CN107357666B - Multi-core parallel system processing method based on hardware protection - Google Patents

Multi-core parallel system processing method based on hardware protection Download PDF

Info

Publication number
CN107357666B
CN107357666B CN201710495308.1A CN201710495308A CN107357666B CN 107357666 B CN107357666 B CN 107357666B CN 201710495308 A CN201710495308 A CN 201710495308A CN 107357666 B CN107357666 B CN 107357666B
Authority
CN
China
Prior art keywords
core
read
operating system
program
write
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710495308.1A
Other languages
Chinese (zh)
Other versions
CN107357666A (en
Inventor
李申
刘从新
江磊
龙欣荣
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xian Microelectronics Technology Institute
Original Assignee
Xian Microelectronics Technology Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xian Microelectronics Technology Institute filed Critical Xian Microelectronics Technology Institute
Priority to CN201710495308.1A priority Critical patent/CN107357666B/en
Publication of CN107357666A publication Critical patent/CN107357666A/en
Application granted granted Critical
Publication of CN107357666B publication Critical patent/CN107357666B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/54Interprogram communication
    • G06F9/544Buffers; Shared memory; Pipes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • G06F15/16Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Storage Device Security (AREA)
  • Memory System Of A Hierarchy Structure (AREA)

Abstract

The invention discloses a multi-core parallel system processing method based on hardware protection, which adopts a multi-core DSP processor based on KeyStone architecture to divide the multi-core DSP processor into a main core and a slave core, wherein each core runs an embedded real-time operating system, a main control core operating system runs on the main core, an acceleration core operating system runs on the slave core, the main control core operating system is responsible for control, the acceleration core operating system is responsible for calculation, and the main control core operating system and the acceleration core operating system jointly complete the initialization of high-reliability functions. The method finds errors in the operation of the embedded software in time through hardware abnormal event detection, thereby preventing the system from executing wrong actions and improving the reliability of the embedded multi-core parallel system; meanwhile, a log recording function is provided, and information of an execution environment can be collected when an exception occurs, so that the post analysis and error troubleshooting are facilitated; the background task provides an exception recovery function, and the system can be maintained to continue running without being out of control after an exception occurs.

Description

Multi-core parallel system processing method based on hardware protection
Technical Field
The invention belongs to the technical field of reliability design of a multi-core embedded system, and particularly relates to a multi-core parallel system processing method based on hardware protection.
Background
With the increasingly intensive application requirements of parallel computing, the embedded field processor is rapidly developing from a single core to a multi-core processor, and the multi-core parallel computing becomes an important development direction of the embedded field. With the application of the multi-core parallel system becoming more and more extensive, the function of the multi-core parallel system becomes more and more perfect and complex, and a design method for providing a reliable function for the multi-core parallel system is urgent.
The method includes that the cores in the multi-core parallel system are frequently interacted, namely, an access subject (such as a DSP core) may access a space which is not accessed, the access is divided into a read type, a write type and an execution type, and if the access subject or an address is incorrect, illegal read, write and execution behaviors are generated, and finally the system is unstable and even crashed. The multi-core DSP based on the TI KeyStone framework has a hardware protection mechanism, and corresponding access authority can be set by using the mechanism, so that the reliability of the whole multi-core parallel system is improved.
At present, no design method for realizing the reliability of a multi-core parallel system based on a TI KeyStone framework hardware protection mechanism exists, and the invention provides a design method of a high-reliability multi-core parallel system based on the TI KeyStone hardware protection mechanism, and provides reliability guarantee for the whole multi-core parallel system.
Disclosure of Invention
The technical problem to be solved by the present invention is to provide a multi-core parallel system processing method based on hardware protection, so that the multi-core parallel system can have strong reliability during operation, and when an exception occurs, the method can record exception information in time to facilitate later analysis, and wake up a background task to take over the system to maintain the operation of the system without being out of control.
The invention adopts the following technical scheme:
a multi-core parallel system processing method based on hardware protection is characterized in that a multi-core DSP processor based on a KeyStone framework is adopted and divided into a master core and a slave core, embedded real-time operating systems are operated on the master core and the slave core, a master core operating system is operated on the master core, an acceleration core operating system is operated on the slave core, the master core operating system is responsible for control, the acceleration core operating system is responsible for calculation, the master core operating system initializes shared devices outside the cores and exclusive devices inside the cores, the acceleration core operating system initializes exclusive devices inside the cores, and the master core operating system and the acceleration core operating system jointly complete initialization of high-reliability functions.
Preferably, the method comprises the following steps:
s1, writing a log task in the main control core operating system;
s2, compiling high-priority background tasks in each kernel operating system;
s3, writing an abnormal service program in each core operating system;
s4, writing a periodic timer interrupt service program, refreshing the secondary cache L2 in the interrupt service program, enabling the automatic refreshing function of the multi-core shared memory, and realizing error detection and correction of the bit of the multi-core shared memory;
s5, determining an abnormal event number needing to be captured, associating the event number with an unmasked interrupt, enabling abnormal inspection, and completing configuration of the abnormal inspection;
s6, compiling the computing application tasks on the secondary cores, and deploying the runtime stacks of the computing application tasks of the secondary cores into the multi-core shared memory corresponding to each core;
s7, determining the length range, the access subject and the read-write-execution attribute of each program segment and each area after compiling and linking;
s8, program segments and areas with the same access subject and read-write-execution attribute are continuously arranged through a link script file, program segments and areas with different access subjects and read-write-execution attributes are aligned and arranged according to memory protection granularity, and each program segment and area are loaded into a second-level cache L2;
s9, configuring the corresponding access authority according to the program segment and the area length range in the initialization of the operating system, and configuring the error correction and detection functions of the memories at all levels.
Preferably, in step S1, the logging task periodically reads the log buffer of each core, and transmits the log message in the log buffer to the PC-side log parsing server or to Flash on the target board via TCP/IP protocol according to configuration.
Preferably, in step S2, the high-priority background task has a higher priority than all application tasks to ensure that the high-priority background task runs earlier than all application tasks, and after running, the high-priority background task is suspended until the high-priority background task is awakened and managed in the exception service routine, and waits for an instruction from the outside or reconstructs a computing application task triggering an exception.
Preferably, in step S6, the multi-core shared memory space is evenly distributed according to the number of the processor cores, and the access rights of the master core and the slave core to the shared memory are configured.
Preferably, the hardware protection authority of the corresponding region of each core in the multi-core shared memory is configured in the initialization process of the operating systems of the main core and the slave core:
determining the address range of the multi-core shared memory corresponding to each core;
the method comprises the steps of setting the initial address, the length range, the access subject and the read-write-execution authority of the multi-core shared memory corresponding to a main core and a secondary core by configuring a memory protection register of the multi-core shared memory.
Preferably, in step S7, the operating system and the application are compiled and linked, and the length ranges and the read-write-execution properties of the respective program segments and areas are determined by looking at ELF header information of the generated executable file.
Preferably, in step S8, the program segment and the area on the core include, according to the read-write-execute attribute: the access main bodies of the program read-only code segment, the program read-only data segment and the program read-write data segment are limited to only allow the core to access, the access main body of the data interaction region is limited to allow other cores and main equipment to access, the access main body of the log cache region is limited to allow the main core to read and the core to write, and log information of each core can be read from the region and written into Flash or transmitted through a TCP/IP protocol by using a log task on the main core.
Preferably, the attribute of the program read-only code segment is read-execution and is composed of a text segment; the attribute of the program read-only data segment is read-only and consists of program segments such as const, rodata and cinit; the attribute of the program read-write data segment is read-write, the program read-write data segment is composed of the rest readable and writable program segments, and the attribute of the data interaction area and the attribute of the log cache area are read-write.
Preferably, the configuring of the hardware protection authority of each attribute program segment and area in the secondary cache L2 in the initialization process of the operating systems of the master core and the slave core specifically includes:
determining the address ranges of all program segments and areas after the operating systems in the primary core and the secondary core cache L2 are loaded;
each segment and region start address, length range, access subject, and read-write-execute authority are set by configuring the memory protection registers of the master and slave secondary caches L2.
Compared with the prior art, the invention has at least the following beneficial effects:
the invention relates to a multi-core parallel system processing method based on hardware protection, which adopts a multi-core DSP processor based on KeyStone architecture to divide the multi-core DSP processor into a main core and a slave core, wherein each core runs an embedded real-time operating system, the main core runs a main control core operating system, the slave core runs an accelerated core operating system, the main control core operating system is responsible for control, the accelerated core operating system is responsible for calculation, the main control core operating system initializes an out-core sharing device and an in-core exclusive device, the accelerated core operating system initializes the in-core exclusive device, and the main control core operating system and the accelerated core operating system jointly complete the initialization of high-reliability functions. Under the KeyStone framework, each level of internal memory is provided with a corresponding access control module to realize the protection of a specific address space, and by utilizing the hardware protection mechanism, compared with the traditional software protection method, the invention provides a software and hardware combined reliability design method for a multi-core parallel system based on a multi-core DSP, and can effectively prevent illegal access during the operation of the system.
Furthermore, firstly, a log task is written in the operating system of the main control core, and the log task on the main control core can read the log information cached by each core and write the log information into Flash or transmit the log information through a TCP/IP protocol, so that a user can analyze the state of the system conveniently; then compiling high-priority background tasks in each core operating system, providing an exception recovery function for the multi-core parallel system, and maintaining the system to continue running without being out of control after an exception occurs; then, an abnormal service program is written in each kernel operating system, so that the information of the execution environment can be collected when an abnormality occurs, and the post fault analysis is facilitated; writing a periodic timer interrupt service program, refreshing the L2 in the interrupt service program, enabling the automatic refreshing function of the multi-core shared memory, and realizing error detection and correction of the bit of the multi-core shared memory; then determining an abnormal event number to be captured, associating the event number with the unmasked interrupt, enabling abnormal inspection, and completing configuration of the abnormal inspection; then writing a computing application task on the slave core, and deploying a runtime stack of the computing application task of the slave core to a multi-core shared memory corresponding to each core; then determining the length and the attribute of each program segment; then, program segments with the same attribute are continuously arranged through a link script file, program segments and regions with different access main bodies and read-write-execution attributes are aligned and arranged according to the memory protection granularity, and each program segment and region are loaded into a second-level cache L2; and finally, configuring corresponding access rights according to the program segment and the region length range in the initialization of the operating system, configuring error correction and detection functions of the memories at all levels, and taking the storage space in the L1 level core as a system cache to improve the operating efficiency of the system, wherein any main device in the system does not have any access right to the L1 address region.
Further, in order to ensure that the background task can take over the system after the exception occurs, the highest priority ready task is the background task after the exception service program finishes running, otherwise, the operating system schedules other high priority application tasks, so that the application tasks continue to run in the system abnormal state, and finally the system is crashed.
Further, the multi-core shared memory is averagely distributed to each core according to the number of DSP cores, and the runtime stack space of the computing task is deployed in the divided shared memory fragments instead of the L2 storage space (L1 is configured into a system cache or a cache at this time, and cannot be directly addressed, and the L2 space of each core is short in resources).
Furthermore, since the L2 performs the configuration of the read-write-execution permission with the memory protection granularity of a fixed size, the size of each program segment may not be exactly a multiple of the memory protection granularity, so that the program segments with the same read-write-execution attribute are continuously arranged together, the storage space of the L2 can be saved to the greatest extent, and the internal fragmentation is eliminated. The program read-only code segment and the program read-only data segment are configured with access authority as read-only according to the read-only attribute thereof, so that the program read-only code segment and the program read-only data segment cannot be illegally rewritten, the program read-only data segment cannot be taken as an instruction to be executed, and meanwhile, illegal access by other DSP cores can be prevented; the program read-write data segments are configured with the access authority to be readable and writable according to the readable and writable attributes, so that the program read-write data segments cannot be taken as instructions to be executed, and meanwhile, illegal access by other DSP cores can be prevented; the data interaction area configures the access right to be readable and writable according to the readable and writable attribute of the data interaction area, so that the data interaction area cannot be executed as an instruction, but can be allowed to be accessed by other DSP cores to facilitate data exchange; the log cache area configures the access rights to be readable and writable by its readable and writable attribute so that they cannot be executed as instructions while allowing only the master core to read access thereto.
Furthermore, only the program read-only code segment can be allowed to execute, and program segments cannot be accessed mutually among cores, so that wrong instructions are effectively prevented from being executed after the PC pointer is flown away, and the problems of system crash and the like caused by the PC pointer being flown away can be basically solved.
The technical solution of the present invention is further described in detail by the accompanying drawings and embodiments.
Drawings
FIG. 1 is a flowchart of a method for constructing a highly reliable multi-core parallel system according to an embodiment of the present invention;
FIG. 2 is a layout diagram of the L2 space in the DSP core according to an embodiment of the present invention;
FIG. 3 is a diagram illustrating a functional architecture for reliability of a multi-core parallel system according to an embodiment of the present invention;
fig. 4 is an exemplary diagram of a reliability verification system and a log parsing result according to an embodiment of the present invention.
Detailed Description
The method of the invention is implemented by combining a specific multi-core DSP target board with TI KeyStone architecture. A mechanism related to hardware protection is provided in a KeyStone framework proposed by TI, and a high-reliability function can be established for a multi-core parallel system based on multi-core DSP through the hardware protection mechanism. The invention adopts a TMDSEMM 6678L evaluation board produced by TI company, the board is provided with a single chip 8-core DSP processor TMS320C6678 (C6678 for short) adopting Keystone architecture, the operation frequency of each DSP core can reach 1.25GHz at most, the fixed-point operation and 20GFLOP floating-point operation capabilities of 40GMAC (global computer system architecture) per second are provided, and meanwhile, the hardware platform has a strong cache architecture and various peripheral sets, and is particularly suitable for constructing a multi-core parallel system. Each DSP core has a primary memory/program cache L1P of 32KB and a primary memory/data cache L1D, and a secondary memory/cache L2 of 512 KB. In addition, C6678 also had 4MB of multi-core shared memory space and 512MB of DDR3 memory.
Meanwhile, the C6678 has all hardware protection functions provided by the aforementioned KeyStone architecture, and under the KeyStone architecture, each level of memory has a corresponding access control module to implement protection of a specific address space, specifically, for memory spaces in the core such as L1 and L2, the memory spaces are divided into memory pages of a fixed size, and each page has an mppa (memory page protection attributes) register for configuring read-write-execution permission of the page and a corresponding system master device having the permission, thereby implementing memory protection; for the extra-core storage space, such as the intra-core space of other cores, the multi-core shared Memory and the DDR3 Memory, the read-write-execution permission of each address space and the corresponding system master device having the permission are configured in a Memory segment manner, the read-write-execution permission of different address segments of the extra-core storage space can be configured by each DSP core through an xmc (external Memory controller) in the core, and the length of each segment can be adjusted according to the requirements. 2 sets of MPAX (memory Protection and Address extension) are integrated in a multi-core shared memory controller (MSMC) and are used for configuring read-write-execution permission of a non-DSP core main device in a system to a multi-core shared memory and DDR3, wherein SES/MPAX is used for configuring access of the non-DSP core main device to DDR3, and SMS/MPAX is used for configuring access of the non-DSP core main device to the shared memory. In addition, each level of memory in the system has the functions of error detection and correction, and can detect and correct errors when bit flipping occurs.
For L1D and L1P, C6678 divides 32KB space into 16 pages of size 2KB, i.e. L1D and L1P have memory protection granularity of 2KB, each page has an MPPA register for configuring its read-write-execute authority and ID of the corresponding accessible master, thereby implementing memory protection; the memory protection principle of L2 is similar, and the system divides its 512KB space into 32 pages with size of 16KB, i.e. the memory protection granularity of L2 is 16 KB. For XMC/MPAX, there are 16 pairs of memory protection registers (XMPAXH and XMPAXL), each pair for authority setting to a contiguous piece of address access space (address space size greater than 4KB), thereby preventing illegal access by the DSP core to out-of-core data spaces. The memory protection principles of SES/MPAX and SMS/MPAX of the multi-core shared memory controller are similar, and 8 registers (XMPAXH and XMPAXL) for memory protection are respectively provided. In addition, L1P can detect 1-bit memory errors, and L2 and the multi-core shared memory can detect 2-bit errors and correct 1-bit errors.
The operating system running on the multi-core parallel system mainly comprises a bottom distributed microkernel, a middle layer parallel computing framework and an upper layer complex intensive computing application. The multi-core DSP is divided into a main core and a slave core, each core runs an embedded real-time operating system, the main core runs a main control core operating system, the slave core runs an acceleration core operating system, the main control core operating system is responsible for control, and the acceleration core operating system is responsible for calculation.
The whole set of system takes a DSP core 0 as a main control core and takes DSP cores 1-7 as acceleration cores. Executable image files of the main control core and the acceleration core are stored in an L2 space of each DSP core after the main control core and the acceleration core are loaded, and both L1P and L1D are used as caches to accelerate the execution speed of the system.
The main control core operating system initializes the shared device outside the core and the exclusive device inside the core, the acceleration core operating system initializes the exclusive device inside the core, and the main control core operating system and the acceleration core operating system jointly complete the initialization of the high-reliability function.
The operating system of each core will load into the intra-core L2 memory space after the compilation links are complete, and in order to ensure that each program segment with the same read-write-execute attribute will be immediately adjacent in address space after loading and aligned according to memory pages, each program segment can be rearranged by writing a link script. After arrangement, the system can be divided into a program read-only code segment, a program read-only data segment, a program read-write data segment, a data interaction region and a log cache region in L2, wherein the attribute of the program read-only code segment is read-executed and mainly comprises a text segment; the attribute of the program read-only data segment is read-only and mainly comprises program segments of const, rodata, cinit and the like; the attribute of the program read-write data segment is read-write and is formed by the rest readable and writable program segments; the three sections only allow the access of the core, and other cores have no right to access; the attributes of the data interaction area and the log cache area are read-write, wherein the data interaction area allows other cores and main equipment to access and is mainly used for computing data interaction when the multi-core parallel system runs; the log cache region allows the main core to read and write in, the local core generates log information and writes in the region, and log tasks on the main core can read the log information of each core from the region and write in Flash or transmit through a TCP/IP protocol.
Configuring the hardware protection authority of each attribute program segment and area in the L2 in the initialization process of the operating system specifically includes:
1. determining the address range of each program segment and area after the operating system is loaded;
2. each program segment and area start address, length range, and access subject and read-write-execute authority are set by configuring the MPPA register of L2.
By the configuration, program segments cannot be accessed mutually among cores, only the program read-only code segment can be allowed to be executed, and once the program read-only code segment is illegally accessed, exception is triggered and access is denied, so that wrong instructions are effectively prevented from being executed after a PC pointer is flown away, and the problems of system crash and the like caused by the PC pointer being flown away can be basically solved.
In the invention, the storage space in the L1-level core is used as a system cache for improving the operation efficiency of the system, and if the area is directly accessed, corresponding exception is triggered, so that the access authority of the L1 also needs to be set. The MPPA register of L1 is configured to set the access rights of the entire address area of L1 to 0, indicating that any master in the system does not have any access rights to the L1 address area.
The method has the advantages that the computing application written by a user is generally run on the core operating system, task switching of the computing application cannot occur before the running is finished, the computing application is written by the user and multi-core interaction exists, so that system breakdown caused by the fact that the user application accesses an illegal address space needs to be prevented, in addition, complex computing application often has large requirements on a runtime stack space, and the risk of runtime stack overflow is possibly caused. In order to prevent overwriting of a space adjacent to a stack after stack overflow, a multi-core shared memory outside cores is divided averagely, each core has a section of dedicated multi-core shared memory space as a running stack of a calculation task, a DSP (digital signal processor) checks that the dedicated multi-core shared memory space has read-write permission by configuring the XMC, and other non-core main devices cannot access the section of space by configuring SMS/MPAX (short message service/multiple processor access), so that when the stack overflows, adjacent illegal addresses are inevitably accessed to trigger hardware protection abnormity.
The error detection and correction functions of the memories at all levels are enabled, and when bit inversion occurs in the system, the error detection and correction needs to be carried out in time. However, the system can correct only 1-bit errors and can detect only 2-bit or more errors, and therefore, the system must complete the error correction function after the 1-bit error occurs and before the 2-bit error occurs. The error detection function of the memory must be triggered by reading, so that data needs to be read out from the memory periodically for detection in order to find errors timely. The timer interruption is set in the system, the timer interruption is triggered after each period is finished, and the reading and writing back operation of the memory data is carried out in the interruption service program, so that the purpose of timely error correction is realized.
Since the hardware protection mechanism must be triggered by an event, the exception events to be detected must be determined and registered. Specifically, the method comprises the steps of removing shielding of the system on an event needing to be captured, enabling an abnormal detection mark and enabling unmasked interrupts corresponding to an abnormal service program. When a task runs, a hardware protection exception in the system can report a corresponding event after the exception occurs, and if the event is not shielded and the exception check is enabled, the event can trigger a program to jump and enter an exception service program vector entry. And at the entry of the abnormal service program, switching a runtime stack space, namely switching from a task stack to a system stack, and then continuing to perform subsequent abnormal service program processing. In the exception service program, it is necessary to record the current key registers of the system, specifically including a status register, a return address register, a clock register, a stack pointer register, a parameter register, a return value register, an exception flag register, etc., to help locate the instruction position of the trigger exception and to investigate the cause of the trigger exception. And after completing the collection of the execution environment when the exception occurs, the exception service program writes the execution environment into a log cache region, and finally awakens the background task takeover system.
A high-priority background task is created when each core operating system is initialized, and after the system is started, the high-priority background task is higher than the computing application, so the high-priority background task can be operated before the computing application. And then the background task is suspended, and the abnormal service program is awakened and connected with the management system after the abnormal service program is operated. The background task may choose to reconstruct the task, or wait for an external command.
The reliability of the system is realized by using the C6678 hardware protection mechanism, as shown in fig. 1, the specific implementation steps are as follows:
s1, writing a log task in the main control core operating system, wherein the task periodically reads the log buffer area of each core, and can transmit the log message in the log buffer area to a PC end log analysis server or store the log message in Flash on a target board through a TCP/IP protocol according to configuration;
and S2, writing a high-priority background task in each core operating system, wherein the priority of the high-priority background task is higher than that of all application tasks so as to ensure that the high-priority background task runs earlier than all application tasks, and suspending the background task after running. The abnormal service program is awakened and connected with the system until the abnormal service program is awakened and connected with the system, and an instruction from the outside is waited or an abnormal computing application task is reconstructed and triggered;
s3, writing an exception service program in each core operating system, and collecting the system execution environment including a state register, a return address register, a clock register, a stack pointer register, a parameter register, a return value register, an exception flag register and the like when the exception is triggered in the service program to help locate the instruction position of the trigger exception and investigate the reason of the trigger exception. After the abnormal service program finishes the collection of the execution environment when the abnormality occurs, the abnormal service program is written into a log cache region, and finally a background task takeover system is awakened;
s4, writing a cycle timer interrupt service program, refreshing the L2 in the interrupt service program, specifically reading and writing data through IDMA (in-core DMA), thereby realizing error detection and correction of bits in L2; the automatic refreshing function of the multi-core shared memory is enabled, so that error detection and correction of the bit of the multi-core shared memory are realized;
s5, determining an abnormal event number needing to be captured, associating the event number with an unmasked interrupt, enabling abnormal inspection, and completing configuration of the abnormal inspection; for example, event number 120 of C6678 indicates that a memory protection fault occurs when the DSP core accesses L1P, and event number 122 indicates that a memory protection fault occurs when the DSP core directly or indirectly accesses L1D;
s6, compiling a computing task on the slave core, averagely dividing the multi-core shared memory into 8 segments, wherein each segment is 512KB, and deploying the runtime stack of the slave core task into the multi-core shared memory corresponding to each core;
s7, compiling and linking the operating system and the application, and checking the generated map file, wherein the map file is used for analyzing ELF header information of an executable file and determining the length and the attribute of each program segment;
s8, program segments with the same attribute are continuously arranged through a cmd link script file, and are divided into a program read-only code segment, a program read-only data segment and a program read-write data segment as shown in FIG. 2, the residual space in the L2 is divided into a data interaction area and a log cache area, each segment and each area are aligned according to 16KB bytes, and then the length ranges of each segment and each area are determined after recompilation and linkage;
s9, configuring the corresponding access authority according to the program segment and the region length range in the initialization of the operating system, configuring the access authority of the L1P and the L1D cache, configuring the access authority of the runtime stack in the shared memory, and configuring the error correction and detection functions of the memories at all levels. The reliability functional architecture of the whole multi-core parallel system after configuration is shown in fig. 3.
The implementation steps are adopted to construct a high-reliability multi-core parallel system, and a computing application task for relevant testing and a PC (personal computer) end log analysis server are compiled for testing, wherein the testing contents comprise stack overflow detection and protection, stack read-write protection, code run-off protection, program read-only segment protection, L1cache protection, L1P error detection, LL2 error detection and correction, multi-core shared memory error detection and correction, protection of other reserved spaces and the like. The test results are shown in the following table:
TABLE 1
Figure BDA0001332383360000121
Figure BDA0001332383360000131
The above itemized tests show that most of the reliability measures have an effective rate of 100%, and the code run-off detection has a low effective rate, because the given random run-off address is located in the program read-only code segment of L2 in the DSP core, the effective rate does not reach 100%. If such a run-out in the code region occurs, other methods may be used for protection (e.g., a watchdog circuit).
The log task of the main control core operating system reads the log information in the log cache region and transmits the log information to the PC-side log parsing server through the TCP/IP protocol, and the result after parsing by the log parser is shown in a log recording window in fig. 4. Through the background task, after the exception is triggered in each test, the whole system does not need to be restarted by power failure, but the background task takes over the system and waits for a new test command sent by the PC terminal.
In summary, the present invention provides a high-reliability multi-core parallel system processing method based on hardware protection, which can effectively improve the reliability of an embedded multi-core parallel system, effectively detect common software errors represented by stack overflow, and protect the system from executing erroneous actions; meanwhile, a log recording function is provided, and information of an execution environment can be collected when an exception occurs, so that the post analysis and error troubleshooting are facilitated; the background task provides an exception recovery function, and the system can be maintained to continue running without being out of control after an exception occurs.

Claims (8)

1. A multi-core parallel system processing method based on hardware protection is characterized in that a multi-core DSP processor based on a KeyStone framework is adopted and divided into a master core and a slave core, the master core and the slave core run embedded real-time operating systems, a master control core operating system runs on the master core, an acceleration core operating system runs on the slave core, the master control core operating system is responsible for control, the acceleration core operating system is responsible for calculation, the master control core operating system initializes an out-core sharing device and an in-core exclusive device, the acceleration core operating system initializes the in-core exclusive device, and the master control core operating system and the acceleration core operating system jointly complete initialization of high-reliability functions, and the method comprises the following steps:
s1, writing a log task in the main control core operating system;
s2, compiling high-priority background tasks in each kernel operating system;
s3, writing an abnormal service program in each core operating system;
s4, writing a periodic timer interrupt service program, refreshing the secondary cache L2 in the interrupt service program, enabling the automatic refreshing function of the multi-core shared memory, and realizing error detection and correction of the bit of the multi-core shared memory;
s5, determining an abnormal event number needing to be captured, associating the event number with an unmasked interrupt, enabling abnormal inspection, and completing configuration of the abnormal inspection;
s6, compiling the computing application tasks on the secondary cores, and deploying the runtime stacks of the computing application tasks of the secondary cores into the multi-core shared memory corresponding to each core;
s7, determining the length range, the access subject and the read-write-execution attribute of each program segment and each area after compiling and linking;
s8, program segments and areas with the same access subject and read-write-execution attribute are continuously arranged through a link script file, program segments and areas with different access subjects and read-write-execution attributes are aligned according to the memory protection granularity, each program segment and area are loaded into a second-level cache L2, and the program segments and areas on the core include according to the read-write-execution attribute: the access main bodies of the program read-only code segment, the program read-only data segment and the program read-write data segment are limited to only allow local core access, the access main body of the data interaction region is limited to allow other cores and main equipment to access, the access main body of the log cache region is limited to allow the main core to read and the local core to write, and log information of each core can be read from the region and written into Flash or transmitted through a TCP/IP protocol;
s9, configuring the corresponding access authority according to the program segment and the area length range in the initialization of the operating system, and configuring the error correction and detection functions of the memories at all levels.
2. The multi-core parallel system processing method based on hardware protection according to claim 1, wherein in step S1, the logging task periodically reads the log buffer of each core, and transmits the log message in the log buffer to the PC-side log resolution server or to Flash on the target board via TCP/IP protocol according to configuration.
3. The multi-core parallel system processing method based on hardware protection according to claim 1, wherein in step S2, the high priority background task has a higher priority than all application tasks to ensure that it runs earlier than all application tasks, and after running, the background task is suspended until the exception service program wakes up and manages the system to wait for an instruction from the outside or reconstructs a computing application task triggering an exception.
4. The multi-core parallel system processing method based on hardware protection according to claim 1, wherein in step S6, the multi-core shared memory space is evenly distributed according to the number of the processor cores, and the access rights of the master core and the slave core to the shared memory are configured.
5. The multi-core parallel system processing method based on hardware protection according to claim 1, wherein the hardware protection authority of each core corresponding region in the multi-core shared memory is configured in the initialization process of the operating systems of the main core and the slave core:
determining the address range of the multi-core shared memory corresponding to each core;
the method comprises the steps of setting the initial address, the length range, the access subject and the read-write-execution authority of the multi-core shared memory corresponding to a main core and a secondary core by configuring a memory protection register of the multi-core shared memory.
6. The multi-core parallel system processing method based on hardware protection according to claim 1, wherein in step S7, compiling link is performed on the operating system and the application, and the length range and the read-write-execution attribute of each program segment and region are determined by looking at ELF header information of the generated executable file.
7. The hardware protection-based multi-core parallel system processing method as claimed in claim 1, wherein the attribute of the program read-only code segment is read-execute, and is composed of text segments; the attribute of the program read-only data segment is read-only and consists of program segments such as const, rodata and cinit; the attribute of the program read-write data segment is read-write, the program read-write data segment is composed of the rest readable and writable program segments, and the attribute of the data interaction area and the attribute of the log cache area are read-write.
8. The multi-core parallel system processing method based on hardware protection according to claim 1, wherein the hardware protection permission of each attribute program segment and area in the secondary cache L2 is configured in the initialization process of the operating systems of the primary core and the secondary core, specifically:
determining the address ranges of all program segments and areas after the operating systems in the primary core and the secondary core cache L2 are loaded;
each segment and region start address, length range, access subject, and read-write-execute authority are set by configuring the memory protection registers of the master and slave secondary caches L2.
CN201710495308.1A 2017-06-26 2017-06-26 Multi-core parallel system processing method based on hardware protection Active CN107357666B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710495308.1A CN107357666B (en) 2017-06-26 2017-06-26 Multi-core parallel system processing method based on hardware protection

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710495308.1A CN107357666B (en) 2017-06-26 2017-06-26 Multi-core parallel system processing method based on hardware protection

Publications (2)

Publication Number Publication Date
CN107357666A CN107357666A (en) 2017-11-17
CN107357666B true CN107357666B (en) 2020-04-21

Family

ID=60273182

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710495308.1A Active CN107357666B (en) 2017-06-26 2017-06-26 Multi-core parallel system processing method based on hardware protection

Country Status (1)

Country Link
CN (1) CN107357666B (en)

Families Citing this family (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108363912B (en) * 2018-02-28 2021-04-13 苏州国芯科技股份有限公司 Program code secret protection method and device
CN109240844B (en) * 2018-08-20 2022-03-22 成都国科微电子有限公司 Log obtaining method and system
CN109634729A (en) * 2018-11-20 2019-04-16 中国船舶重工集团公司第七0七研究所 A kind of parallel calculation method of inertial navigation equipment multi-core DSP
CN110045992B (en) * 2019-04-24 2020-03-13 北京翼辉信息技术有限公司 Universal system and method suitable for multi-core board card
CN110297661B (en) * 2019-05-21 2021-05-11 华东计算技术研究所(中国电子科技集团公司第三十二研究所) Parallel computing method, system and medium based on AMP framework DSP operating system
CN110750375B (en) * 2019-07-16 2023-07-21 许昌许继软件技术有限公司 Embedded equipment and abnormal information processing method thereof
CN110545319A (en) * 2019-08-23 2019-12-06 武汉久同智能科技有限公司 design of SoC core system and method for realizing task communication between cores
WO2021120068A1 (en) * 2019-12-18 2021-06-24 深圳市汇顶科技股份有限公司 Method for managing power supply state of memory, and chip
CN112035394B (en) * 2020-07-27 2021-04-27 首都师范大学 Storage device of multi-core processor for real-time processing and data processing method
CN112162879A (en) * 2020-09-30 2021-01-01 中国科学院计算技术研究所 Log system of real-time multi-core DSP software
CN114116645A (en) * 2021-12-02 2022-03-01 南京地平线集成电路有限公司 Log management method and device for multi-processing unit, storage medium and electronic equipment
CN114257643B (en) * 2022-01-28 2023-03-24 北京安帝科技有限公司 Log transmission method and system
CN114968962A (en) * 2022-08-01 2022-08-30 中瓴智行(成都)科技有限公司 Log management method and system based on multi-core communication and electronic equipment
CN115185746B (en) * 2022-09-07 2022-11-25 中国电子科技集团公司第五十八研究所 Context environment backup and recovery method based on C66x multi-core DSP chip
CN116028422A (en) * 2023-02-14 2023-04-28 北京智芯微电子科技有限公司 Heterogeneous multi-core system, inter-core communication method thereof, chip and storage medium
CN117591036B (en) * 2024-01-18 2024-03-19 四川云海芯科微电子科技有限公司 Bit occupation data filling method and system based on firmware and chip microkernel
CN118069067A (en) * 2024-04-16 2024-05-24 泉州华中科技大学智能制造研究院 Nor Flash data storage method and device based on master-slave-free TCP communication

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6335927B1 (en) * 1996-11-18 2002-01-01 Mci Communications Corporation System and method for providing requested quality of service in a hybrid network
US10360039B2 (en) * 2009-09-28 2019-07-23 Nvidia Corporation Predicted instruction execution in parallel processors with reduced per-thread state information including choosing a minimum or maximum of two operands based on a predicate value
CN102662740B (en) * 2012-03-29 2014-12-10 迈普通信技术股份有限公司 Asymmetric multi-core system and realization method thereof
US9431077B2 (en) * 2013-03-13 2016-08-30 Qualcomm Incorporated Dual host embedded shared device controller
CN103885919B (en) * 2014-03-20 2017-01-04 北京航空航天大学 A kind of many DSP and FPGA parallel processing system (PPS)s and implementation method
CN104820582A (en) * 2015-05-14 2015-08-05 西安电子科技大学 Realization method of multicore embedded DSP (Digital Signal Processor) parallel programming model based on Navigator
CN105045658B (en) * 2015-07-02 2018-10-23 西安电子科技大学 A method of realizing that dynamic task scheduling is distributed using multinuclear DSP embedded

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
T-RBAC based Multi-domain Access Control Method in Cloud;Dapeng Xiong,Liang Chen;《Network Protocols and Algorithms》;20161231;全文 *

Also Published As

Publication number Publication date
CN107357666A (en) 2017-11-17

Similar Documents

Publication Publication Date Title
CN107357666B (en) Multi-core parallel system processing method based on hardware protection
US11048588B2 (en) Monitoring the operation of a processor
US8457943B2 (en) System and method for simulating a multiprocessor system
Greathouse et al. Demand-driven software race detection using hardware performance counters
US9575816B2 (en) Deadlock/livelock resolution using service processor
CN101661440A (en) Secure information processing
US10795997B2 (en) Hardened safe stack for return oriented programming attack mitigation
US10423795B2 (en) Method, checking device, and system for determining security of a processor
CN103226499A (en) Method and device for restoring abnormal data in internal memory
CN107977577B (en) Access instruction access detection method and device
WO2020007813A1 (en) Computing device with increased resistance against rowhammer attacks
EP2645249A1 (en) Information processing apparatus, and method of controlling information processing apparatus
CN117149644A (en) Memory overflow detection method, device, operating system, equipment and storage medium
Bapp et al. Towards fail-operational systems on controller level using heterogeneous multicore soc architectures and hardware support
CN115576734A (en) Multi-core heterogeneous log storage method and system
CN111061591B (en) System and method for implementing data integrity check based on memory integrity check controller
Qin System Support for Improving Software Dependability During Production Runs
Botler et al. Jit fault detection: increasing availability in 1oo2 systems just-in-time
US20230161678A1 (en) Classification of different types of cache misses
Bagdasar Hardware Error Injection, Analysis and Tolerance at Operating System Level
RU173842U1 (en) DEVICE FOR EMULSING SINGLE FAILURES IN THE INTERNAL CRYSTAL CACHE OF THE PROCESSOR
Orosa et al. A hardware approach to detect, expose and tolerate high level data races
Bekele Reliability and Performance of Secured Single Board Computer-Based Autonomous Systems: A Study on Hardware Fault Occurrence
Canino et al. HW-SW interface design and implementation for error logging and reporting for RAS improvement
Seshua et al. A Run-Time Memory Protection Methodology

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant