Recomendados
Más contenido relacionado
La actualidad más candente
La actualidad más candente (20)
Destacado
Destacado (20)
Similar a Relations as Executable Specifications
Similar a Relations as Executable Specifications (20)
Último
Último (20)
Relations as Executable Specifications
- 1. Relations as Executable Specifications Taming Partiality and Non-determinism Using Invariants Nuno Macedo Hugo Pacheco Alcino Cunha HASLab — High Assurance Software Laboratory INESC TEC & Universidade do Minho, Braga, Portugal RAMiCS 13 September 20, 2012, Cambridge
- 2. Introduction Relational Calculus Optimizations Recursion Bidirectional Transformations Conclusions Introduction • Relational calculus provides a more natural way to specify programs; • Many programs are partial and non-deterministic; • A point-free (PF) version has been used in a variety of computer science areas; • Such specifications are not amenable for execution. Nuno Macedo, Hugo Pacheco, Alcino Cunha 2 / 21
- 3. Introduction Relational Calculus Optimizations Recursion Bidirectional Transformations Conclusions Motivating Example (id id)◦ ◦ (head◦ length◦ ) : Nat → [Nat] • Calculates a list with length n and the same n at its head; • Not total nor functional; • Very inefficient given a naive semantics; • head◦ could be generating all lists by increasing length and never reach n. (id4id) (id4id) Nuno Macedo, Hugo Pacheco, Alcino Cunha head 4length (head 4length ) 3 / 21
- 4. Introduction Relational Calculus Optimizations Recursion Bidirectional Transformations Conclusions Motivating Example • We can predict the behavior of partial expressions by calculating the exact domain and range; • They can also be used to narrow non-deterministic executions. ●{(l, l0 ) 2 [Nat] ⇥ [Nat]|head l = length l0 ^ l = l0 } (id4id) ●{l 2 [Nat]|head l = length l} Nuno Macedo, Hugo Pacheco, Alcino Cunha (id4id) head 4length (head 4length ) ●{n 2 Nat|n 6= 0} 4 / 21
- 5. Introduction Relational Calculus Optimizations Recursion Bidirectional Transformations Conclusions Taming Partiality and Non-determinism • We propose a PF relational framework where data-types are enhanced with invariants; • The simplicity of the PF calculus allows us to develop practical type-inference and type-checking algorithms; • Those invariants can then used to run the specifications more efficiently; • Bidirectional transformations are our application scenario. Nuno Macedo, Hugo Pacheco, Alcino Cunha 5 / 21
- 6. Introduction Relational Calculus Optimizations Recursion Bidirectional Transformations Conclusions PF Relational Calculus Identity Top Bottom Converse Composition Intersection Union Split Projections Either Injections Constants Conditional id : A → A :A→B ⊥:A→B ·◦ : (A → B) → (B → A) · ◦ · : (B → C ) → (A → B) → (A → C ) · ∩ · : (A → B) → (A → B) → (A → B) · ∪ · : (A → B) → (A → B) → (A → B) · · : (A → B) → (A → C ) → (A → B × C ) π1 : A × B → A and π2 : A × B → B · · : (B → A) → (C → A) → (B + C → A) i1 : A → (A + B) and i2 : B → (A + B) ! : A → 1 and · : B → (A → B) · ? :(A → A) → (A → A + A) • The simple equational rules are harnessed in a strategic rewrite system that simplifies expressions. Nuno Macedo, Hugo Pacheco, Alcino Cunha 6 / 21
- 7. Introduction Relational Calculus Optimizations Recursion Bidirectional Transformations Conclusions Membership Semantics a id a a R◦ b b S ◦R a b R ∩S a b R ∪S a (b, c) R S a a π1 (a, b) b π2 (a, b) a R S (Left b) a R S (Right c) (Left a ) i1 a (Left a ) i2 b (Right b ) i1 a (Right b ) i2 b b a b ⊥ a 1 ! a b b a Nuno Macedo, Hugo Pacheco, Alcino Cunha =a≡a =b R a = ∃ c. b S c =b R a∧b =b R a∨b =b R a∧c =a≡a =b≡b =a R b =a S c =a≡b = False = False =a≡b = True = False = True =b≡b ∧c R a S a S a S a 7 / 21
- 8. Introduction Relational Calculus Optimizations Recursion Bidirectional Transformations Conclusions Execution Semantics | id | | R◦ | |S ◦R| |R ∩S| |R ∪S| |R S| | π1 | | π2 | |R S| |R S| | i1 | | i2 | | | |⊥| |!| |b| a b a a a a (a, b) (a, b) (Left b) (Right c) a b a a a a Nuno Macedo, Hugo Pacheco, Alcino Cunha = {a} = {a | a ← A, a R ◦ b } = {b | c ← | R | a, b ← | S | c } = {b | b ← | R | a, b S a} = |R| a ∪ |S| a = {(b, c) | b ← | R | a, c ← | S | a} = {a} = {b } = |R| b = |S| c = {Left a} = {Right b } =B = {} = {1} = {b } 8 / 21
- 9. Introduction Relational Calculus Optimizations Recursion Bidirectional Transformations Conclusions Predicates as Coreflexives • Domain δR and range ρR are predicates that can be defined as coreflexives; • Coreflexives Φ : A → A are relations smaller than the identity; • If a satisfies the predicate Φ then a Φ a; • For pairs A × B related by R : A → B, the invariant is lifted as [R] : A × B → A × B; • Invariants on coproducts are simply the coproduct Φ + Ψ; • R : Φ → Ψ denotes δR = Φ and ρR = Ψ. Nuno Macedo, Hugo Pacheco, Alcino Cunha 9 / 21
- 10. Introduction Relational Calculus Optimizations Recursion Bidirectional Transformations Conclusions Inferring Checkable Invariants • Domain and range can be directly computed as δR = R ◦ ◦ R ∩ id and ρR = R ◦ R ◦ ∩ id; • May result in inefficient membership tests (due to composition); • By expanding the definition, we define an equivalent definition with most compositions removed; • Others will fall in the special case b (f ◦ ◦ R ◦ g ) a ≡ (f b) R (g a); • The rewriting system further simplifies the formula and issues a warning if problematic expressions remain. Nuno Macedo, Hugo Pacheco, Alcino Cunha 10 / 21
- 11. Introduction Relational Calculus Optimizations Recursion Bidirectional Transformations Conclusions Example (id id)◦ ◦ (head◦ length◦ ) : Nat → [Nat] ρ((id id)◦ ◦ (head◦ length◦ )) ={Range definition} ρ((id id)◦ ◦ ρ(head◦ length◦ )) ={Range definition} ρ((id id)◦ ◦ [length◦ ◦ head]) ={Range definition} δ([length◦ ◦ head] ◦ (id id)) ={Domain definition, Simplifications : PF Laws} (head◦ ◦ length) ∩ id (id id)◦ ◦(length◦ head◦ ):inN ◦(⊥+id)◦outN → (head◦ ◦length)∩id Nuno Macedo, Hugo Pacheco, Alcino Cunha 11 / 21
- 12. Introduction Relational Calculus Optimizations Recursion Bidirectional Transformations Conclusions Optimizing Non-deterministic Executions • After determining the domain and range, they can be propagated down to primitives, • This reduces the generation of irrelevant intermediate values; | id : Φ → Ψ | a = | Ψ | a | π1 : [U ] → Ψ | (a, b) = | Ψ | a | R ◦ S : Φ → Ψ | a = {b | c ← | S : Φ → δR | a, b ← | R : ρS → Ψ | c } | R ∩ S : Φ → Ψ | a = {b | b ← | R : Φ ∩ δS → ρ(Ψ ◦ S ◦ a) | a} Nuno Macedo, Hugo Pacheco, Alcino Cunha 12 / 21
- 13. Introduction Relational Calculus Optimizations Recursion Bidirectional Transformations Conclusions Recursive Relations with Invariants • We support the well-know recursion patterns of catamorphisms (folds) and anamorphisms (unfolds); • Execution is not problematic, as it is performed by unfolding their definitions; • However, there is no known normal form for invariants over recursive types; • The rewrite system tries to simplify the generic domain/range expression. Nuno Macedo, Hugo Pacheco, Alcino Cunha 13 / 21
- 14. Introduction Relational Calculus Optimizations Recursion Bidirectional Transformations Conclusions Recursive Relations: Example unzip : [A × B ] → [A] × [B ] ρunzip ={Range definition} (unzip ◦ unzip◦ ) ∩ id ={Simplifications : unzip is functional, Liftify : range of unzip is a product} ◦ [π2 ◦ unzip ◦ unzip◦ ◦ π1 ] ={Catamorphism fusion : π1 ◦ g = nil (cons ◦ (π1 × id)) ◦ F π1 } [( |nil (cons ◦ (π1 × id))| ◦ ( ) |nil (cons ◦ (π2 × id))| ◦ ] ) ={Definitions : map} [(map π1 ) ◦ (map π2 )◦ ] ={Simplifications : map converse, map fusion (see below )} ◦ [map (π1 ◦ π2 )] ={Simplifications : PF Laws} [map ] unzip : id → [map Nuno Macedo, Hugo Pacheco, Alcino Cunha ] 14 / 21
- 15. Introduction Relational Calculus Optimizations Recursion Bidirectional Transformations Conclusions Bidirectional Transformations • Bidirectional transformations are transformations between data-structures that may be applied in both directions; • Defining the transformations individually is expensive and error-prone; • BXs should be inferred a single specification; • We propose a solution using the relational calculus. Nuno Macedo, Hugo Pacheco, Alcino Cunha 15 / 21
- 16. Introduction Relational Calculus Optimizations Recursion Bidirectional Transformations Conclusions Bidirectional Transformations • Lenses are one of the most famous BX frameworks; • A lens S V between sources S and more abstract views V consists of transformations Get : S → V and Put : V × S → S; • It is said to be well-behaved if: • Get ◦ Put ⊆ π1 (acceptability); • Put ◦ (Get id) ⊆ id (stability); • Usually there are multiple valid Puts, but existing frameworks are deterministic. Nuno Macedo, Hugo Pacheco, Alcino Cunha 16 / 21
- 17. Introduction Relational Calculus Optimizations Recursion Bidirectional Transformations Conclusions Bidirectional Transformations • In principle, it is possible to lift any functional expression to a well-behaved lens; • Existing frameworks either: • Have maximum updatability but disregard some operators; • Refine the type-system to allow operators with smaller updatability; • Support any operator but disregard updatability; ? ? ? • We refine the type-system and guarantee maximum updatability. Nuno Macedo, Hugo Pacheco, Alcino Cunha 17 / 21
- 18. Introduction Relational Calculus Optimizations Recursion Bidirectional Transformations Conclusions Generic Non-deterministic Lenses • Using relational calculus we can define a generic Put that is the largest relation that satisfies the properties; • A transformation get : A → B can be lifted to a well-behaved non-deterministic lens get : δget Put = (π2 ρget, with (get◦ ◦ π1 )) ◦ [get◦ ] ? • Emerges naturally from the lens laws: • [get◦ ] ? (v , s) tests if v was changed, returning either the original s (acceptability), or any source s such that s = get v (stability); • Maximum updatability: δPut = ρget × δget. Nuno Macedo, Hugo Pacheco, Alcino Cunha 18 / 21
- 19. Introduction Relational Calculus Optimizations Recursion Bidirectional Transformations Conclusions Generic Non-deterministic Lenses • Type-checking over δget and ρget directly could be undecidable and due to the central role of the converse, Put can not be directly executed; • Both these issues can be addressed by the optimizations already presented; • Forward transformations are functional so problematic cases are very limited: • Regarding type-checking, only particular ranges of splits are possibly undecidable; • The backward transformation can be efficiently executed; • Recursive expressions are also supported as they preserve the functionality of their algebras. Nuno Macedo, Hugo Pacheco, Alcino Cunha 19 / 21
- 20. Introduction Relational Calculus Optimizations Recursion Bidirectional Transformations Conclusions Generic Non-deterministic Lenses: Example π1 id : id ◦ [π1 ] ◦ • The range is [π1 ] : A × (A × B) → A × (A × B), so Put only takes views (a, (b, c)) where a ≡ b; ◦ id)◦ will run, and π1 could generate all pairs until reaching (a, c); • When the view is updated, (π1 • With our optimization, the output of π1 is restricted to have c in the second element. Nuno Macedo, Hugo Pacheco, Alcino Cunha 20 / 21
- 21. Introduction Relational Calculus Optimizations Recursion Bidirectional Transformations Conclusions Conclusions • We have presented mechanisms for the efficient execution PF relational expressions over data-types with invariants; • Regarding BX, we identify an open problem in the composition of lenses; • By modeling lenses in this framework we were able to implement an expressive PF BX language with maximum updatability; • Researching possible normal forms for invariants over recursive types; • Exploring mechanisms for a better control of the non-determinism through user-defined quality measures. Nuno Macedo, Hugo Pacheco, Alcino Cunha 21 / 21