CAMUS - 2011 - Annual activity report

CAMUS

CAMUS - 2011

Team Camus

Members

Overall Objectives

Scientific Foundations

Application Domains

Application Domains

Software

New Results

Partnerships and Cooperations

Dissemination

Bibliography

Previous |

Home | Next next

Section: New Results

Dealing with arithmetic overflows in the polyhedral model

Participants : Nicolas Magaud, Julien Narboux, Éric Violard.

Our goal in collaboration with Alexandre Pilkiewicz, PhD student, and François Pottier, senior researcher at INRIA, is to prove formally the correctness of a compiler based on the polyhedral model and to integrate it in the Compcert compiler.

But as the polyhedral transformations apply to affine loop nests in a mathematical framework where each loop variable is considered to be a mathematical integer, and not a machine integer, we must therefore warrant that no arithmetic overflow occurs when the considered loop nests are executed.

We proposed a solution to produce a compiler which does not ignore the problem of overflows. Our solution consists in generating a formula which captures the presence of overflows in the program, then asking to an external tool (i.e. the iscc calculator), for a sufficient condition about the parameters which implies the absence of overflows. Finally we check this condition dynamically. If the condition holds we can use the optimized version of the program. If it does not, in order to preserve the semantics of the program we keep the original version.

Figure 3 illustrates our solution for overcoming the problem of arithmetic overflows and for ensuring the correctness of polyhedral transformations. In addition to the polyhedral optimizer, our compiler uses an oracle and a validator.

The oracle returns a boolean expression ( $b$ ) which denotes a sufficient condition to ensure that both the original program ( $o r g$ ) and the optimized program ( $o p t$ ) do not produce any overflow. Our transformation then builds a program that we call the resulting program, of the shape $If b then o p t else o r g$ . It dynamically evaluates the boolean expression $b$ and executes $o r g$ , i.e. the original program, if the condition is not fulfilled or $o p t$ , i.e. the optimized program, if the condition is true. The resulting program is then transmitted to the validator.

The validator is a function which takes the original program ( $o r g$ ), the optimized program ( $o p t$ ) and the resulting program, and returns a boolean: if it returns true, then the resulting program is equivalent to the original one and our compiler therefore produces the resulting program.

We now have to formally prove the validator using the Coq proof assistant.

Figure 3. A solution for overcoming the problem of arithmetic overflows

Previous |

Home | Next next