Synthesis and Verification for All Emina Torlak
|
|
- Olivia Shepherd
- 6 years ago
- Views:
Transcription
1 Synthesis and Verification for All Emina Torlak University of Washington homes.cs.washington.edu/~emina/
2 Emina Racket
3 Racket a programmable programming language
4 Racket a programmable programming language
5 verification synthesis ROSETTE a programmable programming language
6 verification synthesis ROSETTE a programmable solver-aided programming language
7 vision a little programming for everyone
8 A little programming for everyone Every knowledge worker wants to program 8
9 A little programming for everyone Every knowledge worker wants to program spreadsheet data manipulation [Flashfill, POPL 11] social scientist 8
10 A little programming for everyone Every knowledge worker wants to program spreadsheet data manipulation [Flashfill, POPL 11] models of cell fates [SBL, POPL 13] biologist social scientist 8
11 A little programming for everyone Every knowledge worker wants to program spreadsheet data manipulation [Flashfill, POPL 11] models of cell fates [SBL, POPL 13] cache coherence protocols [Transit, PLDI 13] memory models [MemSAT, PLDI 10] hardware designer biologist social scientist 8
12 A little programming for everyone Every knowledge worker wants to program spreadsheet data manipulation [Flashfill, POPL 11] models of cell fates [SBL, POPL 13] cache coherence protocols [Transit, PLDI 13] memory models [MemSAT, PLDI 10] hardware designer biologist social scientist 8
13 A little programming for everyone Every knowledge worker wants to program spreadsheet data manipulation [Flashfill, POPL 11] models of cell fates [SBL, POPL 13] cache coherence protocols [Transit, PLDI 13] memory models [MemSAT, PLDI 10] expertise time hardware designer biologist social scientist 8
14 A little programming for everyone We all want to build programs spreadsheet data manipulation models of cell fates solver-aided languages cache coherence protocols memory models less time less expertise hardware designer biologist social scientist 9
15 outline solver-aided tools, languages and beyond
16 outline solver-aided tools tools, languages and beyond
17 outline solver-aided tools, tools, languages and beyond
18 outline solver-aided tools, tools, languages, and and applications beyond
19 solver-aided tools
20 Programming specification P(x) { } 12
21 Programming specification test case P(x) { } assert safe(p(2)) 12
22 Programming with a solver-aided tool? P(x) { } assert safe(p(2)) translator SAT/SMT solver 13
23 Programming with a solver-aided tool 42? verify P(x) { } assert safe(p(x)) Find an input on which the program fails. x. safe(p(x)) SAT/SMT solver CBMC [Kroening et al., DAC 03] Dafny [Leino, LPAR 10] Miniatur [Vaziri et al., FSE 07] Klee [Cadar et al., OSDI 08] 13
24 Programming with a solver-aided tool 42? verify debug P(x) { v = x + 2 } assert safe(p(x)) Find an input on which the program fails. Localize bad parts of the program. x = 42 safe(p(x)) SAT/SMT solver BugAssist [Jose & Majumdar, PLDI 11] 13
25 Programming with a solver-aided tool 42 40? verify debug solve P(x) { v = choose() } assert safe(p(x)) Find an input on which the program fails. Localize bad parts of the program. Find values that repair the failing run. v. safe(p(42, v)) SAT/SMT solver Kaplan [Koksal et al, POPL 12] PBnJ [Samimi et al., ECOOP 10] Squander [Milicevic et al., ICSE 11] 13
26 Programming with a solver-aided tool x 2? verify debug solve synth P(x) { v =?? } assert safe(p(x)) Find an input on which the program fails. Localize bad parts of the program. Find values that repair the failing run. Find code that repairs the program. e. x. safe(pe(x)) SAT/SMT solver Sketch [Solar-Lezama et al., ASPLOS 06] Comfusy [Kuncak et al., CAV 10] 13
27 The standard (hard) way to build a tool expertise in PL, FM, SE? verify debug solve synth P(x) { } assert safe(p(x)) translator SAT/SMT solver 14
28 A new, easy way to build tools programming? verify debug solve synth P(x) { } assert safe(p(x)) an interpreter or a library 15
29 A new, easy way to build tools? verify debug solve synth P(x) { } assert safe(p(x)) Implement a language for an application domain, get the tools for free! an interpreter or a library ROSETTE 15
30 A new, easy way to build tools? verify debug solve synth P(x) { } assert safe(p(x)) Implement a language for an application domain, get the tools for free! an interpreter or a library ROSETTE symbolic virtual machine 15
31 A new, easy way to build tools? verify debug solve synth P(x) { } assert safe(p(x)) Implement a language for an application domain, get the tools for free! an interpreter or a library ROSETTE symbolic virtual machine Hard technical challenge: how to efficiently translate a program and its interpreter? [Torlak & Bodik, PLDI 14, Onward 13] 15
32 design solver-aided languages
33 Layers of languages domain-specific language (DSL) A formal language that is specialized to a particular application domain and often limited in capability. library interpreter host language A high-level language for implementing DSLs, usually with meta-programming features. 17
34 Layers of languages domain-specific language (DSL) library interpreter artificial intelligence Church, BLOG databases SQL, Datalog hardware design Bluespec, Chisel, Verilog, VHDL math and statistics Eigen, Matlab, R layout and visualization LaTex, dot, dygraphs, D3 host language Scala, Racket, JavaScript 17
35 Layers of languages domain-specific language (DSL) C = A * B Eigen / Matlab [associativity] library interpreter C / Java host language for (i = 0; i < n; i++) for (j = 0; j < m; j++) for (k = 0; k < p; k++) C[i][k] += A[i][j] * B[j][k] 17
36 Layers of solver-aided languages solver-aided domain-specific language (SDSL) library interpreter solver-aided host language symbolic virtual machine 18
37 Layers of solver-aided languages solver-aided domain-specific language (SDSL) library interpreter solver-aided host language ROSETTE symbolic virtual machine [Torlak & Bodik, Onward 13, PLDI 14] 18
38 Layers of solver-aided languages solver-aided domain-specific language (SDSL) library interpreter solver-aided host language spatial programming Chlorophyll intelligent tutoring RuleSynth memory models MemSynth optimal synthesis Synapse radiotherapy controllers Neutrons BGP router configurations BagPipe symbolic virtual machine ROSETTE [Torlak & Bodik, Onward 13, PLDI 14] 18
39 Anatomy of a solver-aided host language Racket 19
40 Anatomy of a solver-aided host language (define-symbolic id type) (assert expr) (verify expr) (debug [expr] expr) (solve expr) (synthesize [expr] expr) ROSETTE 19
41 A tiny example SDSL def bvmax(r0, r1) : r2 = bvge(r0, r1) r3 = bvneg(r2) r4 = bvxor(r0, r2) r5 = bvand(r3, r4) r6 = bvxor(r1, r5) return r6 BV: A tiny assembly-like language for writing fast, lowlevel library functions. debug synth 20
42 A tiny example SDSL def bvmax(r0, r1) : r2 = bvge(r0, r1) r3 = bvneg(r2) r4 = bvxor(r0, r2) r5 = bvand(r3, r4) r6 = bvxor(r1, r5) return r6 BV: A tiny assembly-like language for writing fast, lowlevel library functions. test verify debug synth 20
43 A tiny example SDSL def bvmax(r0, r1) : r2 = bvge(r0, r1) r3 = bvneg(r2) r4 = bvxor(r0, r2) r5 = bvand(r3, r4) r6 = bvxor(r1, r5) return r6 BV: A tiny assembly-like language for writing fast, lowlevel library functions. 1. interpreter [10 LOC] test verify debug synth 2. verifier [free] 3. debugger [free] 4. synthesizer [free] 20
44 A tiny example SDSL: ROSETTE def bvmax(r0, r1) : r2 = bvge(r0, r1) r3 = bvneg(r2) r4 = bvxor(r0, r2) r5 = bvand(r3, r4) r6 = bvxor(r1, r5) return r6 > bvmax(-2, -1) 21
45 A tiny example SDSL: ROSETTE def bvmax(r0, r1) : r2 = bvge(r0, r1) r3 = bvneg(r2) r4 = bvxor(r0, r2) r5 = bvand(r3, r4) r6 = bvxor(r1, r5) return r6 parse (define bvmax `((2 bvge 0 1) (3 bvneg 2) (4 bvxor 0 2) (5 bvand 3 4) (6 bvxor 1 5))) > bvmax(-2, -1) 21
46 A tiny example SDSL: ROSETTE def bvmax(r0, r1) : r2 = bvge(r0, r1) r3 = bvneg(r2) r4 = bvxor(r0, r2) r5 = bvand(r3, r4) r6 = bvxor(r1, r5) return r6 parse (define bvmax `((2 bvge 0 1) (3 bvneg 2) (4 bvxor 0 2) (5 bvand 3 4) (6 bvxor 1 5))) > bvmax(-2, -1) (out opcode in...) 21
47 A tiny example SDSL: ROSETTE def bvmax(r0, r1) : r2 = bvge(r0, r1) r3 = bvneg(r2) r4 = bvxor(r0, r2) r5 = bvand(r3, r4) r6 = bvxor(r1, r5) return r6 (define bvmax `((2 bvge 0 1) (3 bvneg 2) (4 bvxor 0 2) (5 bvand 3 4) (6 bvxor 1 5))) `(-2-1) > bvmax(-2, -1) -1 interpret (define (interpret prog inputs) (make-registers prog inputs) (for ([stmt prog]) (match stmt [(list out opcode in...) (define op (eval opcode)) (define args (map load in)) (store out (apply op args))])) (load (last))) 22
48 A tiny example SDSL: ROSETTE def bvmax(r0, r1) : r2 = bvge(r0, r1) r3 = bvneg(r2) r4 = bvxor(r0, r2) r5 = bvand(r3, r4) r6 = bvxor(r1, r5) return r6 (define bvmax `((2 bvge 0 1) (3 bvneg 2) (4 bvxor 0 2) (5 bvand 3 4) (6 bvxor 1 5))) > bvmax(-2, -1) -1 interpret (define (interpret prog inputs) (make-registers prog inputs) (for ([stmt prog]) (match stmt [(list out opcode in...) (define op (eval opcode)) (define args (map load in)) (store out (apply op args))])) (load (last))) 22
49 A tiny example SDSL: ROSETTE def bvmax(r0, r1) : r2 = bvge(r0, r1) r3 = bvneg(r2) r4 = bvxor(r0, r2) r5 = bvand(r3, r4) r6 = bvxor(r1, r5) return r6 (define bvmax `((2 (2 bvge 0 1) (3 bvneg 2) (4 bvxor 0 2) (5 bvand 3 4) (6 bvxor 1 5))) > bvmax(-2, -1) -1 interpret (define (interpret prog inputs) (make-registers prog inputs) (for ([stmt prog]) (match stmt [(list out opcode in...) (define op (eval opcode)) (define args (map load in)) (store out (apply op args))])) (load (last))) 22
50 A tiny example SDSL: ROSETTE def bvmax(r0, r1) : r2 = bvge(r0, r1) r3 = bvneg(r2) r4 = bvxor(r0, r2) r5 = bvand(r3, r4) r6 = bvxor(r1, r5) return r6 (define bvmax `((2 (2 bvge 0 1) (3 bvneg 2) (4 bvxor 0 2) (5 bvand 3 4) (6 bvxor 1 5))) > bvmax(-2, -1) -1 interpret (define (interpret prog inputs) (make-registers prog inputs) (for ([stmt prog]) (match stmt [(list out opcode in...) (define op (eval opcode)) (define args (map load in)) (store out (apply op args))])) (load (last))) 22
51 A tiny example SDSL: ROSETTE def bvmax(r0, r1) : r2 = bvge(r0, r1) r3 = bvneg(r2) r4 = bvxor(r0, r2) r5 = bvand(r3, r4) r6 = bvxor(r1, r5) return r6 (define bvmax `((2 (2 bvge 0 1) (3 bvneg 2) (4 bvxor 0 2) (5 bvand 3 4) (6 bvxor 1 5))) > bvmax(-2, -1) -1 interpret (define (interpret prog inputs) (make-registers prog inputs) (for ([stmt prog]) (match stmt [(list out opcode in...) (define op (eval opcode)) (define args (map load in)) (store out (apply op args))])) (load (last))) 22
52 A tiny example SDSL: ROSETTE def bvmax(r0, r1) : r2 = bvge(r0, r1) r3 = bvneg(r2) r4 = bvxor(r0, r2) r5 = bvand(r3, r4) r6 = bvxor(r1, r5) return r6 (define bvmax `((2 (2 bvge 0 1) (3 bvneg 2) (4 bvxor 0 2) (5 bvand 3 4) (6 bvxor 1 5))) > bvmax(-2, -1) -1 interpret (define (interpret prog inputs) (make-registers prog inputs) (for ([stmt prog]) (match stmt [(list out opcode in...) (define op (eval opcode)) (define args (map load in)) (store out (apply op args))])) (load (last))) 22
53 A tiny example SDSL: ROSETTE def bvmax(r0, r1) : r2 = bvge(r0, r1) r3 = bvneg(r2) r4 = bvxor(r0, r2) r5 = bvand(r3, r4) r6 = bvxor(r1, r5) return r6 (define bvmax `((2 (2 bvge 0 1) (3 bvneg 2) (4 bvxor 0 2) (5 bvand 3 4) (6 bvxor 1 5))) > bvmax(-2, -1) -1 interpret (define (interpret prog inputs) (make-registers prog inputs) (for ([stmt prog]) (match stmt [(list out opcode in...) (define op (eval opcode)) (define args (map load in)) (store out (apply op args))])) (load (last))) 22
54 A tiny example SDSL: ROSETTE def bvmax(r0, r1) : r2 = bvge(r0, r1) r3 = bvneg(r2) r4 = bvxor(r0, r2) r5 = bvand(r3, r4) r6 = bvxor(r1, r5) return r6 (define bvmax `((2 (2 bvge 0 1) (3 bvneg 2) (4 bvxor 0 2) (5 bvand 3 4) (6 bvxor 1 5))) > bvmax(-2, -1) -1 interpret (define (interpret prog inputs) (make-registers prog inputs) (for ([stmt prog]) (match stmt [(list out opcode in...) (define op (eval opcode)) (define args (map load in)) (store out (apply op args))])) (load (last))) 22
55 A tiny example SDSL: ROSETTE def bvmax(r0, r1) : r2 = bvge(r0, r1) r3 = bvneg(r2) r4 = bvxor(r0, r2) r5 = bvand(r3, r4) r6 = bvxor(r1, r5) return r6 (define bvmax `((2 bvge 0 1) (3 bvneg 2) (4 bvxor 0 2) (5 bvand 3 4) (6 bvxor 1 5))) pattern matching dynamic evaluation first-class & higher-order procedures side effects > bvmax(-2, -1) -1 (define (interpret prog inputs) (make-registers prog inputs) (for ([stmt prog]) (match stmt [(list out opcode in...) (define op (eval opcode)) (define args (map load in)) (store out (apply op args))])) (load (last))) 23
56 A tiny example SDSL: ROSETTE def bvmax(r0, r1) : r2 = bvge(r0, r1) r3 = bvneg(r2) r4 = bvxor(r0, r2) r5 = bvand(r3, r4) r6 = bvxor(r1, r5) return r6 > verify(bvmax, max) (0, -2) > bvmax(0, -2) -1 query (define-symbolic n0 n1 integer?) (define inputs (list n0 n1)) (verify (assert (= (interpret bvmax inputs) (interpret max inputs)))) 24
57 A tiny example SDSL: ROSETTE def bvmax(r0, r1) : r2 = bvge(r0, r1) r3 = bvneg(r2) r4 = bvxor(r0, r2) r5 = bvand(r3, r4) r6 = bvxor(r1, r5) return r6 > verify(bvmax, max) (0, -2) > bvmax(0, -2) -1 query (define-symbolic n0 n1 integer?) (define inputs (list n0 n1)) (verify Creates two fresh symbolic constants of type number and binds them to variables n0 and n1. (assert (= (interpret bvmax inputs) (interpret max inputs)))) 24
58 A tiny example SDSL: ROSETTE def bvmax(r0, r1) : r2 = bvge(r0, r1) r3 = bvneg(r2) r4 = bvxor(r0, r2) r5 = bvand(r3, r4) r6 = bvxor(r1, r5) return r6 > verify(bvmax, max) (0, -2) > bvmax(0, -2) -1 query (define-symbolic n0 n1 integer?) (define inputs (list n0 n1)) (verify Symbolic values can be used just like concrete values of the same type. (assert (= (interpret bvmax inputs) (interpret max inputs)))) 24
59 A tiny example SDSL: ROSETTE def bvmax(r0, r1) : r2 = bvge(r0, r1) r3 = bvneg(r2) r4 = bvxor(r0, r2) r5 = bvand(r3, r4) r6 = bvxor(r1, r5) return r6 > verify(bvmax, max) (0, -2) > bvmax(0, -2) -1 query (define-symbolic n0 n1 integer?) (define inputs (list n0 n1)) (verify (assert (= (interpret bvmax inputs) (interpret max inputs)))) (verify expr) searches for a concrete interpretation of symbolic constants that causes expr to fail. 24
60 A tiny example SDSL: ROSETTE def bvmax(r0, r1) : r2 = bvge(r0, r1) r3 = bvneg(r2) r4 = bvxor(r0, r2) r5 = bvand(r3, r4) r6 = bvxor(r1, r5) return r6 > verify(bvmax, max) (0, -2) > bvmax(0, -2) -1 query (define-symbolic n0 n1 integer?) (define inputs (list n0 n1)) (verify (assert (= (interpret bvmax inputs) (interpret max inputs)))) 24
61 A tiny example SDSL: ROSETTE def bvmax(r0, r1) : r2 = bvge(r0, r1) r3 = bvneg(r2) r4 = bvxor(r0, r2) r5 = bvand(r3, r4) r6 = bvxor(r1, r5) return r6 > debug(bvmax, max, (0, -2)) query (define inputs (list 0-2)) (debug [input-register?] (assert (= (interpret bvmax inputs) (interpret max inputs)))) 25
62 A tiny example SDSL: ROSETTE def bvmax(r0, r1) : r2 = bvge(r0, r1) r3 = bvneg(r2) r4 = bvxor(r0, r2) r5 = bvand(r3, r4) r6 = bvxor(r1, r5) return r6 > debug(bvmax, max, (0, -2)) query (define inputs (list 0-2)) (debug [input-register?] (assert (= (interpret bvmax inputs) (interpret max inputs)))) 25
63 A tiny example SDSL: ROSETTE def bvmax(r0, r1) : r2 = bvge(r0, r1) r3 = bvneg(r2) r4 = bvxor(??,??) r5 = bvand(r3,??) r6 = bvxor(??,??) return r6 > synthesize(bvmax, max) query (define-symbolic n0 n1 integer?) (define inputs (list n0 n1)) (synthesize [inputs] (assert (= (interpret bvmax inputs) (interpret max inputs))))) 26
64 A tiny example SDSL: ROSETTE def bvmax(r0, r1) : r2 = bvge(r0, r1) r3 = bvneg(r2) r4 = bvxor(??, bvxor(r0,??) r1) r5 = bvand(r3,??) r4) r6 = bvxor(??, bvxor(r1,??) r5) return r6 > synthesize(bvmax, max) query (define-symbolic n0 n1 integer?) (define inputs (list n0 n1)) (synthesize [inputs] (assert (= (interpret bvmax inputs) (interpret max inputs))))) 26
65 tech symbolic virtual machine (SVM)
66 How it all works: a big picture view query program SDSL ROSETTE symbolic virtual machine solver [Torlak & Bodik, Onward 13] [Torlak & Bodik, PLDI 14] 28
67 How it all works: a big picture view result program SDSL ROSETTE symbolic virtual machine solver [Torlak & Bodik, Onward 13] [Torlak & Bodik, PLDI 14] 28
68 How it all works: a big picture view result program SDSL pattern matching dynamic evaluation first-class procedures higher-order procedures side effects macros theories of bitvectors, integers, reals, and uninterpreted functions ROSETTE symbolic virtual machine solver [Torlak & Bodik, Onward 13] [Torlak & Bodik, PLDI 14] 28
69 Translation to constraints by example solve: vs ps = () ps (3, 1, -2) for reverse v in and vs: filter, keeping only if positive v > 0: numbers (1, 3) ps = insert(v, ps) assert len(ps) == len(vs) 29
70 Translation to constraints by example solve: vs ps = () ps (3, 1, -2) for v in vs: if v > 0: (1, 3) ps = insert(v, ps) assert len(ps) == len(vs) 29
71 Translation to constraints by example vs solve: ps = () for v in vs: if v > 0: ps = insert(v, ps) assert len(ps) == len(vs) constraints ps 29
72 Translation to constraints by example vs (a, b) solve: ps = () for v in vs: if v > 0: ps = insert(v, ps) assert len(ps) == len(vs) constraints ps 29
73 Translation to constraints by example vs (a, b) solve: ps = () for v in vs: if v > 0: ps = insert(v, ps) assert len(ps) == len(vs) constraints ps a>0 b>0 29
74 Design space of precise symbolic encodings solve: ps = () for v in vs: if v > 0: ps = insert(v, ps) assert len(ps) == len(vs) bounded model checking symbolic execution 30
75 Design space of precise symbolic encodings solve: ps = () for v in vs: if v > 0: ps = insert(v, ps) assert len(ps) == len(vs) bounded model checking symbolic execution vs (a, b) ps ( ) a > 0 ps (a) b 0 ps (a) { a > 0 } b 0 false 30
76 Design space of precise symbolic encodings solve: ps = () for v in vs: if v > 0: ps = insert(v, ps) assert len(ps) == len(vs) bounded model checking b 0 ps ( ) { a 0 } b 0 false a 0 ps ( ) symbolic execution vs (a, b) ps ( ) a > 0 b > 0 b 0 b > 0 ps (b) ps (a) ps (b, a) { a 0 } { a > 0 } b > 0 b 0 false false true { a > 0 } ps (a) 30
77 Design space of precise symbolic encodings solve: ps = () for v in vs: if v > 0: ps = insert(v, ps) assert len(ps) == len(vs) b 0 ps ( ) { a 0 } b 0 false a 0 ps ( ) symbolic execution vs (a, b) ps ( ) a > 0 b > 0 b 0 b > 0 ps (b) ps (a) ps (b, a) { a 0 } { a > 0 } b > 0 b 0 false false true { a > 0 } ps (a) bounded model checking a 0 ps ( ) vs (a, b) ps ( ) ps ps0 a > 0 ps (a) ps0 = ite(a > 0, (a), ( )) ps1 = insert(b, ps0) ps2 = ite(b > 0, ps0, ps1) assert len(ps2) = 2 30
78 Design space of precise symbolic encodings solve: ps = () for v in vs: if v > 0: ps = insert(v, ps) assert len(ps) == len(vs) b 0 ps ( ) { a 0 } b 0 false a 0 ps ( ) symbolic execution vs (a, b) ps ( ) a > 0 b > 0 b 0 b > 0 ps (b) ps (a) ps (b, a) { a 0 } { a > 0 } b > 0 b 0 false false true { a > 0 } ps (a) bounded model checking a 0 ps ( ) vs (a, b) ps ( ) ps ps0 a > 0 ps (a) b > 0 ps ps1 ps0 = ite(a > 0, (a), ( )) ps1 = insert(b, ps0) ps2 = ite(b > 0, ps0, ps1) assert len(ps2) = 2 30
79 Design space of precise symbolic encodings solve: ps = () for v in vs: if v > 0: ps = insert(v, ps) assert len(ps) == len(vs) b 0 ps ( ) { a 0 } b 0 false a 0 ps ( ) symbolic execution vs (a, b) ps ( ) a > 0 b > 0 b 0 b > 0 ps (b) ps (a) ps (b, a) { a 0 } { a > 0 } b > 0 b 0 false false true { a > 0 } ps (a) bounded model checking a 0 ps ( ) b 0 ps ps0 vs (a, b) ps ( ) ps ps0 ps ps2 a > 0 ps (a) b > 0 ps ps1 ps0 = ite(a > 0, (a), ( )) ps1 = insert(b, ps0) ps2 = ite(b > 0, ps0, ps1) assert len(ps2) = 2 30
80 A new design: type-driven state merging solve: ps = () for v in vs: if v > 0: ps = insert(v, ps) assert len(ps) == len(vs) { a > 0 } b > 0 true 31
81 A new design: type-driven state merging solve: ps = () for v in vs: if v > 0: ps = insert(v, ps) assert len(ps) == len(vs) Merge values of primitive types: symbolically immutable types: structurally all other types: via unions { a > 0 } b > 0 true 31
82 A new design: type-driven state merging solve: ps = () for v in vs: if v > 0: ps = insert(v, ps) assert len(ps) == len(vs) g a g b Merge values of primitive types: symbolically immutable types: structurally all other types: via unions c { a > 0 } b > 0 true 31
83 A new design: type-driven state merging solve: ps = () for v in vs: if v > 0: ps = insert(v, ps) assert len(ps) == len(vs) Merge values of primitive types: symbolically immutable types: structurally all other types: via unions g (a, a b) (c, bd) (e, cf) g { a > 0 } b > 0 true 31
84 A new design: type-driven state merging solve: ps = () for v in vs: if v > 0: ps = insert(v, ps) assert len(ps) == len(vs) Merge values of primitive types: symbolically immutable types: structurally all other types: via unions g a (c, () bd) { g (e, a, cf) g () } g { a > 0 } b > 0 true 31
85 A new design: type-driven state merging solve: ps = () for v in vs: if v > 0: ps = insert(v, ps) assert len(ps) == len(vs) symbolic virtual machine 32
86 A new design: type-driven state merging solve: ps = () for v in vs: if v > 0: ps = insert(v, ps) assert len(ps) == len(vs) symbolic virtual machine a 0 ps ( ) vs (a, b) ps ( ) a > 0 ps (a) 32
87 A new design: type-driven state merging solve: ps = () for v in vs: if v > 0: ps = insert(v, ps) assert len(ps) == len(vs) Symbolic union: a set of guarded values, with disjoint guards. symbolic virtual machine g0 a 0 ps ( ) vs (a, b) ps ( ) ps { g0 (a), g0 ( ) } a > 0 g0 ps (a) g0 = a > 0 g1 = b > 0 g2 = g0 g1 g3 = (g0 g1) g4 = g0 g1 c = ite(g1, b, a) assert g2 32
88 A new design: type-driven state merging solve: ps = () for v in vs: if v > 0: ps = insert(v, ps) assert len(ps) == len(vs) symbolic virtual machine g0 a 0 ps ( ) vs (a, b) ps ( ) a > 0 g0 ps (a) Execute insert concretely on all lists in the union. ps { g0 (a), g0 ( ) } g1 g0 = a > 0 g1 = b > 0 g2 = g0 g1 g3 = (g0 g1) g4 = g0 g1 c = ite(g1, b, a) assert g2 ps { g0 (b, a), g0 (b) } 32
89 A new design: type-driven state merging solve: ps = () for v in vs: if v > 0: ps = insert(v, ps) assert len(ps) == len(vs) symbolic virtual machine g0 a 0 ps ( ) vs (a, b) ps ( ) a > 0 g0 ps (a) ps { g0 (a), g0 ( ) } g1 g1 g0 = a > 0 g1 = b > 0 g2 = g0 g1 g3 = (g0 g1) g4 = g0 g1 c = ite(g1, b, a) assert g2 ps { g0 (a), g0 ( ) } ps { g0 (b, a), g0 (b) } 32
90 A new design: type-driven state merging solve: ps = () for v in vs: if v > 0: ps = insert(v, ps) assert len(ps) == len(vs) symbolic virtual machine g0 a 0 ps ( ) vs (a, b) ps ( ) a > 0 g0 ps (a) ps { g0 (a), g0 ( ) } g1 g1 g0 = a > 0 g1 = b > 0 ps { g0 (a), g0 ( ) } ps { g0 (b, a), g0 (b) } g2 = g0 g1 g3 = (g0 g1) g4 = g0 g1 c = ite(g1, b, a) assert g2 ps { g2 (b, a), g3 (c), g4 ( ) } 32
91 A new design: type-driven state merging solve: ps = () for v in vs: if v > 0: ps = insert(v, ps) assert len(ps) == len(vs) symbolic virtual machine g0 a 0 ps ( ) vs (a, b) ps ( ) a > 0 g0 ps (a) Evaluate len concretely on all lists in the union; assertion true only on the list guarded by g2. g0 = a > 0 g1 = b > 0 g2 = g0 g1 g3 = (g0 g1) g4 = g0 g1 c = ite(g1, b, a) assert g2 g1 g1 ps { g0 (a), g0 ( ) } ps { g0 (a), g0 ( ) } ps { g2 (b, a), g3 (c), g4 ( ) } ps { g0 (b, a), g0 (b) } 32
92 A new design: type-driven state merging solve: ps = () for v in vs: if v > 0: ps = insert(v, ps) assert len(ps) == len(vs) symbolic virtual machine g0 a 0 ps ( ) vs (a, b) ps ( ) a > 0 g0 ps (a) polynomial encoding concrete evaluation g0 = a > 0 g1 = b > 0 g2 = g0 g1 g3 = (g0 g1) g4 = g0 g1 c = ite(g1, b, a) assert g2 ps { g0 (a), g0 ( ) } g1 g1 ps { g0 (a), g0 ( ) } ps { g2 (b, a), g3 (c), g4 ( ) } ps { g0 (b, a), g0 (b) } 32
93 apps solver-aided programming for everyone
94 Recent applications of ROSETTE Synthesizing Memory Models from Litmus Tests James Bornholt and Emina Torlak (under submission) Synthesizing Custom Tutoring Rules for Introductory Algebra Eric Butler, Emina Torlak, and Zoran Popovic (under submission) Scalable Verification of BGP Configurations (OOPSLA 16) Konstantin Weitz, Doug Woos, Emina Torlak, Michael D. Ernst, Arvind Krishnamurthy, and Zachary Tatlock Investigating Investigating Safety Safety of of a Radiotherapy Radiotherapy Machine Machine (CAV 16) (CAV 16) Stuart Stuart Pernsteiner, Pernsteiner, Calvin Calvin Loncaric, Loncaric, Emina Emina Torlak, Torlak, Zachary Zachary Tatlock, Tatlock, Xi Xi Wang, Michael Ernst, Wang, and Michael Jon Jacky Ernst, and Jon Jacky A Framework for Synthesis and Parameterized Design of Rule Systems Applied to Algebra (ITS 16) Eric Butler, Emina Torlak, and Zoran Popovic Specifying and Checking File System Crash-Consistency Models (ASPLOS 16) James Bornholt, Antoine Kaufmann, Jialin Li, Arvind Krishnamurthy, Emina Torlak, and Xi Wang. Scaling up Superoptimization (ASPLOS 16) Phitchaya Mangpo Phothilimthana, Aditya Thakur, Rastislav Bodík, and Dinakar Dhurjati. and Dinakar Dhurjati. Synapse: Optimizing Synthesis with Metasketches (POPL 16) James Bornholt, Emina Torlak, Dan Grossman, and Luis Ceze. 34
95 Recent applications of ROSETTE Investigating Safety of a Radiotherapy Machine (CAV 16) Stuart Pernsteiner, Calvin Loncaric, Emina Torlak, Zachary Tatlock, Xi Wang, Michael Ernst, and Jon Jacky Scaling up Superoptimization (ASPLOS 16) Phitchaya Mangpo Phothilimthana, Aditya Thakur, Rastislav Bodík, and Dinakar Dhurjati. 35
96 Recent applications of ROSETTE: Neutrons Investigating Safety of a Radiotherapy Machine (CAV 16) Stuart Pernsteiner, Calvin Loncaric, Emina Torlak, Zachary Tatlock, Xi Wang, Michael Ernst, and Jon Jacky Clinical Neutron Therapy System (CNTS) at UW Scaling up Superoptimization (ASPLOS 16) Phitchaya Mangpo Phothilimthana, Aditya Thakur, Rastislav Bodík, and Dinakar Dhurjati. Used Rosette to build a verifier for the EPICS DSL. Found safety-critical defects in a pre-release version of the therapy control software. Used by CNTS staff to verify changes to the control software. 36
97 Recent applications of ROSETTE: Enlearn Investigating Safety of a Radiotherapy Machine (CAV 16) Stuart Pernsteiner, Calvin Loncaric, Emina Torlak, Zachary Tatlock, Xi Wang, Michael Ernst, and Jon Jacky Scaling up Superoptimization (ASPLOS 16) Phitchaya Mangpo Phothilimthana, Aditya Thakur, Rastislav Bodík, and Dinakar Dhurjati. Education technology company founded by Zoran Popovic. Uses Rosette to develop educational math games, released to thousands (and eventually millions) of students. Building a Rosette-based DSL to enable educators to develop their own educational tools. 37
98 Recent applications of ROSETTE: Greenthumb Investigating Safety of a Radiotherapy Machine (CAV 16) Stuart Pernsteiner, Calvin Loncaric, Emina Torlak, Zachary Tatlock, Xi Wang, Michael Ernst, and Jon Jacky Scaling up Superoptimization (ASPLOS 16) Phitchaya Mangpo Phothilimthana, Aditya Thakur, Rastislav Bodík, and Dinakar Dhurjati. A Rosette-based framework for creating efficient superoptimizers for new ISAs. Requires only an emulator for the ISA and a few ISA-specific search utility functions! Hosts superoptimizers for ARM and GreenArrays (GA) ISA. Up to 82% speedup over gcc - O3 for ARM; within 19% of hand optimized code for GA. 38
99 thanks
100 your SDSL verify synthesize debug solve thanks ROSETTE symbolic virtual machine
Growing Solver-Aided Languages with ROSETTE
Growing Solver-Aided Languages with ROSETTE Emina Torlak & Rastislav Bodik U.C. Berkeley ExCAPE June 10, 2013 solver-aided domain-specific language Solver-aided DSL (SDSL) Noun 1. A high-level language
More informationGrowing Solver-Aided Languages with ROSETTE
Growing Solver-Aided Languages with ROSETTE Emina Torlak & Rastislav Bodik U.C. Berkeley solver-aided domain-specific language Solver-aided DSL (SDSL) Noun 1. A high-level language in which partially implemented
More informationOptimizing Synthesis with Metasketches
Optimizing Synthesis Artifact with Metasketches * POPL * Consistent * Complete * Well Documented * Easy to Reuse * Evaluated * AEC * James Bornholt Emina Torlak Dan Grossman Luis Ceze University of Washington
More informationSynthesis-Aided Compiler for Low-Power Spatial Architectures
Synthesis-Aided Compiler for Low-Power Spatial Architectures Phitchaya Mangpo Phothilimthana, Tikhon Jelvis, Rohin Shah, Nishant Totla, Sarah Chasins, and Ras Bodik 2 unusual ISA small memory narrow bitwidth
More informationSpaceSearch: A Library for Building and Verifying Solver-Aided Tools
SpaceSearch: A Library for Building and Verifying Solver-Aided Tools Konstantin Steven S. Stefan Weitz Lyubomirsky Heule Emina Torlak Michael D. Ernst Zachary Tatlock Reduction Reduction SMT Reduction
More informationScaling Program Synthesis by Exploiting Existing Code
Scaling Program Synthesis by Exploiting Existing Code James Bornholt Emina Torlak University of Washington Synthesis: write programs automatically Syntax Semantics Synthesis: write programs automatically
More informationProgramming with Constraint Solvers CS294: Program Synthesis for Everyone
Programming with Constraint Solvers CS294: Program Synthesis for Everyone Ras Bodik Emina Torlak Division of Computer Science University of California, Berkeley Today Today: we describe four programming
More informationSynthesizing Memory Models
Synthesizing Memory Models from Framework Sketches and Litmus Tests James Bornholt Emina Torlak University of Washington Memory consistency models define memory reordering behaviors on mul>processors Memory
More informationAutomatic Formal Verification for EPICS
Automatic Formal Verification for EPICS Jonathan Jacky, Stefani Banerian, Michael D. Ernst, Calvin Loncaric, Stuart Pernsteiner, Zachary Tatlock, Emina Department of Radiation Oncology University of Washington
More informationAbstractions and small languages in synthesis CS294: Program Synthesis for Everyone
Abstractions and small languages in synthesis CS294: Program Synthesis for Everyone Ras Bodik Emina Torlak Division of Computer Science University of California, Berkeley Today Today: we describe why high-level
More informationDesigning Systems for Push-Button Verification
Designing Systems for Push-Button Verification Luke Nelson, Helgi Sigurbjarnarson, Xi Wang Joint work with James Bornholt, Dylan Johnson, Arvind Krishnamurthy, EminaTorlak, Kaiyuan Zhang Formal verification
More informationCourse Overview CS294: Program Synthesis for Everyone
Course Overview CS294: Program Synthesis for Everyone Ras Bodik Emina Torlak Division of Computer Science University of California, Berkeley The name of the course this CS294 topics course has been listed
More informationProgram Synthesis for Forth Forth Day 2012
Program Synthesis for Forth Forth Day 2012 Computer Science UC Berkeley Ras Bodik Mangpo Phitchaya Phothilimthana Tikhon Jelvis Rohin Shah Synthesis with sketches Extend your language with two constructs
More informationApproximate Program Synthesis
Approximate Program Synthesis James Bornholt Emina Torlak Luis Ceze Dan Grossman University of Washington Writing approximate programs is hard Precise Implementation Writing approximate programs is hard
More informationProgram Synthesis for Forth Forth Day 2012
Program Synthesis for Forth Forth Day 2012 Computer Science UC Berkeley Ras Bodik Mangpo Phitchaya Phothilimthana Tikhon Jelvis Rohin Shah Synthesis with sketches Extend your language with two constructs
More informationAUTOMATIC FORMAL VERIFICATION FOR EPICS
doi:10.18429/jacow-icalepcs2017- Abstract AUTOMATIC FORMAL VERIFICATION FOR EPICS Jonathan Jacky, Stefani Banerian, University of Washington Medical Center, USA Michael D. Ernst, Calvin Loncaric, Stuart
More informationLanguage to Specify Syntax-Guided Synthesis Problems
Language to Specify Syntax-Guided Synthesis Problems Mukund Raghothaman Abhishek Udupa Saturday 25 th January, 2014 1 Introduction We present a language to specify syntax guided synthesis (SyGuS) problems.
More informationarxiv: v1 [cs.pl] 22 May 2014
Language to Specify Syntax-Guided Synthesis Problems Mukund Raghothaman Abhishek Udupa Friday 7 th December, 2018 arxiv:1405.5590v1 [cs.pl] 22 May 2014 Abstract We present a language to specify syntax
More informationCompiling a Gesture Recognition Application for an Ultra Low-Power Architecture
Compiling a Gesture Recognition Application an Ultra Low-Power Architecture Phitchaya Mangpo Phothilimthana Michael Schuldt Rastislav Bodik Classification Applications sensor data computation Intensive
More informationSolver Aided Reverse Engineering of Architectural Features
Solver Aided Reverse Engineering of Architectural Features Bill Zorn, Dan Grossman, Luis Ceze {billzorn, djg, luisceze}@cs.washington.edu Paul G. Allen School for Computer Science & Engineering University
More informationCSE 413 Languages & Implementation. Hal Perkins Winter 2019 Structs, Implementing Languages (credits: Dan Grossman, CSE 341)
CSE 413 Languages & Implementation Hal Perkins Winter 2019 Structs, Implementing Languages (credits: Dan Grossman, CSE 341) 1 Goals Representing programs as data Racket structs as a better way to represent
More informationn HW7 due in about ten days n HW8 will be optional n No CLASS or office hours on Tuesday n I will catch up on grading next week!
Announcements SMT Solvers, Symbolic Execution n HW7 due in about ten days n HW8 will be optional n No CLASS or office hours on Tuesday n I will catch up on grading next week! n Presentations n Some of
More informationPLDI: U: Type Assisted Synthesis of Recursive Transformers on Algebraic Datatypes
PLDI: U: Type Assisted Synthesis of Recursive Transformers on Algebraic Datatypes Jeevana Priya Inala MIT jinala@mit.edu Advisor: Armando Solar-Lezama 1. Problem and Motivation As programming languages
More informationSoftware Verification : Introduction
Software Verification : Introduction Ranjit Jhala, UC San Diego April 4, 2013 What is Algorithmic Verification? Algorithms, Techniques and Tools to ensure that Programs Don t Have Bugs (What does that
More informationData Structure Synthesis. Calvin Loncaric Emina Torlak Michael D. Ernst
Data Structure Synthesis Calvin Loncaric Emina Torlak Michael D. Ernst Data structures are everywhere 2 Data structures are everywhere 2 Data structures are everywhere 2 Data structures are everywhere
More informationCSE 341 Section 7. Eric Mullen Spring Adapted from slides by Nicholas Shahan, Dan Grossman, and Tam Dang
CSE 341 Section 7 Eric Mullen Spring 2017 Adapted from slides by Nicholas Shahan, Dan Grossman, and Tam Dang Outline Interpreting LBI (Language Being Implemented) Assume Correct Syntax Check for Correct
More informationPush-Button Verification of File Systems
1 / 24 Push-Button Verification of File Systems via Crash Refinement Helgi Sigurbjarnarson, James Bornholt, Emina Torlak, Xi Wang University of Washington 2 / 24 File systems are hard to get right Complex
More informationSyntax-Guided Program Synthesis. Rajeev Alur. University of Pennsylvania
Syntax-Guided Program Synthesis Rajeev Alur University of Pennsylvania 1 Goal: Programming computers easier than communicating with people Can programming be liberated, period. David Harel, IEEE Computer,
More informationSyntax-Guided Program Synthesis. Rajeev Alur
Syntax-Guided Program Synthesis Rajeev Alur University of Pennsylvania 1 Goal: Programming computers easier than communicating with people Can programming be liberated, period. David Harel, IEEE Computer,
More informationCS 360 Programming Languages Interpreters
CS 360 Programming Languages Interpreters Implementing PLs Most of the course is learning fundamental concepts for using and understanding PLs. Syntax vs. semantics vs. idioms. Powerful constructs like
More informationType- & Example-Driven Program Synthesis. Steve Zdancewic WG 2.8, August 2014
Type- & Example-Driven Program Synthesis Steve Zdancewic WG 2.8, August 2014 Joint work with Peter-Michael Osera CAVEATS Work in progress Similar work been done before This is our attempt to understand
More informationSemantics-Based Program Verifiers for All Languages
Language-independent Semantics-Based Program Verifiers for All Languages Andrei Stefanescu Daejun Park Shijiao Yuwen Yilong Li Grigore Rosu Nov 2, 2016 @ OOPSLA 16 Problems with state-of-the-art verifiers
More informationProgramming by Examples: Applications, Algorithms, and Ambiguity Resolution
Programming by Examples: Applications, Algorithms, and Ambiguity Resolution Sumit Gulwani Microsoft Corporation, Redmond, WA, USA sumitg@microsoft.com Abstract. 99% of computer end users do not know programming,
More informationCSE 341 Section 7. Ethan Shea Autumn Adapted from slides by Nicholas Shahan, Dan Grossman, Tam Dang, and Eric Mullen
CSE 341 Section 7 Ethan Shea Autumn 2018 Adapted from slides by Nicholas Shahan, Dan Grossman, Tam Dang, and Eric Mullen Outline Interpreting MUPL Assume Correct Syntax Check for Correct Semantics Evaluating
More informationSpaceSearch: A Library for Building and Verifying Solver-Aided Tools
SpaceSearch: A Library for Building and Verifying Solver-Aided Tools Konstantin Weitz University of Washington, USA weitzkon@cs.washington.edu Emina Torlak University of Washington, USA emina@cs.washington.edu
More informationSyntax-Guided Synthesis. Rajeev Alur. University of Pennsylvania
Syntax-Guided Synthesis Rajeev Alur University of Pennsylvania 1 Program Verification Specification S Program P Verifier Proof of correctness or Witness of a bug 2 Classical Program Synthesis Specification
More informationSynthesis for Automated Grading and Feedback EXCAPE NSF SITE VISIT AUGUST 2013
Synthesis for Automated Grading and Feedback EXCAPE NSF SITE VISIT AUGUST 2013 Sumit Gulwani Solar-Lezama Alur Seshia Hartmann Leverage Synthesis in Education Technology Computer aided approach to introduce
More informationAbstract Interpretation
Abstract Interpretation Ranjit Jhala, UC San Diego April 22, 2013 Fundamental Challenge of Program Analysis How to infer (loop) invariants? Fundamental Challenge of Program Analysis Key issue for any analysis
More informationWallingford: Toward a Constraint Reactive Programming Language
Wallingford: Toward a Constraint Reactive Programming Language Alan Borning VPRI Technical Report TR-2016-001 Viewpoints Research Institute, 1025 Westwood Blvd 2nd flr, Los Angeles, CA 90024 t: (310) 208-0524
More informationHAMPI A Solver for String Theories
HAMPI A Solver for String Theories Vijay Ganesh MIT (With Adam Kiezun, Philip Guo, Pieter Hooimeijer and Mike Ernst) Dagstuhl, 2010 Motivation for String Theories String-manipulating programs ü String
More informationAutograder RISHABH SINGH, SUMIT GULWANI, ARMANDO SOLAR-LEZAMA
Autograder RISHABH SINGH, SUMIT GULWANI, ARMANDO SOLAR-LEZAMA Test-cases based feedback Hard to relate failing inputs to errors Manual feedback by TAs Time consuming and error prone Feedback on Programming
More informationEECS 321 Programming Languages
EECS 321 Programming Languages Winter 2010 Instructor: Robby Findler Course Details http://www.eecs.northwestern.edu/~robby/ courses/321-2011-winter/ (or google findler and follow the links) Programming
More informationHigh-Level Information Interface
High-Level Information Interface Deliverable Report: SRC task 1875.001 - Jan 31, 2011 Task Title: Exploiting Synergy of Synthesis and Verification Task Leaders: Robert K. Brayton and Alan Mishchenko Univ.
More informationQLOSE: Program Repair with Quantitative Objectives
QLOSE: Program Repair with Quantitative Objectives Loris D Antoni Roopsha Samanta Rishabh Singh Everyone wants to be a programmer 2 Programming for Everybody (Getting Started with Python) 657,068 An Introduction
More informationScalable Synthesis with Symbolic Syntax Graphs
Scalable Synthesis with Symbolic Syntax Graphs Rohin Shah, Sumith Kulal, Ras Bodik UC Berkeley, IIT Bombay and UW 18 July 2018, Oxford UK [Solar-Lezama et al. ASPLOS06] Combinatorial Sketching for Finite
More informationAutomation in Cryptology
Automation in Cryptology Ashish Tiwari Abstract Inspired by the recent work on sketching-based synthesis of programs [SLRBE05, SLTB + 06], we have developed a language for specifying sketches, or partially
More informationChlorophyll: Synthesis-Aided Compiler for Low-Power Spatial Architectures
Chlorophyll: Synthesis-Aided Compiler for Low-Power Spatial Architectures Phitchaya Phothilimthana Electrical Engineering and Computer Sciences University of California at Berkeley Technical Report No.
More informationPush-Button Verification of File Systems
1 / 25 Push-Button Verification of File Systems via Crash Refinement Helgi Sigurbjarnarson, James Bornholt, Emina Torlak, Xi Wang University of Washington October 26, 2016 2 / 25 File systems are hard
More informationSynthesizing Data- Structure Manipula5ons with Natural Proofs
Synthesizing Data- Structure Manipula5ons with Natural Proofs Xiaokang Qiu (Joint work with Armando Solar- Lezama) Program Synthesis Building Reliable SoHware Program Verification Constraint Solving (Verifica5on
More informationCSE507. Practical Applications of SAT. Computer-Aided Reasoning for Software. Emina Torlak
Computer-Aided Reasoning for Software CSE507 Practical Applications of SAT courses.cs.washington.edu/courses/cse507/18sp/ Emina Torlak emina@cs.washington.edu Today Past 2 lectures The theory and mechanics
More informationThe Checker Framework: pluggable static analysis for Java
The Checker Framework: pluggable static analysis for Java http://checkerframework.org/ Werner Dietl University of Waterloo https://ece.uwaterloo.ca/~wdietl/ Joint work with Michael D. Ernst and many others.
More informationDirect Manipulation Programming Systems. Ravi Chugh Brian Hempel Jacob Albers Grace Lu Justin Lubin Mitchell Spradlin
Direct Manipulation Programming Systems Ravi Chugh Brian Hempel Jacob Albers Grace Lu Justin Lubin Mitchell Spradlin June 5, 2017 Idea 2 Idea 3 Idea 4 Idea 5 Idea 6 Idea 7 λ... λ... λ... λ... λ... λ...
More informationCSE341: Programming Languages Lecture 17 Implementing Languages Including Closures. Dan Grossman Autumn 2018
CSE341: Programming Languages Lecture 17 Implementing Languages Including Closures Dan Grossman Autumn 2018 Typical workflow concrete syntax (string) "(fn x => x + x) 4" Parsing Possible errors / warnings
More informationSynthesizing Programs with Constraint Solvers CAV 2012 invited tutorial
Synthesizing Programs with Constraint Solvers CAV 2012 invited tutorial Ras Bodik Emina Torlak Division of Computer Science University of California, Berkeley Abstract Classical synthesis derives programs
More informationThe Sketching Approach to Program Synthesis
The Sketching Approach to Program Synthesis Armando Solar-Lezama Massachusetts Institute of Technology Abstract. Sketching is a new form of localized software synthesis that aims to bridge the gap between
More informationFunctioning Hardware from Functional Specifications
Functioning Hardware from Functional Specifications Stephen A. Edwards Martha A. Kim Richard Townsend Kuangya Zhai Lianne Lairmore Columbia University IBM PL Day, November 18, 2014 Where s my 10 GHz processor?
More informationCSC410 Program Synthesis AZADEH FARZAN FALL 2017
CSC410 Program Synthesis AZADEH FARZAN FALL 2017 The idea Produce small code fragments that satisfy the given specification As a programming aid: It helps you write programs. The insight is yours, the
More informationPrinciples of Compiler Construction ( )
Principles of Compiler Construction ( ) Dr Mayer Goldberg October 25, 2017 Contents 1 Course Objectives 1 2 Course Requirements 2 3 Detailed Syllabus 3 4 Computation of grade 6 5 References 6 Course number:
More informationType Assisted Synthesis of Programs with Algebraic Data Types
Type Assisted Synthesis of Programs with Algebraic Data Types Jeevana Priya Inala MIT Collaborators: Xiaokang Qiu (MIT), Ben Lerner (Brown), Armando Solar-Lezama (MIT) Example - Desugaring a simple language
More informationGrad PL vs. The World
Grad PL vs. The World #1 Grad PL Conclusions You are now equipped to read the most influential papers in PL. You can also recognize PL concepts and will know what to do when they come up in your research.
More informationF-Soft: Software Verification Platform
F-Soft: Software Verification Platform F. Ivančić, Z. Yang, M.K. Ganai, A. Gupta, I. Shlyakhter, and P. Ashar NEC Laboratories America, 4 Independence Way, Suite 200, Princeton, NJ 08540 fsoft@nec-labs.com
More informationProgramming by Examples: PL meets ML
Programming by Examples: PL meets ML Summit on Machine Learning meets Formal Methods Sumit Gulwani Microsoft July 2018 Joint work with many collaborators Example-based help-forum interaction 300_w30_aniSh_c1_b
More informationAutomatic Detection and Repair of Errors in Data Structures
Automatic Detection and Repair of Errors in Data Structures April 28, 2005 1 Scope Approach 2 Model Construction Consistency Constraints 3 Structure Definition Language Constraints 4 Motivation Scope Approach
More informationA Solver-Aided Language for Test Input Generation
A Solver-Aided Language for Test Input Generation TALIA RINGER, University of Washington, USA DAN GROSSMAN, University of Washington, USA DANIEL SCHWARTZ-NARBONNE, Amazon SERDAR TASIRAN, Amazon Developing
More informationCrafting a Compiler with C (II) Compiler V. S. Interpreter
Crafting a Compiler with C (II) 資科系 林偉川 Compiler V S Interpreter Compilation - Translate high-level program to machine code Lexical Analyzer, Syntax Analyzer, Intermediate code generator(semantics Analyzer),
More informationVerdi: A Framework for Implementing and Formally Verifying Distributed Systems
Verdi: A Framework for Implementing and Formally Verifying Distributed Systems Key-value store VST James R. Wilcox, Doug Woos, Pavel Panchekha, Zach Tatlock, Xi Wang, Michael D. Ernst, Thomas Anderson
More informationDenotational Semantics. Domain Theory
Denotational Semantics and Domain Theory 1 / 51 Outline Denotational Semantics Basic Domain Theory Introduction and history Primitive and lifted domains Sum and product domains Function domains Meaning
More informationExCAPE. Expeditions in Computer Augmented Program Engineering
ExCAPE Expeditions in Computer Augmented Program Engineering Rajeev Alur, Ras Bodik, Jeff Foster, Bjorn Hartmann, Lydia Kavraki, Hadas Kress-Gazit, Stephane Lafortune, Boon Loo, P. Madhusudan, Milo Martin,
More informationBetter Stories, Better Languages
Better Stories, Better Languages What Would Alyssa P. Hacker Do? François-René Rideau, TUNES Project Bay Area Lispers, 2009-12-29 http://fare.tunes.org/computing/bal2009.pdf 1 The Take Home Points Software
More informationHyperkernel: Push-Button Verification of an OS Kernel
Hyperkernel: Push-Button Verification of an OS Kernel Luke Nelson, Helgi Sigurbjarnarson, Kaiyuan Zhang, Dylan Johnson, James Bornholt, Emina Torlak, and Xi Wang The OS Kernel is a critical component Essential
More informationIntroduction to Sketching
Introduction to Sketching IAP 2008 Armando Solar-Lezama What is sketching? A program synthesis system - generates small fragments of code - checks their validity against a specification A programming aid
More information(How) Did you specify your test suite?
(How) Did you specify your test suite? Helmut Veith Formal Methods in Systems Engineering Vienna University of Technology Joint work with Andreas Holzer, Christian Schallhart, and Michael Tautschnig high
More informationArrakis: The Operating System is the Control Plane
Arrakis: The Operating System is the Control Plane Simon Peter, Jialin Li, Irene Zhang, Dan Ports, Doug Woos, Arvind Krishnamurthy, Tom Anderson University of Washington Timothy Roscoe ETH Zurich Building
More informationEfficient Symbolic Execution for Software Testing
Efficient Symbolic Execution for Software Testing Johannes Kinder Royal Holloway, University of London Joint work with: Stefan Bucur, George Candea, Volodymyr Kuznetsov @ EPFL Symbolic Execution Automatically
More informationMore on Verification and Model Checking
More on Verification and Model Checking Wednesday Oct 07, 2015 Philipp Rümmer Uppsala University Philipp.Ruemmer@it.uu.se 1/60 Course fair! 2/60 Exam st October 21, 8:00 13:00 If you want to participate,
More informationCSE 140 wrapup. Michael Ernst CSE 140 University of Washington
CSE 140 wrapup Michael Ernst CSE 140 University of Washington Progress in 10 weeks 10 weeks ago: you knew no programming Goals: Computational problem-solving Python programming language Experience with
More informationPrinciples of Compiler Construction ( )
Principles of Compiler Construction ( ) Dr Mayer Goldberg September 5, 2016 Contents 1 Course Objectives 1 2 Course Requirements 2 3 Detailed Syllabus 3 4 References 6 Course number: 201-1-2061 Mandatory
More informationECE 587 Hardware/Software Co-Design Lecture 11 Verification I
ECE 587 Hardware/Software Co-Design Spring 2018 1/23 ECE 587 Hardware/Software Co-Design Lecture 11 Verification I Professor Jia Wang Department of Electrical and Computer Engineering Illinois Institute
More informationPrinciples of Programming Languages 2017W, Functional Programming
Principles of Programming Languages 2017W, Functional Programming Assignment 3: Lisp Machine (16 points) Lisp is a language based on the lambda calculus with strict execution semantics and dynamic typing.
More informationGeneralized Data Structure Synthesis. Calvin Loncaric Michael D. Ernst Emina Torlak
Generalized Data Structure Synthesis Calvin Loncaric Michael D. Ernst Emina Torlak 1 Stateful modules are much more complicated than their specifications Implementation Specification 1992 Lines of code
More informationTypical workflow. CSE341: Programming Languages. Lecture 17 Implementing Languages Including Closures. Reality more complicated
Typical workflow concrete synta (string) "(fn => + ) 4" Parsing CSE341: Programming Languages abstract synta (tree) Lecture 17 Implementing Languages Including Closures Function Constant + 4 Var Var Type
More informationSynthesizing Memory Models from Framework Sketches and Litmus Tests
Synthesizing Memory Models from Framework Sketches and Litmus Tests James Bornholt Emina Torlak University of Washington, USA {bornholt, emina}@cs.washington.edu Abstract A memory consistency model specifies
More informationMatching Logic A New Program Verification Approach
Matching Logic A New Program Verification Approach Grigore Rosu and Andrei Stefanescu University of Illinois at Urbana-Champaign (work started in 2009 with Wolfram Schulte at MSR) Usable Verification Relatively
More informationConnecting Program Synthesis and Reachability:
Connecting Program Synthesis and Reachability: Automatic Program Repair using Test-Input Generation ThanhVu Nguyen 1,WestleyWeimer 2, Deepak Kapur 3, and Stephanie Forrest 3 1 University of Nebraska, Lincoln
More informationRefinement Types for TypeScript
Refinement Types for TypeScript Panagiotis Vekris Benjamin Cosman Ranjit Jhala University of California, San Diego PLDI 16 Thursday, June 16 Extensible static analyses for modern scripting languages 2
More informationVerifying the Safety of Security-Critical Applications
Verifying the Safety of Security-Critical Applications Thomas Dillig Stanford University Thomas Dillig 1 of 31 Why Program Verification? Reliability and security of software is a huge problem. Thomas Dillig
More informationOptimizing Synthesis with Metasketches
Optimizing Synthesis with Metasketches Artifact James Bornholt Emina Torlak Dan Grossman Luis Ceze University of Washington, USA {bornholt, emina, djg, luisceze}@cs.washington.edu * POPL * Consistent *
More informationCrash Course in Applied PL
Crash Course in Applied PL (with applications to Networks) Software Reliability Lab Department of Computer Science ETH Zurich Overview of Applied PL techniques Static Analysis Program Synthesis ibgp, OSPF,
More informationCS 61A Interpreters, Tail Calls, Macros, Streams, Iterators. Spring 2019 Guerrilla Section 5: April 20, Interpreters.
CS 61A Spring 2019 Guerrilla Section 5: April 20, 2019 1 Interpreters 1.1 Determine the number of calls to scheme eval and the number of calls to scheme apply for the following expressions. > (+ 1 2) 3
More informationEECS150 - Digital Design Lecture 5 - Verilog Logic Synthesis
EECS150 - Digital Design Lecture 5 - Verilog Logic Synthesis Jan 31, 2012 John Wawrzynek Spring 2012 EECS150 - Lec05-verilog_synth Page 1 Outline Quick review of essentials of state elements Finite State
More informationA Solver-Aided Language for Test Input Generation
A Solver-Aided Language for Test Input Generation TALIA RINGER, University of Washington, USA DAN GROSSMAN, University of Washington, USA DANIEL SCHWARTZ-NARBONNE, Amazon, USA SERDAR TASIRAN, Amazon, USA
More informationSolving Computations. Viktor Kuncak. PhD MIT,
Solving Computations Viktor Kuncak PhD MIT, 2007 School of Computer and Communication Sciences Laboratory for Automated Reasoning and Analysis http://lara.epfl.ch/~kuncak 1 GOAL Help people construct software
More informationCompile-Time Code Generation for Embedded Data-Intensive Query Languages
Compile-Time Code Generation for Embedded Data-Intensive Query Languages Leonidas Fegaras University of Texas at Arlington http://lambda.uta.edu/ Outline Emerging DISC (Data-Intensive Scalable Computing)
More informationSymbolic and Concolic Execution of Programs
Symbolic and Concolic Execution of Programs Information Security, CS 526 Omar Chowdhury 10/7/2015 Information Security, CS 526 1 Reading for this lecture Symbolic execution and program testing - James
More informationRefinement Types for Ruby
Refinement Types for Ruby Milod Kazerounian 1, Niki Vazou 1, Austin Bourgerie 1, Jeffrey S. Foster 1, and Emina Torlak 2 1 University of Maryland, College Park, USA {milod, nvazou, abourg, jfoster}@cs.umd.edu,
More informationA Scalable and Nearly Uniform Generator of SAT Witnesses
1 A Scalable and Nearly Uniform Generator of SAT Witnesses Supratik Chakraborty 1, Kuldeep S Meel 2, Moshe Y Vardi 2 1 Indian Institute of Technology Bombay, India 2 Department of Computer Science, Rice
More informationVoting Machines and Automotive Software: Explorations with SMT at Scale
Voting Machines and Automotive Software: Explorations with SMT at Scale Sanjit A. Seshia EECS Department UC Berkeley Joint work with: Bryan Brady, Randy Bryant, Susmit Jha, Jon Kotker, John O Leary, Alexander
More informationCSE413: Programming Languages and Implementation Racket structs Implementing languages with interpreters Implementing closures
CSE413: Programming Languages and Implementation Racket structs Implementing languages with interpreters Implementing closures Dan Grossman Fall 2014 Hi! I m not Hal J I love this stuff and have taught
More informationBug Finding with Under-approximating Static Analyses. Daniel Kroening, Matt Lewis, Georg Weissenbacher
Bug Finding with Under-approximating Static Analyses Daniel Kroening, Matt Lewis, Georg Weissenbacher Overview Over- vs. underapproximating static analysis Path-based symbolic simulation Path merging Acceleration
More informationModel Checking and Its Applications
Model Checking and Its Applications Orna Grumberg Technion, Israel Verification and Deduction Mentoring Workshop July 13, 2018 1 Personal data Ph.d. in (non-automated) verification Postdoc in Model Checking
More information