updated

diff --git a/Robust/src/Runtime/DSTM/docs/commitnotes b/Robust/src/Runtime/DSTM/docs/commitnotes
index 3734d367ed94282f271a317e4869c7f6aa6f16f3..ee0c5503b3876fd83824377d3f9cb96bb79cb789 100644 (file)
--- a/Robust/src/Runtime/DSTM/docs/commitnotes
+++ b/Robust/src/Runtime/DSTM/docs/commitnotes
@@ -8,7 +8,7 @@ Per object possibilities:
 
 4) Not here
 
-Response to machine running transaction
+Participant responses to coordinator
 
 A) DISAGREE (if we ever see at least 1 #3)
 
@@ -20,11 +20,11 @@ return list of oid's for missing objects (need to build list)
 D) SOFT ABORT (need #2, could have #1, #4, can't have #3) - make sure
 there are no #3's
 
-Machine running transaction
+Coordinator:
 
 I) ABORT (Any A's) (rerun computation, clear out transaction records, etc...)
 
-II) COMMIT (All B's)
+II) COMMIT (All B's) - do local commit, free storage
 
 III) ABORT BUT RETRY COMMIT (don't rerun computation) (Need D, can
 have B's, can have C', no A's)
@@ -33,17 +33,45 @@ IV) ABORT BUT RETRY COMMIT WITH RELOCATING (don't rerun computation,
 but relookup all missing objects) (Need C, can have B's, no A's, no
 D's)
 
+Other machine involved in transaction:
 
-Other machine involved in transaction
+I) COMMIT - commit object into store, send ACK to coordinator
 
-I) COMMIT - commit object into store
+II) ABORT - unlock objects, free transaction resources, send ACK to coordinator
 
-II) ABORT - unlock objects, free transaction resources
+III) Coordinator unreachable:
 
-III) Transaction machine unreachable...
+       1) Elect leader out of reachable nodes (choose smallest reachable mid)
 
-       If any machine in transaction has seen COMMIT, all COMMIT
-(Need to communicate this information in advanced of deciding
-COMMIT/ABORT)
+       2) leader queries everyone for what they've heard
+(ABORT/COMMIT/nothing)
 
-       If no one has seen COMMIT, all ABORT
\ No newline at end of file
+       3) If anyone has heard commit from original leader, all commit
+
+       4) If anyone has heard abort from original leader, all abort
+
+       5) Otherwise leader does following:
+
+       for each mid in group send SUSPICIOUS_ABORT()
+
+       receive acknowledgements from mid's
+
+       for each mid in group send TRUST_ONLY(nodes that send
+acknowledgements)
+
+       In case 5, machines become suspicious of all current machines
+not on the list.  When first contacting (or being contacted by a
+machine isn't in the list, it is suspicious of all current machines
+except the leader).  The machine won't talk to a machine it is
+suspicious of until it can verify that the other machines made the
+same decision on all "suspicious" transactions.
+
+COORDINATOR:
+
+Once it has received ACK's from all other machines in transaction:
+
+1) It sends a recycle transaction id message (they don't need to
+remember the ABORT/COMMIT result of that id anymore)
+
+2) After sending all these messages and receiving ack's, it marks it
+local copy of transaction id recyclable