Advertisement

Alive-FP: Automated Verification of Floating Point Based Peephole Optimizations in LLVM

  • David Menendez
  • Santosh Nagarakatte
  • Aarti Gupta
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9837)

Abstract

Peephole optimizations optimize and canonicalize code to enable other optimizations but are error-prone. Our prior research on Alive, a domain-specific language for specifying LLVM’s peephole optimizations, automatically verifies the correctness of integer-based peephole optimizations and generates C++ code for use within LLVM. This paper proposes Alive-FP, an automated verification framework for floating point based peephole optimizations in LLVM. Alive-FP handles a class of floating point optimizations and fast-math optimizations involving signed zeros, not-a-number, and infinities, which do not result in loss of accuracy. This paper provides multiple encodings for various floating point operations to account for the various kinds of undefined behavior and under-specification in the LLVM’s language reference manual. We have translated all optimizations that belong to this category into Alive-FP. In this process, we have discovered seven wrong optimizations in LLVM.

Notes

Acknowledgments

We thank Vinod Ganapathy, Thomas Wahl, and the reviewers for their feedback on this paper. This paper is based on work supported in part by NSF CAREER Award CCF–1453086, a sub-contract of NSF Award CNS–1116682, a NSF Award CNS–1441724, a Google Faculty Award, and gifts from Intel Corporation.

References

  1. 1.
    Yang, X., Chen, Y., Eide, E., Regehr, J.: Finding and understanding bugs in C compilers. In: Proceedings of the 32nd ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI, pp. 283–294. ACM (2011)Google Scholar
  2. 2.
    Le, V., Afshari, M., Su, Z.: Compiler validation via equivalence modulo inputs. In: Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI, pp. 216–226 (2014)Google Scholar
  3. 3.
    Lopes, N., Menendez, D., Nagarakatte, S., Regehr, J.: Provably correct peephole optimizations with Alive. In: Proceedings of the 36th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI, pp. 22–32. ACM (2015)Google Scholar
  4. 4.
    Brain, M., Tinelli, C., Rümmer, P., Wahl, T.: An automatable formal semantics for IEEE-754 floating-point arithmetic. In: Proceedings of the 22nd IEEE Symposium on Computer Arithmetic, ARITH, pp. 160–167. IEEE, June 2015Google Scholar
  5. 5.
    de Moura, L., Bjørner, N.S.: Z3: an efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337–340. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  6. 6.
    IEEE standard for floating-point arithmetic. IEEE 754-2008. IEEE Computer Society, August 2008Google Scholar
  7. 7.
    Goldberg, D.: What every computer scientist should know about floating-point arithmetic. ACM Comput. Surv. 23(1), 5–48 (1991)CrossRefGoogle Scholar
  8. 8.
    Menendez, D.: LLVM bug 26746 InstructionSimplify turns 0.0 to \(-0.0\). https://llvm.org/bugs/show_bug.cgi?id=26746. Accessed 16 Apr 2016
  9. 9.
    Menendez, D.: LLVM bug 26862 InstructionSimplify broadens undef when simplifying frem. https://llvm.org/bugs/show_bug.cgi?id=26862. Accessed 16 Apr 2016
  10. 10.
    Menendez, D.: LLVM bug 26863 InstructionSimplify broadens undef when simplifying fdiv. https://llvm.org/bugs/show_bug.cgi?id=26863. Accessed 16 Apr 2016
  11. 11.
    Menendez, D.: LLVM bug 27151 InstructionSimplify turns NaN to 0.0. https://llvm.org/bugs/show_bug.cgi?id=27151. Accessed 16 Apr 2016
  12. 12.
    Menendez, D.: LLVM bug 27153 InstCombine changes results by reassociating addition and sitofp. https://llvm.org/bugs/show_bug.cgi?id=27153. Accessed 16 Apr 2016
  13. 13.
    Menendez, D., Nagarakatte, S.: Alive-NJ. https://github.com/rutgers-apl/alive-nj. Accessed 16 Apr 2016
  14. 14.
    Lattner, C.: What every C programmer should know about undefined behavior, May 2011. http://blog.llvm.org/2011/05/what-every-c-programmer-should-know.html. Accessed 16 Apr 2016
  15. 15.
    Regehr, J.: A guide to undefined behavior in C and C++, July 2010. http://blog.regehr.org/archives/213. Accessed 16 Apr 2016
  16. 16.
    Wang, X., Zeldoivch, N., Kaashoek, M.F., Solar-Lezama, A.: Towards optimization-safe systems: analyzing the impact of undefined behavior. In: Proceedings of the 24th ACM Symposium on Operating Systems Principles, SOSP, pp. 260–275. ACM, November 2013Google Scholar
  17. 17.
    Panchekha, P., Sanchez-Stern, A., Wilcox, J.R., Tatlock, Z.: Automatically improving accuracy for floating point expressions. In: Proceedings of the 36th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI, pp. 1–11. ACM, June 2015Google Scholar
  18. 18.
    Solovyev, A., Jacobsen, C., Rakamarić, Z., Gopalakrishnan, G.: Rigorous estimation of floating-point round-off errors with symbolic taylor expansions. In: Bjørner, N., Boer, F. (eds.) FM 2015. LNCS, vol. 9109, pp. 532–550. Springer, Heidelberg (2015)CrossRefGoogle Scholar
  19. 19.
    Menendez, D.: FPA remainder does not match SMT-FPA semantics. https://github.com/Z3Prover/z3/issues/561. Accessed 16 Apr 2016
  20. 20.
    Menendez, D., Nagarakatte, S.: Termination-checking for LLVM peephole optimizations. In: Proceedings of the 38th International Conference of Software Engineering, ICSE, pp. 191–202, May 2016Google Scholar
  21. 21.
    Menendez, D.: Incorrect undef semantics. https://github.com/nunoplopes/alive/issues/31. Accessed 17 Apr 2016
  22. 22.
    Kahan, W.: Branch cuts for complex elementary functions, or much ado about nothing’s sign bit. In: Proceedings of the Joint IMA/SIAM Conference on the State of the Art in Numerical Analysis Held at the UN, pp. 165–211 (1987)Google Scholar
  23. 23.
    Anderson, O.: Re: [llvmdev] bug 16257 - fmul of undef ConstantExpr not folded to undef, August 2014. http://lists.llvm.org/pipermail/llvm-dev/2014-August/076225.html. Accessed 17 Apr 2016
  24. 24.
    Ivančić, F., Ganai, M.K., Sankaranarayanan, S., Gupta, A.: Numerical stability analysis of floating-point computations using software model checking. In: Proceedings of the 8th IEEE/ACM International Conference on Formal Methods and Models for Codesign, MEMOCODE, pp. 49–58. IEEE, July 2010Google Scholar
  25. 25.
    Darulova, E., Kuncak, V.: Sound compilation of reals. In: Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL, pp. 235–248. ACM, New York (2014)Google Scholar
  26. 26.
    Kinsman, A.B., Nicolici, N.: Finite precision bit-width allocation using SAT-modulo theory. In: Proceedings of the Conference on Design, Automation and Test in Europe, DATE 2009, pp. 1106–1111. European Design and Automation Association, Leuven (2009)Google Scholar
  27. 27.
    Rubio-González, C., Nguyen, C., Nguyen, H.D., Demmel, J., Kahan, W., Sen, K., Bailey, D.H., Iancu, C., Hough, D.: Precimonious: tuning assistant for floating-point precision. In: Proceedings of the International Conference on High Performance Computing, Networking, Storage and Analysis, SC 2013, pp. 27:1–27:12. ACM, New York (2013)Google Scholar
  28. 28.
    Fu, Z., Bai, Z., Su, Z.: Automated backward error analysis for numerical code. In: Proceedings of the 2015 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications, OOPSLA 2015, pp. 639–654. ACM, New York (2015)Google Scholar
  29. 29.
    Barr, E.T., Vo, T., Le, V., Su, Z.: Automatic detection of floating-point exceptions. In: Proceedings of the 40th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2013, pp. 549–560. ACM, New York (2013)Google Scholar
  30. 30.
    Goubault, E.: Static analyses of the precision of floating-point operations. In: Cousot, P. (ed.) SAS 2001. LNCS, vol. 2126, pp. 234–259. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  31. 31.
    de Dinechin, F., Lauter, C.Q., Melquiond, G.: Assisted verification of elementary functions using Gappa. In: Proceedings of the 2006 ACM Symposium on Applied Computing, SAC, pp. 1318–1322. ACM (2006)Google Scholar
  32. 32.
    Brain, M., D’Silva, V., Griggio, A., Haller, L., Kroening, D.: Interpolation-based verification of floating-point programs with abstract CDCL. In: Logozzo, F., Fähndrich, M. (eds.) SAS 2013. LNCS, vol. 7935, pp. 412–432. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  33. 33.
    Goubault, E., Putot, S., Baufreton, P., Gassino, J.: Static analysis of the accuracy in control systems: principles and experiments. In: Leue, S., Merino, P. (eds.) FMICS 2007. LNCS, vol. 4916, pp. 3–20. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  34. 34.
    Monniaux, D.: The pitfalls of verifying floating-point computations. ACM Trans. Program. Lang. Syst. (TOPLAS) 30(3), 12:1–12:41 (2008)CrossRefGoogle Scholar
  35. 35.
    Martel, M.: Semantics-based transformation of arithmetic expressions. In: Riis Nielson, H., Filé, G. (eds.) SAS 2007. LNCS, vol. 4634, pp. 298–314. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  36. 36.
    Harrison, J.: Floating point verification in HOL. In: Schubert, E.T., Windley, P.J., Alves-Foss, J. (eds.) Higher Order Logic Theorem Proving and Its Applications. LNCS, vol. 971, pp. 186–199. Springer, Heidelberg (1995)CrossRefGoogle Scholar
  37. 37.
    Leroy, X.: Formal verification of a realistic compiler. Commun. ACM 52(7), 107–115 (2009)CrossRefGoogle Scholar
  38. 38.
    Boldo, S., Jourdan, J.H., Leroy, X., Melquiond, G.: A formally-verified C compiler supporting floating-point arithmetic. In: Proceedings of the 21st IEEE Symposium on Computer Arithmetic, ARITH, pp. 107–115. IEEE, April 2013Google Scholar
  39. 39.
    Lerner, S., Millstein, T., Rice, E., Chambers, C.: Automated soundness proofs for dataflow analyses and transformations via local rules. In: Proceedings of the 32nd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL, pp. 364–377 (2005)Google Scholar
  40. 40.
    Kundu, S., Tatlock, Z., Lerner, S.: Proving optimizations correct using parameterized program equivalence. In: Proceedings of the 30th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI, pp. 327–337 (2009)Google Scholar
  41. 41.
    Buchwald, S.: Optgen: a generator for local optimizations. In: Franke, B. (ed.) CC 2015. LNCS, vol. 9031, pp. 171–189. Springer, Heidelberg (2015)CrossRefGoogle Scholar
  42. 42.
    Nötzli, A., Brown, F.: LifeJacket: verifying precise floating-point optimizations in LLVM. http://arxiv.org/pdf/1603.09290v1.pdf. Accessed 04 Apr 2016

Copyright information

© Springer-Verlag GmbH Germany 2016

Authors and Affiliations

  • David Menendez
    • 1
  • Santosh Nagarakatte
    • 1
  • Aarti Gupta
    • 2
  1. 1.Rutgers UniversityNew BrunswickUSA
  2. 2.Princeton UniversityPrincetonUSA

Personalised recommendations