-
Notifications
You must be signed in to change notification settings - Fork 254
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Faillible Log interface #382
Comments
As you noted, an associated type isn't going to work with this crate. What action would you expect code to take in response to an error from a logging statement? Logging is typically used as a backchannel for diagnostic information, and it isn't really typical in my experience to care more about your logging information than the actual computation you're trying to perform. You can't log the fact that your logger doesn't work, and unless you're going to cause the main computation to fail, there aren't really any other clear options, right? |
Well, as usual with
|
I agree that those are all things that someone could hypothetically do, but I'm asking why someone would in practice want to worry about any of that, and if that's worth a breaking change to the 6th most used crate in the entire ecosystem. |
The heart of the issue, as I see it, is that logging means different things to different people. To give some archetypal examples:
The problem, of course, is that as library authors we may not know what our libraries will be used for. Especially in a language with decent This is where configurable error handling behavior makes sense, in my opinion: it allows library authors who don't know the best course of action to defer the decision of how to handle errors to a layer of the software abstraction stack where someone actually knows how critical the error is to the application domain and how it should best be handled. Now, so far I've focused on In any case, I agree with you that this is unlikely to be worth a major breaking change in |
That already exists - an application author has the ability to configure a logger globally by installing the global logger. If an application cannot continue running in response to a logging failure, then the application should install a logger that terminates the program in response to a logging failure. |
So, if I try to summarize, your opinion is that the log error handling policy should be global to the application rather than local to libraries, and is therefore best handled by the From this perspective, the only thing that the Would you agree that this is a fair assessment? |
That sounds accurate. |
Thanks for the clarification! Then maybe let's wait a week or two in case someone else wants to voice another opinion, and if not I think we can close this. |
Alright, I think this matter is settled then. Thanks for the discussion! 😉 |
* Refactor: Extract new fn `BinFile::check_source_exists` * Impl new async fn `AutoAbortJoinHandle::flattened_join` * Impl new fn `Fetcher::fetcher_name` * Verify that `bin_files` exist in `resolve` stage To ensure that the installation stage won't fail because of missing binaries. * Rm unused `MultiFecther` * Simplify `Future` impl for `AutoAbortJoinHandle` * Add new variant `BinstallError::CargoTomlMissingPackage` * Replace `unwrap` in `resolve_inner` with proper error handling * Make `Fetcher::new` as a regular function instead of an `async` function. * Ret `Arc<dyn Fetcher>` in trait fn `Fetcher::new` * Refactor `resolve_inner` Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
It has recently come through my attention, through the joy of low-level programming, that the
Log
trait does not provide any clean way to propagate I/O errors. Therefore, when one of those happens, aLog
implementation must pick between a number of bad choices:no_std
UEFI context that cannot afford unwinding means an instant crash.errno
-style global side channel, with all the problems that these sorts of side channels bring.As a superior alternative, could you consider following the example of
fmt::Write
and providing facilities for propagating the information that a text output error occurred in theLog
trait?Since not wanting to panic on failure is arguably a
no_std
edge case, it's okay if those facilities are not as ergonomic as the current ones. For example, I could live a backwards-compatible extension to the currentLog
trait like this one......combined with a "faillible" submodule of the
log
crate that contains faillible variants of the logging macros exposed at the top level of the module.With this, we would then be able to advise
uefi-rs
users to use the faillible logging macros, while still supporting the use of unmodified Rust crates that call the old infaillible macros.Such a faillible logging trait + macros is probably what we'll end up implementing on the
uefi-rs
side, in one form or another, if you're not interested. But I thought the idea of propagating I/O errors was of sufficiently general use, at least inno_std
use cases, to warrant at least some upstream discussion on your side.The text was updated successfully, but these errors were encountered: