OS APIs without error codes

Discussions on more advanced topics such as monolithic vs micro-kernels, transactional memory models, and paging vs segmentation should go here. Use this forum to expand and improve the wiki!
rdos
Member
Member
Posts: 3286
Joined: Wed Oct 01, 2008 1:55 pm

Re: OS APIs without error codes

Post by rdos »

Solar wrote:That is your opinion. It might even work for RDOS. In the general case, you'd want to have multitasking, and in such an environment the above design is BS.
It has nothing to do with multitasking. Well-written applications don't break because some other application deleted a file, or whatever, and don't need error code processing to handle this. If two applications uses the same files, they must somehow synchronize their access, otherwise chaos will prevail, regardless if error codes are returned or not.

Also, RDOS does provide reentrant syscalls for everything, including FS access.
User avatar
bluemoon
Member
Member
Posts: 1761
Joined: Wed Dec 01, 2010 3:41 am
Location: Hong Kong

Re: OS APIs without error codes

Post by bluemoon »

Solar is talking about general case. In general case application do not require to do any synchronization just to open file; the OS is expect to handle mutex/shared access.

Fair enough, in RDOS you can require the application to do that themselves, since you are the rule.
User avatar
Solar
Member
Member
Posts: 7615
Joined: Thu Nov 16, 2006 12:01 pm
Location: Germany
Contact:

Re: OS APIs without error codes

Post by Solar »

rdos wrote:Well-written applications don't break because some other application deleted a file, or whatever, and don't need error code processing to handle this. If two applications uses the same files, they must somehow synchronize their access, otherwise chaos will prevail, regardless if error codes are returned or not.
In the general case an application has no idea what other application might run in parallel, and/or if other applications might access the same files. (It might even be - *gasp* - the user accessing the file, and it's hard synchronizing an application with that noteable automatically.)

The general mechanics for "synchronization" is to attempt the access, and handle potential failures. It is impossible to check all potential failures beforehand and still be certain the assertions hold true by the time you actually do the access. (Unless you disable task switching across multiple syscalls. You wouldn't want to do that.)

You've been told this by several people now, several times over, in different words, but you blithely go on ignoring it, jumping up and down and chanting "but it works in RDOS, but it works in RDOS".

We heard. We understood. We don't care (much). For the general case - and that is how this thread was started - "OS APIs without error codes" are not much of an option, for repeatedly reiterated reasons.
rdos wrote:Also, RDOS does provide reentrant syscalls for everything, including FS access.
You're such a character, dude.
Every good solution is obvious once you've found it.
rdos
Member
Member
Posts: 3286
Joined: Wed Oct 01, 2008 1:55 pm

Re: OS APIs without error codes

Post by rdos »

bluemoon wrote:Solar is talking about general case. In general case application do not require to do any synchronization just to open file; the OS is expect to handle mutex/shared access.

Fair enough, in RDOS you can require the application to do that themselves, since you are the rule.
I just stated that RDOS handles synchronization in the FS driver, so the application doesn't need to do that. However, if some application deliberately deletes a file that another application actively uses, the second application cannot recover from that no matter what kind of error recovery it does, unless it can recreate it, and then it can recreate it regardless if it has error codes from the FS API or not.

And if I didn't handle synchronization in the FS, how could I claim to do localized error handling? It would be impossible.

It was Solar that claimed that it would be impossible to handle multitasking without error codes from syscalls, something I claim is false. Reentrancy in the filesystem is dependent on proper synchronization, not error codes. No number of error codes could ever fix a FS that lacks synchronization.
rdos
Member
Member
Posts: 3286
Joined: Wed Oct 01, 2008 1:55 pm

Re: OS APIs without error codes

Post by rdos »

Solar wrote:The general mechanics for "synchronization" is to attempt the access, and handle potential failures. It is impossible to check all potential failures beforehand and still be certain the assertions hold true by the time you actually do the access. (Unless you disable task switching across multiple syscalls. You wouldn't want to do that.)
Not so. Synchronization ensures that FS contents is always consistent even if several tasks tries to modify them at the same time from different cores. You cannot ever implement that with "trial-and-error". #-o

A special case is retrieving a directory listing of files. In the old DOS days, this used the DTA to point to specific disc sectors, which was a hopelessly silly concept that never could be extended to proper synchronization. However, in my design, a directly listing is completely independent on FS structures, and thus never can become stale. It might not be correct 1ms after the snapshot, but it was correct & consistent at the time of the snapshot.
User avatar
Solar
Member
Member
Posts: 7615
Joined: Thu Nov 16, 2006 12:01 pm
Location: Germany
Contact:

Re: OS APIs without error codes

Post by Solar »

rdos wrote:It was Solar that claimed that it would be impossible to handle multitasking without error codes from syscalls, something I claim is false.
Don't twist my words, I warn you. You said "the OS should do it's best to perform syscalls, and when this fails, these failures are fatal and there is nothing the application can do about it provided that the application checked relevant preconditions", and I said that such a design is BS in a multitasking environment. I didn't say "impossible", I said "design akin to bovine excrement".

All in all, you seem to have problems grasping the concept of concurrency, race conditions etc.
Every good solution is obvious once you've found it.
User avatar
Brendan
Member
Member
Posts: 8561
Joined: Sat Jan 15, 2005 12:00 am
Location: At his keyboard!
Contact:

Re: OS APIs without error codes

Post by Brendan »

Hi,
rdos wrote:
Solar wrote:The general mechanics for "synchronization" is to attempt the access, and handle potential failures. It is impossible to check all potential failures beforehand and still be certain the assertions hold true by the time you actually do the access. (Unless you disable task switching across multiple syscalls. You wouldn't want to do that.)
Not so.
rdos wrote:However, in my design, a directly (directory?) listing is completely independent on FS structures, and thus never can become stale. It might not be correct 1ms after the snapshot, but it was correct & consistent at the time of the snapshot.
So you're saying that for RDOS; it is impossible to check all potential failures beforehand and still be certain the assertions hold true by the time you actually do the access? For example, you might get a directory listing to make sure a file is present, and 1ms later when you attempt to open the file it might not be present?


Cheers,

Brendan
For all things; perfection is, and will always remain, impossible to achieve in practice. However; by striving for perfection we create things that are as perfect as practically possible. Let the pursuit of perfection be our guide.
rdos
Member
Member
Posts: 3286
Joined: Wed Oct 01, 2008 1:55 pm

Re: OS APIs without error codes

Post by rdos »

Brendan wrote:So you're saying that for RDOS; it is impossible to check all potential failures beforehand and still be certain the assertions hold true by the time you actually do the access? For example, you might get a directory listing to make sure a file is present, and 1ms later when you attempt to open the file it might not be present?
You cannot lock the FS because you do a directory listing.

If you want to be real extreme about a file existing, you can do as I provided code for previously (requires no error reasons)

Code: Select all


    int handle = 0;

    if (CheckFileExist(path))
         handle = OpenFile(path);

    if (!handle)
    {
         if (WantToCreateFile)
              handle = CreateFile(path);
    }

Works perfectly well.

Could even be simplified to:

Code: Select all


    int handle;

    handle = OpenFile(path);

    if (!handle)
    {
         if (WantToCreateFile)
              handle = CreateFile(path);
    }

Locked