Formal Verification of Roundoff Error Bounds using Semidefinite Programming Victor Magron , CNRS VERIMAG Jointly Certified Upper Bounds with G. Constantinides and A. Donaldson Jointly Certified Lower Bounds with M. Farid GTVerif IRIF, 16 June 2016 Victor Magron Formal Verification of Roundoff Error Bounds using Semidefinite Programming 1 / 23
Errors and Proofs Mathematicians and Computer Scientists want to eliminate all the uncertainties on their results. Why? Victor Magron Formal Verification of Roundoff Error Bounds using Semidefinite Programming 2 / 23
Errors and Proofs Mathematicians and Computer Scientists want to eliminate all the uncertainties on their results. Why? M. Lecat, Erreurs des Mathématiciens des origines à nos jours, 1935. ❀ 130 pages of errors! (Euler, Fermat, . . . ) Victor Magron Formal Verification of Roundoff Error Bounds using Semidefinite Programming 2 / 23
Errors and Proofs Mathematicians and Computer Scientists want to eliminate all the uncertainties on their results. Why? M. Lecat, Erreurs des Mathématiciens des origines à nos jours, 1935. ❀ 130 pages of errors! (Euler, Fermat, . . . ) Ariane 5 launch failure, Pentium FDIV bug Victor Magron Formal Verification of Roundoff Error Bounds using Semidefinite Programming 2 / 23
Errors and Proofs Mathematicians and Computer Scientists want to eliminate all the uncertainties on their results. Why? M. Lecat, Erreurs des Mathématiciens des origines à nos jours, 1935. ❀ 130 pages of errors! (Euler, Fermat, . . . ) Ariane 5 launch failure, Pentium FDIV bug U.S. Patriot missile killed 28 soldiers from the U.S. Army’s Internal clock: 0.1 sec intervals Roundoff error on the binary constant “0.1” Victor Magron Formal Verification of Roundoff Error Bounds using Semidefinite Programming 2 / 23
Roundoff Error Bounds Real : f ( x ) : = x 1 × x 2 + x 3 Floating-point : ˆ f ( x , e ) : = [ x 1 x 2 ( 1 + e 1 ) + x 3 ]( 1 + e 2 ) Input variable constraints x ∈ X Finite precision ❀ bounds over e ∈ E : | e i | � 2 − 53 (double) Guarantees on absolute round-off error | ˆ f − f | ? ↓ Upper Bounds ↓ max ˆ max ˆ f − f f − f ↑ Lower Bounds ↑ ↓ Lower Bounds ↓ min ˆ min ˆ f − f f − f ↑ Upper Bounds ↑ Victor Magron Formal Verification of Roundoff Error Bounds using Semidefinite Programming 3 / 23
Nonlinear Programs Polynomials programs : + , − , × x 2 x 5 + x 3 x 6 + x 1 ( − x 1 + x 2 + x 3 − x 4 + x 5 + x 6 ) Victor Magron Formal Verification of Roundoff Error Bounds using Semidefinite Programming 4 / 23
Nonlinear Programs Polynomials programs : + , − , × x 2 x 5 + x 3 x 6 + x 1 ( − x 1 + x 2 + x 3 − x 4 + x 5 + x 6 ) Semialgebraic programs: | · | , √ , /, sup, inf 4 x x 1 + 1.11 Victor Magron Formal Verification of Roundoff Error Bounds using Semidefinite Programming 4 / 23
Nonlinear Programs Polynomials programs : + , − , × x 2 x 5 + x 3 x 6 + x 1 ( − x 1 + x 2 + x 3 − x 4 + x 5 + x 6 ) Semialgebraic programs: | · | , √ , /, sup, inf 4 x x 1 + 1.11 Transcendental programs: arctan, exp, log, . . . log ( 1 + exp ( x )) Victor Magron Formal Verification of Roundoff Error Bounds using Semidefinite Programming 4 / 23
Existing Frameworks Classical methods : Abstract domains [Goubault-Putot 11] F LUCTUAT : intervals, octagons, zonotopes Interval arithmetic [Daumas-Melquiond 10] G APPA : interface with C OQ proof assistant Victor Magron Formal Verification of Roundoff Error Bounds using Semidefinite Programming 5 / 23
Existing Frameworks Recent progress : Affine arithmetic + SMT [Darulova 14] rosa : sound compiler for reals (S CALA ) Symbolic Taylor expansions [Solovyev 15] FPTaylor : certified optimization (OC AML /H OL - LIGHT ) Guided random testing s3fp [Chiang 14] Victor Magron Formal Verification of Roundoff Error Bounds using Semidefinite Programming 5 / 23
Contributions Maximal Roundoff error of the program implementation of f : r ⋆ : = max | ˆ f ( x , e ) − f ( x ) | Decomposition: r = linear term l w.r.t. e + nonlinear term h max | l | + max | h | � r ⋆ � max | l | − max | h | Coarse bound of h with interval arithmetic Semidefinite programming (SDP) bounds for l : Victor Magron Formal Verification of Roundoff Error Bounds using Semidefinite Programming 6 / 23
Contributions Maximal Roundoff error of the program implementation of f : r ⋆ : = max | ˆ f ( x , e ) − f ( x ) | Decomposition: r = linear term l w.r.t. e + nonlinear term h max | l | + max | h | � r ⋆ � max | l | − max | h | Coarse bound of h with interval arithmetic Semidefinite programming (SDP) bounds for l : ↓ Upper Bounds ↓ ↑ Lower Bounds ↑ ↓ Lower Bounds ↓ ↑ Upper Bounds ↑ Sparse SDP relaxations Robust SDP relaxations Victor Magron Formal Verification of Roundoff Error Bounds using Semidefinite Programming 6 / 23
Contributions 1 General SDP framework for upper and lower bounds 2 Comparison with SMT and linear/affine/Taylor arithmetic: � Tight upper bounds + ❀ Efficient optimization 3 Extensions to transcendental/conditional programs 4 Formal verification of SDP bounds 5 Open source tool Real2Float (in OC AML and C OQ ) Victor Magron Formal Verification of Roundoff Error Bounds using Semidefinite Programming 6 / 23
Introduction Semidefinite Programming for Polynomial Optimization Upper Bounds with Sparse SDP Lower Bounds with Robust SDP Conclusion
What is Semidefinite Programming? Linear Programming (LP): ⊤ z min c z s.t. A z � d . Linear cost c Polyhedron Linear inequalities “ ∑ i A ij z j � d i ” Victor Magron Formal Verification of Roundoff Error Bounds using Semidefinite Programming 7 / 23
What is Semidefinite Programming? Semidefinite Programming (SDP): ⊤ z min c z ∑ s.t. F i z i � F 0 . i Linear cost c Symmetric matrices F 0 , F i Spectrahedron Linear matrix inequalities “ F � 0” ( F has nonnegative eigenvalues) Victor Magron Formal Verification of Roundoff Error Bounds using Semidefinite Programming 8 / 23
What is Semidefinite Programming? Semidefinite Programming (SDP): ⊤ z min c z ∑ A z = d . s.t. F i z i � F 0 , i Linear cost c Symmetric matrices F 0 , F i Spectrahedron Linear matrix inequalities “ F � 0” ( F has nonnegative eigenvalues) Victor Magron Formal Verification of Roundoff Error Bounds using Semidefinite Programming 9 / 23
Applications of SDP Combinatorial optimization Control theory Matrix completion Solving polynomial optimization (Lasserre ’01) Victor Magron Formal Verification of Roundoff Error Bounds using Semidefinite Programming 10 / 23
SDP for Polynomial Optimization Prove polynomial inequalities with SDP: f ( a , b ) : = a 2 − 2 ab + b 2 � 0 . � � � � � � z 1 z 2 a Find z s.t. f ( a , b ) = a b . z 2 z 3 b � �� � � 0 Find z s.t. a 2 − 2 ab + b 2 = z 1 a 2 + 2 z 2 ab + z 3 b 2 ( A z = d ) � z 1 � � 1 � � 0 � � 0 � � 0 � z 2 0 1 0 0 = z 1 + z 2 + z 3 � z 2 z 3 0 0 1 0 0 1 0 0 � �� � � �� � � �� � � �� � F 1 F 2 F 3 F 0 Victor Magron Formal Verification of Roundoff Error Bounds using Semidefinite Programming 11 / 23
SDP for Polynomial Optimization Choose a cost c e.g. ( 1, 0, 1 ) and solve: ⊤ z min c z ∑ s.t. F i z i � F 0 , A z = d . i � 1 � z 1 � � z 2 − 1 Solution = � 0 (eigenvalues 0 and 2) − 1 z 2 z 3 1 � � 1 � � a � − 1 a 2 − 2 ab + b 2 = � = ( a − b ) 2 . a b − 1 1 b � �� � � 0 Solving SDP = ⇒ Finding S UMS OF S QUARES certificates Victor Magron Formal Verification of Roundoff Error Bounds using Semidefinite Programming 12 / 23
SDP for Polynomial Optimization Hierarchy of SDP relaxations : � � f ∗ : = min x ∈ X f ( x ) � λ k : = sup λ : f − λ SOS of degree 2k λ Victor Magron Formal Verification of Roundoff Error Bounds using Semidefinite Programming 13 / 23
SDP for Polynomial Optimization Hierarchy of SDP relaxations : � � f ∗ : = min x ∈ X f ( x ) � λ k : = sup λ : f − λ SOS of degree 2k λ Theorem [Lasserre 01] λ k ↑ f ∗ Victor Magron Formal Verification of Roundoff Error Bounds using Semidefinite Programming 13 / 23
SDP for Polynomial Optimization Hierarchy of SDP relaxations : � � f ∗ : = min x ∈ X f ( x ) � λ k : = sup λ : f − λ SOS of degree 2k λ Theorem [Lasserre 01] λ k ↑ f ∗ “No Free Lunch” Rule : ( n + 2 k n ) SDP variables Victor Magron Formal Verification of Roundoff Error Bounds using Semidefinite Programming 13 / 23
Sparse SDP Optimization [Waki, Lasserre 06] Correlative sparsity pattern (csp) of variables x 2 x 5 + x 3 x 6 − x 2 x 3 − x 5 x 6 + x 1 ( − x 1 + x 2 + x 3 − x 4 + x 5 + x 6 ) 6 5 4 1 2 3 C 1 : = { 1, 4 } 1 Maximal cliques C 1 , . . . , C l C 2 : = { 1, 2, 3, 5 } 2 Average size κ ❀ ( κ + 2 k C 3 : = { 1, 3, 5, 6 } κ ) Dense SDP: 210 variables variables Sparse SDP: 115 variables Victor Magron Formal Verification of Roundoff Error Bounds using Semidefinite Programming 14 / 23
Introduction Semidefinite Programming for Polynomial Optimization Upper Bounds with Sparse SDP Lower Bounds with Robust SDP Conclusion
Recommend
More recommend