research-article

Open access

Recovering purity with comonads and capabilities

Authors:

Vikraman Choudhury,

Neel KrishnaswamiAuthors Info & Claims

Proceedings of the ACM on Programming Languages, Volume 4, Issue ICFP

Article No.: 111, Pages 1 - 28

https://doi.org/10.1145/3408993

Published: 03 August 2020 Publication History

Abstract

In this paper, we take a pervasively effectful (in the style of ML) typed lambda calculus, and show how to extend it to permit capturing pure expressions with types. Our key observation is that, just as the pure simply-typed lambda calculus can be extended to support effects with a monadic type discipline, an impure typed lambda calculus can be extended to support purity with a comonadic type discipline.

We establish the correctness of our type system via a simple denotational model, which we call the capability space model. Our model formalises the intuition common to systems programmers that the ability to perform effects should be controlled via access to a permission or capability, and that a program is capability-safe if it performs no effects that it does not have a runtime capability for. We then identify the axiomatic categorical structure that the capability space model validates, and use these axioms to give a categorical semantics for our comonadic type system. We then give an equational theory (substitution and the call-by-value β and η laws) for the imperative lambda calculus, and show its soundness relative to this semantics.

Finally, we give a translation of the pure simply-typed lambda calculus into our comonadic imperative calculus, and show that any two terms which are βη-equal in the STLC are equal in the equational theory of the comonadic calculus, establishing that pure programs can be mapped in an equation-preserving way into our imperative calculus.

Supplementary Material

Presentation at ICFP '20 (a111-choudhury-presentation.mp4)

Download
28.14 MB

References

[1]

Natasha Alechina, Michael Mendler, Valeria de Paiva, and Eike Riter. 2001. Categorical and Kripke Semantics for Constructive S4 Modal Logic.CInomputer Science Logic, 15th International Workshop, CSL 2001. 10th Annual Conference of the EACSL, Paris, France, September 10-13, 2001, Proceedings (Lecture Notes in Computer Science), Laurent Fribourg (Ed.), Vol. 2142. Springer, 292-307.https://doi.org/10.1007/3-540-44802-0_21

[2]

Josh Berdine, Cristiano Calcagno, and Peter W. O'Hearn. 2006. Smallfoot: Modular Automatic Assertion Checking wit Separation Logic. IFnormal Methods for Components and Objects, Frank S. de Boer, Marcello M. Bonsangue, Susanne Graf, and Willem-Paul de Roever (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 115-137.

[3]

Aloïs Brunel, Marco Gaboardi, Damiano Mazza, and Steve Zdancewic. 2014. A Core Quantitative Coefect Calculus. In Programming Languages and Systems. Springer Berlin Heidelberg, 351-37h0t. tps://doi.org/10.1007/978-3-642-54833-8_19

[4]

Ranald Clouston. 2018. Fitch-Style Modal Lambda CalcuLleic.tuIrne Notes in Computer Science. Springer International Publishing, 258-275. https://doi.org/10.1007/978-3-319-89366-2_14

[5]

Karl Crary, David Walker, and J. Gregory Morriset. 1999. Typed Memory Management in a Calculus of CapabiPlOitPiLes. In '99, Proceedings of the 26th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, San Antonio, TX, USA, January 20-22, 1999, Andrew W. Appel and Alex Aiken (Eds.). ACM, 262-275h.ttps://doi.org/10.1145/292540.292564

[6]

Ugo Dal Lago and Martin Hofmann. 2009. Bounded Linear Logic, RevisitTeydp. eIdnLambda Calculi and Applications, Pierre-Louis Curien (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg, 80-94.

[7]

Nils Anders Danielsson, John Hughes, Patrik Jansson, and Jeremy Gibbons. 2006. Fast and Loose Reasoning is Morally Correct. InConference Record of the 33rd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL '06). ACM, 206-217. https://doi.org/10.1145/1111037.111105C6harleston, South Carolina, USA.

[8]

Jack B. Dennis and Earl C. Van Horn. 1966. Programming semantics for multiprogrammed computCaotmiomnusn. ACM 9, 3 ( 1966 ), 143-155. https://doi.org/10.1145/365230.365252

Digital Library

[9]

Mike Dodds, Xinyu Feng, Mathew Parkinson, and Viktor Vafeiadis. 2009. Deny-Guarantee ReasonPinrogg. rIanmming Languages and Systems, Giuseppe Castagna (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg, 363-377.

[10]

Jeremy Gibbons. 2000. Calculating Functional ProgramAslg. eInbraic and Coalgebraic Methods in the Mathematics of Program Construction, International Summer School and Workshop, Oxford, UK, April 10-14, 2000, Revised Lectures (Lecture Notes in Computer Science), Roland Carl Backhouse, Roy L. Crole, and Jeremy Gibbons (Eds.), Vol. 2297. Springer, 149-202. https://doi.org/10.1007/3-540-47797-7_5

[11]

David K. Giford and John M. Lucassen. 1986. Integrating Functional and Imperative ProgrammPirnocge. eIdnings of the 1986 ACM Conference on LISP and Functional Programming (Cambridge, Massachusets, USA)( LFP '86). ACM, New York, NY, USA, 28-38. https://doi.org/10.1145/319838.319848

Digital Library

[12]

Jean-Yves Girard. 1987. Linear logTheico. retical Computer Science 50, 1 (Jan 1987 ), 1-101. https://doi.org/10.1016/ 0304-3975 ( 87 ) 90045-4

Digital Library

[13]

Jean-Yves Girard, Paul Taylor, and Yves Lafont. 1P9ro8o9f.s and Types. Cambridge University Press, New York, NY, USA. 217-241 pages. https://doi.org/10.1007/978-1-4612-2822-6_8

[14]

Martin Hofmann. 2003. Linear types and non-size-increasing polynomial time compuItnafotrimona. tion and Computation 183, 1 (may 2003 ), 57-85. https://doi.org/10.1016/s0890-5401 ( 03 ) 00009-9

Digital Library

[15]

Satoshi Kobayashi. 1997. Monad as modaliThetoyr. etical Computer Science 175, 1 ( 1997 ), 29-74. https://doi.org/10.1016/ S0304-3975 ( 96 ) 00169-7

Digital Library

[16]

Neelakantan R. Krishnaswami. 2013. Higher-Order Reactive Programming without Spacetime LInetaekrnsa. tIinonal Conference on Functional Programming (ICFP).

[17]

Hugh C. Lauer and Roger M. Needham. 1979. On the Duality of Operating System StruActCuMreSsIG. OPS Operating Systems Review 13, 2 (apr 1979 ), 3-19. https://doi.org/10.1145/850657.850658

Digital Library

[18]

Henry M Levy. 1984. Capability-based computer systems. Digital Press.

Digital Library

[19]

Paul Blain Levy, John Power, and Hayo Thielecke. 2003. Modelling environments in call-by-value programming languages. Information and Computation 185, 2 (Sep 2003 ), 182-210. https://doi.org/10.1016/S0890-5401 ( 03 ) 00088-9

Digital Library

[20]

S. Mafeis, J. C. Mitchell, and A. Taly. 2010. Object Capabilities and Isolation of Untrusted Web Applica20t1i0o nIEsE. EIn Symposium on Security and Privacy. 125-140. https://doi.org/10.1109/SP. 2010.16

Digital Library

[21]

J. C. C. McKinsey and Alfred Tarski. 1948. Some Theorems About the Sentential Calculi of Lewis and HeJy.Styinmgb. Log. 13, 1 ( 1948 ), 1-15. https://doi.org/10.2307/2268135

[22]

Adrian Metler, David A. Wagner, and Tyler Close. 2010. Joe-E: A Security-Oriented Subset of JParvocae.eIdnings of the Network and Distributed System Security Symposium, NDSS 2010, San Diego, California, USA, 28th February-3rd March 2010. The Internet Society. https://www.ndss-symposium.org/ndss2010/joe-e-security-oriented-subset-java

[23]

Mark Samuel Miller. 200R6.obust Composition: Towards a Unified Approach to Access Control and Concurrency Control. Ph.D. Dissertation. USA. Advisor(s) Shapiro, Jonathan S. AAI3245526.

[24]

Eugenio Moggi. 1989. Computational Lambda-Calculus and MonadPsr. ocIenedings of the Fourth Annual Symposium on Logic in Computer Science (LICS '89), Pacific Grove, California, USA, June 5-8, 1989. IEEE Computer Society, 14-23. https://doi.org/10.1109/LICS. 1989.39155

[25]

Eugenio Moggi. 1991. Notions of Computation and MonIandf. sC.omput. 93, 1 ( 1991 ), 55-92. https://doi.org/10.1016/ 0890-5401 ( 91 ) 90052-4

Digital Library

[26]

Greg Morriset, Amal Ahmed, and Mathew Fluet. 2005. L3: A Linear Language with LocationTsy. pIend Lambda Calculi and Applications, Paweł Urzyczyn (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg, 293-307.

[27]

Flemming Nielson and Hanne Riis Nielson. 199T9y.pe and Efect Systems. Springer Berlin Heidelberg, Berlin, Heidelberg, 114-136. https://doi.org/10.1007/3-540-48092-7_6

[28]

Peter W. O'Hearn and David J. Pym. 1999. The Logic of Bunched ImplicationBsu. lleting Symbolic Logic 5, 2 ( 06 1999 ), 215-244. https://projecteuclid.org:443/euclid.bsl/1182353620

[29]

Dominic A. Orchard, Vilem Liepelt, and Harley Eades. 2019. Quantitative program reasoning with graded modal types. Proceedings of the ACM on Programming Languages (June 2019 ). https://kar.kent.ac.uk/74450/

Digital Library

[30]

P. W. O'Hearn. 1993. A model for syntactic control of interfeMraetnhceme. atical Structures in Computer Science 3, 4 (Dec 1993 ), 435-465. https://doi.org/10.1017/S0960129500000311

[31]

Tomas Petricek, Dominic A. Orchard, and Alan Mycroft. 2014. Coefects: a calculus of context-dependent computation. In Proceedings of the 19th ACM SIGPLAN international conference on Functional programming, Gothenburg, Sweden, September 1-3, 2014, Johan Jeuring and Manuel M. T. Chakravarty (Eds.). ACM, 123-h13t5t.ps://doi.org/10.1145/2628136.2628160

Digital Library

[32]

Frank Pfenning and Rowan Davies. 2001. A judgmental reconstruction of modMalalthoegmica. tical Structures in Computer Science 11, 4 ( 2001 ), 511-540. https://doi.org/10.1017/S0960129501003322

Digital Library

[33]

John C. Reynolds. 1978. Syntactic Control of InterferenPrcoec.eIendings of the 5th ACM SIGACT-SIGPLAN Symposium on Principles of Programming Languages (POPL '78). ACM, 39-46. https://doi.org/10.1145/512760.512766event-place: Tucson, Arizona.

[34]

J. C. Reynolds. 2002. Separation logic: a logic for shared mutable data struPcrtoucreeedsi. nIngs 17th Annual IEEE Symposium on Logic in Computer Science. 55-74. https://doi.org/10.1109/LICS. 2002.1029817

[35]

Amr Sabry. 1998. What is a purely functional languJaoguern?al of Functional Programming 8, 1 (Jan 1998 ), 1-22. https: //doi.org/10.1017/S0956796897002943

Digital Library

[36]

Ian Stark. 1996. Categorical models for local naLImSePsa. nd Symbolic Computation 9, 1 ( 01 Feb 1996 ), 77-107. https: //doi.org/10.1007/BF01806033

[37]

Tachio Terauchi and Alex Aiken. 2006. A Capability Calculus for Concurrency and DetermCinOiNsmC.UIRn 2006-Concurrency Theory, 17th International Conference, CONCUR 2006, Bonn, Germany, August 27-30, 2006, Proceedings (Lecture Notes in Computer Science), Christel Baier and Holger Hermanns (Eds.), Vol. 4137. Springer, 218-h2t3t2p. s://doi.org/10. 1007/11817949_15

[38]

Kazushige Terui. 2007. Light afine lambda calculus and polynomial time strong normaliAzarcthioivne. for Mathematical Logic 46, 3-4 (feb 2007 ), 253-280. https://doi.org/10.1007/s00153-007-0042-6

[39]

Philip Wadler. 1990. Deforestation: transforming programs to eliminaThetoerettriceaelsC. omputer Science 73, 2 (jun 1990 ), 231-248. https://doi.org/10.1016/ 0304-3975 ( 90 ) 90147-a

Digital Library

[40]

Philip Wadler. 1998. The Marriage of Efects and Monads. IPnroceedings of the Third ACM SIGPLAN International Conference on Functional Programming (Baltimore, Maryland, USA(IC)FP '98). ACM, New York, NY, USA, 63-74. https://doi.org/ 10.1145/289423.289429

Digital Library

[41]

W. Wulf, E. Cohen, W. Corwin, A. Jones, R. Levin, C. Pierson, and F. Pollack. 1974. HYDRA: The Kernel of a Multiprocessor Operating SystemC.ommun. ACM 17, 6 (Jun 1974 ), 337-345. https://doi.org/10.1145/355616.364017

Digital Library

Cited By

Boruch-Gruszecki AOdersky MLee ELhoták OBrachthäuser J(2023)Capturing TypesACM Transactions on Programming Languages and Systems10.1145/361800345:4(1-52)Online publication date: 20-Nov-2023
https://dl.acm.org/doi/10.1145/3618003
Brachthäuser JSchuster PLee EBoruch-Gruszecki A(2022)Effects, capabilities, and boxes: from scope-based reasoning to type-based reasoning and backProceedings of the ACM on Programming Languages10.1145/35273206:OOPSLA1(1-30)Online publication date: 29-Apr-2022
https://dl.acm.org/doi/10.1145/3527320
BAHR P(2022)Modal FRP for all: Functional reactive programming without space leaks in HaskellJournal of Functional Programming10.1017/S095679682200013232Online publication date: 26-Dec-2022
https://doi.org/10.1017/S0956796822000132
Show More Cited By

Index Terms

Recovering purity with comonads and capabilities
1. Software and its engineering
  1. Software notations and tools
    1. Formal language definitions
      1. Semantics
      2. Syntax
    2. General programming languages
      1. Language types
        Functional languages
2. Theory of computation
  1. Logic
  2. Semantics and reasoning
    1. Program semantics
      1. Categorical semantics
      2. Denotational semantics

Recommendations

Combining effects and coeffects via grading
ICFP '16

Effects and coeffects are two general, complementary aspects of program behaviour. They roughly correspond to computations which change the execution context (effects) versus computations which make demands on the context (coeffects). Effectful ...
Functional translation of a calculus of capabilities
ICFP '08: Proceedings of the 13th ACM SIGPLAN international conference on Functional programming

Reasoning about imperative programs requires the ability to track aliasing and ownership properties. We present a type system that provides this ability, by using regions, capabilities, and singleton types. It is designed for a high-level calculus with ...
Functional translation of a calculus of capabilities
ICFP '08

Reasoning about imperative programs requires the ability to track aliasing and ownership properties. We present a type system that provides this ability, by using regions, capabilities, and singleton types. It is designed for a high-level calculus with ...

Comments

Information & Contributors

Information

Published In

cover image Proceedings of the ACM on Programming Languages

Proceedings of the ACM on Programming Languages Volume 4, Issue ICFP

August 2020

1070 pages

EISSN:2475-1421

DOI:10.1145/3415018

Issue’s Table of Contents

Copyright © 2020 Owner/Author.

This work is licensed under a Creative Commons Attribution International 4.0 License.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 03 August 2020

Published in PACMPL Volume 4, Issue ICFP

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
1,313
Total Downloads

Downloads (Last 12 months)193
Downloads (Last 6 weeks)30

Reflects downloads up to 27 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Boruch-Gruszecki AOdersky MLee ELhoták OBrachthäuser J(2023)Capturing TypesACM Transactions on Programming Languages and Systems10.1145/361800345:4(1-52)Online publication date: 20-Nov-2023
https://dl.acm.org/doi/10.1145/3618003
Brachthäuser JSchuster PLee EBoruch-Gruszecki A(2022)Effects, capabilities, and boxes: from scope-based reasoning to type-based reasoning and backProceedings of the ACM on Programming Languages10.1145/35273206:OOPSLA1(1-30)Online publication date: 29-Apr-2022
https://dl.acm.org/doi/10.1145/3527320
BAHR P(2022)Modal FRP for all: Functional reactive programming without space leaks in HaskellJournal of Functional Programming10.1017/S095679682200013232Online publication date: 26-Dec-2022
https://doi.org/10.1017/S0956796822000132
Marshall DVollmer MOrchard D(2022)Linearity and Uniqueness: An Entente CordialeProgramming Languages and Systems10.1007/978-3-030-99336-8_13(346-375)Online publication date: 29-Mar-2022
https://doi.org/10.1007/978-3-030-99336-8_13
Odersky MBoruch-Gruszecki ABrachthäuser JLee ELhoták ORichard-Foy JDoeraene S(2021)Safer exceptions for ScalaProceedings of the 12th ACM SIGPLAN International Symposium on Scala10.1145/3486610.3486893(1-11)Online publication date: 17-Oct-2021
https://dl.acm.org/doi/10.1145/3486610.3486893

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Media

Figures

Other

Tables

View Issue’s Table of Contents