how to rewrite the os using c by strong type
DESCRIPTION
TRANSCRIPT
![Page 1: How to rewrite the OS using C by strong type](https://reader033.vdocuments.mx/reader033/viewer/2022061300/54c86b274a79598b518b45a1/html5/thumbnails/1.jpg)
How to rewrite the OS using C by strong type
How to rewrite the OS using C by strong type
How to rewrite the OS using C by strong type
How to rewrite the OS using C by strong type
How to rewrite the OS using C by strong type
Metasepi Project / Kiwamu OkabeMetasepi Project / Kiwamu OkabeMetasepi Project / Kiwamu OkabeMetasepi Project / Kiwamu OkabeMetasepi Project / Kiwamu Okabe
![Page 2: How to rewrite the OS using C by strong type](https://reader033.vdocuments.mx/reader033/viewer/2022061300/54c86b274a79598b518b45a1/html5/thumbnails/2.jpg)
Who am I?Who am I?Who am I?Who am I?Who am I?
☆ http://www.masterq.net/☆ http://www.masterq.net/☆ http://www.masterq.net/☆ http://www.masterq.net/☆ http://www.masterq.net/
☆ Organizer of Metasepi Project☆ Organizer of Metasepi Project☆ Organizer of Metasepi Project☆ Organizer of Metasepi Project☆ Organizer of Metasepi Project
☆ A developer of Ajhc Haskell compiler☆ A developer of Ajhc Haskell compiler☆ A developer of Ajhc Haskell compiler☆ A developer of Ajhc Haskell compiler☆ A developer of Ajhc Haskell compiler
☆ A Debian Maintainer☆ A Debian Maintainer☆ A Debian Maintainer☆ A Debian Maintainer☆ A Debian Maintainer
☆ 10 years' experience in developing OS using NetBSD☆ 10 years' experience in developing OS using NetBSD☆ 10 years' experience in developing OS using NetBSD☆ 10 years' experience in developing OS using NetBSD☆ 10 years' experience in developing OS using NetBSD
![Page 3: How to rewrite the OS using C by strong type](https://reader033.vdocuments.mx/reader033/viewer/2022061300/54c86b274a79598b518b45a1/html5/thumbnails/3.jpg)
AgendaAgendaAgendaAgendaAgenda
☆ [1] Problems of OS using C☆ [1] Problems of OS using C☆ [1] Problems of OS using C☆ [1] Problems of OS using C☆ [1] Problems of OS using C
☆ [2] Type safety☆ [2] Type safety☆ [2] Type safety☆ [2] Type safety☆ [2] Type safety
☆ [3] Existing OS using strong type☆ [3] Existing OS using strong type☆ [3] Existing OS using strong type☆ [3] Existing OS using strong type☆ [3] Existing OS using strong type
☆ [4] Snatch-driven development☆ [4] Snatch-driven development☆ [4] Snatch-driven development☆ [4] Snatch-driven development☆ [4] Snatch-driven development
☆ [5] Demo☆ [5] Demo☆ [5] Demo☆ [5] Demo☆ [5] Demo
☆ [6] Case study of Snatch☆ [6] Case study of Snatch☆ [6] Case study of Snatch☆ [6] Case study of Snatch☆ [6] Case study of Snatch
☆ [7] Future work☆ [7] Future work☆ [7] Future work☆ [7] Future work☆ [7] Future work
![Page 4: How to rewrite the OS using C by strong type](https://reader033.vdocuments.mx/reader033/viewer/2022061300/54c86b274a79598b518b45a1/html5/thumbnails/4.jpg)
[1] Problems of OS using C[1] Problems of OS using C[1] Problems of OS using C[1] Problems of OS using C[1] Problems of OS using C
☆ Most OS uses C language☆ Most OS uses C language☆ Most OS uses C language☆ Most OS uses C language☆ Most OS uses C language
☆ C is good for system programming☆ C is good for system programming☆ C is good for system programming☆ C is good for system programming☆ C is good for system programming
☆ But C occurs many problems☆ But C occurs many problems☆ But C occurs many problems☆ But C occurs many problems☆ But C occurs many problems
![Page 5: How to rewrite the OS using C by strong type](https://reader033.vdocuments.mx/reader033/viewer/2022061300/54c86b274a79598b518b45a1/html5/thumbnails/5.jpg)
Buffer overrunBuffer overrunBuffer overrunBuffer overrunBuffer overrun
☆ Pointer to array doesn't know the length☆ Pointer to array doesn't know the length☆ Pointer to array doesn't know the length☆ Pointer to array doesn't know the length☆ Pointer to array doesn't know the length
![Page 6: How to rewrite the OS using C by strong type](https://reader033.vdocuments.mx/reader033/viewer/2022061300/54c86b274a79598b518b45a1/html5/thumbnails/6.jpg)
Page fault in kernelPage fault in kernelPage fault in kernelPage fault in kernelPage fault in kernel
☆ Page fault in user space => SEGV☆ Page fault in user space => SEGV☆ Page fault in user space => SEGV☆ Page fault in user space => SEGV☆ Page fault in user space => SEGV
☆ Page fault in kernel space => Halt!☆ Page fault in kernel space => Halt!☆ Page fault in kernel space => Halt!☆ Page fault in kernel space => Halt!☆ Page fault in kernel space => Halt!
![Page 7: How to rewrite the OS using C by strong type](https://reader033.vdocuments.mx/reader033/viewer/2022061300/54c86b274a79598b518b45a1/html5/thumbnails/7.jpg)
Weak typeWeak typeWeak typeWeak typeWeak type
☆ Great use of (void *) type☆ Great use of (void *) type☆ Great use of (void *) type☆ Great use of (void *) type☆ Great use of (void *) type
☆ NetBSD kernel uses 45130 times!☆ NetBSD kernel uses 45130 times!☆ NetBSD kernel uses 45130 times!☆ NetBSD kernel uses 45130 times!☆ NetBSD kernel uses 45130 times!$ pwd/home/kiwamu/src/netbsd/sys$ grep "void \*" `find . -name "*.c"` | wc -l45130
$ pwd/home/kiwamu/src/netbsd/sys$ grep "void \*" `find . -name "*.c"` | wc -l45130
$ pwd/home/kiwamu/src/netbsd/sys$ grep "void \*" `find . -name "*.c"` | wc -l45130
$ pwd/home/kiwamu/src/netbsd/sys$ grep "void \*" `find . -name "*.c"` | wc -l45130
$ pwd/home/kiwamu/src/netbsd/sys$ grep "void \*" `find . -name "*.c"` | wc -l45130
☆ No choice but to use weak type for flexibility☆ No choice but to use weak type for flexibility☆ No choice but to use weak type for flexibility☆ No choice but to use weak type for flexibility☆ No choice but to use weak type for flexibility
![Page 8: How to rewrite the OS using C by strong type](https://reader033.vdocuments.mx/reader033/viewer/2022061300/54c86b274a79598b518b45a1/html5/thumbnails/8.jpg)
[2] Type safety[2] Type safety[2] Type safety[2] Type safety[2] Type safety
☆ Get less runtime errors☆ Get less runtime errors☆ Get less runtime errors☆ Get less runtime errors☆ Get less runtime errors
![Page 9: How to rewrite the OS using C by strong type](https://reader033.vdocuments.mx/reader033/viewer/2022061300/54c86b274a79598b518b45a1/html5/thumbnails/9.jpg)
Avoid buffer overrunAvoid buffer overrunAvoid buffer overrunAvoid buffer overrunAvoid buffer overrun
Strong type avoids buffer overrun.Strong type avoids buffer overrun.Strong type avoids buffer overrun.Strong type avoids buffer overrun.Strong type avoids buffer overrun.
![Page 10: How to rewrite the OS using C by strong type](https://reader033.vdocuments.mx/reader033/viewer/2022061300/54c86b274a79598b518b45a1/html5/thumbnails/10.jpg)
Avoid page fault in kernelAvoid page fault in kernelAvoid page fault in kernelAvoid page fault in kernelAvoid page fault in kernel
Only touch the area constructed.Only touch the area constructed.Only touch the area constructed.Only touch the area constructed.Only touch the area constructed.
![Page 11: How to rewrite the OS using C by strong type](https://reader033.vdocuments.mx/reader033/viewer/2022061300/54c86b274a79598b518b45a1/html5/thumbnails/11.jpg)
Flexibility without weak typeFlexibility without weak typeFlexibility without weak typeFlexibility without weak typeFlexibility without weak type
☆ Algebraic data type☆ Algebraic data type☆ Algebraic data type☆ Algebraic data type☆ Algebraic data typedata Node = Leaf Integer | Branch Node Nodedata Node = Leaf Integer | Branch Node Nodedata Node = Leaf Integer | Branch Node Nodedata Node = Leaf Integer | Branch Node Nodedata Node = Leaf Integer | Branch Node Node
☆ Type class☆ Type class☆ Type class☆ Type class☆ Type classclass Functor f where fmap :: (a -> b) -> f a -> f binstance Functor [] where fmap f (x:xs) = f x : fmap f xs fmap f [] = []instance Functor Maybe where fmap _ Nothing = Nothing fmap f (Just x) = Just (f x)
class Functor f where fmap :: (a -> b) -> f a -> f binstance Functor [] where fmap f (x:xs) = f x : fmap f xs fmap f [] = []instance Functor Maybe where fmap _ Nothing = Nothing fmap f (Just x) = Just (f x)
class Functor f where fmap :: (a -> b) -> f a -> f binstance Functor [] where fmap f (x:xs) = f x : fmap f xs fmap f [] = []instance Functor Maybe where fmap _ Nothing = Nothing fmap f (Just x) = Just (f x)
class Functor f where fmap :: (a -> b) -> f a -> f binstance Functor [] where fmap f (x:xs) = f x : fmap f xs fmap f [] = []instance Functor Maybe where fmap _ Nothing = Nothing fmap f (Just x) = Just (f x)
class Functor f where fmap :: (a -> b) -> f a -> f binstance Functor [] where
fmap f (x:xs) = f x : fmap f xsfmap f [] = []
instance Functor Maybe wherefmap _ Nothing = Nothingfmap f (Just x) = Just (f x)
☆ Type inference☆ Type inference☆ Type inference☆ Type inference☆ Type inference
![Page 12: How to rewrite the OS using C by strong type](https://reader033.vdocuments.mx/reader033/viewer/2022061300/54c86b274a79598b518b45a1/html5/thumbnails/12.jpg)
Kernel needs strong typeKernel needs strong typeKernel needs strong typeKernel needs strong typeKernel needs strong type
☆ IoT:Internet of Things☆ IoT:Internet of Things☆ IoT:Internet of Things☆ IoT:Internet of Things☆ IoT:Internet of Things
☆ Poor hardware, and Rich feature☆ Poor hardware, and Rich feature☆ Poor hardware, and Rich feature☆ Poor hardware, and Rich feature☆ Poor hardware, and Rich feature
☆ Many custom requests shower kernel☆ Many custom requests shower kernel☆ Many custom requests shower kernel☆ Many custom requests shower kernel☆ Many custom requests shower kernel
☆ Strong type is needed by kernel rather than application on user space☆ Strong type is needed by kernel rather than application on user space☆ Strong type is needed by kernel rather than application on user space☆ Strong type is needed by kernel rather than application on user space☆ Strong type is needed by kernel rather than application on user space
![Page 13: How to rewrite the OS using C by strong type](https://reader033.vdocuments.mx/reader033/viewer/2022061300/54c86b274a79598b518b45a1/html5/thumbnails/13.jpg)
[3] Existing OS using strong type[3] Existing OS using strong type[3] Existing OS using strong type[3] Existing OS using strong type[3] Existing OS using strong type
Alreadly we have.Alreadly we have.Alreadly we have.Alreadly we have.Alreadly we have.
☆ Funk☆ Funk☆ Funk☆ Funk☆ Funkhttp://home.gna.org/funk/http://home.gna.org/funk/http://home.gna.org/funk/http://home.gna.org/funk/http://home.gna.org/funk/
☆ snowflake-os☆ snowflake-os☆ snowflake-os☆ snowflake-os☆ snowflake-oshttps://code.google.com/p/snowflake-os/https://code.google.com/p/snowflake-os/https://code.google.com/p/snowflake-os/https://code.google.com/p/snowflake-os/https://code.google.com/p/snowflake-os/
☆ House☆ House☆ House☆ House☆ Househttp://programatica.cs.pdx.edu/House/http://programatica.cs.pdx.edu/House/http://programatica.cs.pdx.edu/House/http://programatica.cs.pdx.edu/House/http://programatica.cs.pdx.edu/House/
Why isn't it for daily use?Why isn't it for daily use?Why isn't it for daily use?Why isn't it for daily use?Why isn't it for daily use?
![Page 14: How to rewrite the OS using C by strong type](https://reader033.vdocuments.mx/reader033/viewer/2022061300/54c86b274a79598b518b45a1/html5/thumbnails/14.jpg)
Poor design and less functionsPoor design and less functionsPoor design and less functionsPoor design and less functionsPoor design and less functions
☆ Design from scratch☆ Design from scratch☆ Design from scratch☆ Design from scratch☆ Design from scratch
☆ Polling interrupt☆ Polling interrupt☆ Polling interrupt☆ Polling interrupt☆ Polling interrupt
☆ Not have bus driver☆ Not have bus driver☆ Not have bus driver☆ Not have bus driver☆ Not have bus driver
☆ Support less devices☆ Support less devices☆ Support less devices☆ Support less devices☆ Support less devices
☆ Only for x86☆ Only for x86☆ Only for x86☆ Only for x86☆ Only for x86
☆ Can't run Firefox☆ Can't run Firefox☆ Can't run Firefox☆ Can't run Firefox☆ Can't run Firefox
![Page 15: How to rewrite the OS using C by strong type](https://reader033.vdocuments.mx/reader033/viewer/2022061300/54c86b274a79598b518b45a1/html5/thumbnails/15.jpg)
No compatible POSIXNo compatible POSIXNo compatible POSIXNo compatible POSIXNo compatible POSIX
![Page 16: How to rewrite the OS using C by strong type](https://reader033.vdocuments.mx/reader033/viewer/2022061300/54c86b274a79598b518b45a1/html5/thumbnails/16.jpg)
[4] Snatch-driven development[4] Snatch-driven development[4] Snatch-driven development[4] Snatch-driven development[4] Snatch-driven development
Rewrite kernel using C with strong type by little and little.Rewrite kernel using C with strong type by little and little.Rewrite kernel using C with strong type by little and little.Rewrite kernel using C with strong type by little and little.Rewrite kernel using C with strong type by little and little.
![Page 17: How to rewrite the OS using C by strong type](https://reader033.vdocuments.mx/reader033/viewer/2022061300/54c86b274a79598b518b45a1/html5/thumbnails/17.jpg)
UNIX like OS needs reentrantUNIX like OS needs reentrantUNIX like OS needs reentrantUNIX like OS needs reentrantUNIX like OS needs reentrant
![Page 18: How to rewrite the OS using C by strong type](https://reader033.vdocuments.mx/reader033/viewer/2022061300/54c86b274a79598b518b45a1/html5/thumbnails/18.jpg)
Strong type OS uses polling intrStrong type OS uses polling intrStrong type OS uses polling intrStrong type OS uses polling intrStrong type OS uses polling intr
![Page 19: How to rewrite the OS using C by strong type](https://reader033.vdocuments.mx/reader033/viewer/2022061300/54c86b274a79598b518b45a1/html5/thumbnails/19.jpg)
Ajhc Haskell compilerAjhc Haskell compilerAjhc Haskell compilerAjhc Haskell compilerAjhc Haskell compiler
Context can run without lock.Context can run without lock.Context can run without lock.Context can run without lock.Context can run without lock.
![Page 20: How to rewrite the OS using C by strong type](https://reader033.vdocuments.mx/reader033/viewer/2022061300/54c86b274a79598b518b45a1/html5/thumbnails/20.jpg)
[5] Demo[5] Demo[5] Demo[5] Demo[5] Demo
The proof of the pudding is in the eating.The proof of the pudding is in the eating.The proof of the pudding is in the eating.The proof of the pudding is in the eating.The proof of the pudding is in the eating.
![Page 21: How to rewrite the OS using C by strong type](https://reader033.vdocuments.mx/reader033/viewer/2022061300/54c86b274a79598b518b45a1/html5/thumbnails/21.jpg)
MCU app without OS #1MCU app without OS #1MCU app without OS #1MCU app without OS #1MCU app without OS #1https://github.com/ajhc/demo-cortex-m3https://github.com/ajhc/demo-cortex-m3https://github.com/ajhc/demo-cortex-m3https://github.com/ajhc/demo-cortex-m3https://github.com/ajhc/demo-cortex-m3
![Page 22: How to rewrite the OS using C by strong type](https://reader033.vdocuments.mx/reader033/viewer/2022061300/54c86b274a79598b518b45a1/html5/thumbnails/22.jpg)
MCU app without OS #2MCU app without OS #2MCU app without OS #2MCU app without OS #2MCU app without OS #2
Memory mapMemory mapMemory mapMemory mapMemory map
![Page 23: How to rewrite the OS using C by strong type](https://reader033.vdocuments.mx/reader033/viewer/2022061300/54c86b274a79598b518b45a1/html5/thumbnails/23.jpg)
MCU app with OSMCU app with OSMCU app with OSMCU app with OSMCU app with OShttps://github.com/ajhc/demo-cortex-m3https://github.com/ajhc/demo-cortex-m3https://github.com/ajhc/demo-cortex-m3https://github.com/ajhc/demo-cortex-m3https://github.com/ajhc/demo-cortex-m3
![Page 24: How to rewrite the OS using C by strong type](https://reader033.vdocuments.mx/reader033/viewer/2022061300/54c86b274a79598b518b45a1/html5/thumbnails/24.jpg)
[6] Case study of Snatch[6] Case study of Snatch[6] Case study of Snatch[6] Case study of Snatch[6] Case study of Snatch
We found some idioms that are useful to rewrite C language with Haskell.We found some idioms that are useful to rewrite C language with Haskell.We found some idioms that are useful to rewrite C language with Haskell.We found some idioms that are useful to rewrite C language with Haskell.We found some idioms that are useful to rewrite C language with Haskell.
![Page 25: How to rewrite the OS using C by strong type](https://reader033.vdocuments.mx/reader033/viewer/2022061300/54c86b274a79598b518b45a1/html5/thumbnails/25.jpg)
Idiom1: Call functionIdiom1: Call functionIdiom1: Call functionIdiom1: Call functionIdiom1: Call function
C and Haskell call with each other.C and Haskell call with each other.C and Haskell call with each other.C and Haskell call with each other.C and Haskell call with each other.
![Page 26: How to rewrite the OS using C by strong type](https://reader033.vdocuments.mx/reader033/viewer/2022061300/54c86b274a79598b518b45a1/html5/thumbnails/26.jpg)
Idiom2: Read/Write memoryIdiom2: Read/Write memoryIdiom2: Read/Write memoryIdiom2: Read/Write memoryIdiom2: Read/Write memory
Haskell can read/write memory directly.Haskell can read/write memory directly.Haskell can read/write memory directly.Haskell can read/write memory directly.Haskell can read/write memory directly.
![Page 27: How to rewrite the OS using C by strong type](https://reader033.vdocuments.mx/reader033/viewer/2022061300/54c86b274a79598b518b45a1/html5/thumbnails/27.jpg)
Idiom3: Read/Write structIdiom3: Read/Write structIdiom3: Read/Write structIdiom3: Read/Write structIdiom3: Read/Write struct
Read structs chained with pointer.Read structs chained with pointer.Read structs chained with pointer.Read structs chained with pointer.Read structs chained with pointer.
![Page 28: How to rewrite the OS using C by strong type](https://reader033.vdocuments.mx/reader033/viewer/2022061300/54c86b274a79598b518b45a1/html5/thumbnails/28.jpg)
Idiom4: Foreign PrimitivesIdiom4: Foreign PrimitivesIdiom4: Foreign PrimitivesIdiom4: Foreign PrimitivesIdiom4: Foreign Primitives
Directly insert the text following const.Directly insert the text following const.Directly insert the text following const.Directly insert the text following const.Directly insert the text following const.
![Page 29: How to rewrite the OS using C by strong type](https://reader033.vdocuments.mx/reader033/viewer/2022061300/54c86b274a79598b518b45a1/html5/thumbnails/29.jpg)
[7] Future work[7] Future work[7] Future work[7] Future work[7] Future work
☆ Benchmark☆ Benchmark☆ Benchmark☆ Benchmark☆ Benchmark
☆ Pointer combinator☆ Pointer combinator☆ Pointer combinator☆ Pointer combinator☆ Pointer combinator
☆ Share state between contexts☆ Share state between contexts☆ Share state between contexts☆ Share state between contexts☆ Share state between contexts
☆ Porting libraries running on GHC☆ Porting libraries running on GHC☆ Porting libraries running on GHC☆ Porting libraries running on GHC☆ Porting libraries running on GHC
☆ Debug method☆ Debug method☆ Debug method☆ Debug method☆ Debug method
☆ Fix many bugs☆ Fix many bugs☆ Fix many bugs☆ Fix many bugs☆ Fix many bugs
![Page 30: How to rewrite the OS using C by strong type](https://reader033.vdocuments.mx/reader033/viewer/2022061300/54c86b274a79598b518b45a1/html5/thumbnails/30.jpg)
Try to use the other languageTry to use the other languageTry to use the other languageTry to use the other languageTry to use the other language
☆ ATS☆ ATS☆ ATS☆ ATS☆ ATS
http://www.ats-lang.org/http://www.ats-lang.org/http://www.ats-lang.org/http://www.ats-lang.org/http://www.ats-lang.org/
JATS-UG - Japan ATS User GroupJATS-UG - Japan ATS User GroupJATS-UG - Japan ATS User GroupJATS-UG - Japan ATS User GroupJATS-UG - Japan ATS User Group
http://jats-ug.metasepi.org/http://jats-ug.metasepi.org/http://jats-ug.metasepi.org/http://jats-ug.metasepi.org/http://jats-ug.metasepi.org/
☆ Rust☆ Rust☆ Rust☆ Rust☆ Rust
http://www.rust-lang.org/http://www.rust-lang.org/http://www.rust-lang.org/http://www.rust-lang.org/http://www.rust-lang.org/
![Page 31: How to rewrite the OS using C by strong type](https://reader033.vdocuments.mx/reader033/viewer/2022061300/54c86b274a79598b518b45a1/html5/thumbnails/31.jpg)
Workshop at NagoyaWorkshop at NagoyaWorkshop at NagoyaWorkshop at NagoyaWorkshop at Nagoya
☆ Functional MCU programing workshop at Nagoya☆ Functional MCU programing workshop at Nagoya☆ Functional MCU programing workshop at Nagoya☆ Functional MCU programing workshop at Nagoya☆ Functional MCU programing workshop at Nagoya
☆ Meeting minutes☆ Meeting minutes☆ Meeting minutes☆ Meeting minutes☆ Meeting minuteshttp://metasepi.org/posts/2014-01-05-mbed_fp_0.htmlhttp://metasepi.org/posts/2014-01-05-mbed_fp_0.htmlhttp://metasepi.org/posts/2014-01-05-mbed_fp_0.htmlhttp://metasepi.org/posts/2014-01-05-mbed_fp_0.htmlhttp://metasepi.org/posts/2014-01-05-mbed_fp_0.html