Verification of Real-Time Systems Resource Sharing

Similar documents
Microkernel/OS and Real-Time Scheduling

Final Examination. Thursday, December 3, :20PM 620 PM. NAME: Solutions to Selected Problems ID:

Introduction to Embedded Systems

Deadlock. Lecture 4: Synchronization & Communication - Part 2. Necessary conditions. Deadlock handling. Hierarchical resource allocation

Schedulability with resource sharing. Priority inheritance protocol Priority ceiling protocol Stack resource policy

Operating systems and concurrency (B10)

Resource Access Control in Real-Time Systems. Resource Access Control in Real-Time Systems

Experience with Processes and Monitors in Mesa. Arvind Krishnamurthy

Analyzing Real-Time Systems

Real-Time Systems Resource Access Protocols

An Evaluation of the Dynamic and Static Multiprocessor Priority Ceiling Protocol and the Multiprocessor Stack Resource Policy in an SMP System

CS 153 Design of Operating Systems Winter 2016

The Deadlock Lecture

CSC Operating Systems Spring Lecture - XII Midterm Review. Tevfik Ko!ar. Louisiana State University. March 4 th, 2008.

Introduction to Embedded Systems

18-642: Race Conditions

An Improved Priority Ceiling Protocol to Reduce Context Switches in Task Synchronization 1

Resource Access Protocols

Multiprocessor and Real- Time Scheduling. Chapter 10

Concurrent Programming Synchronisation. CISTER Summer Internship 2017

Resource sharing and blocking. The Mars Pathfinder Unbounded priority inversion Priority inheritance

CS 31: Intro to Systems Deadlock. Kevin Webb Swarthmore College April 21, 2015

Overview. Sporadic tasks. Recall. Aperiodic tasks. Real-time Systems D0003E 2/26/2009. Loosening D = T. Aperiodic tasks. Response-time analysis

UNIT:2. Process Management

Operating Systems: Quiz2 December 15, Class: No. Name:

AUTOSAR Extensions for Predictable Task Synchronization in Multi- Core ECUs

CS 431 Introduction to Computer Systems Solutions Mid semester exam 2005

Real-Time and Concurrent Programming Lecture 6 (F6): Scheduling and bounded response times

Deadlock. Concurrency: Deadlock and Starvation. Reusable Resources

CS 31: Intro to Systems Deadlock. Martin Gagne Swarthmore College April 25, 2017

CSL373: Lecture 5 Deadlocks (no process runnable) + Scheduling (> 1 process runnable)

Integrating Real-Time Synchronization Schemes into Preemption Threshold Scheduling

CSE 120. Fall Lecture 8: Scheduling and Deadlock. Keith Marzullo

What s An OS? Cyclic Executive. Interrupts. Advantages Simple implementation Low overhead Very predictable

SYNCHRONIZATION M O D E R N O P E R A T I N G S Y S T E M S R E A D 2. 3 E X C E P T A N D S P R I N G 2018

What is the Race Condition? And what is its solution? What is a critical section? And what is the critical section problem?

CS 571 Operating Systems. Midterm Review. Angelos Stavrou, George Mason University

Real-time operating systems and scheduling

Suggested Solutions (Midterm Exam October 27, 2005)

Scheduling Algorithm and Analysis

The Priority Ceiling Protocol: A Method for Minimizing the Blocking of High-Priority Ada Tasks

CS450/550 Operating Systems

EECS 571 Principles of Real-Time Embedded Systems. Lecture Note #10: More on Scheduling and Introduction of Real-Time OS

CPSC/ECE 3220 Summer 2017 Exam 2

A Stack-Based Resource Allocation Policy for Realtime Processes

Concurrent activities in daily life. Real world exposed programs. Scheduling of programs. Tasks in engine system. Engine system

Operating Systems Design Fall 2010 Exam 1 Review. Paul Krzyzanowski

Midterm Exam. October 20th, Thursday NSC

Multiprocessor and Real-Time Scheduling. Chapter 10

Administration. Matteo Corti RZ H

Student Name:.. Student ID... Course Code: CSC 227 Course Title: Semester: Fall Exercises Cover Sheet:

CS4514 Real Time Scheduling

EE458 - Embedded Systems Lecture 8 Semaphores

Design Considerations in Safety Critical Systems. Presented by Remus Tumac

CEC 450 Real-Time Systems

DUH! Deadlocks. Concurrency Issues. The TENEX Case. If a process requests all systems buffers, operator console tries to print an error message

Resource Sharing and Priority Ceiling Protocols

What is a Deadlock? Deadlock. Resource Dependency Graph. Why Study Deadlocks? The Dining Philosophers Problem. (The Dining Philosophers Problem)

Operating Systems. Lecture 4 - Concurrency and Synchronization. Master of Computer Science PUF - Hồ Chí Minh 2016/2017

CSL373: Lecture 6 CPU Scheduling

Concurrency: Deadlock and Starvation. Chapter 6

Copyright Notice. COMP9242 Advanced Operating Systems S2/2014 Week 9: Real-Time Systems. Real-Time System: Definition

CS 111. Operating Systems Peter Reiher

Synchronization I q Race condition, critical regions q Locks and concurrent data structures q Next time: Condition variables, semaphores and monitors

COMP 300E Operating Systems Fall Semester 2011 Midterm Examination SAMPLE. Name: Student ID:

CSE 4/521 Introduction to Operating Systems

Concurrency Issues. Past lectures: What about coordinated access across multiple objects? Today s lecture:

CSE 237A Timing and scheduling. Tajana Simunic Rosing Department of Computer Science and Engineering University of California, San Diego.

Real-Time Systems. Lecture #4. Professor Jan Jonsson. Department of Computer Science and Engineering Chalmers University of Technology

CSE 120 Principles of Operating Systems

Ensuring Schedulability of Spacecraft Flight Software

Tasks. Task Implementation and management

Computer Systems Assignment 4: Scheduling and I/O

Predictable Interrupt Management and Scheduling in the Composite Component-based System

Against priority inheritance

Lecture #23 Real Time Operating Systems Embedded System Engineering Philip Koopman Monday, April 11, 2016

Last Class: Monitors. Real-world Examples

RTOS 101. Understand your real-time applications. with the help of Percepio Tracealyzer

Synchronization I. To do

Concurrency Race Conditions and Deadlocks

Synchronization. Heechul Yun

Resource Access Control (2) Real-Time and Embedded Systems (M) Lecture 14

Synchronization I. Today. Next time. Race condition, critical regions and locks. Condition variables, semaphores and Monitors

CS 4410 Operating Systems. Review 1. Summer 2016 Cornell University

Lecture notes Lectures 1 through 5 (up through lecture 5 slide 63) Book Chapters 1-4

Priority Based Assignment of Shared resources in RTOS

Back to RTOS. CSE466 Autumn 00-1

CMPS 111 Spring 2013 Prof. Scott A. Brandt Midterm Examination May 6, Name: ID:

Department of Computer Science Institute for System Architecture, Operating Systems Group REAL-TIME MICHAEL ROITZSCH OVERVIEW

Liveness properties. Deadlock

Midterm Exam Amy Murphy 19 March 2003

Multiprocessor System. Multiprocessor Systems. Bus Based UMA. Types of Multiprocessors (MPs) Cache Consistency. Bus Based UMA. Chapter 8, 8.

Computer Systems Laboratory Sungkyunkwan University

Resource management. Real-Time Systems. Resource management. Resource management

Chapter 6. Deadlock. (A Quick Introduction)

Deadlock. Disclaimer: some slides are adopted from Dr. Kulkarni s and book authors slides with permission 1

Real-Time Scalability of Nested Spin Locks. Hiroaki Takada and Ken Sakamura. Faculty of Science, University of Tokyo

Multiprocessor Systems. COMP s1

DEADLOCKS M O D E R N O P E R A T I N G S Y S T E M S C H A P T E R 6 S P R I N G

Homework Assignment #5

Transcription:

Verification of Real-Time Systems Resource Sharing Jan Reineke Advanced Lecture, Summer 2015

Resource Sharing So far, we have assumed sets of independent tasks. However, tasks may share resources to communicate with each other, e.g. through shared memory because resources are sparse, e.g. I/O devices, duplication would be expensive Need to ensure mutual exclusion typically by protecting accesses to the shared resource by semaphores

Resource Sharing Why do We Have to Worry about Resource Sharing? Shared resources: Data Shared structures, Resources: variables, main Data structures, variables, memory mainarea, memory files, area, I/O file, set units, of the processor, registers, etc. I/O unit, the processor, etc. Mutual Mutual exclusion, critical section section When a job Whenenters a job enters a the critical section of section a of a shared resource, the accesses to the shared other jobs resource trying fromto other enter jobs are a blocked. critical section of the same resource are blocked. 4 Dec. 03, 2012: Scheduling Theory in Real-Time Systems (lv24075)

Resource Sharing Affects Scheduling and Schedulability: Priority Inversion Priority Inversion Priority Inversion: A higher priority job is blocked by a lower-priority job. Unavoidable when there are critical sections Priority Inversion: a higher priority job is blocked by a lower-priority job. normal execution critical section J 1 is blocked J 1 J 2 6 Dec. 03, 2012: Scheduling Theory in Real-Time Systems (lv24075)

Priority Inversion: Another Example

Priority Inversion in the Real World: Mars Pathfinder

Priority Inversion in the Real World: Mars Pathfinder VxWorks provides preemptive priority scheduling of threads. Tasks on the Pathfinder spacecraft were executed as threads with priorities Pathfinder contained an information bus, which you can think of as a shared memory area used for passing information between different components of the spacecraft. A bus management task ran frequently with high priority to move certain kinds of data in and out of the information bus. Access to the bus was synchronized with mutual exclusion locks. The meteorological data gathering task ran as an infrequent, low priority thread, When publishing its data, it would acquire a mutex, write to the bus, and release the mutex. It also had a communications task that ran with medium priority.

Priority Inversion in the Real World: Mars Pathfinder High priority Medium priority Low priority Data retrieval from memory Communication task Meteorological data collection Most of the time this combination worked fine. However, very infrequently it was possible for an interrupt to occur that caused the (medium priority) communications task to be scheduled during the short interval while the (high priority) information bus thread was blocked waiting for the (low priority) meteorological data thread. In this case, the long-running communications task, having higher priority than the meteorological task, would prevent it from running, consequently preventing the blocked information bus task from running. After some time had passed, a watchdog timer would go off, notice that the data bus task had not been executed for some time, conclude that something had gone drastically wrong, and initiate a total system reset.

Naïve solution for Priority Inversion Disallow preemption during critical sections It is simple. No deadlocks. Why? A high-priority task is blocked for at most one critical section. Why? But: it creates unnecessary blocking. Why?

Resource Access Protocols Basic Idea: Modify (increase) the priority of those jobs that cause blocking. When a job J j blocks one or more higher-priority tasks, it temporarily assumes a higher priority. Methods: Priority Inheritance Protocol (PIP), for fixedpriority scheduling Priority Ceiling Protocol (PCP), for fixed-priority scheduling Stack Resource Policy (SRP), for both fixedand dynamic-priority scheduling

Priority Inheritance Protocol (PIP) When a lower priority job J j blocks a higher-priority job, the priority of J j is promoted to the priority level of the highest-priority job that job J j blocks. For example, if the priority order is J 1 > J 2 > J 3 > J 4 > J 5, When job J 4 blocks jobs J 2 and J 3, the priority of J 4 is promoted to the priority level of J 2. When job J 5 blocks J 1 and J 3, its priority level is promoted to the priority level of J 1. Priority inheritance solved the Mars Pathfinder problem: the VxWorks operating system used in the pathfinder implements priority inheritance. The software was shipped with priority inheritance turned off.

Example of PIP t 0 : J 1 arrives and preempts J 3 t 1 : J 1 attempts to enter the critical section. J 1 is blocked by J 3 and J 3 inherits J 1 s priority t 2 : J 2 arrives, but has a lower priority than J 3 t 3 : J 3 leaves its critical section, and J 1 now preempts J 3

Weaknesses of PIP Weakness of PIP Blocking in PIP: Blocking in PIP Direct blocking: higher-priority job tries to acquire a Direct Blocking: higher-priority job tries to acquire a resource held resource held by a lower-priority job lower-priority job. Push-through blocking: a medium-priority job is blocked by Push-through Blocking: medium-priority job is blocked by a a lower-priority job that has inherited a higher priority lower-priority job that has a higher priority from a job it directly bloc Problems of PIP: Problems of PIP PIP might cause deadlock if there are multiple resources: PIP might cause deadlock if there are multiple resources Under Under PIP, PIP, if if there there are are n n lower lower-priority jobs jobs,, a a higher-priority job ca bejob blocked can be for blocked as highfor asthe the durationof ofn n critical sections: sections. Chained blocking

PIP: Chained Blocking Problem 2: chained blocking many preemptions P(S1) P(S2) V(S1) V(S2) H Task 1 M L P(S2) P(S1) V(S1) V(S2) Task 2 Task 3 Higher-priority task can be blocked by each lower-priority task! Task 1 needs M resources may be blocked M times: many preemptions/much run-time overheads Blocked Using S1 Using S2

PIP: Blocking-Time Calculation The set of tasks using semaphore S. The WCET of the critical section of task k using semaphore S. The highest priority of the task s using semaphore S. The maximal blocking time of task i under PIP:

Improvement: Priority Ceiling Protocol (PCP) Two key assumptions: The assigned priorities of all jobs are fixed. The resources required by all jobs are known a priori, i.e., before the execution of any job begins. Definition: the priority ceiling of a semaphore R is the highest priority of all the jobs that use R, and is denoted Definition: The current priority ceiling of the system is equal to the highest priority ceiling of the semaphores in use at time t, or if no resources are in use at time t. ( is less than all other priorities.)

Priority Ceiling Protocol: Runtime Behavior 1. Scheduling Rule: At time t when job J is released, the current priority of J is its priority. Every ready job J is scheduled based on its current priority 2. Allocation Rule: When job J requests semaphore S at time t, one of the following conditions occur: S is held by another job and J becomes blocked. S is free: If J s priority is higher than the current priority ceiling, R is allocated to J. Otherwise, J becomes blocked. 3. Priority-Inheritance Rule: When J becomes blocked, the job J l that blocks J inherits the current priority of J until it releases every resource whose priority ceiling is.

Priority Ceiling Protocol: Example Task A: P(S1) V(S1) Task B: P(S2) P(S3) V(S3) V(S2) Task C: P(S3) P(S2) V(S2) V(S3) A B C

Beneficial Properties of PCP Theorem 1: Under PCP, no deadlock can occur. Why? Theorem 2: A job can be blocked for at most the duration of one critical section. Why?

PCP: Blocking Time Calculation The set of tasks using semaphore S. The WCET of the critical section of task k using semaphore S. The maximal blocking time of task i under PIP:

Priority Inheritance Protocol vs Priority Ceiling Protocol PIP PCP Bounded priority inversion (+) Bounded priority inversion (+) May deadlock (-) Deadlock-free (+) Up to n blockings (-) At most one blocking (+) Easy to implement (+) Not easy to implement (-)

Schedulability Analysis including Blocking Times Theorem: A set of n periodic tasks under PCP can be scheduled by rate-monotonic scheduling, if where B i is the worst-case blocking time of task i.

Summary Resource sharing may cause priority inversion Without further action, priority inversion may be very long Priority inheritance and priority ceiling protocols bound the worst-case blocking time Can be incorporated into schedulability analysis for rate-monotonic scheduling

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback