Storyboard Programming Rishabh Singh and Armando SolarLezama Storyboard

Storyboard Programming Rishabh Singh and Armando Solar-Lezama

Storyboard Programming © Nassos Vakalis

Storyboard Programming x head front a head b back head front head x front b a x b back front head a x void insert(List l, Node x){ Node head = l. head; Node cur head, prev = null; cur, =prev; while(cur != null && cur. val < x){. . . prev = cur; while(. . . ){ cur. . . = cur. next; } if(head == null) head = x; . . . } if(prev != null) prev. next = x; x. next = cur; } x x back head a x back head front b head front x aa a x x x back b back head b xx b back

How do we make this real ◦ Give semantic meaning to the storyboard - storyboard is the link between synthesizer and user - storyboard is a specification - storyboard focuses on what is important ◦ Algorithm must exploit storyboard insight - turn the insights of the storyboard into an abstract domain - synthesis algorithm must be able to exploit abstraction ◦ Expand expressiveness and scalability - some problems are too hard to solve in one shot • even with abstraction - how do we express inductive insight?

Anatomy of a Storyboard Environment Env{ Node head, prev, curr; [Node] a, b, x; [[Node]] front, back ; front. next = { front, a}; back. next = {back, null}; } x head front a b back head front a x b back

Anatomy of a Storyboard Scenario Start { head = front; a. next = b; b. next = back; } End{ head a. next x. next b. next } = = front; x; b; back; x head front a b back head front a x b back

Storyboard Abstract Domain head prev cur x front a b back Environment Env{ Node head, prev, curr; [Node] a, b, x; [[Node]] front, back ; front. next = { front, a}; back. next = {back, null}; } struct Node{ Node next; int value; assert next != null => value < next. value; }

Storyboard Abstract Domain head prev cur x front a b back null head = { , front a. next = { b , b. next = { back x. next = { b cur = { prev = { front x } , } a b x a x back b back } }

Verifying with Abstract Interpretation ◦ Standard program analysis technique ◦ Our synthesis algorithm will be based on it

Transition Function Given a state cur, head front prev = cur; cur = cur. next; prev x a b back f 2 prev head front x a cur b back cur prev head x front a Produces a set of states b back

Transition Function Given a set of states cur prev head front a b front back prev head prev x cur, head x a b front back x a b back cur prev = cur; cur = cur. next; cur, head front prev head prev x a b f 2 back x front a b back cur prev head x front a b back cur Produces a new set of states front x a b prev cur back

Verification by Abstract Interpretation x head front tin cur = head; prev = null cur, head f 1 prev = cur; cur = cur. next; front a b back x front f 2 b cur prev head prev x prev head t 1 a a b if(head == null) head = x; if(prev != null) prev. next = x; x. next = cur; t 3 t 2 prev head f 3 a b prev cur x b back b a prev cur back x a cur prev head b back x front head front b cur x front tout a front head a prev x front true front back x head cur, head fp b cur != null & cur. val < x false a back a b back

Verification by Abstract Interpretation Sets of states tin f 1 t 3 false fp f 3 tout - If the formula is satisfiable, it means the program is correct. f 2 true t 2

From Verification to Synthesis ◦ What if the code itself is unknown?

From Verification to Synthesis x head front tin ? ? cur, head f 1 ? ? front a b back x front f 2 b cur prev head prev x prev head t 1 a a b t 3 t 2 prev head f 3 a b prev cur x b back b front a prev cur back x a cur prev head b back x front head tout b cur x front ? ? a front head a prev x front true front back x head cur, head fp b cur ? ? false a back a b back

From Verification to Synthesis tin ? ? cur f 1 ? ? f 2 t 1 prev. next prev head. next head cur. next cur = prev. next prev head. next head cur. next ? ? false fp true t 2 t 3 ? ? f 3 tout Assignments in each block are of this form

From Verification to Synthesis tin ? ? switch(c 1){ case 0: t = cur; case 1: t = prev; case 2: t = head; } f 1 ? ? f 2 t 1 ? ? false t 3 ? ? f 3 tout fp true t 2 t = if(c 2) t; else t. next; switch(c 3){ case 0: cur = t; case 1: prev = t; case 2: head = t; case 3: cur. next = t; case 4: prev. next = t; case 5: head. next = t; } Set of possible assignments can be represented with a parameterized block of code

Synthesis with Abstract Interpretation tin f 1 t 3 false fp f 2 true f 3 ◦ Basic Satisfiability Query tout - just find a C that satisfies the equation and you are done - in principle should be easy to do with a SAT solver - scalability is an issue t 2

Challenge ◦ Set of abstract states can get really big - synthesis in “one shot” no longer an option Counterexample Guided Inductive Synthesis candidate implementation succeed Inductive Synthesizer • Derive candidate implementation from concrete inputs. fail buggy Automated Validation Your verifier/checker ok goes here fail observation set E counterexample input Validation is now abstract interpretation

CEGIS with Abstract Interpretation ◦ Start with a random (and probably wrong) solution ◦ Do Abstract Interpretation to discover problem. ◦ Extract a trace that illustrates the problem. ◦ Derive constraints from the trace ◦ Solve constraints to get a new solution ◦ Verify the new solution and repeat the process if it turns out to be incorrect.

Incorporating Inductive Insight Example: Reversing a Linked List c h … hc c chh h h aa b c czd a d ez ey z z z pp p p pp list reverse. SK(list lst){ node cur=null, prev=null; while(null!=lst. head){ cur = lst. head; lst. head = cur. next; cur. next = prev; prev = cur; } lst. head = cur; return lst; } In order to reason about this program, we need to know that j can be expanded into Once we make this knowledge part of the storyboard, the rest of the process works just like before j k