Combining Coq and Gappa for Certifying Floating-Point Programs

  • Sylvie Boldo
  • Jean-Christophe Filliâtre
  • Guillaume Melquiond
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5625)

Abstract

Formal verification of numerical programs is notoriously difficult. On the one hand, there exist automatic tools specialized in floating-point arithmetic, such as Gappa, but they target very restrictive logics. On the other hand, there are interactive theorem provers based on the LCF approach, such as Coq, that handle a general-purpose logic but that lack proof automation for floating-point properties. To alleviate these issues, we have implemented a mechanism for calling Gappa from a Coq interactive proof. This paper presents this combination and shows on several examples how this approach offers a significant speedup in the process of verifying floating-point programs.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Microprocessor Standards Subcommittee: IEEE Standard for Floating-Point Arithmetic. IEEE Std. 754-2008, pp. 1–58 (August 2008)Google Scholar
  2. 2.
    O’Leary, J., Zhao, X., Gerth, R., Seger, C.J.H.: Formally verifying IEEE compliance of floating-point hardware. Intel Technology Journal (Q1), 1–10 (February 1999)Google Scholar
  3. 3.
    Reeber, E., Sawada, J.: Combining ACL2 and an automated verification tool to verify a multiplier. In: Manolios, P., Wilding, M. (eds.) 6th International Workshop on the ACL2 Theorem Prover and its Applications, August 2006, pp. 63–70 (2006)Google Scholar
  4. 4.
    Carreño, V.A., Miner, P.S.: Specification of the IEEE-854 floating-point standard in HOL and PVS. In: HOL 1995: 8th International Workshop on Higher-Order Logic Theorem Proving and Its Applications, Aspen Grove, UT (September 1995)Google Scholar
  5. 5.
    Harrison, J.: A machine-checked theory of floating-point arithmetic. In: Bertot, Y., Dowek, G., Hirschowitz, A., Paulin, C., Théry, L. (eds.) TPHOLs 1999. LNCS, vol. 1690, pp. 113–130. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  6. 6.
    Filliâtre, J.-C., Marché, C.: The Why/Krakatoa/Caduceus Platform for Deductive Program Verification. In: Damm, W., Hermanns, H. (eds.) CAV 2007. LNCS, vol. 4590, pp. 173–177. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  7. 7.
    Filliâtre, J.C., Marché, C.: Multi-prover verification of C programs. In: Davies, J., Schulte, W., Barnett, M. (eds.) ICFEM 2004. LNCS, vol. 3308, pp. 15–29. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  8. 8.
    Conchon, S., Contejean, E., Kanig, J., Lescuyer, S.: CC(X): Semantical Combination of Congruence Closure with Solvable Theories. In: 5th International Workshop on Satisfiability Modulo Theories (SMT 2007). Electronic Notes in Computer Science, vol. 198(2), pp. 51–69. Elsevier Science Publishers, Amsterdam (1985)Google Scholar
  9. 9.
    Hoare, C.A.R.: An axiomatic basis for computer programming. Communications of the ACM 12(10), 576–580, 583 (1969)CrossRefMATHGoogle Scholar
  10. 10.
    Boldo, S., Filliâtre, J.C.: Formal Verification of Floating-Point Programs. In: 18th IEEE International Symposium on Computer Arithmetic, Montpellier, France, June 2007, pp. 187–194 (2007)Google Scholar
  11. 11.
    Bertot, Y., Castéran, P.: Interactive Theorem Proving and Program Development. Coq’Art: The Calculus of Inductive Constructions. Texts in Theoretical Computer Science. Springer, Heidelberg (2004)CrossRefMATHGoogle Scholar
  12. 12.
    The Coq Development Team: The Coq Proof Assistant Reference Manual – Version V8.2. (2008), http://coq.inria.fr/
  13. 13.
    Mayero, M.: The Three Gap Theorem (Steinhauss conjecture). In: Coquand, T., Nordström, B., Dybjer, P., Smith, J. (eds.) TYPES 1999. LNCS, vol. 1956, pp. 162–173. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  14. 14.
    Daumas, M., Rideau, L., Théry, L.: A generic library of floating-point numbers and its application to exact computing. In: 14th International Conference on Theorem Proving in Higher Order Logics, Edinburgh, Scotland, pp. 169–184 (2001)Google Scholar
  15. 15.
    Boldo, S.: Preuves formelles en arithmétiques à virgule flottante. PhD thesis, École Normale Supérieure de Lyon (November 2004)Google Scholar
  16. 16.
    Boldo, S.: Pitfalls of a Full Floating-Point Proof: Example on the Formal Proof of the Veltkamp/Dekker Algorithms. In: 3rd International Joint Conference on Automated Reasoning (IJCAR), Seattle, USA, August 2006, pp. 52–66 (2006)Google Scholar
  17. 17.
    Melquiond, G.: Proving bounds on real-valued functions with computations. In: Armando, A., Baumgartner, P., Dowek, G. (eds.) IJCAR 2008. LNCS, vol. 5195, pp. 2–17. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  18. 18.
    de Dinechin, F., Lauter, C., Melquiond, G.: Assisted verification of elementary functions using Gappa. In: ACM Symposium on Applied Computing, Dijon, France, pp. 1318–1322 (2006)Google Scholar
  19. 19.
    Melquiond, G.: De l’arithmétique d’intervalles à la certification de programmes. PhD thesis, École Normale Supérieure de Lyon, Lyon, France (November 2006)Google Scholar
  20. 20.
    Bécache, E.: Étude de schémas numériques pour la résolution de l’équation des ondes. ENSTA (September 2003)Google Scholar
  21. 21.
    Boldo, S.: Floats & Ropes: a case study for formal numerical program verification. In: 36th International Colloquium on Automata, Languages and Programming. LNCS. Springer, Heidelberg (2009)Google Scholar
  22. 22.
    Kahan, W.: On the Cost of Floating-Point Computation Without Extra-Precise Arithmetic (November 2004), http://www.cs.berkeley.edu/~wkahan/Qdrtcs.pdf
  23. 23.
    Boldo, S., Daumas, M., Kahan, W., Melquiond, G.: Proof and certification for an accurate discriminant. In: 12th IMACS-GAMM International Symposium on Scientific Computing, Computer Arithmetic and Validated Numerics, Duisburg, Germany (September 2006)Google Scholar
  24. 24.
    Boldo, S.: Kahan’s algorithm for a correct discriminant computation at last formally proven. IEEE Transactions on Computers 58(2), 220–225 (2009)MathSciNetCrossRefGoogle Scholar
  25. 25.
    Boutin, S.: Using reflection to build efficient and certified decision procedures. Theoretical Aspects of Computer Software, 515–529 (1997)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Sylvie Boldo
    • 1
    • 2
  • Jean-Christophe Filliâtre
    • 2
    • 1
  • Guillaume Melquiond
    • 1
    • 2
  1. 1.INRIA Saclay - Île-de-France, ProValOrsay
  2. 2.LRIUniversité Paris-Sud, CNRSOrsayFrance

Personalised recommendations