CDuce, an XML-Oriented Programming Language: From Theory to Practice

logoP7

SBLP ’07

CDuce, an XML-Oriented ProgrammingLanguage:

From Theory to Practice

Giuseppe Castagna

CNRSUniversite Paris 7 - Denis Diderot

Natal, 24th of May, 2007

G. Castagna: CDuce, an XML-Oriented Programming Language 1/107

logoP7

SBLP ’07

Outline of the talk

1 XML Programming in CDuceXML Regular Expression Types and Patterns

XML Programming in CDuceNine good reasons to use Regular Expression types/patterns

Tools on top of CDuce

2 Theoretical Foundations

Semantic subtyping

Subtyping algorithms

CDuce functional core

Extension to other type constructors

3 Beyond XML.

Application of the theory to the π-calculus

New results on Milner’s encoding


logoP7

SBLP ’07

Outline of the talk





Semantic subtyping




3 Beyond XML.




logoP7

SBLP ’07

Outline of the talk





Semantic subtyping




3 Beyond XML.




logoP7

SBLP ’07

Outline of the talk





Semantic subtyping




3 Beyond XML.




logoP7

1. Introduction 2. Regexp types/patterns 3. XML Programming in CDuce 3. Properties 4. Toolkit SBLP ’07

PART 1: XML PROGRAMMING INCDUCE

Part 1: XML Programming in CDuce G. Castagna: CDuce, an XML-Oriented Programming Language 3/107

logoP7


Programming with XML

Level 0: textual representation of XML documents

AWK, sed, Perl

Level 1: abstract view provided by a parser

SAX, DOM, . . .

Level 2: untyped XML-specific languages

XSLT, XPath

Level 3: XML types taken seriously (aka: related work)

XDuce, XtaticXQueryCω (Microsoft). . .


logoP7




AWK, sed, Perl


SAX, DOM, . . .


XSLT, XPath




logoP7




AWK, sed, Perl


SAX, DOM, . . .


XSLT, XPath




logoP7




AWK, sed, Perl


SAX, DOM, . . .


XSLT, XPath




logoP7




AWK, sed, Perl


SAX, DOM, . . .


XSLT, XPath




logoP7


Presentation of CDuceFeatures:

Oriented to XML processingType centricGeneral-purpose featuresVery efficient

Inteded use:Small “adapters” between different XML applicationsLarger applications that use XMLWeb developmentWeb services

Status:Public release available (0.4.1): documentation and tutorials.

Integration with standardsInternally: Unicode, XML, Namespaces, XML SchemaExternally: DTD, WSDL

Several tools: graphical queries, code embedding (a la php)


logoP7









logoP7









logoP7









logoP7








Used both for teaching and in production code.


logoP7


Types, Types, Types!!!

Types are pervasive in CDuce:Static validation

E.g.: does the transformation produce valid XHTML ?

Type-driven programming semanticsAt the basis of the definition of patternsDynamic dispatchOverloaded functions

Type-driven compilationOptimizations made possible by static typesAvoids unnecessary and redundant tests at runtimeAllows a more declarative style


logoP7








logoP7








logoP7








logoP7


Regular ExpressionTypes and Patterns for XML


logoP7


Types & patterns: the functional languages perspective

Types are sets of values

Values are decomposed by patterns

Patterns are roughly values with capture variables

Instead of

let x = fst(e) inlet y = snd(e) in (y,x)

with pattern one can write

let (x,y) = e in (y,x)

which syntactic sugar for

match e with (x,y) -> (y,x)

“match” is more interesting than “let”, since it can testseveral “|||”-separated patterns.


logoP7






Instead of








logoP7






Instead of








logoP7






Instead of








logoP7






Instead of








logoP7


Example: tail-recursive version of length for lists:

type List = (Any,List) | ‘nil

fun length (x:(List,Int)) : Int =match x with| (‘nil , n) -> n| (( ,t), n) -> length(t,n+1)

So patterns are values with capture variables, wildcards, constants.

But if we:

1 use for types the same constructors as for values(e.g. (s,t) instead of s × t)

2 use values to denote singleton types(e.g. ‘nil in the list type);

3 consider the wildcard “ ” as synonym of Any


logoP7






But if we:





logoP7






But if we:





logoP7






But if we:





logoP7




fun length (x:(List,Int)) : Int =match x with| (‘nil , nnn) -> n| (( ,ttt), nnn) -> length(t,n+1)


But if we:





logoP7






But if we:





logoP7




fun length (x:(List,Int)) : Int =match x with| (‘nil‘nil‘nil , n) -> n| (( ,t), n) -> length(t,n+1)


But if we:





logoP7






But if we:





logoP7






But if we:





logoP7



type List = (Any,List)(Any,List)(Any,List) | ‘nil

fun length (x:(List,Int)(List,Int)(List,Int)) : Int =match x with| (‘nil , n) -> n| (( ,t), n) -> length(t,n+1)


But if we:





logoP7






But if we:





logoP7



type List = (Any,List) | ‘nil‘nil‘nil



But if we:





logoP7






But if we:





logoP7



type List = (AnyAnyAny,List) | ‘nil



But if we:





logoP7






But if we:




Key idea behind regular patterns

Patterns are types with capture variables

Define types: patterns come for free.


logoP7






But if we:








logoP7






But if we:








logoP7


Which types should we start from?

Patterns are tightly connected to boolean type constructors,that is unions (|), intersections (&) and differences (\):

type List = (Any,List) | ‘nil|||

fun length (x :(List,Int)) : Int =match x with| (‘nil , n) -> n Int| (( ,t), n) -> length(t,n+1) Int


logoP7







logoP7




type List = (Any,List) ||| ‘nil|||



logoP7






To type this function we need basic types products, singletons,. . .

t ::= Int | v | (t, t) |


logoP7







t ::= Int | v | (t, t) | t|t | t&t | t\t | Empty | Any

but also boolean type constructors.Let us type the function.


logoP7






t ::= Int | v | (t, t) | t|t | t&t | t\t | Empty | Any

but also boolean type constructors.Let us type the function.


logoP7



t = v | v value of type t and ***p+++ = v | v matches pattern p(this is a type)




logoP7







logoP7






The first branch is executed only for values and are both in(List,Int) and in ***(‘nil,n) +++ = (‘nil,Any)


logoP7








logoP7







(List,Int) & (‘nil,Any) = (‘nil,Int)


logoP7









logoP7









logoP7






The second branch is executed for values that are in(List,Int) not in ***(‘nil,n)+++ and in ***(( ,t),n)+++


logoP7







((List,Int)\ (‘nil,Any))&((Any,Any),Any) = ((Any,List),Int)


logoP7









logoP7









logoP7






The match expression has type the union of the possible results


logoP7







Int | Int = Int


logoP7







Int | Int = Int

The function is well-typed


logoP7







Int | Int = Int

The function is well-typed


logoP7


Unions, intersections, differences

Boolean operators are needed to type pattern matching:match e with p1 -> e1 | p2 -> e2

- To infer the type t1 of e1 we need t& *** p1+++ (where e : t);

- To infer the type t2 of e2 we need (t \ *** p1+++)& *** p2+++;- The type of the match is t1|t2 .

Boolean type constructors are useful for programming:

map catalogue withx :: (Car & (Guaranteed |(Any\Used)) -> x

Select in catalogue all cars that if used then are guaranteed.

Intersection types yield overloaded functions:+ : (String,String->String) & (Int,Int->Int)


logoP7











logoP7











logoP7











logoP7




- To infer the type t1 of e1 we need t&&& *** p1+++ (where e : t);

- To infer the type t2 of e2 we need (t \\\ *** p1+++)&&& *** p2+++;- The type of the match is t1|||t2 .






logoP7











logoP7











logoP7











logoP7







map catalogue withx :: (Car &&& (Guaranteed |||(Any\\\Used)) -> x




logoP7











logoP7









Intersection types yield overloaded functions:+ : (String,String->String) &&& (Int,Int->Int)


logoP7










Roadmap to extend it to XML:

1 Define types for XML documents,2 Add boolean type constructors,3 Define patterns as types with capture variables


logoP7













logoP7













logoP7













logoP7


XML syntax

type Bib = <bib>[Book Book]<book year="1997"><title>[’Object-Oriented Programming’]</title><author><last>[’Castagna’]</last><first>[’Giuseppe’]</first>

</author>]<price>[’56’]</price>’Bikhauser’

</book>]<book year="2007"><title>[’SBLP Proceedings’]</title><editor><last>[’Bigonha’]</last><first>[’Roberto’]</first>

</editor>]’SBC’

</book>]</bib>]


logoP7


XML syntax

type Bib = <bib>[Book Book]<book year="1997">[<title>[’Object-Oriented Programming’]<author>[<last>[’Castagna’]<first>[’Giuseppe’]

]<price>[’56’]’Bikhauser’

]<book year="2007">[<title>[’SBLP Proceedings’]<editor><last>[’Bigonha’]<first>[’Roberto’]

]’SBC’

]]


logoP7


XML syntax

type Bib = <bib>[Book Book]<book year="1997">[<title>[’Object-Oriented Programming’]<author>[<last>[’Castagna’]<first>[’Giuseppe’]

]<price>[’56’]’Bikhauser’

]<book year="2007">[<title>[’SBLP Proceedings’]<editor><last>[’Bigonha’]<first>[’Roberto’]

]’SBC’

]]


logoP7


XML syntax

type Bib = <bib>[Book Book] String = [PCDATA] = [Char*]<book year=String>[<title><author>[<last>[PCDATA]<first>[PCDATA]

]<price>[PCDATA]PCDATA

]<book year=String>[<title>[PCDATA]<editor><last>[PCDATA]<first>[PCDATA]

]PCDATA

]]


logoP7


XML syntax

type Bib = <bib>[Book Book]type Book = <book year=String>[

Title(Author+ | Editor+)Price?PCDATA]

type Author = <author>[Last First]type Editor = <editor>[Last First]type Title = <title>[PCDATA]type Last = <last>[PCDATA]type First = <first>[PCDATA]type Price = <price>[PCDATA]

This and: singletons, intersections, differences, Empty, and Any.


logoP7


XML syntax

type Bib = <bib>[Book*]type Book = <book year=String>[





logoP7


XML syntax






logoP7


XML syntax

type Bib = <bib>[Book*] Kleene startype Book = <book year=String>[





logoP7


XML syntax

type Bib = <bib>[Book*]type Book = <book year=String>[ attribute types





logoP7


XML syntax


Title nested elements(Author+ | Editor+)Price?PCDATA]




logoP7


XML syntax


Title(Author+ | Editor+) unionsPrice?PCDATA]




logoP7


XML syntax


Title(Author+ | Editor+)Price? optional elemsPCDATA]




logoP7


XML syntax


Title(Author+ | Editor+)Price?PCDATA] mixed content




logoP7


XML syntax






logoP7


Patterns

Patterns = Types + Capture variables

TY

PES

PAT

TERN

S


logoP7


Patterns


type Bib = <bib>[Book*]type Book = <book year=String>[Title Author+ Publisher]type Publisher = StringT

YPES

PAT

TERN

S


logoP7


Patterns



YPES

match bibs with<bib>[x::Book*] -> x

PAT

TERN

S


logoP7


Patterns



YPES


The pattern binds x to the sequence of all books in the bibliographyPAT

TERN

S


logoP7


Patterns



YPES


PAT

TERN

S


logoP7


Patterns



YPES


Returns the content of bibs.PAT

TERN

S


logoP7


Patterns



YPES

match bibs with<bib>[( x::<book year="2005"> | y:: )*] -> x@y

PAT

TERN

S


logoP7


Patterns



YPES


Binds x to the sequence of all this year’s books, and y to all theother books.

PAT

TERN

S


logoP7


Patterns



YPES


PAT

TERN

S


logoP7


Patterns



YPES


Returns the concatenation (i.e., “@”) of the two captured sequencesPAT

TERN

S


logoP7


Patterns



YPES

match bibs with<bib>[(x::<book year="1990">[ * Publisher\"ACM"] | )*] -> x

PAT

TERN

S


logoP7


Patterns



YPES


Binds x to the sequence of books published in 1990 from publishersothers than “ACM” and discards all the others.

PAT

TERN

S


logoP7


Patterns



YPES


PAT

TERN

S


logoP7


Patterns



YPES


Returns all the captured booksPAT

TERN

S


logoP7


Patterns



YPES


Returns all the captured books

Exact type inference:

E.g.: if we match the pattern [(x::Int| )*] against an expressionof type [Int* String Int] the type deduced for x is [Int+]

PAT

TERN

S


logoP7


Patterns



YPES


Returns all the captured books

Exact type inference:

E.g.: if we match the pattern [(x::Int| )***] against an expressionof type [Int* String Int] the type deduced for x is [Int+++]

PAT

TERN

S


logoP7


XML-programming in CDuce


logoP7


Functions: basic usage

type Program = <program>[ Day* ]type Day = <day date=String>[ Invited? Talk+ ]type Invited = <invited>[ Title Author+ ]type Talk = <talk>[ Title Author+ ]

Extract subsequences (union polymorphism)

fun (Invited|Talk -> [Author+])< >[ Title x::Author* ] -> x

Extract subsequences of non-consecutive elements:

fun ([(Invited|Talk|Event)*] -> ([Invited*], [Talk*]))[ (i::Invited | t::Talk | )* ] -> (i,t)

Perl-like string processing (String = [Char*])

fun parse email (String -> (String,String))| [ local:: * ’@’ domain:: * ] -> (local,domain)| -> raise "Invalid email address"


logoP7











logoP7











logoP7











logoP7


Functions: advanced usage


Functions can be higher-order and overloaded

let patch program(p :[Program], f :(Invited -> Invited) &&& (Talk -> Talk)):[Program]

= xtransform p with (Invited | Talk) & x -> [ (f x) ]

Higher-order, overloading, subtyping provide name/code sharing...

let first author ([Program] -> [Program];Invited -> Invited;Talk -> Talk)

| [ Program ] & p -> patch program (p,first author)| <invited>[ t a * ] -> <invited>[ t a ]| <talk>[ t a * ] -> <talk>[ t a ]

Even more compact: replace the last two branches with:

<(k)>[ t a * ] -> <(k)>[ t a ]


logoP7











<(k)>[ t a * ] -> <(k)>[ t a ]


logoP7











<(k)>[ t a * ] -> <(k)>[ t a ]


logoP7











<(k)>[ t a * ] -> <(k)>[ t a ]


logoP7











<(k)>[ t a * ] -> <(k)>[ t a ]


logoP7











<(k)>[ t a * ] -> <(k)>[ t a ]


logoP7











<(k)>[ t a * ] -> <(k)>[ t a ]


logoP7











<(k)>[ t a * ] -> <(k)>[ t a ]


logoP7











<(k)>[ t a * ] -> <(k)>[ t a ]


logoP7


Query language: CQL

Instead of just variablesselect e from

x1 in e1 p1...

xn in en pn

where c

Biblio = <bib>[Book*]Book = <book year=String>[Title (Author+|Editor+) Price?]


logoP7


Query language: CQL

Instead of just variables use patternsselect e from

p1 in e1...

pn in en

where c



logoP7


Query language: CQL


p1 in e1...

pn in en

where c

fun getTitles(bibs : Biblio) : [(<book>[Title])*]

<bib>[b::Book*]<book year="1990">[ t::Title + <price>"69.99" ]in b

(1) captures in b all the books of a bibliography(2) captures in t the title of a book if it is of 1990 and costs 69.99



logoP7


Query language: CQL


p1 in e1...

pn in en

where c

fun getTitles(bibs : Biblio) : [(<book>[Title])*]select <book>t from<bib>[b::Book*] in bibs,<book year="1990">[ t::Title + <price>"69.99" ] in b

Selects from bibs the titles of all books of 1990 and of price 69.99and has type Biblio->[(<book>[Title])*]



logoP7


Query language: CQL


p1 in e1...

pn in en

where c


Selects from bibs the titles of all books of 1990 and of price 69.99and has type Biblio->[(<book>[Title])*]



logoP7


Query language: CQL


p1 in e1...

pn in en

where c


Selects from bibs the titles of all books of 1990 and of price 69.99and has type Biblio -> [(<book>[Title])*]



logoP7


XPath encoding

For instance in CQL (. . . but see Xtatic for a very different encoding):

All children of e with tag tag (e/tag )

select x from < ..>[( x::(<tag ..> )| )*] in e

All attributes labelled by id (e/@id )

select x from < id =x ..> in e

Notice that regexp patterns can define non-unary queries.


logoP7


XPath encoding








logoP7


XPath encoding








logoP7


XPath encoding








logoP7


XPath encoding







Rationale

CQL, Xtatic, add syntactic sugar for XPath . . .


logoP7


. . . it is all syntactic sugar!

Types

t ::= Int | v | (t, t) | t→→→t | t ∨ t | t ∧ t | ¬t | Any

Patterns

p ::= t | x | (p, p) | p ∨ p | p ∧ p

Example:

type Book = <book>[Title (Author+|Editor+) Price?]

encoded as

Book = (‘book, (Title,X ∨ Y ))X = (Author,X ∨ (Price, ‘nil) ∨ ‘nil)Y = (Editor,Y ∨ (Price, ‘nil) ∨ ‘nil)


logoP7



Types


Patterns

p ::= t | x | (p, p) | p ∨ p | p ∧ p

Example:


encoded as



logoP7



Types


Patterns

p ::= t | x | (p, p) | p ∨ p | p ∧ p

Example:


encoded as



logoP7



Types


Patterns

p ::= t | x | (p, p) | p ∨ p | p ∧ p

Example:


encoded as



logoP7


Some reasons to consider regularexpression types and patterns


logoP7


Some good reasons to consider regexp patterns/types

Theoretical reason: very compact

Nine practical reasons:

1 Classic usage2 Informative error messages3 Error mining4 Efficient execution5 Compact programs6 Logical optimisation of pattern-based queries7 Pattern matches as building blocks for iterators8 Type/pattern-based data pruning for memory usage optimisation9 Type-based query optimisation


logoP7



Theoretical reason: very compact (6= simple)




logoP7







logoP7







logoP7


1. Classic usages of types

Not much to say here, just notice that:

Singletons, unions, intersections, and differences have set-theoreticsemantics on “types as set of values”: they are easy to understand.

A natural and powerful specification and constraint language:

It is possible to specify constraints such as:If the attribute a has value x, then e-elements that donot contain f-elements must contain two g-elements.

Types can be composed:type WithPrice = < ..>[ * Price *]type ThisYear = < year="2005">

then <bib>[((Biblio&ThisYear)\WithPrice)*] defines a viewcontaining only this year’s books that do not have price element.


Use these types as usual: static detection of errors, partialcorrectness, schema specification

logoP7











logoP7











logoP7











logoP7











logoP7











logoP7











logoP7









Not very innovative but useful properties



logoP7


2. Informative error messages

List of books of a given year, stripped of the Editors and Price

Returns the following error message:Error at chars 81-83:

select <book year=y>(t@a) fromThis expression should have type:[ Title (Editor+|Author+) Price? ]but its inferred type is:[ Title Author+ | Title ]which is not a subtype, as shown by the sample:

[ <title>[ ] ]


In case of error return a sample value in the difference of theinferred type and the expected one

logoP7






[ <title>[ ] ]



logoP7




fun onlyAuthors (year:Int,books:[Book*]):[Book*] =select <book year=y>(t@a) from<book year=y>[(t::Title | a::Author | )+] in books

where int of(y) = year



[ <title>[ ] ]


type Book = <book year=String>[Title (Author+|Editor+) Price?]


logoP7








[ <title>[ ] ]




logoP7








[ <title>[ ] ]




logoP7








[ <title>[ ] ]




logoP7








[ <title>[ ] ]




logoP7








[ <title>[ ] ]




logoP7




fun onlyAuthors (year:Int,books:[Book*]):[Book*] =select <book year=y>(t@a) from<book year=y>[ t::Title a::Author+++ * ] in books




[ <title>[ ] ]




logoP7


3. Error mining

type Person = <person>[ Name Children ]type Children = <children>[Person+]type Name = <name>[PCDATA]

Warning at chars 57-76:type Children = <children>[Person+]This definition yields an empty type for ChildrenWarning at chars 14-39:type Person = <person>[ Name Children ]This definition yields an empty type for Person


Detection of Empty Types

logoP7


3. Error mining

type Person = <person>[ Name Children ]type Children = <children>[Person+]type Name = <name>[PCDATA]

Warning at chars 57-76:type Children = <children>[Person+]This definition yields an empty type for ChildrenWarning at chars 14-39:type Person = <person>[ Name Children ]This definition yields an empty type for Person


Detection of Empty Types

logoP7


3. Error mining (continued)

fun extract(x:[Book*]) =select (z,y) from<book ..>[ z::Title y::(<author> |<edtor> )+ * ] in x

Despite the typo the function is well-typed:- no typing rule is violated- the pattern is not useless, it can match authors

They are not regexp-patterns specific:bibs/book/(title|prize)

Such errors are not always typos: they can be conceptual errors.


Spot subtle errors that elude current type checking technology

logoP7









logoP7









logoP7









logoP7









logoP7









logoP7









logoP7







Can be formally characterised and statically detected by thetypes/patterns presented here and integrated in current reg-exp type-checkers with no overhead



logoP7


4. Compact programs

type Person = FPerson | MPerson;;type FPerson = <person gender ="F">[ Name Children ];;type MPerson = <person gender ="M">[ Name Children ];;type Children = <children>[Person*];;type Name = <name>[String];;

type Man = <man>[ Name Sons Daughters ];;type Woman = <woman>[ Name Sons Daughters ];;type Sons = <sons>[ Man* ];;type Daughters = <daughters>[ Woman* ];;

let fun sort (MPerson -> Man ; FPerson -> Woman)<person gender=gen>[ n <children>[(mc::MPerson | fc::FPerson)*] ] ->

let tag = match gen with "M" -> ‘man | "F" -> ‘woman inlet s = map mc with x -> sort x in mc:[MPerson*] ⇒ s:[Man*]let d = map fc with x -> sort x in fc:[FPerson*] ⇒ d:[Woman*]<(tag)>[ n <sons>s <daughters>d ];;


logoP7


4. Compact programs






logoP7


4. Compact programs






logoP7


4. Compact programs






logoP7


4. Compact programs






logoP7


4. Compact programs






logoP7


4. Compact programs






logoP7


4. Compact programs






logoP7


4. Compact programs






logoP7


4. Compact programs






logoP7


4. Compact programs






logoP7


4. Compact programs






logoP7


4. Compact programs





Very hard to program it in XSLT


logoP7


4. Compact programs





Note

Although sort:Person -> Man | Woman, the declarationfun sort (Person -> Man | Woman)

wouldn’t type-check (fails for the recursive calls).Part 1: XML Programming in CDuce G. Castagna: CDuce, an XML-Oriented Programming Language 26/107

logoP7


5. Efficient execution

Idea: if types tell you that something cannot happen, don’t test it.

type A = <a>[A*]type B = [B*]

fun check(x : A|B) = match x with A -> 1 | B -> 0

fun check(x : A|B) = match x with <a> -> 1 | -> 0

No backtracking.

Whole parts of the matched data are not checked


Use static type information to perform an optimal set of tests

logoP7







No backtracking.




logoP7







No backtracking.




logoP7







No backtracking.




logoP7







No backtracking.




logoP7







No backtracking.




logoP7







No backtracking.




logoP7







No backtracking.




logoP7







No backtracking.


Computing the optimal solution requires to fully exploit inter-sections and differences of types



logoP7







No backtracking.


New kind of push-down tree automata



logoP7


6. Logical pattern-specific optimisation of queries


Transform the from clauses so as to capture in a single patternas much information as possible

logoP7



1 merge distinct patterns that work on a common sequence,

2 transform where clauses into patterns,

3 transform paths into nested pattern-based selections, then merge.



logoP7








logoP7








logoP7



select <book year=y>[t] fromb in bibs/book,p in b/price,t in b/title,y in b/@year

where p = <price>"69.99"

optimised as

select <book year=y> t from<bib>[b::Book*] in bibs,<book year=y>[ t::Title + <price>"69.99" ] in b



logoP7





optimised as




logoP7





optimised as


These optimisations are orthogonal to the classical optimisa-tions: they sum up and bring a further gain of performance



logoP7


7. Pattern matches as building blocks for iterators


Build regexp of “pattern matches” for user-defined iterators

logoP7



In XML processing it is important to allow the programmer todefine her/his own iterators.

XML complex structure makes virtually impossible for a lan-guage to provide a set of iterators covering all possible cases

Iterators programmed in the language are far less preciselytyped than built-in operators (require massive usage of casting).

This may explain why there is less consensus on iterators thanon extractors.



logoP7









logoP7









logoP7









logoP7







How to define new iterators?



logoP7



Hosoya’s smart idea: Define regular expression over pattern-matches “p -> e” (rather than over patterns).

select e from p in e ′ = filter[(p->e| ->[])*](e ′)

map e with p1->e1|...|pn->en = filter[(p1->e1|...|pn->en)*](e)

match e with p1->e1|...|pn->en = filter[p1->e1|...|pn->en]([e])

In-depth iterators are obtained by recursive filters

If instead of regexp we use the core-algebra, then it is possibleto define more powerful iterators.



logoP7











logoP7











logoP7











logoP7











logoP7











logoP7











logoP7











logoP7











logoP7









Type precision obtained by specific typing, as for patterns.



logoP7


8. Type/pattern-based pruning to optimise memory usage

Given a query q execute it on documents in which parts notnecessary to evaluate q are pruned. Recently adopted in mainmemory XML query engines, e.g. [Marian-Simeon], [Bressan et al.].

We can start from the optimal compilation of patterns: Compilepatterns in order to have as many “ ” wildcards as possible


compiled as



Use type analysis to determine which parts of an XML dataneed not to be loaded in main memory

logoP7






compiled as




logoP7






compiled as




logoP7






compiled as




logoP7






compiled as




logoP7






compiled as




logoP7






compiled as




logoP7






compiled as


Data matched by wildcards “ ” not in the scope of a capturevariable are not necessary to the evaluation. Use boolean typeconstructors to determine the program data-need.



logoP7






compiled as


Data matched by wildcards “ ” not in the scope of a capturevariable are not necessary to the evaluation. Use boolean typeconstructors to determine the program data-need.



logoP7


9. Type-based query optimisation

Data description is more precise:E.g. in IMDB there are constraints such as:

If a show-element contains season-elements,then its type-attribute is "TV Series".

Transformation description is more precise:Exact type inference for pattern variables.Finer type inference for queries:

for bibs/book/(title|author|editor)infer type [(Title (Author+|Editor+))*]rather than [(Title|Author|Editor)*]

DTD/Schema already used to optimise access to XMLdata on disk. It should be possible to use also the precisionof regexp types to optimise secondary memory queries.


Use the precision of the type system in query optimisation

logoP7










logoP7










logoP7










logoP7










logoP7










logoP7









bibs : <bib>[ (<book year=String>[Title (Author+|Editor+) Price?])* ]


logoP7











logoP7











logoP7










logoP7










logoP7


Other features

CDuce is a fully featured programming language:

General purpose features: records, tuples, references, integers,booleans, exceptions, . . .

Strings (operators, regular expressions, lazy implementation)

Data specific iterators

Namespaces

XML schema validation

URI’s, and file operations

Unicode


logoP7


Other features





Namespaces



Unicode


logoP7


Other features





Namespaces



Unicode


logoP7


Other features





Namespaces



Unicode


logoP7


Other features





Namespaces



Unicode


logoP7


Other features





Namespaces



Unicode


logoP7


Other features





Namespaces



Unicode


logoP7


Other features





Namespaces



Unicode


logoP7


Other features





Namespaces



Unicode

Not enough


logoP7


Other features





Namespaces



Unicode

Not enoughLibraries and external tools are also needed


logoP7


On top of CDuce


logoP7


Full integration with OCaml

Embedding of CDuce code in XML documents

Graphical queries

Security (control flow analysis)

Web-services


logoP7


Full integration with OCaml

Embedding of CDuce code in XML documents

Graphical queries

Security (control flow analysis)

Web-services


logoP7


CDuce↔OCaml Integration

A CDuce application that requires OCaml code

Reuse existing librairies

Abstract data structures : hash tables, sets, ...Numerical computations, system callsBindings to C libraries : databases, networks, ...

Implement complex algorithms

An OCaml application that requires CDuce code

CDuce used as an XML input/output/transformation layer

Configuration filesXML serialization of datasXHTML code production


logoP7











logoP7











logoP7











logoP7











logoP7











logoP7










Need to seamlessly call OCaml code in CDuce and viceversa


logoP7


Main Challenges

1 Seamless integration:No explicit conversion function in programs:the compiler performs the conversions

2 Type safety:No explicit type cast in programs:the standard type-checkers ensure type safety

What we need:

A mapping between OCaml and CDuce types and values


logoP7


Main Challenges



What we need:



logoP7


Main Challenges



What we need:



logoP7


Main Challenges



What we need:



logoP7


Main Challenges



What we need:



logoP7


Main Challenges



What we need:



logoP7


Main Challenges



What we need:



logoP7


Main Challenges



What we need:



logoP7


How to integrate the two type systems?

The translation can go just one way: OCaml → CDuce

⊕⊕⊕ CDuce uses (semantic) subtyping; OCaml does notIf we translate CDuce types into OCaml ones :- soundness requires the translation to be monotone;- no subtyping in Ocaml implies a constant translation;⇒ CDuce typing would be lost.

⊕⊕⊕ CDuce has unions, intersections, differences,heterogeneous lists; OCaml does not⇒ OCaml types are not enough to translate CDuce types.

OCaml supports type polymorphism; CDuce does not.⇒ Polymorphic OCaml libraries/functions must be first instantied

to be used in CDuce


logoP7







to be used in CDuce


logoP7







to be used in CDuce


logoP7







to be used in CDuce


logoP7







to be used in CDuce


logoP7







to be used in CDuce


logoP7







to be used in CDuce


logoP7







to be used in CDuce


logoP7


In practice

1 Define a mapping T from OCaml types to CDuce types.

t (OCaml) T(t) (CDuce)int min int- -max intstring Latin1t1 ∗ t2 (T(t1),T(t2))t1 → t2 T(t1) → T(t2)t list [T(t)∗]t array [T(t)∗]t option [T(t)?]t ref ref T(t)A1 of t1 | . . . | An of tn (‘A1,T(t1)) | . . . | (‘An,T(tn))l1 = t1; . . . ; ln = tn l1 = T(t1); . . . ; ln = T(tn)

2 Define a retraction pair between OCaml and CDuce values.

ocaml2cduce: t → T(t)cduce2ocaml: T(t) → t


logoP7


In practice






logoP7


In practice






logoP7


In practice






logoP7


Calling OCaml from CDuce

Easy

Use M.f to call the function f exported by the OCaml module M

The CDuce compiler checks type soundness and then- applies cduce2ocaml to the arguments of the call- calls the OCaml function- applies ocaml2cduce to the result of the call

Example: use ocaml-mysql library in CDuce

let db = Mysql.connect Mysql.defaults;;

match Mysql.list dbs db ‘None [] with| (‘Some,l) -> print [ ’Databases: ’ !(string of l) ’\ n’ ]| ‘None -> [];;


logoP7



Easy







logoP7



Easy







logoP7



Easy







logoP7



Easy







logoP7



Easy







logoP7


Calling CDuce from OCaml

Needs little work

Compile a CDuce module as an OCaml binary module by providinga OCaml (.mli) interface. Use it as a standard Ocaml module.

The CDuce compiler:1 Checks that if val f :t in the .mli file, then the CDuce type

of f is a subtype of T(t)2 Produces the OCaml glue code to export CDuce values as

OCaml ones and bind OCaml values in the CDuce module.

Example: use CDuce to compute a factorial:

(* File cdnum.mli: *)val fact: Big int.big int -> Big int.big int

(* File cdnum.cd: *)let aux ((Int,Int) -> Int)| (x, 0 | 1) -> x| (x, n) -> aux (x * n, n - 1)

let fact (x : Int) : Int = aux(1,x)


logoP7



Needs little work










logoP7



Needs little work










logoP7



Needs little work










logoP7



Needs little work










logoP7


Embedded CDuce

Embed CDuce in XML/XHTML a la PHP:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" ...><% include "cgi.cd" %><html><head><title>Hello World</title>

</head><body><% "Hello," @ " World !!!" %>

</body>

</html>

Compiled rather than interpreted


logoP7


Embedded CDuce




</body>

</html>



logoP7


Embedded CDuce




</body>

</html>



logoP7


Embedded CDuce




</body>

</html>



logoP7


Embedded CDuce




</body>

</html>



logoP7


Embedded CDuce

A short demo


logoP7

1. Introduction – 2. Semantic subtyping – 3. Algorithms – 4. Language – 5. Extensions – 6. Recap – SBLP ’07

PART 2: THEORETICALFOUNDATIONS

Part 2: Theoretical Foundations G. Castagna: CDuce, an XML-Oriented Programming Language 43/107

logoP7


Goal

The goal is to show how to take your favourite type constructors

×××, →→→, . . . , chan(), . . .

and add boolean combinators:

∨∨∨, ∧∧∧, ¬¬¬

so that they behave set-theoretically w.r.t. ≤

WHY?

Short answer: YOU JUST SAW IT!

Recap:- to encode XML types- to define XML patterns- to precisely type pattern matching


logoP7


Goal


×××, →→→, . . . , chan(), . . .


∨∨∨, ∧∧∧, ¬¬¬


WHY?




logoP7


Goal


×××, →→→, . . . , chan(), . . .


∨∨∨, ∧∧∧, ¬¬¬


WHY?




logoP7


Goal


×××, →→→, . . . , chan(), . . .


∨∨∨, ∧∧∧, ¬¬¬


WHY?




logoP7


In details

t ::= B | t×××t | t→→→t | t∨∨∨t | t∧∧∧t | ¬t | 0 | 1

Handling subtyping without combinators is easy:constructors do not mix, e.g. :

s2 ≤ s1 t1 ≤ t2s1 → t1 ≤ s2 → t2

With combinators is much harder:combinators distribute over constructors, e.g.

(s1∨∨∨s2) → t R (s1 → t)∧∧∧(s2 → t)

MAIN IDEA

Instead of defining the subtyping relation so that it conforms tothe semantic of types, define the semantics of types and derive thesubtyping relation.


logoP7


In details

t ::= B | t×××t | t→→→t | t∨∨∨t | t∧∧∧t | ¬t | 0 | 1


s2 ≤ s1 t1 ≤ t2s1 → t1 ≤ s2 → t2


(s1∨∨∨s2) → t R (s1 → t)∧∧∧(s2 → t)

MAIN IDEA



logoP7


In details

t ::= B | t×××t | t→→→t | t∨∨∨t | t∧∧∧t | ¬t | 0 | 1


s2 ≤ s1 t1 ≤ t2s1 → t1 ≤ s2 → t2


(s1∨∨∨s2) → t R (s1 → t)∧∧∧(s2 → t)

MAIN IDEA



logoP7


In details

t ::= B | t×××t | t→→→t | t∨∨∨t | t∧∧∧t | ¬t | 0 | 1


s2 ≤ s1 t1 ≤ t2s1 → t1 ≤ s2 → t2


(s1∨∨∨s2) → t R (s1 → t)∧∧∧(s2 → t)

MAIN IDEA



logoP7


In details

t ::= B | t×××t | t→→→t | t∨∨∨t | t∧∧∧t | ¬t | 0 | 1


s2 ≤ s1 t1 ≤ t2s1 → t1 ≤ s2 → t2


(s1∨∨∨s2) → t R (s1 → t)∧∧∧(s2 → t)

MAIN IDEA



logoP7


In details

t ::= B | t×××t | t→→→t | t∨∨∨t | t∧∧∧t | ¬t | 0 | 1


s2 ≤ s1 t1 ≤ t2s1 → t1 ≤ s2 → t2


(s1∨∨∨s2) → t R (s1 → t)∧∧∧(s2 → t)

MAIN IDEA



logoP7


In details

t ::= B | t×××t | t→→→t | t∨∨∨t | t∧∧∧t | ¬t | 0 | 1


s2 ≤ s1 t1 ≤ t2s1 → t1 ≤ s2 → t2


(s1∨∨∨s2) → t R (s1 → t)∧∧∧(s2 → t)

MAIN IDEA



logoP7


In details

t ::= B | t×××t | t→→→t | t∨∨∨t | t∧∧∧t | ¬t | 0 | 1

Not a particularly new idea. Many attempts(e.g. Aiken&Wimmers, Damm,. . . , Hosoya&Pierce).

None fully satisfactory. (no negation, or no function types,or restrictions on unions and intersections, . . . )

Starting point of what follows: the approach ofHosoya&Pierce.

MAIN IDEA



logoP7


In details

t ::= B | t×××t | t→→→t | t∨∨∨t | t∧∧∧t | ¬t | 0 | 1




MAIN IDEA



logoP7


In details

t ::= B | t×××t | t→→→t | t∨∨∨t | t∧∧∧t | ¬t | 0 | 1




MAIN IDEA



logoP7


Semantic subtyping


logoP7


Semantic subtyping

1 Define a set-theoretic semantics of the types:

J K : Types −→ P(D)

2 Define the subtyping relation as follows:

s ≤ tdef⇐⇒ JsK ⊆ JtK

KEY OBSERVATION 1:

The model of types may be independent from a model of terms

Hosoya and Pierce use the model of values:JtKV = v | ` v : t

Ok because the only values of XDuce are XML documents


logoP7


Semantic subtyping





KEY OBSERVATION 1:





logoP7


Semantic subtyping





KEY OBSERVATION 1:





logoP7


Semantic subtyping





KEY OBSERVATION 1:





logoP7


Semantic subtyping





KEY OBSERVATION 1:





logoP7


Circularity

Model of values

t ≤ s ⇐⇒ JtKV ⊆ JsKV where JtKV = v | ` v : t

No longer works with arrow types: values are λ-abstractions andneed (sub)typing to be defined

JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : tgg


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t

CC

` v : tgg


logoP7


Circularity

Model of values



JtKD

t ≤ t((JtKV

` e : t

CC

` v : tgg


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Circularity

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Bootstrap

Model of values



JtKD

t ≤ t JtKV

` e : t ` v : t


logoP7


Bootstrap

Model of values



JtKD

t ≤ t((JtKV

` e : t

CC

` v : tgg


logoP7


Bootstrap

Model of values



JtKD

t ≤ t((JtKV

` e : t

CC

` v : tgg


logoP7


Bootstrap

Model of values



JtKD

t ≤ t

,,

JtKV

` e : t ` v : t


logoP7


Bootstrap

Model of values



JtKD

t ≤ t

,,

JtKV

` e : t

CC

` v : t


logoP7


Bootstrap

Model of values



JtKD

t ≤ t

,,

JtKV

` e : t

CC

` v : tgg


logoP7


Bootstrap

Model of values



JtKD

t ≤ t

,,

JtKV

` e : t

CC

` v : tgg


logoP7


Bootstrap

Model of values



JtKD

t ≤ t

,,

???((JtKV

` e : t

CC

` v : tgg


logoP7


Bootstrap

Model of values



JtKD

t ≤ t

,,

???((JtKV

` e : t

CC

` v : tgg


logoP7


Step 1 : Model

Define when J K : Types −→ P(D) yields a set-theoretic model.

Easy for the combinators:Jt1∨∨∨t2K = Jt1K ∪ Jt2KJt1∧∧∧t2K = Jt1K ∩ Jt2KJ¬¬¬tK = D\JtKJ0K = ∅J1K = D

Hard for constructors:Jt1×××t2K = Jt1K× Jt2KJt1→→→t2K = ???

Think semantically!


logoP7


Step 1 : Model




Think semantically!


logoP7


Step 1 : Model




Think semantically!


logoP7


Step 1 : Model




Think semantically!


logoP7


Step 1 : Model




Think semantically!


logoP7


Step 1 : Model




Think semantically!


logoP7


Intuition

(×JsK)Jt→→→sK = ???

Impossible since it requires P(D2) ⊆ D

KEY OBSERVATION 2:

We need the model to state how types are related rather thanwhat the types are

Accept every J K that behaves w.r.t. ⊆ as if equation (∗) held,namely

Jt1→→→s1K ⊆ Jt2→→→s2K ⇐⇒ P(Jt1K× Js1K) ⊆ P(Jt2K× Js2K)

and similarly for any boolean combination of arrow types.


logoP7


Intuition

(×JsK)Jt→→→sK = functions from JtK to JsK


KEY OBSERVATION 2:






logoP7


Intuition

(×JsK)Jt→→→sK = f ⊆ D2 | ∀(d1, d2)∈ f . d1∈JtK ⇒ d2∈JsK


KEY OBSERVATION 2:






logoP7


Intuition

(×JsK)Jt→→→sK = P(JtK× JsK) ( Xdef= complement of X )


KEY OBSERVATION 2:






logoP7


Intuition

(×JsK)Jt→→→sK = P(JtK× JsK) (∗)


KEY OBSERVATION 2:






logoP7


Intuition



KEY OBSERVATION 2:






logoP7


Intuition



KEY OBSERVATION 2:






logoP7


Intuition



KEY OBSERVATION 2:






logoP7


Intuition



KEY OBSERVATION 2:






logoP7


Technically . . .

1 Take J K : Types → P(D) such thatJt1∨∨∨t2K = Jt1K ∪ Jt2K Jt1∧∧∧t2K = Jt1K ∩ Jt2KJ0K = ∅ J1K = DJ¬¬¬tK = D\JtK [combinator semantics]

2 Define EJ K : Types → P(D2 + P(D2)) as follows

EJt1×××t2Kdef= Jt1K× Jt2K ⊆ D2

EJt1→→→t2Kdef= P(Jt1K× Jt2K) ⊆ P(D2)

EJt1∨∨∨t2Kdef= EJt1K ∪ EJt2K... [constructor semantics]

3 Model: Instead of requiring JtK = EJtK, accept J K if

JtK = ∅ ⇐⇒ EJtK = ∅

(which is equivalent to JsK ⊆ JtK ⇐⇒ EJsK ⊆ EJtK)


logoP7


Technically . . .







JtK = ∅ ⇐⇒ EJtK = ∅



logoP7


Technically . . .







JtK = ∅ ⇐⇒ EJtK = ∅



logoP7


Technically . . .







JtK = ∅ ⇐⇒ EJtK = ∅



logoP7


Technically . . .







JtK = ∅ ⇐⇒ EJtK = ∅



logoP7


Technically . . .







JtK = ∅ ⇐⇒ EJtK = ∅



logoP7


The main intuition

To characterize ≤ all is needed is the test of emptyness

Indeed: s ≤ t ⇔ JsK ⊆ JtK ⇔ JsK ∩ JtK = ∅⇔ Js∧∧∧¬¬¬tK = ∅

Instead of JtK = EJtK, the weaker JtK=∅ ⇔ EJtK=∅suffices for ≤.

J K and EJ K must have the same zeros

We relaxed our requirement but . . .

DOES A MODEL EXIST?

Is it possible to define J K : Types → P(D) that satisfies the modelconditions, in particular a JK such that JtK=∅ ⇔ EJtK=∅?

YES: an example within two slides


logoP7


The main intuition






DOES A MODEL EXIST?




logoP7


The main intuition






DOES A MODEL EXIST?




logoP7


The main intuition






DOES A MODEL EXIST?




logoP7


The main intuition






DOES A MODEL EXIST?




logoP7


The main intuition






DOES A MODEL EXIST?




logoP7


The role of EJK

EJK characterizes the behavior of types (for what it concerns ≤ onecan consider JtK = EJtK): it depends on the language the types areintended for.

Variations are possible. Our choice

EJt1→→→t2K = P(Jt1K× Jt2K)accounts for languages that are:

1 Non-deterministic :Admits functions in which (d , d1) and (d , d2) with d1 6= d2.

2 Non-terminating :a function in Jt→→→sK may be not total on JtK.E.g.

Jt→→→0K = functions diverging on t

3 Overloaded :J(t1∨∨∨t2)→→→(s1∧∧∧s2)K J(t1→→→s1)∧∧∧(t2→→→s2)K


logoP7


The role of EJK









logoP7


The role of EJK









logoP7


The role of EJK









logoP7


The role of EJK









logoP7


The role of EJK









logoP7


Closing the circle

1 Take any model (B, JKB) to bootstrap the definition.

2 Defines ≤B t ⇐⇒ JsKB ⊆ JtKB

3 Take any “appropriate” language L and use ≤B to type it

Γ `B e : t

4 Define a new interpretation JtKV = v ∈ V | `B v : t ands ≤V t ⇐⇒ JsKV ⊆ JtKV

5 If L is “appropriate” (`B v : t ⇐⇒ 6`B v : ¬¬¬t) then JKV is amodel and

s ≤B t ⇐⇒ s ≤V t

The circle is closed


logoP7


Closing the circle




Γ `B e : t



s ≤B t ⇐⇒ s ≤V t



logoP7


Closing the circle




Γ `B e : t



s ≤B t ⇐⇒ s ≤V t



logoP7


Closing the circle




Γ `B e : t



s ≤B t ⇐⇒ s ≤V t



logoP7


Closing the circle




Γ `B e : t



s ≤B t ⇐⇒ s ≤V t



logoP7


Closing the circle




Γ `B e : t



s ≤B t ⇐⇒ s ≤V t



logoP7


Exhibit a model

Does a model exists? (i.e. a J K such that JtK = ∅ ⇐⇒ EJtK = ∅)YES: take (U , J KU ) where

1 U least solution of X = X 2 + Pf (X2)

2 J KU is defined as:

J0KU = ∅ J1KU = U J¬¬¬tKU = U\JtKUJs∨∨∨tKU = JsKU∪ JtKU Js∧∧∧tKU = JsKU∩ JtKUJs×××tKU = JsKU × JtKU Jt→→→sKU = Pf (JtKU× JsKU )

It is a model: Pf (JtKU× JsKU ) = ∅ ⇐⇒ P(JtKU× JsKU ) = ∅

It is the best model: for any other model J KD

t1 ≤D t2 ⇒ t1 ≤U t2


logoP7


Exhibit a model







t1 ≤D t2 ⇒ t1 ≤U t2


logoP7


Exhibit a model







t1 ≤D t2 ⇒ t1 ≤U t2


logoP7


Exhibit a model







t1 ≤D t2 ⇒ t1 ≤U t2


logoP7


Exhibit a model







t1 ≤D t2 ⇒ t1 ≤U t2


logoP7


Exhibit a model







t1 ≤D t2 ⇒ t1 ≤U t2


logoP7


Exhibit a model







t1 ≤D t2 ⇒ t1 ≤U t2


logoP7


Exhibit a model







t1 ≤D t2 ⇒ t1 ≤U t2


logoP7


Exhibit a model







t1 ≤D t2 ⇒ t1 ≤U t2


logoP7


Exhibit a model







t1 ≤D t2 ⇒ t1 ≤U t2


logoP7


Subtyping Algorithms.


logoP7


Canonical forms

Every (recursive) typet ::= B | t×××t | t→→→t | t∨∨∨t | t∧∧∧t | ¬t | 0 | 1

is equivalent (semantically, that is w.r.t. ≤) to a type of the form:∨∨∨(P,N)∈Π

((∧∧∧

s×××t∈P

s×××t)∧∧∧(∧∧∧

s×××t∈N

¬¬¬(s×××t)))∨∨∨

(P,N)∈Σ

((∧∧∧

s→→→t∈P

s→→→t)∧∧∧(∧∧∧

s→→→t∈N

¬¬¬(s→→→t)))

1 Put it in disjunctive normal form, e.g.(a1∧∧∧a2∧∧∧¬¬¬a3)∨∨∨(a4∧∧∧¬¬¬a5)∨∨∨(¬¬¬a6∧∧∧¬¬¬a7)∨∨∨(a8∧∧∧a9)

2 Transform to have only homogeneous intersections, e.g.((s1×××t1)∧∧∧¬¬¬(s2×××t2)) ∨∨∨ (¬¬¬(s3→→→t3)∧∧∧¬¬¬(s4→→→t4)) ∨∨∨ (s5×××t5)

3 Group negative and positive atoms in the intersections:∨∨∨(P,N)∈S

((∧∧∧a∈P

a)∧∧∧(∧∧∧a∈N

¬¬¬a))


logoP7


Canonical forms



((∧∧∧

s×××t∈P

s×××t)∧∧∧(∧∧∧

s×××t∈N

¬¬¬(s×××t)))∨∨∨

(P,N)∈Σ

((∧∧∧

s→→→t∈P

s→→→t)∧∧∧(∧∧∧

s→→→t∈N

¬¬¬(s→→→t)))




((∧∧∧a∈P

a)∧∧∧(∧∧∧a∈N

¬¬¬a))


logoP7


Canonical forms



((∧∧∧

s×××t∈P

s×××t)∧∧∧(∧∧∧

s×××t∈N

¬¬¬(s×××t)))∨∨∨

(P,N)∈Σ

((∧∧∧

s→→→t∈P

s→→→t)∧∧∧(∧∧∧

s→→→t∈N

¬¬¬(s→→→t)))




((∧∧∧a∈P

a)∧∧∧(∧∧∧a∈N

¬¬¬a))


logoP7


Canonical forms



((∧∧∧

s×××t∈P

s×××t)∧∧∧(∧∧∧

s×××t∈N

¬¬¬(s×××t)))∨∨∨

(P,N)∈Σ

((∧∧∧

s→→→t∈P

s→→→t)∧∧∧(∧∧∧

s→→→t∈N

¬¬¬(s→→→t)))




((∧∧∧a∈P

a)∧∧∧(∧∧∧a∈N

¬¬¬a))


logoP7


Canonical forms



((∧∧∧

s×××t∈P

s×××t)∧∧∧(∧∧∧

s×××t∈N

¬¬¬(s×××t)))∨∨∨

(P,N)∈Σ

((∧∧∧

s→→→t∈P

s→→→t)∧∧∧(∧∧∧

s→→→t∈N

¬¬¬(s→→→t)))




((∧∧∧a∈P

a)∧∧∧(∧∧∧a∈N

¬¬¬a))


logoP7


Subtyping decomposition

Some ugly formulas:∧∧∧i∈I

ti×××si ≤∨∨∨i∈J

ti×××si

⇐⇒ ∀J ′ ⊆ J.

(∧∧∧i∈I

ti ≤∨∨∨i∈J′

ti

)or

∧∧∧i∈I

si ≤∨∨∨

i∈J\J′si

∧∧∧i∈I

ti→→→si ≤∨∨∨i∈J

ti→→→si

⇐⇒ ∃j ∈ J.∀I ′ ⊆ I .

(tj ≤

∨∨∨i∈I ′

ti

)or

I ′ 6= I et∧∧∧

i∈I\I ′si ≤ sj


logoP7


Decision procedure

s ≤ t?

Recall that:

s ≤ t ⇐⇒ JsK ∩ JtK = ∅ ⇐⇒ Js∧∧∧¬¬¬tK = ∅ ⇐⇒ s∧∧∧¬¬¬t = 0

1 Consider s∧∧∧¬¬¬t

2 Put it in canonical form∨∨∨(P,N)∈Π

((∧∧∧

s×××t∈P

s×××t)∧∧∧(∧∧∧

s×××t∈N

¬¬¬(s×××t)))∨∨∨

(P,N)∈Σ

((∧∧∧

s→→→t∈P

s→→→t)∧∧∧(∧∧∧

s→→→t∈N

¬¬¬(s→→→t)))

3 Decide (coinductively) whether the two summands are bothempty by applying the ugly formulas of the previous slide.


logoP7


Decision procedure

s ≤ t?

Recall that:

s ≤ t ⇐⇒ JsK ∩ JtK = ∅ ⇐⇒ Js∧∧∧¬¬¬tK = ∅ ⇐⇒ s∧∧∧¬¬¬t = 0



((∧∧∧

s×××t∈P

s×××t)∧∧∧(∧∧∧

s×××t∈N

¬¬¬(s×××t)))∨∨∨

(P,N)∈Σ

((∧∧∧

s→→→t∈P

s→→→t)∧∧∧(∧∧∧

s→→→t∈N

¬¬¬(s→→→t)))



logoP7


Decision procedure

s ≤ t?

Recall that:

s ≤ t ⇐⇒ JsK ∩ JtK = ∅ ⇐⇒ Js∧∧∧¬¬¬tK = ∅ ⇐⇒ s∧∧∧¬¬¬t = 0



((∧∧∧

s×××t∈P

s×××t)∧∧∧(∧∧∧

s×××t∈N

¬¬¬(s×××t)))∨∨∨

(P,N)∈Σ

((∧∧∧

s→→→t∈P

s→→→t)∧∧∧(∧∧∧

s→→→t∈N

¬¬¬(s→→→t)))



logoP7


Decision procedure

s ≤ t?

Recall that:

s ≤ t ⇐⇒ JsK ∩ JtK = ∅ ⇐⇒ Js∧∧∧¬¬¬tK = ∅ ⇐⇒ s∧∧∧¬¬¬t = 0



((∧∧∧

s×××t∈P

s×××t)∧∧∧(∧∧∧

s×××t∈N

¬¬¬(s×××t)))∨∨∨

(P,N)∈Σ

((∧∧∧

s→→→t∈P

s→→→t)∧∧∧(∧∧∧

s→→→t∈N

¬¬¬(s→→→t)))



logoP7


Decision procedure

s ≤ t?

Recall that:

s ≤ t ⇐⇒ JsK ∩ JtK = ∅ ⇐⇒ Js∧∧∧¬¬¬tK = ∅ ⇐⇒ s∧∧∧¬¬¬t = 0



((∧∧∧

s×××t∈P

s×××t)∧∧∧(∧∧∧

s×××t∈N

¬¬¬(s×××t)))∨∨∨

(P,N)∈Σ

((∧∧∧

s→→→t∈P

s→→→t)∧∧∧(∧∧∧

s→→→t∈N

¬¬¬(s→→→t)))



logoP7


Application to a language.


logoP7


Language

e : := x variable

| µf (s1→→→t1;...;sn→→→tn)(x).e abstraction, n ≥ 1| e1e2 application| (e1,e2) pair| πi (e) projection, i = 1, 2| (x = e ∈∈∈ t)???e1:e2 binding type case


logoP7


Typing

Γ ` e : s ≤BtΓ ` e : t

(subsumption)

(∀i) Γ, (f : s1→→→t1∧∧∧ . . .∧∧∧sn→→→tn), (x : si ) ` e : ti

Γ ` µf (s1→→→t1;...;sn→→→tn)(x).e : s1→→→t1∧∧∧ . . .∧∧∧sn→→→tn(abstr)

(for s1 ≡ s∧∧∧t, s2 ≡ s∧∧∧¬¬¬t)

Γ ` e : s Γ, (x : s1) ` e1 : t1 Γ, (x : s2) ` e2 : t2

Γ ` (x = e ∈∈∈ t)???e1:e2 :∨∨∨i |si 6'0 ti

(typecase)

Consider:

µf(Int→→→Int;Bool→→→Bool)(x).(y = x ∈∈∈ Int)???(y + 1):not(y)


logoP7


Typing

Γ ` e : s ≤BtΓ ` e : t

(subsumption)



(for s1 ≡ s∧∧∧t, s2 ≡ s∧∧∧¬¬¬t)

Γ ` e : s Γ, (x : s1) ` e1 : t1 Γ, (x : s2) ` e2 : t2

Γ ` (x = e ∈∈∈ t)???e1:e2 :∨∨∨i |si 6'0 ti

(typecase)

Consider:



logoP7


Typing

Γ ` e : s ≤BtΓ ` e : t

(subsumption)



(for s1 ≡ s∧∧∧t, s2 ≡ s∧∧∧¬¬¬t)

Γ ` e : s Γ, (x : s1) ` e1 : t1 Γ, (x : s2) ` e2 : t2

Γ ` (x = e ∈∈∈ t)???e1:e2 :∨∨∨i |si 6'0 ti

(typecase)

Consider:



logoP7


Typing

Γ ` e : s ≤BtΓ ` e : t

(subsumption)



(for s1 ≡ s∧∧∧t, s2 ≡ s∧∧∧¬¬¬t)

Γ ` e : s Γ, (x : s1) ` e1 : t1 Γ, (x : s2) ` e2 : t2

Γ ` (x = e ∈∈∈ t)???e1:e2 :∨∨∨i |si 6'0 ti

(typecase)

Consider:



logoP7


Typing

Γ ` e : s ≤BtΓ ` e : t

(subsumption)



(for s1 ≡ s∧∧∧t, s2 ≡ s∧∧∧¬¬¬t)

Γ ` e : s Γ, (x : s1) ` e1 : t1 Γ, (x : s2) ` e2 : t2

Γ ` (x = e ∈∈∈ t)???e1:e2 :∨∨∨i |si 6'0 ti

(typecase)

Consider:



logoP7


Typing

Γ ` e : s ≤BtΓ ` e : t

(subsumption)



(for s1 ≡ s∧∧∧t, s2 ≡ s∧∧∧¬¬¬t)

Γ ` e : s Γ, (x : s1) ` e1 : t1 Γ, (x : s2) ` e2 : t2

Γ ` (x = e ∈∈∈ t)???e1:e2 :∨∨∨i |si 6'0 ti

(typecase)

Consider:



logoP7


Reduction

(µf (...)(x).e)v → e[x/v , (µf (...)(x).e)/f ](x = v ∈∈∈ t)???e1:e2 → e1[x/v ] if v ∈ JtK(x = v ∈∈∈ t)???e1:e2 → e2[x/v ] if v 6∈ JtK

wherev ::= µf (...)(x).e | (v ,v)

And we haves ≤B t ⇐⇒ s ≤V t



logoP7


Reduction


wherev ::= µf (...)(x).e | (v ,v)




logoP7


Reduction


wherev ::= µf (...)(x).e | (v ,v)




logoP7


Reduction


wherev ::= µf (...)(x).e | (v ,v)




logoP7


Why does it work?

s ≤B t ⇐⇒ s ≤V t (1)

Equation (1) (actually, ⇒) states that the language is quite rich,since there always exists a value to separate two distinct types; i.e.its set of values is a model of types with “enough points”

For any model B,s 6≤B t =⇒ there exists v such that ` v : s and 6` v : t

In particular, thanks to multiple arrows in λ-abstractions:∧∧∧i=1..k

si→→→ti 6≤ t

then the two types are distinguished by µf (s1→→→t1;...;sk→→→tk)(x).e


logoP7


Why does it work?

s ≤B t ⇐⇒ s ≤V t (1)







logoP7


Why does it work?

s ≤B t ⇐⇒ s ≤V t (1)







logoP7


Advantages for the programmer

The programmer does not need to know the gory details. All s/heneeds to retain is

1 Types are the set of values of that type

2 Subtyping is set inclusion

Furthermore the propertys 6≤ t =⇒ there exists v such that ` v : s and 6` v : t

is fundamental for meaningful error messages:

Exibit the v at issue rather than pointing to the failure of somededuction rule.


logoP7










logoP7










logoP7










logoP7










logoP7


Extensions.


logoP7


ref types

Jref tK = ref v | v ∈ JtK

In practice equivalent to

EJref tK =

JtK if JtK 6= ∅∅ otherwise

(2)

Deduce the subtyping relation

(∧∧∧

ref s∈P

ref s) ≤ (∨∨∨

ref t∈N

ref t) ⇐⇒∃ref s ∈ P, s ' 0, or∃ref s1 ∈ P, ∃ref s2 ∈ P, s1 6' s2, or∃ref s ∈ P, ∃ref t ∈ N, s ' t


logoP7


ref types



EJref tK =


(2)


(∧∧∧

ref s∈P

ref s) ≤ (∨∨∨

ref t∈N



logoP7


ref types



EJref tK =


(2)


(∧∧∧

ref s∈P

ref s) ≤ (∨∨∨

ref t∈N



logoP7


ref types



EJref tK =


(2)


(∧∧∧

ref s∈P

ref s) ≤ (∨∨∨

ref t∈N



logoP7


lazy types

If we define t = Int×××t then t ' 0.

Use s = Int×××lazy s.

(µf (Int→s)(x).(x ,lazy (f (x + 1))))0

Jlazy tK = lazy e | e is closed and e : t

But each lazy e is identified by all the possible results it canreturn, namely v | e →∗ v, from which we deduce:

EJlazy tK = P(JtK)

Deduce the subtyping relation(∧∧∧

lazy s∈P lazy s) ≤ (∨∨∨

lazy t∈N lazy t) ⇐⇒∃lazy t ∈ N : ∀P ′ ⊆ P(

∧∧∧lazy s∈P′s) ≤ t


logoP7


lazy types



(µf (Int→s)(x).(x ,lazy (f (x + 1))))0



EJlazy tK = P(JtK)






logoP7


lazy types



(µf (Int→s)(x).(x ,lazy (f (x + 1))))0



EJlazy tK = P(JtK)






logoP7


lazy types



(µf (Int→s)(x).(x ,lazy (f (x + 1))))0



EJlazy tK = P(JtK)






logoP7


lazy types



(µf (Int→s)(x).(x ,lazy (f (x + 1))))0



EJlazy tK = P(JtK)






logoP7


lazy types



(µf (Int→s)(x).(x ,lazy (f (x + 1))))0



EJlazy tK = P(JtK)






logoP7


lazy types



(µf (Int→s)(x).(x ,lazy (f (x + 1))))0



EJlazy tK = P(JtK)






logoP7


Summarizing

J0K = ∅; J1K = D;Jt1∨∨∨t2K = Jt1K ∪ Jt2K;Jt1∧∧∧t2K = Jt1K ∩ Jt2K;J¬¬¬tK = D\JtK;JtK = ∅ ⇐⇒ EJtK = ∅

where the extensional interpretation associated to J K is defined as:

EJt→→→sK = P(JtK× JsK)EJt×××sK = JtK× JsKEJlazy tK = P(JtK)

EJref tK =


. . .


logoP7


Summarizing

J0K = ∅; J1K = D;Jt1∨∨∨t2K = Jt1K ∪ Jt2K;Jt1∧∧∧t2K = Jt1K ∩ Jt2K;J¬¬¬tK = D\JtK;JtK = ∅ ⇐⇒ EJtK = ∅

where the extensional interpretation associated to J K is defined as:

EJt→→→sK = P(JtK× JsK)EJt×××sK = JtK× JsKEJlazy tK = P(JtK)

EJref tK =


. . .


logoP7


Summary of the theory


logoP7


La morale de l’histoire est . . .

If you have a strong semantic intuition of your favorite languageand you want to add set-theoretic ∨∨∨, ∧∧∧, ¬¬¬ types then:

1 Define EJ K for your type constructors so that it matches yoursemantic intuition

2 Find a model (any model). [may be not easy/possible]

3 Use the subtyping relation induced by the model to type yourlanguage: if the intuition was right then the set of values isalso a model, otherwise tweak it. [may be not easy/possible]

4 Use the set-theoretic properties of the model (actually ofEJ K) to decompose the emptyness test for your typeconstructors, and hence derive a subtyping algorithm.

[may be not easy/possible]5 Enjoy.


logoP7










logoP7










logoP7










logoP7










logoP7










logoP7










logoP7

2. Graphical subtyping — 3. π∧,∨-calculus — 4. λ∧,∨-calculus — 5. The encoding SBLP ’07

PART 3: BEYOND XML

Part 3: Beyond XML G. Castagna: CDuce, an XML-Oriented Programming Language 72/107

logoP7


Types for π

In the beginning was the channel type (well, the sorts) . . .

Then came subtyping with its polarities . . .

Types t ::= b basic types| t×××t products| ch(t) I/O channel type

| ch+(t) input channel type| ch−(t) output channel type

| ¬¬¬t| t∨∨∨t| t∧∧∧t| 0

| 1

boolean combinators


logoP7


Types for π





| ¬¬¬t| t∨∨∨t| t∧∧∧t| 0

| 1

boolean combinators


logoP7


Types for π





| ¬¬¬t| t∨∨∨t| t∧∧∧t| 0

| 1

boolean combinators


logoP7


Types for π





| ¬¬¬t| t∨∨∨t| t∧∧∧t| 0

| 1

boolean combinators


logoP7


Types for π



The subtyping relation is not very rich:- compare the level of nesting of the same constructor- type constructors do not mix



| ¬¬¬t| t∨∨∨t| t∧∧∧t| 0

| 1

boolean combinators


logoP7


Types for π



Enrich subtyping by adding type combinators



| ¬¬¬t| t∨∨∨t| t∧∧∧t| 0

| 1

boolean combinators


logoP7


Types for π



Enrich subtyping by adding type combinators



| ¬¬¬t| t∨∨∨t| t∧∧∧t| 0

| 1

boolean combinators


logoP7


Set-theoretic model: intuition

A type t denotes the set of objects of type t.

A channel is like a box with a particular shapeThe box can contain only objects that fit that shape

Jch(t)K = htyp

ch−(t) types all channels on which I can write a t-message

otp


logoP7





Jch(t)K = channels whose shape fits objects of type t htyp


otp


logoP7







otp


logoP7






From the viewpoint of subtyping, channels can bedistinguished only on the objects they transport


otp


logoP7





Jch(t)K =set of objects of type t htyp



otp


logoP7





Jch(t)K =JtK htyp



otp


logoP7





Jch(t)K =JtK invariance of channel types



otp


logoP7






ch+(t) types all channels on which I expect to read a t-message

pth


otp


logoP7







Jch+(t)K = JsK | s ≤ t pth


otp


logoP7









otp


logoP7









Jch−(t)K = JsK | s ≥ t otp


logoP7







Jch+(t)K = JsK | s ≤ t covariance of input channels


Jch−(t)K = JsK | s ≥ t contravariance of output chans


logoP7









Jch−(t)K = JsK | s ≥ t otp


logoP7







Jch+(t)K = JsK | JsK ⊆ JtK pth


Jch−(t)K = JsK | JsK ⊇ JtK otp


logoP7


Set-theoretic model: formal definition

Define J−K : Types → P(D):

Jt1∨∨∨t2K = Jt1K ∪ Jt2K, Jt1∧∧∧t2K = Jt1K ∩ Jt2K,J¬¬¬tK = D \ JtK, J0K = ∅, J1K = D.

Jt1×××t2K = Jt1K×Jt2KJch+(t)K = JsK | JsK ⊆ JtKJch−(t)K = JsK | JsK ⊇ JtK

Some induced equations:

ch−(t)∧∧∧ch+(t) = ch(t)

ch−(s)∧∧∧ch−(t) = ch−(s∨∨∨t)

ch−(s)∨∨∨ch−(t) ≤ ch−(s∧∧∧t)

Can be checked graphicallyPart 3: Beyond XML G. Castagna: CDuce, an XML-Oriented Programming Language 75/107

logoP7







ch−(t)∧∧∧ch+(t) = ch(t)

ch−(s)∧∧∧ch−(t) = ch−(s∨∨∨t)

ch−(s)∨∨∨ch−(t) ≤ ch−(s∧∧∧t)


logoP7







ch−(t)∧∧∧ch+(t) = ch(t)

ch−(s)∧∧∧ch−(t) = ch−(s∨∨∨t)

ch−(s)∨∨∨ch−(t) ≤ ch−(s∧∧∧t)


logoP7






We need D = B+ JDK (not straightforward)


ch−(t)∧∧∧ch+(t) = ch(t)

ch−(s)∧∧∧ch−(t) = ch−(s∨∨∨t)

ch−(s)∨∨∨ch−(t) ≤ ch−(s∧∧∧t)


logoP7






Then definet ≤ s

def⇐⇒ JtK ⊆ JsK


ch−(t)∧∧∧ch+(t) = ch(t)

ch−(s)∧∧∧ch−(t) = ch−(s∨∨∨t)

ch−(s)∨∨∨ch−(t) ≤ ch−(s∧∧∧t)


logoP7






Then definet ≤ s



ch−(t)∧∧∧ch+(t) = ch(t)

ch−(s)∧∧∧ch−(t) = ch−(s∨∨∨t)

ch−(s)∨∨∨ch−(t) ≤ ch−(s∧∧∧t)


logoP7






Then definet ≤ s



ch−(t)∧∧∧ch+(t) = ch(t)

ch−(s)∧∧∧ch−(t) = ch−(s∨∨∨t)

ch−(s)∨∨∨ch−(t) ≤ ch−(s∧∧∧t)


logoP7






Then definet ≤ s



ch−(t)∧∧∧ch+(t) = ch(t)

ch−(s)∧∧∧ch−(t) = ch−(s∨∨∨t)

ch−(s)∨∨∨ch−(t) ≤ ch−(s∧∧∧t)


logoP7


ch−(s)∧∧∧ch−(t) = ch−(s∨∨∨t)

s


logoP7


ch−(s)∧∧∧ch−(t) = ch−(s∨∨∨t)

s t


logoP7


ch−(s)∧∧∧ch−(t) = ch−(s∨∨∨t)

s t


logoP7


ch−(s)∧∧∧ch−(t) = ch−(s∨∨∨t)

s∨∨∨t

s t


logoP7


ch−(s)∨∨∨ch−(t) ch−(s∧∧∧t)

s t


logoP7


ch−(s)∨∨∨ch−(t) ch−(s∧∧∧t)

s t


logoP7


ch−(s)∨∨∨ch−(t) ch−(s∧∧∧t)

s∧∧∧t

s t


logoP7


Atoms

Checking subtyping is not always so straightforward:

Remember?ch+(t1)∧∧∧ch−(t2) ≤ ch+(t2)∨∨∨ch−(t1)

In some cases the condition to check involves atoms(i.e., types with a singleton interpretation)

Consider:

two types t1 6= t2

t2 ≤ t1

let us try to check the relation above


logoP7


Atoms




Consider:

two types t1 6= t2

t2 ≤ t1



logoP7


Atoms




Consider:

two types t1 6= t2

t2 ≤ t1



logoP7


Atoms




Consider:

two types t1 6= t2

t2 ≤ t1



logoP7


ch+(t1)∧∧∧ch−(t2) ≤ ch+(t2)∨∨∨ch−(t1)

t1

t2


logoP7


ch+(t1)∧∧∧ch−(t2) ≤ ch+(t2)∨∨∨ch−(t1)

t1

t2


logoP7


ch+(t1)∧∧∧ch−(t2) ≤ ch+(t2)∨∨∨ch−(t1)

t1

t2


logoP7


ch+(t1)∧∧∧ch−(t2) ≤ ch+(t2)∨∨∨ch−(t1)

t1

t2


logoP7


ch+(t1)∧∧∧ch−(t2) ≤ ch+(t2)∨∨∨ch−(t1)

t1

t2

The two sets have these two points in common, namely ch(t1) andch(t2).


logoP7


ch+(t1)∧∧∧ch−(t2) ≤ ch+(t2)∨∨∨ch−(t1)

t1

t2

The disequation holds if there are no other points in the left handside


logoP7


ch+(t1)∧∧∧ch−(t2) ≤ ch+(t2)∨∨∨ch−(t1)

t1

t2

It depends on whether t1∧∧∧¬¬¬t2 is atomic: that is whether there isnothing between t1 and t2


logoP7


The π∧,∨-calculus

Which kind of π-calculus fit these types?

Consider again

ch+(t1)∨∨∨ch+(t2) ch+(t1∨∨∨t2)

Containment is strict, so we want programs that distinguishthese two types

We must be able to dynamically check the type of messagesarriving a channel

Use type-case in read actions.


logoP7




Consider again

ch+(t1)∨∨∨ch+(t2) ch+(t1∨∨∨t2)





logoP7




Consider again

ch+(t1)∨∨∨ch+(t2) ch+(t1∨∨∨t2)





logoP7




Consider again

ch+(t1)∨∨∨ch+(t2) ch+(t1∨∨∨t2)





logoP7




Consider again

ch+(t1)∨∨∨ch+(t2) ch+(t1∨∨∨t2)





logoP7



Channels α ::= x variables| ct channel constants

Processes P ::= α(α) output|

∑i∈I α(x :ti ).Pi guarded input

| P1‖P2 parallel| (νct)P restriction| !P replication

Reduction

cs1(c

t2) ‖

∑i∈I cs

1(x : ti )Pi → Pj [ct2/x ] if ch(t) ≤ tj

Type case


logoP7







Reduction

cs1(c

t2) ‖

∑i∈I cs


Type case


logoP7







Reduction

cs1(c

t2) ‖

∑i∈I cs


Type case


logoP7







Reduction

cs1(c

ttt2) ‖

∑i∈I cs

1(x : ti )Pi → Pjjj [ct2/x ] if ch(t)ch(t)ch(t) ≤ tjtjtj

Type case


logoP7







Reduction

cs1(c

t2ct2ct2) ‖

∑i∈I cs


Type case call-by-value


logoP7



Channels α ::= x variables| ctctct channel constants




Reduction

cs1(c

t2) ‖

∑i∈I cs


Type case call-by-value


logoP7


Encoding λ∧,∨ into π∧,∨.


logoP7


λ∧,∨-calculus types

Types τ ::= b basic types| τ×××τ product types| ch+(τ) | ch−(τ) channel types

| ¬¬¬τ| τ∧∧∧τ| τ∨∨∨τ| 0

| 1

bolean combinators

They may be recursive


logoP7



Trade channels for arrows

Types τ ::= b basic types| τ×××τ product types| ch+(τ) | ch−(τ) channel types

| ¬¬¬τ| τ∧∧∧τ| τ∨∨∨τ| 0

| 1

bolean combinators



logoP7




Types τ ::= b basic types| τ×××τ product types| τ→→→τ arrow types

| ¬¬¬τ| τ∧∧∧τ| τ∨∨∨τ| 0

| 1

bolean combinators



logoP7




Types τ ::= b basic types| τ×××τ product types| τ→→→τ arrow types

| ¬¬¬τ| τ∧∧∧τ| τ∨∨∨τ| 0

| 1

bolean combinators



logoP7


λ∧,∨ set-theoretic model


Jτ1∨∨∨τ2K = Jτ1K ∪ Jτ2K, Jτ1∧∧∧τ2K = Jτ1K ∩ Jτ2K,J¬¬¬τK = D \ JτK, J0K = ∅, J1K = D.

Jτ1×××τ2K = Jτ1K×Jτ2K

Jτ1→→→τ2K =Pf(Jτ1K×Jτ2K)

As beforeτ1 ≤ τ2

def⇐⇒ Jτ1K ⊆ Jτ2K

Two interesting equations:


logoP7











logoP7











logoP7











logoP7











logoP7











logoP7











logoP7










(σ→→→τ)∧∧∧(σ→→→τ ′) = (σ→→→τ∧∧∧τ ′)


logoP7










(σ→→→τ)∧∧∧(σ→→→τ ′) = (σ→→→τ∧∧∧τ ′)

(σ1∨∨∨σ2)→→→(τ1∧∧∧τ2) (σ1→→→τ1)∧∧∧(σ2→→→τ2)


logoP7










(σ→→→τ)∧∧∧(σ→→→τ ′) = (σ→→→τ∧∧∧τ ′)

(σ1∨∨∨σ2)→→→(τ1∧∧∧τ2) (σ1→→→τ1)∧∧∧(σ2→→→τ2)

Overloading


logoP7










(σ→→→τ)∧∧∧(σ→→→τ ′) = (σ→→→τ∧∧∧τ ′)

(σ1∨∨∨σ2)→→→(τ1∧∧∧τ2) (σ1→→→τ1)∧∧∧(σ2→→→τ2)

Degenerated form of overloading


logoP7


λ∧,∨-terms

Terms e ::= x variable| (e,e) pair| πi (e) projections| ee application

| λV

i σi→→→τi x .e abstraction λV

i σi x

| (e∈τ)?e:e type case (e∈τ)?e:

Overloaded function opposite : (int→→→int)∧∧∧(bool→→→bool)

λ(int→→→int)∧∧∧(bool→→→bool)x .(x ∈int)(−x):(¬x)

Note thatopposite 6∈ (int∨∨∨bool)→→→(int∧∧∧bool︸︷︷︸

0

)


logoP7


λ∧,∨-terms


| λV


i σi x





0

)


logoP7


λ∧,∨-terms


| λV


i σi x





0

)


logoP7


λ∧,∨-terms


| λV


i σi x





0

)


logoP7


The broken but instructive encoding


logoP7


Functions as processes

Milner’s encoding:

xα = α(x)

λx .eα = (ν f )(α(f ) ‖ !(f (x , b).eb))

e1e2α = (ν a)(ν b)(e1a ‖ a(w).(e2b ‖ b(h).w(h, α)))

Intuition:

A function is called by providing an input and a channel onwhich the output should be returned

Akin to CPS transform


logoP7


The encoding of types

All types can be encoded homomorphically

σ×××τ = σ×××τ

σ∧∧∧τ = σ∧∧∧τ

...

Except arrow types:

σ→→→τ = ch−(σ×××ch−(τ))

A function is represented by a channel on which one can send theinput value and the return channel


logoP7


Problem

The encoding of types does not respect the equations

We have

σ→→→(τ1∧∧∧τ2) = (σ→→→τ1)∧∧∧(σ→→→τ2)

but

σ→→→(τ1∧∧∧τ2) (σ→→→τ1)∧∧∧(σ→→→τ2)


logoP7


Problem

The encoding of types does not respect the equations

Technically the problem is in the inequation

ch−(s∧∧∧t) ch−(s)∨∨∨ch−(t)

that implies

σ→→→(τ1∧∧∧τ2) (σ→→→τ1)∧∧∧(σ→→→τ2)


logoP7


Problem

The reason is “output-based” overloading

A λ∧,∨-function does type-case matching only on input:

σ→→→(τ1∧∧∧τ2) = (σ→→→τ1)∧∧∧(σ→→→τ2)

Encoding can perform type-case on the expected output too

σ→→→(τ1∧∧∧τ2) (σ→→→τ1)∧∧∧(σ→→→τ2)


logoP7


The working encoding


logoP7


Toward a solution

We want to stay as close as possible to Milner’s encoding:

σ→→→τ = ch−(σ×××ch−(τ))

where:

1. ch−(t) ≤ chλ(t) it can transport return channels

2. chλ(s∧∧∧t) = chλ(s)∨∨∨chλ(t)

3. s ≤ t ⇐⇒ chλ(t) ≤ chλ(s)

it preserves type equations


logoP7


Toward a solution


σ→→→τ = ch−(σ×××chλ(τ))

where:



3. s ≤ t ⇐⇒ chλ(t) ≤ chλ(s)



logoP7


Toward a solution


σ→→→τ = ch−(σ×××chλ(τ))

where:



3. s ≤ t ⇐⇒ chλ(t) ≤ chλ(s)



logoP7


Toward a solution


σ→→→τ = ch−(σ×××chλ(τ))

where:



3. s ≤ t ⇐⇒ chλ(t) ≤ chλ(s)



logoP7


Toward a solution


σ→→→τ = ch−(σ×××chλ(τ))

where:



3. s ≤ t ⇐⇒ chλ(t) ≤ chλ(s)



logoP7


Toward a solution


σ→→→τ = ch−(σ×××chλ(τ))

where:



3. s ≤ t ⇐⇒ chλ(t) ≤ chλ(s)


Does it exist?


logoP7


Definition of chλ(−)

Define chλ(t) as(¬¬¬ch−(¬¬¬t)∨∨∨ch(1))

1 chλ(s∧∧∧t) = chλ(s)∨∨∨chλ(t);2 s ≤ t ⇐⇒ chλ(t) ≤ chλ(s);3 ch−(t) ≤ chλ(t);

Observe:

Jchλ(t)\ch−(t)K = cs | t 6≤ s & ¬¬¬t 6≤ s ∪ c1


logoP7




1 chλ(s∧∧∧t) = chλ(s)∨∨∨chλ(t); must distribute on intersections2 s ≤ t ⇐⇒ chλ(t) ≤ chλ(s);3 ch−(t) ≤ chλ(t);

Observe:



logoP7




1 chλ(s∧∧∧t) = chλ(s)∨∨∨chλ(t); must distribute on intersections2 s ≤ t ⇐⇒ chλ(t) ≤ chλ(s);3 ch−(t) ≤ chλ(t);

Observe:



logoP7




1 chλ(s∧∧∧t) = chλ(s)∨∨∨chλ(t);2 s ≤ t ⇐⇒ chλ(t) ≤ chλ(s); must be contravariant3 ch−(t) ≤ chλ(t);

Observe:



logoP7




1 chλ(s∧∧∧t) = chλ(s)∨∨∨chλ(t);2 s ≤ t ⇐⇒ chλ(t) ≤ chλ(s); must be contravariant3 ch−(t) ≤ chλ(t);

Observe:



logoP7




1 chλ(s∧∧∧t) = chλ(s)∨∨∨chλ(t);2 s ≤ t ⇐⇒ chλ(t) ≤ chλ(s);3 ch−(t) ≤ chλ(t); must contain the channel type

Observe:



logoP7




1 chλ(s∧∧∧t) = chλ(s)∨∨∨chλ(t);2 s ≤ t ⇐⇒ chλ(t) ≤ chλ(s);3 ch−(t) ≤ chλ(t); must contain the channel type

Observe:



logoP7





Observe:



logoP7





Observe:


Key point

chλ(t) adds to ch−(t) all channels that can send values both insideand outside t. That is, all the channels for which the result ofchecking if their messages are of type t cannot be predicted.


logoP7





Observe:


Type obfuscation

λ-channels introduce some latent noise that makes it impossible todetermine which (output) type they encode


logoP7



This is why it works.

It rules out “output-based” overloading functions

It is impossible to test whether a channel of typechλ(s)∨∨∨chλ(t) was meant to be of type chλ(s) or chλ(t);

The caller can in principle confuse such functions(by using a channel that is in chλ(t) \ ch−(t))

Callers don’t do it, but types must reflect this

Type obfuscation

λ-channels introduce some latent noise that makes it impossible todetermine which (output) type they encode


logoP7



This is why it works.

It rules out “output-based” overloading functions

It is impossible to test whether a channel of typechλ(s)∨∨∨chλ(t) was meant to be of type chλ(s) or chλ(t);

The caller can in principle confuse such functions(by using a channel that is in chλ(t) \ ch−(t))

Callers don’t do it, but types must reflect this

Like the Police in Utopia

Everybody behaves well in Utopia, but the Police is the visible rep-resentation of the fact the everybody behaves well


logoP7


Encoding of types

A map− : Tλ → Tπ

0 = 0, 1 = 1

¬¬¬τ = ¬¬¬τσ∨∨∨τ = σ∨∨∨τ, σ∧∧∧τ = σ∧∧∧τσ×××τ = σ×××τσ→→→τ = ch−(σ×××chλ(τ))

Theorem

Let σ and τ be λ∧,∨-types, then:σ ≤ τ ⇐⇒ σ ≤ τ.


logoP7


Encoding of terms

A glance at the encoding

(e∈ t)?e1:e2α =(ν a)((a(x :t).e1α + a(x :¬¬¬t).e2α) ‖ ea)

oppositeα =(ν f )(α(f ) ‖ f (x :int, b:ch−(int)).−xb

+f (x :bool, b:ch−(bool)).¬¬¬xb

+f (x :int∨∨∨bool, b:“noise”).0

Recall the type of opposite is (int→→→int)∧∧∧(bool→→→bool)

“noise” = (chλ(int) \ ch−(int))∨∨∨(chλ(bool) \ ch−(bool))


logoP7


Correctness

Theorem

The encoding preserves typability

Theorem

The encoding preserves behaviour:If e −→∗ v, then ec −→∗∼= vc 6−→∗

If e diverges, then so ec does.


logoP7


So what?

Contribution: yet another encoding!

However

it shows the relevance of semantic subtyping

it is a study of overloading and CPS

the encoded function has more power(emphasized by the presence of type case)

introduction of “type obfuscation” technique


logoP7


So what?


However






logoP7


So what?


However






logoP7


So what?


However






logoP7

SBLP ’07

PART 4: CONCLUSION

Part 4: Conclusion G. Castagna: CDuce, an XML-Oriented Programming Language 98/107

logoP7

SBLP ’07

Conclusion

Regexp patterns start from two simple ideas:Use the same constructors for types and valueDefine patterns as types with capture variables

Tightly connected with boolean combinators,make several aspects programmer-friendly:

Semantic types are set of values, and unions, intersections,and differences behave set-theoretically.Concepts are easier for the programmer (e.g. subtyping)Informative error messages.Precise and powerful specification language

Several benefits:Types yield highly efficient runtime: in main memory itoutperforms efficiency-oriented XQuery processors such asQizx and Qexo [XMark and XQuery Use Cases benchmarks].High precision in typing queries, iterators, complex transformations.Multiple usages without the need of introducing new specificformalisms (error mining, data pruning, logical optimisations,constraint specifications,. . . )


logoP7

SBLP ’07

Conclusion






logoP7

SBLP ’07

Conclusion






logoP7

SBLP ’07

Conclusion






logoP7

SBLP ’07

Conclusion






logoP7

SBLP ’07

Conclusion






logoP7

SBLP ’07

Conclusion






logoP7

SBLP ’07

Conclusion






logoP7

SBLP ’07

Conclusion






logoP7

SBLP ’07

PART 5: REFERENCES

Part 5: References G. Castagna: CDuce, an XML-Oriented Programming Language 100/107

logoP7

SBLP ’07

References

On the web

www.cduce.org. Distribution, documentations, tutorials, mailing lists,tips and tricks,. . .

Um curso de programacao CDuce, em Portugues, esta disponıvel naUniversidade Nova de Lisboa

Language

V. Benzaken, G. Castagna, and A. Frisch:CDuce: an XML-Centric General-Purpose Language. In ICFP ’03, ACMPress, 2003.

H. Hosoya, A. Frisch, and G. Castagna:Parametric Polymorphism for XML. In POPL ’05, ACM Press, 2005.

G. Castagna, D. Colazzo, and A. Frisch:Error Mining for Regular Expression Patterns. In ICTCS 2005, LNCSn.3701, Springer, 2005.


http://www.cduce.org

http://ctp.di.fct.unl.pt/lei/ltpa/teoricas/05.html

http://www.pps.jussieu.fr/~gc/papers/icfp03.pdf

http://www.pps.jussieu.fr/~gc/papers/popl05.pdf

http://www.pps.jussieu.fr/~gc/papers/ictcs05b.pdf

logoP7

SBLP ’07

References

On the web

www.cduce.org. Distribution, documentations, tutorials, mailing lists,tips and tricks,. . .

Um curso de programacao CDuce, em Portugues, esta disponıvel naUniversidade Nova de Lisboa

Language

V. Benzaken, G. Castagna, and A. Frisch:CDuce: an XML-Centric General-Purpose Language. In ICFP ’03, ACMPress, 2003.

H. Hosoya, A. Frisch, and G. Castagna:Parametric Polymorphism for XML. In POPL ’05, ACM Press, 2005.

G. Castagna, D. Colazzo, and A. Frisch:Error Mining for Regular Expression Patterns. In ICTCS 2005, LNCSn.3701, Springer, 2005.


http://www.cduce.org

http://ctp.di.fct.unl.pt/lei/ltpa/teoricas/05.html

http://www.pps.jussieu.fr/~gc/papers/icfp03.pdf

http://www.pps.jussieu.fr/~gc/papers/popl05.pdf

http://www.pps.jussieu.fr/~gc/papers/ictcs05b.pdf

logoP7

SBLP ’07

References (continued)

Theory

G. Castagna and A. Frisch: A gentle introduction to semantic subtyping.

In PPDP ’05, ACM Press (full version) and ICALP ’05, LNCS n. 3580,Springer (summary), 2005. Joint ICALP-PPDP keynote talk.

A. Frisch, G. Castagna, and V. Benzaken: Semantic Subtyping. InLICS ’02, IEEE Computer Society Press, 2002.

G. Castagna:Semantic subtyping: challenges, perspectives, and open problems. InICTCS 2005, LNCS 3701, Springer, 2005.

Queries

V. Benzaken, G. Castagna, and C. Miachon:A Full Pattern-based Paradigm for XML Query Processing. In PADL ’05,LNCS n.3350, Springer, January, 2005.

G. Castagna: Patterns and types for querying XML. In Proceedings of

DBPL 2005, LNCS n.3774 (full version) and XSym 2005, LNCS n.3671(summary), Springer, 2005. Joint invited talk.

V. Benzaken G. Castagna, D. Colazzo, and K. Nguyen:Type-Based XML Projection. In VLDB 2006, pag.271-282, 2006.


http://www.pps.jussieu.fr/~gc/papers/icalp-ppdp05.pdf

http://www.pps.jussieu.fr/~gc/papers/lics02.pdf

http://www.pps.jussieu.fr/~gc/papers/ictcs05a.pdf

http://www.pps.jussieu.fr/~gc/papers/padl05.pdf

http://www.pps.jussieu.fr/~gc/papers/dbpl05.pdf

http://www.pps.jussieu.fr/~gc/papers/vldb06.pdf

logoP7

SBLP ’07

References (continued)

Theory

G. Castagna and A. Frisch: A gentle introduction to semantic subtyping.

In PPDP ’05, ACM Press (full version) and ICALP ’05, LNCS n. 3580,Springer (summary), 2005. Joint ICALP-PPDP keynote talk.

A. Frisch, G. Castagna, and V. Benzaken: Semantic Subtyping. InLICS ’02, IEEE Computer Society Press, 2002.

G. Castagna:Semantic subtyping: challenges, perspectives, and open problems. InICTCS 2005, LNCS 3701, Springer, 2005.

Queries

V. Benzaken, G. Castagna, and C. Miachon:A Full Pattern-based Paradigm for XML Query Processing. In PADL ’05,LNCS n.3350, Springer, January, 2005.

G. Castagna: Patterns and types for querying XML. In Proceedings of

DBPL 2005, LNCS n.3774 (full version) and XSym 2005, LNCS n.3671(summary), Springer, 2005. Joint invited talk.

V. Benzaken G. Castagna, D. Colazzo, and K. Nguyen:Type-Based XML Projection. In VLDB 2006, pag.271-282, 2006.


http://www.pps.jussieu.fr/~gc/papers/icalp-ppdp05.pdf


http://www.pps.jussieu.fr/~gc/papers/ictcs05a.pdf

http://www.pps.jussieu.fr/~gc/papers/padl05.pdf

http://www.pps.jussieu.fr/~gc/papers/dbpl05.pdf

http://www.pps.jussieu.fr/~gc/papers/vldb06.pdf

logoP7

SBLP ’07

References (end)

Implementation

A. Frisch Regular tree language recognition with static information InTCS 2004 LNCS Springer.

A. Frisch, and L. Cardelli Greedy regular expression matching. In ICALP2004 LNCS Springer.

Concurrency

G. Castagna, R. De Nicola, and D. Varacca:Semantic subtyping for the Pi-calculus. In LICS ’05, IEEE ComputerSociety Press, 2005.

G. Castagna, M. Dezani-Ciancaglini, and D. Varacca:Encoding CDuce into the Pi-calculus. In CONCUR 200, LNCS n.4137,LNCS, Springer, 2006.

Security

V. Benzaken, M. Burelle, and G. Castagna:Information flow security for XML transformations. In ASIAN ’03, LNCSn.2896, LNCS, Springer, December, 2003.


http://www.cduce.org/papers/tcs04.pdf

http://www.cduce.org/papers/icalp04.pdf


http://www.pps.jussieu.fr/~gc/papers/concur06.pdf

http://www.pps.jussieu.fr/~gc/papers/asian03.pdf

logoP7

SBLP ’07

References (end)

Implementation



Concurrency



Security








logoP7

SBLP ’07

References (end)

Implementation



Concurrency



Security








logoP7

SBLP ’07

PART 5: ADDITIONAL SLIDES

Part 5: ADDENDA G. Castagna: CDuce, an XML-Oriented Programming Language 104/107

logoP7

SBLP ’07

Addendum 1: a model may not exist

t = int ∨∨∨ (ref(int) ∧∧∧ ref(t))

Is t equal to int?

t = int ⇐⇒ (ref(int) ∧∧∧ ref(t)) = ∅ ⇐⇒ t 6= int

but also

t 6= int ⇐⇒ (ref(int) ∧∧∧ ref(t)) 6= ∅ ⇐⇒ t = int


logoP7

SBLP ’07



Is t equal to int?


but also



logoP7

SBLP ’07



Is t equal to int?


but also



logoP7

SBLP ’07

Addendum 2: the real abstr typing rule

t ≡ (∧∧∧

i=1..n si→→→ti )\(∨∨∨

j=1..m s ′j→→→t ′j ) 6≤ 0

(∀i) Γ, (f : t), (x : si) ` e : ti

Γ ` µf (s1→→→t1;...;sn→→→tn)(x).e : t(abstr)


logoP7

SBLP ’07

Addendum 3: A different definition for EJ K

Note that according to the previous EJ K:

s → t ≤ 1→ 1 (3)

Every application is well typed. Add a distinguished Ω to denote aruntime type error, modify

EJt→→→sK = f ⊆ D×(D∪Ω) | ∀(d1, d2) ∈ f . d1 ∈ JtK ⇒ d2 ∈ JsK

(3) no longer holds since the constant map ¬¬¬s 7→ Ω, is in the lefthand type but not in the right one.∧∧∧

i∈I (ti→→→si ) ≤∨∨∨

j∈J(t′j→→→s ′j ) ⇐⇒

∃j ∈ J.

t ′j ≤

∨∨∨i∈I ti ∧

∀I ′ ⊆ I . (t ′j ≤∨∨∨

i∈I ′ ti ) ∨ (∧∧∧

i∈I\I ′ si ≤ s ′j )


logoP7

SBLP ’07



s → t ≤ 1→ 1 (3)




i∈I (ti→→→si ) ≤∨∨∨

j∈J(t′j→→→s ′j ) ⇐⇒

∃j ∈ J.

t ′j ≤

∨∨∨i∈I ti ∧

∀I ′ ⊆ I . (t ′j ≤∨∨∨

i∈I ′ ti ) ∨ (∧∧∧

i∈I\I ′ si ≤ s ′j )


logoP7

SBLP ’07



s → t ≤ 1→ 1 (3)




i∈I (ti→→→si ) ≤∨∨∨

j∈J(t′j→→→s ′j ) ⇐⇒

∃j ∈ J.

t ′j ≤

∨∨∨i∈I ti ∧

∀I ′ ⊆ I . (t ′j ≤∨∨∨

i∈I ′ ti ) ∨ (∧∧∧

i∈I\I ′ si ≤ s ′j )


logoP7

SBLP ’07



s → t ≤ 1→ 1 (3)




i∈I (ti→→→si ) ≤∨∨∨

j∈J(t′j→→→s ′j ) ⇐⇒

∃j ∈ J.

t ′j ≤

∨∨∨i∈I ti ∧

∀I ′ ⊆ I . (t ′j ≤∨∨∨

i∈I ′ ti ) ∨ (∧∧∧

i∈I\I ′ si ≤ s ′j )

Date post:	03-Feb-2022
Category:	Documents
Upload:	others
View:	2 times
Download:	0 times

CDuce, an XML-Oriented Programming Language: From Theory to Practice

Documents