5 research outputs found
mlirSynth: Automatic, Retargetable Program Raising in Multi-Level IR using Program Synthesis
MLIR is an emerging compiler infrastructure for modern hardware, but existing
programs cannot take advantage of MLIR's high-performance compilation if they
are described in lower-level general purpose languages. Consequently, to avoid
programs needing to be rewritten manually, this has led to efforts to
automatically raise lower-level to higher-level dialects in MLIR. However,
current methods rely on manually-defined raising rules, which limit their
applicability and make them challenging to maintain as MLIR dialects evolve.
We present mlirSynth -- a novel approach which translates programs from
lower-level MLIR dialects to high-level ones without manually defined rules.
Instead, it uses available dialect definitions to construct a program space and
searches it effectively using type constraints and equivalences. We demonstrate
its effectiveness \revi{by raising C programs} to two distinct high-level MLIR
dialects, which enables us to use existing high-level dialect specific
compilation flows. On Polybench, we show a greater coverage than previous
approaches, resulting in geomean speedups of 2.5x (Intel) and 3.4x (AMD) over
state-of-the-art compilation flows for the C programming language. mlirSynth
also enables retargetability to domain-specific accelerators, resulting in a
geomean speedup of 21.6x on a TPU
Proof-Producing Symbolic Execution for Binary Code Verification
We propose a proof-producing symbolic execution for verification of
machine-level programs. The analysis is based on a set of core inference rules
that are designed to give control over the tradeoff between preservation of
precision and the introduction of overapproximation to make the application to
real world code useful and tractable. We integrate our symbolic execution in a
binary analysis platform that features a low-level intermediate language
enabling the application of analyses to many different processor architectures.
The overall framework is implemented in the theorem prover HOL4 to be able to
obtain highly trustworthy verification results. We demonstrate our approach to
establish sound execution time bounds for a control loop program implemented
for an ARM Cortex-M0 processor
mlirSynth: Automatic, Retargetable Program Raising in Multi-Level IR using Program Synthesis
MLIR is an emerging compiler infrastructure for modern hardware, but existing programs cannot take advantage of MLIR’s high-performance compilation if they are described in lower-level general purpose languages. Consequently, to avoid programs needing to be rewritten manually, this has led to efforts to automatically raise lower-level to higher-level dialects in MLIR. However, current methods rely on manually-defined raising rules, which limit their applicability and make them challenging to maintain as MLIR dialects evolve. We present mlirSynth – a novel approach which translates programs from lower-level MLIR dialects to high-level ones without manually defined rules. Instead, it uses available dialect definitions to construct a program space and searches it effectively using type constraints and equivalences. We demonstrate its effectiveness by raising C programs to two distinct high-level MLIR dialects, which enables us to use existing high-level dialect specific compilation flows. On Polybench, we show a greater coverage than previous approaches, resulting in geomean speedups of 2.5x (Intel) and 3.4x (AMD) over state-of-the-art compilation flows. mlirSynth also enables retargetability to domain-specific accelerators, resulting in a geomean speedup of 21.6x on a TPU
SLaDe: A Portable Small Language Model Decompiler for Optimized Assembly
Decompilation is a well-studied area with numerous high-quality tools
available. These are frequently used for security tasks and to port legacy
code. However, they regularly generate difficult-to-read programs and require a
large amount of engineering effort to support new programming languages and
ISAs. Recent interest in neural approaches has produced portable tools that
generate readable code. However, to-date such techniques are usually restricted
to synthetic programs without optimization, and no models have evaluated their
portability. Furthermore, while the code generated may be more readable, it is
usually incorrect. This paper presents SLaDe, a Small Language model Decompiler
based on a sequence-to-sequence transformer trained over real-world code. We
develop a novel tokenizer and exploit no-dropout training to produce
high-quality code. We utilize type-inference to generate programs that are more
readable and accurate than standard analytic and recent neural approaches.
Unlike standard approaches, SLaDe can infer out-of-context types and unlike
neural approaches, it generates correct code. We evaluate SLaDe on over 4,000
functions from ExeBench on two ISAs and at two optimizations levels. SLaDe is
up to 6 times more accurate than Ghidra, a state-of-the-art,
industrial-strength decompiler and up to 4 times more accurate than the large
language model ChatGPT and generates significantly more readable code than
both
Practical synthesis from real-world oracles
As software systems become increasingly heterogeneous, the ability of compilers to reason about an entire system has decreased. When components of a system are not implemented as traditional programs, but rather as specialised hardware, optimised architecture-specific libraries, or network services, the compiler is unable to cross these abstraction barriers and analyse the system as a whole.
If these components could be modelled or understood as programs, then the compiler would be able to reason about their behaviour without concern for their internal implementation details: a homogeneous view of the entire system would be afforded. However, it is not often the case that such components ever corresponded to an original program. This means that to facilitate this homogenenous analysis, programmatic models of component behaviour must be learned or constructed automatically.
Constructing these models is an inductive program synthesis problem, albeit a challenging one that is largely beyond the ability of existing implementations. In order for the problem to be made tractable, information provided by the underlying context (i.e. the real component behaviour to be matched) must be integrated.
This thesis presents three program synthesis approaches that integrate contextual information to synthesise programmatic models for real, existing components. The first, Annote, exploits informally-encoded information about a component's interface (e.g. from documentation) by weaving that information into an extended type-and-attribute system for component interfaces. The second, Presyn, learns a pair of cooperating probabilistic models from prior syntheses, that aim to predict likely program structure based on a component's interface. Finally, Haze uses observations of common side-effects of component executions to bias the search for programs. These approaches are each evaluated against comparable synthesisers from the literature, on a set of benchmark problems derived from real components.
Learning models for component behaviour is only a partial solution; the compiler must also have some mechanism to use those models for program analysis and transformation. This thesis additionally proposes a novel mechanism for context-sensitive automatic API migration based on synthesised programmatic models, and evaluates the effectiveness of doing so on real application code.
In summary, this thesis proposes a new framing for program synthesis problems that target the behaviour of real components, and demonstrates three different potential approaches to synthesis in this spirit. The success of these approaches is evaluated against implementations from the literature, and their results used to drive a novel API migration technique