CS444 class 14

Class 14

Note: midterm, Monday Oct. 29

Summary for Midterm: it’s open book, open notes, can bring posted solutions and your own hw.

Note practice midterm, solutions on Saturday, linked to class web page.

Is there a theme connecting all the things we’ve covered so far? I think so, as follows. We have concentrated on the transitions, or handoffs, between the three major players, the user code, kernel code, and hardware. A major concern is user-kernel separation, needed to keep the system well-understood and secure. This separation is implemented by being very careful about transitions. The user code is kept “bottled up” in its virtual machine. System calls communicate a small amount of information (the syscall # and arguments, return value) across the user-kernel boundary and back.

Note that the CPU is running in kernel mode or user mode at each point in time (or each CPU, for multiprocessors). It will continue to run that way until a particular event takes place: an interrupt, or execution of a system call, or execution of iret (or equivalent), or some exception (including page faults, which we will study later).

Hardware-user code relationship

The only “device registers” that user code is allowed to access are the CPU general registers. The UART registers, the disk controller registers, etc., are hidden away, invisible to the user code. The user code may only use them via system calls.
The user code runs only in the user mode of the CPU (except in our homework projects, where we have simplified things), so it may only use the non-privileged instructions of the CPU. The system call instruction itself is (of course!) a non-privileged instruction.
The user code can see the IF bit in EFLAGS, but it can’t change it. All interrupts are handled by the kernel. They can (and usually do) happen during user code execution, but are invisible to the user code (unless it is doing very high precision timing.)
All the user program can see is a flat address space, with code, data, stack, and DLLs, and the CPU. In the user code are the system call instructions.
The user code can use multiple CPUs via threads, setup and managed via system calls.

Hardware-kernel code relationship

The kernel runs in the “kernel mode” of the CPU, and thus can do all CPU instructions.
The device registers are accessible to the kernel, and the kernel contains “device drivers” that are software modules devoted to managing a certain kind of hardware.
The kernel handles all interrupts, so all interrupt handlers are kernel code.
The kernel uses memory for code, data, much like other programs, but has many stacks, one for each thread.
The kernel can do the cli, sti instructions (or equivalent on other CPUs), and so IF=1 part of the time, IF=0 other times as the kernel is running. Putting IF=0 is a kind of kernel mutex usable for uniprocessors.

User-Kernel relationship

The whole user virtual machine is set up so that the user code can be trusted to use the CPU for hundreds of instructions at a time without intervention of the kernel. This is key to performance.
The three major ways to go from user code to kernel execution is by system calls, page faults, and interrupts. Other traps are possible too, such as illegal-instruction traps. All these cause the execution of the CPU’s interrupt/trap cycle, with its access to the IDT (or similar table for another CPU) to specify what kernel function to execute.
System call instructions are part of the hardware assistance needed to allow user code to safely call on the kernel.

Hardware/Software terms that sometimes cause confusion on exams

instruction: like mov, push, in, out, etc., belong to “instruction set”, used in assembly language

CPU register: like eax, ecx, esp, etc. for x86.

device register: like UART’s transmit register, receiver reg, LSR

port or i/o port: 16-bit number providing an address for various device registers, in x86 architecture. Ex: 0x2f8 for COM2’s transmit register.

memory address: 32-bit number of a byte of memory, in separate space from i/o ports.

interrupt vector: the address of the interrupt handler, held in IDT[nn], and specifying the entry point of the assembler interrupt handler

command: string used to tell a program what to do, ex: “ls” is a shell command

system call: two meanings, system API call such as write(fd, buf, nbytes), certain instruction execution (int, ta)

user stack: one for each thread, holds execution state of user code.

kernel stack: one for each thread, holds execution state of current system call execution, or is empty

interrupt stack: we assume this is built on top of the kernel stack of the thread executing at the time of the int.

Midterm Reading: midterm is open books, open notes, handouts, open solutions—yours or mine or both.

Tanenbaum, Chap 1, but light on history

Chap 2, Sections 2.1, 2.2: all to pg. 106, skip 2.2.4, read 109-110, skip 2.2.6, .7, .8. read 114-end of 2.2.

Sec 2.3: everything through pg. 130, skip pg 131-134 (user-level threads, mutexes in Pthreads (we can always use semaphores for mutex), condition variables)

Read Sec. 2.3.7 Monitors to the point it mentions condition variables.We are using semaphores, not the more primitive condition variables, for blocking, and we don’t need to block inside a monitor with semaphores, since they themselves are monitors.

We have replaced the ProducerConsumer code on pg. 141 with the code on the handout “Example of Monitor in Java, using the synchronized keyword”, which does producer-consumer with two semaphores for blocking and a monitor for the needed mutex to protect the integrity of the LinkedList used for the shared buffer.

Read Sec. 2.3.8, Message Passing. Skip 2.3.9 Barriers

Read Sec. 2.4 to pg. 148: basics of timesharing, which we have discussed.

Chap. 5 to pg. 336. We are using i/o instructions, not memory-mapped i/o.

Skip Sec. 5.1.4, DMA

Read Sec. 5.1.5. Correct the typo on pg. 339 referring back to Chap. 1: should be 1.3.5, not 1.4.5.

Read Sec. 5.2 except the part on DMA. Note that the code uses memory-mapped i/o, so where you see “*printer_status_register != READY”, replace it with an inb to the printer status register, followed by testing the resulting value in EAX.

Read 5.3.1, Interrupt handlers

Read 5.3.2, Device drivers. We have a tty device driver in hw2. Don’t worry about block devices yet. Our tty driver is a character device.

Read 5.3.3, Device-independent I/O Software: our setup for hw1-hw2 is a device-independent i/o package, usable for both serial and parallel ports as shown in hw1.

Chap. 10 Linux Sec 10.3.2, 10.3.3 to pg 747. Processes in Linux.

Lecture notes through today.

hw1 ideas:

interrupt programming: PIC, IDT, int. handler, etc.
interrupt-driven i/o: read-ahead, write-behind, also vs. programmed i/o
use of cli/sti for mutex, need for it with queue accessed two ways
use of kprintf for debugging (itself using programmed i/o with interrupts off)
device independent i/o system, and how to do it in C (array of structs with function pointers)
not really an “OS”, just a library of useful things
also, first part, system calls in Solaris

hw2 ideas: ideas only, not code details

mechanism of system calls: put args and syscall# in registers, special instruction, use of IDT
trap vector, system call trap handler: as, C parts, like int handler, but runs with IF=1 to start
startup module for user program
library envelope routine for system calls
first OS: should be able to classify each piece of code as user or kernel

Message Passing

Tan, pg. 140:

send(dest, &message);

receive(source, &message);

It isn’t really clear what kind of id’s dest and source are—thread ids? or message-queue ids? Probably the latter, because one thread might want to communicate with several other threads in various message formats.

Producer-consumer using messages. Idea here is to set up a flow of data messages from producer to consumer. Normally a receiver waits (blocked) if there are no messages to receive. How do we prevent the sender from getting way ahead of the receiver? Recall that the producer is supposed to be blocked when the queue is “full” in some bounded way.

To prevent the producer from run-away production, we require it to receive an “empty” message from the consumer before it can produce a full one. We prime the system by producing N empty messages to start with. After that, there are always nearly N messages total in the system, some empty, some full.

Pg. 143—another somewhat magic program, using the empty messages for flow control as outlined above. Again, let’s show how the system objects are set up by the top-level thread and used by the worker threads.

At the OS level, UNIX/Linux has TCP and UDP networking and System V IPC message queues. Windows has TCP and UDP and message queues.

In Java, with threads, we don’t typically use messages because it’s so easy to share data in memory, so the code we already have studied shows how to do this. When we communicate between systems, we usually use the networking support, i.e., TCP, which means we need to talk about network host addresses and then within hosts, the ports that are used to define communication endpoints. There is a part of JEE called JMS, for reliable and transactional messaging. These are both “heavyweight” services. Java seems to be lacking in “lightweight” message mechanisms for activities on the same system.

In Android, however, the architecture favors messages for communication, because it works just as well between processes, and lots of functionality in Android is implemented in servers, separate processes from the app processes.

So for Android, Apple has implemented a new form of Linux IPC, having apparently rejected as too slow TCP and System V IPC, and certainly JMS.

The new service is called “Android Binder”. It sends messages from one process to another by copying them to kernel memory from one process and then out to the other process. The fact that this is not a data stream makes it not properly fit into read/write Linux syscalls, so it is actually an “ioctl”, the miscellaneous file syscall. This service underlies broadcasts as well as calls to servers, including the Service Manager that keeps track of all the servers and services.

See Academic article (thesis) on Android Binder

Semaphores vs. Message Passing

Message passing can be done across systems, whereas semaphore systems offered by OSs are for synchronization of processes or threads all on one system. On a single system (which may have multiple CPUs, and has a common memory system), semaphores and message queues have the same synchronization power. Semaphores can by implemented by message queues plus shared memory, and vice versa. Semaphores are often lighter-weight than message passing, partly since they can depend on being between local threads/processes.

Mutex by message passing: put one message in a message queue. receive it to obtain the mutex, send it back in to release the mutex.

Message passing by semaphores? No way to move the data.

Message passing + shared memory can provide message passing within one system.

Actual message services

System V msgget, etc.: available on most UNIX systems. Provides message passing between processes on one system.

Pipes, Network i/o: stream-oriented, but can subdivide stream into messages.

Win32: pipes, network i/o

Something portable between Windows and UNIX? Answer: TCP network i/o, works between processes on one machine as well as over the network.

Rest of IPC coverage in Tanenbaum:

pg. 123:barriers—can skip.

Dining philosophers: has easy solution with mutex: get mutex, pick up both forks, eat, release mutex. But this allows only one eater at a time. The challenge is to safely allow 2 eaters.

Readers and Writers: more realistic problem. Allow N readers XOR 1 writer to each data item. The solution uses two semaphores, one (db) to make sure the system is EITHER doing reading or writing, the other (mutex) to guard rc, the reader count. Only the first reader does the down on the “db” mutex, and subsequent readers get blocked at the down on mutex, since the first reader still holds that until it gets db. But that’s OK, since they need to block. They get unblocked at the right time too.

Sleeping barber—skip.