2-1 Chapter 2 Real-Time Systems Concepts

2-2 Foreground/Background Systems BackgroundForeground ISR Time Code execution application consists of an infinite loop Interrupt service routines (ISRs) handle asynchronous event (foreground) The worst case task-level response time depends on how long the background loop takes to execute Because the execution time of typical code is not constant, the time for successive passes through a portion of the loop is nondeterministic

2-3 The critical section –A piece of code which cannot be interrupted during execution Cases of critical sections –Modifying a block of memory shared by multiple kernel services Process table Ready queue, waiting queue, delay queue, etc. –Modifying global variables used by kernel Entering a critical section –Disable global interrupt - disable() Leaving a critical section –Enable global interrupt - enable() Critical Section

2-4

2-5 Resource –EX: I/O, CPU, Memory, Printer, … Shared Resource –The resources which are shared among the tasks –Each task should gain exclusive access to the shared resource to prevent data corruption  Mutual exclusion Task and Thread (herein both terminology represent a same thing) –A simple program that thinks it has the CPU all to itself –Each task is an infinite loop –It has five state: Dormant, Ready, Running, Waiting, and ISR (Interrupted)

2-6 Figure 2.2 Multiple Task

2-7 Figure 2.3 Task States

2-8 Context Switch (or Task Switch) Each task has its stack to store the associated information The purpose of context switch –To make sure that the task, which is forced to give up CPU, can resume operation later without lost of any vital information or data The procedure of interrupt  MP_addr(n) : instruction(n) MP_addr(n+1) : instruction(n+1) MP_addr(n+2) : instruction(n+2)  Push flags Push MP_addr(n+1) PushCPU registers   ; isr codes  popCPU registers return ; jump back to ; MP_addr(n+1) Interrupt return from interrupt

2-9 Foreground/background programming –Context (CPU registers and interrupted program address) save and restore using one stack Multi-tasking context switch –Using each task’s own stack Return address (optional) Task1’s local variables Current CPU stack pointer Return address (optional) Task 2’s local variables when it was switched Task 2’s code address when it was switched CPU registers when Task 2 was switched Task 1 (to be switched from) stackTask 2 (to be switched to) stack

2-10 During context switch Return address (optional) Task1’s local variables Current Program address Return address (optional) Task 2’s local variables when it was switched Task 2’s code address when it was switched CPU registers when Task 2 was switched Task 1 stackTask 2 stack Current CPU registers Current CPU stack pointer Stack pointer ‧‧‧ Task 1 TCB Stack pointer ‧‧‧ Task 2 TCB

2-11 After context switch Return address (optional) Task1’s local variables Current CPU stack pointer Task 2 (current) stack Return address (optional) Task 1’s local variables when it was switched Task 1’s code address when it was switched CPU registers when Task 1 was switched Task 1 (suspended) stack

2-12 The Operations of Context Switch Rely Interrupt (hardware or software, into kernel mode) to do context switch –Push return address –Push FLAGS register ISR (context switch routine) –Push all register –Store sp to TCB (task control block) –Select a ready task which has the highest priority (Scheduler) –Restore the sp from the TCB of the new selected task –Pop all register –iret (interrupt return which will pop FLAGS and return address) Switch to new task

2-13 Scheduler Also called the dispatcher Determine which task will run next In a priority-based kernel, control of the CPU is always given to the highest priority task ready to run Two types of priority-based kernels –Non-preemptive –preemptive

2-14 Non-preemptive Task auto gives up the control of the CPU Also called cooperative multitasking –Tasks cooperate with each other to share the CPU advantages –Can use non-reentrant function –Without fear of corruption by another task (less need to guard shared data through the use of semaphores)  don’t require to disable Interrupt –Interrupt latency is typically low Def: Interrupt latency = Maximum amount of time interrupts are disable + Time to start executing the first instruction in the ISR –Task-level response time much lower than the foreground/background Worst case is the longest task time

2-15 Figure 2.4 Non-preemptive kernel

2-16 Preemptive Kernel Used in the high system responsiveness The highest priority task ready to run is always given control of the CPU –When a task make a higher priority task ready to run, the current task is preempted and the higher priority task is immediately given control of the CPU –If an ISR makes a higher priority task ready, when the ISR completes, the interrupted task is suspended and the new higher priority task is resumed The use of non-reentrant functions requires to cooperate with mutual exclusion semaphores

2-17 Figure 2.5 Preemptive kernel

2-18 Reentrancy Reentrant function –Can be used by more than one task in concurrent without fear of data corruption –Can be interrupted at any time and resumed at a later time without loss of data –Use local variable void strcpy(char *dest, char *src) { while (*dest++ = *src++) { ; } *dest = NUL; } int Temp; // global variable void swap(int *x, int *y) { Temp = *x; *x = *y; *y = Temp; } Listing 2.1 Reentrant function Listing 2.2 Non-reentrant function You can make swap() reentrant –Declare Temp local to swap() –Disable interrupts before the operation and enable them afterwards –Use a semaphore The arguments are placed on the task’s stack

2-19 Figure 2.6 Non-reentrant function

2-20 Task Priority Static priorities –The priority of each task does not change during the application’s execution Dynamic priorities –The priority of tasks can be changed during the application’s execution

2-21 Figure 2.7 Priority Inversion problem Task1 waits for the resource owned by Task3 The situation was aggravated when Task 2 preempted Task 3, which further delayed the execution of Task 1

2-22 Figure 2.8 Kernel that supports priority inheritance Raising the priority of Task 3 when the Task 1 want to access the resource When the Task3 release the resource, the priority of task3 restores to original priority level

2-23 Assigning Task Priorities Assigning task priorities is not a trivial undertaking More real-time systems have a combination of soft and hard requirements Rate Monotonic Scheduling (RMS) is used to assign task priorities based on how often tasks execute –The highest rate of execution are given the highest priority RMS makes a number of assumptions: –All tasks are periodic (they occur at regular intervals). –Tasks do not synchronize with one another, share resources, or exchange data. –The CPU must always execute the highest priority task that is ready to run. In other words, preemptive scheduling must be used. If meet the following inequality equation, all task HARD real-time deadlines will be met CPU utilization of all time- critical tasks should be less than 70% Other 30% can be used by non- time critical tasks

2-24 Mutual Exclusion Multiple tasks access same area (critical section) must ensure that each task has exclusive access to the data to avoid contention and data corruption The method of exclusive access –Disabling interrupts –Performing test-and-set operations –Disabling scheduling –Using semaphores

2-25 Disabling and enabling interrupts uc/OS-II provides two macros to disable/enable interrupt Disable interrupts; Access the resource (read/write from/to variables); Reenable interrupts; void Function (void) { OS_ENTER_CRITICAL();.. /* You can access shared data in here */. OS_EXIT_CRITICAL(); } Not to disable interrupts for too long –Affect the response of your system to interrupts (interrupt latency) This method is the only way that a task can share variables or data structures with an ISR

2-26 Test-and-Set (TAS) –Must be performed indivisibly (by the processor), or you must disable interrupts when doing the TAS on the variable Disable interrupts; if (‘Access Variable’ is 0) { Set variable to 1; Reenable interrupts; Access the resource; Disable interrupts; Set the ‘Access Variable’ back to 0; Reenable interrupts; } else { Reenable interrupts; /* You don’t have access to the resource, try back later; */ } Some processor actually implement a TAS operation in hardware (e.g., family)

2-27 Disabling and Enabling the Scheduler –If no shared variables or data structures with an ISR, we can disable and enable scheduling –Two or more tasks can share data without contention –While the scheduler is locked, interrupts are enable If the ISR generates a new event which enables a higher priority, the higher priority will be run when the OSSchedunlock() is called. void Function (void) { OSSchedLock();.. /* You can access shared data in here */. OSSchedUnlock(); }

2-28 Semaphores Semaphores are used to –Control access to a shared resource (mutual exclusion) –Signal the occurrence of an event –Allow two tasks to synchronize their activities Two types of semaphores –Binary semaphores –Counting semaphores Three operations of a semaphore –INITIALIZE (called CREATE) –WAIT (called PEND) –SIGNAL (called POST) --Release semaphore Highest priority task waiting for the semaphore is activized (uCOS-II supports this one) First task that requested the semaphore is activized (FIFO)

2-29 Accessing shared data by obtaining a semaphore OS_EVENT *SharedDataSem; void Function (void) { INT8U err; OSSemPend(SharedDataSem, 0, &err);.. /* You can access shared data in here (interrupts are recognized) */. OSSemPost(SharedDataSem); }

2-30 Control of shared resources (multual exclusion) –e.g., single display device task1(... ) {... printf("This is task 1.");... } task2(... ) {... printf("This is task 2.");... } ThiThsi siis ttasaks k12.. Results may be: Exclusive usage of certain resources (e.g., shared memory)

2-31 Solution: using a semaphore and initialized it to 1 Each task must know about the existence of semaphore in order to access the resource –Some situations may encapsulate the semaphore is better

2-32 INT8U CommSendCmd(char *cmd, char *response, INT16U timeout) { Acquire port's semaphore; Send command to device; Wait for response (with timeout); if (timed out) { Release semaphore; return (error code); } else { Release semaphore; return (no error); } } Figure 2.11 Hiding a semaphore from tasks

2-33 Counting semaphore BUF *BufReq(void) { BUF *ptr; Acquire a semaphore; Disable interrupts; ptr = BufFreeList; BufFreeList = ptr->BufNext; Enable interrupts; return (ptr); } void BufRel(BUF *ptr) { Disable interrupts; ptr->BufNext = BufFreeList; BufFreeList = ptr; Enable interrupts; Release semaphore; }

2-34 Deadlock To avoid a deadlock the tasks is –Acquire all resources before proceeding –Acquire the resources in the same order –Release the resources in the reverse order Using timeout when acquiring a semaphore –When a timeout occur, a return error code prevents the task form thinking it has obtained the resource. Deadlocks generally occur in large multitasking systems, not in embedded systems

2-35 Synchronization A task can be synchronized with an ISR or a task –A task initiates an I/O operation and waits for the semaphore –When the I/O operation is complete, an ISR (or another task) signals the semaphore and the task is resumed Tasks synchronizing their activities Unilateral rendezvous bilateral rendezvous

2-36 Bilateral rendezvous Task1() { for (;;) { Perform operation; Signal task #2; (1) Wait for signal from task #2; (2) Continue operation; } } Task2() { for (;;) { Perform operation; Signal task #1; (3) Wait for signal from task #1; (4) Continue operation; } }

2-37 Event Flags (uCOS-II supports Event flags) Used in a task needs to synchronize with the occurrence of multiple events

2-38 Common events can be used to signal multiple tasks

2-39 Intertask Communication A task or an ISR to communicate information to another task There are two ways of intertask communication –Through global data (disable/enable interrupts or using semaphore) Task can only communicate information to an ISR by using global variables –Can only use disable interrupt to ensure exclusive access Task can not aware any global variable is changed (unless using semaphore or task periodical polling) –Sending messages Message mailbox or message queue (task can be aware of the data change)

2-40 Message Mailboxes (using pointer-size variable) A task desiring a message from an empty mailbox is suspended and placed on the waiting list until a message is received Kernel allows the task waiting for a message to specify a timeout When a message is deposited into the mailbox, how to select a task from the waiting list –Priority based –FIFO uC/OS-II provides following kernel mailbox services –Initialize the contents of a mailbox (create) –Deposit a message (post) –Wait for a message (pend0 –Get a message from a mailbox, if one is present, but do not suspnd the caller if the mailbox is empty (accept) Waiting list

2-41 Message queues Is used to send one or more messages to a task A task or an ISR can deposit a message into a message queue One or more tasks can receive messages through a service provided by the kernel A waiting list is associated with each message queue Allow the task waiting for a message to specify a timeout Is basically an array of mailboxes The first message inserted in the queue will be the first message extracted from the queue (FIFO) or Last-In_first-Out (LIFO)

2-42 Interrupts When an interrupt is recognized, the CPU saves –Return address (interrupted task) –Flags Jump to Interrupt Service Routine (ISR) Upon completion of the ISR, the program returns to –Background for a Foreground/background system –The interrupted task for a non-preemptive kernel –The highest priority task ready to run for a preemptive kernel Interrupt Nesting

2-43 Interrupt latency, Response, and Recovery The most important specification of a real-time kernel is the amount of time interrupts are disabled –The longer interrupts are disabled, the higher the interrupt latency Interrupt latency –Maximum amount of time interrupts are disabled + Time to start executing the first instruction in the ISR Interrupt response ( defined as the time between the reception of the interrupt and the start of the user code that handles the interrupt ) –Foreground/background –Non-preemptive kernel (don’t need to disable interrupt) –Preemptive kernel Interrupt recovery ( the time required for the processor to return to the interrupted code) –Foreground/background –Non-preemptive kernel –Preemptive kernel Interrupt latency + Time to save the CPU's context Interrupt latency + Time to save the CPU's context + Execution time of the kernel ISR entry function (OSIntEnter()) Time to restore the CPU's context + Time to execute the return from interrupt instruction Time to determine if a higher priority task is ready + Time to restore the CPU's context of the highest priority task + Time to execute the return from interrupt instruction

2-44 Figure 2.20 Interrupt latency, response, and recovery (foreground/background)

2-45 Figure 2.21 Interrupt latency, response, and recovery (non-preemptive kernel)

2-46 Figure 2.22 Interrupt latency, response, and recovery (preemptive kernel) (context switch)

2-47 Nonmaskable Interrupts (NMIs) NMI cannot be disabled –Interrupt latency, response, and recovery are minimal –Interrupt latency –Interrupt response –Interrupt recovery Because NMIs can not be disabled to access critical sections of code, you can not use kernel services to signal a task Ex: Used NMI in an application to respond to an interrupt occurred every 150 us. An ISR which will take the processing time from 80 to 125 us, and the kernel may disable interrupt for about 45 us. Then if we use maskable interrupt, the ISR could have been late by 20 us ( > 150). Time to execute longest instruction +Time to start executing the NMI ISR Interrupt latency +Time to save the CPU's context Time to restore the CPU's context +Time to execute the return from interrupt instruction Disableing Nonmaskable interrupts

2-48 When you are serving an NMI, you cannot use kernel services to signal a task because NMIs cannot be disabled to access critical sections of code. You can pass parameters to and from the NMI. –Parameters passed must be global variables and the size of these variables must be read or written indivisibly; that is, not as separate byte read or write instructions. EX: suppose the NMI service routine needs to signal a task every 40 times it executes –If the NMi occurs every 150us, a signal would be required every 40 * 150us = 6ms. –From a NMI ISR, you cannot use the kernel to signal the task, but you can use the following scheme Signaling a task from a nonmaskable interrupt Every 150 us Every 150us*40 = 6ms

2-49 Clock Tick A special interrupt that occurs periodically Allows kernel to delay task for an internal number of clock ticks To provide timeout when task are waiting for event to occur The faster the tick rate, the higher the overhead imposed on the system

2-50 Figure 2.25 delaying a task for one tick (case 1) Due to the higher priority tasks and the ISRs execute prior to the delayed task, the delayed task actually executes at varying intervals ( we call this variance is jitter )

2-51 Figure 2.26 Delaying a task for one tick (case 2) If the task delays itself just before a clock tick, the task will execute again almost immediately Because of this, if you need to delay a task at least one clock tick, you must specify one extra tick. In other words, if you need to delay a tak for at least five ticks, you must specify six ticks

2-52 Figure 2.27 delaying a task for one tick (case 3) The task tries to delay for one tick actually executes two ticks later and may miss its deadline

2-53 Reduce the execution jitter of the task –Increase the clock rate of your microprocessor. –Increase the time between tick interrupts. –Rearrange task priorities. –Avoid using floating-point math (if you must, use single precision). –Get a compiler that performs better code optimization. –Write time-critical code in assembly language. –If possible, upgrade to a faster microprocessor in the same family, e.g., 8086 to 80186, to 68020, etc.

2-54 Periodic timer interrupt

2-55 The Dummy Tick ISR overhead in different tick resolution

2-56 Aperiodic Timer interrupt ATR (Adjustable Timer Resolution) –ATR calculate the period of the next tick clock interrupt and then set it to an external timer –The RTOS do context switching as long as tick clock interrupt occurs –Context switch level’s tick clock interrupt

2-57 ATR

2-58 The drawback of aperiodic timer interrupt Time Drift –The OS should reload the time count register on ATR Time Skew –The time variable is updated irregularly on ATR

2-59 The drawback of aperiodic timer interrupt (cont.)

2-60 Homework 2 Under 80x86 PC with uCOS-II to design a clock/stopwatch system –The clock system and stopwatch system can be operated concurrently (i.e., when we are setting the clock time, the stopwatch system also can work normally) HH:MM:SS SS:xx instruction: how to operation the clock system and stopwatch system with keyboard