[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Re: Re: emulating no-senders notifications in L4?

From: Adam Olsen
Subject: Re: Re: Re: emulating no-senders notifications in L4?
Date: Thu, 27 Dec 2001 17:59:57 +0000
User-agent: Mutt/1.3.23i

On Thu, Dec 27, 2001 at 06:50:41PM +0100, Ondrej Hurt wrote:
> > You're free to set the exception handler to some external entity if
> > you want to.  The application is also free to mess itself up if it
> > wants to, but this is not really a big issue since the application
> > itself is the only one to suffer from the messup.
> > Realizing that the application is allowed to mess itself up, there's
> > really no problem with also letting an intra-task exception handler do
> > all the proper handling and potentially send a "I'm completely messed
> > up, please kill me" message to some task server.  The only reason I
> > can think for using an external exception handler is for robustness
> > reasons---there's less chance of accidentally messing up the exception
> > handler itself.
> The application has the right to trash itself but it should not harm
> the rest of the system. In the case of unreliable fault detection, it
> is not only the app who will suffer because it can lock resources in
> other apps, it can hold references to misc stuff forbiding its
> deletion (leaving it 'busy'), it consumes task slot etc.
> BUT - I realized that the possibility of exception handler making
> another exception making another exception making another exception
> ...... is standard in UNIX and we must do it the same way :-/

Not only that, but exceptions are only one way that a process could
get stuck in a loop.  Fixing them is pointless unless you're gonna fix
the rest.  And the only way to "fix" a general loop is to put a limit
on the process's lifespan.

Adam Olsen, aka Rhamphoryncus

reply via email to

[Prev in Thread] Current Thread [Next in Thread]