Floating-point arithmetic

FPA semantics

FPA representation sign

SMT floating-point arithmetic

double Kp=1.0, Ki=0.25; double set_point=20.0, integral=0.0; double error, in, out; for (int i=0; i < N; i++) { in = read_input(); error = set_point – in; integral = integral + error; out = Kp*error + Ki*integral; set_output(out); } An example

Example strategy

(declare-fun Kp () (_ FloatingPoint 5 11)) (declare-fun … (define-fun rm () RoundingMode RNE) (assert (= c18 (fp #b0 #b10011 #b ))) ;; = 18.0 (assert (= c22 (fp #b0 #b10011 #b ))) ;; = 22.0 (assert (= cp3 (fp #b0 #b10000 #b ))) ;; = +3.0 (assert (= cn3 (fp #b1 #b10000 #b ))) ;; = -3.0 (assert (= Kp (fp #b0 #b01111 #b ))) ;; = 1.0 (assert (= Ki (fp #b0 #b01101 #b ))) ;; = 0.25 (assert (= set_point (fp #b0 #b10011 #b ))) ;; = 20.0 (assert (= integral (_ +zero 5 11))) ;; = +0.0 An example in SMT2

(assert (not (=> (and (fp.leq c18 in) (fp.leq in c22) (fp.eq error_post (fp.sub rm set_point in)) (fp.eq integral_post (fp.add rm integral error_post)) (fp.eq out (fp.add rm (fp.mul rm Kp error_post) (fp.mul rm Ki integral_post)))) (and (fp.leq cn3 out) (fp.leq out cp3)) ))) > z3 pi_controller_1.smt2 unsat An example in SMT2

Checking properties

Related techniques

1. Translate to QF_BV (build circuits) 2. Translate to SAT (e.g., Tseitin translation, bit-blasting) 3. Run SAT Solver 4. Translate models/proofs (back to QF_BV, then QF_FP) Solving QF_FP via SAT Circuit for and method of providing a floating-point adder US B1 (Xilinx)

Conversion QF_FP -> QF_BV -> SAT Example performance Bad

1. Mixed abstractions (CBMC) 2. Non-conservative approximations (Z3) 3. Abstraction into interval arithmetic (MathSAT) 4. Translation into non-linear reals (Realizer) Advanced QF_FP solving

Abstraction refinement Model sat Proof unsat no refinement possible failed

Mixed abstractions Brillout, Kroening, Wahl: Mixed Abstractions for Floating-Point Arithmetic. FMCAD 2009

Mixed abstractions Brillout, Kroening, Wahl: Mixed Abstractions for Floating-Point Arithmetic. FMCAD 2009 sign ORM URM RM

Small-float approximation sign RM Zeljic, Wintersteiger, Rümmer: Approximations for Model Construction. IJCAR 2014

For the theory of floating-point numbers: Small-floats inclusion Zeljic, Wintersteiger, Rümmer: Approximations for Model Construction. IJCAR 2014

Approximation framework lift reconstruct Zeljic, Wintersteiger, Rümmer: Approximations for Model Construction. IJCAR 2014

Lifting

Example precision terms

Refinement scheme Model sat Proof unsat no refinement possible failed

Approximate model construction

Model-guided refinement Model sat Proof unsat no refinement possible failed

Precise model reconstruction

Model-guided refinement

Proof-guided refinement Model sat Proof unsat no refinement possible failed

Proof-guided refinement

Algorithm properties

Fröhlich, Kovásznai, Biere: More on the Complexity of Quantifier-Free Fixed-Size Bit-Vector Logics with Binary Encoding. CSR 2013 Kovásznai, Fröhlich, Biere: On the Complexity of Fixed-Size Bit-Vector Logics with Binary Encoded Bit-Width. SMT 2012 A note on complexity

Non-conservative approximation Fröhlich, Biere, Wintersteiger, Hamadi: Stochastic Local Search for Satisfiability Modulo Theories. AAAI 2015

Abstract CDCL Brain, D’Silva, Griggio, Haller, Kroening: Interpolation-Based Verification of Floating-Point Programs with Abstract CDCL. SAS 2013 Brain, D’Silva, Griggio, Haller, Kroening: Deciding floating-point logic with abstract conflict driven clause learning. FMSD 45(2) 2014

FP-ACDCL

Realizer Leeser, Mukherjee, Ramachandran, Wahl: Make it real: Effective floating-point reasoning via exact arithmetic. DATE 2014

Mixed abstraction performance Brillout, Kroening, Wahl: Mixed Abstractions for Floating-Point Arithmetic. FMCAD 2009

FP-ACDCL performance Brain, D’Silva, Griggio, Haller, Kroening: Interpolation-Based Verification of Floating-Point Programs with Abstract CDCL. SAS 2013 Brain, D’Silva, Griggio, Haller, Kroening: Deciding floating-point logic with abstract conflict driven clause learning. FMSD 45(2) 2014

Experimental evaluation SATUNSAT Z37656 MathSAT76 Ours8646

Data (SAT)

Data (UNSAT)

Complexity of operations 5.3 Homogeneous general-computational operations General operations Implementations shall provide the following homogeneous general- computational operations for all supported arithmetic formats; … ― sourceFormat remainder(source, source) When y ≠ 0, the remainder r = remainder(x, y) is defined for finite x and y regardless of the … … FPREM1 … can reduce the exponent of ST(0) by no more than 63 in one execution of the instruction … Software can re-execute the instruction (using the partial remainder in ST(0) as the dividend) until … IEEE , Sec 5.3. Intel® 64 and IA-32 Architectures Software Developer’s Manual. May 2012

Conclusion