Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Priority Inversion
Its not a good thing It can have disastrous results
Mars Pathfinder Therac-25
It can (and does) happen to the very best of the best experts!
Priority Inversion
General Description
A low priority thread blocks a ready and willing high-priority thread indefinitely (Samek, p. 231) The highest priority task is prevented from running and completing a task on time
Dining Philosophers
Philosophers alternate periods of eating and thinking When a philosopher wants to eat, he tries to acquire 2 forks If he is successful, he gets to eat for awhile, puts down the forks and continues to think How do we make this happen continuously without getting stuck? (resource allocation) Cant all eat at once or think at once
Phil. C is the most important philosopher but very thin Phil. B is a middle level philosopher Phil. A is an amateur, low-level philosopher, very portly Scenario: Phil C picks up a fork Phil B grabs the other fork before Phil C can get to it. In the meantime, Phil A picks up two forks and eats while C and B are gridlocked The group of philosophers are never blessed with the important philosophy of Phil. C (because he starves to death) and have to settle for the inane and inaccurate philosophy of portly Phil. A!
Priority Inversion
Illustration (memory allocation)
Solutions/preventions:
Semaphore: a protected variable and is a classic method for restricting access to shared resources Mutex: mutually exclusive semaphore - allows multiple threads to synchronize access to a shared resource Priority inheritance mutex:
A low priority task inherits the priority of any higher priority task pending on a resource they share. Priority changes as soon as the high-priority task begins to pend and ends when the resource is released. Requires help from the operating system
Priority Inheritance
Solutions/preventions:
Priority ceiling mutex:
Associates a priority with each resource Scheduler transfers that priority to any task that accesses the resource Priority assigned to the resource is the priority of the highest-priority user, plus one. When a task is finished with the resource, priority returns to normal. Semaphores are not needed, tasks can share resources simply by changing priorities
Priority Ceiling
Solutions/preventions:
If ceilings are chosen properly (not too high or too low)priority ceiling mutex is:
faster causes fewer context switches much easier for static timing analysis
than priority inheritance mutex Bulletproof: priority ceiling protocol (Sha, et al.) Combination of ceiling and inheritance
Mars Pathfinder
Bus manager tasks communicated through a pipe along with a low-priority meteorological science task. Some medium priority tasks preempted the low-priority science task and kept the highpriority distribution manager waiting too long.
Mars Pathfinder
Another bus scheduler became active and checked on the high-priority distribution manager, noticed its task wasnt complete on time and caused a system reset. The fix: Windriver (software people) had left an inactive workaround in place. JPL had to enable it remotely. (Barr, Embedded Systems Programming)
Therac-25
Computer-controlled radiation therapy machine Severely overdosed 6 people causing 2 painful deaths Intended dose: 100-200 rads Delivered dose: 13,00025,000 rads
Therac-25
The problem:
If treatment data was submitted through the console within 8 seconds, the unit could end up partially set for xray treatment and partially set for electron treatment Impossible to determine mode of operation at any given time
-Samek: bottom-up design process and the problem still exists today only with some concurrency patches included.
Questions?