Final bikeshedding call: Fixing Control.Exception.bracket

Bardur Arantsson spam at scientician.net
Thu Nov 13 18:59:01 UTC 2014


On 2014-11-13 19:37, Gregory Collins wrote:
> On Nov 13, 2014 9:54 AM, "John Lato" <jwlato at gmail.com> wrote:
> 
>>
>> How about this: when is it correct for a cleanup handler to be
> interrupted by an async exception and drop its cleanup action into the
> void?  I am not sure that is ever correct, although I can see that it might
> be useful on rare occasions.
> 
> Example: you issue an RPC upon receipt of an exception (perhaps to some
> centralized exception logging service). That's safe to try if running under
> mask (maybe you're OK with the thread being killed and canceling the RPC),
> but not uninterruptible mask.
> 

This sounds like a castle built on sand. One would hope that it's common
knowledge to *not* attempt to do anything too ambitious in exception
handlers -- and that even applies in languages *without* async
exceptions! You log it or perhaps ship an event description to a
different thread which can report the event, but you should definitely
not be attempting network traffic in an exception handler.

Is this something you've actually seen in the wild or...?

>> Merijn pointed out that either a cleanup is not interruptible, in which
> case uninterruptibleMask doesn't change the semantics, or it is
> interruptible, in which case that's almost certainly a bug.
> 
> Data please :-). The fact is that currently it is possible to use bracket
> for control flows that will be unsafe after the proposed change.

"Possible" does not mean "likely", so I'm going to ask for *your* data :).

Anyone doing network operations in an exception handler is already
asking for trouble.

> Maybe nobody is actually relying on that, but until someone does an
audit I don't
> think we should accept hand waving assertions like this one way or the
> other.

As others have already stated, the work required to do an audit of all
code using "bracket" is disproportionate to the risk of this change. (Or
at least the risk that is perceived by the proponents of the change.)

Regards,




More information about the Libraries mailing list