1 / 26

Verifying Parallel Optimizations with PTRANS

Verifying Parallel Optimizations with PTRANS. William Mansky and Elsa L. Gunter, UIUC. Problem. Practical program correctness depends on compiler Real-world compilers have bugs (see for instance Csmith )

eitan
Download Presentation

Verifying Parallel Optimizations with PTRANS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Verifying Parallel Optimizations with PTRANS William Mansky and Elsa L. Gunter, UIUC

  2. Problem • Practical program correctness depends on compiler • Real-world compilers have bugs (see for instance Csmith) • Verification is possible (e.g. CompCert) but difficult, especially of optimizations • Frontiers of compiler research (e.g., multicore opts) require correctness tools

  3. Our Solution • VeriF-OPT: a Verification Framework for Optimizations and Program Transformations • Language-independent • Designed for parallel programming models • Will support optimization design, testing, and verification • Core component: PTRANS specification language • CFG rewrites + temporal logic side conditions

  4. Control Flow Graphs Start seq store 1, m seq if … true false x := e1 x := e2 seq seq y := x seq store y, m seq Exit

  5. Threaded Control Flow Graphs t1 t2 Start Start seq seq x := load m store 1, m seq seq if x < 0 if … true false true false x := x + 1 x := x – 1 x := e1 x := e2 seq seq seq seq z := x y := x seq seq store z, m store y, m seq seq Exit Exit

  6. Redundant Store Elimination Start seq store 1, m seq if … true false x := e1 x := e2 seq seq y := x seq store y, m seq Exit

  7. Redundant Store Elimination Start Start seq seq skip store 1, m seq seq if … if … true false true false x := e1 x := e2 x := e1 x := e2 seq seq seq seq y := x y := x seq seq store y, m store y, m seq seq Exit Exit

  8. Building RSE in PTRANS <transformation> if <condition>

  9. CFG Rewrites – Actions • Actions are the basic units of rewriting • add_edge(n,m,e) – add an edge from n to m labeled e • remove_edge(n,m,e) – remove an edge from n to m labeled e • replacenwithp1,...,pk – replace the instr at n with instrsp1,...,pk • split_edge(n,m,e,q) – insert q in the middle of the edge from n to m

  10. Building RSE in PTRANS replace n with skip if <pattern/condition>

  11. Temporal Logic Side Conditions • CTL quantifies over paths through branching systems • stmtt(s), nodet(n) – atomic predicates • Also external analyses (e.g. alias analysis) • E φ1U φ2, A φ1U φ2,φ1B φ2, φ1B φ2– φ1until φ2 along path(s) forward or backward through CFG • Can define EF,EG,AF,AG,etc.

  12. Building RSE in PTRANS replace n with skip if EFnodet(n) stmtt(store e1, e2)

  13. Building RSE in PTRANS replace n with skip if EFnodet(n) stmtt(store e1, e2) ?

  14. Memory Models • In shared-memory concurrency: what values can be read? • Allow, e.g., reads to be delayed past unrelated writes • Reflects behavior of multicore architecture • Affect correctness conditions!

  15. A Few Memory Models • Sequential Consistency: exists a single external total order on memory operations • Can be modeled by single shared store • Total Store Order: reads can be moved past unrelated writes • Can be modeled by write buffers • Partial Store Order: writes can be moved past unrelated writes • Can be modeled by per-location write buffers

  16. Building RSE in PTRANS replace n with skip if EFnodet(n) stmtt(store e1, e2)

  17. Verification • Defined formal semantics of PTRANS in Isabelle • Verified RSE for LLVM-like IR under all three memory models • Locales allow us to parameterize by (and later plug in) memory models in program semantics – modular proof • Correctness via simulation => no new behaviors

  18. In Conclusion • PTRANS helps state and verify optimizations on parallel programs • Optimizations verified in Isabelle under multiple memory models • Can reuse proof components common across memory models • Future work: • Dynamic thread creation (e.g., fork/join) • Executable semantics for design/testing

  19. Thank You! • Questions?

  20. TSO in Action Start: m1 0 and m20 Result: x = 0 and y = 0 store 1, m1 x := load m2 store 1, m2 y := load m1 • Read delayed past write

  21. PSO in Action Start: m1 0 and m20 Result: x = 0 and y = 1 store 1, m1 store 1, m2 y := load m2 x := load m1 • Write delayed past write

  22. PTRANS in Action replace n with skip if … A … Ustmtt(store e’, e2) Start seq store 1, m seq if … true false x := e1 x := e2 seq seq y := x seq store y, m seq Exit

  23. PTRANS in Action replace n with skip if … A … Ustmtt(store e’, e2) Start seq store 1, m seq if … true false x := e1 x := e2 seq seq y := x seq store y, m seq Exit

  24. PTRANS in Action replace n with skip if … A … Ustmtt(store e’, e2) Start seq store 1, m seq if … true false x := e1 x := e2 seq seq y := x seq store y, m seq Exit

  25. PTRANS in Action replace n with skip if … A … Ustmtt(store e’, e2) Start seq store 1, m seq if … true false x := e1 x := e2 seq seq y := x seq store y, m seq Exit

  26. PTRANS in Action Start Start seq seq skip store 1, m seq seq if … if … true false true false x := e1 x := e2 x := e1 x := e2 seq seq seq seq y := x y := x seq seq store y, m store y, m seq seq Exit Exit

More Related