formally proving a compiler transformation safe
play

Formally Proving a Compiler Transformation Safe Joachim Breitner - PowerPoint PPT Presentation

Mar 26, 2023 •344 likes •777 views

Formally Proving a Compiler Transformation Safe Joachim Breitner Haskell Symposium 2015 3 August 2015, Vancouver PROGRAMMING PARADIGMS GROUP 1 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING

  1. Formally Proving a Compiler Transformation Safe Joachim Breitner Haskell Symposium 2015 3 August 2015, Vancouver PROGRAMMING PARADIGMS GROUP 1 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP KIT – University of the State of Baden-Wuerttemberg and www.kit.edu National Research Center of the Helmholtz Association

  2. Short summary I formally proved that Call Arity is safe. 2 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  3. Short summary I formally proved that Call Arity is safe. W H A B 2 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  4. Short summary I formally proved that Call Arity is safe. “W hat exactly have you shown?” H A B 2 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  5. Short summary I formally proved that Call Arity is safe. “W hat exactly have you shown?” “H ow did you prove that?” A B 2 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  6. Short summary I formally proved that Call Arity is safe. “W hat exactly have you shown?” “H ow did you prove that?” “A re you sure about this?” B 2 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  7. Short summary I formally proved that Call Arity is safe. “W hat exactly have you shown?” “H ow did you prove that?” “A re you sure about this?” “B ut, . . . !” 2 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  8. What exactly is. . . Call Arity? Call Arity is an arity analysis: let fac 10 = id let fac 10 y = y = fac x = ń y. fac (x+1) (y ∗ x) ⇒ fac x y = fac (x+1) (y ∗ x) in fac 0 1 in fac 0 1 3 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  9. What exactly is. . . Call Arity? Call Arity is an arity analysis: let fac 10 = id let fac 10 y = y = fac x = ń y. fac (x+1) (y ∗ x) ⇒ fac x y = fac (x+1) (y ∗ x) in fac 0 1 in fac 0 1 So far: Naive forward arity analysis, see Gill’s PhD thesis from 96 3 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  10. What exactly is. . . the problem? Eta-expanding a thunk is tricky: let thunk = f x let thunk y = f x y = ⇒ in . . . in . . . 4 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  11. What exactly is. . . the problem? Eta-expanding a thunk is tricky: let thunk = f x let thunk y = f x y = ⇒ in . . . in . . . Sharing can be lost! 4 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  12. What exactly is. . . the problem? Eta-expanding a thunk is tricky: let thunk = f x let thunk y = f x y = ⇒ in . . . in . . . Sharing can be lost! (unless “thunk” is used at most once in “. . . ”) 4 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  13. What exactly is. . . co-call cardinality analysis? x G 0 ( if p then x else y ) = p y x G 0 ( f x y ) = f y 5 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  14. What exactly is. . . Call Arity? Call Arity = Arity analysis with co-call cardinality analysis 6 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  15. What exactly is. . . Call Arity? Call Arity = Arity analysis with co-call cardinality analysis Now foldl can be a good consumer in list-fusion! 6 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  16. What exactly is. . . “safe”? Safety: It is safe for the compiler to apply the transformation, i.e. the performance will not degrade. 7 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  17. What exactly is. . . “safe”? Safety: It is safe for the compiler to apply the transformation, i.e. the performance will not degrade. Yes, it is synonymous to “improvement”. 7 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  18. What exactly is. . . could possibly go wrong? A bug in Call Arity ⇓ 8 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  19. What exactly is. . . could possibly go wrong? A bug in Call Arity ⇓ Too much eta-expansion ⇓ 8 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  20. What exactly is. . . could possibly go wrong? A bug in Call Arity ⇓ Too much eta-expansion ⇓ Loss of sharing ⇓ 8 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  21. What exactly is. . . could possibly go wrong? A bug in Call Arity ⇓ Too much eta-expansion ⇓ Loss of sharing ⇓ Work is duplicated ⇓ 8 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  22. What exactly is. . . could possibly go wrong? A bug in Call Arity ⇓ Too much eta-expansion ⇓ Loss of sharing ⇓ Work is duplicated ⇓ Allocation is increasing 8 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  23. What exactly is. . . could possibly go wrong? A bug in Call Arity ⇓ Too much eta-expansion ⇓ Loss of sharing ⇓ Work is duplicated Theorem: Call Arity does not ⇓ increase the number Allocation is increasing of allocations 8 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  24. What exactly is. . . could possibly go wrong? A bug in Call Arity No (such) bug ⇓ Too much eta-expansion ⇓ ⇑ Loss of sharing ⇓ Work is duplicated Theorem: Call Arity does not ⇓ increase the number Allocation is increasing of allocations 8 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  25. How did you prove that? 1st ingredient Sufficiently detailed semantics: Launchbury’s natural semantics for lazy evaluation. : e ⇓ ∆ : v Γ heap before final value current expression heap afterwards 9 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  26. How did you prove that? 1st ingredient Sufficiently detailed semantics: Sestoft’s mark-1 virtual machine ) ⇒ ( Γ ′ , e ′ , S ′ ( Γ , e , S ) current heap next stack current expression next expression next heap current stack 9 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  27. How did you prove that? 2nd ingredient Abstract view on what calls what: Trace trees! 10 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  28. How did you prove that? 2nd ingredient Abstract view on what calls what: Trace trees! x p T 0 ( if p then x else y ) = y x x y f T 0 ( f x y ) = x y y 10 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  29. How did you prove that? 2nd ingredient Abstract view on what calls what: Trace trees! x p T 0 ( if p then x else y ) = y x x y f T 0 ( f x y ) = x y y Co-call graphs approximates trace trees It even is a Galois immersion. 10 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  30. How did you prove that? 3nd ingredient A way to handle a large proof: Refinement proofs 11 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  31. How did you prove that? 3nd ingredient A way to handle a large proof: Refinement proofs Arity Arity Arity analysis analysis analysis + + + impl. approx. impl. ← − − ← − − − − ← − − Call Arity any a a co-call cardinality trace tree graph analysis analysis analysis 11 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  32. Are you sure? Isabelle H O L Syntax (using Nominal logic) ∀ Semantics (Launchbury, Sestoft, denotational) = Data types (Co-call graphs, trace trees) α λ β → ... and of course the proofs 12 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  33. But. . . The formalization gap! 13 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  34. But. . . The formalization gap! 13 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  35. But. . . The formalization gap! 13 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

  36. But. . . The formalization gap! 13 2015-09-03 Joachim Breitner - Formally Proving a Compiler Transformation Safe PROGRAMMING PARADIGMS GROUP

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Towards a formally verified obfuscating compiler Sandrine Blazy joint work with Roberto Giacobazzi

Towards a formally verified obfuscating compiler Sandrine Blazy joint work with Roberto Giacobazzi

Towards a formally verified obfuscating compiler Sandrine Blazy joint work with Roberto Giacobazzi and Alix Trieu IFIP WG 1.9/2.15, 2015-07-16 1 Background: verifying a compiler Compiler + proof that the compiler does not introduce bugs

553 views • 24 slides
A Formally Verified Compiler for Lustre Timothy Bourke 1 , 2 Llio Brun 1 , 2 Pierre-variste

A Formally Verified Compiler for Lustre Timothy Bourke 1 , 2 Llio Brun 1 , 2 Pierre-variste

A Formally Verified Compiler for Lustre Timothy Bourke 1 , 2 Llio Brun 1 , 2 Pierre-variste Dagand 4 , 3 , 1 Xavier Leroy 1 Marc Pouzet 4 , 2 , 1 Lionel Rieg 5 , 6 1. Inria Paris 2. DI, cole normale suprieure 3. CNRS 4. Univ. Pierre et

1.15k views • 96 slides
Proving Transformation Functions Abdessamad Imine, Pascal Molli, Grald Oster, Michal

Proving Transformation Functions Abdessamad Imine, Pascal Molli, Grald Oster, Michal

Proving Transformation Functions Abdessamad Imine, Pascal Molli, Grald Oster, Michal Rusinowitch Project ECOO & CASSIS LORIA INRIA Lorraine Context RT Groupware Algorithm requires properties on Transformation Functions:

711 views • 47 slides
Proving the correctness of a compiler Xavier Leroy Coll` ege de France and Inria EUTypes Summer

Proving the correctness of a compiler Xavier Leroy Coll` ege de France and Inria EUTypes Summer

Proving the correctness of a compiler Xavier Leroy Coll` ege de France and Inria EUTypes Summer School 2019 1 The compilation process In general: any translation from a computer language to another. More specifically: automatic translation

1.65k views • 133 slides
Proving Preservation of Partial Correctness with ACL2: A Mechanical Compiler Source Level

Proving Preservation of Partial Correctness with ACL2: A Mechanical Compiler Source Level

Proving Preservation of Partial Correctness with ACL2: A Mechanical Compiler Source Level Correctness Proof Wolfgang Goerigk Christian-Albrechts-Universit at zu Kiel, Germany wg@informatik.uni-kiel.de wg/

297 views • 28 slides
www.drupaleurope.org Digital Transformation + Enterprise TRACK SUPPORTED BY Successfully Proving

www.drupaleurope.org Digital Transformation + Enterprise TRACK SUPPORTED BY Successfully Proving

www.drupaleurope.org Digital Transformation + Enterprise TRACK SUPPORTED BY Successfully Proving Enterprise Drupal 8 George Steven George Steven Chief Architect (Drupal) @ Bayer curiouslygeorge Successfully Proving Enterprise Drupal 8 The

408 views • 14 slides
From Traces To Proofs: Proving Concurrent Programs Safe S. Arun-Kumar (Joint work with Chinmay

From Traces To Proofs: Proving Concurrent Programs Safe S. Arun-Kumar (Joint work with Chinmay

From Traces To Proofs: Proving Concurrent Programs Safe S. Arun-Kumar (Joint work with Chinmay Narayan, Subodh Sharma, and Shibashis Guha) Indian Institute of Technology Delhi TASE-2016 S. Arun-Kumar From Traces To Proofs: Proving Concurrent

671 views • 44 slides
Mechanized semantics for Clight Sandrine Blaxy, Xavier Leroy Pim Jager - Type Theory and Coq The

Mechanized semantics for Clight Sandrine Blaxy, Xavier Leroy Pim Jager - Type Theory and Coq The

Mechanized semantics for Clight Sandrine Blaxy, Xavier Leroy Pim Jager - Type Theory and Coq The CompCert C project Formally proving a compiler The CompCert project investigates the formal verification of realistic compilers usable

948 views • 26 slides
Thailand: Never Formally Colonized Thailand was never formally colonized by a Western

Thailand: Never Formally Colonized Thailand was never formally colonized by a Western

Neo-Colonialism in The King and I : An Analysis of Hegemony through Aural and Visual Representation By Natalie Tantisirirat Thailand: Never Formally Colonized Thailand was never formally colonized by a Western power strong pride

337 views • 21 slides
Regression Verification: Proving Partial Equivalence Talk by Dennis Felsing Seminar within the

Regression Verification: Proving Partial Equivalence Talk by Dennis Felsing Seminar within the

Regression Verification: Proving Partial Equivalence Talk by Dennis Felsing Seminar within the Projektgruppe Formale Methoden der Softwareentwicklung WS 2012/2013 1 / 24 Introduction Formal Verification Formally prove correctness of

457 views • 41 slides
11/8/2012 The Structure of a Compiler (2) The Structure of a Compiler (1) Any compiler must

11/8/2012 The Structure of a Compiler (2) The Structure of a Compiler (1) Any compiler must

11/8/2012 The Structure of a Compiler (2) The Structure of a Compiler (1) Any compiler must perform two major tasks Sourc rce Progra ram Tokens Syntactic Semantic Scanner Parser Structure re Routines (Chara racter r St Stre

690 views • 22 slides
CSE 501: Compiler Construction Course outline Main focus: program analysis and transformation

CSE 501: Compiler Construction Course outline Main focus: program analysis and transformation

CSE 501: Compiler Construction Course outline Main focus: program analysis and transformation Models of compilation how to represent programs? how to analyze programs? what to analyze? Standard transformations how to transform

503 views • 6 slides
Compiler Construction Chapter 11 1 Compiler Construction Compiler Construction A New Compiler

Compiler Construction Chapter 11 1 Compiler Construction Compiler Construction A New Compiler

Compiler Construction Chapter 11 1 Compiler Construction Compiler Construction A New Compiler Perhaps a new source language Perhaps a new target for an existing compiler Perhaps both 2 Compiler Construction Compiler Construction

661 views • 18 slides
CompCert : C compilers you can formally trust March 2020 Sylvain.Boulme@univ-grenoble-alpes.fr

CompCert : C compilers you can formally trust March 2020 Sylvain.Boulme@univ-grenoble-alpes.fr

Introduction to the CompCert Certified Compiler S. Boulm e March 2020 CompCert : C compilers you can formally trust March 2020 Sylvain.Boulme@univ-grenoble-alpes.fr 1/24 Introduction to the CompCert Certified Compiler S. Boulm e

1.01k views • 65 slides
Formally-Verified ASN.1 Protocol C-language Stack 1 Carnegie Mellon University 2 Digamma.ai Vadim

Formally-Verified ASN.1 Protocol C-language Stack 1 Carnegie Mellon University 2 Digamma.ai Vadim

Formally-Verified ASN.1 Protocol C-language Stack 1 Carnegie Mellon University 2 Digamma.ai Vadim Zaliva 1 Nika Pona 2 What is ASN.1? At Digamma.ai we are verifying a compiler for ASN.1 The ASN.1 is a language for defining data

215 views • 21 slides
On Theorem Proving for Program Checking Historical perspective and recent developments Maria

On Theorem Proving for Program Checking Historical perspective and recent developments Maria

Outline Introduction Where is theorem proving in program checking Inside theorem proving Big and little engines together: a new theorem proving style Decision procedures with speculative inferences Current and future challenges On Theorem

944 views • 69 slides
Component-Based Semantics Peter D. Mosses Swansea University (emeritus) TU Delft (visitor)

Component-Based Semantics Peter D. Mosses Swansea University (emeritus) TU Delft (visitor)

Component-Based Semantics Peter D. Mosses Swansea University (emeritus) TU Delft (visitor) IFIP WG 2.2 Meeting, Bordeaux, September 2017 Component-based semantics Aims encourage language developers to use formal semantics Means

527 views • 27 slides
Multi-level modeling with MELANEE A Contribution to the MULTI2018 Challenge Arne Lange, Colin

Multi-level modeling with MELANEE A Contribution to the MULTI2018 Challenge Arne Lange, Colin

Multi-level modeling with MELANEE A Contribution to the MULTI2018 Challenge Arne Lange, Colin Atkinson The Challenge model a bicycle shop in a multi-level fashion fulfill requirements, if necessary with the help of a constraint language

753 views • 16 slides
One for (Almost) All: Using a Modern Programmable Programming Language in Robotics or A

One for (Almost) All: Using a Modern Programmable Programming Language in Robotics or A

One for (Almost) All: Using a Modern Programmable Programming Language in Robotics or A Roboticist in Language Wonderland Berthold Buml berthold.baeuml@dlr.de Autonomous Learning Robots Lab Institute of Robotics and Mechatronics German

587 views • 29 slides
Assignment 2 - Solution 1. w 0 [x,y,z] c 0 r 1 [x] r 2 [y] w 2 [y] r 3 [z] w 3 [z] r 2 [z] w 2 [y]

Assignment 2 - Solution 1. w 0 [x,y,z] c 0 r 1 [x] r 2 [y] w 2 [y] r 3 [z] w 3 [z] r 2 [z] w 2 [y]

Assignment 2 - Solution 1. w 0 [x,y,z] c 0 r 1 [x] r 2 [y] w 2 [y] r 3 [z] w 3 [z] r 2 [z] w 2 [y] w 1 [z] w 1 [y] c 1 c 2 c 3 a. An equivalent serial history must preserve the order of conflicting operations . So, which operations conflict?

487 views • 5 slides
Intelligent Traceability Presented by: Auguste Lalande What are trace links? Software

Intelligent Traceability Presented by: Auguste Lalande What are trace links? Software

Domain-Contextualized Intelligent Traceability Presented by: Auguste Lalande What are trace links? Software development generates artifacts, such as regulatory documents , and system level requirement documents Trace links connect the

385 views • 7 slides
Padding and Stride Padding and Stride In [1]: from mxnet import nd from mxnet.gluon import nn #

Padding and Stride Padding and Stride In [1]: from mxnet import nd from mxnet.gluon import nn #

2/23/2019 padding-and-strides slides Padding and Stride Padding and Stride In [1]: from mxnet import nd from mxnet.gluon import nn # Takes convolution operation and applies it to X def comp_conv2d(conv2d, X): conv2d.initialize() # Add two extra

1.36k views • 3 slides
S T R I D E N AT U R A L , T H E WAY WA L K I N G S H O U L D B E S T R I D E Current

S T R I D E N AT U R A L , T H E WAY WA L K I N G S H O U L D B E S T R I D E Current

S T R I D E N AT U R A L , T H E WAY WA L K I N G S H O U L D B E S T R I D E Current walker turning radius is large Wheeled walkers tend to roll away Users tend to develop a bad walking posture N E E D I D E A M O C K U P M A R K E

354 views • 10 slides
6. Convolutional Neural Networks CS 535 Deep Learning, Winter 2018 Fuxin Li With materials from

6. Convolutional Neural Networks CS 535 Deep Learning, Winter 2018 Fuxin Li With materials from

6. Convolutional Neural Networks CS 535 Deep Learning, Winter 2018 Fuxin Li With materials from Zsolt Kira Quiz coming up Next Monday (2/5) 30 minutes Topics: Optimization Basic neural networks Neural Network

619 views • 41 slides

More recommend