Operating Systems

================ Start Lecture #3 ================

1.7: OS Structure
I must note that Tanenbaum is a big advocate of the so called microkernel approach in which as much as possible is moved out of the (supervisor mode) kernel into separate processes. The (hopefully small) portion left in supervisor mode is called a microkernel. In the early 90s this was popular. Digital Unix (now called True64) and Windows NT/2000/XP are examples. Digital Unix is based on Mach, a research OS from Carnegie Mellon university. Lately, the growing popularity of Linux has called into question the belief that ``all new operating systems will be microkernel based''.

1.7.1: Monolithic approach

The previous picture: one big program The system switches from user mode to kernel mode during the poof and then back when the OS does a ``return'' (an RTI or return from interrupt). But of course we can structure the system better, which brings us to.

1.7.2: Layered Systems

Some systems have more layers and are more strictly structured. An early layered system was ``THE'' operating system by Dijkstra. The layers were. 1. The operator 2. User programs

3. I/O mgt 4. Operator-process communication 5. Memory and drum management The layering was done by convention, i.e. there was no enforcement by hardware and the entire OS is linked together as one program. This is true of many modern OS systems as well (e.g., linux). The multics system was layered in a more formal manner. The hardware provided several protection layers and the OS used them. That is, arbitrary code could not jump to or access data in a more protected layer.

1.7.3: Virtual Machines

Use a ``hypervisor'' (beyond supervisor, i.e. beyond a normal OS) to switch between multiple Operating Systems. Made popular by IBM's VM/CMS

Each App/CMS runs on a virtual 370. CMS is a single user OS. A system call in an App traps to the corresponding CMS. CMS believes it is running on the machine so issues I/O. instructions but ... ... I/O instructions in CMS trap to VM/370. This idea is still used. A modern version (used to ``produce'' a multiprocessor from many uniprocessors) is ``Cellular Disco'', ACM TOCS, Aug. 2000. Another modern usage is JVM the ``Java Virtual Machine''.

1.7.4: Exokernels
Similar to VM/CMS but the virtual machines have disjoint resources (e.g., distinct disk blocks) so less remapping is needed.

1.7.5: Client Server

When implemented on one computer, a client server OS uses the microkernel approach in which the microkernel supplies just interprocess communication, and the main OS functions are provided by a number of separate processes. This does have advantages. For example an error in the file server cannot corrupt memory in the process server. This makes errors easier to track down. But it does mean that when a (real) user process makes a system call there are more processes switches. These are not free. A distributed system can be thought of as an extension of the client server concept where the servers are remote.

Homework: 23 Microkernels Not So Different In Practice

Dennis Ritchie, the inventor of the C programming language and co-inventor, with Ken Thompson, of Unix was interviewed in February 2003. The following is from that interview. What's your opinion on microkernels vs. monolithic? Dennis Ritchie: They're not all that different when you actually use them. "Micro" kernels tend to be pretty large these days, and "monolithic" kernels with loadable device drivers are taking up more of the advantages claimed for microkernels.

Chapter 2: Process and Thread Management

Tanenbaum's chapter title is ``Processes and Threads''. I prefer to add the word management. The subject matter is processes, threads, scheduling, interrupt handling, and IPC (InterProcess Communication--and Coordination).

2.1: Processes
Definition: A process is a program in execution.

We are assuming a multiprogramming OS that can switch from one process to another. Sometimes this is called pseudoparallelism since one has the illusion of a parallel processor. The other possibility is real parallelism in which two or more processes are actually running at once because the computer system is a parallel processor, i.e., has more than one processor. We do not study real parallelism (parallel processing, distributed systems, multiprocessors, etc) in this course.

2.1.1: The Process Model

Even though in actuality there are many processes running at once, the OS gives each process the illusion that it is running alone.

Virtual time: The time used by just this processes. Virtual time progresses at a

rate independent of other processes. Actually, this is false, the virtual time is typically incremented a little during systems calls used for process switching; so if there are more other processors more ``overhead'' virtual time occurs.

Virtual memory: The memory as viewed by the process. Each process typically believes it has a contiguous chunk of memory starting at location zero. Of course this can't be true of all processes (or they would be using the same memory) and in modern systems it is actually true of no processes (the memory assigned is not contiguous and does not include location zero). Think of the individual modules that are input to the linker. Each numbers its addresses from zero; the linker eventually translates these relative addresses into absolute addresses. That is the linker provides to the assembler a virtual memory in which addresses start at zero.

Virtual time and virtual memory are examples of abstractions provided by the operating system to the user processes so that the latter ``sees'' a more pleasant virtual machine than actually exists.

2.1.2: Process Creation

From the users or external viewpoint there are several mechanisms for creating a process. 1. 2. 3. 4. System initialization, including daemon processes. Execution of a process creation system call by a running process. A user request to create a new process. Initiation of a batch job.

But looked at internally, from the system's viewpoint, the second method dominates. Indeed in unix only one process is created at system initialization (the process is called init); all the others are children of this first process. Why have init? That is why not have all processes created via method 2? Ans: Because without init there would be no running process to create any others.

2.1.3: Process Termination

Again from the outside there appear to be several termination mechanism. 1. 2. 3. 4. Normal exit (voluntary). Error exit (voluntary). Fatal error (involuntary). Killed by another process (involuntary).

And again, internally the situation is simpler. In Unix terminology, there are two system calls kill and exit that are used. Kill (poorly named in my view) sends a signal to another process. If this signal is not caught (via the signal system call) the process is terminated. There is also an ``uncatchable'' signal. Exit is used for self termination and can indicate success or failure.

2.1.4: Process Hierarchies

Modern general purpose operating systems permit a user to create and destroy processes.

In unix this is done by the fork system call, which creates a child process, and the exit system call, which terminates the current process. After a fork both parent and child keep running (indeed they have the same program text) and each can fork off other processes. A process tree results. The root of the tree is a special process created by the OS during startup. A process can choose to wait for children to terminate. For example, if C issued a wait() system call it would block until G finished.

Old or primitive operating system like MS-DOS are not multiprogrammed, so when one process starts another, the first process is automatically blocked and waits until the second is finished.

2.1.5: Process States and Transitions

The diagram on the right contains much information.

Consi der a runnin g proces sP that issues an I/O reques t

o

o o o

T h e process blocks At some later point, a disk interrupt occurs and the driver detects that P's request is satisfied. P is unblocked, i.e. is moved from blocked to ready At some later time the operating system looks for a ready job to run and picks P.

A preemptive scheduler has the dotted line preempt; A non-preemptive scheduler doesn't. The number of processes changes only for two arcs: create and terminate. Suspend and resume are medium term scheduling o Done on a longer time scale. o Involves memory management as well. As a result we study it later.

Sometimes called two level scheduling.

One can organize an OS around the scheduler.

Write a mini mal ``ker nel'' (a micro kerne l) consisting of the scheduler, interrupt handlers, and IPC (interprocess communication). The rest of the OS consists of kernel processes (e.g. memory, filesystem) that act as servers for the user processes (which of course act as clients). The system processes also act as clients (of other system processes). The above is called the client-server model and is one Tanenbaum likes. His ``Minix'' operating system works this way. Indeed, there was reason to believe that the client-server model would dominate OS design. But that hasn't happened. Such an OS is sometimes called server based. Systems like traditional unix or linux would then be called self-service since the user process serves itself. o That is, the user process switches to kernel mode and performs the system call. o To repeat: the same process changes back and forth from/to user<-->system mode and services itself.

2.1.6: Implementation of Processes

The OS organizes the data about each process in a table naturally called the process table. Each entry in this table is called a process table entry (PTE) or process control block.

One entry per process. The central data structure for process management. A process state transition (e.g., moving from blocked to ready) is reflected by a change in the value of one or more fields in the PTE. We have converted an active entity (process) into a data structure (PTE). Finkel calls this the level principle ``an active entity becomes a data structure when looked at from a lower level''. The PTE contains a great deal of information about the process. For example, o Saved value of registers when process not running o Program counter (i.e., the address of the next instruction) o Stack pointer o CPU time used o Process id (PID) o Process id of parent (PPID) o User id (uid and euid) o Group id (gid and egid) o Pointer to text segment (memory for the program text) o Pointer to data segment o Pointer to stack segment o UMASK (default permissions for new files) o Current working directory o Many others

An aside on Interrupts (will be done again here) In a well defined location in memory (specified by the hardware) the OS stores an interrupt vector, which contains the address of the (first level) interrupt handler.

Tanenbaum calls the interrupt handler the interrupt service routine. Actually one can have different priorities of interrupts and the interrupt vector contains one pointer for each level. This is why it is called a vector.

Assume a process P is running and a disk interrupt occurs for the completion of a disk read previously issued by process Q, which is currently blocked. Note that disk interrupts are unlikely to be for the currently running process (because the process that initiated the disk access is likely blocked). 1. The hardware saves the program counter and some other registers (or switches to using another set of registers, the exact mechanism is machine dependent). 2. Hardware loads new program counter from the interrupt vector. o Loading the program counter causes a jump. o Steps 1 and 2 are similar to a procedure call. But the interrupt is asynchronous.

As with a trap (poof), the interrupt automatically switches the system into privileged mode.

3. Assembly language routine saves registers. 4. Assembly routine sets up new stack. o These last two steps can be called setting up the C environment.

5. Assembly routine calls C procedure (Tanenbaum forgot this one). 6. C procedure does the real work. o Determines what caused the interrupt (in this case a disk completed an I/O) How does it figure out the cause? Which priority interrupt was activated. The controller can write data in memory before the interrupt The OS can read registers in the controller o Mark process Q as ready to run. That is move Q to the ready list (note that again we are viewing Q as a data structure). The state of Q is now ready (it was blocked before). The code that Q needs to run initially is likely to be OS code. For example, Q probably needs to copy the data just read from a kernel buffer into user space. o Now we have at least two processes ready to run: P and Q

7. The scheduler decides which process to run (P or Q or something else). Lets assume that the decision is to run P. 8. The C procedure (that did the real work in the interrupt processing) continues and returns to the assembly code. 9. Assembly language restores P's state (e.g., registers) and starts P at the point it was when the interrupt occurred.

2.2: Threads
Per process items Address space Global variables Per thread items Program counter Machine registers

The idea is to have separate threads of control (hence Open files Stack the name) running in the same address space. An Child processes address space is a memory management concept. For now think of an address space as the memory in which Pending alarms a process runs and the mapping from the virtual Signals and signal handlers addresses (addresses in the program) to the physical Accounting information addresses (addresses in the machine). Each thread is somewhat like a process (e.g., it is scheduled to run) but contains less state (e.g., the address space belongs to the process in which the thread runs.

2.2.1: The Thread Model

A process contains a number of resources such as address space, open files, accounting information, etc. In addition to these resources, a process has a thread of control, e.g., program counter, register contents, stack. The idea of threads is to permit multiple threads of control to execute within one process. This is often called multithreading and threads are often called lightweight processes. Because threads in the same process share so much state, switching between them is much less expensive than switching between separate processes. Individual threads within the same process are not completely independent. For example there is no memory protection between them. This is typically not a security problem as the threads are cooperating and all are from the same user (indeed the same process). However, the shared resources do make debugging harder. For example one thread can easily overwrite data needed by another and if one thread closes a file other threads can't read from it.

2.2.2: Thread Usage

Often, when a process A is blocked (say for I/O) there is still computation that can be done. Another process B can't do this computation since it doesn't have access to the A's memory. But two threads in the same process do share memory so there is no problem. An important modern example is a multithreaded web server. Each thread is responding to a single WWW connection. While one thread is blocked on I/O, another thread can be processing another WWW connection. Why not use separate processes, i.e., what is the shared memory? Ans: The cache of frequently referenced pages. A common organization is to have a dispatcher thread that fields requests and then passes this request on to an idle thread. Another example is a producer-consumer problem (c.f. below) in which we have 3 threads in a pipeline. One thread reads data from an I/O device into a buffer, the second thread performs computation on the input buffer and places results in an output buffer, and the third thread outputs the data found in the output buffer. Again, while one thread is blocked the others can execute. Question: Why does each thread block?

Answer: 1. The first thread blocks waiting for the device to finish reading the data. It also blocks if the input buffer is full. 2. The second thread blocks when either the input buffer is empty or the output buffer is full. 3. The third thread blocks when the output device is busy (it might also block waiting for the output request to complete, but this is not necessary). It also blocks if the output buffer is empty. Homework: 9.