Programs Synthesis from Polymorphic Refinement Types Nadia - - PowerPoint PPT Presentation

Programs Synthesis from Polymorphic Refinement Types

Nadia Polikarpova Ivan Kuraj Armando Solar-Lezama

Program synthesis

2

“Make a list with n copies of x” replicate n x = if if n ≤ 0 th then Nil els lse Cons x (replicate (dec n) x)

declarative specification executable program

250 ⊨ ?

Synthesizer

Modular verification for synthesis

3

Specifications for synthesis

4

?

replicate n x = if if n ≤ 0 th then Nil els lse Cons x (replicate (dec n) x) Synthesizer

• 1. supports automatic, modular

verification

• 2. abstract and concise
• 3. sufficiently expressive

refinement types

Demo: replicate

• - Specification:

replicate :: n: Nat → x: α → {ν: List α | len ν = n} replicate = ??

• - Components:

zero :: {ν: Int | ν = 0} inc :: x: Int → {ν: Int | ν = x + 1} dec :: x: Int → {ν: Int | ν = x - 1} leq :: x: Int → y: Int → {Bool | ν = (x ≤ y) } neq :: x: Int → y: Int → {Bool | ν = (x ≠ y) }

5

Synthesis from refinement types

6

Γ ⊢ ?? :: T

Synthesis from refinement types

7

Γ ⊢ ?? :: T

x1 :: T1; ... φ1; ...

Synthesis from refinement types

8

Γ ⊢ ?? :: T

• I. top-down enumerative search

x1 :: T1; ... φ1; ...

Synthesis from refinement types

9

Γ ⊢ ?? :: T

?? :: U ?? :: V

• I. top-down enumerative search

x1 :: T1; ... φ1; ... :: T

Synthesis from refinement types

10

Γ ⊢ ?? :: T

?? :: U ?? :: V

• I. top-down enumerative search

x1 :: T1; ... φ1; ... :: T

Synthesis from refinement types

11

Γ ⊢ ?? :: T

?? :: _ ?? :: _

• I. top-down enumerative search

x1 :: T1; ... φ1; ... :: T’

Synthesis from refinement types

12

Γ ⊢ ?? :: T

?? :: _ ?? :: _

• I. top-down enumerative search

x1 :: T1; ... φ1; ... :: T’

Synthesis from refinement types

13

Γ ⊢ ?? :: T

?? :: _

• I. top-down enumerative search
• II. round-trip type checking

x1 :: T1; ... φ1; ... ?? :: U

Synthesis from refinement types

14

Γ ⊢ ?? :: T

?? :: _

• I. top-down enumerative search
• II. round-trip type checking

x1 :: T1; ... φ1; ... ?? :: U

Synthesis from refinement types

15

Γ ⊢ ?? :: T

?? :: _ ?? :: _

• I. top-down enumerative search
• II. round-trip type checking

x1 :: T1; ... φ1; ... ?? :: U ?? :: V

Synthesis from refinement types

16

Γ ⊢ ?? :: T

?? :: _ ?? :: _

• I. top-down enumerative search
• II. round-trip type checking

x1 :: T1; ... φ1; ... :: T’ ?? :: U ?? :: V

Synthesis from refinement types

17

Γ ⊢ ?? :: T

• I. top-down enumerative search
• II. round-trip type checking

x1 :: T1; ... φ1; ... if f then else

?? :: Bool

Synthesis from refinement types

18

Γ ⊢ ?? :: T

• I. top-down enumerative search
• II. round-trip type checking

x1 :: T1; ... φ1; ... if f then else

P⊢?? :: T

• III. condition abduction

Synthesis from refinement types

19

Γ ⊢ ?? :: T

• I. top-down enumerative search
• II. round-trip type checking

x1 :: T1; ... φ1; ... if f then else

?? :: Bool P⊢?? :: T

• III. condition abduction

??::{Bool|ν=P}

¬P⊢??::T

Round-trip type checking

20

⊢ ?? :: {List Neg | len ν ≥ 5}

Γ

Round-trip type checking

21

Nil ; 0 ; 5 ; -5 zeros replicate ; Cons ⊢ ?? :: {List Neg | len ν ≥ 5}

Round-trip type checking

22

Nil ; 0 ; 5 ; -5 zeros replicate ; Cons ⊢ ?? :: {List Neg | len ν ≥ 5}

Nil :: {List Neg|len ν = 0}

Nil :: {List a | len ν = 0}

Round-trip type checking

23

Nil ; 0 ; 5 ; -5 zeros replicate ; Cons ⊢ ?? :: {List Neg | len ν ≥ 5}

?? :: _ → {List Neg | len ν ≥ 5}

Round-trip type checking

24

Nil ; 0 ; 5 ; -5 zeros replicate ; Cons ⊢ ?? :: {List Neg | len ν ≥ 5} zeros :: n:Nat → {List Zero | len ν = n}

zeros :: n:Nat → {List Zero | len ν = n} ?? :: _ → {List Neg | len ν ≥ 5}

Nil ; 0 ; 5 ; -5 zeros replicate Cons

Round-trip type checking

25

⊢ ?? :: {List Neg | len ν ≥ 5} ?? :: _ → _ → {List Neg|len ν ≥ 5}

Nil ; 0 ; 5 ; -5 zeros replicate Cons

Round-trip type checking

26

⊢ ?? :: {List Neg | len ν ≥ 5} replicate :: n: Nat → x: Neg → {List Neg | len ν = n} ?? :: Nat ?? :: Neg

replicate :: n: Nat → x: a → {List a | len ν = n}

?? :: _ → _ → {List Neg|len ν ≥ 5}

Nil ; 0 ; 5 ; -5 zeros replicate Cons

Round-trip type checking

27

⊢ ?? :: {List Neg | len ν ≥ 5} replicate :: n: Nat → x: Neg → {List Neg | len ν = n} ?? :: Nat 0 :: { ν = 0 }

replicate :: n: Nat → x: a → {List a | len ν = n}

?? :: _ → _ → {List Neg|len ν ≥ 5}

Nil ; 0 ; 5 ; -5 zeros replicate Cons

Round-trip type checking

28

⊢ ?? :: {List Neg | len ν ≥ 5} replicate :: n: Nat → x: Neg → {List Neg | len ν = n} ?? :: Nat ?? :: Neg 0 :: { ν = 0 } :: {List Neg | len ν = 0}

replicate :: n: Nat → x: a → {List a | len ν = n}

?? :: _ → _ → {List Neg|len ν ≥ 5}

Nil ; 0 ; 5 ; -5 zeros replicate Cons

Round-trip type checking

29

⊢ ?? :: {List Neg | len ν ≥ 5} replicate :: n: Nat → x: Neg → {List Neg | len ν = n} ?? :: Nat ?? :: Neg 0 :: { ν = 0 } 5 :: { ν = 5 } :: {List Neg | len ν = 0} :: {List Neg | len ν = 5}

replicate :: n: Nat → x: a → {List a | len ν = n}

?? :: _ → _ → {List Neg|len ν ≥ 5}

0 :: { ν = 0 } 5 :: { ν = 5 }

Nil ; 0 ; 5 ; -5 zeros replicate Cons

Round-trip type checking

30

⊢ ?? :: {List Neg | len ν ≥ 5} replicate :: n: Nat → x: Neg → {List Neg | len ν = n} ?? :: Nat ?? :: Neg 0 :: { ν = 0 } 5 :: { ν = 5 } :: {List Neg | len ν = 0} :: {List Neg | len ν = 5}

• 5 :: { ν = -5 }

replicate :: n: Nat → x: a → {List a | len ν = n}

?? :: _ → _ → {List Neg|len ν ≥ 5}

Condition abduction

31

Nil ; 0 ; -5 ; n :: Nat (≤) ; (≠) ⊢ ?? :: {List Neg | len ν = n} P

Condition abduction

32

Nil ; 0 ; -5 ; n :: Nat (≤) ; (≠) ⊢ ?? :: {List Neg | len ν = n} Nil :: {List Neg |len ν = 0} P n ≤ 0

Condition abduction

33

Nil ; 0 ; -5 ; n :: Nat (≤) ; (≠) ⊢ ?? :: {List Neg | len ν = n} Nil :: {List Neg |len ν = 0} P n ≤ 0 if if n ≤ 0 th then Nil els lse Γ;¬(n ≤ 0) ⊢ ?? :: {List Neg | len ν = n}

Liquid abduction

34

n ≥ 0 ∧ len ν = 0 ∧ P ⇒ len ν = n Nil :: {List a | len ν = 0} n :: Nat

Liquid abduction

35

n ≥ 0 ∧ len ν = 0 ∧ P ⇒ len ν = n ★ ≤ ★ ★ ≠ ★ ∧ ¬(len ν = n)

Liquid abduction

36

n ≥ 0 ∧ len ν = 0 ∧ P ⇒ len ν = n ★ ≤ ★ ★ ≠ ★ n ≤ 0 n ≤ -5

• 5 ≤ n

n ≠ 0 n ≠ -5

Liquid abduction

37

n ≥ 0 ∧ len ν = 0 ∧ P ⇒ len ν = n ★ ≤ ★ ★ ≠ ★ n ≤ 0 n ≤ -5

• 5 ≤ n

n ≠ 0 n ≠ -5 ∧ ¬(len ν = n) UNSAT core [

]

Liquid abduction

38

n ≥ 0 ∧ len ν = 0 ∧ P ⇒ len ν = n ★ ≤ ★ ★ ≠ ★ n ≤ 0 n ≤ -5

• 5 ≤ n

n ≠ 0 n ≠ -5 ∧ ¬(len ν = n) UNSAT core [

]

Evaluation

39

take, drop, delete, zip with, reverse, de- duplicate, fold, length/append with fold, ...

Lists

insertion s., selection s., merge s., quick s.

Sorting

member, insert, delete

Binary Search Trees

RBT & AVL insertion, AVL deletion

Balanced trees

AST desugaring, address book

Custom datatypes

20 s

6 s

64 benchmarks

33 31

> > 120 s No roundtrip type checking

37 27

Naive liquid abduction

Synthesis of recursive programs

40

easy to verify hard to verify strong guarantees weak guarantees

pre-/post- conditions input-output examples

[Escher: CAV’13] [Myth: PLDI’15] [λ2: PLDI’15] [Leon: OOPSLA’13]

refinement types

[Myth+, POPL’16]

41

http://tiny.cc/synquid