Abstract
Algorithms on restructuring binary search trees are typically presented in imperative pseudocode. Understandably so, as their performance relies on in-place execution, rather than the repeated allocation of fresh nodes in memory. Unfortunately, these imperative algorithms are notoriously difficult to verify as their loop invariants must relate the unfinished tree fragments being rebalanced. This paper presents several novel functional algorithms for accessing and inserting elements in a restructuring binary search tree that are as fast as their imperative counterparts; yet the correctness of these functional algorithms is established using a simple inductive argument. For each data structure, move-to-root, splay, and zip trees, this paper describes both a bottom-up algorithm using zippers and a top-down algorithm using a novel first-class constructor context primitive. The functional and imperative algorithms are equivalent: we mechanise the proofs establishing this in the Coq proof assistant using the Iris framework. This yields a first fully verified implementation of well known algorithms on binary search trees with performance on par with the fastest implementations in C.
| Original language | English |
|---|---|
| Article number | 168 |
| Pages (from-to) | 518-542 |
| Number of pages | 168 |
| Journal | Proceedings of the ACM on Programming Languages |
| Volume | 8 |
| Issue number | PLDI |
| DOIs | |
| Publication status | Published - 1 Jun 2024 |
Bibliographical note
Publisher Copyright:© 2024 Copyright held by the owner/author(s).
Funding
This work was carried out while Anton Lorenzen was a Research Intern at Microsoft Research. Sam Lindley was supported by UKRI Future Leaders Fellowship MR/T043830/1 (EHOP).
| Funders | Funder number |
|---|---|
| Microsoft Research | |
| EHOP | |
| UKRI | MR/T043830/1 |
Keywords
- FBIP
- FIP
- Splay Trees
- Tail Recursion Modulo Cons
- Zip Trees
- Zippers