Software lockout

In multiprocessor computer systems, software lockout is the issue of performance degradation due to the idle wait times spent by the CPUs in kernel-level critical sections. Software lockout is the major cause of scalability degradation in a multiprocessor system, posing a limit on the maximum useful number of processors. To mitigate the phenomenon, the kernel must be designed to have its critical sections as short as possible, therefore decomposing each data structure in smaller substructures.

Kernel-level critical sections
In most multiprocessor systems, each processor schedules and controls itself, therefore there's no "supervisor" processor, and kernel data structures are globally shared; sections of code that access those shared data structures are critical sections. This design choice is made to improve scaling, reliability and modularity. Examples of such kernel data structure are ready list and communication channels.

A "conflict" happens when more than one processor is trying to access the same resource (a memory portion) at the same time. To prevent critical races and inconsistency, only one processor (CPU) at a given time is allowed to access a particular data structure (a memory portion), while other CPUs trying to access at the same time are locked-out, waiting in idle status.

Three cases can be distinguished when this idle wait is either necessary, convenient, or not convenient. The idle wait is necessary when the access is to a ready list for a low level scheduling operation. The idle wait is not necessary but convenient in the case of a critical section for synchronization/IPC operations, which require less time than a context switch (executing another process to avoid idle wait). Idle wait is instead not convenient in case of a kernel critical section for device management, present in monolithic kernels only. A microkernel instead falls on just the first two of the above cases.

In a multiprocessor system, most of the conflicts are kernel-level conflicts, due to the access to the kernel level critical sections, and thus the idle wait periods generated by them have a major impact in performance degradation. This idle wait time increases the average number of idle processors and thus decreases scalability and relative efficiency.

Analytical studies
Taking as parameters the average time interval spent by a processor in kernel level critical sections (L, for time in locked state), and the average time interval spent by a processor in tasks outside critical sections (E), the ratio L/E is crucial in evaluating software lockout.

Typical values for L/E range from 0.01 to 0.1. In a system with a L/E ratio of 0.05, for instance, if there are 15 CPUs, it is expected that on average 1 CPU will always be idle; with 21 CPUs, 2.8 will be idle; with 40 CPUs, 19 will be idle; with 41 CPUs, 20 will be idle. Therefore, adding more than 40 CPUs to that system would be useless. In general, for each L/E value, there's a threshold for the maximum number of useful CPUs.

Software lockout mitigation
To reduce the performance degradation of software lockout to reasonable levels (L/E between 0.05 and 0.1), the kernel and/or the operating system must be designed accordingly. Conceptually, the most valid solution is to decompose each kernel data structure in smaller independent substructures, having each a shorter elaboration time. This allows more than one CPU to access the original data structure.

Many uniprocessor systems with hierarchical protection domains have been estimated to spend up to 50% of the time performing "supervisor mode" operations. If such systems were adapted for multiprocessing by setting a lock at any access to "supervisor state", L/E would easily be greater than 1, resulting in a system with the same throughput as the uniprocessor despite the number of CPUs.