1 / 15

Presentation of Singularity

Presentation of Singularity. OS Seminar, winter 2005 by Jacob Munk-Stander November 23 rd , 2005. Overview of Singularity. Singularity is a new research operating system from Microsoft Research Written almost entirely in managed code Sing# (extension of C#) Microkernel

miller
Download Presentation

Presentation of Singularity

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Presentation of Singularity OS Seminar, winter 2005 by Jacob Munk-Stander November 23rd, 2005

  2. Overview of Singularity • Singularity is a new research operating system from Microsoft Research • Written almost entirely in managed code Sing# (extension of C#) • Microkernel • Primary goal of dependability • “Dependability thus includes as special cases such attributes as reliability, availability, safety, security.” • Participants • Cambridge, Silicon Valley and Redmond. • A dozen people are the core contributors (of which two are from DIKU). In total 40-50 people are working on Singularity. • Research groups include Operating Systems, Programming Languages, Compilers, Tools. • In total 11-12 research groups, largest in the history of Microsoft Research.

  3. Dependability • Dependability realized by: • Managed code, i.e. type safety • Software-Isolated Processes, i.e. no shared memory between processes

  4. Low Level Invariants of Singularity • Memory Independence Invariant: • A process does not hold a reference into another process’s object space. • State Isolation Invariant: • A process cannot alter the state of another process using the ABI. • Ownership Invariant: • Ownership of messages are passed from the sender to the receiver. • Exchange Heap Invariant: • Does not contain pointers into any process GC heap.

  5. Managed Code • C# is the base managed programming language • Spec# - an extension of C# developed in Microsoft Research. • Adds support for specifying program behavior, which can be verified either statically or with run-time tests. • Singularity is written in Sing# - an extension of Spec#. • Adds support for channels and low-level constructs.

  6. Managed Code, cont. • Code in Singularity is either verified or trusted: • Verified code’s type and memory safety is checked by a compiler • Trusted code must be trusted by the system • Most of the kernel is verifiably safe, but portions are written in trusted assembler, C++ and unsafe C#. • The rest is written in safe managed code using Sing# • Currently: Sing# -> MSIL -> x86 code • Code is verified at each step • Uses Bartok compiler for MSIL -> x86 code • Future: Typed Assembly Language will be used to verify output of compiler.

  7. Managed Code, cont. • Base managed code has performance somewhat comparable to C/C++. • Given safety invariants of the language, tools can perform additional optimizations not possible with unsafe code, e.g. • due to no dynamic code loading=> complete compile time static analysis • no pointers into other process=> no memory hardware protection

  8. Software-Isolated Processes • Self-contained units, providing: • Information hiding • Failure isolation • Strong interfaces • Run independently, allowing different GCs, etc. • Created and terminated by the OS, allowing for efficient reclamation of resources. • All processes in one protection domain, leading to an order of magnitude better context switch times.

  9. SIPs, cont. • SIPs are used throughout the OS, in drivers and application software. • Application Binary Interfaces maintains system-wide state isolation invariant, i.e. a process cannot alter the state of another process using the ABI.

  10. Channels • Communication between SIPs through bidirectional, strongly typed, higher-order channels, specified using contracts. • Messages on channels are passed between processes using the Exchange Heap, allowing for zero-copy message passing.

  11. Channels, cont. • Integrated into the language, checked at compile time • Contracts • Import Channels • Export Channels • State Machine • Enforces the ownership invariant • Sending messages is asynchronous • Receiving message is blocking

  12. Installation Time • Metadata in applications manifest • Internal properties • Verifies application’s assemblies exists and are type and memory safe • Verifies channel contracts • Verifies ABI versions • External dependencies • Verifies that hardware resources used do not conflict • Verifies that all channels exist and do not conflict with other applications’ • Policies for conflicts, i.e. only one video driver

  13. Performance • Singularity has not been optimized yet • Micro benchmarks:

  14. Performance, cont. • Dynamic memory usage: • SPECweb99, average response time • Cassini web server: 23 conn. of 322 millisec./op. • Windows 2003, IIS: 25 conn. 304 millisec./op.

  15. Additional Information • Video interview with lead researchers Jim Larus and Galen Hunt at Channel 9, includes a discussion forum where they answer additional questions. • Singularity website. • Bartok website. • Software Productivity Tools.

More Related