[PPT] - Isomorphic Data Type Transformations Alessandro Coglio Stephen PowerPoint Presentation

SLIDE 1

Isomorphic Data Type Transformations

Alessandro Coglio Stephen Westfold

KESTREL

INSTITUTE

SLIDE 2

Isomorphic data type transformations are useful in program synthesis.

𝑞 𝑡! 𝑡"

. . .

intermediate specifications stepwise refinements 𝑡! requirements specification implementation code generation

(optional in ACL2)

some of these may be isomorphic transformations § represent finite sets as repetition-free ordered lists e.g. § turn unbounded integers into bounded integers (under preconditions) § add redundant record components for caching § change loop direction § ...

SLIDE 3

Isomorphic data type transformations are useful in program synthesis. They are also useful in program analysis.

𝑞′ 𝑡!

"

𝑡#

"

. . .

𝑡$

"

existing program code representation code lifting anti-refinements, via “inverses” of the transformations for refinements higher-level representations, which may be easier to verify some of these may be isomorphic transformations, which are inherently reversible § represent repetition-free

rdered lists as finite sets

e.g. § turn bounded integers into unbounded integers (under preconditions) § remove redundant record components for caching § change loop direction § ...

SLIDE 4

𝑡! 𝑡%

. . .

𝑡!

"

. . .

𝑡$

"

𝑞′ top-down derivation bottom-up anti-derivation equal or trivially equivalent end-to-end proof that 𝑞′ satisfies 𝑡! 𝑡#

"

. . .

𝑡$

"

𝑞′ 𝑡!

"

Isomorphic data type transformations are useful in program synthesis. They are also useful in program analysis, as well as in analysis-by-synthesis.

𝑞 𝑡# 𝑡%

. . .

𝑡!

SLIDE 5

Consider two isomorphic sets (data types) 𝑌 and 𝑌! with 𝜊 ∶ 𝑌 ⟶ 𝑌′ and 𝜊"# ∶ 𝑌′ ⟶ 𝑌. 𝜊 𝜊"# 𝑌 𝑌′ 𝜊"# ∘ 𝜊 = 𝑗𝑒$ 𝜊 ∘ 𝜊"# = 𝑗𝑒$!

SLIDE 6

Consider two isomorphic sets (data types) 𝑌 and 𝑌! with 𝜊 ∶ 𝑌 ⟶ 𝑌′ and 𝜊"# ∶ 𝑌′ ⟶ 𝑌. Consider two isomorphic sets (data types) 𝑍 and 𝑍′ with 𝜑 ∶ 𝑍 ⟶ 𝑍′ and 𝜑"# ∶ 𝑍′ ⟶ 𝑍. 𝜊 𝜊"# 𝑌 𝑌′ 𝜊"# ∘ 𝜊 = 𝑗𝑒$ 𝜊 ∘ 𝜊"# = 𝑗𝑒$! 𝜑"# 𝜑 𝑍 𝑍′ 𝜑"# ∘ 𝜑 = 𝑗𝑒% 𝜑 ∘ 𝜑"# = 𝑗𝑒%!

SLIDE 7

Consider two isomorphic sets (data types) 𝑌 and 𝑌! with 𝜊 ∶ 𝑌 ⟶ 𝑌′ and 𝜊"# ∶ 𝑌′ ⟶ 𝑌. Consider two isomorphic sets (data types) 𝑍 and 𝑍′ with 𝜑 ∶ 𝑍 ⟶ 𝑍′ and 𝜑"# ∶ 𝑍′ ⟶ 𝑍. Consider a function 𝑔 ∶ 𝑌 ⟶ 𝑍, a computation from inputs of type 𝑌 to outputs of type 𝑍. 𝜊 𝜊"# 𝑌 𝑌′ 𝜊"# ∘ 𝜊 = 𝑗𝑒$ 𝜊 ∘ 𝜊"# = 𝑗𝑒$! 𝜑"# 𝜑 𝑍 𝑍′ 𝜑"# ∘ 𝜑 = 𝑗𝑒% 𝜑 ∘ 𝜑"# = 𝑗𝑒%! 𝑔

SLIDE 8

Consider two isomorphic sets (data types) 𝑌 and 𝑌! with 𝜊 ∶ 𝑌 ⟶ 𝑌′ and 𝜊"# ∶ 𝑌′ ⟶ 𝑌. Consider two isomorphic sets (data types) 𝑍 and 𝑍′ with 𝜑 ∶ 𝑍 ⟶ 𝑍′ and 𝜑"# ∶ 𝑍′ ⟶ 𝑍. Consider a function 𝑔 ∶ 𝑌 ⟶ 𝑍, a computation from inputs of type 𝑌 to outputs of type 𝑍. We can mechanically construct a function 𝑔! ∶ 𝑌′ ⟶ 𝑍′ that makes the diagram commute. 𝜊 𝜊"# 𝑌 𝑌′ 𝜑"# 𝜑 𝑍 𝑍′ 𝑔 𝑔′ 𝜊"# ∘ 𝜊 = 𝑗𝑒$ 𝜊 ∘ 𝜊"# = 𝑗𝑒$! 𝜑"# ∘ 𝜑 = 𝑗𝑒% 𝜑 ∘ 𝜑"# = 𝑗𝑒%! 𝑔′ = 𝜑 ∘ 𝑔 ∘ 𝜊"# 𝑔 = 𝜑"# ∘ 𝑔′ ∘ 𝜊 ⟺

SLIDE 9

𝑔′ 𝑔 𝜊 𝜊"# 𝜑"# 𝜑 𝑌 𝑌′ 𝑍 𝑍′ 𝑔′ = 𝜑 ∘ 𝑔 ∘ 𝜊"# 𝑔′ ≡ 𝜑 ∘ 𝑔 ∘ 𝜊"#

we could just define 𝑔′ like this, but that is not very interesting

Consider two isomorphic sets (data types) 𝑌 and 𝑌! with 𝜊 ∶ 𝑌 ⟶ 𝑌′ and 𝜊"# ∶ 𝑌′ ⟶ 𝑌. Consider two isomorphic sets (data types) 𝑍 and 𝑍′ with 𝜑 ∶ 𝑍 ⟶ 𝑍′ and 𝜑"# ∶ 𝑍′ ⟶ 𝑍. Consider a function 𝑔 ∶ 𝑌 ⟶ 𝑍, a computation from inputs of type 𝑌 to outputs of type 𝑍. We can mechanically construct a function 𝑔! ∶ 𝑌′ ⟶ 𝑍′ that makes the diagram commute.

SLIDE 10

𝑔′ 𝑔 𝜊 𝜊"# 𝜑"# 𝜑 𝑌 𝑌′ 𝑍 𝑍′ 𝑔′ = 𝜑 ∘ 𝑔 ∘ 𝜊"# Consider two isomorphic sets (data types) 𝑌 and 𝑌! with 𝜊 ∶ 𝑌 ⟶ 𝑌′ and 𝜊"# ∶ 𝑌′ ⟶ 𝑌. Consider two isomorphic sets (data types) 𝑍 and 𝑍′ with 𝜑 ∶ 𝑍 ⟶ 𝑍′ and 𝜑"# ∶ 𝑍′ ⟶ 𝑍. Consider a function 𝑔 ∶ 𝑌 ⟶ 𝑍, a computation from inputs of type 𝑌 to outputs of type 𝑍. We can mechanically construct a function 𝑔! ∶ 𝑌′ ⟶ 𝑍′ that makes the diagram commute.

𝐣𝐠 𝑏 𝑦 𝐮𝐢𝐟𝐨 𝑐 𝑦 𝐟𝐦𝐭𝐟 𝑑(𝑦, 𝑔(𝑒(𝑦))) 𝑔 𝑦 ≡

𝑏 ⊆ 𝑌 𝑐 ∶ 𝑌 ⟶ 𝑍 𝑑 ∶ 𝑌 × 𝑍 ⟶ 𝑍 𝑒 ∶ 𝑌 ⟶ 𝑌

representative recursive definition ⊢ ¬𝑏 𝑦 ⟹ 𝜈(𝑒(𝑦)) ≺ 𝜈(𝑦) 𝑔 terminates keep the same structure and add the conversions 𝑔′ 𝑦" ≡ 𝐣𝐠 𝑏(𝜊&# 𝑦" ) 𝐮𝐢𝐟𝐨 𝜑(𝑐(𝜊&# 𝑦" )) 𝐟𝐦𝐭𝐟 𝜑(𝑑(𝜊&# 𝑦" , 𝜑&# 𝑔′(𝜊 𝑒(𝜊&# 𝑦" ) ) ))

SLIDE 11

𝑔′ 𝑔 𝜊 𝜊"# 𝜑"# 𝜑 𝑌 𝑌′ 𝑍 𝑍′ Consider two isomorphic sets (data types) 𝑌 and 𝑌! with 𝜊 ∶ 𝑌 ⟶ 𝑌′ and 𝜊"# ∶ 𝑌′ ⟶ 𝑌. Consider two isomorphic sets (data types) 𝑍 and 𝑍′ with 𝜑 ∶ 𝑍 ⟶ 𝑍′ and 𝜑"# ∶ 𝑍′ ⟶ 𝑍. Consider a function 𝑔 ∶ 𝑌 ⟶ 𝑍, a computation from inputs of type 𝑌 to outputs of type 𝑍. We can mechanically construct a function 𝑔! ∶ 𝑌′ ⟶ 𝑍′ that makes the diagram commute.

𝐣𝐠 𝑏 𝑦 𝐮𝐢𝐟𝐨 𝑐 𝑦 𝐟𝐦𝐭𝐟 𝑑(𝑦, 𝑔(𝑒(𝑦))) 𝑔 𝑦 ≡

𝑏 ⊆ 𝑌 𝑐 ∶ 𝑌 ⟶ 𝑍 𝑑 ∶ 𝑌 × 𝑍 ⟶ 𝑍 𝑒 ∶ 𝑌 ⟶ 𝑌

representative recursive definition ⊢ ¬𝑏 𝑦 ⟹ 𝜈(𝑒(𝑦)) ≺ 𝜈(𝑦) 𝑔 terminates keep the same structure and add the conversions 𝑔′ 𝑦" ≡ 𝐣𝐠 𝑏(𝜊&# 𝑦" ) 𝐮𝐢𝐟𝐨 𝜑(𝑐(𝜊&# 𝑦" )) 𝐟𝐦𝐭𝐟 𝜑(𝑑(𝜊&# 𝑦" , 𝜑&# 𝑔′(𝜊 𝑒(𝜊&# 𝑦" ) ) )) 𝜈" ≡ 𝜈 ∘ 𝜊&# 𝑔′ terminates because 𝑔 does

⊢ 𝑔′ = 𝜑 ∘ 𝑔 ∘ 𝜊"#

b y i n d u c t i

n

automatic

SLIDE 12

𝑔′ 𝑔 𝜊 𝜊"# 𝜑"# 𝜑 𝑌 𝑌′ 𝑍 𝑍′ ⊢ 𝑔′ = 𝜑 ∘ 𝑔 ∘ 𝜊"#

𝑔′ 𝑦" ≡ 𝐣𝐠 𝑏(𝜊&# 𝑦" ) 𝐮𝐢𝐟𝐨 𝜑(𝑐(𝜊&# 𝑦" )) 𝐟𝐦𝐭𝐟 𝜑(𝑑(𝜊&# 𝑦" , 𝜑&# 𝑔′(𝜊 𝑒(𝜊&# 𝑦" ) ) )) 𝐣𝐠 𝑏 𝑦 𝐮𝐢𝐟𝐨 𝑐 𝑦 𝐟𝐦𝐭𝐟 𝑑(𝑦, 𝑔(𝑒(𝑦))) 𝑔 𝑦 ≡ goal: no trace of 𝑌, 𝑍, 𝜊, 𝜊&#, 𝜑, 𝜑&# keep the same structure and add the conversions automatic expand the definitions and rewrite/simplify user-guided 𝐣𝐠 𝑏′ 𝑦′ 𝐮𝐢𝐟𝐨 𝑐′ 𝑦′ 𝐟𝐦𝐭𝐟 𝑑′(𝑦′, 𝑔′′(𝑒′(𝑦′))) 𝑔′′ 𝑦" ≡ ⊢ 𝑔"" = 𝑔′

SLIDE 13

keep the same structure and add the conversions expand the definitions and rewrite/simplify 𝑔 𝑦 ≡ … 𝑔′ 𝑦′ ≡ … 𝑔′′ 𝑦" ≡ …

This is a general method: automatically create an isomorphic version and semi-automatically rewrite/simplify it. We can do it for 𝑔, 𝑔

#, 𝑔 0, etc.,

btaining 𝑔′, 𝑔′′, 𝑔

#′, 𝑔 #′′, 𝑔 0′, 𝑔 0′′, etc.,

Consider a function 𝑕 that calls 𝑔, 𝑔

#, 𝑔 0, etc.

𝑕 … ≡ … 𝑔 … …

We can apply the same general method to 𝑕.

keep the same structure and add the conversions 𝑕′ … ≡ … 𝜑(𝑔(𝜊&# … )) … expand the definitions and rewrite/simplify 𝑕′′ … ≡ …

If 𝑕 manipulates the data being transformed

nly through 𝑔, 𝑔

#, 𝑔 0, etc., we can automate

the rewriting/simplification step as well. ⊢ 𝑔 = 𝜑"# ∘ 𝑔′ ∘ 𝜊

SLIDE 14

keep the same structure and add the conversions expand the definitions and rewrite/simplify 𝑔 𝑦 ≡ … 𝑔′ 𝑦′ ≡ … 𝑔′′ 𝑦" ≡ …

This is a general method: automatically create an isomorphic version and semi-automatically rewrite/simplify it. We can do it for 𝑔, 𝑔

#, 𝑔 0, etc.,

btaining 𝑔′, 𝑔′′, 𝑔

#′, 𝑔 #′′, 𝑔 0′, 𝑔 0′′, etc.,

Consider a function 𝑕 that calls 𝑔, 𝑔

#, 𝑔 0, etc.

We can apply the same general method to 𝑕. If 𝑕 manipulates the data being transformed

nly through 𝑔, 𝑔

#, 𝑔 0, etc., we can automate

the rewriting/simplification step as well. And we can do everything in one step.

keep the same structure and replace 𝑔 with 𝑔′ etc. 𝑕 … ≡ … 𝑔 … … 𝑕′ … ≡ … 𝑔′ … …

SLIDE 15

(isodata 𝑔 ...) (simplify 𝑔′ ...) 𝑔 𝑦 ≡ … 𝑔′ 𝑦′ ≡ … 𝑔′′ 𝑦" ≡ …

We use isodata to initiate the isomorphic transformation. We use propagate-iso to propagate the isomorphic transformation.

(propagate-iso 𝑕 ...) 𝑕 … ≡ … 𝑔 … … 𝑕′ … ≡ … 𝑔′ … …

The simplify transformation was described at ACL2-2017.

SLIDE 16

(propagate-iso 𝑕 ...)

We use propagate-iso to propagate the isomorphic transformation.

𝑕 … ≡ … 𝑔 … … 𝑕′ … ≡ … 𝑔′ … … (isodata 𝑔 ...) (simplify 𝑔′ ...) 𝑔 𝑦 ≡ … 𝑔′ 𝑦′ ≡ … 𝑔′′ 𝑦" ≡ …

We use isodata to initiate the isomorphic transformation.

𝜊 𝜊&# 𝑌 𝑌′ 𝜑 𝜑&# 𝑍 𝑍′ (defiso 𝑌 𝑌′ 𝜊 𝜊&# ...) (defiso 𝑍 𝑍′ 𝜑 𝜑&# ...) 𝜂 𝜂&# 𝑎 𝑎′

We use defiso to establish the isomorphic mappings.

(defiso 𝑎 𝑎′ 𝜂 𝜂&# ...) and for other types and for 𝑔

#, 𝑔 ', etc.

and for 𝑕#, 𝑕', etc.

SLIDE 17

propagate-iso

1. Find events to propagate to

User supplied limits
Dependent events: function definitions and theorems

2. Type analysis: which arguments and results to be transformed

Arguments: guards
Results: typing theorems and body of definition

3. Dependent isomorphisms

Subtypes, record/product types, recursive types: e.g. list, map types

4. Translation: substitution

Add isomorphism theorems for newly generated functions

5.

Hints. Hard to guarantee they will work
Three rulesets: forward, backward, general (typing, defiso rules)
Allow user to augment or override automatically generated hints

SLIDE 18

Dependent Isomorphism: Deriving isomorphism from predicate

𝐵𝑚𝑚𝜊 𝑚 ≡ 𝐣𝐠 𝑏𝑢𝑝𝑛 𝑚 𝐮𝐢𝐟𝐨 𝑐 𝑚 𝐟𝐦𝐭𝐟 𝑑(𝑌(𝑑𝑏𝑠 𝑚 ), 𝐵𝑚𝑚𝑌 𝑑𝑒𝑠 𝑚 ) 𝑜𝑣𝑚𝑚 𝑐(𝑚) ⟹ 𝑐 𝑚 = 𝑜𝑗𝑚 𝐣𝐠 𝑏𝑢𝑝𝑛 𝑚 𝐮𝐢𝐟𝐨 𝑜𝑗𝑚 𝐟𝐦𝐭𝐟 𝐹 𝐹 = 𝑑(𝑌(𝑑𝑏𝑠 𝑚 ), 𝐵𝑚𝑚𝑌 𝑑𝑒𝑠 𝑚 ) ∧ 𝑑𝑝𝑜𝑡𝑞(𝐹) ∧ 𝑌!(𝑑𝑏𝑠 𝐹 ) ∧ 𝐵𝑚𝑚𝑌′(𝑑𝑒𝑠 𝐹 ) ∴ 𝐹 = 𝑑𝑝𝑜𝑡(𝜊 𝑑𝑏𝑠 𝑚 , 𝐵𝑚𝑚𝜊(𝑑𝑒𝑠 𝑚 )) 𝐵𝑚𝑚𝜊 𝑚 ≡ 𝐣𝐠 𝑏𝑢𝑝𝑛 𝑚 𝐮𝐢𝐟𝐨 𝑜𝑗𝑚 𝐟𝐦𝐭𝐟 𝑑𝑝𝑜𝑡(𝜊(𝑑𝑏𝑠 𝑚 ), 𝐵𝑚𝑚𝜊(𝑑𝑒𝑠 𝑚 )) Consider two isomorphic sets (data types) 𝑌 and 𝑌! with 𝜊 ∶ 𝑌 ⟶ 𝑌′ and 𝜊"# ∶ 𝑌′ ⟶ 𝑌. Consider a predicate 𝐵𝑚𝑚𝑌 𝑚 ≡ 𝐣𝐠 𝑏𝑢𝑝𝑛 𝑚 𝐮𝐢𝐟𝐨 𝑜𝑣𝑚𝑚 𝑚 𝐟𝐦𝐭𝐟 𝑌(𝑑𝑏𝑠 𝑚 ) ∧ 𝐵𝑚𝑚𝑌(𝑑𝑒𝑠(𝑚)). Then define predicate 𝐵𝑚𝑚𝑌′(𝑚) ≡ 𝐣𝐠 𝑏𝑢𝑝𝑛 𝑚 𝐮𝐢𝐟𝐨 𝑜𝑣𝑚𝑚 𝑚 𝐟𝐦𝐭𝐟 𝑌!(𝑑𝑏𝑠 𝑚 ) ∧ 𝐵𝑚𝑚𝑌′(𝑑𝑒𝑠(𝑚)). We want to find definitions for the isomorphisms 𝐵𝑚𝑚𝜊 ∶ 𝐵𝑚𝑚𝑌 ⟶ 𝐵𝑚𝑚𝑌′ and 𝐵𝑚𝑚𝜊"# ∶ 𝐵𝑚𝑚𝑌′ ⟶ 𝐵𝑚𝑚𝑌. 𝑜𝑣𝑚𝑚 𝑚 𝑌!(𝑑𝑏𝑠 𝑚 ) ∧ 𝐵𝑚𝑚𝑌′(𝑑𝑒𝑠(𝑚))

SLIDE 19

(defun P-map-p (m) (if (atom m) (null m) (and (consp (car m)) (P (caar m)) (natp (cdar m)) (P-map-p (cdr m)))) (defun P'-map-p (m) (if (atom m) (null m) (and (consp (car m)) (P' (caar m)) (natp (cdar m)) (P'-map-p (cdr m)))) (defun P-map-to-P'-map (m) (if (atom m) nil (cons (cons (P-to-P' (caar m)) (cdar m)) (P-map-to-P'-map (cdr m))))

Derive P-map-to-P'-map else clause

(consp (car m)) --> (cons (cons ? ?) ?) (P' (caar m)) --> (cons (cons (P-to-P' (caar m)) ?) ?) (natp (cdar m)) --> (cons (cons ? (cdar m)) ?) identity isomorphism (P'-map-p (cdr m))--> (cons (cons ? ?) (P-map-to-P'-map (cdr m))) Combined: (cons (cons (P-to-P' (caar m)) (cdar m)) (P-map-to--map (cdr m)))

Consider two isomorphic sets (data types) P and P'with P-to-P': P ⟶ P'

SLIDE 20

Demo: efficient value caching with invariant maintenance.

ACL2 !> (defiso ...) (isodata ...) (propagate-iso ...)

SLIDE 21

Drone planner

Set of drones has to visit a set of sites
Partial plan then execute cycle until all sites visited
Each drone produces candidate plans for itself
Coordinator filters plans to minimize redundancy
Each drone has a state
System state is a list of drone states plus coordinator state

Coordinator

Drone 1 Drone 2