Coping with silent and fail-stop errors at scale by combining replication and checkpointing
نویسندگان
چکیده
This paper provides a model and an analytical study of replication as a technique to detect and correct silent errors, as well as to cope with both silent and fail-stop errors on large-scale platforms. Fail-stop errors are immediately detected, unlike silent errors for which a detection mechanism is required. To detect silent errors, many application-specific techniques are available, either based on algorithms (ABFT), invariant preservation or data analytics, but replication remains the most transparent and least intrusive technique. We explore the right level (duplication, triplication or more) of replication for two frameworks: (i) when the platform is subject only to silent errors, and (ii) when the platform is subject to both silent and fail-stop errors. A higher level of replication is more expensive in terms of resource usage but enables to tolerate more errors and to correct some silent errors, hence there is a trade-off to be found. Replication is combined with checkpointing and comes with two flavors: process replication and group replication. Process replication applies to message-passing applications with communicating processes. Each process is replicated, and the platform is composed of process pairs, or triplets. Group replication applies to black-box applications, whose parallel execution is replicated several times. The platform is partitioned into two halves (or three thirds). In both scenarios, results are compared before each checkpoint, which is taken only when both results (duplication) or two out of three results (triplication) coincide. If not, one or more silent errors have been detected, and the application rolls back to the last checkpoint, as well as when fail-stop errors have struck. We provide a detailed analytical study for all of these scenarios, with formulas to decide, for each scenario, the optimal parameters as a function of the error rate, checkpoint cost, and platform size. We also report a set of extensive simulation results that nicely corroborates the analytical model. Key-words: resilience, replication, silent errors, silent data corruptions, SDC, detection, correction, duplication, triplication, voting, optimal, number of processors. Faire face aux pannes et aux erreurs silencieuses en combinant checkpoints et réplication Résumé : Ce rapport propose un modèle et une étude analytique de la réplication en tant que technique pour détecter et corriger les erreurs silencieuses. Bien que d’autres techniques existent pour les applications HPC, basées sur des algorithmes (ABFT), préservation d’invariant, ou analyse de données, la réplication reste la technique la plus transparente et la moins intrusive. Nous explorons le bon niveau (duplication, triplication ou plus) dans deux cadres différents : (i) quand la plateforme est soumise seulement aux erreurs silencieuses, et (ii) lorsque la plateforme est soumise à la fois aux pannes et aux erreurs silencieuses. Un niveau de réplication élevé est plus coûteux en terme de ressources utilisées, mais tolère un plus grand nombre d’erreurs, il y a donc un équilibre à trouver. La réplication est combinée avec des checkpoints et se présente sous deux formes : réplication de processus et réplication de groupe. La réplication de processus s’applique aux applications à passage de messages avec des processus communicants. Chaque processus est répliqué, et la plate-forme est composée de paires, ou triplets de processus. La réplication de groupe s’applique à des applications type boîte noire, dont l’exécution parallèle est répliquée plusieurs fois. La plate-forme est alors partitionnée en deux moitiés (ou trois tiers). Dans les deux scénarios, les résultats sont comparés avant chaque checkpoint, qui est effectué seulement lorsque les deux résultats (duplication) ou deux sur trois (triplication) coïncident. Sinon, une ou plusieurs erreurs silencieuses ont été détectées, et l’application redémarre depuis le dernier checkpoint, de la même façon que lorsqu’une panne survient. Nous proposons une étude analytique détaillée des deux scénarios ainsi que les paramètres optimaux fonction du taux d’erreur, du coût du checkpoint, et de la taille de la plate-forme. Nous donnons également les résultats d’un ensemble de simulations qui viennent corroborer le modèle analytique. Mots-clés : résilience, réplication, erreurs silencieuses, duplication, triplication, détection, correction, nombre de processeurs, optimal. 4 Benoit, Cavelan, Cappello, Raghavan, Robert, Sun
منابع مشابه
Two-level checkpointing and partial verifications for linear task graphs
Fail-stop and silent errors are unavoidable on large-scale platforms. Efficient resilience techniques must accommodate both error sources. A traditional checkpointing and rollback recovery approach can be used, with added verifications to detect silent errors. A fail-stop error leads to the loss of the whole memory content, hence the obligation to checkpoint on a stable storage (e.g., an extern...
متن کاملEfficient checkpoint/verification patterns for silent error detection
Resilience has become a critical problem for high performance computing. Checkpointing protocols are often used for error recovery after fail-stop failures. However, silent errors cannot be ignored, and their particularities is that such errors are identified only when the corrupted data is activated. To cope with silent errors, we need a verification mechanism to check whether the application ...
متن کاملEfficient checkpoint/verification patterns
Errors have become a critical problem for high performance computing. Checkpointing protocols are often used for error recovery after fail-stop failures. However, silent errors cannot be ignored, and their peculiarity is that such errors are identified only when the corrupted data is activated. To cope with silent errors, we need a verification mechanism to check whether the application state i...
متن کاملMulti-level checkpointing and silent error detection for linear workflows
We focus on High Performance Computing (HPC) workflows whose dependency graph forms a linear chain, and we extend single-level checkpointing in two important directions. Our first contribution targets silent errors, and combines in-memory checkpoints with both partial and guaranteed verifications. Our second contribution deals with multi-level checkpointing for failstop errors. We present sophi...
متن کاملExperimental Evaluation of the Fail-Silent Behaviour in Computers Without Error Masking
Traditionally, fail-silent computers are implemented by using massive redundancy (hardware or software). In this research we investigate if it is possible to obtain a high degree of fail-silent behavior from a computer without hardware or software replication by using only simple behavior based error detection techniques. It is assumed that if the errors caused by a fault are detected in time i...
متن کامل