• No results found

Synthesising Implementations for Derived Sort Operators

Nodes&Edges MD:U) = enricJh

5.63 Synthesising Implementations for Derived Sort Operators

The specification of an Implementation of a derived sort operator in the form of ( * * ) can be synthesised from a specification in the form of (*) by applying the rules given in §5.3. Each synthesis can be characterised by the rules which are applied; we

distinguish three distinct kinds of synthesis strategies. These are described below and we discuss how, with increasing difficulty, the synthesis strategies might be automated.

When only rules 1-5 are used, then the implementation uses just one particular kind of property from the Inductive theory of the implementing ADT; when the specifications can be organised into confluent, terminating term rewriting systems, then the implementation may be synthesised automatically using the method of [KaS 85J.

When rules 1 -6 are used, then the Implementation may use any of the properties from the inductive theory of the implementing ADT and so the implementation cannot be synthesised automatically by the method of [KaS 85]. However, if the specifications fulfill certain requirements, then the results of [Lan 87] show that an implementation may be synthesised automatically using an inductive Inference algorithm.

When all of the rules are used, then the implementation may not only use any of the properties from the inductive theory of the implementing ADT, but it may also increase the expressiveness of the implementing ADT. In general, the automatic synthesis of auxiliary functions not possible although inductive inference methods [Bar 83] may be useful. For example, in [JaT 87], an auxiliary operator is synthesised using such methods.

We illustrate the three possibilities described above by considering the implementation of the add operator from the

Queue

specification by the specification

SRelation2,

the SRelation derived from

Queue

and given as example

4.2

in

§4.2.3.

For simplicity of illustration, we omit the enrichment

Filter

in this example because the specification of the full implementation is very similar to the partial implementation. In

SRelation2,

we assume that the enriched specification

Nodes&Edges

’ is substituted for the anarchic

Nodes&Edges

and that add Is implemented by the operator

ADD]

i.e.

SRelation2

is enriched with the operator

ADD

and equation ( * ) :

ADD : graph nat -> graph Vt:queue,n:nat.

5.63,1 An Example using the Equational Theory of the Implementing ADT

When we instantiate t in (*) by eq, we have

V n rn a t.

abs (ADD ( [H(eq) ,=>(eq) ] ,n) ) = abs ( [Hadd(eq,n) ,=>add(eq,n) ] ) 11

Specifications for the first and second components of the r.h.s. of 11, using the restricted language of

S R e l a t i o n 2,

can be found in the equational theory of

SRelation2:

Hadd(eq,n) = front (add (eq, n) ) +1^ H (dequeue (add (eq, n) ) ) unfold B2

= n +1^ Heq unfoIdR1,R4

=>add (eq, n) = [ ] @ unfold B5

= =>eq fold Q6

And so by abs-dropping we have:

ADD ( [Heq =>eq] ,n) - [n 4-1^ Heq,=»eq] . 12

5.63.2 An Example using the Inductive Theory of the Implementing ADT

When we instantiate t in (*) by add (q, n) ,we have Vq: queue, n, nl : nat.

abs (ADD ([H(add(q,n) ) ,=>(add(q,n) ) ] ,nl) )

= abs ([Hadd(add(q,n) ,nl) ,=>add(add(q,n) ,nl) ] ) 13 Specifications for the first and second components of the r.h.s. of 13, using the restricted language of

SRelation2,

cannot be found in the equational theory of

SRelation2.

However, an implementation of the first component can be found in the

inductive theory of

SRelation.

We can apply the introduction rule to introduce an equation which is similar to the lemma given in example 3.14, §3.3, and proven in Appendix 3 as lemma 5, example 3.14. Namely, In order to synthesise an implementation of H (add (q, n) ) we need to show that

Vq:queue,n;nat. H (add (q, n) ) = n 4-r^ Hq is valid in the inductive theory of

SRelationZ.

We can prove the validity of this equation either by rewriting techniques or by explicit use of induction. Here, we choose the latter. In this, and subsequent proofs, we often apply more than one rule during each step; when the rules applied are only folds or unfolds, then we give only the relevant equation names as justification.

lemma: Vq:queue,n:nat. H (add (q, n) ) = n Hq base case:

H (ad d (eq ,n )) = n +1^ []^ R1,R4,Q1,Q2

= n +r^ []n N4

= n +r^ Heq 03

induction step: Assume Vq: neq, n : n a t. H (add (q ,n ) ) = n +r^ Hq. Consider H (add (add (q ,n ) , n l) ) .

H (a d d (a d d (q ,n ),n l))

= fr o n t (add (add (q ,n ) ,n l) ) (dequeue (add (add (q, n ) , n l ) ) ) 02 = fr o n t (ad d (ad d (q ,n ) ,n l) ) +lj^ H (add(dequeue (add (q ,n ) ) ,n l) R5 = fr o n t (add (add (q, n) , n l) ) +1^ (n l +r^ H (dequeue (add (q,n ) ) ) ) ass. = n l +r^ (fr o n t (add (add(q,n) ,n l) ) +1^ H (dequeue (add(q,n) ) ) ) N5 = n l +r^ (fr o n t (ad d (q ,n ) ) +1^ H (dequeue (ad d (q ,n ) ) ) ) R2

= n l +r^ H (add(q,n) ) 02

Conclusion: Vq;queue, n: nat. H (add (q, n) ) = n +r^ Hq.

And so by application of the introduction rule, we add the equation

5.633 An Example using the Inductive Theory of the Implementing ADT and Auxiliary Operations

Consider now an implementation for the second component of the r.h.s of 13. Again, we apply the introduction rule to introduce an equation which is similar to a lemma from example 3.14 and proven in Appendix 3 as lemmas 6, example 3.14. Namely, in order to synthesise an implementation of => ( a d d ( q, n ) ) we need to show that

Vq:queue,n,nl:nat.

=>{add(add(q,n) ,nl) ) = <n,nl> -t-r^ =>{add(q,n)) L1

is valid in the inductive theory of S R e l a t i o n 2.

Unfortunately, this equation is not in the desired form; x-sorted subterms of the l.h.s. occur on the r.h.s. We can avoid this situation by enriching the theory with a suitable auxiliary operation; i.e. we introduce the following operator:

last; neq -> nat

Vq:queue,n:nat. last (add(q,n) ) = n A5

Using equation A1, we can now rewrite LI in the desired form as:

Vq:neq,n;nat. =»(add(q,n) = <last(q),n> +r^ =>q

and we prove its validity by induction.

lemma: Vq:neq,n:nat. =>(add(q, n) ) = <last(q),n> =>q

base case:

=> (add (add (eq, n) ,nl) )

= <front(add(add(eq,n),nl)),front(dequeue(add(add(eq,n),nl)))> +1q => (dequeue(add(add(eq, n) , nl) ) ) 04 = <n,nl> +1q =>(add(eq,nl) ) R2.R5 = <n,nl> +1q [ ]q 05 = <last(add(eq,n)),nl> +1^ A1 = <last(add(eq,n)),nl> +r^ []^ E4 = <last(add(eq,n)),nl> tr^ =»(add(eq,n)) 05

induction step: Assume Vq: neq, n: nat. =» (add (q, n) ) = <last(q),n> +r^ =>q.

=> <add(add(q,n) ,nl) )

= <front(add(add(q,n),nl)),front(dequeue(add(add(q, n),nl)))>

+lg =» (dequeue (add (add (q, n), nl) ) ) Q4

~ <front(add(add(q,n),nl)),front(dequeue(add(add(q,n),nl)))>

+lg =» (add (dequeue (add (q, n) ), nl) ) R5

= <front (add (add (q, n), nl ) ), front (dequeue (add (add (q, n), nl ) ) ) > +1^ (<last (dequeue (add (q, n) ) ), nl>

+r^ => (dequeue (add (q, n) ) ) ass.

= <last(dequeue(add(q,n))),nl> fr^

<front(add(add(q,n),nl)),front(dequeue(add(add(q,n),nl)))>

+1q => (dequeue (add (q, n) ) ) E5

= <last(dequeue(add(q,n))),nl> +r^

<front (add (q, n) ), front (add (dequeue (add (q, n) ), nl) ) >

+1q => (dequeue (add (q, n) ) ) R5

= <last(dequeue(add(q,n)) ) ,nl> +r^

<front(add(q,n)),front(dequeue(add(q,n)))>

+1q => (dequeue (add (q, n) ) ) R2,R5

= <last (dequeue (add (q, n) ) ), nl> +r^ => (add (q, n) ) 04

= <last (add(q,n) ) ,nl> +r^ =>(add(q,n) ) R5,A1

Conclusion:Vq:neq,n;nat. =>(add(q,n)) = <last(q),n> fr^ =>q.

And so by application of the introduction rule we add the equation

Vq:neq,n;nat. =>(add(q, n) ) = <last(q),n> +r^ =>q 16

By unfolding 13 with 14 and 16 we have

Vq:neq,n;nat.

abs (ADD ( [Hq, =>q], n) )

= abs ( [n +r^ Hq,<last (q) ,n> +r^ =>q] ) 17

and by abs-dropping we have

Vq:neq,n:nat. ADD ( [Hq, =»q], n)

= [n +r^ Hq,<last (q) ,n> +r^ =>q] 18

Download now "The imperative impleme..."

Outline

Related documents