Python is a widely used programming language that powers important application domains such as machine learning, data analysis, and web applications. For many programs in these domains it is consequential to analyze aspects like security and performance, and with Python’s dynamic nature, it is crucial to be able to dynamically analyze Python programs. However, existing tools and frameworks
do not provide the means to implement dynamic analyses easily and practitioners resort to implementing an ad-hoc dynamic analysis for their own use case. This work presents DynaPyt, the first general-purpose framework for heavy-weight dynamic analysis of Python programs. Compared to existing tools for other programming languages, our framework provides a wider range of analysis hooks arranged in a hierarchical structure, which allows developers to concisely implement analyses. DynaPyt features selective instrumentation and execution modification as well. We evaluate our framework on test suites of 9 popular open-source Python projects, 1,268,545 lines of code in total, and show that it, by and large, preserves the semantics of the original execution. The running time of DynaPyt is between 1.2x and 16x times the original execution time, which is in line with similar frameworks designed for other languages, and 5.6%–88.6% faster than analyses using a built-in tracing API offered by Python. We also implement multiple analyses, show the simplicity of implementing them and some potential use cases of DynaPyt. Among the analyses implemented are: an analysis to detect a memory blow up in Pytorch programs, a taint analysis to detect SQL injections, and an analysis to warn about a runtime performance anti-pattern.
Wed 16 NovDisplayed time zone: Beijing, Chongqing, Hong Kong, Urumqi change
11:00 - 12:30 | Program Analysis IIResearch Papers / Demonstrations / Ideas, Visions and Reflections at SRC LT 50 Chair(s): Marsha Chechik University of Toronto | ||
11:00 15mTalk | NeuDep: Neural Binary Memory Dependence Analysis Research Papers Kexin Pei Columbia University, Dongdong She Columbia University, Michael Wang Massachusetts Institute of Technology, Scott Geng Columbia University, Zhou Xuan Purdue University, Yaniv David Columbia University, Junfeng Yang Columbia University, Suman Jana Columbia University, Baishakhi Ray Columbia University DOI | ||
11:15 15mTalk | DynaPyt: A Dynamic Analysis Framework for Python Research Papers DOI Pre-print | ||
11:30 15mTalk | Language-Agnostic Dynamic Analysis of Multilingual Code: Promises, Pitfalls, and Prospects Ideas, Visions and Reflections Haoran Yang Washington State University, Wen Li Washington State University, Haipeng Cai Washington State University DOI | ||
11:45 15mTalk | Cross-Language Android Permission Specification Research Papers Chaoran Li Swinburne University of Technology, Xiao Chen Monash University, Ruoxi Sun The University of Adelaide, Minhui (Jason) Xue University of Adelaide, Sheng Wen Swinburne University of Technology, Muhammad Ejaz Ahmed Data61, CSIRO, Seyit Camtepe CSIRO Data61, Yang Xiang Digital Research & Innovation Capability Platform, Swinburne University of Technology DOI | ||
12:00 15mTalk | Peahen: Fast and Precise Static Deadlock Detection via Context Reduction Research Papers Yuandao Cai Hong Kong University of Science and Technology, Chengfeng Ye Hong Kong University of Science and Technology, Qingkai Shi Purdue University, Charles Zhang Hong Kong University of Science and Technology DOI | ||
12:15 7mTalk | FIM: Fault Injection and Mutation for Simulink Demonstrations Ezio Bartocci TU Wien, Leonardo Mariani University of Milano-Bicocca, Dejan Nickovic Austrian Institute of Technology, Drishti Yadav Technische Universität Wien | ||
12:23 7mTalk | JSIMutate: Understanding Performance Results through Mutations Demonstrations Thomas Laurent Lero & University College Dublin, Paolo Arcaini National Institute of Informatics
, Catia Trubiani Gran Sasso Science Institute, Anthony Ventresque University College Dublin & Lero, Ireland DOI Media Attached | ||