In some situations, the function a recovery routine performs is
so essential that you should provide a recovery routine to recover
from errors in the recovery routine. Two examples of such situations
are:
- The availability of some resources can be so critical to continued
system or subsystem operation that it might be necessary to provide
a recovery routine for the recovery routine, thus ensuring the availability
of the critical resources.
- A recovery routine might perform a function that is, in effect,
an extension of the mainline routine's processing. For example, a
system service might elect to check a caller's parameter list for
fetch or store protection. The service references the user's data
in the user's key and, as a result of protection, suffers a program
check. The recovery routine gets control and requests a retry to pass
a particular return code to the mainline routine. If this recovery
routine ends abnormally and does not provide its own recovery, then
the caller's recovery routine gets control, and the caller does not
get an opportunity to check the return code that it was expecting.
You can activate an ESTAE-type recovery routine from another ESTAE-type
recovery routine. Any recovery routine activated from a recovery routine is called a nested recovery routine.
Nested ESTAE or ESTAEX routines can retry; the retry routine runs
under the RB of the ESTAE-type recovery routine that activated the
nested recovery routine.