a³ Release 21.04
New targets
* aiT WCET Analyzer for ColdFire MCF5307
* aiT WCET Analyzer for TriCore AURIX TC233, TC265, TC297, TC377, and TC387
* StackAnalyzer, ValueAnalyzer, and TimingProfiler for Nios II
* TimeWeaver for M68k
* All tools for TriCore now support the GHS compiler
Improved workspaces
The compression ratio and speed for APZ files has been improved.
General improvements
Reduced memory consumption of analyses.
Windows support
This is the last release to officially support Windows 7.
Future releases will require at least Windows 10.
Qualification Support Kits
* New board-specific QSKs for:
* aiT for TriCore (TC377)
* aiT for M68020 (MCF5307)
* Improvements:
* Added the DO-330 objectives 6.2.1ff to the table of addressed
DO-330 objectives in the VTP document.
* Adapted the alignment-related test cases qk_ais2_alignment_specification
and qk_setting_assume_aligned_data_accesses to work with
the machine type "Generic ARMv5".
* Updated the test cases qk_setting_instruction_cache_mode,
qk_setting_data_cache_mode, and qk_setting_cache_specification
to check for expected cache miss output in XML report files:
* Updated the test cases qk_ais2_memory_values and
qk_ais2_area_definitions_simple to cover the match functor.
* Updated the test case qk_ais2_conditional_annotation_scopes
to cover cascaded if-then-else statements and the new variant
of functor analysisType().
* Updated qk_ais2_expression_pp_area_operators to cover
the functor 'interval' and usage of the functor 'entries'
that evaluates in value analysis phase.
* Updated qk_ais2_expression_symbolic to check for redefinitions.
* Updated qk_ais2_expression_pp_area_operators to cover the functor attribute.
* qk_ais2_alignment_specification is now being excluded for ARM machine types
that do not support this feature.
* Updated qk_ais2_context_specification_max_length and
qk_ais2_context_specification_default_unroll
to cover interval values in mapping annotations.
* New test cases:
qk_ais2_pre_included_ais_file all architectures
qk_ais2_attribute_predefined
qk_computation_sum
qk_ais2_macro all except C16x and C28x
qk_ais2_evalc
qk_ais2_preserves_stack all except C16x, C28x, dsPIC, i386
qk_setting_area_properties_cached ARM (tms570lc4357)
qk_setting_area_properties_locked
qk_setting_area_properties_writeback
qk_setting_instruction_cache_mode
qk_setting_data_cache_mode
qk_setting_area_properties_emif
qk_measurement_r5f_ldr_emif_*
qk_setting_btv TriCore
qk_setting_psw_isp
GUI
* Entries in the configuration picker are now properly sorted.
* Improved handling of paged addresses for the "Find in symbols"
context-menu entry.
* The Home -> Overview page can now be configured to show
the number of decoding rounds, warnings and errors.
This is done by right-clicking on the table header and selecting
"Edit columns...".
* The AIS editor view marks lines with associated info, warning
or error message appropriately.
* Improved navigation of messages with multiple locations in message view.
* Improved parallel analysis execution.
* Improved handling of analysis inter-dependencies.
Visualization and results
* Improved graph History view, accessible via the hourglass button in Graph views.
Elements can be added and removed there.
* Improved heuristics to map source code locations to control-flow graph.
* The view for loop bound stats now includes user-annotated loop bounds.
* Improved performance of interactive value analysis for analyses
with many calling contexts.
Improved Symbols view
* Improved filtering and searching by address in the Symbols view.
* For TimeWeaver, symbol table entries shown in the Symbols view can now
again be filtered using potential entry points found in trace files
specified under Setup -> Files -> Trace files.
* Improved mass generation of analysis items from the Symbols view.
Annotations
* New global "Pre-included AIS file" can be specified in the Files view.
In contrast to the other AIS files, it is loaded before the GUI fields are read.
Therefore, definitions in this file are visible in the GUI fields containing AIS expressions.
* New predefined global attributes "architecture", "analysis_id",
"analysis_type", "analysis_configuration", and "analysis_group".
Their values are visible in the report files (provided that "Dump AIS annotations"
is activated). For example, the attribute "architecture" allows
cross-platform AIS files:
routine "Proc1" {
not analyzed;
obeys calling conventions;
stack usage: 64 bytes;
if (attribute("architecture") == "tricore") {
stack "csa" usage: 128 bytes;
}
}
The above annotation can be used for multiple architectures such as
PPC and TriCore without any additional annotation effort.
* The values of these attributes can be accessed by the new AIS expression
attribute("name"), e.g. attribute("analysis_id").
* Attribute definitions can be preceded by "immutable" with the effect that
these attributes cannot be redefined.
* New AIS2 functor macro("<name>", <programpoint>) to extract
#define information from DWARF debug information.
* New AIS2 functor evalC("<expr>") to evaluate a C constant,
e.g. obtained using the new 'macro' functor:
loop "processData.L1" bound: 0 .. evalC(macro("BUFFER_SIZE"));
* AIS2 expressions are now able to perform simple string comparisons:
The functor analysisType(a) is now replaced by analysisType() == a.
* Improved heuristics to resolve program points that refer to source code.
* Improved handling of "target not analyzed" annotation in case
computed call instruction is duplicated.
* Annotation hints that are offset-based are now always generated
in a scoped annotation form, such as:
routine "<name>" instruction -> "<offset>" bytes { ... }
* Improved partial resolving for program point specifications
inside try { ... } scopes.
* Changed semantics of "assert reachable":
* "assert reachable: true" is now fulfilled
if any feasible non-speculative context exists
* "assert reachable: false" is now fulfilled
if no feasible non-speculative context exists
Example output:
*
* Assertions about Infeasibility
*
* reachability for routine 'exit_ok'
is not reachable (but expected to => ASSERTION FAILED)
* reachability for routine 'exit_evil'
* in context '0x3e807c->"exit_evil"':
may be reachable (but is expected to be not => ASSERTION PROBABLY FAILED)
* New AIS2 annotation that allows to add comments to program points
in the graph visualization:
routine "ISR2_minmax" instruction -> 0 bytes comment: "Hello World!";
* The initialization dump annotation
routine "init_task_function" dump: "reg_msg_handlers";
is now supported for the entry routine of an analysis.
* Symbol names can be suffixed with "@executable@"
to select a specific symbol in case multiple binaries contain
symbols with the same name.
* Regular expression match may now be used in complex area definitions.
For example,
area ("IOFields"[].match(".+data.+")) volatile;
will match all structure members that contain the string "data".
* Improved partial evaluation of mem-functor arguments.
* Improved handling of overlapping area annotations.
* Improved partial resolving of annotation scopes.
* "interval" functor added to AIS2 to convert an expression to an interval.
Decoding
* General improvemens to the automatic resolution of computed calls,
C++ virtual member function calls, and computed control-flow transitions.
* Improved automatic decoding of computed control-flow transitions
and virtual member functions calls by allowing the pattern matcher
to handle multiple code paths per routine.
* Improved automatic resolving of C++ virtual member function calls
by making use of register-relative type information provided
by DWARF debug information.
* The C++ Call Target Analyzer has been replaced by an automatic C++
virtual member function call target resolver based on DWARF debug information.
Access to source code is no longer required for a³ for binary tools to resolve
C++ virtual member functions.
* Improved output of targets for computed branches/calls/returns
by removing duplicated targets and sorting the targets by address.
* Improved handling of 64-bit ELF files.
Control-flow, stack, and value analysis
* ARM:
* Improved handling of IAR compiler optimizations.
* Improved decoding of modern vector instructions.
* Improved decoding of modern floating point instructions.
* Fixed textual disassembly for some instructions
(semantics have not been affected).
* Fixed decoding of immediate constant in addresses used by vldr.16/vstr.16.
* TriCore:
* The BTV register is assumed to be constant if a value has been
specified for it in the GUI.
* Improved heuristics to guess stack pointer.
* Improved automatic resolving of computed control-flow transitions.
* Improved NULL pointer check detection when automatically resolving
computed branches and calls.
* Improved switch table decoding for the Tasking compiler.
* By default, the analysis now assumes that code factoring routines
of the Diabdata compiler do not violate the calling conventions.
* RH850/V850: Improved handling of CALLT/CTRET.
General improvements to value analysis
* Improved precision for:
* registers with sub-registers
* type case options (truncation, zero or sign extension)
* address alignment
* Improved precision of "iterative collect initialization" by delaying
the output of full-range values until there is a value in an earlier
iteration that might need to be invalidated.
* Further improved precision by not cutting call strings for leaf routines.
* Improved reporting of loop bounds for loops that are infeasible due to
user given loop bound of [0].
* Added location of annotation to more warning messages in case it is
related to an annotation. Example:
isa-fr81: Warning #3073: In "test.c", line 6:
In routine 'testFunc', at address 0x101364:
In "routine_accesses.ais", line 4, column 26:
The memory access annotation restricts the write access to an area
which is outside the computed memory area.
Assuming infeasible path.
computed: [0x00100fd0]
specified: [0x00100ff0]
* Improved value analysis stability when analyzing all labels or functions.
* Improved handling of local call string length adjustments via annotations like
routine "test" mapping { max length: 5; }
* Better conflict checking for "enter with" and "exit with" annotations
regarding sub-registers:
#3153: Overlapping register 'is' has a contradiction between
analyzed value [0x1] and restriction to [0x0].
In file foo.c:208, at 0x800017dc (test_function)
In context any-history
#3153: 'enter with' annotation for register 'psw' with value [0x00000400]
causes contradictions.
Assuming infeasible path.
In file psw_is_conflict.ais:1:45
In file foo.c:208, at 0x800017dc (test_function)
In context any-history
* The maximum number of elements that are stored in the register-relative
memory info can now be configured by the user in the GUI.
* The assertion violation reporting for annotations like
routine "test" area 0x003fff00 to 0x003fffff {
assert readable: false;
assert writable: true;
}
is extended to output the computed access range of the access
that violates the given constraints.
* Improved array heuristics for access sharpening in the case that
multiple arrays are possibly accessed.
* Improved handling of large unsigned 64-bit values in area contains annotations.
Cache and pipeline analysis
* ARM:
* General improvements to the Cortex-R4F and -R5F pipeline analysis model.
* The R4F pipeline model is now more robust.
* The R5F pipeline model now supports write-back locked annotations.
* TMS570LC4357 (Cortex-R5F): Added validated support for:
* code and data located in non-cached L2 Flash or L2 RAM memory areas
* static branch prediction set to 'always not taken'
* L2 flash banks with disabled prefetch mode.
* Implemented support for the external memory interface (EMIF)
of the TMS570LC4357 board.
* TriCore:
* Clarified that WCET analysis only supports CSAs allocated
to core-local scratch pad memory.
* Improvements to aiT for TriCore AURIX 1st and 2nd GEN:
* PFLASH and DFLASH memory timings now discern between wait
and error correction cycles in the textual report.
* Improved modeling of ret/rfe instructions.
* Improved local WCET access heuristics.
* Accesses that trigger a cache line fill will no longer account
for both cache miss and cache hit (after line fill is completed)
in cache statistics.
* AURIX 1st GEN: Improved TC2xx pipeline model.
* Validated aiT for TriCore TC377 and TC387.
* Improved handling of non-global worst-case pipeline analysis more
in the presence of data access alignment errors.
Path analysis
* Improved performance of ILP solving for longest path determination.
* Inform the user if the default loop bound conflicts with analyzed results,
in such cases infeasibilities might occur.
c33pipe: Warning #7177: In "do_char_007.c", line 10:
In routine '_main.L1', at address 0x80000d:
In context '..., 0x800000->"_main.L1"[1]':
For loop '_main.L1' the default loop bound of 4 contradicts
the analyzed result that the loop cannot be left until round 5
at the earliest.
Annotation proposal:
loop "_main.L1" {
bound: 0 .. <int>;
#mapping default unroll: <int>;
#takes: <int> <unit>; # To address busy-waiting loops
}
TimeWeaver
* Added support for M68k.
* Added support for GHS TimeMachine TraceList CSV export traces.
* More robust interactive tracing via Infineon DAS.
* TimeWeaver now reports which trace formats have been detected
when using automatic trace format detection.
* Symbol table entries shown in the Symbols view can now again
be filtered using potential entry points found in trace files
specified under Setup -> Files -> Trace files
Reporting
* Now ensuring that the reporting order of parallel analyses is deterministic.
* Improved the XML report output of object size statistics.
DWARF
* Improved type handling.
* Improved symbol name demangling.
* Proper support for the DW_TAG_namespace with the DW_AT_extension attribute.
* Improved handling of C++ DWARF debug information.
* New AIS2 functor 'macro("<name>", <programpoint>)' to extract
#define information from DWARF debug information.
------------------------------------------------------------------------------
Last updated on 29 April 2021 by alex@absint.com. Copyright 2021 AbsInt.
------------------------------------------------------------------------------
An HTML version of these release notes is available at
absint.com/releasenotes/a3/21.04