skip to main content
research-article
Open Access
Artifacts Evaluated & Functional / v1.1

Verifying replicated data types with typeclass refinements in Liquid Haskell

Published:13 November 2020Publication History
Skip Abstract Section

Abstract

This paper presents an extension to Liquid Haskell that facilitates stating and semi-automatically proving properties of typeclasses. Liquid Haskell augments Haskell with refinement types—our work allows such types to be attached to typeclass method declarations, and ensures that instance implementations respect these types. The engineering of this extension is a modular interaction between GHC, the Glasgow Haskell Compiler, and Liquid Haskell’s core proof infrastructure. The design sheds light on the interplay between modular proofs and typeclass resolution, which in Haskell is coherent by default (meaning that resolution always selects the same implementation for a particular instantiating type), but in other dependently typed languages is not.

We demonstrate the utility of our extension by using Liquid Haskell to modularly verify that 34 instances satisfy the laws of five standard typeclasses.

More substantially, we implement a framework for programming distributed applications based on replicated data types (RDTs). We define a typeclass whose Liquid Haskell type captures the mathematical properties RDTs should satisfy; prove in Liquid Haskell that these properties are sufficient to ensure that replicas’ states converge despite out-of-order update delivery; implement (and prove correct) several instances of our RDT typeclass; and use them to build two realistic applications, a multi-user calendar event planner and a collaborative text editor.

Skip Supplemental Material Section

Supplemental Material

Auxiliary Presentation Video

This talk presents an extension to Liquid Haskell that facilitates stating and semi-automatically proving properties of typeclasses. Liquid Haskell augments Haskell with refinement types—our work allows such types to be attached to typeclass method declarations, and ensures that instance implementations respect these types. We demonstrate the utility of our extension by using Liquid Haskell to modularly verify that 34 instances satisfy the laws of five standard typeclasses. More substantially, we implement a framework for programming distributed applications based on replicated data types (RDTs). We define a typeclass whose Liquid Haskell type captures the mathematical properties RDTs should satisfy; prove in Liquid Haskell that these properties are sufficient to ensure that replicas’ states converge despite out-of-order update delivery; implement (and prove correct) several instances of our RDT typeclass; and use them to build two realistic applications.

References

  1. Mehdi Ahmed-Nacer, Claudia-Lavinia Ignat, Gérald Oster, Hyun-Gul Roh, and Pascal Urso. 2011. Evaluating CRDTs for Real-Time Document Editing. In Proceedings of the 11th ACM Symposium on Document Engineering (Mountain View, California, USA) ( DocEng '11). Association for Computing Machinery, New York, NY, USA, 103-112. https: //doi.org/10.1145/2034691.2034717 Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Andreas Arvidsson, Moa Johansson, and Robin Touche. 2016. Proving Type Class Laws for Haskell. In International Symposium on Trends in Functional Programming. Springer, 61-74.Google ScholarGoogle Scholar
  3. Hagit Attiya, Sebastian Burckhardt, Alexey Gotsman, Adam Morrison, Hongseok Yang, and Marek Zawirski. 2016. Specification and Complexity of Collaborative Text Editing. In Proceedings of the 2016 ACM Symposium on Principles of Distributed Computing (Chicago, Illinois, USA) ( PODC '16). ACM, New York, NY, USA, 259-268. https: //doi.org/10.1145/2933057.2933090 Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Mike Barnett, K. Rustan M. Leino, and Wolfram Schulte. 2005. The Spec# Programming System: An Overview. In Construction and Analysis of Safe, Secure, and Interoperable Smart Devices, Gilles Barthe, Lilian Burdy, Marieke Huisman, Jean-Louis Lanet, and Traian Muntean (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 49-69.Google ScholarGoogle Scholar
  5. Clark Barrett, Aaron Stump, Cesare Tinelli, et al. 2010. The smt-lib standard: Version 2.0. In Proceedings of the 8th international workshop on satisfiability modulo theories (Edinburgh, England), Vol. 13. 14.Google ScholarGoogle Scholar
  6. Ken Birman, André Schiper, and Pat Stephenson. 1991. Lightweight Causal and Atomic Group Multicast. ACM Transactions on Computer Systems 9 ( 08 1991 ), 272-. https://doi.org/10.1145/128738.128742 Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Gert-Jan Bottu, Ningning Xie, Koar Marntirosian, and Tom Schrijvers. 2019. Coherence of Type Class Resolution. Proc. ACM Program. Lang. 3, ICFP, Article Article 91 (July 2019 ), 28 pages.Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Sebastian Burckhardt, Alexey Gotsman, Hongseok Yang, and Marek Zawirski. 2014. Replicated Data Types: Specification, Verification, Optimality. In Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (San Diego, California, USA) ( POPL '14). Association for Computing Machinery, New York, NY, USA, 271-284. https://doi.org/10.1145/2535838.2535848 Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Koen Claessen and John Hughes. 2011. QuickCheck: a lightweight tool for random testing of Haskell programs. Acm sigplan notices 46, 4 ( 2011 ), 53-64.Google ScholarGoogle Scholar
  10. Koen Claessen, Moa Johansson, Dan Rosén, and Nicholas Smallbone. 2012. HipSpec: Automating Inductive Proofs of Program Properties.. In ATx/WInG at IJCAR. 16-25.Google ScholarGoogle Scholar
  11. Robert L Constable and Scott Fraser Smith. 1987. Partial objects in constructive type theory. Technical Report. Cornell University.Google ScholarGoogle Scholar
  12. Leonardo De Moura and Nikolaj Bjørner. 2008. Z3: An eficient SMT solver. In International conference on Tools and Algorithms for the Construction and Analysis of Systems. Springer, 337-340.Google ScholarGoogle ScholarCross RefCross Ref
  13. Leonardo de Moura, Soonho Kong, Jeremy Avigad, Floris Van Doorn, and Jakob von Raumer. 2015. The Lean theorem prover (system description). In International Conference on Automated Deduction. Springer, 378-388.Google ScholarGoogle ScholarCross RefCross Ref
  14. Dominique Devriese and Frank Piessens. 2011. On the bright side of type classes: instance arguments in Agda. ACM SIGPLAN Notices 46, 9 ( 2011 ), 143-155.Google ScholarGoogle Scholar
  15. Derek Dreyer, Robert Harper, Manuel M. T. Chakravarty, and Gabriele Keller. 2007. Modular Type Classes. SIGPLAN Not. 42, 1 (Jan. 2007 ), 63-70. https://doi.org/10.1145/1190215.1190229 Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Richard A. Eisenberg. 2016. Dependent Types in Haskell: Theory and Practice. CoRR abs/1610.07978 ( 2016 ). arXiv: 1610.07978 http://arxiv.org/abs/1610.07978Google ScholarGoogle Scholar
  17. Richard A. Eisenberg and Stephanie Weirich. 2012. Dependently Typed Programming with Singletons. SIGPLAN Not. 47, 12 (Sept. 2012 ), 117-130. https://doi.org/10.1145/2430532.2364522 Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Conal Elliott and Paul Hudak. 1997. Functional Reactive Animation. In International Conference on Functional Programming. http://conal.net/papers/icfp97/Google ScholarGoogle Scholar
  19. Andrew Farmer, Neil Sculthorpe, and Andy Gill. 2015. Reasoning with the HERMIT: Tool Support for Equational Reasoning on GHC Core Programs. SIGPLAN Not. 50, 12 (Aug. 2015 ), 23-34. https://doi.org/10.1145/2887747.2804303 Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. C. J. Fidge. 1988. Timestamps in message-passing systems that preserve the partial ordering. Proceedings of the 11th Australian Computer Science Conference 10, 1 ( 1988 ), 56-66. http://sky.scitech.qut.edu.au/~fidgec/Publications/fidge88a.pdfGoogle ScholarGoogle Scholar
  21. Phil Freeman. 2017. PureScript by Example. https://doi.org/10.1145/2887747.2804303 Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. GHC 2020. GHC: The Glasgow Haskell compiler. https://www.haskell.org/ghc/.Google ScholarGoogle Scholar
  23. Victor B. F. Gomes, Martin Kleppmann, Dominic P. Mulligan, and Alastair R. Beresford. 2017. Verifying Strong Eventual Consistency in Distributed Systems. Proc. ACM Program. Lang. 1, OOPSLA, Article 109 (Oct. 2017 ), 28 pages. https: //doi.org/10.1145/3133933 Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. Alexey Gotsman, Hongseok Yang, Carla Ferreira, Mahsa Najafzadeh, and Marc Shapiro. 2016. 'Cause I'm Strong Enough: Reasoning about Consistency Choices in Distributed Systems. In Proceedings of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (St. Petersburg, FL, USA) ( POPL '16). Association for Computing Machinery, New York, NY, USA, 371-384. https://doi.org/10.1145/2837614.2837625 Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Ryan G. Scott and Ryan R. Newton. 2019. Generic and Flexible Defaults for Verified, Law-Abiding Type-Class Instances. In Proceedings of the 12th ACM SIGPLAN International Symposium on Haskell (Berlin, Germany) ( Haskell 2019 ). Association for Computing Machinery, New York, NY, USA, 15-29. https://doi.org/10.1145/3331545.3342591 Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Marc Shapiro, Nuno Preguiça, Carlos Baquero, and Marek Zawirski. 2011a. A comprehensive study of convergent and commutative replicated data types. ( 2011 ).Google ScholarGoogle Scholar
  27. Marc Shapiro, Nuno Preguiça, Carlos Baquero, and Marek Zawirski. 2011b. Conflict-Free Replicated Data Types. In Stabilization, Safety, and Security of Distributed Systems, Xavier Défago, Franck Petit, and Vincent Villain (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 386-400.Google ScholarGoogle Scholar
  28. Tim Sheard and Simon Peyton Jones. 2002. Template Meta-Programming for Haskell. SIGPLAN Not. 37, 12 (Dec. 2002 ), 60-75. https://doi.org/10.1145/636517.636528 Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. KC Sivaramakrishnan, Gowtham Kaki, and Suresh Jagannathan. 2015. Declarative Programming over Eventually Consistent Data Stores. In Proceedings of the 36th ACM SIGPLAN Conference on Programming Language Design and Implementation (Portland, OR, USA) ( PLDI '15). Association for Computing Machinery, New York, NY, USA, 413-424. https://doi.org/10. 1145/2737924.2737981 Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. William Sonnex, Sophia Drossopoulou, and Susan Eisenbach. 2012. Zeno: An Automated Prover for Properties of Recursive Data Structures. In Tools and Algorithms for the Construction and Analysis of Systems, Cormac Flanagan and Barbara König (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 407-421.Google ScholarGoogle Scholar
  31. Matthieu Sozeau and Nicolas Oury. 2008. First-Class Type Classes. In Theorem Proving in Higher Order Logics, Otmane Ait Mohamed, César Muñoz, and Sofiène Tahar (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 278-293.Google ScholarGoogle Scholar
  32. Antal Spector-Zabusky, Joachim Breitner, Christine Rizkallah, and Stephanie Weirich. 2018. Total Haskell is Reasonable Coq. In Proceedings of the 7th ACM SIGPLAN International Conference on Certified Programs and Proofs (Los Angeles, CA, USA) ( CPP 2018 ). Association for Computing Machinery, New York, NY, USA, 14-27. https://doi.org/10.1145/3167092 Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. Bjarne Stroustrup. 1989. Multiple inheritance for C++. Computing Systems 2, 4 ( 1989 ), 367-395.Google ScholarGoogle Scholar
  34. Martin Sulzmann, Manuel MT Chakravarty, Simon Peyton Jones, and Kevin Donnelly. 2007. System F with type equality coercions. In Proceedings of the 2007 ACM SIGPLAN international workshop on Types in languages design and implementation. 53-66.Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. Dotty Development Team. 2020. Dotty Documentation. https://dotty.epfl.ch/docs/reference/contextual/type-classes.htmlGoogle ScholarGoogle Scholar
  36. Team Mozilla Research. 2017. The Rust Programming Language. https://www.rust-lang.org/en-US/Google ScholarGoogle Scholar
  37. Niki Vazou, Joachim Breitner, Rose Kunkel, David Van Horn, and Graham Hutton. 2018. Theorem proving for all: equational reasoning in liquid Haskell (functional pearl). In Proceedings of the 11th ACM SIGPLAN International Symposium on Haskell, Nicolas Wu (Ed.).Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. Niki Vazou, Eric L Seidel, Ranjit Jhala, Dimitrios Vytiniotis, and Simon Peyton-Jones. 2014. Refinement types for Haskell. In Proceedings of the 19th ACM SIGPLAN international conference on Functional programming. 269-282.Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. Niki Vazou, Anish Tondwalkar, Vikraman Choudhury, Ryan G. Scott, Ryan R. Newton, Philip Wadler, and Ranjit Jhala. 2017. Refinement Reflection: Complete Verification with SMT. Proc. ACM Program. Lang. 2, POPL, Article Article 53 (Dec. 2017 ), 31 pages. https://doi.org/10.1145/3158141 Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. Dimitrios Vytiniotis, Simon L. Peyton Jones, Koen Claessen, and Dan Rosén. 2013. HALO: haskell to logic through denotational semantics. In POPL.Google ScholarGoogle Scholar
  41. Philip Wadler and Stephen Blott. 1989. How to make ad-hoc polymorphism less ad hoc. In Proceedings of the 16th ACM SIGPLAN-SIGACT symposium on Principles of programming languages. 60-76.Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. Stephanie Weirich, Pritam Choudhury, Antoine Voizard, and Richard A. Eisenberg. 2019. A Role for Dependent Types in Haskell. Proc. ACM Program. Lang. 3, ICFP, Article Article 101 (July 2019 ), 29 pages. https://doi.org/10.1145/3341705 Google ScholarGoogle ScholarDigital LibraryDigital Library
  43. Stephane Weiss, Pascal Urso, and Pascal Molli. 2009. Logoot: A Scalable Optimistic Replication Algorithm for Collaborative Editing on P2P Networks. In Proceedings of the 2009 29th IEEE International Conference on Distributed Computing Systems (ICDCS '09). IEEE Computer Society, USA, 404-412. https://doi.org/10.1109/ICDCS. 2009.75 Google ScholarGoogle ScholarDigital LibraryDigital Library
  44. Hongwei Xi and Frank Pfenning. 1998. Eliminating array bound checking through dependent types. In Proceedings of the ACM SIGPLAN 1998 conference on Programming language design and implementation. 249-257.Google ScholarGoogle ScholarDigital LibraryDigital Library
  45. Ningning Xie, Richard A. Eisenberg, and Bruno C. d. S. Oliveira. 2019. Kind Inference for Datatypes. Proc. ACM Program. Lang. 4, POPL, Article Article 53 (Dec. 2019 ), 28 pages. https://doi.org/10.1145/3371121 Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. Peter Zeller, Annette Bieniusa, and Arnd Poetzsch-Hefter. 2014. Formal Specification and Verification of CRDTs. In Formal Techniques for Distributed Objects, Components, and Systems, Erika Ábrahám and Catuscia Palamidessi (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 33-48.Google ScholarGoogle Scholar

Index Terms

  1. Verifying replicated data types with typeclass refinements in Liquid Haskell

        Recommendations

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in

        Full Access

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader
        About Cookies On This Site

        We use cookies to ensure that we give you the best experience on our website.

        Learn more

        Got it!