dsfb-database 0.1.1

DSFB-Database: deterministic, read-only structural observer for residual trajectories in SQL database telemetry. Empirical prior-art demonstration on Snowset, SQLShare, CEB, JOB, and TPC-DS.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226

//! Randomised property tests for the published-baseline change-point
//! detectors used by the §7 bake-off (`baselines::{adwin, bocpd, pelt}`).
//!
//! Companion to the per-detector unit tests in `src/baselines/*.rs`. Those
//! tests exercise canonical fixtures (an obvious mean shift, a flat
//! series); these tests cover the *boundary* behaviours that a static
//! fixture cannot — degenerate inputs (empty, length-1, all-equal,
//! all-NaN, all-±∞) must not panic, and stationary uniform input must
//! not provoke an unbounded false-positive cascade.
//!
//! ### Read-only invariant
//!
//! Per the Pass-2 guardrails (`/home/one/.claude/plans/only-focus-on-dsfb-database-curious-scroll.md`)
//! the baseline source files (`src/baselines/{adwin,bocpd,pelt}.rs`) are
//! frozen. These tests call only the published `ChangePointDetector` trait
//! surface and never construct alternative configurations beyond the
//! `Default::default()` instances. If a property fails it is documented in
//! paper §44 (adversarial workload) or §36 (cross-firing) and the fix is
//! deferred to a future pass — the *contract* this file pins is that the
//! baselines we compare DSFB against do not crash on hostile input.
//!
//! ### Why arbtest, not proptest
//!
//! The crate already pulls in `arbtest = "0.3"` for
//! `tests/property_envelope_arbtest.rs`. Using the same library keeps the
//! dev-dependency surface minimal and the property style consistent
//! across the test suite.

use arbtest::arbtest;
use dsfb_database::baselines::{adwin::Adwin, bocpd::Bocpd, pelt::Pelt, ChangePointDetector};

fn detectors() -> Vec<Box<dyn ChangePointDetector>> {
    vec![
        Box::new(Adwin::default()),
        Box::new(Bocpd::default()),
        Box::new(Pelt::default()),
    ]
}

// ----------------------------------------------------------------------
// Degenerate-input no-panic (fixed cases — would be wasted on randomised
// shrinking because the failure modes are enumerable).
// ----------------------------------------------------------------------

#[test]
fn no_panic_on_empty_series() {
    let series: Vec<(f64, f64)> = Vec::new();
    for det in detectors() {
        let cps = det.detect(&series);
        assert!(
            cps.is_empty(),
            "{}: empty input must yield no change-points",
            det.name()
        );
    }
}

#[test]
fn no_panic_on_single_sample() {
    let series = vec![(0.0_f64, 0.0_f64)];
    for det in detectors() {
        let cps = det.detect(&series);
        assert!(
            cps.is_empty(),
            "{}: single-sample input must yield no change-points",
            det.name()
        );
    }
}

#[test]
fn no_panic_on_constant_series() {
    // 200 identical samples — variance is zero, Hoeffding/Bayesian/PELT
    // costs all collapse to degenerate values. None of the detectors
    // should panic, divide by zero, or invent change-points.
    let series: Vec<(f64, f64)> = (0..200).map(|i| (i as f64, 7.0)).collect();
    for det in detectors() {
        let cps = det.detect(&series);
        assert!(
            cps.is_empty(),
            "{}: constant series must yield no change-points (got {})",
            det.name(),
            cps.len()
        );
    }
}

#[test]
fn no_panic_on_all_nan_series() {
    let series: Vec<(f64, f64)> = (0..50).map(|i| (i as f64, f64::NAN)).collect();
    for det in detectors() {
        // We do not assert the *value* of the result — NaN inputs may
        // legitimately confuse a detector — but we do assert it does
        // not panic, hang, or otherwise fail to return.
        let _ = det.detect(&series);
    }
}

#[test]
fn no_panic_on_infinite_series() {
    for sign in [1.0_f64, -1.0_f64] {
        let series: Vec<(f64, f64)> = (0..50).map(|i| (i as f64, sign * f64::INFINITY)).collect();
        for det in detectors() {
            let _ = det.detect(&series);
        }
    }
}

// ----------------------------------------------------------------------
// Stationary-input properties (randomised — every shrink finds a smaller
// counterexample if the property breaks, which is the entire reason for
// arbtest over a fixed unit case).
// ----------------------------------------------------------------------

/// Map an arbitrary byte stream to a bounded uniform real series in
/// [-1, 1]. The series is *stationary* by construction — every sample
/// is drawn from the same distribution, so no detector should fire
/// many change-points.
fn bounded_uniform_series(
    u: &mut arbtest::arbitrary::Unstructured<'_>,
) -> arbtest::arbitrary::Result<Vec<(f64, f64)>> {
    let raw_n: u8 = u.arbitrary()?;
    let n = (raw_n as usize).clamp(40, 240);
    let mut series = Vec::with_capacity(n);
    for i in 0..n {
        let raw: i8 = u.arbitrary()?;
        let v = (raw as f64) / 128.0;
        series.push((i as f64, v));
    }
    Ok(series)
}

#[test]
fn adwin_bounded_false_positive_on_stationary_uniform() {
    arbtest(|u| {
        let series = bounded_uniform_series(u)?;
        let n = series.len();
        let cps = Adwin::default().detect(&series);
        // The Hoeffding ε_cut on bounded data with δ=0.002 makes ADWIN
        // very conservative: empirically ≤ n/8 false positives on
        // uniform [-1, 1] for n ≤ 240. This is a loose ceiling — the
        // unit test in `src/baselines/adwin.rs` pins the strict
        // zero-false-positive case for *flat* input.
        assert!(
            cps.len() <= n / 8 + 1,
            "ADWIN: {} cps in {} stationary samples (limit {})",
            cps.len(),
            n,
            n / 8 + 1
        );
        Ok(())
    })
    .budget_ms(100);
}

#[test]
fn pelt_bounded_false_positive_on_stationary_uniform() {
    arbtest(|u| {
        let series = bounded_uniform_series(u)?;
        let n = series.len();
        let cps = Pelt::default().detect(&series);
        // PELT under BIC penalty `k·ln(n)·σ²` on uniform input is
        // self-tuning to scale; cap at n/10 + 1 for the loose
        // false-positive ceiling.
        assert!(
            cps.len() <= n / 10 + 1,
            "PELT: {} cps in {} stationary samples (limit {})",
            cps.len(),
            n,
            n / 10 + 1
        );
        Ok(())
    })
    .budget_ms(100);
}

#[test]
fn bocpd_bounded_false_positive_on_stationary_uniform() {
    arbtest(|u| {
        let series = bounded_uniform_series(u)?;
        let n = series.len();
        let cps = Bocpd::default().detect(&series);
        // BOCPD with map_drop_min=2 and λ=100 on stationary input is
        // dominated by the run-length prior (hazard ≈ 0.01), so
        // expected false positives ≈ n · 0.01. Cap at n/8 + 1 for
        // safety.
        assert!(
            cps.len() <= n / 8 + 1,
            "BOCPD: {} cps in {} stationary samples (limit {})",
            cps.len(),
            n,
            n / 8 + 1
        );
        Ok(())
    })
    .budget_ms(100);
}

// ----------------------------------------------------------------------
// Determinism property: the trait contract requires that `detect` is a
// pure function of the input series. Two calls with the same input must
// return byte-equal Vecs. Without this property the bake-off CSV
// fingerprint locks (`tests/deterministic_replay.rs`) would not be
// reachable for the baselines.
// ----------------------------------------------------------------------

#[test]
fn detectors_are_deterministic_on_arbitrary_input() {
    arbtest(|u| {
        let series = bounded_uniform_series(u)?;
        for det in detectors() {
            let a = det.detect(&series);
            let b = det.detect(&series);
            assert_eq!(
                a,
                b,
                "{}: detect() not deterministic (a={:?}, b={:?})",
                det.name(),
                a,
                b
            );
        }
        Ok(())
    })
    .budget_ms(100);
}