Skip to main content
Springer Nature Link
Log in

Synthesizing Abstract Transformers for Reduced-Product Domains

  • Conference paper
  • First Online:
Static Analysis (SAS 2024)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14995))

Included in the following conference series:

  • 95 Accesses

Abstract

Recently, we showed how to apply program-synthesis techniques to create abstract transformers in a user-provided domain-specific language (DSL) \({\mathcal {L}}\) (i.e., “\({\mathcal {L}}\)-transformers”). This algorithm does not scale when applied to reduced-product domains: synthesizing transformers for all of the component domains simultaneously blows up the search-space.

Because reduced-product domains can significantly improve the precision of abstract interpretation, in this paper, we propose an algorithm to synthesize reduced \({\mathcal {L}}\)-transformers \(\langle {f}^{\sharp \textsf {R}}_1, {f}^{\sharp \textsf {R}}_2, \dots , {f}^{\sharp \textsf {R}}_n \rangle \) for a product domain \(A_1 \times A_2 \times \dots \times A_n\), using multiple DSLs: \({\mathcal {L}}\) \(= \langle {\mathcal {L}}_1, {\mathcal {L}}_2, \ldots , {\mathcal {L}}_n \rangle \). Synthesis of reduced-product transformers is quite challenging: first, the synthesis task has to tackle an larger “feature set” as each component transformer now has access to the abstract inputs from all component domains in the product. Second, to ensure that the product transformer is maximally precise, the synthesis task needs to arrange for the component transformers to cooperate with each other.

We implemented our algorithm in a tool, Amurth2, and used it to synthesize abstract transformers for two product domains—SAFE and JSAI—available within the SAFEstr framework for JavaScript program analysis. For four of the six operations supported by SAFEstr, Amurth2 synthesizes more precise abstract transformers than the manually written ones available in SAFEstr.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    We assume that component arithmetic is extended to cover \(-\infty \) and \(\infty \)—e.g., \(-\infty - 1 = -\infty \), etc.

  2. 2.

    We assume that the reduction operator \(\sigma \) has always been applied before the transformer in Eq. 2 is called.

  3. 3.

    The concrete operation can be expressed as a loop-free program, or a program with bounded loops.

References

  1. Amadini, R., et al.: Combining string abstract domains for Javascript analysis: an evaluation. In: Legay, A., Margaria, T. (eds.) TACAS 2017. LNCS, vol. 10205, pp. 41–57. Springer, Heidelberg (2017). https://doi.org/10.1007/978-3-662-54577-5_3

    Chapter  MATH  Google Scholar 

  2. Gulwani, S., Polozov, O., Singh, R.: Program synthesis. Found. Trends Program. Lang. 4(1–2), 1–119 (2017). https://doi.org/10.1561/2500000010

    Article  MATH  Google Scholar 

  3. Hoare, C.A.R.: An axiomatic basis for computer programming. Commun. ACM (1969). https://doi.org/10.1145/363235.363259

  4. Kalita, P.K., Kumar, M.J., Roy, S.: Synthesis of semantic actions in attribute grammars (2022). https://doi.org/10.34727/2022/isbn.978-3-85448-053-2_37

  5. Kalita, P.K., Muduli, S., D’Antoni, L., Reps, T., Roy, S.: Synthesizing abstract transformers. In: OOPSLA2 (2022). https://doi.org/10.1145/3563334

  6. Kalita, P.K., Muduli, S.K., D’Antoni, L., Reps, T., Roy, S.: Synthesizing abstract transformers (artifact) (2022). https://doi.org/10.5281/zenodo.7092952

  7. Kalita, P.K., Reps, T., Roy, S.: Synthesizing abstract transformers for reduced-product domains (2024). https://arxiv.org/abs/2408.04040

  8. Kalita, P.K., Reps, T., Roy, S.: Synthesizing abstract transformers for reduced-product domains (artifact) (2024). https://doi.org/10.5281/zenodo.13114725

  9. Kashyap, V., et al.: JSAI: a static analysis platform for JavaScript. In: FSE (2014). https://doi.org/10.1145/2635868.2635904

  10. Lee, H., Won, S., Jin, J., Cho, J., Ryu, S.: SAFE: formal specification and implementation of a scalable analysis framework for ECMAScript. In: FOOL (2012)

    Google Scholar 

  11. Park, K., D’Antoni, L., Reps, T.: Synthesizing specifications. Proc. ACM Program. Lang. 7(OOPSLA2) (2023). https://doi.org/10.1145/3622861

  12. Reps, T., Sagiv, M., Yorsh, G.: Symbolic implementation of the best transformer. In: VMCAI (2004). https://doi.org/10.1007/978-3-540-24622-0_21

  13. Reps, T., Thakur, A.: Automating abstract interpretation. In: Jobstmann, B., Leino, K.R.M. (eds.) VMCAI 2016. LNCS, vol. 9583, pp. 3–40. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49122-5_1

    Chapter  MATH  Google Scholar 

  14. Roy, S.: From concrete examples to heap manipulating programs. In: Logozzo, F., Fähndrich, M. (eds.) SAS 2013. LNCS, vol. 7935, pp. 126–149. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38856-9_9

    Chapter  MATH  Google Scholar 

  15. Solar-Lezama, A.: Program sketching. STTT 15(5), 475–495 (2013). https://doi.org/10.1007/s10009-012-0249-7

    Article  MATH  Google Scholar 

  16. Thakur, A., Elder, M., Reps, T.: Bilateral algorithms for symbolic abstraction. In: Miné, A., Schmidt, D. (eds.) SAS 2012. LNCS, vol. 7460, pp. 111–128. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-33125-1_10

    Chapter  MATH  Google Scholar 

  17. Thakur, A.V., Lal, A., Lim, J., Reps, T.W.: PostHat and all that: automating abstract interpretation. ENTCS 311 (2015). https://doi.org/10.1016/j.entcs.2015.02.003

  18. Thakur, A., Reps, T.: A method for symbolic computation of abstract operations. In: Madhusudan, P., Seshia, S.A. (eds.) CAV 2012. LNCS, vol. 7358, pp. 174–192. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-31424-7_17

    Chapter  MATH  Google Scholar 

  19. Verma, A., Kalita, P.K., Pandey, A., Roy, S.: Interactive debugging of concurrent programs under relaxed memory models. In: CGO (2020). https://doi.org/10.1145/3368826.3377910

  20. Verma, S., Roy, S.: Synergistic debug-repair of heap manipulations. In: FSE (2017). https://doi.org/10.1145/3106237.3106263

  21. Wang, J., Sung, C., Raghothaman, M., Wang, C.: Data-driven synthesis of provably sound side channel analyses. In: ICSE (2021)

    Google Scholar 

  22. Wang, X., Anderson, G., Dillig, I., McMillan, K.L.: Learning abstractions for program synthesis. In: Chockler, H., Weissenbacher, G. (eds.) CAV 2018. LNCS, vol. 10981, pp. 407–426. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96145-3_22

    Chapter  MATH  Google Scholar 

Download references

Acknowledgments

We thank the anonymous reviewers for their input. We thank Intel for supporting the first author via the Intel India Research Fellowship Program. The research was supported, in part, by Research-I Foundation of IIT Kanpur; by a gift from Rajiv and Ritu Batra; and by NSF under grants CCF-{2211968,2212558}.

Author information

Authors and Affiliations

  1. Indian Institute of Technology Kanpur, Kanpur, India

    Pankaj Kumar Kalita & Subhajit Roy

  2. University of Wisconsin-Madison, Madison, WI, USA

    Thomas Reps

Authors
  1. Pankaj Kumar Kalita
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Thomas Reps
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Subhajit Roy
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Pankaj Kumar Kalita .

Editor information

Editors and Affiliations

  1. Department of Computer Science, University of Arizona, Tucson, AZ, USA

    Roberto Giacobazzi

  2. IMDEA Software Institute, Pozuelo de Alarcon, Madrid, Spain

    Alessandra Gorla

Rights and permissions

Reprints and permissions

Copyright information

© 2025 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Kalita, P.K., Reps, T., Roy, S. (2025). Synthesizing Abstract Transformers for Reduced-Product Domains. In: Giacobazzi, R., Gorla, A. (eds) Static Analysis. SAS 2024. Lecture Notes in Computer Science, vol 14995. Springer, Cham. https://doi.org/10.1007/978-3-031-74776-2_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-74776-2_6

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-74775-5

  • Online ISBN: 978-3-031-74776-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics