returning error from main()

[Keith Thompson]

Personally, I'd like to see an exception mechanism in C. Probably
something similar to what C++ has, but with some restrictions, would
have the best chance of being accepted. But before we can seriously
consider adding features to C, we have to deal with the current lack
of support for the current C standard; until C99 is supported, there's
not much point in adding major features to C200X or C201Y.

The try/catch mechanism is not compatible with setjmp/longjmp so I
think it would probably be very difficult to implement in the C
language without breaking tons of pre-existing code.

[...]

Really? C++ has C's setjmp() and longjmp(), via the header <csetjmp>
(which corresponds to C's <setjmp.h>). But I haven't looked into the
possible interactions.

I'm not sure what the standard says about it, but I know of several
implementations where the destructors do not fire properly as the
stack unwinds if you use setjmp/longjmp.

The new/delete operators also cannot be mixed with the malloc()/free()
functions.

If C were to adopt an exception handling mechanism similar to C++'s,
it wouldn't be a great tragedy if it couldn't be mixed with setjmp and
longjmp. The restrictions on setjmp and longjmp are already fairly
tight.

 

[user923005]

[...]
Personally, I'd like to see an exception mechanism in C. Probably
something similar to what C++ has, but with some restrictions, would
have the best chance of being accepted. But before we can seriously
consider adding features to C, we have to deal with the current lack
of support for the current C standard; until C99 is supported, there's
not much point in adding major features to C200X or C201Y.
The try/catch mechanism is not compatible with setjmp/longjmp so I
think it would probably be very difficult to implement in the C
language without breaking tons of pre-existing code.
[...]
Really? C++ has C's setjmp() and longjmp(), via the header <csetjmp>
(which corresponds to C's <setjmp.h>). But I haven't looked into the
possible interactions.

I'm not sure what the standard says about it, but I know of several
implementations where the destructors do not fire properly as the
stack unwinds if you use setjmp/longjmp.

The new/delete operators also cannot be mixed with the malloc()/free()
functions.

If C were to adopt an exception handling mechanism similar to C++'s,
it wouldn't be a great tragedy if it couldn't be mixed with setjmp and
longjmp. The restrictions on setjmp and longjmp are already fairly
tight.

Here's the bit from the C++ standard that prohibits it:

© ISO/IEC ISO/IEC 14882:1998(E) page 347:

"18 Language support library 18.7 Other runtime support

4 The function signature longjmp(jmp_buf jbuf, int val) has more
restricted behavior in this International Standard. If any automatic
objects would be destroyed by a thrown exception transferring control
to another (destination) point in the program, then a call to
longjmp(jbuf, val) at the throw point that transfers control to the
same (destination) point has undefined behavior.
SEE ALSO: ISO C subclause 7.10.4, 7.8, 7.6, 7.12."

 

[Peter J. Holzer]

POSIX specifies exactly the type of errors that can be thrown by
fopen!

No, it doesn't:

| Implementations may support additional errors not included in this list,
| may generate errors included in this list under circumstances other than
| those described here, or may contain extensions or limitations that
| prevent some errors from occurring.

http://www.opengroup.org/onlinepubs/009695399/functions/xsh_chap02_03.html#tag_02_03

hp

 

[jacob navia]

No, it doesn't:

| Implementations may support additional errors not included in this list,
| may generate errors included in this list under circumstances other than
| those described here, or may contain extensions or limitations that
| prevent some errors from occurring.

http://www.opengroup.org/onlinepubs/009695399/functions/xsh_chap02_03.html#tag_02_03

hp

Thas is nothing but the usual

Standard Disclaimer

Of course the C standard could do the same

 

[Gordon Burditt]

That is true, and a small effort in the C standard, we would have

more detailed error analysis. Requiring to #define some error
codes is not very much!

But it would mean a HUGE advance in portable programs.

Suppose that I want to see if a file is there. I
could just use fopen, and if the result is NULL AND
errno is ENOTFOUND it's OK, but otherwise it is
some other kind of error.

One of the problems here is that it is legitimate for an OS to
refuse to make a distinction between ENOTFOUND and EACCESS because
doing so would be a security issue. It might, for example, allow
me to guess valid usernames and confirm them for spamming purposes.
Or consider the analogy to classified documents where even the TITLE
of the file is classified.

There's also the problem that you may not get agreement on which
error you actually get if there are multiple possible error codes
in a given situation.

 

[Richard Bos]

Of course not, if we use just the lower 3 bits of errno
and leave the rest for the different implementations

*Brrr*

That's one guaranteed way to make the system completely unextendable and
painfully undebuggable. It _may_ work if you have only a single
implementation to consider, but for the Standard? It would be a horror.

Richard

 

[Richard Bos]

I'm always amused by winerror.h and its nested chums. I think it comes
close to using every bit of a long, and a great many of the
possibilities are very very similar.

And how many of them do you see regularly? And how many of those serve
as a mostly useless catch-all? It is indeed a great example of how not
to set up an error reporting system.

Richard

 

[Tor Rustad]

Agreed, as long as ISO C don't specify threads and the current (lack of)
signal definition exist, the "_r" functions is better left to POSIX.

Well, even without threads, strtok() remains an "accident waiting
to happen":

static const char ws[] = " \t\n"; /* or even " \t\b\f\v\r\n" */
char *tok;

/* do some work on the whitespace-separated keywords */
for (tok = strtok(str, ws); tok != NULL; tok = strtok(NULL, ws))
operate_on(tok);

If operate_on() is a function, and if operate_on() itself calls
strtok() with a non-NULL first parameter, the code breaks. The
POSIX strtok_r() fixes this, although that is the only silly part
of strtok() that it fixes. (The BSD strsep() fixes two "bad
behaviors", at the cost of making the caller merge adjacent separators
if that is desired.

I really don't know why your strsep() was left out of C99, perhaps
strtok() was regarded as a minor problem, as experienced C programmers
are aware of strtok() and avoid using it. At least I haven't used it for
10+ years, after some surprising parsing results.


The Linux man page is clear:

Name
strtok, strtok_r - extract tokens from strings

[...]

Bugs
Avoid using these functions. If you do use them, note that:

These functions modify their first argument.
These functions cannot be used on constant strings.
The identity of the delimiting character is lost.

The strtok() function uses a static buffer while parsing, so it's not
thread safe. Use strtok_r() if this matters to you.

So I think adding strsep() would be better than adding strtok_r().

Now, strtok_s() has arrived too. After reading this:

#define __STDC_WANT_LIB_EXT1__ 1

#include <string.h>

static char str1[] = "?a???b,,,#c";
static char str2[] = "\t \t";
char *t, *ptr1, *ptr2;
rsize_t max1 = sizeof(str1);
rsize_t max2 = sizeof(str2);

t = strtok_s(str1, &max1, "?", &ptr1); // t points to the token "a"
t = strtok_s(NULL, &max1, ",", &ptr1); // t points to the token "??b"
t = strtok_s(str2, &max2, " \t", &ptr2); // t is a null pointer
t = strtok_s(NULL, &max1, "#,", &ptr1); // t points to the token "c"
t = strtok_s(NULL, &max1, "?", &ptr1); // t is a null pointer


I think this interface fails on simplicity, and yes, I agree that
strsep() is the better alternative, but Linux man page say:

Name
strsep - extract token from string

[...]

Bugs
This function suffers from the same problems as strtok(). In particular,
it modifies the original string. Avoid it.


I wouldn't put it as strong as "Avoid it", as a simple duplicate string
beforehand do.

 

[Mark McIntyre]

Devils advocate here. In that case the file does not exist, as far
as that user is concerned.

thats kinda my point - the concept "exist" doesn't even have a good
definition....
--
Mark McIntyre

"Debugging is twice as hard as writing the code in the first place.
Therefore, if you write the code as cleverly as possible, you are,
by definition, not smart enough to debug it."
--Brian Kernighan

 

[Mark McIntyre]

Thas is nothing but the usual Standard Disclaimer

Hang on - someone posts a reference to the Standard you're claiming is
'better', and your response is to disparage it?
--
Mark McIntyre

"Debugging is twice as hard as writing the code in the first place.
Therefore, if you write the code as cleverly as possible, you are,
by definition, not smart enough to debug it."
--Brian Kernighan