Assisted verification of elementary functions using Gappa

Proceedings of the 2006 ACM symposium on Applied computing Pub Date : 2006-04-23 DOI:10.1145/1141277.1141584

F. D. Dinechin, C. Lauter, G. Melquiond

{"title":"Assisted verification of elementary functions using Gappa","authors":"F. D. Dinechin, C. Lauter, G. Melquiond","doi":"10.1145/1141277.1141584","DOIUrl":null,"url":null,"abstract":"The implementation of a correctly rounded or interval elementary function needs to be proven carefully in the very last details. The proof requires a tight bound on the overall error of the implementation with respect to the mathematical function. Such work is function specific, concerns tens of lines of code for each function, and will usually be broken by the smallest change to the code (e.g. for maintenance or optimization purpose). Therefore, it is very tedious and error-prone if done by hand. This article discusses the use of the Gappa proof assistant in this context. Gappa has two main advantages over previous approaches: Its input format is very close to the actual C code to validate, and it automates error evaluation and propagation using interval arithmetic. Besides, it can be used to incrementally prove complex mathematical properties pertaining to the C code. Yet it does not require any specific knowledge about automatic theorem proving, and thus is accessible to a wider community. Moreover, Gappa may generate a formal proof of the results that can be checked independently by a lower-level proof assistant like Coq, hence providing an even higher confidence in the certification of the numerical code.","PeriodicalId":269830,"journal":{"name":"Proceedings of the 2006 ACM symposium on Applied computing","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2006-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"84","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2006 ACM symposium on Applied computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1141277.1141584","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 84

Abstract

The implementation of a correctly rounded or interval elementary function needs to be proven carefully in the very last details. The proof requires a tight bound on the overall error of the implementation with respect to the mathematical function. Such work is function specific, concerns tens of lines of code for each function, and will usually be broken by the smallest change to the code (e.g. for maintenance or optimization purpose). Therefore, it is very tedious and error-prone if done by hand. This article discusses the use of the Gappa proof assistant in this context. Gappa has two main advantages over previous approaches: Its input format is very close to the actual C code to validate, and it automates error evaluation and propagation using interval arithmetic. Besides, it can be used to incrementally prove complex mathematical properties pertaining to the C code. Yet it does not require any specific knowledge about automatic theorem proving, and thus is accessible to a wider community. Moreover, Gappa may generate a formal proof of the results that can be checked independently by a lower-level proof assistant like Coq, hence providing an even higher confidence in the certification of the numerical code.

查看原文本刊更多论文

使用Gappa辅助验证基本函数

一个正确的四舍五入或区间初等函数的实现需要在最后的细节中仔细证明。证明需要对实现相对于数学函数的总体误差有一个严格的限定。这样的工作是特定于函数的，涉及到每个函数的数十行代码，并且通常会被代码的最小更改所破坏(例如为了维护或优化目的)。因此，如果手工完成，是非常繁琐和容易出错的。本文讨论了在这种情况下使用Gappa证明助手。与以前的方法相比，Gappa有两个主要优点:它的输入格式非常接近实际的C代码进行验证，并且它使用间隔算法自动进行错误评估和传播。此外，它还可以用于增量地证明与C代码相关的复杂数学属性。然而，它不需要任何关于自动定理证明的特定知识，因此可供更广泛的社区使用。此外，Gappa可以生成结果的形式化证明，可以由较低级别的证明助手(如Coq)独立检查，从而为数字代码的认证提供更高的信心。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 2006 ACM symposium on Applied computing

自引率

0.00%

发文量