Readable semi-automatic formal proofs of Depth-First Search in graphs using Why3

Quite often formal proofs are not published in conferences or journal articles, because formal proofs are usually too long. A typical article states the ability of having implemented a formal proof, but the proof itself is often sketched in terms of a natural language. At best, some formal lemmas and definitions are stated. Can we do better ? We try here to publish the details of a formal proof of the white-paths theorem about depth-first search in graphs. We use Why3 as the proving platform, because Why3 uses first-order logic augmented with inductive definitions of predicates and because Why3 makes possible to delegate bits of proofs to on-the-shelf automatic provers at same time as Why3 provides interfaces with interactive proof checkers such that Coq, PVS or Isabelle. Algorithms on graphs are also a good testbed since graphs are combinatorial structures whose algebraic properties are not fully obvious. Depth-first search may look over-simple, but it is the first step of the construction of a library of readable formal proofs for more complex algorithms on graphs with more realistic data structures

A general version of Curry&Feys' Finite Developments theorem is connected to Strong Normalization in the lambda calculus. This offers another viewpoint about termination of lambda tersm. (Tutorial at ISR 2021 (12th International School on Rewriting), Madrid, 5-16 July 2021)

Doctora

Tracking Redexes in the Lambda Calculus

Residuals of redexes keep track of redexes along reductions in the lambda calculus. Families of redexes keep track of redexes created along these reductions. In this paper, we review these notions and their relation to a labeled-calculus introduced here in a systematic way. These properties may be extended to combinatory logic, term rewriting systems, process calculi and proofnets of linear logic

Formal proofs of two algorithms for strongly connected components in graphs

We present formal proofs for the two classical Tarjan-1972 and Kosaraju-1978 algorithms for finding strongly connected components in directed graphs. We describe the two algorithms in a functional programming style with abstract values for vertices in graphs, with functions between vertices and their successors, and with data types such that lists (for representing immutable stacks) and sets. We use the Why3 system and the Why3-logic to express these proofs and fully check them by computer. The Why3-logic is a simple multi-sorted first-order logic augmented by inductively defined predicates. Furthermore it provides useful libraries for lists and sets. The Why3 system allows description of programs in a Why3-ML programming language (a first-order programming language with ML syntax) and provides interfaces to various state-of-the-art automatic provers and to manual interactive proof-checkers (we use mainly Coq). One important point of our article is that our proofs are intuitive and human readable

Readable semi-automatic formal proofs of Depth-First Search in graphs using Why3

Quite often formal proofs are not published in conferences or journal articles, because formal proofs are usually too long. A typical article states the ability of having implemented a formal proof, but the proof itself is often sketched in terms of a natural language. At best, some formal lemmas and definitions are stated. Can we do better ? We try here to publish the details of a formal proof of the white-paths theorem about depth-first search in graphs. We use Why3 as the proving platform, because Why3 uses first-order logic augmented with inductive definitions of predicates and because Why3 makes possible to delegate bits of proofs to on-the-shelf automatic provers at same time as Why3 provides interfaces with interactive proof checkers such that Coq, PVS or Isabelle. Algorithms on graphs are also a good testbed since graphs are combinatorial structures whose algebraic properties are not fully obvious. Depth-first search may look over-simple, but it is the first step of the construction of a library of readable formal proofs for more complex algorithms on graphs with more realistic data structures

Confluence properties of weak and strong calculi of explicit substitutions

Projet CHLOE, Projet PARACategorical combinators and more recently ls-calculus have been introduced to provide an explicit treatments of substitutions in the l-calculus. We reintroduce here the ingredients of these calculi in a self-contained and stepwise way, with a special emphasis on confluence properties. The main new results of the paper w.r.t. are the following : - we present a confluent weak calculus of substitutions, where no variable clashes can be feared - we solve a conjecture : ls-calculus is not confluent (it is confluent on ground terms only). This unfortunate result is "repaired" by presenting a confluent version of ls-calculus, named the lEnv-calculus called here the confluent ls-calculus

Full abstraction for sequential languages : The states of the art

Disponible dans les fichiers attachés à ce documen

Full abstraction for sequential languages : The states of the art

Disponible dans les fichiers attachés à ce documen