Download presentation
Presentation is loading. Please wait.
1
Program synthesis with Jennisys K. Rustan M. Leino Research in Software Engineering (RiSE), Microsoft Research, Redmond Aleksandar Milicevic MIT IFIP Working Group 2.3 meeting Winchester, UK 22 September 2011
2
Idea Code Test Verification
3
More expressive languages Refinement Synthesis …
4
This is where programs begin
5
Each type has: Public interface Data model Code
6
interface ExtensibleArray[T] { var Contents: seq[T] constructor Init() Contents := [] method Get(i) returns (t) requires 0 <= i && i < |Contents| t := Contents[i] method Set(i, t) requires 0 <= i && i < |Contents| Contents := Contents[i := t] method Append(t) Contents := Contents + [t] }
![interface ExtensibleArray[T] { var Contents: seq[T] constructor Init() Contents := [] method Get(i) returns (t) requires 0 <= i && i < |Contents| t := Contents[i] method Set(i, t) requires 0 <= i && i < |Contents| Contents := Contents[i := t] method Append(t) Contents := Contents + [t] }](http://images.slideplayer.com/8/2470709/slides/slide_6.jpg "interface ExtensibleArray[T] { var Contents: seq[T] constructor Init() Contents := [] method Get(i) returns (t) requires 0 <= i && i < |Contents| t := Contents[i] method Set(i, t) requires 0 <= i && i < |Contents| Contents := Contents[i := t] method Append(t) Contents := Contents + [t] }")
7
Append( ).elements
8
Append( ).elements
9
Append( ).elements
10
Append( ).elements.more
11
.elements.more
12
datamodel ExtensibleArray[T] { var elements: array[T] var more: ExtensibleArray[array[T]] frame elements, more, more.Contents[*] invariant elements.Length = 256 256 more != null more.Contents[*].Length = 256 val M = if more = null then 0 else 256 * |more.Contents| Contents[i] = elements[i – M] where i in M <= i Contents[i] = more.Contents[i / 256][i % 256] where i in i < M }
![datamodel ExtensibleArray[T] { var elements: array[T] var more: ExtensibleArray[array[T]] frame elements, more, more.Contents[*] invariant elements.Length = 256 256 more != null more.Contents[*].Length = 256 val M = if more = null then 0 else 256 * |more.Contents| Contents[i] = elements[i – M] where i in M <= i Contents[i] = more.Contents[i / 256][i % 256] where i in i < M }](http://images.slideplayer.com/8/2470709/slides/slide_12.jpg "datamodel ExtensibleArray[T] { var elements: array[T] var more: ExtensibleArray[array[T]] frame elements, more, more.Contents[*] invariant elements.Length = 256 256 more != null more.Contents[*].Length = 256 val M = if more = null then 0 else 256 * |more.Contents| Contents[i] = elements[i – M] where i in M <= i Contents[i] = more.Contents[i / 256][i % 256] where i in i < M }")
13
datamodel ExtensibleArray { var elements: array var more: ExtensibleArray >? frame elements, more, more.Contents[*] invariant elements.Length = 256 256 more != null more.Contents[*].Length = 256 val M = if more = null then 0 else 256 * |more.Contents| Contents[i] = elements[i – M] where i in M <= i Contents[i] = more.Contents[i / 256][i % 256] where i in i < M }
14
datamodel ExtensibleArray { var elements: array var more: ExtensibleArray >? frame elements, more, more.Contents[*] invariant elements.Length = 256 256 more != null more.Contents[*].Length = 256 val M = if more = null then 0 else 256 * |more.Contents| Contents[i] = elements[i – M] where i in M <= i Contents[i] = more.Contents[i / 256][i % 256] where i in i < M }
15
code ExtensibleArray[T] { } Code generated automatically Programmer supplies hints E.g., “loop n”, “e[n] := t” Programmer uses sketches, holes [Bodik, Solar-Lezama, …] As last resort, code is written manually
![code ExtensibleArray[T] { } Code generated automatically Programmer supplies hints E.g., loop n , e[n] := t Programmer uses sketches, holes [Bodik, Solar-Lezama, …] As last resort, code is written manually](http://images.slideplayer.com/8/2470709/slides/slide_15.jpg "code ExtensibleArray[T] { } Code generated automatically Programmer supplies hints E.g., loop n , e[n] := t Programmer uses sketches, holes [Bodik, Solar-Lezama, …] As last resort, code is written manually")
20
a := 0 with a = c a := 0 with a = c+d
24
a := p+q with a = c a := {p+q} with a = {c}
25
Constraint solving: get sample values Partial evaluation: simplify spec using samples values Unification: match things up What if it doesn’t work?
26
Program extrapolation Attempt to verify If resulting program does not verify: Infer the needed guard using custom spec evaluation Repeat synthesis for remaining cases
28
Each interface denotes an instantiable type, that is, a class of objects A data model can also make use of objects
29
SimpleCell
30
An interface has model fields part of the specification not part of compiled code If type X uses objects of type Y, its code should: not set Y’s model fields directly, but use Y’s interface to call constructors and methods to achieve the desired result
31
Synthesis by combination of: Constraint solving Symbolic/concrete evaluation Unification More to do: Methods Formalization, better understand the technique … Reflection: Is this how we should be programming?
Similar presentations
Circulatory system anatomy and physiology ppt on cells Ppt on faculty development programmes Ppt on william harvey experiments on blood circulation Ppt on power diode for microwave Decoding in reading ppt on ipad Ppt on international space station Ppt on power line communication technology Ppt on road accidents in pakistan Ppt on switching devices and timers Ppt on six sigma