# Stack Size Analysis for Interrupt Driven Programs

Document Sample

```					Stack Size Analysis for
Interrupt Driven Programs
Static Analysis Symposium
San Diego, June 2003

Krishnendu Chatterjee, Di Ma,
Rupak Majumdar, Tian Zhao,
Thomas A Henzinger and Jens Palsberg
Interrupt Driven Programs
   Event Driven Programming
 Events cause interrupts

 Program reacts by executing interrupt handlers

   Interrupt Calculus [Ma and Palsberg: FTRTFT, 2002]
 Programs: A main loop and k interrupt handlers

 A k+1 bit Interrupt Mask Register (imr)

 A master bit (bit 0)

 A bit for every interrupt

Operational Semantics

a:program location

imr       1            …   1   …   interrupt i enabled

0                i

c

stack       b
Operational Semantics
interrupt i occurs

a:program location

imr       1           …    1   …

0                i

c

stack        b
Operational Semantics

a:program location

handler h(i)
0            …      1   …
imr                                  {
----
0                   i
----
.
.
a                        .
c                     }
stack    b
Operational Semantics

a:program location

handler h(i)
imr   0              …   .   …   {
----
0                  i
----
.
.
a                        .
iret
c                     }
stack    b
Operational Semantics

a:program location

handler h(i)
imr   1              …   .   …   {
----
0                  i
----
.
.
.
iret
c                     }
stack    b
Example: Priority Handlers
Handler1
Main
{
{
skip
iret
imr= imr or 111
}
Loop {
Handler2
imr= imr or 111
{
imr = imr and 110
}
imr = imr or 100
iret
}
}
A Common Error
Handler 1            Handler 2
{                    {
// do something      // do something
enable interrupt 2   enable interrupt 1
// do something      // do something
iret                 iret
}                    }
Stack Size Analysis
   Stack Boundedness
   Given a interrupt driven program is there is a finite
number m such that on all executions the stack
size is never greater than m?

   Exact Maximum Stack Size
   Given a interrupt driven program, if the stack is
bounded, what is the maximum size of the stack
achievable in any execution sequence?

   Assume worst case interrupt arrivals
Approach
   Abstraction
   Model only interrupt mask register (imr)
and program counter (pc)
   Abstract all other program variables

   Reduce stack size analysis for interrupt
driven programs to reachability
problems on (weighted) graphs
Classes of Interrupt Driven
Programs
   Monotonic Programs

   Monotonic Programs with tests on imr

   Non-monotonic programs
Results in this work
Class                  Problems         Complexity

Monotonic programs     Stack Bounded    NLOGSPACE-complete
Exact Max Size   PSPACE-complete

Monotonic with tests   Stack Bounded    PSPACE-complete
Exact Max Size   PSPACE-complete

Non-monotonic          Stack Bounded    PSPACE-hard, EXPTIME
programs               Exact Max Size   PSPACE-hard, EXPTIME
Monotonic Programs
Monotonic Programs

   When a handler is called with imrb and returns with
imrr then
imrr · imrb

   No conditional on imr allowed

Theorem: Stack boundedness for monotonic
programs can be checked in polynomial time
Algorithm:Stack Boundedness

    Build Enabled Graph:
1.   A node for every handler
2.   An edge between handler i and j if i
enables j

    Check for cycles in Enabled Graph
Edge in Enabled Graph
   Code for Handler h(i)
   {
----
----
imr = imr or 1…..
----                   No ( imr = imr and 0….)
----
imr = imr or ….1…. (j-th bit )
----
----
}
Edge in Enabled Graph
   Code for Handler h(i)
   {
----
----
imr = imr or ….1….. (j-th bit )
----                   No ( imr = imr and ….0….) (j-th bit )
----
imr = imr or 1….
----
----
}
Cycle in Enabled Graph
   Reachable Cycle ! Unbounded stack
j   Cycle c
i
k
i     j       k
0                                      Cycle c
Cycle C
j
i

0
Enabled Graph a DAG
   DAG ! Bounded stack
.
i
k   j   l         .

A predecessor
.
i             i

0
Stack Boundedness
   Theorem: A monotonic interrupt driven
program has a bounded stack iff the enabled
graph is a DAG.

   Polynomial algorithm:
   Linear in code length
   Quadratic in the number of handlers

   Complexity : Reachability and Cycle Testing –
NLOGSPACE
NLOGSPACE hardness
   NLOGSPACE Hard : Reachability in DAG :
(s,t) – t reachable from s
i       Code for Handler h(i)
{
disable all handler;
enable(j,k,l); [ enable successors]
l     enable-master bit;
j                       disable all handler;
k           }
   Code of Handler for t : Enables master bit and itself
   Stack unbounded iff t reachable
   Stack boundedness : NLOGSPACE complete
Exact Maximum Stack Size
   Theorem: The exact maximum stack size
problem for monotonic interrupt driven
programs is PSPACE-complete

   PSPACE-hardness – Reduction from QBF (quite
technical)
   Idea: The maximum size can be exponential in the
number of handlers even if the stack is bounded
   PSPACE: An algorithm for more general class
Monotonic Programs with
Tests
Monotonic Programs with
Tests
   Handlers are still monotonic : imrr · imrb

   Introduce conditionals based on imr in a
restrictive way
   if (i-th bit on ) imr =imr Ç c
   if (i-th bit off ) imr =imr Æ c

The above statements satisfy if imr1 · imr2 then
statement(imr1) · statement(imr2)
Exact Maximum Stack Size

   Theorem: The stack boundedness and exact maximum
stack size for monotonic programs with tests is in PSPACE

   Main insight: Maximum stack size is achievable in an
execution sequence with no handler returning

Handler calls          Handler return

Omi
t
imrr  imrb
Exact Maximum Stack Size
   PSPACE algorithm for stack boundedness and exact
maximum stack size:
   Graph with |PC| £ 2imr nodes
   Edges according to the semantics
   No edges from nodes corresponding to return (iret)
statements
    Edge representing calls have edge weight 1 and all other
have edge weight 0

   Check for cycle in the graph (for stack boundedness)
   If stack bounded then find Longest Length Path in a DAG
   Both the above procedures are in NLOGSPACE
Monotonic Programs with
Tests
   Stack Boundedness – PSPACE-hard
   Reduction: Deterministic PSPACE Turing Machine
M to Stack Boundedness problem
   Brief Idea:
   Each handler encode a tape cell of M
   In code of handlers with test it can encode
transition of M
   The accepting state handler enables master bit
and itself
   Stack unbounded iff accepting state not reachable
Monotonic Programs with
Tests
   Stack Boundedness is PSPACE-hard
   By reduction from deterministic PSPACE Turing
Machines
   So exact maximum stack size is also PSPACE-
hard

   Exact maximum stack size is in PSPACE
   So stack boundedness is also in PSPACE
Non-monotonic Programs
Non-monotonic Programs
   Programs can be non-monotonic and
statements not restricted in conditional
(handlers can be non-monotonic)
[Brylow, Damgaard and Palsberg:ICSE, 2001]
   The property that no handler returns in
between in the execution sequence to
achieve maximum stack size is not true
   We have to consider Context Free paths
Longest Context Free Paths

   We solve a quantitative problem on
Context Free Graphs: Longest path in a
Context Free DAG

   Apply it to solve stack boundedness and
exact maximum stack size
Context Free Graph
   A graph with edges labeled by a set of k
opening and corresponding matching
closing parenthesis
   Language generated by paths

M  M (i S          for 1 <= i <=k

S  (i S )i S | 
                for 1 <= i <=k
Context Free DAG
   Edge Weights
   Opening parenthesis has weight 1
   Closing parenthesis has weight -1
   All other edges have weight 0

   A CFG is a CF DAG if no context free
cycle has sum of edge weights >0
Longest Path in a CF DAG
   Longest Path in CF DAG : Given a CF DAG and
an ordering of the vertex v1,v2,…, vn find for all
vertex vi
val [vi ] =max {sum of edges weights
of  | such that  is a
context free path from vi to vn}
   Theorem: Longest Path in a CF DAG with n
nodes can be computed in O(n3)
Longest path in a CF DAG
   Algorithm
  1. For all vertex v
 Initialize val [v ]=0

  2.Compute the Context Free Transitive Closure (T)

   3.For j=1 to n
 3.1 for all immediate successors vi of vj with

edge weight >= 0 (not closing parenthesis)
val [vj] = max{ val [vj], val [vi] + wt(eji) }

   3.2 For all vertex vk if T(k,j) then
val [vk]= max{ val [vk], val [vj]}
Algorithm

val[vj] ¸ val[vi]+1    vj
vj                                    val[vj]¸ val[vi]
(

vi                             vi

vn
vn
Longest path in a CF DAG
   Algorithm
  1. For all vertex v
 Initialize val [v ]=0

  2.Compute the Context Free Transitive Closure (T)

   3.For j=1 to n
 3.1 for all immediate successors vi of vj with

edge weight >= 0 (not closing parenthesis)
val [vj] = max{ val [vj], val [vi] + wt(eji) }

   3.2 For all vertex vk if T(k,j) then
val [vk]= max{ val [vk], val [vj]}
Algorithm

vk    val[vk]¸ val[vj]

Context free path to vj

vj
Example
[0]
(1                         (2
[0]
[0]
)1
(3

[0]
[0]
[0]                                                 )3
(6                 )6
[0]
[0]

(5                                 (4
Example
[0]
(1                         (2
[0]
[0]
)1
(3

[0]
[0]
[0]                                                 )3
(6                 )6
[1]
[0]

(5                                 (4
Example
[1]
(1                         (2
[1]
[1]
)1
(3

[0]
[0]
[0]                                                 )3
(6                 )6
[1]
[0]

(5                                 (4
Example
[1]
(1                         (2
[1]
[1]
)1
(3

[0]
[0]
[0]                                                 )3
(6                 )6
[1]
[0]

(5                                 (4
Example
[1]
(1                         (2
[1]
[1]
)1
(3

[0]
[0]
[0]                                                 )3
(6                 )6
[1]
[0]

(5                                 (4
Example
[1]
(1                         (2
[1]
[1]
)1
(3

[0]
[0]
[0]                                                 )3
(6                 )6
[1]
[0]

(5                                 (4
Example
[1]
(1                         (2
[1]
[1]
)1
(3

[0]
[0]
[1]                                                 )3
(6                 )6
[1]
[0]

(5                                 (4
Example
[1]
(1                         (2
[1]
[1]
)1
(3

[1]
[1]
[1]                                                 )3
(6                 )6
[1]
[0]

(5                                 (4
Example
[1]
(1                         (2
[1]
[1]
)1
(3

[1]
[1]
[1]                                                 )3
(6                 )6
[1]
[0]

(5                                 (4
Example
[1]
(1                         (2
[2]
[1]
)1
(3

[1]
[1]
[1]                                                 )3
(6                 )6
[1]
[0]

(5                                 (4
Example
[2]
(1                         (2
[2]
[1]
)1
(3

[1]
[1]
[1]                                                 )3
(6                 )6
[1]
[0]

(5                                 (4
Example
[3]
(1                         (2
[2]
[1]
)1
(3

[1]
[1]
[1]                                                 )3
(6                 )6
[1]
[0]

(5                                 (4
Longest path in a CF DAG
   Algorithm
  1. For all vertex v
 Initialize val [v ]=0

  2.Compute the Context Free Transitive Closure (T)

   3.For j=1 to n
 3.1 for all immediate successors vi of vj with

edge weight >= 0 (not closing parenthesis)
val [vj] = max{ val [vj], val [vi] + wt(eji) }

   3.2 For all vertex vk if T(k,j) then
val [vk]= max{ val [vk], val [vj]}

•   Complexity : O(n3) – n is the number of vertices
Non-monotonic Programs
Stack Size
   Construct the whole state space context free
graph ( |PC| £ 2|imr| nodes)
    Check if there is a context free cycle with weight of
cycle >0 (If so, stack is unbounded )
   Find the Longest Context Free path in the CF DAG
   State Space Graph:
   Linear in code length
   Exponential in number of handlers

   Theorem: Stack boundedness and exact maximum
stack size for non-monotonic interrupt-driven
programs is in EXPTIME
Complexity Results
Class                  Problems         Complexity

Monotonic programs     Stack Bounded    NLOGSPACE-complete
Exact Max Size   PSPACE-complete

Monotonic with tests   Stack Bounded    PSPACE-complete
Exact Max Size   PSPACE-complete

Non-monotonic          Stack Bounded    PSPACE-hard, EXPTIME
programs               Exact Max Size   PSPACE-hard, EXPTIME
Hardness of Stack Bound
Check
   PSPACE hard
   EXPTIME algorithms

   Good News:
   Exponential in the number of handlers
   Polynomial in the code length
Conclusion
   Algorithms and Complexity bound for
Stack Size Analysis various classes of
Interrupt Driven Programs.
   Future Work :
   Implementation
   Interrupt Latency Analysis
   Bridge Complexity Gap
Questions?

http://www.eecs.berkeley.edu/~c_krish

```
DOCUMENT INFO
Shared By:
Categories:
Stats:
 views: 12 posted: 4/16/2009 language: English pages: 57
How are you planning on using Docstoc?