Devirtualization-based Python static analysis

A. L. Galustov^a, K. I. Vihliancev^ab, A. E. Borodin^a, A. A. Belevancev<sup>ac

a</sup> Ivannikov Institute for System Programming of the RAS
^b Moscow Institute of Physics and Technology (State University)
^c Lomonosov Moscow State University, Faculty of Computational Mathematics and Cybernetics

Abstract: In this paper we present an approach to static analysis of Python programs based on a low-level intermediate representation and devirtualization to provide interprocedural and intermodule analysis. This approach can be used to analyze Python programs without type annotations and find complex defects inaccessible to traditional AST-based analysis tools. Using CPython bytecode as a base, the representation suitable to static analysis is constructed and call resolution is performed via an interprocedural devirtualization algorithm. We implemented the proposed approach in a static analyzer for finding errors in C, C++, Java, and Go programs and achieved good results on open-source projects with minimal modifications to existing detectors. The detectors that are relevant to Python had a true positive rate from 60% up to 96%. This demonstrates that our approach allows to apply techniques used for analysis of statically typed languages to Python.

Keywords: static analysis, Python, devirtualization

Language: English

DOI: 10.15514/ISPRAS-2025-37(6)-39