Page 1 On the Automatic Evolution of an OS Kernel using Temporal Logic and AOP Julia L. Lawall DIKU, University of Copenhagen Joint work with: Rickard.

Slides:

Advertisements

Similar presentations

1 Verification by Model Checking. 2 Part 1 : Motivation.

Advertisements

Jeremy S. Bradbury, James R. Cordy, Juergen Dingel, Michel Wermelinger

An Adaptive Policy-Based Framework for Network Service Management Leonidas Lymberopoulos Emil Lupu Morris Sloman Department of Computing Imperial College.

purpose Search : automation methods for device driver development in IP-based embedded systems in order to achieve high reliability, productivity, reusability.

Threads, SMP, and Microkernels

DJ Example in UAV Context Karl Lieberherr. Frame Structure Frame X1 X2X3X4X5 AX6X7BX8 Annotation.

Identifying, Modifying, Creating, and Removing Monitor Rules for SOC Ricardo Contreras Andrea Zisman

Documenting and Automating Collateral Evolutions in Linux Device Drivers Yoann Padioleau Ecole des Mines de Nantes (now at UIUC) with Julia Lawall and.

Constructing Component-Based Extension Interfaces in Legacy Systems Code Gilles Muller École des Mines de Nantes Julia Lawall DIKU, University of Copenhagen.

Silberschatz, Galvin and Gagne ©2009Operating System Concepts – 8 th Edition Chapter 4: Threads.

Building Enterprise Applications Using Visual Studio ®.NET Enterprise Architect.

Lesson 18: Configuring Application Restriction Policies

Automata and Formal Lanugages Büchi Automata and Model Checking Ralf Möller based on slides by Chang-Beom Choi Provable Software Lab, KAIST.

Design patterns Observer,Strategi, Composite,Template (Chap 5, 6)

Silberschatz, Galvin and Gagne ©2009Operating System Concepts – 8 th Edition Chapter 4: Threads.

1 FM Overview of Adaptation. 2 FM RAPIDware: Component-Based Design of Adaptive and Dependable Middleware Project Investigators: Philip McKinley, Kurt.

1 An introduction to design patterns Based on material produced by John Vlissides and Douglas C. Schmidt.

Using Microsoft SharePoint to Develop Workflow and Business Process Automation Ted Perrotte National Practice Manager, Quilogy, Microsoft Office SharePoint.

Securing Legacy Software SoBeNet User group meeting 25/06/2004.

Introduction to the Enterprise Library. Sounds familiar? Writing a component to encapsulate data access Building a component that allows you to log errors.

REFACTORING Lecture 4. Definition Refactoring is a process of changing the internal structure of the program, not affecting its external behavior and.

Framework for Automated Builds Natalia Ratnikova CHEP’03.

MVC and MVP. References enter.html enter.html

Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Chapter 4: Threads.

Silberschatz, Galvin and Gagne ©2011Operating System Concepts Essentials – 8 th Edition Chapter 4: Threads.

Maximilian Berger David Gstir Thomas Fahringer Distributed and parallel Systems Group University of Innsbruck Austria Oct, 13, Krakow, PL.

11 MANAGING AND DISTRIBUTING SOFTWARE BY USING GROUP POLICY Chapter 5.

Dynamic Choreographies Safe Runtime Updates of Distributed Applications Ivan Lanese Computer Science Department University of Bologna/INRIA Italy Joint.

SAMANVITHA RAMAYANAM 18 TH FEBRUARY 2010 CPE 691 LAYERED APPLICATION.

Language Design for Implementing Process Scheduling Hierarchies Julia L. Lawall DIKU, University of Copenhagen Gilles Muller, Hervé Duchesne Ecole des.

Generative Middleware Specializations for Distributed, Real-time and Embedded Systems Institute for Software Integrated Systems Dept of EECS, Vanderbilt.

Ihr Logo Operating Systems Internals & Design Principles Fifth Edition William Stallings Chapter 2 (Part II) Operating System Overview.

Cooperative Task Management without Manual Stack Management or, Event-driven programming is Not the Opposite of Threaded Programming Atul Adya, Jon Howell,

Operating System 2 Overview. OPERATING SYSTEM OBJECTIVES AND FUNCTIONS.

1 An Aspect-Oriented Implementation Method Sérgio Soares CIn – UFPE Orientador: Paulo Borba.

An OBSM method for Real Time Embedded Systems Veronica Eyo Sharvari Joshi.

1 Threads, SMP, and Microkernels Chapter Multithreading Operating system supports multiple threads of execution within a single process MS-DOS.

Silberschatz, Galvin and Gagne ©2013 Operating System Concepts – 9 th Edition Chapter 4: Threads.

Chapter 4: Threads. 4.2 Silberschatz, Galvin and Gagne ©2005 Operating System Concepts – 7 th edition, Jan 23, 2005 Chapter 4: Threads Overview Multithreading.

ANDROID AND MODEL / VIEW / CONTROLLER. Slide 2 Design Patters Common solutions to programming problems are called design patterns Design patterns are.

Page 1 Towards a Schedu Capturing OS Expertise in an Event Type System: the Bossa Experience Julia L. Lawall DIKU, University of Copenhagen Joint work.

MVC WITH CODEIGNITER Presented By Bhanu Priya.

Secure middleware patterns E.B.Fernandez. Middleware security Architectures have been studied and several patterns exist Security aspects have not been.

AOSD'04, Lancaster, UK 1 Remote Pointcut - A Language Construct for Distributed AOP Muga Nishizawa (Tokyo Tech) Shigeru Chiba (Tokyo Tech) Michiaki Tatsubori.

Banaras Hindu University. A Course on Software Reuse by Design Patterns and Frameworks.

TEAM FOUNDATION VERSION CONTROL AN OVERVIEW AND WALKTHROUGH By: Michael Mallar.

Design Evaluation Overview Introduction Model for Interface Design Evaluation Types of Evaluation –Conceptual Design –Usability –Learning Outcome.

CMPE 494 Service-Oriented Architectures and Web Services Platform for Privacy Preferences Project (P3P) İDRİS YILDIZ

Enterprise Library 3.0 Memi Lavi Solution Architect Microsoft Consulting Services Guy Burstein Senior Consultant Advantech – Microsoft Division.

1 Chapter 5: Threads Overview Multithreading Models & Issues Read Chapter 5 pages

Introduction to threads

Building Enterprise Applications Using Visual Studio®

Analysis Classes Unit 5.

Chapter 4: Threads.

Key Ideas from day 1 slides

Chapter 5: Threads Overview Multithreading Models Threading Issues

CAE-SCRUB for Incorporating Static Analysis into Peer Reviews

Design and Programming

Model-View-Controller Patterns and Frameworks

Analysis models and design models

Operating Systems : Overview

The Islamia University Bahawalpur

Serpil TOK, Zeki BAYRAM. Eastern MediterraneanUniversity Famagusta

Operating Systems : Overview

Operating Systems : Overview

Chapter 2 Operating System Overview

BANKER’S ALGORITHM Prepared by, Prof

Integration Testing.

Presentation transcript:

Page 1 On the Automatic Evolution of an OS Kernel using Temporal Logic and AOP Julia L. Lawall DIKU, University of Copenhagen Joint work with: Rickard A. Åberg, Mario Südholt, Gilles Muller Obasco Group, Ecole des Mines de Nantes/INRIA Anne-Françoise Le Meur Compose Group, INRIA/LABRI, ENSEIRB

Page 2 Overview u Goal: Automating software evolution u Context: –Support for the Bossa scheduling framework u Our approach: –Aspect-oriented programming (AOP) –Temporal Logic

Page 3 Bossa scheduling framework u Goal: –Allow application programmers to implement kernel- level process schedulers u Functionality of a process scheduler: –Decide when to elect a new process –Decide what process to elect u Information needed from the kernel: –Times when electing a new process is allowed –Changes in process states

Page 4 Bossa architecture Standard kernel with added events Standardxx kernel with added events User- defined scheduling policy Who adds all the events?

Page 5 Distribution of events 77 files require modification (Linux )

Page 6 Linux kernel code // request process state change set_current_state(TASK_INTERRUPTIBLE); add_wait_queue(&md->lynx->mem_dma_intr_wait, &wait); run_sub_pcl(md->lynx, md->lynx->dcmem_pcl, 2, CHANNEL_LOCALBUS); // electing a new process is allowed schedule( ); Problem: Bossa process election function depends on process state.

Page 7 Bossa-Linux kernel code // change process state set_current_state(TASK_INTERRUPTIBLE); add_wait_queue(&md->lynx->mem_dma_intr_wait, &wait); run_sub_pcl(md->lynx, md->lynx->dcmem_pcl, 2, CHANNEL_LOCALBUS); // electing a new process is allowed schedule_interruptible( ); Problem: Bossa process election function depends on process state. Choice of event depends on the requested process state.

Page 8 Observations u Events occur within function bodies. u Choice of event is context-sensitive –Depends on information local to the function, but not local to the event-notification site  Information and rewriting site may be separated by if, while, etc.

Page 9 Requirements u Automated approach –Manual modification is tedious and error-prone u Portability –Treat multiple kernel versions

Page 10 Solution: AOP & Temporal logic u Aspect-oriented programming –Scheduling behavior crosscuts the kernel –AOP localizes event-notification strategy separate from the kernel code »reduces specification size (one entry per concept) »allows modification of multiple kernels –Typically applied to function call/return sites u Temporal logic –A logic describing sequences of events –Our use: describe control-flow patterns

Page 11 Temporal logic (CTL) u Propositional logic: –p, true, false,   ,   ,  u One step in the future –One path: EX  –All paths: AX  u Multiple steps in the future –One path: E(  U  ) –All paths: A(  U  ) u Backwards variants –AX  , A  (  U  ), etc. p,q pp pp q EXp

Page 12 Temporal logic (CTL) u Propositional logic: –p, true, false,   ,   ,  u One step in the future –One path: EX  –All paths: AX  u Multiple steps in the future –One path: E(  U  ) –All paths: A(  U  ) u Backwards variants –AX  , A  (  U  ), etc. A(  p U q) p,q pp pp q

Page 13 Temporal logic (CTL) u Propositional logic: –p, true, false,   ,   ,  u One step in the future –One path: EX  –All paths: AX  u Multiple steps in the future –One path: E(  U  ) –All paths: A(  U  ) u Backwards variants –AX  , A  (  U  ), etc. A(  p U q) p,q pp pp q

Page 14 Temporal logic (CTL) u Propositional logic: –p, true, false,   ,   ,  u One step in the future –One path: EX  –All paths: AX  u Multiple steps in the future –One path: E(  U  ) –All paths: A(  U  ) u Backwards variants –AX  , A  (  U  ), etc. A(  p U q) p,q pp pp q

Page 15 Example rule Replace try_to_wake_up by bossa_unblock_process. n:(call( try_to_wake_up ))  Rewrite(n, bossa_unblock_process(args) )

Page 16 Example rule (simplified) If the state is TASK_INTERRUPTIBLE, replace schedule() by schedule_interruptible(). n:(call( schedule ))  Rewrite(n, schedule_interruptible(args) ) If n ├ AX  (A  (  changeOfState() U setState(TASK_INTERRUPTIBLE)))

Page 17 Processing Linux kernel code // change process state set_current_state(TASK_INTERRUPTIBLE); add_wait_queue(&md->lynx->mem_dma_intr_wait, &wait); run_sub_pcl(md->lynx, md->lynx->dcmem_pcl, 2, CHANNEL_LOCALBUS); // electing a new process is allowed schedule( ); set_current_state (TASK_INTERRUPTIBLE) add_wait_queue run_sub_pcl schedule n:(call( schedule ))  Rewrite(n, schedule_interruptible(args) ) If AX  (A  (  changeOfState() U setState(TASK_INTERRUPTIBLE)))

Page 18 Assessment u 38 rules (9 use temporal logic). u Approach validated on –Linux –Linux –patched Linux u Same performance as a manually reengineered kernel. –Errors found in the hand-modified version.

Page 19 Conclusions and future work u Problem: –Kernel evolution for Bossa requires crosscutting modifications –Modifications occur in function bodies and depend on context information u Solution: AOP & Temporal Logic u Future targets: –Linux 2.6, Windows, other OS services