ucdavis, ecs150 fall 2007 10/23/2007ecs150, fall 20071 operating system ecs150 fall 2007 : operating...

10/23/2007 ecs150, fall 2007 1

UCDavis, ecs150Fall 2007

ecs150 Fall 2007:Operating SystemOperating System#3: Priority Inversion(a paper on the class website)

Dr. S. Felix Wu

Computer Science Department

University of California, Davishttp://www.cs.ucdavis.edu/~wu/

[email protected]

10/23/2007 ecs150, fall 2007 2

UCDavis, ecs150Fall 2007 Priority SchedulingPriority Scheduling

A priority number (integer) is associated with each process

The CPU is allocated to the process with the highest priority (smallest integer highest priority).

– Preemptive

– Non-preemptive SJF is a priority scheduling scheme where

priority is the predicted next CPU burst time. FCFS is a priority scheduling scheme where

priority is the arrival time. Lottery scheduling is a probabilistic priority

scheduling scheme where the priority is the ticket number.

10/23/2007 ecs150, fall 2007 3


““Fixed” PriorityFixed” Priority

What is it?– The process sticks with the origin assigned priority.

A good or bad idea?– Have we learned the lesson from HW#2?

What other possible policy?– Dynamic policy.

Problem Starvation – low priority processes may never execute.

Solution Aging – as time progresses increase the priority of the process.

10/23/2007 ecs150, fall 2007 4


1

0

0

1

0

1

::.

256 different priorities64 scheduling classes

RR

10/23/2007 ecs150, fall 2007 5


Real-Time SchedulingReal-Time Scheduling Hard real-time systems – required to complete a

critical task within a guaranteed amount of time.– Resource reservation- guarantees on time completion or

rejects process

Soft real-time computing – requires that critical processes receive priority over less fortunate ones.

10/23/2007 ecs150, fall 2007 6


Unexpected EffectsUnexpected Effectsbetween two OS control mechanismsbetween two OS control mechanisms

Real-time priority scheduling– Responsiveness: if a higher priority thread

appears, serve it asap. Mutual exclusion

– Integrity: if a higher priority thread wants to enter a critical section being hold by a lower priority thread, it has to wait for the lower priority thread to leave “the critical section”.

10/23/2007 ecs150, fall 2007 7


pthread_mutex_lock

pthread_mutex_unlock

1

0

0

1

0

1

::.

256 different priorities64 scheduling classes

RR

10/23/2007 ecs150, fall 2007 8


10/23/2007 ecs150, fall 2007 9


Real-Time ThreadsReal-Time Threads

Thread τ1 L L L Rx L

Thread τ2 L L ... L

Thread τ3 L L L Rx L ... L

L: local CPU burst R: resource required (Mutual Exclusion)

10/23/2007 ecs150, fall 2007 10


ExampleExample

Suppose that threads τ1 and τ3 share some data.

Access to the data is restricted using semaphore x:– each task executes the following code:

do local work (L) sem_wait(s) (P(x))

– access shared resource (R) sem_signal(s) (V(x)) do more local work (L)

10/23/2007 ecs150, fall 2007 11

UCDavis, ecs150Fall 2007 BlockingBlocking

τ2

τ3

t0 t+3 t+4

RL L L R

R L τ1

t+6

L L L

Blocked!

10/23/2007 ecs150, fall 2007 12

UCDavis, ecs150Fall 2007 The middle thread

τ2

τ3

t0 t+3

L L L R

τ1 L L L

Blocked!

t+2

10/23/2007 ecs150, fall 2007 13

UCDavis, ecs150Fall 2007 Unbounded Priority InversionUnbounded Priority Inversion

τ2

τ3

t0 t+3 t+253

RL L L R

R L τ1

t+254

L L L

...L L

Blocked!

t+2

10/23/2007 ecs150, fall 2007 14

UCDavis, ecs150Fall 2007 Unbounded Priority InversionUnbounded Priority Inversion

τ2-1

τ3

t0 t+3 t+2530

RL L L R

R L τ1

t+2 t+2540

L L L

L

Blocked!

τ2-2

τ2-n

L

L

10/23/2007 ecs150, fall 2007 15


The problem..The problem..

Do we have Priority Inversion in the FreeBSD kernel with XYZ scheduling policy?

As long as we have priority and mutual exclusion at the same time, we will have some form of priority inversion.

How to resolve it? trade-off?

10/23/2007 ecs150, fall 2007 16

UCDavis, ecs150Fall 2007 Priority InheritancePriority Inheritance

τ2

τ3

t0 t+3 t+4

L ... L

L L L R

R L τ1

t+2 t+6

L L L

R

Blocked!

dynamic 3 = 1

L ... L

10/23/2007 ecs150, fall 2007 17


Priority Inheritance ProtocolsPriority Inheritance Protocols

L. Sha, R. Rajkumar, J. Lehoczky, “Priority Inheritance Protocols: An Approach to Real-Time Synchronization”, IEEE Transactions on Computers, Vol. 39, No. 9, pp. 1175-1185, 1990

10/23/2007 ecs150, fall 2007 18


The MARS Pathfinder ProblemThe MARS Pathfinder Problem“But a few days into the mission, not long after Pathfinder started gathering meteorological data, the spacecraft began experiencing total system resets, each resulting in losses of data. The press reported these failures in terms such as "software glitches" and "the computer was trying to do too many things at once".” …

10/23/2007 ecs150, fall 2007 19


The MARS Pathfinder ProblemThe MARS Pathfinder Problem“VxWorks provides preemptive priority scheduling of threads. Tasks on the Pathfinder spacecraft were executed as threads with priorities that were assigned in the usual manner reflecting the relative urgency of these tasks.”“Pathfinder contained an "information bus", which you can think of as a shared memory area used for passing information between different components of the spacecraft. A bus management task ran frequently with high priority to move certain kinds of data in and out of the information bus. Access to the bus was synchronized with mutual exclusion locks (mutexes).”

10/23/2007 ecs150, fall 2007 20


“The meteorological data gathering task ran as an infrequent, low priority thread, and used the information bus to publish its data. When publishing its data, it would acquire a mutex, do writes to the bus, and release the mutex. If an interrupt caused the information bus thread to be scheduled while this mutex was held, and if the information bus thread then attempted to acquire this same mutex in order to retrieve published data, this would cause it to block on the mutex, waiting until the meteorological thread released the mutex before it could continue. The spacecraft also contained a communications task that ran with medium priority.”

High priority: retrieval of data from shared memoryMedium priority: communications taskLow priority: thread collecting meteorological data

10/23/2007 ecs150, fall 2007 21


“Most of the time this combination worked fine. However, very infrequently it was possible for an interrupt to occur that caused the (medium priority) communications task to be scheduled during the short interval while the (high priority) information bus thread was blocked waiting for the (low priority) meteorological data thread. In this case, the long-running communications task, having higher priority than the meteorological task, would prevent it from running, consequently preventing the blocked information bus task from running. After some time had passed, a watchdog timer would go off, notice that the data bus task had not been executed for some time, conclude that something had gone drastically wrong, and initiate a total system reset. This scenario is a classic case of priority inversion.”

10/23/2007 ecs150, fall 2007 22


Priority inheritance also solved the Mars Pathfinder problem: the VxWorks operating system used in the pathfinder implements a flag for the calls to mutex primitives. This flag allows priority inheritance to be set to “on”. When the software was shipped, it was set to “off”.

The problem on Mars was corrected by using the debugging facilities of VxWorks to change the flag to “on”, while the Pathfinder was already on the Mars [Jones, 1997].

The problem on Mars was corrected by using the debugging facilities of VxWorks to change the flag to “on”, while the Pathfinder was already on the Mars [Jones, 1997].

10/23/2007 ecs150, fall 2007 23


Basic Priority InheritanceBasic Priority Inheritance For each resource (semaphore), a list of blocked

threads must be stored in a priority queue. A thread τi uses its assigned priority, unless it is in

its critical section and blocks some higher priority threads, in which case, thread τi uses ( inherits ) the highest dynamic priority of all the threads it blocks.

Priority inheritance is transitive; that is, if thread τi

blocks τj and τj blocks τk , then τi can inherit the priority of τk.

10/23/2007 ecs150, fall 2007 24

UCDavis, ecs150Fall 2007 mutex priority inheritancemutex priority inheritance

pthread_mutex_lock


t t t

waiting queue

t

priority

10/23/2007 ecs150, fall 2007 25


pthread_mutex_lock


M1 t t t

waiting queue

t

priority

pthread_mutex_lock


M2 t t t

waiting queue

priority

10/23/2007 ecs150, fall 2007 26

UCDavis, ecs150Fall 2007 Transitive PriorityTransitive Priority

pthread_mutex_lock


M1 t t t

waiting queue

tpriority

pthread_mutex_lock


M2 t t

waiting queue

t

priority

10/23/2007 ecs150, fall 2007 27


Types of BlockingTypes of Blocking

Direct - thread τ1 and τ2 use a shared resource. If the low priority thread is in its critical section, then it directly blocks the high priority thread.

Indirect (push-through) - if a low priority thread inherits the priority of a high priority thread, a medium priority thread can be blocked while the low priority thread is in its critical section.

10/23/2007 ecs150, fall 2007 28


Properties of Priority Properties of Priority InheritanceInheritance

Under the basic priority inheritance protocol, if there are m semaphores that can block a thread J, then J can be blocked at most m times; i.e., on each semaphore at most once.

10/23/2007 ecs150, fall 2007 29


Any Problems with the basic Any Problems with the basic Priority Inheritance Protocol?Priority Inheritance Protocol?

???

10/23/2007 ecs150, fall 2007 30

UCDavis, ecs150Fall 2007 ProblemsProblems

The Basic Priority Inheritance Protocol has two problems:– Deadlock - two threads need to access a pair of

shared resources simultaneously. If the resources, say A and B, are accessed in opposite orders by each thread, then deadlock may occur.

– Blocking Chain - the blocking duration is bounded (by at most the sum of critical section times), but that may be substantial.

10/23/2007 ecs150, fall 2007 31


pthread_mutex_lock


M1 t t t

waiting queue

tpriority

pthread_mutex_lock


M2 t t t

waiting queue

priority

t

10/23/2007 ecs150, fall 2007 32


Blocking Chain ExampleBlocking Chain Example

Task 1 : L R2 L R3 L R4 L ... L Rn L, 2(n-1)

Task 2 : L R2 R2, 2(n-2)

Task 3 : L R3 R3, 2(n-3)

Task 4 : L R4 R4, 2(n-4) ... Task n-1 : L Rn-1 Rn-1, 2(n-(n-

1)) Task n : L Rn Rn, 2(n-n)

starting time

10/23/2007 ecs150, fall 2007 33


Blocking ChainBlocking Chain

τ2

τn

0

L Rn

τ1

Rn

Rn L

L R2 R2

Blocked!

L R2 L

Blocked!

10/23/2007 ecs150, fall 2007 34


Different Timing?Different Timing?

τ2

τn

0

L Rn

τ1

Rn

Rn L

L R2 R2

Blocked!

L R2 L

Blocked!

???

10/23/2007 ecs150, fall 2007 35


Different Timing??Different Timing??

Task 1 : L R2 L R3 L R4 L ... L Rn L, 2(n-1)

Task 2 : L R2 R2, 2(n-n)

Task 3 : L R3 R3, 2(n-(n-1))

Task 4 : L R4 R4, 2(n-(n-2)) ... Task n-1 : L Rn-1 Rn-1, 2(n-3)

Task n : L Rn Rn, 2(n-2)

starting time

How many times Task 1 will be blocked?

10/23/2007 ecs150, fall 2007 36


Priority Ceiling Protocols (PCP)Priority Ceiling Protocols (PCP) A higher priority thread can be blocked

at most once, in its life time, by one lower priority thread.

Deadlocks are prevented/avoided (?!). Transitive inheritance is prevented.

Are they really critical?

10/23/2007 ecs150, fall 2007 37


PCPPCP

How do we accomplish these goals intuitively?

10/23/2007 ecs150, fall 2007 38


Locking a MutexLocking a Mutex If the “mutex M” is available and “thread

T” needs it , should T lock it?

pthread_mutex_lock


tMutex??Mutex + Priority Inheritance??

10/23/2007 ecs150, fall 2007 39


Risk for Locking a MutexRisk for Locking a Mutex If the “mutex M” is available and “thread

T” needs it , should T lock it?

pthread_mutex_lock


t

tChecking before Locking it!!

We don’t know whether the high priority thread will occur in the next X seconds!

But, does it matter?

10/23/2007 ecs150, fall 2007 40


““Checking” What??Checking” What??

10/23/2007 ecs150, fall 2007 41



What is our goal?– High priority thread will be blocked at most

once.– We will allow blocking ONCE.

Idea of the check:– If we are the first Mutex, we lock it.– If we are not the first, we will not.

But, how to design/implement this idea?

10/23/2007 ecs150, fall 2007 42



Idea of the check:– If we are the first Mutex, we lock it.– If we are not the first, we will not.– But, why wait?

We wait for a good reason– If we lock it and some higher priority threads might

be blocked more than ONCE, then we better wait twice…

– But, how do we know that this is the case?– How do we know whether the high priority thread

will show up?

10/23/2007 ecs150, fall 2007 43


PCPPCP The protocol uses the notion of a system-wide

mutex ceiling priority. Each thread has a static default priority

assigned. Each resource (mutex) has a static ceiling

priority defined to be the maximum static priority of any thread that uses it.

Each thread has a dynamic priority equal to the maximum of its own default priority and any priority it inherits due to blocking a higher priority thread.

10/23/2007 ecs150, fall 2007 44

UCDavis, ecs150Fall 2007 mutex priority ceilingmutex priority ceiling

pthread_mutex_lock


t t t

potential customers

PC

priority

A preventive action(could be unnecessary though)

10/23/2007 ecs150, fall 2007 45

UCDavis, ecs150Fall 2007 PCPPCP

At run-time, if a thread wants to lock a mutex, its priority must be strictly higher than the ceilings of all mutexes currently locked by other threads (unless it is the thread holding the lock on the mutex with the highest ceiling).

If this condition is not satisfied, then the thread is blocked.

When a thread is blocked on a mutex, the thread currently holding the waited mutex inherits the priority of the blocked thread.

10/23/2007 ecs150, fall 2007 46

UCDavis, ecs150Fall 2007 Priority CeilingPriority Ceiling

Should I get it?Should I get it?

PC

PC

PC

PC

PC

PC

PC

PC

lockedunlocked

MaxPCvalue

thread t2

???4 thread t4

2 thread t3

2

4

10/23/2007 ecs150, fall 2007 47

UCDavis, ecs150Fall 2007 Mutex/PIPMutex/PIP

Get it as long as it is available!Get it as long as it is available!

PC

PC

PC

PC

PC

PC

PC

PC

lockedunlocked

MaxPCvalue

thread t2

YES4 thread t4

1 thread t3

2

4

10/23/2007 ecs150, fall 2007 48


Not so FastNot so Fast

PC

PC

PC

PC

PC

PC

PC

PC

lockedunlocked

MaxPCvalue

thread t2

NO4 thread t4

1 thread t3

2

4

10/23/2007 ecs150, fall 2007 49


Not so FastNot so Fast

PC

PC

PC

PC

PC

PC

PC

PC

lockedunlocked

MaxPCvalue

thread t2

NO4 thread t4

2 thread t3

3

4

10/23/2007 ecs150, fall 2007 50


How about???How about???

PC

PC

PC

PC

PC

PC

PC

PC

lockedunlocked

MaxPCvalue

thread t2

??4 thread t4

2 thread t2

3

4 thread t20

thread t11

10/23/2007 ecs150, fall 2007 51

UCDavis, ecs150Fall 2007 PCP mutex blockingPCP mutex blocking

PC

PC

PC

PC

PC

PC

PC

PC

lockedunlocked

MaxPCvalue

thread t1

??thread t2

thread t3

10/23/2007 ecs150, fall 2007 52


Are we sure about the claim of Are we sure about the claim of PCP?PCP?

A higher priority thread can be blocked at most once, in its life time, by one lower priority thread.

Deadlocks are prevented/avoided.

Try to find a “Counter Example” to show that PCP’s claim is FALSE!!

10/23/2007 ecs150, fall 2007 53


4

3

2

1

0 2 4 6 8 10 12 14 16 18Executing

Executing with Q locked

Preempted

Executing with V locked

Blocked

Tasks

Ceiling-driven IndirectlyBlocked

10/23/2007 ecs150, fall 2007 54


4

3

2

1

0 2 4 6 8 10 12 14 16 18Executing


Preempted


Blocked

Priority Inversion


10/23/2007 ecs150, fall 2007 55


4

3

2

1

0 2 4 6 8 10 12 14 16 18Executing


Preempted


Blocked

Priority Inversion Area


10/23/2007 ecs150, fall 2007 56


1114

3

2

1

0 2 4 6 8 10 12 14 16 18

Process

1

Basic Priority Inheritance

10/23/2007 ecs150, fall 2007 57


22 124

3

2

1

0 2 4 6 8 10 12 14 16 18

Process

1

Priority Ceiling1 1

locked

10/23/2007 ecs150, fall 2007 58


22 224

3

2

1

0 2 4 6 8 10 12 14 16 18

Process

1

Priority Ceiling (1 delay)1 1

locked

10/23/2007 ecs150, fall 2007 59


Can we do better??Can we do better??

10/23/2007 ecs150, fall 2007 60


1111a

b

c

d

0 2 4 6 8 10 12 14 16 18

process

11

Priority Ceiling Emulation1 1

10/23/2007 ecs150, fall 2007 61

UCDavis, ecs150Fall 2007 Priority Ceiling EmulationPriority Ceiling Emulation

Each thread has a static (base) default priority assigned (perhaps by the deadline monotonic scheme).

Each resource has a static ceiling value defined, this is the maximum priority of the threads that use it.

A thread has a dynamic (active) priority that is the maximum of its own static priority and the ceiling values of any resources it has locked

As a consequence, a thread will only suffer a block at the very beginning of its execution

Once the thread starts actually executing, all the resources it needs must be free; if they were not, then some thread would have an equal or higher priority and the thread’s execution would be postponed

10/23/2007 ecs150, fall 2007 62


SummarySummary

Priority Inversion Basic Priority Inheritance Priority Ceiling

– Upgraded when a higher priority task (might not be the same as the ceiling value) is blocked due to the Ceiling value

Priority Ceiling Emulation– Immediately upgraded to the ceiling value after

obtaining the lock

10/23/2007 ecs150, fall 2007 63

UCDavis, ecs150Fall 2007 Semaphore RequirementsSemaphore Requirements

Threads must lock and unlock semaphores in a “nested” or “pyramid” fashion:– Let P(S) = L(S) = lock(S) = sem_wait(S).

– Let V(S) = U(S) = unlock(S) = sem_signal(S).

– Example: P(s1);P(s2);P(s3);...;V(s3);V(s2);V(s1);

s1

s2

s3

10/23/2007 ecs150, fall 2007 64


J, Pri(J) = 1 I, Pri(I) = 120

J,80% I J I

I J J J I J J J J J J J I J J J J I J J

10/23/2007 ecs150, fall 2007 65


Lottery Ticket SharingLottery Ticket Sharing

If task I is blocked by task J, all I’s tickets will be used by J until the block is gone.

10/23/2007 ecs150, fall 2007 66


LT Sharing vs. PILT Sharing vs. PI

LTS: summation of tickets for ALL waiting processes.– With Lottery Tickets, we can ADD “priority

quantities” together. PI: the highest priority among ALL waiting

processes.– What is the semantic meaning of “adding”

priorities together?

ucdavis, ecs150 fall 2007 10/23/2007ecs150, fall 20071 operating system ecs150 fall 2007 : operating...

Documents

priority inversion

fixed priority

higher priority thread

lower priority thread

priority number integer

unbounded priority invers

scheduling classes rr

mutual exclusion slide