Formalizing Stalmarck's algorithm in Coq

International audienceWe present the development of a machine-checked implementation of Stalmarck's algorithm. First, we prove the correctness and the completeness of an abstract representation of the algorithm. Then, we give an effective implementation of the algorithm that we prove correct

TRX: A Formally Verified Parser Interpreter

Parsing is an important problem in computer science and yet surprisingly little attention has been devoted to its formal verification. In this paper, we present TRX: a parser interpreter formally developed in the proof assistant Coq, capable of producing formally correct parsers. We are using parsing expression grammars (PEGs), a formalism essentially representing recursive descent parsing, which we consider an attractive alternative to context-free grammars (CFGs). From this formalization we can extract a parser for an arbitrary PEG grammar with the warranty of total correctness, i.e., the resulting parser is terminating and correct with respect to its grammar and the semantics of PEGs; both properties formally proven in Coq.Comment: 26 pages, LMC

Total Haskell is Reasonable Coq

We would like to use the Coq proof assistant to mechanically verify properties of Haskell programs. To that end, we present a tool, named hs-to-coq, that translates total Haskell programs into Coq programs via a shallow embedding. We apply our tool in three case studies -- a lawful Monad instance, "Hutton's razor", and an existing data structure library -- and prove their correctness. These examples show that this approach is viable: both that hs-to-coq applies to existing Haskell code, and that the output it produces is amenable to verification.Comment: 13 pages plus references. Published at CPP'18, In Proceedings of 7th ACM SIGPLAN International Conference on Certified Programs and Proofs (CPP'18). ACM, New York, NY, USA, 201

Wave Equation Numerical Resolution: a Comprehensive Mechanized Proof of a C Program

We formally prove correct a C program that implements a numerical scheme for the resolution of the one-dimensional acoustic wave equation. Such an implementation introduces errors at several levels: the numerical scheme introduces method errors, and floating-point computations lead to round-off errors. We annotate this C program to specify both method error and round-off error. We use Frama-C to generate theorems that guarantee the soundness of the code. We discharge these theorems using SMT solvers, Gappa, and Coq. This involves a large Coq development to prove the adequacy of the C program to the numerical scheme and to bound errors. To our knowledge, this is the first time such a numerical analysis program is fully machine-checked.Comment: No. RR-7826 (2011

Programmation fonctionnelle certifiée : <br />L'extraction de programmes dans l'assistant Coq

This work concerns the generation of programs which are certifiedto be correct by construction. These programs are obtained by extracting relevant information from constructive proofs made withthe Coq proof assistant. Such a translation, named ``extraction'', of constructive proofs intofunctional programs is not new, and corresponds to an isomorphismknown as Curry-Howard's. An extraction tool has been part of Coqassistant for a long time. But this old extraction tool suffered fromseveral limitations: in particular, some Coq proofs were refused byit, whereas some others led to incorrect programs.In order to overcome these limitations, we built a completely newextraction tool for Coq, including both a new theory and a newimplementation. Concerning theory, we developed new correctnessproofs for this extraction mechanism. These new proofs are both complex and original. Concerning implementation, we focused on the generation of efficient and realistic code, which can be integrated in large-scale software developments, using modules and interfaces.Finally, we also present several case studies illustrating thecapabilities of our new extraction. For example, we describe thecertification of a modular library of finite set structures, and the production of programs about real exact arithmetic, starting from aformalization of constructive real analysis. These examples show the progress already achieved, even if the situation is not perfect yet,in particular in the last study.Nous nous intéressons ici à la génération de programmes certifiéscorrects par construction. Ces programmes sont obtenus enextrayant l'information pertinente de preuves constructives réaliséesdans l'assistant de preuves Coq.Une telle traduction, ou "extraction", des preuves constructivesen programmes fonctionnels n'est pas nouvelle, elle correspond à un isomorphisme bien connu sous le nom de Curry-Howard. Etl'assistant Coq comporte depuis longtemps un tel outil d'extraction. Mais l'outil précédent présentait d'importantes limitations. Certaines preuves Coq étaient ainsi hors de son champ d'application, alors que d'autres engendraient des programmes incorrects.Afin de résoudre ces limitations, nous avons effectué une refontecomplète de l'extraction dans Coq, tant du point de vue de la théorieque de l'implantation. Au niveau théorique, cette refonte a entraînéla réalisation de nouvelles preuves de correction de ce mécanismed'extraction, preuves à la fois complexes et originales. Concernantl'implantation, nous nous sommes efforcés d'engendrer du code extrait efficace et réaliste, pouvant en particulier être intégré dans desdéveloppement logiciels de plus grande échelle, par le biais demodules et d'interfaces.Enfin, nous présentons également plusieurs études de cas illustrantles possibilités de notre nouvelle extraction. Nous décrivons ainsi lacertification d'une bibliothèque modulaire d'ensembles finis, et l'obtention de programmes d'arithmétique réelle exacte à partir d'une formalisation d'analyse réelle constructive. Même si des progrès restent encore à obtenir, surtout dans ce dernier cas, ces exemples mettent en évidence le chemin déjà parcouru

Hofstadter's problem for curious readers

This document summarizes the proofs made during a Coq development inSummer 2015. This development investigates the function G introducedby Hofstadter in his famous "Gödel, Escher, Bach" bookas well as a related infinite tree. The left/right flipped variantof this G tree has also been studied here, followingHofstadter's "problem for the curious reader".The initial G function is refered as sequence A005206 inOEIS, while the flipped version is the sequence A123070