Re: Two-stage suspend operations

comp.lang.ada
 help / color / mirror / Atom feed

From: Simon Wright <simon@pushface.org>
Subject: Re: Two-stage suspend operations
Date: Wed, 11 May 2016 09:55:51 +0100
Date: 2016-05-11T09:55:51+01:00	[thread overview]
Message-ID: <lyy47hotwo.fsf@pushface.org> (raw)
In-Reply-To: 17d09c96-c5e6-4238-9adb-c1dab5611237@googlegroups.com

rieachus@comcast.net writes:

Thanks for the notes.

>> I'm looking at a system[1] where I'm assured that we need to run a 
>> drone's motor controller at 20 kHz, and SOs seemed a possibility. Of 
>> course, if you need to avoid concurrency problems between a timer-driven 
>> ISR and tasking code, using SOs isn't going to work! so we are looking 
>> at swing-buffering or possibly GNAT's Lock_Free pragma/aspect[2].
>
> It sounds like you need rate-monotonic scheduling:
> https://en.wikipedia.org/wiki/Rate-monotonic_scheduling Usually you
> would run one clock at the highest priority and dispatch lower
> priority tasks every N ticks for some N.  The Liu Sha and John
> Goodenough paper tells how to implement RMS in Ada.  Notice though
> that there is a lot of math for you to do to assign priorities and
> prove that your system does not exceed a load limit.

It turns out that the 20 kHz is in a separate processor from the main
application.

Nothing like an enthuse-potential-volunteers description of a project
for generating confusion.

> Note BTW, that the GNAT pragma specifically allows the protected
> objects that only run in the context of another task/thread, have a
> high enough priority not to be interrupted, and do not reference any
> lower priority protected objects.

Can you tell me where this is documented?

Also, there seems very little difference between using Lock_Free and
Atomic: you can't have entries, and, when 'Contents' is an array of
integers,

lock_free.adb:3:07: illegal body when Lock_Free given
lock_free.adb:3:58: type of "Contents" must support atomic operations

> This is a sufficient but not necessary condition to insure that these
> POs are not involved in deadlocks.  To need POs you will have multiple
> (Ada) tasks, and you need a different way to prove they are deadlock
> free.  Also are you planning to allow running on more than one
> physical processor?  From experience you need to test on one, two, and
> three or more logical CPUs to verify deadlock and livelock free
> operation.

Only mono-processor at the moment.

I didn't mention that we are using Ravenscar, I thought that precluded
deadlock?

next prev parent reply	other threads:[~2016-05-11  8:55 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-05-07 16:13 Two-stage suspend operations Simon Wright
2016-05-08  3:56 ` rieachus
2016-05-08 19:26   ` Simon Wright
2016-05-09  2:12     ` rieachus
2016-05-09  8:56       ` Simon Wright
2016-05-09 23:15         ` rieachus
2016-05-10  5:46           ` Simon Wright
2016-05-10 21:14 ` rieachus
2016-05-11  8:55   ` Simon Wright [this message]
2016-05-11 21:20 ` rieachus

replies disabled

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox