Results 1  10
of
10
MultiProver Verification of FloatingPoint Programs ⋆
"... Abstract. In the context of deductive program verification, supporting floatingpoint computations is tricky. We propose an expressive language to formally specify behavioral properties of such programs. We give a firstorder axiomatization of floatingpoint operations which allows to reduce verifica ..."
Abstract

Cited by 14 (3 self)
 Add to MetaCart
Abstract. In the context of deductive program verification, supporting floatingpoint computations is tricky. We propose an expressive language to formally specify behavioral properties of such programs. We give a firstorder axiomatization of floatingpoint operations which allows to reduce verification to checking the validity of logic formulas, in a suitable form for a large class of provers including SMT solvers and interactive proof assistants. Experiments using the FramaC platform for static analysis of C code are presented. 1
Combining Coq and Gappa for Certifying FloatingPoint Programs
, 2009
"... Formal verification of numerical programs is notoriously difficult. On the one hand, there exist automatic tools specialized in floatingpoint arithmetic, such as Gappa, but they target very restrictive logics. On the other hand, there are interactive theorem provers based on the LCF approach, such ..."
Abstract

Cited by 11 (1 self)
 Add to MetaCart
Formal verification of numerical programs is notoriously difficult. On the one hand, there exist automatic tools specialized in floatingpoint arithmetic, such as Gappa, but they target very restrictive logics. On the other hand, there are interactive theorem provers based on the LCF approach, such as Coq, that handle a generalpurpose logic but that lack proof automation for floatingpoint properties. To alleviate these issues, we have implemented a mechanism for calling Gappa from a Coq interactive proof. This paper presents this combination and shows on several examples how this approach offers a significant speedup in the process of verifying floatingpoint programs.
Behavioral Properties of FloatingPoint Programs ⋆
"... Abstract. We propose an expressive language to specify formally behavioral properties of programs involving floatingpoint computations. We present a deductive verification technique, which allows to prove formally that a given program meets its specifications, using either SMTclass automatic theor ..."
Abstract

Cited by 3 (3 self)
 Add to MetaCart
Abstract. We propose an expressive language to specify formally behavioral properties of programs involving floatingpoint computations. We present a deductive verification technique, which allows to prove formally that a given program meets its specifications, using either SMTclass automatic theorem provers or general interactive proof assistants. Experiments using the FramaC platform for static analysis of C code are presented. 1
Author manuscript, published in "Certified Programs and Proofs (2011)" HardwareDependent Proofs of Numerical Programs ⋆
, 2013
"... Abstract. We present an approach for proving behavioral properties of numerical programs by analyzing their compiled assembly code. We focus on the issues and traps that may arise on oatingpoint computations. Direct analysis of the assembly code allows us to take into account architecture or compi ..."
Abstract
 Add to MetaCart
Abstract. We present an approach for proving behavioral properties of numerical programs by analyzing their compiled assembly code. We focus on the issues and traps that may arise on oatingpoint computations. Direct analysis of the assembly code allows us to take into account architecture or compilerdependent features such as the possible use of extended precision registers. The approach is implemented on top of the generic Why platform for deductive veri cation, which allows us to perform experiments where proofs are discharged by combining several backend automatic provers. 1
Author manuscript, published in "21st IEEE International Symposium on Computer Arithmetic (2013)" How to Compute the Area of a Triangle: a Formal Revisit Sylvie Boldo
, 2013
"... Abstract—Mathematical values are usually computed using wellknown mathematical formulas without thinking about their accuracy, which may turn awful with particular instances. This is the case for the computation of the area of a triangle. When the triangle is needlelike, the common formula has a v ..."
Abstract
 Add to MetaCart
Abstract—Mathematical values are usually computed using wellknown mathematical formulas without thinking about their accuracy, which may turn awful with particular instances. This is the case for the computation of the area of a triangle. When the triangle is needlelike, the common formula has a very poor accuracy. Kahan proposed in 1986 an algorithm he claimed correct within a few ulps. Goldberg took over this algorithm in 1991 and gave a precise error bound. This article presents a formal proof of this algorithm, an improvement of its error bound and new investigations in case of underflow. Index Terms—floatingpoint arithmetic, formal proof, Coq, triangle, underflow I.
Formally Veri ed Conditions for Regularity of Interval Matrices
, 2010
"... Abstract. We propose a formal study of interval analysis that concentrates on theoretical aspects rather than on computational ones. In particular we are interested in conditions for regularity of interval matrices. An interval matrix is called regular if all scalar matrices included in the interval ..."
Abstract
 Add to MetaCart
Abstract. We propose a formal study of interval analysis that concentrates on theoretical aspects rather than on computational ones. In particular we are interested in conditions for regularity of interval matrices. An interval matrix is called regular if all scalar matrices included in the interval matrix have nonnull determinant and it is called singular otherwise. Regularity plays a central role in solving systems of linear interval equations. Several tests for regularity are available and widely used, but sometimes rely on rather involved results, hence the interest in formally verifying such conditions of regularity. In this paper we set the basis for this work: we de ne intervals, interval matrices and operations on them in the proof assistant Coq, and verify criteria for regularity and singularity of interval matrices.
Coquelicot: A UserFriendly Library of Real Analysis for Coq
, 2013
"... Abstract. Real analysis is pervasive to many applications, if only because it is a suitable tool for modeling physical or socioeconomical systems. As such, its support is warranted in proof assistants, so that the users have a way to formally verify mathematical theorems and correctness of critical ..."
Abstract
 Add to MetaCart
Abstract. Real analysis is pervasive to many applications, if only because it is a suitable tool for modeling physical or socioeconomical systems. As such, its support is warranted in proof assistants, so that the users have a way to formally verify mathematical theorems and correctness of critical systems. The Coq system comes with an axiomatization of standard real numbers and a library of theorems on real analysis. Unfortunately, this standard library is lacking some widely used results. For instance, power series are not developed further than their definition. Moreover, the definitions of integrals and derivatives are based on dependent types, which make them especially cumbersome to use in practice. To palliate these inadequacies, we have designed a userfriendly library: Coquelicot. An easier way of writing formulas and theorem statements is achieved by relying on total functions in place of dependent types for limits, derivatives, integrals, power series, and so on. To help with the proof process, the library comes with a comprehensive set of theorems that cover not only these notions, but also some extensions such as parametric integrals, twodimensional differentiability, asymptotic behaviors. It also offers some automations for performing differentiability proofs. Moreover, Coquelicot is a conservative extension of Coq’s standard library and we provide correspondence theorems between the two libraries. We have exercised the library on several use cases: in an exam at university entry level, for the definitions and properties of Bessel functions, and for the solution of the onedimensional wave equation.