A generic library for floating-point numbers and its application to exact computing Marc Daumas, Laurence Rideau, Laurent Théry TPHOLs’2001

Motivations n Applying theorem proving (AOC) n Scientific computing n Standard (IEEE 754) n New results n Checking proofs

Related Works n PVS: Miner (IEEE 784) n ACL2: Russinoff (IEEE 754) n HOL: Harrison (IEEE 754)

Outline n Floating-point numbers n Formalization n Simple program verification n Expansion

E- 99 ExponentMantissaPrecision E+ 20 Floating-point numbers Normal: Subnormal: E+ 20 Canonic

Rounding 0

Formalization: float Arbitrary base:  nat n New type: float n Abstract representation:  n,p  n  p FtoR

Formalization: float n Bias: n Non-Unicity:  ,15  Projectors:  n[p], e[p] n Equality: p = q Order: p  q E+20  86766,16 

Formalization: float n Zero:  0,0  n One:  1,0  Addition:  n[p]  +n[q] ,u  where u=min(e[p],e[q]) Multiplication:  n[p]  n[q],e[p]+e[q]  e[p]-ue[q]-u

Bounded n Arbitrary bound: b (N[b],E[b]) n Bounded float: n Restricted quantification bounded float

Rounding n Predicate: R(r,p) n Total: n Compatible: n Monotone: n Min or Max:

Proof Sterbenz:

Theorem n n n 1.00 E+9 and 1.11 E+10 Dekker

Example X := 1.0; Y := 1.0 while (X+1.0)-X=1.0 do X:=X*2.0 while (X+Y)-X<>Y do Y:=Y+1.0 Y=2 Y=10

First Loop while (X+1.0)-X=1.0 do X:=X*2.0 ,0   102,1  0

Second Loop while (X+Y)-X<>Y do Y:=Y+1.0 

Formal Proof n Direct n General Statement n Arbitrary base n Arbitrary format n Arbitrary rounding

Exact computing n Rounding errors n Basic operations n Applications a b abab 

Expansion n List: n Non-overlapping: n Sorted

Building an expansion

Adding a float to an expansion... f

Adding two expansions...

Library n Lines n 90 Definitions n 780 Theorems

Conclusions n Generic Library n Precise Statements n Checking Proofs