Alignment complete relational Hoare logics for some and all

TL;DR

This paper establishes the completeness of relational Hoare logics for certain classes of automata, introducing new logics for different property types and discussing principles for relational reasoning.

Contribution

It proves alignment completeness for a general class of automata and introduces a new logic for $orall ightarrow$ properties, advancing the theoretical foundations of relational verification.

Findings

Proves alignment completeness for a broad class of automata.

Introduces a new logic for $orall ightarrow$ properties.

Shows semantic completeness of the automata models.

Abstract

In relational verification, judicious alignment of computational steps facilitates proof of relations between programs using simple relational assertions. Relational Hoare logics (RHL) provide compositional rules that embody various alignments of executions. Seemingly more flexible alignments can be expressed in terms of product automata based on program transition relations. A single degenerate alignment rule (sequential composition), atop a complete Hoare logic, comprises a RHL for $\forall\forall$ properties that is complete in the sense of Cook. The notion of alignment completeness was previously proposed as an additional measure, and some rules were shown to be alignment complete with respect to a few ad hoc forms of alignment automata. This paper proves alignment completeness with respect to a general class of $\forall\forall$ alignment automata, for a RHL comprised of standard rules together with a rule of semantics-preserving rewrites based on Kleene algebra with tests. A new logic for $\forall\exists$ properties is introduced and shown to be sound and alignment complete for a new general class of automata. The $\forall\forall$ and $\forall\exists$ automata are shown to be semantically complete. Thus both logics are complete in the sense of Cook. The paper includes discussion of why alignment is not the only important principle for relational reasoning and proposes entailment completeness as further means to evaluate RHLs.