I'll add one that perhaps you did not consider: 5. Add an exception class that wraps system exceptions only; for Windows it wraps DWORD (see GetLastError and FormatMessage), and for UNIX wrap int (see errno and strerror). Initialize the text with the results from either FormatMessage or strerror. The class would be more broadly applicable than just for the mutex errors.
This would be my suggestion. --Bob >-----Original Message----- >From: David Cargill [mailto:[EMAIL PROTECTED] >Sent: Tuesday, February 22, 2005 10:05 AM >To: xerces-c-dev@xml.apache.org >Subject: feedback for mutex failure path that leads to looping > >Hi, >I have come across a potential infinite loop in xerces.... >When the following occurs: > >1) Inside XMLPlatform::Initialize, we create some mutexes. >When the Mutex constructor code fails it does a throw. >2) The throw creates a new XMLException with some text. >3) The text is gotten from a message loader. >4) When the message loader is called the first thing it does >is to lock its own mutex. >5) Its mutex hasn't been created yet so it creates a new one. >6) The mutex constructor code tries to initalize (i.e., step 1 >above) and we are now looping. > >My initial ideas to resolve this are: >1) If we fail on creating a mutex (or locking a mutex or >unlocking a mutex: >I mention these as well since they could also lead to an >infinite loop in >XMLException) panic instead of throwing an exception. >2) Add a counter to the XMLPlatform and keep track of the >number of throws for mutex errors and if the error is say >greater than 6 then panic (as it may indicate we are in a >recursive state). >3) Modify XMLException.cpp so that gGetMsgLoader() checks what >the message (ie. is it a Mutex_CouldNotXXX) before trying to >lock a mutex. >4) Creating another exception class similar to >OutOfMemoryException that we would throw for mutex errors. > >I don't suspect this problem will occur very often (it was >discovered with a misaligned pointer that has since been >corrected). I am currently leaning towards (1) but thought I >should get feedback from other people before making this >change. Anyone? > >Regards, >David A. Cargill > > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
