On Friday 04 December 2009 14:09:43 Evan Daniel wrote: > On Fri, Dec 4, 2009 at 6:16 AM, xor <x...@gmx.li> wrote: > > On Tuesday 01 December 2009 18:49:21 Evan Daniel wrote: > >> On Tue, Dec 1, 2009 at 12:30 PM, xor <x...@gmx.li> wrote: > >> > - The autoupdater MUST call plugin.terminate() before unloading the > >> > plugin because plugins use databases and those must be properly closed. > >> > > >> > - Deadlock bugs however might prevent plugins from terminating properly, > >> > terminate() might not return. > >> > > >> > So the question is: If a bug is introduced which permanently breaks > >> > terminate(), even after restarting the node, will the autoupdater handle > >> > that? > >> > > >> > IMHO if it is told to update a plugin and the node is restarted in > >> > between then it should update the plugin before even starting it after > >> > the restart. That would prevent this issue > >> > > >> > Further, toad please remember that you should add logic to the node > >> > which > >> > calls terminate() on all plugins before node shutdown, otherwise the > >> > WoT/Freetalk databases might get corrupted, resulting in un-debuggle > >> > weird issues. > >> > >> Surely the on-disk database is always in a valid (or at least > >> recoverable) state? That is one of the points of using a database, > >> right? That it can recover to a valid state after a software or > >> hardware crash, such as abrupt termination of the program or loss of > >> power? > >> > > > > It's quite irrelevant actually, the point is that there is no point in NOT > > calling terminate() =) > > Well, the node doesn't always shut down cleanly, in which case it > can't guarantee to call terminate(). Having the database get > corrupted in such a case would be bad. > > (I agree with you that the node should call terminate() whenever possible.)
If we don't shutdown cleanly then terminate isn't called, but neither is commit, so there is no problem. If we shutdown without calling commit, then the database can be corrupted. This is the situation with the node shutting down. With plugins shutting down it is easier - we always call terminate. IIRC we don't specify a timeout so we will always wait.
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Devl mailing list Devl@freenetproject.org http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
