Using Coq in Specification and Program Extraction of Hadoop Map. Reduce Applications. Hadoop Map. Reduce is a framework for distributed computation on key- value pairs. The goal of this research is to verify actual running code of Map. Reduce applications. We first constructed an abstract model of Map. Reduce computation with the proof assistant Coq. In the model, mappers and reducers in Map. Reduce computation are modeled as functions in Coq, and a specification of a Map. Reduce application is expressed in terms of invariants among functions involving its mapper and reducer. The model also provides modular proofs of lemmas that do not depend on applications. To achieve the goal, we investigated the feasibility of two approaches. In one approach, we transformed verified mapper and reducer functions into Haskell programs and executed them under Hadoop Streaming. In the other approach, we verified JML annotations on Java programs of the mapper and reducer using Krakatoa, translated them into Coq axioms, and proved Coq specifications from them. In either approach, we were able to verify correctness of Map. Reduce applications that actually run on the Hadoop Map. Reduce framework. Coq Program Extraction Day TrailerIn its simplest form, program extraction from Coq is completely straightforward. First we say what language we want to extract into. Using Coq in specification and program extraction of Hadoop MapReduce applications. Coq Talk Ed Morehouse Ed Morehouse Coq Talk. Coq automatically defines induction rules for all inductive types defined by the user. Program extraction in Coq is almost the identity function but other typing system information from Prop is erased existential quanti cation in Prop. Using Coq in specification and program extraction of hadoop mapreduce. We first constructed an abstract model of MapReduce computation with the proof assistant Coq.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
January 2017
Categories |