1. 12 Aug, 2015 1 commit
    • Christian Dietrich's avatar
      generator/SSE: alternative SSE with APP-FSM · b5016fc8
      Christian Dietrich authored
      The symbolic system execution is now able to enumerate all possible
      system states with two different approaches. Either we can use the "old"
      version which uses states with blocks to be executed in the next step,
      like it is described in LCTES'15 (Dietrich et. al).
      Or we can use the application finite state machines as basis. These
      state machines are smaller (lesser nodes) than the application's
      CFG. They are based on the task's ICFG.
      Change-Id: I05e050ed3f39bd18ecf86b4d7bb423b4ce0825e0
  2. 06 May, 2015 1 commit
  3. 18 Mar, 2015 2 commits
    • Christian Dietrich's avatar
      generator: oil reading and llvmpy reading as passes · 29712a1c
      Christian Dietrich authored
      Reading the OIL file and the llvmpy basic blocks is done in
      passes. Therefore, we can omit them in the future, if wanted.
      Change-Id: Ideef98fc1d9a74af498c522b1509a9d9f2289c92
    • Christian Dietrich's avatar
      generator: big refactoring · 225fb0b0
      Christian Dietrich authored
      Rename all parts in a more logical way. The generator is now divided
      into three main parts:
        - analysis: Generate GCFG and State Transition graph
        - transform: Generate Assertions, CFG Regions, FSMs
        - coder: bring the information collected in the previous steps down to
                 the code.
      Change-Id: I5cfd48f6a8d195c30b16b425eda010d9b0405dcd
  4. 11 Mar, 2015 1 commit
    • Christian Dietrich's avatar
      FSM: Adapt Semantic to make fsm coder possible · afdc8a91
      Christian Dietrich authored
      In order to use a finite state automata as OS implementation, I had to
      adjust major parts of the interrupt semantic. Also was the
      FiniteStateMachineBuilder flawed, but seems to work now. I could
      successfully encode almost all posix test-cases (including
      bench-coptermock) as state machines.
      Change-Id: Ie5ce6ab4e3f282fa3044026e3ef4f5c8d773b3a3
  5. 16 Feb, 2015 1 commit
  6. 27 Jan, 2015 1 commit
    • Christian Dietrich's avatar
      Improved statistics · c7c5c808
      Christian Dietrich authored
      - Do not measure the statistics in the pass run time.
      - Use the ISR count that can fire at one ABB to calculate
        edge-count:oil-static. This allows system annotations to be considered
        in this number.
      - Only count "natural blocks" as abb-count. Natural blocks are existing
        in the application and reachable in the GCFG.
      - In the fully connected graph self loops are allowed
      Change-Id: Icb28b2d7b1b04e9c075e2c756893505d7e60d5dc
  7. 26 Jan, 2015 1 commit
  8. 15 Jan, 2015 1 commit
    • Christian Dietrich's avatar
      generator: large refactoring · 6eb3afdc
      Christian Dietrich authored
      - SystemGraph: proper accessors for system objects
        .tasks | .subtasks | .alarms | .find() | .get()
      - SystemObject: abstract class for all system objects
        A system object has a configuration and an implementation and
        stores everything we know about a certain entity.
      Change-Id: Ia42d83f8d826aa22eeddf0d06206c197f48fb966
  9. 09 Jan, 2015 1 commit
    • Sebastian Rachuj's avatar
      Generator support for the dependability service · 689dd28c
      Sebastian Rachuj authored
      Offers the implementation of the generator and all necessary changes
      to the dependability service and the example application.
      - Remove implementation specific code that is now handled by the
      - Add a description of the CheckedObject to osekossystem.xml
      - Move the type declaration to an extra header file (type.h). This
        file is referenced in the xml description to offer a way to define
        many types at once.
      Dependability Service:
      - Add extern declarations to variables which the generator will
      - Adjust acquire and release interface to work on indices instead of
      - Declare external OSEKOS_* functions.
      - Fill the dependability queue before entering the infinite loop.
        (This might require a change when features like anti scheduling are
      - Make CheckedObject interface known to the generator.
      - Replace CheckedObject syscalls to call the appropriate function with
        the appropriate CheckedObject index.
      - Extract values from the osek_dom and hand them on to where they are
      - Generate variables into the source file:
          - OS_all_CheckedObjects: An array statically containing all
          - OS_all_CheckedObjects_size: The size of this array.
          - OS_*_CheckedObject_Index: The index of CheckedObject named "*"
                                      in the array.
      - Include the header of the dependability service and of the headers
        the user defined which contain the types.
      Change-Id: I4c31c5868d695a2fea61bc7356aad9a6d8162854
  10. 02 Dec, 2014 1 commit
    • Christian Dietrich's avatar
      state-flow: make analysis more efficient · de34104c
      Christian Dietrich authored
      We do not spawn a sub-flow analysis for every computation block, for
      every sporadic event, but we calculate the influence of the sporadic
      event once and "mask" it onto the incomming system state when triggered
      the sporadic event.
      This is possible, because not all system calls are allowed in ISR2s.
      Change-Id: I2d7e04d37039e663e7838207ab6e9d12356ad4d7
  11. 21 Nov, 2014 1 commit
    • Christian Dietrich's avatar
      generator: AdvanceCounter and GetAlarm · 0cbe8b31
      Christian Dietrich authored
      Implement two new system calls that increment the counter from the
      userspace and allow the access to the remaining ticks on a counter.
      Change-Id: I628f500200ab22b703dc8619e09879d11a52aa2c
  12. 03 Sep, 2014 1 commit
    • Martin Hoffmann's avatar
      ABB graph generation via LLVMPY · 948354de
      Martin Hoffmann authored
      To get away from the RTSC dependencies, the ABB graph generation
      is performed via the python LLVM bindings.
      To test the current state, call: main.py -l<list of .ll files>
      Example: main.py -l main.ll,foo.ll,bar.ll
      Current state:
          - Source modules are linked
          - Basic blocks are splitted at call or invoke instructions
          - BB successors found
          - call to kickoff at each subtask entry
          - Setup all control-flow edges
          - Integrate into rest of the generator framework
          - Add unique ABB suffix to all system calls
          - Output adapted IR to build with suffixed Syscalls
          - Optimize runtime
          - Code cleaned up
          - Starting ABB mergeing, added method for merging ABBS
          - Linear ABB merge looks good
          - Merge if / if-else patterns
          - Hope for the best
      Change-Id: Ia23d4b84cdc93a349ec0ba6b0497c74a8c22b560
  13. 24 Jun, 2014 2 commits
  14. 20 Jun, 2014 1 commit
  15. 16 Jun, 2014 1 commit
  16. 26 Mar, 2014 1 commit
    • Christian Dietrich's avatar
      coptermock: sample application · 3fb980ae
      Christian Dietrich authored
      The coptermock application is ported from ciao (without events) to have
      an sample application, that we can use as a "big" evalutation system.
      Change-Id: I29a34eef2e0f40bf83888b5ff4fdad6cca1cea7c
  17. 03 Mar, 2014 1 commit
    • Christian Dietrich's avatar
      generator: unify interrupt semantic for SSF and SSE · e8d3f6d0
      Christian Dietrich authored
      The interrupt semantic of SSF and SSE differred significantly. Now the
      symbolic execution graph is fixed to bend interrupt entry states to the
      interrupt exit states. This mimics the same semantic as state flow pass.
      Change-Id: I8fc9e45cdc2a7eb5f7a5e012c6d678b8feefceb3
  18. 01 Mar, 2014 2 commits
  19. 28 Feb, 2014 2 commits
    • Christian Dietrich's avatar
      generator/sysmodel: promise-serialized · aaa47233
      Christian Dietrich authored
      Let the user promise, that all subtasks in a task have to be at least
      maybe suspended in order to retrigger it again. This will greatly
      improve the handling of interrupts and alarms. We have to assume further
      assertions for the fact that (period == deadline).
      Change-Id: Ifab1a2559cf40bc6cb398e2e9e393d57695df7ff
    • Christian Dietrich's avatar
      generator: support disabling and re-enabling of IRQs · dd5bf0b3
      Christian Dietrich authored
      The information whether the interrupts are currently enabled or disabled
      should (see OSEK specification) never leave the task-level control
      flow. Therefore we can statically (like in the Resource optimization)
      assign the blocking information for each ABB. The generator then
      generates then Machine::{dis,en}able_interrupts() calls only when an
      protected area is entered.
      Change-Id: I8db9e0828367d0d1410710f8e877ca04223c2ab3
  20. 21 Feb, 2014 5 commits
  21. 20 Feb, 2014 3 commits
    • Christian Dietrich's avatar
      generator: new ABB kickoff · 1b9c8b0a
      Christian Dietrich authored
      Since we now return in all cases to the computation block we were
      interrupted by a sporadic event, we could no longer distinguish between
      the start and the preemption of a subtask. A new block kickoff in front
      of the first computatation block makes this possible. This will unbreak alarm1f
      Change-Id: I234bcd9fc1404b5b513ab2b929dc33edfd0b84c8
    • Christian Dietrich's avatar
      generator/SSE: fix function calling · 2a7aef9c
      Christian Dietrich authored
      For the symbolic execution we can carry a calling stack with us, which
      allows precise returns from function. The graph construction done in
      AddFunction is only useful for the RunningTask analysis.
      Change-Id: I98ce0429aa7857ffbea4b9b14612def113b7f0cf
    • Christian Dietrich's avatar
      SSE: improve global cfg with the symbolic system execution · 303b9eab
      Christian Dietrich authored
      The from the symbolic system execution also a global control flow graph
      can be obtained. The global cfg is now improved by that analysis
      step. We remove edges that are not found in the symbolic system
      Change-Id: I75f5a48d48d68a88bbbbe648f5d5a815cbe1e032
  22. 19 Feb, 2014 2 commits
    • Christian Dietrich's avatar
      generator: refactoring of graph analysis · 0b512971
      Christian Dietrich authored
      - break up SystemGraph and PassManager
      - Have a generic ISR implementation and not only the RunningTask
      - Each Alarm has an handler that calls ActivateTask
      Change-Id: Ib9a754791fe2522f3b0850af3ccb66431e305db0
    • Christian Dietrich's avatar
      generator: new pass SymbolicSystemExecution · c0413a3d
      Christian Dietrich authored
      The idea with symbolic system execution is to go all possible paths
      through the system without merging the states. The result of the SSE is
      a graph where system states are connected. Each system state exists only
      once in that graph, so there will be cycles.
      The goal of the SSE is to get a more precise picture of system
      transitions than with the dataflow analysis of the system state, since
      states are not merged, when more than one state flows into an
      ABB. Downside: It might and probably will (at least with ISRs) explode.
      Change-Id: Ie75217df26b048f9cc206391929b5c31ae58cd71
  23. 17 Feb, 2014 1 commit
    • Christian Dietrich's avatar
      generator: add --specialize for specialized system calls · 7e7e3c43
      Christian Dietrich authored
      The SpecializedSystemCalls backend exploits the RunningTask analysis to
      generate very specific code for exactly one system call. It uses the
      GlobalAbbInfo interface to allow a later plug'n replace of the
      RunningTask analysis, which is a data flow analysis by the symbolic
      execution of the system state.
      Until now only ActivateTask, TerminateTask and ChainTask are specialized
      and scheduling is only then specialized when only one other task is a
      possible next ABB.
      Change-Id: Ie46b9a03fb8cdddb00ec6940bc8d5a491bf58455
  24. 13 Feb, 2014 1 commit
  25. 11 Feb, 2014 1 commit
    • Christian Dietrich's avatar
      generator/analysis: bugfix in scheduling · 4083d627
      Christian Dietrich authored
      When a subtask is ready and has more than one continuation point with
      different dynamic priorities, we cannot be sure anymore that always the
      higher prior block is taken.
      The problem can be illustrated like this. Imagine you activate a higher
      prior task, once with an resource taken (prio 6) and once without the
      resource (prio 2). In both cases you're scheduled. Then your task is
      surely running, but it is not sure that you return that you return
      immediately to the successor of the higher prior task.
      Change-Id: I74272c8b9570619a3863bc65fb18c32c865d38e3
  26. 10 Feb, 2014 3 commits
    • Christian Dietrich's avatar
      generator: implement GetResource and ReleaseResource · 89d1b92f
      Christian Dietrich authored
      When Resources are used, different Atomic Basic Blocks in a subtask have
      different dynamic priorities. Therefore the scheduling and pruning
      algorithm in RunningTask had to be adapted. Now scheduling works as
      1. Find all possible continuation blocks for all possibly running tasks
      2. Sort them by dynamic priority.
      3. From the highest dynamic priority we take all priorities until, we
         find a surely running ABB (subtask is surely running)
      4. We dispatch to all those blocks.
      5. When all continuations of a task have higher priority than the
         dispatched block, we're sure that this block cannot be enabled,
         otherwise it would have been scheduled before.
      Change-Id: Iee9567623e6b9d23a5611bcc2b6d514468c2590e
    • Christian Dietrich's avatar
      generator: implement CancelAlarm · 01421a71
      Christian Dietrich authored
      CancelAlarm just sets the armed flag to false.
      Change-Id: Ia95017a3e267050884965f625f7001514d1908b7
    • Christian Dietrich's avatar
      generator: implement SetRelAlarm · f9b8b27b
      Christian Dietrich authored
      SetRelAlarm is the first systemcall, that really needs arguments from
      userspace, that are not always deducible from the task activation
      scheme. We encode the values on the userstack and pass a pointer to the
      encoded values to the kernelspace. The kernelspace only reads from those
      pointers, therefore we can expect no corrupting writes in outerspace.
      Change-Id: I908722b00581aacd20a5cd054939c74cbc534cef
  27. 28 Jan, 2014 1 commit