公开(公告)号：WO9834456A2

公开(公告)日：1998-08-13

申请号：PCT/US9801484

申请日：1998-01-27

Applicant: TANDEM COMPUTERS INC

Inventor： BASAVAIAH MURALI ,  KRISHNAKUMAR KAROOR S ,  MURTHY SRINIVASA D

IPC: G06F11/20 ,  G06F11/00 ,  G06F11/14

CPC classification number: H04L69/28 ,  G06F11/1425 ,  H04L69/40

Abstract: A method and apparatus for detecting and tolerating situations in which one or more processors in a multi-processor system cannot participate in timer-driven or timer-triggered protocols or event sequences. The multi-processor system includes multiple processors each having a respective memory. These processors are coupled by an inter-processor communication network (preferably consisting of redundant paths). Processors are suspected of having failed (ceased operations) outright or having a failed timer mechanism when other processors detect the absence of periodic "IamAlive" messages from other processors. When this happens, all of the processors in the system are subjected to a series of stages in which they repeatedly broadcast their status and their connectivity to each other. During the first such stage, according to the present invention, a processor will not assert its ability to participate unless its timer mechanism is working. It arms a timer expiration event and does not assert its health until and unless that timer expiration event occurs.

Abstract translation: 一种用于检测和容忍多处理器系统中的一个或多个处理器不能参与定时器驱动或定时器触发的协议或事件序列的情况的方法和装置。 多处理器系统包括多个具有相应存储器的处理器。 这些处理器通过处理器间通信网络（优选地由冗余路径组成）耦合。 当其他处理器检测到不存在来自其他处理器的周期性“IamAlive”消息时，处理器被怀疑已经失败（停止操作）或定时器机制失败。 当这种情况发生时，系统中的所有处理器都经历一系列阶段，在这些阶段中，它们重复地广播其状态及其彼此的连接。 在第一个这样的阶段期间，根据本发明，处理器将不会断言其参与的能力，除非其定时器机制正在工作。 它会阻止定时器到期事件，并且除非发生定时器到期事件，否则不会断言其状态。

公开(公告)号：WO9834457A3

公开(公告)日：1998-11-19

申请号：PCT/US9801485

申请日：1998-01-27

Applicant: TANDEM COMPUTERS INC

Inventor： BASAVAIAH MURALI ,  KRISHNAKUMAR KAROOR S

IPC: G06F11/20 ,  G06F11/00 ,  G06F11/14 ,  G06F13/00

CPC classification number: G06F11/0724 ,  G06F11/0757 ,  G06F11/1425

Abstract: A method and apparatus for achieving maximal, full connection in a multi-processor system having a plurality of processors. Each of the multiple processors has a respective memory. The invention includes communicatively connecting the processors. Following a disruption (805) in the communicative connection, the invention collects connectivity information of one of the processors (830) and selects certain of the processors to cease operations, based on the connectivity information collected. The invention further communicates the selection to each of the processors (850) communicatively coupled to the one processor.

公开(公告)号：CA2275242A1

公开(公告)日：1998-08-13

申请号：CA2275242

申请日：1998-01-27

Applicant: TANDEM COMPUTERS INC

Inventor： KRISHNAKUMAR KAROOR S ,  BASAVAIAH MURALI ,  MURTHY SRINIVASA D

IPC: G06F11/20 ,  G06F11/00 ,  G06F11/14 ,  G06F11/34

Abstract: A method and apparatus for detecting and tolerating situations in which one or more processors (112a, b, ..., n) in a multi-processor system cannot participate in timer-driven or timer-triggered protocols or event sequences. The multi-processor system includes multiple processors each having a respective memory (118a, b, ..., n). These processors are coupled by an interprocessor communication network (114) (preferably consisting of redundant paths). Processors are suspected of having failed (ceased operations) outright or having a failed timer mechanism when other processors detect the absence of periodic "IamAlive" messages from other processors. When this happens, all of the processors in the system are subjected to a series of stages in which they repeatedly broadcast their status and their connectivity to each other. During the first such stage, according to the present invention, a processor will not assert its ability to participate unless its timer mechanism is working. It arms a timer expiration event and does not assert its health until and unless that timer expiration event occurs.

公开(公告)号：CA2279175A1

公开(公告)日：1998-07-30

申请号：CA2279175

申请日：1998-01-22

Applicant: TANDEM COMPUTERS INC

Inventor： KRISHNAKUMAR KAROOR S ,  JARDINE ROBERT L ,  BASAVAIAH MURALI

IPC: G06F11/20 ,  G06F11/00 ,  G06F11/14 ,  G06F13/00 ,  G06F11/16 ,  G06F11/30

Abstract: A split brain avoidance protocol to determine the group of processors (112) that will survive a complete partitioning (disconnection) in the interprocessor communications (114) paths connecting processors (112) in a multiprocessor system (100). Processors (112) embodying the invention detect that the set of processors (112) with which they can communicate has changed. They then choose either to halt or to continue operations, guided by the goal of minimizing the possibility that multiple disconnected groups of processors (112) continue to operate as independent systems, each group having determined (incorrectly) that the processors (112) of the other groups have failed.

公开(公告)号：CA2279185A1

公开(公告)日：1998-08-13

申请号：CA2279185

申请日：1998-01-27

Applicant: TANDEM COMPUTERS INC

Inventor： BASAVAIAH MURALI ,  KRISHNAKUMAR KAROOR

IPC: G06F11/20 ,  G06F11/00 ,  G06F11/14 ,  G06F13/00 ,  G06F15/00 ,  H01J13/00

Abstract: A method and apparatus for achieving maximal, full connection in a multiprocessor system having a plurality of processors. Each of the multiple processors has a respective memory. The invention includes communicatively connecting the processors. Following a disruption (805) in the communicative connection, the invention collects connectivity information of one of the processors (830) and selects certain of the processors to cease operations, based on the connectivity information collected. The invention further communicates the selection to each of the processors (850) communicatively coupled to the one processor.

公开(公告)号：CA2275241A1

公开(公告)日：1998-07-30

申请号：CA2275241

申请日：1998-01-23

Applicant: TANDEM COMPUTERS INC

Inventor： BASAVAIAH MURALI ,  JARDINE ROBERT L ,  KRISHNAKUMAR KAROOR S ,  MURTHY SRINIVASA D

IPC: G06F11/20 ,  G06F11/00 ,  G06F11/14 ,  G06F13/00

Abstract: A system to determine the group of processors that will survive communications faults and/or timed-event failures in a multi-processor system (100). The processors (112), each having a memory (118) and connected to an interprocessor communication network (114), detect that the set of processors with which they can communicate has changed. They then choose to halt or continue operations based on minimizing the likelihood that disconnected groups of processors will continue to operate as independent systems on the initiation of a regroup operation (622b). A processor is suspected of having failed when other processors detect the absence of a periodic message from the processor (682). When this happens, all of the processors are subjected to a series of stages in which they repeatedly broadcast their status and connectivity to each other (830). The suspected processor does not advance through the stages to regroup if it has ceased operations or if its timer mechanism has failed.