15-819 O: Program Analysis

Spring 2013
MW 1:30-2:50
GHC 4101
12 units
Professor Jonathan Aldrich
Open office: Tuesday 3-4pm, or by appointment

Course Summary

This course provides an overview of the state of the art in program analysis and recent research in the area.  Topics include program representations, abstract interpretation, type-based and constraint-based analysis, approaches to interprocedural analysis, counterexample-guided abstraction refinement, extended static checking, and combinations of testing and static analysis.  The course will mix theory and practice; students will formalize analyses and prove them correct, but also implement simple analyses and complete a capstone course research project.

This is a graduate-level course targeting Ph.D. students as well as masters and strong undergraduate students who are interested in program analysis.  There is no course prerequisite but students should be comfortable with formal definitions.

Supplemental course textbook:

Grading (approximate)

Policies

Everyone in the class has 7 late days to use at any point during the semester.  After late days are used up, the late penalty is 10% per day.  I will consider granting additional late days in extenuating circumstances (e.g. illness) after your late days are used up.

Policies

All LaTeX source files are available

Schedule

Date
Topic
Slides/Notes
Reading
Participation
Assignment Due
Jan 14
Introduction to Program Analysis
while-language.pdf
PPA ch. 1 (optional)


Jan 16
Dataflow Analysis and Abstract Interpretation Frameworks
dataflow-frameworks.pdf
PPA ch. 2 (optional)


Jan 21
Martin Luther King Jr. day - no class




Jan 23
Dataflow Analysis Examples
dataflow-examples.pdf



Jan 28
Backwards Analysis, the Worklist Algorithm, and Soot
(same)
PPA ch. 6 (optional)

hw1.pdf
Jan 30
Dataflow Analysis Termination and Correctness
dataflow-correctness.pdf
PPA ch. 4 (optional)


Feb 4
Dataflow correctness, continued



hw2.pdf TestSign.java soot-readme.txt soot-demo.zip
Feb 6
Widening and Collecting Semantics
widening-collecting.pdf



Feb 11
Interprocedural Analysis
interprocedural.pdf


hw3.pdf
Feb 13
Interprocedural Analysis, continued

PPA section 2.5


Feb 18
Pointer Analysis
pointer.pdf



Feb 20
Pointer Analysis, continued
(same)



Feb 25
Control Flow Analysis in Functional Languages
cfa.pdf
PPA ch. 3 (optional)

hw4.pdf
Feb 27
OO Call Graph Construction
callgraph.pdf



Mar 4
Buffer Overflow Analysis

Modular Checking for Buffer Overflows in the Large (required)


Mar 6
Hoare Logic, Weakest Preconditions, and Classic Object Invariant Verification
hoare-logic.pdf


midterm exam due
Mar 11-15
Spring break - no class




Mar 18
No class - instructor travel

Effective Synchronization Removal for Java


Mar 20
No class - instructor travel

Modular Invariants for Layered Object Structures

rq2-synch-invar.pdf
Mar 22
(Friday)



project.pdf
Mar 25
OO Specification and Verification with Dynamic Frames

Specification and Verification of Object-Oriented Software


Mar 27
Verification Condition Generation
dafny-example.txt


rq3-dafny.pdf
Apr 1
Symbolic Execution
symbolic-execution-example.txt
Mixing Type Checking and Symbolic Execution (required)
A static analyzer for Finding dynamic programming errors (optional)


Apr 3
Meet at 1pm in GHC 7501:
Static Analysis of Numerical Programs

Static Analysis of Finite Precision Computations

rq4.pdf
Apr 8
Concolic Testing

DART, CUTE, or others

project checkpoint 1
Apr 10
Counterexample-Guided Abstraction Refinement

SLAM or BLAST

RQ
Apr 15
Analysis in Practice at Microsoft and eBay

Understanding the value of program analysis tools

RQ
Apr 17
Interprocedural Analysis via Context-Free Reachability

Precise Interprocedural Dataflow Analysis via Graph Reachability

RQ
Apr 22
no class



project checkpoint 2
Apr 24
Separation Logic




Apr 29
Concurrency Assurance with Fluid

Assuring and Evolving Concurrent Programs: Annotations and Policy

RQ
May 1
Satisfiability Modulo Theories




May 6
9:30-11:00am Project presentations



project presentations
May 13
Project deliverables due



project deliverables







Additional potential topics