On the Automatic Evolution of an OS Kernel

  • Slides: 19
Download presentation
On the Automatic Evolution of an OS Kernel using Temporal Logic and AOP Julia

On the Automatic Evolution of an OS Kernel using Temporal Logic and AOP Julia L. Lawall DIKU, University of Copenhagen Joint work with: Rickard A. Åberg, Mario Südholt, Gilles Muller Obasco Group, Ecole des Mines de Nantes/INRIA Anne-Françoise Le Meur Compose Group, INRIA/LABRI, ENSEIRB 1

Overview u Goal: Automating software evolution u Context: – Support for the Bossa scheduling

Overview u Goal: Automating software evolution u Context: – Support for the Bossa scheduling framework u Our approach: – Aspect-oriented programming (AOP) – Temporal Logic 2

Bossa scheduling framework u Goal: – Allow application programmers to implement kernellevel process schedulers

Bossa scheduling framework u Goal: – Allow application programmers to implement kernellevel process schedulers u Functionality of a process scheduler: – Decide when to elect a new process – Decide what process to elect u Information needed from the kernel: – Times when electing a new process is allowed – Changes in process states 3

Bossa architecture Standard kernel with added events Standardxx Userkernel defined with scheduling added policy

Bossa architecture Standard kernel with added events Standardxx Userkernel defined with scheduling added policy events Who adds all the events? 4

Distribution of events 77 files require modification (Linux 2. 4. 18) 5

Distribution of events 77 files require modification (Linux 2. 4. 18) 5

Linux kernel code // request process state change set_current_state(TASK_INTERRUPTIBLE); add_wait_queue(&md->lynx->mem_dma_intr_wait, &wait); run_sub_pcl(md->lynx, md->lynx->dcmem_pcl, 2,

Linux kernel code // request process state change set_current_state(TASK_INTERRUPTIBLE); add_wait_queue(&md->lynx->mem_dma_intr_wait, &wait); run_sub_pcl(md->lynx, md->lynx->dcmem_pcl, 2, CHANNEL_LOCALBUS); // electing a new process is allowed schedule( ); Problem: Bossa process election 6 function depends on process state.

Bossa-Linux kernel code // change process state set_current_state(TASK_INTERRUPTIBLE); add_wait_queue(&md->lynx->mem_dma_intr_wait, &wait); run_sub_pcl(md->lynx, md->lynx->dcmem_pcl, 2, CHANNEL_LOCALBUS);

Bossa-Linux kernel code // change process state set_current_state(TASK_INTERRUPTIBLE); add_wait_queue(&md->lynx->mem_dma_intr_wait, &wait); run_sub_pcl(md->lynx, md->lynx->dcmem_pcl, 2, CHANNEL_LOCALBUS); // electing a new process is allowed schedule_interruptible( ); Choice of event depends on Problem: Bossa process election the requested process state. 7 function depends on process state.

Observations u Events occur within function bodies. u Choice of event is context-sensitive –

Observations u Events occur within function bodies. u Choice of event is context-sensitive – Depends on information local to the function, but not local to the event-notification site u Information and rewriting site may be separated by if, while, etc. 8

Requirements u Automated approach – Manual modification is tedious and error-prone u Portability –

Requirements u Automated approach – Manual modification is tedious and error-prone u Portability – Treat multiple kernel versions 9

Solution: AOP & Temporal logic u Aspect-oriented programming – Scheduling behavior crosscuts the kernel

Solution: AOP & Temporal logic u Aspect-oriented programming – Scheduling behavior crosscuts the kernel – AOP localizes event-notification strategy separate from the kernel code » reduces specification size (one entry per concept) » allows modification of multiple kernels – Typically applied to function call/return sites u Temporal logic – A logic describing sequences of events – Our use: describe control-flow patterns 10

Temporal logic (CTL) u Propositional logic: – p, true, false, , , u One

Temporal logic (CTL) u Propositional logic: – p, true, false, , , u One p, q step in the future – One path: EX – All paths: AX u Multiple steps in the future p q – One path: E( U ) – All paths: A( U ) u Backwards variants – AX , A ( U ), etc. p EXp 11

Temporal logic (CTL) u Propositional logic: – p, true, false, , , u One

Temporal logic (CTL) u Propositional logic: – p, true, false, , , u One step in the future – One path: EX – All paths: AX u Multiple steps in the future – One path: E( U ) – All paths: A( U ) u Backwards variants – AX , A ( U ), etc. q p, q p p A( p U q) 12

Temporal logic (CTL) u Propositional logic: – p, true, false, , , u One

Temporal logic (CTL) u Propositional logic: – p, true, false, , , u One step in the future – One path: EX – All paths: AX u Multiple steps in the future – One path: E( U ) – All paths: A( U ) u Backwards variants – AX , A ( U ), etc. q p, q p p A( p U q) 13

Temporal logic (CTL) u Propositional logic: – p, true, false, , , u One

Temporal logic (CTL) u Propositional logic: – p, true, false, , , u One step in the future – One path: EX – All paths: AX u Multiple steps in the future – One path: E( U ) – All paths: A( U ) u Backwards variants – AX , A ( U ), etc. q p, q p p A( p U q) 14

Example rule Replace try_to_wake_up by bossa_unblock_process. n: (call(try_to_wake_up)) Rewrite(n, bossa_unblock_process(args)) 15

Example rule Replace try_to_wake_up by bossa_unblock_process. n: (call(try_to_wake_up)) Rewrite(n, bossa_unblock_process(args)) 15

Example rule (simplified) If the state is TASK_INTERRUPTIBLE, replace schedule() by schedule_interruptible(). n: (call(schedule))

Example rule (simplified) If the state is TASK_INTERRUPTIBLE, replace schedule() by schedule_interruptible(). n: (call(schedule)) Rewrite(n, schedule_interruptible(args)) If n ├ AX (A ( change. Of. State() U set. State(TASK_INTERRUPTIBLE))) 16

Processing Linux kernel code // change process state set_current_state(TASK_INTERRUPTIBLE); add_wait_queue(&md->lynx->mem_dma_intr_wait, &wait); run_sub_pcl(md->lynx, md->lynx->dcmem_pcl, 2,

Processing Linux kernel code // change process state set_current_state(TASK_INTERRUPTIBLE); add_wait_queue(&md->lynx->mem_dma_intr_wait, &wait); run_sub_pcl(md->lynx, md->lynx->dcmem_pcl, 2, CHANNEL_LOCALBUS); // electing a new process is allowed schedule( ); set_current_state (TASK_INTERRUPTIBLE) add_wait_queue n: (call(schedule)) Rewrite(n, schedule_interruptible(args)) If AX (A ( change. Of. State() U set. State(TASK_INTERRUPTIBLE))) run_sub_pcl schedule 17

Assessment u 38 rules (9 use temporal logic). u Approach validated on – Linux

Assessment u 38 rules (9 use temporal logic). u Approach validated on – Linux 2. 4. 18 – Linux 2. 4. 21 – patched Linux 2. 4. 18 u Same performance as a manually reengineered kernel. – Errors found in the hand-modified version. 18

Conclusions and future work u Problem: – Kernel evolution for Bossa requires crosscutting modifications

Conclusions and future work u Problem: – Kernel evolution for Bossa requires crosscutting modifications – Modifications occur in function bodies and depend on context information u Solution: u Future AOP & Temporal Logic targets: – Linux 2. 6, Windows, other OS services http: //www. emn. fr/x-info/bossa 19