Machine-Checked Verification of the Correctness and Amortized Complexity of an Efficient Union-Find Implementation

Union-Find is a famous example of a simple data structure whose amortized asymptotic time complexity analysis is non-trivial. We present a Coq formalization of this analysis. Moreover, we implement Union-Find as an OCaml library and formally endow it with a modular specification that offers a full functional correctness guarantee as well as an amortized complexity bound. Reasoning in Coq about imperative OCaml code relies on the CFML tool, which is based on characteristic formulae and Separation Logic, and which we extend with time credits. Although it was known in principle that amortized analysis can be explained in terms of time credits and that time credits can be viewed as resources in Separation Logic, we believe our work is the first practical demonstration of this approach.

[1]  François Pottier,et al.  The essence of monotonic state , 2011, TLDI '11.

[2]  Jan van Leeuwen,et al.  Worst-case Analysis of Set Union Algorithms , 1984, JACM.

[3]  Karl Crary,et al.  Resource bound certification , 2000, POPL '00.

[4]  Martin Hofmann,et al.  Static prediction of heap space usage for first-order functional programs , 2003, POPL '03.

[5]  Jean-Christophe Filliâtre,et al.  A persistent union-find data structure , 2007, ML '07.

[6]  Nils Anders Danielsson Lightweight semiformal time complexity analysis for purely functional data structures , 2008, POPL '08.

[7]  Martin Hofmann,et al.  Multivariate amortized resource analysis , 2012, TOPL.

[8]  Adam Chlipala,et al.  Effective interactive proofs for higher-order imperative programs , 2009, ICFP.

[9]  J. P. Boender,et al.  Certified Complexity (CerCo) , 2013, FOPARA.

[10]  Haim Kaplan,et al.  Union-find with deletions , 2002, SODA '02.

[11]  Robert Atkey,et al.  Amortised Resource Analysis with Separation Logic , 2010, ESOP.

[12]  Ronald L. Rivest,et al.  Introduction to Algorithms, third edition , 2009 .

[13]  Robert E. Tarjan,et al.  Efficiency of a Good But Not Linear Set Union Algorithm , 1972, JACM.

[14]  Tobias Nipkow Amortized Complexity Verified , 2015, ITP.

[15]  Adam Chlipala,et al.  The bedrock structured programming system: combining generative metaprogramming and hoare logic in an extensible program verifier , 2013, ICFP.

[16]  Jeffrey D. Ullman,et al.  Set Merging Algorithms , 1973, SIAM J. Comput..

[17]  John C. Reynolds,et al.  Separation logic: a logic for shared mutable data structures , 2002, Proceedings 17th Annual IEEE Symposium on Logic in Computer Science.

[18]  Alfred V. Aho,et al.  The Design and Analysis of Computer Algorithms , 1974 .

[19]  Martin Hofmann,et al.  Amortized Resource Analysis with Polynomial Potential , 2010, ESOP.

[20]  Foundational and Practical Aspects of Resource Analysis , 2009, Lecture Notes in Computer Science.

[21]  Nick Bezhanishvili,et al.  Finitely generated free Heyting algebras via Birkhoff duality and coalgebra , 2011, Log. Methods Comput. Sci..

[22]  Ben Wegbreit,et al.  Mechanical program analysis , 1975, CACM.

[23]  Guy E. Blelloch,et al.  Parallelism in sequential functional languages , 1995, FPCA '95.

[24]  Michael J. Fischer,et al.  An improved equivalence algorithm , 1964, CACM.

[25]  Jeffrey D. Smith,et al.  Design and Analysis of Algorithms , 2009, Lecture Notes in Computer Science.

[26]  Ronald L. Rivest,et al.  Introduction to Algorithms , 1990 .

[27]  Arthur Charguéraud,et al.  Characteristic formulae for the verification of imperative programs , 2011, ICFP.

[28]  Inge Li Gørtz,et al.  Union-Find with Constant Time Deletions , 2014, TALG.

[29]  Jennifer Paykin,et al.  A static cost analysis for a higher-order language , 2012, PLPV.

[30]  Daniel Le Métayer,et al.  ACE: an automatic complexity evaluator , 1988, TOPL.