[omniORB] Marshall exception -- message size limit exceeded
Duncan Grisby
duncan at grisby.org
Mon Feb 5 18:06:05 GMT 2007
On Tuesday 30 January, "Luke Deller" wrote:
> > On the client, side a COMM_FAILURE exception will happen. However, the
> > minor code does not indicate MARSHAL_MessageSizeExceedLimit (it
> indicates
> > COMM_FAILURE_WaitingForReply instead). So the client does not know why
> the
> > failure occurred either -- that is that the response is larger than
> what
> > can be handled.
>
> I see the following comment in src/lib/omniORB/orbcore/giopImpl12.cc, in
> the function giopImpl12::sendSystemException
>
> // This system exception is raised during the marshalling of the
> reply.
> // We cannot marshal the exception. Can only indicate that something
> // fatal about this request.
>
> I suppose it makes sense that the server can't change its mind half way
> through sending a response. It should be possible to calculate the
> size of a response *before* starting to send it, but that might be
> expensive.
Yes -- that's what happens. omniORB does not normally pre-calculate
message sizes, because to do so involves basically doing all the
marshalling work twice. Because of that, it doesn't know whether the
message is going to be too big until it has started sending the message.
> Here's a question of my own:
> Why does omniORB limit the size of outgoing messages anyway? I can
> understand limiting the size of incoming messages, but for outgoing
> messages the application code is in a position to decide for itself
> whether to send a certain client call or server reply, right?
Two reasons really. First, if clients are configured to limit the
incoming message size, it makes sense for servers to similarly limit the
messages to avoid sending more data than the client will accept.
Secondly, and probably more importantly, it guards against unpleasant
behaviour in the face of memory corruption problems. Imagine you're
sending a sequence and memory corruption sets the sequence length to
2^32 items. It's probably a bad thing for omniORB to attempt to send all
that data.
It would probably make sense to have separate sending and receiving
limits. Anyone want to make a patch for it?
Cheers,
Duncan.
--
-- Duncan Grisby --
-- duncan at grisby.org --
-- http://www.grisby.org --
More information about the omniORB-list
mailing list