skip to main content
article

Automatic program inversion using symbolic transducers

Published:14 June 2017Publication History
Skip Abstract Section

Abstract

We propose a fully-automated technique for inverting functional programs that operate over lists such as string encoders and decoders. We consider programs that can be modeled using symbolic extended finite transducers (), an expressive model that can describe complex list-manipulating programs while retaining several decidable properties. Concretely, given a program P expressed as an , we propose techniques for: (1) checking whether P is injective and, if that is the case, (2) building an P-1 describing its inverse. We first show that it is undecidable to check whether an is injective and propose an algorithm for checking injectivity for a restricted, but a practical class of . We then propose an algorithm for inverting based on the following idea: if an is injective, inverting it amounts to inverting all its individual transitions. We leverage recent advances program synthesis and show that the transition inversion problem can be expressed as an instance of the syntax-guided synthesis framework. Finally, we implement the proposed techniques in a tool called and show that can invert 13 out 14 real complex string encoders and decoders, producing inverse programs that are substantially identical to manually written ones.

References

  1. R. Alur. Streaming String Transducers, pages 1–1. Springer Berlin Heidelberg, Berlin, Heidelberg, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. R. Alur, R. Bodik, G. Juniwal, M. M. Martin, M. Raghothaman, S. A. Seshia, R. Singh, A. Solar-Lezama, E. Torlak, and A. Udupa. Syntax-guided synthesis. In Formal Methods in Computer-Aided Design (FMCAD), 2013, pages 1–8. IEEE, 2013.Google ScholarGoogle ScholarCross RefCross Ref
  3. R. Alur, D. Fisman, R. Singh, and A. Solar-Lezama. Results and analysis of SyGuS-comp’15. arXiv preprint arXiv:1602.01170, 2016.Google ScholarGoogle Scholar
  4. M. Benedikt, J. Engelfriet, and S. Maneth. Determinacy and rewriting of top-down and mso tree transformations. In International Symposium on Mathematical Foundations of Computer Science, pages 146–158. Springer, 2013.Google ScholarGoogle Scholar
  5. W. Chen and J. T. Udding. Program inversion: More than fun! Science of Computer Programming, 15(1):1–13, 1990. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. L. D’antoni and R. Alur. Symbolic visibly pushdown automata. In International Conference on Computer Aided Verification, pages 209–225. Springer, 2014. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. L. D’Antoni and M. Veanes. Equivalence of extended symbolic finite transducers. In International Conference on Computer Aided Verification, pages 624–639. Springer, 2013.Google ScholarGoogle Scholar
  8. L. D’Antoni and M. Veanes. Extended symbolic finite automata and transducers. Formal Methods in System Design, 47 (1):93–119, 2015. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. L. D’Antoni, M. Veanes, B. Livshits, and D. Molnar. Fast: A transducer-based language for tree manipulation. In ACM SIGPLAN Notices, volume 49, pages 384–394. ACM, 2014. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. L. De Moura and N. Bjørner. Z3: An efficient smt solver. In International conference on Tools and Algorithms for the Construction and Analysis of Systems, pages 337–340. Springer, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. E. Dijkstra. Program inversion. Program Construction, pages 54–57, 1979.Google ScholarGoogle ScholarCross RefCross Ref
  12. D. Eppstein. A heuristic approach to program inversion. In IJCAI, volume 85, pages 219–221, 1985. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Z. Fueloep and P. Gyenizse. On injectivity of deterministic top–down tree transducers. Information processing letters, 48 (4):183–188, 1993. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. R. Glück and M. Kawabe. A method for automatic program inversion based on lr (0) parsing. Fundamenta Informaticae, 66(4):367–395, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. P. Hooimeijer, B. Livshits, D. Molnar, P. Saxena, and M. Veanes. Fast and precise sanitizer analysis with BEK. In Proceedings of the 20th USENIX conference on Security, pages 1–1. USENIX Association, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. A. Kanade, R. Alur, S. Rajamani, and G. Ramanlingam. Representation dependence testing using program inversion. In Proceedings of the eighteenth ACM SIGSOFT international symposium on Foundations of software engineering, pages 277–286. ACM, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. M. Kawabe and R. Glück. The program inverter LRinv and its structure. In International Workshop on Practical Aspects of Declarative Languages, pages 219–234. Springer, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. B. J. Ross. Running programs backwards: the logical inversion of imperative computation. Formal Aspects of Computing, 9 (3):331–348, 1997.Google ScholarGoogle ScholarCross RefCross Ref
  19. SANS. Malware faq. https://www.sans.org/ security-resources/malwarefaq/wnt-unicode.Google ScholarGoogle Scholar
  20. B. Schoenmakers. Inorder traversal of a binary heap and its inversion in optimal time and space. In Mathematics of Program Construction, pages 291–301. Springer, 1993. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. F. Servais and J.-F. Raskin. Visibly pushdown transducers. ULB, Belgique, 2011.Google ScholarGoogle Scholar
  22. S. Srivastava, S. Gulwani, S. Chaudhuri, and J. S. Foster. Pathbased inductive synthesis for program inversion. In ACM SIGPLAN Notices, volume 46, pages 492–503. ACM, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. M. Veanes, N. BjØrner, L. Nachmanson, and S. Bereg. Monadic decomposition. In International Conference on Computer Aided Verification, pages 628–645. Springer, 2014. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. M. Veanes, T. Mytkowicz, D. Molnar, and B. Livshits. Dataparallel string-manipulating programs. In ACM SIGPLAN Notices, volume 50, pages 139–152. ACM, 2015. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. D. M. Yellin. Attribute Grammar Inversion and Source-tosource Translation. Springer-Verlag New York, Inc., New York, NY, USA, 1988. ISBN 0-387-19072-4. Introduction Motivating Example The Genic Language Alphabet Theories Auxiliary Functions List Transformations Operations Checking s-EFT Injectivity A Theory of Injectivity for s-EFTs Checking Transition-Injectivity Checking Path-Injectivity Inverting s-EFTs Inverting s-EFTs in Genic Evaluation Effectiveness of Genic Detailed Evaluation Limitations Related Work Conclusion Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Automatic program inversion using symbolic transducers

    Recommendations

    Comments

    Login options

    Check if you have access through your login credentials or your institution to get full access on this article.

    Sign in

    Full Access

    • Published in

      cover image ACM SIGPLAN Notices
      ACM SIGPLAN Notices  Volume 52, Issue 6
      PLDI '17
      June 2017
      708 pages
      ISSN:0362-1340
      EISSN:1558-1160
      DOI:10.1145/3140587
      Issue’s Table of Contents
      • cover image ACM Conferences
        PLDI 2017: Proceedings of the 38th ACM SIGPLAN Conference on Programming Language Design and Implementation
        June 2017
        708 pages
        ISBN:9781450349888
        DOI:10.1145/3062341

      Copyright © 2017 ACM

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      • Published: 14 June 2017

      Check for updates

      Qualifiers

      • article

    PDF Format

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader
    About Cookies On This Site

    We use cookies to ensure that we give you the best experience on our website.

    Learn more

    Got it!