List of lectures TDDA69 Data and Program Structure
advertisement
Listoflectures
TDDA69DataandProgramStructure
SymbolicandLogicProgramming
CyrilleBerger
1IntroductionandFunctionalProgramming
2ImperativeProgrammingandDataStructures
3Parsing
4Evaluation
5ObjectOrientedProgramming
6Macrosanddecorators
7VirtualMachinesandBytecode
8GarbageCollectionandNativeCode
9ConcurrentComputing
10DeclarativeProgramming
11SymbolicandLogicProgramming
12Summary
2/44
Lecturecontent
SymbolicProgramming
StaticProgramAnalysis
Data-flowanalysis
SymbolicExecution
SymbolicProgramming
LogicProgramming
3/44
Exampleofalgebraicformulas
SymbolicProgramming
Aprogramcanmanipulateitsownformulas
andcomponentsasiftheyaredata
FromJohnMcCarthy,RecursiveFunctionsof
SymbolicExpressions,1958:
(+23)→5
(-(-xy)→(-yx)
(^(+xy)2)→(+(^x2)(*2xy)(^y2)
(diffx)→1
(diff(^x2))→(*2x)
...
1Peoplemanipulatenumbers
Youdoitallthetime...
2Peoplewriteformulasthatsayhowtomanipulatenumbers
2+3,f(x)=2*x/3
3Peoplemanipulateformulas
Inalgebra/calculuscourses:(x+2)/2->x/2+1,diff(x²)=2*x
4Peoplewriteformulasthatsayhowtomanipulateformulas
5
SymbolicvsImperativeProgramming
6
Symbolicgraph
Inimperativeprogramming,computationsareevaluatedinorderas
soonastheyareexpressed:
Thefollowingsymbolicprogram:
A=Variable('A')
B=Variable('B')
C=B*A
D=C+Constant(1)
importnumpyasnp
a=np.ones(10)
b=np.ones(10)*2
c=b*a
d=c+1
Insymbolicprogramming,expressionsarenotevaluateduntilitis
necesserary:
Correspondtothissymbolicgraph:
A=Variable('A')
B=Variable('B')
C=B*A
D=C+Constant(1)
compilesthefunctionandevaluateit:
f=compile(D)
d=f(A=np.ones(10),B=np.ones(10)*2)
7
8
Compilersaresymbolicinterpreters
Symbolicinterpreter
Transformationrulesareappliedontheformula,untilnoneapply
Examples:
Insomesense,sourcecodeofan
imperativeprogramminglanguage
isasymbolprogram
Compileroptimizersareoften
definedasasetoftransformation
rulesappliedonthesymbolsofthe
program
opfolding:
Differentiation
x=Variable('x')
f=x^2+1
d=diff(f)
r=compile(d)
r==2*x
Computation
v=subst(d,x=2)
r=compile(v)
r==4
9
10
SoftwareVerification
StaticProgramAnalysis
ThegoalofSoftwareVerificationisto
verifythataprogramsatisfiesthe
expectedrequirements
Dynamicprogramanalysisandverification:testing
andexperimentation
Staticprogramanalysisandverification:analysis,
usedtoprovecorrectness
12
Staticprogramanalysistechniques
Staticprogramanalysis
Modelchecking
Itisananalysisofcomputer
softwareperformedwithout
executingprograms
Theanalysisiseitherperformedon
sourcecodeoronobjectcode
Theanalysisisperformedbyan
automatedtool
Checkthattheprogramconformtoaspecifiedmodel,for
programthathavefinitestates
Data-flowanalysis
Determinewhichpartofaprogramuseaspecificvariableand
possiblevalues
Abstractinterpretation
Modeltheeffectofeachstatementonthestate
Hoarelogic
Symbolicexecution
13
14
Useofstaticanalysis
Optimization
Debugging
Validation
Data-flowanalysis
15
Data-flowanalysis:Example(1/2)
Data-flowanalysis
Determinewhereavariableisusedandmodified
Computethepossiblevaluesforvariablesat
differentlocation
Example:
for(vari=0;;+
+i)
{
console.log(i);
if(i<0)break;
}
Howmanyregisterdoweneedforthisprogram?
a=0;
L1:b=a+1;c=c+b;
a=b*2
ifa<9gotoL1
returnc
minimumisthenumberofvariables
Controlflowgraph
17
18
Data-flowanalysis:Example(2/2)
Remember,deadlocks:
vara=0;
varb=2;
varma=newMutex();
varmb=newMutex();
thread1=newThread(
function()
{
ma.lock();
mb.lock();
b=b-1;
a=a-1;
ma.unlock();
mb.unlock();
});
thread2=newThread(
function()
{
mb.lock();
ma.lock();
b=b-1;
a=a+b;
mb.unlock();
ma.unlock();
});
thread1.start();
thread2.start();
SymbolicExecution
thread1waitsformb,thread2
waitsforma
Data-flowanalysiscanbeusedto
detectthemultiplelocksanduse
19
SymbolicExecutionExample
SymbolicExecution
inta=α,b=β,c=γ;
//symbolic
intx=0,y=0,z=0;
if(a){
x=-2;
}
if(b<5){
if(!a&&c){y=1;}
z=2;
}
assert(x+y+z!=3)
Testingworks
Buteachtests,onlyexploreonepossible
execution:
assert(f(3)==5)
Wehopethattestcasesgeneralize...
Symbolicexecutiongeneralize
testing
Allowunknownvariableinevaluation
y=Variable('y');assert(f(y)==2*y-1)
21
22
SymbolicExecutionFindBug(1/2)
Insight
Eachsymbolicpathcorrespondsto
manyactualprogramruns
Theonethatsatisfiesthepathconditions
Symbolicexecutioncovermoreof
theprogramexecutionspacethan
testing
23
24
SymbolicExecutionFindBug(2/2)
Problemswithsymbolicexecution
Scalability:therearemanyprogram
path
Problemwithloopsandlibrarycalls
Solution
Morepowerfulcomputersandcluster
Mixingconcreteandsymbolicexecution
25
26
InternalofSymbolicExecutors:KLEE
KLEE
KLEEisanopensourcesymbolic
executor
RunsontopofLLVM
Hasfoundslotofproblemsinopen-source
software
27
28
Benefits/Drawbacksofsymbolicprogramming
Benefits:
Useinoptimisation,staticanalysis...
ComputerAlgebraSystems
LogicProgramming
Drawbacks
Scalability,performance...
29
LogicProgramming
Predicatelogic
BasedonFormallogic:expressing
factsandrules
Examples:Prolog
Predicatelogiccanbeusedto
capturefactsandrules:
declarefactsasgroundclauses.
E.g.,Son(Gustaf,Carl),Daughter(Carl,Victoria),...
rulesashornclauses:
∀x,y,zSon(x,y)^Daughter(y,z)⊃GrandFather(x,z)
Onecanthensubmitqueriesandretrievefurther
facts:
∃xGrandFather(Gustaf,x)
31
32
Listinprolog
Example:append(1/2)
Adeclarativedescriptionoftheappend
relationinProlog
()istheemptylist
(b,c)isalistoftwosymbolsbandc
IfHisasymbolandTisalistthen
(H|T)isalistwithaheadHandtailT
appendisarelationfromtuples(X,Y,Z)suchasZ=(X|Y)
appendingtheemptylisttoanylistygivesthesamelist
y
(factappend()?Y?Y).
(a,b,c)isthesameas(a|(b,c))
foranylistsH,T,YandZwehavethattheresultof
appendingYto(H|T)isalistthatstartwithH,followed
bytheresultofappendingYtoT:
(fact(append(?H|?T)?Y(?H|?Z))(append?T?Y?Z)).
33
34
OperationalandDeclarativeMeanings
Example:append(2/2)
Anassertion:
Queries:
(fact(eats?P?F)(hungry?P)(has?P?F)(likes?P?F))
meansthatforanyreplacementof?P(e.g.,‘brian’)and?F(e.g.,‘potstickers’)
throughouttherule:
DeclarativeMeaningIfbrianishungryandhaspotstickersandlikes
potstickers,thenbrianwilleatpotstickers.
OperationalMeaningToshowthatbrianwilleatpotstickers,showthatbrianis
hungry,thenthatbrianhaspotstickers,andthenthatbrianlikespotstickers.
ThedeclarativemeaningallowsustolookatourScheme-Prologprogramasa
logicalspecificationofaproblemforwhichthesystemistofindasolution.
TheoperationalmeaningallowsustolookatourScheme-Prologspecificationas
anexecutableprogramforsearchingforasolution.
ClosedUniverseAssumption:Wemakeonlypositivestatements.Theclosest
wecometosayingthatsomethingisfalseistosaythatwecan’tproveit.
(query(append(abc)(123)(abc123))).
(query(append(abc)(123)(123abc))).
Definitions:
(query(append(abc)(123)?L3)).
(query(append(abc)?L2(abc123))).
35
36
Whylogicprogramming?
Queryansweringsystem
Knowledgeisstoredinadatabaseandis
represented:
Adeclarativestyle,asopposedtoaprocedural
one:
explicitlyasfacts
orimplicitlyasrules
allowstoeasiersolveproblemsbydescribinghowsolutions
looklikeinsteadofdescribinghowtocomputethem.
permittofasterbuildprototypesandtacklecomplexproblems
makesiteasiertoshowthataprogramsatisfiesaspecification
astheprogramisclosertothespecification
Queriesansweringsystemsarewellsuitedfordatabases,
interfaceswithnaturallanguage
Logicprogrammingwithconstraintsolving(CLP)hasprovento
beverypowerful
Aninferencemachineinfersnewfactsfrom
knownones
Programssubmitqueries
Aqueryissimpleorcomposedofsimplequeriesandthe
connectivesand,or,not
Queriesarecomparedagainsttheknowledgeinthedatabaseby
patternmatchingforthefactsandbyunificationfortherules
37
Patternmatchingandunification
38
Unificationalgorithm
Unificationisageneralizationofpatternmatchingthat
attemptstofindamappingbetweentwoexpressions
thatmaybothcontainvariables.
Example:
Patternmatching
Matchaquerywithvariablestofactswithoutvariables
(query(parentabraham?child))
(fact(parentabrahambarack))
InUnification:
(?x?x)canmatch((a?yc)(ab?z))
((abc)(abc))
Unificationisageneralizationofpatternmatching.
Unificationfindsbindingsforvariables.
Avariableoccurringseveraltimeswillbeboundtothe
samevalue
Inunification,avariablecanbeboundtoanother
expressionorvariable
Unificationidentifiesthissolutionviathefollowing
steps:
Tomatchthefirstelementofeachpattern,thevariable?xisboundtothe
expression(a?yc).
Tomatchthesecondelementofeachpattern,firstthevariable?xisreplaced
byitsvalue.Then,(a?yc)ismatchedto(ab?z)bybinding?ytoband?ztoc.
39
40
UnificationAlgorithm
Queryinterpreter
unify(e,f,env)
Thequeryinterpreterperformsa
searchinthespaceofallpossible
facts
Unificationistheprimitiveoperation
thatpatternmatchestwo
expressions
Itisarecursivealgorithm
1)Bothinputseandfarereplacedbytheirvaluesiftheyare
variables.
2)Ifeandfareequal,unificationsucceeds.
3)Ifeisavariable,unificationsucceedsandeisboundtof.
4)Iffisavariable,unificationsucceedsandfisboundtoe.
5)Ifneitherisavariable,botharenotlists,andtheyarenot
equal,theneandfcannotbeunified,andsounificationfails.
6)Ifnoneofthesecasesholds,theneandfarebothpairs,
andsounificationisperformedonboththeirfirstand
secondcorrespondingelements.
41
SearchAlgorithm
42
Summary
Theprocessofattemptingtodemonstratean
assertion(answeraquery)isasystematic
depth-firstsearchoffacts.
Symbolicprogramming
anditsuseforstaticcodeanalysis
Logicprogramming
defsearch(clauses,env):
ifclausesisnil:
yieldenv
forfactinfacts:
fact=rename_variables(fact,get_unique_id())
env_head=newenvironmentthatextendsenv
ifunify(fact.first,clauses.first,env_head):
forenv_ruleinsearch(fact.second,env_head,depth+1):
forresultinsearch(clauses.second,env_rule,depth+1):
yieldresult
andhowtoinfernewfacts
43
44/44
