Results 1  10
of
34
A MachineChecked Theory of Floating Point Arithmetic
, 1999
"... . Intel is applying formal verification to various pieces of mathematical software used in Merced, the first implementation of the new IA64 architecture. This paper discusses the development of a generic floating point library giving definitions of the fundamental terms and containing formal pr ..."
Abstract

Cited by 31 (5 self)
 Add to MetaCart
. Intel is applying formal verification to various pieces of mathematical software used in Merced, the first implementation of the new IA64 architecture. This paper discusses the development of a generic floating point library giving definitions of the fundamental terms and containing formal proofs of important lemmas. We also briefly describe how this has been used in the verification effort so far. 1 Introduction IA64 is a new 64bit computer architecture jointly developed by HewlettPackard and Intel, and the forthcoming Merced chip from Intel will be its first silicon implementation. To avoid some of the limitations of traditional architectures, IA64 incorporates a unique combination of features, including an instruction format encoding parallelism explicitly, instruction predication, and speculative /advanced loads [4]. Nevertheless, it also offers full upwardscompatibility with IA32 (x86) code. 1 IA64 incorporates a number of floating point operations, the centerpi...
Guaranteed proofs using interval arithmetic
 Proceedings of the 17th Symposium on Computer Arithmetic, Cape Cod
, 2005
"... This paper presents a set of tools for mechanical reasoning of numerical bounds using interval arithmetic. The tools implement two techniques for reducing decorrelation: interval splitting and Taylor’s series expansions. Although the tools are designed for the proof assistant system PVS, expertise o ..."
Abstract

Cited by 22 (11 self)
 Add to MetaCart
This paper presents a set of tools for mechanical reasoning of numerical bounds using interval arithmetic. The tools implement two techniques for reducing decorrelation: interval splitting and Taylor’s series expansions. Although the tools are designed for the proof assistant system PVS, expertise on PVS is not required. The ultimate goal of the tools is to provide guaranteed proofs of numerical properties with a minimal humantheorem prover interaction. 1
Assisted verification of elementary functions using Gappa
 In Proceedings of the 2006 ACM symposium on Applied computing
, 2006
"... The implementation of a correctly rounded or interval elementary function needs to be proven carefully in the very last details. The proof requires a tight bound on the overall error of the implementation with respect to the mathematical function. Such work is function specific, concerns tens of lin ..."
Abstract

Cited by 17 (6 self)
 Add to MetaCart
The implementation of a correctly rounded or interval elementary function needs to be proven carefully in the very last details. The proof requires a tight bound on the overall error of the implementation with respect to the mathematical function. Such work is function specific, concerns tens of lines of code for each function, and will usually be broken by the smallest change to the code (e.g. for maintenance or optimization purpose). Therefore, it is very tedious and errorprone if done by hand. This article discusses the use of the Gappa proof assistant in this context. Gappa has two main advantages over previous approaches: Its input format is very close to the actual C code to validate, and it automates error evaluation and propagation using interval arithmetic. Besides, it can be used to incrementally prove complex mathematical properties pertaining to the C code. Yet it does not require any specific knowledge about automatic theorem proving, and thus is accessible to a wider community. Moreover, Gappa may generate a formal proof of the results that can be checked independently by a lowerlevel proof assistant like Coq, hence providing an even higher confidence in the certification of the numerical code. 1.
New Algorithms for Improved Transcendental Functions on IA64
"... The IA64 architecture provides new opportunities and challenges for implementing an improved set of transcendental functions. Using several novel polynomialbased tabledriven techniques, we are able to provide new algorithms for the transcendental functions. Major improvements include an accuracy ..."
Abstract

Cited by 14 (1 self)
 Add to MetaCart
The IA64 architecture provides new opportunities and challenges for implementing an improved set of transcendental functions. Using several novel polynomialbased tabledriven techniques, we are able to provide new algorithms for the transcendental functions. Major improvements include an accuracy level of about 0.6 ulps (units in the last place) and forward trigonometric functions that have a period of 2p . The accuracy enhancements are achieved at improved speed, yet without an increase in the table size. In this paper, we highlight the key IA64 architectural features that influenced our designs and explain the main ideas used in our new algorithms. 1 Introduction The IA32 architecture [5] provides hardware instructions to compute a small but important set of transcendental functions  F2XM1, FYL2X, FYL2XP1, FSIN, FCOS, FSINCOS, FPTAN, and FPATAN. The IA64 architecture, based on the EPIC (Explicitly Parallel Instruction Computing) technology, incorporates a combination of specu...
MultiProver Verification of FloatingPoint Programs ⋆
"... Abstract. In the context of deductive program verification, supporting floatingpoint computations is tricky. We propose an expressive language to formally specify behavioral properties of such programs. We give a firstorder axiomatization of floatingpoint operations which allows to reduce verifica ..."
Abstract

Cited by 14 (3 self)
 Add to MetaCart
Abstract. In the context of deductive program verification, supporting floatingpoint computations is tricky. We propose an expressive language to formally specify behavioral properties of such programs. We give a firstorder axiomatization of floatingpoint operations which allows to reduce verification to checking the validity of logic formulas, in a suitable form for a large class of provers including SMT solvers and interactive proof assistants. Experiments using the FramaC platform for static analysis of C code are presented. 1
Mixed abstractions for floatingpoint arithmetic
 In FMCAD
, 2009
"... Abstract—Floatingpoint arithmetic is essential for many embedded and safetycritical systems, such as in the avionics industry. Inaccuracies in floatingpoint calculations can cause subtle changes of the control flow, potentially leading to disastrous errors. In this paper, we present a simple and ..."
Abstract

Cited by 14 (3 self)
 Add to MetaCart
Abstract—Floatingpoint arithmetic is essential for many embedded and safetycritical systems, such as in the avionics industry. Inaccuracies in floatingpoint calculations can cause subtle changes of the control flow, potentially leading to disastrous errors. In this paper, we present a simple and general, yet powerful framework for building abstractions from formulas, and instantiate this framework to a bitaccurate, sound and complete decision procedure for IEEEcompliant binary floatingpoint arithmetic. Our procedure benefits in practice from its ability to flexibly harness both over and underapproximations in the abstraction process. We demonstrate the potency of the procedure for the formal analysis of floatingpoint software. I.
Proving bounds on realvalued functions with computations
 4th International Joint Conference on Automated Reasoning. Volume 5195 of Lecture Notes in Artificial Intelligence
, 2008
"... Abstract. Intervalbased methods are commonly used for computing numerical bounds on expressions and proving inequalities on real numbers. Yet they are hardly used in proof assistants, as the large amount of numerical computations they require keeps them out of reach from deductive proof processes. ..."
Abstract

Cited by 12 (2 self)
 Add to MetaCart
Abstract. Intervalbased methods are commonly used for computing numerical bounds on expressions and proving inequalities on real numbers. Yet they are hardly used in proof assistants, as the large amount of numerical computations they require keeps them out of reach from deductive proof processes. However, evaluating programs inside proofs is an efficient way for reducing the size of proof terms while performing numerous computations. This work shows how programs combining automatic differentiation with floatingpoint and interval arithmetic can be used as efficient yet certified solvers. They have been implemented in a library for the Coq proof system. This library provides tactics for proving inequalities on realvalued expressions. 1
Formal Verification of the VAMP Floating Point Unit
 In CHARME 2001, volume 2144 of LNCS
, 2001
"... We report on the formal verification of the floating point unit used in the VAMP processor. The FPU is fully IEEE compliant, and supports denormals and exceptions in hardware. The supported operations are addition, subtraction, multiplication, division, comparison, and conversions. The hardware is v ..."
Abstract

Cited by 12 (6 self)
 Add to MetaCart
We report on the formal verification of the floating point unit used in the VAMP processor. The FPU is fully IEEE compliant, and supports denormals and exceptions in hardware. The supported operations are addition, subtraction, multiplication, division, comparison, and conversions. The hardware is verified on the gate level against a formal description of the IEEE standard by means of the theorem prover PVS.
Verifying the accuracy of polynomial approximations in HOL
 Theorem Proving in Higher Order Logics: 10th International Conference, TPHOLs’97
, 1997
"... . Many modern algorithms for the transcendental functions rely on a large table of precomputed values together with a loworder polynomial to interpolate between them. In verifying such an algorithm, one is faced with the problem of bounding the error in this polynomial approximation. The most s ..."
Abstract

Cited by 11 (6 self)
 Add to MetaCart
. Many modern algorithms for the transcendental functions rely on a large table of precomputed values together with a loworder polynomial to interpolate between them. In verifying such an algorithm, one is faced with the problem of bounding the error in this polynomial approximation. The most straightforward methods are based on numerical approximations, and are not prima facie reducible to a formal HOL proof. We discuss a technique for proving such results formally in HOL, via the formalization of a number of results in polynomial theory, e.g. squarefree decomposition and Sturm's theorem, and the use of a computer algebra system to compute results that are then checked in HOL. We demonstrate our method by tackling an example from the literature. 1 Introduction Many algorithms for the transcendental functions such as exp, sin and ln in floating point arithmetic are based on table lookup. Suppose that a transcendental function f(x) is to be calculated. Values of f(a i ) are...