correctness of program transformations automating diagram
play

Correctness of Program Transformations: Automating Diagram-Based - PowerPoint PPT Presentation

May 14, 2023 •16 likes •736 views

Correctness of Program Transformations: Automating Diagram-Based Proofs David Sabel Goethe-University Frankfurt am Main, Germany Research supported by the Deutsche Forschungsgemeinschaft (DFG) under grant SA 2908/3-1. Motivation reasoning

  1. Correctness of Program Transformations: Automating Diagram-Based Proofs David Sabel † Goethe-University Frankfurt am Main, Germany † Research supported by the Deutsche Forschungsgemeinschaft (DFG) under grant SA 2908/3-1.

  2. Motivation reasoning on program transformations w.r.t. operational semantics for program calculi with higher-order constructs and recursive bindings, e.g. letrec-expressions : letrec x 1 = s 1 ; . . . ; x n = s n in t extended call-by-need lambda calculi with letrec that model core languages of lazy functional programming languages like Haskell 2/43

  3. Motivation A program transformation is a binary relation on program fragments X:=1 T for (X:=1, X < n, X++) { while X < n { Z := Z + X; Z := Z + X; } X++; } 3/43

  4. Motivation A program transformation is a binary relation on program fragments X:=1 T for (X:=1, X < n, X++) { while X < n { Z := Z + X; Z := Z + X; } X++; } Some applications: Compilers: Optimizations (inlining, partial evaluation,. . . ) Code Refactoring: Transformations to improve readability and maintainability Theorem Provers: Transforming programs in proofs 3/43

  5. Correctness Program transformation T is correct iff T ⊆ ∼ c Contextual equivalence: e ∼ c e ′ iff e ≤ c e ′ and e ≥ c e ′ Contextual preorder: e ≤ c e ′ iff ∀ C : C [ e ] ↓ = ⇒ C [ e ′ ] ↓ ↓ means successful evaluation: sr, ∗ → e ′ and e ′ is a successful result e ↓ := e − − sr where − → is the small-step operational semantics (standard reduction) sr, ∗ sr and − − → is the reflexive-transitive closure of − → 4/43

  6. Convergence Preservation Convergence preservation: e ≤ ↓ e ′ iff e ↓ = ⇒ e ′ ↓ We only consider transformations T such that T ⊆ ≤ ↓ = ⇒ T ⊆ ≤ c No restriction, since the contextual closure of T fulfills this property. A context lemma allows for smaller closures (reduction contexts) T ⊆ ≥ c can be proved by showing T − 1 ⊆ ≤ c program Required task: transformation e e ′ standard standard reduction reduction = ⇒ steps steps e ′′ e ′′′ · successful successful 5/43

  7. Idea of the Diagram Method Base case: For all successful e program transformation e e ′ successful 6/43

  8. Idea of the Diagram Method Base case: For all successful e program transformation e e ′ successful standard reduction steps e ′′ successful 6/43

  9. Idea of the Diagram Method Base case: For all successful e program transformation e e ′ successful standard reduction steps e ′′ successful General case: For all programs e program transformation e e ′ standard reduction e ′′ 6/43

  10. Idea of the Diagram Method Base case: For all successful e program transformation e e ′ successful standard reduction steps e ′′ successful General case: For all programs e program transformation e e ′ standard standard reduction reduction steps e ′′ e ′′′ program transformation steps 6/43

  11. Idea of the Diagram Method Base case: For all successful e Inductive construction program transformation e e ′ e e ′ successful standard reduction steps e ′′ successful General case: For all programs e program transformation e e ′ standard standard reduction reduction steps e ′′ e ′′ e ′′′ program successful transformation steps 6/43

  12. Idea of the Diagram Method Base case: For all successful e Inductive construction program transformation e e ′ e e ′ successful standard reduction steps e ′′′ e ′′ successful General case: For all programs e program transformation e e ′ standard standard reduction reduction steps e ′′ e ′′ e ′′′ program successful transformation steps 6/43

  13. Idea of the Diagram Method Base case: For all successful e Inductive construction program transformation e e ′ e e ′ successful standard reduction steps e ′′′ e ′′ successful General case: For all programs e by the program induction transformation hypothesis e e ′ standard standard reduction reduction steps e 4 e ′′ e ′′ e ′′′ program succ. successful transformation steps 6/43

  14. Idea of the Diagram Method Base case: For all successful e Inductive construction program transformation e e ′ e e ′ successful standard reduction steps e ′′′ e ′′ successful . . . General case: For all programs e program transformation e e ′ standard standard reduction reduction steps e 4 e 5 e ′′ e ′′ e ′′′ program succ. successful successful transformation steps 6/43

  15. Focused Languages and Previous Results The diagram technique was, for instance, used for call-by-need lambda calculi with letrec, data constructors, case, and seq [SSSS08, JFP] and non-determinism [SSS08, MSCS] process calculi with call-by-value [NSSSS07, MFPS] or call-by-need evaluation [SSS11, PPDP] and [SSS12, LICS] reasoning on whether program transformations are improvements w.r.t. the run-time [SSS15, PPDP] and [SSS17, SCP] 7/43

  16. Focused Languages and Previous Results The diagram technique was, for instance, used for call-by-need lambda calculi with letrec, data constructors, case, and seq [SSSS08, JFP] and non-determinism [SSS08, MSCS] process calculi with call-by-value [NSSSS07, MFPS] or call-by-need evaluation [SSS11, PPDP] and [SSS12, LICS] reasoning on whether program transformations are improvements w.r.t. the run-time [SSS15, PPDP] and [SSS17, SCP] Conclusions from these works The diagram method works well The method requires to compute overlaps (error-prone, tedious,...) Automation of the method would be valuable 7/43

  17. Automation of the Diagram-Method compute translate overlaps diagrams calculus description overlaps (I)TRS diagrams program prove termination join transformations overlaps (AProVE/CeTA) Diagram Automated Input calculator induction Structure of the LRSX-Tool 8/43

  18. Representation of the Input compute translate overlaps diagrams calculus description overlaps (I)TRS diagrams program prove termination join transformations overlaps (AProVE/CeTA) Diagram Automated Input calculator induction Structure of the LRSX-Tool 9/43

  19. Requirements on the Meta-Syntax The syntax of extended call-by-need lambda-calculi typically includes: lambda-calculus: variables x , abstractions λx.e , applications ( e e ′ ) data-constructors True , False , Nil , Cons e 1 e 2 ,. . . data-selectors / case-expressions let- and recursive let expressions: letrec x 1 = e 1 , . . . , x n = e n in e 10/43

  20. Requirements on the Meta-Syntax The syntax of extended call-by-need lambda-calculi typically includes: lambda-calculus: variables x , abstractions λx.e , applications ( e e ′ ) data-constructors True , False , Nil , Cons e 1 e 2 ,. . . data-selectors / case-expressions let- and recursive let expressions: letrec x 1 = e 1 , . . . , x n = e n in e Language LRS parametric over F Expressions s ∈ Expr ::= var x | letrec env in s | ( f r 1 . . . r ar ( f ) ) where r i is o i , s i , or x i specified by f ∈ F H.O.-Expressions o ∈ HExpr n ::= x 1 . . . . x n .s Environments env ∈ Env ::= ∅ | x = s ; env 10/43

  21. Requirements on the Meta-Syntax Operational semantics of typical call-by-need calculi (excerpt) Reduction contexts: A ::= [ · ] | ( A e ) R ::= A | letrec Env in A | letrec { x i = A i [ x i +1 ] } n − 1 i =1 , x n = A n , Env , in A [ x 1 ] Standard-reduction rules and some program transformations: (SR,lbeta) R [( λx.e 1 ) e 2 ] → R [ letrec x = e 2 in e 1 ] (SR,llet) letrec Env 1 in letrec Env 2 in e → letrec Env 1 , Env 2 in e . . . (T,cpx) T [ letrec x = y, Env in C [ x ]] → T [ letrec x = y, Env in C [ y ]] T [ letrec Env , Env ′ in e ] → T [ letrec Env ′ in e ] , (T,gc,1) if LetV ars ( Env ) ∩ FV ( e, Env ′ ) = ∅ (T,gc,2) T [ letrec Env in e ] → T [ e ] if LetVars ( Env ) ∩ FV ( e ) = ∅ 11/43

  22. Requirements on the Meta-Syntax Operational semantics of typical call-by-need calculi (excerpt) Reduction contexts: A ::= [ · ] | ( A e ) R ::= A | letrec Env in A | letrec { x i = A i [ x i +1 ] } n − 1 i =1 , x n = A n , Env , in A [ x 1 ] Standard-reduction rules and some program transformations: (SR,lbeta) R [( λx.e 1 ) e 2 ] → R [ letrec x = e 2 in e 1 ] (SR,llet) letrec Env 1 in letrec Env 2 in e → letrec Env 1 , Env 2 in e . . . (T,cpx) T [ letrec x = y, Env in C [ x ]] → T [ letrec x = y, Env in C [ y ]] T [ letrec Env , Env ′ in e ] → T [ letrec Env ′ in e ] , (T,gc,1) if LetV ars ( Env ) ∩ FV ( e, Env ′ ) = ∅ (T,gc,2) T [ letrec Env in e ] → T [ e ] if LetVars ( Env ) ∩ FV ( e ) = ∅ Meta-syntax must be capable to represent: contexts of different classes environments Env i and environment chains { x i = A i [ x i +1 ] } n − 1 i =1 11/43

Recommend

Automating the Diagram Method to Prove Correctness of Program Transformations David Sabel

Automating the Diagram Method to Prove Correctness of Program Transformations David Sabel

Automating the Diagram Method to Prove Correctness of Program Transformations David Sabel Goethe-University Frankfurt am Main, Germany WPTE 2018, July 8th, Oxford, UK Research supported by the Deutsche Forschungsgemeinschaft (DFG) under

766 views • 29 slides
Correctness of Program Transformations as a Termination Problem Conrad Rau, David Sabel and

Correctness of Program Transformations as a Termination Problem Conrad Rau, David Sabel and

Correctness of Program Transformations as a Termination Problem Conrad Rau, David Sabel and Manfred Schmidt-Schau Goethe-University, Frankfurt am Main, Germany IJCAR 2012, Manchester, UK 1 Introduction &amp; Motivation Automate correctness

345 views • 34 slides
Encoding Induction in Correctness Proofs of Program Transformations as a Termination Problem

Encoding Induction in Correctness Proofs of Program Transformations as a Termination Problem

Encoding Induction in Correctness Proofs of Program Transformations as a Termination Problem Conrad Rau, David Sabel and Manfred Schmidt-Schau Goethe-University, Frankfurt am Main, Germany WST 2012, Obergurgl, Austria 1 Introduction

307 views • 26 slides
Rewriting Techniques for syntax Correctness of Program Transformations normal order reduction

Rewriting Techniques for syntax Correctness of Program Transformations normal order reduction

LR Nondeterminism Overview The calculus LR with true call-by-need evaluation Rewriting Techniques for syntax Correctness of Program Transformations normal order reduction contextual semantics David Sabel and Manfred Schmidt-Schau

369 views • 15 slides
Program Correctness Assert formal correctness statements about

Program Correctness Assert formal correctness statements about

Program Correctness Assert formal correctness statements about cri4cal parts of a program and reason effec4vely A program is intended to carry out a

1.01k views • 57 slides
Proving Program Correctness The Axiomatic Approach What is Correctness? Correctness:

Proving Program Correctness The Axiomatic Approach What is Correctness? Correctness:

3/10/10 Proving Program Correctness The Axiomatic Approach What is Correctness? Correctness: partial correctness + termination Partial correctness: Program implements its specification 1 3/10/10 Proving Partial Correctness

420 views • 13 slides
On the Correctness of Model Transformations in the Development of Embedded Systems Gabor Karsai,

On the Correctness of Model Transformations in the Development of Embedded Systems Gabor Karsai,

On the Correctness of Model Transformations in the Development of Embedded Systems Gabor Karsai, Anantha Narayanan, Sandeep Neema Institute for Software-Integrated Systems Vanderbilt University Nashville, TN 37235, USA Overview The

667 views • 30 slides
Transformations Composition of Transformations Congruence Transformations Dilations Similarity

Transformations Composition of Transformations Congruence Transformations Dilations Similarity

Slide 1 / 145 Slide 2 / 145 Geometry Transformations 2014-09-08 www.njctl.org Slide 3 / 145 Slide 4 / 145 Table of Contents click on the topic to go to that section Transformations Translations Reflections Rotations Transformations

464 views • 25 slides
Recalling Our Intro to the Course 1 The Program Correctness Problem ? Conventional models of

Recalling Our Intro to the Course 1 The Program Correctness Problem ? Conventional models of

Recalling Our Intro to the Course 1 The Program Correctness Problem ? Conventional models of using computers not easy to determine correctness! Has become a very important issue, not just in safety-critical apps. Components with

534 views • 36 slides
Induction and Program Correctness Peter J. Haas INFO 150 Fall Semester 2019 Lecture 10 1/ 8

Induction and Program Correctness Peter J. Haas INFO 150 Fall Semester 2019 Lecture 10 1/ 8

Induction and Program Correctness Peter J. Haas INFO 150 Fall Semester 2019 Lecture 10 1/ 8 Overview Goal I Apply inductive reasoning to Java programs I In context of loops and recursion Lecture 10 2/ 8 Program Correctness Informally: A

143 views • 12 slides
Transformations Composition of Transformations Congruence Transformations Dilations

Transformations Composition of Transformations Congruence Transformations Dilations

Slide 1 / 154 Slide 2 / 154 Geometry Transformations 2014-09-08 www.njctl.org Slide 3 / 154 Slide 4 / 154 Table of Contents click on the topic to go to that section Transformations Translations Reflections Rotations

581 views • 45 slides
Transformations Composition of Transformations Congruence Transformations Dilations

Transformations Composition of Transformations Congruence Transformations Dilations

Slide 1 / 154 Slide 2 / 154 Geometry Transformations 2014-09-08 www.njctl.org Slide 3 / 154 Slide 4 / 154 Table of Contents click on the topic to go to that section Transformations Translations Reflections Rotations

643 views • 26 slides
Program correctness and verification Programs should be: clear; efficient; robust; reliable;

Program correctness and verification Programs should be: clear; efficient; robust; reliable;

Program correctness and verification Programs should be: clear; efficient; robust; reliable; user friendly; well documented; . . . but first of all, CORRECT dont forget though: also, executable. . . Correctness

202 views • 19 slides
IMPROVING PROGRAMS THROUGH SOURCE CODE TRANSFORMATIONS Disserta(on

IMPROVING PROGRAMS THROUGH SOURCE CODE TRANSFORMATIONS Disserta(on

IMPROVING PROGRAMS THROUGH SOURCE CODE TRANSFORMATIONS Disserta(on Proposal Jonathan Dorn April 19, 2016 Beyond Functional Correctness So9ware development

775 views • 59 slides
Program Verification (Rosen, Sections 5.5) TOPICS Program Correctness Preconditions &amp;

Program Verification (Rosen, Sections 5.5) TOPICS Program Correctness Preconditions &amp;

Program Verification (Rosen, Sections 5.5) TOPICS Program Correctness Preconditions &amp; Postconditions Program Verification Assignments Composition Conditionals Loops Proofs about Programs Why

537 views • 36 slides
Diagram Semigroups Much more fun than transformations! Michael Torpey University of St Andrews

Diagram Semigroups Much more fun than transformations! Michael Torpey University of St Andrews

Diagram Semigroups Much more fun than transformations! Michael Torpey University of St Andrews 2017-06-07 Michael Torpey (University of St Andrews) Diagram Semigroups 2017-06-07 1 / 8 Transformations Michael Torpey (University of St

721 views • 51 slides
Program Transformations in the Polca Project Jan Kuper April 6, 2016 partially funded by the

Program Transformations in the Polca Project Jan Kuper April 6, 2016 partially funded by the

Program Transformations in the Polca Project Jan Kuper April 6, 2016 partially funded by the European Comission under FP7-ICT-2014.3.4 contract number 610686 Polca Program Transformations in the Polca Project 1/11 Partners POLCA: Programming

425 views • 30 slides
CMSC427 Transformations I Credit: slides 9+ from Prof. Zwicker Transformations: outline

CMSC427 Transformations I Credit: slides 9+ from Prof. Zwicker Transformations: outline

CMSC427 Transformations I Credit: slides 9+ from Prof. Zwicker Transformations: outline Types of transformations Specific: translation, rotation, scaling, shearing Classes: rigid, affine, projective Representing transformations

1.11k views • 68 slides
The Calculus of Computation: Decision Procedures with 5. Program Correctness: Mechanics

The Calculus of Computation: Decision Procedures with 5. Program Correctness: Mechanics

The Calculus of Computation: Decision Procedures with 5. Program Correctness: Mechanics Applications to Verification by Aaron Bradley Zohar Manna Springer 2007 5- 1 5- 2 Program A: LinearSearch with function specification Function

777 views • 12 slides
IMPLEMENTING LOGIC BY SEMANTICS The RISCAL Approach to Automating Program Reasoning over Finite

IMPLEMENTING LOGIC BY SEMANTICS The RISCAL Approach to Automating Program Reasoning over Finite

IMPLEMENTING LOGIC BY SEMANTICS The RISCAL Approach to Automating Program Reasoning over Finite Domains Wolfgang Schreiner Research Institute for Symbolic Computation (RISC) Formal Methods in Computer Science Specification: Describe

458 views • 28 slides
Transformations Rotations Reflections Dilations Symmetry Congruence &amp; Similarity

Transformations Rotations Reflections Dilations Symmetry Congruence &amp; Similarity

Slide 1 / 230 Slide 2 / 230 8th Grade 2D Geometry: Transformations 2015-11-13 www.njctl.org Slide 3 / 230 Slide 4 / 230 Table of Contents Click on a topic to go to that section Transformations Translations Transformations

729 views • 39 slides
Review Transformations Scale Translate Rotate Combining Transformations

Review Transformations Scale Translate Rotate Combining Transformations

Review Transformations Scale Translate Rotate Combining Transformations Transformations are cumulative Flipping the y-axis direction Rotating about the center of an object Animating with transformations translate

695 views • 23 slides
Dragon1 Features Presentation 1. Import.xls and .bpmn files 2. Create UML use case diagram,

Dragon1 Features Presentation 1. Import.xls and .bpmn files 2. Create UML use case diagram,

Dragon1 Features Presentation 1. Import.xls and .bpmn files 2. Create UML use case diagram, class diagram, state transition diagram, activity diagram, sequence diagram 3. Create WSDL / SOA diagram 4. Create layered architecture diagram

646 views • 20 slides
On the length of knot transformations via Reidemeister Moves I and II Rafiq Saleh (Supervisors:

On the length of knot transformations via Reidemeister Moves I and II Rafiq Saleh (Supervisors:

On the length of knot transformations via Reidemeister Moves I and II Rafiq Saleh (Supervisors: Dr. Alexie Lisitsa &amp; Dr. Igor Potapov) Partially funded by UKEPSRC grant EP/J010898/1: Automatic Diagram Generation Royal Society IJP

893 views • 33 slides

More recommend