ABSTRACT
Modern compilers, such as LLVM and GCC, use a static single assignment(SSA) intermediate representation (IR) to simplify and enable many advanced optimizations. However, formally verifying the correctness of SSA-based optimizations is challenging because SSA properties depend on a function's entire control-flow graph.
This paper addresses this challenge by developing a proof technique for proving SSA-based program invariants and compiler optimizations. We use this technique in the Coq proof assistant to create mechanized correctness proofs of several "micro" transformations that form the building blocks for larger SSA optimizations. To demonstrate the utility of this approach, we formally verify a variant of LLVM's mem2reg transformation in Vellvm, a Coq-based formal semantics of the LLVM IR. The extracted implementation generates code with performance comparable to that of LLVM's unverified implementation.
- Static Single Assignment Book, 2012. Working draft available at http://ssabook.gforge.inria.fr/latest/book.pdf.Google Scholar
- A. W. Appel. SSA is functional programming. SIGPLAN Not., 33(4): 17--20, April 1998. ISSN 0362-1340. Google ScholarDigital Library
- J. Aycock and N. Horspool. Simple generation of static single assignment form. In CC, 2000. Google ScholarDigital Library
- G. Barthe, D. Demange, and D. Pichardie. A formally verified SSA-based middle-end - Static Single Assignment meets CompCert. In ESOP, 2012. Google ScholarDigital Library
- J. O. Blech, S. Glesner, J. Leitner, and S. Mülling. Optimizing code generation from SSA form: A comparison between two formal correctness proofs in Isabelle/HOL. Electron. Notes Theor. Comput. Sci., 141(2):33--51, 2005. Google ScholarDigital Library
- The Coq Proof Assistant Reference Manual (Version 8.3pl1). The Coq Development Team, 2011.Google Scholar
- R. Cytron, J. Ferrante, B. K. Rosen, M. N.Wegman, and F. K. Zadeck. Efficiently computing static single assignment form and the control dependence graph. TOPLAS, 13:451--490, 1991. Google ScholarDigital Library
- R. A. Kelsey. A correspondence between continuation passing style and static single assignment form. In IR, number 3, 1995. Google ScholarDigital Library
- X. Leroy. A formally verified compiler back-end. Journal of Automated Reasoning, 43(4):363--446, December 2009. ISSN 0168-7433. Google ScholarDigital Library
- The LLVM Reference Manual (Version 3.0). The LLVM Development Team, 2011. http://llvm.org/releases/3.0/docs/LangRef.html.Google Scholar
- W. Mansky and E. L. Gunter. A framework for formal verification of compiler optimizations. In ITP, 2010. Google ScholarDigital Library
- Y. Matsuno and A. Ohori. A type system equivalent to static single assignment. In PPDP, 2006. Google ScholarDigital Library
- V. S. Menon, N. Glew, B. R. Murphy, A. McCreight, T. Shpeisman, A. Adl-Tabatabai, and L. Petersen. A verifiable SSA program representation for aggressive compiler optimization. In POPL, 2006. Google ScholarDigital Library
- S. S. Muchnick. Advanced compiler design and implementation. Morgan Kaufmann Publishers Inc., San Francisco, CA, USA, 1997. ISBN 1-55860-320-4. Google ScholarDigital Library
- V. C. Sreedhar and G. R. Gao. A linear time algorithm for placing"-nodes. In POPL, 1995. Google ScholarDigital Library
- J.-B. Tristan and X. Leroy. Formal verification of translation validators: a case study on instruction scheduling optimizations. In POPL, 2008. Google ScholarDigital Library
- J.-B. Tristan and X. Leroy. Verified validation of lazy code motion. In PLDI, 2009. Google ScholarDigital Library
- J. B. Tristan and X. Leroy. A simple, verified validator for software pipelining. In POPL, 2010. Google ScholarDigital Library
- B. Yakobowski. Étude sémantique dun langage intermédiaire de type Static Single Assignment. Rapport de dea (Master's thesis), ENS Cachan and INRIA Rocquencourt, Sept. 2004.Google Scholar
- X. Yang, Y. Chen, E. Eide, and J. Regehr. Finding and understanding bugs in C compilers. In PLDI, 2011. Google ScholarDigital Library
- J. Zhao and S. Zdancewic. Mechanized verification of computing dominators for formalizing compilers. In CPP, 2012. Google ScholarDigital Library
- J. Zhao, S. Nagarakatte, M. M. K. Martin, and S. Zdancewic. For-malizing the LLVM intermediate representation for verified program transformations. In POPL, 2012. Google ScholarDigital Library
Index Terms
- Formal verification of SSA-based optimizations for LLVM
Recommendations
Formalizing the LLVM intermediate representation for verified program transformations
POPL '12: Proceedings of the 39th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languagesThis paper presents Vellvm (verified LLVM), a framework for reasoning about programs expressed in LLVM's intermediate representation and transformations that operate on it. Vellvm provides a mechanized formal semantics of LLVM's intermediate ...
Formal verification of SSA-based optimizations for LLVM
PLDI '13Modern compilers, such as LLVM and GCC, use a static single assignment(SSA) intermediate representation (IR) to simplify and enable many advanced optimizations. However, formally verifying the correctness of SSA-based optimizations is challenging ...
Formal Verification of an SSA-Based Middle-End for CompCert
CompCert is a formally verified compiler that generates compact and efficient code for a large subset of the C language. However, CompCert foregoes using SSA, an intermediate representation employed by many compilers that enables writing simpler, faster ...
Comments