A Formally Verified SSA-Based Middle-End - Static Single Assignment Meets CompCert

CompCert is a formally verified compiler that generates compact and efficient PowerPC, ARM and x86 code for a large and realistic subset of the C language. However, CompCert foregoes using Static Single Assignment (SSA), an intermediate representation that allows for writing simpler and faster optimizers, and is used by many compilers. In fact, it has remained an open problem to verify formally a SSA-based compiler middle-end. We report on a formally verified, SSA-based, middle-end for CompCert. Our middle-end performs conversion from CompCert intermediate form to SSA form, optimization of SSA programs, including Global Value Numbering, and transforming out of SSA to intermediate form. In addition to provide the first formally verified SSA-based middle-end, we address two problems raised by Leroy [13]: giving a simple and intuitive formal semantics to SSA, and leveraging the global properties of SSA to reason locally about program optimizations.

[1]  Bowen Alpern,et al.  Detecting equality of variables in programs , 1988, POPL '88.

[2]  Xavier Leroy,et al.  A simple, verified validator for software pipelining , 2010, POPL '10.

[3]  Bernhard Steffen,et al.  Basic-Block Graphs: Living Dinosaurs? , 1998, CC.

[4]  Yutaka Matsuno,et al.  A type system equivalent to static single assignment , 2006, PPDP '06.

[5]  Amir Pnueli,et al.  Translation Validation , 1998, TACAS.

[6]  George C. Necula,et al.  Translation validation for an optimizing compiler , 2000, PLDI '00.

[7]  J. Gregory Morrisett,et al.  Evaluating value-graph translation validation for LLVM , 2011, PLDI '11.

[8]  Sebastian Hack,et al.  Register allocation for programs in SSA form , 2006, CC.

[9]  Timothy J. Harvey,et al.  Practical improvements to the construction and destruction of static single assignment form , 1998 .

[10]  Mark N. Wegman,et al.  Efficiently computing static single assignment form and the control dependence graph , 1991, TOPL.

[11]  Elsa L. Gunter,et al.  A Framework for Formal Verification of Compiler Optimizations , 2010, ITP.

[12]  Sorin Lerner,et al.  Equality-Based Translation Validator for LLVM , 2011, CAV.

[13]  Xavier Leroy,et al.  Verified validation of lazy code motion , 2009, PLDI '09.

[14]  Xavier Leroy,et al.  Mechanized Verification of CPS Transformations , 2007, LPAR.

[15]  Andrew McCreight,et al.  A verifiable SSA program representation for aggressive compiler optimization , 2006, POPL '06.

[16]  Robert E. Tarjan,et al.  A fast algorithm for finding dominators in a flowgraph , 1979, TOPL.

[17]  Sabine Glesner,et al.  Optimizing Code Generation from SSA Form: A Comparison Between Two Formal Correctness Proofs in Isabelle/HOL , 2005, COCV@ETAPS.

[18]  Xavier Leroy,et al.  A Formally Verified Compiler Back-end , 2009, Journal of Automated Reasoning.

[19]  Rajeev Alur,et al.  A Temporal Logic of Nested Calls and Returns , 2004, TACAS.

[20]  Bernhard Steffen,et al.  Lazy code motion , 1992, PLDI '92.

[21]  Michael Stepp,et al.  Equality saturation: a new approach to optimization , 2009, POPL '09.

[22]  Keith D. Cooper,et al.  Value Numbering , 1997, Softw. Pract. Exp..

[23]  Andrew W. Appel,et al.  SSA is functional programming , 1998, SIGP.

[24]  Xavier Leroy,et al.  Tilting at Windmills with Coq: Formal Verification of a Compilation Algorithm for Parallel Moves , 2007, Journal of Automated Reasoning.

[25]  Milo M. K. Martin,et al.  Formalizing the LLVM intermediate representation for verified program transformations , 2012, POPL '12.

[26]  Frank Wolter,et al.  Monodic fragments of first-order temporal logics: 2000-2001 A.D , 2001, LPAR.