Program Analysis

Overview

This course covers both foundations and practical aspects of the automated analysis of programs, which is becoming increasingly critical to find software errors and assure program correctness. The theory of abstract interpretation captures the essence of a broad range of program analyses and supports reasoning about their correctness. Building on this foundation, the course will describe program representations, data flow analysis, alias analysis, interprocedural analysis, dynamic analysis, and symbolic execution. Through assignments and projects, students will design and implement practical analysis tools that find bugs and verify properties of software.

Why take this course?

Coordinates

Lecture:Tu/Th 10:30 - 11:50 a.m. in GHC 4102

Recitation:Fri 9:30 - 10:20 a.m. in GHC 4211

Professor Jonathan Aldrich
aldrich@cs.cmu.edu
WEH 4216

For appointments, email the instructor.

Course Syllabus and Policies

The syllabus covers course overview and objectives, learning goals, evaluation, supplemental books, late work policy, and collaboration policy.

Schedule

Date Topic and Notes Additional Reading or Code Assignments Due
Jan 17 Introduction to Program Analysis PPA ch. 1 (optional)
Jan 19 Program representation
Jan 20 RecitationIntroduction to Soot 17-355.zip
Jan 24 Dataflow Analysis and Abstract Interpretation PPA ch. 2 (optional)
LaTeX sources for notes
Jan 26 The Worklist Algorithm (notes continued) PPA ch. 6 (optional)
Jan 27 RecitationDefining Constant Propagation
Jan 31 Dataflow Analysis examples hw1 hw1.pdf, hw1.zip
Feb 2 Dataflow Analysis termination and complexity PPA ch. 4 (optional)
Feb 3 no recitation today
Feb 7 Dataflow Analysis in Soot hw2 hw2.pdf, hw2-latex.zip
Feb 9 Dataflow Analysis Correctness
Feb 10 RecitationCommon analysis definition mistakes
Feb 14 Collecting semantics
Feb 16 Widening (notes continued) hw3 hw3.pdf, hw3.zip
Feb 17 RecitationExploring Interprocedural Analysis
Feb 21 Context-sensitive interprocedural analysis
Feb 23 Interprocedural analysis, continued
Feb 24 RecitationInterprocedural analysis in Soot lab6.zip hw4 hw4.pdf
Feb 28 Pointer analysis
Mar 2 Object-oriented call graph construction
Mar 3 RecitationMidterm review hw5 checkpoint due hw5.pdf
Mar 7 Midterm Exam
Mar 9 Functional control flow analysis full hw5 due hw5.pdf
Mar 10 no recitationMid-Semester Break
Mar 21 Symbolic execution Mixing Type Checking and Symbolic Execution
Mar 23 No class
Mar 24 no recitation
Mar 28 Concolic execution
2pm Mar 29 (different room, time, and day) Program synthesis (Nadia Polikarpova talk in GHC 6115)
Mar 31 RecitationSatisfiability modulo theories recitation7.pdf
Apr 4 TBA
Apr 6 Hoare Logic and verification condition generation Project proposal
Apr 7 RecitationVerification with implicit dynamic frames / Dafny Mini assignment 1 (docx)
Apr 11 Dynamic analysis
Apr 13 Program repair (Guest lecturer: Claire Le Goues)
Apr 14 no recitation
Apr 18 Gradual verification
Apr 20 No lecture: Spring Carnival
Apr 21 no recitationSpring Carnival
Apr 25 Static Concurrency Analysis
Apr 27 Race condition analysis - dynamic
Apr 28 RecitationChalice list.chalice
May 2 Counterexample-guided abstraction refinement in Blast
May 4 Satisfiability modulo theories
May 5 No Recitation
May 8 10AM - Project presentations in GHC 4101 Projectdeliverables.pdf
May 15 Projectdeliverables.pdf