The invention relates to system management, and particularly to methods for prevention of system execution malfunction.
In system management, it is critical to prevent execution malfunction. Since runtime errors may cause system shutdown, manufacturing systems, such as a MES (manufacturing execution system) require smooth and reliable execution environment, for production stability. Most 300 mm MESs, for example, adapt a CORBA (Common Object Request Broker Architecture). CORBA provides a dynamic container called Sequence as an array data structure for storing data. However, the structure is unstable since the system can shut down if a program accesses un-initialized memory on the system. It is difficult to block unsafe programs on MESs based on CORBA in a foundry.
IBM provides a fault tolerance mechanism for handling system execution malfunction. As shown in FIG. 1A, a system 100 provides three processes to serve corresponding programs simultaneously. In FIG. 1A, processes S1 and S2 are active to serve programs P1 and P2 respectively, and process P3 is idle. When process P2 causes the process P2 to shut down, the system automatically cancels process P2, wakes process P3 to re-serve process P2, and launches a new process P4 in idle status to handle new requests.
However, the IBM mechanism does not solve system shutdown problem by simply using another process to re-confront the program. For a complete solution, problematic codes have to be reviewed and revised line by line. This measure is inefficient and time-consuming, and errors can persist, thereby further jeopardizing the system.
Additionally, system shutdown problems also exist in network environments. The version of data transmitted from clients must match that recognized and accepted by a server. If the data version does not match, the system can shut down. FIG. 2 illustrates a mechanism to solve system shutdown problems in a network environment. For transmission from a server 220, a client 210 first transmits a data version to a version unit 221 of the server 220 (S1). The version unit 221 then determines whether the data version matches that used thereon, and returns an acknowledgement to the client 210 (S2). If the data version matches, the client 210 transmits data to a processing kernel 222 of the server 220 (S3). Otherwise, the client 210 cancels the transmission. This conventional mechanism, however, requires several network transmissions, making it also inefficient and time-consuming.