Professional Documents
Culture Documents
CUP 2008
1 / 26
Industrial process control, distributed debugging, computer-aided verication, sensor networks E.g., dened as xi + yj + zk < 100 Dierent from global snapshots: global snapshot gives one of the values that could have existed during the execution Stable predicate: remains true once it becomes true, i.e., =
predicate at a cut C is stable if: (C |= ) = (C | C C , C |= ) E.g., deadlock, termination of execution are stable properties
CUP 2008
2 / 26
Stable Properties
Deadlock: Given a Wait-For Graph G = (V , E ), a deadlock is a subgraph G = (V , E ) such that V V and E E and for each i in V , i remains blocked unless it receives a reply from some process(es) in V .
(local condition:) each deadlocked process is locally blocked, and (global condition:) the deadlocked process will not receive a reply from some process(es) in V .
Termination of execution: Model active and passive states, and state transitions between them. Then execution is terminated if:
(local condition:) each process is in passive state, and (global condition:) there is no message in transit between any pair of processes.
Repeated global snapshots is not practical! Utilize a 2-phased approach of observing potentially inconsistent global states.
CUP 2008
3 / 26
Stable Properties
Deadlock: Given a Wait-For Graph G = (V , E ), a deadlock is a subgraph G = (V , E ) such that V V and E E and for each i in V , i remains blocked unless it receives a reply from some process(es) in V .
(local condition:) each deadlocked process is locally blocked, and (global condition:) the deadlocked process will not receive a reply from some process(es) in V .
Termination of execution: Model active and passive states, and state transitions between them. Then execution is terminated if:
(local condition:) each process is in passive state, and (global condition:) there is no message in transit between any pair of processes.
Repeated global snapshots is not practical! Utilize a 2-phased approach of observing potentially inconsistent global states.
CUP 2008
3 / 26
Stable Properties
Deadlock: Given a Wait-For Graph G = (V , E ), a deadlock is a subgraph G = (V , E ) such that V V and E E and for each i in V , i remains blocked unless it receives a reply from some process(es) in V .
(local condition:) each deadlocked process is locally blocked, and (global condition:) the deadlocked process will not receive a reply from some process(es) in V .
Termination of execution: Model active and passive states, and state transitions between them. Then execution is terminated if:
(local condition:) each process is in passive state, and (global condition:) there is no message in transit between any pair of processes.
Repeated global snapshots is not practical! Utilize a 2-phased approach of observing potentially inconsistent global states.
CUP 2008
3 / 26
P 1 P 2
time
P n1 Pn phase 1 phase 2
The variables on which the local conditions as well as the global conditions are dened have not changed in the two observations, as well as between the two observations.
Recording 2 snapshots serially via ring/tree/at-tree based algorithms (Chap 8).
Figure 11.1: Two-phase detection of a stable property. None of the variables changes between the two observations after the termination of the rst observation and before the start of the second observation, there is an instant when the variables still have the same value. the stable property will necessarily be true.
CUP 2008
4 / 26
No global time
monitor nds predicate true in a state but predicate may never have been true (at any instant) even a true predicate may be undetected due to intermittent monitoring
Observations: examine all states in an execution dene predicate on observation of entire execution Multiple observations of same program may pass thru dierent global states; predicate may be true in some observations but not others dene predicate on all the observations of the distributed program
CUP 2008
5 / 26
Modalities on Predicates
initial state 0,0 0,1 1,1 2,1
P
1
Possibly (): There exists a consistent observation of the execution such that predicate holds in a global state of the observation. Denitely (): For every consistent observation of the execution, there exists a global state of it in which predicate holds.
1 1 2 2 3 (0, 0), e2 , (0, 1), e1 , (1, 1), e2 , (1, 2), e1 , (2, 2), e2 , (2, 3), 4 3 4 5 5 e2 , (2, 4), e1 , (3, 4), e1 , (4, 4), e2 , (4, 5), e1 , 6 6 7 (5, 5), e1 , (6, 5), e2 , (6, 6), e2 , (6, 7)
1,0 2,0
0,2 1,2
2,2 3,2 4,2 3,3 4,3 5,3 4,4 5,4 6,4 5,5 6,5 6,6 4,5 3,4 2,3
a+b = 10
e1 e1
local var.
e1
e1
a=8
e1
e1
a=0
time
a=3
local var. b = 7
p
2
b=5
b=2
b = 3
a+b = 5
1 e2 e2 2
e3 e4 2 2
(a)
e5 2
e6 2
e7 2
4,6 p2 p1
state in which predicate is true state reachable without predicate being true
A. Kshemkalyani and M. Singhal (Distributed Computing) Global Predicate Detection
(b)
CUP 2008
7 / 26
CUP 2008
8 / 26
Tracks states at each level in which is not true The tracked states at a level have to be reachable from states at previous level satisfying (1) and this property (2) recursively.
Reach Next at level lvl contains the set of states at level lvl that are reachable from the initial state without passing through any state satisfying . return(1) if Reach Next() becomes , else return(0). In example, at lvl = 11, Reach Next() becomes empty and Denitely () is detected.
CUP 2008
9 / 26
is the local value of Pj in its local snapshot state sj j . (j) VC (sj j )[j] = VC (si i )[j]
k k k
(1)
Thus, the lowest level of the state lattice, in which local state si i (k th local state of Pi ) participates, is the sum of the components of VC (si i ).
k k ,k ,...kn containing si i is identied as follows. The i th component of kj k k VC (sj ) should be the largest possible value but cannot exceed or equal VC (si i )[i] for consistency of si i kj +1 kj ki and sj . VC (si ) is identied as per Equation 2; note that the condition on VC (sj )[i] is applicable if k sj j is not the last state at Pj . 1 The latest global state GSmax 2 k k k +1 k
)[i]
n j=1
Hence, the highest level of the state lattice, in which local state si i participates, is
CUP 2008
10 / 26
P 1 P 2 P n
X1 Y1 Y2 Y3
X2 Y4
X2 X1 Q 1 Q Y4 Y3 Y2 Y1 2 Q
Z1
Z1
CUP 2008
11 / 26
Conjunctive Predicates
can be expressed as the conjunction iN i , where i is local to process i. If is false in any cut C , then there is at least one process i such that the local state of i in cut C will never form part of any other cut C such that is true in C . If is false in some cut C , we can advance the local state of at least one process to the next event, and then evaluate the predicate in the resulting cut This gives a O(mn) time algorithm, where m is the number of events at any process. In example, Possibly (a = 3 b = 2) and Denitely (a = 3 b = 7) and true.
p
0,0 0,1 1,1 1,2 2,2 a+b = 10 2,3 3,3 2,4 3,4 4,4 3,5 4,5 5,5 a+b = 5 2,5 0,2
e1 1
local var.
e2 1
e3 1
e4 1
a=8
e5 1
e6 1
a=0
time
a=3
a+b = 5
6,5 6,6
local var. b = 7
p
2
b=5
b=2
b = 3
1 e2
e2 2
e3 2
e4 2
e5 2
e6 2
e7 2
Global Predicate Detection
6,7
CUP 2008 12 / 26
Global state-based approach: O(mn) time Interval-based approach: interval X represents duration in which i true at i. Standard min and max semantics
P 0 P 1 P 2 Fig 11.5 Optimization: If no send or receive between start of interval and the end of next interval at that process, the intervals have exact same relation w.r.t. other intervals at other processes.
CUP 2008
13 / 26
max(Y ) min(Y )
min(Y ) max(Y ) j ) j )
max(X ) min(X )
Denitely (i
i,jN Possibly (i
min(X)
max(X)
min(X)
max(X)
min(Y)
max(Y)
min(Y)
max(Y)
(a) Definitely(phi)
(b) Possibly(phi)
Fig 11.6
CUP 2008
14 / 26
Lines (12)-(15) for Denitely ; lines (12)-(15) for Possibly sets updatedQueues and newupdatedQueues (temp) For each comparison, if desired modality is not satised, at least one of the two intervals gets deleted, by rst being placed in newUpdatedQueues If every queue is non-empty and the queue-heads cannot be pruned, then the queue heads form a solution Termination: if a solution exists, detected in lines (18)-(19). Complexity at P0 (ito n, p, M # msgs sent in execution): Message complexity: min(pn, 4M) control messages, each of size 2n Space complexity: min(pn, 4M) 2n Time complexity: When an interval is compared with others, O(n) steps. Hence, O(n min(pn, 4M)).
CUP 2008
16 / 26
Fig 11.7: (a) Pj s old state is invalid. (b) Pk s old state is invalid.
CUP 2008
17 / 26
CUP 2008
18 / 26
Let m be # local states at any process; let M be # messages sent in the execution Termination: when Valid[j] = 1 for all j Time complexity: O(n2 m) Space complexity: O(n2 m) Message complexity: 2M control messages, each of size n
CUP 2008
19 / 26
i j
Token.GS[j] head(Q_i)[j] head(Q_i)[j] Token.GS[j]
(a)
(b)
Token.GS[j] is consistent with head(Qi )[i], which is assigned to Token.GS[i]. The two possibilities are illustrated. (a) Not consistent. (b) Consistent.
A. Kshemkalyani and M. Singhal (Distributed Computing) Global Predicate Detection CUP 2008 20 / 26
CUP 2008
21 / 26
Termination: algorithm nds a solution when Token.Valid[j] is 1, for all j (line (14)). If a solution is not found, the code hangs in line (2). The code can be modied to terminate unsuccessfully in line (2) by modeling an explicit process terminated state. Time complexity: O(mn2 ) across all processes Space complexity: O(mn2 ) across all processes Message complexity: Token makes O(mn) hops; token size is 2n integers
CUP 2008
22 / 26
CUP 2008
23 / 26
type REPLY updated: set of integer; type TOKEN updatedQueues: set of integer;
Token-holder Pi sends REQ msg containing Logi .start[i] and Logi .end[j] pertaining to its interval Xi , to Pj (all other processes Pj ) Each Pj then checks if its interval Yj satises the Denitely condition. If not, one or both intervals are deleted. This is conveyed to Pi using REPLY messages. If T .updatedQueues is empty, intervals at each queue head form solution Otherwise, token is forwarded to some process whose id is in T .updatedQueues If a solution exists, it is detected; if a solution is detected, it is correct.
A. Kshemkalyani and M. Singhal (Distributed Computing) Global Predicate Detection CUP 2008 24 / 26
CUP 2008
25 / 26
p: max no. of intervals at any process; m: max no. of messages sent per process Space complexity: Worst case across all processes is O(min(n2 p, n2 m)). This is also worst case space at any process. Total # Logs across all processes is min(2n2 p, 2n2 m). Time complexity: Worst case across all processes is O(min(pn2 , mn2 )). Worst case at a process is O(min(pn, mn2 )) Message complexity: Total # Logs across all processes is O(min(np, mn)). This is the worst case number of messages. Worst case message space overhead is O(n min(np, mn)).
CUP 2008
26 / 26