Proving the correctness of a program transformation, and specifically, of a compiler optimization, is a long-standing research problem. Trusting the compiler requires to guarantee that the properties verified on the source program hold for the compiled target-code as well. Thus, the primary objective of formal correctness verification is to preserve the semantics of the source code, maintaining untouched its logical behavior. Traditional methods for formal correctness verification are not convenient to validate large and complex programs like compilers, and intensive testing, despite its proven efficacy, cannot guarantee the absence of bugs. This thesis is part of a larger on-going research project aimed to demonstrate the feasibility to overcome the difficulties of traditional formal methods. K. Namjoshi and L. Zuck propose a new methodology for creating an automated proof to guarantee the correctness of every execution of an optimization. A witness is a run-time generated relation between the source code and the target code, before and after the transformation. The relation is able to represent all the properties that must be valid throughout the optimization, offering a mathematical formula to prove, through a SMT-Solver (typically Microsoft Z3), if the invariants hold and the semantics is preserved. This work is a further step towards the implementation of a witnessing compiler: the SimplifyCFG pass of the LLVM compiler framework is augmented with a witness generator procedure which constructs, run-time, the relations to prove the correctness of every single simplification in the control flow graph, performed by the compiler. We show that it is feasible to augment the SimplifyCFG pass with a witness generation procedure. We describe the structure of the code and the mathematical relations designed to demonstrate the correctness of a transformation on the Control Flow Graph. Benchmarks and tests will prove the correct behavior of our implementation and the effectiveness of the witnessing procedure. We provide details about the witnesses and the results of the benchmarks.
Witnessing control flow graph optimizations
CASULA, DARIO
2015/2016
Abstract
Proving the correctness of a program transformation, and specifically, of a compiler optimization, is a long-standing research problem. Trusting the compiler requires to guarantee that the properties verified on the source program hold for the compiled target-code as well. Thus, the primary objective of formal correctness verification is to preserve the semantics of the source code, maintaining untouched its logical behavior. Traditional methods for formal correctness verification are not convenient to validate large and complex programs like compilers, and intensive testing, despite its proven efficacy, cannot guarantee the absence of bugs. This thesis is part of a larger on-going research project aimed to demonstrate the feasibility to overcome the difficulties of traditional formal methods. K. Namjoshi and L. Zuck propose a new methodology for creating an automated proof to guarantee the correctness of every execution of an optimization. A witness is a run-time generated relation between the source code and the target code, before and after the transformation. The relation is able to represent all the properties that must be valid throughout the optimization, offering a mathematical formula to prove, through a SMT-Solver (typically Microsoft Z3), if the invariants hold and the semantics is preserved. This work is a further step towards the implementation of a witnessing compiler: the SimplifyCFG pass of the LLVM compiler framework is augmented with a witness generator procedure which constructs, run-time, the relations to prove the correctness of every single simplification in the control flow graph, performed by the compiler. We show that it is feasible to augment the SimplifyCFG pass with a witness generation procedure. We describe the structure of the code and the mathematical relations designed to demonstrate the correctness of a transformation on the Control Flow Graph. Benchmarks and tests will prove the correct behavior of our implementation and the effectiveness of the witnessing procedure. We provide details about the witnesses and the results of the benchmarks.| File | Dimensione | Formato | |
|---|---|---|---|
|
2015_12_Casula.pdf
Open Access dal 01/12/2016
Descrizione: Testo della tesi
Dimensione
3.41 MB
Formato
Adobe PDF
|
3.41 MB | Adobe PDF | Visualizza/Apri |
I documenti in POLITesi sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/10589/115197