sergio rajsbaum 2006 lecture 3 introduction to principles of distributed computing sergio rajsbaum...

Sergio Rajsbaum 2006

Lecture 3Introduction to Principles of

Distributed Computing

Sergio RajsbaumMath Institute

UNAM, Mexico


Lecture 3

• Part I: synchronous uniform consensus lower bound


The lecture in a nutshell

• Traditionally different models were treated in different ways

• We will see that, for consensus, this is not needed• Consensus solvability depends on how long

connectivity preserved by a particular model

X0

L(X0)

L2(X0)

Initial statesstates after one roundstates after

2 rounds

Connectivitypreserved

Connectivitydestroyed


CONSENSUS A fundamental Abstraction

Each process has an input, should decide an output s.t.

Agreement: correct processes’ decisions are the same

Validity: decision is input of one process

Termination: eventually all correct processes decide

There are at least two possible input values 0 and 1


In the rest of the course we assume all possible vectors over the input

values V unless specified otherwise


Basic Model

• Message passing (essentially equivalent to read/write shared memory model)

• Channels between every pair of processes

• Crash failurest < n potential failures out of n >1 processes

• No message loss among correct processes


Synchronous Model


Timing model

• Processor speeds– All run at the same speed

• Message delays– Constant


Round

Synchronous Model

• Algorithm runs in synchronous rounds:

– send messages to any set of processes, – receive messages from previous round, – do local processing (possibly decide, halt)

• If process i crashes in a round, then any subset of the messages i sends in this round can be lost


Synchronous Consensus

• In a run with f failures (f<t)– Processes can decide in f+1 rounds – And no less ![Lamport Fischer 82; Dolev, Reischuk, Strong 90] (early-deciding)

• 1 round with no failures

• In this talk deciding– halting takes min(f+2,t+1) [Dolev, Reischuk, Strong 90]


Uniform Consensus

• Uniform agreement: decision of every two processes is the same

Recall: with consensus, only correct processes have to agree (disagreement with the dead is OK)

This version of consensus will be useful to extend the lower bound argument to asynchronous models


Synchronous Uniform Consensus

Every algorithm has a run with f failures (f<t-1), that takes at least

f+2 rounds to decide

• [Charron-Bost, Schiper 00; KR 01]

– as opposed to f+1 for consensus


A Simple Proof of the Uniform Consensus Synchronous Lower Bound

[Keidar, Rajsbaum IPL 02]


States

• State = list of processes’ local states

• Given a fixed deterministic algorithm, state at the end of run determined by initial values and environment actions– failures, message loss– can be denoted as:

x . E1. E2. E3

x state, Ei environment actions


Connectivity

States x, x’ are similar, x~x’, if they look the same to all but at most one process

• Set of initial states of consensus is connected

• Intuition: in connected states there cannot be different decisions

000 001 111011~ ~ ~ n = 3


Coloring

• Impossibility proofs color non-decided states

• Classical coloring: valency, potential decisions state can lead to e.g. [FLP85]

• Our coloring:

val(x) = decision of correct processes in failure-free extension of x (0 or 1)


To Prove Lower Boundsor impossibility results

• Sufficient to look at subset of runs, called a system

• Simplifies proof

• A set of environment actions defines a system


Considered Environment Actions

• (i, [k]) - i fails, – messages to processes {1,…,k} lost (if sent)– [0] empty set - no loss– applicable if i non-failed and < t failures

• (0, [0]) - no failures – always applicable

Notice: at most one process fails in one round– its messages lost by prefix of processes


Layering

• Layering L = set of environment actions– L(X) = {x.E | x X, E L applicable to x}

– L0(X) = X

– Lk(X) = L(Lk-1(X))

• Define system using layers – X0 set of initial states

– System: all runs obtained from L( . )

[Moses, Rajsbaum 98; Gafni 98; Herlihy, Rajsbaum,Tuttle 98]

X0

L(X0)

L2(X0)


Proof Strategy

• Uniform Lemma: from connected set, under some conditions, 2 more rounds needed for uniform consensus (recall: 1 for consensus)

• The initial states are connected.

Connectivity lemma: for f<t+1, Lf(X0) connected– feature of model, not of the problem– also implies consensus f+1 lower bound– can be proven for all Li(X0) in other models, e.g.,

mobile failure model [MosesR98], [Santoro,Widemayer89], and asynchronous model


Uniform Lemma

• If– X connected x,x’X, s.t. val(x)= 0, val(x’)=1– In all states in X exist at least 3 non-failed

processes and 2 can fail

• Then yX s.t. in y.(0,[0]) not all decide

1-round failure-free extension of y


Uniform Lemma: Proof

• Assume, by contradiction, in failure-free extensions of y, y’, all decide after 1 round

• 2 cases: j either failed or non-failed

y’yx x’......

• X connected, val(x)= 0, val(x’)=1

differ only in state of some j


Illustrating the Contradiction Case 1: j is correct

y y’

y.(0,[0]) y’.(0,[0])

X

y y’

Xy.(1,[2]) y’.(1,[2])

X X X X

y.(1,[2]).(3,[3]) y.(1,[2]).(3,[3])

A contradiction to uniform agreement!

val(y)=0, so y leads to decision 0

in one failure-free round

look the same to process 2

look the same to process 3


The uniform consensus synchronous lower bound

• n >2, t >1, f =0

• X0 = {initial failure-free states} connected

x’,xX0 s.t. val(x)=0, val(x’)=1 (validity)

• By Uniform Lemma, from some initial state need 2 rounds to decide


Connectivity Lemma: Lf(X0) Connected for f<t+1

• Proof by induction, base immediate

• For state x, L(x) connected (next slide)

• Let x~x’X, – x, x’ differ in state of i only, i can fail– x.(i, [n]) = x’.(i, [n])

x ~ x’

L(x) L(x’)

x.(i, [n]) ~ x’.(i, [n])


L(x) is Connected

xx

x.(0,[0])~

x.(1,[0])

X

x.(0,[0]) ~ x.(2,[0]) ~ x.(2,[1]) ~ x.(2,[3])

x.(0,[0]) ~ x.(3,[0]) ~ x.(3,[1]) ~ x.(3,[2])

X

x

x.(1,[2])

X

x

x.(1,[3])~~


Theorem: f+2 Lower Bound

• Assume n>t, and f < t-1

• Lf(X0) - final states of runs with f failures

– connected

– in any state in Lf(X0) exist at least 3 non-failed processes and 2 can fail

• Take z, z’X0 s.t. val(z) val(z’),

– let x, x’ be failure-free extensions of z, z’: x=z.(i,[0])f Lf(X0)


Exercise

1. Consider Modify the theorem and the proof of this talk for the consensus problem (instead of the uniform consensus problem)


Bibliography

• Keidar and Rajsbaum, “A Simple Proof of the Uniform Consensus Synchronous Lower Bound,” in IPL, Vol. 85, pp. 47-52, 2003.

• Keidar and Rajsbaum, “On the Cost of Fault-Tolerant Consensus When There Are No Faults” in Keidar’s page, including slides and papers.

• Moses, Rajsbaum, “A Layered Analysis of Consensus,” SIAM J. Comput. 31(4): 989-1021, 2002.

• Mostéfaoui, Rajsbaum, Raynal: Conditions on input vectors for consensus solvability in asynchronous distributed systems. J. ACM, 2003

sergio rajsbaum 2006 lecture 3 introduction to principles of distributed computing sergio rajsbaum...

Documents

f failures f sergio

synchronous consensus

synchronous model slide

connected x

mexico slide

consensus solvability

tolerant consensus

synchronous rounds