@@ -23,6 +23,8 @@ This definition varies slightly from the original one in~\cite{catlogic}.
An element $x \in\cofe$ of a COFE is called \emph{discrete} if
\[\All y \in\cofe. x \nequiv{0} y \Ra x = y\]
A COFE $A$ is called \emph{discrete} if all its elements are discrete.
For a set $X$, we write $\Delta X$ for the discrete COFE with $x \nequiv{n} x' \eqdef x = x'$
\end{defn}
\begin{defn}
...
...
@@ -31,6 +33,7 @@ This definition varies slightly from the original one in~\cite{catlogic}.
It is \emph{contractive} if
\[\All n, x \in\cofe, y \in\cofe. (\All m < n. x \nequiv{m} y)\Ra f(x)\nequiv{n} f(x)\]
\end{defn}
The reason that contractive functions are interesting is that for every contractive $f : \cofe\to\cofe$ with $\cofe$ inhabited, there exists a fixed-point $\fix(f)$ such that $\fix(f)= f(\fix(f))$.
\begin{defn}
The category $\COFEs$ consists of COFEs as objects, and non-expansive functions as arrows.
@@ -33,7 +33,7 @@ We start by defining the COFE of \emph{step-indexed propositions}: For every ste
\end{align*}
Now we can rewrite $\UPred(\monoid)$ as monotone step-indexed predicates over $\monoid$, where the definition of a ``monotone'' function here is a little funny.
\begin{align*}
\UPred(\monoid) \approx{}&\monoid\monra\SProp\\
\UPred(\monoid) \cong{}&\monoid\monra\SProp\\
\eqdef{}&\setComp{\pred: \monoid\nfn\SProp}{\All n, m, x, y. n \in\pred(x) \land x \mincl y \land m \leq n \land y \in\mval_m \Ra m \in\pred(y)}
\end{align*}
The reason we chose the first definition is that it is easier to work with in Coq.
...
...
@@ -77,35 +77,35 @@ $K \fpfn (-)$ is a locally non-expansive functor from $\CMRAs$ to $\CMRAs$.
\subsection{Agreement}
Given some COFE $\cofe$, we define $\agm(\cofe)$ as follows:
\newcommand{\agc}{\mathrm{c}}% the "c" field of an agreement element
\newcommand{\agV}{\mathrm{V}}% the "V" field of an agreement element
\newcommand{\aginjc}{\mathrm{c}}% the "c" field of an agreement element
\newcommand{\aginjV}{\mathrm{V}}% the "V" field of an agreement element
\melt\equiv\meltB\eqdef{}&\melt.\agV = \meltB.\agV\land\All n. n \in\melt.\agV\Ra\melt.\agc(n) \nequiv{n}\meltB.\agc(n) \\
\melt\nequiv{n}\meltB\eqdef{}& (\All m \leq n. m \in\melt.\agV\Lra m \in\meltB.\agV) \land (\All m \leq n. m \in\melt.\agV\Ra\melt.\agc(m) \nequiv{m}\meltB.\agc(m)) \\
\mval_n \eqdef{}&\setComp{\melt\in\monoid}{ n \in\melt.\agV\land\All m \leq n. \melt.\agc(n) \nequiv{m}\melt.\agc(m) }\\
\melt\equiv\meltB\eqdef{}&\melt.\aginjV = \meltB.\aginjV\land\All n. n \in\melt.\aginjV\Ra\melt.\aginjc(n) \nequiv{n}\meltB.\aginjc(n) \\
\melt\nequiv{n}\meltB\eqdef{}& (\All m \leq n. m \in\melt.\aginjV\Lra m \in\meltB.\aginjV) \land (\All m \leq n. m \in\melt.\aginjV\Ra\melt.\aginjc(m) \nequiv{m}\meltB.\aginjc(m)) \\
\mval_n \eqdef{}&\setComp{\melt\in\monoid}{ n \in\melt.\aginjV\land\All m \leq n. \melt.\aginjc(n) \nequiv{m}\melt.\aginjc(m) }\\
\mcore\melt\eqdef{}&\melt\\
\melt\mtimes\meltB\eqdef{}& (\melt.\agc, \setComp{n}{n \in\melt.\agV\land n \in\meltB.\agV\land\melt\nequiv{n}\meltB})
\melt\mtimes\meltB\eqdef{}& (\melt.\aginjc, \setComp{n}{n \in\melt.\aginjV\land n \in\meltB.\aginjV\land\melt\nequiv{n}\meltB})
\end{align*}
$\agm(-)$ is a locally non-expansive functor from $\COFEs$ to $\CMRAs$.
You can think of the $\agc$ as a \emph{chain} of elements of $\cofe$ that has to converge only for $n \in\agV$ steps.
You can think of the $\aginjc$ as a \emph{chain} of elements of $\cofe$ that has to converge only for $n \in\aginjV$ steps.
The reason we store a chain, rather than a single element, is that $\agm(\cofe)$ needs to be a COFE itself, so we need to be able to give a limit for every chain of $\agm(\cofe)$.
However, given such a chain, we cannot constructively define its limit: Clearly, the $\agV$ of the limit is the limit of the $\agV$ of the chain.
However, given such a chain, we cannot constructively define its limit: Clearly, the $\aginjV$ of the limit is the limit of the $\aginjV$ of the chain.
But what to pick for the actual data, for the element of $\cofe$?
Only if $\agV=\mathbb{N}$ we have a chain of $\cofe$ that we can take a limit of; if the $\agV$ is smaller, the chain ``cancels'', \ie stops converging as we reach indices $n \notin\agV$.
Only if $\aginjV=\mathbb{N}$ we have a chain of $\cofe$ that we can take a limit of; if the $\aginjV$ is smaller, the chain ``cancels'', \ie stops converging as we reach indices $n \notin\aginjV$.
To mitigate this, we apply the usual construction to close a set; we go from elements of $\cofe$ to chains of $\cofe$.
We define an injection $\ag$ into $\agm(\cofe)$ as follows:
\[\ag(x)\eqdef\record{\mathrm c \eqdef\Lam\any. x, \mathrm V \eqdef\mathbb{N}}\]
We define an injection $\aginj$ into $\agm(\cofe)$ as follows:
\[\aginj(x)\eqdef\record{\mathrm c \eqdef\Lam\any. x, \mathrm V \eqdef\mathbb{N}}\]
There are no interesting frame-preserving updates for $\agm(\cofe)$, but we can show the following:
% The balance of our signature $\Sig$ is interpreted as follows.
% For each base type $\type$ not covered by the preceding table, we pick an object $X_\type$ in $\cal U$ and define
% \[
% \Sem{\type} \eqdef X_\type
% \]
% For each function symbol $\sigfn : \type_1, \dots, \type_n \to \type_{n+1} \in \SigFn$, we pick an arrow $\Sem{\sigfn} : \Sem{\type_1} \times \dots \times \Sem{\type_n} \to \Sem{\type_{n+1}}$ in $\cal U$.
% An environment $\vctx$ is interpreted as the set of
% maps $\rho$, with $\dom(\rho) = \dom(\vctx)$ and
% \later p &\eqdef \Lam W. \{\, (n + 1, r) \mid (n, r) \in p(W) \,\} \cup \{\, (0, r) \mid r \in \textdom{Res} \,\}
% \end{align*}
% \begin{lem}
% $\later{}$ is well-defined: $\later {p}$ is a valid proposition (this amounts to showing non-expansiveness), and $\later{}$ itself is a \emph{contractive} map.
% $\always{}$ is well-defined: $\always{p}$ is a valid proposition (this amounts to showing non-expansiveness), and $\always{}$ itself is a non-expansive map.
% $\mathit{inv}$ is well-defined: $\mathit{inv}(\iota, p)$ is a valid proposition (this amounts to showing non-expansiveness), and $\mathit{inv}$ itself is a non-expansive map.
% $\wsat{-}{-}{-}{-}$ is well-defined: It maps into $\psetdown{\mathbb{N}}$. (There is no need for it to be a non-expansive map, it doesn't itself live in $\cal U$.)
% $\mathit{wp}$ is well-defined: $\mathit{wp}_{\mask}(\expr, q)$ is a valid proposition, and $\mathit{wp}$ is a non-expansive map. Besides, the dependency on the recursive occurrence is contractive, so $\mathit{wp}$ has a fixed-point.
% \end{lem}
\paragraph{Interpretation of assertions.}
$\iProp$ is a $\UPred$, and hence the definitions from \Sref{sec:upred-logic} apply.
We only have to define the missing connectives, the most interesting bits being are primitive view shifts and weakest preconditions.
% \begin{lem}
% $\mathit{wp}$ on values and non-mask-changing $\mathit{vs}$ agree:
\All\rs_\f, m, \mask_\f, \state.& 0 < m \leq n \land (\mask_1 \cup\mask_2) \sep\mask_f \land k \in\wsat\state{\mask_1 \cup\mask_\f}{\rs\mtimes\rs_\f}\Ra{}\\&
\Exists\rsB. k \in\prop(\rsB) \land k \in\wsat\state{\mask_2 \cup\mask_\f}{\rsB\mtimes\rs_\f}
The balance of our signature $\Sig$ is interpreted as follows.
For each base type $\type$ not covered by the preceding table, we pick an object $X_\type$ in $\cal U$ and define
\[
\Sem{\type}\eqdef X_\type
\]
For each function symbol $\sigfn : \type_1, \dots, \type_n \to\type_{n+1}\in\SigFn$, we pick a function $\Sem{\sigfn} : \Sem{\type_1}\times\dots\times\Sem{\type_n}\nfn\Sem{\type_{n+1}}$.
\typedsection{Interpretation of non-propositional terms}{\Sem{\vctx\proves\term : \type} : \Sem{\vctx}\nfn\Sem{\type}}
\begin{align*}
\Sem{\vctx\proves x : \type}_\gamma&\eqdef\gamma(x) \\
