This homework is due on Monday, 28 February.

1. In lecture notes 5 (for 16 February), we sketched a proof
that |- {A1}c{A2} implies |= {A1}c{A2}.  However, the sketch
omitted the cases for rules R4, R5, and R6 as well as Lemma 2.
Complete the proof by filling in the missing cases and the Lemma.

2. We suggested an alternative rule, R2', for assignments:

     (R2')  |- {A}x:=e{exists X.(A[X/x] && x = (e[X/x]))}

Prove that this rule is sound.

3. Let us assume that we generalize IMP to include conditional
expressions:  e := ... | e1 <= e2 | e1 < e2 | e1 == e2 | e1 != e2 |
                         e1 && e2 | e1 || e2
with the meaning that e1 r e2 evaluates to 0 iff e1 r e2 is false.

Using the Hoare rules, prove:

   { 1 <= n }
   p := 0;
   c := 1;
   while c <= n do { p := p+m; c := c+1; }
   { p = m*n }

(When you invoke the rule of consequence, argue (informally) that
one assertion implies another, as I did in the Lecture 5 notes.)

4. Find an appropriate invariant to use in the while-rule for
proving the following:

  { i=y && x=1 } while y <> 0 do {y:=y-1; x:=2*x} { x=2^i }