WINGERT A Thread Migrating OS for Real-Time Applications Alexander - - PowerPoint PPT Presentation
WAMOS @ HSRM Wiesbaden 2014-02-13 A. Zuepke WINGERT A Thread Migrating OS for Real-Time Applications Alexander Zpke alexander.zuepke@hs-rm.de About Me WAMOS @ HSRM Wiesbaden 2014-02-13 A. Zuepke Alexander Zpke 1999 2003:
WAMOS @ HSRM Wiesbaden 2014-02-13
alexander.zuepke@hs-rm.de
2
WAMOS @ HSRM Wiesbaden 2014-02-13
University of Applied Sciences Gelsenkirchen
SYSGO AG, Klein-Winternheim
RheinMain University of Applied Sciences Wiesbaden
3
WAMOS @ HSRM Wiesbaden 2014-02-13
German word in Rhine-Hessian dialect for a vineyard
4
WAMOS @ HSRM Wiesbaden 2014-02-13
… or: WINGERT Is a New Great Experimental Real-Time Operating System
5
WAMOS @ HSRM Wiesbaden 2014-02-13
6
WAMOS @ HSRM Wiesbaden 2014-02-13
7
WAMOS @ HSRM Wiesbaden 2014-02-13
8
WAMOS @ HSRM Wiesbaden 2014-02-13
9
WAMOS @ HSRM Wiesbaden 2014-02-13
“An E/E/PE* safety-related system will usually implement more than one safety function. If the safety integrity requirements for these safety functions differ, unless there is sufficient independence of implementation between them, the requirements applicable to the highest relevant safety integrity level shall apply to the entire E/E/PE safety-related system.”
“Freedom of interference”
* E/E/PE: electrical / electronic / programmable electronic
10
WAMOS @ HSRM Wiesbaden 2014-02-13
– Spatial Partitioning – Time Partitioning
OS Kernel P3 less critical
user mode supervisor mode
P1 most critical P2 critical P4 least critical
11
WAMOS @ HSRM Wiesbaden 2014-02-13
– bounded WCET when Linux runs on top? – independent analyses of partitions? – more threads + more synchronization = more safety?
12
WAMOS @ HSRM Wiesbaden 2014-02-13
– Hierarchical system design – Small TCB – Minimalistic kernel
– Thread migration
shared driver 1 P3 less critical P1 most critical P2 critical P4 least critical OS Kernel shared driver 2
13
WAMOS @ HSRM Wiesbaden 2014-02-13
14
WAMOS @ HSRM Wiesbaden 2014-02-13
– a client lends its thread to the server – the server is a passive entity
– Mach (Ford) – Sun's Spring – Pebble – Composite – …
P3 P1 P2 P4 OS Kernel
15
WAMOS @ HSRM Wiesbaden 2014-02-13
Decompose a thread into Body and Soul:
– register context – user stack
– scheduling attributes – kernel stack
Ghost: soul without a body
initial state idle threads
Body
Soul
16
WAMOS @ HSRM Wiesbaden 2014-02-13
Decompose a thread into Body and Soul:
– register context – user stack
– scheduling attributes – kernel stack
– initial state – idle threads Body
Soul
17
WAMOS @ HSRM Wiesbaden 2014-02-13
– a soul migrates back and forth between bodies – forms a call chain
active body free body soul
18
WAMOS @ HSRM Wiesbaden 2014-02-13
– a soul migrates back and forth between bodies – forms a call chain
active body free body
soul call
19
WAMOS @ HSRM Wiesbaden 2014-02-13
– a soul migrates back and forth between bodies – forms a call chain
active body
call
20
WAMOS @ HSRM Wiesbaden 2014-02-13
– a soul migrates back and forth between bodies – forms a call chain
return free body active body
21
WAMOS @ HSRM Wiesbaden 2014-02-13
– a soul migrates back and forth between bodies – forms a call chain
return free body active body
22
WAMOS @ HSRM Wiesbaden 2014-02-13
– to call another body – without keeping the caller occupied
23
WAMOS @ HSRM Wiesbaden 2014-02-13
– to call another body – without keeping the caller occupied
c a l l
24
WAMOS @ HSRM Wiesbaden 2014-02-13
– to call another body – without keeping the caller occupied
forward
25
WAMOS @ HSRM Wiesbaden 2014-02-13
– to call another body – without keeping the caller occupied
26
WAMOS @ HSRM Wiesbaden 2014-02-13
– to call another body – without keeping the caller occupied
return
27
WAMOS @ HSRM Wiesbaden 2014-02-13
– fork: tell an idle soul to call a body – join: asynchronous call returns
fork go for It!
28
WAMOS @ HSRM Wiesbaden 2014-02-13
– fork: tell an idle soul to call a body – join: asynchronous call returns
call
29
WAMOS @ HSRM Wiesbaden 2014-02-13
– fork: tell an idle soul to call a body – join: asynchronous call returns
30
WAMOS @ HSRM Wiesbaden 2014-02-13
– fork: tell an idle soul to call a body – join: asynchronous call returns
return
31
WAMOS @ HSRM Wiesbaden 2014-02-13
– fork: tell an idle soul to call a body – join: asynchronous call returns
join I'm done!
32
WAMOS @ HSRM Wiesbaden 2014-02-13
Signals and Exception Handling:
– implicitly turn exceptions into calls to exception-handlers – pass faulting register context to called body
Signals
signal delivery: force a soul into a (non-voluntary) call software raised exception
call Exception Handler Faulter
33
WAMOS @ HSRM Wiesbaden 2014-02-13
Signals and Exception Handling:
– implicitly turn exceptions into calls to exception-handlers – pass faulting register context to called body
– signal delivery: force a soul
into a (non-voluntary) call
– software raised exception
call Exception Handler Faulter Other force exc.
34
WAMOS @ HSRM Wiesbaden 2014-02-13
– First come, first serve! The other soul has to wait. – Entry wait queue Q – FIFO or priority ordering – Priority inheritance
call Q
35
WAMOS @ HSRM Wiesbaden 2014-02-13
– First come, first serve! The other soul has to wait. – Entry wait queue Q – FIFO or priority ordering – Priority inheritance
Q
36
WAMOS @ HSRM Wiesbaden 2014-02-13
– First come, first serve! The other soul has to wait. – Entry wait queue Q – FIFO or priority ordering – Priority inheritance
call Q
37
WAMOS @ HSRM Wiesbaden 2014-02-13
– First come, first serve! The other soul has to wait. – Entry wait queue Q – FIFO or priority ordering – Priority inheritance
Q waiting
38
WAMOS @ HSRM Wiesbaden 2014-02-13
– First come, first serve! The other soul has to wait. – Entry wait queue Q – FIFO or priority ordering – Priority inheritance
Q r e t u r n waiting
39
WAMOS @ HSRM Wiesbaden 2014-02-13
– First come, first serve! The other soul has to wait. – Entry wait queue Q – FIFO or priority ordering – Priority inheritance
Q
40
WAMOS @ HSRM Wiesbaden 2014-02-13
– a place where souls can rest outside the body – parking: put the currently active soul in P – unparking: move a parked soul from P to Q – the parking queue P is an unsorted queue
P Q
41
WAMOS @ HSRM Wiesbaden 2014-02-13
– a place where souls can rest outside the body – parking: put the currently active soul in P – unparking: move a parked soul from P to Q – the parking queue P is an unsorted queue
P Q park
42
WAMOS @ HSRM Wiesbaden 2014-02-13
– a place where souls can rest outside the body – parking: put the currently active soul in P – unparking: move a parked soul from P to Q – the parking queue P is an unsorted queue
P Q call
43
WAMOS @ HSRM Wiesbaden 2014-02-13
– a place where souls can rest outside the body – parking: put the currently active soul in P – unparking: move a parked soul from P to Q – the parking queue P is an unsorted queue
P Q unpark
44
WAMOS @ HSRM Wiesbaden 2014-02-13
– a place where souls can rest outside the body – parking: put the currently active soul in P – unparking: move a parked soul from P to Q – the parking queue P is an unsorted queue
P Q unpark
45
WAMOS @ HSRM Wiesbaden 2014-02-13
– a place where souls can rest outside the body – parking: put the currently active soul in P – unparking: move a parked soul from P to Q – the parking queue P is an unsorted queue
P Q r e t u r n
46
WAMOS @ HSRM Wiesbaden 2014-02-13
– a place where souls can rest outside the body – parking: put the currently active soul in P – unparking: move a parked soul from P to Q – the parking queue P is an unsorted queue
P Q
47
WAMOS @ HSRM Wiesbaden 2014-02-13
– a place where souls can rest outside the body – parking: put the currently active soul in P – unparking: move a parked soul from P to Q – the parking queue P is an unsorted queue
P Q r e t u r n
48
WAMOS @ HSRM Wiesbaden 2014-02-13
– A dedicated soul is waiting on an interrupt
– Upon return
49
WAMOS @ HSRM Wiesbaden 2014-02-13
50
WAMOS @ HSRM Wiesbaden 2014-02-13
– Strict parent ↔ child relation – Initial task started by the kernel – Tasks can only grant their own
resources to their children
– Deleting a task deletes all children
and grand children
Root Task 1 Task 7 Task 6 Task 2 T 3 T 5 T 4
51
WAMOS @ HSRM Wiesbaden 2014-02-13
– Kernel and User Threads – Address Spaces – Communication Channels – Interrupts – Kernel memory – Free system memory
– Coarse granular (4K pages) – Fine granular (Object Space → capabilities)
52
WAMOS @ HSRM Wiesbaden 2014-02-13
– Accounted per task – FIFO list with free 4K pages
– 4K sized pages (MMU granularity) – Task descriptors – Thread Control Blocks + kernel stack (souls) – Page tables – Object Space pages
53
WAMOS @ HSRM Wiesbaden 2014-02-13
– One OS per task – Object = single capability – Fine granular memory allocator
– 16K+ entries of 64 byte – OS can grow, but not shrink
→ lock free access!
– Safety: no partition interference through locking – Security: no covert channels
54
WAMOS @ HSRM Wiesbaden 2014-02-13
– Reference to own task (entry #0) – Child Tasks – Child Address Spaces – Souls – Bodies – Ports (communication endpoints) – Interrupts
– Memory → implicit by virtual address
55
WAMOS @ HSRM Wiesbaden 2014-02-13
– Handle cross task communication – Port: channel endpoint – Channel: two endpoints
– Server binds body to port – Client calls port – Channel remains open until closed
client port server port grant g r a n t child task child task call
56
WAMOS @ HSRM Wiesbaden 2014-02-13
57
WAMOS @ HSRM Wiesbaden 2014-02-13
unlocked locked locked w/ contention 1 waiter locked w/ contention 2+ waiters
58
WAMOS @ HSRM Wiesbaden 2014-02-13
Partition B Partition A SHM Futex lock lock
Q: Wait queue belongs to Partition A or Partition B? Pre-allocate wait queues?
a thread
59
WAMOS @ HSRM Wiesbaden 2014-02-13
– Q: Wait queue belongs to
Partition A or Partition B?
– Pre-allocate wait queues?
Partition B Partition A SHM Futex lock lock Wait Queue ? ?
60
WAMOS @ HSRM Wiesbaden 2014-02-13
– Q: Wait queue belongs to
Partition A or Partition B?
– Pre-allocate wait queues?
Partition B Partition A SHM Futex lock lock Wait Queue ? ?
61
WAMOS @ HSRM Wiesbaden 2014-02-13
– FIFO sorted
O(1) time
– Priority sorted
O(log n) time
– Implementation in linear space
– Mutexes – Condition variables – Barriers – Counting semaphores – Reader-writer locks
62
WAMOS @ HSRM Wiesbaden 2014-02-13
– use between threads in the same partition – shareable between multiple address space
– Parking concept → monitor – use between threads in different partitions
63
WAMOS @ HSRM Wiesbaden 2014-02-13
– Apply to both Futexes and RPC – Priority Ceiling Protocol
– (Migratory) Priority Inheritance Protocol
… what if the lock holder blocks? … limit recursions?
64
WAMOS @ HSRM Wiesbaden 2014-02-13
65
WAMOS @ HSRM Wiesbaden 2014-02-13
– X86 32 bit and 64 bit – ARM v6 and v7 – PowerPC e500+ cores or newer
66
WAMOS @ HSRM Wiesbaden 2014-02-13
– Shown features are 70% implemented – 20,000 lines of C code (including tools + test code) – 2,000 lines of assembler code
– Priority sorting in RPC calls and Futexes – Cross-address space calls – Soul parking and Interrupt Handling – Internal SMP locking in the kernel – Priority Inheritance!
67
WAMOS @ HSRM Wiesbaden 2014-02-13
– Pthread_create/join → fork / join – Signals → “forced call” + Exception Handling – Synchronization → Futexes
68
WAMOS @ HSRM Wiesbaden 2014-02-13
– Papers for my PhD!!!
– Bionic Libc (Android) + OpenMP – PikeOS paravirtualized Linux – Benchmark-Suite
– Rump kernel (NetBSD drivers and stacks) – Genode OS Framework
69
WAMOS @ HSRM Wiesbaden 2014-02-13