Skip to main content

CVM Restartability on VxWork

3 replies [Last post]
Joined: 2007-03-27


I have read an article in Mark Lam's Blog,
"The BIG Picture: a Map of CVM".
( )


the Root Data Structure
One of CVM's design criteria is to be restartable even when you run it on an OS that is not process based. Restartability without processes requires that we are able to release all malloc'ed memory. To make life easier (and it is good practice anyway), we make sure that all data is reachable from the root of a single tree of data structures in memory. This root data structure is CVMglobals which you will find at the left side of the map. You will find CVMglobals defined in globals.h here (also look for CVMGlobalState in this file) and globals.c here. Looking in CVMglobals, you will find that it is an aggregation of system global data structures. Keeping the globals in one location also makes it easier to restore the globals to a known initial state i.e. by memsetting the whole thing to 0 (after we have done proper clean up of all the subtrees, of course).


It sounds good. However, how can I do ensure reliable termination on VxWorks ?

1) How can I reclaim resources (i.e., malloced memory, semaphore), I would try followings:

- Check all the pointer variables recursively from CVMglobals by reading source code line by line
- Unlock and release all semaphore/mutex in the same way

Is it right?

2) How can I terminate tasks ?

- Can I use taskDelete() ?

VxWorks' programmer says, it should be taskDelete()ed in guarded block with taskSafe() and taskUnsafe(). ( Or all mutex should be initialized with SEM_DELETE_SAFE. )

- Aren't there any problems occurred from the same reason that deprecate Thread.stop() ?

- Brian

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Joined: 2003-06-10

Process model has been introduced in VxWorks6.X. If you are not forced to use 5.X and restartability is an important requirement, I'd suggest you to migrate to the process model. Actually, I have some experience in porting CDC/FP to VxWorks6.X, though I am not sure if I can contribute my work to phoneme at this moment.

Joined: 2006-10-16

Actually it is cvm's job to do both (1) and (2) upon VM shutdown, although cvm will only do this if you run with -XfullShutdown. Otherwise it relies on the OS process cleanup to handle the freeing of resources.

That being said, this hasn't been tested on VxWorks since CDC 1.0 was released a few years ago. VxWorks hasn't been given much attention since then. In fact it still hasn't been updated for CDC 1.1. Once the CDC 1.1 port is done, and any stale VxWorks code is brought up to date, there is still the issue of making sure that all resources are actually freed. Most likely there are some leaks that have been introduced over the years.


Joined: 2006-10-13

Hi Brian,

To add to Chris' reply, I would like to emphasize that the shutdown mechanism is for a complete shutdown of the VM, not for a partial shutdown of only specific threads. If I remember correctly, what the VM does for (2) is to wait for all threads to return before shutting down the VM. The mechanism does not force the threads to return. You will need to look into another mechanism for that (maybe the use of RemoteExceptions). What CVMglobals empowers is the ability to clean up the system (in terms of freeing resources), which is not the same as forced termination.

Also note that the intent to allow easier cleanup was designed in from the start and to the extent that we can, we try to keep the initialization and clean up code up to date. However, it has been a while since this functionality has been thoroughly tested. Hence, as Chris says, there may be some leaks.

Another area of leaks may be the class library native code where CVMglobals may not have been used as rigorously to track globals.


Message was edited by: mlam