On Fri, Dec 4, 2009 at 6:16 AM, xor <xor at gmx.li> wrote: > On Tuesday 01 December 2009 18:49:21 Evan Daniel wrote: >> On Tue, Dec 1, 2009 at 12:30 PM, xor <xor at gmx.li> wrote: >> > - The autoupdater MUST call plugin.terminate() before unloading the >> > plugin because plugins use databases and those must be properly closed. >> > >> > - Deadlock bugs however might prevent plugins from terminating properly, >> > terminate() might not return. >> > >> > So the question is: If a bug is introduced which permanently breaks >> > terminate(), even after restarting the node, will the autoupdater handle >> > that? >> > >> > IMHO if it is told to update a plugin and the node is restarted in >> > between then it should update the plugin before even starting it after >> > the restart. That would prevent this issue >> > >> > Further, toad please remember that you should add logic to the node >> > which >> > calls terminate() on all plugins before node shutdown, otherwise the >> > WoT/Freetalk databases might get corrupted, resulting in un-debuggle >> > weird issues. >> >> Surely the on-disk database is always in a valid (or at least >> recoverable) state? That is one of the points of using a database, >> right? That it can recover to a valid state after a software or >> hardware crash, such as abrupt termination of the program or loss of >> power? >> > > It's quite irrelevant actually, the point is that there is no point in NOT > calling terminate() =)
Well, the node doesn't always shut down cleanly, in which case it can't guarantee to call terminate(). Having the database get corrupted in such a case would be bad. (I agree with you that the node should call terminate() whenever possible.) Evan Daniel