Automating the Verification of Floating-Point Programs

In the context of deductive program verification, handling floating-point computations is challenging. The level of proof success and proof automation highly depends on the way the floating-point operations are interpreted in the logic supported by back-end provers. We address this challenge by combining multiple techniques to separately prove different parts of the desired properties. We use abstract interpretation to compute numerical bounds of expressions, and we use multiple automated provers, relying on different strategies for representing floating-point computations. One of these strategies is based on the native support for floating-point arithmetic recently added in the SMT-LIB standard. Our approach is implemented in the Why3 environment and its front-end SPARK 2014 for the development of safety-critical Ada programs. It is validated experimentally on several examples originating from industrial use of SPARK 2014.

[1]  Guillaume Melquiond,et al.  Journal of Automated Reasoning manuscript No. (will be inserted by the editor) Wave Equation Numerical Resolution: a Comprehensive Mechanized Proof of a C Program , 2022 .

[2]  John Harrison,et al.  Floating Point Verification in HOL Light: The Exponential Function , 1997, Formal Methods Syst. Des..

[3]  Nikolai Kosmatov,et al.  Frama-C - A Software Analysis Perspective , 2012, SEFM.

[4]  Jean-Christophe Filliâtre,et al.  Formal Verification of Floating-Point Programs , 2007, 18th IEEE Symposium on Computer Arithmetic (ARITH '07).

[5]  Claude Marché,et al.  Verification of the functional behavior of a floating-point program: An industrial case study , 2014, Sci. Comput. Program..

[6]  Eric Goubault,et al.  Towards an Industrial Use of FLUCTUAT on Safety-Critical Avionics Software , 2009, FMICS.

[7]  Guillaume Melquiond,et al.  Certification of bounds on expressions involving rounded operators , 2007, TOMS.

[8]  David M. Russinoff A Mechanically Checked Proof of IEEE Compliance of the Floating Point Multiplication, Division and Square Root Algorithms of the AMD-K7™ Processor , 1998, LMS J. Comput. Math..

[9]  John Harrison,et al.  Formal Verification of Floating Point Trigonometric Functions , 2000, FMCAD.

[10]  Guillaume Melquiond,et al.  Flocq: A Unified Library for Proving Floating-Point Algorithms in Coq , 2011, 2011 IEEE 20th Symposium on Computer Arithmetic.

[11]  Antoine Miné,et al.  Relational Abstract Domains for the Detection of Floating-Point Run-Time Errors , 2004, ESOP.

[12]  Daniel Kroening,et al.  Deciding floating-point logic with abstract conflict driven clause learning , 2013, Formal Methods in System Design.

[13]  Claude Marché,et al.  Formal Verification of Numerical Programs: From C Annotated Programs to Mechanical Proofs , 2011, Math. Comput. Sci..

[14]  François Bobot,et al.  Sharpening Constraint Programming Approaches for Bit-Vector Theory , 2017, CPAIOR.

[15]  Claude Marché,et al.  Multi-Prover Verification of Floating-Point Programs , 2010, IJCAR.

[16]  Bruno Marre,et al.  Improving the Floating Point Addition and Subtraction Constraints , 2010, CP.

[17]  David Monniaux,et al.  The pitfalls of verifying floating-point computations , 2007, TOPL.

[18]  César A. Muñoz,et al.  Verification of Numerical Programs: From Real Numbers to Floating Point Numbers , 2013, NASA Formal Methods.

[19]  John Harrison,et al.  Floating-Point Verification , 2005, J. Univers. Comput. Sci..

[20]  Claude Marché,et al.  Specification and Proof of High-Level Functional Properties of Bit-Level Programs , 2016, NFM.

[21]  François Bobot,et al.  Let’s verify this with Why3 , 2014, International Journal on Software Tools for Technology Transfer.

[22]  Roderick Chapman,et al.  Are We There Yet? 20 Years of Industrial Theorem Proving with SPARK , 2014, ITP.

[23]  Yannick Moy,et al.  Static versus Dynamic Verification in Why3, Frama-C and SPARK 2014 , 2016, ISoLA.

[24]  Claude Marché,et al.  The Why/Krakatoa/Caduceus Platform for Deductive Program Verification , 2007, CAV.

[25]  Guillaume Melquiond,et al.  A Three-Tier Strategy for Reasoning About Floating-Point Numbers in SMT , 2017, CAV.

[26]  Nikolaj Bjørner,et al.  Z3: An Efficient SMT Solver , 2008, TACAS.

[27]  James Demmel,et al.  IEEE Standard for Floating-Point Arithmetic , 2008 .

[28]  Yannick Moy,et al.  Automated Verification of Floating-Point Computations in Ada Programs , 2017 .

[29]  Laurence Rideau,et al.  A Generic Library for Floating-Point Numbers and Its Application to Exact Computing , 2001, TPHOLs.