Lazy Code Transformations in a Formally Verified Compiler
Translation validation verifies the results of an untrusted translator—called an oracle—at the compiler’s runtime using a validator. This approach enables validating intricate optimizations without directly having to prove them correct. Parametrizing such a validator with hints provided by oracles greatly simplifies its integration within a formally verified compiler—such as CompCert. However, generating those hints requires adapting state-of-the-art optimizations. The co-design of a validation framework supporting a class of optimizations led us to improve the Lazy Code Motion (LCM) and Lazy Strength Reduction (LSR) data-flow algorithms of Knoop, Rüthing, and Steffen. We propose an efficient implementation in OCaml combining both LCM and LSR, operating over basic-blocks, and whose result is checked by a Coq-verified validator. We show how to generate invariant annotations from the data-flow equations as hints for the defensive validation, and we introduce several algorithmic refinements w.r.t. the original papers. Our solution is fully integrated within CompCert, and is, as far as we know, the first formally verified strength-reduction of loop-induction variables.
Mon 17 JulDisplayed time zone: Pacific Time (US & Canada) change
13:30 - 15:00 | |||
13:30 60mTalk | A Retrospective on Julia ICOOOLPS Benjamin Chung Northeastern University | ||
14:30 30mResearch paper | Lazy Code Transformations in a Formally Verified Compiler ICOOOLPS Pre-print |