Verification of C/C<bold>++</bold> programs has seen considerable progress in several areas, but not for programs that use these languages’ mathematical libraries. The reason is that all libraries in widespread use come with no guarantees about the computed results. This would seem to prevent any attempt at formal verification of programs that use them: without a specification for the functions, no conclusion can be drawn statically about the behavior of the program. We propose an alternative to surrender. We introduce a pragmatic approach that leverages the fact that most <monospace>math.h/cmath</monospace> functions are almost piecewise monotonic: as we discovered through exhaustive testing, they may have glitches , often of very small size and in small numbers. We develop interval refinement techniques for such functions based on a modified dichotomic search, which enable verification via symbolic execution based model checking, abstract interpretation, and test data generation. To the best of our knowledge, our refinement algorithms are the first in the literature to be able to handle non-correctly rounded function implementations, enabling verification in the presence of the most common implementations. We experimentally evaluate our approach on real-world code, showing its ability to detect or rule out anomalous behaviors.

中文翻译：

---

使用 math.h/cmath 函数验证浮点 C/C++ 程序的实用方法

C/C<bold>++</bold> 程序的验证已经在多个领域取得了相当大的进展，但对于使用这些语言的数学库的程序来说却并非如此。原因是所有广泛使用的库都不能保证计算结果。这似乎阻止了对使用它们的程序进行形式验证的任何尝试：如果没有函数规范，就无法静态地得出关于程序行为的结论。我们提出了投降的替代方案。我们介绍了一种实用的方法，它利用了大多数 <monospace>math.h/cmath</monospace> 函数是几乎分段单调：正如我们通过详尽的测试发现的那样，它们可能具有故障，通常尺寸很小且数量很少。我们基于修改后的二分搜索为此类函数开发区间细化技术，该技术可通过基于符号执行的模型检查、抽象解释和测试数据生成进行验证。据我们所知，我们的细化算法是文献中第一个能够处理非正确舍入函数实现的算法，从而能够在存在最常见实现的情况下进行验证。我们通过实验评估我们在现实世界代码上的方法，展示了它检测或排除异常行为的能力。