SlideShare a Scribd company logo

SWEET - A Tool for WCET Flow Analysis - Björn Lisper

InfinIT - Innovationsnetværket for it
InfinIT - Innovationsnetværket for it

Slides fra InfInIT arrangement i interessegruppen for Embedded Systems Engineering http://www.infinit.dk/dk/arrangementer/tidligere_arrangementer/sweet---a-tool-for-wcet-flow-analysis.htm

Technology
1 of 33
Download to read offline
SWEET – A Tool for WCET Flow Analysis Björn Lisper School of Innovation, Design, and Engineering Mälardalen University bjorn.lisper@mdh.se 2014-11-24 SWEET – A Tool for WCET Flow Analysis
Outline Short introduction to (static) WCET analysis SWEET: Architecture Interfaces Abstract Execution Short demo SWEET – A Tool for WCET Flow Analysis 1
WCET WCET = Worst-Case Execution Time Definition: WCET(P) = longest time to execute program P uninterrupted on some given hardware WCET analysis: to estimate or bound the WCET SWEET – A Tool for WCET Flow Analysis 2
Why WCET Analysis? Many systems are real-time systems. These have timing constraints: Event Maximal response time Absolute deadlines, maximum response times, etc. Two classes: Hard real-time systems: timing constraints must be met Soft real-time systems: desirable that timing constraints are met SWEET – A Tool for WCET Flow Analysis 3
WCET Estimation Safe WCET estimates are needed to safely decide if timing constraints are met: BCET WCET Safe WCET estimates here Actual execution times here Safe = will never underestimate real WCET Static analysis can obtain safe WCET estimates Important for hard real-time systems SWEET – A Tool for WCET Flow Analysis 4
What is Needed for Static WCET Analysis? A detailed timing model for the processor, to estimate the execution times of instructions Whatever constraints there may be on inputs, initial hardware state, etc. Constraints on the possible execution paths through the code (loop iteration bounds, infeasible path constraints, : : :) Then (in principle) all feasible paths can be explored, and their costs (or upper bounds) decided (For maximal precision, the linked binary should be analysed) SWEET – A Tool for WCET Flow Analysis 5
Making WCET Analysis Feasible WCET is maximal execution time over all feasible paths. There can be very (exponentially) many paths. How deal with this? Answer: make some controlled approximations to obtain a linear cost model This will allow the use of standard optimization techniques to bound the WCET SWEET – A Tool for WCET Flow Analysis 6
The Implicit Path Enumeration Technique (IPET) Compute local WCETs wi for code fragments i (typically basic blocks) For each execution of a code fragment, replace its real execution time with its local WCET: Instruction 1 Instruction 2 Instruction 3 A relaxation. Some precision is sacrificed in order to get a problem that is less costly to solve SWEET – A Tool for WCET Flow Analysis 7
WCET Estimation as Integer Linear Programming For each code fragment, introduce an execution counter counting its # of executions P Then, for any path p, execution time(p) i xiwi where the xi’s are the final values of the execution counters for p P Thus, max xiwi over all paths will provide a safe WCET bound Many program flow constraints can be expressed as linear constraints on the xi’s An integer linear programming problem. Solution = WCET bound SWEET – A Tool for WCET Flow Analysis 8
Linear Flow Constraints (“Flow Facts”) Many flow constraints can indeed be expressed as linear constraints on execution counters: xi 0 for all ni (counters must be non-negative) Structural flow constraints (from CFG structure, flow preservation): P P – For each node6= start, stop, input counters = output counters – xi = 1 if ni is the start or stop node of the CFG Semantic constraints: – Loop iteration bounds (capacity bounds): xi c – Infeasible paths (mutual exclusivity): xi + xj c – Relative bounds (often in nested loops): xi = c xj SWEET – A Tool for WCET Flow Analysis 9
Typical Structure of WCET Analysis Annotations Low−level analysis Calculation Flow analysis HW timing model Program source Compiler Object code Value analysis WCET estimate SWEET – A Tool for WCET Flow Analysis 10
The analysis is typically done on CFG level: i := 0 start i n true false i n−10 stop false B1 B2 i := i+1 true 37 42 29 44 187 233 Numbers = local WCET bounds for basic blocks SWEET – A Tool for WCET Flow Analysis 11
Low-Level Analysis Purpose: find local WCETs for code fragments (basic blocks) Possible HW states Possible HW states Max. execution time of instruction sequence Must (1) bound possible hardware states, (2) use this information to bound the execution time of instruction sequences (1) is often done by abstract interpretation, (2) requires an accurate timing model for the instruction set SWEET – A Tool for WCET Flow Analysis 12
Flow Analysis Purpose: derive safe and tight Flow Facts Undecidable in general (would solve the Halting Problem) Find methods that work well enough on interesting program classes We’ll give an account for a method that is used in SWEET SWEET – A Tool for WCET Flow Analysis 13
SWEET SWEET = SWEdish Execution time Tool A program flow analysis tool, can generate many types of flow constraints (Flow Facts) Analyses the “ALF” intermediate format Can analyse different code formats by translation into ALF Can compute BCET/WCET estimates for simple ALF level timing models SWEET – A Tool for WCET Flow Analysis 14
Structure of SWEET User annotations Other interesting information Program flow constraints BCET/WCET estimate Flow analysis ALF C PowerPC ARM7 Etc... (integrated with flow SWEET Timing model for ALF Calculation analysis) SWEET – A Tool for WCET Flow Analysis 15
SWEET’s Flow Facts Upper and lower loop iteration bounds Various infeasible path constraints (single, pairwise, longer paths) Can be context-sensitive (full call strings) Given relative to execution contexts (“scopes”): main (global), function calls, loops FOREACH Flow Fact: valid for each individual execution of the scope (execution counters reset at each entry) FORALL Flow Fact: valid for all executions together of the scope (execution counters not reset) (IPET Flow Facts are relative to the “main” scope) SWEET – A Tool for WCET Flow Analysis 16
Some Examples : main : [] : bb4 = 46 ; A global loop bound: in scope main the basic block bb4 is executed at most 46 times in total : main : [] : bb17 + bb19 = 412 ; An infeasible path constraint stating that bb17 and bb19 can be taken together at most 412 times in total ((main,BB1),baz) ((baz,BB7),bar) : bar : [] : bb9 = 4 A bound on bb9, in scope bar, when bar is called from baz at BB7 which in turn is called from BB1 in main SWEET – A Tool for WCET Flow Analysis 17
Flow Fact Formats SWEET can generate Flow Facts in different formats: It’s own native Flow Fact format (the most expressive format) The AIS annotation format for aiT The RapiTime annotation format Allows SWEET to pass Flow Facts to the commercial WCET analysis tools aiT and RapiTime SWEET – A Tool for WCET Flow Analysis 18
Input Annotations Can specify the ranges for variables in different program points Typically used to constrain values of global variables, or function arguments, at entry Can declare variables as volatile – for them, nothing more can be assumed than being in the specified range Input annotations really specify the environment in which the program executes SWEET – A Tool for WCET Flow Analysis 19
Input Annotation Examples PROG_ENTRY ASSIGN a TOP_INT || b TOP_INT ; Program variables a and b can have any (int) value at program entry PROG_ENTRY ASSIGN a INT 0 30 || b INT 0 100 ; At program entry the value of a is in the range [0 : : : 30] and value of b is in the range [0 : : : 100] VOLATILE ASSIGN k INT 66 68 ; The variable k is volatile, and will always have its value in the range [66 : : : 68] SWEET – A Tool for WCET Flow Analysis 20
ALF SWEET analyses the language ALF ALF is an intermediate code format Designed to represent both high- and low-level code faithfully (C as well as machine code) Low-level constructs (load, store, arithmetic/logic operations, dynamic jumps) as well high-level constructs (function call/return etc.) Memory consists of frames – memory areas with a name and size. Similar to unlinked code Translators to ALF from C, PowerPC NEC V850 binaries (experimental) SWEET – A Tool for WCET Flow Analysis 21
An Example This C code: if(x y) z = 42; can be translated into the following ALF code: { switch { s_le 32 { load 32 { addr 32 { fref 32 x } { dec_unsigned 32 0 } } } { load 32 { addr 32 { fref 32 y } { dec_unsigned 32 0 } } } } { target { dec_unsigned 1 1 } { label 32 { lref 32 exit } { dec_unsigned 32 0 } } } } { store { addr 32 { fref 32 z } { dec_unsigned 32 0 } } with { dec_signed 32 42 } } { label 32 { lref 32 exit } { dec_unsigned 32 0 } } SWEET – A Tool for WCET Flow Analysis 22
Abstract Execution SWEET computes Flow Facts through a kind of symbolic execution – “abstract execution” (AE) AE executes the program with abstract states, representing sets of real (“concrete”) states Can be seen as a value analysis (abstract interpretation) Each abstract state transition corresponds to many possible concrete state transitions SWEET currently uses intervals to represent sets of (numerical) values SWEET – A Tool for WCET Flow Analysis 23
Abstract Execution (II) AE can be seen as a very context-sensitive value analysis (differing between loop iterations) Contrary to a conventional value analysis, it does not compute an abstract state for each program point: it’s more similar to a real execution with a concrete state Uses a scheme to successively collect constraints on execution counters during AE of loops Abstract states can be split at conditions. This can result in many states To counter this, abstract states can be merged. Merge points can be placed in the CFG. Merging can affect the precision, though SWEET – A Tool for WCET Flow Analysis 24
Merging Abstract States Merge = take least upper bound, t Merge point Merge point Common merge points: after join nodes, at loop exit edges SWEET – A Tool for WCET Flow Analysis 25
Example i = INPUT; // i = [1..4] #p = 0; while (i 10) { // point p #p = #p + 1; ... i=i+2; } // point q (a) Code example p i at p i at q 1 [1..4] impossible 2 [3..6] impossible 3 [5..8] impossible 4 [7..9] [10..10] 5 [9..9] [10..11] 6 impossible [11..11] (b) Analysis min. #p: 3 max. #p: 5 (c) Result (#p is the execution counter for program point p) SWEET – A Tool for WCET Flow Analysis 26
Discussion Note how we collected information about lower and upper bound of #p during the AE of the loop This scheme can be extended to record a number of more complex flow constraints, including infeasible nodes, infeasible pairs of nodes, and more general infeasible paths After the AE of the loop, three abstract states reside at q If a merge point is placed at the loop exit, then these states are merged into a single state SWEET – A Tool for WCET Flow Analysis 27
BCET/WCET Estimation with SWEET SWEET has a simple mechanism to estimate BCET and WCET Each basic block i can be given a constant cost ci We add a variable T that stands for time T is incremented with ci for each executed basic block i AE now computes an interval for T The final interval at end yields bounds for BCET and WCET (Crude estimates, typically neither exact nor safe. But can still be useful to get a grip on what BCET and WCET is) SWEET – A Tool for WCET Flow Analysis 28
An Example T:=T+37 i := 0 start i n true false i n−10 stop false B1 B2 i := i+1 true T:=0 37 29 T:=T+29 44 T:=T+44 T:=T+233 233 T:=T+187 187 42 T:=T+42 SWEET – A Tool for WCET Flow Analysis 29
Other Analyses SWEET can also make other analyses, like; A conventional value analysis data flow analysis (reaching definitions) program slicing So it’s also becoming a general program analysis tool SWEET – A Tool for WCET Flow Analysis 30
More SWEET Stuff Extensive online documentation at http://www.mrtc.mdh.se/projects/wcet/sweet/ Includes instructions for how to obtain the tool (it’s open source) SWEET – A Tool for WCET Flow Analysis 31
Conclusions Further Research A tool for generating Flow Facts Also: crude BCET/WCET estimation, value analysis, : : : Can interface with WCET analysis tools that do precise low-level analysis Things to improve (future work): Better handling of failure to bound loops More expressive input annotations A larger assortment of abstract domains for value analysis A lightweight relational domain for AE More X-to-ALF translators Relation to lattice automata? SWEET – A Tool for WCET Flow Analysis 32

Recommended

Improving Real-Time Performance on Multicore Platforms using MemGuard
Improving Real-Time Performance on Multicore Platforms using MemGuardImproving Real-Time Performance on Multicore Platforms using MemGuard
Improving Real-Time Performance on Multicore Platforms using MemGuardHeechul Yun
 
MemGuard: Memory Bandwidth Reservation System for Efficient Performance Isola...
MemGuard: Memory Bandwidth Reservation System for Efficient Performance Isola...MemGuard: Memory Bandwidth Reservation System for Efficient Performance Isola...
MemGuard: Memory Bandwidth Reservation System for Efficient Performance Isola...Heechul Yun
 
Hyper threading technology
Hyper threading technologyHyper threading technology
Hyper threading technologyNikhil Venugopal
 
Lecture 6
Lecture 6Lecture 6
Lecture 6Mr SMAK
 
MemVerge: The Software Stack for CXL Environments
MemVerge: The Software Stack for CXL EnvironmentsMemVerge: The Software Stack for CXL Environments
MemVerge: The Software Stack for CXL EnvironmentsMemory Fabric Forum
 
Microchip: CXL Use Cases and Enabling Ecosystem
Microchip: CXL Use Cases and Enabling EcosystemMicrochip: CXL Use Cases and Enabling Ecosystem
Microchip: CXL Use Cases and Enabling EcosystemMemory Fabric Forum
 
Cpu scheduling
Cpu schedulingCpu scheduling
Cpu schedulingmohsinalilarik1
 
Memory allocation for real time operating system
Memory allocation for real time operating systemMemory allocation for real time operating system
Memory allocation for real time operating systemAsma'a Lafi
 

Recommended

Improving Real-Time Performance on Multicore Platforms using MemGuard
Improving Real-Time Performance on Multicore Platforms using MemGuardImproving Real-Time Performance on Multicore Platforms using MemGuard
Improving Real-Time Performance on Multicore Platforms using MemGuardHeechul Yun
 
MemGuard: Memory Bandwidth Reservation System for Efficient Performance Isola...
MemGuard: Memory Bandwidth Reservation System for Efficient Performance Isola...MemGuard: Memory Bandwidth Reservation System for Efficient Performance Isola...
MemGuard: Memory Bandwidth Reservation System for Efficient Performance Isola...Heechul Yun
 
Hyper threading technology
Hyper threading technologyHyper threading technology
Hyper threading technologyNikhil Venugopal
 
Lecture 6
Lecture 6Lecture 6
Lecture 6Mr SMAK
 
MemVerge: The Software Stack for CXL Environments
MemVerge: The Software Stack for CXL EnvironmentsMemVerge: The Software Stack for CXL Environments
MemVerge: The Software Stack for CXL EnvironmentsMemory Fabric Forum
 
Microchip: CXL Use Cases and Enabling Ecosystem
Microchip: CXL Use Cases and Enabling EcosystemMicrochip: CXL Use Cases and Enabling Ecosystem
Microchip: CXL Use Cases and Enabling EcosystemMemory Fabric Forum
 
Cpu scheduling
Cpu schedulingCpu scheduling
Cpu schedulingmohsinalilarik1
 
Memory allocation for real time operating system
Memory allocation for real time operating systemMemory allocation for real time operating system
Memory allocation for real time operating systemAsma'a Lafi
 
Cache coherence problem and its solutions
Cache coherence problem and its solutionsCache coherence problem and its solutions
Cache coherence problem and its solutionsMajid Saleem
 
Arm: Enabling CXL devices within the Data Center with Arm Solutions
Arm: Enabling CXL devices within the Data Center with Arm SolutionsArm: Enabling CXL devices within the Data Center with Arm Solutions
Arm: Enabling CXL devices within the Data Center with Arm SolutionsMemory Fabric Forum
 
Enabling POWER 8 advanced features on Linux
Enabling POWER 8 advanced features on LinuxEnabling POWER 8 advanced features on Linux
Enabling POWER 8 advanced features on LinuxSebastien Chabrolles
 
Symmetric multiprocessing
Symmetric multiprocessingSymmetric multiprocessing
Symmetric multiprocessingMohammad Ali Khan
 
Notes on NUMA architecture
Notes on NUMA architectureNotes on NUMA architecture
Notes on NUMA architectureIntel Software Brasil
 
Gpu Systems
Gpu SystemsGpu Systems
Gpu Systemsjpaugh
 
Concurrency vs parallelism
Concurrency vs parallelismConcurrency vs parallelism
Concurrency vs parallelismYiwei Gong
 
Akka Split Brain Resolver
Akka Split Brain ResolverAkka Split Brain Resolver
Akka Split Brain ResolverKnoldus Inc.
 
Cache coherence
Cache coherenceCache coherence
Cache coherencePriyam Pandey
 
Memory consistency models
Memory consistency modelsMemory consistency models
Memory consistency modelspalani kumar
 
SYBSC IT SEM IV EMBEDDED SYSTEMS UNIT V Real Time Operating System (RTOS)
SYBSC IT SEM IV EMBEDDED SYSTEMS UNIT V Real Time Operating System (RTOS)SYBSC IT SEM IV EMBEDDED SYSTEMS UNIT V Real Time Operating System (RTOS)
SYBSC IT SEM IV EMBEDDED SYSTEMS UNIT V Real Time Operating System (RTOS)Arti Parab Academics
 
Multicore computers
Multicore computersMulticore computers
Multicore computersSyed Zaid Irshad
 
Introduction to parallel processing
Introduction to parallel processingIntroduction to parallel processing
Introduction to parallel processingPage Maker
 
Chapter 8 : Memory
Chapter 8 : MemoryChapter 8 : Memory
Chapter 8 : MemoryAmin Omi
 
Operating system support in distributed system
Operating system support in distributed systemOperating system support in distributed system
Operating system support in distributed systemishapadhy
 
Real-Time Scheduling
Real-Time SchedulingReal-Time Scheduling
Real-Time Schedulingsathish sak
 
OpenPOWER Summit 2020 - OpenCAPI Keynote
OpenPOWER Summit 2020 - OpenCAPI KeynoteOpenPOWER Summit 2020 - OpenCAPI Keynote
OpenPOWER Summit 2020 - OpenCAPI KeynoteAllan Cantle
 
2 parallel processing presentation ph d 1st semester
2 parallel processing presentation ph d 1st semester2 parallel processing presentation ph d 1st semester
2 parallel processing presentation ph d 1st semesterRafi Ullah
 
Multi core processor
Multi core processorMulti core processor
Multi core processorMuhammad Ishaq
 
Multiprocessing operating systems
Multiprocessing operating systemsMultiprocessing operating systems
Multiprocessing operating systemsChathurangi Shyalika
 
Short.course.introduction.to.vhdl for beginners
Short.course.introduction.to.vhdl for beginners Short.course.introduction.to.vhdl for beginners
Short.course.introduction.to.vhdl for beginners Ravi Sony
 
Reverse Engineering automation
Reverse Engineering automationReverse Engineering automation
Reverse Engineering automationPositive Hack Days
 

More Related Content

What's hot

Cache coherence problem and its solutions
Cache coherence problem and its solutionsCache coherence problem and its solutions
Cache coherence problem and its solutionsMajid Saleem
 
Arm: Enabling CXL devices within the Data Center with Arm Solutions
Arm: Enabling CXL devices within the Data Center with Arm SolutionsArm: Enabling CXL devices within the Data Center with Arm Solutions
Arm: Enabling CXL devices within the Data Center with Arm SolutionsMemory Fabric Forum
 
Enabling POWER 8 advanced features on Linux
Enabling POWER 8 advanced features on LinuxEnabling POWER 8 advanced features on Linux
Enabling POWER 8 advanced features on LinuxSebastien Chabrolles
 
Gpu Systems
Gpu SystemsGpu Systems
Gpu Systemsjpaugh
 
Concurrency vs parallelism
Concurrency vs parallelismConcurrency vs parallelism
Concurrency vs parallelismYiwei Gong
 
Akka Split Brain Resolver
Akka Split Brain ResolverAkka Split Brain Resolver
Akka Split Brain ResolverKnoldus Inc.
 
Memory consistency models
Memory consistency modelsMemory consistency models
Memory consistency modelspalani kumar
 
SYBSC IT SEM IV EMBEDDED SYSTEMS UNIT V Real Time Operating System (RTOS)
SYBSC IT SEM IV EMBEDDED SYSTEMS UNIT V Real Time Operating System (RTOS)SYBSC IT SEM IV EMBEDDED SYSTEMS UNIT V Real Time Operating System (RTOS)
SYBSC IT SEM IV EMBEDDED SYSTEMS UNIT V Real Time Operating System (RTOS)Arti Parab Academics
 
Introduction to parallel processing
Introduction to parallel processingIntroduction to parallel processing
Introduction to parallel processingPage Maker
 
Chapter 8 : Memory
Chapter 8 : MemoryChapter 8 : Memory
Chapter 8 : MemoryAmin Omi
 
Operating system support in distributed system
Operating system support in distributed systemOperating system support in distributed system
Operating system support in distributed systemishapadhy
 
Real-Time Scheduling
Real-Time SchedulingReal-Time Scheduling
Real-Time Schedulingsathish sak
 
OpenPOWER Summit 2020 - OpenCAPI Keynote
OpenPOWER Summit 2020 - OpenCAPI KeynoteOpenPOWER Summit 2020 - OpenCAPI Keynote
OpenPOWER Summit 2020 - OpenCAPI KeynoteAllan Cantle
 
2 parallel processing presentation ph d 1st semester
2 parallel processing presentation ph d 1st semester2 parallel processing presentation ph d 1st semester
2 parallel processing presentation ph d 1st semesterRafi Ullah
 

What's hot (20)

Cache coherence problem and its solutions
Cache coherence problem and its solutionsCache coherence problem and its solutions
Cache coherence problem and its solutions
 
Arm: Enabling CXL devices within the Data Center with Arm Solutions
Arm: Enabling CXL devices within the Data Center with Arm SolutionsArm: Enabling CXL devices within the Data Center with Arm Solutions
Arm: Enabling CXL devices within the Data Center with Arm Solutions
 
Enabling POWER 8 advanced features on Linux
Enabling POWER 8 advanced features on LinuxEnabling POWER 8 advanced features on Linux
Enabling POWER 8 advanced features on Linux
 
Symmetric multiprocessing
Symmetric multiprocessingSymmetric multiprocessing
Symmetric multiprocessing
 
Notes on NUMA architecture
Notes on NUMA architectureNotes on NUMA architecture
Notes on NUMA architecture
 
Gpu Systems
Gpu SystemsGpu Systems
Gpu Systems
 
Concurrency vs parallelism
Concurrency vs parallelismConcurrency vs parallelism
Concurrency vs parallelism
 
Akka Split Brain Resolver
Akka Split Brain ResolverAkka Split Brain Resolver
Akka Split Brain Resolver
 
Cache coherence
Cache coherenceCache coherence
Cache coherence
 
Memory consistency models
Memory consistency modelsMemory consistency models
Memory consistency models
 
SYBSC IT SEM IV EMBEDDED SYSTEMS UNIT V Real Time Operating System (RTOS)
SYBSC IT SEM IV EMBEDDED SYSTEMS UNIT V Real Time Operating System (RTOS)SYBSC IT SEM IV EMBEDDED SYSTEMS UNIT V Real Time Operating System (RTOS)
SYBSC IT SEM IV EMBEDDED SYSTEMS UNIT V Real Time Operating System (RTOS)
 
Multicore computers
Multicore computersMulticore computers
Multicore computers
 
Introduction to parallel processing
Introduction to parallel processingIntroduction to parallel processing
Introduction to parallel processing
 
Chapter 8 : Memory
Chapter 8 : MemoryChapter 8 : Memory
Chapter 8 : Memory
 
Operating system support in distributed system
Operating system support in distributed systemOperating system support in distributed system
Operating system support in distributed system
 
Real-Time Scheduling
Real-Time SchedulingReal-Time Scheduling
Real-Time Scheduling
 
OpenPOWER Summit 2020 - OpenCAPI Keynote
OpenPOWER Summit 2020 - OpenCAPI KeynoteOpenPOWER Summit 2020 - OpenCAPI Keynote
OpenPOWER Summit 2020 - OpenCAPI Keynote
 
2 parallel processing presentation ph d 1st semester
2 parallel processing presentation ph d 1st semester2 parallel processing presentation ph d 1st semester
2 parallel processing presentation ph d 1st semester
 
Multi core processor
Multi core processorMulti core processor
Multi core processor
 
Multiprocessing operating systems
Multiprocessing operating systemsMultiprocessing operating systems
Multiprocessing operating systems
 

Similar to SWEET - A Tool for WCET Flow Analysis - Björn Lisper

Short.course.introduction.to.vhdl for beginners
Short.course.introduction.to.vhdl for beginners Short.course.introduction.to.vhdl for beginners
Short.course.introduction.to.vhdl for beginners Ravi Sony
 
Reverse Engineering automation
Reverse Engineering automationReverse Engineering automation
Reverse Engineering automationPositive Hack Days
 
Compiler Construction | Lecture 10 | Data-Flow Analysis
Compiler Construction | Lecture 10 | Data-Flow AnalysisCompiler Construction | Lecture 10 | Data-Flow Analysis
Compiler Construction | Lecture 10 | Data-Flow AnalysisEelco Visser
 
Short.course.introduction.to.vhdl
Short.course.introduction.to.vhdlShort.course.introduction.to.vhdl
Short.course.introduction.to.vhdlRavi Sony
 
Flink Forward Berlin 2018: Thomas Weise & Aljoscha Krettek - "Python Streamin...
Flink Forward Berlin 2018: Thomas Weise & Aljoscha Krettek - "Python Streamin...Flink Forward Berlin 2018: Thomas Weise & Aljoscha Krettek - "Python Streamin...
Flink Forward Berlin 2018: Thomas Weise & Aljoscha Krettek - "Python Streamin...Flink Forward
 
Python Streaming Pipelines with Beam on Flink
Python Streaming Pipelines with Beam on FlinkPython Streaming Pipelines with Beam on Flink
Python Streaming Pipelines with Beam on FlinkAljoscha Krettek
 
Design the implementation of CDEx Robust DC Motor.
Design the implementation of CDEx Robust DC Motor.Design the implementation of CDEx Robust DC Motor.
Design the implementation of CDEx Robust DC Motor.Ankita Tiwari
 
Complex Event Processor 3.0.0 - An overview of upcoming features
Complex Event Processor 3.0.0 - An overview of upcoming features Complex Event Processor 3.0.0 - An overview of upcoming features
Complex Event Processor 3.0.0 - An overview of upcoming features WSO2
 
HKG15-300: Art's Quick Compiler: An unofficial overview
HKG15-300: Art's Quick Compiler: An unofficial overviewHKG15-300: Art's Quick Compiler: An unofficial overview
HKG15-300: Art's Quick Compiler: An unofficial overviewLinaro
 
Attach Me, Detach Me, Assemble Me like you Work
Attach Me, Detach Me, Assemble Me like you WorkAttach Me, Detach Me, Assemble Me like you Work
Attach Me, Detach Me, Assemble Me like you WorkJean Vanderdonckt
 
Verilog HDL Verification
Verilog HDL VerificationVerilog HDL Verification
Verilog HDL Verificationdennis gookyi
 
Whats New in Visual Studio 2012 for C++ Developers
Whats New in Visual Studio 2012 for C++ DevelopersWhats New in Visual Studio 2012 for C++ Developers
Whats New in Visual Studio 2012 for C++ DevelopersRainer Stropek
 
Debugging Microservices - QCON 2017
Debugging Microservices - QCON 2017Debugging Microservices - QCON 2017
Debugging Microservices - QCON 2017Idit Levine
 
Design the implementation of CDEx flexible joints
Design the implementation of CDEx flexible jointsDesign the implementation of CDEx flexible joints
Design the implementation of CDEx flexible jointsAnkita Tiwari
 

Similar to SWEET - A Tool for WCET Flow Analysis - Björn Lisper (20)

Short.course.introduction.to.vhdl for beginners
Short.course.introduction.to.vhdl for beginners Short.course.introduction.to.vhdl for beginners
Short.course.introduction.to.vhdl for beginners
 
Reverse Engineering automation
Reverse Engineering automationReverse Engineering automation
Reverse Engineering automation
 
Compiler Construction | Lecture 10 | Data-Flow Analysis
Compiler Construction | Lecture 10 | Data-Flow AnalysisCompiler Construction | Lecture 10 | Data-Flow Analysis
Compiler Construction | Lecture 10 | Data-Flow Analysis
 
Short.course.introduction.to.vhdl
Short.course.introduction.to.vhdlShort.course.introduction.to.vhdl
Short.course.introduction.to.vhdl
 
Flink Forward Berlin 2018: Thomas Weise & Aljoscha Krettek - "Python Streamin...
Flink Forward Berlin 2018: Thomas Weise & Aljoscha Krettek - "Python Streamin...Flink Forward Berlin 2018: Thomas Weise & Aljoscha Krettek - "Python Streamin...
Flink Forward Berlin 2018: Thomas Weise & Aljoscha Krettek - "Python Streamin...
 
1.My Presentation.pptx
1.My Presentation.pptx1.My Presentation.pptx
1.My Presentation.pptx
 
Python Streaming Pipelines with Beam on Flink
Python Streaming Pipelines with Beam on FlinkPython Streaming Pipelines with Beam on Flink
Python Streaming Pipelines with Beam on Flink
 
Design the implementation of CDEx Robust DC Motor.
Design the implementation of CDEx Robust DC Motor.Design the implementation of CDEx Robust DC Motor.
Design the implementation of CDEx Robust DC Motor.
 
Mini Project- ROM Based Sine Wave Generator
Mini Project- ROM Based Sine Wave GeneratorMini Project- ROM Based Sine Wave Generator
Mini Project- ROM Based Sine Wave Generator
 
Tutor1
Tutor1Tutor1
Tutor1
 
Complex Event Processor 3.0.0 - An overview of upcoming features
Complex Event Processor 3.0.0 - An overview of upcoming features Complex Event Processor 3.0.0 - An overview of upcoming features
Complex Event Processor 3.0.0 - An overview of upcoming features
 
HKG15-300: Art's Quick Compiler: An unofficial overview
HKG15-300: Art's Quick Compiler: An unofficial overviewHKG15-300: Art's Quick Compiler: An unofficial overview
HKG15-300: Art's Quick Compiler: An unofficial overview
 
Attach Me, Detach Me, Assemble Me like you Work
Attach Me, Detach Me, Assemble Me like you WorkAttach Me, Detach Me, Assemble Me like you Work
Attach Me, Detach Me, Assemble Me like you Work
 
Verilog HDL Verification
Verilog HDL VerificationVerilog HDL Verification
Verilog HDL Verification
 
ASP.NET Basics
ASP.NET Basics ASP.NET Basics
ASP.NET Basics
 
Verilog
VerilogVerilog
Verilog
 
Whats New in Visual Studio 2012 for C++ Developers
Whats New in Visual Studio 2012 for C++ DevelopersWhats New in Visual Studio 2012 for C++ Developers
Whats New in Visual Studio 2012 for C++ Developers
 
Debugging Microservices - QCON 2017
Debugging Microservices - QCON 2017Debugging Microservices - QCON 2017
Debugging Microservices - QCON 2017
 
Onnc intro
Onnc introOnnc intro
Onnc intro
 
Design the implementation of CDEx flexible joints
Design the implementation of CDEx flexible jointsDesign the implementation of CDEx flexible joints
Design the implementation of CDEx flexible joints
 

More from InfinIT - Innovationsnetværket for it

More from InfinIT - Innovationsnetværket for it (20)

Erfaringer med-c kurt-noermark
Erfaringer med-c kurt-noermarkErfaringer med-c kurt-noermark
Erfaringer med-c kurt-noermark
 
Object orientering, test driven development og c
Object orientering, test driven development og cObject orientering, test driven development og c
Object orientering, test driven development og c
 
Embedded softwaredevelopment hcs
Embedded softwaredevelopment hcsEmbedded softwaredevelopment hcs
Embedded softwaredevelopment hcs
 
C og c++-jens lund jensen
C og c++-jens lund jensenC og c++-jens lund jensen
C og c++-jens lund jensen
 
201811xx foredrag c_cpp
201811xx foredrag c_cpp201811xx foredrag c_cpp
201811xx foredrag c_cpp
 
C som-programmeringssprog-bt
C som-programmeringssprog-btC som-programmeringssprog-bt
C som-programmeringssprog-bt
 
Infinit seminar 060918
Infinit seminar 060918Infinit seminar 060918
Infinit seminar 060918
 
DCR solutions
DCR solutionsDCR solutions
DCR solutions
 
Not your grandfathers BPM
Not your grandfathers BPMNot your grandfathers BPM
Not your grandfathers BPM
 
Kmd workzone - an evolutionary approach to revolution
Kmd workzone - an evolutionary approach to revolutionKmd workzone - an evolutionary approach to revolution
Kmd workzone - an evolutionary approach to revolution
 
EcoKnow - oplæg
EcoKnow - oplægEcoKnow - oplæg
EcoKnow - oplæg
 
Martin Wickins Chatbots i fronten
Martin Wickins Chatbots i frontenMartin Wickins Chatbots i fronten
Martin Wickins Chatbots i fronten
 
Marie Fenger ai kundeservice
Marie Fenger ai kundeserviceMarie Fenger ai kundeservice
Marie Fenger ai kundeservice
 
Mads Kaysen SupWiz
Mads Kaysen SupWizMads Kaysen SupWiz
Mads Kaysen SupWiz
 
Leif Howalt NNIT Service Support Center
Leif Howalt NNIT Service Support CenterLeif Howalt NNIT Service Support Center
Leif Howalt NNIT Service Support Center
 
Jan Neerbek NLP og Chatbots
Jan Neerbek NLP og ChatbotsJan Neerbek NLP og Chatbots
Jan Neerbek NLP og Chatbots
 
Anders Soegaard NLP for Customer Support
Anders Soegaard NLP for Customer SupportAnders Soegaard NLP for Customer Support
Anders Soegaard NLP for Customer Support
 
Stephen Alstrup infinit august 2018
Stephen Alstrup infinit august 2018Stephen Alstrup infinit august 2018
Stephen Alstrup infinit august 2018
 
Innovation og værdiskabelse i it-projekter
Innovation og værdiskabelse i it-projekterInnovation og værdiskabelse i it-projekter
Innovation og værdiskabelse i it-projekter
 
Rokoko infin it presentation
Rokoko infin it presentation Rokoko infin it presentation
Rokoko infin it presentation
 

Recently uploaded

CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Hyundai Motor Group
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 

Recently uploaded (20)

CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 

SWEET - A Tool for WCET Flow Analysis - Björn Lisper

  • 1. SWEET – A Tool for WCET Flow Analysis Björn Lisper School of Innovation, Design, and Engineering Mälardalen University bjorn.lisper@mdh.se 2014-11-24 SWEET – A Tool for WCET Flow Analysis
  • 2. Outline Short introduction to (static) WCET analysis SWEET: Architecture Interfaces Abstract Execution Short demo SWEET – A Tool for WCET Flow Analysis 1
  • 3. WCET WCET = Worst-Case Execution Time Definition: WCET(P) = longest time to execute program P uninterrupted on some given hardware WCET analysis: to estimate or bound the WCET SWEET – A Tool for WCET Flow Analysis 2
  • 4. Why WCET Analysis? Many systems are real-time systems. These have timing constraints: Event Maximal response time Absolute deadlines, maximum response times, etc. Two classes: Hard real-time systems: timing constraints must be met Soft real-time systems: desirable that timing constraints are met SWEET – A Tool for WCET Flow Analysis 3
  • 5. WCET Estimation Safe WCET estimates are needed to safely decide if timing constraints are met: BCET WCET Safe WCET estimates here Actual execution times here Safe = will never underestimate real WCET Static analysis can obtain safe WCET estimates Important for hard real-time systems SWEET – A Tool for WCET Flow Analysis 4
  • 6. What is Needed for Static WCET Analysis? A detailed timing model for the processor, to estimate the execution times of instructions Whatever constraints there may be on inputs, initial hardware state, etc. Constraints on the possible execution paths through the code (loop iteration bounds, infeasible path constraints, : : :) Then (in principle) all feasible paths can be explored, and their costs (or upper bounds) decided (For maximal precision, the linked binary should be analysed) SWEET – A Tool for WCET Flow Analysis 5
  • 7. Making WCET Analysis Feasible WCET is maximal execution time over all feasible paths. There can be very (exponentially) many paths. How deal with this? Answer: make some controlled approximations to obtain a linear cost model This will allow the use of standard optimization techniques to bound the WCET SWEET – A Tool for WCET Flow Analysis 6
  • 8. The Implicit Path Enumeration Technique (IPET) Compute local WCETs wi for code fragments i (typically basic blocks) For each execution of a code fragment, replace its real execution time with its local WCET: Instruction 1 Instruction 2 Instruction 3 A relaxation. Some precision is sacrificed in order to get a problem that is less costly to solve SWEET – A Tool for WCET Flow Analysis 7
  • 9. WCET Estimation as Integer Linear Programming For each code fragment, introduce an execution counter counting its # of executions P Then, for any path p, execution time(p) i xiwi where the xi’s are the final values of the execution counters for p P Thus, max xiwi over all paths will provide a safe WCET bound Many program flow constraints can be expressed as linear constraints on the xi’s An integer linear programming problem. Solution = WCET bound SWEET – A Tool for WCET Flow Analysis 8
  • 10. Linear Flow Constraints (“Flow Facts”) Many flow constraints can indeed be expressed as linear constraints on execution counters: xi 0 for all ni (counters must be non-negative) Structural flow constraints (from CFG structure, flow preservation): P P – For each node6= start, stop, input counters = output counters – xi = 1 if ni is the start or stop node of the CFG Semantic constraints: – Loop iteration bounds (capacity bounds): xi c – Infeasible paths (mutual exclusivity): xi + xj c – Relative bounds (often in nested loops): xi = c xj SWEET – A Tool for WCET Flow Analysis 9
  • 11. Typical Structure of WCET Analysis Annotations Low−level analysis Calculation Flow analysis HW timing model Program source Compiler Object code Value analysis WCET estimate SWEET – A Tool for WCET Flow Analysis 10
  • 12. The analysis is typically done on CFG level: i := 0 start i n true false i n−10 stop false B1 B2 i := i+1 true 37 42 29 44 187 233 Numbers = local WCET bounds for basic blocks SWEET – A Tool for WCET Flow Analysis 11
  • 13. Low-Level Analysis Purpose: find local WCETs for code fragments (basic blocks) Possible HW states Possible HW states Max. execution time of instruction sequence Must (1) bound possible hardware states, (2) use this information to bound the execution time of instruction sequences (1) is often done by abstract interpretation, (2) requires an accurate timing model for the instruction set SWEET – A Tool for WCET Flow Analysis 12
  • 14. Flow Analysis Purpose: derive safe and tight Flow Facts Undecidable in general (would solve the Halting Problem) Find methods that work well enough on interesting program classes We’ll give an account for a method that is used in SWEET SWEET – A Tool for WCET Flow Analysis 13
  • 15. SWEET SWEET = SWEdish Execution time Tool A program flow analysis tool, can generate many types of flow constraints (Flow Facts) Analyses the “ALF” intermediate format Can analyse different code formats by translation into ALF Can compute BCET/WCET estimates for simple ALF level timing models SWEET – A Tool for WCET Flow Analysis 14
  • 16. Structure of SWEET User annotations Other interesting information Program flow constraints BCET/WCET estimate Flow analysis ALF C PowerPC ARM7 Etc... (integrated with flow SWEET Timing model for ALF Calculation analysis) SWEET – A Tool for WCET Flow Analysis 15
  • 17. SWEET’s Flow Facts Upper and lower loop iteration bounds Various infeasible path constraints (single, pairwise, longer paths) Can be context-sensitive (full call strings) Given relative to execution contexts (“scopes”): main (global), function calls, loops FOREACH Flow Fact: valid for each individual execution of the scope (execution counters reset at each entry) FORALL Flow Fact: valid for all executions together of the scope (execution counters not reset) (IPET Flow Facts are relative to the “main” scope) SWEET – A Tool for WCET Flow Analysis 16
  • 18. Some Examples : main : [] : bb4 = 46 ; A global loop bound: in scope main the basic block bb4 is executed at most 46 times in total : main : [] : bb17 + bb19 = 412 ; An infeasible path constraint stating that bb17 and bb19 can be taken together at most 412 times in total ((main,BB1),baz) ((baz,BB7),bar) : bar : [] : bb9 = 4 A bound on bb9, in scope bar, when bar is called from baz at BB7 which in turn is called from BB1 in main SWEET – A Tool for WCET Flow Analysis 17
  • 19. Flow Fact Formats SWEET can generate Flow Facts in different formats: It’s own native Flow Fact format (the most expressive format) The AIS annotation format for aiT The RapiTime annotation format Allows SWEET to pass Flow Facts to the commercial WCET analysis tools aiT and RapiTime SWEET – A Tool for WCET Flow Analysis 18
  • 20. Input Annotations Can specify the ranges for variables in different program points Typically used to constrain values of global variables, or function arguments, at entry Can declare variables as volatile – for them, nothing more can be assumed than being in the specified range Input annotations really specify the environment in which the program executes SWEET – A Tool for WCET Flow Analysis 19
  • 21. Input Annotation Examples PROG_ENTRY ASSIGN a TOP_INT || b TOP_INT ; Program variables a and b can have any (int) value at program entry PROG_ENTRY ASSIGN a INT 0 30 || b INT 0 100 ; At program entry the value of a is in the range [0 : : : 30] and value of b is in the range [0 : : : 100] VOLATILE ASSIGN k INT 66 68 ; The variable k is volatile, and will always have its value in the range [66 : : : 68] SWEET – A Tool for WCET Flow Analysis 20
  • 22. ALF SWEET analyses the language ALF ALF is an intermediate code format Designed to represent both high- and low-level code faithfully (C as well as machine code) Low-level constructs (load, store, arithmetic/logic operations, dynamic jumps) as well high-level constructs (function call/return etc.) Memory consists of frames – memory areas with a name and size. Similar to unlinked code Translators to ALF from C, PowerPC NEC V850 binaries (experimental) SWEET – A Tool for WCET Flow Analysis 21
  • 23. An Example This C code: if(x y) z = 42; can be translated into the following ALF code: { switch { s_le 32 { load 32 { addr 32 { fref 32 x } { dec_unsigned 32 0 } } } { load 32 { addr 32 { fref 32 y } { dec_unsigned 32 0 } } } } { target { dec_unsigned 1 1 } { label 32 { lref 32 exit } { dec_unsigned 32 0 } } } } { store { addr 32 { fref 32 z } { dec_unsigned 32 0 } } with { dec_signed 32 42 } } { label 32 { lref 32 exit } { dec_unsigned 32 0 } } SWEET – A Tool for WCET Flow Analysis 22
  • 24. Abstract Execution SWEET computes Flow Facts through a kind of symbolic execution – “abstract execution” (AE) AE executes the program with abstract states, representing sets of real (“concrete”) states Can be seen as a value analysis (abstract interpretation) Each abstract state transition corresponds to many possible concrete state transitions SWEET currently uses intervals to represent sets of (numerical) values SWEET – A Tool for WCET Flow Analysis 23
  • 25. Abstract Execution (II) AE can be seen as a very context-sensitive value analysis (differing between loop iterations) Contrary to a conventional value analysis, it does not compute an abstract state for each program point: it’s more similar to a real execution with a concrete state Uses a scheme to successively collect constraints on execution counters during AE of loops Abstract states can be split at conditions. This can result in many states To counter this, abstract states can be merged. Merge points can be placed in the CFG. Merging can affect the precision, though SWEET – A Tool for WCET Flow Analysis 24
  • 26. Merging Abstract States Merge = take least upper bound, t Merge point Merge point Common merge points: after join nodes, at loop exit edges SWEET – A Tool for WCET Flow Analysis 25
  • 27. Example i = INPUT; // i = [1..4] #p = 0; while (i 10) { // point p #p = #p + 1; ... i=i+2; } // point q (a) Code example p i at p i at q 1 [1..4] impossible 2 [3..6] impossible 3 [5..8] impossible 4 [7..9] [10..10] 5 [9..9] [10..11] 6 impossible [11..11] (b) Analysis min. #p: 3 max. #p: 5 (c) Result (#p is the execution counter for program point p) SWEET – A Tool for WCET Flow Analysis 26
  • 28. Discussion Note how we collected information about lower and upper bound of #p during the AE of the loop This scheme can be extended to record a number of more complex flow constraints, including infeasible nodes, infeasible pairs of nodes, and more general infeasible paths After the AE of the loop, three abstract states reside at q If a merge point is placed at the loop exit, then these states are merged into a single state SWEET – A Tool for WCET Flow Analysis 27
  • 29. BCET/WCET Estimation with SWEET SWEET has a simple mechanism to estimate BCET and WCET Each basic block i can be given a constant cost ci We add a variable T that stands for time T is incremented with ci for each executed basic block i AE now computes an interval for T The final interval at end yields bounds for BCET and WCET (Crude estimates, typically neither exact nor safe. But can still be useful to get a grip on what BCET and WCET is) SWEET – A Tool for WCET Flow Analysis 28
  • 30. An Example T:=T+37 i := 0 start i n true false i n−10 stop false B1 B2 i := i+1 true T:=0 37 29 T:=T+29 44 T:=T+44 T:=T+233 233 T:=T+187 187 42 T:=T+42 SWEET – A Tool for WCET Flow Analysis 29
  • 31. Other Analyses SWEET can also make other analyses, like; A conventional value analysis data flow analysis (reaching definitions) program slicing So it’s also becoming a general program analysis tool SWEET – A Tool for WCET Flow Analysis 30
  • 32. More SWEET Stuff Extensive online documentation at http://www.mrtc.mdh.se/projects/wcet/sweet/ Includes instructions for how to obtain the tool (it’s open source) SWEET – A Tool for WCET Flow Analysis 31
  • 33. Conclusions Further Research A tool for generating Flow Facts Also: crude BCET/WCET estimation, value analysis, : : : Can interface with WCET analysis tools that do precise low-level analysis Things to improve (future work): Better handling of failure to bound loops More expressive input annotations A larger assortment of abstract domains for value analysis A lightweight relational domain for AE More X-to-ALF translators Relation to lattice automata? SWEET – A Tool for WCET Flow Analysis 32