An Open Ravenscar Real-Time Kernel for GNAT - DIT - Universidad ...

More documents

Recommendations

Info

Only the first four of these packages are visible to GNULL. The other three, Kernel.Parameters,Kernel.CPU_Primitives, and Kernel.Peripherals, are used only by otherkernel packages, and encapsulate implementation dependent elements in order to makeit easier to port the kernel to other hardware environments.Some of the packages (e.g. Kernel.Threads) have additional children that extendtheir interfaces so that some of their internal functionality is made visible to other kernelpackages.Kernel.MemoryKernel{Storage Allocation}{Thread Management}{Synchronization}{Scheduling}Kernel.ThreadsKernel.CPU_Primitives{Interrupt Handling}{Time Keeping and Delays}Kernel.InterruptsEKernel.ParametersKernel.TimeKernel.PeripheralsFig. 4. Architecture of the Open Ravenscar Real-Time Kernel3.2 Thread managementAda tasks are implemented at the lower level by kernel threads. Threads are created atprogram startup, so that there is no need to dynamically allocate or deallocate resourcessuch as TCBs or stack space.Threads are scheduled according to the FIFO within priorities policy (ALRM [2],D2). There is a ready queue which is ordered by priority and arrival order. The synchronizationprimitives directly insert or remove threads from the ready queue.Two kinds of synchronization elements are provided by the kernel: mutexes andcondition variables. These elements are used by GNARL to implement protected objects.Despite the name similarity with POSIX, ORK synchronization primitives aredefined in such a way that the related GNULLI elements can be directly implemented,thus enabling a more efficient implementation of protected objects. We have taken ad-
vantage of the Ravenscar profile restrictions to implement only one kind of mutualexclusion locks.Condition variables are also simplified with respect POSIX, in that there are notimed waits and there are no suspended task queues, as the maximum number of tasksthat can be waiting on a condition is one. The fact that the Ravenscar profile doesnot allow select statements, timed wait operations, or ATCs, has also resulted in greatsimplification.Locks implement the Immediate Priority Ceiling Protocol (IPCP), which is thesame as the Ceiling Locking policy defined by the ALRM [2] (D3).3.3 Time managementThe package Kernel.Time provides timing support in a very simplified way. A time typeis defined that represents both absolute time and time intervals as an integer number ofnanoseconds. There is a monotonic clock that gives an absolute time value, measuredfrom system startup.According to the Ravenscar profile specification, only an absolute delay (delay until)operation is provided. Delayed threads are kept in a delay queue which is ordered bywakeup time. Since a delay cannot be canceled, as there are no abort statements orATCs, there is no need to keep delayed threads waiting on a condition variable, ascurrent GNARL implementations do.3.4 Storage managementAlthough the Ravenscar profile does not forbid all kinds of dynamic storage management,as the profile does not deal with non tasking features of Ada, it seems reasonableto expect Ravenscar compliant programs not to use dynamic storage pools. Consequently,only a limited form of memory management is provided, in order to allocateTCB and stack space for new threads. Since threads can only be created at systemstartup, and cannot terminate, this restricted form of storage allocation can be made ina safe way, using a simple linear algorithm.The task stacks are protected in order to avoid stack overflow or underflow. Thehardware segment protection mechanism is used for this purpose.3.5 Interrupt handlingAn interrupt represents a class of events that are detected by the hardware or the kernelitself. When an interrupt occurs an Interrupt Service Routine (ISR) is invoked to makethe interrupt available to the kernel. In Ada 95, a high-level handler can be attached tothe interrupt so that is is automatically started by the runtime system when the interruptoccurs. The handler may be a parameterless protected procedure or a task entry,although the latter is only included for compatibility with Ada 83.Current GNARL implementations use interrupt service tasks that are activated whenan interrupt occurs, and then call the associated interrupt handler procedure. In this way,priorities and mutual exclusion are handled in the standard way for tasks and protected
Page 8 and 9: objects. Interrupt handlers are exe
Page 10: 4. Ted Baker and Tullio Vardanega.

An Open Ravenscar Real-Time Kernel for GNAT - DIT - Universidad ...

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?