Inferring Types by Mining Class Usage Frequency from Inline Caches

International audienceDynamically typed languages allow developers to write more expressive source code, but their lack of static information about types of variables increases the complexity of a program. Static type information about types of variables facilitates program comprehension and maintenance. Simple type inference algorithms suffer from the problem of false positives or negatives, thus complex approaches are required to avoid this problem. We propose a simple heuristic that uses easily accessible run-time information about the usage of each class as a receiver type for a message send. This frequency serves as a proxy for the likelihood that a run-time type of the variable is that class and it is used to promote the correct type towards the top of the list of possible types for a variable. Our evaluation of a proof-of-concept prototype implemented in Pharo Smalltalk shows that our heuristic is reasonably precise to detect correct types on average in 65.92% to 82.83% of cases

Fast type reconstruction for dynamically typed programming languages

Type inference and type reconstruction derive static types for program elements that have no static type associated with them. They have a wide range of usage, such as helping to eliminate the burden of manually specifying types, verifying whether a program is type-safe, helping to produce more optimized code or helping to understand programs. While type inference and type reconstruction is an active field of research, most existing techniques are interested foremost in the precision of their approaches, at the expense of execution speed. As a result, existing approaches are not suited to give direct feedback in development environments, where interactivity dictates very fast approaches. This paper presents a type reconstruction algorithm for variables that is extremely fast (in the order of milliseconds) and reasonably precise (75 percent). The system is implemented as a byte-code evaluator in several Smalltalk environments, and its execution speed and precision are validated on a number of concrete case studies.status: publishe

Fast Type Reconstruction for Dynamically Typed Programming Languages

Acceptance rate: 10/27:37%info:eu-repo/semantics/publishe

Configurable and Sound Static Analysis of JavaScript: Techniques and Applications

JavaScript is widespread. Web developers use JavaScript to enrich user experience via dynamic content ranging from scripts to enhance a web page's appearance, to full-blown web applications, to extending the functionality of web browsers in the form of browser addons. Desktop developers use JavaScript, e.g., for OS applications in Windows 8. JavaScript's growing prominence means that secure, correct, and fast JavaScript code is becoming ever more critical. Static analysis traditionally plays a large role in providing these characteristics: it can be used for security auditing, error-checking, debugging, optimization, and program refactoring, among other uses. Thus, a sound, precise static analysis platform for JavaScript can be of enormous advantage.In this thesis, we present our work on creating a sound, precise, configurable and fast static analysis for JavaScript called JSAI that we have made openly available to the research community. JSAI is both a practical tool for JavaScript static analysis and also a research platform for experimenting with static analysis techniques. JSAI showcases a number of novel techniques to soundly compute a combination of type inference, pointer analysis, control-flow analysis, string analysis, and integer and boolean constant propagation for JavaScript programs. It also provides a unique method for modularly configuring analysis precision that is based on fundamental new insights into the theory of static analysis. We describe precision-increasing techniques for the analysis using type refinement; and performance-increasing techniques for the analysis based on parallelization of JSAI. As an example use-case for JSAI, we discuss a novel security analysis for JavaScript-based browser addon vetting