Modal- Definable Graph Transduction

Kazuhiro InabaNational Institute of Informatics, Japan

4th DIKU-IST Workshop, 2011Modal- DefinableGraph TransductionWhat We Want to DoVerification of Graph-to-Graph Transformations

e.g., Queries on Graph-Structured Database or Transformations of XML with id linksfaabbAABB/35What We Want to DoVerification of Graph-to-Graph Transformationswith respect to input/output specifications

faabbAABBverify whether or not:for any graph G, G IN f(G) OUTINFrom (a) we can reach (a) again.OUTFrom (A) we can reach (A) again./35Verification by Pre-Image(a.k.a. weakest precondition or inverse type inference)Given f and OUT , compute invf(OUT) such that:for any graph G, f(G) OUT iff G invf(OUT)Then for any graph G, G IN f(G) OUTiff for any graph G, G (IN invf(OUT )) i.e., IN invf(OUT ) is validfOUTinvf(OUT)IN/35To Be More ConcreteWhich logic can we use for specifying IN/OUT ?

Must be strong enough to express useful conditions.Must be weak enough to have decidable validity.

What kind of transformation f can be verified ?

We must be able to compute the pre-image./35Our ApproachTake Modal- Calculus as the specification logic(At least for trees) capture all existing XML-Schemas

Define a new model of graph transformationcalled Modal- Definable TransductionPre-image of modal- sentence can befully automatically computedExpressive enough to capture(unnested) structural recursion on graphs/35Related WorkMSO (Monadic 2nd-Order Logic) Definable TransductionOverall structure is more or less the same.Ours is a proposal to use Modal- instead of MSO

Hoare-Style Verification of Imperative ProgramsOurs dont deal with pointers or destructive updates.Rather, it is more suitable forfunctional programsStructural recursion is handledwithout any annotations

{ IN } p := root while p != null do q := p.next p.next := p.next.next p := q end{ OUT }fun f( {$l: $x} ) = {cap($l) : g($x)}fun g( {_: $x} ) = f($x){ IN } f { OUT }/357OutlineTwo Kinds of Logics on GraphsPredicate LogicsModal LogicsWhy Modal- ?

Review: Predicate-Logic Based ApproachMSO-Definable Graph Transduction [Courcelle 94]

Our Work:Modal- Definable Graph TransductionComputation of Pre-Image

/35Graphs (in Todays Talk) : Finite Nonempty AlphabetG = (V, E, )VSet of NodesE V VSet of Directed Edges : V 2 Labels on Nodesba ba = {a, b}V = {

} ba ba = {a,b} {a} {b} {}/35Predicate Logics on Graphs ::=| False | | | (x) (for )node x is labeled | edge(x, y)an edge connects x to y| x. theres x that makes hold

| S. theres a set S that makes hold| x Sx is in SFOMSOWe can define True, , , x., and S../35SemanticsFor a graph G=(V,E,) and an environment : VarV

G, (x) iff ((x))node x is labeled G, edge(x, y) iff ((x), (y)) Ean edge connects x to yG, x. iff theres vV s.t. G,[x:v]

/35Modal Logics on Graphs ::=| False | | | (for )current node is labeled | current node has an outgoing edge whose destination satisfies

| X| X. least fixpoint (X must be in even # of )We Can Define: (dual of ) and X. (GreatestFixPt)MM/35SemanticsFor a graph G=(V,E,), an environment : Var2V, and the current node v V

G, v, iff (v)current node is labeled G, v, iff theres w (v,w)E & G,w, current node has an outgoing edge whose destination satisfies G, v, Y. iff v LFP(F)where F(A) = {wV | G, w, [Y:A] }/35ExamplesFrom the node x, we can reach a -nodeS. ( (xS y.z.(yS (edge(y,z)zS))) y. (y S (y)))Confluencey. z. ( edge(x,y) edge(x,z) w. (edge(y,w) edge(z,w)) )From the current node, we can reach a -nodeY. ( Y)Confluence(No way to express it in Modal-)/35MSO Definable (1-copying) Transduction[Courcelle 94]A set of MSO formulas T = OUT(x) for each edgeOUT(x,y)defines a transformation fT convertingG = (V, E, ) into G = (V, E, ) where

( v ) = { | G, x:v OUT(x) }E = { (v, w) | G, x:v, y:w edgeOUT (x,y) }/35Example ( = {a, b, A, B})aabbAABBedgeOUT(x, y) z.(edge(x,z) edge(z,y))aOUT(x) bOUT(x) FalseAOUT(x) a(x)BOUT(x) b(x)/35Pre-Image is Easily ObtainedaabbAABBx. A(x) y. edge(x,y) A(y)Inline Expansionx. a(x) y. z.(edge(x,z) edge(z,y)) a(y)edgeOUT(x, y) z.(edge(x,z) edge(z,y))aOUT(x) bOUT(x) FalseAOUT(x) a(x)BOUT(x) b(x)/35Expressiveness & ComplexityFOMSOModalModal-X.S.x.PSPACEEXPTIMEUndecidable/35Expressiveness & Complexity(on tree-like graphs)FOMSOModalModal-X.S.x.PSPACEEXPTIMENonElementary/35Modal- and MSOComplexity of Validity CheckingModal- : EXPTIME-completeMSO : Undecidable (Even in Trees, HyperEXP)

Expressive PowerModal- = Bisimulation-Invariant Subset of MSO[Janin & Walukiewicz 96]Bisimulation-Invariant Physical equality of pointers cannot be checkedNot a severe restriction for purely functional programs!/35Modal- Definable (1-copying) TransductionA set of Modal- formulas T = OUT for each edgeOUT an existential formula Fv={X} defines a transformation fT convertingG = (V, E, ) into G = (V, E, ) where

( v ) = { | G, v OUT }E = { (v, w) | G, v, X:{w} edgeOUT }/35Example ( = {a, b, A, B})aabbAABBA Aa aedgeOUT XaOUT bOUT FalseAOUT aBOUT b/35Existential FormulaA formula e with one free variable X isexistential, if

Examples:X True is not existential (Consider P={}).Xis existential.Xis not (when v is a leaf node ). is not, but X is.for all G=(V,E,), vV, PV G, v, X:P e iff wP. G, v, X:{w} e/35Syntactic ConditionTheorem:e is existential if it is in the following syntax

e ::= False | X | Y | e e | e | Y. e | e where is any formula without free variables

(True, , , , and GFP must be guarded by _ _)

Open Question: is this a necessary condition ?(i.e., do all existential formulas have logically-equivalent forms in this syntax?) for all G=(V,E,), vV, PV G, v, X:P e iff wP. G, v, X:{w} e/35More ExamplesedgeOUT X edgeOUT a

edgeOUT Y. ((X a) Y)

edgeOUT XXedgeOUT Y. ((X a b) (a Y)aabaaabba(Non-Examples)/35Pre-Image ComputationFor T = (OUT, eOUT), defineinv( False )= Falseinv( )= inv( )inv( 1 2 )= inv( 1 ) inv( 2 )inv( )= OUTinv( )= edgeOUT [X / inv()]inv( Y )= Yinv( Y. )= Y. inv()Theorem: fT(G), v iff G, v inv()/35Proof of the TheoremBy Induction on . The essential case is:G, v inv()iffG,v edgeOUT [X / inv()](definition of inv)iffw (G,v,X:{w} edgeOUT and G,w inv()) (ext)iffw ((v,w) in E and G,w inv()) (def of E)iffw ((v,w) in E and fT(G),w ) (IH)ifffT(G), v (definition of )Theorem: fT(G), v iff G, v inv()/35n-copyingModal- Definable TransductionA set of Modal- formulas T = kOUT for each , k{1 .. n} edgeikOUT for each i, k{1 .. n} : existentialdefines a transformation fT convertingG = (V, E, ) into G = (V*{1..n}, E, ) where

( ) = { | G, v kOUT }E = { (, ) | G, v, X:{w} edgeikOUT }/35Example ( = {a, b, A, B})abb Abu A2OUT ( edge21OUT [b1OUT] edge22OUT [b2OUT] )edge12OUT Xedge21OUT Xa1OUT A2OUT ab1OUT B2OUT botherwise FalseabbABBu a b/35ExampleMutual structural recursion (without accumulating parameters) can be dealt with.For the detail of structural recursion over graphs, see [Buneman, Fernandez & Suciu 00]fun ev( x ) = od(x)fun ev( x ) = od(x)fun od( x ) = ev(x)fun od( x ) = ev(x)

aAAbBb12aBAB3134edge12OUT a X edge23OUT a Xedge13OUT a Xedge31OUT b Xedge34OUT b X edge41OUT b X/3530Pre-Image Computationinvk ( False, )= Falseinvk ( , )= invk ( , )invk ( 12, )= invk ( 1, ) invk ( 2, )invk ( , )= kOUTinvk ( , )= j{1..n} edgekjOUT [X / invj(, )]invk ( Y, )= Yk if kSinvk ( Y, )= Yk. invk( , [Y] ) where (S,) = (Y)invk ( Y. , )= Yk. invk( , [Y] )Thm: fT(G), iff G,v invk(, {})/35Exampleedge11OUT edge12OUT edge21OUT edge22OUT Xa1OUT a2OUT a

f(G), Y. (a Y)G, v Y1. inv1( a Y )G, v Y1. a (inv1(Y) inv2(Y))G, v Y1. a (Y1 Y2.inv2(aY))G, v Y1. a (Y1 Y2. a(inv1(Y)inv2(Y))G, v Y1. a (Y1 Y2. a(Y1Y2))

Open Question: can inv() be shorterthan (n-1)!+1 ?/35Some Useful ResultsConstruction is analogous to inv().Theorem:Modal- Definable Transduction is closed under composition.Theorem: Modal- Definable Transduction MSO Definable & Bisimulation-Invariant.It is known that Bisimulation-Invariant MSO transduction is equal to structural recursion [Colcombet & Lding 04]./35ConclusionModal- Definable TransductionPre-Image of a modal- sentence is computableStructural recursion is expressible(Not in the talk)Node-erasing transformationsEdge-labeled graphsTransformations with multiple inputs/outputsFuture WorkImplementation Addition of Backward Modality( G,v iff theres (w,v)E s.t. G,w )Syntactic necessary condition for edgeOUTMore concise formula for inv(Y.)/35References[Trakhtenbrot 50] Impossibility of an Algorithm for the Decision Problem for Finite ClassesSatisfiability of FO on graphs is undecidable[Meyer 74] Weak monadic second order theory of successor is not elementary-recursiveSatisfiability of MSO on finite strings is Non-Elementary[Robertson 74] Structure of Complexity in the Weak Monadic Second-Order Theories of the Natural Numbers Satisfiability of FO[