{"id":19184506,"url":"https://github.com/jhu-pl-lab/sato","last_synced_at":"2026-03-09T18:06:37.789Z","repository":{"id":54824088,"uuid":"281700688","full_name":"JHU-PL-Lab/sato","owner":"JHU-PL-Lab","description":"Sato, the Symbolic Analysis Typechecker for Odefa, dynamically locates type errors using demand-driven symbolic execution.","archived":false,"fork":false,"pushed_at":"2022-11-18T20:02:19.000Z","size":3729,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":10,"default_branch":"master","last_synced_at":"2025-01-18T20:07:51.223Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"OCaml","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/JHU-PL-Lab.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-07-22T14:31:36.000Z","updated_at":"2024-11-05T00:38:02.000Z","dependencies_parsed_at":"2023-01-23T13:45:47.185Z","dependency_job_id":null,"html_url":"https://github.com/JHU-PL-Lab/sato","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JHU-PL-Lab%2Fsato","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JHU-PL-Lab%2Fsato/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JHU-PL-Lab%2Fsato/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JHU-PL-Lab%2Fsato/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/JHU-PL-Lab","download_url":"https://codeload.github.com/JHU-PL-Lab/sato/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243180981,"owners_count":20249400,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-09T11:07:23.782Z","updated_at":"2026-03-09T18:06:32.549Z","avatar_url":"https://github.com/JHU-PL-Lab.png","language":"OCaml","funding_links":[],"categories":[],"sub_categories":[],"readme":"Sato\n=====\n\n_\"I am so embarrassed. My name's Asami. Let me make this up to you somehow. Uh...how about I treat you to dinner?\"_ - Asami Sato, _The Legend of Korra_\n\n**Sato**, the **S**ymbolic **A**nalysis **T**ypechecker for **O**defa, dynamically locates type errors using demand-driven symbolic execution.\n\nInstall\n-------\n\nFor MacOS, first install the requisite OCaml version: 4.09.0+flambda.\n```\nbrew upgrade opam\nopam update\nopam switch create 4.09.0+flambda\n```\n\n(For Linux, replace `brew` with `apt get`.)\n\nRun this to produce libraries needed\n```\n# dune external-lib-deps --missing @@default\n```\n\nNow we can install the dependencies for Sato.\n```\nopam install shexp core batteries gmap jhupllib monadlib ocaml-monadic pds-reachability ppx_deriving ppx_deriving_yojson -y\n```\n\nFor Z3, we need to pin it to version 4.8.1 due to a bug with later versions; then we need to export the path Z3 is installed on:\n```\nopam pin z3 4.8.1 -y\nexport LD_LIBRARY_PATH=`opam config var z3:lib`\n```\n\nRun\n---\n\nTo build Sato itself, run the `make` command (which is itself an alias for the `make sato` command); we can also run `make ddpa` and `make translator` in order to build other utilities which may be useful for debugging. The basic usage of Sato is as follows:\n```\n./sato \u003cfilename\u003e\n```\nwhere `\u003cfilename\u003e` refers to a `.odefa` or `.natodefa` file that Sato will typecheck.  For the full command list, run `./sato --help`.\n\nTo run tests on Sato (as well as DDPA and DDSE), run the `make test` command.\n\nTODOs\n---\n- [x] Refactor codebase and fix bugs\n  - [x] Write shared module type sig for odefa and natodefa errors\n- [x] Formalize revised rules\n  - [x] Add projection, match, and abort rules\n  - [x] Formally incorporate alias-passing (ie. on a = b, return a instead of b)\n  - [x] Fix bugs involving alias passing and non-singleton lookup stacks\n- [ ] Continue to write tests\n  - [x] Tests that exercise alias passing to test revised rules\n  - [ ] More list tests (fold, sort, etc.)\n- [x] Write theory that maps errors in original code to aborts in instrumented code\n  - [x] Ignore errors in dead odefa code by throwing out aborts/errors encountered after the first one\n- [x] Fix bugs relating to DDPA\n  - Update: bugs revealed something fundamental to how lookup works; see below\n- ~~Write benchmarks~~\n- ~~Write library of commonly used predicates/contracts (copy from Clojure predicates?)~~\n\nTODOs for theory refactor\n----\n- [x] Change abort syntax\n  - [x] No enocding with lists: only one instrumentation conditional/predicate per abort\n  - ~~Accumulate abort constraints at Conditional Bottom, not Abort~~\n  - [x] Change pattern match encoding\n  - [x] Change `==` encoding (if needed)\n- ~~[ ] Add `nonzero` pattern (?)~~\n\nTODOs for 100% coverage algorithm\n----\n- [x] Algorithm to discover all `abort` clauses\n- [x] Record all visited aborts during lookup\n- [x] Restart lookup until all aborts have been looked up/visited\n  - [x] Deal with the \"lookup starts off-by-one\" problem\n- [x] Write new tests for this\n- [x] Note this in writeup\n\nMore TODOs\n----\n- [ ] Heuristic to identify higher-level errors (as opposed to strictly lower-level ones)\n  - [ ] Incorrect data structures (e.g. using lists wrong)\n  - [ ] Applying an incorrect variable to a function\n- [ ] Add undefined value (replaces above bullet point)\n- [x] Heuristic for when to end recursion\n  - [ ] Idea 1: Scale max steps by lines of code\n  - [ ] Idea 2: Limit context stack growth re. adding the same call site\n  - [x] Actual solution: limit steps that each evaluation can take using the `--maximum-steps` arg\n- [x] Report errors locally, without having to reach the beginning (hard)\n  - [ ] Type errors after infinite loops/omega combinators\n  - [ ] Type errors in non-satisfiable universes\n  - [x] Actual solution: Perform \"repeat evaluation on different vars\" heuristic (see above)\n- [x] Achieve 100% coverage in finding errors (ultimate goal...)\n  - [ ] Run test from back, then if it gets stuck, restart in the middle of the program in a non-covered portion of code\n  - [x] Tentatively achieved using heuristic...\n  - \\(This is a key advantage over forward analyses - no need to know values starting from the middle\\)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjhu-pl-lab%2Fsato","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjhu-pl-lab%2Fsato","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjhu-pl-lab%2Fsato/lists"}