doc: Warn against uncaughtException dependency.
#6378
Conversation
addaleax
added
doc
| @@ -129,7 +129,8 @@ unforeseen and unpredictable issues. | |||
|
|
|||
| Exceptions thrown from within the event handler will not be caught. Instead the | |||
| process will exit with a non zero exit code and the stack trace will be printed. | |||
| This is to avoid infinite recursion. | |||
| This is to avoid infinite recursion. There may be other situations where the | |||
There was a problem hiding this comment.
Some clarification on the "other situations" would be nice. After reading this, people might not be clear whether or not their uncaughtException handler can be expected to run or not.
There was a problem hiding this comment.
Well, I think the point is that it is not guaranteed to run for all application 'crashes', where 'crash' is pretty loosely defined. I can send $ kill -9 NODE_PID from the command line to my Node.js process, and the uncaughtException event is never emitted. Granted, there is no exception in this case, but I think that's what the docs are intended to mean. A crash does not necessarily mean uncaughtException is emitted.
How about, "There may be other situations where the application could crash and not trigger this event. For example, receiving a SIGKILL will cause the application to exit abruptly, but an uncaughtException event will not be emitted."?
There was a problem hiding this comment.
Maybe you should just amend the first sentence in the section that describes what 'uncaughtException' event is. Currently it says:
The 'uncaughtException' event is emitted when an exception bubbles all the way back to the event loop.
You could change it to say something like:
The 'uncaughtException' event is emitted when a thrown JavaScript exception bubbles all the way back to the event loop.
estliberitas
force-pushed
the
master
branch
2 times, most recently
from
7da4fd4
to
c7066fb
Compare
|
LGTM |
| @@ -138,7 +139,9 @@ times nothing happens - but the 10th time, the system becomes corrupted. | |||
| The correct use of `'uncaughtException'` is to perform synchronous cleanup | |||
| of allocated resources (e.g. file descriptors, handles, etc) before shutting | |||
| down the process. It is not safe to resume normal operation after | |||
There was a problem hiding this comment.
I would emphasize this line: **It is not safe to resume normal operation after 'uncaughtException'.**
|
LGTM |
|
@nodejs/documentation |
|
Linking nodejs/docs#82 |
| down the process. It is not safe to resume normal operation after | ||
| `'uncaughtException'`. | ||
| down the process. **It is not safe to resume normal operation after | ||
| `'uncaughtException'`.** |
There was a problem hiding this comment.
I think "normal" needs to be defined, otherwise people are likely to interpret as "write the error into a remote mongodb and exit", or something of the like (see #6561). Its not safe to do anything async in the uncaughtException handler ... you can make some sync calls, and then throw the exception or exit.
With console.log being async... I'm not even sure how reasonable calling it is.
/cc @bnoordhuis
There was a problem hiding this comment.
I agree, "normal" is pretty poorly defined here. But I think that's because "normal" can mean different things in different situations for different applications. I agree, however, that being explicit about async operations is probably good. This, and any other "you must not do X" rules would be great. This would allow developers to make their own decisions about fail-fast behavior or not - knowing the tradeoffs.
|
@stevemao that was a fascinating read - thanks for the link. I'm not sure how that discussion should affect this doc change, other than perhaps a little more clarity about things like the async operations being verboten. Maybe that's the way I see it because I'm in the fail-fast camp, and see |
|
I believe most core devs like this approach. So you might want to add some notes about the browser behaviour. A browser always has a "hidden" |
|
Ping... any further thoughts on this? |
|
So we now have
Honestly, I think it's pretty clear, but I will add a final sentence to the docs after, if folks really think it's needed. Maybe something like this?
|
|
Could you merge commits into one. |
State in the documentation that `uncaughtException` is not a reliable way to restart a crashed application, and clarify that an application may crash in ways that do not trigger this event. Use a documented synchronous function in example code. Fixes #6223
|
@JacksonTian done. My editor did a little whitespace cleanup. I hope that's not an issue. |
|
LGTM |
|
Landed in: 2fe277a |
State in the documentation that `uncaughtException` is not a reliable way to restart a crashed application, and clarify that an application may crash in ways that do not trigger this event. Use a documented synchronous function in example code. Fixes: #6223 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> PR-URL: #6378
State in the documentation that `uncaughtException` is not a reliable way to restart a crashed application, and clarify that an application may crash in ways that do not trigger this event. Use a documented synchronous function in example code. Fixes: #6223 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> PR-URL: #6378
State in the documentation that `uncaughtException` is not a reliable way to restart a crashed application, and clarify that an application may crash in ways that do not trigger this event. Use a documented synchronous function in example code. Fixes: #6223 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> PR-URL: #6378
Checklist
Affected core subsystem(s)
doc
Description of change
State in the documentation that
uncaughtExceptionis not a reliableway to restart a crashed application, and clarify that an application
may crash in ways that do not trigger this event.
Fixes #6223