This preview shows page 1. Sign up to view the full content.
Unformatted text preview: 86 Lists
= (reverse (xs++ys))++ x]
de nition
= ((reverse ys)++(reverse xs))++ x] induction
= (reverse ys)++(reverse (x:xs))
de nition
= RHS 2 Note how although we have two lists to deal with, xs and ys, in this example
we only need to use induction on one of them: xs. If you try to prove the
result by induction on ys, you will nd that the proof just does not come out.
To illustrate the advantage of using our stronger properties (Proposition 6.5)
instead of just the de nition, let us prove the intuitively obvious property
that if you reverse a list twice you get the original one back. If you try to
prove this directly from the de nition, you will nd that it is not so easy.
Proposition 6.6 Let xs be a list. Then (reverse (reverse xs)) = xs
Proof We use list induction on xs.
base case: xs = ] reverse (reverse ]) = (reverse ]) = ]
induction step: When the list is not empty,
(reverse (reverse(x:xs)))
= (reverse ((reverse xs) ++ x]))
= (reverse x])++(reverse (reverse xs))
= x]++xs
by induction
= x:xs 2 6.8 Summary
A list is a sequence of values, its elements, all of the same type. Lists
are widely used in functional languages and are provided as a builtin
type in Miranda in order to provide some convenient syntax for their
use, for example, ] (the empty list), 1,3,5,7].
If xs is a list whose elements are of type *, then xs is of type *].
The append operator ++ on lists puts two lists together. For example,
1,2,3,4]++ 5,6,7,8] = 1,2,3,4,5,6,7,8]. It satis es the laws
xs++ ] = ]++xs = xs
unit laws
xs++(ys++zs) = (xs++ys)++zs associativity
As a consequence of associativity, if you append together several lists,
you do not need any parentheses to show in which order the appends
are done.
As long as a list xs is not empty, then its rst element is called its
head, hd xs, and its other elements form its tail, tl xs (another list). If Exercises 87
x is a value (of the right type) and xs a list, then x:xs = x]++xs is a
new list, `cons of x and xs', whose head is x and whose tail is xs.
Some other operators on lists are # (length) and ! (for indexing).
Every list can be expressed in terms of ] and : in exactly one way.
Thus pattern matching can be performed on lists using ] and :. This
makes : particularly useful in implementations, though ++ is usually
more useful in speci cations.
The special form a..b] denotes the list of numbers in increasing order
from a to b inclusive.
A list of characters (also called a string) can alternatively be denoted
by using double quotation marks.
For a recursively de ned list function, the recursion variant is usually
the length of some list.
The principle of list induction says that to prove 8xs : ]: P (xs), it
su ces to prove
base case: P ( ])
induction step: 8x : : 8xs : ]: (P (xs) ! P (x : xs)) This only works for nite lists. 6.9 Exercises
1. How would the evaluator respond to the expressions 1]: ] and ]: ]?
2. How would you use # and ! to nd the last element of a list?
3. Explain whether or not the expression 8,'8'] is wellformed and if not
why not.
4. Describe the di erence between 'k' and "k".
5. De ne a function singleton which given any list returns a Boolean
indicating if the list has just one element or not. Write a function
has2items to test if a list has exactly two items or not. Do not use
guards or the builtin operator #.
6. Consider the following speci cation of the indexing function !:
pre: 0 <= n < #xs
post: (E)us,vs: *]. (#us = n & xs = us++ x]++vs)

where x = xs!n (This is not quite right  the builtin ! has a defensive speci cation.)
Write a recursive de nition of this function, and prove that it satis es
the speci cation.
A straightforward way of writing speci cations for list functions is often
to use the indexing function and discuss the elements of the list. For
instance, you could specify ++ by 88 Lists
pre:
post:


 none
#zs = #xs+#ys
& (A)n:nat. ((0 <= n < #xs > zs!n = xs!n)
& (#xs <= n < #xs+#ys > zs!n = ys!(n#xs)))
where zs = xs++ys Although this is straightforward, it has one disadvantage: when we
appended the lists, we had to reindex their elements and it is not so
terribly obvious that we did the calculations correctly.
For this reason, the speci cations in this book avoid the `indexing'
approach for lists wherever possible, and this exercise shows that even
indexing can be speci ed using ++ and #.
7. Write a de nition of the function count:
count :: * > *] > num
pre: none
post: (count x ys) = number of occurrences of x in ys For example (using strings), count `o' \quick brown fox" = 2.
The speci cation is only informal, but try to show informally that your
de nition satis es it.
8. Consider the function locate of type * > *] > num, locate x
ys being the subscript in ys of the rst occurrence of the element x, or
#ys if x does not occur in ys. (In other words, it is the length of the
largest initial sublist of ys that does not contain an x.) For instance,
locate `w' \the quick brown" = 13 Specify locate with pre and postconditions, write a Miranda de nition
for it, and prove that it satis es its speci cation.
If a character c is in a string s, then you should have s!(locate c s) = c
Check this for some values of s and c.
9. Use box notation to write the proof of Proposition 6.1.
10. Specify and write the following functions for strings.
(a) Use count to write a function table which produces a list of the
the numbers of times each of the letters in the lowercase alphabet
and space appear in a string:
table\a bad dog" = 2 1 0 2 0 0 1 0 0 0 : : : 0 2]
You may nd it useful to de ne a constant containing the characters
that you are counting:
alphabetsp = "abcdefghijklmnopqrstuvwxyz " Exercises 89 In writing this function you may nd it helpful to de ne an
auxiliary function which takes as an additional argument as. With
the auxiliary function you can then step through the letters of the
alphabet counting the number of times each letter appears in the
string passed as an argument to table.
(b) Write a simple enciphering function, cipher that uses locate, ! and
alphabetsp to convert a character to a number, add a number to
it, and convert it back to a character by indexing into alphabetsp.
The type of cipher is then num > char] > char]. It should
carry out this function on every character separately in the string
it is given, to produce the encrypted string as its output.
cipher 2 \quick brown fox"
= \swkembdtqypbhqz"
cipher (;2) \swkembdtqypbhqz " = \quick brown fox"
Use the function table on a string and the same string in enciphered
form. What is the the relation between the two tables?
If you have a table generated from a large sample of typical English
text how might you use this information to decipher an enciphered
string. Can you think of a better enciphering method?
11. Consider the following Miranda de nition:
scrub :: * > *] > *]
scrub x ] = ]
scrub x(y:ys) = scrub x ys,
if x=y
= y:(scrub x ys), otherwise (a) Write informal pre and postconditions for scrub.
(b) Use list induction on ys to prove that for all x and ys,
scrub x(scrub x ys) = scrub x ys (c) Prove that for all x, ys and zs,
scrub x (ys++zs) = (scrub x ys)++(scrub x zs)
Now consider the following more formal speci cation for scrub pre: none
post: ~isin(x,s)

/\ (E)xs: *] ((A)y:* (isin(y,xs) > y=x)

/\ Merge(xs,s,ys))

where s=scrub x ys : 90 Lists 12.
13. 14.
15.
16.
17. 18. (d) Show that the de nition of scrub satis es this.
(e) Show by induction on s that the speci cation speci es the result
uniquely. (In fact, it speci es both ys and xs uniquely.)
(f) Use (e) to show (b) and (c) without induction.
Use the ideas of the preceding exercise to specify count more formally
and prove that your de nition satis es the new speci cation.
Suppose f :: *] > num satis es the following property:
8xs ys : ]: f (xs++ys) = (f xs) + (f ys)
Prove that
8xs : ]: f (reverse xs) = f xs
Rewrite the proof for Proposition 6.5 using box notation.
Use induction on ws to show that if xs is sorted and can be written as
us++ a]++ws++ b]++vs then a b. (The de nition of sortedness is the
special case when ws = ].)
In Proposition 6.2 it is proven that if xs++ys and ys++zs are both sorted,
and ys is nonempty, then xs++ys++zs is sorted. Rewrite this proof in
box notation.
Suppose that you believe simple induction on natural numbers, but not
list induction. Use the box notation to show how, if you have the
ingredients of a proof by list induction of 8xs : ]: P (xs), you can
adapt them to create a proof by simple induction of 8n : nat: Q(n)
where
Q(n) def 8xs : ]: (#xs = n ! P (xs))
=
Show that (assuming, as usual, that all lists are nite) 8xs : ]: P (xs)
and 8n : nat: Q(n) are equivalent.
Give speci cations (preconditions and postconditions) in logic for the
following programs.
(a) ascending :: num] > bool returns true if the list is ascending,
false otherwise.
(b) primes :: num > num] primes n returns a list of the primes
up to n.
(c) unique :: num] > bool returns true if the list has no duplicates,
false otherwise. Chapter 7 Types 7.1 Tuples
Recall three properties of lists of type *] (for some type *):
1. They can be as long as you like.
2. All their elements must be of the same type, *.
3. They can be written using square brackets, ,,...,].
There is another way of treating sequences that relaxes (2) (you can include
elements of di erent types) at the cost of restricting (1) (the length becomes
a xed part of the type). They are written using parentheses and are called
tuples.
The simplest are the 2tuples (length 2), or pairs. For instance, (1,9),
(9,1) and (6,6) are three pairs of numbers. Their type is (num, num), and
their elements are called components. A triple (3tuple) of numbers, such as
(1,2,3), has a di erent type, namely (num, num, num).
Note that each of the types (num,(num, num)), ((num, num), num) and
(num, num, num) is distinct. The rst is a pair whose second component is
also a pair, the second is a pair whose rst component is a pair, and the third
is a triple. There is no concept of a onetuple, so the use of parentheses for
grouping does not con ict with their use in tuple formation. One advantage
of the use of tuples is that if, for example, one accidentally writes a pair
instead of a triple, then the strong typing discipline can pinpoint the error.
We can de ne functions over tuples by using pattern matching. For example,
selector functions on pairs can be de ned by:
fst
snd
fst
snd :: (*, **) > *
:: (*, **) > **
(x,y) = x
(x,y) = y 91 92 Types
Both fst and snd are polymorphic functions they select the rst and
second components of any pair of values. Neither function works on any other
tupletype. Selector functions for other kinds of tuples have to be de ned
separately for each case.
The following is a function which takes and returns a tuple (the quotient
and remainder of one number by another):
quotrem :: (num, num) > (num, num)
quotrem (x,y) = (x div y, x mod y) is de ned to be a function of just one argument (a pair of numbers)
and its de nition is read as: quotrem takes a pair and returns a pair.
Thus using tuples we can construct multiple arguments or results which are
packaged up in the form of a single value. You can also mix the types of
components, for instance the pair (10, True]) has type (num, bool]).
The following is an example using lists. zip takes two lists  which should
be of the same length  and `zips' them together, making a single list of
pairs. For instance,
quotrem zip 1,3,5] 2,4,6] = (It does not matter if * (1,2),(3,4),(5,6)] and ** are two di erent types.) zip :: *] > **] > (*,**)]
pre: #xs = #ys (for zip xs ys)
post: difficult to make logical specification much

different from definition, but see Exercise 2
recursion variant = #xs
zip ] ] = ]
3 different types for ] here
zip (x:xs) (y:ys) = (x,y):(zip xs ys) (Note that the precondition ensures that there is no need to consider cases
where one argument is empty and the other is not.)
To unzip a list, you want in e ect two results  the two unzipped parts.
So the actual (single) result can be these two paired together, for example,
unzip (1,2),(3,4),(5,6)] = ( 1,3,5], 2,4,6]) unzip :: (*,**)] > ( *], **])
pre: none
post: zip xs ys = ps

where (xs, ys) = unzip ps
recursion variant = #ps.
unzip ] = ( ], ])
unzip (x,y):ps = (x:xs,y:ys)
where (xs,ys) = unzip ps More on pattern matching 93 This illustrates in two places how pattern matching can be used to give names
to the components of a pair: rst in (x,y):ps, to name the components
of the head pair in the argument, and second in the where part for the
components of the result of the recursive call. 7.2 More on pattern matching
Patterns in general are built from variables and constants, using constructors.
For example,
x 5 (x,4,y) are a variable, a constant and a triple built from two variables and a constant
using the (,,) constructor for triples. The components of a structured pattern
can themselves be arbitrary patterns, thus allowing nested structures of any
depth. The constructors which can be used in patterns include those of tuple
formation (: : : ,: : : ), list formation : : : ,: : : ], and those of userde ned types
(which we will see later in this chapter). In addition we have also seen the
special facilities for pattern matching on lists and natural numbers. Patterns
are very useful in the lefthand side of function de nitions for two reasons:
1. They provide the righthand side with names for subcomponents of the
arguments.
2. They can serve as guards.
Pattern matching can also be combined with the use of guards:
last (x:xs) = x,
if xs = ]
= last xs,
otherwise
last ]
= error "last of empty" Patterns in the above de nition are disjoint. In Miranda, patterns may
also contain repeated variables. In such cases identical variables implicitly
express the condition that their corresponding matched expressions must also
be identical. For example,
equal :: * > * > bool
equal a a = True
equal a b = False Such patterns match a value only when the parts of the value corresponding
to the occurrences of the same repeated variable are equal.
Finally, patterns can be used in conjunction with local de nitions  where
parts, as in unzip to decompose compound structures or userde ned data
types. In the following example if the value of the righthand side matches
the structure of the given pattern, the variables in the pattern are bound to
the corresponding components of the value. This is useful since it enables the
programmer to decompose structures and name its components: 94 Types : : : where
3,4,x,y] = 3,4,8,9]
(a,b,c,a) = fred
(quot,rem) = quotrem (14,3) For the second de nition to make sense the type of fred must be a 4tuple.
If the match fails anywhere, all the variables on the left will be unde ned and
an error message will result if you try to access those values in any way. 7.3 Currying
Now that you have seen pairs, it might occur to you that there are di erent
ways of supplying the arguments to a multiargument function. One is the
way that you have seen repeatedly already, as in
cylinderV :: num > num > num
cylinderV h r = volume h (areaofcircle r) Another is to pair up the arguments, into a single tuple argument, as in
cylinderV' :: (num, num) > num
cylinderV' (h,r) = volume h (areaofcircle r) You might think that the di erence is trivial, but for Miranda they are quite
di erent functions, with di erent types and di erent notation (the second must
have its parentheses and comma).
To understand the di erence properly, you must realize that the rst type,
num > num > num, is actually shorthand for num > (num > num) cylinderV
is really a function of one argument (h), and the result of applying it,
cylinderV h, is another function, of type num > num. cylinderV h r is
another shorthand, this time for (cylinderV h) r, that is, the result of
applying the function cylinderV h to an argument r.
This simple device for enabling multiargument functions to be de ned
without the use of tuples is called currying (named in honour of the
mathematician Haskell Curry). Therefore, multiargument functions such as
cylinderV are said to be curried functions. cylinderV is the curried version
of cylinderV'. Partial application
One advantage of currying is that it allows a simpler syntax by reducing the
number of parentheses (and commas) needed when de ning multiargument
functions. But the most important advantage of currying is that a curried
function does not have to be applied to all of its arguments at once. Curried Currying 95 functions can be partially applied yielding a function which requires fewer
arguments.
For example, the expression (cylinderV 7) is a perfectly wellformed
expression which is a partial application of the function cylinderV. This
expression is an anonymous function (that is, a function without a name)
which maps a number to another number. Once this expression is applied to
some argument, say r, then a number is returned which is the volume of a
cylinder of height 7 and base radius of r.
Partial application is extremely convenient since it enables the creation of
new functions which are specializations of existing functions. For example, if
we now require a function, volume cylinder100, which computes the volume
of a cylinder of height 100 when given the radius of the base, this function
can be de ned in the usual way:
volume_cylinder100 :: num > num
volume_cylinder100 radius = cylinderV 100 radius However, the same function can be written more concisely as
volume_cylinder100 = cylinderV 100 or indeed we may not even de ne it as a separate function but just use the
expression (cylinderV 100) in its place whenever needed.
Even more importantly, a partial application can also be used as an actual
parameter to another function. This will become clear when we discuss
higherorder functions in Chapter 8. Order of association
For currying to work properly we require function application to `associate to
the left': for example, smaller x y means (smaller x) y not smaller (x y).
Also, in order to reduce the number of parentheses required in type
declarations the function type operator > associates to the right. Thus num
> num > num means num > (num > num) and not (num > num) > num.
You should by now be well used to omitting these parentheses, but as always,
you should put them in any cases where you are in doubt. Partial application of prede ned operators
Any curried function can be partially applied, be it a userde ned function
or a prede ned operator or function. Similarly, primitive in x operators can
also be partially applied. We have seen how parenthesized operators can be
used just like ordinary pre x functions in expressions. This notational device
is extended in Miranda to partial application by allowing an argument to be
also enclosed along with the operator (see Figure 7.1). For example, 96 Types
is the `reciprocal'
'
`halving'
'
`cubing'
'
`successor'
'
`head' (1/)
(/2)
(^3)
(+1)
(!0) ? function
'
'
'
'
? 2 * *2 ?*2 ?*2 Figure 7.1
These forms can be regarded as the analogue of currying for in x operators.
They are a minor syntactic convenience, since all the above functions can be
explicitly de ned. Note that there is one exception which applies to the use of
the minus operator. (x) is always interpreted by the evaluator as being an
application of unary minus operator. Should the programmer want a function
which subtracts x from numbers then a function must be de ned explicitly.
More examples of such partial applications are given in Chapter 8, where
simple higherorder functions are discussed. 7.4 Types
As we have seen from Chapter 4, expressions and their subexpressions all
have types associated with them.
expression of type: num
3*4 operand of type: num operand of type: function of type: num num > (num > num) Figure 7.2
There are basic or primitive types (num, bool and char) whose values are
builtinto the evaluator. There are also compound types whose values are Types 97 constructed from those of other types. For example,
tuples of types,
function types (that is, from one given type to another),
lists of a given type.
Each type has associated with it certain operations which are not meaningful
for other types. For example, one cannot sensibly add a number to a list or
concatenate two functions. Strong typing
Functional languages are strongly typed, that is, every wellformed expression
can be assigned a type that can be deduced from its subexpressions alone.
Thus any expression which cannot be assigned a sensible type (that is, is not
wellformed) has no value and is regarded as illegal and is rejected by Miranda
before evaluation. Strong typing does not require the explicit type declaration
of functions. The types can be inferred automatically by the evaluator.
There are two stages of analysis when a program is submitted for evaluation:
rst the syntax analysis picks up `grammatical' errors such as 1,)2((]
and if there are no syntax errors then the type analysis checks that the
expressions have sensible types, picking up errors such as 9 ++ True. Before
evaluation, the program or expression must pass both stages. A large number
of programming errors are due to functions being applied to arguments of
the wrong type. Thus one advantage of strong typing is that type errors
can be trapped by the type checker prior to program execution. Strong
typing also helps in the design of clear and wellstructured programs. There
are also advantages with respect to the e ciency of the implementation of
the language. For example, because all expressions are strongly typed, the
operator + knows at runtime that both its arguments are numeric it need
not perform any runtime checks. Type polymorphism
As we have already seen with a number of list functions, some functions have
very general argument or result types. For example,
id x=x The function id maps every member of the source type to itself. Its type is
therefore * > * for some suitable type *. But * suits every type since the
de nition does not require any particular properties from the elements of *.
Such general types are said to be generic or polymorphic (manyformed) types 98 Types
and can be represented by type variables. In Miranda there is an alphabet of
type variables, written *, **, ***, etc., each of which stands for an arbitrary
type. Therefore, id can be declared as follows:
id :: * > * Like other kinds of variables, a type variable can be instantiated to di erent
types in di erent circumstances. The expression (id 8) is wellformed and has
type num because num can be substituted for * in the type of id. Similarly,
(id double) is wellformed and has type num > num. Similarly, (id id) is
wellformed and has type * > * because the type (* > *) can be substituted
for *. Thus, again like other kinds of variables, typevariables are instantiated
consistently throughout a single function application. The following are some
more examples:
sillysix :: * > num
sillysix x = 6
second :: * > ** > **
second x y = y Notice that in a type expression all occurrences of the same type variable
(for example, **) refer to the same unknown type at every occurrence. Example  comparison operators
The comparison operators =, <, <=, and so on, are all polymorphic: the two
values being compared must be of the same type, but it does not matter
what that type is. Each operator has type * > * > bool.
Having said that, not all choices of * are equally sensible. id :: * > * is
polymorphic because it genuinely does not care what type its argument is 
the algorithm is always the same. The comparisons, on the other hand, have
to use di erent algorithms for di erent types (such polymorphism is often
called ad hoc). The following are the ad hoc methods used.
On num, the comparisons are numeric in the standard way.
On bool, False < True.
On char, the comparisons are determined by the ASCII codes for
characters. For instance, 'a' < 'p' because 'a' comes before 'p' in the
ASCII table.
On list types *], comparisons use the lexicographic, or `alphabetical'
ordering. It does not work only with lists of type char]. For instance,
with lists of numbers the same idea tells you that
1] < 1 0] < 1 5] < 3] < 3 0]
On tuple types, comparisons are similar. For instance, for pairs,
(a b) < (c d) i (a < c) _ ((a = c) ^ (b < d)) Types 99 On function types, no comparisons are possible. (Consider, for example,
the problems of computing f = g, that is, 8x: f x = g x:) Example  the empty list
As we have seen before, the empty list ] has type *]. Being used in a
particular expression may force ] to have more re ned (speci c) type. For
instance, in ], 1]], ] must have type num] to match that of 1]. Type synonyms
Although it is a good idea to declare the type of all functions that we de ne,
it is sometimes inconvenient, or at least uninformative, to spell out the types
in terms of basic types. For such cases type synonyms can be used to give
more meaningful names. For example,
name
parents
age
weight
date ==
char]
== (name, name)
== num
== num
== (num, char], num) A type synonym declaration does not introduce a new type, it simply attaches
a name to a type expression. You can then use the synonym in place of the
type expression wherever you want to. The special symbol == is used in the
declaration of type synonyms this avoids confusion with a value de nition.
Type synonyms can make type declaration of functions shorter and can help
in understanding what the function does. For example,
databaseLookup :: name > database > parents Type synonyms can not be recursive. Every synonym must be expressible in
terms of existing types. In fact should the program contain type errors the
type error messages will be expressed in terms of the names of the existing
types and not the type synonyms.
Type synonyms can also be generic in that they can be parameterized by
type variables. For example, consider the following type synonym declaration:
binop * == * > * > *
binop num Thus can be used as shorthand for num > num > num, for example, smaller, cylinderV :: binop num 100 Types 7.5 Enumerated types
We can de ne some simple types by explicit enumeration of their values (that
is, explicitly naming every value). For example,
day
direction
switch
bool ::=
::=
::=
::= Mon  Tue  Wed  Thu  Fri  Sat  Sun
North  South  East  West
On  Off
False  True
predefined Note that the names of these values all begin with upper case letters. This is
a rule of Miranda. Values of enumerated type are ordered by the position in
which they appear in the enumeration, for instance :::
These are easily used with pattern matching. For instance, suppose a point
on the plane is given by two Cartesian coordinates
Mon < Tue < point == (num, num) A function to move a point in some direction can be de ned by
move
move
move
move
move :: direction >
North d (x,y) =
South d (x,y) =
East d (x,y) =
West d (x,y) = num > point > point
(x,y+d)
(x,yd)
(x+d,y)
(xd,y) It is possible to code these values as numbers, and indeed in some
programming languages that is the only option. However, this is prone to
error, as the coding is completely arti cial  there is no natural way of
associating numerical values with (for example) days of the week, so you are
at risk of forgetting whether day 1 was supposed to be Sunday or Monday. A
single lapse will introduce errors into your program. With enumerated types
you do not have to remember such coding details, and, also, the strong typing
guards against meaningless errors such as trying to add together two days of
the week. 7.6 Userde ned constructors
Recall the idea of constructors  `packaging together several values in a
distinctive wrapper'. The main examples that you have seen so far have been
cons and tupling, but there are ways of de ning your own. Userde ned constructors 101 You have just seen the simplest examples! Each value (for example, Mon,
Tue, Wed, etc.) in an enumerated type is a trivial, `nullary' constructor that
is nothing but the distinctive wrapper  no values packaged inside. (You
may remember that the empty list could be considered like this.) It is also
easy to de ne nontrivial constructors.
For example, we can de ne a new datatype distance to express the fact
that distances may be measured by di erent units. The subsequent de nition
of addDistances is designed to eliminate the possibility of a programmer
attempting to mix operations on distances of di erent kinds. Note again that
constructor names in Miranda must start with upper case letters:
distance ::=
addDistances
addDistances
addDistances
addDistances
addDistances Mile num  Km num  NautMile num :: distance > distance > distance
(Mile x) (Mile y) = Mile (x+y)
(Km x) (Km y) = Km (x+y)
(NautMile x) (NautMile y) = NautMile (x+y)
x y = error "different units of measurement!" In this way it is guaranteed that adding distances of di erent measurement
units (or attempting to multiply, divide or subtract two distances) is not
performed accidentally. This is because the prede ned arithmetic operators
will not operate on any datatype other than num. Therefore, programmers
are forced to think carefully about their intentions and are helped to avoid
mistakes by the type checker. This style of programming is clearly much
better than simply using nums to represent all three kinds of distance. The
constructor functions (Mile, Km and NautMile) are essential in the datatype
de nitions, for otherwise there will be no way of, say, determining whether 6
has type num or distance.
Notice that the type bool need not be considered as primitive. It can be
de ned by two nullary constructors True and False (both of type bool).
Similarly, one may argue that type char can also be de ned using nullary
constructors Ascii0: : : Ascii127. But characters, like numbers and lists, are
more of a special case as they require a di erent, nonstandard naming and
printing convention.
Another example is that of union types. Suppose, for instance, you have
mixed data, some numeric and some textual. You can use constructors to say
what sort each item of data is, by
data ::= Numeric num  Text char] The following is an example with 2argument constructors, representing a
complex number by either Cartesian or polar coordinates: 102 Types
complex ::= Cart num num  Polar num num
multiply :: complex > complex > complex
multiply (Cart u v) (Cart x y) = Cart (u*x  v*y) (u*y + v*x)
multiply (Polar r theta) (Polar s psi) = Polar (r*s) (theta+psi)
 and two more cases for mixed coordinates Finally, it is also possible to have polymorphic constructors. A standard
example is pairing. Of course, this is already built into Miranda with its own
special notation (,), but just to illustrate the technique we can de ne it in
a doityourself way: diypair * ** ::= Pair * **
Pair 10 True]
diypair num bool] For instance,
(our doityourself version of (10, True])) has
type
. A new type can have one or more constructors.
Each constructor may have zero or more elds/arguments of any type at
all (including the type of the object returned by the constructor). The
constructor itself also has a type, usually a function type. So Pair has type
* > ** > (diypair * **).
The number of elds taken by a constructor is called its arity, hence a
constructor of arity zero is called a nullary constructor. Constructors (like
other values) can appear in lists, tuples and de nitions. Just as with ordinary
functions, constructor names must also be unique. Unlike ordinary functions,
constructor names must begin with a capital letter. Constructors are notionally
`applied' just like ordinary functions. However, two key properties distinguish
constructors from other functions:
1. They have no rules (that is, de nitions) and their application cannot be
further reduced.
2. Unlike ordinary functions they can appear as patterns on the lefthand
side of de nitions.
It is always possible to de ne `selector' functions for picking the components
of such data types, but in practice, like fst and snd for pairs, this is not
necessary. Pattern matching can be used instead. 7.7 Recursively de ned types
The greatest power comes from the ability to use recursion in a type de nition.
To illustrate the principle let us de ne doityourself lists. These really are
lists implemented in the same way as Miranda itself uses, but without the
notational convenience of : and the square brackets. Instead, there are explicit
constructors Emptylist and Cons, and for our doityourself version of *] we
write
diylist * ::= Emptylist  Cons * (diylist *)
diylist * The `recursive call' here (of ) is really no more of a problem than Recursively de ned types 103 it would be in a function de nition, as you should understand from your
experience with lists.
The following is another doityourself type, this time without polymorphism.
It is for natural numbers:
diynat ::= Zero  Suc diynat The idea is that every natural number is either (and in a unique way) Zero or
`the successor of' (one plus) another natural number, and can be represented
uniquely as Zero with some number of Sucs applied to it. For instance, 5 is
represented as
Suc (Suc (Suc (Suc (Suc Zero)))) It is no accident that the two examples given here are exactly the types for
which you have seen induction principles: the induction is closely bound up
with the recursion in the de nition, and generalizes to other datatypes. We
will explore this more carefully after looking at a datatype that does not just
replicate standard Miranda. Trees
a data item here
nothing!
two more trees here Figure 7.3
By `tree' here, we mean some branching framework within which data can be
stored. In its greatest generality, each node (branching point) can hold some
data and have branches hanging o it (computer trees grow down!) and each
branch will lead down to another node. Also, branches do not rejoin lower
down  you never get a node that is at the bottom of two di erent branches.
To refer to the tree as a whole you just refer to its top node, because all the
rest can be accessed by following the branches down.
We are going to look at a particularly simple kind in which there are only
two kinds of nodes:
a `tree' node has an item of data and two branches.
a `leaf' node has no data and no branches.
These will correspond to two constructors: the rst, Node, packages together
data and two trees and the second, Emptytree, packages together nothing: 104 Types
tree * ::= Emptytree  Node (tree *) * (tree *)
* where is the type of the data items.
2 4 Node Emptytree 2 (Node Emptytree 4 Emptytree) Figure 7.4
As an example (see Figure 7.4), let us look at ordered trees. Orderedness
is de ned as follows. First, Emptytree is ordered. Second, Node t1 x t2 is
ordered i t1 and t2 are both ordered
the node values in t1 are all x (let us say `x is an upper bound for
t1')
the node values in t2 are all x (`x is a lower bound for t2').
Ordered trees are very useful as storage structures, storing data items (of type
*) as the `x' components of Nodes. This is because to check whether y is
stored in Node t1 x t2, you do not have to search the whole tree. If y = x
then you have already found it if y < x you only need to check t1 and if
y > x you check t2.
Hence lookup is very quick, but there is a price: when you insert a new
value, you must ensure that the updated tree is still ordered. The following is
a function to do this. Notice that we have fallen far short of a formal logical
account there is a lot of English. But we have at least given a reasoned
account of what we are trying to do and how we are doing it, so it can be
considered fairly rigorous: Recursively de ned types 105
insertT
pre:
post:
 :: * > (tree *) > (tree *)
t is ordered
insertT n t is ordered, and its node
values are those of t together with n. insertT n Emptytree = Node Emptytree n Emptytree
insertT n (Node t1 x t2)
= Node (insertT n t1) x t2,
if n <= x
= Node t1 x (insertT n t2),
otherwise Proposition 7.1 The de nition of insertT satis es its speci cation.
Proof If t is ordered, we must show that insertT n t then terminates giving a result that satis es the postcondition. We shall use the usual `circular
reasoning' technique, but note that it remains to be justi ed because we have
not given a recursion variant. We shall discuss this afterwards.
If t = Emptytree (which is ordered), then insertT n Emptytree terminates
immediately, giving result Node Emptytree n Emptytree. This is ordered, and
its node values are those of Emptytree (none) together with n, as required.
Now suppose that t = Node t1 x t2, and assume that the recursive calls
work correctly. Since t is ordered, so, too, are t1 and t2, so the preconditions
for the recursive calls hold. There are two cases, as follows:
Case 1 , n x: insertT n t terminates, giving result r (say)
= Node (insertT n t1) x t2. From the recursive postcondition,
insertT n t1 is ordered, and its node values are those of t1 together
with n. Hence the node values of r are those of t1 n x and those of t2:
that is, those of t together with n, as required.
Also, r is ordered, for the following reasons. insertT n t1 and t2 are
both ordered, and x is a lower bound for t2 because t is ordered.
x is also an upper bound for insertT n t1 because the node values
are those of t1 (for which x is an upper bound because t is ordered)
together with n (and x n because we are looking at that case).
Case 2 , n > x, is similar.
2
As promised, we must justify the circular reasoning, and the obvious way is
to nd a recursion variant. We will show how to do this, but let us stress
right away that the technique that we are actually going to recommend is
slightly di erent, and that the calculation of a recursion variant is just to give
you a feel for how it works.
The recursion variant technique is really a partial substitute for induction.
It is not always applicable, but when it is applicable it is very convenient and
smooth and the idea is to make it as streamlined as possible. What we shall
see in a while is that you should try to think of the tree itself as a kind of
recursion variant, `decreasing' in the recursive calls from Node t1 x t2 to either ...
View
Full
Document
This document was uploaded on 08/10/2011.
 Spring '11

Click to edit the document details