[erlang-questions] When to catch (was: Module config data and functional programming)
Jon Watte
jwatte@REDACTED
Sun Sep 4 08:33:59 CEST 2011
How expensive is the state of the process to re-create? If it's super
expensive, "let it crash" may not be the right choice.
Then again, if the reason you crash is that the state has gotten somehow
corrupted, then crashing might be the only way to "clean it out."
And, on the third hand, when you've sufficiently hardened your application
so that remote connection action cannot disturb it in unintended ways, no
matter what crap gets thrown at it, then "let it crash" doesn't matter,
because you won't crash anyway :-)
Really, I find crash-and-restart to be fine for things that really only
happens once in a blue moon. For anything that's a little more common --
unexpected remote connection disconnect, bad input data or unexpected
message sequencing, for example, those really are design goals of the
system. If all that crashes is the connection of the badly behaving user,
then that's a fine way to disconnect that user. If it's further into the
core of the application, perhaps not so.
Sincerely,
jw
--
Americans might object: there is no way we would sacrifice our living
standards for the benefit of people in the rest of the world. Nevertheless,
whether we get there willingly or not, we shall soon have lower consumption
rates, because our present rates are unsustainable.
On Sat, Sep 3, 2011 at 6:31 PM, Daniel Dormont <dan@REDACTED>wrote:
> This was an earlier thread of mine that inspired a new question.
>
> As the months go by I'm getting more comfortable with "let it crash"
> as an idea and seeing its benefits. But it occurs to me: surely there
> are exceptions. Or rather: in order for "let it crash" to work at one
> level of abstraction or functionality, there must be actual
> crash-handling code at a level beneath it. In Erlang, this seems to
> often involve letting individual processes crash and their supervisors
> react accordingly. But perhaps that's not always the right answer. So
> my question is:
>
> When is "catch" the right tool for the job? In the example below,
> Ejabberd's "hooks" handlers use catch when calling functions in
> foreign modules that are (probably) not critical path to whatever it's
> doing. That seems like a pretty decent case to me. Would you agree?
> What are some cases common in Erlang where exceptions need to be
> caught and handled (or ignored) within a single process?
>
> dan
>
> On Fri, Apr 22, 2011 at 1:30 PM, Per Melin <per.melin@REDACTED> wrote:
> > On Fri, Apr 22, 2011 at 4:32 PM, Daniel Dormont
> > <dan@REDACTED> wrote:
> >> It also occurs to me that switching to gen_server would offer another
> advantage in that it would be easy to recover from crashes in my own code.
> If I were not to do that though, is the recommended practice just to put a
> 'catch' call around code that might break?
> >
> > I don't have enough context, but it sounds absolutely unnecessary to
> > create a gen_server for this.
> >
> > I would consider it ejabberd's responsibility to handle any crashes in
> > your code. They have asked you for a callback function and they must
> > consider that it may break. And they are in a better position than you
> > to know how to proceed from a crash here. I did have a look in
> > ejabberd_hooks and they do catch exits from your function. Let it
> > crash.
> >
> > I'm hesitant to touch the question of what is recommended practice
> > since this is the kind of thread where Dr Richard O'Keefe usually
> > comments after a while and turns everyone that posted before him into
> > fools.
> >
> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://erlang.org/mailman/listinfo/erlang-questions
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20110903/796beba0/attachment.htm>
More information about the erlang-questions
mailing list