Upload
edwin-baker
View
215
Download
2
Embed Size (px)
Citation preview
Storyboard Programming
Rishabh Singh and Armando Solar-Lezama
Storyboard Programming
© Nassos Vakalis
Storyboard Programming
front backa b
head
x
head
backbx
front a
head x head x
backb
head x
front backa b
head x
front a
head
x
head
x
void insert(List l, Node x){ Node head = l.head; Node cur, prev; ... while(...){ ... } ...}
void insert(List l, Node x){ Node head = l.head; Node cur = head, prev = null; while(cur != null && cur.val < x){ prev = cur; cur = cur.next; } if(head == null) head = x; if(prev != null) prev.next = x; x.next = cur;}
head x
head
xfront backa b
head
x
front backa b
head x
front a
head x
front a
head
x
head
backbx
backb
head x
How do we make this real
◦ Give semantic meaning to the storyboard- storyboard is the link between synthesizer and user- storyboard is a specification- storyboard focuses on what is important
◦ Algorithm must exploit storyboard insight- turn the insights of the storyboard into an abstract domain- synthesis algorithm must be able to exploit abstraction
◦ Expand expressiveness and scalability- some problems are too hard to solve in one shot
• even with abstraction
- how do we express inductive insight?
Anatomy of a Storyboard
front backa bx
front backa b
head
head xEnvironment
Env{Node head, prev, curr; [Node] a, b, x;
[[Node]] front, back ;
front.next = { front, a};back.next = {back, null};
}
head
head
Anatomy of a Storyboard
front backa bx
front backa b
head
head xScenario
Start { head = front; a.next = b; b.next = back;}
End{ head = front; a.next = x; x.next = b; b.next = back;}
Storyboard Abstract Domain
front backa b
x
Environment
Env{Node head, prev, curr; [Node] a, b, x;
[[Node]] front, back ;
front.next = { front, a};back.next = {back, null};
}
struct Node{Node next;int value;
assert next != null => value <
next.value;}
headprevcur
Storyboard Abstract Domain
front backa b
x
headprevcur
head = { , }
a.next = { , , }
b.next = { , }
x.next = { , }
cur = { }
prev = { }
front
backa
b
b x
back
bxfront
backa bxfront
null
Verifying with Abstract Interpretation
◦ Standard program analysis technique
◦ Our synthesis algorithm will be based on it
Transition Function
f2prev = cur;
cur = cur.next;
Given a state
Produces a set of states
front backa b
cur, head x prev
front backa b
curprev head
xfront backa b
prev head
x
cur
Transition Function
f2prev = cur;
cur = cur.next;
Given a set of states
Produces a new set of states
front backa b
cur, head x prev
front backa b
prev head
x
cur
front backa b
curprev head
x
front backa b
cur, head x prev
front backa b
curprev head
x
front backa b
prev head
x
cur
front backa b
head x
prev cur
front backa b
headx
prev cur front backa b
curprev head
x
front backa b
cur, head x prev
Verification by Abstract Interpretation
cur = head; prev = null
cur != null & cur.val < x
prev = cur;cur = cur.next;
front backa b
head
x
front backa b
head x
front backa b
cur, head x prev
front backa b
curprev head
x
front backa b
prev head
x
cur
front backa b
prev head
x
cur
front backa b
head x
prev cur
tin
t1
t3
t2
tout
f1
f2
f3
fptruefalse
if(head == null) head = x;
if(prev != null) prev.next =
x;x.next = cur;
Verification by Abstract Interpretation
tin
t1
t3
t2
tout
f1
f2
f3
fptruefalse
Sets of states
- If the formula is satisfiable, it means the program is correct.
From Verification to Synthesis
◦ What if the code itself is unknown?
front backa b
headx
prev cur front backa b
curprev head
x
front backa b
cur, head x prev
From Verification to Synthesis
??
??
??
front backa b
head
x
front backa b
head x
front backa b
cur, head x prev
front backa b
curprev head
x
front backa b
prev head
x
cur
front backa b
prev head
x
cur
front backa b
head x
prev cur
tin
t1
t3
t2
tout
f1
f2
f3
fptruefalse
??
From Verification to Synthesis
??
??
??
tin
t1
t3
t2
tout
f1
f2
f3
fptruefalse
??
curprev
head
cur.next
prev.next
head.next
curprev
head
cur.next
prev.next
head.next
=
Assignments in each block are of this form
From Verification to Synthesis
??
??
??
tin
t1
t3
t2
tout
f1
f2
f3
fptruefalse
??
switch(c1){ case 0: t = cur; case 1: t = prev; case 2: t = head;}
t = if(c2) t; else t.next;
switch(c3){ case 0: cur = t; case 1: prev = t; case 2: head = t; case 3: cur.next = t; case 4: prev.next = t; case 5: head.next = t;}
Set of possible assignments can be represented with a parameterized block of code
Synthesis with Abstract Interpretation
◦ Basic Satisfiability Query- just find a C that satisfies the equation and you are done- in principle should be easy to do with a SAT solver- scalability is an issue
tin
t1
t3
t2
tout
f1
f2
f3
fptruefalse
Challenge
◦ Set of abstract states can get really big- synthesis in “one shot” no longer an option
Inductive Synthesizer
buggy
candidate implementation
counterexample input
succeed
fail
fail
observation set E
okAutomated Validation
Your verifier/checker goes here
• Derive candidate implementation from concrete inputs.
Counterexample Guided Inductive Synthesis
Validation is now abstract interpretation
CEGIS with Abstract Interpretation
◦ Start with a random (and probably wrong) solution
◦ Do Abstract Interpretation to discover problem.
◦ Extract a trace that illustrates the problem.
◦ Derive constraints from the trace◦ Solve constraints to get a new solution◦ Verify the new solution and repeat the
process if it turns out to be incorrect.
Incorporating Inductive Insight
a y
h
za b
c
z
h
a b
c
z
h
ca b
c
z
p
h
ca b
c
z
p
c
h
a b
h
za b
c
p
c
h
zda b
c
p
c zd
h
a b
c
z
h
c
p
a b
c
p
c zd
h
a c
c
p
d ze
h
a c
c
p
d ze
h
a c
c
p
d ze
h…list reverseSK(list lst){ node cur=null, prev=null; while(null!=lst.head){ cur = lst.head; lst.head = cur.next; cur.next = prev; prev = cur; } lst.head = cur; return lst;}
Example: Reversing a Linked List
In order to reason about this program, we need to know that can be expanded into j kj
Once we make this knowledge part of the storyboard, the rest of the process works just like before