Formal Verification of Loop Bound Estimation for WCET Analysis

Worst-case execution time WCET estimation tools are complex pieces of software performing tasks such as computation on control flow graphs CFGs and bound calculation. In this paper, we present a formal verification in Coq of a loop bound estimation. It relies on program slicing and bound calculation. The work has been integrated into the CompCert verified C compiler. Our verified analyses directly operate on non-structured CFGs. We extend the CompCert RTL intermediate language with a notion of loop nesting a.k.a. weak topological ordering on CFGs that is useful for reasoning on CFGs. The automatic extraction of our loop bound estimation into OCaml yields a program with competitive results, obtained from experiments on a reference benchmark for WCET bound estimation tools.

[1]  Alan D. George,et al.  RapidIO for radar processing in advanced space systems , 2007, TECS.

[2]  Hoyt Lougee,et al.  SOFTWARE CONSIDERATIONS IN AIRBORNE SYSTEMS AND EQUIPMENT CERTIFICATION , 2001 .

[3]  Andreas Podelski,et al.  Termination proofs for systems code , 2006, PLDI '06.

[4]  Sumit Gulwani,et al.  SPEED: Symbolic Complexity Bound Analysis , 2009, CAV.

[5]  Torben Amtoft,et al.  Slicing for modern program structures: a theory for eliminating irrelevant loops , 2008, Inf. Process. Lett..

[6]  David Aspinall,et al.  Formalising Java's Data Race Free Guarantee , 2007, TPHOLs.

[7]  Sumit Gulwani,et al.  Bound Analysis of Imperative Programs with the Size-Change Abstraction , 2011, SAS.

[8]  Gernot Heiser,et al.  It's Time for Trustworthy Systems , 2012, IEEE Security & Privacy.

[9]  Matthew B. Dwyer,et al.  A new foundation for control dependence and slicing for modern program structures , 2005, TOPL.

[10]  Nicolas Halbwachs,et al.  When the Decreasing Sequence Fails , 2012, SAS.

[11]  Brian Campbell,et al.  Amortised Memory Analysis Using the Depth of Data Structures , 2009, ESOP.

[12]  Jan Gustafsson,et al.  Loop Bound Analysis based on a Combination of Program Slicing, Abstract Interpretation, and Invariant Analysis , 2007, WCET.

[13]  G. G. Stokes "J." , 1890, The New Yale Book of Quotations.

[14]  Roberto M. Amadio,et al.  Certifying and Reasoning on Cost Annotations of Functional Programs , 2011, FOPARA.

[15]  Xavier Leroy,et al.  Formal verification of a realistic compiler , 2009, CACM.

[16]  G. Ramalingam,et al.  On loops, dominators, and dominance frontiers , 2002, TOPL.

[17]  François Bourdoncle,et al.  Efficient chaotic iteration strategies with widenings , 1993, Formal Methods in Programming and Their Applications.

[18]  Robert Atkey,et al.  Amortised Resource Analysis with Separation Logic , 2010, ESOP.

[19]  Gerard J. M. Smit,et al.  A mathematical approach towards hardware design , 2010, Dynamically Reconfigurable Architectures.

[20]  Jan Gustafsson,et al.  Automatic Derivation of Path and Loop Annotations in Object-Oriented Real-Time Programs , 1998, Scalable Comput. Pract. Exp..

[21]  Jakob Engblom,et al.  The worst-case execution-time problem—overview of methods and survey of tools , 2008, TECS.

[22]  David Pichardie,et al.  Formal Verification of a C Value Analysis Based on Abstract Interpretation , 2013, SAS.

[23]  Gilles Barthe,et al.  A Formally Verified SSA-Based Middle-End - Static Single Assignment Meets CompCert , 2012, ESOP.

[24]  Jan Gustafsson,et al.  The Mälardalen WCET Benchmarks: Past, Present And Future , 2010, WCET.

[25]  Reiner Hähnle,et al.  Verified resource guarantees using COSTA and KeY , 2011, PEPM '11.

[26]  Gernot Heiser,et al.  Improving interrupt response time in a verifiable protected microkernel , 2012, EuroSys '12.

[27]  Manfred Broy,et al.  Formal Methods in Programming and Their Applications , 1993, Lecture Notes in Computer Science.

[28]  Daniel Wasserrab,et al.  Formalizing a Framework for Dynamic Slicing of Program Dependence Graphs in Isabelle/HOL , 2008, TPHOLs.

[29]  Xavier Leroy,et al.  A simple, verified validator for software pipelining , 2010, POPL '10.

[30]  Marc Pantel,et al.  Formally verified optimizing compilation in ACG-based flight control software , 2012 .

[31]  Roberto M. Amadio,et al.  Certifying and Reasoning on Cost Annotations in C Programs , 2012, FMICS.

[32]  Ian Stark,et al.  Randomised Testing of a Microprocessor Model Using SMT-Solver State Generation , 2014, FMICS.