A distributed deadlock detection algorithm for the AND model

A distributed deadlock detection algorithm for the AND model

Microprocessingand Microprogramming 38 (1993) 385-392 385 North-Holland A Distributed Deadlock Detection Algorithm for the AND Model Jos~ R. Gonz~l...

574KB Sizes 2 Downloads 117 Views

Microprocessingand Microprogramming 38 (1993) 385-392

385

North-Holland

A Distributed Deadlock Detection Algorithm for the AND Model Jos~ R. Gonz~lez de Mendivil, Carlos F. Alastruey, Jos~ R. Garitagoitia D e p a r t m e n t of Electricity and Electronics, University of the Basque Country, P.O.Box 644, 48080 Bilbao, Spain. Abstract: This paper* introduces a simple and efficient distributed deadlock detection algorithm for a Distributed D a t a b a s e System with AND model. The algorithm is derived from a previous algorithm for the One-Resource model. By using a formal s:~ecification based on A u t o m a t a Theory, the proof of correctness is provided: the algorithm reports all true deadlocks and does not report false deadlocks.

1. I N T R O D U C T I O N Many Distributed Systems are vulnerable to deadlocks: a situation where the processes r e q u e s t services from each other and then wait indefinitely for these r e q u e s t s to be satisfied. In a Distributed D a t a b a s e System, a t r a n s a c t i o n may send r e q u e s t to lock s e v e r a l r e s o u r c e s . The r e q u e s t is satisfied and the transaction can proceed only if all the locks are granted. This r e q u e s t model is called the AND model [2]. Control concurrency m e c h a n i s m s can g u a r a n t e e the consistency of the operations upon the database resources but they can not avoid t h e p r e s e n c e of deadlock a m o n g transactions in the system. A g r e a t n u m b e r of interesting deadlock detection algorithms have been provided in the literature [4-9]. However, some of them w e r e l a t e r s h o w n i n c o r r e c t or too complicated to be worth proving correct [2-3]. In this paper, we describe a simple and efficient d i s t r i b u t e d deadlock d e t e c t i o n a l g o r i t h m for a D i s t r i b u t e d D a t a b a s e S y s t e m with AND model. The algorithm is derived from a previous algorithm for the One-Resource model proposed in [1]. .

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

* The wark has been supported by a research grant of the University of the Basque Country.

By using the m a i n r e s u l t s in [1], we provide t h e p r o o f of c o r r e c t n e s s of t h e algorithm, that is, the algorithm reports all true deadlocks and does not r e p o r t false deadlocks. The rest of the paper is organised as follows: The D i s t r i b u t e d D a t a b a s e Model is exposed in Section 2. A simple and basic algorithm for distributed deadlock detection in t h e O n e - R e s o u r c e m o d e l is b r i e f l y described in Section 3. In t h a t section we also provide the formal specification of the algorithm by using A u t o m a t a Theory and the main results from [1]. Section 4 deals with the extension to the basic algorithm for the AND model and its proof of correctness. Finally, Section 5 c o n t a i n s c o n c l u d i n g remarks. 2. THE D A T A B A S E MODEL A D i s t r i b u t e d D a t a b a s e S y s t e m is a collection of sites i n t e r c o n n e c t e d b y a network. Each site is considered to be a centralised d a t a b a s e system storing p a r t of the global d a t a b a s e [10]. Each site h a s a system-wide unique identifier. We a s s u m e the identifier to be a n a t u r a l n u m b e r and define the set of sites a.,: S={si/sic hi, i~ IM}, being IM={0, 1, .., M} a -et of indices and l~I the set of natural numb ers.

386

J.R.G. de Mendivil et aL

The n e t w o r k is perfectly reliable and fully connected: (i) All messages arrive at t h e i r d e s t i n a t i o n s in finite time and are error-free; (ii) ~ si, s.iG S, if site si sends messages to site sj then site sj will h a n d l e the messages in a sequential form and in the same order t h a t site si sent them; (iii) The n e t w o r k is communication-deadlockfree. Users i n t e r a c t with the d a t a b a s e by executing t r a n s a c t i o n s . Each t r a n s a c t i o n h a s a system-wide u n i q u e identifier. The set of transactions is T = I T i / T i ¢I~I, i~IN}. A t r a n s a c t i o n is called local if it involves resources at single site, and it is called d i s t r i b u t e d if it involves r e s o u r c e s at distinct sites. A distributed t r a n s a c t i o n is implemented as a group of processes which are called transaction agents. An agent [5] (i) hands local resources in the site at which a g e n t is e x e c u t i n g a n d (ii) d e l i v e r s informations with other agents of the same transaction. An a g e n t can be considered as the migration of a part of the transaction to the site where the resources are needed by it. We a s s u m e t h a t local t r a n s a c t i o n s are also i m p l e m e n t e d by a g e n t s . Each a g e n t is defined by the pair (Ti, s i), being Ti the t r a n s a c t i o n i d e n t i f i e r a n d s i the site identifier where the agent acts. Let X c T x S be the set of agents. We define the functions: (i) identifier:~'xa X, id(x)= Ti. (ii) site: ~¢xG X, sit(x)= sj. For specifying t h e deadlock detection problem, we i n t r o d u c e a model due to Menasce and Muntz [5]. An agent can be m two execution states: active or blocked. The agent is blocked if it is waiting for resources held by another agent, or if it is waiting for messages from a n o t h e r a g e n t of the same t r a n s a c t i o n . The a g e n t is active in any other case. If an agent x~X waits for another agent yGX, a wait relation, denoted u= (x, y),

appears. L e t U C X x X be the set of wait r e l a t i o n s at t i m e t in t h e s y s t e m . For modelling the wait relations and the execution states of the agents, a directed graph called T r a n s a c t i o n - W a i t - F o r G r a p h is introduced [5]. This state graph G is a pair (X, U) where: (i) the set of agents X is the set of vertices and (ii) the set of wait relations U is the set of arcs. There are only two types of arcs in U: (i) Inner arcs, u= (x, y ) e U / sit(x)= sit(y); and (ii) Outer arcs, u= (x, y)~ U/ sit(x)* sit(y) and id(x)= id(y). For this type, x is called the outgoing agent at sit(x) and y is called the incoming agent at sit(y). Therefore, U= UinU U,,ut being Uin={ue U / u is an inner arc} and U~,ut={ue U / u is an outer arc}. Each site s.iGS only m a i n t a i n s local i n f o r m a t i o n of the s t a t e g r a p h G. This information is denoted G(sj)= (X(sj), U(sj)), where X(si)C X and U(sj)= {u~ U / u = ( x , y), sit(x)= s i or sit(y)= sil. We define: (i) Local successor. Given x, y~ X(sj), the agent y is local successor of agent x, denoted succ(y, x) iff (if and only if): (i.1) S u e Urn(s i)/u=(x, y) or (i.2) 3z~ X(sj) and ue Ui,~(si)/u= (x, z) and succ(y, z). (ii) Outgoing. Given ye X(sj), outgoing(y)= true iff =lug U,,ut(sj)/u=(y, y') being sit(y)= s.i* sit(y'). (iii)Incoming. Given xGX(sj), incoming(x) = true iff 3uGUout(sj)/u=(x', x) being sit(x)= s i* sit(x'). In Section 3, we f i r s t consider the simplest possible d a t a b a s e model in which an agent can have at most one outstanding resource request at a time. This model is called One-Resource model [2]. So, Yxe X, 0< d+(x)< 1 (d+(.) o u t d e g r e e ) . B u t t h e t r a d i t i o n a l view of I esource r e q u e s t in Distributed D a t a b a s e Systems is the AND model [2]. In the AND model (Section 4), a t r a n s a c t i o n can s i m u l t a n e o u s l y r e q u e s t a group of resources. The t r a n s a c t i o n is

A distributed deadlock detection algorithm for the AND model

blocked if at least one resource request is not available and it is active if all resource requests are available. Thus, the agents can have an out-degree greater than one, '¢xe X, k> d+(x)> 0, with k> 1. In both models, the existence of a circuit in the state graph G is a necessary and sufficient condition /br a deadlock to occur [5].

3. A D I S T R I B U T E D DEADLOCK DETECTION ALGORITHM The distributed deadlock detection algorithm is an edge-chasing one [2] and it only m a i n t a i n s local i n f o r m a t i o n of the s t a t e graph. For t h e case of deadlocks involving several sites, the sites cooperate on the detection process by p r o p a g a t i n g special detection m e s s a g e s called probes along the outer arcs of G. A probe, denoted p, encloses the information p= (id(sender), r e c e i v e r ) , w h e r e s e n d e r is an outgoing agent t h a t remits the probe and receiver is an incoming agent t h a t acquires the probe. The probes travel in the direction of the outer arcs. The target of the algorithm is to find the outgoing agent with maximum identifier if t h e r e exists a deadlock in the system. So, if a probe is received in the site where the outgoing agent sent it, then the deadlock will be detected and the outgoing agent is called c a n d i d a t e . Each site s ie S has a copy of the detection algorithm, and the algorithm has two steps: (1) When an incoming agent x at site si waits for other agent at s i then: '¢ ye X(sj): if succ(y, x) then if outgoing(y) and not candidate(y) then ( ' 3 ! u= (y, y')e U,)ut(sj)*): p:= (id(y), y'); send p to sit(y'); [..1 (2) When an incoming agent x at site s i receives a probe p= (id_p, x) then: ~¢ ye X(Si): if succ(y, x) then if outgoing(y) and not candidate(y) then ( ' 3 ! u= (y, y')e Uout(si)*):

387

if id_p = id(y) then candidate(y):=true;*Dcadlock* if id p < id(y) then p:= (id(y), y'); send p to sit(y'); if id_p > id(y) then p:= (id_p, y'); send p to sit(y'); T h e p r o o f of c o r r e c t n e s s and t h e algorithm performance were recently outlined in [1]. The n u m b e r of p r o b e s exchanging for the detection of a deadlock, depends strongly on the m a n n e r in which the circuit has been formed. Its cost [1] in the worst case is (3n-1)n/2, n being the n u m b e r of outgoing agents in the deadlock, and the cost in the best case is n. The average cost is slightly greater than the cost of other edgechasing algorithms. However, we consider the algorithm to be very simple because it only depends on the nature of the state graph and no m e s s a g e optimisation is implicitly included. The rest of this Section is devoted to introducing the formal specification of the algorithm by using A u t o m a t a Theory and the main results from [1]. Those results are necessary in order to simplify the proof of correctness for the extension of the above algorithm to the AND model.

3.1. F o r m a l S p e c i f i c a t i o n B a s e d on Automata Theory The distributed detection algorithm in a site sie S is applied to several pairs of agents, denoted [x, y], being (x, y)e X(sj)xX(sj), such that:(i) incoming(x)= true; (ii) outgoing(y)= true and (iii) succ(y, x)= true. We consider two transactions such t h a t their agents x, y at site sj form a relation [x, y] at time t. We distinguish four states, denoted {qo, ql, q2, q3}, in the evolution of the agents: -State qo: [x, y] is in q,) at time t'< t i f f (i) incoming(x)= false; (ii ~ outgoing(y)= false. qo is an initial state for the relation [x, y]. - S t a t e ql: (i) inconling(x)= false; (ii) outgoing(y)= true.

388

J.R.G. de Mondivil ot al.

- S t a t e q2: (i) i n c o m i n g ( x ) = t r u e ; (ii) outgoing(y)= false. The incoming agent x is waiting for a n o t h e r a g e n t at sj, f u r t h e r succ(y, x)= t r u e b u t the a g e n t y is not outgoing yet. - S t a t e q3: (i) i n c o m i n g ( x ) = t r u e ; (ii) outgoing(y)= true and (iii) succ(y, x)= true. At any a r b i t r a r y instant, there will be several complete r e l a t i o n s and several others will be in any state of their evolution. In a site sj the evolution of the states of the relation [x, y], is graphically represented by a t r a n s i t i o n d i a g r a m as it is shown in figur.~ 1.

qo q l"x,Y' I

ql q2 q3x',y'

q3

q z',,~z ) (2)

qd (2) F i g u r e 1. Automaton associated to the r e l a t i o n Ix, y]. N o t a t i o n : (i) (1): t h e t r a n s i t i o n activates t h e step (1) of the algorithm; (ii) (2): if a probe is received in those states, then the step (2) of the algorithm will be activated; (iii) e: e m p t y string; (iv) x: incoming agent; (v) y: outgoing agent; (vi) y': incoming a g e n t of the t r a n s a c t i o n id(y), sit(y) * sit(y'); (vii) p: probe p= (id_p, x); (viii) p=: probe p= (id(y), x); (ix) p': probe p'= (id p, y') or p'= (id(y), y'). Only some of the relations [x, y] in q3 m a y cause a deadlock situation involving

several sites. The special state qd is reached from q3 w h e n a probe p== (id(y), x) is received. In this state the deadlock situation is detected and the outgoing a g e n t y is changed to be a candidate. A finite automaton is associated to each relation [x, y]: M = (Q, F , Z, A, 5, )., qo) where (i) Q= {qo, ql, q2, q3, qd} is the set of states; (ii) F={qd} is the set of end states; (iii) Z= {x, y, p, p=} is the input alphabet; (iv) A= {y, p'} is the output alphabet; (v) &QxZ---> Q is the t r a n s i t i o n function (figure 1); (vi) k:QxZ--->(A U {E}) is the o u t p u t function (figure 1) and (vii) qo is the initial state. The automaton which is associated with [x, y], is denoted M([x, y], q) or with x= (Ti, sj), y= (Tk, sj); M[Ti,Tk,sj,q]. T h e input symbols are stored in a FIFO queue, denoted ~[Ti,Tk,sj]. A u t o m a t a in d i f f e r e n t sites e x c h a n g e detection information. The following definition establishes the criteria for two automata to be connected. D e f i n i t i o n 3.1: Two a u t o m a t a Ml[Ti,Ti,s,q] and M2[Tk,Tl,s',q'], are connected at time tc iff(i) Ti= Tk, (ii) q~ {ql, q3}, q'¢ {q2, q3}. O If two a u t o m a t a Ml and M2 are connected, denoted M I . M 2 , then the output symbols which are g e n e r a t e d by M1, are added to the queue ~2 of M2. We consider a circuit (deadlock) involving several sites (at least two sites are d i f f e r e n t ) , and we only c o n s i d e r t h e incoming agents and the outgoing agents in ~ : by using correlative indices one has: ~ = ((To,so), (T'o,so)*, (Tl,so),....,(Tn-l,sn-2), (Tn-l,sn-l), (T'n-l,sn-l)*, (T0,sn-l), (To,s0)), where (T'i, si)* denotes an internal path at site si t h a t it is determined by an arbitrary sequence of agents (T'i, si). For each site sin in c~,(in= i mod n) a relation [(Ti~, sin), (T¢i+l)n, sin)] a p p e a r s and given the definition of the automaton of a relation [x, y] and the definition of automata that are connected (definition 3.1),

A distributed deadlock detection algorithm for the AND model

one has the following representation of the circuit ce: Y.(i=0..n)Min (equ.1) where Min= M[Tin, T(i+l)n, sin,q3]. (~ A circuit W involving several sites is represented by successively connected automata. Analogously, if there are successively connected automata as equation 1, then there is a circuit ~ in G. Equation i is the characterisation of the deadlock in our model. 3.2. Main R e s u l t s Deadlock detection algorithms must detect all true deadlocks and must not report false deadlocks. Message delays and out-ofdate s t a t e graphs cause false deadlocks. Moreover, in the presence of spontaneous abortions, the detection algorithms fail to detect only t r u e deadlocks. We a s s u m e no s p o n t a n e o u s abortions m a y occur. In the following, several i m p o r t a n t concepts are presented. Let ~ b e a circuit in G, r e p r e s e n t e d by Y(i=o..n) Min (equ.1). Let Ad= {(Tin, sin), (T(i+l)n, sin), ie In-l} be the set of incoming and outgoing agents present in ~e. Let id(Ad) be the set of the identifiers of the agents of the transactions in Ad and let Tin be the queue of an automaton Min. Let Xin be the o u t p u t function of the a u t o m a t o n Min. The i n p u t symbols which are accepted by Min in q3, are probes p= (id_p, r e c e i v e r ) . We p r e s u p p o s e t h a t receiver is always correctly updated and we only s t u d y the consequence of the o u t p u t function upon the i d p . Where no confusion appears, we consider p - id_p. Therefore, )~in(p): (i) if p= T(i+l)n then )~in(p)= ~ (deadlock condition); (ii) if p> T(i+l)n then Xm(p)= p; (iii) if p< T(i+l)n then )~in(p)= T(i+l)n. Given two a u t o m a t a Min and M(i+i)n such t h a t Min+ M(i+l)n and both in q3?CpG {~in} t h e r e is a global effect associated to the composition function )~(i+l)n~.in, therefore

389

~.(i+l)n~.in(p)> max({T(i+2)n, T(i+l)n}) iff p* T(i+l)n and p * T(i+2)n. O The following results due to Gonz~lez de Mendlvil et al. [1] are n e c e s s a r y in the construction and simplification of the proof of correctness of the algorithm for the AND model in the next Section. L e m m a 3.2: If there is a deadlock in the system at time td represented by equation 1, then there exists at least one probe p= r i d p , receiver) such t h a t id_pe id(Ad), receivere Ad and 3 ~kn with pe {xkn}. D T h e o r e m 3.2: There exists a deadlock in the system, represented by equation 1, at time td if and only if at finite time tx> td an automaton Min verifies q= qd. [~ Corollary 3.2: In a deadlock s i t u a t i o n r e p r e s e n t e d by ~:(i=O..n) Min, one and only one Min can verify q= qd. 4. A D I S T R I B U T E D DEADLOCK D E T E C T I O N A L G O R I T H M F O R THE AND MODEL A distributed deadlock detection algorithm for the AND model is proposed in this Section. The algorithm is derived from the previous algorithm for the One-Resource model (Section 3). In the AND model, a t r a n s a c t i o n can s i m u l t a n e o u s l y r e q u e s t a group of r e s o u r c e s . The t r a n s a c t i o n is blocked if at least one resource request is not available and it is active if all resource request are available. The d a t a b a s e model (Section 2) is valid agaia b u t the agents can have an outdegree greater than one ( ¥ xe X, k_> d+(x)_> 0). In the AND model a circuit in t h e s t a t e g r a p h G is a n e c e s s a r y and sufficient condition for a deadlock to occur. However, the difficulty in the AND model is t h a t several existing circuits m a y h a v e common arcs. To e x t e n d the a l g o r i t h m (Section 3), the probes are sent along all outer arcs which are adjacent to the outgoing agent.

390

J.R.G. de Mendivil et at

Therefore, the expression "3! u= (y, y')a Uout(sj) ... send p= (.,y') to sit(y')" m u s t be replaced by the expression "~¢ u= (y, y')e Uout(sj) ... send p= (.,y') to sit(y')". Each site s.iG S has a copy of the detection algorithm, and the algorithm has two steps: (1) When an incoming a g e n t x at site sj waits for other agent at sj then: ¥ yG X(sj): if succ(y, x) then if outgoing(y) and not candidate(y) then ¥ u= (y, y')~ Uout(sj): p:= (id(y), y'); send p to sit(y'); ~3 (2) When an incoming agent x at site sj receives a probe p= (id_p, x) then: ~¢ yG X(sj): if succ(y, x) then if outgoing(y) and not candidate(y) then if id_p = id(y) then candidate(y):=true;*Dcadlock* if id_p < id(y) then ¥ u= (y, y')G U,,ut(si): p:= (id(y), y'); send p to sit(y'); if id_p > id(y) then u= (y, y')~ Uout(s.i): p:= (id_p, y'); send p to sit(y');

It is noted t h a t the extension is very simple. It only consists of sending the detection probes for all outer arcs of an outgoing agent. Therefore, the detection p r o b e s t r a v e l along all p o s s i b l e p a t h s s t a r t i n g in the outgoing agent, with the target of finding a circuit which m a y start and finish in such an outgoing agent. 4.1 Proof of Correctness We m u s t prove again that the detection algorithm for the AND model verifies the criteria: (i) it detects all existing deadlocks and (ii) it does not report false deadlocks. As in Section 3.2 we assume no spontaneous a b o r t i o n s a n d only c o n s i d e r c i r c u i t s involving several different sites.

Figure 2 (a) shows an example of two circuits, ~'1 and ~ 2 which have common arcs. Each relation [x, y] in the circuits, has its associated a u t o m a t o n M([x, y], q) and q u e u e x([x, y]). The definition of the a u t o m a t o n for a relation Ix, y] and the definition 3.1 of connected a u t o m a t a are the same as for the AND model. In figure 2 (a) we can observe t h a t the stored messages in queue ~2 of M2 are produced from M1 and M5. Machines M! and M6 are connected with M2 (MI+M2, Ma+M2). A u t o m a t o n M2 handles the messages as if t h e r e exist two machines, e q u i v a l e n t to M2: one for m e s s a g e s from MI and the other one for m e s s a g e s from M6 (figure 2 (b)). If this reasoning is followed, then it is possible to r e p r e s e n t the circuits of machines as an independent form. In figure 2, the circuit ~,l has the r e p r e s e n t a t i o n MI+ M2+ M3+ M4+ M 5+ M I and t h e circuit ¢¢2 h a s t h e representation M6+ M2+ M3+ M7+ Ms+ M6. In the AND model each circuit cek is characterized by equation Z(i=0..n)Mkin. There[bre, each circuit cek satisfies Lemma 3.2 and Theorem 3.2. and the criteria above mentioned /br the detection process, are true. In the One-Resource model, Corollary 3.2 indicates that if there exists a circuit in the system, then one and only one machine can verify q=qd, t h a t ~s, one and only one outgoing agent can detect the circuit, and it can change its status to candidate. In the O n e - R e s o u r c e model t h e circuits a p p e a r vertix-disjoint (for ~,1 and ~ 2 , A i d NA2d = 0 ) . H o w e v e r , in t h e AND model the circuits can h a v e common vertices and arcs, that is, for ¢¢~1mad ~ 2 may be Ald NA2d ~ . T h e r e f o r e , C o r o l l a r y 3.2 is n o t applicable to the AND model: a circuit may h a v e m o r e t h a n one c a n d i d a t e . T h e extension of the algorithm would be very inefficient, if in a circuit more than the necessary candidates for its detection could

391

A distributed deadlock detection algorithm for the AND model

appear. The following Corollary 4.1 solves this problem. D e f i n i t i o n 4.1: Let ~be a circuit and Ad its set of agents. The outgoing agent (Ti, si)e Ad which verifies Ti= max[id(Ad)], is called the genuine agent of circuit ~. A genuine agent which is a candidate, is called g e n u i n e candidate. ~] Corollary 4.1: Given a circuit ~,k characterized by Z(i=0..n)Mkin, Mkku being the machine of the genuine agent of cffk with identifier T(k+l)n. If there exists another machine Mkpn¢ Mkkn, which is associated to another agent with identifier T(p+l)u, and its state is q= qd then there exists another circuit ~ p v ~ k , characterized by Z(i=0..m)MPim, in which a machine MPpm has state q= qd and it is associated to the genuine candidate with identifier T(p+ i)m =T(p+ l )u. O P r o o f : If there is in ~ k a machine Mkpn¢ Mkkn in state q= qd then from Theorem 3.2 there exists at least one circuit Ce°Pwhich is characterized by Y.(i=O..m)MPim. As T(p+l)n< T(k+l)n in ~ k then ¢~op, %ok because Yp, ~.kkn(p)> )~kpn(p) if pcT(k+l)n. The probe p= = T(p+l)n, which determines q= qd for the machine Mkpn, did not travel through the circuit c~k because ~.kkn((p = = T(p+l)n))= T(k+l)n. Therefore, in the circuit ~gP the machine Mkpn may be Mkpu= MPpm or Mkpa¢ MPp,n, in this last ease, both of them have the same outgoing a g e n t with i d e n t i f i e r T(p+l)n= T(p+l)m, the same state q= qd and the same output function: Yp, ~.kpu(p)= )vPpm(p). In the circuit ~.Ppm(p), and then )~Prm((p= = T(p+l)m))= T(r+l)m, which is in contradiction with probe p = = T(p+l)m

travelled through the circuit wP and it detected the circuit in MPpm. O

t

'

........

-<

F i g u r e 2. Two circuits of agents W1 and ~d 2 and their representation via automata. 4.2. Example of the Algorithm Performance In figure 2, we suppose that M5 is the associated machine to the genuine agent of circuit c~,l and M2 is the associated machine to the genuine agent of circuit W2. The following cases are possible: (a) Machine M5 detects the circuit ~1; its state is qd. Then machine M2 will detect its circuit c~2 because the zircuit persists. Note

392

J.R.G. de MendNil et al.

t h a t circuit ~ 1 has two candidates: its genuine candidate and the other one (genuine candidate of ~2). (b) Machine M2 detects the circuit (if2, its state is qd. As this machine is common to both circuits, then they have been detected. If probe p= (id_5, -), which encloses the identifier of the genuine agent of wl, is in the queue zl of M! then M5 will never reach qd (M2 in qd does not allow any probe to cross through it). In this case, each circuit has" only one candidate: ~ 2 has its genuine candidate and W1 the same candidate of ~ff2. If probe p= (id_5, -) is in the queue ~3 of M3 then M5 will reach qd. In this case, the situation is analogous to the above case (a). This simple example shows how the a l g o r i t h m g e n e r a t e s a n u m b e r of candidates less than or equal to the number of circuits in the system. This property is obvious from Corollary 4.1. Further, the Theorem 3.2 guarantees that all circuits will be detected. 5. CONCLUSIONS This paper presents a solution to the deadlock detection problem for a Distributed Database System with AND model. The distributed deadlock detection algorithm for the AND model is a very simple extension of an algorithm for the One-Resource model. The proof of correctness is provided by using a formal specification based on Automata Theory. The algorithm detects all true deadlocks and it does not report false deadlocks. An important property of the detection algorithm is that for all time, the number of genuine candidates is less than or equal to the number of existing circuits. Both performance and complexity of the a l g o r i t h m for t h e AND model are maintained from the One-resource model.

REFERENCES

[1] J. R. Gonz~lez de Mendlvil, J. R. G a r i t a g o i t i a , A. Cordoba, "A simple Distributed Deadlock Detection Algorithm", Proceedings of the 6th Annual European Computer Conference, CompEuro92, The Hage, 4-8 May, pp. 497-502, 1992. [2] E. Knapp, "Deadlock Detection in Distributed Databases", ACM Computing Surveys, vol. 3, no. 4, pp. 303-328, Dec. 1988. [3] M. Singhal, "Deadlock Detection in Distributed Systems", IEEE Computer, pp. 37-48, Nov. 1989. [4] D. Zobel, C. Koch, "Resolution techniques and complexity results with Deadlocks. A classifying and annotated bibliography", Operating System Review, vol. 22, no. 1, pp. 52-72, Jan. 1988. [5] D. A. Menasce, R. R. Muntz, "Locking and Deadlock Detection in Distributed Databases", IEEE Transactions on Software Engineering, vol. SE-5, no. 3, pp. 195-202, May. 1979. [6] R. L. Obermarck, "Distributed Deadlock Detection Algorithm", ACM Transactions oll Database Systems, pp. 187-210, June 1982. [7] K. M. Chandy, J. Misra, "A Distributed A l g o r i t h m for D e t e c t i n g R e s o u r c e Deadlocks in D i s t r i b u t e d S y s t e m s " , Proceedings of the ACM Symposium on Principles of Distributed Computing, pp. 157-164, Aug. 1982. [8] K. M. Chandy, J. Misra, L. Haas, "Distributed Deadlock Detection", ACM Transactions on Computer Systems, pp. 144156, May 1983. [9] M. K. Sinha, N. Natarajan, "A Priority Based Distributed Deadlock Detection A l g o r i t h m " , I E E E T r a n s a c t i o n s on Software Engineering, vo]. SE-11, no. 1, pp. 67-80, Jan. 1985. [10] P. A. B e r s t e i n , N. Goodman, " C o n c u r r e n c y Control in D i s t r i b u t e d D a t a b a s e Systems", ACM C o m p u t i n g Surveys, vol. 13, no. 2, p,~. 185-221, Jun. 1981.