Tracing Compilation by Abstract Interpretation S. Dissegna, F. - - PowerPoint PPT Presentation
Just-In-Time compilation Study setup Abstract interpretation Correctness proof Tracing Compilation by Abstract Interpretation S. Dissegna, F. Logozzo, F. Ranzato Thophile Bastian March 7, 2018 Slides: https://tiny.tobast.fr/m2-absint-slides
Just-In-Time compilation Study setup Abstract interpretation Correctness proof
Théophile Bastian March 7, 2018 Slides: https://tiny.tobast.fr/m2-absint-slides Article: https://tiny.tobast.fr/m2-absint-article
Théophile Bastian Tracing Compilation by Abstract Interpretation 0 / 13
Just-In-Time compilation Study setup Abstract interpretation Correctness proof
1
Just-In-Time compilation
2
Study setup
3
Abstract interpretation
4
Correctness proof
Théophile Bastian Tracing Compilation by Abstract Interpretation 0 / 13
Just-In-Time compilation Study setup Abstract interpretation Correctness proof
Dynamic languages: hard to compile (rely on runtime) Yet ubiquitous: javascript, python, . . . Idea: compile at runtime the most used program parts Used in browsers (JS), PyPy (Python), most JVMs (Java), . . . Source code Byte code Byte/machine code B y t e c
e c
p i l e r J I T c
p i l e r Offline Runtime
Théophile Bastian Tracing Compilation by Abstract Interpretation 1 / 13
Just-In-Time compilation Study setup Abstract interpretation Correctness proof
(In most cases) strong interaction interpreter ↔ JIT compiler Article claim: mostly done using hot paths within loops (in a single function); most speedup is type specialization.
Hot path: path used ≥ N times at runtime in a given (abstract) store state
Théophile Bastian Tracing Compilation by Abstract Interpretation 2 / 13
Just-In-Time compilation Study setup Abstract interpretation Correctness proof
(In most cases) strong interaction interpreter ↔ JIT compiler Article claim: mostly done using hot paths within loops (in a single function); most speedup is type specialization.
Hot path: path used ≥ N times at runtime in a given (abstract) store state
(Inlining, translation to machine code, global optimizations, lock elimination, non-volatile-write elimination/propagation, . . . )
Théophile Bastian Tracing Compilation by Abstract Interpretation 2 / 13
Just-In-Time compilation Study setup Abstract interpretation Correctness proof
Formalism to interpret JIT with AbsInt (source transformation)
Hot path extraction Type specialization
Formalism to extract observables from code compare observables with/without JIT prove correctness Can be extended with virtually any feature
Théophile Bastian Tracing Compilation by Abstract Interpretation 3 / 13
Just-In-Time compilation Study setup Abstract interpretation Correctness proof
L: program labels K: literal values V: variables (P := C list): programs C ::= L : A → L′ C A ::= (x := E) | B | skip A E, E ′ ::= v | x | E + E ′ Expr B, B′ ::= ⊤ | ⊥ | E ≤ E ′ BExpr | ¬B | B ∧ B′ Conditional: l0 : b0 → lt l0 : ¬b0 → lf Turing-complete Supposed to model some bytecode
Théophile Bastian Tracing Compilation by Abstract Interpretation 4 / 13
Just-In-Time compilation Study setup Abstract interpretation Correctness proof
Types & values K := Z ∪ {a, . . . , z}∗ Types: Int, String, Undef, ∅, Ω Undef: error type ∅ Int String Undef Ω Semantics Type-dependant +:
+String: concatenation +Int: usual + +Str,Int: yields Undef
Store := V → K ρ State := C × Store C, ρ Trace := State∗
Théophile Bastian Tracing Compilation by Abstract Interpretation 5 / 13
Just-In-Time compilation Study setup Abstract interpretation Correctness proof
Assertion: a hot path is necessarily a (whole) loop body Introduce a function hotN selecting N-hot paths from a trace αN
hot : P(Trace) → P(Trace#) is an abstraction, a
corresponding γ can be derived Note: a Trace# includes (abstract) stores, allowing
Théophile Bastian Tracing Compilation by Abstract Interpretation 6 / 13
Just-In-Time compilation Study setup Abstract interpretation Correctness proof
For a ∈ Store#, introduce guard Ea ∈ BExpr, true iff. ρ ∈ γ(a) Optimized path: duplicate hot path, guard each operation, fallback to original path Formally define an operator extrhp(P) extracting the hot path hp from the program P Once the hot path is extracted, it can be optimized wrt. known store restrictions.
Théophile Bastian Tracing Compilation by Abstract Interpretation 7 / 13
Just-In-Time compilation Study setup Abstract interpretation Correctness proof
B0 A1 An
B0 A1 An G Ea0 B0 G Ea1 A1 G Ean An
Théophile Bastian Tracing Compilation by Abstract Interpretation 8 / 13
Just-In-Time compilation Study setup Abstract interpretation Correctness proof
Seen again as abstract interpretation: define α, γ. First, consider abstract type stores Storet := V → Type
Clearly a valid abstract domain for Store
Then, an operator Et (E)ρ : Expr → Storet → Type typing an expression (possibly to Undef or Ω) Finally, define type specialization TShp as the substitution in hp of + by its typed alternative, if possible
(ie. Et (E + E ′)ρ ∈ {Int, String})
Théophile Bastian Tracing Compilation by Abstract Interpretation 9 / 13
Just-In-Time compilation Study setup Abstract interpretation Correctness proof
Idea: define (cf. Cousot) correctness of transformation as
That is, if α derives the abstraction, T extracts the program traces and Tr transforms it, we want α(T(P)) = α(T(Tr(P))) Heavy but safe: α = αsc, store changes sc(s1s2σ) := St(s1) · sc(s2σ), St(s1) = St(s2) sc(s2σ), St(s1) = St(s2) Lighter: same, but only at loop entry/exit points
Théophile Bastian Tracing Compilation by Abstract Interpretation 10 / 13
Just-In-Time compilation Study setup Abstract interpretation Correctness proof
Theorem Trace extraction is correct wrt. αsc, that is, ∀P, ∀hp, αsc(T(P)) = αsc(T(extrhp(P))) Proved by mapping σ ∈ Trace to its correct trace through trhp(σ) in extrhp(P) =: Php Then show that
i
trhp(T(P)) ⊆ T(Php)
ii
αsc(T(Php)) ⊆ αsc(T(P))
iii
αsc ◦ trhp = αsc
Théophile Bastian Tracing Compilation by Abstract Interpretation 11 / 13
Just-In-Time compilation Study setup Abstract interpretation Correctness proof
Theorem Type specialization is correct (at traces level) Define tt(σ) erasing type specialization (eg. +Int → +). Then, tt(T(TShp(stitchP(hp)))) = T(stitchP(hp)) Theorem Stitching type specialization to a hot path is correct wrt. αsc. (directly follows)
Théophile Bastian Tracing Compilation by Abstract Interpretation 12 / 13
Just-In-Time compilation Study setup Abstract interpretation Correctness proof
Pros Opens the way for AbsInt formalism in JIT Provides an (implemented?) framework for JIT study Cons Overly restrictive in JIT features, pretends
Unusably small toy language Absurdly hard to read toy language Proof wrt. some α which does not handle effects Please, stop claiming every line or two that your paper is better than Guo and Palsberg’s
Théophile Bastian Tracing Compilation by Abstract Interpretation 13 / 13