1 iies 2008 thomas heinz (saarland university, cr/aea3) | 22/03/2008 | © robert bosch gmbh 2008....
TRANSCRIPT
1
IIES 2008
Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH 2008. All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights.
semantical equivalenceand
temporal proximity
semantical equivalenceand
temporal proximity
µC X µC Y
001101000110100101100001100001110111000101100111010010001111
00011
...
001101000110100101100001100001110111000101100111010010001111
00011
...
001101000101000101100111101101111011000100001011010010010011
00011
...
001101000101000101100111101101111011000100001011010010010011
00011
...
Preserving temporal behaviour of legacy real-timesoftware across static binary translation
Thomas HeinzSaarland UniversityRobert Bosch GmbH
2
IIES 2008
Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH 2008. All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights.
Outline
Motivation
Static binary translation
Levels of temporal accuracy
Dynamic temporal barrier
Static temporal barrier
3
IIES 2008
Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH 2008. All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights.
Motivation
Life cycle problem
Current “solution”: stockpiling Prognosis of ECU market demand at production time required
(unreliable) Redesign may be necessary
years30
Electronic ECU components
Automotive ECUs
New approach: Automatic Software Retargeting by Static Binary Translation
4
IIES 2008
Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH 2008. All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights.
Static Binary Translation
Sourcebinary
Sourceinstructions
decode binaryand instructions
Interproceduralcontrol flow graph
control flowanalysis
SourceRTL
semanticmapping
AugmentedRTL
TargetRTL
Targetinstructions
codegeneration
programanalyses
instructionselection
Targetbinary
assembler
Main challenge
Preservation oftemporal behaviour
5
IIES 2008
Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH 2008. All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights.
Levels of temporal accuracy
cycles
source
target
fetch
sim_fetch
decode eff. address memory access write-back
sim_dec sim_addr sim_mem sim_wb delay
Cycle accuracy
Instruction accuracy
Basic block accuracy
E.g. used in full-system simulators Software-based approach is not real-time capable Accuracy not required
cycles
source
target
ld R1,[R2]
sim_ld
ld R2,[R3] add R1,R2 st [R3],R1 mul R1,7
sim_ld sim_add sim_mul sim_st delay
Software-based approach only real-time capable if target is vastly superior to source machine Accuracy not required
cycles
source
target
BB1
sim_BB1
BB2
sim_BB2
BB4 BB5BB3
delay sim_BB3 sim_BB4 sim_BB5
Accuracy too imprecise E.g. basic block may contain I/O instruction whose execution point in time is crucial for correct real-time behaviour
Basic block (BB)
Instruction sequence of maximum length with oneentry point (1st instruction) and one exit point (lastinstruction).
6
IIES 2008
Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH 2008. All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights.
Levels of temporal accuracy Synchronization point accuracy
Observation: Some instruction sequences may be executed arbitrarily fast
without affecting the correctness of the temporal behaviour
E.g. arithmetic computations involving only local variables
Solution: Selectively mark critical program points for synchronous
execution
cycles
source
target
ld R1,23
sim_ld
add R1,R2 add R1,R3 st [R4],R1 mul R1,7
sim_add sim_add sim_mul sim_stdelay
synchronization point
7
IIES 2008
Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH 2008. All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights.
Dynamic temporal barrier
Maintain source execution time and compute delay dynamically
s
t
v1
v2 v3
v4
sourcecontrolflow graph
targetcontrolflow graph
sync v3v3
st = current time on source machine
tt = current time on target machine
wait st-tt
st += execution time of v3 on source machine
s
v1
v2
v4
sync tt
Only efficient for simple
architectures as it requires
simulating all execution time
affecting entities (pipeline, cache)
up to an extent
8
IIES 2008
Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH 2008. All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights.
Novel approach: static temporal barrier
Basic idea
Precompute a set of delay constants for each program point andselect the appropriate constant at runtime according to a certaincriterion.
switch (criterion) { case 1: wait( ) ... case m: wait( )}
Temporal barrier forprogram point p
1,pd
mpd ,
Context of p
9
IIES 2008
Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH 2008. All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights.
Context Henrik Theiling. Control Flow Graphs For Real-Time Systems Analysis. PhD thesis,
2002.Idea: Augment nodes with procedure invocation history
int f(int i){ f(...); // p3}
int main(){ f(5); // p1 f(10); // p2}
main() f() p3
p1
p2
e1
e2
e3
e4
e5
e6
main(),ε
f(), (e3,1) p3, (e3,1)p1,ε
p2,ε
f(), (e3,T) p3, (e3,T)
f(), (e4,1) p3, (e4,1) f(), (e4,T) p3, (e4,T)
Call graph
Augmented call graph
p3 has 4 contexts
(e3,1), (e3,T),
(e4,1), (e4,T)
Context = sequence of call edges with saturated counter
10
IIES 2008
Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH 2008. All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights.
Efficient implementationAssign each context a unique integer and maintain current contextand a stack of preceding contexts
Stack implementation: Store (context, counter) to reduce memory consumption
current_context ← context_stack.pop()
context_stack.push(current_context)switch(current_context) { case context_1: switch next_instruction { case addr_1: current_context ← context case addr_2: current_context ← context default: current_context ← context } ... case context_m: current_context ← context}
1,mi
2,1i
3,1i
1,1i
Context maintenance at call instruction
Context maintenance atreturn instruction
11
IIES 2008
Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH 2008. All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights.
Computation of delay constants 1/3Mixed integer quadratic bilevel program formulation
Assumption: target control flow graph is isomorphic to source control flow graph
interprocedural control flow graph with contexts
synchronization points
Variables: Execution count of u
Execution count of e
Delay at v
Constants: BCET of u on source/target machine
WCET of u on source/target machine
BCET of e on source/target machine
WCET of e on source/target machine
s
t
v1
v2 v3
v4
e1
e3e2
e4 e5
e6e7
),( EVG
Vuxu ,0
Eexe ,0
Vub dstsrcu ,/
syncv Vvd ,R 0
Eeb dstsrce ,/
Vuw dstsrcu ,/
VVsync
Eew dstsrce ,/
12
IIES 2008
Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH 2008. All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights.
Computation of delay constants 2/3Static representation of execution time per program point
Each assignment of represents a set of execution paths. are restricted by linear constraints (loop bounds, infeasible
paths,structural constraints, ...) to safely and tightly approximate the set of
possibleexecution paths.
: best case execution times of all paths from s to v on source/target
: worst case execution times of all paths from s to v on source/target
eu xx ,
dstsrcvB /
eu xx ,
vv Ee
srcee
Vu
srcuu
srcv bxbxB
~~
dstsrcvW /
~~~
\
vsyncvsyncv Ee
dstee
VVu
dstuu
VVu
udstuu
dstv bxbxdbxB
is the subgraph of
G that consists of all nodes that
lie on a path from s to v.
is the subgraph of
G that consists of all nodes that
lie on a path from s to v.
),(~~~
vvv EVG All synchronization points
in .
All synchronization points
in .~
vV
All remaining program
points in .
All remaining program
points in .~
vV
13
IIES 2008
Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH 2008. All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights.
Optimization problem
yields delay constants and temporal displacement
Computation of delay constants 3/3Minimizing the worst-case temporal displacement
Temporal displacement = maximum time that the execution of v on the target
machine is ahead or behind of its execution on the source machine
v
srcv
dstv
behindv BW
dstv
srcv
aheadv BW
behindv
aheadvv , max
vVvEeVuxxVvd synceusyncv
maxmaxmin},|,{}|{
source
target
aheadv
source
target
behindv
14
IIES 2008
Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH 2008. All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights.
Side effects of a static temporal barrier Previous assumptions:
Temporal barrier itself (not including delay) has execution time 0
Execution of temporal barrier does not change execution times of subsequent instructions
Useful to determine which synchronization point should be augmented with a temporal barrier, i.e. if holds for a small ε then it is beneficial to omit the temporal barrier at v
Possible approach: Perform static analysis with unkown delay Delay = empty loop Replace by (linear) function where is the delay iteration
count at u
v
ul)( ulfud
15
IIES 2008
Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH 2008. All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights.
Conclusion Novel approach for preserving temporal behaviour of real-time
software using precomputed static temporal barriers
Optimization problem yields safe upper bound of the maximum deviation from the original temporal behaviour (temporal displacement)
Open issues: Efficient solution of the optimization problem Proof of concept that static binary translation yields real-time
capable code for a reasonable pair of source and target microcontroller