Presentation is loading. Please wait.

Presentation is loading. Please wait.

FAST : a Transducer Based Language for Manipulating Trees Presented By: Loris D’Antoni Joint work with: Margus Veanes, Ben Livshits, David Molnar.

Published byGerard Harrington Modified over 9 years ago

Similar presentations

Presentation on theme: "FAST : a Transducer Based Language for Manipulating Trees Presented By: Loris D’Antoni Joint work with: Margus Veanes, Ben Livshits, David Molnar."— Presentation transcript:

1 FAST : a Transducer Based Language for Manipulating Trees Presented By: Loris D’Antoni Joint work with: Margus Veanes, Ben Livshits, David Molnar

2 Motivation Trees are common input/output data structures – XML query, type-checking, etc… – Compilers/optimizers (from parse tree to parse tree) – Tree manipulating programs: data structures algorithms, ontologies, etc… 2

3 HTML Sanitization Removing malicious active code from HTML documents is a tree transformation body script malicious code div p “Today I’m happy” body div p “Today I’m happy” SANITIZE 3

4 What do we Need? We want to write these single transformations separately to avoid errors 4 Remove malicious URLs Replace deprecated tags Remove bad elements (scripts…)

5 Interesting Properties Composition: T(x) = T 2 (T 1 (x)) Type-checking: given two languages I,O T(I) is always in O Pre-image: compute the input that produces a particular output To achieve speed Check if the sanitizer ever produces a malicious output Produce counterexamples if type-checking fails 5 DEMODEMO: http://rise4fun.com/Fast/jN

6 FAST Compiler FAST code Transducers Analysis and optimization C# 6 SMT solver

7 Stages by Example 7 mapCmapC2 Transducers

8 CHOOSING THE RIGHT FORMALISM 8

9 Semantics as Transducers Goal: find a decidable class of tree transducers that can express the previous examples 9

10 Top Down Tree Transducers [Engelfriet75] q(a(x 1,x 2 ))  b(c,q 1 (x 1 )) Decidable properties: type-checking, etc… Domain expressiveness: only finite alphabets ab c q q1q1 x1x1 x2x2 x1x1 10

11 Symbolic Tree Transducers [PSI11] q(λa.a>3,(x 1,x 2 ))  λa.a+1,(λa.a-2,q 1 (x 1 )) Decidable properties: type-checking, etc… Domain expressiveness: infinite alphabets using predicates and functions Structural expressiveness: can’t delete a node without reading it first 55+1 5-2 q q1q1 x1x1 x2x2 x1x1 Such that 5>3 is true 11 Alphabet theory has to be DECIDABLE We’ll use Z3 to check predicate satisfiability

12 Improving structural expressiveness Transformation: delete the left child if its root greater than 5 If we delete the node we can’t check that the left child was actually greater than 5 1 2 3 q 1 3 q 12 Regular Look-Ahead (RLA) ??

13 Regular Look Ahead (TOP R ) : Transformation: delete a node if its left child is greater than 5 Rules can ask whether the children are in particular languages – p 1 : the language of trees whose root is greater than 5 – p 2 : the language of all trees Decidable properties: type-checking, etc… Domain expressiveness: infinite alphabets Structural expressiveness: good enough to express our examples 1 7 3 q p1p1 p2p2 1 3 q Transformation now is safe 13

14 DecidabilityComplexityStructuralExpressiveness Infinite alphabets Top Down Tree Transducers [Engelfriet75]VVXX Top Down Tree Transducers with Regular Look-ahead [Engelfriet76]VV~X Streaming Tree Transducers [AlurDantoni12]VXVX Data Automata [Bojanczyk98]~XXV Symbolic Tree Transducers [VeanesBjoerner11]VVXV Symbolic Tree Transducers RLAVV~V 14

15 COMPOSITION OF SYMBOLIC TRANSDUCERS WITH REGULAR LOOKAHEAD 15

16 Composition of STT R This is not always possible!! Find the biggest class for which it is possible 16 T1T1 T1T1 T2T2 T2T2 T 1 o T 2

17 Classes of STT R DETERMINISTIC: at most one transducer rule applies for each input tree LINEAR: each child appear at most once in the right hand side of each rule 17 xq x+1 q2q2 q1q1 linear nonlinear x+1 q2q2 q1q1

18 When can we Compose? Theorem: T(x) = T 2 (T 1 (x)) definable by a Symbolic Tree Transducers with RLA if – T 1 is deterministic, OR – T 2 is linear All our examples fall in this category 18 Alphabet theory has to be DECIDABLE We’ll use Z3 to check predicate satisfiability

19 Pre-image as Composition 19 T O ? Domain(T o O)

20 FAST: Decidable by Design 20 Composition Type-checking Pre-image Symbolic Tree Transducers with RLA SMT Solver for Alphabet Theory

21 CASE STUDIES AND EXPERIMENTS 21

22 Case Studies and Experiments Program Optimization: Deforestation of functional programs Verification: HTML sanitization Analysis of functional programs Augmented reality app store 22 Infinite Alphabets: Integer Data types

23 Deforestation Removing intermediate data structures from programs ADVANTAGE: the program is a single transducer reads the input list only once, thanks to transducers composition 23 alphabet ILIst [i : int] { nil(0), cons(1) } trans mapC: IList  IList { nil() to nil [0] | cons(x) to cons [(i+5)%26] (mapC x) } def mapC 2 : IList  IList := compose mapC mapC

24 Deforestation: Speedup 24 f(f(f(…f(x)...) (f;f;f;…;f)(x)

25 Analysis of Functional Programs 25

26 AR Interference Analysis Recognizers output data that can be seen as a tree structure Spine Hip Neck HeadKnee Ankle Foot …. 26

27 Apps as Tree Transformations Applications that use recognizers can be modeled as FAST programs 27 trans addHat: STree -> STree Spine(x,y) to Spine(addHat(x), y) | Neck(h,l,r) to Neck(addHat(h), l, r) | Head(a) to Head(Hat(a))

28 Composition of Programs Two FAST programs can be composed into a single FAST program p1p1p1p1 p2p2p2p2 p 1 ;p 2 28

29 Interference analysis Apps can be malicious: try to overwrite outputs of other apps Apps interfere when they annotate the same node of a recognizer’s output We can compose them and check if they interfere statically!! – Put checker in the AppStore and analyze Apps before approval Interfering apps Add cat earsAdd hat Add pin to a cityBlur a city Amazon Buy Now button Malicious Buy Now button 29

30 Interference Analysis in Practice 100 generated FAST programs, up to 85 functions each Check statically if they conflict pairwise for ANY possible input Checked 99% of program pair in less than 0.5 sec! For an App store these are perfectly fine

31 No Cheap Talk 31

32 Conclusion FAST: a versatile language for tree manipulating programs with decidable analysis Symbolic tree transducers with RLA FAST is online: http://rise4fun.com/Fast/http://rise4fun.com/Fast/ 32

33 DecidabilityComplexityStructuralExpressiveness Infinite alphabets Top Down Tree Transducers [Engelfriet75]VVXX Top Down Tree Transducers with Regular Look-ahead [Engelfriet76]VV~X Streaming Tree Transducers [AlurDantoni12]VXVX Data Automata [Bojanczyk98]~XXV Symbolic Tree Transducers [VeanesBjoerner11]VVXV 33

Download ppt "FAST : a Transducer Based Language for Manipulating Trees Presented By: Loris D’Antoni Joint work with: Margus Veanes, Ben Livshits, David Molnar."

Similar presentations

Equivalence of Extended Symbolic Finite Transducers Presented By: Loris D’Antoni Joint work with: Margus Veanes.

Equivalence of Extended Symbolic Finite Transducers Presented By: Loris D’Antoni Joint work with: Margus Veanes.
C O N T E X T - F R E E LANGUAGES ( use a grammar to describe a language) 1.

C O N T E X T - F R E E LANGUAGES ( use a grammar to describe a language) 1.
1 Introduction to Computability Theory Lecture3: Regular Expressions Prof. Amos Israeli.

1 Introduction to Computability Theory Lecture3: Regular Expressions Prof. Amos Israeli.
1 Introduction to Computability Theory Lecture4: Regular Expressions Prof. Amos Israeli.

1 Introduction to Computability Theory Lecture4: Regular Expressions Prof. Amos Israeli.
Introduction to Computability Theory

Introduction to Computability Theory
1 Introduction to Computability Theory Lecture7: PushDown Automata (Part 1) Prof. Amos Israeli.

1 Introduction to Computability Theory Lecture7: PushDown Automata (Part 1) Prof. Amos Israeli.
176 Formal Languages and Applications: We know that Pascal programming language is defined in terms of a CFG. All the other programming languages are context-free.

176 Formal Languages and Applications: We know that Pascal programming language is defined in terms of a CFG. All the other programming languages are context-free.
Constraint Logic Programming Ryan Kinworthy. Overview Introduction Logic Programming LP as a constraint programming language Constraint Logic Programming.

Constraint Logic Programming Ryan Kinworthy. Overview Introduction Logic Programming LP as a constraint programming language Constraint Logic Programming.
9/27/2006Prof. Hilfinger, Lecture 141 Syntax-Directed Translation Lecture 14 (adapted from slides by R. Bodik)

9/27/2006Prof. Hilfinger, Lecture 141 Syntax-Directed Translation Lecture 14 (adapted from slides by R. Bodik)
Proof-system search ( ` ) Interpretation search ( ² ) Main search strategy DPLL Backtracking Incremental SAT Natural deduction Sequents Resolution Main.

Proof-system search ( ` ) Interpretation search ( ² ) Main search strategy DPLL Backtracking Incremental SAT Natural deduction Sequents Resolution Main.
Chapter 4 Lexical and Syntax Analysis Sections 1-4.

Chapter 4 Lexical and Syntax Analysis Sections 1-4.
Validating Streaming XML Documents Luc Segoufin & Victor Vianu Presented by Harel Paz.

Validating Streaming XML Documents Luc Segoufin & Victor Vianu Presented by Harel Paz.
Parsing III (Eliminating left recursion, recursive descent parsing)

Parsing III (Eliminating left recursion, recursive descent parsing)
ISBN 0-321-19362-8 Chapter 4 Lexical and Syntax Analysis The Parsing Problem Recursive-Descent Parsing.

ISBN Chapter 4 Lexical and Syntax Analysis The Parsing Problem Recursive-Descent Parsing.
CS 490: Automata and Language Theory Daniel Firpo Spring 2003.

CS 490: Automata and Language Theory Daniel Firpo Spring 2003.
1 Foundations of Software Design Lecture 23: Finite Automata and Context-Free Grammars Marti Hearst Fall 2002.

1 Foundations of Software Design Lecture 23: Finite Automata and Context-Free Grammars Marti Hearst Fall 2002.
Normal forms for Context-Free Grammars

Normal forms for Context-Free Grammars
Lexical and Syntax Analysis

Lexical and Syntax Analysis
MIT 6.035 Top-Down Parsing Martin Rinard Laboratory for Computer Science Massachusetts Institute of Technology.

MIT Top-Down Parsing Martin Rinard Laboratory for Computer Science Massachusetts Institute of Technology.
YOLT Yuan Zheng Omar Ahmed Lukas Dudkowski T. Mark Kuba.

YOLT Yuan Zheng Omar Ahmed Lukas Dudkowski T. Mark Kuba.

Similar presentations

Ads by Google