[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Touching the way some diskfs routines handle access faults.
From: |
Roberto Reale |
Subject: |
Touching the way some diskfs routines handle access faults. |
Date: |
Fri, 28 Nov 2003 13:14:20 +0100 |
User-agent: |
Mutt/1.3.28i |
Hi,
I have some perplexity concerning some functions which are declared
in the `diskfs' library, namely `diskfs_sync_everything',
`diskfs_shutdown_pager', `diskfs_node_update' and a few others.
As those functions may access and alter the in-core disk image, they
must be prepared to handle access faults. In fact, in the Ext2
translator they do detect access faults, yet they simply disregard
them and fail to report them to the caller; the problem is, that they
are declared as returning void.
Now I believe that having those functions report an error condition to
higher levels might help in catching subtle bugs, and in developing
translators of greater robustness.
The question of how core servers and translators should handle error
conditions is clearly of vast concern, and is difficult, too.
Although I am not able to treat it now with due depth, I am
considering it, and have grown to believe that we can improve the Hurd
very much in this respect.
E.g., some servers very often panic or report ENOMEM when carrying
out a request would cause them to exceed their allocable storage.
Much better solutions can be devised: a server, for example, might
keep a small reserve of memory (as Emacs does), and rely on it to
recover from an emergency condition; or it might implement some smart
algorithm and prune its internal caches on memory pressure. A still
better idea would be, to design some sort of ``cooperative protocol'',
whereby to allow trusted servers to borrow and lend each other memory
pages, according to the amount of work they are charged with.
Am I mistaken?
Thanks,
Roberto Reale
rreale@iol.it
- Touching the way some diskfs routines handle access faults.,
Roberto Reale <=