The following schedule lists the topics we will cover and approximately the number of meetings we will spend on each topic. The schedule is tentative. Most likely, some things will change during the semester, and I will revise the schedule as necessary.
The Reading column lists the assigned reading for the meeting. You should view the readings as an introduction to spark discussion in class.
The Assignment column lists the due date for each assignment.
Readings. The readings will be classified into the following order of recommendation: Advised (highest importance), Recommended (important but read after previous category), and Supplemental (additional material for a different perspective). NNH refers to Nielson et al., Principles of Program Analysis.
Supplemental. John Carmack. Static Code Analysis. This blog post is a famous developer's view of static analysis. John Carmack is known for his contributions to game engines (e.g., Doom).
|W||8/27||Semantics Crash Course||
Advised. Winskel, Chapter 2.
Recommended. Harper, Chapters 1-3 (i.e., Part I). These chapters are background on syntax, judgments, and inductive definitions.
Supplemental. Winskel, Chapters 3-4. These chapters are another source on judgments and inductive definitions.
|2||M||9/1||No Class: Labor Day|
|W||9/3||Semantics Crash Course|
|3||M||9/8||Semantics Crash Course: Hoare Logic [exercise 1: discussion]||
Advised. Winskel, Chapter 6.
|W||9/10||Semantics Crash Course: Hoare Logic|
|4||M||9/15||Collecting Semantics and Dataflow Analysis||
Recommended (Classic). Gary A. Kildall. A unified approach to global program optimization. POPL, 1973.
Recommended (Classic). Michael Karr. Affine relationships among variables of a program. Acta Informatica 6(2):1976.
Recommended. NNH, Chapter 1.
|W||9/17||Collecting Semantics and Dataflow Analysis||
Advised. NNH, 2.1-2.3
Recommended. NNH, 4.1-4.3
Supplemental. Rival, 4.1-4.2
Recommended. NNH, 5.1-5.2.
Recommended. Rival, 4.3, 5.1-5.3
Advised. Patrick Cousot and Radhia Cousot. Static Determination of Dynamic Properties of Programs. In B. Robinet, editor, Proceedings of the second international symposium on Programming, Paris, France, pages 106—130, April 13-15 1976, Dunod, Paris.
Advised. Patrick Cousot. Semantic foundations of program analysis. In S.S. Muchnick & N.D. Jones, editors, Program Flow Analysis: Theory and Applications, Ch. 10, pages 303—342, Prentice-Hall, Inc., Englewood Cliffs, New Jersey, U.S.A., 1981.
Supplemental (Classic). Patrick Cousot and Radhia Cousot. Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In Conference Record of the Fourth Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pages 238—252, Los Angeles, California, 1977. ACM Press, New York, NY, USA.
Supplemental (Classic). Patrick Cousot and Radhia Cousot. Systematic Design of Program Analysis Frameworks. In Conference Record of the Sixth Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pages 269—282, San Antonio, Texas, 1979. ACM Press, New York.
Discussion Lead: Jed McClurg
Patrick Cousot and Radhia Cousot. Systematic Design of Program Analysis Frameworks. In Conference Record of the Sixth Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pages 269—282, San Antonio, Texas, 1979. ACM Press, New York.
Higher-Order Program Analysis
Discussion Lead: Will Mortl
|David Van Horn and Matthew Might. Abstracting Abstract Machines. In Proceedings of the 15th ACM SIGPLAN International Conference on Functional Programming, 51–62, 2010.|
Guest Lecturer: Sam Blackshear
Advised. Manu Sridharan, Satish Chandra, Julian Dolby, Stephen J. Fink, and Eran Yahav. Alias Analysis for Object-Oriented Programs
Recommended. George Kastrinis and Yannis Smaragdakis. Hybrid Context-Sensitivity for Points-To Analysis. PLDI, 2013.
|10||M||10/27||Separation Logic and Shape Analysis||
Advised. John C. Reynolds. Separation Logic: A Logic for Shared Mutable Data Structures. LICS, 2002.
Recommended. Dino Distefano, Peter W. O'Hearn, Hongseok Yang. A Local Shape Analysis Based on Separation Logic. TACAS, 2006.
Supplemental. John C. Reynolds. Introduction to Separation Logic. An additional resource are the course notes for this class.
|W||10/29||Research Topics: Android [whiteboard]||
Arzt, Steven, Siegfried Rasthofer, Christian Fritz, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon, Damien Octeau, and Patrick McDaniel. 2014. “FlowDroid: Precise Context, Flow, Field, Object-Sensitive and Lifecycle-Aware Taint Analysis for Android Apps.” In Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation, 259–69. PLDI ’14.
Recommended. Reps, Thomas, Susan Horwitz, and Mooly Sagiv. 1995. “Precise Interprocedural Dataflow Analysis via Graph Reachability.” In Proceedings of the 22nd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages - POPL ’95, 49–61. San Francisco, California, United States. doi:10.1145/199448.199462.
Recommended. Reps, Thomas. Program Analysis via Graph Reachability.
Research Topics: Separation Logic and Solvers
Piskac, Ruzica, Thomas Wies, and Damien Zufferey. 2014. “GRASShopper.” In Tools and Algorithms for the Construction and Analysis of Systems (TACAS).
Research Topics: Typestate-based Synthesis
Mishne, Alon, Sharon Shoham, and Eran Yahav. 2012. “Typestate-Based Semantic Code Search over Partial Programs.” In Proceedings of the ACM International Conference on Object Oriented Programming Systems Languages and Applications, 997–1016. OOPSLA ’12.
Peleg, Hila, Sharon Shoham, Eran Yahav, and Hongseok Yang. 2013. “Symbolic Automata for Static Specification Mining.” In Static Analysis, edited by Francesco Logozzo and Manuel Fähndrich, 63–83. SAS '13.
Research Topics: Semantic Differencing
Partush, Nimrod, and Eran Yahav. 2014. “Abstract Semantic Differencing via Speculative Correlation.” In Proceedings of the 2014 ACM International Conference on Object Oriented Programming Systems Language and Applications (OOPSLA ’14).
Research Topics: Probabilistic Programming
Adrian Sampson, Pavel Panchekha, Todd Mytkowicz, Kathryn S. McKinley, Dan Grossman, Luis Ceze. Expressing and verifying probabilistic assertions. PLDI 2014.
Research Topics: Dynamic Race Detection for Android
Chun-Hung Hsiao, Cristiano Pereira, Jie Yu, Gilles Pokam, Satish Narayanasamy, Peter M. Chen, Ziyun Kong, Jason Flinn. Race detection for event-driven mobile applications. PLDI'14
Pallavi Maiya, Aditya Kanade, Rupak Majumdar. Race detection for Android applications. PLDI'14.
|14||M||11/24||No Class: Fall Break|
|W||11/26||No Class: Fall Break|
Research Topics: Dynamic Race Detection
Veselin Raychev, Martin T. Vechev, Manu Sridharan. Effective race detection for event-driven programs. OOPSLA'13.