challenges of analysis or why wcet analysis does not work
play

Challenges of analysis or Why WCET analysis does not work now and - PowerPoint PPT Presentation

Dec 16, 2022 •91 likes •420 views

Timing Analysis Seminar / Aalto ESG Challenges of analysis or Why WCET analysis does not work now and will not work in the future Niklas Holsti Tidorum Ltd www.tidorum.fi Tid rum Timing Analysis / Aalto ESG / T-106.5840, 12.5.2011 slide 1

  1. Timing Analysis Seminar / Aalto ESG Challenges of analysis or Why WCET analysis does not work now and will not work in the future Niklas Holsti Tidorum Ltd www.tidorum.fi Tid rum Timing Analysis / Aalto ESG / T-106.5840, 12.5.2011 slide 1 of 31

  2. Outline: the dark prospects Definition of WCET analysis: given an application ● program , and some time-constrained part of that program, find an upper bound on the execution time of this part on a given processor . Issues: ● – What is a “program”? – What is a “time-constrained part” of the program? – What is a “processor”? – Who cares? Greed and anomalies ● Some interesting questions that might be solvable ● – flow analysis only Summary ● Tid rum Timing Analysis / Aalto ESG / T-106.5840, 12.5.2011 slide 2 of 31

  3. Main reason for WCET analysis problems As far as is known (!), ● – SW deadline misses have not killed anyone – SW deadline misses have not cost anyone millions of €, $, ¥ Consequently, ● – WCET analysis is seldom a critical requirement – HW designers target performance, not predictability – SW designers target functionality, not analysability – System testers target complex cases, not worst cases Why have deadline misses not been fatal? ● – real-time systems are usually very robust ● occasional deadline misses are easily tolerated ● eg. Apollo 11 lunar landing – real-time systems are usually very periodic ● systematic deadline misses usually found in testing Tid rum Timing Analysis / Aalto ESG / T-106.5840, 12.5.2011 slide 3 of 31

  4. So why work on WCET analysis? “X-by-wire” in aerospace and automotive ● – increased risk of death & damage – or extensive and expensive product recalls (of cars) prof. R. Wilhelm, father of aiT & AbsInt, re automotive: ● “They now [2010] understand that they need something like this, but now they don't have the money for it.” I am an anal-retentive control freak ● – no, really... – the intellectual challenge: euphemism? – basic programmer anxiety: do I understand my program ? – relieved by making an automatic tool to analyse programs Well ok, it is really interesting ● – find practical, partial analysis for unsolvable problem – balancing act Tid rum Timing Analysis / Aalto ESG / T-106.5840, 12.5.2011 slide 4 of 31

  5. Worst-case analysis in verification Verification often needs worst-case performance analysis ● – but not necessarily by means of WCET analysis tools – “state of the art” methods are enough As WCET tools become available: ● – the “state of the art” advances – verifiers/certifiers may start to require WCET analysis – chicken and egg... Tid rum Timing Analysis / Aalto ESG / T-106.5840, 12.5.2011 slide 5 of 31

  6. Would WCET analysis have helped? Helicopter (Chinook?) crash kills about thirty ● – push-button switch toggles engine mode – present mode indicated by light in button – sometimes light changes a few seconds after button press ● pilot thinks button not pressed, or did not work ● pilot presses button again, changing mode again Therac-25 radiotherapy machine kills three, injures many ● – timing errors and race conditions in user interface lead to wrong machine configurations, giving overdoses JAS Gripen crashes, two planes lost, pilots survive ● – pilot-induced oscillation (PIO) ● slow response to pilot stick commands ● pilot increases command, more stick deflection ● airplane responds much more than pilot intended Tid rum Timing Analysis / Aalto ESG / T-106.5840, 12.5.2011 slide 6 of 31

  7. Evolution in programs Program architecture evolves ● – new styles and paradigms – new languages and tools All programs Typical WCET programs tool year 2020 Typical Typical programs programs year 2000 year 2010 Tid rum Timing Analysis / Aalto ESG / T-106.5840, 12.5.2011 slide 7 of 31

  8. What is a program? Historically: ● – machine code compiled and linked from source code – burned into the (EEP)ROM, same in all units – invariant during execution, not self-modifying – understood by the programmers , at least on the source- code level, often on the machine code level too Now becoming: ● – a “model” in Matlab/Simulink, UML, or whatever – created by 5-10-100-... programmers – who do not understand how the model is converted into machine code for execution, via C or Java, bytecode, JIT, DLLs, etc, etc. – the final machine code may be different depending on the unit, the external and internal conditions, and the phase of the moon, and may change during the execution Tid rum Timing Analysis / Aalto ESG / T-106.5840, 12.5.2011 slide 8 of 31

  9. Consequences 1: Hiding global control flow Only local control-flow is visible in C/machine code ● – global control-flow only in the model (FSM) – code for FSM is an eternal loop with a case statement – WCET analysis finds the worst “case” in the loop – sequences of FSM states are hidden from flow analysis Does it matter? ● – no, if the required deadline concerns each FSM step ● WCET for worst “case” is WCET for any FSM step – yes, for WCET of a “transaction” with several FSM steps Solution? ● – identify the FSM “state” var and its changes in the code – import or reconstruct the FSM state graph – include state graph in IPET, with connections to CFG Analysis of a VM + bytecode: same problem ● Tid rum Timing Analysis / Aalto ESG / T-106.5840, 12.5.2011 slide 9 of 31

  10. Consequences 2: More data-dependent flow In several ways: ● – virtual function calls depend on object class – table-driven routines depend on table contents – call-backs depend on call-back pointers Present value analysis in WCET tools unsuitable ● – interval domain poor for object class, pointer, enum – ditto polyhedron domain Solution? ● – for static (constant) data: see consequences 4 – for dynamic (variable) data: see consequences 1? – apply “shape analysis” to the data? Tid rum Timing Analysis / Aalto ESG / T-106.5840, 12.5.2011 slide 10 of 31

  11. Consequences 3: More function pointers Reasons for it ● – object-oriented designs (virtual function calls) – call-backs to compose “SW components” – or to specialize “SW frameworks” Problems ● – call-graph hard to recover from machine code – but the design tool probably knows it very well ! Why are function pointers so hard to analyse? ● – they are initialised far away from their uses – they are held in memory, subject to aliasing – over-estimation has drastic effects on the analysis Solutions? ● – convince code generators not to use function pointers – or generate also the annotations to help WCET tools Tid rum Timing Analysis / Aalto ESG / T-106.5840, 12.5.2011 slide 11 of 31

  12. Consequences 4: More initialization code Running at SW boot: ● – crt0, of course, but also: – object constructors – registry calls, call-back set-ups – HW presence checks & adaptations The linked memory image is no longer a good description ● of the state of the program at execution time – analysis of a subprogram/thread must consider the global state set up by the boot/init code Solution? ● – simulate or execute the boot/init code – dump an “execution-ready” memory image for analysis – the value-analysis of a WCET tool is almost a simulator Tid rum Timing Analysis / Aalto ESG / T-106.5840, 12.5.2011 slide 12 of 31

  13. Consequences 5: Inhuman code Example: “Averest” model (“synchronous” language) ● – model as concurrent FSMs – construct product automaton, generate C code Result: single C function with ● – ~ 200,000 instructions, including – ~ 20,000 branch instructions – Bound-T fails (stack overflow) while building the CFG Solutions? ● – shoot educate the translator programmers? – develop intra-procedural division into components? ● one loop ● one case of a switch ● one branch of a conditional ● ugh... Tid rum Timing Analysis / Aalto ESG / T-106.5840, 12.5.2011 slide 13 of 31

  14. What is a “time-constrained part”? Historically for WCET analysis ● – one subprogram (function) ● the main function of a thread ● an interrupt handler ● a critical (blocking) operation or region – anyway, a piece of sequentially executing code Now becoming: ● – a transaction from input event to response, involving ● some computations, perhaps on one or more cores ● some communications over buses/channels ● some waiting for the above – thus, many small pieces of sequential code – where does WCET analysis end and schedulability begin? Tid rum Timing Analysis / Aalto ESG / T-106.5840, 12.5.2011 slide 14 of 31

  15. What is a processor? Historically: ● – a machine that executes one sequence of instructions ● from a standard instruction set for this architecture – using a well-defined, stable sequence of cycles / stages ● fetch, decode, execute, ... – same for many applications Now becoming: ● – a system of communicating, parallel functional units ● each with its internal history-dependent state – executing several instruction streams ● in parallel, with dynamic scheduling and ordering ● with wildly varying execution time per instruction – depending also on the implementation of the architecture ● eg. ARM chips from various manufacturers Tid rum Timing Analysis / Aalto ESG / T-106.5840, 12.5.2011 slide 15 of 31

Recommend

Control Flow Analysis for WCET Analysis Bjrn Lisper School of Innovation, Design, and

Control Flow Analysis for WCET Analysis Bjrn Lisper School of Innovation, Design, and

Control Flow Analysis for WCET Analysis Bjrn Lisper School of Innovation, Design, and Engineering Mlardalen University bjorn.lisper@mdh.se 2017-07-18 Dagstuhl Seminar on Resource Bound Analysis Standard Scheme for WCET Analysis WCET

514 views • 30 slides
Worst-Case Execution-Time Analysis WCET Analysis slides: P. Puschner, R. Kirner, B. Huber

Worst-Case Execution-Time Analysis WCET Analysis slides: P. Puschner, R. Kirner, B. Huber

Worst-Case Execution-Time Analysis WCET Analysis slides: P. Puschner, R. Kirner, B. Huber Time in RTS Construction Design Architecture, resource planning, schedules Implementation Timing Analysis Schedulability analysis, WCET analysis 2

508 views • 35 slides
Identifying Relevant Parameters to Improve WCET Analysis Jakob Zwirchmayr 2 , Pascal Sotin 2 ,

Identifying Relevant Parameters to Improve WCET Analysis Jakob Zwirchmayr 2 , Pascal Sotin 2 ,

Identifying Relevant Parameters to Improve WCET Analysis Jakob Zwirchmayr 2 , Pascal Sotin 2 , Armelle Bonenfant 2 Denis Claraz 3 , Philippe Cuenot 3 WCET Workshop Madrid, July 8, 2014 1 This work is supported by ANR W-SEPT. 2 Universit e

348 views • 17 slides
Modular WCET Analysis of ARM Processors Andreas Engelbredt Dalsgaard Mads Christian Olesen

Modular WCET Analysis of ARM Processors Andreas Engelbredt Dalsgaard Mads Christian Olesen

Modular WCET Analysis of ARM Processors Andreas Engelbredt Dalsgaard Mads Christian Olesen Martin Toft Ren e Rydhof Hansen Kim Guldstrand Larsen Introduction Challenges Tool-Chain Value Analysis Demo Conclusion The Problem Problem

461 views • 32 slides
Using a WCET Analysis Tool in Real-Time Systems Education Samuel Petersson*, Andreas Ermedahl*,

Using a WCET Analysis Tool in Real-Time Systems Education Samuel Petersson*, Andreas Ermedahl*,

Using a WCET Analysis Tool in Real-Time Systems Education Samuel Petersson*, Andreas Ermedahl*, Anders Pettersson*, Daniel Sundmark*, and Niklas Holsti # *Mlardalen Real-Time Research Center (MRTC) # Tidorum Ltd Status of WCET analysis

253 views • 12 slides
Extending the Path Analysis Technique to Obtain a Soft WCET Paul Keim, Amanda Noyes, Drew

Extending the Path Analysis Technique to Obtain a Soft WCET Paul Keim, Amanda Noyes, Drew

Extending the Path Analysis Technique to Obtain a Soft WCET Paul Keim, Amanda Noyes, Drew Ferguson, Josh Neal, Chris Healy Department of Computer Science, Furman University Overview Hard versus soft WCET Incorporating soft WCET in

269 views • 13 slides
Efficient Analysis of Pipeline Models for WCET Computation Stephan Wilhelm (sw@absint.com)

Efficient Analysis of Pipeline Models for WCET Computation Stephan Wilhelm (sw@absint.com)

A b s I n t Efficient Analysis of Pipeline Models for WCET Computation Stephan Wilhelm (sw@absint.com) AbsInt GmbH and Saarland University Outline 1. aiTs pipeline analysis 3. Why improve its efficiency? 5. BDD based pipeline analysis 7.

300 views • 10 slides
WCET Analysis: The Annotation Language Challenge 1 Raimund Kirner, Jens Knoop, Adrian Prantl,

WCET Analysis: The Annotation Language Challenge 1 Raimund Kirner, Jens Knoop, Adrian Prantl,

WCET Analysis: The Annotation Language Challenge 1 Raimund Kirner, Jens Knoop, Adrian Prantl, Markus Schordan and Ingomar Wenzel Institute of Computer Languages Vienna University of Technology July 3, 2007 1This work has been partially

164 views • 13 slides
WCET Analysis for Preemptive Scheduling Sebastian Altmeyer 1 Gernot Gebhard 2 1 Saarland University

WCET Analysis for Preemptive Scheduling Sebastian Altmeyer 1 Gernot Gebhard 2 1 Saarland University

WCET Analysis for Preemptive Scheduling Sebastian Altmeyer 1 Gernot Gebhard 2 1 Saarland University 2 AbsInt GmbH WCET Workshop, July 2008 Overview 1 Preemptive Scheduling Targeted System Preemptive vs. Non-preemptive Scheduling 2 Influence

321 views • 19 slides
BEST: a Binary Executable Slicing Tool and its use to improve Model Checking-based WCET Analysis

BEST: a Binary Executable Slicing Tool and its use to improve Model Checking-based WCET Analysis

BEST: a Binary Executable Slicing Tool and its use to improve Model Checking-based WCET Analysis Armel Mangean 1 Jean-Luc Bchennec 2 Mikal Briday 3 Sbastien Faucou 3 IRCCyN, UMR CNRS 6597 1 cole Centrale de Nantes, 2 CNRS , 3 Universit

560 views • 27 slides
WCET Analysis of ARM Processors using Real-Time Model Checking Andreas Engelbredt Dalsgaard Mads

WCET Analysis of ARM Processors using Real-Time Model Checking Andreas Engelbredt Dalsgaard Mads

WCET Analysis of ARM Processors using Real-Time Model Checking Andreas Engelbredt Dalsgaard Mads Christian Olesen Martin Toft Ren e Rydhof Hansen Kim Guldstrand Larsen { andrease,mchro,mt,rrh,kgl } @cs.aau.dk Department of Computer Science

439 views • 27 slides
Contextual Analysis SWEN-444 Contextual analysis Systematic analysis of contextual user work

Contextual Analysis SWEN-444 Contextual analysis Systematic analysis of contextual user work

Contextual Analysis SWEN-444 Contextual analysis Systematic analysis of contextual user work activity data Identification, sorting, organization, interpretation, consolidation, and communication For purpose of understanding work context for

449 views • 26 slides
The Auspicious Couple: Symbolic Execution Jens Knoop, Laura Kov acs, and WCET Analysis

The Auspicious Couple: Symbolic Execution Jens Knoop, Laura Kov acs, and WCET Analysis

The Auspicious Couple: Symbolic Execution and WCET Analysis Armin Biere, The Auspicious Couple: Symbolic Execution Jens Knoop, Laura Kov acs, and WCET Analysis Jakob Zwirchmayr Motivation Armin Biere, Jens Knoop, Laura Kov acs,

1.38k views • 49 slides
Automatic WCET Analysis of Real-Time Parallel Applications Haluk Ozaktas Christine Rochange

Automatic WCET Analysis of Real-Time Parallel Applications Haluk Ozaktas Christine Rochange

Automatic WCET Analysis of Real-Time Parallel Applications Haluk Ozaktas Christine Rochange Pascal Sainrat IRIT Universit e de Toulouse July 9, 2013 13th International Workshop on Worst-Case Eexecution Time 1 Introduction Motivation

438 views • 21 slides
Experiences from Industrial WCET Analysis Case Studies Andreas Ermedahl, Jan Gustafsson, and

Experiences from Industrial WCET Analysis Case Studies Andreas Ermedahl, Jan Gustafsson, and

Experiences from Industrial WCET Analysis Case Studies Andreas Ermedahl, Jan Gustafsson, and Bjrn Lisper Dept. of Computer Science and Electronics Mlardalen University (andreas.ermedahl, jan.gustafsson, bjorn.lisper)@mdh.se June 29, 2005

281 views • 26 slides
WCET Analysis for Multi-Core Processors with Shared Buses and Event-Driven Bus Arbitration

WCET Analysis for Multi-Core Processors with Shared Buses and Event-Driven Bus Arbitration

WCET Analysis for Multi-Core Processors with Shared Buses and Event-Driven Bus Arbitration Michael Jacobs, Sebastian Hahn, Sebastian Hack Department of Computer Science Saarland University November 16, 2015 saarland university computer

653 views • 39 slides
State-of-the-art of WCET (Worst- Case Execution Time) Estimation methods Isabelle PUAUT

State-of-the-art of WCET (Worst- Case Execution Time) Estimation methods Isabelle PUAUT

State-of-the-art of WCET (Worst- Case Execution Time) Estimation methods Isabelle PUAUT University de Rennes I / IRISA Rennes (CAPS) September 2007 Outline Context: real-time systems Timing analysis methods Classes of WCET

681 views • 40 slides
SESE Introduction Background Cache Analysis for Diverse Programs Evaluation Conclusion

SESE Introduction Background Cache Analysis for Diverse Programs Evaluation Conclusion

Instruction Caches in Static WCET Analysis of Artificially Diversified Software Joachim Fellmuth, Thomas G othel, Sabine Glesner Technische Universit at Berlin Software and Embedded Systems Engineering ECRTS 2018, Barcelona SESE

667 views • 40 slides
EDA045F: Program Analysis LECTURE 8: DYNAMIC ANALYSIS 1 Christoph Reichenbach In the last

EDA045F: Program Analysis LECTURE 8: DYNAMIC ANALYSIS 1 Christoph Reichenbach In the last

EDA045F: Program Analysis LECTURE 8: DYNAMIC ANALYSIS 1 Christoph Reichenbach In the last lecture. . . More Points-to Analysis Memory Errors 2 / 44 Challenges to Static Analysis Static analysis is far from solved Very active

574 views • 42 slides
Technical Analysis Technical Analysis Technical Analysis Technical Analysis Introduction

Technical Analysis Technical Analysis Technical Analysis Technical Analysis Introduction

Technical Analysis Technical Analysis Technical Analysis Technical Analysis Introduction Technical analysis is the attempt to forecast stock prices on the basis of market-derived data. Technicians (also known as quantitative analysts or

853 views • 73 slides
High Speed Traffic Analysis for High-Speed Traffic Analysis for Security: Challenges &

High Speed Traffic Analysis for High-Speed Traffic Analysis for Security: Challenges &

High Speed Traffic Analysis for High-Speed Traffic Analysis for Security: Challenges & Approaches Security: Challenges & Approaches C-DAC Asia-Pacific Advanced Network 32 nd Meeting, India Habitat Centre, New Delhi APAN 32nd Meeting,

647 views • 28 slides
1 Analysis Information Where Do Facts Hold? How much information depends on the client

1 Analysis Information Where Do Facts Hold? How much information depends on the client

711? CS711 Advanced Programming Languages Topics in Program Analysis Radu Rugina Fall 2005 CS711 Overview 2 Program Analysis Static vs. Dynamic Static analysis: inspect programs at compile-time Static analysis: Work done at

282 views • 4 slides
Analysis Work Group. HYDROLGIC SCIENCE at the NATIONAL SCIENCE FOUNDATION L. Douglas James

Analysis Work Group. HYDROLGIC SCIENCE at the NATIONAL SCIENCE FOUNDATION L. Douglas James

Disclaimer: This report is not a product of the Hydrologic Frequency Analysis Work Group and the opinions expressed in the paper are those of the authors and do not necessarily reflect those of the members of the Hydrologic Frequency Analysis Work

201 views • 3 slides
Analysis of path exclusions at the assembly level 7th Int'l Workshop on Worst-Case Execution

Analysis of path exclusions at the assembly level 7th Int'l Workshop on Worst-Case Execution

Analysis of path exclusions at the assembly level 7th Int'l Workshop on Worst-Case Execution Time (WCET) Analysis Ingmar Stein, Florian Martin ingmar@absint.com The Goal A Jump conditions B C are equivalent 10 100 D E F 200 110

411 views • 24 slides

More recommend