A Coq Library for Internal Verification of Running-Times [chapter]

Jay McCarthy, Burke Fetscher, Max New, Daniel Feltey, Robert Bruce Findler
2016 Lecture Notes in Computer Science  
This paper presents a Coq library that lifts an abstract yet precise notion of running-time into the type of a function. Our library is based on a monad that counts abstract steps. The monad's computational content, however, is simply that of the identity monad so programs written in our monad (that recur on the natural structure of their arguments) extract into idiomatic OCaml code. We evaluated the expressiveness of the library by proving that red-black tree insertion and search, merge sort,
more » ... nsertion sort, various Fibonacci number implementations, iterated list insertion, various BigNum operations, and Okasaki's Braun Tree algorithms all have their expected running times. Program Fixpoint insert {A:Set} (i:A) (b:@bin_tree A) : {! res !:! @bin_tree A !! (forall n, Braun b n -> (Braun res (n+1) /\ c = fl_log n + 1)) !} := match b with | bt_mt => += 1; <== (bt_node i bt_mt bt_mt) | bt_node j s t => t <-insert j t; += 1; <== (bt_node i t s) end. Figure 1: Braun tree insertion Inductive Braun {A:Set} : (@bin_tree A) -> nat -> Prop := | B_mt : Braun bt_mt 0 | B_node : forall (x:A) s s_size t t_size, t_size <= s_size <= t_size+1 -> Braun s s_size -> Braun t t_size -> Braun (bt_node x s t) (s_size+t_size+1).
doi:10.1007/978-3-319-29604-3_10 fatcat:7d6o4dg25raprligwmm3vbmdci