{"id":22574491,"url":"https://github.com/brucezoom/plproject-asymptoticcomplexity","last_synced_at":"2025-07-18T13:36:57.836Z","repository":{"id":71882066,"uuid":"187017594","full_name":"BruceZoom/PLProject-AsymptoticComplexity","owner":"BruceZoom","description":"The project for CS263 Programming Language course (http://jhc.sjtu.edu.cn/public/courses/CS263/).","archived":false,"fork":false,"pushed_at":"2019-06-26T12:10:19.000Z","size":787,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-02-02T15:33:38.904Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Coq","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/BruceZoom.png","metadata":{"files":{"readme":"README.html","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-05-16T11:51:14.000Z","updated_at":"2020-04-09T02:38:03.000Z","dependencies_parsed_at":null,"dependency_job_id":"73196345-2806-4a0f-8a2e-e0883d34b8de","html_url":"https://github.com/BruceZoom/PLProject-AsymptoticComplexity","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BruceZoom%2FPLProject-AsymptoticComplexity","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BruceZoom%2FPLProject-AsymptoticComplexity/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BruceZoom%2FPLProject-AsymptoticComplexity/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BruceZoom%2FPLProject-AsymptoticComplexity/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/BruceZoom","download_url":"https://codeload.github.com/BruceZoom/PLProject-AsymptoticComplexity/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246050885,"owners_count":20715738,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-08T03:06:24.429Z","updated_at":"2025-03-28T15:24:28.499Z","avatar_url":"https://github.com/BruceZoom.png","language":"Coq","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003c!DOCTYPE html\u003e\n\u003chtml\u003e\n\u003chead\u003e\n\u003ctitle\u003eREADME.md\u003c/title\u003e\n\u003cmeta http-equiv=\"Content-type\" content=\"text/html;charset=UTF-8\"\u003e\n\n\u003cstyle\u003e\n/*---------------------------------------------------------------------------------------------\n *  Copyright (c) Microsoft Corporation. All rights reserved.\n *  Licensed under the MIT License. See License.txt in the project root for license information.\n *--------------------------------------------------------------------------------------------*/\n\nbody {\n\tfont-family: \"Segoe WPC\", \"Segoe UI\", \"SFUIText-Light\", \"HelveticaNeue-Light\", sans-serif, \"Droid Sans Fallback\";\n\tfont-size: 14px;\n\tpadding: 0 12px;\n\tline-height: 22px;\n\tword-wrap: break-word;\n}\n\n#code-csp-warning {\n\tposition: fixed;\n\ttop: 0;\n\tright: 0;\n\tcolor: white;\n\tmargin: 16px;\n\ttext-align: center;\n\tfont-size: 12px;\n\tfont-family: sans-serif;\n\tbackground-color:#444444;\n\tcursor: pointer;\n\tpadding: 6px;\n\tbox-shadow: 1px 1px 1px rgba(0,0,0,.25);\n}\n\n#code-csp-warning:hover {\n\ttext-decoration: none;\n\tbackground-color:#007acc;\n\tbox-shadow: 2px 2px 2px rgba(0,0,0,.25);\n}\n\n\nbody.scrollBeyondLastLine {\n\tmargin-bottom: calc(100vh - 22px);\n}\n\nbody.showEditorSelection .code-line {\n\tposition: relative;\n}\n\nbody.showEditorSelection .code-active-line:before,\nbody.showEditorSelection .code-line:hover:before {\n\tcontent: \"\";\n\tdisplay: block;\n\tposition: absolute;\n\ttop: 0;\n\tleft: -12px;\n\theight: 100%;\n}\n\nbody.showEditorSelection li.code-active-line:before,\nbody.showEditorSelection li.code-line:hover:before {\n\tleft: -30px;\n}\n\n.vscode-light.showEditorSelection .code-active-line:before {\n\tborder-left: 3px solid rgba(0, 0, 0, 0.15);\n}\n\n.vscode-light.showEditorSelection .code-line:hover:before {\n\tborder-left: 3px solid rgba(0, 0, 0, 0.40);\n}\n\n.vscode-dark.showEditorSelection .code-active-line:before {\n\tborder-left: 3px solid rgba(255, 255, 255, 0.4);\n}\n\n.vscode-dark.showEditorSelection .code-line:hover:before {\n\tborder-left: 3px solid rgba(255, 255, 255, 0.60);\n}\n\n.vscode-high-contrast.showEditorSelection .code-active-line:before {\n\tborder-left: 3px solid rgba(255, 160, 0, 0.7);\n}\n\n.vscode-high-contrast.showEditorSelection .code-line:hover:before {\n\tborder-left: 3px solid rgba(255, 160, 0, 1);\n}\n\nimg {\n\tmax-width: 100%;\n\tmax-height: 100%;\n}\n\na {\n\tcolor: #4080D0;\n\ttext-decoration: none;\n}\n\na:focus,\ninput:focus,\nselect:focus,\ntextarea:focus {\n\toutline: 1px solid -webkit-focus-ring-color;\n\toutline-offset: -1px;\n}\n\nhr {\n\tborder: 0;\n\theight: 2px;\n\tborder-bottom: 2px solid;\n}\n\nh1 {\n\tpadding-bottom: 0.3em;\n\tline-height: 1.2;\n\tborder-bottom-width: 1px;\n\tborder-bottom-style: solid;\n}\n\nh1, h2, h3 {\n\tfont-weight: normal;\n}\n\nh1 code,\nh2 code,\nh3 code,\nh4 code,\nh5 code,\nh6 code {\n\tfont-size: inherit;\n\tline-height: auto;\n}\n\na:hover {\n\tcolor: #4080D0;\n\ttext-decoration: underline;\n}\n\ntable {\n\tborder-collapse: collapse;\n}\n\ntable \u003e thead \u003e tr \u003e th {\n\ttext-align: left;\n\tborder-bottom: 1px solid;\n}\n\ntable \u003e thead \u003e tr \u003e th,\ntable \u003e thead \u003e tr \u003e td,\ntable \u003e tbody \u003e tr \u003e th,\ntable \u003e tbody \u003e tr \u003e td {\n\tpadding: 5px 10px;\n}\n\ntable \u003e tbody \u003e tr + tr \u003e td {\n\tborder-top: 1px solid;\n}\n\nblockquote {\n\tmargin: 0 7px 0 5px;\n\tpadding: 0 16px 0 10px;\n\tborder-left: 5px solid;\n}\n\ncode {\n\tfont-family: Menlo, Monaco, Consolas, \"Droid Sans Mono\", \"Courier New\", monospace, \"Droid Sans Fallback\";\n\tfont-size: 14px;\n\tline-height: 19px;\n}\n\nbody.wordWrap pre {\n\twhite-space: pre-wrap;\n}\n\n.mac code {\n\tfont-size: 12px;\n\tline-height: 18px;\n}\n\npre:not(.hljs),\npre.hljs code \u003e div {\n\tpadding: 16px;\n\tborder-radius: 3px;\n\toverflow: auto;\n}\n\n/** Theming */\n\n.vscode-light,\n.vscode-light pre code {\n\tcolor: rgb(30, 30, 30);\n}\n\n.vscode-dark,\n.vscode-dark pre code {\n\tcolor: #DDD;\n}\n\n.vscode-high-contrast,\n.vscode-high-contrast pre code {\n\tcolor: white;\n}\n\n.vscode-light code {\n\tcolor: #A31515;\n}\n\n.vscode-dark code {\n\tcolor: #D7BA7D;\n}\n\n.vscode-light pre:not(.hljs),\n.vscode-light code \u003e div {\n\tbackground-color: rgba(220, 220, 220, 0.4);\n}\n\n.vscode-dark pre:not(.hljs),\n.vscode-dark code \u003e div {\n\tbackground-color: rgba(10, 10, 10, 0.4);\n}\n\n.vscode-high-contrast pre:not(.hljs),\n.vscode-high-contrast code \u003e div {\n\tbackground-color: rgb(0, 0, 0);\n}\n\n.vscode-high-contrast h1 {\n\tborder-color: rgb(0, 0, 0);\n}\n\n.vscode-light table \u003e thead \u003e tr \u003e th {\n\tborder-color: rgba(0, 0, 0, 0.69);\n}\n\n.vscode-dark table \u003e thead \u003e tr \u003e th {\n\tborder-color: rgba(255, 255, 255, 0.69);\n}\n\n.vscode-light h1,\n.vscode-light hr,\n.vscode-light table \u003e tbody \u003e tr + tr \u003e td {\n\tborder-color: rgba(0, 0, 0, 0.18);\n}\n\n.vscode-dark h1,\n.vscode-dark hr,\n.vscode-dark table \u003e tbody \u003e tr + tr \u003e td {\n\tborder-color: rgba(255, 255, 255, 0.18);\n}\n\n.vscode-light blockquote,\n.vscode-dark blockquote {\n\tbackground: rgba(127, 127, 127, 0.1);\n\tborder-color: rgba(0, 122, 204, 0.5);\n}\n\n.vscode-high-contrast blockquote {\n\tbackground: transparent;\n\tborder-color: #fff;\n}\n\u003c/style\u003e\n\n\u003cstyle\u003e\n/* Tomorrow Theme */\n/* http://jmblog.github.com/color-themes-for-google-code-highlightjs */\n/* Original theme - https://github.com/chriskempson/tomorrow-theme */\n\n/* Tomorrow Comment */\n.hljs-comment,\n.hljs-quote {\n\tcolor: #8e908c;\n}\n\n/* Tomorrow Red */\n.hljs-variable,\n.hljs-template-variable,\n.hljs-tag,\n.hljs-name,\n.hljs-selector-id,\n.hljs-selector-class,\n.hljs-regexp,\n.hljs-deletion {\n\tcolor: #c82829;\n}\n\n/* Tomorrow Orange */\n.hljs-number,\n.hljs-built_in,\n.hljs-builtin-name,\n.hljs-literal,\n.hljs-type,\n.hljs-params,\n.hljs-meta,\n.hljs-link {\n\tcolor: #f5871f;\n}\n\n/* Tomorrow Yellow */\n.hljs-attribute {\n\tcolor: #eab700;\n}\n\n/* Tomorrow Green */\n.hljs-string,\n.hljs-symbol,\n.hljs-bullet,\n.hljs-addition {\n\tcolor: #718c00;\n}\n\n/* Tomorrow Blue */\n.hljs-title,\n.hljs-section {\n\tcolor: #4271ae;\n}\n\n/* Tomorrow Purple */\n.hljs-keyword,\n.hljs-selector-tag {\n\tcolor: #8959a8;\n}\n\n.hljs {\n\tdisplay: block;\n\toverflow-x: auto;\n\tcolor: #4d4d4c;\n\tpadding: 0.5em;\n}\n\n.hljs-emphasis {\n\tfont-style: italic;\n}\n\n.hljs-strong {\n\tfont-weight: bold;\n}\n\u003c/style\u003e\n\n\u003cstyle\u003e\n/*\n * Markdown PDF CSS\n */\n\n body {\n\tfont-family:  \"Meiryo\", \"Segoe WPC\", \"Segoe UI\", \"SFUIText-Light\", \"HelveticaNeue-Light\", sans-serif, \"Droid Sans Fallback\";\n}\n\npre {\n\tbackground-color: #f8f8f8;\n\tborder: 1px solid #cccccc;\n\tborder-radius: 3px;\n\toverflow-x: auto;\n\twhite-space: pre-wrap;\n\toverflow-wrap: break-word;\n}\n\npre:not(.hljs) {\n\tpadding: 23px;\n\tline-height: 19px;\n}\n\nblockquote {\n\tbackground: rgba(127, 127, 127, 0.1);\n\tborder-color: rgba(0, 122, 204, 0.5);\n}\n\n.emoji {\n\theight: 1.4em;\n}\n\n/* for inline code */\n:not(pre):not(.hljs) \u003e code {\n\tcolor: #C9AE75; /* Change the old color so it seems less like an error */\n\tfont-size: inherit;\n}\n\n/* Page Break : use \u003cdiv class=\"page\"/\u003e to insert page break\n-------------------------------------------------------- */\n.page {\n\tpage-break-after: always;\n}\n\n\u003c/style\u003e\n\n\u003c/head\u003e\n\u003cbody\u003e\n\u003ch1 id=\"pl-project-asymptotic-complexity\"\u003ePL-Project: Asymptotic Complexity\u003c/h1\u003e\n\u003cp\u003eThe project for programming language course. The main goal of the project is to introduce the concept of asymptotic complexity into the proof system defined by Hoare Logic and based on Denotational Semantics.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003e\u003cstrong\u003eFirst three sections are almost the same as the ones in proposal and mid-term check, you may skip to the last section to see proof outlines.\u003c/strong\u003e\u003c/em\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eWe failed to update lines for each definition and theorems and to include some new definitions and theorems here, due to limited time. We are very sorry for that.\u003c/em\u003e\u003c/p\u003e\n\u003ch2 id=\"project-goals\"\u003e\u003cstrong\u003eProject Goals\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cinput type=\"checkbox\" id=\"checkbox0\" checked=\"true\"\u003e\u003clabel for=\"checkbox0\"\u003eDefine \u003c/label\u003e\u003cstrong\u003epolynomial\u003c/strong\u003e to support operations and simplifications in asymptotic bounds.\u003c/li\u003e\n\u003cli\u003e\u003cinput type=\"checkbox\" id=\"checkbox1\" checked=\"true\"\u003e\u003clabel for=\"checkbox1\"\u003eDefine various \u003c/label\u003e\u003cstrong\u003easymptotic bounds\u003c/strong\u003e and \u003cstrong\u003easymptotic notations\u003c/strong\u003e in coq.\u003c/li\u003e\n\u003cli\u003e\u003cinput type=\"checkbox\" id=\"checkbox2\" checked=\"true\"\u003e\u003clabel for=\"checkbox2\"\u003eUpdate \u003c/label\u003e\u003cstrong\u003edenotational semantics\u003c/strong\u003e to include time step (done in class) and to fit our project.\u003c/li\u003e\n\u003cli\u003eAdapt Hoare logic to include \u003cstrong\u003ethe proof system for asymptotic complexity\u003c/strong\u003e.\n\u003cul\u003e\n\u003cli\u003e\u003cinput type=\"checkbox\" id=\"checkbox3\" checked=\"true\"\u003e\u003clabel for=\"checkbox3\"\u003eHoare Skip\u003c/label\u003e\u003c/li\u003e\n\u003cli\u003e\u003cinput type=\"checkbox\" id=\"checkbox4\" checked=\"true\"\u003e\u003clabel for=\"checkbox4\"\u003eHoare Assignment\u003c/label\u003e\u003c/li\u003e\n\u003cli\u003e\u003cinput type=\"checkbox\" id=\"checkbox5\" checked=\"true\"\u003e\u003clabel for=\"checkbox5\"\u003eHoare Sequence BigTheta\u003c/label\u003e\u003c/li\u003e\n\u003cli\u003e\u003cinput type=\"checkbox\" id=\"checkbox6\"\u003e\u003clabel for=\"checkbox6\"\u003eHoare Sequence BigO\u003c/label\u003e\u003c/li\u003e\n\u003cli\u003e\u003cinput type=\"checkbox\" id=\"checkbox7\"\u003e\u003clabel for=\"checkbox7\"\u003eHoare Sequence BigOmega\u003c/label\u003e\u003c/li\u003e\n\u003cli\u003e\u003cinput type=\"checkbox\" id=\"checkbox8\" checked=\"true\"\u003e\u003clabel for=\"checkbox8\"\u003eHoare If Same\u003c/label\u003e\u003c/li\u003e\n\u003cli\u003e\u003cinput type=\"checkbox\" id=\"checkbox9\" checked=\"true\"\u003e\u003clabel for=\"checkbox9\"\u003eHoare Loosen (New Rule)\u003c/label\u003e\u003c/li\u003e\n\u003cli\u003e\u003cinput type=\"checkbox\" id=\"checkbox10\" checked=\"true\"\u003e\u003clabel for=\"checkbox10\"\u003eHoare While Linear\u003c/label\u003e\u003c/li\u003e\n\u003cli\u003e\u003cinput type=\"checkbox\" id=\"checkbox11\"\u003e\u003clabel for=\"checkbox11\"\u003eHoare While General\u003c/label\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eProve \u003cstrong\u003ethe soundness of Hoare logic\u003c/strong\u003e, both the basic Hoare logic and the proof system for asymptotic complexity.\n\u003cul\u003e\n\u003cli\u003e\u003cinput type=\"checkbox\" id=\"checkbox12\" checked=\"true\"\u003e\u003clabel for=\"checkbox12\"\u003eHoare Skip\u003c/label\u003e\u003c/li\u003e\n\u003cli\u003e\u003cinput type=\"checkbox\" id=\"checkbox13\" checked=\"true\"\u003e\u003clabel for=\"checkbox13\"\u003eHoare Assignment\u003c/label\u003e\u003c/li\u003e\n\u003cli\u003e\u003cinput type=\"checkbox\" id=\"checkbox14\" checked=\"true\"\u003e\u003clabel for=\"checkbox14\"\u003eHoare Sequence BigTheta\u003c/label\u003e\u003c/li\u003e\n\u003cli\u003e\u003cinput type=\"checkbox\" id=\"checkbox15\"\u003e\u003clabel for=\"checkbox15\"\u003eHoare Sequence BigO\u003c/label\u003e\u003c/li\u003e\n\u003cli\u003e\u003cinput type=\"checkbox\" id=\"checkbox16\"\u003e\u003clabel for=\"checkbox16\"\u003eHoare Sequence BigOmega\u003c/label\u003e\u003c/li\u003e\n\u003cli\u003e\u003cinput type=\"checkbox\" id=\"checkbox17\" checked=\"true\"\u003e\u003clabel for=\"checkbox17\"\u003eHoare If Same\u003c/label\u003e\u003c/li\u003e\n\u003cli\u003e\u003cinput type=\"checkbox\" id=\"checkbox18\" checked=\"true\"\u003e\u003clabel for=\"checkbox18\"\u003eHoare Loosen (New Rule)\u003c/label\u003e\u003c/li\u003e\n\u003cli\u003e\u003cinput type=\"checkbox\" id=\"checkbox19\" checked=\"true\"\u003e\u003clabel for=\"checkbox19\"\u003eHoare While Linear\u003c/label\u003e\u003c/li\u003e\n\u003cli\u003e\u003cinput type=\"checkbox\" id=\"checkbox20\"\u003e\u003clabel for=\"checkbox20\"\u003eHoare While General\u003c/label\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eProve \u003cstrong\u003ethe correctness and asymptotic complexity for some simple algorithms\u003c/strong\u003e encountered in class using what we will build.\n\u003cul\u003e\n\u003cli\u003e\u003cinput type=\"checkbox\" id=\"checkbox21\" checked=\"true\"\u003e\u003clabel for=\"checkbox21\"\u003eSimple While\u003c/label\u003e\u003c/li\u003e\n\u003cli\u003e\u003cinput type=\"checkbox\" id=\"checkbox22\" checked=\"true\"\u003e\u003clabel for=\"checkbox22\"\u003eSlow Addition\u003c/label\u003e\u003c/li\u003e\n\u003cli\u003e\u003cinput type=\"checkbox\" id=\"checkbox23\"\u003e\u003clabel for=\"checkbox23\"\u003eMin While\u003c/label\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2 id=\"constraints\"\u003e\u003cstrong\u003eConstraints\u003c/strong\u003e\u003c/h2\u003e\n\u003cp\u003eThere are several constraints that might limit what we can do or simplify what we want to do.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eWe do not consider programs with \u003cstrong\u003econtrol statements\u003c/strong\u003e, i.e. \u003cem\u003ebreak\u003c/em\u003e and \u003cem\u003econtinue\u003c/em\u003e. Moreover, we do not wish to alter the potential path of program execution in similar ways, which makes the execution time almost independent with the \u003cstrong\u003edistribution of input data\u003c/strong\u003e. This cause us unable to verify the asymptotic complexity of algorithms like Quick Sort, but will simplify our definition of what is Asymptotic Complexity.\u003c/li\u003e\n\u003cli\u003eWe will use the \u003cstrong\u003ethe toy language developed in class\u003c/strong\u003e or the adapted version of it, which only contains very fundamental operations and statements. This will limit the scope of programs and algorithms we can take into consideration.\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr\u003e\n\u003ch2 id=\"project-overview\"\u003e\u003cstrong\u003eProject Overview\u003c/strong\u003e\u003c/h2\u003e\n\u003cp\u003eOur project has following files:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eImp8.v\u003c/strong\u003e: basic library of the toy language, from the course.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePolyAB.v\u003c/strong\u003e: defines polynomial and its operation, and asymptotic bounds defined on polynomials, and mathematic lemmas used later.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDenotation.v\u003c/strong\u003e: the denational semantics with steps, mainly from the course but modified.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHoareLogic.v\u003c/strong\u003e: the hoare logic with asymptotic bound, should contain rules and provable definition\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSoundness.v\u003c/strong\u003e: the proof for the soundness of hoare logic\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDemos.v\u003c/strong\u003e: examples of programs proved (or to be proved) using our hoare logic\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAsymptoticBound.v\u003c/strong\u003e: pure mathematic asymptotic bound definition attempts (abandonded)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2 id=\"compilation-order\"\u003e\u003cstrong\u003eCompilation Order\u003c/strong\u003e\u003c/h2\u003e\n\u003cp\u003ePlease compile the project in the following order:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eImp8.v -\u0026gt; PolyAB.v -\u0026gt; Denotation.v -\u0026gt; HoareLogic.v -\u0026gt; Soundness.v -\u0026gt; Demos.v\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2 id=\"definitions\"\u003e\u003cstrong\u003eDefinitions\u003c/strong\u003e\u003c/h2\u003e\n\u003ch3 id=\"polynomial-in-polyabv\"\u003e\u003cstrong\u003ePolynomial\u003c/strong\u003e (in PolyAB.v)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003epoly\u003c/strong\u003e (at \u003cem\u003e\u003cstrong\u003eline 11\u003c/strong\u003e\u003c/em\u003e)\n\u003cul\u003e\n\u003cli\u003eA list of Z, each represents a coefficient at certain term.\u003c/li\u003e\n\u003cli\u003eThe power increases as the index goes up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epoly_eval\u003c/strong\u003e (at \u003cem\u003e\u003cstrong\u003eline 21\u003c/strong\u003e\u003c/em\u003e)\n\u003cul\u003e\n\u003cli\u003eA recursive function that evaluates a poly into functions that maps Z to Z based on the semantics.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eTPower: (at line 31)\n\u003cul\u003e\n\u003cli\u003eAn auxiliary recursive function that implements the power operation for logical_var.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epoly_eval_lv\u003c/strong\u003e (at \u003cem\u003e\u003cstrong\u003eline 37\u003c/strong\u003e\u003c/em\u003e)\n\u003cul\u003e\n\u003cli\u003eA recursive function that evaluates a poly into functions that maps logical_var to term based on the semantics.\u003c/li\u003e\n\u003cli\u003eMight be used in defining recursive equations in Hoare While General Rule.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epoly_add\u003c/strong\u003e (p1 +++ p2) (at \u003cem\u003e\u003cstrong\u003eline 48\u003c/strong\u003e\u003c/em\u003e)\n\u003cul\u003e\n\u003cli\u003eA recursive function that adds two polys into one poly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etrim_0\u003c/strong\u003e (at \u003cem\u003e\u003cstrong\u003eline 56\u003c/strong\u003e\u003c/em\u003e)\n\u003cul\u003e\n\u003cli\u003eA recursive function that removes 0s at tail, i.e. in the highest order terms.\u003c/li\u003e\n\u003cli\u003eUsed in determining the valid highest order term.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epoly_scalar_mult\u003c/strong\u003e (k ** p) (at \u003cem\u003e\u003cstrong\u003eline 65\u003c/strong\u003e\u003c/em\u003e)\n\u003cul\u003e\n\u003cli\u003eA recursive function that multiplies a Z scalar to a poly to get a new poly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epoly_mult\u003c/strong\u003e (p1 *** p2) (at \u003cem\u003e\u003cstrong\u003eline 71\u003c/strong\u003e\u003c/em\u003e)\n\u003cul\u003e\n\u003cli\u003eA recursive function that multiplies two polys to get a new poly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3 id=\"polynomial-asymptotic-bound-in-polyabv\"\u003e\u003cstrong\u003ePolynomial Asymptotic Bound\u003c/strong\u003e (in PolyAB.v)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAsymptoticBound\u003c/strong\u003e (at \u003cem\u003e\u003cstrong\u003eline 321\u003c/strong\u003e\u003c/em\u003e)\n\u003cul\u003e\n\u003cli\u003eAn inductive type that specifies different asymptotic bounds.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eab_eval\u003c/strong\u003e (at \u003cem\u003e\u003cstrong\u003eline 326\u003c/strong\u003e\u003c/em\u003e)\n\u003cul\u003e\n\u003cli\u003eA function that takes Lassn, AsymptoticBound, and other Z parameters to formalize the asymptotic property defined by the asymptotic bound in Porp.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eloosen\u003c/strong\u003e (T1 =\u0026lt; T2) (at \u003cem\u003e\u003cstrong\u003eline 338\u003c/strong\u003e\u003c/em\u003e)\n\u003cul\u003e\n\u003cli\u003eAn inductive relation that specifies the loosening relationship between two bounds.\u003c/li\u003e\n\u003cli\u003eThe first AB (T1) can be relaxed to the second AB (T2).\u003c/li\u003e\n\u003cli\u003eWe did not prove the correctness in this file, but in the soundness proof of the Hoare Logic.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3 id=\"command-denotation-with-steps-in-denotationv\"\u003e\u003cstrong\u003eCommand Denotation With Steps\u003c/strong\u003e (in Denotation.v)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eskip_sem (at \u003cem\u003e\u003cstrong\u003eline 8\u003c/strong\u003e\u003c/em\u003e)\n\u003cul\u003e\n\u003cli\u003eAlmost the same as the one in class, but we specify the time step for Skip to be 1.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003easgn_sem (at \u003cem\u003e\u003cstrong\u003eline 14\u003c/strong\u003e\u003c/em\u003e)\n\u003cul\u003e\n\u003cli\u003eAlmost the same as the one in class, but we move the time step property outside.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eseq_sem (at line 20)\n\u003cul\u003e\n\u003cli\u003eThe same as the one in class.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eif_sem (at line 27)\n\u003cul\u003e\n\u003cli\u003eAlmost the same as the one in class, but we move the time step property outside.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eloop_sem (at line 53)\n\u003cul\u003e\n\u003cli\u003eAlmost the same as the one in class, but we move the time step property outside.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eceval (at line 59)\n\u003cul\u003e\n\u003cli\u003eThe same as the one in class.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3 id=\"hoare-logic-in-hoarelogicv\"\u003e\u003cstrong\u003eHoare Logic\u003c/strong\u003e (in HoareLogic.v)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ehoare_triple\u003c/strong\u003e ({{ P }}  c  {{ Q }}  $ T) (at \u003cem\u003e\u003cstrong\u003eline 11\u003c/strong\u003e\u003c/em\u003e)\n\u003cul\u003e\n\u003cli\u003eAn inductive type that specifies the hoare triple.\u003c/li\u003e\n\u003cli\u003eAlmost the same as the one in class, but with extra asymptotic bound added.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eprovable\u003c/strong\u003e (|-- tr) (at \u003cem\u003e\u003cstrong\u003eline 17\u003c/strong\u003e\u003c/em\u003e)\n\u003cul\u003e\n\u003cli\u003eAn inductive relation that specifies the Hoare Logic.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3 id=\"soundness-in-soundnessv\"\u003e\u003cstrong\u003eSoundness\u003c/strong\u003e (in Soundness.v)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003evalid\u003c/strong\u003e (|== tr) (at \u003cem\u003e\u003cstrong\u003eline 13\u003c/strong\u003e\u003c/em\u003e)\n\u003cul\u003e\n\u003cli\u003eA function that maps hoare_triple to Prop which specifies the validity of Hoare Rules.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2 id=\"important-theorems\"\u003e\u003cstrong\u003eImportant Theorems\u003c/strong\u003e\u003c/h2\u003e\n\u003ch3 id=\"polynomial-in-polyabv\"\u003e\u003cstrong\u003ePolynomial\u003c/strong\u003e (in PolyAB.v)\u003c/h3\u003e\n\u003cp\u003eThere are many properties about \u003cem\u003epoly\u003c/em\u003e we have proven to support later use of it, but the following 4 theorems are the most important ones.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003epoly_add_spec\u003c/strong\u003e (at \u003cem\u003e\u003cstrong\u003eline 170\u003c/strong\u003e\u003c/em\u003e)\n\u003cul\u003e\n\u003cli\u003eStating that the evaluation of poly_add result is correct.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epoly_scalar_mult_spec\u003c/strong\u003e (at \u003cem\u003e\u003cstrong\u003eline 182\u003c/strong\u003e\u003c/em\u003e)\n\u003cul\u003e\n\u003cli\u003eStating that the evaluation of poly_scalar_mult result is correct.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epoly_mult_spec\u003c/strong\u003e (at \u003cem\u003e\u003cstrong\u003eline 191\u003c/strong\u003e\u003c/em\u003e)\n\u003cul\u003e\n\u003cli\u003eStating that the evaluation of poly_mult result is correct.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cs\u003e\u003cstrong\u003etrim_invar\u003c/strong\u003e (at \u003cem\u003e\u003cstrong\u003eline 205\u003c/strong\u003e\u003c/em\u003e)\u003c/s\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cs\u003eStating that after trimming redundant 0s, the evaluation is the same as before.\u003c/s\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3 id=\"denotation-in-denotationv\"\u003e\u003cstrong\u003eDenotation\u003c/strong\u003e (in Denotation.v)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cs\u003e\u003cstrong\u003ecommand_cost_time\u003c/strong\u003e (at \u003cem\u003e\u003cstrong\u003eline 68\u003c/strong\u003e\u003c/em\u003e)\u003c/s\u003e\n\u003cul\u003e\n\u003cli\u003eStating that any command would cost at least 1 time step.\u003c/li\u003e\n\u003cli\u003e\u003cs\u003eApply to the denotational semantics, where Skip also cost 1 time step.\u003c/s\u003e\u003c/li\u003e\n\u003cli\u003e\u003cs\u003eThis property is important in proving the hoare_if_same_soundness, because previously having Skip inside if statement would invalidate that rule, since unfolding if also takes time.\u003c/s\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eExpanding If and While does not cost time\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eInstead of specify that all command cost at least 1 time step, we specify that expanding If and While statements does not cost time, because analysis of time complexity of algorithms barely counts time spent on unrolling those two statements.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3 id=\"soundness-in-soundnessv\"\u003e\u003cstrong\u003eSoundness\u003c/strong\u003e (in Soundness.v)\u003c/h3\u003e\n\u003cp\u003eAll the Hoare Rules contain the part we have declared in class, thus we will not mention those again.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ehoare_skip_sound (at \u003cem\u003e\u003cstrong\u003eline 27\u003c/strong\u003e\u003c/em\u003e)\n\u003cul\u003e\n\u003cli\u003eStating that Skip has Constant time complexity.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ehoare_asgn_bwd_sound (at \u003cem\u003e\u003cstrong\u003eline 68\u003c/strong\u003e\u003c/em\u003e)\n\u003cul\u003e\n\u003cli\u003eStating that Assignment has Constant time complexity.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ehoare_seq_bigtheta_sound\u003c/strong\u003e (at \u003cem\u003e\u003cstrong\u003eline 96\u003c/strong\u003e\u003c/em\u003e)\n\u003cul\u003e\n\u003cli\u003eStating that the time complexity of Sequenced Command is the \u003cstrong\u003esum\u003c/strong\u003e of time complexity for separate commands in the sense of Big Theta.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ehoare_if_same_sound\u003c/strong\u003e (at \u003cem\u003e\u003cstrong\u003eline 166\u003c/strong\u003e\u003c/em\u003e)\n\u003cul\u003e\n\u003cli\u003eStating that the time complexity of If Command is the \u003cstrong\u003esame\u003c/strong\u003e as those of its branches, if the time complexity of branch commands are the same.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ehoare_loosen_sound\u003c/strong\u003e (at \u003cem\u003e\u003cstrong\u003eline 307\u003c/strong\u003e\u003c/em\u003e)\n\u003cul\u003e\n\u003cli\u003eStating that we can \u003cstrong\u003erelax\u003c/strong\u003e the time complexity of certain command based on the \u003cem\u003eloosen\u003c/em\u003e relation.\u003c/li\u003e\n\u003cli\u003eAuxiliary properties about \u003cem\u003epoly\u003c/em\u003e is required to prove the loosening rule for asymptotic bounds that have the same highest order.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ehoare_while_linear_sound\u003c/strong\u003e (at \u003cem\u003e\u003cstrong\u003eline 354\u003c/strong\u003e\u003c/em\u003e)\n\u003cul\u003e\n\u003cli\u003eStating that if the loop variant decrease linearly, by \u003cstrong\u003emultiplying\u003c/strong\u003e a linear term onto the asymptotic bound for the inner command, we get the time complexity for the whole loop.\u003c/li\u003e\n\u003cli\u003eThere are other conditions to be satisfied:\n\u003col\u003e\n\u003cli\u003e(forall st La, ((st, La) |== (P AND {[b]})) -\u0026gt; ((st, La) |== (0 \u0026lt; V))):\nLoop invariant and the trueness of loop condition imply the status of loop variant.\u003c/li\u003e\n\u003cli\u003eassn_occur n P = O /\\ term_occur n V = O /\\ bexp_occur n b = O:\nThe logical variable bound to loop variant does not occur in other parts of the pre-condition.\u003c/li\u003e\n\u003cli\u003e(forall x, 0 \u0026lt; x -\u0026gt; 0 \u0026lt;= poly_eval p x):\nThe time cost is non-negative when input size is positive.\u003c/li\u003e\n\u003cli\u003e(forall x y, x \u0026lt;= y -\u0026gt; poly_eval p x \u0026lt;= poly_eval p y):\nThe time cost increases as input size increase.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ehoare_consequence_sound (at \u003cem\u003e\u003cstrong\u003eline x\u003c/strong\u003e\u003c/em\u003e)\n\u003cul\u003e\n\u003cli\u003eStating that consequence rule holds for the Hoare logic, if time complexity stays unchanged.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ehoare_logic_sound (at \u003cem\u003e\u003cstrong\u003eline 361\u003c/strong\u003e\u003c/em\u003e)\n\u003cul\u003e\n\u003cli\u003eStating that if a Hoare Triple is provable, then it is valid.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3 id=\"demos-in-demosv\"\u003e\u003cstrong\u003eDemos\u003c/strong\u003e (in Demos.v)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003esimple_loop_correct\u003c/strong\u003e (at \u003cstrong\u003eline 79\u003c/strong\u003e)\n\u003cul\u003e\n\u003cli\u003eThis is a simple example to test the usage of Hoare rule for while loop, which slowly decreases X to 0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eslow_addition_correct\u003c/strong\u003e (at \u003cem\u003e\u003cstrong\u003eline 130\u003c/strong\u003e\u003c/em\u003e)\n\u003cul\u003e\n\u003cli\u003eThis example comes from the Exercise 2 of Task 2 in Assignment 2.\u003c/li\u003e\n\u003cli\u003eWe want to prove that its time complexity is $O(m)$.\u003c/li\u003e\n\u003cli\u003eDue to the requirement in while rule, extra conditions are required for the logical_var bound to the loop variant.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cs\u003e\u003cstrong\u003emin_while_correct\u003c/strong\u003e (at \u003cem\u003e\u003cstrong\u003eline 33\u003c/strong\u003e\u003c/em\u003e)\u003c/s\u003e \u003cem\u003eWe did not have time to prove this.\u003c/em\u003e\n\u003cul\u003e\n\u003cli\u003eThis example comes from the Exercise 3 of Task 4 in Assignment 2.\u003c/li\u003e\n\u003cli\u003eWe want to prove that its time complexity is $O(\\min(a, b))$.\u003c/li\u003e\n\u003cli\u003eSince we try to prove something that is not a polynomial, a minimum function, using polynomial asymptotic bound, we might get stuck and might change this to something simpler.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr\u003e\n\u003ch2 id=\"proof-ideas-brief-informal-proofs\"\u003eProof Ideas \u0026amp; Brief Informal Proofs\u003c/h2\u003e\n\u003ch3 id=\"hoareskipsound\"\u003ehoare_skip_sound\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSimple proof, no detailed informal proof is required.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3 id=\"hoareasgnbwdsound\"\u003ehoare_asgn_bwd_sound\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSimple proof, no detailed informal proof is required.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3 id=\"hoareseqbigthetasound\"\u003e\u003cstrong\u003ehoare_seq_bigtheta_sound\u003c/strong\u003e\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eConstruct Coefficient:\u003c/strong\u003e The coefficient for the lower bound is the minimum of original lower bound coefficient. The coefficient for the upper bound is the maximum of original upper bound coefficient.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMain Proof Idea for Time Complexity:\u003c/strong\u003e Move the multiplier, i.e. the results of polynomial evaluations, inside the \u003cem\u003emin\u003c/em\u003e and \u003cem\u003emax\u003c/em\u003e, and by the upper and lower bounds of each term in the given condition, we can get the total of upper and lower bounds. By relaxing the minimum and maximum to one of the operands, we can proof the inequality.\n\u003cimg src=\"fig/eq1.png\" alt=\"\"\u003e  \u003c!-- $$\n  \\begin{cases}\n  a1 * P1(n) \\le t1 \\le a2 * P1(n) \\\\\n  a1' * P2(n) \\le t2 \\le a2' * P2(n) \\\\\n  \\end{cases} \\\\\n  \\Downarrow \\\\\n  \\begin{aligned}\n  \u0026 min(a1, a1') * (P1(n) + P2(n)) \\\\\n  \u0026 \\qquad = min(a1 * P1(n), a1' * P1(n)) + min(a1 * P2(n), a1' * P2(n)) \\\\\n  \u0026 \\qquad \\le a1 * P1(n) + a1' * P2(n) \\\\\n  \u0026 \u003c= t1 + t2 \\\\\n  \u0026 \\qquad \\le a2 * P1(n) + a2' * P2(n) \\\\\n  \u0026 \\qquad \\le max(a2 * P1(n), a2' * P1(n)) + min(a2 * P2(n), a2' * P2(n)) \\\\\n  \u0026 = max(a2, a2') * (P1(n) + P2(n)) \\\\\n  \\end{aligned}\n  $$ --\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3 id=\"hoareifsamesound\"\u003e\u003cstrong\u003ehoare_if_same_sound\u003c/strong\u003e\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eConstruct Coefficient:\u003c/strong\u003e Again, the coefficient for the lower bound is the minimum of original lower bound coefficient. The coefficient for the upper bound is the maximum of original upper bound coefficient.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMain Proof Idea for Time Complexity:\u003c/strong\u003e Taking BigTheta case in IF branch for example:\n\u003cul\u003e\n\u003cli\u003e\u003cbr\u003e\n\u003cimg src=\"fig/eq2.png\" alt=\"\"\u003e\u003c!-- $$\n\\begin{cases}\n0 \\le a1 * P(n) \\\\\n0 \\le a1' * P(n)\n\\end{cases}\\\\\n\\Downarrow \\\\\n0 \\le min(a1 * P(n), a1' * P(n)) = min(a1, a1') * P(n)\n$$ --\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cbr\u003e\n\u003cimg src=\"fig/eq3.png\" alt=\"\"\u003e\u003c!-- $$\na1 * P(n) \\le a2 * P(n)\\\\\n\\Downarrow\\\\\n\\begin{aligned}\n\u0026min(a1, a1') * P(n)\\\\\n\u0026 \\qquad = min(a1 * P(n), a1' * P(n))\\\\\n\u0026 \\qquad \\le a1 * P(n)   \\\\\n\u0026 \\le t\\\\\n\u0026 \\qquad \\le a2 * P(n) \\\\\n\u0026 \\qquad \\le max(a2 * P(n), a2' * P(n))\\\\\n\u0026= max(a2, a2') * P(n)\\\\\n\\end{aligned}\n$$ --\u003e\n\u003c/li\u003e\n\u003cli\u003eThe proof for ELSE branch is almost the same as the IF branch, but we will use $a1'$ and $a2'$ to relax minimum and maximum, because they are the ones specified by the command in the ELSE branch.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3 id=\"hoareloosensound\"\u003e\u003cstrong\u003ehoare_loosen_sound\u003c/strong\u003e\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMain proof outline is to induct over \u003cem\u003eloosen\u003c/em\u003e relation, and prove goals for each loosen rule.\u003c/li\u003e\n\u003cli\u003eSince other loosen rules are relatively simple, we only briefly illustrate the proof idea behind O_Poly2Mono rule.\u003c/li\u003e\n\u003cli\u003eIn fact, one hoare_loosen rule contains a family of rules. It is exhausting to write out the informal ideas of all those rules after we proved them in Coq. You may simply look into our code to go through proofs for other simple rules.\u003c/li\u003e\n\u003cli\u003eThe main idea for the proof of this loosen rule is as follows:\n\u003cimg src=\"fig/eq4.png\" alt=\"\"\u003e\u003c!-- $$\n\\text{For arbitrary polynomial of order } N - 1, n \u003e 0\\\\\nK = \\max(0, a_N, \\cdots, a_1)\\\\\n\\Downarrow\\\\\n\\sum_{k=0}^N a_k * n^{k-1} \\le \\sum_{k=0}^N K * n^{k-1} \\le (N * K) * n^{N-1}\\\\\n\\Downarrow\\\\\nt \\le a * P(n) \\le (a*N*K) * M(n, N)\\\\\n\\text{M(n, N) denotes the monomial of order N-1}\\\\\n\\text{(a * N * K) is the coefficient to be constructed}\n$$ --\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3 id=\"lemmas-for-hoarewhilelinearsound\"\u003e\u003cstrong\u003eLemmas for hoare_while_linear_sound\u003c/strong\u003e\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThere are 3 lemmas for the proof of hoare_while_linear_sound. They states that \u003cstrong\u003eif a logical variable does not occur in A, then update its value in logical assignment does not effect the meaning of A\u003c/strong\u003e.\u003c/li\u003e\n\u003cli\u003eThe proofs are simply apply \u003cstrong\u003einduction or mutual induction over the structure of A\u003c/strong\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3 id=\"hoarewhilelinearsound\"\u003e\u003cstrong\u003ehoare_while_linear_sound\u003c/strong\u003e\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eConstruct Coefficient:\u003c/strong\u003e  We reuse the coefficients from the loop body to be those of the entire loop.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMain Proof Idea for Time Complexity:\u003c/strong\u003e The main idea of the proof for time complexity is as follows:\n\u003cimg src=\"fig/eq5.png\" alt=\"\"\u003e  \u003c!-- $$\n  \\begin{cases}\n  P(1) \\le P(2) \\le ... \\le P(n)\\\\\n  \\forall n, t(n) \\le a2 * P(n)\\\\\n  \\end{cases}\\\\\n  \\Downarrow\\\\\n  T = \\sum_k t(k) \\le \\sum_k a2 * P(k) \\le a2 * n * P(n) \\qquad (*)\n  $$ --\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBrief Informal Proof\u003c/strong\u003e\u003cpre class=\"hljs\"\u003e\u003ccode\u003e\u003cdiv\u003eFirst, we do induction over the loop time n'.\n\n1) If n' = 0, \n    the program does not enter the loop, thus the time cost is 0.\n    By the non-negativity or the sign preserving property (3) of the polynomial p, the inequality holds.\n\n2) If n' \u0026gt; 0,\n    Use the thoughts in (*) to prove the goal.\n\n    Since the loop has carried out once,\n    by the derivation from loop invariant and loop condition to status of loop variant (1) is,\n    the input size should be at least 1 (**).\n\n    Then we need to discuss the input size case by case.\n        Because if n = 1, there is no second round of the loop,\n        and we can not relax any time cost term except the one of the first round since we know nothing about other rounds.\n    \n    a) If n \u0026lt;\u0026gt; 1,\n        combined with the status of loop variant (**) we derived before,\n        we have n \u0026gt; 1.\n        By increasingness of the bound,\n        we can relax the time cost based on (*) and prove the goal.\n    \n    b) If n = 1,\n        the time cost for later rounds, t2, is exactly 0.\n        T = t1 + 0 \u0026lt;= a2 * P(1) \u0026lt;= a2 * 1 * P(1) = a2 * n * P(n)\n\n        We still need to discuss loop time n' to get some properties.\n        i) If n' = 0,\n            no more loop is carried out,\n            thus we can prove the goal.\n        ii) If n' \u0026gt; 0,\n            by the derivation from loop invariant and loop condition to status of loop variant (1),\n            this case is impossible, since there is no more loop rounds.\n\u003c/div\u003e\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3 id=\"hoareconsequencesound\"\u003ehoare_consequence_sound\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSimple proof, no detailed informal proof is required.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3 id=\"hoarelogicsound\"\u003ehoare_logic_sound\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe soundness of hoare logic with time complexity is proved by induction over the structure of c, with supports of previous lemmas.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3 id=\"simpleloopcorrect\"\u003esimple_loop_correct\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSimple proof, no detailed informal proof is required.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3 id=\"slowadditioncorrect\"\u003e\u003cstrong\u003eslow_addition_correct\u003c/strong\u003e\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eNote that this is different from the one in mid-term submission.\u003c/em\u003e\u003c/li\u003e\n\u003cli\u003eThe main proof steps are illustrated by the usages of our Hoare Rules.\n\u003cul\u003e\n\u003cli\u003eUse \u003cstrong\u003ehoare_consequence\u003c/strong\u003e to adjust the pre-condition and post-condition to fit the form of hoare_while_linear.\u003c/li\u003e\n\u003cli\u003eUse \u003cstrong\u003ehoare_loosen\u003c/strong\u003e \u003cem\u003etwice\u003c/em\u003e to adjust the time complexity to fit the form of hoare_while_linear.\u003c/li\u003e\n\u003cli\u003eUse \u003cstrong\u003ehoare_while_linear\u003c/strong\u003e to expand the while loop. Ltac \u003cstrong\u003eforward_while_linear\u003c/strong\u003e (\u003cem\u003e\u003cstrong\u003eline 30\u003c/strong\u003e\u003c/em\u003e in Demos.v) is defined to use hoare_while_linear easily.\u003c/li\u003e\n\u003cli\u003eProve other conditions required by hoare_while_linear.\u003c/li\u003e\n\u003cli\u003eUse \u003cstrong\u003ehoare_loosen\u003c/strong\u003e \u003cem\u003etwice\u003c/em\u003e to adjust the time complexity to fit the form of hoare_seq_bigtheta.\u003c/li\u003e\n\u003cli\u003eUse \u003cstrong\u003ehoare_seq_bigtheta\u003c/strong\u003e \u003cem\u003etwice\u003c/em\u003e to fully expand sequenced command.\u003c/li\u003e\n\u003cli\u003eUse \u003cstrong\u003ehoare_asgn_bwd\u003c/strong\u003e on the third and second assignment command.\u003c/li\u003e\n\u003cli\u003eUse \u003cstrong\u003ehoare_consequence\u003c/strong\u003e to create room of flexibility for using hoare_asgn_bwd on the first assignment command.\u003c/li\u003e\n\u003cli\u003eUse \u003cstrong\u003ehoare_asgn_bwd\u003c/strong\u003e on the first assignment command.\u003c/li\u003e\n\u003cli\u003eProve the derivation from the original pre-condition to the one generated by hoare_asgn_bwd.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003c/body\u003e\n\u003c/html\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbrucezoom%2Fplproject-asymptoticcomplexity","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbrucezoom%2Fplproject-asymptoticcomplexity","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbrucezoom%2Fplproject-asymptoticcomplexity/lists"}