Skip to main content

An Abstract Domain for Objects in Dynamic Programming Languages

  • 194 Accesses

Part of the Lecture Notes in Computer Science book series (LNPSE,volume 12233)


Dynamic languages, such as JavaScript, PHP, Python or Ruby, provide a memory model for objects data structures allowing programmers to dynamically create, manipulate, and delete objects’ properties. Moreover, in dynamic languages it is possible to access and update properties by using strings: this represents a hard challenge for static analysis. In this paper, we exploit the finite state automata abstract domain, approximating strings, in order to define a novel abstract domain for objects. We design an abstract interpreter useful to analyze objects in a toy language, inspired by real-word dynamic programming languages. We then show, by means of minimal yet expressive examples, the precision of the proposed abstract domain.

This is a preview of subscription content, access via your institution.

Buying options

USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-030-54997-8_9
  • Chapter length: 16 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
USD   79.99
Price excludes VAT (USA)
  • ISBN: 978-3-030-54997-8
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   99.99
Price excludes VAT (USA)
Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.
Fig. 5.
Fig. 6.
Fig. 7.
Fig. 8.


  1. 1.

    We assume that all negations ! have been removed using DeMorgan’s laws and usual arithmetic laws: \( {\texttt {!}}\,(\mathsf {b}_1 \, || \, \mathsf {b}_2) \equiv {\texttt {!}}\,\mathsf {b}_1 \, {\texttt { \& \& }} \, {\texttt {!}}\mathsf {b}_2\), \({\texttt {!}}\,(\mathsf {a}_1< \mathsf {a}_2) \equiv (\mathsf {a}_2 < \mathsf {a}_1 \, || \, \mathsf {a}_2 \, {\texttt {==}} \, \mathsf {a}_1)\), etc.


  1. Arceri, V., Maffeis, S.: Abstract domains for type juggling. Electr. Notes Theor. Comput. Sci. 331, 41–55 (2017)

    CrossRef  Google Scholar 

  2. Arceri, V., Mastroeni, I.: Static program analysis for string manipulation languages. In: VPT 2019 (2019).

  3. Balakrishnan, G., Reps, T.: Recency-abstraction for heap-allocated storage. In: Yi, K. (ed.) SAS 2006. LNCS, vol. 4134, pp. 221–239. Springer, Heidelberg (2006).

    CrossRef  Google Scholar 

  4. Bartzis, C., Bultan, T.: Widening arithmetic automata. In: Alur, R., Peled, D.A. (eds.) CAV 2004. LNCS, vol. 3114, pp. 321–333. Springer, Heidelberg (2004).

    CrossRef  Google Scholar 

  5. Cortesi, A., Olliaro, M.: M-string segmentation: a refined abstract domain for string analysis in C programs. In: TASE 2018 (2018)

    Google Scholar 

  6. Costantini, G., Ferrara, P., Cortesi, A.: A suite of abstract domains for static analysis of string values. Softw. Pract. Exp. 45(2), 245–287 (2015)

    CrossRef  Google Scholar 

  7. Cousot, P., Cousot, R.: Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: POPL 1977 (1977)

    Google Scholar 

  8. Cousot, P., Halbwachs, N.: Automatic discovery of linear restraints among variables of a program. In: POPL (1978)

    Google Scholar 

  9. Davis, M.D., Sigal, R., Weyuker, E.J.: Computability, Complexity, and Languages: Fundamentals of Theoretical Computer Science. Academic Press Professional, Inc., New York (1994)

    Google Scholar 

  10. D’Silva, V.: Widening for Automata. MsC Thesis, Inst. Fur Inform. - UZH (2006)

    Google Scholar 

  11. Hauzar, D., Kofron, J.: Framework for static analysis of PHP applications. In: ECOOP 2015 (2015).

  12. Hopcroft, J.E., Ullman, J.D.: Introduction to Automata Theory, Languages and Computation. Addison-Wesley, Reading (1979)

    MATH  Google Scholar 

  13. Jensen, S.H., Møller, A., Thiemann, P.: Type analysis for javascript. In: SAS 2009 (2009).

  14. Kashyap, V., et al.: JSAI: a static analysis platform for javascript. In: FSE 2014 (2014)

    Google Scholar 

  15. Lee, H., Won, S., Jin, J., Cho, J., Ryu, S.: SAFE: formal specification and implementation of a scalable analysis framework for ECMAScript. In: FOOL (2012)

    Google Scholar 

  16. Nielson, F., Nielson, H.R., Hankin, C.: Principles of Program Analysis. Springer, Heidelberg (1999).

    CrossRef  MATH  Google Scholar 

  17. Wilhelm, R., Sagiv, M., Reps, T.: Shape analysis. In: Watt, D.A. (ed.) CC 2000. LNCS, vol. 1781, pp. 1–17. Springer, Heidelberg (2000).

    CrossRef  Google Scholar 

Download references

Author information

Authors and Affiliations


Corresponding author

Correspondence to Vincenzo Arceri .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

Arceri, V., Pasqua, M., Mastroeni, I. (2020). An Abstract Domain for Objects in Dynamic Programming Languages. In: , et al. Formal Methods. FM 2019 International Workshops. FM 2019. Lecture Notes in Computer Science(), vol 12233. Springer, Cham.

Download citation

  • DOI:

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-54996-1

  • Online ISBN: 978-3-030-54997-8

  • eBook Packages: Computer ScienceComputer Science (R0)