[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[moca] Distributed synchronous pi calculus with failure

To: <moca@xxxxxxxxxxxxxxx>
Subject: [moca] Distributed synchronous pi calculus with failure
From: "Bill at GLO Ltd" <bill@xxxxxxxxxx>
Date: Sun, 19 Jan 2003 20:21:16 -0000
Importance: Normal
List-help: <mailto:sympa@lists-sop.inria.fr?subject=help>
List-id: <moca@lists-sop.inria.fr>
List-owner: <mailto:moca-request@lists-sop.inria.fr>
List-post: <mailto:moca@lists-sop.inria.fr>
List-subscribe: <mailto:sympa@lists-sop.inria.fr?subject=subscribe%20moca>
List-unsubscribe: <mailto:sympa@lists-sop.inria.fr?subject=unsubscribe%20moca>
Reply-to: <bill@xxxxxxxxxx>

Hi,

I am trying to understand the requirements for a (hypothetical)
implementation
of distributed synchronous pi calculus with mixed guards in the presence of
failure to be considered adequate.

very informally , this is my proposal , any feedback is very welcome.

ASSUMPTIONS
1. Processes run on different locations potentially with channels to
processes
   at other locations.
2. Locations fail as a unit and all processes running there fail. (for
simplicity)
3. Failure includes message loss, network partion and  location failure.
4. Failure is rare.
4. Failure can be detected.
6. Failure recovery may be slow relative to normal operation.
7. Some state of some processes is recoverable (i.e. important data is saved
in a database).
8. For a choice process - the choice, channel, atomic read, atomic write
   might all be at different locations.


REQUIREMENTS

1. Recoverable processes (assumption 7) are recovered transparently , that
is
   they just look slow.
   (in light of this "failed process" means failed forever)

2. If a process is blocked on a failed process with no other
   choice it is eventually garbage collected.
   (this might be overly stringent)

3. If a process is blocked on a failed process but has other
   (viable) choices it eventually proceeds.

4. If a choice proceeds after or during some failure , one and
   only one alternative proceeded.
   (Of course this might not  be observable because that choice
    subsequently failed ,but  the converse is definitely not observable)

I think 4 is the key requirement in terms of what a consistent global
state in the presence of failure would mean.

Any comments very much appreciated.


Regards

Bill

  
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The "models for mobility" mailing list     mailto:moca@xxxxxxxxxxxxxxx
 http://www-sop.inria.fr/mimosa/personnel/Davide.Sangiorgi/moca.html

Prev by Date: [moca] Re: RE: RE: RE : synchronous implementation of Pi calculus with choice?
Next by Date: [moca] General question: environment model vs calculus model
Previous by thread: [moca] RE : synchronous implementation of Pi calculus w ith choice?
Next by thread: [moca] General question: environment model vs calculus model
Index(es):
- Date
- Thread