river-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Patricia Shanahan <p...@acm.org>
Subject Re: [jira] [Created] (RIVER-395) Ill-behaved DiscoveryListener can terminate discovery notifier threads
Date Mon, 04 Apr 2011 12:19:39 GMT
I understand Tom's feeling against just logging, but I think it is 
probably the best option for now. Once we log, we should be able to find 
out if this is an issue, and if there are cases that are happening that 
would benefit from some other action.

My really strong objection is to *silently* catching and carrying on. 
Partly, that is a result of having done a lot of debug, some of which 
was made unnecessarily difficult by software that destroyed clues.


On 4/4/2011 2:15 AM, Tom Hobbs wrote:
> You're right about InvocationHandler I should probably wake up before I send
> emails.
> If the spec says that all "good" code throws ServerError we can leave that
> Throwable catch in as well.  This way we know that any of the latter means a
> dos attack, non spec compliant services or something equally awful.
> I'm really reluctant to just leave a log and Throwable catch in; it just
> feels wrong.  I guess we might have to though since writing code for this
> level requires a slightly different way of think than when at the
> application level. I'm not going to keep flogging this dead horse though, I
> trust your judgement on this more than mine.  :-)
> Tom
> On 4 Apr 2011 09:44, "Dan Creswell"<dan.creswell@gmail.com>  wrote:
> Can't do anything about the Throwable as it's part of InvocationHandler and
> that's the JDK spec.
> Could agree that our Dispatcher's only ever throw some specific subclasses.
> We'd have to do some diligence on that as BasicInvocationDispatcher and
> friends are designed to follow RMI spec, not entirely sure all other
> transports can do enough in that respect to be compliant.
> There is one other problem with this however which is that badly written
> service code could chuck out stuff that is not compliant and bring down the
> entire house - that's kind of denial of service territory....
> ...personally I'd rather leave the catch throwable, log at some suitable
> level and leave it at that, at least until we gather some data as to how
> often this problem bites us etc.
> On 4 April 2011 09:07, Tom Hobbs<tvhobbs@googlemail.com>  wrote:
>> Thanks for the info, Dan. Of c...

View raw message