On Wed, Jun 15, 2005 at 01:38:59PM -0700, Hans Reiser wrote:
> Ted, if I understand you correctly, I agree with you. ;-)
> What users need is for a window to pop up saying "the usb drive is
> turned off" or "we are getting checksum errors from XXX, this may
> indicate hardware problems that require your attention".
Yes, and as I suggested, this is best done via out-of-band
notification system, such as hotplug or dbus.
> Now that GUIs exist, and now that more errors are possible because the
> kernel is more complex, perhaps kernel error handling should be
> reconsidered. I don't have the feeling that anyone has felt themselves
> authorized to take a deep look at how this ought to be designed. I mean
> sure, there are sometimes console windows that things get printed into,
> but unsophisticated users basically want to be prompted if something is
> wrong that needs their attention and to not have their experience
> cluttered by a console window otherwise. Also, it has long been
> irritating having to make error codes conform to one of the existing
> error codes when there is often no good connection between the name of
> an existing error code and the new error condition one has just coded,
> and there is no space left for new error codes.
We could try to add some complicated exception system into system
calls, but it's not productive in my opnion. First of all, backwards
compatibility is an absolute and unconditional requirement (we can't
break POSIX compatibility, and more importantly, we don't want to
change the number of applications that Linux can run from being
Linux-like to being BeOS-like). This adds enough of a constraint that
I doubt trying to add changes to the system call error handling
mechanism is likely to work well.
Secondly, if the goal is to have a pop-up show when there is some
major hardware problem, changing the system call error handling
doesn't really help us unless we want to require every single
application in existence to be modified to use this new exception
handling system. Having seen how well this BeOS-like approach has
worked for BeOS, I believe this is a Really Bad Idea. It's better to
have a separate, out-of-band notification scheme --- it's what dbus is
really designed to be for.
> >Also, there is not neccesarily one right answer to how to respond to a
> >underlying I/O error in the filesystem. So for ext2/3 filesystem, it
> >is configurable.
> Perhaps these policy choices should be mount options, what do you think?
We put these policy options as options in the superblock, but there
are some advantages in being able to override them at mount-time with
mount options. For example, one such advantage is that we can
standardize them across different filesystems.
However, even if we do have standardized mount options, it is a real
pain to have to type a very long mount option when doing manual
mounts. So having defaults that can be stored in the superblock seems
to be a good idea, in my opinion.