snap-stabilization in message-passing systems sylvie delaët (lri) stéphane devismes (cnrs, lri)...
DESCRIPTION
02/04/2008Orsay, réunion SOGEA3 Stabilizing Protocols Self-Stabilization [Dijkstra, 1974] time Transient Faults Convergence c1c1 c3c3 c2c2 c5c5 c4c4 c6c6 c7c7 Arbitrary initial state uncorrect behavior correct behaviorTRANSCRIPT
Snap-Stabilization in Message-Passing Systems
Sylvie Delaët (LRI)
Stéphane Devismes (CNRS, LRI)
Mikhail Nesterenko (Kent State University)
Sébastien Tixeuil (LIP6)
02/04/2008 Orsay, réunion SOGEA 2
Message-Passing Model
• Network bidirectionnal and fully-connected• Communications by messages• Links asynchronous, fair, and FIFO• Ids on processes• Transient faults
m1m2m3 m3mamb mamb
1 2
3 4
02/04/2008 Orsay, réunion SOGEA 3
Stabilizing Protocols
• Self-Stabilization [Dijkstra, 1974]
timeTransient Faults
Convergence
c1 c3c2 c5c4 c6 c7
Arbitrary initial state
uncorrect behavior correct behaviorcorrect behavior
02/04/2008 Orsay, réunion SOGEA 4
Stabilizing Protocols
• Snap-Stabilization [Bui et al, 1999]
timeTransient Faults
c1 c3c2 c5c4 c6 c7
Arbitrary initial state
uncorrect behavior correct behaviorcorrect behavior
02/04/2008 Orsay, réunion SOGEA 5
Related Works in message-passing(reliable communication in self-stabilization)
• [Gouda & Multari, 1991] Deterministic + Unbounded Capacity => Unbounded Counter Deterministic + Bounded Capacity => Bounded Counter
• [Afek & Brown, 1993] Probabilistic + Unbounded Capacity + Bounded Counter
?
?<I’m 12>
<How old are you, Captain?>
<I’m 21><I’m 50>
02/04/2008 Orsay, réunion SOGEA 6
Related Works in message-passing (self-stabilization)
• [Varghese, 1993] Deterministic + Bounded Capacity
• [Katz & Perry, 1993] Unbounded Capacity, deterministic, infinite counter
• [Delaët et al] Unbounded Capacity, deterministic, finite memory Silent tasks
02/04/2008 Orsay, réunion SOGEA 7
Related Works (snap-stabilization)
• Nothing in the Message-Passing Model
• Only in State Model: Locally Shared Memory
Composite Atomicity
• [Cournier et al, 2003]
Snap-Stabilization in Message-Passing Systems
02/04/2008 Orsay, réunion SOGEA 9
Case 1: unbounded capacity links
• Impossible for safety-distributed specifications
02/04/2008 Orsay, réunion SOGEA 10
B
A
Safety-distributed specification
p
q
Example : Mutual Exclusion
02/04/2008 Orsay, réunion SOGEA 11
A
Safety-distributed specification
p
sp
m1 m2 m3 m4 m5
Bq
sq
m’1 m’2 m’3 m’4
02/04/2008 Orsay, réunion SOGEA 12
A
Safety-distributed specification
p
sp
m1m2m3m4m5
Bq
sq
m’1m’2m’3m’4
02/04/2008 Orsay, réunion SOGEA 13
Case 2: bounded capacity links
• Problem to solve: Reliable Communication
• Starting from any configuration, if Tintin sends a question to Captain Haddock, then:
• Tintin eventually receives good answers
• Tintin takes only the good answers into account
?
?
02/04/2008 Orsay, réunion SOGEA 14
Case 2: bounded capacity links
• Case Study: Single-Message Capacity
0 or 1 message
0 or 1 message
02/04/2008 Orsay, réunion SOGEA 15
Case 2: bounded capacity links
• Sequence number State {0,1,2,3,4}
p q
Statep Stateq0
NeigStatep NeigStateq
?
??
<0,NeigStatep,Qp,Ap>
0
<Stateq,0,Qq,Aq>
1
<1,NeigStatep,Qp,Ap>
Until Statep = 4?
02/04/2008 Orsay, réunion SOGEA 16
Case 2: bounded capacity links
• Pathological Case:
p q
Statep Stateq0
NeigStatep NeigStateq
?
1?
<2,?,?,?>
<?,0,?,?>
1
<?,1,?,?>
2
2
<?,2,?,?>
3
<3,NeigStatep,Qp,Ap>
3
<Stateq,3,Qq,Aq>
4
02/04/2008 Orsay, réunion SOGEA 17
Generalizations
• Arbitrary Bounded Capacity 2xCmax+3 values
p q
Cmax values
Cmax values
1 value 1 value
02/04/2008 Orsay, réunion SOGEA 18
Generalizations
• PIF in fully-connected network
mm
m
AmAm
Am
02/04/2008 Orsay, réunion SOGEA 19
Application
Mutual Exclusion in a fully-connected & identified network
using the PIF
02/04/2008 Orsay, réunion SOGEA 20
Mutual Exclusion
• Specification:
Any process that requests the CS enters in the CS in finite time (Liveness)
If a requesting process enters in the CS, then it executes the CS alone (Safety)
N.b. Some non-requesting processes may be initially in the CS
02/04/2008 Orsay, réunion SOGEA 21
Principles (1/3)
• Let L be the process with the smallest ID
• L decides using ValueL which is authorized to access the CS§ if ValueL = 0, then L is authorized§ if ValueL = i, then the ith neighbor of L is authorized
• When a process learns that it is authorized by L to access the CS:§ It ensures that no other process can execute the CS§ It executes the CS, if it requests it § It notifies L when it terminates Step 2 (so that L increments ValueL)
02/04/2008 Orsay, réunion SOGEA 22
Principles (2/3)
• Each process sequentially executes 4 phases infinitely often
• A requesting process p can enter in the CS only after executing Phases 1 to 4 consecutively The CS is in Phase 4
02/04/2008 Orsay, réunion SOGEA 23
Principles (3/3)
For a process p:
• Phase 1: p evaluates the IDs using a PIF
• Phase 2: p asks if Valueq = p to each other process q (PIF)
• Phase 3: If Winner(p) then p broadcasts EXIT to every other process (PIF)
• Phase 4: If Winner(p) then CS; If p≠L, then p broadcasts EXITCS (PIF), else p increments Valuep
• (upon reception of EXITCS, L increments ValueL)
02/04/2008 Orsay, réunion SOGEA 24
Conclusion
Snap-Stabilization in message-passing is no more an open question
02/04/2008 Orsay, réunion SOGEA 25
Extensions
• Apply snap-stabilization in message-passing to:
Other topologies (tree, arbitrary topology)
Other problems
Other failure patterns
• Space requirement
Thank you