Results 1 
8 of
8
A PVS based framework for validating compiler optimizations
 In SEFM ’06: Proceedings of the Fourth IEEE International Conference on Software Engineering and Formal Methods
, 2006
"... Abstract An optimization can be specified as sequential compositions of predefined transformation primitives. For each primitive, we can define soundness conditions which guarantee that the transformation is semantics preserving. An optimization of a program preserves semantics, if all applicatio ..."
Abstract

Cited by 7 (1 self)
 Add to MetaCart
Abstract An optimization can be specified as sequential compositions of predefined transformation primitives. For each primitive, we can define soundness conditions which guarantee that the transformation is semantics preserving. An optimization of a program preserves semantics, if all applications of the primitives in the optimization satisfy their respective soundness conditions on the versions of the inputprogram on which they are applied. This scheme does not directly check semantic equivalence of the input and the optimized programs and is therefore amenable to automation. Automating this scheme however requires a trustedframework for simulating transformation primitives and checking their soundness conditions. In this paper, wepresent the design of such a framework based on PVS. We have used it for specifying and validating several optimizations viz. common subexpression elimination, optimal code placement, lazy code motion, loop invariant code motion,full and partial dead code elimination, etc. 1.
Towards Verified Model Transformations
 IN PROCEEDINGS OF MODEVA WORKSHOP ASSOCIATED TO MODELS'06
, 2006
"... Modeldriven software development (MDD) is seen as a promising approach to improve software quality and reduce production costs significantly. However, one of the problems in using MDD especially in the area of safetycritical systems is the lack of verified transformations. The verification of cruc ..."
Abstract

Cited by 6 (0 self)
 Add to MetaCart
Modeldriven software development (MDD) is seen as a promising approach to improve software quality and reduce production costs significantly. However, one of the problems in using MDD especially in the area of safetycritical systems is the lack of verified transformations. The verification of crucial safety properties on the model level is only really useful, if the automatic code generation is also guaranteed to be correct, i.e., the verified properties are guaranteed to hold also for the generated code. This particularly means to check semantic equivalence, at least to a certain extent between the model specification and the generated code. This paper addresses the problem of verifying that a given transformation ensures semantic equivalence between an arbitrary model in a given model specification language and the resulting programming language code. While the presented approach ensures that the transformation algorithm is correct, existing related work is restricted on verifying only the correctness of a particular transformation result.
Structuring optimizing transformations and proving them sound
 In Proceedings of COCV’06
, 2006
"... A compiler optimization is sound if the optimized program that it produces is semantically equivalent to the input program. The proofs of semantic equivalence are usually tedious. To reduce the efforts required, we identify a set of common transformation primitives that can be composed sequentially ..."
Abstract

Cited by 6 (3 self)
 Add to MetaCart
A compiler optimization is sound if the optimized program that it produces is semantically equivalent to the input program. The proofs of semantic equivalence are usually tedious. To reduce the efforts required, we identify a set of common transformation primitives that can be composed sequentially to obtain specifications of optimizing transformations. We also identify the conditions under which the transformation primitives preserve semantics and prove their sufficiency. Consequently, proving the soundness of an optimization reduces to showing that the soundness conditions of the underlying transformation primitives are satisfied. The program analysis required for optimization is defined over the input program whereas the soundness conditions of a transformation primitive need to be shown on the version of the program on which it is applied. We express both in a temporal logic. We also develop a logic called temporal transformation logic to correlate temporal properties over a program (seen as a Kripke structure) and its transformation. An interesting possibility created by this approach is a novel scheme for validating optimizer implementations. An optimizer can be instrumented to generate a trace of its transformations in terms of the transformation primitives. Conformance of the trace with the optimizer can be checked through simulation. If soundness conditions of the underlying primitives are satisfied by the trace then it preserves semantics.
Optimizing Code Generation from SSA Form: A Comparison Between Two Formal Correctness Proofs in Isabelle/HOL
, 2005
"... Correctness of compilers is a vital precondition for the correctness of the software translated by them. In this paper, we present two approaches for the formalization of static single assignment (SSA) form together with two corresponding formal proofs in the Isabelle/HOL system, each showing the co ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
Correctness of compilers is a vital precondition for the correctness of the software translated by them. In this paper, we present two approaches for the formalization of static single assignment (SSA) form together with two corresponding formal proofs in the Isabelle/HOL system, each showing the correctness of code generation. Our comparison between the two proofs shows that it is very important to find adequate formalizations in formal proofs since they can simplify the verification task considerably. Our formal correctness proofs do not only verify the correctness of a certain class of code generation algorithms but also give us sufficient, easily checkable correctness criteria characterizing correct compilation results obtained from implementations (compilers) of these algorithms. These correctness criteria can be used in a compiler result checker.
Concept Assignment as a Debugging Technique for Code Generators
, 2005
"... Code generators are notoriously difficult to debug, yet their correctness is crucial. This paper demonstrates that concept assignment can be performed in an entirely syntaxdirected manner for code generators and other highly structured program modules. Anomalies in this concept assignment indicate ..."
Abstract

Cited by 2 (2 self)
 Add to MetaCart
Code generators are notoriously difficult to debug, yet their correctness is crucial. This paper demonstrates that concept assignment can be performed in an entirely syntaxdirected manner for code generators and other highly structured program modules. Anomalies in this concept assignment indicate the possible existence of bugs. These insights enable the formulation of a new debugging technique for code generators. This paper describes the procedure, a practical implementation, and results from the application of this debugging technique to an experimental code generator.
A Formal Correctness Proof for Code Generation from SSA Form in Isabelle/HOL
 In Proc. 3. Arbeitstagung Programmiersprachen (ATPS),. LNI
, 2004
"... Optimizations in compilers are the most errorprone phases in the compilation process. Since correct compilers are a vital precondition for software correctness, it is necessary to prove their correctness. We develop a formal semantics for static single assignment (SSA) intermediate representatio ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
Optimizations in compilers are the most errorprone phases in the compilation process. Since correct compilers are a vital precondition for software correctness, it is necessary to prove their correctness. We develop a formal semantics for static single assignment (SSA) intermediate representations and prove formally within the Isabelle /HOL theorem prover that a relatively simple form of code generation preserves the semantics of the transformed programs in SSA form. This formal correctness proof does not only verify the correctness of a certain class of code generation algorithms but also gives us a sufficient, easily checkable correctness criterion characterizing correct compilation results obtained from implementations (compilers) of these algorithms.