Journal of Automated Reasoning

, Volume 50, Issue 4, pp 423–456 | Cite as

Wave Equation Numerical Resolution: A Comprehensive Mechanized Proof of a C Program

  • Sylvie Boldo
  • François Clément
  • Jean-Christophe Filliâtre
  • Micaela Mayero
  • Guillaume Melquiond
  • Pierre Weis
Article

Abstract

We formally prove correct a C program that implements a numerical scheme for the resolution of the one-dimensional acoustic wave equation. Such an implementation introduces errors at several levels: the numerical scheme introduces method errors, and floating-point computations lead to round-off errors. We annotate this C program to specify both method error and round-off error. We use Frama-C to generate theorems that guarantee the soundness of the code. We discharge these theorems using SMT solvers, Gappa, and Coq. This involves a large Coq development to prove the adequacy of the C program to the numerical scheme and to bound errors. To our knowledge, this is the first time such a numerical analysis program is fully machine-checked.

Keywords

Formal proof of numerical program Convergence of numerical scheme Proof of C program Coq formal proof Acoustic wave equation Partial differential equation Rounding error analysis 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Achenbach, J.D.: Wave Propagation in Elastic Solids. North Holland, Amsterdam (1973)Google Scholar
  2. 2.
    Andrews, G.E., Askey, R., Roy, R.: Special Functions. Cambridge University Press, Cambridge (1999)MATHGoogle Scholar
  3. 3.
    Askey, R., Gasper, G.: Certain rational functions whose power series have positive coefficients. Am. Math. Mon. 79, 327–341 (1972)MathSciNetMATHCrossRefGoogle Scholar
  4. 4.
    Avigad, J., Donnelly, K.: A decision procedure for linear “Big O” equations. J. Autom. Reason. 38(4), 353–373 (2007)MathSciNetMATHCrossRefGoogle Scholar
  5. 5.
    Barrett, C., Tinelli, C.: CVC3. In: 19th International Conference on Computer Aided Verification (CAV ’07), LNCS, vol. 4590, pp. 298–302. Springer, Berlin (2007)Google Scholar
  6. 6.
    Baudin, P., Cuoq, P., Filliâtre, J.C., Marché, C., Monate, B., Moy, Y., Prevosto, V.: ACSL: ANSI/ISO C specification language, version 1.5 (2009). URL http://frama-c.cea.fr/acsl.html
  7. 7.
    Bécache, E.: Étude de schémas numériques pour la résolution de l’équation des ondes. Master Modélisation et simulation, Cours ENSTA (2009). URL http://www-rocq.inria.fr/~becache/COURS-ONDES/Poly-num-0209.pdf
  8. 8.
    Bertot, Y., Castéran, P.: Interactive theorem proving and program development. Coq’Art: the calculus of inductive constructions. In: Texts in Theoretical Computer Science. Springer (2004)Google Scholar
  9. 9.
    Bertot, Y., Gonthier, G., Ould Biha, S., Pasca, I.: Canonical big operators. In: 21st International Conference on Theorem Proving in Higher Order Logics (TPHOLs’08), LNCS, vol. 5170, pp. 86–101. Springer, Montreal (2008)CrossRefGoogle Scholar
  10. 10.
    Bobot, F., Conchon, S., Contejean, E., Iguernelala, M., Lescuyer, S., Mebsout, A.: The Alt-Ergo automated theorem prover (2008). URL http://alt-ergo.lri.fr/
  11. 11.
    Boldo, S.: Preuves formelles en arithmétiques à virgule flottante. Ph.D. thesis, École Normale Supérieure de Lyon (2004)Google Scholar
  12. 12.
    Boldo, S.: Floats & Ropes: a case study for formal numerical program verification. In: 36th International Colloquium on Automata, Languages and Programming, LNCS - ARCoSS, vol. 5556, pp. 91–102. Springer, Rhodos (2009)Google Scholar
  13. 13.
    Boldo, S., Filliâtre, J.C.: Formal verification of floating-point programs. In: 18th IEEE International Symposium on Computer Arithmetic, pp. 187–194. Montpellier, France (2007)CrossRefGoogle Scholar
  14. 14.
    Boldo, S., Nguyen, T.M.T.: Proofs of numerical programs when the compiler optimizes. Innovations Syst. Softw. Eng. 7(2), 151–160 (2011)CrossRefGoogle Scholar
  15. 15.
    Boldo, S., Filliâtre, J.C., Melquiond, G.: Combining Coq and Gappa for certifying floating-point programs. In: Carette, J., Dixon, L., Coen, C.S., Watt, S.M. (eds.) 16th Calculemus Symposium, Lecture Notes in Artificial Intelligence, vol. 5625, pp. 59–74. Grand Bend, ON, Canada (2009)Google Scholar
  16. 16.
    Boldo, S., Clément, F., Filliâtre, J.C., Mayero, M., Melquiond, G., Weis, P.: Formal proof of a wave equation resolution scheme: the method error. In: Kaufmann, M., Paulson, L.C. (eds.) 1st Interactive Theorem Proving Conference (ITP), LNCS, vol. 6172, pp. 147–162. Springer, Edinburgh (2010)CrossRefGoogle Scholar
  17. 17.
    Boldo, S., Melquiond, G.: Flocq: A unified library for proving floating-point algorithms in Coq. In: Antelo, E., Hough, D., Ienne, P. (eds.) 20th IEEE Symposium on Computer Arithmetic, pp. 243–252. Tübingen, Germany (2011)Google Scholar
  18. 18.
    Brekhovskikh, L.M., Goncharov, V.: Mechanics of Continua and Wave Dynamics. Springer (1994)Google Scholar
  19. 19.
    Conchon, S., Contejean, E., Kanig, J., Lescuyer, S.: CC(X): semantical combination of congruence closure with solvable theories. In: Post-Proceedings of the 5th International Workshop on Satisfiability Modulo Theories (SMT 2007), Electronic Notes in Computer Science, vol. 198-2, pp. 51–69. Elsevier (2008)Google Scholar
  20. 20.
    Coquand, T., Paulin-Mohring, C.: Inductively defined types. In: Martin-Löf, P., Mints, G. (eds.) Colog’88, LNCS, vol. 417. Springer (1990)Google Scholar
  21. 21.
    Courant, R., Friedrichs, K., Lewy, H.: On the partial difference equations of mathematical physics. IBM J. Res. Develop. 11(2), 215–234 (1967)MathSciNetMATHCrossRefGoogle Scholar
  22. 22.
    Cousot, P., Cousot, R., Feret, J., Mauborgne, L., Miné, A., Monniaux, D., Rival, X.: The ASTRÉE analyzer. In: ESOP, no. 3444 in LNCS, pp. 21–30 (2005)Google Scholar
  23. 23.
    Cruz-Filipe, L.: A constructive formalization of the fundamental theorem of calculus. In: Geuvers, H., Wiedijk, F. (eds.) 2nd International Workshop on Types for Proofs and Programs (TYPES 2002), LNCS, vol. 2646. Springer, Berg en Dal (2002)Google Scholar
  24. 24.
    Daumas, M., Melquiond, G.: Certification of bounds on expressions involving rounded operators. Trans. Math. Softw. 37(1), 1–20 (2010)MathSciNetCrossRefGoogle Scholar
  25. 25.
    Daumas, M., Rideau, L., Théry, L.: A generic library for floating-point numbers and its application to exact computing. In: TPHOLs, pp. 169–184 (2001)Google Scholar
  26. 26.
    Delmas, D., Goubault, E., Putot, S., Souyris, J., Tekkal, K., Védrine, F.: Towards an industrial use of FLUCTUAT on safety-critical avionics software. In: FMICS, LNCS, vol. 5825, pp. 53–69. Springer (2009)Google Scholar
  27. 27.
    de Dinechin, F., Lauter, C., Melquiond, G.: Certifying the floating-point implementation of an elementary function using Gappa. IEEE Trans. Comput. 60(2), 242–253 (2011)MathSciNetCrossRefGoogle Scholar
  28. 28.
    de Moura, L., Bjørner, N.: Z3, an efficient SMT solver. In: TACAS, Lecture Notes in Computer Science, vol. 4963, pp. 337–340. Springer (2008)Google Scholar
  29. 29.
    Dutertre, B.: Elements of mathematical analysis in PVS. In: von Wright, J., Grundy, J., Harrison, J. (eds.) 9th International Conference on Theorem Proving in Higher Order Logics (TPHOLs’96), LNCS, vol. 1125, pp. 141–156. Springer, Turku (1996)CrossRefGoogle Scholar
  30. 30.
    Filliâtre, J.C., Marché, C.: The Why/Krakatoa/Caduceus platform for deductive program verification. In: 19th International Conference on Computer Aided Verification, LNCS, vol. 4590, pp. 173–177. Springer, Berlin (2007)Google Scholar
  31. 31.
    Fleuriot, J.D.: On the mechanization of real analysis in Isabelle/HOL. In: Aagaard, M., Harrison, J. (eds.) 13th International Conference on Theorem Proving and Higher-Order Logic (TPHOLs’00), LNCS, vol. 1869, pp. 145–161. Springer (2000)Google Scholar
  32. 32.
    Gamboa, R., Kaufmann, M.: Nonstandard analysis in ACL2. J. Autom. Reason. 27(4), 323–351 (2001)MathSciNetMATHCrossRefGoogle Scholar
  33. 33.
    Geuvers, H., Niqui, M.: Constructive reals in Coq: axioms and categoricity. In: Callaghan, P., Luo, Z., McKinna, J., Pollack, R. (eds.) 1st International Workshop on Types for Proofs and Programs (TYPES 2000), LNCS, vol. 2277, pp. 79–95. Springer, Durham (2002)Google Scholar
  34. 34.
    Harrison, J.: Theorem Proving with the Real Numbers. Springer (1998)Google Scholar
  35. 35.
    Harrison, J.: A HOL theory of Euclidean space. In: Hurd, J., Melham, T.F. (eds.) 18th International Conference on Theorem Proving and Higher-Order Logic (TPHOLs’05), LNCS, vol. 3603, pp. 114–129. Springer (2005)Google Scholar
  36. 36.
    John, F.: Partial Differential Equations. Springer (1986)Google Scholar
  37. 37.
    Krebbers, R., Spitters, B.: Type classes for efficient exact real arithmetic in Coq. arXiv:1106.3448v1 (2011). URL http://arXiv.org/abs/1106.3448
  38. 38.
    le Rond D’Alembert, J.: Recherches sur la courbe que forme une corde tendue mise en vibrations. In: Histoire de l’Académie Royale des Sciences et Belles Lettres (Année 1747), vol. 3, pp. 214–249. Haude et Spener, Berlin (1749)Google Scholar
  39. 39.
    Lee, G., Werner, B.: Proof-irrelevant model of CC with predicative induction and judgmental equality. Logical Methods in Computer Science 7(4) (2011)Google Scholar
  40. 40.
    Lelay, C., Melquiond, G.: Différentiabilité et intégrabilité en Coq. Application à la formule de d’Alembert. In: 23èmes Journées Francophones des Langages Applicatifs, pp. 119–133. Carnac, France (2012)Google Scholar
  41. 41.
    Letouzey, P.: A new extraction for Coq. In: Geuvers, H., Wiedijk, F. (eds.) 2nd International Workshop on Types for Proofs and Programs (TYPES 2002), LNCS, vol. 2646. Springer, Berg en Dal (2003)Google Scholar
  42. 42.
    Marché, C.: Jessie: an intermediate language for Java and C verification. In: Programming Languages meets Program Verification (PLPV), pp. 1–2. ACM, Freiburg (2007)Google Scholar
  43. 43.
    Mayero, M.: Formalisation et automatisation de preuves en analyses réelle et numérique. Ph.D. thesis, Université Paris VI (2001)Google Scholar
  44. 44.
    Mayero, M.: Using theorem proving for numerical analysis (correctness proof of an automatic differentiation algorithm). In: Carreño, V., Muñoz, C., Tahar, S. (eds.) 15th International Conference on Theorem Proving and Higher-Order Logic, LNCS, vol. 2410, pp. 246–262. Springer, Hampton (2002)CrossRefGoogle Scholar
  45. 45.
    Microprocessor Standards Committee: IEEE Standard for Floating-Point Arithmetic. IEEE Std. 754-2008, pp. 1–58 (2008). doi:10.1109/IEEESTD.2008.4610935
  46. 46.
    Newton, I.: Axiomata, sive Leges Motus. In: Philosophiae Naturalis Principia Mathematica, vol. 1. London (1687)Google Scholar
  47. 47.
    O’Connor, R.: Certified exact transcendental real number computation in Coq. In: 21st International Conference on Theorem Proving in Higher Order Logics (TPHOLs’08), LNCS, vol. 5170, pp. 246–261. Springer (2008)Google Scholar
  48. 48.
    O’Connor, R., Spitters, B.: A computer-verified monadic functional implementation of the integral. Theor. Comp. Sci. 411(37), 3386–3402 (2010)MathSciNetMATHCrossRefGoogle Scholar
  49. 49.
    Rosinger, E.E.: Propagation of round-off errors and the role of stability in numerical methods for linear and nonlinear PDEs. Appl. Math. Model. 9(5), 331–336 (1985)MathSciNetMATHCrossRefGoogle Scholar
  50. 50.
    Rosinger, E.E.: L-convergence paradox in numerical methods for PDEs. Appl. Math. Model. 15(3), 158–163 (1991)MathSciNetMATHCrossRefGoogle Scholar
  51. 51.
    Roy, C.J., Oberkampf, W.L.: A comprehensive framework for verification, validation, and uncertainty quantification in scientific computing. Comput. Methods Appl. Mech. Eng. 200(25–28), 2131–2144 (2011)MathSciNetMATHCrossRefGoogle Scholar
  52. 52.
    Rudnicki, P.: An overview of the MIZAR project. In: Types for Proofs and Programs, pp. 311–332 (1992)Google Scholar
  53. 53.
    Szyszka, B.: An interval method for solving the one-dimensional wave equation. In: 7th EUROMECH Solid Mechanics Conference (ESMC2009). Lisbon, Portugal (2009)Google Scholar
  54. 54.
    The Coq reference manual. URL http://coq.inria.fr/refman/
  55. 55.
    The Frama-C platform for static analysis of C programs (2008). URL http://www.frama-c.cea.fr/
  56. 56.
    Thomas, J.W.: Numerical partial differential equations: finite difference methods. In: Texts in Applied Mathematics, no. 22. Springer (1995)Google Scholar
  57. 57.
    Zach, R.: Hilbert’s “Verunglueckter Beweis,” the first epsilon theorem, and consistency proofs. URL http://front.math.ucdavis.edu/math.LO/0204255
  58. 58.
    Zwillinger, D.: Handbook of Differential Equations. Academic Press (1998)Google Scholar

Copyright information

© Springer Science+Business Media B.V. 2012

Authors and Affiliations

  • Sylvie Boldo
    • 1
    • 2
  • François Clément
    • 3
  • Jean-Christophe Filliâtre
    • 2
  • Micaela Mayero
    • 4
    • 5
  • Guillaume Melquiond
    • 1
    • 2
  • Pierre Weis
    • 3
  1. 1.ProValINRIA Saclay – Île-de-FranceOrsay cedexFrance
  2. 2.LRI, UMR 8623Université Paris-Sud, CNRSOrsay cedexFrance
  3. 3.PomdapiINRIA Paris – RocquencourtLe Chesnay cedexFrance
  4. 4.LIPN, UMR 7030Université de Paris-Nord, CNRSVilletaneuseFrance
  5. 5.LIP, Arénaire (INRIA Grenoble - Rhône-Alpes, CNRS UMR 5668, UCBL, ENS Lyon)LyonFrance

Personalised recommendations