Solved

AppDomains with true fault tolerance??

Posted on 2004-04-27
8
518 Views
Last Modified: 2013-11-18
Hi.

I am working on a server application in C# that allows the users to add their clients or plug-ins.  I provide an API for what functions the client has to implement and load the client object (and assembly) into a new application domain.  The client objects are either MarshalByRefObj or are serializable as needed.  My server will then call one or two functions on the client object to set it up and let it run (perhaps in a separate thread, or using a GUI, created by the client).  

My question is: how do I get true fault tolerance?  

Right now, for the sake of testing, I am loading in a client object that does a division by zero after loading up a GUI, and it crashes my entire server!  Perhaps I was mistaken, but I thought the application domains are supposed to provide isolation and fault tolerance.  Is there a way to add a layer of fault tolerance, in case the user's plugin/client does something stupid?  I know there are security permissions, but from what I can tell they only stop things like file and network access, not isolate the exceptions from the server.

Do I have to go to seperate processes and use remoting to talk to my server?  I'd really rather not, unless it is the only way.

I really appreciate any assistance!  
Thanks in advance.
0
Comment
Question by:SharonMiller
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 14

Expert Comment

by:AvonWyss
ID: 10934116
You should be able to catch exceptions in the code by creating a small "loader" which you run in the new AppDomain which then loads and executes the plugin methods. The loader must provide proper exception handing; this should solve your problem.
0
 

Author Comment

by:SharonMiller
ID: 10939708
I see what you are saying, but I'm not sure that will always work in my case.  For example, with just one method call from the server, say Run( ), a client may start up several threads to do some processing and may run for the entire lifetime of the server application.  The Run() method would return immediately, successfully, but at some later time the client threads may do something unexpected.  With this asynchronous, multi-threaded operation, I don't think a try/catch around the initial method call is going to do it, unless I misunderstood what you are suggesting.

Thanks.
0
 
LVL 10

Expert Comment

by:ptmcomp
ID: 10942630
Have a look at NUnit (www.nunit.org) they are starting the code to test in a new AppDomain. But even there are still problems sometimes. Namely under Framwork 1.0 there are problems unloading a domain.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 14

Assisted Solution

by:AvonWyss
AvonWyss earned 500 total points
ID: 10944015
I see your point, Sharon. In that case, assign an UnhandledExceptionEventhandler to the AppDomain.UnhandledException event.
0
 

Author Comment

by:SharonMiller
ID: 10944153
AvonWyss, I think we are getting close.  I've looked at that event handler too.  In some basic test cases it seems to do the trick.  However, if my client starts up its own gui, by using the call Application.Run(new ClientForm()), and the gui throws the exception, my UnhandledExceptionEventHandler doesn't seem to catch the error.   Is this a known "feature" of running a gui?  Is there another way to run a gui without using this call?  

ptmcomp, Is there sample code at nunit.org that shows how they isolate the code into the AppDomains.  I didn't see any relevant links, just samples on how to use the NUnit tool.  But, perhaps I didn't look hard enough :)

0
 
LVL 14

Accepted Solution

by:
AvonWyss earned 500 total points
ID: 10946806
When you are running a GUI, .NET has another handler of its own for exceptions in the GUI. See System.Windows.Forms.Application.ThreadException for details.
0
 

Author Comment

by:SharonMiller
ID: 10950377
Thanks AvonWyss!

I've played around with these two exception handlers, and try/catches, and as long as I put them in the right places, I think it will work.  

Just for anyone's future reference, I thought I'd add some points I've noticed (which may be obvious to others :)

The Application.ThreadException handler must be set up and the event caught in the newly created domain if the client object is serializable and hence executing in the new domain.  Else, the handler must be set up in the original server domain if the client object was marshalled by ref, and hence is executed like it exists in the server domain.

The AppDomain.UnhandledException handler must be set up on the original server AppDomain, can catch exceptions generated by additional client threads (from a client object that is serialized or marshalbyref), but will not catch GUI-generated exceptions from the client object.

And finally, a try/catch around a call to the new app domain must be used to catch any unhandled exceptions that originated in the client AppDomain, but did not involve any additional threads or a GUI.
0
 
LVL 14

Expert Comment

by:AvonWyss
ID: 10950473
Thanks for the feedback, SharonMiller!

The handler needing to be MarshalByRef or serializable is due to the fact that AppDomains are context boundaries. I forgot to mention that, but apparently you didn't have to much problems with it. Still, note that apparantly, uncatchable exceptions (like execution engine and out of memory errors) will still stop the whole process. This is by design and can only be prevented by using a separate process.
0

Featured Post

Creating Instructional Tutorials  

For Any Use & On Any Platform

Contextual Guidance at the moment of need helps your employees/users adopt software o& achieve even the most complex tasks instantly. Boost knowledge retention, software adoption & employee engagement with easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
The purpose of this video is to demonstrate how to set up the WordPress backend so that each page automatically generates a Mailchimp signup form in the sidebar. This will be demonstrated using a Windows 8 PC. Tools Used are Photoshop, Awesome…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question