CS4231 Parallel and int turn = 1;

void produce() { void consume() {

ˆ External order (occurs-before)
- Partial order, o1 < o2 iff response of o1 appears before
Distributed Algorithms public void requestCS(int i) { // entry protocol
int j = 1 - i; synchronized
(sharedBuf) {
synchronized
(sharedBuf) {
invocation of o2
wantCS[i] = true;
while (wantCS[j]) { while (sharedBuf is while (sharedBuf is
ˆ Linearizability (intuitive definition)
Synchronisation if (turn == j) { full) empty)
- Execution is equivalent to some execution where each
wantCS[i] = false; sharedBuf.wait(); sharedBuf.wait();
add an item to remove an item from operation happens instantaneously at some point between
ˆ Critical section while (turn == j); // busy wait
wantCS[i] = true; buffer; buffer; invocation and response
- Mutual exclusion (no more than one process in CS) if (buffer *was* if (buffer *was*
- Progress (if one or more processes wants to enter and no }
} empty) full) ˆ Linearizability (formal definition)
one is in CS, then someone can enter) sharedBuf.notify(); sharedBuf.notify();
} - History H is equivalent to some legal sequential history S,
- No starvation (if a process wants to enter, it can } }
public void releaseCS(int i) { // exit protocol and the external order induced by H is a subset of the
eventually always enter, even in worst-case schedule) } }
turn = 1 - i; external order induced by S
wantCS[i] = false;
ˆ Peterson’s algorithm
boolean wantCS[i] = {false};
} ˆ Linearizable =⇒ sequentially consistent
int turn = 0; ˆ (Multiple) reader-writer with monitors - writers
might get starved if there is a continuous stream of readers ˆ Linearizability is a local property
- H is linearizable ⇐⇒ ∀ object x, H | x is linearizable
// Process 0 // Process 1 ˆ Hardware solutions
RequestCS(0) { RequestCS(1) { - Disabling interrupts to prevent context switch void writeDB() { void readDB() { ˆ Sequential consistency is not a local property
wantCS[0] = true; wantCS[1] = true; synchronized (object) { synchronized (object) {
- Special machine-level instructions (TestAndSet)
turn = 1; turn = 0; while (numReader > 0 while (numWriter > 0)
while (wantCS[1] == true while (wantCS[0] == true || numWriter > 0) object.wait(); Consistency Definitions for Registers
&& turn == 1); && turn == 0); object.wait(); numReader++;
} } ˆ Semaphore numWriter = 1; } ˆ Atomic ⇐⇒ linearizable
ReleaseCS(0) { ReleaseCS(1) { } // read from DB; Consistency Definitions for Registers
- no busy waiting
wantCS[0] = false; wantCS[1] = false; // write to DB; synchronized (object) {
ˆ Regular
▪ An (implementation of a) register is called regular if
} } value = true; synchronized (object) { numReader--;
▪ When a read does not overlap with any write, the read returns the
queue = {}; numWriter = 0; object.notify();
value written by one of the most recent writes
P() { object.notifyAll(); }
▪ When a read overlaps with one or more writes, the read returns the
if (value == false) { } } value written by one of the most recent writes or the value written
ˆ Lamport’s bakery algorithm add myself to queue and block; } by one of the overlapping writes
- When a process arrives, get a queue number larger than } Sequential History and Concurrent History An atomic register must
everyone else value = false; ▪ Definition of most recent writes be regular
- Due to interleaving, two processes might get the same } ▪ A history H is sequential if
Consistency
queue number; then be break ties by id V() { ▪ Any invocation is always immediately followed by its
value = true; response
ˆ Sequential history / concurrent history
boolean choosing[i] = {false}; if (queue is not empty) { ▪ I.e. Noisinterleaving write read
- A history sequential if any invocation is always
int number[i] = {0}; wake up one arbitrary process on the queue;
▪ Otherwise
immediately called concurrent
followed by its response
ReleaseCS(int myid) { } the write whose response
} - Otherwise it is concurrent
number[myid] = 0; time is the latest
} Sequential:
inv(p, read, X) resp(p, read, X, 0) inv(q, write, X, 1) resp(q, write, X, OK) CS4231 Parallel and Distributed Algorithms 38
boolean Smaller(int number1, int id1, int number2, int ˆ Safe
id2) { - exactly one process is waken up in V(), usually chosen - When a read does not overlap with any write, then it
if (number1 < number 2) return true;
arbitrary (some implementations always choose the first in concurrent: returns the value written by one of the most recent writes
if (number1 == number2) {
if (id1 < id2) return true; else return false;
queue) inv(p, read, X) inv(q, write, X, 1) resp(p, read, X, 0) resp(q, write, X, OK) (same as Regular)
} - can implement CS using semaphore - When a read overlaps with one or more writes, it can
if (number 1 > number2) return false; return anything
}
RequestCS(int myid) { ˆ Legal sequentialCS4231 Parallel and Distributed Algorithms
history 12
ˆ Atomic =⇒ regular =⇒ safe
ˆ Dining philosophers problem - Sequential history that satisfies sequential semantics of
choosing[myid] = true;
- Solution: pick up the lower-indexed chopstick first, to the data type (i.e. ‘read’ operations should produce
for (int j = 0; j < n; j++)
avoid a cycle ˆ Regular ⇐⇒
6 sequential consistent
if (number[j] > number[myid]) number[myid] = expected results)
number[j];
number[myid]++; ˆ Equivalence
choosing[myid] = false; ˆ Monitor
- Two histories are equivalent if they have exactly the same Models and Clocks
set of events (need not be in the same order)
- every Java object is a monitor
for (int j = 0; j < n; j++) { ˆ Software clock
while (choosing[j] == true);
- two queues: normal CS queue, and CV ˆ Process order - No relation to physical time
(wait/notify/notifyAll) queue - Event a is before event b if they are on the same process
while (number[j] != 0 && - Allows a protocol to infer ordering among events
Smaller(number[j], j, number[myid], - Hoare-style monitor: object.notify() immediately and they a is executed before b
transfers control to awakened thread
myid));
ˆ Sequential consistency ˆ Happens-before
} - Java-style monitor: object.notify() awakened thread
- A history is sequentially consistent if it is equivalent to - partial order that considers process order, send-receive
} still needs to queue with other threads (no specific priority)
some legal sequential history that preserves process order order, transitivity
(i.e. thread transits from ”Waiting” to ”Blocked” state)

ˆ Dekker’s algorithm ˆ Subhistory ( H | p ) of a process, or ( H | o ) of an ˆ Logical clock

object - Increment local counter at every “local computation” and
boolean wantCS[] = {false, false}; ˆ Single-producer single-consumer with monitors - Subsequence of all events in p, or all objects of o “send” event
 ▪ Increment C at each “local computation” and “send” event
▪ When sending a message, logical clock value V is attached
to the
- Receive message.
event: C =At each “receive”
max(C, V ) + 1 event, C = max(C, V) + 1 Snapshots ˆ Skeen’s algorithm for Total Order Broadcast ˆ Leader election on any connected graph
3 = max(1,2)+1 4 = max(3,3)+1 - Each process maintains logical clock and a message buffer - Flood your id to all other nodes (using spanning tree
ˆ Global snapshot for undelivered messages edges) Spanning Tree Construction
1 2 3 4 - A set of events such that if e2 is in the set and e1 is before
user1 (process1) - A message in the buffer is delivered if: all messages in the - Wait until you receive n ids
e2 in process order, then e1 must be in the set ▪ Remember: No centralized coordinator
buffer have been assigned numbers, and this message has - Biggest id wins
theSkeen’s Algorithm for Total Order Broadcast
1 3 4 5 ▪ Goal of the protocol: Each node knows its parent and children (i.e.,
user2 (process2) smallest number
ˆ Consistent global snapshot pick the max clock value
a distributed tree)
ˆ Spanning tree construction / Count number of
1 2 3 - A global snapshot such that if e2 is in the set and e1 is received as message number nodes on spanning tree
user3 (process3) process 1
before e2 in send-receive order, then e1 must be in the set
Vector Clock Protocol - i.e. Consistent global snapshot captures all happens-before broadcast
message acknowledge child
▪ Each process CS4231
i has aParallel
localand
vector C Algorithms
Distributed 9 relationships request I’m your
ˆ Vector clock
▪ Increment C[i] at each “local computation” and “send” event process 2 child
I’m your
- Increment C[i] of local vector at every “local ˆ For any event ei of any process, there exists a consistent
▪ When sending a message, vector clock value V is attached to notify message number child
computation” and “send” event
the message. At each “receive” event, C = pairwise-max(C, V); global snapshot S where:
- Receive
C[i]++; event: C = pairwise-max(C, V ); C[i]++; process 3
put msg in reply with
Counting Nodes Using a Spanning Tree
I’m NOT
C = (0,1,0), V = (0,0,2) 
ei ∈ S if i ≤ m your child
buffer current logical
pairwise-max(C, V) = (0,1,2) ei 6∈ S if i > m clock value

do-count value =1
(1,0,0) (2,0,0) (3,0,0) ˆ Protocol for consistent global snapshot (assume FIFO CS4231 Parallel and Distributed Algorithms 17
user1 (process1) request
delivery on each channel) ▪ Each process maintains
(0,2,2) (2,3,2)
Leader Election
▪ Logical clock and a message buffer for undelivered messages
value = 1
value = value =
value = 1
(0,1,0) - Initiated by one process 1+1 = 2
user2 (process2) 1+1+1 = 3
- After each process takes a snapshot, it sends out a control ▪ A message
ˆ Leader election in the
on buffer is deliveredring
anonymous / removed if
CS4231 Parallel and Distributed Algorithms 25 final value computed
(0,0,1) (0,0,2) (0,0,3) message to all other processes ▪
- In the sense that there are no uniqueassigned
All messages in the buffer have been numbers
identifiers for each = 1+2+3+1 = 7
user3 (process3) - If a process receives a control message but has not taken a value = 1 no msg sent along
process▪ This message has the smallest number
snapshot, it takes a snapshot immediately non-tree edges!
- It is impossible using deterministic algorithms (by
ˆ Logical clock:
CS4231 Parallel and Distributed Algorithms 12
Chandy&Lamport’s
- For each pair Protocol:
of processes s and r, the messages received symmetry)
between r’s snapshot time and the control message from s ˆ Spanning tree usages
s happens before t =⇒ logical-clock(s) < logical-clock(t) Taking snapshots for messages on the fly - For unknown ring size it is not possible to terminate (i.e.
to r are considered to be on-the-fly, and they are recorded to be certain that there is a unique leader after a finite - Broadcast
Vector clock: - Any aggregation (count, sum, average, max, min, etc.)
by r upon receipt number of steps)
s happens before t ⇐⇒ logical-clock(s) < logical-clock(t)
process1  Randomized algorithm that terminates with probability 1 CS4231 Parallel and Distributed Algorithms 18
where “<” := every field in v1 is less than or equal to the
on known ring size:
corresponding field in v2, and at least one field is strictly
- At each phase, run Chang-Roberts algorithm (with hop
Agreement / Consensus
less
count)
ˆ Crash failure: Node stops sending any more messages
process2  - If a node receives its own message, then it is one of the
ˆ Matrix clock after crashing
winners, so it proceeds to the next phases
- Overview:
process2 records all messages received - Losers only forward messages in future phases ˆ Byzantine failure: Node can send arbitrary messages
— Each process maintains n vector clocks, one containing in this window – These are the exact set - If there is only a single winner (can be detected by after failing
data from each process of messages that are only the “fly”
winning mode), then the algorithm stops
— ith vector on process i is called process i’s principle
ˆ Synchronous: Message delay has a known upper bound x,
vector ˆ Leader election on ring: Chang-Roberts algorithm
Causal order /CS4231
Total order and node processing delay has a known upper bound y (so
— Principle vector is the same as vector clock - Each node has a unique id
Parallel and Distributed Algorithms 21 that it is possible to accurately detect crash failures)
— Non-principle vectors are just piggybacked on messages
ˆ Causal order - Nodes send election message with its own id clockwise - For synchronous timing model, processes can always
to update “knowledge” - Election message is forwarded if id in message is larger
- If s1 happened before s2, and r1 and r2 are on the same proceed in inter-locked rounds, where in each round:
- Increment C[i] (C := principle vector of process i) at than own id
process, then r1 must be before r2 — Every process sends one message to every other process
every “local computation” and “send” event - Otherwise message is discarded — Every process receives one message from every other
- Receive event (principle vector C): ˆ Protocol for ensuring casual order Chang-Roberts Algorithm:
- (When a node receives its ownBest/Worst Performance
election message, it process
C = pairwise-max(C, V ); C[i]++; (V := principle vector of - Each process maintains an n by n matrix M becomes the leader)
For distributed systems, communication is the bottleneck. — Every process does some local computation
sender) - M [i, j] := num. of messages sent from i to j Performance thus is often described as message complexity. (Can be implemented with accurate clocks, or clocks with
- Receive event (non-principle vector C): - Before i sends a message to j, do M [i, j]++ before ˆ Chang-Roberts algorithm message complexity bounded error)
Application
C = pairwise-max(C, V ); of
(V Matrix Clock vector of
:= corresponding piggybacking M with the message ▪ Best case: ▪ Worst case:
sender) - Deliver the message and set local matrix ˆ Asynchronous: Message delay is finite but unbounded
(1,0,0) (2,0,0) (3,0,0) ▪ 2n-1 messages ▪ n(n-1)/2 messages
M = pairwise-max(M, T ) if:
(0,0,0)
process1 (0,0,0)
(0,0,0) (0,0,0) ˆ Goals
(0,0,0) (0,0,0) 2 2
with gossip
( Termination: All non-failed nodes eventually decide
user3 now T [k, j] ≤ M [k, j] ∀k 6= i
G1 = (1,0,0) Agreement: All non-failed nodes should decide on the same
knows T [i, j] = M [i, j] + 1
(0,0,0) (0,0,0) (2,0,0) (2,0,0) 4 8 value
that all 3 8 4
process2
(0,1,0) (0,2,2) (2,3,2) (2,4,2) users Validity: If all nodes have the same initial input, then that
with gossip (0,0,0) (0,0,2) (0,0,2) (0,0,2) have seen - Otherwise delay message value must be the decision value
G2 = (0,1,0) D1
(2,0,0)
ˆ Total order (when broadcasting messages) 7 5 5 7 ˆ Ver0: No node or link failures: Trivial
(0,0,0) (0,0,0) (0,0,0)
process3 (0,0,0) (0,0,0) (2,4,2) - All messages delivered to all processes in exactly the same
with gossip (0,0,1)
(0,0,0)
(2,4,4) order - Average case can be proved to be O(n log n). ˆ Ver1: Node crash failures, channels are reliable,
(0,0,2) (0,0,3) CS4231 Parallel and Distributed Algorithms 7
G3 = (0,0,1) synchronous
ˆ Total order ⇐⇒
6 casual order ˆ Leader election on complete graph - Forward messages to all other nodes for (f + 1) rounds to
CS4231 Parallel and Distributed Algorithms 19
- Each node sends its id to all other nodes tolerate f failures
ˆ Vector clock: Know what I have seen ˆ Total order broadcast protocol using a designated - Wait until you receive n ids (Key idea for proof: If there is a round in which no node
Matrix clock: Know what other people have seen coordinator - Biggest id wins fails, then every non-failed node will have the same set of
 Distributed
messages) Consensus Version 1: Protocol coordinator to overrule the deciding phase
A Randomized Algorithm Decision Rule
input = 2 input = 1 input = 3 n processes; at most f failures; f+1 phases; each phase has two rounds
▪ At the end of the r rounds, P1 decides on 1 iff
▪ For simplicity, consider two processes (can ▪ P1 knows that P1’s input and P2’s input are both 1, and
Code for Process i:
generalize to multiple): P1 and P2 V[1..n] = 0; V[i] = my input;
▪ L1  bar
for (k = 1; k ≤ f+1; k++) { // (f+1) phases
round 1 ▪ Algorithm has a predetermined number (r) of rounds ▪ (This implies that P1 will decide on 0 if it does not see P2’s input.)
send V[i] to all processes;
{1, 2, 3} {2, 3} ▪ Adversary determines which messages get lost, round for set V[1..n] to be the n values received;
before seeing the random choices all-to-all
▪ At the end of the r rounds, P2 decides on 1 iff broadcast if (value x occurs (> n/2) times in V) decision = x;
round 2 ▪ P2 knows that P1’s input and P2’s input are both 1, and else decision = 0;
{1, 2, 3} {1, 2, 3} ▪ P1 picks a random integer bar  [1...r] at the ▪ P2 knows bar, and
▪ L2  bar coordinator if (k==i) send decision to all; // I am coordinator
beginning round
▪ (This implies that P2 will decide on 0 if it does not see P1’s input or receive coordinatorDecision from the coordinator
Need one extra round for each failure !  f+1 rounds to tolerate f failures ▪ The protocol allows P1 and P2 to each maintain a if it does not see bar.)
decide
S <- {my input} level variable (L1 and L2), such that whether to if (value y occurs (> n/2 + f) times in V) V[i] = y;
for (int i =to1;
f needs beian<= f+1;
input i++)
to the {
protocol --- namely, the ▪ level is influenced by the adversary, but listen to else V[i] = coordinatorDecision;
coordinator
// protocol
do thisneeds
for f+1 rounds
the user to indicate the maximum ▪ L1 and L2 can differ by at most 1 }
send S to ofall
number other
failures nodes
to be tolerated decide on V[i];
CS4231 Parallel and Distributed Algorithms 26 CS4231 Parallel and Distributed Algorithms 30
receive n-1 sets;
Simple Algorithm to Maintain Level When does error occur?
CS4231 Parallel and Distributed Algorithms 35
for each setCS4231
T received: S <- Union(S,
Parallel and Distributed Algorithms T) 14 ▪ For P1 and P2 to decide on different values: One must decide on 1 Correctness Summary
} ▪ P1 sends msg to P2 each round while the other decide on 0
P1 P2
Decide on min(S); ▪ P2 sends msg to P1 each round ▪ For someone to decide on 1, P1’s input and P2’s input must be both 1
▪ Lemma 1: If all nonfaulty processes P_i have V[i] = y at the beginning
0 0 ▪ Case 1: of phase k, then this remains true at the end of phase k.
▪ bar, input and current level ▪ P1 sees P2’s input, but P2 does not see P1’s input or does not see bar
▪ Lemma 2: If the coordinator in phase k is nonfaulty, then all nonfaulty
attached on all messages round 1 ▪ Then L1 = 1 and L2 = 0. Error occurs only when bar = 1.
processes P_i have the same V[i] at the end of phase k.
- It can be shown that any consensus protocol will take at 0 1 ▪ Case 2:
▪ P2 sees P1’s input and bar, but P1 does not see P2’s input
least (f + 1) rounds ▪ Upon P2 receiving a msg with ▪ Termination: Obvious (f+1 phases).
round 2 ▪ Then L1 = 0 and L2 = 1. Error occurs only when bar = 1.
L1 attached: P2 sets L2 = L1+1
2 1 ▪ Case 3: ▪ Validity: Follows from Lemma 1.
▪ P1 sees P2’s input, and P2 sees P1’s input and bar ▪ Agreement:
▪ L1 maintained similarly
round 3 ▪ Define Lmax = max(L1, L2) ▪ With f+1 phases, at least one of them is a deciding phase
▪ Error occurs only when bar = Lmax. ▪ (From Lemma 2) Immediately after the deciding phase, all nonfaulty
ˆ Ver2: No node failures, channels may drop 2 3
processes P_i have the same V[i]
messages, synchronous ▪ (From Lemma 1) In following phases, V[i] on nonfaulty processes P_i
- It is immpossible to reach goal using a deterministic does not change
CS4231 Parallel and Distributed Algorithms 27 CS4231 Parallel and Distributed Algorithms 31
algorithm (can consider the case where the communication
Simple Algorithm to Maintain Level Correctness Proof CS4231 Parallel and Distributed Algorithms 40
channel can drop all messages, do we decide on 0 or 1?)
▪ Lemma: L1 and L2 never ▪ Termination: Obvious (r rounds)
Impossibility Proof via Contradiction decreases in any round,
P1 P2

and at the end of any 0 0

▪ Validity: Self-Stabilization
A B A B due to ▪ If all nodes start with 0, decision should be 0 – obvious
due to round, L1 and L2 differ by ▪ If all nodes start with 1 and no message is lost throughout the
input=0 input=0
validity
input=1 input=1 indistingu
at most 1. round 1 execution, decision should be 1 – If no messages are lost, then ˆ Legal state
decision=0 decision=0 decision=0 decision=? ishability 0 1 L1=L2=r  P1 and P2 will decide on 1 - Defined by application semantics
▪ Otherwise nodes are allowed to decide on anything
round 2
A B ▪ Agreement: With (1-1/r) probability – by arguments on previous
A B
due to due to 2 1 slide ˆ Self-stabilizing system: System where:
input=1 input=0 indistingu input=1 input=1 agreement - Starting from any state, the protocol will eventually reach
decision=? decision=0 ishability decision=0 decision=0 round 3
a legal state if there are no more faults
This last execution 2 3 The
- Once the Rotating
system Privilege
is in a legal state, it Algorithm
will only transit to
A B contradict with validity
due to
other legal states unless there are faults
input=1 input=0
▪ Each process i has a local integer variable V_i
decision=0 decision=0 agreement Inductive Proof for the Lemma
CS4231 Parallel and Distributed Algorithms 28 CS4231 Parallel and Distributed Algorithms 32

ˆ Ver3: Node crash failures, channels are reliable, ˆ Rotating

▪ 0  V_i
privilege
< k where algorithm
k is some constant no smaller than n
asynchronous - Each process i has a local integer variable Vi , where
- Even with weakened validity
CS4231 Parallel requirement
and Distributed Algorithms (decision is21 round k round k 0 ≤ Vi < k for some constant k ≥ n
- FLP theorem states that this is impossible to solve even
required to be 1 only if no message is lost throughout the L1 L1-1 L1 L1-1 12
with: 3
execution), it is still impossible using a deterministic
round k+1 round k+1 — up to one single node crash failure order
algorithm Example: n = 5 and k = 13 in
L1 L1+1 L1 L1-1 — FIFO ordering within each channel legal
Impossibility Proof via Contradiction — non-blocking receive state
input =1 input =1
9 0
decision = 1 decision = 1 round k round k ˆ Ver4: Node Byzantine failures, channels are
input =1 input =1 because of because L1 L1-1 L1 L1-1 reliable, synchronous
decision = 1 decision = 1 agreement indistinguishable
- n := total number of processes 12
round k+1 round k+1
L1 L1+1 L1 L1-1 - f := number of possible Byzantine failures
- Can be shown to be impossible to solve if n ≤ 3f CS4231 Parallel and Distributed Algorithms 8
CS4231 Parallel and Distributed Algorithms 29 Protocol for n ≥ 4f + 1: // Red process // Green process
- High-level idea: L <- value of clockwise L <- value of clockwise
how to — Run (f + 1) phases (each phase contains a fixed number neighbor; neighbor;
rigorously of rounds) V <- my value; V <- my value;
define last
lost message? — Each phase has a coordinator node if (V == L) { if (V != L) {
— A phase is a deciding phase if the coordinator is // do privileged action // do privileged action
non-faulty V = (V+1) % k; V = L;
- With limited disagreement
CS4231 Parallel and (all nodes
Distributed must agree with
Algorithms 23 — There must be at least one deciding phase, and after the } }
probability (1 − perror )) and weakened validity, it is possible deciding phase it is impossible for a subsequent faulty
 Legal States Illegal States  Legal States
▪ We say that a process makes a “move” if it has the privilege and changes ▪ Lemma 6: If the system is in a state where the red process has a
its value different value from all other process, then the system will eventually
▪ System in legal state if exactly one process can make a move reach another state where all processes have the same value
(though the system make not remain in such a state forever).
▪ Lemma: The following are legal states and are the only legal state ▪ Proof: Let the red process be p1, and let p1’s value be x. Starting from
▪ All n values same OR the red process and counter-clockwise along the ring, let the green
▪ Only two different values forming two consecutive bands, and one band starts processes be p2, p3, …, p_n.
from the red process
▪ Let t be such that p1 through p_t all have values of x, and p_{t+1}
▪ To prove these are legal states, only need to confirm there is exactly one through p_n all have values different from x. Initially t=1. We will prove
process that can make a more that for any t = s, t will become s+1 at some point of time. Hence
▪ To prove these are the only legal states, consider the value V of the red eventually t will be n, and we are done.
process and the value L of its clockwise neighbor ▪ To prove the above claim, note that p_{s+1} will take the value of x once
▪ Case I: V=L. Then the red process can make a move. No other process should it takes an action. Denote this event as E. Before event E, p_{s+2}
be able to make a move. Hence all n values must be same. through p_n can never take the value of x. Also, since p_n can never
▪ Case II: VL. Starting from the red process, find counter-clockwise the first take the value of x before event E, p_1 through p_s can never change
green process whose value is different from its clockwise neighbor. Such green their value before event E. Hence, immediately after event E happens, t
process must exist since VL. This green process can make a move. No other becomes s+1.
process should be able to make a move. Hence the two bands…

Legal States  Legal States Illegal States  Legal States

CS4231 Parallel and Distributed Algorithms 12 CS4231 Parallel and Distributed Algorithms 16

▪ Theorem: If the system is in a legal state, then it will stay in legal states
▪ Our assumption on instantaneous actions will simplify this proof.
▪ Theorem: Regardless of the initial states of the system, the system
will eventually reach a legal state.
▪ We can all possible actions.
▪ Proof: From Lemma 5 and Lemma 6.
▪ For the red process, the only action that can change the system state
happens when V==L, and that action will update V to be (V+1) % k.
▪ As we show earlier, when V==L, the only legal state is for all n values to be
the same. Hence updating V to be (V+1) % k will result in two bands of
values, which is also a legal state.
▪ For the green process, the only action that can change the system state
happens when V≠L, and that action will update V to L.
▪ As we show earlier, when V≠L, the only legal state is to have two bands of
values. Updating V to be L will either result in all n values being the same
(if the green process if the clockwise neighbor of the red process), or still
result in two bands of values (if otherwise). In either case, the system state
is still legal.

Illegal States  Legal States

CS4231 Parallel and Distributed Algorithms 13 CS4231 Parallel and Distributed Algorithms 17

ˆ Self-stabilizing spanning tree algorithm

▪ Lemma 1: Let P be a green process, and let Q be P’s clockwise
neighbor. (Q can be either green or red.) If Q makes i moves, then - On the root node: dist = 0; parent = null;
P can make at most i+1 move. - On other nodes (executed periodically):
— Retrieve dist from all neighbours
▪ Lemma 2: Let Q be the red process. If Q makes i moves, then
system-wide there can be at most the following number of moves:
— Set my own dist = 1 + <smallest dist received>
(n − 1)n and parent = <neighbour with smallest dist>
i + (i + 1)+ (i + 2)+... + (i + n − 1) = ni + (tie-break if necessary)
2
▪ Lemma 3: Consider a sequence of (n^2-n)/2+1 moves in the Proof:
system. The red process makes at least one move in the sequence. - Define a phase to be the minimum time period where each
▪ Lemma 4: In any system state (regardless of legal or not), there is process has taken an action
always at least one process that can make a move.
▪ Consider the value V of the red process and the value L of its clockwise
- Ai := length of the real shortest path from node i to root
neighbor. If V=L, the red process can make a move. If VL, there must exist - Lemma 1: At the end of phase 1, distroot = 0 and
some green process whose value differs from its clockwise neighbor’s. That
green process can make a move. disti ≥ 1 for all other i
- Lemma 2: At the end of phase r:
Illegal States  Legal States
CS4231 Parallel and Distributed Algorithms 14
— Any process i with Ai < r, we have disti = Ai
▪ Lemma 5: Regardless of the starting state, the system eventually — Any process i with Ai ≥ r, we have disti ≥ r
reach a state T where the red process has a different value from the - Prove by induction using Lemma 1 and Lemma 2
values of any other process (though the system may not remain in
such states forever)
▪ Proof: Let Q be the red process. If in the starting state Q has the same
value as some other process, then there must be an integer j (0  j  k-1)
that is not the value of any process.
▪ In any state, at least one process can make move
▪ Eventually, the number of moves will approach infinity
▪ Q moves once among every consecutive (n^2-n)/2+1 moves of the
system
▪ Q will make infinite number of moves
▪ Q will eventually take j as its value. (It takes Q any most k moves to do
so.)

CS4231 Parallel and Distributed Algorithms 15