A separation logic framework for HOL

Separation Logic as introduced by Calcagno, O’Hearn, and Yang [7] is the foun-dation of the separation logic framework in HOL4. In the following, this foundation willbe described. 3.2.1 States and Predicates on States As the name suggests, Abstract Separation Logic is an abstract version of separationlogic. It abstracts from both the concrete specification and the concrete programming 62 CHAPTER 3. THEORETICAL FOUNDATION AND IMPLEMENTATION language. The programming language of Abstract Separation Logic manipulates someabstract states, the specification language is based on predicates on these states. 3.2.1.1 Separation Combinators Since nothing is known about these states, a partial function , called the separationcombinator, is used to combine states and define whether two states are separate. Definition 3.2.1 (Separation Combinator (HOL4-Thm 217)). A separation combinatoron a set of states Σ is a partially defined function : Σ Σ á Σ that satisfies the followingproperties: • is partially associative, i. e.s1, s2, s3. Definedps1 ps2 s3qq Definedpps1 s2q s3q^s1, s2, s3. Definedps1 ps2 s3qq ùñ ps1 ps2 s3q ps1 s2q s3q • is partially commutative, i. e.s1, s2. Definedps1 s2q Definedps2 s1q ^s1, s2. Definedps1 s2q ùñ ps1 s2 s2 s1q • is partially cancellative, i. e.s1, s2, s3. Definedps1 s2q ^ Definedps1 s3q ^ps1 s2 s1 s3q ùñ ps2 s3q• for all states s P Σ there exists a neutral element us P Σ with us s s HOL4 remark 3.2.2. HOL4 supports only total functions. In order to formalise separationcombinators, which are only partially defined, option-types are used. The value NONE isused to model undefined, whereas SOME(x) represents the defined value x. Definition 3.2.3 (Separateness, Substates, Superstates (HOL4-Thms 132, 133)). Thedefinition of separation combinators induces notions of separateness (#), substates( ̈)and superstates(©).s1 # s2 iff s1 s2 is defineds1 ̈ s3 iffDs2. s3 s1 s2s3 © s1 iff s1 ̈ s3