On Randomization versus Synchronization in Distributed Systems

On Randomization versus Synchronization in Distributed Systems Hagen V¨ olzer Institut f¨ ur Theoretische Informatik Universit¨ at zu L¨ ubeck Germany July 14, 2004 ICALP 2004, Turku

0

Outline

• two new impossibility results for randomization • complete a picture of the power of liveness assumptions

• consider only asynchronous systems

1

Power of liveness assumptions progress

progress+randomization ? fairness

fairness+randomization ? hyperfairness

2

Outline 1. Preliminaries 2. Progress 3. Fairness 4. Progress + randomization 5. Fairness + randomization 6. Hyperfairness 3

Petri net modelling (1/3)

x.A x.A

t

local change

x.B t

x.B

y.C

y.D

synchronization

4

Petri net modelling (2/3)

x.A

x.B

x.A

t

t

y.C

join

x.B

y.D

fork

5

Petri net modelling (3/3)

x.A

a x.B

x.A

y.B a

b x.C

local conflict (free choice)

y.D

z.C b

y.E

synchronization conflict

6

Outline 1. Preliminaries 2. Progress 3. Fairness 4. Progress + randomization 5. Fairness + randomization 6. Hyperfairness 7

Progress wrt. t x.A

y.C

\\

//

x.B t

y.D

= t eventually occurs if all participants wait for t ⇔ when enabled, t eventually occurs or a conflicting transition occurs ≈ weak fairness for t (justice)

8

Progress (examples)

a

a

b

c

b

c

9

Progress and conflicts

a

b

d

c

e

conflicts are resolved eventually. . .

a

b

c

d

. . .but how is unrestricted 10

Power of progress solvable through progress: – most distributed tasks = compute a final distributed output depending on an initial distributed input (assuming fault-free environment) e.g. distributed maximum finding

not solvable through progress: – starvation-free mutual exclusion (mutex) (Kindler and Walter 97, Vogler 97) 11

Starvation free mutex b.hungry

a.hungry a.critical

b.critical key

a.quiet

b.quiet

• a and b never critical at the same time • each hungry process eventually becomes critical • progress is not sufficient

12

Formalization

a.hungry a.critical

b.hungry mutex algorithm b.critical

a.quiet

b.quiet

• algorithm may learn in which state a client is • algorithm may only restrict transition to critical state

13

Intuition for the impossibility

• all occurrences of critical states (a or b) must be causally ordered • hence there is a conflict as to which process “gets” the k-th occurrence • conflict resolution is unrestricted, so resolve always in favour of a

14

Outline 1. Preliminaries 2. Progress 3. Fairness 4. Progress + randomization 5. Fairness + randomization 6. Hyperfairness 15

Fairness wrt. t

x.A

x.B t

//

y.C

y.D

= t eventually occurs if one participant waits for t while the other is always eventually ready for t ≈ strong fairness for t (compassion)

16

Fairness (examples)

a

b

c

d

d will eventually occur

a

b

c

d

e

but not necessarily e 17

Mutex revisited a.hungry

b.hungry a.t

b.t

a.critical

b.critical key

a.quiet

b.quiet

• each hungry process eventually becomes critical if • fairness is assumed for a.t and b.t

18

Power of fairness solvable through fairness:

• what we can solve through progress • mutex

not solvable through fairness:

• crash-tolerant message-passing consensus (Fischer, Lynch, Paterson 83) 19

Outline 1. Preliminaries 2. Progress 3. Fairness 4. Progress + randomization 5. Fairness + randomization 6. Hyperfairness 20

Randomization x.A p1

p2

pn ...

x.B1 x.B2

• finite local conflict (i.e. without synchronization) • 0 < pi < 1 Pn • i=1 pi = 1

x.Bn

an object flipping an n-sided coin

21

Synchronization + coin flip A

B

p1

A

B

p2 p1

C

D

E F

C

D

p2

E

F

22

Synchronization and randomization

a

b

c

? d

e

23

Power of randomization solvable through progress+randomization with probability 1: • crash-tolerant consensus (we don’t need fairness!) (Ben-Or 83)

not solvable through progress+randomization: • ? • Does randomization help for mutex? • Is fairness implementable through randomization? 24

First result Theorem: Starvation-free mutex cannot be solved with probability 1 through progress + randomization.

• inherent unfairness cannot be “implemented away” through randomization

• proof for deterministic case can be adapted to the randomized case • proof uses a partial-order semantics for randomization (V¨ olzer 2001)

25

Overview progress

// fairness (mutex)

progress+randomization (consensus) //

Fairness cannot be implemented through progress + randomization.

26

Overview progress

progress+randomization fairness

fairness+randomization (mutex, consensus)

Where does the power of fairness + randomization end?

27

Outline 1. Preliminaries 2. Progress 3. Fairness 4. Progress + randomization 5. Fairness + randomization 6. Hyperfairness 28

Dining philosophers consider irreflexive and symmetric relation on processes, e.g. left

right Me

• solve mutex for each pair of neighbours simultaneously: • neighbours are never critical at the same time • each hungry process eventually becomes critical • fairness is necessary and sufficient

29

Crash-tolerant dining philosophers left

right Me

• processes may crash (permanently) • revised requirements: • neighbours are never critical at the same time • each hungry process becomes critical unless itself or one of its neighbours crashes ⇒ if left is hungry then it eventually becomes critical even if right crashes 30

Second result Theorem: Crash-tolerant dining philosophers cannot be solved with probability 1 through fairness + randomization.

Background:

• this problem inherently contains the possibility of conspiracy • fairness and randomization is not enough to “implement away” conspiracy

31

Conspiracy Dining philosophers with keys (forks): left

right Me

Conspiracy against me: left and right become alternatingly critical in such a way that my keys are never available at the same time

32

Conspiracy and crash-tolerance Try: Take first available key and wait for second.

left

right Me

Problem crash-tolerance:

• I hold left key and wait for right key. • right crashes (with key in hand) • left will not be able to become critical 33

Outline 1. Preliminaries 2. Progress 3. Fairness 4. Progress + randomization 5. Fairness + randomization 6. Hyperfairness 34

Hyperfairness wrt. t

x.A

x.B t

y.C

y.D

= t eventually occurs if all participants are always eventually ready for t independently of each other • formalization needs partial-order semantics 35

Hyperfairness (example)

a

b

d

c y.C

x.A e x.B

y.D

hyperfairness postulates the absence of conspiracy 36

An intuition

crossing a two-lane road

37

Power of hyperfairness solvable through hyperfairness:

• crash-tolerant dining philosophers • crash-tolerant consensus

38

Summary progress

progress+randomization // fairness

fairness+randomization // hyperfairness

39

Conclusion

• hierarchy progress → fairness → hyperfairness separates computational power well • adding randomization leads outside that hierarchy

• partial-order semantics used for proofs • that also strengthens results

40