This is the mail archive of the
libc-alpha@sources.redhat.com
mailing list for the glibc project.
Re: Dangerous glibc byte/wide stream interactions
- To: Henry Spencer <henry at spsystems dot net>
- Subject: Re: Dangerous glibc byte/wide stream interactions
- From: Kaz Kylheku <kaz at ashi dot footprints dot net>
- Date: Sun, 24 Sep 2000 16:22:52 -0700 (PDT)
- cc: linux-utf8 at nl dot linux dot org, libc-alpha at sources dot redhat dot com
On Sun, 24 Sep 2000, Henry Spencer wrote:
> Date: Sun, 24 Sep 2000 18:32:36 -0400 (EDT)
> From: Henry Spencer <henry@spsystems.net>
> To: linux-utf8@nl.linux.org
> Cc: libc-alpha@sources.redhat.com
> Subject: Re: Dangerous glibc byte/wide stream interactions
>
> On 24 Sep 2000, Ulrich Drepper wrote:
> > > a check (if mode != rightmode {die with snide comment}) would seem
> > > appropriate...
> >
> > No. This is no debugging library, it's a runtime library.
>
> The two are not necessarily mutually exclusive. See the classic comment,
They are indeed not. There are some areas in which the interface standards call
for checking. Usually, the result of a failed check is the returning of an
error indication. The application can then decide how to handle the error
(e.g. diagnose it, abort or keep going or whatever).
> by Tony Hoare I think, about wearing lifejackets on your training cruises
> and then leaving them behind when you actually go to sea.
The problem is in deciding what kind of lifejacket to use. Should abort()
be called? The library may be used in circumstances when that won't be hepful.
E.g. a GUI application with no text console for capturing the abort message.
Some checks, if needed, can be implemented outside of the library. E.g. the
stream's mode can be recorded in some extra data member and the app can do its
own comparison.
The flipside of this is the programmer's view: suppose you *want* the safety
check in your program. What do you do? If you just let glibc take care of it,
then your program only has that safety check when linked to glibc, but not
necessarily when linked to some other library implementation. In a portable
program, you have no choice but to create your own check, if the standard does
not provide a mandatory error result.
So the gratuitous check provided by the implementor, while valuable in many
circumstances, is of no use to a portable program whose programmer wants
certain checks to be consistently there on all platforms.