A Fistful of Dollars: Formalizing Asymptotic Complexity Claims via Deductive Program Verification

@inproceedings{Guneau2018AFO,
  title={A Fistful of Dollars: Formalizing Asymptotic Complexity Claims via Deductive Program Verification},
  author={Arma{\"e}l Gu{\'e}neau and Arthur Chargu{\'e}raud and François Pottier},
  booktitle={ESOP},
  year={2018}
}
We present a framework for simultaneously verifying the functional correctness and the worst-case asymptotic time complexity of higher-order imperative programs. We build on top of Separation Logic with Time Credits, embedded in an interactive proof assistant. We formalize the O notation, which is key to enabling modular specifications and proofs. We cover the subtleties of the multivariate case, where the complexity of a program fragment depends on multiple parameters. We propose a way of… 
Mechanized Verification of the Correctness and Asymptotic Complexity of Programs. (Vérification mécanisée de la correction et complexité asymptotique de programmes)
TLDR
This dissertation develops a methodology that allows proofs of complexity in Separation Logic to be robust and carried out at a relatively high level of abstraction, by relying on two key elements: a mechanism for collecting and deferring constraints during the proof, and a mechanisms for semi-automatically synthesizing cost expressions without loss of generality.
Verifying Asymptotic Time Complexity of Imperative Programs in Isabelle
TLDR
An extension of Imperative HOL and its separation logic to include running time is built upon and various automation is built and incorporated into the auto2 prover to reason about separation logic with time credits, and to derive asymptotic behavior of functions.
Hoare Logics for Time Bounds - A Study in Meta Theory
TLDR
Three different Hoare logics for reasoning about time bounds of imperative programs are studied and formalized in Isabelle/HOL, supporting a big-O style of reasoning and comparing the expressive power of the three systems.
Modeling Asymptotic Complexity Using ACL2
  • W. D. Young
  • Computer Science
    Electronic Proceedings in Theoretical Computer Science
  • 2022
TLDR
This work describes work using ACL2 to prove complexity properties of programs implemented in a simple imperative programming language embedding via an operational semantics in ACL2 and simultaneously prove functional properties of a program and its complexity.
verifies program extraction for functions in the Minlog proof assistant into a λ-calculus-like system
TLDR
This work provides a plugin extracting Coq functions of simple polymorphic types to the (untyped) call-byvalue λ-calculus L, and provides Ltac tactics to automatically verify the extracted terms w.r.t a logical relation connecting Coqu functions with correct extractions and time bounds.
A Certifying Extraction with Time Bounds from Coq to Call-By-Value Lambda Calculus
TLDR
This work provides a plugin extracting Coq functions of simple polymorphic types to the (untyped) call-by-value $\lambda$-calculus L, and provides Ltac tactics to automatically verify the extracted terms w.r.t a logical relation connecting Coqu functions with correct extractions and time bounds.
A certifying extraction with time bounds from Coq to call-by-value $λ$-calculus
TLDR
This work provides a plugin extracting Coq functions of simple polymorphic types to the (untyped) call-byvalue λ-calculus L, and provides Ltac tactics to automatically verify the extracted terms w.r.t a logical relation connecting Coqu functions with correct extractions and time bounds.
Selectively-Amortized Resource Bounding (Extended Version)
TLDR
It is observed that fully precise amortization is not always necessary to prove a bound of interest, and by amortizing selectively, the needed supporting invariants can be simpler, making the invariant inference task more feasible and predictable.
Reasoning about the garden of forking paths
TLDR
This work presents a novel and simple framework for formally reasoning about lazy computation costs based on a recent model of lazy evaluation: clairvoyant call-by-value, and shows that this monad can be effectively used to mechanically reason about the computational cost of lazy functional programs written in Coq.
Selectively-Amortized Resource Bounding
TLDR
It is observed that fully precise amortization is not always necessary to prove a bound of interest, and by amortizing selectively, the needed supporting invariants can be simpler, making the invariant inference task more feasible and predictable.
...
...

References

SHOWING 1-10 OF 32 REFERENCES
Verifying the Correctness and Amortized Complexity of a Union-Find Implementation in Separation Logic with Time Credits
TLDR
This work implements Union-Find as an OCaml library and formally endow it with a modular specification that offers a full functional correctness guarantee as well as an amortized complexity bound.
Functors for Proofs and Programs
TLDR
This paper presents the formal verification with the Coq proof assistant of several applicative data structures implementing finite sets, parameterized by an ordered type for the elements, using functors from the ML module system.
The essence of monotonic state
We extend a static type-and-capability system with new mechanisms for expressing the promise that a certain abstract value evolves monotonically with time; for enforcing this promise; and for taking
Characteristic formulae for the verification of imperative programs
TLDR
The generalization of characteristic formulae to an imperative programming language is described, which supports the verification of imperative Caml programs using the Coq proof assistant and has formally verified nontrivial imperative algorithms, as well as CPS functions, higher-order iterators, and programs involving higher- order stores.
Automated Resource Analysis with Coq Proof Objects
TLDR
This paper introduces a method for resource-bound inference that is compositional, produces machine-checkable certificates of the resource bounds obtained, and features a sound mechanism for user interaction if the inference fails.
Amortised Resource Analysis with Separation Logic
  • R. Atkey
  • Computer Science
    Log. Methods Comput. Sci.
  • 2011
TLDR
This work translates the idea of amortised resource analysis to imperative pointer-manipulating languages by embedding a logic of resources, based on the affine intuitionistic Logic of Bunched Implications, within Sep separation Logic within Separation Logic.
TiML: a functional language for practical complexity analysis with invariants
TLDR
TiML, though lacking full automation and theoretical completeness, is versatile enough to verify worst-case and/or amortized complexities for algorithms and data structures like classic list operations, merge sort, Dijkstra's shortest-path algorithm, red-black trees, Braun trees, functional queues, and dynamic tables with bounds like m n logn.
Proving Divide and Conquer Complexities in Isabelle/HOL
  • Manuel Eberl
  • Computer Science
    Journal of Automated Reasoning
  • 2016
TLDR
This work describes a formalisation of the Akra–Bazzi method in the interactive theorem prover Isabelle/HOL and the derivation of a generalised version of the Master Theorem from it, which is the first formalised of theorems for the analysis of such recurrences.
Towards automatic resource bound analysis for OCaml
TLDR
This article presents a resource analysis system for OCaml programs that automatically derives worst-case resource bounds for higher-order polymorphic programs with user-defined inductive types and preserves the expressivity and efficiency of existing AARA techniques.
Separation logic: a logic for shared mutable data structures
  • J. C. Reynolds
  • Computer Science
    Proceedings 17th Annual IEEE Symposium on Logic in Computer Science
  • 2002
TLDR
An extension of Hoare logic that permits reasoning about low-level imperative programs that use shared mutable data structure is developed, including extensions that permit unrestricted address arithmetic, dynamically allocated arrays, and recursive procedures.
...
...