CompCert project, the state-of-the-art compiler that achieves the first end-to-end formally verified C compiler, does not support fully verified instruction scheduling. Instead, existing research that works on such topics only implements translation validation. This means they do not have direct formal proof that the scheduling algorithm is correct, but only a posterior validation to check each compiling case. Using such a method, CompCert accepts a valid C program and compiles correctly only when the untrusted scheduler generates a correct result. However, it does not guarantee the complete correctness of the scheduler. It also causes compile-time validation overhead in the view of runtime performance.
In this work, we present the first achievement in developing a mechanized library for fully verified instruction scheduling while keeping the proof workload acceptably lightweight. The idea to reduce the proof length is to exploit a simple property that the topological reordering of a topological sorted list is equal to a sequence of swapping adjacent unordered elements. Together with the transitivity of semantic simulation relation, the only burden will become proving the semantic preservation of a transition that only swaps two adjacent independent instructions inside one block. After successfully proving this result, proving the correctness of any new instruction scheduling algorithm only requires proof that it preserved the syntax-level dependence among instructions, instead of reasoning about semantics details every time. We implemented a mechanized library of such methods in the Coq proof assistant based on CompCert’s library as a framework and used the list scheduling algorithm as a case study to show the correctness can be formally proved using our theory.
We show that with our method that abstracts away the semantics details, it is flexible to implement any scheduler that reorders instructions with little extra proof burden. Our scheduler in the case study also abstracts away the outside scheduling heuristic as a universal parameter so it is flexible to modify without touching any correctness proof.
Thu 24 OctDisplayed time zone: Pacific Time (US & Canada) change
10:40 - 12:20 | Compilers and Optimisation 1OOPSLA 2024 at San Gabriel Chair(s): Emery D. Berger University of Massachusetts Amherst | ||
10:40 20mTalk | Compilation of Shape Operators on Sparse Arrays OOPSLA 2024 Alexander J Root Stanford University, Bobby Yan Stanford University, Peiming Liu Google Inc, Christophe Gyurgyik Stanford University, Aart Bik Google, Inc., Fredrik Kjolstad Stanford University DOI Pre-print | ||
11:00 20mTalk | Compiler Support for Sparse Tensor Convolutions OOPSLA 2024 Peiming Liu Google Inc, Alexander J Root Stanford University, Anlun Xu Google, Yinying Li Google, Fredrik Kjolstad Stanford University, Aart Bik Google, Inc. DOI | ||
11:20 20mTalk | Compiling Recurrences over Dense and Sparse Arrays OOPSLA 2024 Shiv Sundram Stanford University, Muhammad Usman Tariq Stanford University, Fredrik Kjolstad Stanford University DOI | ||
11:40 20mTalk | Fully Verified Instruction Scheduling OOPSLA 2024 Ziteng Yang Georgia Institute of Technology, Jun Shirako Georgia Institute of Technology, Vivek Sarkar Georgia Institute of Technology DOI Pre-print | ||
12:00 20mTalk | Homeostasis: Design and Implementation of a Self-Stabilizing Compiler (TOPLAS) OOPSLA 2024 Link to publication | ||