Tensor Products and Powerspaces in Quantitative Domain Theory

AbstractOne approach to quantitative domain theory is the thesis that the underlying boolean logic of ordinary domain theory which assumes only values in the set {true, false} is replaced by a more elaborate logic with values in a suitable structure Ν. (We take Ν to be a value quantale.) So the order ⊑ is replaced by a generalised quasi-metric d, assigning to a pair of points the truth value of the assertion x ⊑ y.In this paper, we carry this thesis over to the construction of powerdomains. This means that we assume the membership relation ∈ to take its values in Ν. This is done by requiring that the value quantale Ν carries the additional structure of a semiring. Powerdomains are then constructed as free modules over this semiring.For the case that the underlying logic is the logic of ordinary domain theory our construction reduces to the familiar Hoare powerdomain. Taking the logic of quasi-metric spaces, i.e. Ν = [0, ∞] with usual addition and multiplication, reveals a close connection to the powerdomain of extended probability measures.As scalar multiplication need not be nonexpansive we develop the theory of moduli of continuity and m-continuous functions. This makes it also possible to consider functions between quantitative domains with different underlying logic. Formal union is an operation which takes pairs as input, so we investigate tensor products and their behavior with respect to the ideal completion

A General Framework for Sound and Complete Floyd-Hoare Logics

This paper presents an abstraction of Hoare logic to traced symmetric monoidal categories, a very general framework for the theory of systems. Our abstraction is based on a traced monoidal functor from an arbitrary traced monoidal category into the category of pre-orders and monotone relations. We give several examples of how our theory generalises usual Hoare logics (partial correctness of while programs, partial correctness of pointer programs), and provide some case studies on how it can be used to develop new Hoare logics (run-time analysis of while programs and stream circuits).Comment: 27 page

Separation Logic for Small-step Cminor

Cminor is a mid-level imperative programming language; there are proved-correct optimizing compilers from C to Cminor and from Cminor to machine language. We have redesigned Cminor so that it is suitable for Hoare Logic reasoning and we have designed a Separation Logic for Cminor. In this paper, we give a small-step semantics (instead of the big-step of the proved-correct compiler) that is motivated by the need to support future concurrent extensions. We detail a machine-checked proof of soundness of our Separation Logic. This is the first large-scale machine-checked proof of a Separation Logic w.r.t. a small-step semantics. The work presented in this paper has been carried out in the Coq proof assistant. It is a first step towards an environment in which concurrent Cminor programs can be verified using Separation Logic and also compiled by a proved-correct compiler with formal end-to-end correctness guarantees.Comment: Version courte du rapport de recherche RR-613

Convolution, Separation and Concurrency

A notion of convolution is presented in the context of formal power series together with lifting constructions characterising algebras of such series, which usually are quantales. A number of examples underpin the universality of these constructions, the most prominent ones being separation logics, where convolution is separating conjunction in an assertion quantale; interval logics, where convolution is the chop operation; and stream interval functions, where convolution is used for analysing the trajectories of dynamical or real-time systems. A Hoare logic is constructed in a generic fashion on the power series quantale, which applies to each of these examples. In many cases, commutative notions of convolution have natural interpretations as concurrency operations.Comment: 39 page

Fifty years of Hoare's Logic

We present a history of Hoare's logic.Comment: 79 pages. To appear in Formal Aspects of Computin

Semantics of Separation-Logic Typing and Higher-order Frame Rules for<br> Algol-like Languages

We show how to give a coherent semantics to programs that are well-specified in a version of separation logic for a language with higher types: idealized algol extended with heaps (but with immutable stack variables). In particular, we provide simple sound rules for deriving higher-order frame rules, allowing for local reasoning

Invariant Synthesis for Incomplete Verification Engines

We propose a framework for synthesizing inductive invariants for incomplete verification engines, which soundly reduce logical problems in undecidable theories to decidable theories. Our framework is based on the counter-example guided inductive synthesis principle (CEGIS) and allows verification engines to communicate non-provability information to guide invariant synthesis. We show precisely how the verification engine can compute such non-provability information and how to build effective learning algorithms when invariants are expressed as Boolean combinations of a fixed set of predicates. Moreover, we evaluate our framework in two verification settings, one in which verification engines need to handle quantified formulas and one in which verification engines have to reason about heap properties expressed in an expressive but undecidable separation logic. Our experiments show that our invariant synthesis framework based on non-provability information can both effectively synthesize inductive invariants and adequately strengthen contracts across a large suite of programs