Download presentation
Presentation is loading. Please wait.
1
CPSC 668Set 11: Asynchronous Consensus1 CPSC 668 Distributed Algorithms and Systems Fall 2006 Prof. Jennifer Welch
2
CPSC 668Set 11: Asynchronous Consensus2 Impossibility of Asynchronous Consensus 1.Show impossible in read/write shared memory with n processors and n - 1 faults prove directly: not hard since so many faults implies there is no 2-proc algorithm for 1 fault 2.Show impossible in r/w shared memory with n processors and 1 fault. Use reduction: use a hypothetical n-proc algorithm for 1 fault as a subroutine to design a 2-proc algorithm for 1 fault 3.Show impossible in message passing with n processors and 1 fault. Use reduction: use a hypothetical message passing algorithm as a subroutine to design a shared memory algorithm
3
CPSC 668Set 11: Asynchronous Consensus3 Modeling Asynchronous Systems with Crash Failures Let f be the maximum number of faulty processors. For both SM and MP: All but f of the processors must take an infinite number of steps in an admissible execution. For MP: Also require that all messages sent must eventually be delivered, except for those sent by a faulty processor in its last step, which might or might not be delivered.
4
CPSC 668Set 11: Asynchronous Consensus4 Wait-Free Algorithms An algorithm for n processors is wait-free if it can tolerate n - 1 failures. Intuition is that a nonfaulty processor does not wait for other processors to do something: it cannot, because it might be the only processor left alive. First result is to show that there is no wait- free consensus algorithm in the asynchronous r/w shared memory model.
5
CPSC 668Set 11: Asynchronous Consensus5 Impossibility of Wait-Free Consensus Suppose in contradiction there is an n- processor algorithm for n - 1 faults in the asynchronous read/write shared memory model. Proof is similar to that showing f + 1 rounds are necessary in the synchronous message passing model. bivalent initial config bivalent config bivalent config bivalent config bivalent config …
6
CPSC 668Set 11: Asynchronous Consensus6 Modified Notion of Bivalence In the synchronous round lower bound proof, valency referred to which decisions are reachable in failure- sparse admissible executions. For this proof, we are concerned with which decisions are reachable in any execution, as long as it is admissible (for the asynchronous shared memory model with up to n - 1 failures).
7
CPSC 668Set 11: Asynchronous Consensus7 Univalent Similarity Lemma (5.15): If C 1 and C 2 are both univalent and they are similar w.r.t. p i, then they have the same valency. Proof: C 1 v-valent p i -only p i decides v C 2 w-valent p i decides v
8
CPSC 668Set 11: Asynchronous Consensus8 Bivalent Initial Configuration Lemma (5.16): There exists a bivalent initial configuration Proof is a simpler version of what we did for the synchronous f + 1 round lower bound proof.
9
CPSC 668Set 11: Asynchronous Consensus9 Critical Processors If C is bivalent and i(C) (result of p i taking one step) is univalent, then p i is critical in C. Lemma (5.17): If C is bivalent, then at least one processor is not critical in C. Proof: Suppose in contradiction all processors are critical. C bival. j(C) 1-val. i(C) 0-val. pipi pjpj Rest of proof is case analysis of what p i and p j do in their two steps
10
CPSC 668Set 11: Asynchronous Consensus10 Critical Processors Case 1: p i and p j access different registers. j(C) 1-val. pjpj C bival. i(C) 0-val. pipi pjpj pipi Case 2: p i and p j read same register. Same proof.
11
CPSC 668Set 11: Asynchronous Consensus11 Critical Processors Case 3: p i writes to a register R and p j reads from R. C bival. p j reads from R p i writes to R i(C) 0-val j(C) 1-val i(j(C)) 1-val look the same to p i p i writes to R
12
CPSC 668Set 11: Asynchronous Consensus12 Critical Processors Case 4: What if p i and p j both write to the same shared variable? Can "assume away" the problem by assuming we only have single-writer shared variables. Or, can do a similar proof for this case.
13
CPSC 668Set 11: Asynchronous Consensus13 Finishing the Impossibility Proof Create an admissible execution C 0,i 1,C 1,i 2,C 2,… in which all configurations are bivalent. –contradicts termination requirement Start with bivalent initial configuration. Suppose we have bivalent C k. To get bivalent C k+1 : –Let p i k+1 be a proc. that is not critical in C k. –Let C k+1 be i k+1 (C k ).
14
CPSC 668Set 11: Asynchronous Consensus14 Impossibility of 1-Resilient Consensus Even if the ratio of nonfaulty processors becomes overwhelming, consensus still cannot be solved in asynchronous SM (with read/write registers). 1.Assume there exists an algorithm A for n processors and 1 failure. 2.Use A as a subroutine to design an algorithm A' for 2 processors and 1 failure. 3.We just showed such an A' cannot exist. 4.Thus A cannot exist.
15
CPSC 668Set 11: Asynchronous Consensus15 Features of Assumed Algorithm Assume in contradiction that there exists algorithm A for processors q 0, q 1, …, q n-1 that solves consensus with 1 failure. W.l.o.g., assume A satisfies: each q j has a single shared register R j which it writes and others read; initially empty code of each q j alternates reads and writes, beginning with a read each write step of q j writes q j 's entire current local state into R j
16
CPSC 668Set 11: Asynchronous Consensus16 Idea of Simulation Construct algorithm A' for 2 processors, p 0 and p 1 that solves consensus with 1 failure: Each p i goes through the q j 's in round robin order, trying to simulate their steps. When p i begins the simulation for each q j, it uses its own input as the input for q j. If p i ever simulates a decision step by some q j, it decides the same value. How do p 0 and p 1 keep their simulations consistent? –Steps are grouped into pairs, a read and the following write. –p 0 and p 1 need to "agree" on the value of each q j 's local state after each pair of steps by q j.
17
CPSC 668Set 11: Asynchronous Consensus17 Keeping Simulations Consistent For q j 's k-th pair, p 0 and p 1 each have a Flag shared variable and a Suggest shared variable. Assume q j 's (k-1)-st pair has been computed. p i calculates its suggestion for q j 's state after the k-th pair (more details shortly). p i checks if p 1-i has made a suggestion for this state of q j. If not, then p i sets its Flag to 1. If so, then p i sets its Flag to 0.
18
CPSC 668Set 11: Asynchronous Consensus18 Winner for a Pair Intepretation of Flag shared variables for q j 's k-th pair: 1.If p i 's Flag is 1, then p i is the winner. 2.If both are 0, then consider p 0 the winner. 3.If one is 0 and the other is not yet set, then winner is not determined. 4.If neither is set yet, then winner is not determined. 5.Not possible for both to be 1. (Convince yourself.) In situations 1 and 2, q j 's k-th pair is said to be computed.
19
CPSC 668Set 11: Asynchronous Consensus19 Calculating Suggestion for Simulated State How does p i calculate its suggestion for q j 's state after q j 's k-th pair? Get q j 's state after q j 's (k-1)-st pair: –determine winner for that pair –get the winner's suggestion (in winner's Suggest variable for that pair) –(if k - 1 = 0 then use q j 's initial state with p i 's input) Determine (from state just obtained) which processor's register (say q r ) q j is to read in its k-th pair
20
CPSC 668Set 11: Asynchronous Consensus20 Calculating Suggestion for Simulated State Get current value of q r 's register: –Find largest m such that q r 's m-th pair has been computed –Get the winning suggestion for that pair Apply q j 's transition function to q j 's state after (k-1)-st pair and current value of q r 's register to get value of q j 's state after its k-th pair.
21
CPSC 668Set 11: Asynchronous Consensus21 Correctness of 2-Proc. Algorithm Each admissible execution of A' (by p 0 and p 1 ) simulates an execution of A (by q 0 through q n-1 ). If p i observes some q j make a decision in the simulated execution, then p i makes the same decision. If the simulated execution of A were to be admissible, then it would satisfy –termination: eventually the q j 's decide –agreement: the q j 's make the same decision –validity: if all q j 's have input v, then decision is v. Remember that the simulated execution's inputs are based on the real execution's inputs. Then the actual execution of A' would be correct.
22
CPSC 668Set 11: Asynchronous Consensus22 Simulated Execution is Admissible Must show that at most one of the q j 's fails to take an infinite number of steps. How can a simulation of a q j get stuck? If p 0 or p 1 crashes while simulating q j 's k-th pair for some k. For instance: –p 0 writes a suggestion and crashes –p 1 sees p 0 's suggestion and writes 0 to its Flag –p 0 's Flag remains unset forever –So q j 's k-th pair is never computed. But the crash of one p i can only block the simulation of one q j ! –In the example, p 1 will be able to progress on its own simulating the steps of all processors other than q j
23
CPSC 668Set 11: Asynchronous Consensus23 Impossibility of Consensus in Message Passing Strategy: 1.Assume there exists an n-processor 1- resilient consensus algorithm A for the asynchronous message passing model. 2.Use A as a subroutine to design an n- processor 1-resilient consensus algorithm A' for asynchronous shared memory (with read/write variables). 3.Previous result shows A' cannot exist. 4.Thus A cannot exist.
24
CPSC 668Set 11: Asynchronous Consensus24 Impossibility of Consensus in MP Idea of A': Simulate message channels wth read/write registers. Then run algorithm A on top of these simulated channels. To simulate channel from p i to p j : Use one register to hold the sequence of messages sent over the channel p i "sends" a message m by writing the old value of the register with m appended p j "receives" a message by reading the register and checking for new values at the end
25
CPSC 668Set 11: Asynchronous Consensus25 Randomized Consensus To get around the negative results for asynchronous consensus, we can: –weaken the termination condition: nonfaulty processors must decide with some nonzero probability –keep the same agreement and validity conditions This version of consensus is solvable, in both shared memory and message passing!
26
CPSC 668Set 11: Asynchronous Consensus26 Motivation for Adversary Even without randomization, in an asynchronous system there are many executions of an algorithm, even when the inputs are fixed, depending on when processors take steps, when they fail, and when messages are delivered. To be able to calculate probabilities, we need to separate out variation due to causes other than the random choices Group executions of interest so that each group differs only in the random choices Perform probabilistic calculations separately for each group and then combine somehow
27
CPSC 668Set 11: Asynchronous Consensus27 Adversary Concept used to account for all variability other than the random choices is that of "adversary". Adversary is a function that takes an execution prefix and returns the next event to occur. Adversary must obey admissibility conditions of the revelant model Other conditions might be put on the adversary (e.g., what information it can observe, how much computational power it has)
28
CPSC 668Set 11: Asynchronous Consensus28 Probabilistic Definitions An execution of a specific algorithm, exec( A,C 0,R), is uniquely determined by –an adversary A –an initial configuration C 0 –a collection of random numbers Given a predicate P on executions and a fixed adversary A and initial config C 0, Pr[P] is the probability of {R : exec( A,C 0,R) satisfies P} Let T be a random variable (e.g., running time). For a fixed A and C 0, the expected value of T is x Pr[T = x] ∑ x is a value of T
29
CPSC 668Set 11: Asynchronous Consensus29 Probabilistic Definitions We define the expected value of a complexity measure to be the maximum over all admissible adversaries A and initial configurations C 0, of the expected value for that particular A and C 0. So this is a "worst-case" average: worst possible adversary (pattern of asynchrony and failures) and initial configuration, averaging over the random choices.
30
CPSC 668Set 11: Asynchronous Consensus30 A Randomized Consensus Algorithm Works in message passing model Tolerates f crash failures –more complicated version handles Byzantine failures Works in asynchronous case –circumvents asynchronous impossibility result Requires n > 2f –this is optimal
31
CPSC 668Set 11: Asynchronous Consensus31 Consensus Algorithm Code for processor p i : Initially r = 1 and prefer = p i 's input 1.while true do 2. votes := get-core( ) 3. let v be majority of phase r votes 4. if all phase r votes are v then decide v 5. outcomes := get-core( ) 6. if all phase r outcome values received are w then prefer := w 7. else prefer := common-coin() 8. r := r + 1 ensures a high level of consistency b/w what different procs get uses randomization to imitate tossing a coin
32
CPSC 668Set 11: Asynchronous Consensus32 Properties of Get-Core Executed by n processors, at most f of which can crash. Input parameter is a value supplied by the calling processor. Return parameter is an n-array, one entry per processor Every nonfaulty processor's call to get-core returns. There exists a set C of more than n/2 processors such that every array returned by a call to get-core contains the input parameter supplied by every processor in C.
33
CPSC 668Set 11: Asynchronous Consensus33 Properties of Common-Coin Subroutine implements an f-resilient common coin with bias . Executed by n processors, at most f of which can crash. No input parameter Return parameter is a 0 or 1. Every nonfaulty processor's call to common- coin returns. Probability that a return value is 0 is at least . Probability that a return value is 1 is at least .
34
CPSC 668Set 11: Asynchronous Consensus34 Correctness of Consensus Algorithm For now, don't worry about how to implement get-core and common-coin. Assuming we have subroutines with the desired properties, we'll show –validity –agreement –probabilistic termination (and expected running time)
35
CPSC 668Set 11: Asynchronous Consensus35 Unanimity Lemma Lemma (14.6): if all procs. that reach phase r prefer v, then all nonfaulty procs decide v by phase r. Proof: Since all prefer v, all call get-core with v Thus get-core returns a majority of votes for v Thus all nonfaulty procs. decide v
36
CPSC 668Set 11: Asynchronous Consensus36 Validity If all processors have input v, then all prefer v in phase 1. By unanimity lemma, all nonfaulty processors decide v by phase 1.
37
CPSC 668Set 11: Asynchronous Consensus37 Agreement Claim: If p i decides v in phase r, then all nonfaulty procs. decide v by phase r + 1. Proof: Suppose r is earliest phase in which any proc. decides. p i decides v in phase r => all its phase r votes are v => p i 's call to get-core( ) returns more than n/2 non-nil entries and all are => all entries for procs. in C are
38
CPSC 668Set 11: Asynchronous Consensus38 Agreement Thus every p j receives more than n/2 entries => p j does not decide a value other than v in phase r Also if p j calls get-core a second time in phase r, it uses input => Every p k gets only as a result of its second call to get-core in phase r => p k sets preference to v at end of phase r => in round r + 1, all prefer v and Unanimity Lemma implies they all decide v in that round.
39
CPSC 668Set 11: Asynchronous Consensus39 Termination Lemma (4.10): Probability that all nonfaulty procs decide by any particular phase is at least . Proof: Case 1: All nonfaulty procs set preference in that phase using common-coin. –Prob. that all get the same value is at least 2 ( for 0 and for 1), by property of common-coin –Then apply Unanimity Lemma (14.6)
40
CPSC 668Set 11: Asynchronous Consensus40 Termination Case 2: Some processor does not set its preference using common-coin. –All procs. that don't use common-coin to set their preference for that round have the same preference (convince yourself) –Probability that the common-coin subroutine returns the same value for all procs. that use it is at least . –Then apply the Unanimity Lemma (14.6).
41
CPSC 668Set 11: Asynchronous Consensus41 Expected Number of Phases What is the expected number of phases until all nonfaulty processors have decided? Probability of all deciding in any given phase is at least . Probability of terminating after i phases is (1 - ) i-1 . Geometric random variable whose expected value is 1/ .
42
CPSC 668Set 11: Asynchronous Consensus42 Implementing Get-Core Difficulty in achieving consistency of messages is due to combination of asynchrony and crash possibility: –a processor can only wait to receive n - f messages –the first n - f messages that p i gets might not be from the same set of processors as p j 's first n - f messages Overcome this by exchanging messages three times
43
CPSC 668Set 11: Asynchronous Consensus43 Get-Core First exchange ("round"): –send argument value to all –wait for n - f first round msgs Second exchange ("round"): –send values received in first round to all –wait for n - f second round msgs –merge data from second round msgs Third exchange ("round"): –send values received in second round to all –wait for n - f third round msgs –merge data from third round msgs –return result
44
CPSC 668Set 11: Asynchronous Consensus44 Analysis of Get-Core Lemmas 14.4 and 14.5 show that it satisfies the desired properties (termination and consistency). Time is O(1) (using standard way of measuring time in an asynchronous system)
45
CPSC 668Set 11: Asynchronous Consensus45 Implementing Common-Coin A simple algorithm: Each processor independently outputs 0 with probability 1/2 and 1 with probability 1/2. Bias = 1/2 n Advantage: simple, no communication Disadvantage: Expected number of phases until termination is 2 n
46
CPSC 668Set 11: Asynchronous Consensus46 A Common Coin with Constant Bias 0 with probability 1/n 1 with probability 1 - 1/n coins := get-core( ) if there exists j s.t. coins[j] = 0 then return 0 else return 1 c :=
47
CPSC 668Set 11: Asynchronous Consensus47 Correctness of Common Coin Lemma (14.12): Common-coin implements a ( n/2 - 1)-resilient coin with bias 1/4. Proof: Fix any admissible adversary that is weak (cannot see the contents of messages) and any initial configuration. All probabilities are calculated with respect to them.
48
CPSC 668Set 11: Asynchronous Consensus48 Probability of Flipping 1 Probability that all nonfaulty processors get 1 for the common coin is at least the probability that they all set c to 1. This probability is at least (1 - 1/n) n When n = 2, this function is 1/4 This function increases up to its limit of 1/e. Thus the probability that all nonfaulty processors get 1 is at least 1/4.
49
CPSC 668Set 11: Asynchronous Consensus49 Probability of Flipping 0 Let C be the set of core processors (whose existence is guaranteed by properties of get- core). If any processor in C sets c to 0, then all the nonfaulty processors will observe this 0 after executing get-core, and thus return 0. Probability at least one processor in C sets c to 0 is 1 - (1 - 1/n) |C|. This expression is at least 1/4 (by arithmetic).
50
CPSC 668Set 11: Asynchronous Consensus50 Summary of Randomized Consensus Algorithm Using the given implementations for get-core and common-coin, we get a randomized consensus algorithm for f crash failures with –n > 2f –O(1) expected time complexity expected number of phases is 4 time per phase is O(1)
Similar presentations
© 2025 SlidePlayer.com Inc.
All rights reserved.