Ruby » Ruby master

...I guess my search was broken. I did another and found a whole lot of "rescue exception" that don't seem to always re-raise. But the logger is a big one because it's supposed to be usable everywhere, and someone who logs a lot will run into this bug.

The behavior has changed in Ruby 2.1, and the default rescue no longer rescues Timeout unless Timeout was given an explicit exception class to raise. Could you try Ruby 2.1 and see if it behaves according to your expectation here?

The source code for 2.1.2 doesn't seem to have changed: the LogDevice::write method still does a rescue Exception and ignores the result.
Our application ran into this problem when one thread raises an exception in another thread that's doing a LogDevice::write(). The exception is supposed to be handled at a higher level, so write() rescuing it and ignoring it causes our application to hang.
A write() method without this problem looks like

  def write(message)
    @mutex.synchronize do
      if @shift_age and @dev.respond_to?(:stat)
        begin
          check_shift_log
        rescue IOError
          warn("log shifting failed. #{$!}")
        end
      end
      begin
        @dev.write(message)
      rescue IOError
        warn("log writing failed. #{$!}")
      end
    end
  end

I confirm that this bug is reproducible up to 2.2 and it's pretty easy to trigger.

require 'timeout'
require 'logger'

class MyExc < RuntimeError; end

def long_call(logger)
  Timeout.timeout(3, MyExc) do
    a = 1
    loop do
      a += 1
      logger.warn "Test #{a}"
    end
  end
end

Aaron Stone is right though that using 2.1+ it would work if you don't provide a custom exception or if your exception inherits from TimeoutError.

Beware that it must inherit from Object::TimeoutError and not Timeout::Error.

Having said that, it'd be nice to have a proper fix at logger.rb level.

@Bill, I don't think your code would fix it though, because the underlying device might throw a different exception.

Correction: providing an exception to Timeout#timeout would break it also in trunk.

It seems that by design inner blocks are able to rescue the exception provided to that method.

It makes sense for Logger to handle all exceptions by default

I'm not sure I agree with this. There must be some well-defined set of exceptions that could be raised by the code it's executing that should be handled/ignored, e.g. IOError, EPERM, ENOSPC, etc. I think it's going to be much better to solve this problem by catching only specific errors that related to the operations that might fail.

See the code again before discuss.

    def write(message)
      begin
        synchronize do
          if @shift_age and @dev.respond_to?(:stat)
            begin
              check_shift_log
            rescue
              warn("log shifting failed. #{$!}")
            end
          end
          begin
            @dev.write(message)
          rescue
            warn("log writing failed. #{$!}")
          end
        end
      rescue Exception => ignored
        warn("log writing failed. #{ignored}")
      end
    end

https://github.com/ruby/ruby/blob/5a384e2c08704dc7af9d8d3bdfc475eb8c0723aa/lib/logger/log_device.rb#L29-L48

With the code, the intention of rescue Exception is clear. It wants to rescue exceptions which is raised by synchronize.

And note that synchronize is Monitor's and it only raises ThreadError.
https://github.com/ruby/ruby/blob/master/lib/monitor.rb
I don't understand why it loosely rescues all exceptions.

There're also rescue-clauses for check_shift_log and @dev.write(message).
They may raise various exceptions and logger.rb never knows that.

Explicitly passing those exceptions are general way, but are there any exceptions other than the family of Timeout::Error?