Abstract
This paper introduces ctrees, a monad for modeling nondeterministic, recursive, and impure programs in Coq. Inspired by Xia et al.'s itrees, this novel data structure embeds computations into coinductive trees with three kind of nodes: external events, and two variants of nondeterministic branching. This apparent redundancy allows us to provide shallow embedding of denotational models with internal choice in the style of CCS, while recovering an inductive LTS view of the computation. ctrees inherit a vast collection of bisimulation and refinement tools, with respect to which we establish a rich equational theory.
We connect ctrees to the itree infrastructure by showing how a monad morphism embedding the former into the latter permits to use ctrees to implement nondeterministic effects. We demonstrate the utility of ctrees by using them to model concurrency semantics in two case studies: CCS and cooperative multithreading.
- Martín Abadi and Gordon D Plotkin. 2010. A model of cooperative threads. Logical Methods in Computer Science, 6, 4 (2010), 1–39. issn:18605974 https://doi.org/10.2168/LMCS-6(4:2)2010
Google Scholar
Cross Ref
- Sampson Abramsky and Paul-Andreé Melliès. 1999. Concurrent Games and Full Completeness. In Proceedings of the 14th Annual ACM/IEEE Symposium on Logic in Computer Science. IEEE Computer Society Press. https://doi.org/10.1109/LICS.1999.782638
Google Scholar
Cross Ref
- Jade Alglave, Will Deacon, Richard Grisenthwaite, Antoine Hacquard, and Luc Maranget. 2021. Armed Cats: Formal Concurrency Modelling at Arm. ACM Trans. Program. Lang. Syst., 43, 2 (2021), 8:1–8:54. https://doi.org/10.1145/3458926
Google Scholar
Digital Library
- Jade Alglave, Luc Maranget, and Michael Tautschnig. 2014. Herding cats: modelling, simulation, testing, and data-mining for weak memory. In ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI ’14, Edinburgh, United Kingdom - June 09 - 11, 2014, Michael F. P. O’Boyle and Keshav Pingali (Eds.). ACM, 40. https://doi.org/10.1145/2594291.2594347
Google Scholar
Digital Library
- Thorsten Altenkirch, Nils Anders Danielsson, and Nicolai Kraus. 2017. Partiality, Revisited. In Foundations of Software Science and Computation Structures, Javier Esparza and Andrzej S. Murawski (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 534–549. isbn:978-3-662-54458-7 https://doi.org/10.1007/978-3-662-54458-7_31
Google Scholar
Digital Library
- 2001. Handbook of Process Algebra, J.A. Bergstra, A. Ponse, and S.A. Smolka (Eds.). Elsevier Science. isbn:978-0-444-82830-9 https://doi.org/10.1016/B978-044482830-9/50038-2
Google Scholar
Cross Ref
- B. Bloom, S. Istrail, and A. R. Meyer. 1988. Bisimulation Can’t Be Traced. In Proceedings of the 15th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL ’88). Association for Computing Machinery, New York, NY, USA. 229–239. isbn:0897912527 https://doi.org/10.1145/73560.73580
Google Scholar
Digital Library
- Stephan Brandauer, Elias Castegren, Dave Clarke, Kiko Fernandez-Reyes, Einar Broch Johnsen, Ka I Pun, Silvia Lizeth Tapia Tarifa, Tobias Wrigstad, and Albert Mingkun Yang. 2015. Parallel Objects for Multicores: A Glimpse at the Parallel Language Encore. In Formal Methods for Multicore Programming - 15th International School on Formal Methods for the Design of Computer, Communication, and Software Systems, SFM 2015, Bertinoro, Italy, June 15-19, 2015, Advanced Lectures, Marco Bernardo and Einar Broch Johnsen (Eds.) (Lecture Notes in Computer Science, Vol. 9104). Springer, 1–56. https://doi.org/10.1007/978-3-319-18941-3_1
Google Scholar
Cross Ref
- Stephen D. Brookes. 2002. Traces, Pomsets, Fairness and Full Abstraction for Communicating Processes. In Proc. 13th Intl. Conf. on Concurrency Theory (CONCUR 2002), Lubos Brim, Petr Jancar, Mojmír Kretínský, and Antonín Kucera (Eds.) (LNCS, Vol. 2421). Springer, Berlin Heidelberg. 466–482. https://doi.org/10.1007/3-540-45694-5_31
Google Scholar
Cross Ref
- Venanzio Capretta. 2005. General Recursion via Coinductive Types. Logical Methods in Computer Science, 1, 2 (2005), 1–18. issn:1860-5974 https://doi.org/10.2168/LMCS-1(2:1)2005
Google Scholar
Cross Ref
- Simon Castellan, Pierre Clairambault, Silvain Rideau, and Glynn Winskel. 2017. Games and Strategies as Event Structures. Log. Methods Comput. Sci., 13, 3 (2017), https://doi.org/10.23638/LMCS-13(3:35)2017
Google Scholar
Cross Ref
- Nicolas Chappe, Paul He, Ludovic Henrio, Yannick Zakowski, and Steve Zdancewic. 2022. Choice Trees: Representing Nondeterministic, Recursive, and Impure Programs in Coq. https://doi.org/10.5281/zenodo.7227966
Google Scholar
Digital Library
- Nicolas Chappe, Paul He, Ludovic Henrio, Yannick Zakowski, and Steve Zdancewic. 2023. Choice Trees: Representing Nondeterministic, Recursive, and Impure Programs in Coq — extended version. arxiv:2211.06863
Google Scholar
- Silvia Crafa, Daniele Varacca, and Nobuko Yoshida. 2012. Event structure semantics of parallel extrusion in the pi-calculus. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). 7213 LNCS, 225–239. isbn:9783642287282 issn:03029743 https://doi.org/10.1007/978-3-642-28729-9_15
Google Scholar
Digital Library
- Ioana Cristescu, Jean Krivine, and Daniele Varacca. 2013. A Compositional Semantics for the Reversible π -Calculus. In Proceedings - Symposium on Logic in Computer Science. 388–397. issn:10436871 https://doi.org/10.1109/LICS.2013.45
Google Scholar
Digital Library
- Crystal Chang Din, Reiner Hähnle, Einar Broch Johnsen, Ka I. Pun, and Silvia Lizeth Tapia Tarifa. 2017. Locally Abstract, Globally Concrete Semantics of Concurrent Programming Languages. In Automated Reasoning with Analytic Tableaux and Related Methods, Renate A. Schmidt and Cláudia Nalon (Eds.). Springer International Publishing, Cham. 22–43. https://doi.org/10.1007/978-3-319-66902-1_2
Google Scholar
Cross Ref
- Crystal Chang Din, Reiner Hähnle, Ludovic Henrio, Einar Broch Johnsen, Violet Ka I Pun, and Silvia Lizeth Tapia Tarifa. 2022. LAGC Semantics of Concurrent Programming Languages. https://doi.org/10.48550/ARXIV.2202.12195
Google Scholar
- Simon Foster, Chung-Kil Hur, and Jim Woodcock. 2021. Formally Verified Simulations of State-Rich Processes Using Interaction Trees in Isabelle/HOL. In 32nd International Conference on Concurrency Theory, CONCUR 2021, August 24-27, 2021, Virtual Conference, Serge Haddad and Daniele Varacca (Eds.) (LIPIcs, Vol. 203). Schloss Dagstuhl - Leibniz-Zentrum für Informatik, 20:1–20:18. https://doi.org/10.4230/LIPIcs.CONCUR.2021.20
Google Scholar
Cross Ref
- Robert Harper. 2016. Practical Foundations for Programming Languages (2 ed.). Cambridge University Press. https://doi.org/10.1017/CBO9781316576892
Google Scholar
Cross Ref
- Ludovic Henrio, Eric Madelaine, and Min Zhang. 2016. A Theory for the Composition of Concurrent Processes. In Formal Techniques for Distributed Objects, Components, and Systems, Elvira Albert and Ivan Lanese (Eds.). Springer International Publishing, Cham. 175–194. isbn:978-3-319-39570-8 https://doi.org/10.1007/978-3-319-39570-8_12
Google Scholar
Digital Library
- Chung-Kil Hur, Georg Neis, Derek Dreyer, and Viktor Vafeiadis. 2013. The Power of Parameterization in Coinductive Proof. In Proceedings of the 40th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL ’13). ACM, New York, NY, USA. 193–206. isbn:978-1-4503-1832-7 https://doi.org/10.1145/2429069.2429093
Google Scholar
Digital Library
- Jeehoon Kang, Chung-Kil Hur, Ori Lahav, Viktor Vafeiadis, and Derek Dreyer. 2017. A promising semantics for relaxed-memory concurrency. In Proceedings of the 44th ACM SIGPLAN Symposium on Principles of Programming Languages, POPL 2017, Paris, France, January 18-20, 2017, Giuseppe Castagna and Andrew D. Gordon (Eds.). ACM, 175–189. https://doi.org/10.1145/3009837.3009850
Google Scholar
Digital Library
- James C. King. 1976. Symbolic Execution and Program Testing. Commun. ACM, 19, 7 (1976), July, 385–394. https://doi.org/10.1145/360248.360252
Google Scholar
Digital Library
- Oleg Kiselyov and Hiromi Ishii. 2015. Freer monads, more extensible effects. In Proceedings of the 8th ACM SIGPLAN Symposium on Haskell, Haskell 2015, Vancouver, BC, Canada, September 3-4, 2015. 94–105. https://doi.org/10.1145/2804302.2804319
Google Scholar
Digital Library
- Jérémie Koenig and Zhong Shao. 2020. Refinement-Based Game Semantics for Certified Abstraction Layers. In Proceedings of the 35th Annual ACM/IEEE Symposium on Logic in Computer Science (LICS ’20). Association for Computing Machinery, New York, NY, USA. 633–647. isbn:9781450371049 https://doi.org/10.1145/3373718.3394799
Google Scholar
Digital Library
- Leonidas Lampropoulos and Benjamin C. Pierce. 2018. QuickChick: Property-Based Testing in Coq. Electronic textbook. https://softwarefoundations.cis.upenn.edu/qc-current/index.html
Google Scholar
- Sung-Hwan Lee, Minki Cho, Anton Podkopaev, Soham Chakraborty, Chung-Kil Hur, Ori Lahav, and Viktor Vafeiadis. 2020. Promising 2.0: global optimizations in relaxed memory concurrency. In Proceedings of the 41st ACM SIGPLAN International Conference on Programming Language Design and Implementation, PLDI 2020, London, UK, June 15-20, 2020, Alastair F. Donaldson and Emina Torlak (Eds.). ACM, 362–376. https://doi.org/10.1145/3385412.3386010
Google Scholar
Digital Library
- Sergueï Lenglet and Alan Schmitt. 2018. HOπ in Coq. In Proceedings of the 7th ACM SIGPLAN International Conference on Certified Programs and Proofs, CPP 2018, Los Angeles, CA, USA, January 8-9, 2018, June Andronick and Amy P. Felty (Eds.). ACM, 252–265. https://doi.org/10.1145/3167083
Google Scholar
Digital Library
- Mohsen Lesani, Li-yao Xia, Anders Kaseorg, Christian J. Bell, Adam Chlipala, Benjamin C. Pierce, and Steve Zdancewic. 2022. C4: verified transactional objects. Proc. ACM Program. Lang., 6, OOPSLA (2022), 1–31. https://doi.org/10.1145/3527324
Google Scholar
Digital Library
- Thomas Letan, Yann Régis-Gianas, Pierre Chifflier, and Guillaume Hiet. 2018. Modular Verification of Programs with Effects and Effect Handlers in Coq. In Formal Methods - 22nd International Symposium, FM 2018, Held as Part of the Federated Logic Conference, FloC 2018, Oxford, UK, July 15-17, 2018, Proceedings. 338–354. https://doi.org/10.1007/978-3-319-95582-7_20
Google Scholar
Cross Ref
- Kenji Maillard, Cătălin Hritcu, Exequiel Rivas, and Antoine Van Muylder. 2020. The next 700 Relational Program Logics. Proceedings of the ACM on Programming Languages, 4, POPL (2020), Article 4, 33 pages. https://doi.org/10.1145/3371072
Google Scholar
Digital Library
- Paul-André Melliès and Samuel Mimram. 2007. Asynchronous Games: Innocence Without Alternation. In CONCUR 2007 – Concurrency Theory, Luís Caires and Vasco T. Vasconcelos (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 395–411. isbn:978-3-540-74407-8 https://doi.org/10.1007/978-3-540-74407-8_27
Google Scholar
Cross Ref
- Robin Milner. 1989. Communication and Concurrency. Prentice-Hall, Inc., USA. isbn:978-0-13-114984-7
Google Scholar
Digital Library
- Robin Milner, Joachim Parrow, and David Walker. 1992. A calculus of mobile processes, I. Information and Computation, 100, 1 (1992), 1–40. issn:0890-5401 https://doi.org/10.1016/0890-5401(92)90008-4
Google Scholar
Digital Library
- Arthur Oliveira Vale, Paul-André Melliès, Zhong Shao, Jérémie Koenig, and Léo Stefanesco. 2022. Layered and Object-Based Game Semantics. Proc. ACM Program. Lang., 6, POPL (2022), Article 42, jan, 32 pages. https://doi.org/10.1145/3498703
Google Scholar
Digital Library
- Damien Pous. 2007. Complete Lattices and Up-To Techniques. In Programming Languages and Systems, Zhong Shao (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg. 351–366. isbn:978-3-540-76637-7 https://doi.org/10.1007/978-3-540-76637-7_24
Google Scholar
Digital Library
- Damien Pous. 2016. Coinduction All the Way Up. In Proceedings of the 31st Annual ACM/IEEE Symposium on Logic in Computer Science (LICS ’16). Association for Computing Machinery, New York, NY, USA. 307–316. isbn:9781450343916 https://doi.org/10.1145/2933575.2934564
Google Scholar
Digital Library
- Damien Pous. 2022. The coq-coinduction library. https://github.com/damien-pous/coinduction
Google Scholar
- Damien Pous. 2022. The coq-coinduction library: examples. https://github.com/damien-pous/coinduction-examples
Google Scholar
- Silvain Rideau and Glynn Winskel. 2011. Concurrent Strategies. In Proceedings of the 26th Annual IEEE Symposium on Logic in Computer Science, LICS 2011, June 21-24, 2011, Toronto, Ontario, Canada. IEEE Computer Society, 409–418. https://doi.org/10.1109/LICS.2011.13
Google Scholar
Digital Library
- Davide Sangiorgi. 1998. On the bisimulation proof method. Mathematical Structures in Computer Science, 8, 5 (1998), 447–479. https://doi.org/10.1017/S0960129598002527
Google Scholar
Digital Library
- Davide Sangiorgi and Jan Rutten. 2012. Advanced Topics in Bisimulation and Coinduction (2nd ed.). Cambridge University Press, USA. isbn:9781107004979
Google Scholar
- Davide Sangiorgi and David Walker. 2001. The π -calculus (1st ed.). Cambridge University Press, USA.
Google Scholar
- Jaroslav Sevcík, Viktor Vafeiadis, Francesco Zappa Nardelli, Suresh Jagannathan, and Peter Sewell. 2013. CompCertTSO: A Verified Compiler for Relaxed-Memory Concurrency. J. ACM, 60, 3 (2013), 22:1–22:50. https://doi.org/10.1145/2487241.2487248
Google Scholar
Digital Library
- M.B. Smyth. 1976. Powerdomains. In Mathematical Foundations of Computer Science (Lecture Notes in Computer Science, Vol. 4). Springer. https://doi.org/10.1007/3-540-07854-1_226
Google Scholar
Cross Ref
- The Coq Development Team. 2022. The Coq Proof Assistant. https://doi.org/10.5281/zenodo.5846982
Google Scholar
Cross Ref
- Li-yao Xia, Yannick Zakowski, Paul He, Chung-Kil Hur, Gregory Malecha, Benjamin C. Pierce, and Steve Zdancewic. 2020. Interaction Trees. Proceedings of the ACM on Programming Languages, 4, POPL (2020), https://doi.org/10.1145/3371119
Google Scholar
Digital Library
- Irene Yoon, Yannick Zakowski, and Steve Zdancewic. 2022. Formal Reasoning About Layered Monadic Interpreters. Proceedings of the ACM on Programming Languages, 6, ICFP (2022), https://doi.org/10.1145/3547630
Google Scholar
Digital Library
- Irene Yoon, Yannick Zakowski, and Steve Zdancewic. 2022. Formal reasoning about layered monadic interpreters. Proc. ACM Program. Lang., 6, ICFP (2022), 254–282. https://doi.org/10.1145/3547630
Google Scholar
Digital Library
- Yannick Zakowski, Calvin Beck, Irene Yoon, Ilia Zaichuk, Vadim Zaliva, and Steve Zdancewic. 2021. Modular, Compositional, and Executable Formal Semantics for LLVM IR. Proc. ACM Program. Lang., 5, ICFP (2021), Article 67, aug, 30 pages. https://doi.org/10.1145/3473572
Google Scholar
Digital Library
- Yannick Zakowski, Paul He, Chung-Kil Hur, and Steve Zdancewic. 2020. An Equational Theory for Weak Bisimulation via Generalized Parameterized Coinduction. In Proceedings of the 9th ACM SIGPLAN International Conference on Certified Programs and Proofs (CPP). https://doi.org/10.1145/3372885.3373813
Google Scholar
Digital Library
Index Terms
Choice Trees: Representing Nondeterministic, Recursive, and Impure Programs in Coq
Recommendations
Interaction trees: representing recursive and impure programs in Coq
Interaction trees (ITrees) are a general-purpose data structure for representing the behaviors of recursive programs that interact with their environments. A coinductive variant of “free monads,” ITrees are built out of uninterpreted events and their ...
Quantifier-free logic for nondeterministic theories
Logic, language, information and computationWe develop a quantifier-free logic for deriving consequences of multialgebraic theories. Multialgebras are used as models for nondeterminism in the context of algebraic specifications. They are many sorted algebras with set-valued operations. Formulae ...
Refinement Sensitive Formal Semantics of State Machines With Persistent Choice
Modeling languages usually support two kinds of nondeterminism, an external one for interactions of a system with its environment, and one that stems from under-specification as familiar in models of behavioral requirements. Both forms of nondeterminism ...






Comments