Skip to content

Remove crashedNodes and make primary promotion non-deterministic #3

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Apr 25, 2017
Merged

Remove crashedNodes and make primary promotion non-deterministic #3

merged 1 commit into from
Apr 25, 2017

Conversation

@ywelsch
Copy link
Contributor

@ywelsch ywelsch commented Apr 25, 2017

Explicitly keeping track of the crashed nodes blows up the state space that is explored by the model checker. Instead of explicitly having nodes marked as crashed, the other transition relations allow such nodes to (implicitly) just not react to any messages.

This commit also changes primary promotion to non-deterministically choose a replica (using the "exists" quantifier instead of the "CHOOSE" operator).

With the updated state constraint, model checking takes 3 hours on my machine.

@ywelsch
Remove crashedNodes and make primary promotion non-deterministic
917c0fa 
Explicitly keeping track of the crashed nodes blows up the state space that is explored by the model checker. Instead of explicitly having nodes
marked as crashed, the other transition relations allow such nodes to (implicitly) just not react to any messages.

This commit also changes primary promotion to non-deterministically choose a replica (using the "exists" quantifier instead of the "CHOOSE" operator).
@ywelsch ywelsch requested a review from abeyad April 25, 2017 10:42
abeyad
abeyad approved these changes Apr 25, 2017
View reviewed changes
Copy link
Contributor

@abeyad abeyad left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, nice simplification

@ywelsch ywelsch merged commit 0c718a1 into elastic:master Apr 25, 2017
@ywelsch
Copy link
Contributor Author

ywelsch commented Apr 25, 2017

Thanks @abeyad

DaveCTurner added a commit to DaveCTurner/elasticsearch-formal-models that referenced this pull request Mar 26, 2018
@DaveCTurner
Add proposed fix for desync bug elastic#3
893a0ed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@abeyad abeyad abeyad approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ywelsch @abeyad