A Multilanguage Static Analysis of Python Programs with Native C Extensions
This is the artefact accompanying the research paper "A Multi-Language Static Analysis of Python Programs with Native C Extensions". It consists in a `README.md` file describing how to use the docker image `sas21_8.tar`.
Abstract of the research paper:
Modern programs are increasingly multilanguage, to benefit from each programming language's advantages and to reuse libraries. For example, developers may want to combine high-level Python code with low-level, performance-oriented C code. In fact one in five of the 200 most-downloaded Python libraries available on GitHub contains C code. Static analyzers tend to focus on a single language, and may use stubs to model the behavior of foreign function calls. However, stubs are costly to implement and undermine soundness of analyzers. In this work we design a static analyzer by abstract interpretation that can handle Python programs calling C extensions. It analyses directly and fully automatically both the Python and the C source codes. It reports runtime errors that may happen in Python, in C, and at the interface. We implemented our analysis in a modular fashion: it reuses off-the-shelf C and Python analyses written in the same analyzer. This approach allows sharing between abstract domains of different languages. Our analyzer can tackle tests of real-world libraries a few thousand lines of C and Python long.