introduction
DESCRIPTION
Introduction. Ever scaling process technology makes embedded systems more vulnerable to soft errors The method of fully duplicating instructions is effective, but has heavy costs in terms of performance, power and memory space Our approach: Checking loop invariants to fight soft errors. - PowerPoint PPT PresentationTRANSCRIPT
725/ASP-DAC 2005 2
Introduction
Ever scaling process technology makes embedded systems more vulnerable to soft errors
The method of fully duplicating instructions is effective, but has heavy costs in terms of performance, power and memory space
Our approach: Checking loop invariants to fight soft errors
725/ASP-DAC 2005 3
Related Work
Traditional approaches to protect against soft errors use spatial redundancy or temporal redundancy [1,2,3].
Pure software-based techniques are based on the replication of code by the compiler, or the insertion of control code.
Control code based methods include assertion [6], algorithm based fault tolerance [7], and code flow checking [8].
725/ASP-DAC 2005 4
Detecting loop invariants
Definition: the loop invariant is a value or property that does not change during the execution of a loop. • Example: a property of “for loop” is that the loop
index is bounded by the lower and upper bounds of the loop, assuming that the loop itself does not explicitly change it.
There exist a lot of publicly-available tools that can extract loop invariants. We exploit Daikon, a dynamic invariant detector that detects likely invariants over the program’s data structures [9].
725/ASP-DAC 2005 5
Approach Overview
• Use Daikon to detect and then filter the loop invariants
• Generate the “checker code” using selected invariants and embed them into the original loop code
for(…)
{
}
LoopBody
Invariant Detector
InvariantInvariantInvariantInvariantInvariant
Invariant Filter
InvariantInvariant
Code Modifier
for(…)
{
}
LoopBody
Checker Code
725/ASP-DAC 2005 6
A Simple Example
Bubble-sort algorithmThese loop invariants must be satisfied during each loop iteration:
Outer loop: last i elements are sorted and are all greater than or equal to the other elements
Inner loop: Same as outer loop and the jth element is greater than or equal to the first j-1 elements
Algorithm bubble-sort(sequence):Input: sequence of integers stored in sequencePost-condition: sequence is sorted and contains the same integers as the original sequencelength = length of sequencefor i = 0 to length - 1 do for j = 0 to length - i -2 do if jth element of sequence >(j+1)th element of sequence then swap jth and (j+1)th element of sequence
725/ASP-DAC 2005 7
A Simple ExampleInvariants detected by Daikon for bubble-sort
In entering the bubble-sort routine:sequence[] != null easy⇒length of sequence[] =10 easy⇒At the beginning of the kth iteration of the outer loop:∀i : 0 ≤ i ≤ k sequence[] sorted by >
⇒ mediumk ≥1 easy⇒k ≤ (length of sequence[] –1) easy⇒At the end of the kth iteration of the outer loop:∀i: length-k+1 ≤ i ≤ length sequence[] sorted by < medium⇒
Invariants classification:
Easy: easy to compute but not touching much data
Difficult: useful for checking soft errors but expensive to compute
Medium: tradeoffs between error coverage and associated overheads.
Only a subset of the medium invariants are used in the checker code
725/ASP-DAC 2005 8
Bubble-sort code with “checker-code”
Check two
medium invariants of bubble-sort using just an additional loop iteration
Algorithm new-bubble-sort(sequence):Post-condition: sequence is sorted and
contains the same integers as the original sequence
length = length of sequencefor i = 0 to length - 1 do for j = 0 to length - i -2 do if jth element of sequence >(j+1)th
element of sequence then swap jth and (j+1)th element of
sequence for k = length - i to length do if jth element of sequence >(j+1)th
element of sequence then error()
725/ASP-DAC 2005 9
Experimental Setup
SimpleScalar v3.0d is modified to get the faults injection statistics
Five benchmarks: iter-merge (iterative merge program), adi (alternate direction integration application), heap-sort, bubble-sort, and mxm
Our loop invariant based approach vs. a full duplication based scheme
725/ASP-DAC 2005 10
Result(1): Error Detection Rate
For different benchmarks, our approach shows very different performance. It is because that our approach depends heavily on the availability of invariants.
0%
20%
40%
60%
80%
100%
Erro
r D
etec
tion
Rat
e
Our approachFull duplication
725/ASP-DAC 2005 11
Result(2): Code size increase
Average code size (executable) increase is 3% and 8%, respectively for our approach and full duplication.
0%2%4%6%8%
10%12%14%16%18%
Cod
e S
ize
Incr
ease
Our approach
Full duplication
725/ASP-DAC 2005 12
Result(3): Execution cycles increase
Our approach is much better than the full duplication scheme in terms of execution time
0%
50%
100%
150%
200%
250%
300%
Exe
cuti
on t
ime
incr
ease Our approach
Full duplication
725/ASP-DAC 2005 13
Result(4): Sensitivity to Error Rate
Error detection rate remains generally stable with changes in the injection rates
0%
20%
40%
60%
80%
100%
e-08 e-09 e-10 e-11Error Injection Rate
Err
or
Dete
ctio
n R
ate
adibubble-sort
725/ASP-DAC 2005 14
Conclusion
Traditional soft error checking methods use either spatial redundancy or temporal redundancy, and are expensive from power, performance and memory space perspective.
Our approach demonstrates that through experimental analysis, loop invariants checking can catch a large fraction of the errors in a less expensive way.
725/ASP-DAC 2005 15
References[1] M. Gomaa, C. Scarbrough, T. N. Vijaykumar, and
I. Pomeranz, Transient-fault recovery for chip multiprocessors. In Proceedings of the International Symposium on Computer Architecture, June 2003.
[2] N. Oh, S. Mitra, and E. J. McCluskey, Error detection by duplicated instructions in Super-scalar processors. IEEE Transactions on Reliability, Vol. 51, Issue 1, Mar. 2002.
[3] B. Nicolescu, R. Velazco, Detecting soft errors by a purely software approach: method, tools and perimental results. In Proceedings of DATE, 2003.
[4] A.V.Aho, J.D. Ullman, Principles of Compiler Design, Addison-Wesley Publishing Company Inc, USA
[5] M. Rebaudengo, et al .Soft-error detection through software fault-tolerance techniques. In Proceedings of the International Symposium on Defect and Fault Tolerance in VLSI Systems, Nov. 1999, pp. 210-218.
[6] M. Zenha Rela, H. Madeira, J. G. Silva, Experimental Evaluation of the Fail-Silent Behavior in Programs with Consistency Checks, Proc. FTCS-26, 1996, pp. 394-403.
[7] K. H. Huang, J. A. Abraham, Algorithm-Based Fault Tolerance for Matrix Operations.In IEEE Trans. Computers, vol. 33, Dec 1984, pp. 518-528.
[8] S. Yau, F. Chen, An Approach to Concurrent Control Flow Checking, IEEE Transactions on Software Engineering, Vol. SE-6, No. 2, March 1980, pp. 126-137.
[9] MIT, The Daikon Invariant Detector User Manual, Apr. 2004.
[10] D. Burger, and T. M. Austin, The SimpleScalar Tool Set, Version 2.0. In University of Wisconsin-Madison CS Department Technical Report #1342, Jun. 1997.