EN FR
EN FR


Section: New Results

Formal Proofs about Happens-before in Explicitly Parallel Polyhedral Programs

Participants : Éric Violard, Alain Ketterlin.

Automatic parallelization has traditionally focused on sequential programs, but the widespread availability of explicitly parallel programming languages (such as OpenMP, Cilk, X10, and others) has led researchers to consider also the optimization and re-parallelization of parallel source programs. Most of these languages have constructions for parallel loops and parallel sections, with the accompanying synchronization primitives. The X10 language is especially interesting in this respect, because it provides simple and powerful constructions. Essentially, parallelism is expressed with the help of the async construct, whose body is to be executed in a parallel “activity”, and the finish construct, which acts as a container for activities (and sub-activities) and waits for their completion. These constructions are complemented with “clocks”, which are essentially synchronization barriers. Clocks can be used freely, in an unstructured manner, but are best associated with finish constructs, where they provide an intuitive and flexible phasing mechanism. In this case, activities spawned with async can either inherit or hide the clock provided by the nearest enclosing finish .

We are focusing on polyhedral programs, where all control is based on loops whose bounds are affine combinations of the enclosing loop counters and constant parameters. There is a large body of work on optimizing and parallelizing such programs, but most of them focus on sequential loop nests. Introducing X10's parallel constructions defines the class of explicitly parallel polyhedral programs, which is the focus of our work. Many polyhedral analyses and optimization techniques rely on the notion of lexicographic order, which is the order of execution of the statements in the source program. For instance, a data-dependence is defined to be an ordered pair of instruction instances that use or define the same data element, such that the first executes before the second. The lexicographic order is a purely syntactic characteristic that can be extracted from the source program. When the source program is explicitly parallel, the execution order becomes partial, because two distinct instruction instances can be part of concurrent activities. In this case the ordering is called the Happens-before relation. Paul Feautrier and Tomofumi Yuki have provided the first definition of Happens-before for explicitly parallel polyhedral programs, which covers the case of X10 programs using finish and async but without any clock involved. Being purely syntactic, their definition opens the way to the optimization of parallel X10 finish -async polyhedral programs. The use of clocks, however, introduces a major difficulty. Since clocks define phases of the program, one would like to use the “phase-number” of each instruction instance as an additional dimension, and include this dimension in further analysis. Phase-numbers have analytic forms (for the class of polyhedral programs), but they belong to the class of Ehrhart's quasi-polynomials, i.e., they are outside the polyhedral (affine) model.

We have formalized the class of programs under consideration, as well as all notions pertaining to the definition of the Happens-before relation, in Coq, a proof assistant developed at Inria. The formalization includes minimal structures to represent explicitly parallel polyhedral programs, including finish and async , loops, and simple statements. The definition of the Happens-before relation is that of an inductive predicate, parametrized by the computation of phase-numbers, which is left unspecified. To make the connection between the (static) Happens-before relation and the (dynamic) position of instruction instances in program traces, we use a single axiom. To reinforce our confidence in this arbitrary component, we also provide a second set of axioms, which we prove is equivalent to the first. The proof is based on an operational semantics, providing the relation between programs and their executions traces. We then prove that when Happens-before holds between two (static) instruction instances, then any trace of the program sees the corresponding dynamic instances ordered. We also prove the converse, which makes the definition of Happens-before sound and complete.

The Coq source files are kept in an Inria-forge project. Since this is our first effort in formal proofs, it currently amounts to about ten thousands lines of Coq source code. It is not yet clear whether we will publish the proof by itself, or publish an informal version of it as part of our colleagues' work on the use of Happens-before. In any case, our short-term plan is to extend the formalization and accompanying theorems and proofs to the case of mixed-programs, where some activities ignore the clock in scope.