towards better compilers and bug finding for sensor networks jens palsberg ucla
Post on 22-Dec-2015
220 views
TRANSCRIPT
![Page 1: Towards better compilers and bug finding for sensor networks Jens Palsberg UCLA](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d795503460f94a5c5ef/html5/thumbnails/1.jpg)
Towards better Towards better compilers and bug findingcompilers and bug finding
for sensor networksfor sensor networksJens PalsbergJens Palsberg
UCLAUCLA
![Page 2: Towards better compilers and bug finding for sensor networks Jens Palsberg UCLA](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d795503460f94a5c5ef/html5/thumbnails/2.jpg)
Embedded networked sensing will reveal previously unobservable
phenomena
QuickTime™ and aTIFF (Uncompressed) decompressor
are needed to see this picture.
![Page 3: Towards better compilers and bug finding for sensor networks Jens Palsberg UCLA](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d795503460f94a5c5ef/html5/thumbnails/3.jpg)
QuickTime™ and aTIFF (Uncompressed) decompressor
are needed to see this picture.
A day in the life of A day in the life of a sensor-network programmera sensor-network programmer
energy stack space
code size
response time
throughput
![Page 4: Towards better compilers and bug finding for sensor networks Jens Palsberg UCLA](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d795503460f94a5c5ef/html5/thumbnails/4.jpg)
Resource tradeoffsResource tradeoffs
Stack space
Code size
Response
time
Throughput
Inlining
Code factoring
Register allocation
Load merging or
Thread binding
Lock inference or or
= improvement = harm
![Page 5: Towards better compilers and bug finding for sensor networks Jens Palsberg UCLA](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d795503460f94a5c5ef/html5/thumbnails/5.jpg)
Inline a call decrease response time decrease stack space increase code size
To inline or not to inline?To inline or not to inline?
code size (bytes)
stack size (bytes)
nesC
![Page 6: Towards better compilers and bug finding for sensor networks Jens Palsberg UCLA](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d795503460f94a5c5ef/html5/thumbnails/6.jpg)
Compiling as usualCompiling as usual
Make the program run as quicklyas possible without sacrificing toomuch memory or compilation time
QuickTime™ and aTIFF (Uncompressed) decompressor
are needed to see this picture.
![Page 7: Towards better compilers and bug finding for sensor networks Jens Palsberg UCLA](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d795503460f94a5c5ef/html5/thumbnails/7.jpg)
QuickTime™ and aTIFF (Uncompressed) decompressor
are needed to see this picture.
QuickTime™ and aTIFF (Uncompressed) decompressor
are needed to see this picture.
QuickTime™ and aTIFF (Uncompressed) decompressor
are needed to see this picture.
QuickTime™ and aTIFF (Uncompressed) decompressor
are needed to see this picture.
QuickTime™ and aTIFF (Uncompressed) decompressor
are needed to see this picture.
QuickTime™ and aTIFF (Uncompressed) decompressor
are needed to see this picture.
Compiling sensor-network code Compiling sensor-network code with compilers for desktop app’swith compilers for desktop app’s
energy stack space
code size
response time
throughput
![Page 8: Towards better compilers and bug finding for sensor networks Jens Palsberg UCLA](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d795503460f94a5c5ef/html5/thumbnails/8.jpg)
The problemThe problem
• Abstraction: don’t worry about resources
• Most high-level languages are like that
• Great for desktop applications
• Bad for sensor networks
• Sensor-network programmers need help from the compiler and the run-time system to meet global resource constraints
![Page 9: Towards better compilers and bug finding for sensor networks Jens Palsberg UCLA](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d795503460f94a5c5ef/html5/thumbnails/9.jpg)
QuickTime™ and aTIFF (Uncompressed) decompressor
are needed to see this picture.
The solution:The solution:resource-aware compilation resource-aware compilation
and bug findingand bug finding Power management Life-time management Stack-size management Code-size management Partitioning of code unto separate nodes Splitting of tasks into separate phases
![Page 10: Towards better compilers and bug finding for sensor networks Jens Palsberg UCLA](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d795503460f94a5c5ef/html5/thumbnails/10.jpg)
Compilation target: Compilation target: Berkeley MotesBerkeley Motes
• Data memory: 0.5-4 KB
• Program memory: 8-128 KB
• Radio links that operate at modem speeds
• Battery capacity: at most 3000 mAh
• 100 times slower than a PDA-class 32-bit embedded processor on crypto functions [Venugopalan et al, CASES 2003]
![Page 11: Towards better compilers and bug finding for sensor networks Jens Palsberg UCLA](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d795503460f94a5c5ef/html5/thumbnails/11.jpg)
The Avrora simulatorThe Avrora simulator
QuickTime™ and aTIFF (Uncompressed) decompressor
are needed to see this picture.
Simulator
Environment
Interpreter
Monitor(user)
Off-chip Devices
On-chip Devices
Fe = Fire EventFp = Fire ProbeFi = Fire InterruptWi = Write IO RegisterWp = Write PinRp = Read Pin
Fp
Fi Wi
Ip
S
S = StartX = StopPi = Post InterruptPe = Post EventIp = Insert Probe
WpRp
Pi
Pe
Event Queue
Pe
Fe
X
Fe
![Page 12: Towards better compilers and bug finding for sensor networks Jens Palsberg UCLA](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d795503460f94a5c5ef/html5/thumbnails/12.jpg)
Simulator comparisonSimulator comparisonportability scalability performance accuracy flexibility program
analysisrequires
Avrora Excellent V. Good Good V. Good Excellent CFG
Stack
Java
TOSSIM Poor Good Excellent Poor Poor None Linux
X86
TinyOS
ncc gcc
AtEmu Fair Poor Fair Excellent Good None GTK2
X gcc
libelf
Libxml2
![Page 13: Towards better compilers and bug finding for sensor networks Jens Palsberg UCLA](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d795503460f94a5c5ef/html5/thumbnails/13.jpg)
A stack-size probe for AvroraA stack-size probe for Avrorasimulator.insertProbe(new StackProbe());…public void fireAfter(Instr i, int address, State s) { int newStack = s.getSP(); if ( lastStack != newStack ) { … } …}…reportQuantity("Maximum stack size", (sprobe.maxStack - sprobe.minStack), "bytes");
![Page 14: Towards better compilers and bug finding for sensor networks Jens Palsberg UCLA](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d795503460f94a5c5ef/html5/thumbnails/14.jpg)
Max stack size Max stack size via Avrora simulationvia Avrora simulation
Blink 19 bytes
CntToLedsAndRfm 44 bytes
HighFrequencySampling 19 bytes
Oscilloscope 44 bytes
SecureTOSBase 26 bytes
SenseToRfm 44 bytes
TestTinySec 72 bytes
TinyOS 1.1.0
![Page 15: Towards better compilers and bug finding for sensor networks Jens Palsberg UCLA](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d795503460f94a5c5ef/html5/thumbnails/15.jpg)
Upper and lower bounds Upper and lower bounds on stack sizeon stack size
Simulation True Static Analysis
sim-based max ≤ true max ≤ s.a.-based max
![Page 16: Towards better compilers and bug finding for sensor networks Jens Palsberg UCLA](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d795503460f94a5c5ef/html5/thumbnails/16.jpg)
Static analysis of max stack sizeStatic analysis of max stack sizeEssential to model:1) the interrupt mask registers2) all general purpose registersEssential technique: context-sensitive, flow-sensitive analysis[Brylow, Damgaard, Palsberg, ICSE 2001][Chatterjee et al, SAS 2003][Regehr, Reid, Webb, EMSOFT 2003]
![Page 17: Towards better compilers and bug finding for sensor networks Jens Palsberg UCLA](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d795503460f94a5c5ef/html5/thumbnails/17.jpg)
The interrupt calculusThe interrupt calculus• A model of basic
aspects of sensor-network programs, etc
• imr: interrupt mask
register
// main
loop { imr = 111 }
handler 1() {
imr[1] = 0
masterbit = 1
iret
}
handler 2() {
imr[2] = 0
masterbit = 1
iret
}
![Page 18: Towards better compilers and bug finding for sensor networks Jens Palsberg UCLA](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d795503460f94a5c5ef/html5/thumbnails/18.jpg)
Watching the stackWatching the stack
h1 h1
h1
h2
h2
![Page 19: Towards better compilers and bug finding for sensor networks Jens Palsberg UCLA](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d795503460f94a5c5ef/html5/thumbnails/19.jpg)
A nasty programming errorA nasty programming errorhandler 1() {
// do something
imr[2] = 1
masterbit = 1
// do something else
iret
}
handler 2() {
// do something
imr[1] = 1
masterbit = 1
// do something else
iret
}
![Page 20: Towards better compilers and bug finding for sensor networks Jens Palsberg UCLA](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d795503460f94a5c5ef/html5/thumbnails/20.jpg)
Checking for unbounded stackChecking for unbounded stackand deciding max stack sizeand deciding max stack size
Can be done with type checking [Palsberg, Ma, FTRTFT 2002] model checking [Chatterjee et al, SAS 2003]
PSPACE-hard in the number of handlers,EXPTIME in the number of handlers.
If handlers always turn their own bit off andnever turn other’s bits on: NP-complete.
![Page 21: Towards better compilers and bug finding for sensor networks Jens Palsberg UCLA](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d795503460f94a5c5ef/html5/thumbnails/21.jpg)
How much do TinyOS app’s How much do TinyOS app’s manipulate the interrupt masks?manipulate the interrupt masks?
masterbit
(sreg[7])
timer mask
(TIMSK)
external mask
(EIMSK)
Blink 26 5 0
CntToLedsAndRfm 129 5 0
HighFrequencySampling 155 9 4
Oscilloscope 93 5 0
SecureTOSBase 157 7 1
SenseToRfm 137 5 0
TestTinySec 157 7 1
TinyOS 1.1.0, counting number of lines of code in app.c
![Page 22: Towards better compilers and bug finding for sensor networks Jens Palsberg UCLA](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d795503460f94a5c5ef/html5/thumbnails/22.jpg)
QuickTime™ and aTIFF (Uncompressed) decompressor
are needed to see this picture.
QuickTime™ and aTIFF (Uncompressed) decompressor
are needed to see this picture.
QuickTime™ and aTIFF (Uncompressed) decompressor
are needed to see this picture.
Will every event be handled before the deadline?
[Brylow, Palsberg, FSE 2003]
Deadline analysisDeadline analysis
QuickTime™ and aTIFF (Uncompressed) decompressor
are needed to see this picture.
Handler
Otherhandler
Our approach: insert test oracles
![Page 23: Towards better compilers and bug finding for sensor networks Jens Palsberg UCLA](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d795503460f94a5c5ef/html5/thumbnails/23.jpg)
Deadline analysisDeadline analysisChallenge: handle periodic events
[Mayur Naik, MS thesis, 2003]
[Ma Di, Ph.D. thesis, 2004]
Decision problems: “is the stack size bounded and
will all events be handled before the deadline?”
Approach: type checking or model checking
Highly expensive
Need approximations to make such analysis faster
![Page 24: Towards better compilers and bug finding for sensor networks Jens Palsberg UCLA](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d795503460f94a5c5ef/html5/thumbnails/24.jpg)
nesCnesCDo we really need another language?
1980: stop designing programming languages;
C is the ultimate language
1990: stop designing programming languages;
C++ is the ultimate language
2000: stop designing programming languages;
Java is the ultimate language
![Page 25: Towards better compilers and bug finding for sensor networks Jens Palsberg UCLA](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d795503460f94a5c5ef/html5/thumbnails/25.jpg)
The current nesC compilerThe current nesC compiler
An extension of the gcc compiler
nesC C assembly codegcc frontend
Problem 1: any modification to the language or the compilermeans hacking the gcc compiler
Problem 2: macros!
![Page 26: Towards better compilers and bug finding for sensor networks Jens Palsberg UCLA](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d795503460f94a5c5ef/html5/thumbnails/26.jpg)
Our approach to compiling nesCOur approach to compiling nesC
We have written a tool, ncp, that does
1) macroexpansion (gcc -E),
2) file closure (“includes”, “uses”, etc), and
3) dead code elimination (based on calls)
TinyOS-distribution-with-macros
ncpnesC C
project gccassembly code
![Page 27: Towards better compilers and bug finding for sensor networks Jens Palsberg UCLA](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d795503460f94a5c5ef/html5/thumbnails/27.jpg)
nesC programs after ncpnesC programs after ncpLines of nesC code
Blink 2072
CntToLedsAndRfm 4766
HFS 7302
Oscilloscope 4144
SecureTOSBase 6890
SenseToRfm 5212
TestTinySec 7293(before dead-code elimination)
![Page 28: Towards better compilers and bug finding for sensor networks Jens Palsberg UCLA](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d795503460f94a5c5ef/html5/thumbnails/28.jpg)
Goals for 2004Goals for 2004• Make TOSSIM obsolete; it will be
subsumed by Avrora• Stack-size analysis in Avrora, generated
from the same instruction-set description as the simulator
• A nesC-compiler framework, in Java• Experimental compilers for splitting tasks,
stack-size management, etc • Language extensions to nesC
![Page 29: Towards better compilers and bug finding for sensor networks Jens Palsberg UCLA](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d795503460f94a5c5ef/html5/thumbnails/29.jpg)
ConclusionConclusion
Towards:
• Resource-aware compilation and static bug finding
• Better simulators
• More diversity in the space of languages, compilers, operating systems, and bug finding tools for sensor networks
![Page 30: Towards better compilers and bug finding for sensor networks Jens Palsberg UCLA](https://reader035.vdocuments.mx/reader035/viewer/2022062421/56649d795503460f94a5c5ef/html5/thumbnails/30.jpg)
Many people contributedMany people contributedStack analysis and deadline analysis: Dennis Brylow, Niels Damgaard, Mayur Naik, Ma Di, Tian Zhao, Krishnendu Chatterjee, Rupak Majumdar, Tom Henzinger.Avrora: Ben Titzerncp: Kevin Changgcc-to-C compilers: students in my course