lifejacket verifying precise floating point optimizations
play

LifeJacket: Verifying Precise Floating-Point Optimizations in LLVM - PowerPoint PPT Presentation

Oct 28, 2022 •107 likes •463 views

LifeJacket: Verifying Precise Floating-Point Optimizations in LLVM Andres Ntzli , Fraser Brown Stanford University How about: float y = x; Nope: if x = -0.0 then y = +0.0 Motivating Example Suppose we want to optimize: float y = +0.0 -

  1. LifeJacket: Verifying Precise Floating-Point Optimizations in LLVM Andres Nötzli , Fraser Brown Stanford University

  2. How about: float y = x; Nope: if x = -0.0 then y = +0.0 Motivating Example Suppose we want to optimize: float y = +0.0 - (-x); 1

  3. Nope: if x = -0.0 then y = +0.0 Motivating Example Suppose we want to optimize: float y = +0.0 - (-x); How about: float y = x; 1

  4. Motivating Example Suppose we want to optimize: float y = +0.0 - (-x); How about: float y = x; Nope: if x = -0.0 then y = +0.0 1

  5. Well, 1 1 , and . Ouch. 0 0 What about: NaN x + NaN NaN a + (b + c) ? (a + b) + c a * (b + c) ? a * b + a * c Developers have to manually reason about edge cases. Motivating Example So, we know that: +0.0 - (-x) ̸ = x . Who cares? +0.0 == -0.0 is true . 2

  6. What about: NaN x + NaN NaN a + (b + c) (a + b) + c a * (b + c) a * b + a * c Developers have to manually reason about edge cases. Motivating Example So, we know that: +0.0 - (-x) ̸ = x . Who cares? +0.0 == -0.0 is true . Well, 1 1 0 = ∞ , − 0 = −∞ and ∞ ̸ = −∞ . Ouch. 2

  7. x + NaN NaN a + (b + c) (a + b) + c a * (b + c) a * b + a * c Developers have to manually reason about edge cases. Motivating Example So, we know that: +0.0 - (-x) ̸ = x . Who cares? +0.0 == -0.0 is true . Well, 1 1 0 = ∞ , − 0 = −∞ and ∞ ̸ = −∞ . Ouch. What about: ∞ + −∞ = NaN 2

  8. a + (b + c) (a + b) + c a * (b + c) a * b + a * c Developers have to manually reason about edge cases. Motivating Example So, we know that: +0.0 - (-x) ̸ = x . Who cares? +0.0 == -0.0 is true . Well, 1 1 0 = ∞ , − 0 = −∞ and ∞ ̸ = −∞ . Ouch. What about: ∞ + −∞ = NaN x + NaN = NaN 2

  9. a * (b + c) a * b + a * c Developers have to manually reason about edge cases. Motivating Example So, we know that: +0.0 - (-x) ̸ = x . Who cares? +0.0 == -0.0 is true . Well, 1 1 0 = ∞ , − 0 = −∞ and ∞ ̸ = −∞ . Ouch. What about: ∞ + −∞ = NaN x + NaN = NaN a + (b + c) ̸ = (a + b) + c 2

  10. Developers have to manually reason about edge cases. Motivating Example So, we know that: +0.0 - (-x) ̸ = x . Who cares? +0.0 == -0.0 is true . Well, 1 1 0 = ∞ , − 0 = −∞ and ∞ ̸ = −∞ . Ouch. What about: ∞ + −∞ = NaN x + NaN = NaN a + (b + c) ̸ = (a + b) + c a * (b + c) ̸ = a * b + a * c 2

  11. Motivating Example So, we know that: +0.0 - (-x) ̸ = x . Who cares? +0.0 == -0.0 is true . Well, 1 1 0 = ∞ , − 0 = −∞ and ∞ ̸ = −∞ . Ouch. What about: ∞ + −∞ = NaN x + NaN = NaN a + (b + c) ̸ = (a + b) + c a * (b + c) ̸ = a * b + a * c Developers have to manually reason about edge cases. 2

  12. Great, but no floating-point arithmetic. LifeJacket = Alive + Floating-Point Arithmetic Introduction Alive 1 is a system for verifying peephole optimizations in LLVM. Verification works as follows: 1. User specifies LLVM optimization. 2. Alive translates specification into SMT queries: src != tgt 3. Alive uses Z3 to solve the SMT queries. 1 Nuno P Lopes et al. “Provably correct peephole optimizations with Alive”. In: PLDI . 2015. 3

  13. Introduction Alive 1 is a system for verifying peephole optimizations in LLVM. Verification works as follows: 1. User specifies LLVM optimization. 2. Alive translates specification into SMT queries: src != tgt 3. Alive uses Z3 to solve the SMT queries. Great, but no floating-point arithmetic. LifeJacket = Alive + Floating-Point Arithmetic 1 Nuno P Lopes et al. “Provably correct peephole optimizations with Alive”. In: PLDI . 2015. 3

  14. Satisfiability Modulo Theory (SMT) solvers Input First-order logic formula extended with various functions and predicates. Example ( x < y ) ∧ ( y < x − 1 ) Output A variable assignment that makes the formula true or unsatisfiable. 4

  15. Note No need to explicitly annotate type width. LifeJacket Example (Incorrect) optimization from before +0.0 - (-x) => x In LifeJacket %a = fsub -0.0, %x ← %r = fsub +0.0, %a => %r = %x 5

  16. LifeJacket Example (Incorrect) optimization from before +0.0 - (-x) => x In LifeJacket %a = fsub -0.0, %x ← %r = fsub +0.0, %a => %r = %x Note No need to explicitly annotate type width. 5

  17. Note Precise optimizations. LifeJacket Example Input %a = fsub -0.0, %x %r = fsub +0.0, %a => %r = %x Output ERROR: Mismatch in values of f32 %r Example: %x f32 = -0.0 (0x8000000000000000) %a f32 = +0.0 (0x0000000000000000) Source value: +0.0 (0x0000000000000000) Target value: -0.0 (0x8000000000000000) 6

  18. LifeJacket Example Input %a = fsub -0.0, %x %r = fsub +0.0, %a => %r = %x Output ERROR: Mismatch in values of f32 %r Example: %x f32 = -0.0 (0x8000000000000000) %a f32 = +0.0 (0x0000000000000000) Source value: +0.0 (0x0000000000000000) Target value: -0.0 (0x8000000000000000) Note 6 Precise optimizations.

  19. Agenda 1. Floating-point types and instructions 2. Fast-math flags Not today: Floating-point predicates 7

  20. Agenda 1. Floating-point types and instructions 2. Fast-math flags Not today: Floating-point predicates 7

  21. Basic operations: direct translation to SMT-LIB operation LifeJacket: Floating-point types and instructions Type support half , single , double Binary instructions fadd , fsub , fmul , fdiv , frem Conversions fptrunc , fpext , fptoui , fptosi , uitofp , sitofp Other fabs , fcmp 8

  22. LifeJacket: Floating-point types and instructions Type support half , single , double Binary instructions fadd , fsub , fmul , fdiv , frem Conversions fptrunc , fpext , fptoui , fptosi , uitofp , sitofp Other fabs , fcmp Basic operations: direct translation to SMT-LIB operation 8

  23. Agenda 1. Floating-point types and instructions 2. Fast-math flags Not today: Floating-point predicates 9

  24. LifeJacket: Fast-Math Flags Example %a = fsub nnan ninf C0, %x LifeJacket supports three fast-math flags on instructions: • nnan : Assume arguments and result are not NaN . Result undefined over NaN s. • ninf : Assume arguments and result are not ± ∞ . Result undefined over ± ∞ . • nsz : Allow optimizations to treat the sign of a zero argument or result as insignificant. 10

  25. In LifeJacket Precondition: AnyZero(C0) %a = fsub nnan ninf C0, %x %r = fadd %x, %a => %r = 0.0 Translation of nnan / ninf : If C0 or %x or %a is NaN / then %a unconstrained Correct? No , consider %x = NaN . LifeJacket: Fast-Math Flags Example Example x + (0 - x) => 0 11

  26. Translation of nnan / ninf : If C0 or %x or %a is NaN / then %a unconstrained Correct? No , consider %x = NaN . LifeJacket: Fast-Math Flags Example Example x + (0 - x) => 0 In LifeJacket Precondition: AnyZero(C0) %a = fsub nnan ninf C0, %x %r = fadd %x, %a => %r = 0.0 11

  27. Correct? No , consider %x = NaN . LifeJacket: Fast-Math Flags Example Example x + (0 - x) => 0 In LifeJacket Precondition: AnyZero(C0) %a = fsub nnan ninf C0, %x %r = fadd %x, %a => %r = 0.0 Translation of nnan / ninf : If C0 or %x or %a is NaN / ± ∞ then %a unconstrained 11

  28. No , consider %x = NaN . LifeJacket: Fast-Math Flags Example Example x + (0 - x) => 0 In LifeJacket Precondition: AnyZero(C0) %a = fsub nnan ninf C0, %x %r = fadd %x, %a => %r = 0.0 Translation of nnan / ninf : If C0 or %x or %a is NaN / ± ∞ then %a unconstrained Correct? 11

  29. LifeJacket: Fast-Math Flags Example Example x + (0 - x) => 0 In LifeJacket Precondition: AnyZero(C0) %a = fsub nnan ninf C0, %x %r = fadd %x, %a => %r = 0.0 Translation of nnan / ninf : If C0 or %x or %a is NaN / ± ∞ then %a unconstrained Correct? No , consider %x = NaN . 11

  30. Results

  31. Insights Few timeouts, high bug rate, bugs related to floating-point properties. Results (LLVM 3.7.1) File Verified Timeouts Bugs AddSub 7 1 1 MulDivRem 3 2 1 Compares 11 0 0 Simplify 22 0 6 Total 43 3 8 12

  32. Results (LLVM 3.7.1) File Verified Timeouts Bugs AddSub 7 1 1 MulDivRem 3 2 1 Compares 11 0 0 Simplify 22 0 6 Total 43 3 8 Insights Few timeouts, high bug rate, bugs related to floating-point properties. 12

  33. But: Errors found are true errors. Limitations LifeJacket currently has some limitations: • No support for types wider than 64-bit. • Fixed rounding mode. • No support for floating-point exceptions/debug information in NaN s. 13

  34. Limitations LifeJacket currently has some limitations: • No support for types wider than 64-bit. • Fixed rounding mode. • No support for floating-point exceptions/debug information in NaN s. But: Errors found are true errors. 13

  35. Conclusion Automatic verification is possible: 43 verified optimizations. Automatic verification is necessary: 8 bugs. More automation = More optimizations, more boring compilers. Would you like to know more? https://github.com/4tXJ7f/alive � noetzli@stanford.edu � 14

Recommend

Verifying Centaurs Floating Point Adder Sol Swords sswords@cs.utexas.edu April 23, 2008 Sol

Verifying Centaurs Floating Point Adder Sol Swords sswords@cs.utexas.edu April 23, 2008 Sol

Verifying Centaurs Floating Point Adder Sol Swords sswords@cs.utexas.edu April 23, 2008 Sol Swords () Verifying Centaurs Floating Point Adder April 23, 2008 1 / 21 Problem Given: Verilog RTL for the Centaur CN processors FADD

898 views • 21 slides
FLiT Measuring and Locating Floating-Point Variability from Compiler Optimizations Ignacio

FLiT Measuring and Locating Floating-Point Variability from Compiler Optimizations Ignacio

FLiT Measuring and Locating Floating-Point Variability from Compiler Optimizations Ignacio Laguna, Harshitha Menon Lawrence Livermore National Laboratory Michael Bentley, Ian Briggs, Pavel Panchekha, Ganesh Gopalakrishnan University of Utah

1.06k views • 56 slides
Lecture 3 Floating Point Representations 1 Floating-point arithmetic We often incur

Lecture 3 Floating Point Representations 1 Floating-point arithmetic We often incur

ECE 0142 Computer Organization Lecture 3 Floating Point Representations 1 Floating-point arithmetic We often incur floating-point programming. Floating point greatly simplifies working with large (e.g., 2 70 ) and small (e.g., 2 -17 )

638 views • 30 slides
CSE 351: Week 3 Tom Bergan, TA 1 Today Questions on Lab 1 or Hw 1? Floating point

CSE 351: Week 3 Tom Bergan, TA 1 Today Questions on Lab 1 or Hw 1? Floating point

CSE 351: Week 3 Tom Bergan, TA 1 Today Questions on Lab 1 or Hw 1? Floating point Lab 2 quickstart 2 The most important facts about floating-point numbers They are approximate Smaller numbers are more precise - think

298 views • 11 slides
CONFIDENTIAL Precise approximation of Floating-Point Computations for C/C++ Software Using the

CONFIDENTIAL Precise approximation of Floating-Point Computations for C/C++ Software Using the

CONFIDENTIAL Precise approximation of Floating-Point Computations for C/C++ Software Using the Mathematical Libraries Roberto Bagnara (BUGSENG, UNIPR) Michele Chiari (UNIPR, BUGSENG, POLIMI) Roberta Gori (UNIPI), Abramo Bagnara (BUGSENG)

842 views • 37 slides
Verifying Optimizations using SMT Solvers Nuno Lopes technology Why verify optimizations? from

Verifying Optimizations using SMT Solvers Nuno Lopes technology Why verify optimizations? from

technology from seed Verifying Optimizations using SMT Solvers Nuno Lopes technology Why verify optimizations? from seed Catch bugs before they even exist Corner cases are hard to debug Time spent in additional verification step

1.34k views • 44 slides
Floating-point numbers Fractional binary numbers IEEE floating-point standard Floating-point

Floating-point numbers Fractional binary numbers IEEE floating-point standard Floating-point

Floating-point numbers Fractional binary numbers IEEE floating-point standard Floating-point operations and rounding Lessons for programmers Many more details we will skip (its a 58-page standard) See CSAPP 2.4 for more detail. 1

381 views • 15 slides
15-213 The course that gives CMU its Zip! Floating Point Sept 6, 2006 Topics Topics

15-213 The course that gives CMU its Zip! Floating Point Sept 6, 2006 Topics Topics

15-213 The course that gives CMU its Zip! Floating Point Sept 6, 2006 Topics Topics IEEE Floating Point Standard Rounding Floating Point Operations Mathematical properties class03.ppt 15-213, F06 Floating Point

1.03k views • 34 slides
Floating point Today ! IEEE Floating Point Standard ! Rounding ! Floating Point Operations !

Floating point Today ! IEEE Floating Point Standard ! Rounding ! Floating Point Operations !

Floating point Today ! IEEE Floating Point Standard ! Rounding ! Floating Point Operations ! Mathematical properties Next time ! The machine model Chris Riesbeck, Fall 2011 Monday, October 3, 2011 Checkpoint Monday, October 3, 2011 IEEE

1.07k views • 28 slides
9/20/2018 Today: Floating Point Background: Fractional binary numbers IEEE floating point

9/20/2018 Today: Floating Point Background: Fractional binary numbers IEEE floating point

9/20/2018 Today: Floating Point Background: Fractional binary numbers IEEE floating point standard: Definition Floating Point Example and properties Rounding, addition, multiplication CSci 2021: Machine Architecture and

339 views • 7 slides
2/10/2020 Today: Floating Point Background: Fractional binary numbers IEEE floating point

2/10/2020 Today: Floating Point Background: Fractional binary numbers IEEE floating point

2/10/2020 Today: Floating Point Background: Fractional binary numbers IEEE floating point standard: Definition Floating Point Example and properties Rounding, addition, multiplication CSci 2021: Machine Architecture and

411 views • 7 slides
Alive2 Verifying existing optimizations Nuno Lopes John Regehr Microsoft Research University

Alive2 Verifying existing optimizations Nuno Lopes John Regehr Microsoft Research University

Alive2 Verifying existing optimizations Nuno Lopes John Regehr Microsoft Research University of Utah Alive Found dozens of bugs in LLVM Avoided many other bugs due to use before commit Verifying peephole optimizations $ alive

863 views • 28 slides
CS 356 Unit 3 IEEE 754 Floating Point Representation 3.2 Floating Point Used to represent

CS 356 Unit 3 IEEE 754 Floating Point Representation 3.2 Floating Point Used to represent

3.1 CS 356 Unit 3 IEEE 754 Floating Point Representation 3.2 Floating Point Used to represent very small numbers (fractions) and very large numbers Avogadros Number: +6.0247 * 10 23 Plancks Constant: +6.6254 * 10 -27

789 views • 33 slides
Machine numbers: how floating point numbers are stored? Floating-point number representation

Machine numbers: how floating point numbers are stored? Floating-point number representation

Machine numbers: how floating point numbers are stored? Floating-point number representation What do we need to store when representing floating point numbers in a computer? ! = 1. &amp; 2 ! Initially, different floating-point

379 views • 18 slides
Floating point How arithmetic operations mathematics involving floating point numbers

Floating point How arithmetic operations mathematics involving floating point numbers

Numerical and Scientific Computing with Applications David F . Gleich CS 314, Purdue September 7, 2016 In this class: Floating point How arithmetic operations mathematics involving floating point numbers work. Next class IEEE

812 views • 11 slides
Unit 3 IEEE 754 Floating Point Representation 3.2 Floating Point Used to represent very

Unit 3 IEEE 754 Floating Point Representation 3.2 Floating Point Used to represent very

3.1 Unit 3 IEEE 754 Floating Point Representation 3.2 Floating Point Used to represent very small numbers (fractions) and very large numbers Avogadros Number: +6.022 10 23 Boltzmanns Constant: +1.38 10 -23 32 or

1.13k views • 38 slides
Floating Point Data CSCI 125 &amp; 161 / ENGR 144 Floating point numbers are not exact

Floating Point Data CSCI 125 &amp; 161 / ENGR 144 Floating point numbers are not exact

Floating Point Data CSCI 125 &amp; 161 / ENGR 144 Floating point numbers are not exact Value 0.1 is very close to 1/10, but not Lecture 13 precisely equal to it 0.1 10 = 0.000110011001100110011... 2 Cannot rely on accuracy of

313 views • 3 slides
Formal verification of floating-point algorithms John Harrison Intel Corporation Floating

Formal verification of floating-point algorithms John Harrison Intel Corporation Floating

Formal verification of floating-point algorithms 1 Formal verification of floating-point algorithms John Harrison Intel Corporation Floating point algorithm verification HOL Light Floating point numbers and formats HOL floating

636 views • 28 slides
Debugging Floating-Point Debugging Floating-Point Debugging Floating-Point Math in Racket Math

Debugging Floating-Point Debugging Floating-Point Debugging Floating-Point Math in Racket Math

Debugging Floating-Point Debugging Floating-Point Debugging Floating-Point Math in Racket Math in Racket Math in Racket Neil Toronto RacketCon 2013 Racket Floating-Point Support Racket Floating-Point Support Racket Floating-Point Support

914 views • 88 slides
DLX Floating Point Extend MIPS Pipeline to Floating Point Operations Functional units

DLX Floating Point Extend MIPS Pipeline to Floating Point Operations Functional units

DLX Floating Point Extend MIPS Pipeline to Floating Point Operations Functional units more complex than simple integer ALU Require several clock cycles for a FP arithmetic operation Add: 4 cycles, Multiply: 7 cycles, Divide: 25

377 views • 22 slides
Computing with Floating Point Its not Dark Magic, its Science Florent de Dinechin, Ar

Computing with Floating Point Its not Dark Magic, its Science Florent de Dinechin, Ar

Computing with Floating Point Its not Dark Magic, its Science Florent de Dinechin, Ar enaire Project, ENS-Lyon Florent.de.Dinechin@ens-lyon.fr CERN seminar, January 11, 2004.99999 1 Introduction: Floating point ? 2 Floating-point as

651 views • 63 slides
Floating Point CSE 238/2038/2138: Systems Programming Instructor: Fatma CORUT ERGN Slides

Floating Point CSE 238/2038/2138: Systems Programming Instructor: Fatma CORUT ERGN Slides

Floating Point CSE 238/2038/2138: Systems Programming Instructor: Fatma CORUT ERGN Slides adapted from Bryant &amp; OHallarons slides Today: Floating Point Background: Fractional binary numbers IEEE floating point standard:

803 views • 52 slides
7. Floating-point Numbers II p 1 , the precision (number of places), e min , the smallest

7. Floating-point Numbers II p 1 , the precision (number of places), e min , the smallest

Floating-point Number Systems A Floating-point number system is defined by the four natural numbers: 2 , the base, 7. Floating-point Numbers II p 1 , the precision (number of places), e min , the smallest possible exponent, e max , the

296 views • 14 slides
Sinking Point Dynamic precision tracking for floating-point Bill Zorn Dan Grossman Zach

Sinking Point Dynamic precision tracking for floating-point Bill Zorn Dan Grossman Zach

Sinking Point Dynamic precision tracking for floating-point Bill Zorn Dan Grossman Zach Tatlock billzorn@cs.washington.edu IEEE 754 floating-point Fast, portable, implemented in hardware Every operation is completely specified

481 views • 19 slides

More recommend