You are on page 1of 60

Course 8: Thread Synchronization

Deadlocks

Course 7: Review

Syncronization solutions

Hardware

Load/Store

Disable Interrupts

Test&Set

Higher-level API

Locks

Semaphores

Monitors

Send/Receive

Programs

Shared programs

Operating System Concepts 8th Edition

6.2

Silberschatz, Galvin and Gagne

Course 7: Review
Locks
Suppose we have some sort of implementation of a lock:
Lock.Acquire() wait until lock is free, then grab
Lock.Release() unlock, waking up anyone waiting
These must be atomic operations if two threads are waiting for the
lock and both see its free, only one succeeds to grab the lock
Then, our milk problem is easy:

milklock.Acquire();
if (nomilk)
buy milk;
milklock.Release();
Once again, section of code between Acquire() and Release() called a

Critical Section

Operating System Concepts 8th Edition

6.3

Silberschatz, Galvin and Gagne

Course 7: Review
Disable Interrupts
naive Implementation of locks:
LockAcquire { disable Ints; }
LockRelease { enable Ints; }
better Implementation of locks:
int value = FREE;

Release() {
disable interrupts;
if (anyone on wait queue) {
take thread off wait queue
Place on ready queue;
} else {
value = FREE;
}
enable interrupts;
}

Acquire() {
disable interrupts;
if (value == BUSY) {
put thread on wait queue;
Go to sleep();
// Enable interrupts?
} else {
value = BUSY;
}
enable interrupts;
}

Operating System Concepts 8th Edition

6.4

Silberschatz, Galvin and Gagne

Course 7: Review
Test&Set
test&set (&address) {
result = M[address];
M[address] = 1;
return result;
}

/* most architectures */

int value = 0; // Free


Acquire() {
while (test&set(value)); // while busy
}

//Critical section
Release() {
value = 0;
}

Operating System Concepts 8th Edition

6.5

Silberschatz, Galvin and Gagne

Course 8: Thread Synchronization


Deadlocks
Locks

Hardware locks (Course 7)


Higher level solutions
Semaphores
Monitors and condition variables
Deadlocks
The Deadlock Problem
Methods for Handling Deadlocks

Deadlock Prevention

Deadlock Avoidance
Deadlock Detection
Recovery from Deadlock

Operating System Concepts 8th Edition

6.6

Silberschatz, Galvin and Gagne

Higher level solutions - semaphores

Operating System Concepts 8th Edition

6.7

Silberschatz, Galvin and Gagne

Semaphores
Semaphores are a kind of generalized lock

First defined by Dijkstra in late 60s


Main synchronization primitive used in original UNIX
Definition: a Semaphore has a non-negative integer value and
supports the following two operations:

P(): an atomic operation that waits for semaphore to become


positive, then decrements it by 1
Think of this as the wait() operation

V(): an atomic operation that increments the semaphore by 1,


waking up a waiting P, if any
This of this as the signal() operation
Note that P() stands for proberen (to test) and V() stands for
verhogen (to increment) in Dutch

Operating System Concepts 8th Edition

6.8

Silberschatz, Galvin and Gagne

Semaphores
Semaphores are like integers, except

No negative values

Only operations allowed are P and V cant read or write value,


except to set it initially

Operations must be atomic

Two Ps together cant decrement value below zero

Similarly, thread going to sleep in P wont miss wakeup from V


even if they both happen at same time

Semaphore from railway analogy

Here is a semaphore initialized to 2 for resource control:

Operating System Concepts 8th Edition

6.9

Silberschatz, Galvin and Gagne

Uses of semaphores
Mutual Exclusion (initial value = 1)

Also called Binary Semaphore.


Can be used for mutual exclusion:
semaphore.P();
// Critical section goes here
semaphore.V();
Scheduling Constraints (initial value = 0)
Locks are fine for mutual exclusion, but what if you want a thread
to wait for something?
Example: suppose you had to implement ThreadJoin which must
wait for thread to terminiate:
Initial value of semaphore = 0
ThreadJoin {
semaphore.P();
}
ThreadFinish {
semaphore.V();
}

Operating System Concepts 8th Edition

6.10

Silberschatz, Galvin and Gagne

Producer-consumer with a bounded


buffer
Problem Definition

Producer puts things into a shared buffer


Consumer takes them out
Need synchronization to coordinate producer/consumer
Dont want producer and consumer to have to work in lockstep, so put
a fixed-size buffer between them
Need to synchronize access to this buffer
Producer needs to wait if buffer is full
Consumer needs to wait if buffer is empty
Example: Coke machine
Producer can put limited number of cokes in machine
Consumer cant take cokes out if machine is empty

Producer

Operating System Concepts 8th Edition

Buffer

Consumer

6.11

Silberschatz, Galvin and Gagne

Constraints for solution


Correctness Constraints:

Consumer must wait for producer to fill buffers, if none full


(scheduling constraint)
Producer must wait for consumer to empty buffers, if all full
(scheduling constraint)
Only one thread can manipulate buffer queue at a time (mutual
exclusion)
Remember why we need mutual exclusion
Because computers are stupid
Imagine if in real life: the delivery person is filling the machine and
somebody comes up and tries to stick their money into the
machine
General rule of thumb:
Use a separate semaphore for each constraint
Semaphore fullBuffers; // consumers constraint
Semaphore emptyBuffers;// producers constraint
Semaphore mutex;
// mutual exclusion
Operating System Concepts 8th Edition

6.12

Silberschatz, Galvin and Gagne

Solution to Bounded Buffer


Semaphore fullBuffer = 0;
// Initially, no coke
Semaphore emptyBuffers = numBuffers;
// Initially, num empty slots
Semaphore mutex = 1;
// No one using machine
Producer(item) {
emptyBuffers.P();
mutex.P();
Enqueue(item);
mutex.V();
fullBuffers.V();

// Wait until space


// Wait until buffer free
// Tell consumers there is
// more coke

}
Consumer() {
fullBuffers.P();
mutex.P();
item = Dequeue();
mutex.V();
emptyBuffers.V();
return item;
}

Operating System Concepts 8th Edition

// Check if theres a coke


// Wait until machine free
// tell producer need more

6.13

Silberschatz, Galvin and Gagne

Higher level solutions - Monitors and


Condition Variables

Operating System Concepts 8th Edition

6.14

Silberschatz, Galvin and Gagne

Motivation for Monitors and Condition


Variables
Semaphores are a huge step up; just think of trying to do the bounded

buffer with only loads and stores

Problem is that semaphores are dual purpose:

They are used for both mutex and scheduling constraints

Example: the fact that flipping of Ps in bounded buffer gives


deadlock is not immediately obvious. How do you prove
correctness to someone?

Cleaner idea: Use locks for mutual exclusion and condition variables

for scheduling constraints


Definition: Monitor: a lock and zero or more condition variables for

managing concurrent access to shared data

Some languages like Java provide this natively

Most others use actual locks and condition variables

Operating System Concepts 8th Edition

6.15

Silberschatz, Galvin and Gagne

Motivation for Monitors and Condition


Variables
Lock: the lock provides mutual exclusion to shared data

Always acquire before accessing shared data structure


Always release after finishing with shared data
Lock initially free
Condition Variable: a queue of threads waiting for something inside a
critical section
Key idea: make it possible to go to sleep inside critical section by
atomically releasing lock at time we go to sleep
Contrast to semaphores: Cant wait inside critical section

Operating System Concepts 8th Edition

6.16

Silberschatz, Galvin and Gagne

Simple Monitor Example


Lock lock;
Condition dataready;
Queue queue;

AddToQueue(item) {
lock.Acquire();
// Get Lock
queue.enqueue(item);
// Add item
dataready.signal();// Signal any waiters
lock.Release();
// Release Lock
}
RemoveFromQueue() {
lock.Acquire();
while (queue.isEmpty()) {
dataready.wait(&lock);
// If nothing, sleep
}
item = queue.dequeue();
lock.Release();
return(item);
}
Operating System Concepts 8th Edition

6.17

// Get Lock

// Get next item


// Release Lock

Silberschatz, Galvin and Gagne

The Deadlock Problem

Operating System Concepts 8th Edition

6.18

Silberschatz, Galvin and Gagne

The Deadlock Problem


A set of blocked processes each holding a resource and

waiting to acquire a resource held by another process

Example

System has 2 disk drives.

P1 and P2 each hold one disk drive and each needs


another one.

Example

semaphores A and B, initialized to 1


P0

P1

wait (A); //P(A)

wait(B) //P(B)

wait (B); //P(B)

wait(A) //P(A)

Operating System Concepts 8th Edition

6.19

Silberschatz, Galvin and Gagne

Bridge Crossing Example

Each section of a bridge can be viewed as a resource.


If a deadlock occurs, it can be resolved if one car backs up

(preempt resources and rollback).


Several cars may have to be backed up if a deadlock

occurs.
Starvation is possible.

Operating System Concepts 8th Edition

6.20

Silberschatz, Galvin and Gagne

System Model
Resource types R1, R2, . . ., Rm

CPU cycles, memory space, I/O devices


Each resource type Ri has wi instances.
Each process utilizes a resource as follows:

request

use

release

Operating System Concepts 8th Edition

6.21

Silberschatz, Galvin and Gagne

Deadlock Conditions
Deadlock can arise if four conditions hold simultaneously.
Mutual exclusion: only one process at a time can use a

resource.
Hold and wait: a process holding at least one resource is
waiting to acquire additional resources held by other
processes.
No preemption: a resource can be released only
voluntarily by the process holding it, after that process has
completed its task.
Circular wait: there exists a set {P0, P1, Pn, P0} of
waiting processes such that P0 is waiting for a resource that
is held by P1, P1 is waiting for a resource that is held by
P2, etc., and Pn is waiting for a resource that is held by P0.

Operating System Concepts 8th Edition

6.22

Silberschatz, Galvin and Gagne

Resource-Allocation Graph
A set of vertices/nodes V and a set of edges E.
V consist in two types:

P = {P1, P2, , Pn}, the set of all the processes in the


system.

R = {R1, R2, , Rm}, the set of all resource types in the


system.

request edge directed edge P1 Rj


assignment edge directed edge Rj Pi

Operating System Concepts 8th Edition

6.23

Silberschatz, Galvin and Gagne

Resource-Allocation Graph (Cont.)


Process

Resource Type with 4 instances

Pi requests instance of Rj

Pi
Rj

Pi is holding an instance of Rj

Pi
Rj
Operating System Concepts 8th Edition

6.24

Silberschatz, Galvin and Gagne

Example of a Resource Allocation Graph

Operating System Concepts 8th Edition

6.25

Silberschatz, Galvin and Gagne

Resource Allocation Graph With A Deadlock

Operating System Concepts 8th Edition

6.26

Silberschatz, Galvin and Gagne

Graph With A Cycle But No Deadlock

Operating System Concepts 8th Edition

6.27

Silberschatz, Galvin and Gagne

Basic Facts
If graph contains no cycles no deadlock.
If graph contains a cycle

if only one instance per resource type, then deadlock.

if several instances per resource type, possibility of


deadlock.

Operating System Concepts 8th Edition

6.28

Silberschatz, Galvin and Gagne

Deadlock Handling
Deadlock prevention
Deadlock avoidance
Deadlock detection
Operating System Concepts 8th Edition

6.29

Silberschatz, Galvin and Gagne

Methods for Handling Deadlocks


Ensure that the system will never enter a deadlock state.
Allow the system to enter a deadlock state and then

recover.
Ignore the problem and pretend that deadlocks never occur

in the system; used by most operating systems, including


UNIX.

Operating System Concepts 8th Edition

6.30

Silberschatz, Galvin and Gagne

Deadlock Prevention
Restrain the ways request can be made.
Mutual Exclusion not required for sharable resources;

must hold for nonsharable resources.


Hold and Wait must guarantee that whenever a process

requests a resource, it does not hold any other resources.

Require process to request and be allocated all its


resources before it begins execution;

Or allow process to request resources only when the


process has none.

Low resource utilization; starvation possible.

Operating System Concepts 8th Edition

6.31

Silberschatz, Galvin and Gagne

Deadlock Prevention (Cont.)


No Preemption

If a process that is holding some resources requests


another resource that cannot be immediately allocated to
it, then all resources currently being held are released.

Preempted resources are added to the list of resources


for which the process is waiting.

Process will be restarted only when it can regain its old


resources, as well as the new ones that it is requesting.

Circular Wait impose a total ordering of all resource types,

and require that each process requests resources in an


increasing order of enumeration.

Operating System Concepts 8th Edition

6.32

Silberschatz, Galvin and Gagne

Deadlock Avoidance
Requires that the system has some additional a priori information
available.
Simplest and most useful model requires that each process

declare the maximum number of resources of each type


that it may need.
The deadlock-avoidance algorithm dynamically examines

the resource-allocation state to ensure that there can never


be a circular-wait condition.
Resource-allocation state is defined by the number of

available and allocated resources, and the maximum


demands of the processes.

Operating System Concepts 8th Edition

6.33

Silberschatz, Galvin and Gagne

Safe State
When a process requests an available resource, system must

decide if immediate allocation leaves the system in a safe state.


System is in safe state if there exists a sequence <P1, P2, , Pn>

of ALL the processes is the systems such that for each Pi, the
resources that Pi can still request can be satisfied by currently
available resources + resources held by all the Pj, with j < i.
That is:

If Pi resource needs are not immediately available, then Pi


can wait until all Pj have finished.

When Pj is finished, Pi can obtain needed resources,


execute, return allocated resources, and terminate.

When Pi terminates, Pi +1 can obtain its needed resources,


and so on.

Operating System Concepts 8th Edition

6.34

Silberschatz, Galvin and Gagne

Basic Facts
If a system is in safe state no deadlocks.
If a system is in unsafe state possibility of deadlock.
Avoidance ensure that a system will never enter an

unsafe state.

Operating System Concepts 8th Edition

6.35

Silberschatz, Galvin and Gagne

Safe, Unsafe , Deadlock State

Operating System Concepts 8th Edition

6.36

Silberschatz, Galvin and Gagne

Avoidance algorithms
Single instance of a resource type. Use a resource-

allocation graph
Multiple instances of a resource type. Use the bankers

algorithm

Operating System Concepts 8th Edition

6.37

Silberschatz, Galvin and Gagne

Resource-Allocation Graph Scheme


Claim edge Pi Rj indicated that process Pj may request

resource Rj; represented by a dashed line.


Claim edge converts to request edge when a process

requests a resource.
Request edge converted to an assignment edge when the

resource is allocated to the process.


When a resource is released by a process, assignment

edge reconverts to a claim edge.


Resources must be claimed a priori in the system.

Operating System Concepts 8th Edition

6.38

Silberschatz, Galvin and Gagne

Resource-Allocation Graph

Operating System Concepts 8th Edition

6.39

Silberschatz, Galvin and Gagne

Unsafe State In Resource-Allocation Graph

Operating System Concepts 8th Edition

6.40

Silberschatz, Galvin and Gagne

Resource-Allocation Graph Algorithm


Suppose that process Pi requests a resource Rj
The request can be granted only if converting the request edge to an

assignment edge does not result in the formation of a cycle in the


resource allocation graph

Operating System Concepts 8th Edition

6.41

Silberschatz, Galvin and Gagne

Bankers Algorithm
Multiple instances for resources.
Each process must a priori claim maximum use.
When a process requests a resource it may have to wait.
When a process gets all its resources it must return them in

a finite amount of time.

Operating System Concepts 8th Edition

6.42

Silberschatz, Galvin and Gagne

Data Structures for the Bankers Algorithm


Let n = number of processes, and m = number of resources types.
Available: Vector of length m. If available [j] = k, there are

k instances of resource type Rj available.


Max: n x m matrix. If Max [i,j] = k, then process Pi may

request at most k instances of resource type Rj.


Allocation: n x m matrix. If Allocation[i,j] = k then Pi is

currently allocated k instances of Rj.


Need: n x m matrix. If Need[i,j] = k, then Pi may need k

more instances of Rj to complete its task.

Need [i,j] = Max[i,j] Allocation [i,j].

Operating System Concepts 8th Edition

6.43

Silberschatz, Galvin and Gagne

Safety Algorithm
1. Let Work and Finish be vectors of length m and n,
respectively. Initialize:
Work = Available
Finish [i] = false for i = 0, 1, , n- 1.
2. Find and i such that both:
(a) Finish [i] = false
(b) Needi Work
If no such i exists, go to step 4.
3. Work = Work + Allocationi
Finish[i] = true
go to step 2.
4. If Finish [i] == true for all i, then the system is in a safe
state.

Operating System Concepts 8th Edition

6.44

Silberschatz, Galvin and Gagne

Resource-Request Algorithm for Process Pi


Request = request vector for process Pi. If Requesti [j] = k then
process Pi wants k instances of resource type Rj.
1. If Requesti Needi go to step 2. Otherwise, raise error
condition, since process has exceeded its maximum claim.
2. If Requesti Available, go to step 3. Otherwise Pi must
wait, since resources are not available.
3. Pretend to allocate requested resources to Pi by modifying
the state as follows:
Available = Available Request;
Allocationi = Allocationi + Requesti;
Needi = Needi Requesti;
If safe the resources are allocated to Pi.
If unsafe Pi must wait, and the old resource-allocation
state is restored

Operating System Concepts 8th Edition

6.45

Silberschatz, Galvin and Gagne

Example of Bankers Algorithm


5 processes P0 through P4;

3 resource types:

A (10 instances), B (5 instances), and C (7 instances).


Snapshot at time T0:

Allocation

Max

Available

ABC

ABC

ABC

P0

010

753

332

P1

200

322

P2

302

902

P3

211

222

P4

002

433

Operating System Concepts 8th Edition

6.46

Silberschatz, Galvin and Gagne

Example (Cont.)
The content of the matrix Need is defined to be Max Allocation.

The system is in a safe state since the sequence < P1, P3, P4, P2, P0>

satisfies safety criteria.

Operating System Concepts 8th Edition

6.47

Silberschatz, Galvin and Gagne

Example: P1 Request (1,0,2)


Check that Request Available (that is, (1,0,2) (3,3,2) true.

Executing safety algorithm shows that sequence < P1, P3, P4, P0, P2>
satisfies safety requirement.
Can request for (3,3,0) by P4 be granted?
Can request for (0,2,0) by P0 be granted?

Operating System Concepts 8th Edition

6.48

Silberschatz, Galvin and Gagne

Deadlock Detection
Allow system to enter deadlock state
Detection algorithm
Recovery scheme

Operating System Concepts 8th Edition

6.49

Silberschatz, Galvin and Gagne

Single Instance of Each Resource Type


Maintain wait-for graph

Nodes are processes.

Pi Pj if Pi is waiting for Pj.

Periodically invoke an algorithm that searches for a cycle in

the graph. If there is a cycle, there exists a deadlock.


An algorithm to detect a cycle in a graph requires an order

of n2 operations, where n is the number of vertices in the


graph.

Operating System Concepts 8th Edition

6.50

Silberschatz, Galvin and Gagne

Resource-Allocation Graph and Wait-for Graph

Resource-Allocation Graph

Operating System Concepts 8th Edition

6.51

Corresponding wait-for graph

Silberschatz, Galvin and Gagne

Several Instances of a Resource Type


Available: A vector of length m indicates the number of

available resources of each type.


Allocation: An n x m matrix defines the number of resources

of each type currently allocated to each process.


Request: An n x m matrix indicates the current request of

each process. If Request [ij] = k, then process Pi is


requesting k more instances of resource type. Rj.

Operating System Concepts 8th Edition

6.52

Silberschatz, Galvin and Gagne

Detection Algorithm
1. Let Work and Finish be vectors of length m and n, respectively
Initialize:
(a) Work = Available

(b) For i = 1,2, , n, if Allocationi 0, then


Finish[i] = false;otherwise, Finish[i] = true.
2. Find an index i such that both:
(a) Finish[i] == false

(b) Requesti Work


If no such i exists, go to step 4.

Operating System Concepts 8th Edition

6.53

Silberschatz, Galvin and Gagne

Detection Algorithm (Cont.)


3. Work = Work + Allocationi
Finish[i] = true
go to step 2.
4. If Finish[i] == false, for some i, 1 i n, then the system is in
deadlock state. Moreover, if Finish[i] == false, then Pi is
deadlocked.

Algorithm requires an order of O(m x n2) operations to detect


whether the system is in deadlocked state.

Operating System Concepts 8th Edition

6.54

Silberschatz, Galvin and Gagne

Example of Detection Algorithm


Five processes P0 through P4; three resource types

A (7 instances), B (2 instances), and C (6 instances).


Snapshot at time T0:

Allocation

Request

Available

ABC

ABC

ABC

P0

010

000

000

P1

200

202

P2

303

000

P3

211

100

P4

002

002

Sequence <P0, P2, P3, P1, P4> will result in Finish[i] = true for all i.

Operating System Concepts 8th Edition

6.55

Silberschatz, Galvin and Gagne

Example (Cont.)
P2 requests an additional instance of type C.

State of system?

Can reclaim resources held by process P0, but insufficient


resources to fulfill other processes; requests.

Deadlock exists, consisting of processes P1, P2, P3, and P4.

Operating System Concepts 8th Edition

6.56

Silberschatz, Galvin and Gagne

Detection-Algorithm Usage
When, and how often, to invoke depends on:

How often a deadlock is likely to occur?

How many processes will need to be rolled back?

one for each disjoint cycle

If detection algorithm is invoked arbitrarily, there may be many

cycles in the resource graph and so we would not be able to tell


which of the many deadlocked processes caused the deadlock.

Operating System Concepts 8th Edition

6.57

Silberschatz, Galvin and Gagne

Recovery from Deadlock: Process Termination


Abort all deadlocked processes.
Abort one process at a time until the deadlock cycle is eliminated.
In which order should we choose to abort?

Priority of the process.

How long process has computed, and how much longer to


completion.

Resources the process has used.

Resources process needs to complete.

How many processes will need to be terminated.

Is process interactive or batch?

Operating System Concepts 8th Edition

6.58

Silberschatz, Galvin and Gagne

Recovery from Deadlock: Resource Preemption


Selecting a victim minimize cost.

Rollback return to some safe state, restart process for that state.
Starvation same process may always be picked as victim,

include number of rollback in cost factor.

Operating System Concepts 8th Edition

6.59

Silberschatz, Galvin and Gagne

End of Course 8