74 research outputs found
Synthesizing Functional Reactive Programs
Functional Reactive Programming (FRP) is a paradigm that has simplified the
construction of reactive programs. There are many libraries that implement
incarnations of FRP, using abstractions such as Applicative, Monads, and
Arrows. However, finding a good control flow, that correctly manages state and
switches behaviors at the right times, still poses a major challenge to
developers. An attractive alternative is specifying the behavior instead of
programming it, as made possible by the recently developed logic: Temporal
Stream Logic (TSL). However, it has not been explored so far how Control Flow
Models (CFMs), as synthesized from TSL specifications, can be turned into
executable code that is compatible with libraries building on FRP. We bridge
this gap, by showing that CFMs are indeed a suitable formalism to be turned
into Applicative, Monadic, and Arrowized FRP. We demonstrate the effectiveness
of our translations on a real-world kitchen timer application, which we
translate to a desktop application using the Arrowized FRP library Yampa, a web
application using the Monadic threepenny-gui library, and to hardware using the
Applicative hardware description language ClaSH.Comment: arXiv admin note: text overlap with arXiv:1712.0024
Fractional Collections with Cardinality Bounds, and Mixed Integer Linear Arithmetic with Stars
We present decision procedures for logical constraints that support reasoning about collections of elements such as sets, multisets, and fuzzy sets. Element membership in such collections is given by a characteristic function from a finite universe (of unknown size) to a subset of rational numbers specified by user-defined constraints in mixed linear integer-rational arithmetic. Our logic supports standard operators such as union, intersection, difference, or any operation defined pointwise using mixed linear integer-rational arithmetic. Moreover, it supports the notion of cardinality of the collection. Deciding formulas in such logic has application in verification of data structures. Our decision procedure reduces satisfiability of formulas with collections to satisfiability of formulas in an extension of mixed linear integer-rational arithmetic with an “unbounded sum” operator. Such extension is also interesting in its own right because it can encode reachability problems for a simple class of transition systems. We present a decision procedure for the resulting extension, using a satisfiability-preserving transformation that eliminates the unbounded sum operator. Our decidability result subsumes previous special cases for sets and multisets
Programming by Example: Efficient, but Not "Helpful"
Programming by example (PBE) is a powerful programming paradigm based on example driven synthesis. Users can provide examples, and a tool automatically constructs a program that satisfies the examples. To investigate the impact of PBE on real-world users, we built a study around StriSynth, a tool for shell scripting by example, and recruited 27 working IT professionals to participate. In our study we asked the users to complete three tasks with StriSynth, and the same three tasks with PowerShell, a traditional scripting language. We found that, although our participants completed the tasks more quickly with StriSynth, they reported that they believed PowerShell to be a more helpful tool
Towards Automated Detection of Single-Trace Side-Channel Vulnerabilities in Constant-Time Cryptographic Code
Although cryptographic algorithms may be mathematically secure, it is often
possible to leak secret information from the implementation of the algorithms.
Timing and power side-channel vulnerabilities are some of the most widely
considered threats to cryptographic algorithm implementations. Timing
vulnerabilities may be easier to detect and exploit, and all high-quality
cryptographic code today should be written in constant-time style. However,
this does not prevent power side-channels from existing. With constant time
code, potential attackers can resort to power side-channel attacks to try
leaking secrets. Detecting potential power side-channel vulnerabilities is a
tedious task, as it requires analyzing code at the assembly level and needs
reasoning about which instructions could be leaking information based on their
operands and their values. To help make the process of detecting potential
power side-channel vulnerabilities easier for cryptographers, this work
presents Pascal: Power Analysis Side Channel Attack Locator, a tool that
introduces novel symbolic register analysis techniques for binary analysis of
constant-time cryptographic algorithms, and verifies locations of potential
power side-channel vulnerabilities with high precision. Pascal is evaluated on
a number of implementations of post-quantum cryptographic algorithms, and it is
able to find dozens of previously reported single-trace power side-channel
vulnerabilities in these algorithms, all in an automated manner
Succinct Explanations With Cascading Decision Trees
The decision tree is one of the most popular and classical machine learning
models from the 1980s. However, in many practical applications, decision trees
tend to generate decision paths with excessive depth. Long decision paths often
cause overfitting problems, and make models difficult to interpret. With longer
decision paths, inference is also more likely to fail when the data contain
missing values. In this work, we propose a new tree model called Cascading
Decision Trees to alleviate this problem. The key insight of Cascading Decision
Trees is to separate the decision path and the explanation path. Our
experiments show that on average, Cascading Decision Trees generate 63.38%
shorter explanation paths, avoiding overfitting and thus achieve higher test
accuracy. We also empirically demonstrate that Cascading Decision Trees have
advantages in the robustness against missing values
Conference Series
Civl is a static verifier for concurrent programs designed around the conceptual framework of layered refinement,
which views the task of verifying a program as a sequence of program simplification steps each justified by its own invariant. Civl verifies a layered concurrent program that compactly expresses all the programs in this sequence and the supporting invariants. This paper presents the design and implementation of the Civl verifier
Code Completion using Quantitative Type Inhabitation
Developing modern software applications typically involves composing functionality from existing libraries. This task is difficult because libraries may expose many methods to the developer. To help developers in such scenarios, we present a technique that synthesizes and suggests valid expressions of a given type at a given program point. The technique generates expressions by taking into account 1) polymorphic type constraints of the values in scope, 2) the API usage patterns in a corpus of code, and 3) any available test cases. It supports polymorphic type declarations and can synthesize expressions containing methods with any number of arguments and any depth. Our synthesis approach is based on a quantitative generalization of the type inhabitation problem with weighted type assignments. Weights indicate preferences to certain type bindings; they guide the search and enable the ranking of solutions. We present a new polynomial-time algorithm for a restricted version of quantitative type inhabitation, as well as a complete semidecision procedure for the general case of generic types. We identify a simple method to handle subtyping by introducing coercion functions and then erasing them in the final expressions. We have implemented our technique and evaluated it on over 100 examples taken from the Web. The system was remarkably effective in reinventing the erased expressions from the (previously unprocessed) code and ranking these expressions among the top suggestions for the developer. Our overall experience indicates that this approach to synthesizing and suggesting code fragments goes beyond currently available techniques and is a useful functionality of software development environments
Grammar Filtering For Syntax-Guided Synthesis
Programming-by-example (PBE) is a synthesis paradigm that allows users to
generate functions by simply providing input-output examples. While a promising
interaction paradigm, synthesis is still too slow for realtime interaction and
more widespread adoption. Existing approaches to PBE synthesis have used
automated reasoning tools, such as SMT solvers, as well as works applying
machine learning techniques. At its core, the automated reasoning approach
relies on highly domain specific knowledge of programming languages. On the
other hand, the machine learning approaches utilize the fact that when working
with program code, it is possible to generate arbitrarily large training
datasets. In this work, we propose a system for using machine learning in
tandem with automated reasoning techniques to solve Syntax Guided Synthesis
(SyGuS) style PBE problems. By preprocessing SyGuS PBE problems with a neural
network, we can use a data driven approach to reduce the size of the search
space, then allow automated reasoning-based solvers to more quickly find a
solution analytically. Our system is able to run atop existing SyGuS PBE
synthesis tools, decreasing the runtime of the winner of the 2019 SyGuS
Competition for the PBE Strings track by 47.65% to outperform all of the
competing tools
On Decision Procedures for Ordered Collections
We describe a decision procedure for a logic that supports 1) finite collections of elements (sets or multisets), 2) the cardinality operator, 3) a total order relation on elements, and 4) min and max operators on entire collections. Among the applications of this logic are 1) reasoning about the externally observable behavior of data structures such as random access priority queues, 2) specifying witness functions for synthesis problems of set algebra, and 3) reasoning about constraints on orderings arising in termination proofs
- …