In this section we will show that a RAJA program is well-typed iff it can be extended to a complete well-typed RAJA program with explicit types.
Verification of soundness
In the following we show that the syntax-directed typing judgement defined in Section 4.4.1 is sound w.r.t. the declarative typing judgement from Chap- ter 3. Notice that this holds even for RAJA programs with explicit types that are not complete.
In the proof we will use the fact that Γ<:∅for any context Γ without
explicit notice.
Lemma 4.4.2 (Soundness of algorithmic RAJA typing)
LetR+= (C,main,V,M,Inst,Abody)be a RAJA program with explicit types. If D:: Γ nn0 e◦⇔Cr thenΓ nn0 |e◦|:Cr.
Proof. By induction onD.
Case (ON ew). We have Dr <: Cr and Dr main and n ≥ ♦(Dr) + 1 and n0 ≤ n−♦(Dr)−1. Then, by (♦N ew) followed by (♦W aste), we obtain the desired goal.
Dr main (♦N ew) ∅ ♦(D r) + 1 0 newD:Dr Dr<:Cr Γ0<:∅ n≥♦(Dr) + 1 n0≤n−♦(Dr)−1 (♦W aste) Γ0 n n0 newD:Cr
Case (OF ree). Similarly, by(♦F ree) followed by(♦W aste).
Case (OCast). We have Dr <: Cs and D <: E and n0 ≤ n. Then, by (♦Cast) followed by (♦W aste), we obtain the desired goal.
D <:E x:Er 0 0 (D)x:Dr Dr <:Cs Γ0, x:Er<:x:Er n0 ≤n Γ0, x:Er n n0 (D)x:Cs
Case (OV ar). Follows similarly, by (♦V ar) followed by(♦W aste).
Case (OAccess). We have C.a = E and ∀F <: C .Aget(Fr, a) v s and E <: D and n0 ≤n. Then, by (♦Access) followed by (♦W aste), we obtain the desired goal.
∀F <:C .Aget(Fr, a)vs C.a=E
x:Cr 00 x.a:Es Es<:Ds Γ0, x:Cr <:x:Cr n0 ≤n
Γ0, x:Cr nn0 x.a:Ds
Case (OU pdate). We have E.a = D and ∀G <: E . s v Aset(Gr, a) and F <: D and Er <:Cq. Then, by
(OU pdate) followed by (♦W aste), we obtain the desired goal.
∀G <:E . svAset(Gr, a) E.a=D
x:Er, y:Ds 00 x.a←y:Er Er<:Cq Fs<:Ds n0 ≤n Γ0, x:Er, y:Fs
n
n0 x.a←y:Cq
Case (OLet). For ease of notation let us assume w.l.o.g. Γ1 =y:Cr1 and
Γ2 =y:Cr2. By induction hypothesis we obtainy:Cr1 n
n0 e1:Ds and
y:Cr2, x:Ds n 0
n00 e2:Cr. After substitutingybyy1 ine1andybyy2in
e2 we obtainy1:Cr1 n
n0 e1[y1/y] :Ds andy2:Cr2, x:Ds n0
n00 e2[y2/y] :
Cr. Then, by (♦Let), we obtain
y1:Cr1 n n0 e1[y1/y] :Ds y2:Cr2, x:Ds n 0 n00 e2[y2/y] :Cr (OLet) y1:Cr1, y2:Cr2 n n00 letD x=e1[y1/y]ine2[y2/y] :Cr Then, by(♦Share), we obtain the desired goal
y:Cr1⊕r2 n
n00 let D x=e1 in e2:Cr
since, by Lemma 3.2.25, we obtain.(r1⊕r2|r1, r2).
Case (OCond.). Let us assume again for ease of notation w.l.o.g. Γ1 =y:
Cs1 and Γ
2 =y:Cs2. By induction hypothesis we obtainy:Cs1 nn0 e1:
Crandy:Cs2 n
n0 e2:Cr. We notice that s1∧s2vsi by Lemma 3.2.3.
Then we obtain the desired goal by(♦W aste) and (♦Conditional).
y:Cs1 n n0 e1:Cr (♦W aste) y:Cs1∧s2 n n0 e1:Cr y:Cs2 n n0 e2:Cr (♦W aste) y:Cs1∧s2 n n0 e2:Cr (♦Conditional) y:Cs1∧s2 n
Case (OInv.). We have Gs0;E~~s m/m 0
−−−→Hs0 ∈Inst(G, m) and Gr0 <:Gs0 and
Fri
i <:E si
i and Hs
0
<:Cr0 and n≥m and n0 ≤m0+n−m. Then, the desired goal follows by(♦Invocation) and (♦W aste).
Gs0;E~~s m/m0 −−−→Hs0 instanceof M(G, m) x:Gs0, y 1:E1s1, . . . , yn:Ensn m m0 :Hs 0 Gr0 <:Gs0 Fri i <:E si i . . . Γ0, x:Gr0, y1:F1r1, . . . , yn:Fnrn n n0 :Cr 0 2
Next we show that ifR+ is a well-typed complete RAJA program with explicit types then its underlying RAJA program is well-typed as well.
Lemma 4.4.3 (Soundness of algorithmic RAJA method typing) Let R+ = (C,main,V,M,Inst,Abody) be a complete RAJA program with explicit types. LetC ∈C andm∈Meth(C) such that `am:Inst(C, m) ok. Then `m:M(C, m) ok.
Proof. Let T = E~~r n/n−−→0Hrn+1 ∈ Inst(C, m) and A
body(C, m, T) = (e◦, p).
Then,Mbody(C, m) =|e◦|. We have this:Cs0, x 1:E1s1, . . . , xn:Ensn n+p n0 e ◦ ⇔Hrn+1 ♦(Cr0) ≥p and r
i v si and (r0− p)C vs0. Then, by Lemma 4.3.3 we get
. r0
(r0− p)C,pC
. We then get the desired goal by soundness of algorith- mic typing (Lemma 4.4.2) and(♦W aste):
this:Cs0, x 1:E1s1, . . . , xn:Ensn n+p n0 |e◦|:Hrn+1 C(r0− p)C <:Cs0 Eri i <:E si i (♦W aste) this:C(r0− p)C, x 1:E1r1, . . . , xn:Ernn n+p n0 |e◦|:Hrn+1 2
Theorem 4.4.4 Let R+= (C,main,V,M,Inst,A
body)be a complete RAJA program with explicit types. Then R= (C,main,M) is well-typed.
Proof. Let C ∈ C and m ∈ Meth(C) and M(C, m) = φ and `a m :
Inst(C, m) ok. Then ` m : φ ok by Lemma 4.4.3. Let further S(C) = D. ThenM(C, m)<:M(D, m) follows byInst(C, m)<:Inst(D, m) becauseR+
Verification of completeness
In this section we show that given a well-typed RAJA program, we can extend it to a complete RAJA program with explicit types that is well-typed as well.
First, we show that the syntax-directed typing judgement defined in Sec- tion 4.4.1 is complete w.r.t. the declarative typing judgement from Chap- ter 3. The completeness proof is a bit more complicated than the soundness proof. The reason for this is that we have eliminated the rules (♦Share) and (♦W aste) and we have to show that typing derivations that use these rules are still admissible in the syntax-directed typing system.
The following lemma states the admissibility of sharing in the syntax- directed typing system.
Lemma 4.4.5 (Share) Let D :: Γ, y1 :Ds1, . . . , yn:Dsn n n0 e◦ ⇔ Cr and .(s|s1, . . . , sn). Then Γ, x:D¯s n
n0 e[x/y1, . . . , x/yn]◦ ⇔Cr and svs¯.
Proof. By induction on D. For ease of notation let us assume Γ =∅ and
n= 2.
Case (OLet). We have
y1:Ds1, y2:Ds2 n n0 e◦1⇔Dq y1:Dr1, y2:Dr2, x:Dq nn0 e◦2⇔Cr y1:Ds1⊕r1, y2:Ds2⊕r2 n n0 letD xn 0 =e◦1 in e◦2⇔Cr (OLet)
and .(s|s1⊕r1, s2⊕r2). Also notice that .(s1⊕s2|s1, s2) and .(r1⊕r2|r1, r2), so by induction hypothesis we obtains1⊕s2 vsˆand
r1⊕r2vˆr and z:Dsˆ n n0 e1[z/y1, z/y2]⇔Dq z:Dˆr, x:Dq n 0 n00 e2[z/y1, z/y2]⇔Cr z:Dˆs⊕ˆr n
n00 (letD x=e◦1 in e◦2)[z/y1, z/y2]⇔Cr
(OLet)
and we showsvˆs⊕rˆ. We compute as follows:
.(s|s1⊕r1, s2⊕r2) ⇐⇒ .(s|s1, r1, s2, r2) ⇐⇒ .(s|s1⊕s2, r1⊕r2) ⇐⇒ Lemma 3.2.24 .(s|ˆs,rˆ) ⇐⇒ Lemma 3.2.25 svˆs⊕rˆ Case y1:D s1, y 2:Ds2 n n0 e◦1⇔Cr y1:Dr1, y 2:Dr2 n n0 e◦2⇔Cr y1:Ds1∧r1, y2:Ds2∧r2 n
n0 if y1 instanceofE then e◦1 elsee◦2⇔Cr
(OCond.)
and.(s|s1∧r1, s2∧r2). Also notice that .(s|s1, s2) and.(s|r1, r2),
so by induction hypothesis we obtain svsˆand svˆr and
z:Dsˆ n
n0 e◦1⇔Cr z:Dˆr nn0 e◦2⇔Cr z:Dsˆ∧ˆr n
n0 (if z instanceofE then e◦1elsee◦2)[z/y1, z/y2]⇔Cr
(OCond.)
and we showsvˆs∧ˆr which follows by Lemma 3.2.4.
The next lemma is the main technical lemma of this proof; it states the admissibility of the rule (♦W aste) in the syntax-directed typing system, which means admissibility of subtyping and weakening of the potential an- notations.
Lemma 4.4.6 (Waste) Let R = (C,main,M) be a well-typed RAJA pro- gram and Inst(C, m) be the set of instances of M(C, m) for all C ∈C and
m∈Meth(C).
If D :: Θ uu0 e◦ ⇔ Ds and Ds <: Cr and |Γ| <: |Θ| and n ≥ u and
n+u0 ≥n0+uthen there exists an annotation foresuch thatΓ nn0 e◦ ⇔Cr.
Proof. By induction onD.
Case (ON ew) We have Θ0 u
u0 new D ⇔ Cr and Dr <: Cr <: Ep and
∀a∈A(D).Aset(Dr, a)vAget(Dr, a) and
n≥u (4.4.1)
n+u0 ≥n0+u (4.4.2) u≥♦(Dr) + 1 (4.4.3) u0≤u−(♦(Dr) + 1) (4.4.4) Then n ≥ ♦(Dr) + 1 follows by (4.4.1) and (4.4.3) with transitivity. Moreover, n0 ≤n−(♦(Dr) + 1) follows by (4.4.2) and (4.4.4). Thus,
we conclude by(ON ew): Γ0
n
n0 new D⇔Ep
Case (OF ree) We have Θ0, x:Cr uu0 free(xr) ⇔ Es and Es <: Fp and
G <:C and m= min{♦(Dr)|D <:C} and
n+u0 ≥n0+u (4.4.5)
u0 ≤u+m+ 1 (4.4.6)
n0 ≤n+m+ 1 follows by (4.4.5) and (4.4.6). Then we conclude with (OF ree):
Γ0, x:Gr n
n0 free(xr)⇔Fp
Case (OCast) We have Θ0, x:Er uu0 (D)xr ⇔Cs and D <:E and Dr<:
Cs <:Gq andF <:E and
n+u0 ≥n0+u (4.4.7)
u0 ≤u (4.4.8)
Then n0 ≤ n follows by (4.4.7) and (4.4.8). Then we finish with (OCast):
Γ0, x:Fr n
Case (OAccess) ∀I <:C .Aget(Ir, a)vs C.a=E E <:D Θ0, x:Cr u u0 xr.a⇔Ds (OAccess) and Ds<:Fp and G <:C and
n+u0 ≥n0+u (4.4.9)
u0 ≤u (4.4.10)
Thenn0 ≤nfollows by (4.4.9) and (4.4.10). We obtain by(OAccess): ∀H <:G .Aget(Hr, a)vsvp C.a=E E <:D Γ0, x:Gr n n0 xr.a⇔Fp (OAccess) Case (OU pdate) ∀G <:E . svAset(Gr, a) E.a=D F <:D Er<:Cq Θ0, x:Er, y:Fs u u0 xr.a<-ys⇔Cq
and Cq <:C0q0 and E0 <:E and F0<:F and
n+u0 ≥n0+u (4.4.11)
u0 ≤u (4.4.12)
Then n0 ≤ n follows by (4.4.11) and (4.4.12). Then we finish with (OU pdate): ∀G <:E0. svAset(Gr, a) E0.a=D F0 <:F <:D Er<:Cq <:C0q0 Γ0, x:E0r, y:F0s n n0 xr.a<-ys⇔C0q 0
Case (OInv.) We have
T0=Gp0;E~~pm1/m2 −−−−→Hpn+1∈Inst(G , m) Gr0 <:Gp0 Fri i <:E pi i H pn+1 <:Cr0 u 1≥m1 u2≤m2+u1−m1 (OInv.) Γ0, x:Gr0, y1:F1r1, . . . , yn:Fnrn u1 u2 x r0.m(yr1 1 , . . . , ynrn)⇔Cr 0
Moreover we have ¯G <:G and ¯Fi <: Fi and Cr
0
<: ¯Cr¯ and w1 ≥u1
and w2−w1 ≤u2−u1.
By definition of subtyping of sets of monomorphic RAJA types we get that there exists T = s0;~s−−−→n1/n2sn+1 ∈ Inst( ¯G, m) with T <: T0, i.e.
n1≤m1 and n2 ≥m2 and p0 =s0 and pi vsi and sn+1 vpn+1.
Next, we check that the following subtyping judgements and inequal- ities hold:
• G¯r0 <:Gp0 =Gs0 • F¯ri i <:F ri i <:E pi i <:E si i • Hsn+1 <:Hpn+1 <:Cr0 <: ¯C¯r • w1 ≥u1≥m1≥n1 • w2−w1 ≤u2−u1≤m2−m1≤n2−m1≤n2−n1
Then, we can finish by(OInv.):
( ¯Gs0;E~~sn1/n2 −−−→Hsn+1)∈Inst( ¯G , m) G¯r0 <:Gs0 ¯ Fri i <:E si i H sn+1<: ¯C¯r w 1≥n1 w2−w1≤n2−n1 (OInv.) Γ0, x: ¯Gr0, y1: ¯F1r1, . . . , yn: ¯Fnrn w1 w2 x r0.m(yr1 1 , . . . , ynrn)⇔C¯r¯ Case (OCond.) We have
x∈Θ Θ1
u
u0 e◦1⇔Cr Θ2 uu0 e◦2⇔Cr
Θ1∧Θ2
u
u0 if xinstanceof E thene◦1 elsee◦2⇔Cr
andCr<:Ep and |Γ|<:|Θ|and n≥uand n+u0 ≥n0+u. Then by
induction hypothesis and(OCond.) we obtain:
x∈Γ Γ1
n
n0 e◦1⇔Ep Γ2 nn0 e◦2⇔Ep
Γ1∧Γ2
n
n0 if xinstanceof Ethen e◦1 elsee◦2⇔Ep
Case (OLet) Θ1 u u0 e◦1⇔Ds Θ2, x:Ds u0 u00 e◦2⇔Cr Θ1⊕Θ2 u u00 letD xu 0 =e◦1 in e◦2⇔Cr (OLet)
andCr <:Ep and |Γ|<:|Θ|and
n≥u (4.4.13)
n00≤u00+n−u (4.4.14) We wish to apply the induction hypothesis on e1 with n, u0 +n−u
and one2 with u0+n−u and n00. Hence we need to check that the
following inequalities holds:
• n≥u which follows by (4.4.13).
• u0+n−u≤u0+n−u which follows trivially. • u0+n−u≥u0 which follows by (4.4.13).
• n00 ≤u00+u0+n−u−u0 which follows by (4.4.14).
Thus, we can apply the induction hypothesis and(OLet) and obtain:
Γ1 n u0+n−u e◦1⇔Ep Γ2, x:Ds u0+n−u n00 e◦2 ⇔Ep Γ1⊕Γ2 n n00 letD xu0+n−u=e◦1 in e◦2⇔Ep (O Let) 2
Lemma 4.4.7 (Completeness of algorithmic RAJA typing)
Let R = (C,main,M) be a well-typed RAJA program and Inst(C, m) be the set of instances ofM(C, m) for each C∈C and m∈Meth(C).
IfΓ nn0 e:Crthen there exists an annotation foresuch that∆ nn0 e◦⇔Cr
and |Γ|=|∆|and Γ<: ∆.
Proof. By induction on typing derivations.
Case Γ1 n n0 e1:Ds Γ2, x:Ds n0 n00 e2:Cr Γ1,Γ2 n n00 let D x= e1 ine2 :Cr (♦Let)
Let us assume for ease of notation w.l.o.g. Γ1 =y:Cr1 and Γ2 =z:Er2.
Then, by induction hypothesis, we obtain x:Crˆ1 n n0 e ◦ 1⇔Ds (4.4.15) and z:Eˆr2, x:Ds0 n 0 n00 e◦2 ⇔Cr (4.4.16) and ri v rˆi and Ds <: Ds 0
. Then, we apply the Waste Lemma (Lemma 4.4.6) to (4.4.15) and obtain
x:Crˆ1, z:E0E n
n0 e◦1⇔Ds
0
(4.4.17) and we apply Lemma 4.4.6 again to (4.4.16) and obtain
x:C0C, z:Eˆr2, x:Ds0 n 0
n00 e ◦
2⇔Cr (4.4.18)
Next, by applying rule(OLet) to (4.4.17) and (4.4.18) we obtain
x:Crˆ1⊕0C, z:E0E⊕ˆr2 n
n00 let D xn
0
=e◦1 in e◦2⇔Cr which, by Lemma 4.3.1, is equivalent to
x:Crˆ1, z:Eˆr2 n n00 letD xn 0 =e◦1 in e◦2⇔Cr Case x∈Γ Γ nn0 e1 :Cr Γ nn0 e2 :Cr
Γ nn0 if xinstanceof E then e1 else e2 :Cr (♦
Conditional) For ease of notation w.l.o.g. let us assume Γ = x:Ds. By induction hypothesis we get x:Ds1 n
n0 e◦1 ⇔ Cr and x:Ds2 n
n0 e◦2 ⇔ Cr and
Ds<:Dsi. We then apply(OCond.) and obtain
x:Ds1∧s2 n
n0 if xinstanceofE then e◦1 elsee◦2⇔Cr ThenDs <:Ds1∧s2 follows by Lemma 3.2.3.
Case (♦Invocation). We have M(C, m) =φ (Cs0;E~~s n1/n2 −−−→Hsn+1) instanceof φ x:Cs0, y1:Es1 1 , . . . , yn:E sn n nn0 x.m(y1, . . . , yn) :Hsn+1 (♦Invocation)
SinceR+is complete, we know that (Cs0;E~~s n1/n2
−−−→Hsn+1)∈Inst(C, m)
and can apply(OInv.). (Cs0;E~~s n1/n2 −−−→Hsn+1)∈Inst(C, m) x:Cs0, y1:Es1 1 , . . . , yn:E sn n nn12 x s0.m(ys1 1 , . . . , y sn n ) :Hsn+1 (OInv.) Case .(s|s1, . . . , sn) Γ, y1:D s1, . . . , y n:Dsn n n0 e:Cr Γ, x:Ds n n0 e[x/y1, . . . , x/yn] :Cr (♦Share)
By induction hypothesis we get ∆, y1:Dsˆ1, . . . , yn:Dsˆn n
n0 e◦ ⇔ Cr
with Γ<: ∆ andDsi <:Dˆsifori∈ {1, . . . , n}. Then, by Lemma 3.2.24
we obtain.(s|ˆs1, . . . ,sˆn). Then, by the Share Lemma (Lemma 4.4.5)
we obtain ∆, x:Dˆs nn0 e[x/y1, . . . , x/yn]◦ ⇔Cr withsvˆs.
Case
Θ mm0 e:Ds n≥m m0−m≥n0−n Γ<: Θ Ds<:Cr
Γ nn0 e:Cr (♦
W aste)
Let us assume for ease of notation w.l.o.g. Θ =x:Ep and Γ =x:Fq. Thus, we have by assumption Fq <: Ep. By induction hypothesis we get x:Ep0 mm0 e◦ ⇔ Ds with Ep <: Ep
0
. By the Waste Lemma (Lemma 4.4.6) we get an annotation foresuch that x:Fp0: nn0 e◦ ⇔
Cr. Moreover, Fq <: Fp0 follows from q v p0 which follows from Fq <:Ep<:Ep0 with transitivity.
2
Next we show that if R = (C,main,M) is a well-typed RAJA program then we can findV,Inst andAbody such thatR+= (C,main,M,Inst,Abody)
is well-typed.
Lemma 4.4.8 (Completeness of algorithmic RAJA method typing)
Let R = (C,main,M) be a well-typed RAJA program. Further let C ∈ C
and m∈Meth(C) and let Inst(C, m) be the set of instances of M(C, m). If
` m :M(C, m) ok then there exists a map Abody(C, m,·) such that `a m :
Inst(C, m) ok.
Proof. LetT =Cs0;E~~s−−→n/n0Hsn+1 instanceof M(C, m) and
.(s0|q1, q2) and
letMbody(C, m) =e. We have this:Cq1, x
1:E1s1, . . . , xn:Ensn
n+♦(Cq2)
By Lemma 4.4.7 we get an annotation for esuch that