Well-Formed Environments - Automatic Amortized Analysis

2.2 Automatic Amortized Analysis

3.3.2 Well-Formed Environments

The notion of a well-formed environment is used in many of the following theorems. Intuitively, a heap and stack are well-formed with respect to some typing context if for each variable, the type assigned by the typing context agrees with the actual value assigned to the variable by the stack and the heap.

IfHis a heap,vis a value,Ais a type, anda∈ Athen I writeHÍv7→a:A to mean thatvdefines the semantic valuea∈ Awhen pointers are followed inHin the obvious way. The judgment is formally defined in Figure 3.4.

I write [] for the empty list. For a non-empty list [a1, . . . ,an] I write [a1, . . . ,an]=

a1::[a2, . . . ,an]. The tree with roota, left subtreet1 and right subtreet2 is denoted

bytree(a,t1,t2). The empty tree is denoted byleaf. For a heapH, I writeH0=H\` for the heap in which the location`is removed. That is, dom(H0)=dom(H)\{`} and

H0₍_`0₎₌_H₍_`0_{) for all}_`0_∈_dom(_H0_).

Note that there exist three semantic valuesasuch thatHÍNULL7→a:A for every heapH; namelya=(),a=[], anda=leaf. However, if we fix a data typeAthen the semantic valueais unique.

Proposition 3.3.3 LetHbe a heap,vbe a value, and letAbe a data type. IfHÍv7→a:A

andHÍv7→a0:A thena=a0.

PROOF We prove the claim by induction on the derivation ofHÍv7→a:A.

Assume first thatHÍv7→a:A has been derived by the application of a single rule. Then the judgment has been derived by one of the rules V:BOOL, V:INT, V:UNIT, V:NIL, or V:LEAF. An inspection of the rules shows that for givenAandvonly one of rules is applicable. Thus it follows thata=a0.

Assume now that the derivation ofHÍv7→a:A ends with an application of the rule V:CONS. ThenA=L(B),a=[a1, . . . ,an],v∈Loc, andH(v)=(v1,v2). It follows that the derivation ofHÍv7→a0:A also ends with an application of V:CONS. Thus we have a0=[b1, . . . ,bm]. From the premises of V:CONSit follows that

H0Ív1 7→ a1:A

H0Ív2 7→ [a2, . . . ,an] :L(A)

H0Ív1 7→ b1:A

H0Ív2 7→ [b2, . . . ,bm] :L(A) whereH0₌_H_\_v_{. It follows by induction that}_n₌_m_and_b

i=aifor all 1≤i≤n.

The cases in which the derivation ends with the V:NODEor V:PAIRare similar. ■

Note that ifHÍv7→a:A thenvmay well point to a data structure with some aliasing, but no circularity is allowed since this would require infinite valuesa. I do not include them because in our functional language there is no way of generating such values.

I writeHÍv:A to indicate that there exists a, necessarily unique, semantic value

a∈ Aso thatHÍv7→a:A. A stackV and a heapHarewell-formedwith respect to a contextΓifHÍV(x) :Γ(x) holds for everyx∈dom(Γ). I then writeHÍV :Γ.

Theorem 3.3.4 shows that the evaluation of a well-typed expression in a well-formed environment results in a well-formed environment.

Theorem 3.3.4 IfΣ;Γ`e:B,HÍV :ΓandV,H`e v,H0_|₍_q_,_q0_{) then}_H0_Í_V _:_Γ_and H0Ív:B.

PROOF From Proposition 3.3.2 it follows H0(`)=H(`) for all`∈dom(H) and thus

H0_Í_V_:_Γ_.

The second part,H0Ív:B, is proved by induction on the derivations ofV,H`

e v,H0|(q,q0) andΣ;Γ`e:Bwhere the induction on the evaluation judgment takes priority.

Note that a single induction on the derivation of the evaluation judgment fails because of the structural type rules S:SHAREand S:AUGMENT. If the type derivation ends with one of these rules then you do not obtain type judgments that correspond to the premises of the last evaluation rule. As a result, you can not apply the induction hypothesis.

A single induction on the derivation of the type judgmentΣ;Γ`e:Bfails because of the type rule S:APPand the corresponding evaluation rule E:APP. On the one hand, the evaluation of a function application proceeds with the evaluation of the body of the function. On the other hand, a type derivation that ends with S:APPconsists of one step

only. To apply the induction hypothesis the evaluation ofef, you need to use a type derivation ofef which is longer then zero steps. Thus the induction hypothesis can not be applied.

(S:SHARE) Suppose that the derivation ofΣ;Γ`e:Bends with an application of the rule S:SHARE. ThenΓ=Γ,z:Aand it follows from the premise that

Σ;Γ0,x:A,y:A `e0:B (3.1)

for some data type A, a contextΓ0and an expressione0 withe0[z/x,z/y]=e. Since

HÍV:Γ0_,_z_:_A_and

V,H`e v,H0|(q,q0) (3.2)

it follows thatHÍVx y:Γ0,x:A,y:Aand

Vx y,H`e0 v,H0|(q,q0) (3.3)

forVx y=V\z∪{x7→V(z),y7→V(z)}. Furthermore, the derivation tree of (3.3) has the same shape as the derivation tree of (3.2). Thus we can apply the induction hypothesis to (3.1) and (3.2), and deriveH0Ív:B.

(S:AUGMENT) If the derivation ofΣ;Γ`e:Bends with an application of the rule S:AUGMENTthen we have

Σ;Γ0`e:B (3.4)

for a contextΓ0withΓ0,x:A=Γ. But it follows by definition thatHÍV :Γ0. Thus we can apply the induction hypothesis to (3.4) and the evaluation judgment, and derive

H0Ív:B.

(S:VAR) If the type derivation ends with the application of the rule S:VARthen the derivation of the evaluation judgment ends with and application of E:VAR. The claim

(S:CONST*) Assume that the type derivation ends with one of rules (S:CONST*) for constants. Then the derivation of the evaluation judgment ends with an application of the corresponding rule E:CONST*. The claim follows directly from the definition. (S:OPINT) The evaluation ends with an application of the rule E:BINOP. Since we haveΣ;x1:int,x2:int`x1op x2:intandHÍV:x1:int,x2:intit follows thatV,H`e n,H0|(q,q0) for an integern; thusH0Ín:int.

(S:OPBOOL) Similar to the case (S:OPINT).

(S:APP) Assume the type derivation ends with the derivation ofΣ;x:A ` f(x) :B, using the rule S:APP. Then the derivation of the evaluation judgment ends with an application of the rule E:APP. From the premiseΣ(f)=A→Bof S:APPit follows that

Σ;yf:A`ef:B. SinceHÍV(x) :Awe haveHÍ[yf 7→H(x)] : (yf:A). Thus we can apply the induction hypothesis to the premise [yf 7→H(x)],H`ef v,H0|(q,q0) of the rule E:APP. It follows thatH0Ív:B.

(S:COND) Then the evaluation ends with an application of the rules E:CONDT or

E:CONDF. Assume it ends with E:CONDT; the case E:CONF is similar. We use the premiseΣ;Γ`et:Bof S:CONDand the factHÍV :Γto apply the induction hypothesis to the premiseV,H`et v,H0|(q,q0) of E:CONDT. It follows thatH0Ív:B.

(S:LET) Then the derivation of the evaluation judgment ends with an application of the rule E:LET. We haveΣ;Γ1`e1:Afrom the premises of S:LETand alsoHÍV :Γ1

fromHÍV :Γ. So we can apply the induction hypothesis toV,H1`e1 v1,H1|(q,q0) and deriveH1Ív1:A. From Proposition 3.3.2 it follows thatH1(l)=H(l) for alll∈ dom(H). SinceH1Ív1:Aand img(V)⊆dom(H) we concludeH1ÍV[x7→v1] :Γ,x:A. Furthermore,Σ;Γ2,x:A `e2:Bis a premise of S:LET. Thus we can apply the induction

hypothesis a second time toV[x7→v1],H1`e2 v2,H2|(p,p0) and deriveH2Ív2:B.

(S:PAIR) Then the evaluation ends with an application of the rule E:PAIR. We conclude fromHÍV: (x1:B1,x2:B2) thatHÍ(V(x1),V(x2)) : (B1,B2) (using V:PAIR).

(S:MATP) Then the evaluation ends with an application of the rule E:MATP. Since

HÍV :Γ,x:(A1,A2) it follows thatHÍ(v1,v2):(A1,A2) and thusHÍv1:A1andHÍ

v2:A2whereV(x)=(v1,v2). We conclude thatHÍV[x17→v1,x27→v2] :Γ,x1:A1,x2:A2. Furthermore we have the premiseΣ;Γ,x1:A1,x2:A2`e:Bin the rule S:MATP. Hence

we can apply the induction hypothesis the premiseV[x17→v1,x27→v2],H`e v,H0| (q,q0) of E:MATP. It follows thatH0Ív:B.

(S:NIL) and (S:LEAF) Then the corresponding evaluation rules E:NILor E:LEAFhave been applied to derive the evaluation judgment. The claim follows directly from the definition.

(S:CONS) and (S:NODE) Similar to the case (S:PAIR).

(S:MATL) and (S:MATT ) Similar to the case (S:MATP). ■

In document Hoffmann, Jan (2011): Types with potential: polynomial resource bounds via automatic amortized analysis. Dissertation, LMU München: Fakultät für Mathematik, Informatik und Statistik (Page 50-53)