[armedbear-devel] Error condition is too strong
Erik Huelsmann
ehuels at gmail.com
Thu Jan 13 20:59:36 UTC 2011
Hi Blake,
> I am in the process of embedding ABCL into a web server application I
> have. While it is okay for an error to either be caught and handled,
> or not handled and having the thread terminate, it definitely is not
> okay for an error condition to kill the entire server.
>
> I am executing a (load "file") command (where "file" doesn't exist)
> from Java and it kills the entire server. I tried enclosing it in a
> try/catch block (I tried Exception & Throwable) and it still killed
> the server.
That's not very nice indeed. Because of your report, I checked our use
of System.exit(). Fortunately its use is limited: once in
Autoload.java, which should probably be replaced by something not as
drastic (how about IrrecoverableSituationException?) and once by
Interpreter.java. Unfortunately, the latter is in a function called
kill() which also has two usages. The main use being in a function
called Lisp.exit(). That function unfortunately has 13 uses.
Those will need to be reviewed and replaced one by one. I'll have a look.
> I then replaced the load with (without a try/catch):
>
> File file = null;
> file.canRead();
>
> And the error didn't kill the server. I just got a backtrace and the
> thread ended. (I think the error was caught higher up.)
>
> Is ABCL calling System.exit() or doing something similar?
Are there any other forbidden functions for "well behaving" libraries?
Regards,
Erik.
More information about the armedbear-devel
mailing list