Verifying Fast and Sparse SSA-Based Optimizations in Coq

Demange, Delphine; Pichardie, David; Stefanesco, Léo

doi:10.1007/978-3-662-46663-6_12

Cited by 14 publications

(13 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We performed the same adaptations as in I-CHK. I-AC This is the implementation of the AC algorithm initially available in CompCertSSA [2,7]. The implementation uses a classical Kildall workset algorithm for solving the data-flow equations, and its correctness is proved directly (no a posteriori validator).…”

Section: Resultsmentioning

confidence: 99%

“…It discovers equivalence classes between program variables, where variables belonging to the same class are supposed to evaluate to the same value. Its implementation, presented in [7], closely follows the choices made in production compilers, and performs some dominance test requests to make sure that the chosen representative of a variable class dominates the definition point of that variable. To date, this dominance test was implemented (and proved directly) with a simple Allen and Cocke algorithm, using a Kildall workset algorithm, thus impacting the performance of our middle-end.…”

Section: Introduction and Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Validating Dominator Trees for a Fast, Verified Dominance Test

Blazy

Demange

Pichardie

2015

Interactive Theorem Proving

Self Cite

View full text Add to dashboard Cite

The problem of computing dominators in a control flow graph is central to numerous modern compiler optimizations. Many efficient algorithms have been proposed in the litterature, but mechanizing the correctness of the most sophisticated algorithms is still considered as too hard problems, and to this date, verified compilers use less optimized implementations. In contrast, production compilers, like GCC or LLVM, implement the classic, efficient Lengauer-Tarjan algorithm [12], to compute dominator trees. And subsequent optimization phases can then determine whether a CFG node dominates another node in constant time by using their respective depth-first search numbers in the dominator tree. In this work, we aim at integrating such techniques in verified compilers. We present a formally verified validator of untrusted dominator trees, on top of which we implement and prove correct a fast dominance test following these principles. We conduct our formal development in the Coq proof assistant, and integrate it in the middle-end of the CompCertSSA verified compiler. We also provide experimental results showing performance improvement over previous formalizations.

show abstract

Section: Resultsmentioning

confidence: 99%

Section: Introduction and Related Workmentioning

confidence: 99%

Validating Dominator Trees for a Fast, Verified Dominance Test

Blazy

Demange

Pichardie

2015

Interactive Theorem Proving

Self Cite

View full text Add to dashboard Cite

show abstract

“…linear scan, to be verified on top of the intricate liveness analysis theorem. There has also been much interest in formally verified SSA-form middle ends: the CompCertSSA project (Barthe et al 2014) extended CompCert with a formally specified SSA form middle-end, and also investigated formal verification of optimisations in their semantics (Demange et al 2015). Similarly, SSA-based optimisations were verified in the Vellvm project (Zhao et al 2013).…”

Section: Detailed Comparison With Previous Compilermentioning

confidence: 99%

A new verified compiler backend for CakeML

et al. 2016

View full text Add to dashboard Cite

We have developed and mechanically verified a new compiler backend for CakeML. Our new compiler features a sequence of intermediate languages that allows it to incrementally compile away high-level features and enables verification at the right levels of semantic detail. In this way, it resembles mainstream (unverified) compilers for strict functional languages. The compiler supports efficient curried multi-argument functions, configurable data representations, exceptions that unwind the call stack, register allocation, and more. The compiler targets several architectures: x86-64, ARMv6, ARMv8, MIPS-64, and RISC-V.In this paper, we present the overall structure of the compiler, including its 12 intermediate languages, and explain how everything fits together. We focus particularly on the interaction between the verification of the register allocator and the garbage collector, and memory representations. The entire development has been carried out within the HOL4 theorem prover.

show abstract

“…Apart from the generation itself, some progress has also been made on the formalization of the useful invariants and properties of SSA that ease the reasoning when it comes to proving optimizations. For instance, [1,11,23] formalize the strictness semantic invariant, basic equational reasoning and dominance-region reasoning. These are semantic tools that allow proving formally the correctness of Sparse Conditional Constant Propagation and Common Subexpression Elimination based on Global-Value-Numbering [11], or Copy Propagation and micro memory optimizations [23].…”

Section: Introductionmentioning

confidence: 99%

Semantic reasoning about the sea of nodes

Demange

Retana

Pichardie

2018

Proceedings of the 27th International Conference on Compiler Construction

Self Cite

View full text Add to dashboard Cite

The Sea of Nodes intermediate representation was introduced by Cliff Click in the mid 90s as an enhanced Static Single Assignment (SSA) form. It improves on the initial SSA form by relaxing the total order on instructions in basic blocks into explicit data and control dependencies. This makes programs more flexible to optimize. This graph-based representation is now used in many industrial-strength compilers, such as HotSpot or Graal. While the SSA form is now well understood from a semantic perspective-even formally verified optimizing compilers use it in their middle-end-very few semantic studies have been conducted about the Sea of Nodes. This paper presents a simple but rigorous formal semantics for a Sea of Nodes form. It comprises a denotational component to express data computation, and an operational component to express control flow. We then prove a fundamental, dominance-based semantic property on Sea of Nodes programs which determines the regions of the graph where the values of nodes are preserved. Finally, we apply our results to prove the semantic correctness of a redundant zero-check elimination optimization. All the necessary semantic properties have been mechanically verified in the Coq proof assistant.

show abstract

Verifying Fast and Sparse SSA-Based Optimizations in Coq

Cited by 14 publications

References 22 publications

Validating Dominator Trees for a Fast, Verified Dominance Test

Validating Dominator Trees for a Fast, Verified Dominance Test

A new verified compiler backend for CakeML

Semantic reasoning about the sea of nodes

Contact Info

Product

Resources

About