Abstract
This paper addresses the problem of creating abstract transformers automatically. The method we present automates the construction of static analyzers in a fashion similar to the way yacc automates the construction of parsers. Our method treats the problem as a program-synthesis problem. The user provides specifications of (i) the concrete semantics of a given operation op, (ii) the abstract domain A to be used by the analyzer, and (iii) the semantics of a domain-specific language L in which the abstract transformer is to be expressed. As output, our method creates an abstract transformer for op in abstract domain A, expressed in L (an “L-transformer for op over A”). Moreover, the abstract transformer obtained is a most-precise L-transformer for op over A; that is, there is no other L-transformer for op over A that is strictly more precise.
We implemented our method in a tool called AMURTH. We used AMURTH to create sets of replacement abstract transformers for those used in two existing analyzers, and obtained essentially identical performance. However, when we compared the existing transformers with the transformers obtained using AMURTH, we discovered that four of the existing transformers were unsound, which demonstrates the risk of using manually created transformers.
- Roberto Amadini, Alexander Jordan, Graeme Gange, François Gauthier, Peter Schachte, Harald Søndergaard, Peter J. Stuckey, and Chenyi Zhang. 2017. Combining String Abstract Domains for JavaScript Analysis: An Evaluation. In Tools and Algorithms for the Construction and Analysis of Systems, Axel Legay and Tiziana Margaria (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 41–57. isbn:978-3-662-54577-5 https://doi.org/10.1007/978-3-662-54577-5_3
Google Scholar
Digital Library
- Angello Astorga, Shambwaditya Saha, Ahmad Dinkins, Felicia Wang, P. Madhusudan, and Tao Xie. 2021. Synthesizing Contracts Correct Modulo a Test Generator. Proc. ACM Program. Lang., 5, OOPSLA (2021), Article 104, Oct., 27 pages. https://doi.org/10.1145/3485481
Google Scholar
Digital Library
- Dirk Beyer, Alessandro Cimatti, Alberto Griggio, M. Erkan Keremoglu, Simon Fraser University, and Roberto Sebastiani. 2009. Software Model Checking via Large-Block Encoding. In 2009 Formal Methods in Computer-Aided Design. 25–32. https://doi.org/10.1109/FMCAD.2009.5351147
Google Scholar
Cross Ref
- Pavol Bielik, Veselin Raychev, and Martin Vechev. 2017. Learning a Static Analyzer from Data. In Computer Aided Verification, Rupak Majumdar and Viktor Kunčak (Eds.). Springer International Publishing, Cham. 233–253. isbn:978-3-319-63387-9 https://doi.org/10.1007/978-3-319-63387-9_12
Google Scholar
Cross Ref
- Patrick Cousot and Radhia Cousot. 1977. Abstract Interpretation: A Unified Lattice Model for Static Analysis of Programs by Construction or Approximation of Fixpoints. In Proceedings of the 4th ACM SIGACT-SIGPLAN Symposium on Principles of Programming Languages (POPL ’77). Association for Computing Machinery, New York, NY, USA. 238–252. isbn:9781450373500 https://doi.org/10.1145/512950.512973
Google Scholar
Digital Library
- Matt Elder, Junghee Lim, Tushar Sharma, Tycho Andersen, and Thomas Reps. 2014. Abstract Domains of Affine Relations. ACM Trans. Program. Lang. Syst., 36, 4 (2014), Article 11, Oct., 73 pages. issn:0164-0925 https://doi.org/10.1145/2651361
Google Scholar
Digital Library
- Susanne Graf and Hassen Saidi. 1997. Construction of Abstract State Graphs with PVS. In Computer Aided Verification, Orna Grumberg (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg. 72–83. isbn:978-3-540-69195-2 https://doi.org/10.1007/3-540-63166-6_10
Google Scholar
Cross Ref
- Pankaj Kumar Kalita, Sujit Kumar Muduli, Loris D’Antoni, Thomas Reps, and Subhajit Roy. 2021. Synthesizing Abstract Transformers. https://doi.org/10.48550/ARXIV.2105.00493 Extended version of the current work
Google Scholar
- Pankaj Kumar Kalita, Sujit Kumar Muduli, Loris D’Antoni, Thomas Reps, and Subhajit Roy. 2022. Synthesizing Abstract Transformers. https://doi.org/10.5281/zenodo.7092952 Software artifact of the current work
Google Scholar
Digital Library
- Sumit Lahiri and Subhajit Roy. 2022. Almost Correct Invariants: Synthesizing Inductive Invariants by Fuzzing Proofs. In Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2022). Association for Computing Machinery, New York, NY, USA. 352–364. isbn:9781450393799 https://doi.org/10.1145/3533767.3534381
Google Scholar
Digital Library
- Shuvendu K. Lahiri, Thomas Ball, and Byron Cook. 2005. Predicate Abstraction via Symbolic Decision Procedures. In Computer Aided Verification. Springer Berlin Heidelberg, Berlin, Heidelberg. 24–38. isbn:978-3-540-31686-2 https://doi.org/10.1007/11513988_5
Google Scholar
Digital Library
- Shuvendu K. Lahiri, Robert Nieuwenhuis, and Albert Oliveras. 2006. SMT Techniques for Fast Predicate Abstraction. In Computer Aided Verification, Thomas Ball and Robert B. Jones (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 424–437. isbn:978-3-540-37411-4 https://doi.org/10.1007/11817963_39
Google Scholar
Digital Library
- Chu Min Li and Felip Manyà. 2009. MaxSAT, Hard and Soft Constraints. 185 (2009), 613–631. https://doi.org/10.3233/978-1-58603-929-5-613
Google Scholar
Cross Ref
- Magnus Madsen and Esben Andreasen. 2014. String Analysis for Dynamic Field Access. In Compiler Construction, Albert Cohen (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg. 197–217. isbn:978-3-642-54807-9 https://doi.org/10.1007/978-3-642-54807-9_12
Google Scholar
Cross Ref
- Anders Miltner, Saswat Padhi, Todd Millstein, and David Walker. 2020. Data-Driven Inference of Representation Invariants. In Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI 2020). Association for Computing Machinery, New York, NY, USA. 1–15. isbn:9781450376136 https://doi.org/10.1145/3385412.3385967
Google Scholar
Digital Library
- Sujit Kumar Muduli and Subhajit Roy. 2022. Satisfiability Modulo Fuzzing: A Synergistic Combination of SMT Solving and Fuzzing. In Proceedings of the 2022 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA 2022). Association for Computing Machinery. https://doi.org/10.1145/3563332
Google Scholar
Digital Library
- Jorge A. Navas, Peter Schachte, Harald Søndergaard, and Peter J. Stuckey. 2012. Signedness-Agnostic Program Analysis: Precise Integer Bounds for Low-Level Code. In Programming Languages and Systems, Ranjit Jhala and Atsushi Igarashi (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 115–130. isbn:978-3-642-35182-2 https://doi.org/10.1007/978-3-642-35182-2_9
Google Scholar
Cross Ref
- Awanish Pandey, Phani Raj Goutham Kotcharlakota, and Subhajit Roy. 2019. Deferred Concretization in Symbolic Execution via Fuzzing. In Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2019). Association for Computing Machinery, New York, NY, USA. 228–238. isbn:9781450362245 https://doi.org/10.1145/3293882.3330554
Google Scholar
Digital Library
- Sumanth Prabhu, Grigory Fedyukovich, Kumar Madhukar, and Deepak D’Souza. 2021. Specification Synthesis with Constrained Horn Clauses. In Proceedings of the 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation (PLDI 2021). Association for Computing Machinery, New York, NY, USA. 1203–1217. isbn:9781450383912 https://doi.org/10.1145/3453483.3454104
Google Scholar
Digital Library
- Thomas Reps, Mooly Sagiv, and Greta Yorsh. 2004. Symbolic Implementation of the Best Transformer. In Verification, Model Checking, and Abstract Interpretation, Bernhard Steffen and Giorgio Levi (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 252–266. isbn:978-3-540-24622-0 https://doi.org/10.1007/978-3-540-24622-0_21
Google Scholar
Cross Ref
- Thomas W. Reps and Aditya V. Thakur. 2016. Automating Abstract Interpretation. In Verification, Model Checking, and Abstract Interpretation - 17th International Conference, VMCAI 2016, St. Petersburg, FL, USA, January 17-19, 2016. Proceedings, Barbara Jobstmann and K. Rustan M. Leino (Eds.) (Lecture Notes in Computer Science, Vol. 9583). Springer, 3–40. https://doi.org/10.1007/978-3-662-49122-5_1
Google Scholar
Digital Library
- Erika Rice Scherpelz, Sorin Lerner, and Craig Chambers. 2007. Automatic Inference of Optimizer Flow Functions from Semantic Meanings. In Proceedings of the 28th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI ’07). Association for Computing Machinery, New York, NY, USA. 135–145. isbn:9781595936332 https://doi.org/10.1145/1250734.1250750
Google Scholar
Digital Library
- Armando Solar-Lezama. 2013. Program Sketching. International Journal on Software Tools for Technology Transfer, 15, 5 (2013), 01 Oct, 475–495. issn:1433-2787 https://doi.org/10.1007/s10009-012-0249-7
Google Scholar
Digital Library
- Aditya V. Thakur, Matt Elder, and Thomas W. Reps. 2012. Bilateral Algorithms for Symbolic Abstraction. In Static Analysis - 19th International Symposium, SAS 2012, Deauville, France, September 11-13, 2012. Proceedings. 111–128. https://doi.org/10.1007/978-3-642-33125-1_10
Google Scholar
Digital Library
- Aditya V. Thakur, Akash Lal, Junghee Lim, and Thomas W. Reps. 2015. PostHat and All That: Automating Abstract Interpretation. Electronic Notes in Theoretical Computer Science, 311 (2015), 15–32. https://doi.org/10.1016/j.entcs.2015.02.003 Fourth Workshop on Tools for Automatic Program Analysis (TAPAS 2013)
Google Scholar
Digital Library
- Aditya V. Thakur and Thomas W. Reps. 2012. A Method for Symbolic Computation of Abstract Operations. In Computer Aided Verification - 24th International Conference, CAV 2012, Berkeley, CA, USA, July 7-13, 2012 Proceedings. 174–192. https://doi.org/10.1007/978-3-642-31424-7_17
Google Scholar
Digital Library
- Jingbo Wang, Chungha Sung, Mukund Raghothaman, and Chao Wang. 2021. Data-Driven Synthesis of Provably Sound Side Channel Analyses. In 2021 IEEE/ACM 43rd International Conference on Software Engineering (ICSE). 810–822. https://doi.org/10.1109/ICSE43902.2021.00079
Google Scholar
Digital Library
- Xinyu Wang, Greg Anderson, Isil Dillig, and K. L. McMillan. 2018. Learning Abstractions for Program Synthesis. In Computer Aided Verification, Hana Chockler and Georg Weissenbacher (Eds.). Springer International Publishing, Cham. 407–426. isbn:978-3-319-96145-3 https://doi.org/10.1007/978-3-319-96145-3_22
Google Scholar
Cross Ref
- Henry S. Warren. 2012. Hacker’s Delight (2nd ed.). Addison-Wesley Professional. isbn:0321842685
Google Scholar
Index Terms
Synthesizing abstract transformers
Recommendations
Program Synthesis for Artifacts beyond Programs
SPLASH Companion 2022: Companion Proceedings of the 2022 ACM SIGPLAN International Conference on Systems, Programming, Languages, and Applications: Software for HumanityProgram synthesis is a technique to find a program automatically from the given set of programs, i.e., a grammar, to satisfy some user-provided specifications. Significant research over the years has led to the evolution of program synthesis from ...
Automatic Synthesis of Data-Flow Analyzers
Static AnalysisAbstractData-flow analyzers (DFAs) are widely deployed in many stages of software development, such as compiler optimization, bug detection, and program verification. Automating their synthesis is non-trivial but will be practically beneficial. In this ...
Galois transformers and modular abstract interpreters: reusable metatheory for program analysis
OOPSLA '15The design and implementation of static analyzers has become increasingly systematic. Yet for a given language or analysis feature, it often requires tedious and error prone work to implement an analyzer and prove it sound. In short, static analysis ...






Comments