Team, Visitors, External Collaborators
Overall Objectives
Research Program
Application Domains
Highlights of the Year
New Software and Platforms
New Results
Bilateral Contracts and Grants with Industry
Partnerships and Cooperations
XML PDF e-pub
PDF e-Pub

Section: New Results

Spreading Formal Proofs

Real Analysis

Formally Verified Approximations of Definite Integrals

The CoqInterval library provides some tactics for computing and formally verifying numerical approximations of real-valued expressions inside the Coq system. In particular, it is able to compute reliable bounds on proper definite integrals [64]. A. Mahboubi, G. Melquiond, and T. Sibut-Pinote extended these algorithms to also cover some improper integrals, e.g., those with an unbounded integration domain [14]. This makes CoqInterval one of the very few tools able to produce reliable results for improper integrals, be they formally verified or not.

Coq Formalization of algorithms for numerical filters

D. Gallois-Wong developed a Coq formalization of a generic representation of numerical filters, called SIF [31] in order to encompass all other representations of filters, and prove useful theorems only once.

Complexity theory and constructive analysis

E. Neumann and F. Steinberg extended the framework for complexity of operators in analysis devised by Kawamura and Cook (2012) to allow for the treatment of a wider class of representations and applied it to the study of interval computation [15]. A. Kawamura, F. Steinberg, and H. Thies put forward a complexity class of type-two linear-time [27].

F. Steinberg, L. Théry, and H. Thies give a number of formal proofs of theorems from the field of computable analysis. Results include that the algebraic operations and the efficient limit operator on the reals are computable, that certain countably infinite products are isomorphic to spaces of functions, compatibility of the enumeration representation of subsets of natural numbers with the abstract definition of the space of open subsets of the natural numbers, and that continuous realizability implies sequential continuity [46] [29]. F. Steinberg and H. Thies formalized proofs about Baire spaces and the isomorphy of the concrete and abstract spaces of open sets [45].

Formal Analysis of Debian packages

Several new results were produced in the context of the CoLiS project for the formal analysis of Debian packages. A first important step is the version 2 of the design of the CoLiS language done by B. Becker, C. Marché and other co-authors [38], that includes a modified formal syntax, a extended formal semantics, together with the design of concrete and symbolic interpreters. Those interpreters are specified and implemented in Why3, proved correct (following the initial approach for the concrete interpreter published in 2018 [60] and the recent approach for symbolic interpretation mentioned above [20]), and finally extracted to OCaml code.

To make the extracted code effective, it must be linked together with a library that implements a solver for feature constraints [61], and also a library that formally specifies the behavior of basic UNIX utilities. The latter library is documented in details in a research report [40].

A third result is a large verification campaign running the CoLiS toolbox on all the packages of the current Debian distribution. The results of this campaign were reported in another article [41] that will be presented at TACAS conference in 2020. The most visible side effect of this experiment is the discovery of bugs: more than 150 bugs report have been filled against various Debian packages.


Functional Programming.

J.-C. Filliâtre was invited speaker at JFLA 2019, as part of a session celebrating the 30 years of JFLA (a French-speaking national conference related to functional programming). He talked about 25 years of programming with OCaml [18]. At JFLA 2020, J.-C. Filliâtre will give a talk related to the elimination of non-tail calls [30].

Formal Verification of “ParcourSup” algorithms.

In May–July 2019, Léo Andrès (M1 student at Paris Sud) did a three month internship on the verification of the first algorithm of Parcoursup using Why3. Most of the expected properties, taken from the public description of Parcoursup's algorithms, have been verified. Léo Andrès's report (in French), is available on-line [37]. In June-December 2019, Benedikt Becker worked on the verification of the Java source code of ParcourSup. The findings and lessons learnt are described in a report under preparation.

Formalizing loop-carried dependencies in Coq for high-level synthesis.

F. Faissole, G. Constantinides, and D. Thomas developed Coq formalizations in order to improve high-level synthesis for FPGAs [44].