Presentation is loading. Please wait.

Presentation is loading. Please wait.

TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: A A Sumit Gulwani (MSR Redmond) Component-based Synthesis Susmit Jha.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: A A Sumit Gulwani (MSR Redmond) Component-based Synthesis Susmit Jha."— Presentation transcript:

1 TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: A A Sumit Gulwani (MSR Redmond) Component-based Synthesis Susmit Jha and Sanjit Seshia (UC-Berkeley) Joint work with: Ashish Tiwari (SRI) Ramarathnam Venkatesan (MSR Bangalore/Redmond)

2 Problem Definition Given: A library of components where each component comes with its functional specification Functional Specification of desired behavior Obtain: Appropriate composition of components to obtain desired behavior. Applications Bit-vector Algorithm Synthesis, Deobfuscation 1 Component based Synthesis

3 Straight-line programs that use –Arithmetic Operators: +,-,*,/ –Logical Operators: Bitwise and/or/not, Shift left/right Challenge: Combination of arithmetic + logical operators leads to unintuitive algorithms Application: Provides most-efficient way to accomplish a given task on a given architecture 2 Application 1: Bit-vector Algorithms

4 1 0 1 0 1 1 0 0 Turn-off rightmost 1-bit 3 Examples of Bitvector Algorithms 1 0 1 0 1 1 0 0 1 0 1 0 1 0 0 0 Y Y & (Y-1) 1 0 1 0 1 0 1 1 Y Y-1 1 0 1 0 1 0 0 0 & Y & (Y-1)

5 4 Examples of Bitvector Algorithms Turn-off rightmost contiguous sequence of 1-bits Y Y & (1 + (Y | (Y-1))) 1 0 1 0 1 1 0 0 1 0 1 0 0 0 0 0 Ceil of average of two integers without overflowing (X|Y) – ((X © Y) >> 1)

6 5 Examples of Bitvector Algorithms P25: Higher order half of product of x and y o1 := and(x,0xFFFF); o2 := shr(x,16); o3 := and(y,0xFFFF); o4 := shr(y,16); o5 := mul(o1,o3); o6 := mul(o2,o3); o7 := mul(o1,o4); o8 := mul(o2,o4); o9 := shr(o5,16); o10 := add(o6,o9); o11 := and(o10,0xFFFF); o12 := shr(o10,16); o13 := add(o7,o11); o14 := shr(o13,16); o15 := add(o14,o12); res := add(o15,o8); P24: Round up to next highest power of 2 o1 := sub(x,1); o2 := shr(o1,1); o3 := or(o1,o2); o4 := shr(o3,2); o5 := or(o3,o4); o6 := shr(o5,4); o7 := or(o5,o6); o8 := shr(o7,8); o9 := or(o7,o8); o10 := shr(o9,16); o11 := or(o9,o10); res := add(o10,1);

7 Transform given code into simpler representation (using components from the given code). Important for identifying malware/viruses 6 Application 2: Deobfuscation

8 7 Deobfuscation Example: Multiply by 45 Int multiply45Obs(int y) a=1; b=0; z=1; c=0; while(1) if (a==0) if (b==0) y=z+y; a= : a; b= : b; c= : c; if : c break; else z=z+y; a= : a; b= : b; c= : c; if : c break; else if (b==0) z=y<<2; a= : a; else z=y <<3; a= : a; b= : b; return y; Int multiply45(int y) z=y<<2; y=z+y; z=y<<3; y=z+y; return y;

9 8 Deobfuscation Example: Interchange src/dest InterchangeObs(Ipaddr *s, *d) *s = *s © *d; if (*s == *s © *d) *s = *s © *d; if (*s == *s © *d) *d = *s © *d; if (*d == *s © *d) *s = *d © *s; else *s = *s © *d; *d = *s © *d; return; else *s = *s © *d; *d = *s © *d; *s = *s © *d; Interchange(Ipaddr *s, *d) *d = *s © *d; *s = *s © *d; *d = *s © *d;

10 Functional Specification –Pre/Post-conditions, Input-output examples, Inefficient/Related programs –Interaction in face of over/under specification Search Space –Imperative/Functional Programs Operators Control-flow –Restricted Models of Computation Search Technique –Constraint Generation Invariant-based, Path-based, Input-based Precise/Abstract/Approximate Operator Encoding –Constraint Solving 9 Dimensions in Program Synthesis

11 Functional Specification –Pre/Post-conditions, Input-output examples, Inefficient/Related programs –Interaction in face of over/under specification Search Space –Imperative/Functional Programs Operators (Arithmetic/Logical) Control-flow (Straight-Line) –Restricted Models of Computation Search Technique –Constraint Generation Invariant-based, Path-based, Input-based Precise/Abstract/Approximate Operator Encoding –Constraint Solving 10 Dimensions in Program Synthesis

12 Functional Specification –Pre/Post-conditions, Input-output examples, Inefficient/Related programs –Interaction in face of over/under specification Search Space –Imperative/Functional Programs Operators (Arithmetic/Logical) Control-flow (Straight-Line) –Restricted Models of Computation Search Technique –Constraint Generation Invariant-based, Path-based, Input-based Precise/Abstract/Approximate Operator Encoding –Constraint Solving 11 Dimensions in Program Synthesis

13 Functional Specification –Pre/Post-conditions, Input-output examples, Inefficient/Related programs –Interaction in face of over/under specification Search Space –Imperative/Functional Programs Operators (Arithmetic/Logical) Control-flow (Straight-Line) –Restricted Models of Computation Search Technique –Constraint Generation Invariant-based, Path-based, Input-based Precise/Abstract/Approximate Operator Encoding –Constraint Solving 12 Dimensions in Program Synthesis

14 Choice 1: Logical relation between inputs and outputs Choice 2: Input-Output Examples 13 Functional Specification

15 Functional Spec of components Subtract, Bitwise-And Subtract(I1,I2,J) := J = (I1-I2) Bitwise-And(I1,I2,J) := J = (I1 & I2) 14 Functional Specification: Logical Relations Æ [ ( I[p]=1 Æ (I[j]=0) ) ) ( J[p]=0 Æ (J[j] = I[j]) ) ] p=1 b j=p+1 b jpjp Problem: Turn off rightmost 1-bit Functional Specification of desired behavior

16 Experiments: Comparison with Exhaustive Search 15 ProgramBrahmaAHA time Namelinesiterstime P12230.1 P22330.1 P32310.1 P42230.1 P52320.1 P62220.1 P73212 P83211 P93267 P103147610 P1137579 P12396710 ProgramBrahmaAHA time Namelinesiterstime P13446X P144460X P1548119X P164562X P174678109 P186546X P196535X P2076108X P218528X P2288279X P231081668X P24129224X P2516112779X

17 Problem: Turn off rightmost contiguous string of 1-bits Logical Relations –A bit complicated Input-Output Relations –Key challenge is to resolve ambiguity –Our solution: Interaction with user 16 Functional Specification

18 Problem: Turn-off rightmost contiguous string of 1’s User: I want a design that maps 01011 -> 01000 Oracle: I can think of two designs Design 1: (x+1) & (x-1) Design 2: (x+1) & x which differ on 00000 (Distinguishing Input) What should 00000 be mapped to? User: 00000 -> 00000     17 Dialog: Interactive Synthesis

19 Problem: Turn-off rightmost contiguous string of 1’s User: 01011 -> 01000 Oracle: 00000 ? User: 00000 Oracle: 01111 ? User: 00000 Oracle: 00110 ? User: 00000 Oracle: 01100 ? User: 00000 Oracle: 01010 ? User: 01000 Oracle: Your design is X & (1 + ((x-1)|x)) 18 Dialog: Interactive Synthesis

20 Distinguishing Input construction is a bit expensive. We tried two optimizations –Interleave with random inputs. Overall end-to-end performance even worse. –Interleave with biased random inputs. Performs best. 19 Synthesizing Inputs for Dialog with User

21 Theorem: If a circuit uses only add/subtract/and/or/not operators, then i th bit of an output depends only on i th bit of inputs and bits on right side of it. Biased Random Strategy: –Choose a random input whose rightmost bits are different from the ones that have already been queried for. –For example, if 3 inputs of following form have been queried r1 0 0 r2 0 1 r3 1 0 Then, choose the 4 th input to be of the form r4 1 1 20 Biased Random Input Selection

22 Experiments: Random vs Biased-Random 21 Prog.Random Biased-Random TimeItersTimeIters P11513 P271157 P32814 P421116 P54826 P662324 P71515 P821116 P951056 P1014 39 P112416149 P12279244610 Prog.Random Biased-Random TimeItersTimeIters P1333973 P14142547 P151687144 P166710196 P1721717216 P1822919264 P1916413655 P2021417636 P211074152726 P22XX1869 P23249125 P2412432 P25XX19

23 Problem Definition Given: A library of components where each component comes with its functional specification Functional Specification of desired behavior Obtain: Appropriate composition of components to obtain desired behavior. Inspiration Standard process of knowledge discovery Modular development Can it help with modular synthesis? 22 Conclusion: Component based Synthesis

Download ppt "TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: A A Sumit Gulwani (MSR Redmond) Component-based Synthesis Susmit Jha."

Similar presentations

From Verification to Synthesis Sumit Gulwani Microsoft Research, Redmond August 2013 Marktoberdorf Summer School Lectures: Part 1.

From Verification to Synthesis Sumit Gulwani Microsoft Research, Redmond August 2013 Marktoberdorf Summer School Lectures: Part 1.
1 Turing Machines and Equivalent Models Section 13.2 The Church-Turing Thesis.

1 Turing Machines and Equivalent Models Section 13.2 The Church-Turing Thesis.
SPEED: Precise & Efficient Static Estimation of Symbolic Computational Complexity Sumit Gulwani MSR Redmond TexPoint fonts used in EMF. Read the TexPoint.

SPEED: Precise & Efficient Static Estimation of Symbolic Computational Complexity Sumit Gulwani MSR Redmond TexPoint fonts used in EMF. Read the TexPoint.
Satisfiability Modulo Theories (An introduction)

Satisfiability Modulo Theories (An introduction)
Synthesizing Geometry Constructions Sumit Gulwani MSR, Redmond Vijay Korthikanti UIUC Ashish Tiwari SRI.

Synthesizing Geometry Constructions Sumit Gulwani MSR, Redmond Vijay Korthikanti UIUC Ashish Tiwari SRI.
Week 4 – Functions Introduction. Functions: Purpose Breaking a large problem into a series of smaller problems is a common problem- solving technique.

Week 4 – Functions Introduction. Functions: Purpose Breaking a large problem into a series of smaller problems is a common problem- solving technique.
Kinematic Synthesis of Robotic Manipulators from Task Descriptions June 2003 By: Tarek Sobh, Daniel Toundykov.

Kinematic Synthesis of Robotic Manipulators from Task Descriptions June 2003 By: Tarek Sobh, Daniel Toundykov.
Sumit Gulwani Microsoft Research, Redmond Dimensions in Program Synthesis ACM Symposium on Principles and Practice of Declarative.

Sumit Gulwani Microsoft Research, Redmond Dimensions in Program Synthesis ACM Symposium on Principles and Practice of Declarative.
VHDL Structural Architecture ENG241 Week #5 1. Fall 2012ENG241/Digital Design2 VHDL Design Styles Components and interconnects structural VHDL Design.

VHDL Structural Architecture ENG241 Week #5 1. Fall 2012ENG241/Digital Design2 VHDL Design Styles Components and interconnects structural VHDL Design.
Genetic Algorithms Contents 1. Basic Concepts 2. Algorithm

Genetic Algorithms Contents 1. Basic Concepts 2. Algorithm
By Claudia Fiorini, Enrico Martinelli, Fabio Massacci

By Claudia Fiorini, Enrico Martinelli, Fabio Massacci
Program Analysis as Constraint Solving Sumit Gulwani (MSR Redmond) Ramarathnam Venkatesan (MSR Redmond) Saurabh Srivastava (Univ. of Maryland) TexPoint.

Program Analysis as Constraint Solving Sumit Gulwani (MSR Redmond) Ramarathnam Venkatesan (MSR Redmond) Saurabh Srivastava (Univ. of Maryland) TexPoint.
Strong Implementation of Social Choice Functions in Dominant Strategies Clemens ThielenSven O. Krumke 3rd International Workshop on Computational Social.

Strong Implementation of Social Choice Functions in Dominant Strategies Clemens ThielenSven O. Krumke 3rd International Workshop on Computational Social.
Algorithms and Problem Solving-1 Algorithms and Problem Solving.

Algorithms and Problem Solving-1 Algorithms and Problem Solving.
CSE 830: Design and Theory of Algorithms

CSE 830: Design and Theory of Algorithms
Chapter 10-Arithmetic-logic units

Chapter 10-Arithmetic-logic units
Usable Synthesis Sumit Gulwani Microsoft Research, Redmond Usable Verification Workshop November 2010 MSR Redmond.

Usable Synthesis Sumit Gulwani Microsoft Research, Redmond Usable Verification Workshop November 2010 MSR Redmond.
Program Synthesis for Automating Education Sumit Gulwani Microsoft Research, Redmond.

Program Synthesis for Automating Education Sumit Gulwani Microsoft Research, Redmond.
Synthesis of Loop-free Programs Sumit Gulwani (MSR), Susmit Jha (UC Berkeley), Ashish Tiwari (SRI) and Ramarathnam Venkatesan(MSR) Susmit Jha 1.

Synthesis of Loop-free Programs Sumit Gulwani (MSR), Susmit Jha (UC Berkeley), Ashish Tiwari (SRI) and Ramarathnam Venkatesan(MSR) Susmit Jha 1.
The Design and Analysis of Algorithms

The Design and Analysis of Algorithms

Similar presentations

Ads by Google