Formal Verification of an SSA-Based Middle-End for CompCert

CompCert is a formally verified compiler that generates compact and efficient code for a large subset of the C language. However, CompCert foregoes using SSA, an intermediate representation employed by many compilers that enables writing simpler, faster optimizers. In fact, it has remained an open problem to verify formally an SSA-based compiler. We report on a formally verified, SSA-based middle-end for CompCert. In addition to providing a formally verified SSA-based middle-end, we address two problems raised by Leroy in [2009]: giving an intuitive formal semantics to SSA, and leveraging its global properties to reason locally about program optimizations.

[1]  Milo M. K. Martin,et al.  Formalizing the LLVM intermediate representation for verified program transformations , 2012, POPL '12.

[2]  Xavier Leroy,et al.  A Formally Verified Compiler Back-end , 2009, Journal of Automated Reasoning.

[3]  Benoît Dupont de Dinechin,et al.  Fast liveness checking for ssa-form programs , 2008, CGO '08.

[4]  Adam Chlipala,et al.  A verified compiler for an impure functional language , 2010, POPL '10.

[5]  Yutaka Matsuno,et al.  A type system equivalent to static single assignment , 2006, PPDP '06.

[6]  Bernhard Steffen,et al.  Lazy code motion , 1992, PLDI '92.

[7]  R. Nigel Horspool,et al.  Simple Generation of Static Single-Assignment Form , 2000, CC.

[8]  Michael Stepp,et al.  Equality saturation: a new approach to optimization , 2009, POPL '09.

[9]  Milo M. K. Martin,et al.  Formal verification of SSA-based optimizations for LLVM , 2013, PLDI.

[10]  Hanan Samet,et al.  Automatically proving the correctness of translations involving optimized code - research sponsored by Advanced Research Projects Agency, ARPA order no. 2494 , 1975, Stanford Artificial Intelligence Laboratory: Memo AIM.

[11]  Ken Kennedy,et al.  AS imple, Fast Dominance Algorithm , 1999 .

[12]  Andrew W. Appel Modern Compiler Implementation in ML: Basic Techniques , 1997 .

[13]  Sabine Glesner,et al.  Optimizing Code Generation from SSA Form: A Comparison Between Two Formal Correctness Proofs in Isabelle/HOL , 2005, COCV@ETAPS.

[14]  Amir Pnueli,et al.  Translation Validation , 1998, TACAS.

[15]  Andrew W. Appel,et al.  SSA is functional programming , 1998, SIGP.

[16]  Xavier Leroy,et al.  Tilting at Windmills with Coq: Formal Verification of a Compilation Algorithm for Parallel Moves , 2007, Journal of Automated Reasoning.

[17]  Hanspeter Mössenböck,et al.  Single-pass generation of static single-assignment form for structured languages , 1994, TOPL.

[18]  Timothy J. Harvey,et al.  AS imple, Fast Dominance Algorithm , 1999 .

[19]  J. Gregory Morrisett,et al.  Evaluating value-graph translation validation for LLVM , 2011, PLDI '11.

[20]  Andrew W. Appel,et al.  Modern Compiler Implementation in ML , 1997 .

[21]  Jianzhou Zhao Formalizing the SSA-based compiler for verified advanced program transformations , 2013 .

[22]  Sorin Lerner,et al.  Equality-Based Translation Validator for LLVM , 2011, CAV.

[23]  Mark N. Wegman,et al.  Efficiently computing static single assignment form and the control dependence graph , 1991, TOPL.

[24]  Raymond Lo,et al.  A new algorithm for partial redundancy elimination based on SSA form , 1997, PLDI '97.

[25]  Xavier Leroy,et al.  Mechanized Verification of CPS Transformations , 2007, LPAR.

[26]  Benoît Dupont de Dinechin,et al.  Revisiting Out-of-SSA Translation for Correctness, Code Quality and Efficiency , 2009, 2009 International Symposium on Code Generation and Optimization.

[27]  Xavier Leroy,et al.  A simple, verified validator for software pipelining , 2010, POPL '10.

[28]  Sebastian Hack,et al.  Register allocation for programs in SSA form , 2006, CC.

[29]  Roy Dz-Ching Ju,et al.  Translating Out of Static Single Assignment Form , 1999, SAS.

[30]  Gilles Barthe,et al.  Static Single Assignment meets CompCert , 2012 .

[31]  Bernhard Steffen,et al.  Basic-Block Graphs: Living Dinosaurs? , 1998, CC.

[32]  Majid Sarrafzadeh,et al.  Advances in static single assignment form and register allocation , 2006 .

[33]  Xavier Leroy,et al.  Verified validation of lazy code motion , 2009, PLDI '09.

[34]  Robert E. Tarjan,et al.  A fast algorithm for finding dominators in a flowgraph , 1979, TOPL.

[35]  Elsa L. Gunter,et al.  A Framework for Formal Verification of Compiler Optimizations , 2010, ITP.

[36]  Steve Zdancewic,et al.  Mechanized Verification of Computing Dominators for Formalizing Compilers , 2012, CPP.

[37]  Andrew McCreight,et al.  A verifiable SSA program representation for aggressive compiler optimization , 2006, POPL '06.

[38]  Keith D. Cooper,et al.  Value Numbering , 1997, Softw. Pract. Exp..

[39]  Bowen Alpern,et al.  Detecting equality of variables in programs , 1988, POPL '88.

[40]  Adam Chlipala Parametric higher-order abstract syntax for mechanized semantics , 2008, ICFP 2008.

[41]  George C. Necula,et al.  Translation validation for an optimizing compiler , 2000, PLDI '00.

[42]  Timothy J. Harvey,et al.  Practical improvements to the construction and destruction of static single assignment form , 1998 .