Preconditions for Compiler Optimizations Nuno Lopes Advisor José Monteiro Automatic Synthesis of Weakest Preconditions for Compiler Optimizations Expectations for Compilers ID: 801151
Download The PPT/PDF document "Automatic Synthesis of Weakest" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
Automatic Synthesis of Weakest Preconditions for Compiler Optimizations
Nuno Lopes
Advisor
: José Monteiro
Slide2Automatic Synthesis of Weakest Preconditions
for
Compiler Optimizations
Expectations for Compilers
Improve performance
Reduce code size
Reduce energy consumption
2
Slide3LLVM 3.2 introduced a Loop VectorizerPerformance improvement of 10-300% in benchmarksAutomatic
Synthesis
of Weakest
Preconditions for Compiler
OptimizationsCompilers Do Deliver3
Slide4Yang, Chen, Eide, Regehr [PLDI’12]:79 bugs in GCC (25 P1)202 bugs in LLVM2 wrong-code bugs in CompCertLe, Afshari, Su [PLDI’14]:
40 wrong-code bugs in GCC
42 wrong-code bugs in LLVM
Last week:395 open wrong-code bug reports in GCC14 open wrong-code bug reports in LLVM
Automatic Synthesis of Weakest Preconditions for Compiler OptimizationsBut Compilers are Full of Bugs
4
Slide5+0.5M LoC added to LLVM last year20k commitsOver 4M LoC in LLVMAutomatic
Synthesis of
Weakest Preconditions for Compiler
OptimizationsChurn in Compiler’s code5
Slide6Automatic Synthesis of Weakest Preconditions
for
Compiler Optimizations
Compilers by Dragon’s Lenses
Frontend
Optimizers
Backend
100101010
010001011
100110101
101010111
001010110
6
Slide7Automatic Synthesis of Weakest Preconditions
for
Compiler Optimizations
Loop Unswitching
w
hile
I < N
do
if
B
then
S
1
else
S
2
I := I + 1
if
B
then
w
hile
I < N do S1 I := I + 1else
while I < N do S2 I := I + 1
→
S1, S2 are template statementsB is a template Boolean expression7
Slide8Transformation functionPreconditionProfitability heuristic
Automatic
Synthesis
of Weakest Preconditions for
Compiler OptimizationsSpecifying Compiler Optimizations8
Slide9Automatic weakest precondition synthesis for compiler optimizationsAutomatic partial equivalence checking, applied to compiler optimization verification
Automatic Synthesis of Weakest Preconditions for Compiler Optimizations
Contributions
9
Slide10Deriving preconditions by hand is hard; WPs are often non-trivialWPs derived by hand are often wrong!Weaker preconditions expose more optimization opportunities
Automatic
Synthesis of
Weakest Preconditions for
Compiler OptimizationsWhy WP Synthesis for Compiler Optimizations?10
Slide11//
For a logical right shift, we can fold if the comparison is
not
//
signed. We can also fold a signed comparison if the shifted mask//
value and the shifted comparison value are not negative.
// These constraints are not obvious, but we can prove that they are
//
correct using an SMT solver such as "Z3" :
//
http://
rise4fun.com/Z3/Tslfh
Automatic
Synthesis
of
Weakest
Preconditions
for
Compiler
OptimizationsVerification to the Rescue:LLVM PR17827if (ShiftOpcode == Instruction::AShr) { // There may be some constraints that make this possible
, // but nothing simple has been discovered yet. CanFold = false;}lib/Transforms/InstCombine/InstCombineCompares.cpp11
Slide12Automatic Synthesis of Weakest Preconditions
for
Compiler Optimizations
Loop Unswitching
w
hile
I < N
do
if
B
then
S
1
else
S
2
I := I + 1
if
B
then
w
hile
I < N do S1 I := I + 1else
while I < N do S2 I := I + 1
→
12
Slide13Automatic Synthesis of Weakest Preconditions
for
Compiler Optimizations
Loop Unswitching:Example Instantiation
…
while
I < N
do
if
N > 5
then
A := A + N
else
A := A + 1
I := I + 1
…
if
N > 5
then
w
hile
I
< N do A := A + N I := I + 1else
while I < N do A := A + 1 I := I + 1
→
w
hile I < N doif B then S1else S2I := I + 1
Instantiation
:
13
Slide14Automatic Synthesis of Weakest Preconditions
for
Compiler Optimizations
Loop Unswitching
:Weakest Precondition
w
hile
I < N
do
if
B
then
S
1
else
S
2
I := I + 1
if
B
then
w
hile
I < N do S1 I := I + 1else
while I < N do S2 I := I + 1
→
Precondition:
14
Slide15Read and Write sets for each template statement/expressionArbitrary quantifier-free constraints over read/write setsIn practice constraints are only over R/W and W/W intersection
Automatic
Synthesis
of
Weakest
Preconditions
for
Compiler
Optimizations
Language of Preconditions
15
Slide16Books and developers already informally speak about read and write setsSimilar to PEC’sCan be efficiently discharged using current compiler technology:Memory dependence analysisAlias/pointer analysis
Loop analysis
Range analysis…
Automatic
Synthesis of Weakest Preconditions for Compiler Optimizations
Language of Preconditions:Suitability
16
Slide17Automatic Synthesis of Weakest Preconditions
for
Compiler Optimizations
Synthesizing WP for Loop Unswitching
w
hile
I < N
do
if
B
then
S
1
else
S
2
I := I + 1
if
B
then
w
hile
I < N do S1 I := I + 1else
while I < N do S2 I := I + 1
→
17
Slide18Automatic Synthesis of Weakest Preconditions
for
Compiler Optimizations
1) Find counterexample
w
hile
I < N
do
if
B
then
S
1
else
S
2
I := I + 1
if
B
then
w
hile
I < N do S1 I := I + 1else
while I < N do S2 I := I + 1
→
I < N
BS1I := I + 1I < NBS2I := I + 1I ≥ N
B
I < N
S
1
I := I +
1
I < N
S
1
I := I + 1
I ≥ N
Pre = true
18
Slide19Automatic
Synthesis
of
Weakest
Preconditions
for
Compiler
Optimizations
2) Synthesize WP for counterexample:
VC Gen
I < N
B
S
1
I := I +
1
I < N
B
S
2I := I + 1I ≥ N
I0 < N0 ˄B0 ˄I1
=
ite(wS1I, S1I0, I0) ˄N1 = ite(wS1N, S1N0, N0)
˄I2 = I1 + 1 ˄I2 < N1 ˄B1 ˄I3
=
ite
(wS2
I
,
S
2
I0, I
2
)
˄
N
2
=
ite
(wS
2
N
,
S
2
N0, N
1
)
˄
I
4
= I
3
+
1
˄
I
4
≥ N
2
19
Slide20Automatic
Synthesis
of
Weakest
Preconditions
for
Compiler
Optimizations
2) Synthesize WP for counterexample:
Conditional
Ackermannization
I
0
< N
0 ˄
B
0
˄
I
1 = ite(wS1
I, S1I0, I0) ˄N1 = ite(wS1N, S1N0, N
0) ˄I2 = I1 + 1 ˄I2 < N
1
˄B1 ˄I3 = ite(wS2I, S2I0, I2
) ˄N2 = ite(wS2N, S2N0, N1) ˄I4 = I3 + 1
˄
I
4 ≥ N
2
B
0
and B
1
are equal if the values of the variables in R(B) are equal
20
Slide21Automatic Synthesis of Weakest Preconditions
for
Compiler Optimizations
2) Synthesize WP for counterexample:
Final constraint
S
= Read/Write sets
V
=
Vars
from
VCGen
, Must-write
vars
A
possible
model
:
I < N
B
S
1
I := I +
1
I < N
B
S2I := I + 1I ≥ N
B
I < N
S
1
I := I +
1
I < N
S
1
I := I + 1
I ≥ N
21
Slide22Automatic Synthesis of Weakest Preconditions
for
Compiler Optimizations
2) Synthesize WP for counterexample:
Disjunction of all models
Precondition:
I < N
B
S
1
I := I +
1
I < N
B
S
2
I := I + 1
I ≥ N
B
I < N
S
1
I := I +
1
I < N
S
1
I := I + 1I ≥ N22
Slide23Automatic Synthesis of Weakest Preconditions
for
Compiler Optimizations
3) Iterate until no more counterexamples can be found
w
hile
I < N
do
if
B
then
S
1
else
S
2
I := I + 1
if
B
then
w
hile
I < N do S1 I := I + 1else
while I < N do S2 I := I + 1
→
Precondition:
23
Slide241) Find counterexample2) Generate WP that rules out the counterexample3) Iterate until no more counterexamples can be found
Automatic
Synthesis
of Weakest
Preconditions for Compiler OptimizationsAlgorithm
24
Slide25Model generalizationExploit UNSAT coresBias towards R/W and W/W intersectionsAutomatic
Synthesis of
Weakest Preconditions for Compiler
OptimizationsOptimizations25
Slide26Automatic Synthesis of Weakest Preconditions
for
Compiler Optimizations
PSyCO: Results
26
Slide27Automatic Synthesis of Weakest Preconditions
for
Compiler Optimizations
Example of Synthesized WP:
Software Pipelining
Precondition:
(
Weaker than PEC’s [PLDI’09])
27
Slide28Template statements/expressions become UFs over the read and write setsS
1
->
w/
Originates 2 UF+IA programs
Automatic
Synthesis
of
Weakest
Preconditions
for
Compiler
Optimizations
Verifying Optimizations with CORK
28
Slide29UFs abstracted by polynomials
->
(w/
)
Loops summarized using
recurrences
Sequential composition
Reduces to safety checking of loop-free + integer arithmetic program
Automatic Synthesis of Weakest Preconditions for Compiler Optimizations
CORK: Partial Equivalence Checking of UF+IA Programs
29
Slide30Automatic Synthesis of Weakest Preconditions
for
Compiler Optimizations
CORK: Polynomial Interpolation
30
Slide31Automatic Synthesis of Weakest Preconditions for Compiler OptimizationsCORK: Results
31
Slide32Apply to production compilersSynthesize implementation of optimizations (pattern matching, VC Gen, code transformation)Explain reasons for optimization failurePreserve debug info automaticallyPreserve analysis data across optimizations
Automatic
Synthesis of Weakest
Preconditions for Compiler OptimizationsFuture Work
32
Slide33There is significant on-going effort to improve compilers, which compromises correctnessPresented the first algorithm for the automatic synthesis of WPs for compiler optimizationsPresented the first algorithm for automatic partial equivalence checking of UF+IA programs
Applied to verification of compiler optimizations
Automatic
Synthesis
of Weakest Preconditions for Compiler OptimizationsConclusion
33
Slide34technology
from seed
Slide35Automatic
Synthesis
of
Weakest
Preconditions
for
Compiler
Optimizations
CORK: UFs -> Polynomials
35
Slide36Automatic
Synthesis
of
Weakest
Preconditions
for
Compiler
Optimizations
2) Synthesize WP for counterexample:
Must-write vs may-write
I
0
< N
0 ˄
B
0
˄
I
1
= ite(wS1
I, S1I0, I0) ˄N1 = ite(wS1N, S1N0, N
0) ˄I2 = I1 + 1 ˄I2 < N1
˄
B1 ˄I3 = ite(wS2I, S2I0, I2
) ˄N2 = ite(wS2N, S2N0, N1) ˄I4 = I3 + 1
˄
I
4 ≥ N
2
If a variable is in the write set of a statement, it may or may not be written.
36
Slide37Automatic Synthesis of Weakest Preconditions
for
Compiler Optimizations
Optimizers by Dragon’s Lenses
Optimization n
Optimization 1
Analysis 1
Analysis n
…
37
Slide38Automatic Synthesis of Weakest Preconditions
for
Compiler Optimizations
An Optimizer from the Future
Pattern Matching
VC Gen
Code Transformer
Analysis 1
Analysis n
…
38
Slide39Automatic
Synthesis
of Weakest Preconditions for Compiler
OptimizationsAn Optimizer from the Future:
Pattern Matching
Pattern Matching
VC Gen
Code Transformer
Analysis 1
Analysis n
…
…
while
I < N
do
if
N > 5
then
A := A + N
else
A := A + 1
I := I + 1
…
if
B
then
S
1
39
Slide40Automatic Synthesis of Weakest Preconditions
for
Compiler Optimizations
An Optimizer from the Future:
Verification
Pattern Matching
VC Gen
Code Transformer
Analysis 1
Analysis n
…
+ Precondition =
φ
Duality
HSF
Terminator
…
Range
Analysis
Alias
Analysis
Scalar
Evolution
…
40
Slide41Automatic Synthesis of Weakest Preconditions
for
Compiler Optimizations
An Optimizer from the Future:
Code Transformation
Pattern Matching
VC Gen
Code Transformer
Analysis 1
Analysis n
…
if
B
then
S
1
S
1
if
B
then
skip
A
:= A +
1
if
N >
5
then
skip
41