I remember teaching his students to check the results of functions and then being dismayed when they checked the result of printf; I see that you put malloc and sscanf on that side of the divide.
Conversation
Yup! I have pretty low standards for filing off sharp edges on tools that I'm ony using myself
1
7
Definitely. If aeronautics software relied on dynamic allocation, this is how it would be structured.
1
6
oh I like the gotos, I had only meant that Brendan was not checking the return values from these two fine system calls
4
8
one can almost never do anything about these errors at the moment, but knowing that they happened usually points to logic errors elsewhere in the program
3
4
ENOMEM can unfortunately happen for no fault of your own though. It's why this wrapper exists:
1
2
yep, it's really only EBADF that I want to know about for bug-fixing purposes
1
1
Yeah, it makes sense to wrap close, check for that and abort the program. Not much point in checking for other close errors though. You generally have to design around using fsync if you need things to be reliable and the fsync is where you actually need to handle the errors.
So, for the standard primitive approach to safe writes, fsync(fd), check for errors, and then only rename it to clobber the original file if it was successful. For multiple files, can have dir_a and dir_b, alternating where you write, and atomically flip a symlink between them.
2