Static Value Analysis of Python Programs by Abstract Interpretation

We propose a static analysis by abstract interpretation for a significant subset of Python to infer variable values, run-time errors, and uncaught exceptions. Python is a high-level language with dynamic typing, a class-based object system, complex control structures such as generators, and a large library of builtin objects. This makes static reasoning on Python programs challenging. The control flow is highly dependent on the type of values, which we thus infer accurately.

[1]  Antoine Mid The Octagon Abstract Domain , 2001 .

[2]  Simon Holm Jensen,et al.  Remedying the eval that men do , 2012, ISSTA 2012.

[3]  Hakjoo Oh,et al.  Design and implementation of sparse global analyses for C-like languages , 2012, PLDI.

[4]  Arthur Charguéraud,et al.  A trusted mechanised JavaScript specification , 2014, POPL.

[5]  Fausto Spoto,et al.  Julia: A Generic Static Analyser for the Java Bytecode , 2005 .

[6]  Peter J. Stuckey,et al.  Combining String Abstract Domains for JavaScript Analysis: An Evaluation , 2017, TACAS.

[7]  Peter Thiemann,et al.  Type Analysis for JavaScript , 2009, SAS.

[8]  Howard J. Hamilton,et al.  A Semantics of Python in Isabelle/HOL , 2008 .

[9]  Shriram Krishnamurthi,et al.  The Essence of JavaScript , 2010, ECOOP.

[10]  Thomas W. Reps,et al.  Recency-Abstraction for Heap-Allocated Storage , 2006, SAS.

[11]  Ben Hardekopf,et al.  JSAI: a static analysis platform for JavaScript , 2014, SIGSOFT FSE.

[12]  Antoine Miné,et al.  The octagon abstract domain , 2001, High. Order Symb. Comput..

[13]  Patrick Cousot,et al.  Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints , 1977, POPL.

[14]  Dwight Guth,et al.  A formal semantics of Python 3.3 , 2013 .

[15]  Patrick Cousot,et al.  Static Analysis and Verification of Aerospace Software by Abstract Interpretation , 2010, Found. Trends Program. Lang..

[16]  Nicolas Halbwachs,et al.  Automatic discovery of linear restraints among variables of a program , 1978, POPL.

[17]  Ondrej Lhoták,et al.  Pick your contexts well: understanding object-sensitivity , 2011, POPL '11.

[18]  Davide Ancona,et al.  RPython: a step towards reconciling dynamically and statically typed OO languages , 2007, DLS '07.

[19]  Tobias Wrigstad,et al.  Tracing dynamic features in python programs , 2014, MSR 2014.

[20]  A Pnueli,et al.  Two Approaches to Interprocedural Data Flow Analysis , 2018 .

[21]  Esben Andreasen,et al.  String Analysis for Dynamic Field Access , 2014, CC.