supervisor shutdown timeout maximum

[okeuday]

Is your feature request related to a problem? Please describe. I am not sure when this bug may have been reported in the past, though I did describe it during the supervisor EEP 56 discussion as the "immortal child" bug. I wanted to report it to ensure it may be considered to get fixed in the future.

The problem is that the Shutdown value is currently allowed to exceed 1000 * MaxT / MaxR though that value should exist as an absolute maximum for the Shutdown timeout integer. Ideally, if Shutdown >= 1000 * MaxT / MaxR the supervisor would fail to initialize successfully (it would never start with a Shutdown value at or exceeding the maximum, for any of the childspecs).

Describe the solution you'd like The Shutdown >= 1000 * MaxT / MaxR expression should cause an exception to be thrown, as a separate piece of validation in the supervisor.

To anticipate the internal processing delay within the supervisor process, it would be advantageous to reduce the value further with some delta. If you assume the internal processing delay inside the supervisor will never exceed 100 milliseconds, the delta D could be 100 in Shutdown >= 1000 * MaxT / MaxR - D .

Describe alternatives you've considered Instead, a maximum atom could be provided, if this extra validation is unable to be added to the supervisor for some reason. The maximum atom would automatically set the Shutdown timeout to be 1000 * MaxT / MaxR - D. That would be a way of avoiding the problem, without solving the problem.

Additional context May be beneficial to combine with the EEP 56 supervisor changes.

[okeuday]

To eliminate the need for the D delta value described above, the monotonic time in native time unit could be provided in the trap_exit EXIT message, as described in #4655 .