最高の統計ソフトウェアはどれか? "What’s the Best Statistical Software? A Comparison of R, Py...ケンタ タナカ
"What’s the Best Statistical Software? A Comparison of R, Python, SAS, SPSS and STATA" https://www.inwt-statistics.com/read-blog/comparison-of-r-python-sas-spss-and-stata.html の抄訳です。
Recent years have seen the emergence of several static analysis techniques for reasoning about programs. This talk presents several major classes of techniques and tools that implement these techniques. Part of the presentation will be a demonstration of the tools.
Dr. Subash Shankar is an Associate Professor in the Computer Science department at Hunter College, CUNY. Prior to joining CUNY, he received a PhD from the University of Minnesota and was a postdoctoral fellow in the model checking group at Carnegie Mellon University. Dr. Shankar also has over 10 years of industrial experience, mostly in the areas of formal methods and tools for analyzing hardware and software systems.
Keynote given at the Asia Pacific Software Engineering Conference (APSEC), December 2020, on Automated Program Repair technologies and their applications.
最高の統計ソフトウェアはどれか? "What’s the Best Statistical Software? A Comparison of R, Py...ケンタ タナカ
"What’s the Best Statistical Software? A Comparison of R, Python, SAS, SPSS and STATA" https://www.inwt-statistics.com/read-blog/comparison-of-r-python-sas-spss-and-stata.html の抄訳です。
Recent years have seen the emergence of several static analysis techniques for reasoning about programs. This talk presents several major classes of techniques and tools that implement these techniques. Part of the presentation will be a demonstration of the tools.
Dr. Subash Shankar is an Associate Professor in the Computer Science department at Hunter College, CUNY. Prior to joining CUNY, he received a PhD from the University of Minnesota and was a postdoctoral fellow in the model checking group at Carnegie Mellon University. Dr. Shankar also has over 10 years of industrial experience, mostly in the areas of formal methods and tools for analyzing hardware and software systems.
Keynote given at the Asia Pacific Software Engineering Conference (APSEC), December 2020, on Automated Program Repair technologies and their applications.
Jay Yagnik at AI Frontiers : A History Lesson on AIAI Frontiers
We have reached a remarkable point in history with the evolution of AI, from applying this technology to incredible use cases in healthcare, to addressing the world's biggest humanitarian and environmental issues. Our ability to learn task-specific functions for vision, language, sequence and control tasks is getting better at a rapid pace. This talk will survey some of the current advances in AI, compare AI to other fields that have historically developed over time, and calibrate where we are in the relative advancement timeline. We will also speculate about the next inflection points and capabilities that AI can offer down the road, and look at how those might intersect with other emergent fields, e.g. Quantum computing.
Description: WeightWatcher (WW): is an open-source, diagnostic tool for analyzing Deep Neural Networks (DNN), without needing access to training or even test data. It can be used to:analyze pre/trained PyTorch, Keras, DNN models (Conv2D and Dense layers) monitor models, and the model layers, to see if they are over-trained or over-parameterized, predict test accuracies across different models, with or without training data, and detect potential problems when compressing or fine-tuning pre-trained models. see https://weightwatcher.ai
After four successful JUnit tool competitions, we
report on the achievements of a new Java Unit Testing Tool
Competition. This 5th contest introduces statistical analyses in
the benchmark infrastructure and has been validated with significance against the results of the previous 4th edition. Overall, the competition evaluates four automated JUnit testing tools taking as baseline human written test cases from real projects. The paper details the modifications performed to the methodology
and provides full results of the competition.
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisGlobus
JASMIN is the UK’s high-performance data analysis platform for environmental science, operated by STFC on behalf of the UK Natural Environment Research Council (NERC). In addition to its role in hosting the CEDA Archive (NERC’s long-term repository for climate, atmospheric science & Earth observation data in the UK), JASMIN provides a collaborative platform to a community of around 2,000 scientists in the UK and beyond, providing nearly 400 environmental science projects with working space, compute resources and tools to facilitate their work. High-performance data transfer into and out of JASMIN has always been a key feature, with many scientists bringing model outputs from supercomputers elsewhere in the UK, to analyse against observational or other model data in the CEDA Archive. A growing number of JASMIN users are now realising the benefits of using the Globus service to provide reliable and efficient data movement and other tasks in this and other contexts. Further use cases involve long-distance (intercontinental) transfers to and from JASMIN, and collecting results from a mobile atmospheric radar system, pushing data to JASMIN via a lightweight Globus deployment. We provide details of how Globus fits into our current infrastructure, our experience of the recent migration to GCSv5.4, and of our interest in developing use of the wider ecosystem of Globus services for the benefit of our user community.
Your Digital Assistant.
Making complex approach simple. Straightforward process saves time. No more waiting to connect with people that matter to you. Safety first is not a cliché - Securely protect information in cloud storage to prevent any third party from accessing data.
Would you rather make your visitors feel burdened by making them wait? Or choose VizMan for a stress-free experience? VizMan is an automated visitor management system that works for any industries not limited to factories, societies, government institutes, and warehouses. A new age contactless way of logging information of visitors, employees, packages, and vehicles. VizMan is a digital logbook so it deters unnecessary use of paper or space since there is no requirement of bundles of registers that is left to collect dust in a corner of a room. Visitor’s essential details, helps in scheduling meetings for visitors and employees, and assists in supervising the attendance of the employees. With VizMan, visitors don’t need to wait for hours in long queues. VizMan handles visitors with the value they deserve because we know time is important to you.
Feasible Features
One Subscription, Four Modules – Admin, Employee, Receptionist, and Gatekeeper ensures confidentiality and prevents data from being manipulated
User Friendly – can be easily used on Android, iOS, and Web Interface
Multiple Accessibility – Log in through any device from any place at any time
One app for all industries – a Visitor Management System that works for any organisation.
Stress-free Sign-up
Visitor is registered and checked-in by the Receptionist
Host gets a notification, where they opt to Approve the meeting
Host notifies the Receptionist of the end of the meeting
Visitor is checked-out by the Receptionist
Host enters notes and remarks of the meeting
Customizable Components
Scheduling Meetings – Host can invite visitors for meetings and also approve, reject and reschedule meetings
Single/Bulk invites – Invitations can be sent individually to a visitor or collectively to many visitors
VIP Visitors – Additional security of data for VIP visitors to avoid misuse of information
Courier Management – Keeps a check on deliveries like commodities being delivered in and out of establishments
Alerts & Notifications – Get notified on SMS, email, and application
Parking Management – Manage availability of parking space
Individual log-in – Every user has their own log-in id
Visitor/Meeting Analytics – Evaluate notes and remarks of the meeting stored in the system
Visitor Management System is a secure and user friendly database manager that records, filters, tracks the visitors to your organization.
"Secure Your Premises with VizMan (VMS) – Get It Now"
Understanding Globus Data Transfers with NetSageGlobus
NetSage is an open privacy-aware network measurement, analysis, and visualization service designed to help end-users visualize and reason about large data transfers. NetSage traditionally has used a combination of passive measurements, including SNMP and flow data, as well as active measurements, mainly perfSONAR, to provide longitudinal network performance data visualization. It has been deployed by dozens of networks world wide, and is supported domestically by the Engagement and Performance Operations Center (EPOC), NSF #2328479. We have recently expanded the NetSage data sources to include logs for Globus data transfers, following the same privacy-preserving approach as for Flow data. Using the logs for the Texas Advanced Computing Center (TACC) as an example, this talk will walk through several different example use cases that NetSage can answer, including: Who is using Globus to share data with my institution, and what kind of performance are they able to achieve? How many transfers has Globus supported for us? Which sites are we sharing the most data with, and how is that changing over time? How is my site using Globus to move data internally, and what kind of performance do we see for those transfers? What percentage of data transfers at my institution used Globus, and how did the overall data transfer performance compare to the Globus users?
Advanced Flow Concepts Every Developer Should KnowPeter Caitens
Tim Combridge from Sensible Giraffe and Salesforce Ben presents some important tips that all developers should know when dealing with Flows in Salesforce.
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus
As part of the DOE Integrated Research Infrastructure (IRI) program, NERSC at Lawrence Berkeley National Lab and ALCF at Argonne National Lab are working closely with General Atomics on accelerating the computing requirements of the DIII-D experiment. As part of the work the team is investigating ways to speedup the time to solution for many different parts of the DIII-D workflow including how they run jobs on HPC systems. One of these routes is looking at Globus Compute as a way to replace the current method for managing tasks and we describe a brief proof of concept showing how Globus Compute could help to schedule jobs and be a tool to connect compute at different facilities.
Large Language Models and the End of ProgrammingMatt Welsh
Talk by Matt Welsh at Craft Conference 2024 on the impact that Large Language Models will have on the future of software development. In this talk, I discuss the ways in which LLMs will impact the software industry, from replacing human software developers with AI, to replacing conventional software with models that perform reasoning, computation, and problem-solving.
We describe the deployment and use of Globus Compute for remote computation. This content is aimed at researchers who wish to compute on remote resources using a unified programming interface, as well as system administrators who will deploy and operate Globus Compute services on their research computing infrastructure.
Strategies for Successful Data Migration Tools.pptxvarshanayak241
Data migration is a complex but essential task for organizations aiming to modernize their IT infrastructure and leverage new technologies. By understanding common challenges and implementing these strategies, businesses can achieve a successful migration with minimal disruption. Data Migration Tool like Ask On Data play a pivotal role in this journey, offering features that streamline the process, ensure data integrity, and maintain security. With the right approach and tools, organizations can turn the challenge of data migration into an opportunity for growth and innovation.
Developing Distributed High-performance Computing Capabilities of an Open Sci...Globus
COVID-19 had an unprecedented impact on scientific collaboration. The pandemic and its broad response from the scientific community has forged new relationships among public health practitioners, mathematical modelers, and scientific computing specialists, while revealing critical gaps in exploiting advanced computing systems to support urgent decision making. Informed by our team’s work in applying high-performance computing in support of public health decision makers during the COVID-19 pandemic, we present how Globus technologies are enabling the development of an open science platform for robust epidemic analysis, with the goal of collaborative, secure, distributed, on-demand, and fast time-to-solution analyses to support public health.
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERRORTier1 app
Even though at surface level ‘java.lang.OutOfMemoryError’ appears as one single error; underlyingly there are 9 types of OutOfMemoryError. Each type of OutOfMemoryError has different causes, diagnosis approaches and solutions. This session equips you with the knowledge, tools, and techniques needed to troubleshoot and conquer OutOfMemoryError in all its forms, ensuring smoother, more efficient Java applications.
Experience our free, in-depth three-part Tendenci Platform Corporate Membership Management workshop series! In Session 1 on May 14th, 2024, we began with an Introduction and Setup, mastering the configuration of your Corporate Membership Module settings to establish membership types, applications, and more. Then, on May 16th, 2024, in Session 2, we focused on binding individual members to a Corporate Membership and Corporate Reps, teaching you how to add individual members and assign Corporate Representatives to manage dues, renewals, and associated members. Finally, on May 28th, 2024, in Session 3, we covered questions and concerns, addressing any queries or issues you may have.
For more Tendenci AMS events, check out www.tendenci.com/events
Unleash Unlimited Potential with One-Time Purchase
BoxLang is more than just a language; it's a community. By choosing a Visionary License, you're not just investing in your success, you're actively contributing to the ongoing development and support of BoxLang.
top nidhi software solution freedownloadvrstrong314
This presentation emphasizes the importance of data security and legal compliance for Nidhi companies in India. It highlights how online Nidhi software solutions, like Vector Nidhi Software, offer advanced features tailored to these needs. Key aspects include encryption, access controls, and audit trails to ensure data security. The software complies with regulatory guidelines from the MCA and RBI and adheres to Nidhi Rules, 2014. With customizable, user-friendly interfaces and real-time features, these Nidhi software solutions enhance efficiency, support growth, and provide exceptional member services. The presentation concludes with contact information for further inquiries.
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Globus
Large Language Models (LLMs) are currently the center of attention in the tech world, particularly for their potential to advance research. In this presentation, we'll explore a straightforward and effective method for quickly initiating inference runs on supercomputers using the vLLM tool with Globus Compute, specifically on the Polaris system at ALCF. We'll begin by briefly discussing the popularity and applications of LLMs in various fields. Following this, we will introduce the vLLM tool, and explain how it integrates with Globus Compute to efficiently manage LLM operations on Polaris. Attendees will learn the practical aspects of setting up and remotely triggering LLMs from local machines, focusing on ease of use and efficiency. This talk is ideal for researchers and practitioners looking to leverage the power of LLMs in their work, offering a clear guide to harnessing supercomputing resources for quick and effective LLM inference.
First Steps with Globus Compute Multi-User EndpointsGlobus
In this presentation we will share our experiences around getting started with the Globus Compute multi-user endpoint. Working with the Pharmacology group at the University of Auckland, we have previously written an application using Globus Compute that can offload computationally expensive steps in the researcher's workflows, which they wish to manage from their familiar Windows environments, onto the NeSI (New Zealand eScience Infrastructure) cluster. Some of the challenges we have encountered were that each researcher had to set up and manage their own single-user globus compute endpoint and that the workloads had varying resource requirements (CPUs, memory and wall time) between different runs. We hope that the multi-user endpoint will help to address these challenges and share an update on our progress here.
Enhancing Research Orchestration Capabilities at ORNL.pdfGlobus
Cross-facility research orchestration comes with ever-changing constraints regarding the availability and suitability of various compute and data resources. In short, a flexible data and processing fabric is needed to enable the dynamic redirection of data and compute tasks throughout the lifecycle of an experiment. In this talk, we illustrate how we easily leveraged Globus services to instrument the ACE research testbed at the Oak Ridge Leadership Computing Facility with flexible data and task orchestration capabilities.
3. Research Interests
• Formal specification, verification, and synthesis
of (mainly but not limited to) higher-order functional programs
by AI techniques such as constraint solving and machine learning
• Ongoing projects
• Synthesis of High-Level Programs from Temporal and Relational
Specifications (PI: Hiroshi Unno)
• Program Verification Techniques for the AI Era
(PI: Naoki Kobayashi)
• AI Security and Privacy (PI: Jun Sakuma)
• Metamathematics for Systems Design Project (PI: Ichiro Hasuo)
• …
2020/12/18 STAIR Lab Software Technology Seminar 3
4. This Talk
• Tutorial of program verification and synthesis based
on constraint solving and machine learning
2020/12/18 STAIR Lab Software Technology Seminar 4
5. Background
• Our society heavily relies on computer systems
• Failure or malfunction of safety-critical systems would lead
to human, social, economic, and environmental damage
• 1985-1987 – Therac-25 medical accelerator delivered lethal
radiation doses to patients
• June 4, 1996 – Ariane 5 Flight 501 exploded
• February, 2014 – 1.9 million Prius cars recalled
• April, 2014 – OpenSSL Heartbleed vulnerability disclosed
• June 17, 2016 – Ethereum DAO attacked, over $55M stolen
• Reliability assurance of safety-critical systems is crucial
2020/12/18 STAIR Lab Software Technology Seminar 5
6. Program Verification
• Formally prove or disprove a mathematical proposition 𝑄:
“The given program satisfies its formal specification”
• Great attentions from industry and academia
• Microsoft’s SLAM & Everest projects, Facebook’s Infer, AWS
• Turing awards to Hoare logic, temporal logic, model checking, …
2020/12/18 STAIR Lab Software Technology Seminar 6
Program & Spec.
let rec mc x =
if x > 100 then
x – 10
else
mc (mc (x + 11))
in
let n = randi() in
if n ≤ 101 then
assert (mc n = 91)
Program Verifier
A proof of 𝑄
or
A counterexample to 𝑄
(e.g., a program input
leading to a spec. violation)
or
Unknown
7. Program Synthesis
• Input an incomplete program and its specification 𝝓,
and output an executable program 𝑷 that satisfies 𝝓
• 𝜙 specifies extensional (what 𝑃 computes) and/or
intentional (how 𝑃 computes) behaviors of 𝑃
• 𝜙 is represented as a logical formula, input/output examples
(e.g., MS Excel FlashFill), a natural language sentence, …
2020/12/18 7STAIR Lab Software Technology Seminar
Incomplete Program
& Specification
let rec mc x = ?
let n = randi() in
if n ≤ 101 then
assert (mc n = 91)
Program Synthesizer
A program satisfying the spec.
let rec mc x =
if x > 100 then
x – 10
else
mc (mc (x + 11))
or
A proof of unrealizability
or
Unknown
8. Enabling Technologies
• Program logics for mechanizing verification & synthesis
• Hoare logic for proving Hoare triples 𝑃 𝑐 𝑄 meaning that:
For any initial state 𝜎 that satisfies the precondition 𝑃, if the execution
of the program 𝑐 under 𝜎 terminates, the postcondition 𝑄 is satisfied by
the resulting state
• Separation logic
• Dependent refinement type system
• Graded modal type system
• Constraint solvers for automating verification & synthesis
• SAT solvers: satisfiability checker for propositional formulas
• SMT solvers: satisfiability checker for predicate formulas over
first-order theories on integers, reals, lists, arrays, …
2020/12/18 STAIR Lab Software Technology Seminar 8
What about functions (that represent inductive invariants,
ranking functions, recurrent sets, Skolem functions, …)?
9. This Talk
• Tutorial of program verification and synthesis based on
constraint solving and machine learning over functions
• First part: How to reduce program verification and
synthesis to constraint solving
• Second part: How to solve constraints via integrated
deductive and inductive reasoning
• Deductive reasoning by theorem proving (e.g., SAT, SMT)
• Inductive reasoning by machine learning (e.g., decision tree
learning, reinforcement learning)
2020/12/18 STAIR Lab Software Technology Seminar 9
10. This Talk
• Tutorial of program verification and synthesis based on
constraint solving and machine learning over functions
• First part: How to reduce program verification and
synthesis to constraint solving
• Second part: How to solve constraints via integrated
deductive and inductive reasoning
• Deductive reasoning by theorem proving (e.g., SAT, SMT)
• Inductive reasoning by machine learning (e.g., decision tree
learning, reinforcement learning)
2020/12/18 STAIR Lab Software Technology Seminar 10
11. Program Verification via
Constraint Solving
2020/12/18 STAIR Lab Software Technology Seminar
Constraint
Generation
𝓒 is Sat (𝑷 satisfies 𝝍),
𝓒 is Unsat (𝑷 violates 𝝍),
or Unknown
Constraint
Solving
Constraints 𝓒 on Function Variables
Target Program 𝑷 & Specification 𝝍
11
Verification Intermediary
Independent of Particular
Target and Method
12. Program Verification via
Constrained Horn Clauses (CHCs)
2020/12/18 STAIR Lab Software Technology Seminar
Constraint
Generation
𝓒 is Sat (𝑷 satisfies 𝝍),
𝓒 is Unsat (𝑷 violates 𝝍),
or Unknown
Constraint
Solving
Target Program 𝑷 & Specification 𝝍
CHCs Constraints 𝓒 on Predicate Variables
JayHorn for Java [Kahsai+ ’16]
SeaHorn for C [Gurfinkel+ ’15]
RCaml for OCaml [Unno+ ’09]
SPACER [Komuravelli+ ’14]
Hoice [Champion+ ’18]
Eldarica [Hojjat+ ’18]
12
13. CHCs: Constrained Horn Clauses
(see e.g., [Bjørner+ ’15] )
• A finite set 𝓒 of Horn-clauses of either form:
where 𝑋0, 𝑋1 … , 𝑋 𝑚 are predicate variables,
𝑡0, … , 𝑡 𝑚 are sequences of terms of a 1st-order theory 𝑇,
𝜙 is a formula of 𝑇 without predicate variables.
• 𝓒 is satisfiable (modulo 𝑇) if there is an interpretation 𝜌 of
predicate variables such that 𝜌 ⊨ ⋀𝓒
2020/12/18 STAIR Lab Software Technology Seminar
𝑋0 𝑡0 ⟸ 𝑋1 𝑡1 ∧ ⋯ ∧ 𝑋 𝑚 𝑡 𝑚 ∧ 𝜙
13
⊥ ⟸ 𝑋1 𝑡1 ∧ ⋯ ∧ 𝑋 𝑚 𝑡 𝑚 ∧ 𝜙or
14. 𝑥 = 𝑥0
𝑦 = 0;
𝐰𝐡𝐢𝐥𝐞 𝑥 ≠ 0 𝐝𝐨
𝑦 ← 𝑦 + 1;
𝑥 ← 𝑥 − 1
𝐝𝐨𝐧𝐞
𝑦 = 𝑥0
2020/12/18 STAIR Lab Software Technology Seminar
If the initial state satisfies
the pre-condition 𝑥 = 𝑥0
and the loop terminates
the post-condition 𝑦 = 𝑥0 is
satisfied by the resulting state
Prog. & Spec. CHCs SAT or UNSAT
Constraint Generation Constraint Solving
Example Program and Partial Correctness Specification:
Pre-
condition
Post-
condition
14
16. Program Verification via
Constrained Horn Clauses (CHCs)
2020/12/18 STAIR Lab Software Technology Seminar
Constraint
Generation
𝓒 is Sat (𝑷 satisfies 𝝍),
𝓒 is Unsat (𝑷 violates 𝝍),
or Unknown
Constraint
Solving
Target Program 𝑷 & Specification 𝝍
CHCs Constraints 𝓒 on Predicate Variables
Limited to Linear-Time
Safety Verification
16
17. pCSP Constraints 𝓒 on Predicate Variables
Target Program 𝑷 & Specification 𝝍
Program Verification via Predicate
Constraint Satisfaction [Satake+ ’20]
2020/12/18 STAIR Lab Software Technology Seminar
Constraint
Generation
𝓒 is Sat (𝑷 satisfies 𝝍),
𝓒 is Unsat (𝑷 violates 𝝍),
or Unknown
Constraint
Solving
Applicable to (Finitely-)
Branching-Time Safety
Verification
17
PCSat [Satake+ ’20, Unno+ ’20]
18. Linear-Time vs. Branching-Time
Verification of Non-det. Programs
• The target program 𝑷 may exhibit non-determinism
caused by user input, network comm., scheduling, …
• Linear-time verification concerns properties of
the execution traces of 𝑷
• Branching-time verification concerns properties of the
computation tree of 𝑷
• Subsumes linear-time verification
• Example: Non-termination verification of deciding whether
there is an infinite execution of 𝑷
(cf. termination verification decides whether all execution of
𝑷 is finite)
2020/12/18 STAIR Lab Software Technology Seminar 18
19. pCSP: Predicate Constraint
Satisfaction Problem[Satake+ ’20]
• A finite set 𝓒 of clauses of the form:
where 𝑋1, … , 𝑋 𝑚 are predicate variables,
𝑡1, … , 𝑡 𝑚 are sequences of terms of a 1st-order theory 𝑇,
𝜙 is a formula of 𝑇 without predicate variables.
• 𝓒 is satisfiable (modulo 𝑇) if there is an interpretation 𝜌 of
predicate variables such that 𝜌 ⊨ ⋀𝓒
• 𝓒 is CHCs if ℓ ≤ 1 for all clause in 𝓒
2020/12/18 STAIR Lab Software Technology Seminar
𝑋1 𝑡1 ∨ ⋯ ∨ 𝑋ℓ 𝑡ℓ ⟸
𝑋ℓ+1 𝑡ℓ+1 ∧ ⋯ ∧ 𝑋 𝑚 𝑡 𝑚 ∧ 𝜙
19
20. 𝑥 > 0
𝐰𝐡𝐢𝐥𝐞 𝑥 ≠ 0 𝐝𝐨
𝐢𝐟 𝐫𝐞𝐚𝐝_𝐛𝐨𝐨𝐥 ∃
𝐭𝐡𝐞𝐧
𝑥 ← 𝑥 − 1
𝐞𝐥𝐬𝐞
𝑥 ← 𝑥 + 1
𝐝𝐨𝐧𝐞
⊥
2020/12/18 STAIR Lab Software Technology Seminar
If the initial state satisfies
the pre-condition 𝑥 > 0
there is an execution of
the program such that
the post-condition ⊥ is
satisfied when the while
loop terminates
Prog. & Spec. pCSP SAT or UNSAT
Constraint Generation Constraint Solving
Example Program and Specification:
Non-det.
branching
Contradiction
Pre-
condition
Post-
condition
20
21. 𝑥 > 0
𝐰𝐡𝐢𝐥𝐞 𝑥 ≠ 0 𝐝𝐨
𝐢𝐟 𝐫𝐞𝐚𝐝_𝐛𝐨𝐨𝐥 ∃
𝐭𝐡𝐞𝐧
𝑥 ← 𝑥 − 1
𝐞𝐥𝐬𝐞
𝑥 ← 𝑥 + 1
𝐝𝐨𝐧𝐞
⊥
2020/12/18 STAIR Lab Software Technology Seminar
If the initial state satisfies
the pre-condition 𝑥 > 0
there is an execution of
the program such that
the while loop
never terminates
Prog. & Spec. pCSP SAT or UNSAT
Constraint Generation Constraint Solving
Example Program and Specification:
Non-det.
branching
Contradiction
Pre-
condition
Post-
condition
21
22. Input:
𝑥 > 0
𝐰𝐡𝐢𝐥𝐞 𝑥 ≠ 0 𝐝𝐨
𝐢𝐟 𝐫𝐞𝐚𝐝_𝐛𝐨𝐨𝐥 ∃ 𝐭𝐡𝐞𝐧
𝑥 ← 𝑥 − 1
𝐞𝐥𝐬𝐞
𝑥 ← 𝑥 + 1
𝐝𝐨𝐧𝐞
⊥
2020/12/18 STAIR Lab Software Technology Seminar
Output 𝓒:
① 𝐼 𝑥 ⟸ 𝑥 > 0,
② 𝐼 𝑥 − 1 ∨ 𝐼 𝑥 + 1
⟸ 𝐼 𝑥 ∧ 𝑥 ≠ 0,
③ ⊥ ⟸ 𝐼 𝑥 ∧ 𝑥 = 0
Prog. & Spec. pCSP SAT or UNSAT
Constraint Generation Constraint Solving
represents a loop invariant
preserved by some execution
(i.e., recurrent set)
𝓒 is beyond
CHCs!
𝓒 is satisfiable, witnessed by
a solution 𝐼 𝑥 ≡ 𝑥 > 0 22
23. pfwCSP Constraints 𝓒 on Predicate Variables
Target Program 𝑷 & Specification 𝝍
Program Verification via Extended
Predicate Constraint Satisfaction [Unno+ ’20]
2020/12/18 STAIR Lab Software Technology Seminar
Constraint
Generation
𝓒 is Sat (𝑷 satisfies 𝝍),
𝓒 is Unsat (𝑷 violates 𝝍),
or Unknown
Constraint
Solving
Applicable to (Infinitely-)
Branching-Time Safety &
Liveness Verification
23
PCSat [Satake+ ’20, Unno+ ’20]
24. Safety vs. Liveness Verification
• Safety is a class of properties of the form
“something bad will never happen”
• Examples (absence of): assertion failure, division-by-zero,
array boundary violation, …
• Liveness is a class of properties of the form
“something good will eventually happen”
• Examples: termination, deadlock freedom, …
2020/12/18 STAIR Lab Software Technology Seminar 24
25. pfwCSP: Extension of pCSP with Functional
and Well-founded Predicates [Unno+ ’20]
(cf. ∀∃CHCs with dwf [Beyene+ ’13])
• A finite set 𝓒 of pCSP clauses equipped with
a map 𝓚 from predicate variable 𝑋 in 𝓒 to ⋆, 𝜆, ⇓
• 𝑋 is ordinary predicate if 𝓚 𝑋 = ⋆
• 𝑋 is functional predicate if 𝓚 𝑋 = 𝜆
• 𝑋 is well-founded predicate if 𝓚 𝑋 = ⇓
• 𝓒 is satisfiable (modulo 𝑇) if there is an interpretation
𝜌 of predicate variables such that
• 𝜌 ⊨ ⋀𝓒
• ∀𝑋. 𝓚 𝑋 = 𝜆 ⟹ 𝜌 𝑋 characterizes a total function
• ∀𝑋. 𝓚 𝑋 = ⇓ ⟹ 𝜌 𝑋 represents a well-founded relation
2020/12/18 STAIR Lab Software Technology Seminar 25
26. 𝑥 > 0
𝐰𝐡𝐢𝐥𝐞 𝑥 > 0 𝐝𝐨
𝑥 ← 𝐫𝐞𝐚𝐝_𝐢𝐧𝐭 ∃ − 𝑥
𝐝𝐨𝐧𝐞
⊥
2020/12/18 STAIR Lab Software Technology Seminar
If the initial state satisfies
the pre-condition 𝑥 > 0
there is an execution of
the program such that
the while loop
never terminates
Prog. & Spec. pfwCSP SAT or UNSAT
Constraint Generation Constraint Solving
Example Program and Specification:
Non-det.
integer
Contradiction
Pre-
condition
Post-
condition
26
27. Input:
𝑥 > 0
𝐰𝐡𝐢𝐥𝐞 𝑥 > 0 𝐝𝐨
𝑥 ← 𝐫𝐞𝐚𝐝_𝐢𝐧𝐭 ∃ − 𝑥
𝐝𝐨𝐧𝐞
⊥
2020/12/18 STAIR Lab Software Technology Seminar
Output 𝓒:
① 𝐼 𝑥 ⟸ 𝑥 > 0,
② ∃𝑟. 𝐼 𝑟 − 𝑥
⟸ 𝐼 𝑥 ∧ 𝑥 > 0,
③ ⊥ ⟸ 𝐼 𝑥 ∧ 𝑥 ≤ 0
Prog. & Spec. pfwCSP SAT or UNSAT
Constraint Generation Constraint Solving
represents a loop invariant
preserved by some execution
(i.e., recurrent set)
𝓒 is beyond pCSP but can
be encoded in pfwCSP
using a functional pred.
var. that characterizes
a Skolem function for 𝒓
27
28. Input:
𝑥 > 0
𝐰𝐡𝐢𝐥𝐞 𝑥 > 0 𝐝𝐨
𝑥 ← 𝐫𝐞𝐚𝐝_𝐢𝐧𝐭 ∃ − 𝑥
𝐝𝐨𝐧𝐞
⊥
2020/12/18 STAIR Lab Software Technology Seminar
Output 𝓒:
① 𝐼 𝑥 ⟸ 𝑥 > 0,
② 𝐼 𝑟 − 𝑥 ⟸ 𝑆𝜆 𝑥, 𝑟
∧ 𝐼 𝑥 ∧ 𝑥 > 0,
③ ⊥ ⟸ 𝐼 𝑥 ∧ 𝑥 ≤ 0
Prog. & Spec. pfwCSP SAT or UNSAT
Constraint Generation Constraint Solving
characterizes a Skolem
function mapping 𝑥 to 𝑟
28
𝓒 is satisfiable, witnessed by a solution
𝐼 𝑥 ≡ 𝑥 > 0, 𝑆𝜆 𝑥, 𝑟 ≡ 𝑟 = 𝑥 + 1
29. 𝑥 ≠ 0
𝐰𝐡𝐢𝐥𝐞 𝑥 ≠ 0 𝐝𝐨
𝐢𝐟 𝑥 > 0 𝐭𝐡𝐞𝐧
𝑥 ← 𝑥 − 1
𝐞𝐥𝐬𝐞
𝑥 ← 𝑥 + 1
𝐝𝐨𝐧𝐞
⊤
2020/12/18 STAIR Lab Software Technology Seminar
If the initial state satisfies
the pre-condition 𝑥 ≠ 0
the loop always terminates
and the post-condition ⊤ is
satisfied by the resulting state
Prog. & Spec. pfwCSP SAT or UNSAT
Constraint Generation Constraint Solving
Example Program and Total Correctness Specification:
Pre-
condition
Post-
condition
29
Tautology
30. Input:
𝑥 ≠ 0
𝐰𝐡𝐢𝐥𝐞 𝑥 ≠ 0 𝐝𝐨
𝐢𝐟 𝑥 > 0 𝐭𝐡𝐞𝐧
𝑥 ← 𝑥 − 1
𝐞𝐥𝐬𝐞
𝑥 ← 𝑥 + 1
𝐝𝐨𝐧𝐞
⊤
2020/12/18 STAIR Lab Software Technology Seminar
Output 𝓒:
① 𝐼 𝑥 ⟸ 𝑥 = 0,
② 𝐼 𝑥 − 1 ⟸ 𝐼 𝑥 ∧ 𝑥 > 0,
③ 𝐼 𝑥 + 1 ⟸ 𝐼 𝑥 ∧ 𝑥 < 0,
④ 𝑇⇓ 𝑥, 𝑥 − 1 ⟸ 𝐼 𝑥 ∧ 𝑥 > 0,
⑤ 𝑇⇓ 𝑥, 𝑥 + 1 ⟸ 𝐼 𝑥 ∧ 𝑥 < 0,
Prog. & Spec. pfwCSP SAT or UNSAT
Constraint Generation Constraint Solving
represents a loop invariant
30
represents a well-
founded relation for
termination of the loop
𝓒 is satisfiable, witnessed by a solution
𝐼 𝑥 ≡ ⊤, 𝑇⇓ 𝑥, 𝑥′ ≡ 𝑥 > 𝑥′
≥ 0
31. Further Applications of pfwCSP
• Refinement type inference [Unno+ ’09,’13,’18, Nanjo’18, Katsura+ ’20]
• Validity checking of fixpoint logic formulas
• LTL, CTL, CTL*, modal-mu calculus model checking
• Infinite-state infinite-duration game solving
• Bisimulation and bisimilarity verification
• Hyperproperties verification
• Program synthesis
• …
2020/12/18 STAIR Lab Software Technology Seminar 31
(see [Unno+ ’20] and upcoming papers)
32. Program Synthesis via
Constraint Solving
2020/12/18 STAIR Lab Software Technology Seminar
Constraint
Generation
𝓒 is Sat (some 𝑷 ∈ 𝓛 satisfies 𝝍),
𝓒 is Unsat (all 𝑷 ∈ 𝓛 violates 𝝍),
or Unknown
Constraint
Solving
Constraints 𝓒 on Function Variables
Language 𝓛 & Specification 𝝍
32
Synthesis Intermediary
Independent of Particular
Target and Method
33. Program Synthesis via
Syntax-Guided Synthesis (SyGuS)
2020/12/18 STAIR Lab Software Technology Seminar
Constraint
Generation
𝓒 is Sat (some 𝑷 ∈ 𝓛 satisfies 𝝍),
𝓒 is Unsat (all 𝑷 ∈ 𝓛 violates 𝝍),
or Unknown
Constraint
Solving
SyGuS Constraints 𝓒 on Function Variables
Language 𝓛 & Specification 𝝍
33
CVC4 [Reynolds+ ’15,’19]
DryadSynth [Huang+ ’20]
PCSat [Satake+ ’20, Unno+ ’20]
34. SyGuS: Syntax-Guided
Synthesis [Alur+ ’15]
• Fix a first-order background theory 𝑇 such as:
• Linear integer arithmetic (LIA)
• Strings (for FlashFill benchmarks)
• Bit-vectors (for Hackers' Delight benchmarks)
• Given
• Specification: 𝑇-formula 𝜙 over a function variable 𝑓
• Language: context-free grammar 𝐺 characterizing the
set ℒ 𝐺 of allowed 𝑇-terms
• Find a term 𝑡 ∈ ℒ 𝐺 such that ⊨ 𝑡/𝑓 𝜙
2020/12/18 STAIR Lab Software Technology Seminar 34
35. Example LIA SyGuS Constraints 𝓒:
• Language: 𝐺 that generates any term of LIA
• Specification: 𝜙 ≡
𝑓 𝑥, 𝑦 ≥ 𝑥 ∧ 𝑓 𝑥, 𝑦 ≥ 𝑦 ∧
𝑓 𝑥, 𝑦 = 𝑥 ∨ 𝑓 𝑥, 𝑦 = 𝑦
𝓒 is satisfied by 𝑓 𝑥, 𝑦 ≡ if 𝑥 > 𝑦 then 𝑥 else 𝑦
𝓒 can be reduced to the pfwCSP:
𝑟 ≥ 𝑥 ∧ 𝑟 ≥ 𝑦 ∧ 𝑟 = 𝑥 ∨ 𝑟 = 𝑦 ⟸ 𝐹𝜆 𝑥, 𝑦, 𝑟
In general, SyGuS constraints 𝓒 can be converted to
a pfwCSP using a predicate that characterizes ℒ 𝐺
2020/12/18 STAIR Lab Software Technology Seminar 35
36. This Talk
• Tutorial of program verification and synthesis based on
constraint solving and machine learning over functions
• First part: How to reduce program verification and
synthesis to constraint solving
• Second part: How to solve constraints via integrated
deductive and inductive reasoning
• Deductive reasoning by theorem proving (e.g., SAT, SMT)
• Inductive reasoning by machine learning (e.g., decision tree
learning, reinforcement learning)
2020/12/18 STAIR Lab Software Technology Seminar 36
37. pfwCSP Constraints 𝓒 on Predicate Variables
Target Program 𝑷 &
Specification 𝝍
Program Verification and Synthesis via
Predicate Constraint Satisfaction
2020/12/18 STAIR Lab Software Technology Seminar
Constraint
Generation
𝓒 is Sat, 𝓒 is Unsat, or Unknown
Constraint
Solving
37
Language 𝓛 &
Specification 𝝍
38. Challenges in Constraint Solving
• Undecidable in general even for decidable theories
• The search space of solutions is often very large
(or unbounded), high-dimensional, and non-smooth
2020/12/18 STAIR Lab Software Technology Seminar
To address these challenges, researchers are
integrating deductive & inductive reasoning
techniques within the framework of
CounterExample Guided Inductive Synthesis
(CEGIS) [Solar-Lezama+ ’06]
38
39. CounterExample Guided
Inductive Synthesis (CEGIS)
• Iteratively accumulate example instances 𝓔 of the
given 𝓒 through the two phases for each iteration:
• Synthesis Phase by Learner
• Find a candidate solution 𝜌 that satisfies 𝓔
• Validation Phase by Teacher
• Check if the candidate 𝜌 also satisfies 𝓒 (with an SMT solver)
• If yes, return 𝜌 as a genuine solution of 𝓒
• If no, repeat the procedure with new example instances
witnessing non-satisfaction of 𝓒 by 𝜌 added
2020/12/18 STAIR Lab Software Technology Seminar 39
40. Example Run of CEGIS
Learner
Example Instances 𝓔:
∅
Teacher
Constraints 𝓒:
• 𝐼 𝑥 ⟸ 𝑥 > 0
• 𝐼 𝑥 − 1 ∨ 𝐼 𝑥 + 1
⟸ 𝐼 𝑥 ∧ 𝑥 ≠ 0
• ⊥ ⟸ 𝐼 𝑥 ∧ 𝑥 = 0
2020/12/18 STAIR Lab Software Technology Seminar
Starting from
the empty set
(𝓒 is a black box)
Is the candidate 𝐼 𝑥 ↦ ⊤ genuine?
40
41. Example Run of CEGIS
Learner
Example Instances 𝓔:
∅
Teacher
Constraints 𝓒:
• 𝐼 𝑥 ⟸ 𝑥 > 0
• 𝐼 𝑥 − 1 ∨ 𝐼 𝑥 + 1
⟸ 𝐼 𝑥 ∧ 𝑥 ≠ 0
• ⊥ ⟸ 𝐼 𝑥 ∧ 𝑥 = 0
2020/12/18 STAIR Lab Software Technology Seminar
No. 𝐼 𝑥 ↦ ⊤ is not.
The 3rd clause is violated when 𝑥 = 0
⊥ ⟸ 𝐼 0 ∧ 0 = 0
41
48. Is CEGIS just (Online) Supervised
Learning of Classification?
• Similarities
• Learner trains a model to fit examples 𝓔 and obtain 𝜌
• Teacher requires 𝜌 to generalize to 𝓒 (𝜌 shouldn’t overfit 𝓔)
• Differences
• 𝓔 is usually assumed to have no noise & 𝓒 is hard constraints
• 𝜌 is required to exactly satisfy 𝓔 (or has no chance to satisfy 𝓒)
• 𝜌 should be efficiently handled by Teacher (i.e., an SMT solver)
• Sampling of 𝓔 from 𝓒 is not i.i.d (depends on 𝜌 and Teacher)
• 𝓔 may contain not only positive/negative examples but also
arbitrary clause ones (cf. constrained semi-supervised learning)
2020/12/18 STAIR Lab Software Technology Seminar 48
Despite the differences, machine learning
techniques turned out to be quite useful!
49. Machine Learning for CEGIS
• Adapt ML models and algorithms to implement Learner
• Piecewise linear classifiers [Sharma+ ’13a, Garg+ ’14, Unno+ ’20]
• Decision trees [Krishna+ ’15, Garg+ ’16, Champion+ ’18, Ezudheen+ ’18, Zhu+ ’18]
• Neural networks [Chang+ ’19, Zhao+ ’20, Abate+ ’21]
• Greedy set covering w/ logic minimization [Padhi+ ’16, Sharma+ ’13b]
• Metropolis Hastings MCMC sampler [Sharma+ ’14]
• Probabilistic inference, survey propagation [Satake+ ’20]
• Ensemble learning [Padhi+ ’20]
• Learning to learn
• Reinforcement learning of NNs to generate candidates [Si ’18]
• Reinforcement learning of strategy to adjust classification models used
by Learner (joint work w/ Tsukada, Sekiyama, Suenaga)
2020/12/18 STAIR Lab Software Technology Seminar 49
51. Decision Tree Learning
1. Consistently label atoms in 𝓔 with +/− using a SAT solver
2. Generate a set 𝑄 of predicates used in classification
3. Classify atoms in 𝓔 with 𝑄 using a decision tree learner
2020/12/18 STAIR Lab Software Technology Seminar
Examples: 𝓔 ≡ 𝐼 0 , 𝐼 0 ⇒ 𝐼 1 , ¬𝐼 −1
Labeling: 𝐼 0 ↦ +, 𝐼 1 ↦ +, 𝐼 −1 ↦ −
Classifier: 𝜌 ≡ 𝐼 𝑥 ↦ 𝑥 ≥ 0
Predicates: 𝑄 ≡
𝑥 ≥ 0, 𝑥 ≤ 0, 𝑥 ≥ 1,
𝑥 ≥ −1, 𝑥 ≤ 1, 𝑥 ≤ −1
51
52. Template-based Synthesis
vs Decision Tree Learning
• Template-based Synthesis (TB)
• Fixes the shape of solution (updated upon failure)
• Flexibly find necessary predicates via SMT solving
• Atoms in 𝓔 are consistently labeled using 𝓔 as an SMT formula
• Decision Tree Learning (DT)
• Fixes the predicates of solution (updated upon failure)
• Flexibly adjust the shape based on information gain
• Atoms are consistently labeled using 𝓔 as a SAT formula
• Evaluation on SyGuS-Comp’19 Inv track XC benchmarks
• TB solved 228 instances (out of 276) and DT solved 180 instances
2020/12/18 STAIR Lab Software Technology Seminar 52
53. Future Research Directions
• Efficient synthesis of complex and large functions
from complex and large constraints
• (Co)Inductive functions
• Functions over (linked, (co)algebraic, array) data structures
• Improve labeling, sampling and filtering of examples, and
generation and ranking of predicates
• Convergence theory of CEGIS
• More applications
2020/12/18 STAIR Lab Software Technology Seminar 53
54. Summary
• Various program verification and synthesis problems
can be reduced to constraint solving problems
• The separation of constraint generation and solving
facilitate tool development
• CEGIS-based constraint solving integrates deductive
and inductive reasoning to address challenges
• Deductive reasoning by theorem proving (e.g., SAT, SMT)
• Inductive reasoning by machine learning (e.g., decision
tree learning, reinforcement learning)
2020/12/18 STAIR Lab Software Technology Seminar 54