Executing code is essential for various program analysis tasks, e.g., to detect bugs that manifest through exceptions or to obtain execution traces for further dynamic analysis. However, executing an arbitrary piece of code is often difficult in practice, e.g., because of missing variable definitions, missing user inputs, and missing third-party dependencies. This paper presents LExecutor, a learning-guided approach for executing arbitrary code snippets in an underconstrained way. The key idea is to let a neural model predict missing values that otherwise would cause the program to get stuck, and to inject these values into the execution. For example, LExecutor injects likely values for otherwise undefined variables and likely return values of calls to otherwise missing functions. We evaluate the approach on Python code from popular open-source projects and on code snippets extracted from Stack Overflow. The neural model predicts realistic values with an accuracy between 79.5% and 98.2%, allowing LExecutor to closely mimic real executions. As a result, the approach successfully executes significantly more code than any available technique, such as simply executing the code as-is. For example, executing the open-source code snippets as-is covers only 4.1% of all lines, because the code crashes early on, whereas LExecutor achieves a coverage of 51.6%.

翻译：代码执行对于各种程序分析任务至关重要，例如检测通过异常暴露的缺陷，或获取执行轨迹以进行进一步的动态分析。然而，在实际中执行任意代码片段通常十分困难，原因包括变量定义缺失、用户输入缺失以及第三方依赖缺失等。本文提出LExecutor，一种用于在欠约束条件下执行任意代码片段的学习引导方法。其核心思想是让神经模型预测那些可能导致程序卡住的缺失值，并将这些值注入执行过程。例如，LExecutor为未定义的变量注入可能值，并为缺失函数的调用注入可能的返回值。我们在来自热门开源项目的Python代码以及从Stack Overflow提取的代码片段上评估了该方法。神经模型预测实际值的准确率介于79.5%到98.2%之间，使得LExecutor能够紧密模拟真实执行。因此，该方法成功执行的代码量显著超过任何现有技术（例如直接原样执行代码）。以直接原样执行开源代码片段为例，其仅覆盖总代码行的4.1%，因为代码早期就会崩溃；而LExecutor的代码覆盖率可达51.6%。