marekjm
commented
8 years ago Watchdog does not have to run at higher priority as it will be scheduled on-demand. When a thread dies, a watchdog thread is being executed until it suspends itself (i.e. blocks on receive instruction and has empty message queue).
This until it suspends itself bit means that the watchdog should not perform blocking operations. If it must do some I/O - let it spawn a writer thread for it. After all, Viua is pretty good at running many threads.
Implement support for watchdog thread.
Currently, when an exception is thrown somewhere in code and reaches top of the stack (i.e. the thread is unable to handle the exception) machine shuts down, generates stack trace and informs the user what thread killed it and how the top-most frame looked like in the moment the exception has been generated.
The problem is that the OH NOES, WHAT AR WE GONNA DO?! approach to error handling is rarely the best one. Unfortunately, this is the approach employed by the machine in case of thread death. Watchdog thread would be provided by the programmer, and will handle thread deaths caused by runaway exceptions in a clean, elegant and predictable manner.
The thread should be idle most of the time, blocking on
receiveinstruction. Every time a thread dies the watchdog receives a message from the VM containing two pieces of information:Other information may be provided in the future. The information provided by "death messages" is sufficient to log the cause of death of a thread, and restart it if necessary.
The watchdog itself is an immortal thread - even if it dies, the machine will automatically restart it. Any "death messages" generated between death and resurrection of the watchdog thread will be buffered by the VM. Such behaviour means that no message is lost, but the watchdog may be very busy shortly after resurrection. Watchdog thread may run at higher priority to account for this.
If the watchdog thread is not provided by the program, the falls back to the OH NOES approach to thread deaths.
Edit: renamed "supervisor" to "watchdog".