a³ Release 12.10
----------------
Targets
-------
* aiT WCET analysis module now available for ARM Cortex-M3 and MPC7447A.
* StackAnalyzer module now available for ColdFire.
Qualification Support Kits (QSKs)
---------------------------------
The qualification dialog now supports additional QSK archives for installation.
XTC Handling
------------
Added support for the --timeout switch in the GUI.
GUI
---
* Improved stability of symbol extraction.
* Qualification dialog now supports additional QSK archives for installation.
* Added support for the --timeout switch for XTC.
* Faster syntax highlighting for AIS.
* Improved Results Viewer.
* Variable declarations are no longer displayed in the debug view "Variables".
* Improved displaying of type modifiers in the Variables view.
* Added action to return to the node in the analysis graph that has been used
to query interactive value analysis results.
* Creating and cloning analyses is now also possible via a context menu
in the analysis list on the left of the a³ view.
* ERC32/LEON2/LEON3: more freely configurable memory timing.
AIS
---
* Beginning to introduce the AIS2 language extension.
* New annotation to allow specifying the content of memory cells within
"is entered with" annotations. Only usable in the AIS2 extension. Example:
ais2 { instruction 0x111 enter with: mem (reg("sp") - 8, 4) = 0; }
* New annotation "exit with", analogous to "enter with" but evaluated
at the exit of given program point (instruction or routine). Example:
ais2 { instruction 0x111 exit with: mem (reg("sp") - 8, 4) = 1; }
* New ValueAnalyzer directive to output the values of certain global variables
at branches:
routine <routine> trace <variables list>;
* The user may now annotate computed call targets per routine. For example:
routine "main" calls "A", "B", "C";
routine "main" calls via "array" [12];
Decoding
--------
* Improved loop transformation. Multi-entry loops are now transformed
into loop routines in most cases. This enables annotating them with the
"loop + 1 loop max xx; annotation rather than using flow constraints.
As the "flow each" constraint needs all blocks to be in the same routine,
some annotations might need to be adjusted. An error will be issued
if this is necessary. If a loop is not reducible to a loop routine,
the members of the irreducible loop will be reported to the user
together with possible inner nested irreducible loops.
* Improved recursion output. Any kind of recursion (if reducible or not)
will be shown to the user together with all members and nested recursions.
* Improved decoding performance, avoiding reiteration in most cases.
* Less memory usage during decoding of binaries.
* The decoder now provides annotation hints on how to resolve
computed call targets via NULL pointer indirection. For example:
'Cannot (fully) resolve branch/call target due to 0x0 pointer indirection.
Please consider writing an AIS annotation.
instruction "main" + 1 computed calls via "table" [20] null ->
struct 4 bytes
access 4 bytes
null;'
* Automatically derived call targets are no longer discarded
if the value analysis detects that multiple call targets are possible.
Instead, the corresponding call instruction is marked as having more
call targets (i.e., the list of call targets is only partially resolved).
To resolve this issue the user has to provide an AIS annotation.
* Improved sanity check for "area is copied" annotation.
* Fixed Issue #9933: Returns-to annotation has problems
with respect to delay slots (SPARC).
* Iterative decoding for all architectures.
* Better handling of NULL symbols in symbol table: other symbols are preferred,
if available.
* Better file/line information for IEEE695 files.
* ARM:
* Better stack-pointer guessing for TI compiler.
* Improved decoding of thumb2 instruction "ittte"/"iteet".
* C16x: PWRDN and SRST instruction result in end of program.
* C33: Support HBF COFF binaries.
* HC11: stop instruction is end of program.
* HCS12: stop instruction is end of program.
* M68020:
* Significantly improved automatic resolving of computed calls and branches.
* Improved switch table decoding.
* PPC:
* Support for CodeWarrior compiler.
* Further improved automatic switch table decoding (VLE, GHS, ...).
* Further extended support for gcc call table patterns.
* SPARC: The decoder now uses iterative decoding to resolve computed calls
via arrays or structs.
* TriCore:
* Support for TriCore 1.6.1 instruction set.
* Further improved automatic switch table decoding.
* V850:
* Support E3 instruction set.
* Improved switch table decoding.
* Further improved automatic resolving of computed calls and returns.
* reti instruction results in end of program.
* Improved "dispose const, {regs}, [reg]" decoding, allowing it to be used
as computed branch, not only as return.
* x86:
* Better switch table handling for CADUL compiler.
* Decoding allows duplicated code to e.g. inline again tail-optimized
routine ends.
Stack and value analysis
------------------------
* Changes to calling conventions for stack and value analysis.
The automatic classification of routines as satisfying or violating
calling conventions has changed:
* Dummy calls and calls which return immediately are always classified
to be violating the calling conventions. This classification cannot
be changed by the user.
* Other routines that don't assign unknown values to the stack pointer
and which are terminated by an explicit return instruction are
automatically classified as satisfying the calling conventions.
This classification can be overwritten by the user to "violates
calling conventions".
* The user is responsible to mark decoded routines that do not preserve
the values of callee saved registers as violating the calling conventions
if they are not automatically classified as such routines (i.e. if they
are not dummy calls or returning immediately).
* Stack analysis:
* Assignments to the stack pointer now lead to an unknown stack level
(previously to stack level 0). An exception are assignments to the
stack pointer for the purpose of restoring a saved stack-pointer value
near the end of a routine, provided that the saved value is known.
* StackAnalyzer honors "interproc flexible" AIS annotations, doesn't
enforce Callstring-1 or -2.
* Improved handling of stack modifying loops. If StackAnalyzer is able
to detect that the loop really itself has a stack effect, it will
auto-unroll it and try to detect a loop bound. Otherwise, it will
inform the user, if the stack analysis fails because of possible
stack loops and allows to unroll them via the special annotation
"modifies stack". Example annotation:
ais2 { loop "test.L1" modifies stack; }
* Allow to switch to a faster stackanalysis mode that doesn't have
the information about all possible worst-case stack paths.
"Number of worst case stack usage paths to compute" cannot be used
if this "Faster stack analysis without worst-case path information
at routines" is enabled.
* More precise stack analysis if function calls are infeasible.
* Other general changes:
* Loops that are never left are no longer marked as infeasible but can end
program execution after each iteration. This allows more flexible handling
of such loops, like using "additional starts" to analyze the functions
called inside such loops.
* The value analysis may invalidate computed register contents or
computed call targets during iterative decoding if it detects
that other values are possible.
* Warnings about misaligned memory accesses are postponed from the loop
analysis to the value analysis step to avoid unnecessary messages.
* Improved analysis performance if sets of intervals are used.
* Better loop bound detection for multi-entry loops.
* Improved handling of integer division instructions.
* Better output for infeasible computed control-flow transition,
now including modulo information.
* Better handling of incorrectly decoded binaries in the value analyzer.
Location of incorrectly decoded instruction will be given and path
to this instruction is made infeasible.
* Better information if an "additionally takes" or "snippet/loop xxx takes"
annotation doesn't evaluate to a finite positive range, for example:
'Unable to evaluate the additional cycles expression to a finite
positive range, result is [0..inf]. Assuming [0, 0] cycles as
execution time.'
* Fixed Issue #10533: Wrong "is entered with" annotation can lead to crash
after error was issued. No wrong results possible, only crash.
* Compute more precise value ranges for registers/memory cells modified
in loops if they relate to the loop counter.
* If ValueAnalyzer license available, ValueAnalyzer features like
the "should be reachable" feature will be honored during normal
stack and loop/value analysis, too.
* C16x
* Improvements for handling of speculative execution in value analyzer.
* Reset addressing mode flags after call to external routine that obeys
calling conventions.
* Fixed StackAnalysis problem with "Disable User Stackpointer"
* HCS12: Improved loop analysis.
* M68020
* StackAnalyzer and ValueAnalyzer support for Coldfire.
* Improved loop analysis.
* PPC
* Improvements for handling of speculative execution in value analyzer.
* More precise handling of frame pointer for GCC compiled binaries.
* Improved loop analysis.
* SPARC: Improved loop analysis.
* TriCore:
* Support of TriCore 1.6.1 instruction set for stack and value analysis.
* Improved loop analysis.
* V850
* Supports E3 instruction set for stack and value analysis.
* Improved loop analysis.
* Fixed Issue #10680: Interactive value analysis caused abnormal termination
of the value analysis if either "Generic V850 E1/ES" or "Generic V850 E2"
has been selected in the machine settings dialog.
Pipeline analysis
-----------------
* Generic SDR/DDR-Memory Controller: Introduced address offset for start
of SDR/DDR memory region. The specified address must be aligned to the width
of the specified region.
* Am486
* Improved pipeline model with respect to the floating point unit.
* Support for denormalized floating point numbers.
* C16x:
* Improved handling of speculative execution.
* Improved pipeline model.
* Support of SCXT SFR,#const instructions
* LEON2: Improved LEON2 pipeline analysis model.
* LEON3:
* Fixed handling of pending stores in store buffer.
* Reworked and simplified floating-point unit model.
* Optimized memory usage of analysis.
* MPC55xx/MPC56xx: Now supporting virtual addressing
via the translation lookaside buffer (TLB).
* MPC755/PPC750/MPC603e: Fixed corner case for "feature dispatch stall"
handling. (Before the fix, the situation was detected and an error
reported.)
* MPC755s/PPC750/MPC603e/MPC7448s: Optimize microarchitecture model
of generic MCU.
* MPC7448: Refined processor core model concerning undocumented
hardware behavior (delayed TS emission).
* TriCore
* Improved flash page buffer hit/miss classification.
* Significantly reduced memory consumption of TriCore pipeline analysis.
* V850/E1F: Improved pipeline model.
Path analysis
-------------
Semantic changes to busy waiting loop annotation 'loop "test" + 1 loop
takes max 1000 cycles': Timing specifications for loops are implemented
by pretending that the loop is not executed at all, and assigning
the specified time to the loop call node of the loop in its host routine.
This avoids ILP complexity and makes busy waiting loop annotations
faster to solve.
Visualization and reporting
---------------------------
* For each unresolved computed call, a³ now introduces a virtual call target
named ":UnresolvedTarget_A" where A is the address of the call. The virtual
call target disappears when the computed call is resolved by annotations
that inform a³ about the call targets.
* If the unresolved computed call is not resolved by providing its targets,
but by declaring that its targets should not be analyzed, then the virtual
call target ":UnresolvedTarget_A" is renamed into ":NotAnalyzedTarget_A".
* The user can now choose between three different levels for the visualization
of infeasible routines: hide all infeasible routines, show top-level
infeasible routines, show all infeasible routines.
* StackAnalyzer now marks infeasible parts of the control-flow graph.
* The user may now obtain a full (static) XML representation of the call graph.
For this purpose the GUI features an "Output call graph in XML report" under
"Analyses" -> "Reporting" -> "XML Reporting".
* Improved WCET path to XML export. The XML report contains information
that allows the user to identify the WCET path through the source code.
* Better marking of fatal errors caused by pedantic mode.
==============================================================================
Last modified on 9 October 2012 by alex@absint.com.
Copyright 2012 AbsInt. http://www.absint.com/
==============================================================================
An HTML version of these release notes is available at
http://www.absint.com/releasenotes/a3/12.10/