#### 4.3: The shared data problem

- Inconsistency in data used by a task and updated by an ISR; arises because ISR runs at just the wrong time
- Data is often shared because it is undesirable to have ISRs do all the work they would take too long to run
  - ISRs typically "hand off" some of the processing to task code
  - This implies shared variables or communication between the ISR and the related task
- Lab 3 simpler (in part) because we don't have to worry about this
  - The primes task and interrupt code are unrelated

50.

**D**O<sub>al</sub>

50 au



#### Fig 4.4: observations

- Note keyword "interrupt" in first function. (It is an ISR written in C; our class tools don't support this)
  - It is never called from task code; when will it run?
  - How do we connect this ISR with its interrupt?
- · The main routine is an infinite loop
  - Rare in conventional code, common in embedded systems
  - Compares two temperatures and raises alarm if they ever differ
- · The ISR updates the temperature variables
  - Assume interrupt asserted (1) at regular intervals, based on timer, or (2) when either temperature changes



#### The shared-data problem

#### · Imagine this scenario:

- Temperature rising, both values identical at each reading
- Say, 80 at one reading, 81 at the next
- Interrupt occurs between reads in task code
- Test in main() compares old value with new value
- Result: (false) alarm set off, evacuations begin
- To prevent, programmer must carefully analyze all code
  - Is there a point in code where an interrupt can mess things up?













#### Discussion

- Why lock out *all* interrupts, and not just mask the one with the ISR that accesses the shared data?
  - Selective masking would reduce disruption to rest of system
- Considerations:

50.

- Interrupts are disabled only briefly
- Increasing response time by 1-2 instructions is not a big deal
- The overhead of disabling single interrupt is generally higher; the details are platform dependent
- Disabling all interrupts is a simple, one-size-fits-all solution
- BUT you must ensure that interrupts are not disabled for too long!

#### Compiler limitations

- Why can't compilers handle this automatically?
- In general, compilers cannot identify (truly) shared data, let alone analyze dynamic access patterns to that data
- It's hard for humans to do even for developers who understand the code
- Bottom line:
  - No existing tools are clever enough to determine automatically when interrupts need to be disabled





















### Worst-case interrupt latency: components

- 1. The longest period of time that interrupts are disabled
- 2. The time for ISR and handler to save the context and then do the work that is considered the "response"
- 3. The total time required to execute all ISRs + handlers of higher priority
- The time for hardware to stop what it is doing, save critical state, and start executing the ISR for that interrupt



- 1. Max length of critical sections?
  - Keep them short! Time to save context, run handler?
  - Size of context depends on number of registers fixed for CPU
  - Handler efficiency: good coding
- 3. Execution time of higher-priority ISRs?
- Make sure assigned priorities reflect true importance
  - Keep all ISRs lean and mean
- 4. Overhead of hardware response?
  - · Fixed when you select the processor

### In simulator, time unit is time to execute one instruction Simple model: all instructions take same time to execute Unlikely to be true in actual hardware, but added realism would buy little

- 8086 responds to asserted, enabled interrupt before starting next
  instruction
- Overhead of hardware response on 8086:
  - Finish current instruction

60.

- Push 3 words on stack, read 2 words from interrupt vector table



#### Meeting design specs

- What do we need to know to ensure that response time will be less than, say, 625  $\mu s?$ 
  - Identify all critical sections, max length of each
  - Only *longest* critical section need concern us: no way to transition to
  - another without hardware responding to pending interrupt - Run length of event's ISR + handler to point of "response"
  - Run length of higher-priority ISRs + handlers
  - Discussion: Just one time through each, or multiple runs?
- How important is such a guarantee?
  - Critical in real world, not so critical in our class labs

## Fig. 4.15: Another alternative to disabling interrupts static int (TemperaturesA(2), (TemperaturesB(2); viol interrupt // ReadTemperatures (viol) { f ((TemperaturesA(2), (TemperaturesB(2); viol interrupt // ReadTemperatures(viol) f ((TemperaturesA(2), (TemperaturesA(2); f ((TemperaturesA(2), (TemperaturesA(2); f ((TemperaturesA(2), (TemperaturesA(2), (TemperaturesB(2), (

#### Fig. 4.15: Discussion

- Key idea: use double buffering with a global flag to ensure that the reader and writer access separate arrays
- Does this work?

- Global flag does not change while temperatures are being read in task code, especially at critical point between the two reads
- Values tested in task code are always corresponding pair no way for ISR to change them at wrong time while reading
- · What are disadvantages?

#### Figure 4.16: Yet another alternative #define Q\_SIZE 100 int iTemperatureQ[Q\_SIZE]; int iHead = 0; int iTail = 0; void main (void) int iTemp1, iTemp2; while (TRUE) void interrupt vReadTemperatures (void) if (iTail != iHead) if ( !(( ihead+2==iTail) || (iHead==Q\_SIZE-2 && iTail==0))) iTemp1 = iTemperatureQ[iTail]; iTemp2 = iTemperatureQ[iTail+1]; iTail += 2; if (iTail == Q\_SIZE) iTail = 0; iTemperatureQ[iHead] = !! read one temperature iTemperatureQ[iHead+1] = !! read other temperature !! Compare values iHead += 2; if (iHead==Q\_SIZE) iHead = 0; } } } It throw away next value

#### Figure 4.16: Discussion

- Key idea: use queues
  - ISR puts temperature pairs into buffer, and task removes them
     Buffering with queues is a commonly used technique
- Queue management (in this case):
  - Queue full: head+2 == tail (2 slots used/sample)
  - Queue empty: head == tail
- Advantage: queue decouples the data arrival rate (possibly bursty) from the data processing rate
  - Processing rate must be at least as great as the average arrival rate

# Figure 4.16: Discussion How easy is it to get the queue code code wrong? 1 Task must read the data, *then* revise tail variable Reversing order would allow ISR to overwrite data before it is read When tail is incremented, the *write* must be atomic (but not necessarily the increment) Otherwise reader and writer could see different pictures of shared array The operation is generally atomic, but not on all platforms Overall assessment: Queue approach is tricky to get right Makes sense only if disabling interrupts is really not an option









|    | int iQueue[100];<br>int iHead = 0; /* place to add next item */<br>int iHead = 0; /* place to read next item */<br>void interrupt SourceInterrupt(void)<br>{ /* if (illecad = 1 = Tail)] [[!dead = 99 8.8 iTail == 0))<br>{ /* if (illecad = 1 = Tail)] []:dead = 99 8.8 iTail == 0))<br>{ /* if (illecad = 1 = 1);<br>/* if (illecad == 10)<br>if (ille illecad)<br>{ /* if queue has only, process it */<br>if (value:<br>while (TRUE;<br>while (TRUE;<br>vidia i= illecad)<br>{ /* if queue has only, process it */<br>if (value:<br>+* iTail;<br>if (illecad == 10)<br>if (ill | Problem 4.6: where is "very nasty bug"?<br>Code from Figure 418<br>In previous version, head was modified<br>only in ISR, tail only modified in main.<br>Here, ISR can modify both head and tail. |
|----|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| 60 | SU Archibald                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               | 425 F19 3:41                                                                                                                                                                                      |

| int iTail = 0; //<br>void interrupt 5<br>{<br>if ((iHead+1<br>{ /* if quet<br>++iTail;<br>if (iTail :<br>iTail =<br>} | <sup>™</sup> place to add next item ''<br>place to read next item ''<br>sourceInterrupt(void)<br>== Taili) [[(Head == 99 && iTail == 0))<br>== i fault, overwrite oldest ''<br>== 100)<br>0;<br>ad] = //next value;<br>100) |   | Problem 4.6: where is "very nasty bug"?<br>Code from Figure 4.18<br>In previous version, head was modified<br>only in ISR, tail only modified in main.<br>Here, ISR can modify both head and tail.                                                                                          |      |
|-----------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------|
| iValue<br>++iTai<br>if (iTai<br>iTa                                                                                   | E)<br>iHead)<br>eue has entry, process it */<br>= iQueue[iTail];                                                                                                                                                            | • | ssible scenario<br>Queue is full, IRead=98, Tiail=99<br>Task executes ++Tiail (so ITail=100)<br>Back-to-back interrupts occur<br>Starl of first: iHead=98, Tiail=100<br>End of first: iHead=98, Tiail=100<br>End of second: iHead=0, Tiail=101<br>ITail is never reset, increases w/o limit | 3:42 |























#### Architecture 4: RTOS: Real-time operating system

- Work is split between ISRs and tasks
- Tasks are prioritized and run by a scheduler - Scheduler always picks highest-priority ready task to run
  - If higher-priority task becomes ready, lower-priority tasks are preempted
- · Tasks block when waiting for events, resources, or time interval to pass - ISRs can cause tasks to become unblocked
- RTOS contains code to
- Create tasks, block and unblock tasks, schedule tasks, allow tasks and ISRs to communicate, etc.

DO





#### Recommendations

- 1. Choose the simplest architecture that will meet current and future
- 2. If application has difficult response-time requirements, lean toward
- · Many to choose from, debugging support, libraries, etc.
- 3. Consider constructing hybrid architecture. Examples:
  - · Round robin with interrupts: main loop polls slower HW directly