Check all errors in code?

**Richard Tobin** · Sep 19 '08, 01:25 PM

Re: Check all errors in code?

In article <bAMAk.343$Jw.1 9@nwrddc02.gnil ink.net>,
James Kuyper <jameskuyper@ve rizon.netwrote:

>Even if all other modes of reporting an error are shut down, you can
>always exit with an exit status of EXIT_FAILURE.

What if exit() unexpectedly returns?

-- Richard
--
Please remember to mention me / in tapes you leave behind.

**Richard Heathfield** · Sep 19 '08, 01:25 PM

Re: Check all errors in code?

Richard Tobin said:

In article <bAMAk.343$Jw.1 9@nwrddc02.gnil ink.net>,
James Kuyper <jameskuyper@ve rizon.netwrote:
>

>>Even if all other modes of reporting an error are shut down, you can
>>always exit with an exit status of EXIT_FAILURE.

>
What if exit() unexpectedly returns?

Call it again. In fact, call it in a loop. The program is bound to notice
eventually.

--
Richard Heathfield <http://www.cpax.org.uk >
Email: -http://www. +rjh@
Google users: <http://www.cpax.org.uk/prg/writings/googly.php>
"Usenet is a strange place" - dmr 29 July 1999

**Andrew Poelstra** · Sep 19 '08, 01:35 PM

Re: Check all errors in code?

On 2008-09-19, lovecreatesbea. ..@gmail.com <lovecreatesbea uty@gmail.comwr ote:

On Sep 19, 4:08 pm, Ian Collins <ian-n...@hotmail.co mwrote:

>lovecreatesbea ...@gmail.com wrote:

Do you check all error conditions for all library calls in you code?

>>

Is it necessary to check all errors? Is it convenient to check all
errors (or how to make code clean and readable with mass of non
business logic related code block)?

>>

The following code from net-snmp library calls atoi five times but
checks none. Do we code a wrapper my_atoi_with_er ror_check() around
atoi and call this new one everywhere else? Is it a good practice (If
it is, why ANSI atoi doesn't do it)?

>>
>There is no way to check the result of atoi, that's why it's better to
>use strtol in most situations.

>
I did not just mean check the return code from a function call.
>
Especially, I'm asking how to do complicated error check neatly.

I use goto.

if(!(mem1 = malloc(sizeof *mem1)) ||
!(mem2 = malloc(sizeof *mem2)) ||
!(mem3 = malloc(sizeof *mem3)))
{
err_code = OUT_OF_MEMORY;
goto fail;
}

if(!(infile = fopen("./in.txt", "r")) ||
!(outfile = fopen("./out.txt", "w")))
{
err_code = FILE_ERROR;
goto fail;
}

/* logic below */

return 0;

fail:
free(mem1); /* These would be initialized to NULL
free(mem2); in case their malloc() or fopen()
free(mem3); never gets called. */
fclose(infile);
fclose(outfile) ;
return err_code;

--
Andrew Poelstra apoelstra@wpsof tware.net
That was a joke. Jokes in mathematics, are sometimes not funny.
-Veselin Jungic

**CBFalconer** · Sep 19 '08, 01:35 PM

Re: Check all errors in code?

"lovecreatesbea ...@gmail.com" wrote:

>
Do you check all error conditions for all library calls in you code?
>
Is it necessary to check all errors? Is it convenient to check all
errors (or how to make code clean and readable with mass of non
business logic related code block)?
>
The following code from net-snmp library calls atoi five times but
checks none. Do we code a wrapper my_atoi_with_er ror_check() around
atoi and call this new one everywhere else? Is it a good practice
(If it is, why ANSI atoi doesn't do it)?

Don't use atoi. Use one of strtod, strtold, strtou, which have
good error detection facilities. atoi is only there to handle old
code, written before the strto functions were available.

atoi doesn't do it because revising it would strand the old
software.

--
[mail]: Chuck F (cbfalconer at maineline dot net)
[page]: <http://cbfalconer.home .att.net>
Try the download section.

**Richard Tobin** · Sep 19 '08, 01:45 PM

Re: Check all errors in code?

In article <u_adnRd8PIkLOk 7VnZ2dnUVZ8gydn Z2d@bt.com>,
Richard Heathfield <rjh@see.sig.in validwrote:

>What if exit() unexpectedly returns?

>Call it again. In fact, call it in a loop. The program is bound to notice
>eventually.

What if the loop unexpectedly terminates... oh never mind.

-- Richard
--
Please remember to mention me / in tapes you leave behind.

**James Kuyper** · Sep 19 '08, 01:55 PM

Re: Check all errors in code?

Richard Tobin wrote:

In article <bAMAk.343$Jw.1 9@nwrddc02.gnil ink.net>,
James Kuyper <jameskuyper@ve rizon.netwrote:
>

>Even if all other modes of reporting an error are shut down, you can
>always exit with an exit status of EXIT_FAILURE.

>
What if exit() unexpectedly returns?

I'd expect a smiley on such a statement. In the absence of one, I'll
treat it seriously. Many of the standard library routines are defined in
a way that allows them to fail even if used perfectly correctly, and
provide mechanisms whereby such failures can be detected. Those
mechanisms should be used. However,

7.20.4.3p6: "The exit function cannot return to its caller."

The possibility of exit() returning to its caller is not worth worrying
about.

I won't say it can't happen, but worrying about the possibility is no
more reasonable than worrying about the possibility that any other
feature of C has been implemented incorrectly.

**Ben Bacarisse** · Sep 19 '08, 02:35 PM

Re: Check all errors in code?

Andrew Poelstra <apoelstra@supe rnova.homewrite s:
,snip>

I use goto.
>
if(!(mem1 = malloc(sizeof *mem1)) ||
!(mem2 = malloc(sizeof *mem2)) ||
!(mem3 = malloc(sizeof *mem3)))
{
err_code = OUT_OF_MEMORY;
goto fail;
}
>
if(!(infile = fopen("./in.txt", "r")) ||
!(outfile = fopen("./out.txt", "w")))
{
err_code = FILE_ERROR;
goto fail;
}
>
/* logic below */
>
return 0;
>
fail:
free(mem1); /* These would be initialized to NULL
free(mem2); in case their malloc() or fopen()
free(mem3); never gets called. */
fclose(infile);
fclose(outfile) ;

fclose(NULL) is undefined. These two need to be protected with an if
each. Such a shame that there is no symmetry with malloc/free but
that is how the world is!

return err_code;

--
Ben.

**lovecreatesbea...@gmail.com** · Sep 19 '08, 02:35 PM

Re: Check all errors in code?

Thanks Ian and Richard for mentioning the weakness of atoi also.

On Sep 19, 9:28 pm, CBFalconer <cbfalco...@yah oo.comwrote:

"lovecreatesbea ...@gmail.com" wrote:
>

The following code from net-snmp library calls atoi five times but
checks none. Do we code a wrapper my_atoi_with_er ror_check() around
atoi and call this new one everywhere else? Is it a good practice
(If it is, why ANSI atoi doesn't do it)?

>
Don't use atoi. Use one of strtod, strtold, strtou, which have
good error detection facilities. atoi is only there to handle old
code, written before the strto functions were available.
>
atoi doesn't do it because revising it would strand the old
software.

Yes, thanks for this information.

**Richard Heathfield** · Sep 19 '08, 02:55 PM

Re: Check all errors in code?

Richard Tobin said:

In article <u_adnRd8PIkLOk 7VnZ2dnUVZ8gydn Z2d@bt.com>,
Richard Heathfield <rjh@see.sig.in validwrote:
>

>>What if exit() unexpectedly returns?

>

>>Call it again. In fact, call it in a loop. The program is bound to notice
>>eventually.

>
What if the loop unexpectedly terminates...

Use recursion (duh!):

#include <stdlib.h>

int finished(int);

int finish(int status)
{
do
{
exit(status);
finished(status );
} while(!finish(s tatus));
return 0;
}

int finished(int status)
{
do
{
finish(status);
exit(status);
}
while(!finished (status));
return 0;
}

In next week's issue: The Halting Problem Revisited.

--
Richard Heathfield <http://www.cpax.org.uk >
Email: -http://www. +rjh@
Google users: <http://www.cpax.org.uk/prg/writings/googly.php>
"Usenet is a strange place" - dmr 29 July 1999

**lovecreatesbea...@gmail.com** · Sep 19 '08, 02:55 PM

Re: Check all errors in code?

On Sep 19, 6:32 pm, James Kuyper <jameskuy...@ve rizon.netwrote:

lovecreatesbea. ..@gmail.com wrote:

On Sep 19, 4:28 pm, Richard Heathfield <r...@see.sig.i nvalidwrote:

lovecreatesbea. ..@gmail.com said:

...

Sometimes, I omit some error check to come up with a can-work module
rapidly. Those error code will be supplied after some bug report
thrown out. This approach helps to catch up the schedule.

>
Only in the short term (and not even necessarily in the short term). In
the long run, you'll spend more time dealing with the bug reports and
fixing the problem than it would have taken to do it right in the first
place. Even in the short term, there's a good chance that your can-work
module won't work, and that you'll end up missing your schedule anyway
because of a bug that would have been much easier to track down if you'd
included proper error checking in the first place.
>
For many years, I held the opinion that if I adequately warn my boss of
the danger of skipping testing for errors, I've met my responsibilitie s.
If he responds by ordering me to go ahead and skip testing despite those
dangers, anything that goes wrong because of that is his responsibility,
not mine. I quickly learned, the hard way, that if I want to take that
attitude, I should always insist on getting such orders in writing. It
took me much longer to learn (again, the hard way) that I should never
obey such orders, period. I don't refuse the orders, I just ignore them.

(My boss and ex-bosses don't know about C programming and don't care
about C programming. I'm supposed to show them some instant
achievement same as other humble programmers in China do. My bosses do
the same instant things to the clients.)

Thanks you for the advice, it helps me.

**CBFalconer** · Sep 19 '08, 02:55 PM

Re: Check all errors in code?

Richard Heathfield wrote:

Richard Tobin said:

>James Kuyper <jameskuyper@ve rizon.netwrote:
>>

>>Even if all other modes of reporting an error are shut down,
>>you can always exit with an exit status of EXIT_FAILURE.

>>
>What if exit() unexpectedly returns?

>
Call it again. In fact, call it in a loop. The program is bound
to notice eventually.

If exit returns complain to the C system supplier. It is faulty.

--
[mail]: Chuck F (cbfalconer at maineline dot net)
[page]: <http://cbfalconer.home .att.net>
Try the download section.

**Richard Heathfield** · Sep 19 '08, 03:05 PM

Re: Check all errors in code?

CBFalconer said:

Richard Heathfield wrote:

>Richard Tobin said:

>>James Kuyper <jameskuyper@ve rizon.netwrote:
>>>
>>>Even if all other modes of reporting an error are shut down,
>>>you can always exit with an exit status of EXIT_FAILURE.
>>>
>>What if exit() unexpectedly returns?

>>
>Call it again. In fact, call it in a loop. The program is bound
>to notice eventually.

>
If exit returns complain to the C system supplier. It is faulty.

Whoosh!

--
Richard Heathfield <http://www.cpax.org.uk >
Email: -http://www. +rjh@
Google users: <http://www.cpax.org.uk/prg/writings/googly.php>
"Usenet is a strange place" - dmr 29 July 1999

**christian.bau** · Sep 19 '08, 03:25 PM

Re: Check all errors in code?

On Sep 19, 3:52 pm, "lovecreatesbea ...@gmail.com"
<lovecreatesbea ...@gmail.comwr ote:

(My boss and ex-bosses don't know about C programming and don't care
about C programming. I'm supposed to show them some instant
achievement same as other humble programmers in China do. My bosses do
the same instant things to the clients.)

Whose money is lost if you do shoddy work by following your bosses
orders? If it's your bosses money, go ahead. If it's not your bosses
money, follow your conscience.

**Richard Heathfield** · Sep 19 '08, 03:45 PM

Re: Check all errors in code?

christian.bau said:

On Sep 19, 3:52 pm, "lovecreatesbea ...@gmail.com"
<lovecreatesbea ...@gmail.comwr ote:
>

>(My boss and ex-bosses don't know about C programming and don't care
>about C programming. I'm supposed to show them some instant
>achievement same as other humble programmers in China do. My bosses do
>the same instant things to the clients.)

>
Whose money is lost if you do shoddy work by following your bosses
orders?

Yours, if you lose your job when the company goes bust after its flagship
product crashes and burns because you wrote shoddy code despite knowing
better.

--
Richard Heathfield <http://www.cpax.org.uk >
Email: -http://www. +rjh@
Google users: <http://www.cpax.org.uk/prg/writings/googly.php>
"Usenet is a strange place" - dmr 29 July 1999

**lovecreatesbea...@gmail.com** · Sep 19 '08, 03:45 PM

Re: Check all errors in code?

On Sep 19, 10:26 pm, Ben Bacarisse <ben.use...@bsb .me.ukwrote:

Andrew Poelstra <apoels...@supe rnova.homewrite s:
>

if(!(mem1 = malloc(sizeof *mem1)) ||
!(mem2 = malloc(sizeof *mem2)) ||
!(mem3 = malloc(sizeof *mem3)))
{
err_code = OUT_OF_MEMORY;
goto fail;
}

>

if(!(infile = fopen("./in.txt", "r")) ||
!(outfile = fopen("./out.txt", "w")))
{
err_code = FILE_ERROR;
goto fail;
}

>

/* logic below */

>

return 0;

>

fail:
free(mem1); /* These would be initialized to NULL
free(mem2); in case their malloc() or fopen()
free(mem3); never gets called. */
fclose(infile);
fclose(outfile) ;

>
fclose(NULL) is undefined. These two need to be protected with an if
each.

or better return or exit earlier when a null returned upon fopen.

Such a shame that there is no symmetry with malloc/free but
that is how the world is!

I think the sequence of calls to malloc/free is fine provide NULL
initialization performed before malloc.

Check all errors in code?

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment