Data-flow Analysis for Interruptdriven Microcontroller Software
|
|
- Annice Cunningham
- 6 years ago
- Views:
Transcription
1 Data-flow Analysis for Interruptdriven Microcontroller Software Nathan Cooprider Advisor: John Regehr Dissertation defense School of Computing University of Utah
2 Data-flow Analysis for Interruptdriven Microcontroller Software A whole program analysis Targeting embedded C programs Suitable for use in a compiler 2
3 Microcontrollers (MCUs) 10 billion units / year $12.5 billion market in 2006 Cheap Resource constrained e.g. Wireless sensor networks Mica2 mote ATmega 128L (4 MHz 8-bit MCU) 128 kb code, 4 kb data SRAM 3
4 Problem Resources are constrained Software outlives hardware Code reuse leads to bloat Low-level code confuses analysis Interrupt-driven concurrency Device register access 4
5 Solution Traditional data-flow analysis Not adequate precision for MCU software New techniques to increase precision Deal with concurrency Track volatile data Use in code transformations Optimizations Thesis statement 5
6 Contributions Analysis techniques Interatomic concurrent data-flow (ICD) Tracking data through volatile variables Tool cxprop Applications Practical memory safety Safe TinyOS Offline RAM Compression 6
7 Open-source OS for WSNs Written in nesc Dialect of C Concurrency Tasks and interrupts No threads Atomic sections main task task Interrupt Interrupt task 7
8 ICD Volatile tracking c X p r o p Abstract interpretation Safe TinyOS RAM compression Conditional x propagation Pointer analysis 8
9 Abstract interpretation switch (x) {... break; case 42: case 7: case -1: if (x < 0) x={42,7,-1} x *= -1; x++; if (x == 0) assert(0); break; {42,7}... Abstract domain {} or {42,7,-1} or Abstract values Form poset Subset relation ( ) Lattice Undefined ( ) {42} {7} {-1} Unknown ( ) {7,-1} {42,-1} 9
10 Abstract interpretation switch (x) {... break; case 42: case 7: case -1: if (x < 0) x={42,7,-1} x *= -1; x++; if (x == 0) assert(0); break;... Abstract domain Abstract values Form poset Subset relation ( ) Lattice Undefined ( ) Unknown ( ) Data-flow analysis Transfer functions Merging ( ) Fixed point 10
11 Abstract interpretation {42,7} Τ {43,8,2} Τ x<0< x++; x==0 {42,7,-1} Τ Τ{-1} Τ{42,7,1} {43,8,2} Τ Τ x*=-1; {1} Τ assert(0); Τ Abstract domain Abstract values Form poset Subset relation ( ) Lattice Undefined ( ) Unknown ( ) Data-flow analysis Transfer functions Merging ( ) Fixed point 11
12 ICD Volatile tracking c X p r o p Abstract interpretation Safe TinyOS RAM compression Conditional x propagation Pointer analysis 12
13 Interrupt-driven concurrency Problems C statements not necessarily atomic x = 0x4242; ldi r24, 0x42 Interrupt ldi r25, 0x42 13
14 Interrupt-driven concurrency Problems C statements not necessarily atomic Preempts sequential control flow Complicated control flow A race Synchronization One flow does not break another Bad synchronization happens Difficult or impossible to reason about Must deal with conservatively ( ) 14
15 Related work Thread-based concurrency M. B. Dwyer, L. A. Clarke, J. M.Cobleigh, and G. Naumovich. Flow analysis for verifying properties of software systems. TOSEM M. C. Rinard. Analysis of multithreaded programs. SAS Leveraging race detection R. Chugh, J. W. Voung, R. Jhala, and S. Lerner. Dataflow analysis for concurrent programs using datarace detection. PLDI Formal semantics X. Feng, Z. Shao, Y. Dong, Y. Gho. Certifying low-level programs with hardware interrupts and preemptive threads. PLDI
16 Race detection Lockset analysis - standard technique Lock status = interrupt enable bit status Only one lock no lock aliasing nesc uses lexical nesting Data classification Unshared accessed only from main Shared accessed from interrupts 16
17 Race detection Accessed without locking Written in shared or unlocked unshared code Accessed in shared code Data classification Unshared accessed only from main Shared accessed from interrupts R A C E 17
18 Race detection case analysis Interrupt Write Read Use Not Racing racing Interrupt or task Access Write Read Atomic section 18
19 Data classification Data Heap Static (Global) Stack Sequential Shared Concurrent Racing Not racing 6% 44% Unshared 50% 19
20 Published at LCTES 2006 Atomic interleaving Atomic section main Interrupt Atomic section Atomic section Interatomic Concurrent Data-flow 20
21 Volatile C type qualifier volatile int Special case of C s memory model Read value may change randomly Write may affect system state E.g., racing data, device registers Behavior opaque at C level Prevents compiler optimizations 21
22 Tracking volatile RAM Locate variables backed by RAM Introduce concurrency information Interatomic concurrent dataflow Have sound approximation of mutators Behavior not opaque at system level Safely analyze volatile variables in RAM 22
23 Tracking volatile device registers Hardware registers Memory mapped I/O Hardware not actually random (volatile) Can track using MCU-specific information OK to track individual bits Instead of whole register Interrupt bit of status register Volatile tracking 23
24 Pointer analysis Points-to sets must and may alias Two pluggable domains Subtleties from context-insensitivity Targets: Device registers Scalars Structs Arrays not-null Heap Pointer analysis 24
25 Conditional X propagation Pluggable abstract domains From conditional constant propagation Clean domain interface Transfer functions Abstract interpretation utility functions Abstract domain Conditional X propagation Analysis 25
26 Domains Constant Bitwise Value set Interval Conditional X propagation 26
27 ICD Volatile tracking c X p r o p Abstract interpretation Safe TinyOS RAM compression Conditional x propagation Pointer analysis 27
28 Struct splitter Inliner Cleaner Fixed point computation Value-flow Pointer-flow ICD Volatile tracking Constant propagation Dead code elimination Dead data elimination Transformations Cleaner Implemented as a CIL extension 28
29 Suppose we have a WSN 29
30 Suppose we have a WSN What happened? State got corrupted array Memory out-of-bounds safety error Hard to debug Limited visibility into executing systems Difficult to replicate complex bugs Memory safety can Catch all pointer and array bounds errors Before they corrupt state Provide a choice of recovery action Display error message or reboot 30
31 Safe TinyOS Expand Deputy: existing solution for making C safe into system safety Modify TinyOS to work with Deputy Enforce Deputy s safety model under concurrency Reduce overhead cxprop Published at SenSys
32 Safe TinyOS toolchain run modified nesc compiler enforce safety using Deputy int post(val_t* int post(val_t* COUNT(n) buf, buf, int n); int n); TinyOS code Annotate Safe TinyOS code deal with concurrency compress error messages Safe TinyOS app whole-program optimization cxprop cxprop Modify TinyOS to work with Deputy Enforce Deputy s safety model under concurrency Reduce overhead 32
33 Concurrency Deputy enforces safety in sequential code cxprop avoids extraneous protection Only racing variables need protection Atomic block Potentially unsafe read to local Interrupt Deputy check Potentially unsafe Read local read If ( ) 33
34 Code size 35
35 Code size 35% 13% -11% Safe TinyOS 36
36 A closer look at RAM usage On-chip RAM for MCUs expensive Kilobytes, not megabytes or gigabytes Data in SRAM 6 transistors / bit SRAM can dominate power consumption of a sleeping chip 37
37 A closer look at RAM usage On-chip RAM for MCUs expensive Kilobytes, not megabytes or gigabytes On-chip RAM is persistently scarce in tiny MCU-based systems Data in SRAM 6 transistors / bit SRAM can dominate power consumption of a sleeping chip Is RAM used efficiently? Performed value profiling for MCU apps Apps already heavily tuned for RAM usage Result: Average byte stores four values! 38
38 Offline RAM compression Automated sub-word packing for statically allocated scalars, pointers, structs, arrays No heap on targeted MCUs Trades ROM and CPU cycles for RAM Published at PLDI
39 Method x variable that occupies n bits V x conservative estimate of value set log 2 V x < n RAM compression possible C x another set such that C x = V x f x bijection between V x and C x n - log 2 C x bits saved through compression of x 40
40 Example Compression void (*function_queue[8])(void); 41
41 Example Compression x void (*function_queue[8])(void); n = size of a function pointer = 16 bits 42
42 Example Compression x V x &function_a &function_b &function_c NULL 43
43 Example Compression x V x n = 16 bits V x = 4 log 2 V x < n 2 < 16 44
44 Example Compression x V x C x f x V x to C x compression f x -1 C x to V x decompression 3 45
45 Example Compression ROM x C x V x = {,,, } f x compression table scan f x -1 decompression table lookup 46
46 Example Compression ROM x C x V x = {,,, } bits reduced to 16 bits 112 bits of RAM saved 47
47 RAM compression results 49
48 RAM compression results cxprop (no compression) 10% RAM reduction 20% ROM reduction 5.9% duty cycle reduction Compression 22% RAM reduction 3.6% ROM reduction 29% duty cycle increase Tradeoffs 50
49 ICD Volatile tracking c X p r o p Abstract interpretation Safe TinyOS RAM compression Conditional x propagation Pointer analysis 51
50 Conclusion Interatomic concurrent data-flow Volatile data may be tracked Better analysis more optimizations Safe TinyOS practical memory safety RAM compression 22% RAM reduction Thank you 52
51 53
52 Cost/Benefit Ratio C i A i B i V C access profile A,B platform-specific costs V cardinality of value set S u S c S u original size S c compressed size 54
53 Turning the RAM Knob 0% 55
54 Turning the RAM Knob 10% 56
55 Turning the RAM Knob 20% 57
56 Turning the RAM Knob 30% 58
57 Turning the RAM Knob 40% 59
58 Turning the RAM Knob 50% 60
59 Turning the RAM Knob 60% 61
60 Turning the RAM Knob 70% 62
61 Turning the RAM Knob 80% 63
62 Turning the RAM Knob 90% 64
63 Turning the RAM Knob 100% 65
64 Turning the RAM Knob 95% 66
65 Future work Triggering and sequencing Timer interrupt handler Fire Sense Trigger Data ready interrupt handler Fire Caching compressed values Data decompress read x x decompress read x x decompress read x x 67
66 More related work Safe TinyOS R. K. Rengaswamy, E. Kohler, and M. Srivastava. Softwarebased memory protection in sensor nodes. EmNets B. L. Titzer. Virgil: Objects on the head of a pin. OOPSLA S. Kowshik, D. Dhurjati, and V. Adve. Ensuring code safety without runtime checks for real-time control systems. CASES Offline RAM compression Y. Zhang and R. Gupta. Compressing heap data for improved memory performance. Software Practice and Experience L. S. Bai, L. Yang, and R. P. Dick. Automated compile-time and run-time techniques to increase usable memory in MMU-less embedded systems. CASES
67 PAG Program Analysis Generator Domain specific language input describes Domain lattice Transfer functions Language-describing grammar Fixed point solution method Data-flow analyzer as output Does not deal with concurrency Used to evaluate fixed point solutions 69
68 Feature comparison 12% 5.5% 70
69 Domain comparison 71
70 Resource reduction 12% 8.3% 2.5% 1.8% 72
71 Published at LCTES 2006 Atomic interleaving Atomic section main Atomic section Interrupt Atomic section Interrupt Atomic section Interatomic Concurrent Data-flow 73
72 Context insensitivity a is a global variable foo int x = 7; bar(&x); a = {27} x = {7} {7,42} bar(int *y) goo(y); a = {27} y = {&x} goo(int *z) *z = 42; a = *z; a = {7,27,42} {27} z = {&x} 74
73 Benchmark descriptions AVR ATmega128 code TinyOS 3,000-26,000 lines of C code Analysis times - seconds to an hour Metrics Duty cycle % of time processor is on Obtained from Avrora Cycle-accurate simulator for WSNs Code size and data size 75
74 Wireless sensor networks 10 billion units / year $12.5 billion market in 2006 Cheap Resource constrained e.g. Wireless sensor networks Mica2 mote ATmega 128L (4 MHz 8-bit MCU) 128 KB code, 4 KB data SRAM 76
Static Analysis of Embedded C
Static Analysis of Embedded C John Regehr University of Utah Joint work with Nathan Cooprider Motivating Platform: TinyOS Embedded software for wireless sensor network nodes Has lots of SW components for
More informationStatic Analysis of Embedded C Code
Static Analysis of Embedded C Code John Regehr University of Utah Joint work with Nathan Cooprider Relevant features of C code for MCUs Interrupt-driven concurrency Direct hardware access Whole program
More informationTowards a Resilient Operating System for Wireless Sensor Networks
Towards a Resilient Operating System for Wireless Sensor Networks Hyoseung Kim Hojung Cha Yonsei University, Korea 2006. 6. 1. Hyoseung Kim hskim@cs.yonsei.ac.kr Motivation (1) Problems: Application errors
More informationEfficient Memory Safety for TinyOS
Efficient Memory Safety for TinyOS Nathan Cooprider Will Archer Eric Eide David Gay John Regehr University of Utah, School of Computing {coop, warcher, eeide, regehr@cs.utah.edu Intel Research, Berkeley
More informationEliminating Stack Overflow by Abstract Interpretation
Eliminating Stack Overflow by Abstract Interpretation Paper by John Regehr, Alastair Reid, and Kirk Webb ACM Transactions on Embedded Computing Systems, Nov 005 Truong Nghiem nghiem@seas.upenn.edu Outline
More informationRandom Testing of Interrupt-Driven Software. John Regehr University of Utah
Random Testing of Interrupt-Driven Software John Regehr University of Utah Integrated stress testing and debugging Random interrupt testing Source-source transformation Static stack analysis Semantics
More informationKernel Synchronization I. Changwoo Min
1 Kernel Synchronization I Changwoo Min 2 Summary of last lectures Tools: building, exploring, and debugging Linux kernel Core kernel infrastructure syscall, module, kernel data structures Process management
More informationAdding Preemption to TinyOS
1 Adding Preemption to TinyOS Cormac Duffy 1, Utz Roedig 2, John Herbert 1, Cormac J. Sreenan 1 1 Computer Science Department, University College Cork, Ireland 2 InfoLab21, Lancaster University, Lancaster
More informationSystem Architecture Directions for Networked Sensors[1]
System Architecture Directions for Networked Sensors[1] Secure Sensor Networks Seminar presentation Eric Anderson System Architecture Directions for Networked Sensors[1] p. 1 Outline Sensor Network Characteristics
More informationFoundations of the C++ Concurrency Memory Model
Foundations of the C++ Concurrency Memory Model John Mellor-Crummey and Karthik Murthy Department of Computer Science Rice University johnmc@rice.edu COMP 522 27 September 2016 Before C++ Memory Model
More informationOffline Compression for On-Chip RAM
Offline Compression for On-Chip RAM Nathan Cooprider John Regehr School of Computing, University of Utah {coop,regehr}@cs.utah.edu Abstract We present offline RAM compression, an automated source-tosource
More informationMemory Safety for Embedded Devices with nescheck
Memory Safety for Embedded Devices with nescheck Daniele MIDI, Mathias PAYER, Elisa BERTINO Purdue University AsiaCCS 2017 Ubiquitous Computing and Security Sensors and WSNs are pervasive Small + cheap
More informationTyped Assembly Language for Implementing OS Kernels in SMP/Multi-Core Environments with Interrupts
Typed Assembly Language for Implementing OS Kernels in SMP/Multi-Core Environments with Interrupts Toshiyuki Maeda and Akinori Yonezawa University of Tokyo Quiz [Environment] CPU: Intel Xeon X5570 (2.93GHz)
More informationContiki a Lightweight and Flexible Operating System for Tiny Networked Sensors
Contiki a Lightweight and Flexible Operating System for Tiny Networked Sensors Adam Dunkels, Björn Grönvall, Thiemo Voigt Swedish Institute of Computer Science IEEE EmNetS-I, 16 November 2004 Sensor OS
More informationPage 1. Last Time. Today. Embedded Compilers. Compiler Requirements. What We Get. What We Want
Last Time Today Low-level parts of the toolchain for embedded systems Linkers Programmers Booting an embedded CPU Debuggers JTAG Any weak link in the toolchain will hinder development Compilers: Expectations
More informationCS510 Advanced Topics in Concurrency. Jonathan Walpole
CS510 Advanced Topics in Concurrency Jonathan Walpole Threads Cannot Be Implemented as a Library Reasoning About Programs What are the valid outcomes for this program? Is it valid for both r1 and r2 to
More informationTinyOS. Lecture Overview. UC Berkeley Family of Motes. Mica2 and Mica2Dot. MTS300CA Sensor Board. Programming Board (MIB510) 1.
Lecture Overview TinyOS Computer Network Programming Wenyuan Xu 1 2 UC Berkeley Family of Motes Mica2 and Mica2Dot ATmega128 CPU Self-programming 128KB Instruction EEPROM 4KB Data EEPROM Chipcon CC1000
More informationSecure Virtual Architecture. John Criswell University of Illinois at Urbana- Champaign
Secure Virtual Architecture John Criswell University of Illinois at Urbana- Champaign Secure Virtual Machine Software LLVA VM Hardware Virtual ISA Native ISA What is it? A compiler-based virtual machine
More informationChimera: Hybrid Program Analysis for Determinism
Chimera: Hybrid Program Analysis for Determinism Dongyoon Lee, Peter Chen, Jason Flinn, Satish Narayanasamy University of Michigan, Ann Arbor - 1 - * Chimera image from http://superpunch.blogspot.com/2009/02/chimera-sketch.html
More informationParallelism Marco Serafini
Parallelism Marco Serafini COMPSCI 590S Lecture 3 Announcements Reviews First paper posted on website Review due by this Wednesday 11 PM (hard deadline) Data Science Career Mixer (save the date!) November
More informationSystem Architecture Directions for Networked Sensors. Jason Hill et. al. A Presentation by Dhyanesh Narayanan MS, CS (Systems)
System Architecture Directions for Networked Sensors Jason Hill et. al. A Presentation by Dhyanesh Narayanan MS, CS (Systems) Sensor Networks Key Enablers Moore s s Law: More CPU Less Size Less Cost Systems
More informationField Analysis. Last time Exploit encapsulation to improve memory system performance
Field Analysis Last time Exploit encapsulation to improve memory system performance This time Exploit encapsulation to simplify analysis Two uses of field analysis Escape analysis Object inlining April
More informationHardware Support for a Wireless Sensor Network Virtual Machine
Hardware Support for a Wireless Sensor Network Virtual Machine Hitoshi Oi The University of Aizu February 13, 2008 Mobilware 2008, Innsbruck, Austria Outline Introduction to the Wireless Sensor Network
More informationLazy Preemption to Enable Path-Based Analysis of Interrupt-Driven Code
Lazy Preemption to Enable Path-Based Analysis of Interrupt-Driven Code Wei Le, Jing Yang, Mary Lou Soffa and Kamin Whitehouse Department of Computer Science University of Virginia Charlottesville, Virginia
More informationFrom IMP to Java. Andreas Lochbihler. parts based on work by Gerwin Klein and Tobias Nipkow ETH Zurich
From IMP to Java Andreas Lochbihler ETH Zurich parts based on work by Gerwin Klein and Tobias Nipkow 2015-07-14 1 Subtyping 2 Objects and Inheritance 3 Multithreading 1 Subtyping 2 Objects and Inheritance
More informationThreads SPL/2010 SPL/20 1
Threads 1 Today Processes and Scheduling Threads Abstract Object Models Computation Models Java Support for Threads 2 Process vs. Program processes as the basic unit of execution managed by OS OS as any
More informationY-THREADS: SUPPORTING CONCURRENCY IN WIRELESS SENSOR NETWORKS
Y-THREADS: SUPPORTING CONCURRENCY IN WIRELESS SENSOR NETWORKS Christopher Nitta 1, Raju Pandey 1, and Yann Ramin 1 1 Department of Computer Science University of California, Davis Davis, CA 95616 {nitta,
More informationEffective Data-Race Detection for the Kernel
Effective Data-Race Detection for the Kernel John Erickson, Madanlal Musuvathi, Sebastian Burckhardt, Kirk Olynyk Microsoft Research Presented by Thaddeus Czauski 06 Aug 2011 CS 5204 2 How do we prevent
More informationGroup Members: Chetan Fegade Nikhil Mascarenhas. Mentor: Dr. Yann Hang Lee
Group Members: Chetan Fegade Nikhil Mascarenhas Mentor: Dr. Yann Hang Lee 1. Introduction 2. TinyGALS programming model 3. TinyOS 4. NesC 5. Middleware 6. Conclusion 7. References 8. Q & A Event driven
More informationIn examining performance Interested in several things Exact times if computable Bounded times if exact not computable Can be measured
System Performance Analysis Introduction Performance Means many things to many people Important in any design Critical in real time systems 1 ns can mean the difference between system Doing job expected
More informationNotos: Efficient Emulation of Wireless Sensor Networks with Binary-to-Source Translation
Schützenbahn 70 45127 Essen, Germany Notos: Efficient Emulation of Wireless Sensor Networks with Binary-to-Source Translation Robert Sauter, Sascha Jungen, Richard Figura, and Pedro José Marrón, Germany
More informationMiddleware for Sensor Networks
Middleware for Sensor Networks Krzysztof Piotrowski piotrowski@ihp-ffo.de Background Application Middleware Sensor Network Application Middleware Sensor Network Middleware for Sensor Networks 2 Middleware
More informationParallel Programming Principle and Practice. Lecture 9 Introduction to GPGPUs and CUDA Programming Model
Parallel Programming Principle and Practice Lecture 9 Introduction to GPGPUs and CUDA Programming Model Outline Introduction to GPGPUs and Cuda Programming Model The Cuda Thread Hierarchy / Memory Hierarchy
More informationSynchronization. CS61, Lecture 18. Prof. Stephen Chong November 3, 2011
Synchronization CS61, Lecture 18 Prof. Stephen Chong November 3, 2011 Announcements Assignment 5 Tell us your group by Sunday Nov 6 Due Thursday Nov 17 Talks of interest in next two days Towards Predictable,
More informationCSE 374 Programming Concepts & Tools
CSE 374 Programming Concepts & Tools Hal Perkins Fall 2017 Lecture 22 Shared-Memory Concurrency 1 Administrivia HW7 due Thursday night, 11 pm (+ late days if you still have any & want to use them) Course
More informationLecture 2: September 9
CMPSCI 377 Operating Systems Fall 2010 Lecture 2: September 9 Lecturer: Prashant Shenoy TA: Antony Partensky & Tim Wood 2.1 OS & Computer Architecture The operating system is the interface between a user
More informationCaching and reliability
Caching and reliability Block cache Vs. Latency ~10 ns 1~ ms Access unit Byte (word) Sector Capacity Gigabytes Terabytes Price Expensive Cheap Caching disk contents in RAM Hit ratio h : probability of
More informationProgramming Sensor Networks
Programming Sensor Networks Distributed Computing Group Nicolas Burri Pascal von Rickenbach Overview TinyOS Platform Program Development Current Projects MOBILE COMPUTING 2 Sensor Nodes System Constraints
More informationnesc Prof. Chenyang Lu How should network msg be handled? Too much memory for buffering and threads
nesc Prof. Chenyang Lu CSE 521S 1 How should network msg be handled? Socket/TCP/IP? Too much memory for buffering and threads Data buffered in network stack until application threads read it Application
More informationLast 2 Classes: Introduction to Operating Systems & C++ tutorial. Today: OS and Computer Architecture
Last 2 Classes: Introduction to Operating Systems & C++ tutorial User apps OS Virtual machine interface hardware physical machine interface An operating system is the interface between the user and the
More informationCoping with Immutable Data in a JVM for Embedded Real-Time Systems. Christoph Erhardt, Simon Kuhnle, Isabella Stilkerich, Wolfgang Schröder-Preikschat
The final Frontier Coping with Immutable Data in a JVM for Embedded Real-Time Systems Christoph Erhardt, Simon Kuhnle, Isabella Stilkerich, Wolfgang Schröder-Preikschat https://www4.cs.fau.de/research/keso/
More informationComputation Abstractions. Processes vs. Threads. So, What Is a Thread? CMSC 433 Programming Language Technologies and Paradigms Spring 2007
CMSC 433 Programming Language Technologies and Paradigms Spring 2007 Threads and Synchronization May 8, 2007 Computation Abstractions t1 t1 t4 t2 t1 t2 t5 t3 p1 p2 p3 p4 CPU 1 CPU 2 A computer Processes
More informationCauses of Software Failures
Causes of Software Failures Hardware Faults Permanent faults, e.g., wear-and-tear component Transient faults, e.g., bit flips due to radiation Software Faults (Bugs) (40% failures) Nondeterministic bugs,
More informationCS 31: Introduction to Computer Systems : Threads & Synchronization April 16-18, 2019
CS 31: Introduction to Computer Systems 22-23: Threads & Synchronization April 16-18, 2019 Making Programs Run Faster We all like how fast computers are In the old days (1980 s - 2005): Algorithm too slow?
More informationSecure Virtual Architecture: Using LLVM to Provide Memory Safety to the Entire Software Stack
Secure Virtual Architecture: Using LLVM to Provide Memory Safety to the Entire Software Stack John Criswell, University of Illinois Andrew Lenharth, University of Illinois Dinakar Dhurjati, DoCoMo Communications
More informationCS 571 Operating Systems. Midterm Review. Angelos Stavrou, George Mason University
CS 571 Operating Systems Midterm Review Angelos Stavrou, George Mason University Class Midterm: Grading 2 Grading Midterm: 25% Theory Part 60% (1h 30m) Programming Part 40% (1h) Theory Part (Closed Books):
More informationMotivation & examples Threads, shared memory, & synchronization
1 Motivation & examples Threads, shared memory, & synchronization How do locks work? Data races (a lower level property) How do data race detectors work? Atomicity (a higher level property) Concurrency
More informationVirtual Machine Design
Virtual Machine Design Lecture 4: Multithreading and Synchronization Antero Taivalsaari September 2003 Session #2026: J2MEPlatform, Connected Limited Device Configuration (CLDC) Lecture Goals Give an overview
More informationProfiling & Optimization
Lecture 18 Sources of Game Performance Issues? 2 Avoid Premature Optimization Novice developers rely on ad hoc optimization Make private data public Force function inlining Decrease code modularity removes
More informationCSE 451: Operating Systems Winter Lecture 7 Synchronization. Steve Gribble. Synchronization. Threads cooperate in multithreaded programs
CSE 451: Operating Systems Winter 2005 Lecture 7 Synchronization Steve Gribble Synchronization Threads cooperate in multithreaded programs to share resources, access shared data structures e.g., threads
More informationSynchronization I. Jo, Heeseung
Synchronization I Jo, Heeseung Today's Topics Synchronization problem Locks 2 Synchronization Threads cooperate in multithreaded programs To share resources, access shared data structures Also, to coordinate
More informationConcurrent Programming in the D Programming Language. by Walter Bright Digital Mars
Concurrent Programming in the D Programming Language by Walter Bright Digital Mars Introduction What is sequential consistency across threads? What are the problems with it? D features that mitigate those
More informationnesc Ø Programming language for TinyOS and applications Ø Support TinyOS components Ø Whole-program analysis at compile time Ø Static language
nesc Ø Programming language for TinyOS and applications Ø Support TinyOS components Ø Whole-program analysis at compile time q Improve robustness: detect race conditions q Optimization: function inlining
More informationLast Time. Think carefully about whether you use a heap Look carefully for stack overflow Especially when you have multiple threads
Last Time Cost of nearly full resources RAM is limited Think carefully about whether you use a heap Look carefully for stack overflow Especially when you have multiple threads Embedded C Extensions for
More informationAVR Microcontrollers Architecture
ก ก There are two fundamental architectures to access memory 1. Von Neumann Architecture 2. Harvard Architecture 2 1 Harvard Architecture The term originated from the Harvard Mark 1 relay-based computer,
More informationLecture 14 Pointer Analysis
Lecture 14 Pointer Analysis Basics Design Options Pointer Analysis Algorithms Pointer Analysis Using BDDs Probabilistic Pointer Analysis [ALSU 12.4, 12.6-12.7] Phillip B. Gibbons 15-745: Pointer Analysis
More informationECE 471 Embedded Systems Lecture 2
ECE 471 Embedded Systems Lecture 2 Vince Weaver http://web.eece.maine.edu/~vweaver vincent.weaver@maine.edu 7 September 2018 Announcements Reminder: The class notes are posted to the website. HW#1 will
More informationCPSC/ECE 3220 Fall 2017 Exam Give the definition (note: not the roles) for an operating system as stated in the textbook. (2 pts.
CPSC/ECE 3220 Fall 2017 Exam 1 Name: 1. Give the definition (note: not the roles) for an operating system as stated in the textbook. (2 pts.) Referee / Illusionist / Glue. Circle only one of R, I, or G.
More information7/6/2015. Motivation & examples Threads, shared memory, & synchronization. Imperative programs
Motivation & examples Threads, shared memory, & synchronization How do locks work? Data races (a lower level property) How do data race detectors work? Atomicity (a higher level property) Concurrency exceptions
More informationCling: A Memory Allocator to Mitigate Dangling Pointers. Periklis Akritidis
Cling: A Memory Allocator to Mitigate Dangling Pointers Periklis Akritidis --2010 Use-after-free Vulnerabilities Accessing Memory Through Dangling Pointers Techniques : Heap Spraying, Feng Shui Manual
More informationHazard Pointers. Number of threads unbounded time to check hazard pointers also unbounded! difficult dynamic bookkeeping! thread B - hp1 - hp2
Hazard Pointers Store pointers of memory references about to be accessed by a thread Memory allocation checks all hazard pointers to avoid the ABA problem thread A - hp1 - hp2 thread B - hp1 - hp2 thread
More informationDeadlock CS 241. March 19, University of Illinois
Deadlock CS 241 March 19, 2014 University of Illinois Slides adapted in part from material accompanying Bryant & O Hallaron, Computer Systems: A Programmer's Perspective, 2/E 1 The Dining Philosophers
More informationCS533 Concepts of Operating Systems. Jonathan Walpole
CS533 Concepts of Operating Systems Jonathan Walpole Introduction to Threads and Concurrency Why is Concurrency Important? Why study threads and concurrent programming in an OS class? What is a thread?
More informationProfiling & Optimization
Lecture 11 Sources of Game Performance Issues? 2 Avoid Premature Optimization Novice developers rely on ad hoc optimization Make private data public Force function inlining Decrease code modularity removes
More informationMEMMU: Memory Expansion for MMU-Less Embedded Systems
MEMMU: Memory Expansion for MMU-Less Embedded Systems LAN S. BAI, LEI YANG, and ROBERT P. DICK Northwestern University Random access memory (RAM) is tightly constrained in the least expensive, lowest-power
More informationUnder the Compiler's Hood: Supercharge Your PLAYSTATION 3 (PS3 ) Code. Understanding your compiler is the key to success in the gaming world.
Under the Compiler's Hood: Supercharge Your PLAYSTATION 3 (PS3 ) Code. Understanding your compiler is the key to success in the gaming world. Supercharge your PS3 game code Part 1: Compiler internals.
More informationSPIN, PETERSON AND BAKERY LOCKS
Concurrent Programs reasoning about their execution proving correctness start by considering execution sequences CS4021/4521 2018 jones@scss.tcd.ie School of Computer Science and Statistics, Trinity College
More informationMULTITHREADING AND SYNCHRONIZATION. CS124 Operating Systems Fall , Lecture 10
MULTITHREADING AND SYNCHRONIZATION CS124 Operating Systems Fall 2017-2018, Lecture 10 2 Critical Sections Race conditions can be avoided by preventing multiple control paths from accessing shared state
More informationARM Processors for Embedded Applications
ARM Processors for Embedded Applications Roadmap for ARM Processors ARM Architecture Basics ARM Families AMBA Architecture 1 Current ARM Core Families ARM7: Hard cores and Soft cores Cache with MPU or
More informationHybrid Static-Dynamic Analysis for Statically Bounded Region Serializability
Hybrid Static-Dynamic Analysis for Statically Bounded Region Serializability Aritra Sengupta, Swarnendu Biswas, Minjia Zhang, Michael D. Bond and Milind Kulkarni ASPLOS 2015, ISTANBUL, TURKEY Programming
More informationCSE 451: Operating Systems Winter Lecture 7 Synchronization. Hank Levy 412 Sieg Hall
CSE 451: Operating Systems Winter 2003 Lecture 7 Synchronization Hank Levy Levy@cs.washington.edu 412 Sieg Hall Synchronization Threads cooperate in multithreaded programs to share resources, access shared
More informationDieHard: Probabilistic Memory Safety for Unsafe Programming Languages
DieHard: Probabilistic Memory Safety for Unsafe Programming Languages Emery Berger University of Massachusetts Amherst Ben Zorn Microsoft Research Problems with Unsafe Languages C, C++: pervasive apps,
More informationCS 31: Intro to Systems Threading & Parallel Applications. Kevin Webb Swarthmore College November 27, 2018
CS 31: Intro to Systems Threading & Parallel Applications Kevin Webb Swarthmore College November 27, 2018 Reading Quiz Making Programs Run Faster We all like how fast computers are In the old days (1980
More informationLearning from Executions
Learning from Executions Dynamic analysis for program understanding and software engineering Michael D. Ernst and Jeff H. Perkins November 7, 2005 Tutorial at ASE 2005 Outline What is dynamic analysis?
More informationStackless Preemptive Threads for TinyOS
Stackless Preemptive s for TinyOS William P. McCartney and Nigamanth Sridhar Electrical and Computer Engineering Cleveland State University Cleveland OH 44115 USA Email: {w.p.mccartney,n.sridhar1}@csuohio.edu
More informationUNIVERSITY OF CALIFORNIA. Los Angeles. Avrora. The AVR Simulation and Analysis Framework. A thesis submitted in partial satisfaction
UNIVERSITY OF CALIFORNIA Los Angeles Avrora The AVR Simulation and Analysis Framework A thesis submitted in partial satisfaction of the requirements for the degree Master of Science in Computer Science
More informationKESO Functional Safety and the Use of Java in Embedded Systems
KESO Functional Safety and the Use of Java in Embedded Systems Isabella S1lkerich, Bernhard Sechser Embedded Systems Engineering Kongress 05.12.2012 Lehrstuhl für Informa1k 4 Verteilte Systeme und Betriebssysteme
More informationSelf-Organization in Autonomous Sensor/Actuator Networks [SelfOrg]
Self-Organization in Autonomous Sensor/Actuator Networks [SelfOrg] Dr.-Ing. Falko Dressler Computer Networks and Communication Systems Department of Computer Sciences University of Erlangen-Nürnberg http://www7.informatik.uni-erlangen.de/~dressler/
More informationCS527 Software Security
Security Policies Purdue University, Spring 2018 Security Policies A policy is a deliberate system of principles to guide decisions and achieve rational outcomes. A policy is a statement of intent, and
More informationWebAssembly what? why? whither? Ben L. Titzer Andreas Rossberg Google Germany
WebAssembly what? why? whither? Ben L. Titzer Andreas Rossberg Google Germany What is WebAssembly? A portable, compact, binary code format Low-level execution model with native unboxed types Suitable as
More informationWireless Sensor Networks and RFIDs
Wireless Sensor Networks and RFIDs Robert Dick http://robertdick.org/sensor-nets/ Department of Electrical Engineering and Computer Science Northwestern University L477 Tech. Typical Current Draw 1 sec
More informationLecture 5: Synchronization w/locks
Lecture 5: Synchronization w/locks CSE 120: Principles of Operating Systems Alex C. Snoeren Lab 1 Due 10/19 Threads Are Made to Share Global variables and static objects are shared Stored in the static
More informationLecture 27. Pros and Cons of Pointers. Basics Design Options Pointer Analysis Algorithms Pointer Analysis Using BDDs Probabilistic Pointer Analysis
Pros and Cons of Pointers Lecture 27 Pointer Analysis Basics Design Options Pointer Analysis Algorithms Pointer Analysis Using BDDs Probabilistic Pointer Analysis Many procedural languages have pointers
More informationTitanium. Titanium and Java Parallelism. Java: A Cleaner C++ Java Objects. Java Object Example. Immutable Classes in Titanium
Titanium Titanium and Java Parallelism Arvind Krishnamurthy Fall 2004 Take the best features of threads and MPI (just like Split-C) global address space like threads (ease programming) SPMD parallelism
More informationLecture 20 Pointer Analysis
Lecture 20 Pointer Analysis Basics Design Options Pointer Analysis Algorithms Pointer Analysis Using BDDs Probabilistic Pointer Analysis (Slide content courtesy of Greg Steffan, U. of Toronto) 15-745:
More informationA Deterministic Concurrent Language for Embedded Systems
A Deterministic Concurrent Language for Embedded Systems Stephen A. Edwards Columbia University Joint work with Olivier Tardieu SHIM:A Deterministic Concurrent Language for Embedded Systems p. 1/38 Definition
More informationCall Paths for Pin Tools
, Xu Liu, and John Mellor-Crummey Department of Computer Science Rice University CGO'14, Orlando, FL February 17, 2014 What is a Call Path? main() A() B() Foo() { x = *ptr;} Chain of function calls that
More informationStanford University Computer Science Department CS 295 midterm. May 14, (45 points) (30 points) total
Stanford University Computer Science Department CS 295 midterm May 14, 2008 This is an open-book exam. You have 75 minutes. Write all of your answers directly on the paper. Make your answers as concise
More informationCSE409, Rob Johnson, Alin Tomescu, November 11 th, 2011 Buffer overflow defenses
Buffer overflow defenses There are two categories of buffer-overflow defenses: - Make it hard for the attacker to exploit buffer overflow o Address space layout randomization o Model checking to catch
More informationNumerical Static Analysis of Interrupt-Driven Programs via Sequentialization
Numerical Static Analysis of Interrupt-Driven Programs via Sequentialization Xueguang Wu 1 Liqian Chen 1 Antoine Miné 2 Wei Dong 1 Ji Wang 1 1 National University of Defense Technology, Changsha, China
More informationVersatile Stack Management for Multitasking Sensor Networks
2010 International Conference on Distributed Computing Systems Versatile Stack Management for Multitasking Sensor Networks Rui Chu 1,LinGu 2, Yunhao Liu 2,3,MoLi 2, Xicheng Lu 1 1 National Laboratory for
More information18-349: Embedded Real-Time Systems Lecture 2: ARM Architecture
18-349: Embedded Real-Time Systems Lecture 2: ARM Architecture Anthony Rowe Electrical and Computer Engineering Carnegie Mellon University Basic Computer Architecture Embedded Real-Time Systems 2 Memory
More informationWireless sensor networks dynamic runtime configuration
Wireless sensor networks dynamic runtime configuration Stefan Dulman 1, Tjerk Hofmeijer 2, Paul Havinga 1 1 EEMCS Faculty, Twente University 2 Ambient Systems, the Netherlands P.O.Box 217, 7500AE, Enschede,
More informationStatic and Dynamic Program Analysis: Synergies and Applications
Static and Dynamic Program Analysis: Synergies and Applications Mayur Naik Intel Labs, Berkeley CS 243, Stanford University March 9, 2011 Today s Computing Platforms Trends: parallel cloud mobile Traits:
More informationMemory Architectures. Hongwei Zhang. Chapter 9
Chapter 9 Memory Architectures Hongwei Zhang http://www.cs.wayne.edu/~hzhang/ Ack.: this lecture is prepared in part based on slides of Lee, Sangiovanni-Vincentelli, and Seshia. Role of Memory in Embedded
More informationCooperative Memory Management in Embedded Systems
ooperative Memory Management in Embedded Systems, Philip Taffner, hristoph Erhardt, hris7an Dietrich, Michael S7lkerich Department of omputer Science 4 Distributed Systems and Opera7ng Systems 1 2 Motivation
More informationCMSC 330: Organization of Programming Languages
CMSC 330: Organization of Programming Languages Memory Management and Garbage Collection CMSC 330 - Spring 2013 1 Memory Attributes! Memory to store data in programming languages has the following lifecycle
More informationA Deterministic Concurrent Language for Embedded Systems
A Deterministic Concurrent Language for Embedded Systems Stephen A. Edwards Columbia University Joint work with Olivier Tardieu SHIM:A Deterministic Concurrent Language for Embedded Systems p. 1/30 Definition
More informationA Serializability Violation Detector for Shared-Memory Server Programs
A Serializability Violation Detector for Shared-Memory Server Programs Min Xu Rastislav Bodík Mark Hill University of Wisconsin Madison University of California, Berkeley Serializability Violation Detector:
More informationOperating Systems. Synchronization
Operating Systems Fall 2014 Synchronization Myungjin Lee myungjin.lee@ed.ac.uk 1 Temporal relations Instructions executed by a single thread are totally ordered A < B < C < Absent synchronization, instructions
More information