Techniques for the verification of dynamically typed programs

Interpretation is the theoretical basis underlying most semantics-based program analyses. It was introduced by Cousot and Cousot [23] to provide a semantic foundation for program analysis. Essentially, one replaces the concrete program by an abstract model which can be feasibly analysed, a process which is called “abstraction”. While the program semantics (see Section 1.2.2) describes the program statement S as a transformer on (concrete) states σ1, σ2 ∈ Σ 〈S, σ1〉 ∗ → final〈σ2〉, abstract interpretation would model the same statement S in terms of abstract states σ̊1, σ̊2 ∈ Σ̊: S ` σ̊1 B σ̊2 In order to ensure soundness of the resulting analysis, care has to be taken that the abstraction safely approximates the program. We hence introduce a correctness relation R ⊆ Σ× Σ̊ such that σ1Rσ̊1 ∧ 〈S, σ1〉 ∗ → final〈σ2〉 ∧ S ` σ̊1 B σ̊2 ⇒ σ2Rσ̊2 holds for all statements S as well as all σ1, σ2 ∈ Σ, σ̊1, σ̊2 ∈ Σ̊. 1.4.2. Type Inference Type Inference is a program analysis with the goal of deriving sound and precise type information for a given program. We already defined a notion of types suitable for such an analyses in Section 1.3.1. To meet the requirements of abstract interpretation, we extend the previously defined set T of types to a complete lattice LT ∆ = (T ,⊆,>,⊥,∪,∩) with • T as our Abstract Domain of Union Types (represented as sets of class names), • The usual subset relation ⊆ as lattice pre-order (v), • T 3 > = C ∪ {Cnull} as largest lattice element, • T 3 ⊥ = {} as smallest lattice element, • t = ∪ (set-union) and u = ∩ (set-intersection) as join and meet operations respectively. As usual, we extend the lattice operations on our type domain pointwise for all σ̊ ∈ Σ̊ • σ̊ v σ̊′ ⇔ ∀x ∈ VL• σ̊(x) ⊆ σ̊′(x)∧∀@v ∈ VI • σ̊(self .@v) ⊆ σ̊′(self .@v)∧∀C ∈ C,@v ∈ VI • σ̊(C,@v) ⊆ σ̊′(C,@v).