research-article

Open access

A predicate transformer semantics for effects (functional pearl)

Authors:

Wouter Swierstra,

Tim BaanenAuthors Info & Claims

Proceedings of the ACM on Programming Languages, Volume 3, Issue ICFP

Article No.: 103, Pages 1 - 26

https://doi.org/10.1145/3341707

Published: 26 July 2019 Publication History

PDF eReader

Abstract

Reasoning about programs that use effects can be much harder than reasoning about their pure counterparts. This paper presents a predicate transformer semantics for a variety of effects, including exceptions, state, non-determinism, and general recursion. The predicate transformer semantics gives rise to a refinement relation that can be used to relate a program to its specification, or even calculate effectful programs that are correct by construction.

Supplementary Material

WEBM File (a103-swierstra.webm)

Download
95.37 MB

References

[1]

Danel Ahman, Cătălin Hriţcu, Kenji Maillard, Guido Martínez, Gordon Plotkin, Jonathan Protzenko, Aseem Rastogi, and Nikhil Swamy. 2017. Dijkstra Monads for Free. In Proceedings of the 44th ACM SIGPLAN Symposium on Principles of Programming Languages (POPL 2017). ACM, 515–529.

Digital Library

Google Scholar

[2]

João Alpuim and Wouter Swierstra. 2018. Embedding the refinement calculus in Coq. Science of Computer Programming 164 (2018), 37–48.

Crossref

Google Scholar

[3]

Thorsten Altenkirch, Neil Ghani, Peter Hancock, Conor McBride, and Peter Morris. 2015. Indexed containers. Journal of Functional Programming 25 (2015).

Google Scholar

[4]

Ralph-Johan Back and Joakim von Wright. 2012. Refinement calculus: a systematic introduction. Springer Graduate Texts in Computer Science.

Digital Library

Google Scholar

[5]

R. J. R. Back and J. von Wright. 1989. Refinement Concepts Formalized in Higher Order Logic. Formal Aspects of Computing 2 (1989).

Google Scholar

[6]

Richard Bird. 2010. Pearls of Functional Algorithm Design. Cambridge University Press.

Digital Library

Google Scholar

[7]

Richard Bird and Oege de Moor. 1996. The algebra of programming. Prentice Hall.

Digital Library

Google Scholar

[8]

Sylvain Boulmé. 2007. Intuitionistic refinement calculus. In Typed Lambda Calculi and Applications. Springer, 54–69.

Digital Library

Google Scholar

[9]

Ana Bove and Venanzio Capretta. 2005. Modelling general recursion in type theory. Mathematical Structures in Computer Science 15, 4 (2005), 671–708.

Digital Library

Google Scholar

[10]

Ana Bove, Alexander Krauss, and Matthieu Sozeau. 2016. Partiality and recursion in interactive theorem provers – an overview. Mathematical Structures in Computer Science 26, 1 (2016), 38–88.

Crossref

Google Scholar

[11]

Edwin Brady. 2013a. Idris, a general-purpose dependently typed programming language: Design and implementation. Journal of Functional Programming 23, 5 (2013), 552–593.

Crossref

Google Scholar

[12]

Edwin Brady. 2013b. Programming and Reasoning with Algebraic Effects and Dependent Types. In Proceedings of the 18th ACM SIGPLAN International Conference on Functional Programming (ICFP ’13). ACM, 133–144.

Digital Library

Google Scholar

[13]

M. J. Butler, J. Grundy, T. Långbacka, R. Ruksenas, and J. von Wright. 1997. The Refinement Calculator: Proof Support for Program Refinement. In Proc. Conf. Formal Methods Pacific’97, Springer Series in Discrete Mathematics and Theoretical Computer Science, L. Groves and S. Reeves (Eds.). 40–61.

Google Scholar

[14]

Venanzio Capretta. 2005. General Recursion via Coinductive Types. Logical Methods in Computer Science 1, 2 (2005), 1–28.

Crossref

Google Scholar

[15]

Adam Chlipala, Benjamin Delaware, Samuel Duchovni, Jason Gross, Clément Pit-Claudel, Sorawit Suriyakarn, Peng Wang, and Katherine Ye. 2017. The end of history? Using a proof assistant to replace language design with library design. In 2nd Summit on Advances in Programming Languages (SNAPL 2017). Schloss Dagstuhl-Leibniz-Zentrum für Informatik.

Google Scholar

[16]

The Coq Development Team. 2017. The Coq Proof Assistant Reference Manual, version 8.7. ADT Coq (Action for Technological Development). http://coq.inria.fr

Google Scholar

[17]

Edsger W. Dijkstra. 1975. Guarded commands, non-determinacy and formal. derivation of programs. Commun. ACM 18, 8 (1975), 453–457.

Digital Library

Google Scholar

[18]

Brijesh Dongol, Victor B.F. Gomes, and Georg Struth. 2015. A Program Construction and Verification Tool for Separation Logic. In Mathematics of Program Construction (LNCS), Vol. 9129. Springer, 137–158.

Google Scholar

[19]

Jeremy Gibbons. 2013. Unifying Theories of Programming with Monads. In Unifying Theories of Programming, Burkhart Wolff, Marie-Claude Gaudel, and Abderrahmane Feliachi (Eds.). Springer, 23–67.

Google Scholar

[20]

Jeremy Gibbons and Ralf Hinze. 2011. Just Do It: Simple Monadic Equational Reasoning. In Proceedings of the 16th ACM SIGPLAN International Conference on Functional Programming (ICFP ’11). ACM, 2–14.

Digital Library

Google Scholar

[21]

Peter Hancock and Anton Setzer. 2000a. Interactive Programs in Dependent Type Theory. In Computer Science Logic: 14th InternationalWorkshop, CSL 2000 Annual Conference of the EACSL Fischbachau, Germany, August 21 – 26, 2000 Proceedings, Peter G. Clote and Helmut Schwichtenberg (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 317–331.

Digital Library

Google Scholar

[22]

Peter Hancock and Anton Setzer. 2000b. Specifying interactions with dependent types. In Workshop on Subtyping and Dependent Types in Programming. INRIA, Ponte de Lima, Portugal, Article 5, 13 pages.

Google Scholar

[23]

Graham Hutton and Diana Fulger. 2008. Reasoning about effects: Seeing the wood through the trees. (2008).

Google Scholar

[24]

Martin Hyland, Gordon Plotkin, and John Power. 2006. Combining effects: Sum and tensor. Theoretical Computer Science 357, 1-3 (2006), 70–99.

Digital Library

Google Scholar

[25]

Shin-ya Katsumata and Tetsuya Sato. 2013. Preorders on monads and coalgebraic simulations. In International Conference on Foundations of Software Science and Computational Structures. Springer, 145–160.

Digital Library

Google Scholar

[26]

Oleg Kiselyov and Hiromi Ishii. 2015. Freer Monads, More Extensible Effects. In Proceedings of the 2015 ACM SIGPLAN Symposium on Haskell (Haskell ’15). ACM, 94–105.

Digital Library

Google Scholar

[27]

Sheng Liang, Paul Hudak, and Mark Jones. 1995. Monad transformers and modular interpreters. In Conference record of the 22nd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. ACM, 333–343.

Digital Library

Google Scholar

[28]

Kenji Maillard, Danel Ahman, Robert Atkey, Guido Martinez, Catalin Hritcu, Exequiel Rivas, and Éric Tanter. 2019. Dijkstra Monads for All. (2019). arXiv: cs.PL/1903.01237

Google Scholar

[29]

Conor McBride. 2015. Turing-completeness totally free. In International Conference on Mathematics of Program Construction. Springer, 257–275.

Crossref

Google Scholar

[30]

Carroll Morgan. 1994. Programming from specifications. Prentice Hall,.

Digital Library

Google Scholar

[31]

Aleksandar Nanevski and Greg Morrisett. 2005. Dependent Type Theory of Stateful Higher-Order Functions. Technical Report TR-24-05. Harvard University.

Google Scholar

[32]

Aleksandar Nanevski, Greg Morrisett, and Lars Birkedal. 2006. Polymorphism and Separation in Hoare Type Theory. In Proceedings of the Eleventh ACM SIGPLAN International Conference on Functional Programming (ICFP ’06). ACM, 62–73.

Digital Library

Google Scholar

[33]

Aleksandar Nanevski, Greg Morrisett, Avraham Shinnar, Paul Govereau, and Lars Birkedal. 2008. Ynot: Dependent Types for Imperative Programs. In Proceedings of the 13th ACM SIGPLAN International Conference on Functional Programming (ICFP ’08). ACM, 229–240.

Digital Library

Google Scholar

[34]

Ulf Norell. 2007. Towards a practical programming language based on dependent type theory. Ph.D. Dissertation. Chalmers University of Technology.

Google Scholar

[35]

Gordon Plotkin and John Power. 2002. Notions of computation determine monads. In International Conference on Foundations of Software Science and Computation Structures. Springer, 342–356.

Digital Library

Google Scholar

[36]

Gordon Plotkin and John Power. 2003. Algebraic operations and generic effects. Applied categorical structures 11, 1 (2003), 69–94.

Google Scholar

[37]

Matija Pretnar. 2010. Logic and handling of algebraic effects. Ph.D. Dissertation. The University of Edinburgh.

Google Scholar

[38]

Nikhil Swamy, Juan Chen, Cédric Fournet, Pierre-Yves Strub, Karthikeyan Bhargavan, and Jean Yang. 2011. Secure distributed programming with value-dependent types. In Proceeding of the 16th ACM SIGPLAN International Conference on Functional Programming, Manuel M. T. Chakravarty, Zhenjiang Hu, and Olivier Danvy (Eds.). ACM, 266–278.

Digital Library

Google Scholar

[39]

Nikhil Swamy, Cătălin Hriţcu, Chantal Keller, Aseem Rastogi, Antoine Delignat-Lavaud, Simon Forest, Karthikeyan Bhargavan, Cédric Fournet, Pierre-Yves Strub, Markulf Kohlweiss, Jean-Karim Zinzindohoue, and Santiago ZanellaBéguelin. 2016. Dependent Types and Multi-monadic Effects in F*. In Proceedings of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL ’16). ACM, New York, NY, USA, 256–270.

Digital Library

Google Scholar

[40]

Nikhil Swamy, Joel Weinberger, Cole Schlesinger, Juan Chen, and Benjamin Livshits. 2013. Verifying Higher-order Programs with the Dijkstra Monad. In Proceedings of the 34th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI ’13). ACM, 387–398.

Digital Library

Google Scholar

[41]

Wouter Swierstra. 2008. Data types à la carte. Journal of Functional Programming 18, 4 (2008), 423–436.

Digital Library

Google Scholar

[42]

Wouter Swierstra. 2009a. A functional specification of effects. Ph.D. Dissertation. University of Nottingham.

Google Scholar

[43]

Wouter Swierstra. 2009b. A Hoare Logic for the State Monad. In Theorem Proving in Higher Order Logics, Stefan Berghofer, Tobias Nipkow, Christian Urban, and Makarius Wenzel (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 440–451.

Digital Library

Google Scholar

[44]

Wouter Swierstra and João Alpuim. 2016. From Proposition to Program - Embedding the Refinement Calculus in Coq. In Functional and Logic Programming - 13th International Symposium, FLOPS 2016, Kochi, Japan, March 4-6, 2016, Proceedings (LNCS), Vol. 9613. Springer, 29–44.

Google Scholar

[45]

Wouter Swierstra and Thorsten Altenkirch. 2007. Beauty in the Beast: a functional semantics for the awkward squad. In Proceedings of the ACM SIGPLAN Workshop on Haskell Workshop (Haskell ’07). ACM, 25–36.

Digital Library

Google Scholar

[46]

Janis Voigtländer. 2008. Asymptotic Improvement of Computations over Free Monads. In Mathematics of Program Construction, Philippe Audebaud and Christine Paulin-Mohring (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 388–403.

Digital Library

Google Scholar

[47]

Philip Wadler. 1987. A critique of Abelson and Sussman or why calculating is better than scheming. ACM SIGPLAN Notices 22, 3 (1987), 83–94.

Digital Library

Google Scholar

[48]

Nicolas Wu, Tom Schrijvers, and Ralf Hinze. 2014. Effect Handlers in Scope. In Proceedings of the 2014 ACM SIGPLAN Symposium on Haskell (Haskell ’14). ACM, 1–12.

Digital Library

Google Scholar

Cited By

View all

Carnier DPottier FKeuchel S(2024)Type Inference LogicsProceedings of the ACM on Programming Languages10.1145/36897868:OOPSLA2(2125-2155)Online publication date: 8-Oct-2024
https://dl.acm.org/doi/10.1145/3689786
Todorov IBach Poulsen CAlves SCockx J(2024)Modal μ-Calculus for Free in AgdaProceedings of the 9th ACM SIGPLAN International Workshop on Type-Driven Development10.1145/3678000.3678202(16-28)Online publication date: 28-Aug-2024
https://dl.acm.org/doi/10.1145/3678000.3678202
Qin XO’Connor Lvan Glabbeek RHöfner PKammar OSteuwer M(2024)Shoggoth: A Formal Foundation for Strategic RewritingProceedings of the ACM on Programming Languages10.1145/36332118:POPL(61-89)Online publication date: 5-Jan-2024
https://dl.acm.org/doi/10.1145/3633211
Show More Cited By

Index Terms

A predicate transformer semantics for effects (functional pearl)
1. Software and its engineering
  1. Software notations and tools
    1. General programming languages
      1. Language types
        Functional languages
2. Theory of computation
  1. Logic
  2. Semantics and reasoning
    1. Program reasoning
      1. Program specifications
    2. Program semantics

Recommendations

Relating direct and predicate transformer partial correctness semantics for an imperative probabilistic-nondeterministic language

In Keimel et al. (2009) [5] we have systematically derived a predicate transformer semantics from a direct semantics in total correctness style for a nondeterministic/probabilistic basic imperative programming language L"p. In the current paper we ...
Probabilistic predicate transformers

Probabilistic predicates generalize standard predicates over a state space; with probabilistic predicate transformers one thus reasons about imperative programs in terms of probabilistic pre- and postconditions. Probabilistic healthiness conditions ...
Effect Polymorphism in Higher-Order Logic (Proof Pearl)

The notion of a monad cannot be expressed within higher-order logic (HOL) due to type system restrictions. I show that if a monad is restricted to values of a fixed type, this notion can be formalised in HOL. Based on this idea, I develop a library of ...

Reviews

Reviewer: Jacques Carette

Proving properties of imperative programs with side effects is quite arduous. Purely functional code, on the other hand, has a relatively pleasant equational theory that enables reasonable proofs. Is it possible to use modern machinery to make proofs about effectful programs easier The work here illustrates such a path forward. As befits the pearl style, it walks the reader slowly and steadily through the ideas, with plenty of illustrative examples along the way. Complex ideas-the "predicate transformer semantics for effects" of the title, as well as a similar semantics for specifications and a way to mix them-are made quite clear. For the expert, various concepts from category theory that underlie the semantics are sprinkled throughout. The ideas are made clear by explicitly showing Agda code (a dependently typed programming language in the Haskell family), along with explanations of each new idea. Full code can also be found online. As system programming languages (such as Rust) give us more features for ensuring safety, we also need to keep looking ahead to the next level of features. Anyone who wants a clear preview of the bright future such investigations have should read this paper.

Access critical reviews of Computing literature here

Become a reviewer for Computing Reviews.

Comments

Information & Contributors

Information

Published In

cover image Proceedings of the ACM on Programming Languages

Proceedings of the ACM on Programming Languages Volume 3, Issue ICFP

August 2019

1054 pages

EISSN:2475-1421

DOI:10.1145/3352468

Issue’s Table of Contents

This work is licensed under a Creative Commons Attribution International 4.0 License.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 26 July 2019

Published in PACMPL Volume 3, Issue ICFP

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Badges

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

13
Total Citations
View Citations
1,341
Total Downloads

Downloads (Last 12 months)194
Downloads (Last 6 weeks)20

Reflects downloads up to 15 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Carnier DPottier FKeuchel S(2024)Type Inference LogicsProceedings of the ACM on Programming Languages10.1145/36897868:OOPSLA2(2125-2155)Online publication date: 8-Oct-2024
https://dl.acm.org/doi/10.1145/3689786
Todorov IBach Poulsen CAlves SCockx J(2024)Modal μ-Calculus for Free in AgdaProceedings of the 9th ACM SIGPLAN International Workshop on Type-Driven Development10.1145/3678000.3678202(16-28)Online publication date: 28-Aug-2024
https://dl.acm.org/doi/10.1145/3678000.3678202
Qin XO’Connor Lvan Glabbeek RHöfner PKammar OSteuwer M(2024)Shoggoth: A Formal Foundation for Strategic RewritingProceedings of the ACM on Programming Languages10.1145/36332118:POPL(61-89)Online publication date: 5-Jan-2024
https://dl.acm.org/doi/10.1145/3633211
Andrici CCiobâcă ȘHriţcu CMartínez GRivas ETanter ÉWinterhalter T(2024)Securing Verified IO Programs Against Unverified Code in F*Proceedings of the ACM on Programming Languages10.1145/36329168:POPL(2226-2259)Online publication date: 5-Jan-2024
https://dl.acm.org/doi/10.1145/3632916
Li YWeirich S(2022)Program adverbs and Tlön embeddingsProceedings of the ACM on Programming Languages10.1145/35476326:ICFP(312-342)Online publication date: 31-Aug-2022
https://dl.acm.org/doi/10.1145/3547632
Yoon IZakowski YZdancewic S(2022)Formal reasoning about layered monadic interpretersProceedings of the ACM on Programming Languages10.1145/35476306:ICFP(254-282)Online publication date: 31-Aug-2022
https://dl.acm.org/doi/10.1145/3547630
Batz KGallus AKaminski BKatoen JWinkler T(2022)Weighted programming: a programming paradigm for specifying mathematical modelsProceedings of the ACM on Programming Languages10.1145/35273106:OOPSLA1(1-30)Online publication date: 29-Apr-2022
https://dl.acm.org/doi/10.1145/3527310
Li YXia LWeirich S(2021)Reasoning about the garden of forking pathsProceedings of the ACM on Programming Languages10.1145/34735855:ICFP(1-28)Online publication date: 19-Aug-2021
https://dl.acm.org/doi/10.1145/3473585
Zakowski YBeck CYoon IZaichuk IZaliva VZdancewic S(2021)Modular, compositional, and executable formal semantics for LLVM IRProceedings of the ACM on Programming Languages10.1145/34735725:ICFP(1-30)Online publication date: 19-Aug-2021
https://dl.acm.org/doi/10.1145/3473572
Bird RGibbons JHinze RHöfner PJeuring JMeertens LMöller BMorgan CSchrijvers TSwierstra WWu N(2021)AlgorithmicsAdvancing Research in Information and Communication Technology10.1007/978-3-030-81701-5_3(59-98)Online publication date: 4-Aug-2021
https://doi.org/10.1007/978-3-030-81701-5_3
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Abstract

Supplementary Material

References

Cited By

Index Terms

Recommendations

Relating direct and predicate transformer partial correctness semantics for an imperative probabilistic-nondeterministic language

Probabilistic predicate transformers

Effect Polymorphism in Higher-Order Logic (Proof Pearl)

Reviews

Access critical reviews of Computing literature here

Comments

Information

Published In

Publisher

Publication History

Permissions

Check for updates

Badges

Author Tags

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

PDF

eReader

Get Access

Login options

Full Access

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations