Combining and Strengthening Program Analysis and Verification
Doctoral thesis, 2008
This thesis is about methods for establishing semantic properties of programs
and how those methods can be strengthened. Finding (semi-)algorithms for
deciding semantic properties is a non-trivial task and such algorithms will, by
necessity, give approximate answers. This means that for any property of interest,
there is a spectrum of algorithms computing answers to various degrees of
precision, ranging from computationally cheap, low-precision algorithms to expensive,
potentially non-terminating algorithms with very high precision. Finding
approximations precise enough to be useful, and that at the same time make
the algorithms cheap enough, is a real challenge.
In this thesis we consider program analysis and program verification, which
are two approaches for establishing program properties with contrasting requirements
regarding precision and cost. Common to these two approaches is the
desire to move closer to the middle of the spectrum of algorithms. For algorithms
formulated as program analyses, this means increasing their precision, and for
algorithms formulated as program verifiers, it means making them terminate
without user interaction for a larger set of programs.
The work presented in this thesis can be divided into three parts. The first
part investigates the impact a number of features have on the precision of a
type-based program analysis for Haskell. The results presented, make it easier
for a designer of a type-based program analysis to choose what features to add
to the analysis in order to get sufficiently high precision.
The second part concerns how program verification can be integrated with
program analysis in order to make the verification cheaper and more automatic.
We show how a program analysis can be embedded in the tactic language of a
theorem prover to allow for a close integration of program analysis and verifi-
cation. We also show, in particular, how a dependence analysis can be used in
a theorem prover for Java to make the handling of loops more automatic.
The third part concerns how type-based program analysis can be strengthened
by plugging in additional, externally computed information. We do this by
presenting a modular method for parameterizing type-based program analyses
over information about the analyzed program’s execution. The parameterization
is done in such a way that a modular proof of correctness is obtained, removing
the need to prove correctness of each instantiation separately. We also show
how our method of parameterization can be used to allow for flow-sensitive heap
types by plugging in alias information.