25 research outputs found
Learning-Based Synthesis of Safety Controllers
We propose a machine learning framework to synthesize reactive controllers
for systems whose interactions with their adversarial environment are modeled
by infinite-duration, two-player games over (potentially) infinite graphs. Our
framework targets safety games with infinitely many vertices, but it is also
applicable to safety games over finite graphs whose size is too prohibitive for
conventional synthesis techniques. The learning takes place in a feedback loop
between a teacher component, which can reason symbolically about the safety
game, and a learning algorithm, which successively learns an overapproximation
of the winning region from various kinds of examples provided by the teacher.
We develop a novel decision tree learning algorithm for this setting and show
that our algorithm is guaranteed to converge to a reactive safety controller if
a suitable overapproximation of the winning region can be expressed as a
decision tree. Finally, we empirically compare the performance of a prototype
implementation to existing approaches, which are based on constraint solving
and automata learning, respectively
Decidability and Complexity of Tree Share Formulas
Fractional share models are used to reason about how multiple actors share ownership of resources. We examine the decidability and complexity of reasoning over the "tree share" model of Dockins et al. using first-order logic, or fragments thereof. We pinpoint a connection between the basic operations on trees union, intersection, and complement and countable atomless Boolean algebras, allowing us to obtain decidability with the precise complexity of both first-order and existential theories over the tree share model with the aforementioned operations. We establish a connection between the multiplication operation on trees and the theory of word equations, allowing us to derive the decidability of its existential theory and the undecidability of its full first-order theory. We prove that the full first-order theory over the model with both the Boolean operations and the restricted multiplication operation (with constants on the right hand side) is decidable via an embedding to tree-automatic structures
Tight polynomial worst-case bounds for loop programs
In 2008, Ben-Amram, Jones and Kristiansen showed that for a simple programming language - representing non-deterministic imperative programs with bounded loops, and arithmetics limited to addition and multiplication - it is possible to decide precisely whether a program has certain growth-rate properties, in particular whether a computed value, or the program's running time, has a polynomial growth rate. A natural and intriguing problem was to move from answering the decision problem to giving a quantitative result, namely, a tight polynomial upper bound. This paper shows how to obtain asymptotically-tight, multivariate, disjunctive polynomial bounds for this class of programs. This is a complete solution: whenever a polynomial bound exists it will be found. A pleasant surprise is that the algorithm is quite simple; but it relies on some subtle reasoning. An important ingredient in the proof is the forest factorization theorem, a strong structural result on homomorphisms into a finite monoid
Context-Aware Separation Logic
Separation logic is often praised for its ability to closely mimic the
locality of state updates when reasoning about them at the level of assertions.
The prover only needs to concern themselves with the footprint of the
computation at hand, i.e., the part of the state that is actually being
accessed and manipulated. Modern concurrent separation logics lift this local
reasoning principle from the physical state to abstract ghost state. For
instance, these logics allow one to abstract the state of a fine-grained
concurrent data structure by a predicate that provides a client the illusion of
atomic access to the underlying state. However, these abstractions
inadvertently increase the footprint of a computation: when reasoning about a
local low-level state update, one needs to account for its effect on the
abstraction, which encompasses a possibly unbounded portion of the low-level
state. Often this gives the reasoning a global character.
We present context-aware separation logic (CASL) to provide new opportunities
for local reasoning in the presence of rich ghost state abstractions. CASL
introduces the notion of a context of a computation, the part of the concrete
state that is only affected on the abstract level. Contexts give rise to a new
proof rule that allows one to reduce the footprint by the context, provided the
computation preserves the context as an invariant. The context rule complements
the frame rule of separation logic by enabling more local reasoning in cases
where the predicate to be framed is known in advance. We instantiate our
developed theory for the flow framework, which enables local reasoning about
global properties of heap graphs. We then use the instantiation to obtain a
fully local proof of functional correctness for a sequential binary search tree
implementation that is inspired by fine-grained concurrent search structures
Full Abstraction for the Resource Lambda Calculus with Tests, through Taylor Expansion
We study the semantics of a resource-sensitive extension of the lambda
calculus in a canonical reflexive object of a category of sets and relations, a
relational version of Scott's original model of the pure lambda calculus. This
calculus is related to Boudol's resource calculus and is derived from Ehrhard
and Regnier's differential extension of Linear Logic and of the lambda
calculus. We extend it with new constructions, to be understood as implementing
a very simple exception mechanism, and with a "must" parallel composition.
These new operations allow to associate a context of this calculus with any
point of the model and to prove full abstraction for the finite sub-calculus
where ordinary lambda calculus application is not allowed. The result is then
extended to the full calculus by means of a Taylor Expansion formula. As an
intermediate result we prove that the exception mechanism is not essential in
the finite sub-calculus
Deriving divide-and-conquer dynamic programming algorithms using solver-aided transformations
We introduce a framework allowing domain experts to manipulate computational terms in the interest of deriving better, more efficient implementations.It employs deductive reasoning to generate provably correct efficient implementations from a very high-level specification of an algorithm, and inductive constraint-based synthesis to improve automation. Semantic information is encoded into program terms through the use of refinement types.
In this paper, we develop the technique in the context of a system called Bellmania that uses solver-aided tactics to derive parallel divide-and-conquer implementations of dynamic programming algorithms that have better locality and are significantly more efficient than traditional loop-based implementations. Bellmania includes a high-level language for specifying dynamic programming algorithms and a calculus that facilitates gradual transformation of these specifications into efficient implementations. These transformations formalize the divide-and conquer technique; a visualization interface helps users to interactively guide the process, while an SMT-based back-end verifies each step and takes care of low-level reasoning required for parallelism.
We have used the system to generate provably correct implementations of several algorithms, including some important algorithms from computational biology, and show that the performance is comparable to that of the best manually optimized code.National Science Foundation (U.S.) (CCF-1139056)National Science Foundation (U.S.) (CCF- 1439084)National Science Foundation (U.S.) (CNS-1553510
Syntactic Generation of Research Thesis Sketches Across Disciplines Using Formal Grammars
A part of the prerequisites for granting a degree in higher education institutions, students at postgraduate levels normally carry out research, which they do report in the form of theses or dissertations. Study has shown that students tend to go through difficulties in writing research thesis across all disciplines because they do not fully comprehend what constitutes a research thesis. This project proposes the syntactic generation of research thesis sketches across disciplines using formal grammars. Sketching is a synthesis technique which enables users to deliver high-level intuitions into a synthesis snag while leaving low-level details to synthesis tools. This work extends sketching to document generation for research thesis documents. Context-free grammar rules were designed and implemented for this task. A link to 10,000 generated thesis sketches was presented
Formalising Futures and Promises in Viper
National audienceFutures and promises are respectively a read-only and a write-once pointer to a placeholder in memory. They are used to transfer information between threads in the context of asynchronous concurrent programming. Futures and promises simplify the implementation of synchronisation mechanisms between threads. Nonetheless they can be error prone as data races may arise when references are shared and transferred. We aim at providing a formal tool to detect those errors. Hence, in this paper we propose a proof of concept by implementing the future/promise mechanism in Viper: a verification infrastructure, that provides a way to reason about resource ownership in programs