[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [wsbpel] Issue - R26 - Default Compensation Order Conflict
We definitely have a bug because we have two parts of the spec that imply
contradicting default compensation orders.
IMO, the least invasive change is to make sure that "A" cannot be
compensated by the default termination handler of "S1". It can be achieved
by "promoting" the control dependency ("B" on "A") up ("S2" on "S1"). It
would be sufficient to use this as a description of the runtime behavior.
The behavior is similar to making "S1" non-permeable (which is also implied
by isolated="yes"). We may limit the behavior change to really harmful
cases (number 3. below).
Note that in the original submitter's proposal for 12.5.2., there was a
missing paragraph break in the last line (after 3. below):
"The default compensation order is initiated by default termination
handlers and default fault handlers, and recursively carried forward by
compensation handlers. The termination phase always precedes the fault
handling phase (see section 12.6. Termination Handlers). This sequence must
not create a conflict with the default compensation order of scopes that
are in a control dependency relationship. If all of the following is true:
1. scope "S2" has a direct peer-scope dependency on scope "S1"
2. the scope-controlled set of activities of scope "S1" contains
default termination handlers
3. the scope-controlled set of activities of scope "S1" AND scope "S2"
both contain at least one custom compensation handler -/break/-
then a WS-BPEL processor MUST execute these scopes as if "S2" had a control
dependency on scope "S1".
Kind Regards
DK
Dieter König Mail: dieterkoenig@de.ibm.com IBM Deutschland Entwicklung GmbH
Senior Technical Staff Member Tel (office): (+49) 7031-16-3426 Schönaicher Strasse 220
Architect, Business Process Choreographer Fax (office): (+49) 7031-16-4890 71032 Böblingen
Member, Technical Expert Council Tel (home office): (+49) 7032-201464 Germany
Danny van der
Rijn
<dannyv@tibco.com To
> Rania Khalaf
<rkhalaf@watson.ibm.com>
03.11.2006 22:08 cc
Dieter Koenig1/Germany/IBM@IBMDE,
wsbpel@lists.oasis-open.org
Subject
Re: [wsbpel] Issue - R26 - Default
Compensation Order Conflict
Yeah, my relaxation was to change to Consider scopes A and B such that B
has a *Peer Scope Dependency or a control dependency* on A, but that still
doesn't fix this issue. I told you that I hadn't understood the issue
completely! While this doesn't fix this issue, it's still probably worth
examining.
Where Dieter says there's a contradiction, I think that the spec doesn't
actually contradict itself. The behavior would be as Dieter describes.
The question in my mind is Do we have a bug here?
Danny
Rania Khalaf wrote:
Hi,
I was writing this mail during our discussion on the call today, so
decided to just wrap it up and send it as a recap and follow-on
questions.
First just a quick note that A and B are not peer scopes per the
def (their parents, s1 and s2 are) so the wording below is off but
Danny was suggesting today mod'ing it a bit.
If s1 and s2 have completed, then there is no problem because the
peer scope stuff takes care of it.
The problem is if S1 was still running but S2 has completed.
Then the spec dictates that first you do termination of S1 , then
once that completes, you do compensation of S0. Problem is that S1's
termination compensates A. This will always happen ( per today's def
of termination handlers ) before B if S1 was still running and S2 had
completed.
Now looking at proposals discussed to tackle it:
Dieter's proposal would make sure that one never has the case where
S1 is still running but S2 has completed so we will avoid this wierd
behavior at runtime.
I'm not sure I follow how the idea Danny is showing (coz he said he
will relax the wording) addresses the clash between the compensation
routines of the termination handler (s1) and the scope that kicked
of the termination (s0). I mean, I don't see how we wouldn't have to
change the termination/fault handling behavior to enforce the
proposal. Or are you suggesting following it up with a static
validation check of some sort ?
Alex is in support of Danny's direction, but i am confused about how
that would work so let's follow up on e-mail.
regards,
Rania
Danny van der Rijn wrote:
I'm not sure I understand your case completely, but if I do, my
understanding is that by the definition in 12.5.1, there exists
a Peer Scope Dependency from S1 to S2. I think the intention
of "Rule 1" in that section was to say that this should cause
compensation of S2 before S1, but, in fact, it does not.
My alternate suggestion would be to move the 3 definitions
before "Rule 1" and to Modify the following the first sentence
in the following paragraph
"Consider scopes A and B such that B has a control dependency
on A. Assuming both A and B completed successfully and both
must be compensated as part of default compensation behavior,
the compensation handler of B MUST run to completion before the
compensation handler of A is started. "
to say
"Consider scopes A and B such that B has a *Peer Scope
Dependency* on A. Assuming both A and B completed successfully
and both must be compensated as part of default compensation
behavior, the compensation handler of B MUST run to completion
before the compensation handler of A is started."
ws-bpel issues list editor wrote:
This issue has been added to the wsbpel issue list with a
status of "received". The status will be changed to
"open" if a motion to open the issue is proposed and that
motion is approved by the TC. A motion could also be
proposed to close it without further consideration.
Otherwise it will remain as "received".
The issues list is posted as a Technical Committee
document to the OASIS WSBPEL TC pages on a regular basis.
The current edition, as a TC document, is the most recent
version of the document entitled in the "Issues" folder
of the WSBPEL TC document list - the next posting as a TC
document will include this issue. The list editor's
working copy, which will normally include an issue when
it is announced, is available at this constant URL.
Issue - R26 - Default Compensation Order Conflict
Status: received
Date added: 30 Oct 2006
Date submitted: 27 October 2006
Submitter: Dieter Koenig
Description: Consider the following hierarchy of scopes.
In this example, none of the scopes is isolated, all
scopes only have default fault handlers and default
termination handlers, and scopes "A" and "B" have custom
compensation handlers.
scope name="S0"
flow
scope name="S1"
scope name="A"
source link="fromAtoB"
...
scope name="S2"
scope name="B"
target link="fromAtoB"
...
activity name="E"
Assume a point in time where scopes "A" and "B" and "S2"
have completed successfully, and scope "S1" and activity
"E" are still running.
Further assume that activity "E" now throws a fault which
is caught by the default fault handler of scope "S0".
1. All running activities inside of scope "S0" are
terminated, and the default termination handler of
scope "S1" compensates scope "A".
2. The default fault handler of scope "S0" then
compensates scope "S2", which in turn compensates
scope "B".
The observed compensation order "A then B" is caused by
the sequence "first termination, then fault handling".
OTOH, the required compensation order "B then A" implied
by the control dependency of "B" on "A".
This is a contradiction.
Note that this situation cannot occur when the scope "S1"
is an isolated scope. In this case, the link "fromAtoB"
cannot leave the scope "S1" before it completes. In this
case, scope "S1" always completes before scope "S2", and
compensation of "A" cannot be caused by a termination
handler before scope "B" is compensated.
Moreover, this conflict is irrelevant if scope "S1" OR
scope "S2" only contain default compensation handlers,
because in this case, no custom compensation logic can be
executed in the wrong order.
Submitter's proposal: In order to avoid conflicts between
the termination-handling / fault-handling sequence and
the default compensation order, different strategies can
be considered, for example, enforcing the absence of such
conflicts during static analysis. A less restrictive
approach is proposed here, which only affects the runtime
behavior.
At the end of section 12.5.2, add the following
paragraph:
"The default compensation order is initiated by
default termination handlers and default fault
handlers, and recursively carried forward by
compensation handlers. The termination phase always
precedes the fault handling phase (see section
12.6. Termination Handlers). This sequence must not
create a conflict with the default compensation
order of scopes that are in a control dependency
relationship. If all of the following is true:
1. scope "S2" has a direct peer-scope dependency
on scope "S1"
2. the scope-controlled set of activities of
scope "S1" contains default termination
handlers
3. the scope-controlled set of activities of
scope "S1" AND scope "S2" both contain at
least one custom compensation handler then a
WS-BPEL processor MUST execute these scopes
as if "S2" had a control dependency on scope
"S1".
Changes: 30 Oct 2006 - new issue
To comment on this issue (including whether it should be
accepted), please follow-up to this announcement on the
wsbpel@lists.oasis-open.org list (replying to this
message should automatically send your message to that
list), or ensure the subject line as you send it starts
"Issue - R26 - [anything]" or is a reply to such a
message. If you want to formally propose a resolution to
an open issue, please start the subject line "Issue - R26
- Proposed resolution", without any Re: or similar.
To add a new issue, see the issues procedures document
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]