ecs251 fall 2007 : operating system models #3: priority inversion

10/23/2007 ecs251, fall 2007 1

UCDavis, ecs251Fall 2007

ecs251 Fall 2007:Operating System ModelsOperating System Models#3: Priority Inversion

Dr. S. Felix WuComputer Science DepartmentUniversity of California, Davishttp://www.cs.ucdavis.edu/~wu/[email protected]

10/23/2007 ecs251, fall 2007 2


Unexpected EffectsUnexpected Effectsbetween two OS control mechanismsbetween two OS control mechanisms

Real-time priority scheduling– Responsiveness: if a higher priority thread

appears, serve it asap. Mutual exclusion

– Integrity: if a higher priority thread wants to enter a critical section being hold by a lower priority thread, it has to wait for the lower priority thread to leave “the critical section”.

10/23/2007 ecs251, fall 2007 3


lock

unlock

1

0

0

1

0

1

::.

256 different priorities64 scheduling classes

RR

10/23/2007 ecs251, fall 2007 4


Real-Time ThreadsReal-Time Threads

Thread τ1 L L L Rx L Thread τ2 L L ... L Thread τ3 L L L Rx L ... L

L: local CPU burst R: resource required (Mutual Exclusion)

10/23/2007 ecs251, fall 2007 5


ExampleExample

Suppose that threads τ1 and τ3 share some data. Access to the data is restricted using semaphore x:

– each task executes the following code: do local work (L) sem_wait(s) (P(x))

– access shared resource (R) sem_signal(s) (V(x)) do more local work (L)

10/23/2007 ecs251, fall 2007 6

UCDavis, ecs251Fall 2007 BlockingBlocking

τ2

τ3

t0 t+3 t+4

RL L L R

R L τ1

t+6

L L L

Blocked!

L L L

10/23/2007 ecs251, fall 2007 7

UCDavis, ecs251Fall 2007 The middle thread

τ2

τ3

t0 t+3

L L L R

τ1 L L L

Blocked!

t+2

10/23/2007 ecs251, fall 2007 8

UCDavis, ecs251Fall 2007 Unbounded Priority InversionUnbounded Priority Inversion

τ2

τ3

t0 t+3 t+253

RL L L R

R L τ1

t+254

L L L

...L L

Blocked!

t+2

10/23/2007 ecs251, fall 2007 9

UCDavis, ecs251Fall 2007 Unbounded Priority InversionUnbounded Priority Inversion

τ2-1

τ3

t0 t+3 t+2530

RL L L R

R L τ1

t+2 t+2540

L L L

L

Blocked!

τ2-2

τ2-n

L

L

10/23/2007 ecs251, fall 2007 10


The problem..The problem..

As long as we have priority and mutual exclusion at the same time, we will have some form of priority inversion.

How to resolve it? trade-off?

10/23/2007 ecs251, fall 2007 11

UCDavis, ecs251Fall 2007 Priority InheritancePriority Inheritance

τ2

τ3

t0 t+3 t+4

L ... L

L L L R

R L τ1

t+2 t+6

L L L

R

Blocked!

dynamic 3 = 1

L ... L

10/23/2007 ecs251, fall 2007 12


Priority Inheritance ProtocolsPriority Inheritance Protocols

L. Sha, R. Rajkumar, J. Lehoczky, “Priority Inheritance Protocols: An Approach to Real-Time Synchronization”, IEEE Transactions on Computers, Vol. 39, No. 9, pp. 1175-1185, 1990

10/23/2007 ecs251, fall 2007 13


“The meteorological data gathering task ran as an infrequent, low priority thread, and used the information bus to publish its data. When publishing its data, it would acquire a mutex, do writes to the bus, and release the mutex. If an interrupt caused the information bus thread to be scheduled while this mutex was held, and if the information bus thread then attempted to acquire this same mutex in order to retrieve published data, this would cause it to block on the mutex, waiting until the meteorological thread released the mutex before it could continue. The spacecraft also contained a communications task that ran with medium priority.”

High priority: retrieval of data from shared memoryMedium priority: communications taskLow priority: thread collecting meteorological data

10/23/2007 ecs251, fall 2007 14


Basic Priority InheritanceBasic Priority Inheritance For each resource (semaphore), a list of blocked

threads must be stored in a priority queue. A thread τi uses its assigned priority, unless it is in

its critical section and blocks some higher priority threads, in which case, thread τi uses ( inherits ) the highest dynamic priority of all the threads it blocks.

Priority inheritance is transitive; that is, if thread τi

blocks τj and τj blocks τk , then τi can inherit the priority of τk.

10/23/2007 ecs251, fall 2007 15

UCDavis, ecs251Fall 2007 Mutex Priority InheritanceMutex Priority Inheritance

pthread_mutex_lock

pthread_mutex_unlock

t t t

waiting queue

t

priority

10/23/2007 ecs251, fall 2007 16


pthread_mutex_lock


M1 t t t

waiting queue

t

priority

pthread_mutex_lock


M2 t t t

waiting queue

priority

10/23/2007 ecs251, fall 2007 17

UCDavis, ecs251Fall 2007 Transitive PriorityTransitive Priority

pthread_mutex_lock


M1 t t t

waiting queue

tpriority

pthread_mutex_lock


M2 t t

waiting queue

tpriority

10/23/2007 ecs251, fall 2007 18

UCDavis, ecs251Fall 2007 ProblemsProblems

The Basic Priority Inheritance Protocol has two problems:– Deadlock - two threads need to access a pair of

shared resources simultaneously. If the resources, say A and B, are accessed in opposite orders by each thread, then deadlock may occur.

– Blocking Chain - the blocking duration is bounded (by at most the sum of critical section times), but that may be substantial.

10/23/2007 ecs251, fall 2007 19


Blocking Chain ExampleBlocking Chain Example

Task 1 : L R2 L R3 L R4 L ... L Rn L, 2(n-1) Task 2 : L R2 R2, 2(n-2) Task 3 : L R3 R3, 2(n-3) Task 4 : L R4 R4, 2(n-4) ... Task n-1 : L Rn-1 Rn-1, 2(n-(n-

1)) Task n : L Rn Rn, 2(n-n)

starting time

10/23/2007 ecs251, fall 2007 20


Blocking ChainBlocking Chain

τ2

τn

0

L Rn

τ1

Rn

Rn L

L R2 R2

Blocked!

L R2 L

Blocked!

10/23/2007 ecs251, fall 2007 21


Priority Ceiling Protocols (PCP)Priority Ceiling Protocols (PCP) A higher priority thread can be blocked

at most once, in its life time, by one lower priority thread.

Deadlocks are prevented/avoided (?!). Transitive inheritance is prevented.

Are they really critical?

10/23/2007 ecs251, fall 2007 22


PCPPCP

How do we accomplish these goals intuitively?

10/23/2007 ecs251, fall 2007 23


Locking a MutexLocking a Mutex If the “mutex M” is available and “thread

T” needs it , should T lock it?

pthread_mutex_lock


tMutex??Mutex + Priority Inheritance??

10/23/2007 ecs251, fall 2007 24


Risk for Locking a MutexRisk for Locking a Mutex If the “mutex M” is available and “thread

T” needs it , should T lock it?

pthread_mutex_lock


t

tChecking before Locking it!!

We don’t know whether the high priority thread will occur in the next X seconds!

But, does it matter?

10/23/2007 ecs251, fall 2007 25


““Checking” What??Checking” What??

10/23/2007 ecs251, fall 2007 26

UCDavis, ecs251Fall 2007 Mutex Priority CeilingMutex Priority Ceiling

pthread_mutex_lock


t t t

potential customers

PC

Max priority

A preventive action(could be unnecessary though)

10/23/2007 ecs251, fall 2007 27

UCDavis, ecs251Fall 2007 Priority CeilingPriority Ceiling

Should I get it?Should I get it?

PC

PC

PC

PC

PC

PC

PC

PC

lockedunlocked

MaxPCvalue

thread t2

??? 4 thread t4

1 thread t9

2

4

10/23/2007 ecs251, fall 2007 28

UCDavis, ecs251Fall 2007 Mutex/PIPMutex/PIP

Get it as long as it is available!Get it as long as it is available!

PC

PC

PC

PC

PC

PC

PC

PC

lockedunlocked

MaxPCvalue

thread t2

YES 4 thread t4

1 thread t9

7

4

10/23/2007 ecs251, fall 2007 29

UCDavis, ecs251Fall 2007 PCPPCP

Not so FastNot so Fast

PC

PC

PC

PC

PC

PC

PC

PC

lockedunlocked

MaxPCvalue

thread t2

NO 4 thread t4

1 thread t9

7

4

10/23/2007 ecs251, fall 2007 30


Not so FastNot so Fast

PC

PC

PC

PC

PC

PC

PC

PC

lockedunlocked

MaxPCvalue

thread t2

NO 4 thread t4

2 thread t9

7

4

10/23/2007 ecs251, fall 2007 31


How about???How about???

PC

PC

PC

PC

PC

PC

PC

PC

lockedunlocked

MaxPCvalue

thread t2

?? 4 thread t4

2 thread t2

7

4

10/23/2007 ecs251, fall 2007 32


Are we sure about the claim of Are we sure about the claim of PCP?PCP?

A higher priority thread can be blocked at most once, in its life time, by one lower priority thread.

Deadlocks are prevented/avoided.

Try to find a “Counter Example” to show that PCP’s claim is FALSE!!

10/23/2007 ecs251, fall 2007 33

UCDavis, ecs251Fall 2007 Critical Section RequirementsCritical Section Requirements

(similar to 2PL)(similar to 2PL) Threads must lock and unlock in a “nested”

or “pyramid” fashion:– Let L(S) = lock(S).– Let U(S) = unlock(S).– Example: L(s1);L(s2);L(s3);...;U(s3);U(s2);U(s1);

s1

s2

s3

10/23/2007 ecs251, fall 2007 34


4

3

2

1

0 2 4 6 8 10 12 14 16 18Executing

Executing with Q locked

Preempted

Executing with V locked

Blocked

Tasks

Ceiling-driven IndirectlyBlocked

10/23/2007 ecs251, fall 2007 35


4

3

2

1

0 2 4 6 8 10 12 14 16 18Executing


Preempted


Blocked

Priority Inversion (12,6,8,17)


10/23/2007 ecs251, fall 2007 36


4

3

2

1

0 2 4 6 8 10 12 14 16 18Executing


Preempted


Blocked

Priority Inversion Area (12,6,8,17)


10/23/2007 ecs251, fall 2007 37


1114

3

2

1

0 2 4 6 8 10 12 14 16 18

Process

1

Basic Priority Inheritance (9,12,14,17)

10/23/2007 ecs251, fall 2007 38


22 124

3

2

1

0 2 4 6 8 10 12 14 16 18

Process

1

Priority Ceiling (7,12,14,17)1 1

locked

10/23/2007 ecs251, fall 2007 39


Can we do better??Can we do better??

10/23/2007 ecs251, fall 2007 40


1111a

b

c

d

0 2 4 6 8 10 12 14 16 18

process

11

Priority Ceiling Emulation (6,12,14,17)1 1

10/23/2007 ecs251, fall 2007 41


““Kernel” MutexKernel” Mutex

OS KernelUser processes

“No preemption in the Kernel mode”

10/23/2007 ecs251, fall 2007 42


PCP/PCE MutexPCP/PCE MutexObtain the PC value as my own priority

pthread_mutex_lock


PC Less context switchingNo Mutex queue!?

10/23/2007 ecs251, fall 2007 43

UCDavis, ecs251Fall 2007 Priority Ceiling EmulationPriority Ceiling Emulation

Each thread has a static (base) default priority assigned (perhaps by the deadline monotonic scheme).

Each resource has a static ceiling value defined, this is the maximum priority of the threads that use it.

A thread has a dynamic (active) priority that is the maximum of its own static priority and the ceiling values of any resources it has locked

As a consequence, a thread will only suffer a block at the very beginning of its execution

Once the thread starts actually executing, all the resources it needs must be free; if they were not, then some thread would have an equal or higher priority and the thread’s execution would be postponed

10/23/2007 ecs251, fall 2007 44


Property #1Property #1

A job J can be blocked by a lower priority job Jlow, only if the priority of J is no higher than the highest ceiling of all locked mutexes by lower priority jobs before J is initiated.

10/23/2007 ecs251, fall 2007 45



Jj in a mutex Mj is preempted by Ji in another mutex Mi. Then, Jj can not inherit a priority higher than or equal to Ji until Ji completes.

10/23/2007 ecs251, fall 2007 46


How?How?

Jsuperhigh is blocked by Jj (so Jj will inherit) But, that mutex must not be locked yet. Jj will never reach there before Ji finishes.

10/23/2007 ecs251, fall 2007 47


Transitive BlockingTransitive Blocking

10/23/2007 ecs251, fall 2007 48


Transitive BlockingTransitive Blocking

PCP prevents Transitive Blocking J1, J2, J3

J3 blocks J2, and J2 blocks J1

J3 will inherit priority of J1, contradiction!

10/23/2007 ecs251, fall 2007 49


Deadlock Free of PCPDeadlock Free of PCP

10/23/2007 ecs251, fall 2007 50


Deadlock Free of PCPDeadlock Free of PCP

Circular waiting (circle must be two!) Both of them must need both mutexes!

10/23/2007 ecs251, fall 2007 51



Ji can be blocked by Jlow for at most one duration of mutex.

10/23/2007 ecs251, fall 2007 52


One duration blockOne duration block

Ji can be blocked once for all Jlow’s.

10/23/2007 ecs251, fall 2007 53


Priority Ceiling Protocols (PCP)Priority Ceiling Protocols (PCP) A higher priority thread can be blocked

at most once, in its life time, by one lower priority thread.

Deadlocks are prevented/avoided (?!). Transitive inheritance is prevented.

Are they really critical?

10/23/2007 ecs251, fall 2007 54


SummarySummary Priority Inversion Basic Priority Inheritance Priority Ceiling

– Upgraded when a higher priority task (might not be the same as the ceiling value) is blocked due to the Ceiling value

Priority Ceiling Emulation– Immediately upgraded to the ceiling value after

obtaining the lock

ecs251 fall 2007 : operating system models #3: priority inversion

Documents