Sergio Rajsbaum 2006 Lecture 3 Introduction to Principles of Distributed Computing Sergio Rajsbaum...
-
date post
19-Dec-2015 -
Category
Documents
-
view
214 -
download
0
Transcript of Sergio Rajsbaum 2006 Lecture 3 Introduction to Principles of Distributed Computing Sergio Rajsbaum...
Sergio Rajsbaum 2006
Lecture 3Introduction to Principles of
Distributed Computing
Sergio RajsbaumMath Institute
UNAM, Mexico
Sergio Rajsbaum 2006
The lecture in a nutshell
• Traditionally different models were treated in different ways
• We will see that, for consensus, this is not needed• Consensus solvability depends on how long
connectivity preserved by a particular model
X0
L(X0)
L2(X0)
Initial statesstates after one roundstates after
2 rounds
Connectivitypreserved
Connectivitydestroyed
Sergio Rajsbaum 2006
CONSENSUS A fundamental Abstraction
Each process has an input, should decide an output s.t.
Agreement: correct processes’ decisions are the same
Validity: decision is input of one process
Termination: eventually all correct processes decide
There are at least two possible input values 0 and 1
Sergio Rajsbaum 2006
In the rest of the course we assume all possible vectors over the input
values V unless specified otherwise
Sergio Rajsbaum 2006
Basic Model
• Message passing (essentially equivalent to read/write shared memory model)
• Channels between every pair of processes
• Crash failurest < n potential failures out of n >1 processes
• No message loss among correct processes
Sergio Rajsbaum 2006
Timing model
• Processor speeds– All run at the same speed
• Message delays– Constant
Sergio Rajsbaum 2006
Round
Synchronous Model
• Algorithm runs in synchronous rounds:
– send messages to any set of processes, – receive messages from previous round, – do local processing (possibly decide, halt)
• If process i crashes in a round, then any subset of the messages i sends in this round can be lost
Sergio Rajsbaum 2006
Synchronous Consensus
• In a run with f failures (f<t)– Processes can decide in f+1 rounds – And no less ![Lamport Fischer 82; Dolev, Reischuk, Strong 90] (early-deciding)
• 1 round with no failures
• In this talk deciding– halting takes min(f+2,t+1) [Dolev, Reischuk, Strong 90]
Sergio Rajsbaum 2006
Uniform Consensus
• Uniform agreement: decision of every two processes is the same
Recall: with consensus, only correct processes have to agree (disagreement with the dead is OK)
This version of consensus will be useful to extend the lower bound argument to asynchronous models
Sergio Rajsbaum 2006
Synchronous Uniform Consensus
Every algorithm has a run with f failures (f<t-1), that takes at least
f+2 rounds to decide
• [Charron-Bost, Schiper 00; KR 01]
– as opposed to f+1 for consensus
Sergio Rajsbaum 2006
A Simple Proof of the Uniform Consensus Synchronous Lower Bound
[Keidar, Rajsbaum IPL 02]
Sergio Rajsbaum 2006
States
• State = list of processes’ local states
• Given a fixed deterministic algorithm, state at the end of run determined by initial values and environment actions– failures, message loss– can be denoted as:
x . E1. E2. E3
x state, Ei environment actions
Sergio Rajsbaum 2006
Connectivity
States x, x’ are similar, x~x’, if they look the same to all but at most one process
• Set of initial states of consensus is connected
• Intuition: in connected states there cannot be different decisions
000 001 111011~ ~ ~ n = 3
Sergio Rajsbaum 2006
Coloring
• Impossibility proofs color non-decided states
• Classical coloring: valency, potential decisions state can lead to e.g. [FLP85]
• Our coloring:
val(x) = decision of correct processes in failure-free extension of x (0 or 1)
Sergio Rajsbaum 2006
To Prove Lower Boundsor impossibility results
• Sufficient to look at subset of runs, called a system
• Simplifies proof
• A set of environment actions defines a system
Sergio Rajsbaum 2006
Considered Environment Actions
• (i, [k]) - i fails, – messages to processes {1,…,k} lost (if sent)– [0] empty set - no loss– applicable if i non-failed and < t failures
• (0, [0]) - no failures – always applicable
Notice: at most one process fails in one round– its messages lost by prefix of processes
Sergio Rajsbaum 2006
Layering
• Layering L = set of environment actions– L(X) = {x.E | x X, E L applicable to x}
– L0(X) = X
– Lk(X) = L(Lk-1(X))
• Define system using layers – X0 set of initial states
– System: all runs obtained from L( . )
[Moses, Rajsbaum 98; Gafni 98; Herlihy, Rajsbaum,Tuttle 98]
X0
L(X0)
L2(X0)
Sergio Rajsbaum 2006
Proof Strategy
• Uniform Lemma: from connected set, under some conditions, 2 more rounds needed for uniform consensus (recall: 1 for consensus)
• The initial states are connected.
Connectivity lemma: for f<t+1, Lf(X0) connected– feature of model, not of the problem– also implies consensus f+1 lower bound– can be proven for all Li(X0) in other models, e.g.,
mobile failure model [MosesR98], [Santoro,Widemayer89], and asynchronous model
Sergio Rajsbaum 2006
Uniform Lemma
• If– X connected x,x’X, s.t. val(x)= 0, val(x’)=1– In all states in X exist at least 3 non-failed
processes and 2 can fail
• Then yX s.t. in y.(0,[0]) not all decide
1-round failure-free extension of y
Sergio Rajsbaum 2006
Uniform Lemma: Proof
• Assume, by contradiction, in failure-free extensions of y, y’, all decide after 1 round
• 2 cases: j either failed or non-failed
y’yx x’......
• X connected, val(x)= 0, val(x’)=1
differ only in state of some j
Sergio Rajsbaum 2006
Illustrating the Contradiction Case 1: j is correct
y y’
y.(0,[0]) y’.(0,[0])
X
y y’
Xy.(1,[2]) y’.(1,[2])
X X X X
y.(1,[2]).(3,[3]) y.(1,[2]).(3,[3])
A contradiction to uniform agreement!
val(y)=0, so y leads to decision 0
in one failure-free round
look the same to process 2
look the same to process 3
Sergio Rajsbaum 2006
The uniform consensus synchronous lower bound
• n >2, t >1, f =0
• X0 = {initial failure-free states} connected
x’,xX0 s.t. val(x)=0, val(x’)=1 (validity)
• By Uniform Lemma, from some initial state need 2 rounds to decide
Sergio Rajsbaum 2006
Connectivity Lemma: Lf(X0) Connected for f<t+1
• Proof by induction, base immediate
• For state x, L(x) connected (next slide)
• Let x~x’X, – x, x’ differ in state of i only, i can fail– x.(i, [n]) = x’.(i, [n])
x ~ x’
L(x) L(x’)
x.(i, [n]) ~ x’.(i, [n])
Sergio Rajsbaum 2006
L(x) is Connected
xx
x.(0,[0])~
x.(1,[0])
X
x.(0,[0]) ~ x.(2,[0]) ~ x.(2,[1]) ~ x.(2,[3])
x.(0,[0]) ~ x.(3,[0]) ~ x.(3,[1]) ~ x.(3,[2])
X
x
x.(1,[2])
X
x
x.(1,[3])~~
Sergio Rajsbaum 2006
Theorem: f+2 Lower Bound
• Assume n>t, and f < t-1
• Lf(X0) - final states of runs with f failures
– connected
– in any state in Lf(X0) exist at least 3 non-failed processes and 2 can fail
• Take z, z’X0 s.t. val(z) val(z’),
– let x, x’ be failure-free extensions of z, z’: x=z.(i,[0])f Lf(X0)
Sergio Rajsbaum 2006
Exercise
1. Consider Modify the theorem and the proof of this talk for the consensus problem (instead of the uniform consensus problem)
Sergio Rajsbaum 2006
Bibliography
• Keidar and Rajsbaum, “A Simple Proof of the Uniform Consensus Synchronous Lower Bound,” in IPL, Vol. 85, pp. 47-52, 2003.
• Keidar and Rajsbaum, “On the Cost of Fault-Tolerant Consensus When There Are No Faults” in Keidar’s page, including slides and papers.
• Moses, Rajsbaum, “A Layered Analysis of Consensus,” SIAM J. Comput. 31(4): 989-1021, 2002.
• Mostéfaoui, Rajsbaum, Raynal: Conditions on input vectors for consensus solvability in asynchronous distributed systems. J. ACM, 2003