Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cs7100(Prasad)L4-5ADT1 Specification and Implementation of Abstract Data Types.

Published byWilliam Hampton Modified over 9 years ago

Similar presentations

Presentation on theme: "Cs7100(Prasad)L4-5ADT1 Specification and Implementation of Abstract Data Types."— Presentation transcript:

1 cs7100(Prasad)L4-5ADT1 Specification and Implementation of Abstract Data Types

2 cs7100(Prasad)L4-5ADT2 Data Abstraction Clients –Interested in WHAT services a module provides, not HOW they are carried out. So, ignore details irrelevant to the overall behavior, for clarity. Implementors –Reserve the right to change the code, to improve performance. So, ensure that clients do not make unwarranted assumptions.

3 cs7100(Prasad)L4-5ADT3 Specification of Data Types Type : Values + Operations Specify Syntax Semantics Signature of Ops Meaning of Ops Model-based Axiomatic( Algebraic ) Description in terms of Give axioms satisfied standard “primitive” data types by the operations

4 cs7100(Prasad)L4-5ADT4 Syntax of LISP S-expr operations: nil, cons, car, cdr, null signatures: nil: S-expr cons: S-expr  S-expr  S-expr car: S-expr  S-expr cdr: S-expr  S-expr null: S-expr  boolean for every atom a: a : S-expr

5 cs7100(Prasad)L4-5ADT5 Signature tells us how to form complex terms from primitive operations. Legal nil null(cons(nil,nil)) cons(car(nil),nil) Illegal nil(cons) null(null) cons(nil)

6 cs7100(Prasad)L4-5ADT6 Semantics of +: What to expect? + : N x N  N 1 + 2 = 3 zero + succ(succ(zero)) = succ(succ(zero)) x + 0 = x 2 * (3 + 4) = 2 * 7 = 14 = 6 + 8 x * ( y + z) = y * x + x * z

7 cs7100(Prasad)L4-5ADT7 Semantics of S-Expr : What to expect? null(nil) = true car(cons(nil,nil)) = nil null(cdr(cons(nil,cons(nil,nil)))) = false for all E,F in S-Expr car(cons( E, F )) = E null(cons( E, F )) = false

8 cs7100(Prasad)L4-5ADT8 Formal Spec. of ADTs Characteristics of an “Adequate” Specification –Completeness ( No “undefinedness” ) –Consistency/Soundness ( No conflicting definitions ) MinimalityMinimality GOAL: Learn to write sound and complete algebraic(axiomatic) specifications of ADTs

9 cs7100(Prasad)L4-5ADT9 Classification of Operations Observers –generate a value outside the type E.g., null in ADT S-expr Constructors –required for representing values in the type E.g., nil, cons, atoms a in ADT S-expr Non-constructors –remaining operations E.g., car, cdr in ADT S-expr

10 cs7100(Prasad)L4-5ADT10 S-Expr in LISP a : S-Expr nil : S-Expr cons : S-Expr x S-Expr  S-Expr car : S-Expr  S-Expr cdr : S-Expr  S-Expr null : S-Expr  boolean Observers : null Constructors : a, nil, cons Non-constructors : car, cdr

11 cs7100(Prasad)L4-5ADT11 Algebraic Spec Write axioms (equations) that characterize the meaning of all the operations. Describe the meaning of the observers and the non-constructors on all possible constructor patterns. Note the use of typed variables to abbreviate the definition. (“Finite Spec.”)

12 cs7100(Prasad)L4-5ADT12 for all S, T in S-expr cdr(nil) = ?error? cdr(a) = ?error? cdr(cons(S,T)) = T car(nil) = ?error?car(a) = ?error? car(cons(S,T)) = S null(nil) = true null(a) = false null(cons(S,T)) = false acceptableOmitting the equation for “nil” implies that implementations that differ in the interpretation of “nil” are all equally acceptable.

13 cs7100(Prasad)L4-5ADT13 S-Exprs car(a) => “unconstrained” cons(a,nil) => “S-expr value” Expression Evaluation: car(cons(a,nil)) = a cons( car(cons(a,nil)), cdr(cons(a,a)) ) = cons( a, a )

14 cs7100(Prasad)L4-5ADT14 If car and cdr are also regarded as constructors (as they generate values in the type), then the spec. must consider other cases to guarantee completeness (or provide sufficient justification for their omission). for all S in S-expr: null(car(S)) =... null(cdr(S)) =... Motivation for Classification : Minimality

15 cs7100(Prasad)L4-5ADT15 ADT Table ( symbol table/directory ) empty : Table update : Key x Info x Table  Table lookUp: Key x Table  nfo For all K, Ki in Key, I in Info, T in Table: lookUp(K,empty) = error lookUp(K,update(Ki, I, T)) = if K = Ki then I else lookUp(K,T) (“last update overrides the others”)

16 cs7100(Prasad)L4-5ADT16 Table Tables empty update(5, “abc”, empty) update(10, “xyz”, update(5, “abc”, empty)) update(5, “xyz”, update(5, “abc”, empty)) (Search ) lookup (5, update(5, “xyz”, update(5, “abc”, empty)) ) lookup (5, update(5, “xyz”, update(5, “xyz”, empty)) ) lookup (5, update(5, “xyz”, empty) ) “xyz”

17 cs7100(Prasad)L4-5ADT17 Implementations –Array-based –Linear List - based –Tree - based Binary Search Trees, AVL Trees, B-Trees etc –Hash Table - based These exhibit a common Table behavior, but differ in performance aspects (search time). Correctness of a program is assured even when the implementation is changed as long as the spec is satisfied.

18 cs7100(Prasad)L4-5ADT18 (cont’d) Accounts for various other differences ( Data Invariants ) in implementation such as –Eliminating duplicates. –Retaining only the final binding. –Maintaining the records sorted on the key. –Maintaining the records sorted in terms of the frequency of use (a la caching).

19 cs7100(Prasad)L4-5ADT19 A-list in LISP a : A nil : A-list cons : A x A-list  A-list car : A-list  A cdr : A-list  A-list null : A-list  boolean Observers : null, car Constructors : nil, cons Non-constructors : cdr

20 cs7100(Prasad)L4-5ADT20 for all L in A-list cdr(cons(a,L)) = L car(cons(a,L)) = a null(nil) = true null(cons(a,L)) = false Consciously silent about nil-list.

21 cs7100(Prasad)L4-5ADT21 Natural Numbers zero :  succ :   add :  x   iszero :   boolean observers : iszero constructors : zero, succ non-constructors : add Each number has a unique representation in terms of its constructors.

22 cs7100(Prasad)L4-5ADT22 for all I,J in  add(I,J) = ? add(zero,I) = I add(succ(J), I) = succ(add(J,I)) iszero(I) = ? iszero(zero) = true iszero(succ(I)) = false

23 cs7100(Prasad)L4-5ADT23 (cont’d) add(succ(succ(zero)), succ(zero)) = succ(succ(succ(zero)))  The first rule eliminates add from an expression, while the second rule simplifies the first argument to add.  Associativity, commutativity, and identity properties of add can be deduced from this definition through purely mechanical means.

24 cs7100(Prasad)L4-5ADT24 A-list Revisted a : A nil : A-list list : A  A-list append : A-list x A-list  A-list null : A-list  boolean values – nil, list(a), append(nil, list(a)),...

25 cs7100(Prasad)L4-5ADT25 Algebraic Spec constructors –nil, list, append observer null(nil) = true null(list(a)) = false null(append(L1,L2)) = null(L1) /\ null(L2)

26 cs7100(Prasad)L4-5ADT26 Problem : Same value has multiple representation in terms of constructors. Solution : Add axioms for constructors. –Identity Rule append(L,nil) = L append(nil,L) = L –Associativity Rule append(append(L1,L2),L3) = append(L1, append(L2,L3))

27 cs7100(Prasad)L4-5ADT27 Intuitive understanding of constructors The constructor patterns correspond to distinct memory/data patterns required to store/represent values in the type. The constructor axioms can be viewed operationally as rewrite rules to simplify constructor patterns. Specifically, constructor axioms correspond to computations necessary for equality checking and aid in defining a normal form. Cf. == vs equal in Java

28 cs7100(Prasad)L4-5ADT28 Writing ADT Specs Idea: Specify “sufficient” axioms such that syntactically distinct terms (patterns) that denote the same value can be proven so. Note: A term essentially records the detailed history of construction of the value.

29 cs7100(Prasad)L4-5ADT29 General Strategy for ADT Specs Syntax –Specify signatures and classify operations. Constructors –Write axioms to ensure that two constructor terms that represent the same value can be proven so. E.g., identity, associativity, commutativity rules.

30 cs7100(Prasad)L4-5ADT30 Non-constructors –Provide axioms to collapse a non-constructor term into a term involving only constructors. Observers –Define the meaning of an observer on all constructor terms, checking for consistency. Implementation of a type An interpretation of the operations of the ADT that satisfies all the axioms.

31 cs7100(Prasad)L4-5ADT31 Declarative Specification Let *: N x N  N denote integer multiplication. Equation: n * n = n Solution: n = 0 \/ n = 1. Let f : N x N  N denote a binary integer function. Equation: 0 f 0 = 0 Solution: f = “ multiplication ” \/ f = “ addition ” \/ f = “ subtraction ” \/...

32 cs7100(Prasad)L4-5ADT32 Setfor all n, m in N, s in Set delete(n,empty) = empty delete(n,insert(m,s)) = if (n=m) then delete(n,s) ( invalid : s) else insert(m,delete(n,s)) delete(5, insert(5,insert(5,empty)) ) {5,5} == empty {} =/= insert(5,empty) [] [5,5] Set delete : Set [5]

33 cs7100(Prasad)L4-5ADT33 Previous axioms capture “remove all occurrences” semantics. For “remove last occurrence” semantics: List for all n, m in N, s in List delete(n,empty) = empty delete(n,insert(m,s)) = if (n=m) then s else insert(m,delete(n,s)) delete(5, insert(5,insert(5,empty)) ) [5,5] == insert(5,empty) [5] List delete : List

34 cs7100(Prasad)L4-5ADT34 Previous axioms capture “remove all / last occurrences” semantics. For “remove first occurrence” semantics: List for all n, m in N, s in List delete(n,empty) = empty delete(n,insert(m,s)) = if (n=m) and not (n in s) then s else insert(m,delete(n,s)) delete(1, insert(1,insert(2,insert(1,insert(5,empty)))) ) [5,1,2,1] == insert(1,insert(2,insert(5,empty))) [5,2,1] List delete : List

35 cs7100(Prasad)L4-5ADT35 size: List vs Set size(insert(m,l)) = 1 + size(l) –E.g., size([2,2,2]) = 1 + size([2,2]) size(insert(m,s)) = if (m in s) then size(s) else 1 + size(s) –E.g., size({2,2,2}) = size({2,2}) = size ({2}) = 1

36 cs7100(Prasad)L4-5ADT36 Model-based vs Algebraic A model-based specification of a type satisfies the corresponding axiomatic specification. Hence, algebraic spec. is “more abstract” than the model-based spec. Algebraic spec captures the least common- denominator (behavior) of all possible implementations.

37 cs7100(Prasad)L4-5ADT37 Axiomatization: Algebraic Structures A set G with operation * forms a group if Closure: a,b  G implies a*b  G. Associativity: a,b,c  G implies a*(b *c) = (a*b)*c. Identity: There exists i  G such that i*a = a*i = a for all a  G. Inverses: For every a  G there exists an element ~a  G such that a * ~a = ~a * a = i. Examples: (Integers, +), but not ( N, +) (Reals  {0}, *), but not (Integers, *) (Permutation functions, Function composition)

38 cs7100(Prasad)L4-5ADT38 Example car( cons( X, Y) ) = X cdr( cons (X, Y) ) = Y (define ( cons x y) (lambda (m) (cond ((eq? m ’first) x) (eq? m ’second) y) ) )) ; “closure” (define ( car z) (z ’first)) (define ( cdr z) (z ’second))

39 cs7100(Prasad)L4-5ADT39 Applications of ADT spec Least common denominator of all possible implementations. –Focus on the essential behavior. An implementation is a refinement of ADT spec. – IMPL. = Behavior SPEC + Rep “impurities” –To prove equivalence of two implementations, show that they satisfy the same spec. –In the context of OOP, a class implements an ADT, and the spec. is a class invariant.

40 Implementations refine algebraic spec; Equivalence/Substituitivity by abstraction cs7100(Prasad)L4-5ADT40 ADT Spec Impl. 1Impl. 2

41 cs7100(Prasad)L4-5ADT41 Indirectly, ADT spec. gives us the ability to vary or substitute an implementation.

42 cs7100(Prasad)L4-5ADT42 (Cont’d) ADT spec. are absolutely necessary to automate formal reasoning about programs. Theorem provers such as Boyer-Moore prover (NQTHM), LARCH, PVS, and HOL routinely use such axiomatization of types. Provides a theory of equivalence of values that enables design of a suitable canonical form. Identity  delete Associativity  remove parenthesis Commutativity  sort

43 cs7100(Prasad)L4-5ADT43 Spec vs Impl The reason to focus on the behavioral aspects, ignoring efficiency details initially, is that the notion of a “best implementation” requires application specific issues and trade-offs. In other words, the distribution of work among the various operations is based on a chosen representation, which in turn, is dictated by the pragmatics of an application. However, in each potential implementation, there is always some operations that will be efficient while others will pay the price for this comfort.

44 cs7100(Prasad)L4-5ADT44 Ordered Integer Lists null : oil  boolean nil : oil hd : oil  int tl : oil  oil ins : int x oil  oil order : int_list  oil Constructors: nil, ins Non-constructors: tl, order Observers: null, hd

45 cs7100(Prasad)L4-5ADT45 Problem: –syntactically different, but semantically equivalent constructor terms ins(2,ins(5,nil)) = ins(5,ins(2,nil)) ins(2,ins(2,nil)) = ins(2,nil) –hd should return the smallest element. It is not the case that for all I in int, L in oil, hd(ins(I,L)) = I. This holds iff I is the minimum in ins(I,L). –Similarly for tl.

46 cs7100(Prasad)L4-5ADT46 Axioms for Constructors Idempotence –for all ordered integer lists L; for all I in int ins(I, ins(I,L)) = ins(I,L) Commutativity –for all ordered integer lists L; for all I, J in int ins(I, ins(J,L)) = ins(J, ins(I,L)) Completeness : Any permutation can be generated by exchanging adjacent elements.

47 cs7100(Prasad)L4-5ADT47 Axioms for Non-constructors tl(nil) = error tl(ins(I,L)) = ? tl(ins(I,nil)) = nil tl(ins(I,ins(J,L))) = I ins( J, tl(ins(I,L)) ) I > J => ins( I, tl(ins(J,L)) ) I = J => tl( ins( I,L ) ) (cf. constructor axioms for duplicate elimination ) order(nil) =nil order(cons(I,L))=ins(I,order(L))

48 cs7100(Prasad)L4-5ADT48 Axioms for Observers hd(nil) = error hd(ins(I,nil)) = I hd(ins(I,ins(J,L))) = I hd( ins(I,L) ) I > J => hd( ins(J,L) ) I = J => hd( ins(I,L) ) null(nil) = true null(ins(I,L))= false

49 Scheme Implementation (define null null?) (define nil ’()) (define ins cons) (define (hd ol) *min* ) (define (tl ol) *list sans min* ) (define (order lis) *sorted list* ) cs7100(Prasad)L4-5ADT49

50 Possible Implementations Representation Choice 1: –List of integers with duplicates ins is cons but hd and tl require linear-time search Representation Choice 2: –Sorted list of integers without duplicates ins requires search but hd and tl can be made more efficient Representation Choice 3: –Balanced-tree : Heap cs7100(Prasad)L4-5ADT50

51 cs7100(Prasad)L4-5ADT51 Abstract Type – ML Style ADT Set Example

52 cs7100(Prasad)L4-5ADT52 Integer Sets: Algebraic specification empty : intset insert : intset -> int -> intset remove : intset -> int -> intset member : intset -> int -> bool for all s  intset, m,n  int : member empty n = false member (insert s m) n = (n=m) orelse (member s n) remove empty n = empty remove (insert s m) n = if (n=m) then remove s n else insert (remove s n) m

53 cs7100(Prasad)L4-5ADT53 abstype intset = Empty | Insert of intset*int with val empty = Empty fun insert s n = Insert(s,n) fun member Empty n = false | member (Insert(s,m)) n = (n=m) orelse (member s n) fun remove Empty n = Empty | remove (Insert(s,m)) n = if (n=m) then remove s n else Insert(remove s n, m) end;

54 cs7100(Prasad)L4-5ADT54 val s1 = (insert empty 5); val s2 = (insert s1 3); val s1 = (insert s2 8); (member s1 8); (member s1 5); (member s1 1); val s3 = (remove s1 5); (member s3 5); (member s1 5);

55 cs7100(Prasad)L4-5ADT55 abstype intset = Set of int list with val empty = Set [] fun insert (Set s) n = Set(n::s) fun member (Set s) n = List.exists (fn i => (i=n)) s fun remove (Set s) n = Set (List.filter (fn i => (i=n)) s) end; (* member and remove are not primitives in structure List because they are defined only for equality types. *)

56 cs7100(Prasad)L4-5ADT56 abstype intset = Set of (int -> bool) with val empty = Set (fn n => false) fun insert (Set s) n = Set (fn m => (m = n) orelse (s m)) fun member (Set s) n = (s n) fun remove (Set s) n = Set (fn m => (not(m = n)) andalso (s m)) end;

57 More use cases Defining polynomials in one variable with operations such as additions, subtraction, scalar multiplication, multiplication, evaluation, division, differentiation, and integration. a n x n + a (n-1) x (n-1) + … + a 1 x 1 + a 0 cs7100(Prasad)L4-5ADT57

58 (cont’d) Defining Description Logic (OWL-DL) constructs, models (satisfying interpretation), negation normal form, etc. Java Data structure APIs : Sets, Lists, Arrays, etc. IR : Choosing between implementations: Both Hashtables and Balanced-trees are viable for normal queries, but latter is necessary for wildcard queries. cs7100(Prasad)L4-5ADT58

Download ppt "Cs7100(Prasad)L4-5ADT1 Specification and Implementation of Abstract Data Types."

Similar presentations

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?
T YPE I SOMORPHISM O LA M AHMOUD S UPERVISED BY : D R. M ARCELO F IORE UNIVERSITY OF CAMBRIDGE Computer Laboratory Theory & Semantics Group I NTRODUCTION.

T YPE I SOMORPHISM O LA M AHMOUD S UPERVISED BY : D R. M ARCELO F IORE UNIVERSITY OF CAMBRIDGE Computer Laboratory Theory & Semantics Group I NTRODUCTION.
Programming with Lists

Programming with Lists
Cs7120 (Prasad)L22-MetaPgm1 Meta-Programming

Cs7120 (Prasad)L22-MetaPgm1 Meta-Programming
Cs776 (Prasad)L4Poly1 Polymorphic Type System. cs776 (Prasad)L4Poly2 Goals Allow expression of “for all types T” fun I x = x I : ’a -> ’a Allow expression.

Cs776 (Prasad)L4Poly1 Polymorphic Type System. cs776 (Prasad)L4Poly2 Goals Allow expression of “for all types T” fun I x = x I : ’a -> ’a Allow expression.
- Vasvi Kakkad.  Formal -  Tool for mathematical analysis of language  Method for precisely designing language  Well formed model for describing and.

- Vasvi Kakkad.  Formal -  Tool for mathematical analysis of language  Method for precisely designing language  Well formed model for describing and.
Introducing Formal Methods, Module 1, Version 1.1, Oct., 1998 1 Formal Specification and Analytical Verification L 5.

Introducing Formal Methods, Module 1, Version 1.1, Oct., Formal Specification and Analytical Verification L 5.
CSE 3341/655; Part 4 55 A functional program: Collection of functions A function just computes and returns a value No side-effects In fact: No program.

CSE 3341/655; Part 4 55 A functional program: Collection of functions A function just computes and returns a value No side-effects In fact: No program.
Getting started with ML ML is a functional programming language. ML is statically typed: The types of literals, values, expressions and functions in a.

Getting started with ML ML is a functional programming language. ML is statically typed: The types of literals, values, expressions and functions in a.
Functional Programming. Pure Functional Programming Computation is largely performed by applying functions to values. The value of an expression depends.

Functional Programming. Pure Functional Programming Computation is largely performed by applying functions to values. The value of an expression depends.
ML: a quasi-functional language with strong typing Conventional syntax: - val x = 5; (*user input *) val x = 5: int (*system response*) - fun len lis =

ML: a quasi-functional language with strong typing Conventional syntax: - val x = 5; (*user input *) val x = 5: int (*system response*) - fun len lis =
1-1 An Introduction to Scheme March 2008. 1-2 Introduction A mid-1970s dialect of LISP, designed to be a cleaner, more modern, and simpler version than.

1-1 An Introduction to Scheme March Introduction A mid-1970s dialect of LISP, designed to be a cleaner, more modern, and simpler version than.
Math 3121 Abstract Algebra I

Math 3121 Abstract Algebra I
Katz2004 236386--Formal Specifications Larch 1 Algebraic Specification and Larch Formal Specifications of Complex Systems 236368 Shmuel Katz The Technion.

Katz Formal Specifications Larch 1 Algebraic Specification and Larch Formal Specifications of Complex Systems Shmuel Katz The Technion.
ML: a quasi-functional language with strong typing Conventional syntax: - val x = 5; (*user input *) val x = 5: int (*system response*) - fun len lis =

ML: a quasi-functional language with strong typing Conventional syntax: - val x = 5; (*user input *) val x = 5: int (*system response*) - fun len lis =
ISBN 0-321-19362-8 Chapter 15 Functional Programming Languages Mathematical Functions Fundamentals of Functional Programming Languages Introduction to.

ISBN Chapter 15 Functional Programming Languages Mathematical Functions Fundamentals of Functional Programming Languages Introduction to.
Type Inference David Walker COS 441. Criticisms of Typed Languages Types overly constrain functions & data polymorphism makes typed constructs useful.

Type Inference David Walker COS 441. Criticisms of Typed Languages Types overly constrain functions & data polymorphism makes typed constructs useful.
Semantics with Applications Mooly Sagiv Schrirber 317 03-640-7606 html://www.cs.tau.ac.il/~msagiv/courses/sem08.html Textbooks:Winskel The.

Semantics with Applications Mooly Sagiv Schrirber html:// Textbooks:Winskel The.
Functional programming: LISP Originally developed for symbolic computing First interactive, interpreted language Dynamic typing: values have types, variables.

Functional programming: LISP Originally developed for symbolic computing First interactive, interpreted language Dynamic typing: values have types, variables.
SchemeCOP-40201 Introduction to Scheme. SchemeCOP-40202 Scheme Meta-language for coding interpreters –“ clean ” semantics Scheme = LISP + ALGOL –simple.

SchemeCOP Introduction to Scheme. SchemeCOP Scheme Meta-language for coding interpreters –“ clean ” semantics Scheme = LISP + ALGOL –simple.

Similar presentations

Ads by Google