4.2.22 · D5Operating Systems

Question bank — Deadlock detection and recovery

2,348 words11 min readBack to topic
Figure — Deadlock detection and recovery
Figure — Deadlock detection and recovery

The bucket starts nearly empty (). Each time a process passes , it finishes and pours its into the bucket, so the level rises. As the level rises, requests that were "too big" a moment ago now fit — that is the snowball. If at some point no remaining process's request fits the current level and the level stops rising, those leftover processes can never be satisfied → they are the deadlocked set (shown in coral at the bottom of the figure).


True or false — justify

A cycle in the Wait-For Graph always means deadlock.
Only in a single-instance system. With multiple instances per type another holder may release an instance that frees a waiter, so the cycle can dissolve without simulation confirming it (see the finish-snowball figure s02).
If the detection loop finishes with every , the system is deadlock-free right now.
True — a valid finish order exists, so every process can obtain its current , run, and release; nobody is permanently stuck.
Deadlock detection guarantees no process will ever deadlock in the future.
False. Detection is a snapshot of the current state; it says nothing about requests that arrive later. See Deadlock Prevention vs Avoidance — only avoidance/prevention look forward.
A process holding zero resources can still be part of a deadlock.
False. With it starts : it holds nothing anyone waits for, so it cannot sit in a circular-wait chain.
Running detection more often is strictly better because you catch deadlocks sooner.
False. Detection costs (justified in the Why section); running it on every ungrantable request is huge overhead. Rareness of deadlock is exactly why we tolerate delay.
Aborting all deadlocked processes is the safest recovery because it definitely works.
It definitely breaks the deadlock, but "safest" is wrong — it discards the most work. Abort-one-at-a-time wastes less but reruns the detector repeatedly.
The detection algorithm and Banker's safety check are the same algorithm.
False. The loop shape matches, but detection tests actual current (backward-looking) while Banker's tests (worst-case, forward-looking).
Preempting a resource always requires a rollback.
Essentially true: the victim lost a resource mid-use, so it must roll back to a safe checkpoint (or restart) to stay consistent — you can't just continue as if nothing happened.
If deadlock detection reports "no deadlock", CPU utilization must be high.
False. Utilization can be low for many reasons (I/O waits, idle jobs). Low utilization is only a trigger to consider running detection, not a synonym for deadlock.

Spot the error

"With multiple instances, we detect deadlock by finding a cycle in the Wait-For Graph."
Error: WFG cycles only decide single-instance systems. Multiple instances require the finish-simulation, because a cycle there is necessary but not sufficient.
"In detection we use to see who can finish."
Error: that's Banker's, which uses the worst-case leftover need. Detection uses the actual current , not any maximum.
" means process finished, so add to ."
Two errors: it means can finish (not that it did), and we add to (reclaim what it holds), not the other way round.
"Since all four Coffman conditions must hold, breaking mutual exclusion is the standard recovery."
Error: the four conditions are mutual exclusion (a resource can't be shared), hold-and-wait, no-preemption, and circular-wait — and mutual exclusion is usually intrinsic (a printer can't be shared), so recovery normally breaks no-preemption (preempt) or circular-wait (abort) instead. See Coffman Conditions.
"Victim selection just picks the process with the fewest resources so cleanup is fast."
Oversimplified/wrong. Cost blends priority, time already run, resources held, processes affected, and — crucially — number of prior rollbacks to prevent starvation.
"The detector tells us exactly which request caused the deadlock."
Error: if detection runs periodically rather than on every request, many requests happened since the deadlock formed, so you generally can't pinpoint the culprit request.
"A safe state and a deadlock-free snapshot are the same thing."
Error: safe (Banker's) means a safe sequence exists for all future worst-case demands (); deadlock-free detection only means the current can all be satisfied. Safe ⊂ deadlock-free.

Why questions

Why does a zero request always pass the test?
Because the is component-wise (defined above): holds for any non-negative since every entry . A process asking for nothing needs nothing granted, so it finishes immediately and releases its holdings. Example with : P0 with passes even when .
Why do we optimistically grant to whoever can run instead of proving deadlock directly?
Toy example with types: pool starts empty , but P0 holds and requests nothing. Grant P0 → it finishes → grows to . Now a process that needed that one unit of the second type can run, hands its stuff back, and the pool snowballs. Anyone still unsatisfiable after the pool stops growing is genuinely, permanently stuck — that's your deadlock set. (See figure s02.)
Why include the number of rollbacks in a victim's cost function?
To prevent starvation. Imagine the cost picks the cheapest victim; if process X is always cheapest, it gets preempted, rolled back, preempted, rolled back… forever and never finishes. Adding "how many times has X already been rolled back?" makes X grow expensive, so eventually someone else is chosen and X can complete.
Why does the single-instance case cost while multiple instances cost ?
Single instance = plain cycle detection on the Wait-For Graph, whose nodes are the processes; DFS visits each node and edge, and with up to nodes and up to possible edges that is (here = number of processes, same used everywhere on this page). Multiple instances: each pass of the finish-loop scans all processes, and for each one compares resource components in — that's work per pass. In the worst case only one new process finishes per pass, so you need up to passes → .
Why is "detect and recover" chosen over prevention when deadlocks are rare?
Prevention/avoidance runs a check on every single resource request — a permanent tax paid millions of times a second. Detect-and-recover pays nothing per request and only runs the expensive detector occasionally (e.g. when CPU utilization dips). If deadlocks almost never happen, the occasional big bill is far cheaper than the constant small one.
Why can't preemption recovery skip the rollback and just resume the victim later?
Walk it through: process X was halfway through writing a file using resource R when R was snatched. X's internal state (variables, half-written data) assumes it still holds R and its work is intact. If you just hand R back and resume, X continues from corrupt state. Instead it must return to a consistent checkpoint taken before R was in use, and redo from there.

Edge cases

What happens if starts as all zeros?
Detection still works: begins at , so only processes with a zero (or ones satisfied once a finisher reclaims resources) can start. The whole snowball bootstraps from reclaimed , not from free instances.
What if every process holds resources but every is zero?
No deadlock — each process needs nothing more, so all pass the test immediately and finish; there's no circular wait to trap them.
Can a WFG cycle appear yet the snapshot be deadlock-free?
Yes — but only with multiple instances. The snowball may let a third holder finish and release an instance that satisfies one process in the loop, breaking the "cycle". This is exactly why single-instance WFG cycles are sufficient but multi-instance ones are not: the graph loses information about spare copies.
A single process requests more of a resource than the system will ever have — deadlock?
No, that's not deadlock (no set of mutually-waiting processes); it's an unsatisfiable request / error. Deadlock needs circular waiting among a set of two or more.
Detection runs, finds nobody can finish, but one process was about to voluntarily release — is it really deadlocked?
By the snapshot it is deadlocked. Detection judges the frozen state; a release that hasn't happened yet isn't visible, which is a limitation of snapshot-based detection, not a false positive of the rule.
Only three of the four Coffman conditions hold — can deadlock occur?
No. All four (mutual exclusion, hold-and-wait, no-preemption, circular-wait) are necessary; break any one and deadlock is impossible — which is exactly how recovery works.

Recall One-line self-test

The two verdict rules ::: Single instance: cycle in WFG is necessary AND sufficient. Multiple instances: run the finish-simulation; leftover processes are deadlocked. The two recovery families ::: Process termination (abort all / abort one-by-one, rerunning the detector) and resource preemption (pick victim → rollback to a checkpoint → count rollbacks to avoid starvation).