Description

A keeper is a program that responds to faults generated by an executing program. In EROS, faults are of two types:

• Execution faults, which occur as the result of executing an illegal or privileged instruction, an instruction designated by the architecture to generate a fault, or (on some machines) a coprocessor instruction that must be emulated.

• Memory faults, which occur as a consequence of performing a data reference or an accessing call to an address space.

When a process attempts to execute an instruction that causes an execution fault, the program is halted and the kernel invokes the application's process keeper on it's behalf, passing a message that encapsulates the fault information. The process keeper is invoked with OC = ~0u, and is passed a structure containing the fault code, the fault information (the program counter or address of the fault), and the active fixed-point register values at the time of the fault. The process keeper can repair the fault and resume the process, start a debugger, or take any other appropriate action (including doing nothing).

When a process accesses an invalid address, or performs a write to a read-only address, the program is halted and the kernel invokes the address space keeper associated with that address. The address space keeper is invoked with OC = ~0u, and is passed a structure containing the fault code and the offset (relative to the root of the kept address space) at which the fault occurred. EROS supports address spaces of up to 2⁹⁶ bits, so the delivered offset is a 96 bit value. aThe address space keeper can repair the fault, pass the fault to the process keeper, or take some other action. If no address space keeper is defined, the process keeper is invoked.

Separation of execution and memory faults allows user-level applications to provide policies customarily implemented by the kernel. Such policies include

• Copy-on-write (virtual copy) address spaces. An address space keeper can implement copy on write by provding a read-only background address space.
• Demand zero address spaces. An address space keeper can implement demand-zero address spaces by satisfying faulting references with zero pages.
• Transactional shared memory. An address space keeper can implement release consistency by revising the mappings in an address space to allow at most one writer of any page.

Faults that are handled by a keeper are transparent to the application. The application proceeds, restarting the instruction that generated the fault.

Standard Address Space Keepers

EROS provides two standard address space keepers:

VCSK	The virtual copy address space keeper, which provides "copy on write" services.
FSK	The fresh address space keeper, which provides "demand zero" services.

Invocations on kept address spaces are reflected to their keeper, so in addition to fault handling, the keeper is responsible for providing the standard address space operations and (possibly) additional operations. Both the fresh address space and virtual copy address space keepers provide destroy, truncate, and shorten operations. Refer to the respective documentation pages for the request details.

Standard Process Keepers

EROS provides a standard process keeper supporting debugging services. This keeper provides emulation for any necessary coprocessor instructions, and invokes the EROS process debugger when a process fault occurs.