control flow analysis for wcet analysis
play

Control Flow Analysis for WCET Analysis Bjrn Lisper School of - PowerPoint PPT Presentation

Aug 05, 2023 •198 likes •514 views

Control Flow Analysis for WCET Analysis Bjrn Lisper School of Innovation, Design, and Engineering Mlardalen University bjorn.lisper@mdh.se 2017-07-18 Dagstuhl Seminar on Resource Bound Analysis Standard Scheme for WCET Analysis WCET

  1. Control Flow Analysis for WCET Analysis Björn Lisper School of Innovation, Design, and Engineering Mälardalen University bjorn.lisper@mdh.se 2017-07-18 Dagstuhl Seminar on Resource Bound Analysis

  2. Standard Scheme for WCET Analysis WCET analysis is typically broken down into the following steps: • Constrain possible program flows (“high-level”, or “flow” analysis) • Estimate hardware impact to bound WCET for program fragments (“low-level” analysis) • Use information to produce a safe WCET estimate (calculation) This talk is about how to constrain the program flow Sequential programs only – for parallel programs the analysis is harder to decompose Dagstuhl Seminar on Resource Bound Analysis 1

  3. Structure of WCET Analysis Annotations Program source Flow analysis Compiler WCET Calculation Value analysis estimate Low−level Object code HW timing model analysis Dagstuhl Seminar on Resource Bound Analysis 2

  4. Control Flow Analysis for WCET Calculation Purpose: find constraints on the number of times different program parts can execute: • Loop iteration bounds (needed to bound WCET) • Infeasible path constraints (can improve precision) • . . . Independent of the timing model – standard methods and frameworks for program analysis can be adapted Still hard – a perfect solution would solve Turing’s Halting Problem Methods must be approximate. Constraints may have to be added manually. The goal is to minimise the need for this Dagstuhl Seminar on Resource Bound Analysis 3

  5. Example Dagstuhl Seminar on Resource Bound Analysis 4

  6. Example: Loop Bound Loop iteration bound depends on value of i when foo is called Say that 1 ≤ i ≤ 10 . Then the bound is 100 Not entirely trivial to find out for a human Can be found automatically, given this information on i Dagstuhl Seminar on Resource Bound Analysis 5

  7. Example: Infeasible Path Conditions B and E cannot both be true at the same time Thus, C and F cannot both be executed The path A - B - C - E - F - G is infeasible This info can sometimes be used to obtain a tighter WCET estimate (We have found up to 30% improvement on real industrial code) Dagstuhl Seminar on Resource Bound Analysis 6

  8. The Implicit Path Enumeration Technique (IPET) Program flow constraints usually formulated in the IPET model Based on a Control-Flow Graph (CFG) program representation: n0 i := 0 start i < n stop i := i+1 false n1 true n5 true false i < n−10 n2 B1 B2 n3 n4 Various refinements exist (like Jan’s Abstract Execution Graphs) Dagstuhl Seminar on Resource Bound Analysis 7

  9. For each node n i (basic block) in the CFG, let t i be an upper local WCET bound for n i Define an execution counter x i for each n i : • Initialised to 0 • Incremented by 1 each time n i is executed • “Virtual variables”, not present in the code • Their final values characterise the execution path for a complete run max � x i t i over all paths provides a safe WCET bound Dagstuhl Seminar on Resource Bound Analysis 8

  10. WCET Bounds Estimation in the IPET Model WCET estimation (calculation) becomes a maximization problem: � max x i t i i subject to flow constraints Ax ≤ b An Integer Linear Programming (ILP) problem The aim of flow analysis is to find the system of inequalities Ax ≤ b Dagstuhl Seminar on Resource Bound Analysis 9

  11. Program Flow Constraints as Linear Inequalities Many flow constraints can indeed be expressed as linear constraints on execution counters: • x i ≥ 0 for all n i (counters must be non-negative) • Structural flow constraints (from CFG structure): – For each node � = start, stop, � input counters = � output counters – x i = 1 if n i is the start or stop node of the CFG • Semantic constraints : – Loop iteration bounds (capacity bounds): x i ≤ c – Infeasible paths (mutual exclusivity): x i + x j ≤ c – Relative bounds (often in nested loops): x i = c · x j Dagstuhl Seminar on Resource Bound Analysis 10

  12. A Comparison with Control Flow Analysis for Functional Programs There is Control Flow Analysis (CFA) for higher-order functional programs This is something different CFA estimates, for each function call, which functions may be applied. Example [Nielson et. al. 2005]: let f = fn x => x 1; g = fn y => y+2; h = fn z => z+3 in (f g) + (f h) For x 1 , f g , f h : which functions may be applied? Dagstuhl Seminar on Resource Bound Analysis 11

  13. CFA for WCET vs. CFA for Functional Programs CFA for WCET analysis is done on low level formats (binaries, C) In this context, CFA for functional programs corresponds to analysis of function pointers Certainly needed to do CFA for WCET for programs with such pointers! For functional programs, CFA for WCET corresponds to an analysis bounding the # of function calls Bounding the # of loop iterations ∼ bounding recursion depth Useful for resource analysis of functional programs? Dagstuhl Seminar on Resource Bound Analysis 12

  14. Classes of Control Flow Analysis Methods for WCET Syntactically oriented methods : Typically for loop iteration bounds. Matches loop structure to common patterns, identifying start, stop, step for( var = start; var < stop; var = var + step ) { ... } On source level (common syntactic programming patterns), but also binary level (typical loop patterns generated by some specific compiler) Pros : simple to implement, fast Cons : sensitive to syntax. Will fail in many cases. May be unsound Dagstuhl Seminar on Resource Bound Analysis 13

  15. Classes of Control Flow Analysis Methods (II) Semantically oriented methods : Loop iteration bounds as well as other flow constraints Analysis based on the semantics of the program rather than syntax Methods often based on abstract interpretation (also model checking, symbolic execution). Typically some kind of fixed-point iteration is used Pros : Less sensitive to syntax. Can be made more precise. More general classes of flow constraints. Possible to play around with tradeoff between precision and analysis speed Cons : can be resource-consuming. Tools may be complex and expensive to implement Dagstuhl Seminar on Resource Bound Analysis 14

  16. Approach 1: Identify Loop Counter Parameters Idea: find start value, step, value at exit for loop counters Once known, an upper bound on the # of iterations can be calculated Several approaches have been proposed, based on techniques like: • data flow analysis • solving Presburger formulas • abstract interpretation Pros : methods can be made simple and fast. Many loops have easily identifiable loop counters, and can be handled well Cons : restricted to loops with loop counters Dagstuhl Seminar on Resource Bound Analysis 15

  17. Identifying Loop Counter Parameters: Example A method based on abstract interpretation (value analysis). Originates from U. Saarland (Cullmann 2006) Steps (for a given loop): 1. Identify loop counter 2. Bound the initial value of the loop counter 3. Find bounds for the loop counter increment (or decrement) 4. Analyze loop exits w.r.t. usage of the loop counter, deriving upper (or lower) bounds for the counter 5. Calculate upper bounds on # of iterations Bounds on values are found by a value analysis (typically interval analysis), based on abstract interpretation Dagstuhl Seminar on Resource Bound Analysis 16

  18. Example /* i in interval [1..4] at entry */ s = 0; n = 100; while i < n do s = s + a[i]; if complex_condition then i = i + 2 else i = i + 3; Potential loop counters: i , s (updated in loop). However only i can affect the exit condition, thus identified as loop counter Initial bound for i : [1..4] (obtained by value analysis) Bound on increment of i : [2..3] (obtained by value analysis) Upper bound on i : [99..99] (value analysis of exit condition) Loop iteration bound: (99 − 1) / 2 = 49 Dagstuhl Seminar on Resource Bound Analysis 17

  19. Approach 2: Abstract Execution Originates from MDH (Gustafsson 2000), (Gustafsson et. al. 2006) Finds constraints on execution counters through a kind of symbolic execution of the program – “abstract execution” (AE) AE executes the program with abstract states , representing sets of real (“concrete”) states It can be seen as a a kind of value analysis (abstract interpretation) Each abstract state transition corresponds to many possible concrete state transitions In principle any abstract domain can be used for the abstract states The interval domain is commonly used, due to speed and simplicity Dagstuhl Seminar on Resource Bound Analysis 18

  20. Abstract Execution (II) AE can be seen as a very context-sensitive value analysis (differing between all loop iterations) Contrary to a conventional value analysis, it does not compute an abstract state for each program point: it’s more similar to a real execution with a concrete state Uses a kind of instrumentation to successively collect constraints on execution counters during AE of loops Abstract states can be split at conditions. This can result in many states To counter this, abstract states can be merged . This can be used to control the number of abstract states. Merge points can be placed in the CFG. Merging can affect the precision, though Dagstuhl Seminar on Resource Bound Analysis 19

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

1 What Is Control-Flow Analysis? Loop Concepts Control-flow analysis discovers the flow of

1 What Is Control-Flow Analysis? Loop Concepts Control-flow analysis discovers the flow of

Control-Flow Analysis and Loop Detection Context Last time Data-flow Speeding up data-flow analysis Flow of data values from defs to uses Could alternatively be represented as a data dependence Today Control-flow analysis

516 views • 5 slides
Flow Analysis Data-flow analysis, Control-flow analysis, Abstract interpretation, AAM Helpful

Flow Analysis Data-flow analysis, Control-flow analysis, Abstract interpretation, AAM Helpful

Flow Analysis Data-flow analysis, Control-flow analysis, Abstract interpretation, AAM Helpful Reading: Sections 1.1-1.5, 2.1 Data-flow analysis (DFA) A framework for statically proving facts about program data. Focuses on simple, finite

1.04k views • 54 slides
Worst-Case Execution-Time Analysis WCET Analysis slides: P. Puschner, R. Kirner, B. Huber

Worst-Case Execution-Time Analysis WCET Analysis slides: P. Puschner, R. Kirner, B. Huber

Worst-Case Execution-Time Analysis WCET Analysis slides: P. Puschner, R. Kirner, B. Huber Time in RTS Construction Design Architecture, resource planning, schedules Implementation Timing Analysis Schedulability analysis, WCET analysis 2

508 views • 35 slides
Program Analysis Chris Hankin(clh) Efficiency Type and Effect Control Flow Analysis Systems

Program Analysis Chris Hankin(clh) Efficiency Type and Effect Control Flow Analysis Systems

Program Analysis Chris Hankin(clh) Efficiency Type and Effect Control Flow Analysis Systems Data Flow Abstract Analysis Interpretation Correctness Program Analysis p.1/23 Overview Introduction Data Flow Analysis Control Flow

279 views • 23 slides
Control-Flow Analysis and Loop Detection Last time PRE Today Control-flow

Control-Flow Analysis and Loop Detection Last time PRE Today Control-flow

Control-Flow Analysis and Loop Detection Last time PRE Today Control-flow analysis Loops Identifying loops using dominators Reducibility Using loop identification to identify induction

270 views • 15 slides
1 Liveness by Example (cont) Control Flow Graphs (CFGs) Live range of a Definition a is live

1 Liveness by Example (cont) Control Flow Graphs (CFGs) Live range of a Definition a is live

Introduction to Data-flow analysis Data-flow Analysis Last Time Idea Undergraduate compilers review Data-flow analysis derives information about the dynamic behavior of a program by only examining the static code Assem.Instr data

903 views • 4 slides
Data-flow Analysis for Worst-Case Execution Time Stefan Bygde School of Innovation, Design and

Data-flow Analysis for Worst-Case Execution Time Stefan Bygde School of Innovation, Design and

Introduction Value Analysis APARTS Parametric WCET Analysis Data-flow Analysis for Worst-Case Execution Time Stefan Bygde School of Innovation, Design and Engineering, M alardalen University, Sweden April 14, 2011 Stefan Bygde Flow

874 views • 55 slides
Control-flow analysis ? ? ? ? ? Discovering information about how control (e.g. the program

Control-flow analysis ? ? ? ? ? Discovering information about how control (e.g. the program

Control-flow analysis ? ? ? ? ? Discovering information about how control (e.g. the program counter) may move through a program. Intra-procedural analysis An intra-procedural analysis collects information about the code inside a single

1.3k views • 53 slides
Challenges of analysis or Why WCET analysis does not work now and will not work in the future

Challenges of analysis or Why WCET analysis does not work now and will not work in the future

Timing Analysis Seminar / Aalto ESG Challenges of analysis or Why WCET analysis does not work now and will not work in the future Niklas Holsti Tidorum Ltd www.tidorum.fi Tid rum Timing Analysis / Aalto ESG / T-106.5840, 12.5.2011 slide 1

420 views • 31 slides
Dataflow analysis Theory and Applications cs6463 1 Control-flow graph Graphical

Dataflow analysis Theory and Applications cs6463 1 Control-flow graph Graphical

Dataflow analysis Theory and Applications cs6463 1 Control-flow graph Graphical representation of runtime control-flow paths Nodes of graph: basic blocks (straight-line computations) Edges of graph: flows of control Useful for

679 views • 39 slides
Motivation Intra-procedural analysis depends upon accurate control-flow information. In the

Motivation Intra-procedural analysis depends upon accurate control-flow information. In the

Motivation Intra-procedural analysis depends upon accurate control-flow information. In the presence of certain language features (e.g. indirect calls) it is nontrivial to predict accurately how control may flow at execution time the nave

594 views • 42 slides
Diagnostic Information for Control-Flow Analysis of Workflow Graphs (aka Free-Choice Workflow Nets)

Diagnostic Information for Control-Flow Analysis of Workflow Graphs (aka Free-Choice Workflow Nets)

Diagnostic Information for Control-Flow Analysis of Workflow Graphs (aka Free-Choice Workflow Nets) Cdric Favre(1,2), Hagen Vlzer(1), Peter Mller(2) (1) IBM Research - Zurich (2) ETH Zurich 1 Outline Problem - Control-flow analysis

624 views • 44 slides
Fundamentals of (Static ic and Dynamic ic) ) Software Verif ific icatio ion Control-flow

Fundamentals of (Static ic and Dynamic ic) ) Software Verif ific icatio ion Control-flow

Fundamentals of (Static ic and Dynamic ic) ) Software Verif ific icatio ion Control-flow Analysis Data-flow Analysis Static VS Dynamic Analysis Software Testing Control Con ol Flow ow Gr Graph entry S1 Procedure AVG S1 count =

1.08k views • 104 slides
Using a WCET Analysis Tool in Real-Time Systems Education Samuel Petersson*, Andreas Ermedahl*,

Using a WCET Analysis Tool in Real-Time Systems Education Samuel Petersson*, Andreas Ermedahl*,

Using a WCET Analysis Tool in Real-Time Systems Education Samuel Petersson*, Andreas Ermedahl*, Anders Pettersson*, Daniel Sundmark*, and Niklas Holsti # *Mlardalen Real-Time Research Center (MRTC) # Tidorum Ltd Status of WCET analysis

253 views • 12 slides
Data-flow analysis Introduction to data-flow analysis Michel Schinz based on material by

Data-flow analysis Introduction to data-flow analysis Michel Schinz based on material by

Data-flow analysis Introduction to data-flow analysis Michel Schinz based on material by Erik Stenman and Michael Schwartzbach Data-flow analysis Example: liveness Data-flow analysis is a global analysis framework that can be used to

635 views • 11 slides
HW/SW Codesign Analysis of Control &amp; Data Flow I ECE 522 Control and Data Edges C programs

HW/SW Codesign Analysis of Control &amp; Data Flow I ECE 522 Control and Data Edges C programs

HW/SW Codesign Analysis of Control &amp; Data Flow I ECE 522 Control and Data Edges C programs (and pseudo-code) are often used as prototypes because they represent high-level descriptions of system behavior However, C is sequential and cannot

572 views • 15 slides
Class 10 Review; questions Questions about project Arbitrary interprocedural control

Class 10 Review; questions Questions about project Arbitrary interprocedural control

Class 10 Review; questions Questions about project Arbitrary interprocedural control flow (contd) Pointers Assign (see Schedule for links) Readings on symbolic execution Problem Set 5: due 9/22/09 Project

612 views • 25 slides
Todays topics Teaching Discrete Mathematics Active Learning in Discrete Mathematics

Todays topics Teaching Discrete Mathematics Active Learning in Discrete Mathematics

Todays topics Teaching Discrete Mathematics Active Learning in Discrete Mathematics Discrete Mathematics Educational Technology Research at UW Big Ideas: Complexity Theory Richard Anderson University of Washington

806 views • 21 slides
The Foundat ions: Logic and The Foundat ions: Logic and The Foundat ions: Logic and Proof , Set

The Foundat ions: Logic and The Foundat ions: Logic and The Foundat ions: Logic and Proof , Set

The Foundat ions: Logic and The Foundat ions: Logic and The Foundat ions: Logic and Proof , Set s, and Funct ions Proof , Set s, and Funct ions Proof , Set s, and Funct ions 1 Out line Logic Proposit ional Equivalences Predicat es

508 views • 24 slides
How to Give a Bad Talk How to Give a Bad Talk Professor David A. Patterson Computer Science 152

How to Give a Bad Talk How to Give a Bad Talk Professor David A. Patterson Computer Science 152

Lecture 20: How to Give a Bad Talk How to Give a Bad Talk Professor David A. Patterson Computer Science 152 Fall 1997 Cs252.1 CS 152: Remaining Schedule Whats Left: Thursday 12/4: Oral Presentations, Noon to 7PM, 6thfloor

242 views • 5 slides
Control-Flow Graph and Local Optimizations - Part 2 Y.N. Srikant Department of Computer Science

Control-Flow Graph and Local Optimizations - Part 2 Y.N. Srikant Department of Computer Science

Control-Flow Graph and Local Optimizations - Part 2 Y.N. Srikant Department of Computer Science and Automation Indian Institute of Science Bangalore 560 012 NPTEL Course on Principles of Compiler Design Y.N. Srikant Local Optimizations

665 views • 23 slides
Analysis and Optimizations Analysis and Optimizations Program Analysis Program Analysis

Analysis and Optimizations Analysis and Optimizations Program Analysis Program Analysis

Analysis and Optimizations Analysis and Optimizations Program Analysis Program Analysis Discovers properties of a program Optimizations Using Program Analysis Use analysis results to transform program Use analysis results

744 views • 17 slides
Graph IRs Control Flow Graphs + The three-address IR looks like assembly language including

Graph IRs Control Flow Graphs + The three-address IR looks like assembly language including

10/31/2012 Graph IRs Control Flow Graphs + The three-address IR looks like assembly language including control transfer Directed Acyclic Graphs instructions. Eliminate storage and calculation redundancy * Labeling or numbering IR statements

290 views • 3 slides
INF5110 Compiler Construction Code generation Spring 2016 1 / 123 Outline 1. Code

INF5110 Compiler Construction Code generation Spring 2016 1 / 123 Outline 1. Code

INF5110 Compiler Construction Code generation Spring 2016 1 / 123 Outline 1. Code generation Intro 2AC and costs of instructions Basic blocks and control-flow graphs Code generation algo Global analysis Bibs 2 / 123 Outline 1. Code

1.61k views • 123 slides

More recommend