4,515 research outputs found
Condition/Decision Duality and the Internal Logic of Extensive Restriction Categories
In flowchart languages, predicates play an interesting double role. In the
textual representation, they are often presented as conditions, i.e.,
expressions which are easily combined with other conditions (often via Boolean
combinators) to form new conditions, though they only play a supporting role in
aiding branching statements choose a branch to follow. On the other hand, in
the graphical representation they are typically presented as decisions,
intrinsically capable of directing control flow yet mostly oblivious to Boolean
combination. While categorical treatments of flowchart languages are abundant,
none of them provide a treatment of this dual nature of predicates. In the
present paper, we argue that extensive restriction categories are precisely
categories that capture such a condition/decision duality, by means of
morphisms which, coincidentally, are also called decisions. Further, we show
that having these categorical decisions amounts to having an internal logic:
Analogous to how subobjects of an object in a topos form a Heyting algebra, we
show that decisions on an object in an extensive restriction category form a De
Morgan quasilattice, the algebraic structure associated with the (three-valued)
weak Kleene logic . Full classical propositional logic can be
recovered by restricting to total decisions, yielding extensive categories in
the usual sense, and confirming (from a different direction) a result from
effectus theory that predicates on objects in extensive categories form Boolean
algebras. As an application, since (categorical) decisions are partial
isomorphisms, this approach provides naturally reversible models of classical
propositional logic and weak Kleene logic.Comment: 19 pages, including 6 page appendix of proofs. Accepted for MFPS XXX
On the Use of Underspecified Data-Type Semantics for Type Safety in Low-Level Code
In recent projects on operating-system verification, C and C++ data types are
often formalized using a semantics that does not fully specify the precise byte
encoding of objects. It is well-known that such an underspecified data-type
semantics can be used to detect certain kinds of type errors. In general,
however, underspecified data-type semantics are unsound: they assign
well-defined meaning to programs that have undefined behavior according to the
C and C++ language standards.
A precise characterization of the type-correctness properties that can be
enforced with underspecified data-type semantics is still missing. In this
paper, we identify strengths and weaknesses of underspecified data-type
semantics for ensuring type safety of low-level systems code. We prove
sufficient conditions to detect certain classes of type errors and, finally,
identify a trade-off between the complexity of underspecified data-type
semantics and their type-checking capabilities.Comment: In Proceedings SSV 2012, arXiv:1211.587
Mechanized semantics
The goal of this lecture is to show how modern theorem provers---in this
case, the Coq proof assistant---can be used to mechanize the specification of
programming languages and their semantics, and to reason over individual
programs and over generic program transformations, as typically found in
compilers. The topics covered include: operational semantics (small-step,
big-step, definitional interpreters); a simple form of denotational semantics;
axiomatic semantics and Hoare logic; generation of verification conditions,
with application to program proof; compilation to virtual machine code and its
proof of correctness; an example of an optimizing program transformation (dead
code elimination) and its proof of correctness
Matching Logic
This paper presents matching logic, a first-order logic (FOL) variant for
specifying and reasoning about structure by means of patterns and pattern
matching. Its sentences, the patterns, are constructed using variables,
symbols, connectives and quantifiers, but no difference is made between
function and predicate symbols. In models, a pattern evaluates into a power-set
domain (the set of values that match it), in contrast to FOL where functions
and predicates map into a regular domain. Matching logic uniformly generalizes
several logical frameworks important for program analysis, such as:
propositional logic, algebraic specification, FOL with equality, modal logic,
and separation logic. Patterns can specify separation requirements at any level
in any program configuration, not only in the heaps or stores, without any
special logical constructs for that: the very nature of pattern matching is
that if two structures are matched as part of a pattern, then they can only be
spatially separated. Like FOL, matching logic can also be translated into pure
predicate logic with equality, at the same time admitting its own sound and
complete proof system. A practical aspect of matching logic is that FOL
reasoning with equality remains sound, so off-the-shelf provers and SMT solvers
can be used for matching logic reasoning. Matching logic is particularly
well-suited for reasoning about programs in programming languages that have an
operational semantics, but it is not limited to this
- …