Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 IIES 2008 Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH 2008. All rights reserved, also regarding any disposal, exploitation,

Similar presentations


Presentation on theme: "1 IIES 2008 Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH 2008. All rights reserved, also regarding any disposal, exploitation,"— Presentation transcript:

1 1 IIES 2008 Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights. semantical equivalence and temporal proximity semantical equivalence and temporal proximity µC XµC Y Preserving temporal behaviour of legacy real-time software across static binary translation Thomas Heinz Saarland University Robert Bosch GmbH

2 2 IIES 2008 Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights. Outline  Motivation  Static binary translation  Levels of temporal accuracy  Dynamic temporal barrier  Static temporal barrier

3 3 IIES 2008 Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights. Motivation Life cycle problem  Current “solution”: stockpiling  Prognosis of ECU market demand at production time required (unreliable)  Redesign may be necessary years30 Electronic ECU components Automotive ECUs New approach: Automatic Software Retargeting by Static Binary Translation

4 4 IIES 2008 Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights. Static Binary Translation Source binary Source instructions decode binary and instructions Interprocedural control flow graph control flow analysis Source RTL semantic mapping Augmented RTL Target RTL Target instructions code generation program analyses instruction selection Target binary assembler Main challenge Preservation of temporal behaviour

5 5 IIES 2008 Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights. Levels of temporal accuracy cycles source target fetch sim_fetch decodeeff. addressmemory accesswrite-back sim_decsim_addrsim_memsim_wbdelay  Cycle accuracy  Instruction accuracy  Basic block accuracy  E.g. used in full-system simulators  Software-based approach is not real-time capable  Accuracy not required cycles source target ld R1,[R2] sim_ld ld R2,[R3]add R1,R2st [R3],R1mul R1,7 sim_ldsim_addsim_mulsim_stdelay  Software-based approach only real-time capable if target is vastly superior to source machine  Accuracy not required cycles source target BB1 sim_BB1 BB2 sim_BB2 BB4BB5BB3 delaysim_BB3sim_BB4sim_BB5  Accuracy too imprecise  E.g. basic block may contain I/O instruction whose execution point in time is crucial for correct real-time behaviour Basic block (BB) Instruction sequence of maximum length with one entry point (1 st instruction) and one exit point (last instruction).

6 6 IIES 2008 Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights. Levels of temporal accuracy  Synchronization point accuracy Observation: Some instruction sequences may be executed arbitrarily fast without affecting the correctness of the temporal behaviour E.g. arithmetic computations involving only local variables Solution: Selectively mark critical program points for synchronous execution cycles source target ld R1,23 sim_ld add R1,R2add R1,R3st [R4],R1mul R1,7 sim_add sim_mulsim_stdelay synchronization point

7 7 IIES 2008 Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights. Dynamic temporal barrier Maintain source execution time and compute delay dynamically s t v1 v2v3 v4 source control flow graph target control flow graph sync v3 v3 st = current time on source machine tt = current time on target machine wait st-tt st += execution time of v3 on source machine s v1 v2 v4 sync t t Only efficient for simple architectures as it requires simulating all execution time affecting entities (pipeline, cache) up to an extent

8 8 IIES 2008 Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights. Novel approach: static temporal barrier Basic idea Precompute a set of delay constants for each program point and select the appropriate constant at runtime according to a certain criterion. switch (criterion) { case 1: wait( )... case m: wait( ) } Temporal barrier for program point p Context of p

9 9 IIES 2008 Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights. Context Henrik Theiling. Control Flow Graphs For Real-Time Systems Analysis. PhD thesis, Idea: Augment nodes with procedure invocation history int f(int i) { f(...); // p3 } int main() { f(5); // p1 f(10); // p2 } main()f() p3 p1 p2 e1 e2 e3 e4 e5 e6 main(),ε f(), (e3,1) p3, (e3,1) p1,ε p2,ε f(), (e3,T) p3, (e3,T) f(), (e4,1) p3, (e4,1) f(), (e4,T) p3, (e4,T) Call graph Augmented call graph p3 has 4 contexts (e3,1), (e3,T), (e4,1), (e4,T) Context = sequence of call edges with saturated counter

10 10 IIES 2008 Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights. Efficient implementation Assign each context a unique integer and maintain current context and a stack of preceding contexts Stack implementation: Store (context, counter) to reduce memory consumption current_context ← context_stack.pop() context_stack.push(current_context) switch(current_context) { case context_1: switch next_instruction { case addr_1: current_context ← context case addr_2: current_context ← context default: current_context ← context }... case context_ m : current_context ← context } Context maintenance at call instruction Context maintenance at return instruction

11 11 IIES 2008 Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights. Computation of delay constants 1/3 Mixed integer quadratic bilevel program formulation Assumption: target control flow graph is isomorphic to source control flow graph interprocedural control flow graph with contexts synchronization points Variables: Execution count of u Execution count of e Delay at v Constants: BCET of u on source/target machine WCET of u on source/target machine BCET of e on source/target machine WCET of e on source/target machine s t v1 v2v3 v4 e1 e3e2 e4e5 e6 e7

12 12 IIES 2008 Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights. Computation of delay constants 2/3 Static representation of execution time per program point Each assignment of represents a set of execution paths. are restricted by linear constraints (loop bounds, infeasible paths, structural constraints,...) to safely and tightly approximate the set of possible execution paths. : best case execution times of all paths from s to v on source/target : worst case execution times of all paths from s to v on source/target is the subgraph of G that consists of all nodes that lie on a path from s to v. is the subgraph of G that consists of all nodes that lie on a path from s to v. All synchronization points in. All synchronization points in. All remaining program points in. All remaining program points in.

13 13 IIES 2008 Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights. Optimization problem yields delay constants and temporal displacement Computation of delay constants 3/3 Minimizing the worst-case temporal displacement Temporal displacement = maximum time that the execution of v on the target machine is ahead or behind of its execution on the source machine source target source target

14 14 IIES 2008 Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights. Side effects of a static temporal barrier  Previous assumptions: Temporal barrier itself (not including delay) has execution time 0 Execution of temporal barrier does not change execution times of subsequent instructions  Useful to determine which synchronization point should be augmented with a temporal barrier, i.e. if holds for a small ε then it is beneficial to omit the temporal barrier at v  Possible approach: Perform static analysis with unkown delay Delay = empty loop Replace by (linear) function where is the delay iteration count at u

15 15 IIES 2008 Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights. Conclusion  Novel approach for preserving temporal behaviour of real-time software using precomputed static temporal barriers  Optimization problem yields safe upper bound of the maximum deviation from the original temporal behaviour (temporal displacement)  Open issues: Efficient solution of the optimization problem Proof of concept that static binary translation yields real-time capable code for a reasonable pair of source and target microcontroller


Download ppt "1 IIES 2008 Thomas Heinz (Saarland University, CR/AEA3) | 22/03/2008 | © Robert Bosch GmbH 2008. All rights reserved, also regarding any disposal, exploitation,"

Similar presentations


Ads by Google