a lloy general purpose higher order relational constraint
play

A LLOY : General-Purpose Higher-Order Relational Constraint Solver - PowerPoint PPT Presentation

Oct 29, 2023 •199 likes •1.71k views

A LLOY : General-Purpose Higher-Order Relational Constraint Solver Aleksandar Milicevic , Joseph P . Near, Eunsuk Kang, Daniel Jackson {aleks,jnear,eskang,dnj}@csail.mit.edu ICSE 2015 Florence, Italy 1 What is A LLOY A LLOY : a

  1. CEGIS : A Common Approach for Program Synthesis original synthesis formulation run { some prog: ASTNode | all env: Var -> Val | spec[prog, env] } [Solar-Lezama, ASPLOS’06] Counter-Example Guided Inductive Synthesis 1. search: find some program and some environment s.t. the spec holds, i.e., run { some prog: ASTNode | some env: Var -> Val | spec[prog, env] } to get a concrete candidate program $prog 2. verification: check if $prog holds for all possible environments: check { all env: Var -> Val | spec[$prog, env] } Done if verified; else, a concrete counterexample $env is returned as witness. 3. induction: incrementally find a new program that additionally satisfies $env : run { some prog: ASTNode | some env: Var -> Val | spec[prog, env] and spec[prog, $env]} If UNSAT, return no solution; else, go to 2. 6

  2. A LLOY ∗ A LLOY ∗ key insight CEGIS can be applied to solve arbitrary higher-order formulas 7

  3. A LLOY ∗ generality solve arbitrary higher-order formulas no domain-specific knowledge needed 7

  4. A LLOY ∗ generality solve arbitrary higher-order formulas no domain-specific knowledge needed implementability key solver features for efficient implementation: – partial instances – incremental solving 7

  5. A LLOY ∗ generality solve arbitrary higher-order formulas no domain-specific knowledge needed implementability key solver features for efficient implementation: – partial instances – incremental solving wide applicability (in contrast to specialized synthesizers) program synthesis: SyGuS benchmarks security policy synthesis: Margrave solving graph problems: max-cut , max-clique , min-vertex-cover bounded verification: Turán’s theorem 7

  6. Generality : Nested Higher-Order Quantifiers fun keysum[nodes: set Node]: Int { sum n: nodes | n.key } pred maxMaxClique[edges: Node->Node, clq: set Node] { maxClique[edges, clq] all ns: set Node | not (maxClique[edges,clq2] and keysum[ns] > keysum[clq]) } run maxMaxClique for 5 n1 $clq key: 5 edges n2 n3 key: 0 key: 6 n4 key: 1 8

  7. Generality : Checking Higher-Order Properties // ‘edges’ must be symmetric and irreflexive ⋯ pred edgeProps[edges: Node -> Node] { (~edges in edges) and ( no edges & iden ) } // Turan’s theorem: max number of edges in a ( k − 1 ) n 2 // ( k + 1 )-free graph with n nodes is 2 k check Turan { all edges: Node -> Node | edgeProps[edges] implies some mClq: set Node { maxClique[edges, mClq] let n = #Node, k = #mClq, e = (#edges).div[2] | e <= k.minus[1].mul[n].mul[n].div[2].div[k] } } for 7 but 0..294 Int 9

  8. Semantics : General Idea CEGIS: defined only for a single idiom (the ∃∀ formula pattern) 10

  9. Semantics : General Idea CEGIS: defined only for a single idiom (the ∃∀ formula pattern) A LLOY ∗ : generalized to arbitrary formulas 10

  10. Semantics : General Idea CEGIS: defined only for a single idiom (the ∃∀ formula pattern) A LLOY ∗ : generalized to arbitrary formulas 1. perform standard transformation: NNF and skolemization 10

  11. Semantics : General Idea CEGIS: defined only for a single idiom (the ∃∀ formula pattern) A LLOY ∗ : generalized to arbitrary formulas 1. perform standard transformation: NNF and skolemization 2. decompose arbitrary formula into known idioms → FOL : first-order formula → OR : disjunction → A : higher-order top-level ∀ quantifier (not skolemizable) E 10

  12. Semantics : General Idea CEGIS: defined only for a single idiom (the ∃∀ formula pattern) A LLOY ∗ : generalized to arbitrary formulas 1. perform standard transformation: NNF and skolemization 2. decompose arbitrary formula into known idioms → FOL : first-order formula → OR : disjunction → A : higher-order top-level ∀ quantifier (not skolemizable) E 3. solve using the following decision procedure → FOL : solve directly with Kodkod (first-order relational solver) → OR : solve each disjunct separately A → : apply CEGIS E 10

  13. A LLOY ∗ Implementation Caveats some prog: Node | A ( conj : E $prog in Node and acyclic[$prog], acyclic[prog] → eQuant : some eval ..., all eval: Node -> ( Int +Bool) | semantics[eval] implies spec[prog, eval] aQuant : all eval ...) 11

  14. A LLOY ∗ Implementation Caveats some prog: Node | A ( conj : E $prog in Node and acyclic[$prog], acyclic[prog] → eQuant : some eval ..., all eval: Node -> ( Int +Bool) | semantics[eval] implies spec[prog, eval] aQuant : all eval ...) 1. candidate search solve conj ∧ eQuant → candidate instance $cand : values of all relations except eQuant . var 11

  15. A LLOY ∗ Implementation Caveats some prog: Node | A ( conj : E $prog in Node and acyclic[$prog], acyclic[prog] → eQuant : some eval ..., all eval: Node -> ( Int +Bool) | semantics[eval] implies spec[prog, eval] aQuant : all eval ...) 1. candidate search solve conj ∧ eQuant → candidate instance $cand : values of all relations except eQuant . var 2. verification solve ¬ aQuant against the $cand partial instance → counterexample $cex : value of the eQuant . var relation 11

  16. A LLOY ∗ Implementation Caveats some prog: Node | A ( conj : E $prog in Node and acyclic[$prog], acyclic[prog] → eQuant : some eval ..., all eval: Node -> ( Int +Bool) | semantics[eval] implies spec[prog, eval] aQuant : all eval ...) 1. candidate search solve conj ∧ eQuant → candidate instance $cand : values of all relations except eQuant . var 2. verification solve ¬ aQuant against the $cand partial instance partial instance → counterexample $cex : value of the eQuant . var relation • partial solution known upfront • enforced using bounds 11

  17. A LLOY ∗ Implementation Caveats some prog: Node | A ( conj : E $prog in Node and acyclic[$prog], acyclic[prog] → eQuant : some eval ..., all eval: Node -> ( Int +Bool) | semantics[eval] implies spec[prog, eval] aQuant : all eval ...) 1. candidate search solve conj ∧ eQuant → candidate instance $cand : values of all relations except eQuant . var 2. verification solve ¬ aQuant against the $cand partial instance partial instance → counterexample $cex : value of the eQuant . var relation • partial solution known upfront • enforced using bounds 3. induction use incremental solving to add replace eQuant . var with $cex in eQuant . body to previous search condition 11

  18. A LLOY ∗ Implementation Caveats some prog: Node | A ( conj : E $prog in Node and acyclic[$prog], acyclic[prog] → eQuant : some eval ..., all eval: Node -> ( Int +Bool) | semantics[eval] implies spec[prog, eval] aQuant : all eval ...) 1. candidate search solve conj ∧ eQuant → candidate instance $cand : values of all relations except eQuant . var 2. verification solve ¬ aQuant against the $cand partial instance partial instance → counterexample $cex : value of the eQuant . var relation • partial solution known upfront • enforced using bounds 3. induction use incremental solving to add incremental solving replace eQuant . var with $cex in eQuant . body • continue from prev solver instance • the solver reuses learned clauses to previous search condition 11

  19. A LLOY ∗ Implementation Caveats some prog: Node | A ( conj : E $prog in Node and acyclic[$prog], acyclic[prog] → eQuant : some eval ..., all eval: Node -> ( Int +Bool) | semantics[eval] implies spec[prog, eval] aQuant : all eval ...) 1. candidate search solve conj ∧ eQuant → candidate instance $cand : values of all relations except eQuant . var 2. verification solve ¬ aQuant against the $cand partial instance partial instance → counterexample $cex : value of the eQuant . var relation • partial solution known upfront • enforced using bounds 3. induction use incremental solving to add incremental solving replace eQuant . var with $cex in eQuant . body • continue from prev solver instance • the solver reuses learned clauses to previous search condition ? what if the increment formula is not first-order – optimization 1: use its weaker “first-order version” 11

  20. A LLOY ∗ Optimization 2. domain constraints “for all possible eval , “for all eval that satisfy the semantics, vs. if the semantics hold then the spec the spec must hold” must hold” 12

  21. A LLOY ∗ Optimization 2. domain constraints “for all possible eval , “for all eval that satisfy the semantics, vs. if the semantics hold then the spec the spec must hold” must hold” logically equivalent, but , when “for” implemented as CEGIS: 12

  22. A LLOY ∗ Optimization 2. domain constraints “for all possible eval , “for all eval that satisfy the semantics, vs. if the semantics hold then the spec the spec must hold” must hold” logically equivalent, but , when “for” implemented as CEGIS: pred synth[prog: Node] { all eval: Node -> ( Int +Bool) | semantics[eval] implies spec[prog, eval] } → candidate search some prog: Node | some eval: Node -> ( Int +Bool) | semantics[eval] implies spec[prog, eval] → a valid candidate doesn’t have to satisfy the semantics predicate! ✗ 12

  23. A LLOY ∗ Optimization 2. domain constraints “for all possible eval , “for all eval that satisfy the semantics, vs. if the semantics hold then the spec the spec must hold” must hold” logically equivalent, but , when “for” implemented as CEGIS: pred synth[prog: Node] { pred synth[prog: Node] { all eval: Node -> ( Int +Bool) | all eval: Node -> ( Int +Bool) when semantics[eval] semantics[eval] implies spec[prog, eval] spec[prog, eval] } } → → candidate search candidate search some prog: Node | some prog: Node | some eval: Node -> ( Int +Bool) | some eval: Node -> ( Int +Bool) when semantics[eval] | semantics[eval] implies spec[prog, eval] spec[prog, eval] → → a valid candidate doesn’t have to a valid candidate must satisfy the satisfy the semantics predicate! semantics predicate! ✗ ✔ 12

  24. A LLOY ∗ Evaluation evaluation goals 13

  25. A LLOY ∗ Evaluation evaluation goals 1. scalability on classical higher-order graph problems ? does A LLOY ∗ scale beyond “toy-sized” graphs 13

  26. A LLOY ∗ Evaluation evaluation goals 1. scalability on classical higher-order graph problems ? does A LLOY ∗ scale beyond “toy-sized” graphs 2. applicability to program synthesis ? expressiveness: how many SyGuS benchmarks can be written in A LLOY ∗ ? power: how many SyGuS benchmarks can be solved with A LLOY ∗ ? scalability: how does A LLOY ∗ compare to other synthesizers 13

  27. A LLOY ∗ Evaluation evaluation goals 1. scalability on classical higher-order graph problems ? does A LLOY ∗ scale beyond “toy-sized” graphs 2. applicability to program synthesis ? expressiveness: how many SyGuS benchmarks can be written in A LLOY ∗ ? power: how many SyGuS benchmarks can be solved with A LLOY ∗ ? scalability: how does A LLOY ∗ compare to other synthesizers 3. benefits of the two optimizations ? do A LLOY ∗ optimizations improve overall solving times 13

  28. Evaluation: Graph Algorithms 80 ¡ max clique 70 ¡ max cut 60 ¡ Solving Time (s) max indep. set 50 ¡ min vertex cover 40 ¡ 30 ¡ 20 ¡ 10 ¡ 0 ¡ 2 ¡ 3 ¡ 5 ¡ 7 ¡ 9 ¡ 13 ¡ 15 ¡ 20 ¡ 25 ¡ 30 ¡ 35 ¡ 40 ¡ 45 ¡ 50 ¡ # Nodes 14

  29. Evaluation: Program Synthesis expressiveness we extended Alloy to support bit vectors we encoded 123/173 benchmarks, i.e., all except “ICFP problems” – reason for skipping ICFP: 64-bit bit vectors (not supported by Kodkod) – (aside) not one of them was solved by any of the competition solvers 15

  30. Evaluation: Program Synthesis expressiveness we extended Alloy to support bit vectors we encoded 123/173 benchmarks, i.e., all except “ICFP problems” – reason for skipping ICFP: 64-bit bit vectors (not supported by Kodkod) – (aside) not one of them was solved by any of the competition solvers power A LLOY ∗ was able to solve all different categories of benchmarks – integer benchmarks, bit vector benchmarks, let constructs, synthesizing multiple functions at once, multiple applications of the synthesized function 15

  31. Evaluation: Program Synthesis expressiveness we extended Alloy to support bit vectors we encoded 123/173 benchmarks, i.e., all except “ICFP problems” – reason for skipping ICFP: 64-bit bit vectors (not supported by Kodkod) – (aside) not one of them was solved by any of the competition solvers power A LLOY ∗ was able to solve all different categories of benchmarks – integer benchmarks, bit vector benchmarks, let constructs, synthesizing multiple functions at once, multiple applications of the synthesized function scalability many of the 123 benchmarks are either too easy or too difficult → not suitable for scalability comparison we primarily used the integer benchmarks we also picked a few bit vector benchmarks that were too hard for all solvers 15

  32. Evaluation: Program Synthesis scalability comparison (integer benchmarks) 1000 Alloy* Enumerative Stochastic Symbolic Sketch 100 Solving Time (s) 10 1 0.1 0.01 max-2 max-3 max-4 max-5 array-2 array-3 array-4 array-5 16

  33. Evaluation: Program Synthesis scalability comparison (select bit vector benchmarks) benchmarks – parity-AIG-d1 : full parity circuit using AND and NOT gates – parity-NAND-d1 : full parity circuit using AND always followed by NOT 16

  34. Evaluation: Program Synthesis scalability comparison (select bit vector benchmarks) benchmarks – parity-AIG-d1 : full parity circuit using AND and NOT gates – parity-NAND-d1 : full parity circuit using AND always followed by NOT all solvers (including A LLOY ∗ ) time out on both (limit: 1000s) 16

  35. Evaluation: Program Synthesis scalability comparison (select bit vector benchmarks) benchmarks – parity-AIG-d1 : full parity circuit using AND and NOT gates – parity-NAND-d1 : full parity circuit using AND always followed by NOT all solvers (including A LLOY ∗ ) time out on both (limit: 1000s) custom tweaks in A LLOY ∗ synthesis models: – create and use a single type of gate – impose partial ordering between gates 16

  36. Evaluation: Program Synthesis scalability comparison (select bit vector benchmarks) benchmarks – parity-AIG-d1 : full parity circuit using AND and NOT gates – parity-NAND-d1 : full parity circuit using AND always followed by NOT all solvers (including A LLOY ∗ ) time out on both (limit: 1000s) custom tweaks in A LLOY ∗ synthesis models: – create and use a single type of gate – impose partial ordering between gates parity-AIG-d1 parity-NAND-d1 sig AIG extends BoolNode { sig NAND extends BoolNode { left, right: one BoolNode left, right: one BoolNode invLhs, invRhs, invOut: one Bool } } pred aig_semantics[eval: Node->( Int +Bool)] { pred nand_semantics[eval: Node->( Int +Bool)] { all n: AIG | all n: NAND | eval[n] = ((eval[n.left] ^ n.invLhs) && eval[n] = !(eval[n.left] && (eval[n.right] ^ n.invRhs) eval[n.right]) ) ^ n.invOut} } run synth for 0 but -1..0 Int , exactly 15 AIG run synth for 0 but -1..0 Int , exactly 23 NAND 16

  37. Evaluation: Program Synthesis scalability comparison (select bit vector benchmarks) benchmarks – parity-AIG-d1 : full parity circuit using AND and NOT gates – parity-NAND-d1 : full parity circuit using AND always followed by NOT all solvers (including A LLOY ∗ ) time out on both (limit: 1000s) custom tweaks in A LLOY ∗ synthesis models: – create and use a single type of gate – impose partial ordering between gates parity-AIG-d1 parity-NAND-d1 sig AIG extends BoolNode { sig NAND extends BoolNode { left, right: one BoolNode left, right: one BoolNode invLhs, invRhs, invOut: one Bool } } pred aig_semantics[eval: Node->( Int +Bool)] { pred nand_semantics[eval: Node->( Int +Bool)] { all n: AIG | all n: NAND | eval[n] = ((eval[n.left] ^ n.invLhs) && eval[n] = !(eval[n.left] && (eval[n.right] ^ n.invRhs) eval[n.right]) ) ^ n.invOut} } run synth for 0 but -1..0 Int , exactly 15 AIG run synth for 0 but -1..0 Int , exactly 23 NAND solving time w/ partial ordering: 20s solving time w/ partial ordering: 30s solving time w/o partial ordering: 80s solving time w/o partial ordering: ∞ 16

  38. Evaluation: Benefits of A LLOY ∗ Optimizations base w/ optimizations max2 0.4 s 0.3 s 7.6 s 0.9 s max3 t/o 1.5 s max4 max5 t/o 4.2 s t/o 16.3 s max6 t/o 163.6 s max7 max8 t/o 987.3 s 140.0 s 1.6 s array-search2 t/o 4.0 s array-search3 array-search4 t/o 16.1 s t/o 485.6 s array-search5 base w/ optimizations 3.5 s 0.5 s turan5 12.8 s 2.1 s turan6 turan7 235.0 s 3.8 s t/o 15.0 s turan8 t/o 45.0 s turan9 turan1 0 t/o 168.0 s 17

  39. A LLOY ∗ Conclusion A LLOY ∗ is general purpose constraint solver capable of efficiently solving arbitrary higher-order formulas sound & complete within given bounds 18

  40. A LLOY ∗ Conclusion A LLOY ∗ is general purpose constraint solver capable of efficiently solving arbitrary higher-order formulas sound & complete within given bounds higher-order and alloy historically bit-blasting higher-order quantifiers: attempted, deemed intractable previously many ad hoc mods to alloy – aluminum, razor, staged execution, ... 18

  41. A LLOY ∗ Conclusion A LLOY ∗ is general purpose constraint solver capable of efficiently solving arbitrary higher-order formulas sound & complete within given bounds higher-order and alloy historically bit-blasting higher-order quantifiers: attempted, deemed intractable previously many ad hoc mods to alloy – aluminum, razor, staged execution, ... why is this important? accessible to wider audience, encourages new applications potential impact – abundance of tools that build on Alloy/Kodkod, for testing, program analysis, security, bounded verification, executable specifications, ... 18

  42. A LLOY ∗ Conclusion A LLOY ∗ is general purpose constraint solver capable of efficiently solving arbitrary higher-order formulas sound & complete within given bounds higher-order and alloy historically bit-blasting higher-order quantifiers: attempted, deemed intractable previously many ad hoc mods to alloy Thank You! – aluminum, razor, staged execution, ... http://alloy.mit.edu/alloy/hola why is this important? accessible to wider audience, encourages new applications potential impact – abundance of tools that build on Alloy/Kodkod, for testing, program analysis, security, bounded verification, executable specifications, ... 18

  43. First -Order Vs. Higher-Order: clique first-order : finding a clique in a graph 19

  44. First -Order Vs. Higher-Order: clique first-order : finding a clique in a graph pred clique[edges: Node->Node, clq: set Node] { all disj n1, n2: clq | n1->n2 in edges // every two nodes in ’clq’ are connected } 19

  45. First -Order Vs. Higher-Order: clique first-order : finding a clique in a graph pred clique[edges: Node->Node, clq: set Node] { all disj n1, n2: clq | n1->n2 in edges // every two nodes in ’clq’ are connected } run { // find a clique in a given graph let edges = n1->n2 + n1->n3 + ... | some clq: set Node | clique[edges, clq] } n1 key: 5 edges n2 n3 key: 0 key: 6 n4 key: 1 19

  46. First -Order Vs. Higher-Order: clique first-order : finding a clique in a graph pred clique[edges: Node->Node, clq: set Node] { all disj n1, n2: clq | n1->n2 in edges // every two nodes in ’clq’ are connected } run { // find a clique in a given graph let edges = n1->n2 + n1->n3 + ... | some clq: set Node | clique[edges, clq] } Alloy encoding : n1 atoms N1 : { n 1 } N2 : { n 2 } N3 : { n 3 } N4 : { n 4 } key: 5 edges n2 n3 key: 0 key: 6 n4 key: 1 19

  47. First -Order Vs. Higher-Order: clique first-order : finding a clique in a graph pred clique[edges: Node->Node, clq: set Node] { all disj n1, n2: clq | n1->n2 in edges // every two nodes in ’clq’ are connected } run { // find a clique in a given graph let edges = n1->n2 + n1->n3 + ... | some clq: set Node | clique[edges, clq] } Alloy encoding : n1 atoms N1 : { n 1 } N2 : { n 2 } N3 : { n 3 } N4 : { n 4 } key: 5 edges Node : { n 1 , n 2 , n 3 , n 4 } key : {( n 1 → 5 ) , ( n 2 → 0 ) , ( n 3 → 6 ) , ( n 4 → 1 )} fixed edges : {( n 1 → n 2 ) , ( n 1 → n 3 ) , ( n 1 → n 4 ) , ( n 2 → n 3 ) , ( n 2 → n 4 ) , relations n2 n3 ( n 2 → n 1 ) , ( n 3 → n 1 ) , ( n 4 → n 1 ) , ( n 3 → n 2 ) , ( n 4 → n 2 )} key: 0 key: 6 n4 key: 1 19

  48. First -Order Vs. Higher-Order: clique first-order : finding a clique in a graph pred clique[edges: Node->Node, clq: set Node] { all disj n1, n2: clq | n1->n2 in edges // every two nodes in ’clq’ are connected } run { // find a clique in a given graph let edges = n1->n2 + n1->n3 + ... | some clq: set Node | clique[edges, clq] } Alloy encoding : n1 atoms N1 : { n 1 } N2 : { n 2 } N3 : { n 3 } N4 : { n 4 } key: 5 edges Node : { n 1 , n 2 , n 3 , n 4 } key : {( n 1 → 5 ) , ( n 2 → 0 ) , ( n 3 → 6 ) , ( n 4 → 1 )} fixed edges : {( n 1 → n 2 ) , ( n 1 → n 3 ) , ( n 1 → n 4 ) , ( n 2 → n 3 ) , ( n 2 → n 4 ) , relations n2 n3 ( n 2 → n 1 ) , ( n 3 → n 1 ) , ( n 4 → n 1 ) , ( n 3 → n 2 ) , ( n 4 → n 2 )} key: 0 key: 6 relations clq : {} , { n 1 , n 2 , n 3 , n 4 } to be solved n4 key: 1 lower bound upper bound → set of nodes: efficiently translated to SAT (one bit for each node) 19

  49. First -Order Vs. Higher-Order: clique first-order : finding a clique in a graph pred clique[edges: Node->Node, clq: set Node] { all disj n1, n2: clq | n1->n2 in edges // every two nodes in ’clq’ are connected } run { // find a clique in a given graph let edges = n1->n2 + n1->n3 + ... | some clq: set Node | clique[edges, clq] } Alloy encoding : n1 atoms N1 : { n 1 } N2 : { n 2 } N3 : { n 3 } N4 : { n 4 } key: 5 edges Node : { n 1 , n 2 , n 3 , n 4 } key : {( n 1 → 5 ) , ( n 2 → 0 ) , ( n 3 → 6 ) , ( n 4 → 1 )} fixed edges : {( n 1 → n 2 ) , ( n 1 → n 3 ) , ( n 1 → n 4 ) , ( n 2 → n 3 ) , ( n 2 → n 4 ) , relations n2 n3 ( n 2 → n 1 ) , ( n 3 → n 1 ) , ( n 4 → n 1 ) , ( n 3 → n 2 ) , ( n 4 → n 2 )} key: 0 key: 6 relations clq : {} , { n 1 , n 2 , n 3 , n 4 } to be solved n4 key: 1 lower bound upper bound → set of nodes: efficiently translated to SAT (one bit for each node) a solution (automatically found by Alloy): clq = { n 1 , n 3 } 19

  50. First-Order Vs. Higher -Order: maxClique higher-order : finding a maximal clique in a graph 20

  51. First-Order Vs. Higher -Order: maxClique higher-order : finding a maximal clique in a graph pred maxClique[edges: Node->Node, clq: set Node] { clique[edges, clq] all ns: set Node | not (clique[edges, ns] and #ns > #clq) } 20

  52. First-Order Vs. Higher -Order: maxClique higher-order : finding a maximal clique in a graph pred maxClique[edges: Node->Node, clq: set Node] { clique[edges, clq] all ns: set Node | not (clique[edges, ns] and #ns > #clq) } run { // find a maximal clique in a given graph let edges = n1->n2 + n1->n3 + ... | some clq: set Node | maxClique[edges, clq] } n1 key: 5 edges n2 n3 key: 0 key: 6 n4 key: 1 20

  53. First-Order Vs. Higher -Order: maxClique higher-order : finding a maximal clique in a graph pred maxClique[edges: Node->Node, clq: set Node] { clique[edges, clq] all ns: set Node | not (clique[edges, ns] and #ns > #clq) } run { // find a maximal clique in a given graph let edges = n1->n2 + n1->n3 + ... | some clq: set Node | maxClique[edges, clq] } expressible but not solvable in Alloy! n1 key: 5 edges n2 n3 key: 0 key: 6 n4 key: 1 20

  54. First-Order Vs. Higher -Order: maxClique higher-order : finding a maximal clique in a graph pred maxClique[edges: Node->Node, clq: set Node] { clique[edges, clq] all ns: set Node | not (clique[edges, ns] and #ns > #clq) } run { // find a maximal clique in a given graph let edges = n1->n2 + n1->n3 + ... | some clq: set Node | maxClique[edges, clq] } definition of higher-order (as in Alloy): n1 key: 5 – quantification over all sets of atoms edges n2 n3 key: 0 key: 6 n4 key: 1 20

  55. First-Order Vs. Higher -Order: maxClique higher-order : finding a maximal clique in a graph pred maxClique[edges: Node->Node, clq: set Node] { clique[edges, clq] all ns: set Node | not (clique[edges, ns] and #ns > #clq) } run { // find a maximal clique in a given graph let edges = n1->n2 + n1->n3 + ... | some clq: set Node | maxClique[edges, clq] } definition of higher-order (as in Alloy): n1 key: 5 – quantification over all sets of atoms edges maxClique : check all possible sets of nodes n2 n3 key: 0 key: 6 and ensure not one is a clique larger than clq n4 key: 1 20

  56. First-Order Vs. Higher -Order: maxClique higher-order : finding a maximal clique in a graph pred maxClique[edges: Node->Node, clq: set Node] { clique[edges, clq] all ns: set Node | not (clique[edges, ns] and #ns > #clq) } run { // find a maximal clique in a given graph let edges = n1->n2 + n1->n3 + ... | some clq: set Node | maxClique[edges, clq] } definition of higher-order (as in Alloy): n1 key: 5 – quantification over all sets of atoms edges maxClique : check all possible sets of nodes n2 n3 key: 0 key: 6 and ensure not one is a clique larger than clq ✗ number of bits required for direct encoding to n4 SAT: 2 #Node key: 1 20

  57. Solving maxClique : Idea n1 run { key: 5 some clq: set Node | edges clique[edges, clq] and all ns: set Node | n2 n3 not (clique[edges, ns] and #ns > #clq) key: 0 key: 6 } n4 key: 1 intuitive iterative algorithm 21

  58. Solving maxClique : Idea n1 run { $clq key: 5 some clq: set Node | edges clique[edges, clq] and all ns: set Node | n2 n3 not (clique[edges, ns] and #ns > #clq) key: 0 key: 6 } some clq: Set Node | clique[edges, clq] n4 key: 1 intuitive iterative algorithm 1. find some clique $clq 21

  59. Solving maxClique : Idea n1 run { $clq key: 5 some clq: set Node | edges clique[edges, clq] and all ns: set Node | n2 n3 not (clique[edges, ns] and #ns > #clq) key: 0 key: 6 } some clq: Set Node | clique[edges, clq] n4 key: 1 intuitive iterative algorithm some ns: Set Node | clique[edges, ns] and #ns > 2 1. find some clique $clq 2. check if $clq is maximal ⇔ find some clique $ns > $clq from step 1 – if not found: return $clq 21

  60. Solving maxClique : Idea n1 run { $ns key: 5 some clq: set Node | edges clique[edges, clq] and all ns: set Node | n2 n3 not (clique[edges, ns] and #ns > #clq) key: 0 key: 6 } some clq: Set Node | clique[edges, clq] n4 key: 1 intuitive iterative algorithm some ns: Set Node | clique[edges, ns] and #ns > 2 1. find some clique $clq 2. check if $clq is maximal ⇔ find some clique $ns > $clq from step 1 – if not found: return $clq 21

  61. Solving maxClique : Idea n1 run { $ns key: 5 some clq: set Node | edges clique[edges, clq] and all ns: set Node | n2 n3 not (clique[edges, ns] and #ns > #clq) key: 0 key: 6 } some clq: Set Node | clique[edges, clq] n4 key: 1 intuitive iterative algorithm some ns: Set Node | clique[edges, ns] and #ns > 2 1. find some clique $clq 2. check if $clq is maximal ⇔ find some clique $ns > $clq from step 1 – if not found: return $clq 3. assert that every new $clq must be ≥ than $ns from step 2; goto step 1 21

  62. Solving maxClique : Idea n1 run { $ns key: 5 some clq: set Node | edges clique[edges, clq] and all ns: set Node | n2 n3 not (clique[edges, ns] and #ns > #clq) key: 0 key: 6 } some clq: Set Node | clique[edges, clq] and n4 #clq >= 3 key: 1 intuitive iterative algorithm 1. find some clique $clq 2. check if $clq is maximal ⇔ find some clique $ns > $clq from step 1 – if not found: return $clq 3. assert that every new $clq must be ≥ than $ns from step 2; goto step 1 21

  63. Solving maxClique : Idea n1 run { $clq key: 5 some clq: set Node | edges clique[edges, clq] and all ns: set Node | n2 n3 not (clique[edges, ns] and #ns > #clq) key: 0 key: 6 } some clq: Set Node | clique[edges, clq] and n4 #clq >= 3 key: 1 intuitive iterative algorithm 1. find some clique $clq 2. check if $clq is maximal ⇔ find some clique $ns > $clq from step 1 – if not found: return $clq 3. assert that every new $clq must be ≥ than $ns from step 2; goto step 1 21

  64. Solving maxClique : Idea n1 run { $clq key: 5 some clq: set Node | edges clique[edges, clq] and all ns: set Node | n2 n3 not (clique[edges, ns] and #ns > #clq) key: 0 key: 6 } some clq: Set Node | clique[edges, clq] and n4 #clq >= 3 key: 1 intuitive iterative algorithm some ns: Set Node | clique[edges, ns] and #ns > 3 1. find some clique $clq 2. check if $clq is maximal ⇔ find some clique $ns > $clq from step 1 – if not found: return $clq 3. assert that every new $clq must be ≥ than $ns from step 2; goto step 1 21

  65. Solving maxClique : Idea n1 run { $clq key: 5 some clq: set Node | edges clique[edges, clq] and all ns: set Node | n2 n3 not (clique[edges, ns] and #ns > #clq) key: 0 key: 6 } some clq: Set Node | clique[edges, clq] and n4 #clq >= 3 key: 1 intuitive iterative algorithm some ns: Set Node | clique[edges, ns] and #ns > 3 1. find some clique $clq UNSAT � → return $clq 2. check if $clq is maximal ⇔ find some clique $ns > $clq from step 1 – if not found: return $clq 3. assert that every new $clq must be ≥ than $ns from step 2; goto step 1 21

  66. Solving maxClique : Idea n1 run { key: 5 some clq: set Node | edges clique[edges, clq] and all ns: set Node | n2 n3 not (clique[edges, ns] and #ns > #clq) key: 0 key: 6 } n4 key: 1 intuitive iterative algorithm 22

  67. Solving maxClique : Idea n1 run { key: 5 some clq: set Node | edges clique[edges, clq] and all ns: set Node | n2 n3 not (clique[edges, ns] and #ns > #clq) key: 0 key: 6 } n4 key: 1 intuitive iterative algorithm 1. find some clique $clq 22

  68. Solving maxClique : Idea n1 run { key: 5 some clq: set Node | edges clique[edges, clq] and all ns: set Node | n2 n3 not (clique[edges, ns] and #ns > #clq) key: 0 key: 6 } n4 key: 1 intuitive iterative algorithm 1. find some clique $clq 2. check if $clq is maximal ⇔ find some clique $ns > $clq from step 1 – if not found: return $clq 22

  69. Solving maxClique : Idea n1 run { key: 5 some clq: set Node | edges clique[edges, clq] and all ns: set Node | n2 n3 not (clique[edges, ns] and #ns > #clq) key: 0 key: 6 } n4 key: 1 intuitive iterative algorithm 1. find some clique $clq 2. check if $clq is maximal ⇔ find some clique $ns > $clq from step 1 – if not found: return $clq 3. assert that every new $clq must be ≥ than $ns from step 2; goto step 1 22

  70. Solving maxClique : Idea n1 run { $clq key: 5 some clq: set Node | edges clique[edges, clq] and all ns: set Node | n2 n3 not (clique[edges, ns] and #ns > #clq) key: 0 key: 6 } find candidate clique n4 key: 1 intuitive iterative algorithm 1. find some clique $clq 2. check if $clq is maximal ⇔ find some clique $ns > $clq from step 1 – if not found: return $clq 3. assert that every new $clq must be ≥ than $ns from step 2; goto step 1 22

  71. Solving maxClique : Idea n1 run { $ns key: 5 some clq: set Node | edges clique[edges, clq] and all ns: set Node | n2 n3 not (clique[edges, ns] and #ns > #clq) key: 0 key: 6 } find candidate clique n4 key: 1 intuitive iterative algorithm verify $clq (is it maximal?) → counterexample: $ns 1. find some clique $clq 2. check if $clq is maximal ⇔ find some clique $ns > $clq from step 1 – if not found: return $clq 3. assert that every new $clq must be ≥ than $ns from step 2; goto step 1 22

  72. Solving maxClique : Idea n1 run { $clq key: 5 some clq: set Node | edges clique[edges, clq] and all ns: set Node | n2 n3 not (clique[edges, ns] and #ns > #clq) key: 0 key: 6 } find candidate clique with at least 3 nodes n4 key: 1 intuitive iterative algorithm 1. find some clique $clq 2. check if $clq is maximal ⇔ find some clique $ns > $clq from step 1 – if not found: return $clq 3. assert that every new $clq must be ≥ than $ns from step 2; goto step 1 22

  73. Solving maxClique : Idea n1 run { $clq key: 5 some clq: set Node | edges clique[edges, clq] and all ns: set Node | n2 n3 not (clique[edges, ns] and #ns > #clq) key: 0 key: 6 } find candidate clique with at least 3 nodes n4 key: 1 intuitive iterative algorithm verify $clq (is it maximal?) UNSAT � → return $clq 1. find some clique $clq 2. check if $clq is maximal ⇔ find some clique $ns > $clq from step 1 – if not found: return $clq 3. assert that every new $clq must be ≥ than $ns from step 2; goto step 1 22

  74. CEGIS : A Common Approach for Program Synthesis original synthesis formulation run { some prog: ASTNode | all env: Var -> Val | spec[prog, env] } [Solar-Lezama, ASPLOS’06] Counter-Example Guided Inductive Synthesis 23

  75. CEGIS : A Common Approach for Program Synthesis original synthesis formulation run { some prog: ASTNode | all env: Var -> Val | spec[prog, env] } [Solar-Lezama, ASPLOS’06] Counter-Example Guided Inductive Synthesis 1. search: find some program and some environment s.t. the spec holds, i.e., run { some prog: ASTNode | some env: Var -> Val | spec[prog, env] } to get a concrete candidate program $prog 23

  76. CEGIS : A Common Approach for Program Synthesis original synthesis formulation run { some prog: ASTNode | all env: Var -> Val | spec[prog, env] } [Solar-Lezama, ASPLOS’06] Counter-Example Guided Inductive Synthesis 1. search: find some program and some environment s.t. the spec holds, i.e., run { some prog: ASTNode | some env: Var -> Val | spec[prog, env] } to get a concrete candidate program $prog 2. verification: check if $prog holds for all possible environments: check { all env: Var -> Val | spec[$prog, env] } Done if verified; else, a concrete counterexample $env is returned as witness. 23

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

A Relational Logic for Higher-Order Programs Alejandro Aguirre 1 Gilles Barthe 1 Marco Gaboardi 2

A Relational Logic for Higher-Order Programs Alejandro Aguirre 1 Gilles Barthe 1 Marco Gaboardi 2

A Relational Logic for Higher-Order Programs Alejandro Aguirre 1 Gilles Barthe 1 Marco Gaboardi 2 Deepak Garg 3 Pierre-Yves Strub 4 ICFP, Sep 5 2017 1 Imdea Software; 2 University at Buffalo, SUNY; 3 MPI-SWS; 4 cole Polytechnique 1 Relational

469 views • 45 slides
On Higher-Order Probabilistic Computation: Relational Reasoning, Termination, and Bayesian

On Higher-Order Probabilistic Computation: Relational Reasoning, Termination, and Bayesian

On Higher-Order Probabilistic Computation: Relational Reasoning, Termination, and Bayesian Programming Ugo Dal Lago (Based on joint work with Michele Alberti, Raphalle Crubill, Charles Grellois, Davide Sangiorgi,. . . ) IFIP WG 2.2 Annual

2.46k views • 189 slides
Relational semantics for effect-based program transformations: higher-order store Martin Hofmann

Relational semantics for effect-based program transformations: higher-order store Martin Hofmann

Relational semantics for effect-based program transformations: higher-order store Martin Hofmann Ludwig-Maximilians-Universit at M unchen IFIP Working Group 2.8, June 2009 mh (lmumun) Relational semantics for effects IFIP 2.8 1 / 22

481 views • 26 slides
Higher-Order Approximate Relational Refinement Types for Mechanism Design and Differential

Higher-Order Approximate Relational Refinement Types for Mechanism Design and Differential

Higher-Order Approximate Relational Refinement Types for Mechanism Design and Differential Privacy Gilles Barthe, Marco Gaboardi, Emilio Jess Gallego Arias, Justin Hsu, Aaron Roth, Pierre-Yves Strub UPenn-Mines ParisTech, IMDEA Software

905 views • 89 slides
Constraint on higher order symmetry energy parameters and its relevance to neutron star properties

Constraint on higher order symmetry energy parameters and its relevance to neutron star properties

Constraint on higher order symmetry energy parameters and its relevance to neutron star properties Akira Ohnishi (Yukawa Inst. for Theor. Phys., Kyoto U.) in collaboraton with E. E. Kolomeitsev (Matej Bel U.), James M. Lattimer (Stony Brook),

457 views • 34 slides
Higher-Order Relational Refinement Types for Mechanism Design and Differential Privacy Gilles

Higher-Order Relational Refinement Types for Mechanism Design and Differential Privacy Gilles

Higher-Order Relational Refinement Types for Mechanism Design and Differential Privacy Gilles Barthe 1 , Marco Gaboardi 2 , Emilio Jess Gallego Arias 3 , 4 , Justin Hsu 4 , Aaron Roth 4 , Pierre-Yves Strub 1 1 IMDEA Software, 2 University of

1.16k views • 77 slides
York University www.cs.york.ac.uk/~ndm First order vs Higher order Higher order:

York University www.cs.york.ac.uk/~ndm First order vs Higher order Higher order:

First Order Haskell Neil Mitchell York University www.cs.york.ac.uk/~ndm First order vs Higher order Higher order: functions are values Can be passed around Stored in data structure Harder for reasoning and analysis More

483 views • 15 slides
Re Relational Con Constraint So Solving ng in in SMT SMT Paul Meng , Andrew Reynolds, Cesare

Re Relational Con Constraint So Solving ng in in SMT SMT Paul Meng , Andrew Reynolds, Cesare

Re Relational Con Constraint So Solving ng in in SMT SMT Paul Meng , Andrew Reynolds, Cesare Tinelli, Clark Barrett Midwest Verification Day September 2018 Re Relational Re Reasoning Many problems can be modeled relationally

750 views • 53 slides
Why higher-order logic? Higher-Order logic Expressive Mathematics Verification

Why higher-order logic? Higher-Order logic Expressive Mathematics Verification

Extending SMT solvers to higher-order logic Haniel Barbosa Andrew Reynolds Daniel El Ouraoui Clark Barrett Cesare Tinelli SMT 2019 20190707, Lisbon, PT To be published in the proceedings of CADE 2019 Why higher-order logic?

569 views • 25 slides
Higher order complexity Hugo Fre Mathieu Hoyrup CCA 2013 Hugo Fre Higher order

Higher order complexity Hugo Fre Mathieu Hoyrup CCA 2013 Hugo Fre Higher order

Background &amp; motivation Higher order strategies Higher order Turing machines Computable analysis Conclusion Higher order complexity Hugo Fre Mathieu Hoyrup CCA 2013 Hugo Fre Higher order complexity 1/12 Background &amp;

383 views • 15 slides
Higher-order Interpretations for Higher-order Complexity Emmanuel Hainry &amp; Romain Pchoux

Higher-order Interpretations for Higher-order Complexity Emmanuel Hainry &amp; Romain Pchoux

Higher-order Interpretations for Higher-order Complexity Emmanuel Hainry &amp; Romain Pchoux DICE-FOPARA, 22-23 april 2017 CNRS, INRIA, Universit de Lorraine &amp; LORIA, Nancy, France 1 Introduction First-order computability and

801 views • 46 slides
Kodkod: A Constraint Solver for Relational Logic Emina Torlak LaSh 2010 Edinburgh, UK

Kodkod: A Constraint Solver for Relational Logic Emina Torlak LaSh 2010 Edinburgh, UK

Kodkod: A Constraint Solver for Relational Logic Emina Torlak LaSh 2010 Edinburgh, UK July 15, 2010 A constraint solver for software engineering Alloy4 Miniatur design code Karun analysis checking MemSAT ExUML Analyzer

987 views • 83 slides
Higher-order Interpretations for Higher-order Complexity Emmanuel Hainry &amp; Romain Pchoux

Higher-order Interpretations for Higher-order Complexity Emmanuel Hainry &amp; Romain Pchoux

Higher-order Interpretations for Higher-order Complexity Emmanuel Hainry &amp; Romain Pchoux LPAR, 11 may 2017 CNRS, INRIA, Universit de Lorraine &amp; LORIA, Nancy, France 1 Introduction First-order computability and complexity

665 views • 39 slides
1 Consistency of a Single Arc Arc Consistency of an Entire CSP A simple form of propagation

1 Consistency of a Single Arc Arc Consistency of an Entire CSP A simple form of propagation

Improving Backtracking CSE 473: Artificial Intelligence General-purpose ideas give huge gains in speed Autumn 2018 Ordering: Constraint Satisfaction Problems - Part 2 Which variable should be assigned next? In what order should

94 views • 6 slides
Outline Higher Order Statistics First, second and higher-order statistics Matthias Hennig

Outline Higher Order Statistics First, second and higher-order statistics Matthias Hennig

Outline Higher Order Statistics First, second and higher-order statistics Matthias Hennig Generative models, recognition models Neural Information Processing Sparse Coding School of Informatics, University of Edinburgh Independent Components

358 views • 9 slides
From Closing Triangles to Closing Higher-Order Motifs Ryan A. Rossi 1 | Anup Rao 1 , Sungchul Kim

From Closing Triangles to Closing Higher-Order Motifs Ryan A. Rossi 1 | Anup Rao 1 , Sungchul Kim

From Closing Triangles to Closing Higher-Order Motifs Ryan A. Rossi 1 | Anup Rao 1 , Sungchul Kim 1 , Eunyee Koh 1 , Nesreen K. Ahmed 2 1 Adobe Research 2 Intel Labs Higher-Order Motif Closures Proposed general notion of a motif closure that

306 views • 11 slides
programmable IPs against their operational ISA model Markus Wedler, Sacha Loitz, Wolfgang Kunz

programmable IPs against their operational ISA model Markus Wedler, Sacha Loitz, Wolfgang Kunz

Designing Correct Circuits 2010 Gap-Free verification of weakly programmable IPs against their operational ISA model Markus Wedler, Sacha Loitz, Wolfgang Kunz Department of Electrical and Computer Engineering University of

759 views • 30 slides
Categories and Logic Programming III &amp; IV LSV, October-Dec 2016 Logic Programming A Category

Categories and Logic Programming III &amp; IV LSV, October-Dec 2016 Logic Programming A Category

Categories and Logic Programming III &amp; IV LSV, October-Dec 2016 Logic Programming A Category - Theoretic Framework James Lipton (Wesleyan) Categories and Logic Overview...from Tarski to Lawvere Tarski Models for many-sorted logic Let M be

1.55k views • 132 slides
DB 2 08 Predicate Evaluation Summer 2018 Torsten Grust Universitt Tbingen, Germany 02 1

DB 2 08 Predicate Evaluation Summer 2018 Torsten Grust Universitt Tbingen, Germany 02 1

01 DB 2 08 Predicate Evaluation Summer 2018 Torsten Grust Universitt Tbingen, Germany 02 1 Q Predicate (or Filter) Evaluation SQL's WHERE / HAVING / FILTER clauses use expressions of type Boolean ( predicates ) to filter

401 views • 18 slides
Proof systems for modal logics Emil Je r abek jerabek@math.cas.cz Institute of Mathematics

Proof systems for modal logics Emil Je r abek jerabek@math.cas.cz Institute of Mathematics

Proof systems for modal logics Emil Je r abek jerabek@math.cas.cz Institute of Mathematics of the AS CR, Prague Logic Colloquium 2007, Wrocaw p. 1 Propositional proof complexity Studies efficiency (absolute or relative) of proof

302 views • 18 slides
Modal operators for meet-complemented lattices Jos e Luis Castiglioni (CONICET and UNLP -

Modal operators for meet-complemented lattices Jos e Luis Castiglioni (CONICET and UNLP -

Modal operators for meet-complemented lattices Jos e Luis Castiglioni (CONICET and UNLP - Argentina) and Rodolfo C. Ertola-Biraben (CLE/Unicamp - Brazil) Talk SYSMICS 2016 Barcelona September 9, 2016 First Prev Next Last

697 views • 32 slides
http://lcs.ios.ac.cn/znj/DM2017 Naijun Zhan March 14, 2017 1 Special thanks to Profs Hanpin

http://lcs.ios.ac.cn/znj/DM2017 Naijun Zhan March 14, 2017 1 Special thanks to Profs Hanpin

First Order Logic (FOL) 1 http://lcs.ios.ac.cn/znj/DM2017 Naijun Zhan March 14, 2017 1 Special thanks to Profs Hanpin Wang (PKU) and Lijun Zhang (ISCAS) for their courtesy of the slides on this course. 1/33 Outline 1 Syntax of FOL 2 The

581 views • 33 slides
The first order definability of finite graphs Oleg Verbitsky Humboldt Universit at IAPMM

The first order definability of finite graphs Oleg Verbitsky Humboldt Universit at IAPMM

The first order definability of finite graphs Oleg Verbitsky Humboldt Universit at IAPMM and Berlin, Germany Lviv, Ukraine Bertinoro, October 2009 Based on joint work with Oleg Pikhurko and Joel Spencer, with important contributions by

618 views • 30 slides
2 n n &gt; 6 2

2 n n &gt; 6 2

2 n n &gt; 6 2 9 higher 9 9 11 11 C C C C C

1.17k views • 85 slides

More recommend