
private int totalScore = 0;
private int penalty;
private final int TIME_BONUS = 2;
private final int PERFECT_CURVE = 4;
private final int PERFECT_STRAIGHT = 1;
private void setScore(int score) {
if(score >= 0) {
totalScore = score;
} else {
totalScore = 0;
}
}
private void setPenalty(int penalty) {
this.penalty = penalty;
}
private void gc_computeLevelScore() {
assert totalScore == 0;
totalScore = PERFECT_CURVE + PERFECT_STRAIGHT;
totalScore += TIME_BONUS;
totalScore -= penalty;
assert totalScore != 0;
setScore(totalScore);
assert totalScore < 0;
}
public static void main(String[] args) {
GameScreen game = new GameScreen();
game.setPenalty(10);
game.gc_computeLevelScore();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
P3
public class GameScreen {
private int totalScore = 0;
private int penalty;
private final int TIME_BONUS = 2;
private final int PERFECT_CURVE = 4;
private final int PERFECT_STRAIGHT = 1;
private void setScore(int score) {
if(score >= 0) {
totalScore = score;
} else {
totalScore = 0;
}
}
private void setPenalty(int penalty) {
this.penalty = penalty;
}
private void gc_computeLevelScore() {
assert totalScore == 0;
totalScore = PERFECT_CURVE + PERFECT_STRAIGHT;
totalScore += TIME_BONUS;
totalScore -= penalty;
assert totalScore < 0;
setScore(totalScore);
assert totalScore < 0;
}
public static void main(String[] args) {
GameScreen game = new GameScreen();
game.setPenalty(10);
game.gc_computeLevelScore();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
Jean Melo. Claus Brabrand. Andrzej W ˛asowski.
How does the degree of variability affect bug finding? ICSE 2016 c Andrzej W ˛asowski, IT University of Copenhagen 13
56. Controlled Experiment I
How does the degree of variability affect ...
... the time of bug finding?
... the accuracy of bug finding?
RQs public class Netpoll {
boolean UNK_FALSE = true;
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
if (UNK_FALSE)
type = false;
if (type){
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
NO (|F| = 0)
P1
public class Netpoll {
boolean UNK_FALSE = false;
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
if(UNK_FALSE)
type = false;
if (type) {
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
LO (|F| = 1)
public class Netpoll {
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
type = false;
if (type) {
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
HI (|F| = 3)
public class Http {
String subject = null;
int totalLength = 600;
boolean LARGE_FORMAT = false;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
private void sendHeaders(int responseNum) {
int buf = 0;
if (LARGE_FORMAT) {
buf = totalLength - responseNum;
subject = "Response";
}
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = false;
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
P2
import java.util.Random;
public class Http {
String subject = null;
int totalLength = 600;
boolean LARGE_FORMAT = false;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
private void sendHeaders(int responseNum) {
int buf = 0;
if (LARGE_FORMAT) {
buf = totalLength - responseNum;
subject = "Response";
}
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = new
Random().nextBoolean();
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
import java.util.Random;
public class Http {
String subject = null;
int totalLength = 600;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
public void sendHeaders(int responseNum) {
int buf = 0;
buf = totalLength - responseNum;
subject = "response header";
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = new
Random().nextBoolean();
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
public class GameScreen {
private int totalScore = 0;
private int penalty;
private final int TIME_BONUS = 2;
private final int PERFECT_CURVE = 4;
private final int PERFECT_STRAIGHT = 1;
private void setScore(int score) {
if(score >= 0) {
totalScore = score;
} else {
totalScore = 0;
}
}
private void setPenalty(int penalty) {
this.penalty = penalty;
}
private void gc_computeLevelScore() {
assert totalScore == 0;
totalScore = PERFECT_CURVE + PERFECT_STRAIGHT;
totalScore += TIME_BONUS;
totalScore -= penalty;
assert totalScore != 0;
setScore(totalScore);
assert totalScore < 0;
}
public static void main(String[] args) {
GameScreen game = new GameScreen();
game.setPenalty(10);
game.gc_computeLevelScore();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
P3
public class GameScreen {
private int totalScore = 0;
private int penalty;
private final int TIME_BONUS = 2;
private final int PERFECT_CURVE = 4;
private final int PERFECT_STRAIGHT = 1;
private void setScore(int score) {
if(score >= 0) {
totalScore = score;
} else {
totalScore = 0;
}
}
private void setPenalty(int penalty) {
this.penalty = penalty;
}
private void gc_computeLevelScore() {
assert totalScore == 0;
totalScore = PERFECT_CURVE + PERFECT_STRAIGHT;
totalScore += TIME_BONUS;
totalScore -= penalty;
assert totalScore < 0;
setScore(totalScore);
assert totalScore < 0;
}
public static void main(String[] args) {
GameScreen game = new GameScreen();
game.setPenalty(10);
game.gc_computeLevelScore();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
public class GameScreen {
private int totalScore = 0;
private int penalty;
private final int TIME_BONUS = 2;
private final int PERFECT_CURVE = 4;
private final int PERFECT_STRAIGHT = 1;
private void setScore(int score) {
if(score >= 0) {
totalScore = score;
} else {
totalScore = 0;
}
}
private void setPenalty(int penalty) {
this.penalty = penalty;
}
private void gc_computeLevelScore() {
assert totalScore == 0;
totalScore = PERFECT_CURVE + PERFECT_STRAIGHT;
totalScore += TIME_BONUS;
totalScore -= penalty;
assert totalScore < 0;
setScore(totalScore);
assert totalScore < 0;
}
public static void main(String[] args) {
GameScreen game = new GameScreen();
game.setPenalty(10);
game.gc_computeLevelScore();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
Jean Melo. Claus Brabrand. Andrzej W ˛asowski.
How does the degree of variability affect bug finding? ICSE 2016 c Andrzej W ˛asowski, IT University of Copenhagen 13
57. Controlled Experiment I
How does the degree of variability affect ...
... the time of bug finding?
... the accuracy of bug finding?
RQs public class Netpoll {
boolean UNK_FALSE = true;
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
if (UNK_FALSE)
type = false;
if (type){
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
NO (|F| = 0)
P1
public class Netpoll {
boolean UNK_FALSE = false;
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
if(UNK_FALSE)
type = false;
if (type) {
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
LO (|F| = 1)
public class Netpoll {
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
type = false;
if (type) {
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
HI (|F| = 3)
public class Http {
String subject = null;
int totalLength = 600;
boolean LARGE_FORMAT = false;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
private void sendHeaders(int responseNum) {
int buf = 0;
if (LARGE_FORMAT) {
buf = totalLength - responseNum;
subject = "Response";
}
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = false;
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
P2
import java.util.Random;
public class Http {
String subject = null;
int totalLength = 600;
boolean LARGE_FORMAT = false;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
private void sendHeaders(int responseNum) {
int buf = 0;
if (LARGE_FORMAT) {
buf = totalLength - responseNum;
subject = "Response";
}
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = new
Random().nextBoolean();
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
import java.util.Random;
public class Http {
String subject = null;
int totalLength = 600;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
public void sendHeaders(int responseNum) {
int buf = 0;
buf = totalLength - responseNum;
subject = "response header";
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = new
Random().nextBoolean();
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
public class GameScreen {
private int totalScore = 0;
private int penalty;
private final int TIME_BONUS = 2;
private final int PERFECT_CURVE = 4;
private final int PERFECT_STRAIGHT = 1;
private void setScore(int score) {
if(score >= 0) {
totalScore = score;
} else {
totalScore = 0;
}
}
private void setPenalty(int penalty) {
this.penalty = penalty;
}
private void gc_computeLevelScore() {
assert totalScore == 0;
totalScore = PERFECT_CURVE + PERFECT_STRAIGHT;
totalScore += TIME_BONUS;
totalScore -= penalty;
assert totalScore != 0;
setScore(totalScore);
assert totalScore < 0;
}
public static void main(String[] args) {
GameScreen game = new GameScreen();
game.setPenalty(10);
game.gc_computeLevelScore();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
P3
public class GameScreen {
private int totalScore = 0;
private int penalty;
private final int TIME_BONUS = 2;
private final int PERFECT_CURVE = 4;
private final int PERFECT_STRAIGHT = 1;
private void setScore(int score) {
if(score >= 0) {
totalScore = score;
} else {
totalScore = 0;
}
}
private void setPenalty(int penalty) {
this.penalty = penalty;
}
private void gc_computeLevelScore() {
assert totalScore == 0;
totalScore = PERFECT_CURVE + PERFECT_STRAIGHT;
totalScore += TIME_BONUS;
totalScore -= penalty;
assert totalScore < 0;
setScore(totalScore);
assert totalScore < 0;
}
public static void main(String[] args) {
GameScreen game = new GameScreen();
game.setPenalty(10);
game.gc_computeLevelScore();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
public class GameScreen {
private int totalScore = 0;
private int penalty;
private final int TIME_BONUS = 2;
private final int PERFECT_CURVE = 4;
private final int PERFECT_STRAIGHT = 1;
private void setScore(int score) {
if(score >= 0) {
totalScore = score;
} else {
totalScore = 0;
}
}
private void setPenalty(int penalty) {
this.penalty = penalty;
}
private void gc_computeLevelScore() {
assert totalScore == 0;
totalScore = PERFECT_CURVE + PERFECT_STRAIGHT;
totalScore += TIME_BONUS;
totalScore -= penalty;
assert totalScore < 0;
setScore(totalScore);
assert totalScore < 0;
}
public static void main(String[] args) {
GameScreen game = new GameScreen();
game.setPenalty(10);
game.gc_computeLevelScore();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
Cross-over Design
Jean Melo. Claus Brabrand. Andrzej W ˛asowski.
How does the degree of variability affect bug finding? ICSE 2016 c Andrzej W ˛asowski, IT University of Copenhagen 13
58. Controlled Experiment I
How does the degree of variability affect ...
... the time of bug finding?
... the accuracy of bug finding?
RQs public class Netpoll {
boolean UNK_FALSE = true;
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
if (UNK_FALSE)
type = false;
if (type){
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
NO (|F| = 0)
P1
public class Netpoll {
boolean UNK_FALSE = false;
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
if(UNK_FALSE)
type = false;
if (type) {
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
LO (|F| = 1)
public class Netpoll {
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
type = false;
if (type) {
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
HI (|F| = 3)
public class Http {
String subject = null;
int totalLength = 600;
boolean LARGE_FORMAT = false;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
private void sendHeaders(int responseNum) {
int buf = 0;
if (LARGE_FORMAT) {
buf = totalLength - responseNum;
subject = "Response";
}
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = false;
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
P2
import java.util.Random;
public class Http {
String subject = null;
int totalLength = 600;
boolean LARGE_FORMAT = false;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
private void sendHeaders(int responseNum) {
int buf = 0;
if (LARGE_FORMAT) {
buf = totalLength - responseNum;
subject = "Response";
}
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = new
Random().nextBoolean();
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
import java.util.Random;
public class Http {
String subject = null;
int totalLength = 600;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
public void sendHeaders(int responseNum) {
int buf = 0;
buf = totalLength - responseNum;
subject = "response header";
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = new
Random().nextBoolean();
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
public class GameScreen {
private int totalScore = 0;
private int penalty;
private final int TIME_BONUS = 2;
private final int PERFECT_CURVE = 4;
private final int PERFECT_STRAIGHT = 1;
private void setScore(int score) {
if(score >= 0) {
totalScore = score;
} else {
totalScore = 0;
}
}
private void setPenalty(int penalty) {
this.penalty = penalty;
}
private void gc_computeLevelScore() {
assert totalScore == 0;
totalScore = PERFECT_CURVE + PERFECT_STRAIGHT;
totalScore += TIME_BONUS;
totalScore -= penalty;
assert totalScore != 0;
setScore(totalScore);
assert totalScore < 0;
}
public static void main(String[] args) {
GameScreen game = new GameScreen();
game.setPenalty(10);
game.gc_computeLevelScore();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
P3
public class GameScreen {
private int totalScore = 0;
private int penalty;
private final int TIME_BONUS = 2;
private final int PERFECT_CURVE = 4;
private final int PERFECT_STRAIGHT = 1;
private void setScore(int score) {
if(score >= 0) {
totalScore = score;
} else {
totalScore = 0;
}
}
private void setPenalty(int penalty) {
this.penalty = penalty;
}
private void gc_computeLevelScore() {
assert totalScore == 0;
totalScore = PERFECT_CURVE + PERFECT_STRAIGHT;
totalScore += TIME_BONUS;
totalScore -= penalty;
assert totalScore < 0;
setScore(totalScore);
assert totalScore < 0;
}
public static void main(String[] args) {
GameScreen game = new GameScreen();
game.setPenalty(10);
game.gc_computeLevelScore();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
public class GameScreen {
private int totalScore = 0;
private int penalty;
private final int TIME_BONUS = 2;
private final int PERFECT_CURVE = 4;
private final int PERFECT_STRAIGHT = 1;
private void setScore(int score) {
if(score >= 0) {
totalScore = score;
} else {
totalScore = 0;
}
}
private void setPenalty(int penalty) {
this.penalty = penalty;
}
private void gc_computeLevelScore() {
assert totalScore == 0;
totalScore = PERFECT_CURVE + PERFECT_STRAIGHT;
totalScore += TIME_BONUS;
totalScore -= penalty;
assert totalScore < 0;
setScore(totalScore);
assert totalScore < 0;
}
public static void main(String[] args) {
GameScreen game = new GameScreen();
game.setPenalty(10);
game.gc_computeLevelScore();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
Programs: 3 programs from 3 systems
Linux, open source, 12MLOC/13K features
Busy Box, open source, 204KLOC/600 features
Best Lap, Commercial game, 15 KLOC
Cross-over Design
Jean Melo. Claus Brabrand. Andrzej W ˛asowski.
How does the degree of variability affect bug finding? ICSE 2016 c Andrzej W ˛asowski, IT University of Copenhagen 13
59. Controlled Experiment I
How does the degree of variability affect ...
... the time of bug finding?
... the accuracy of bug finding?
RQs public class Netpoll {
boolean UNK_FALSE = true;
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
if (UNK_FALSE)
type = false;
if (type){
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
NO (|F| = 0)
P1
public class Netpoll {
boolean UNK_FALSE = false;
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
if(UNK_FALSE)
type = false;
if (type) {
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
LO (|F| = 1)
public class Netpoll {
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
type = false;
if (type) {
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
HI (|F| = 3)
public class Http {
String subject = null;
int totalLength = 600;
boolean LARGE_FORMAT = false;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
private void sendHeaders(int responseNum) {
int buf = 0;
if (LARGE_FORMAT) {
buf = totalLength - responseNum;
subject = "Response";
}
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = false;
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
P2
import java.util.Random;
public class Http {
String subject = null;
int totalLength = 600;
boolean LARGE_FORMAT = false;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
private void sendHeaders(int responseNum) {
int buf = 0;
if (LARGE_FORMAT) {
buf = totalLength - responseNum;
subject = "Response";
}
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = new
Random().nextBoolean();
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
import java.util.Random;
public class Http {
String subject = null;
int totalLength = 600;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
public void sendHeaders(int responseNum) {
int buf = 0;
buf = totalLength - responseNum;
subject = "response header";
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = new
Random().nextBoolean();
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
public class GameScreen {
private int totalScore = 0;
private int penalty;
private final int TIME_BONUS = 2;
private final int PERFECT_CURVE = 4;
private final int PERFECT_STRAIGHT = 1;
private void setScore(int score) {
if(score >= 0) {
totalScore = score;
} else {
totalScore = 0;
}
}
private void setPenalty(int penalty) {
this.penalty = penalty;
}
private void gc_computeLevelScore() {
assert totalScore == 0;
totalScore = PERFECT_CURVE + PERFECT_STRAIGHT;
totalScore += TIME_BONUS;
totalScore -= penalty;
assert totalScore != 0;
setScore(totalScore);
assert totalScore < 0;
}
public static void main(String[] args) {
GameScreen game = new GameScreen();
game.setPenalty(10);
game.gc_computeLevelScore();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
P3
public class GameScreen {
private int totalScore = 0;
private int penalty;
private final int TIME_BONUS = 2;
private final int PERFECT_CURVE = 4;
private final int PERFECT_STRAIGHT = 1;
private void setScore(int score) {
if(score >= 0) {
totalScore = score;
} else {
totalScore = 0;
}
}
private void setPenalty(int penalty) {
this.penalty = penalty;
}
private void gc_computeLevelScore() {
assert totalScore == 0;
totalScore = PERFECT_CURVE + PERFECT_STRAIGHT;
totalScore += TIME_BONUS;
totalScore -= penalty;
assert totalScore < 0;
setScore(totalScore);
assert totalScore < 0;
}
public static void main(String[] args) {
GameScreen game = new GameScreen();
game.setPenalty(10);
game.gc_computeLevelScore();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
public class GameScreen {
private int totalScore = 0;
private int penalty;
private final int TIME_BONUS = 2;
private final int PERFECT_CURVE = 4;
private final int PERFECT_STRAIGHT = 1;
private void setScore(int score) {
if(score >= 0) {
totalScore = score;
} else {
totalScore = 0;
}
}
private void setPenalty(int penalty) {
this.penalty = penalty;
}
private void gc_computeLevelScore() {
assert totalScore == 0;
totalScore = PERFECT_CURVE + PERFECT_STRAIGHT;
totalScore += TIME_BONUS;
totalScore -= penalty;
assert totalScore < 0;
setScore(totalScore);
assert totalScore < 0;
}
public static void main(String[] args) {
GameScreen game = new GameScreen();
game.setPenalty(10);
game.gc_computeLevelScore();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
Programs: 3 programs from 3 systems
Linux, open source, 12MLOC/13K features
Busy Box, open source, 204KLOC/600 features
Best Lap, Commercial game, 15 KLOC
Subjects: N=69 [31×Msc+32×Phd+6×post-doc]
Cross-over Design
Jean Melo. Claus Brabrand. Andrzej W ˛asowski.
How does the degree of variability affect bug finding? ICSE 2016 c Andrzej W ˛asowski, IT University of Copenhagen 13
60. Controlled Experiment I
How does the degree of variability affect ...
... the time of bug finding?
... the accuracy of bug finding?
RQs public class Netpoll {
boolean UNK_FALSE = true;
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
if (UNK_FALSE)
type = false;
if (type){
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
NO (|F| = 0)
P1
public class Netpoll {
boolean UNK_FALSE = false;
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
if(UNK_FALSE)
type = false;
if (type) {
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
LO (|F| = 1)
public class Netpoll {
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
type = false;
if (type) {
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
HI (|F| = 3)
public class Http {
String subject = null;
int totalLength = 600;
boolean LARGE_FORMAT = false;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
private void sendHeaders(int responseNum) {
int buf = 0;
if (LARGE_FORMAT) {
buf = totalLength - responseNum;
subject = "Response";
}
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = false;
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
P2
import java.util.Random;
public class Http {
String subject = null;
int totalLength = 600;
boolean LARGE_FORMAT = false;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
private void sendHeaders(int responseNum) {
int buf = 0;
if (LARGE_FORMAT) {
buf = totalLength - responseNum;
subject = "Response";
}
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = new
Random().nextBoolean();
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
import java.util.Random;
public class Http {
String subject = null;
int totalLength = 600;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
public void sendHeaders(int responseNum) {
int buf = 0;
buf = totalLength - responseNum;
subject = "response header";
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = new
Random().nextBoolean();
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
public class GameScreen {
private int totalScore = 0;
private int penalty;
private final int TIME_BONUS = 2;
private final int PERFECT_CURVE = 4;
private final int PERFECT_STRAIGHT = 1;
private void setScore(int score) {
if(score >= 0) {
totalScore = score;
} else {
totalScore = 0;
}
}
private void setPenalty(int penalty) {
this.penalty = penalty;
}
private void gc_computeLevelScore() {
assert totalScore == 0;
totalScore = PERFECT_CURVE + PERFECT_STRAIGHT;
totalScore += TIME_BONUS;
totalScore -= penalty;
assert totalScore != 0;
setScore(totalScore);
assert totalScore < 0;
}
public static void main(String[] args) {
GameScreen game = new GameScreen();
game.setPenalty(10);
game.gc_computeLevelScore();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
P3
public class GameScreen {
private int totalScore = 0;
private int penalty;
private final int TIME_BONUS = 2;
private final int PERFECT_CURVE = 4;
private final int PERFECT_STRAIGHT = 1;
private void setScore(int score) {
if(score >= 0) {
totalScore = score;
} else {
totalScore = 0;
}
}
private void setPenalty(int penalty) {
this.penalty = penalty;
}
private void gc_computeLevelScore() {
assert totalScore == 0;
totalScore = PERFECT_CURVE + PERFECT_STRAIGHT;
totalScore += TIME_BONUS;
totalScore -= penalty;
assert totalScore < 0;
setScore(totalScore);
assert totalScore < 0;
}
public static void main(String[] args) {
GameScreen game = new GameScreen();
game.setPenalty(10);
game.gc_computeLevelScore();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
public class GameScreen {
private int totalScore = 0;
private int penalty;
private final int TIME_BONUS = 2;
private final int PERFECT_CURVE = 4;
private final int PERFECT_STRAIGHT = 1;
private void setScore(int score) {
if(score >= 0) {
totalScore = score;
} else {
totalScore = 0;
}
}
private void setPenalty(int penalty) {
this.penalty = penalty;
}
private void gc_computeLevelScore() {
assert totalScore == 0;
totalScore = PERFECT_CURVE + PERFECT_STRAIGHT;
totalScore += TIME_BONUS;
totalScore -= penalty;
assert totalScore < 0;
setScore(totalScore);
assert totalScore < 0;
}
public static void main(String[] args) {
GameScreen game = new GameScreen();
game.setPenalty(10);
game.gc_computeLevelScore();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
Programs: 3 programs from 3 systems
Linux, open source, 12MLOC/13K features
Busy Box, open source, 204KLOC/600 features
Best Lap, Commercial game, 15 KLOC
Subjects: N=69 [31×Msc+32×Phd+6×post-doc]
Task: find the bug
Cross-over Design
Jean Melo. Claus Brabrand. Andrzej W ˛asowski.
How does the degree of variability affect bug finding? ICSE 2016 c Andrzej W ˛asowski, IT University of Copenhagen 13
61. Controlled Experiment I
How does the degree of variability affect ...
... the time of bug finding?
... the accuracy of bug finding?
RQs public class Netpoll {
boolean UNK_FALSE = true;
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
if (UNK_FALSE)
type = false;
if (type){
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
NO (|F| = 0)
P1
public class Netpoll {
boolean UNK_FALSE = false;
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
if(UNK_FALSE)
type = false;
if (type) {
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
LO (|F| = 1)
public class Netpoll {
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
type = false;
if (type) {
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
HI (|F| = 3)
public class Http {
String subject = null;
int totalLength = 600;
boolean LARGE_FORMAT = false;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
private void sendHeaders(int responseNum) {
int buf = 0;
if (LARGE_FORMAT) {
buf = totalLength - responseNum;
subject = "Response";
}
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = false;
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
P2
import java.util.Random;
public class Http {
String subject = null;
int totalLength = 600;
boolean LARGE_FORMAT = false;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
private void sendHeaders(int responseNum) {
int buf = 0;
if (LARGE_FORMAT) {
buf = totalLength - responseNum;
subject = "Response";
}
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = new
Random().nextBoolean();
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
import java.util.Random;
public class Http {
String subject = null;
int totalLength = 600;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
public void sendHeaders(int responseNum) {
int buf = 0;
buf = totalLength - responseNum;
subject = "response header";
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = new
Random().nextBoolean();
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
public class GameScreen {
private int totalScore = 0;
private int penalty;
private final int TIME_BONUS = 2;
private final int PERFECT_CURVE = 4;
private final int PERFECT_STRAIGHT = 1;
private void setScore(int score) {
if(score >= 0) {
totalScore = score;
} else {
totalScore = 0;
}
}
private void setPenalty(int penalty) {
this.penalty = penalty;
}
private void gc_computeLevelScore() {
assert totalScore == 0;
totalScore = PERFECT_CURVE + PERFECT_STRAIGHT;
totalScore += TIME_BONUS;
totalScore -= penalty;
assert totalScore != 0;
setScore(totalScore);
assert totalScore < 0;
}
public static void main(String[] args) {
GameScreen game = new GameScreen();
game.setPenalty(10);
game.gc_computeLevelScore();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
P3
public class GameScreen {
private int totalScore = 0;
private int penalty;
private final int TIME_BONUS = 2;
private final int PERFECT_CURVE = 4;
private final int PERFECT_STRAIGHT = 1;
private void setScore(int score) {
if(score >= 0) {
totalScore = score;
} else {
totalScore = 0;
}
}
private void setPenalty(int penalty) {
this.penalty = penalty;
}
private void gc_computeLevelScore() {
assert totalScore == 0;
totalScore = PERFECT_CURVE + PERFECT_STRAIGHT;
totalScore += TIME_BONUS;
totalScore -= penalty;
assert totalScore < 0;
setScore(totalScore);
assert totalScore < 0;
}
public static void main(String[] args) {
GameScreen game = new GameScreen();
game.setPenalty(10);
game.gc_computeLevelScore();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
public class GameScreen {
private int totalScore = 0;
private int penalty;
private final int TIME_BONUS = 2;
private final int PERFECT_CURVE = 4;
private final int PERFECT_STRAIGHT = 1;
private void setScore(int score) {
if(score >= 0) {
totalScore = score;
} else {
totalScore = 0;
}
}
private void setPenalty(int penalty) {
this.penalty = penalty;
}
private void gc_computeLevelScore() {
assert totalScore == 0;
totalScore = PERFECT_CURVE + PERFECT_STRAIGHT;
totalScore += TIME_BONUS;
totalScore -= penalty;
assert totalScore < 0;
setScore(totalScore);
assert totalScore < 0;
}
public static void main(String[] args) {
GameScreen game = new GameScreen();
game.setPenalty(10);
game.gc_computeLevelScore();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
Programs: 3 programs from 3 systems
Linux, open source, 12MLOC/13K features
Busy Box, open source, 204KLOC/600 features
Best Lap, Commercial game, 15 KLOC
Subjects: N=69 [31×Msc+32×Phd+6×post-doc]
Task: find the bug
Metrics: time and accuracy
Cross-over Design
Jean Melo. Claus Brabrand. Andrzej W ˛asowski.
How does the degree of variability affect bug finding? ICSE 2016 c Andrzej W ˛asowski, IT University of Copenhagen 13
62. Controlled Experiment I
How does the degree of variability affect ...
... the time of bug finding?
... the accuracy of bug finding?
RQs public class Netpoll {
boolean UNK_FALSE = true;
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
if (UNK_FALSE)
type = false;
if (type){
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
NO (|F| = 0)
P1
public class Netpoll {
boolean UNK_FALSE = false;
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
if(UNK_FALSE)
type = false;
if (type) {
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
LO (|F| = 1)
public class Netpoll {
boolean IPV4_SUPPORT = true;
public String netpollSetup() {
String errMessage;
boolean type = true;
type = false;
if (type) {
errMessage = "Destination address required";
//...
return errMessage;
}
if (IPV4_SUPPORT)
return errMessage;
return "done";
}
public static void main(String[] args) {
Netpoll netpoll = new Netpoll();
netpoll.netpollSetup();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
HI (|F| = 3)
public class Http {
String subject = null;
int totalLength = 600;
boolean LARGE_FORMAT = false;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
private void sendHeaders(int responseNum) {
int buf = 0;
if (LARGE_FORMAT) {
buf = totalLength - responseNum;
subject = "Response";
}
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = false;
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
P2
import java.util.Random;
public class Http {
String subject = null;
int totalLength = 600;
boolean LARGE_FORMAT = false;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
private void sendHeaders(int responseNum) {
int buf = 0;
if (LARGE_FORMAT) {
buf = totalLength - responseNum;
subject = "Response";
}
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = new
Random().nextBoolean();
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
import java.util.Random;
public class Http {
String subject = null;
int totalLength = 600;
final int HTTP_UNAUTHORIZED = 401;
final int HTTP_NOT_IMPLEMENTED = 501;
String REQUEST_GET = "GET";
public void sendHeaders(int responseNum) {
int buf = 0;
buf = totalLength - responseNum;
subject = "response header";
if (subject.isEmpty())
subject = "Void response";
System.out.println("Done");
}
private void handleIncoming(String requestType) {
boolean http_unauthorized = new
Random().nextBoolean();
if (http_unauthorized)
sendHeaders(HTTP_UNAUTHORIZED);
if (!requestType.equals(REQUEST_GET))
sendHeaders(HTTP_NOT_IMPLEMENTED);
}
public static void main(String[] args) {
Http http = new Http();
http.handleIncoming("POST");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
public class GameScreen {
private int totalScore = 0;
private int penalty;
private final int TIME_BONUS = 2;
private final int PERFECT_CURVE = 4;
private final int PERFECT_STRAIGHT = 1;
private void setScore(int score) {
if(score >= 0) {
totalScore = score;
} else {
totalScore = 0;
}
}
private void setPenalty(int penalty) {
this.penalty = penalty;
}
private void gc_computeLevelScore() {
assert totalScore == 0;
totalScore = PERFECT_CURVE + PERFECT_STRAIGHT;
totalScore += TIME_BONUS;
totalScore -= penalty;
assert totalScore != 0;
setScore(totalScore);
assert totalScore < 0;
}
public static void main(String[] args) {
GameScreen game = new GameScreen();
game.setPenalty(10);
game.gc_computeLevelScore();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
P3
public class GameScreen {
private int totalScore = 0;
private int penalty;
private final int TIME_BONUS = 2;
private final int PERFECT_CURVE = 4;
private final int PERFECT_STRAIGHT = 1;
private void setScore(int score) {
if(score >= 0) {
totalScore = score;
} else {
totalScore = 0;
}
}
private void setPenalty(int penalty) {
this.penalty = penalty;
}
private void gc_computeLevelScore() {
assert totalScore == 0;
totalScore = PERFECT_CURVE + PERFECT_STRAIGHT;
totalScore += TIME_BONUS;
totalScore -= penalty;
assert totalScore < 0;
setScore(totalScore);
assert totalScore < 0;
}
public static void main(String[] args) {
GameScreen game = new GameScreen();
game.setPenalty(10);
game.gc_computeLevelScore();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
public class GameScreen {
private int totalScore = 0;
private int penalty;
private final int TIME_BONUS = 2;
private final int PERFECT_CURVE = 4;
private final int PERFECT_STRAIGHT = 1;
private void setScore(int score) {
if(score >= 0) {
totalScore = score;
} else {
totalScore = 0;
}
}
private void setPenalty(int penalty) {
this.penalty = penalty;
}
private void gc_computeLevelScore() {
assert totalScore == 0;
totalScore = PERFECT_CURVE + PERFECT_STRAIGHT;
totalScore += TIME_BONUS;
totalScore -= penalty;
assert totalScore < 0;
setScore(totalScore);
assert totalScore < 0;
}
public static void main(String[] args) {
GameScreen game = new GameScreen();
game.setPenalty(10);
game.gc_computeLevelScore();
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
Programs: 3 programs from 3 systems
Linux, open source, 12MLOC/13K features
Busy Box, open source, 204KLOC/600 features
Best Lap, Commercial game, 15 KLOC
Subjects: N=69 [31×Msc+32×Phd+6×post-doc]
Task: find the bug
Metrics: time and accuracy
Small, fit on screen—no scrolling (25-35 LOC)
Cross-over Design
Jean Melo. Claus Brabrand. Andrzej W ˛asowski.
How does the degree of variability affect bug finding? ICSE 2016 c Andrzej W ˛asowski, IT University of Copenhagen 13