Fault-tolerant computer system with /CONFIG filesystem

US 5,327,553 A
Filed: 11/06/1992
Issued: 07/05/1994
Est. Priority Date: 12/22/1989
Status: Expired due to Term

First Claim

Patent Images

1. A method of operating a computer system, the computer system including multiple units including at least one central processing unit (CPU), at least one memory unit, and at least one input/output (I/O) unit, comprising the steps of:

creating a filesystem within the computer system, the filesystem having a directory tree which has an entry for each of said multiple units;

removing at least one of said multiple units from said computer system while maintaining the filesystem within the computer system, and correspondingly deleting the filesystem entry for any removed unit; and

adding at least one new unit to replace said at least one of said multiple units that was removed from said computer system while said computer system is continuing to operate, and adding at least one new entry to said filesystem, said at least one new entry corresponding to said at least one new unit.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A fault-tolerant computer system employs a pseudo-filesystem to dynamically manage the hardware components. A directory which appears as a standard, hierarchical directory in this filesystem contains a file for each component; each file maps to either a hardware component or a software module. The pseudo-filesystem hierarchy is determined during system initialization and is automatically updated whenever the software or hardware configuration changes. The pseudo-filesystem, called /config filesystem herein, is implemented as a Unix filesystem in the Unix filesystem switch. This pseudo-filesystem method may be implemented in a fault-tolerant, redundant computer system configuration having multiple identical CPUs executing the same instruction stream, with multiple, identical memory modules in the address space of the CPUs storing duplicates of the same data. The system detects faults in the CPUs and memory modules, and places a faulty unit offline while continuing to operate using the good units. The multiple CPUs are loosely synchronized, as by detecting events such as memory references and stalling any CPU ahead of others until all execute the function simultaneously; interrupts can be synchronized by ensuring that all CPUs implement the interrupt at the same point in their instruction stream. Memory references are voted at the three separate ports of each of the memory modules.

211 Citations

18 Claims

1. A method of operating a computer system, the computer system including multiple units including at least one central processing unit (CPU), at least one memory unit, and at least one input/output (I/O) unit, comprising the steps of:
- creating a filesystem within the computer system, the filesystem having a directory tree which has an entry for each of said multiple units;
  
  removing at least one of said multiple units from said computer system while maintaining the filesystem within the computer system, and correspondingly deleting the filesystem entry for any removed unit; and
  
  adding at least one new unit to replace said at least one of said multiple units that was removed from said computer system while said computer system is continuing to operate, and adding at least one new entry to said filesystem, said at least one new entry corresponding to said at least one new unit.
- View Dependent Claims (2, 3, 4)
- - 2. A method according to claim 1 wherein there are three of said CPU units and two of said memory units.
  - 3. A method according to claim 1 including the step of executing an instruction stream by said at least one CPU unit in accordance with a Unix operating system.
  - 4. A method according to claim 3 wherein said filesystem includes a subdirectory for CPU units and an individual file for each of said at least one CPU units, and includes a subdirectory for memory units and an individual file for each one of said at least one memory unit.

5. A method of operating a computer system, comprising the steps of:
- executing a same instruction stream by a plurality of central processing (CPU) units;
  
  accessing by said CPU units a plurality of memory units each storing an identical copy of data, and a plurality of redundant input/output (I/O) units;
  
  creating a filesystem within the computer system, the filesystem having a directory tree with an entry for each of said CPU units, each of said memory units and each of said I/O units;
  
  removing at least one of said CPU units, or at least one of said memory units, or at least one of said I/O units from said system while maintaining the filesystem within the computer system, and correspondingly deleting the filesystem entry for any removed unit; and
  
  adding at least one new unit to replace said at least one of said CPU units, memory units, or I/O units that was removed from said system while said CPU units are continuing to execute said instruction stream, and adding at least one new entry to said filesystem, said at least one new entry corresponding to said at least one new unit.
- View Dependent Claims (6, 7, 8, 9)
- - 6. A method according to claim 5 wherein there are three of said CPU units.
  - 7. A method according to claim 5 wherein there are two of said memory units.
  - 8. A method according to claim 5 wherein there are at least two of said I/O units.
  - 9. A method according to claim 5 wherein said step of executing an instruction stream is in accordance with a Unix operating system.

10. A computer system comprising:
- a) first, second and third central processing unit (CPU) units each having an address range and each executing a same instruction stream, each of said CPU units having a separate memory access port, wherein a failed one of said first, second and third CPU units is placed off-line and a remaining two of said first, second and third CPU units continue to execute said same instruction stream;
  
  b) first and second memory units having identical address spaces within the address range of said CPU units for storing duplicative data to be accessed by said CPU units, each of said first and second memory units having first, second and third input/output ports coupled to said memory access ports of said first, second and third CPU units, respectively, wherein a failed one of said first and second memory units is placed off-line and a remaining one of said first and second memory units continues to be accessed by said CPU units; and
  
  c) a filesystem storing a directory having an entry for each one of said CPU units and memory units which is currently operating.
- View Dependent Claims (11, 12, 13, 14, 15, 16)
- - 11. A computer system according to claim 10 wherein each one of said memory units has first, second and third ports to said CPU units, said ports including voting means to compare information between the ports for accesses and to allow accesses to be completed only where at least two of the ports have the same information for each of the memory units.
  - 12. A computer system according to claim 10 including first and second input/output busses, and wherein said first and second memory means each has a separate peripheral I/O port, and said first and second input/output busses are separately coupled to said I/O ports of said first and second memory means.
  - 13. A computer system according to claim 10 including means for synchronizing execution of the instruction stream in said CPU units by stalling execution of a memory reference until all three of said first, second and third CPU units are executing the exact same memory reference.
  - 14. A computer system according to claim 10 wherein each one of said CPU units has a separate clock whereby said CPU units operate asynchronously.
  - 15. A computer system according to claim 14 wherein each one of said first and second memory units has a separate clock, whereby said CPU units and memory units all operate asynchronously.
  - 16. A computer system according to claim 15 wherein said CPU units are loosely synchronized with one another by stalling leading CPU units until the slower CPU units have caught up, upon occurrence of a memory reference.

17. A fault-tolerant computer system, comprising:
- a) first, second and third central processing unit (CPU) units having similar interfaces and capable of executing an identical instruction set, said first, second and third CPUs executing a same instruction stream, wherein a failed one of said first, second and third CPUs is placed off-line and a remaining two of said first, second and third CPUs continue to execute said same instruction stream;
  
  b) first and second memory units having similar interfaces, said first and second memory units storing a same data, wherein a failed one of said first and second memory units is placed off-line;
  
  c) busses coupling each of the first, second and third CPU units individually to each of said first and second memory units wherein said first, second and third CPU units access said first and second memory units via the busses separately and in duplicate;
  
  d) a first input/output bus coupled to said first memory unit and a second input/output bus coupled to said second memory unit;
  
  e) a first input/output processor coupled to both said first and second input/output busses, and a second input/output processor coupled to both said first and second input/output busses;
  
  f) a filesystem having a directory with corresponding entries for each of said CPU units, each of said memory units, and each of said input/output processors which is currently operating.
- View Dependent Claims (18)
- - 18. A system according to claim 17 wherein said CPU units are executing a Unix operating system when executing said instruction stream.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Tandem Computers Incorporated (HP Inc.)
Original Assignee
Tandem Computers Incorporated (HP Inc.)
Inventors
Vetter, Brian, Jewett, Douglas E., Bereiter, Tom
Primary Examiner(s)
Beausoliel, Jr., Robert W.
Assistant Examiner(s)
HUA, LY

Application Number

US07/973,202
Time in Patent Office

606 Days
Field of Search

364/200, 395/575, 395/700, 371/11.3, 371/11.1, 371/7, 371/68.3
US Class Current

714/3
CPC Class Codes

G06F 1/12   Synchronisation of differen...

G06F 1/30   Means for acting in the eve...

G06F 11/0724   in a multiprocessor or a mu...

G06F 11/0727   in a storage system, e.g. i...

G06F 11/0793   Remedial or corrective acti...

G06F 11/1441   Resetting or repowering

G06F 11/1666   where the redundant compone...

G06F 11/1683   at instruction level

G06F 11/1687   at event level, e.g. by int...

G06F 11/1691   using a quantum

G06F 11/181   Eliminating the failing red...

G06F 11/185   and the voting is itself pe...

G06F 11/20   using active fault-masking,...

G06F 11/2005   using redundant communicati...

G06F 11/201   between storage system comp...

G06F 11/2015   Redundant power supplies po...

G06F 11/2736   using a dedicated service p...

G06F 16/196   Specific adaptations of the...

Fault-tolerant computer system with /CONFIG filesystem

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

211 Citations

18 Claims

Specification

Use Cases

Quick Links

Others

Fault-tolerant computer system with /CONFIG filesystem

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

211 Citations

18 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others