Interaction Trees: Representing Recursive and Impure Programs in Coq (Work In Progress)
share
We present "interaction trees" (ITrees), a general-purpose data structure in Coq for formalizing the behaviors of recursive programs that interact with their environment. ITrees are built of uninterpreted events and their continuations—a coinductive variant of a "free monad". We study the compositional properties of interpreters built from "event handlers" and show how to use them to implement a general mutual recursion operator. The resulting theory enables equational reasoning about ITrees up to weak bisimulation. Using this theory, we prove the termination-sensitive correctness of a compiler from a simple imperative source language to an assembly-like target whose meanings are given as an ITree-based denotational semantics. Crucially, the correctness proof follows entirely by structural induction and the equational theory of combinators for control-flow graphs, which are built on top of the mutual recursion operator. ITrees are also executable, e.g. through extraction, making them suitable for debugging, testing, and implementing executable artifacts.
READ FULL TEXT
