Strongly Connected Components in graphs, formal proof of Tarjan1972 algorithm

HAL Id: hal-01422227

https://hal.inria.fr/hal-01422227

Submitted on 24 Dec 2016

HAL is a multi-disciplinary open access

archive for the deposit and dissemination of sci-entific research documents, whether they are pub-lished or not. The documents may come from teaching and research institutions in France or abroad, or from public or private research centers.

L’archive ouverte pluridisciplinaire HAL, est destinée au dépôt et à la diffusion de documents scientifiques de niveau recherche, publiés ou non, émanant des établissements d’enseignement et de recherche français ou étrangers, des laboratoires publics ou privés.

Strongly Connected Components in graphs, formal proof of Tarjan1972 algorithm

Jean-Jacques Levy, Ran Chen

To cite this version:

Jean-Jacques Levy, Ran Chen. Strongly Connected Components in graphs, formal proof of Tarjan1972 algorithm. Groupe de travail LTP du GDR GPL , Nov 2016, Orsay, France. 2016. �hal-01422227�

Strongly Connected Components

in graphs, formal proof

of Tarjan1972 algorithm

jean-jacques.levy@inria.fr

Plan

2

.. joint work (in progress) with Ran Chen

•

pre-/post-conditions

•

imperative programs

•

conclusion

•

motivation

Motivation

3

•

to be fully published in articles or journals

•

Coq proofs seem to me unreadable (and by normal human ?)

•

algorithms on graphs = a good testbed

•

nice algorithms should have simple formal proofs

•

how to publish formal proofs ?

•

Why3 allows mix of automatic and interactive proofs

A one-pass

linear-time algorithm

The algorithm

(1/2)

5

2 3 8

4 9

1 7

5 6 • depth-first search algorithm

• with pushing non visited vertices into a working stack

• and computing oldest vertex reachable by at most a single « back-edge »

• when that oldest vertex is equal to currently visited vertex, a new strongly connected component is in the working stack on top of current vertex.

The algorithm

(2/2)

6 2 3 8 4 9 1 7 5 6 1 1 1 1 1 2 2 2 2 3 3 3 4 4 5 1 2 3 4 5 6 1 1 2 2 3 3 4 4 8 8 1 2 3 4 5 6 9 7

les valeurs successives de la pile

0 1 2 3 4 5 6 se ns cro issa nt du ra ng

The algorithm

(2/2)

7 2 3 8 4 9 1 7 5 6 1 1 1 1 1 2 2 2 2 3 3 3 4 4 5 1 2 3 4 5 6 1 1 2 2 3 3 4 4 8 8 1 2 3 4 5 6 9 7

les valeurs successives de la pile

0 1 2 3 4 5 6 se ns cro issa nt du ra ng 1 0 0 0 4 4 4 3 3

Proof in algorithms book

8

•

Christmas tree structure of strongly connected components

•

give the program

•

consider the spanning trees (forrest)

•

2-3 lemmas about ancestors in spanning trees

The program

(1/3)

9

• a functional version with lists and finite sets

The program

(2/3)

10

• blacks, grays are sets of vertices; sccs is a set of sets of vertices

• naming conventions:

x, y, z for vertices; b for black sets; s for stacks; cc for connected components;

The program

(3/3)

Pre/Post-conditions

(2/3)

x stack x s blacks _✓ b sccs _✓ sccs n y m m  rank y stack m  rank x stack

Invariants

(1/4)

blacks \ _{grays = ;}

(set of sccs) _{✓ blacks}

Invariants

(2/4)

cc1 sccs s grays blacks in cre asi ng ra nk cc2 ccn

Invariants

(4/4)

cc1 sccs s grays blacks in cre asi ng ra nk cc2 ccn

Assertions

x0 _{2 s2 ^ y}0 _{62 s2 ^} edge x0 y0

• Coq proof: there exists _x0_{, y}0 with

y0 is white

x0 = x

x0 _{6= x} impossible because no black to white

impossible because successors are black

y0 _{2 s3 =} stack

x0 = x

x0 _{6= x} impossible because crossedge

impossible because _{m1 } rank y’ s1 _< rank x s1

Towards imperative

program

Missing

•

implementation of graphs

•

vertices as integers in an array

•

successors as lists for every vertex

Conclusion

31

•

readable proofs ?

•

simple algorithms should have simple proofs

to be shown with a good formal precision

•

compare with other proof systems

•

further algorithms (in next talks ?) • graphs represented with arrays + lists

• topological sort, articulation points, sccK, sscT