-
-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make 'echo' raise IOErrors when appropriate #16367
Conversation
Is there any other real-world testing we could subject this change to before merging? Changing the behavior of something as commonly-used as On the other hand, I can't imagine anyone depends on or intentionally exploits the current no-raise behavior. |
how about add
(and mention in changelog) IMO that's good enough. |
|
I think it should also raise; it's easy enough to wrap it inside try/except in the off-chance it does raise in your code; the main point is to evade noSideEffects; silently hiding errors shouldn't be the goal |
lib/system/io.nim
Outdated
else: | ||
discard c_fwrite(s.cstring, cast[csize_t](s.len), 1, stdout) | ||
if c_fwrite(s.cstring, cast[csize_t](s.len), 1, stdout) != s.len: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this seems unfortunately subject to the classic EINTR bug, see https://github.com/angrave/SystemProgramming/wiki/POSIX%2C-Part-1%3A-Error-handling#what-is-eintr-what-does-it-mean-for-sem_wait-read-write and how I fixed it here #13232 via a while loop which is IIUC the correct way to handle this
the question is whether to fix this in this PR or merge this PR as is and fix it in future PR; is there an easy repro?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think do it as a separate PR, abstracting out a common template in the process (as mentioned in your fix for the linked issue).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM but https://github.com/nim-lang/Nim/pull/16367/files#r545569618 should be addressed now or after this PR
It seems better than before but if writing to stdout fails, there is little reason to assume we can report an exception in some other way. Maybe it would be wiser to |
there is, user code can handle this however they want for their requirements:
|
In my case (the reason I found this issue), I was able to write to stderr even when stdout writing failed. And after a sleep, I was also able to write to stdout again, too. |
indeed, you got
there are other temporary failure error codes (EINTER etc) that io needs to be aware of |
* Make 'echo' raise IOError when fwrite/fflush fail * Fix fwrite return value comparison * Add test for echo raising error and don't fail to release locks in echo * Fix exitcode expectation * Make 'echo' raise IOError on Windows if it fails * Add nimLegacyEchoNoRaise for prior no-IOError echo behavior * Use checkErrMaybe template
* Make 'echo' raise IOError when fwrite/fflush fail * Fix fwrite return value comparison * Add test for echo raising error and don't fail to release locks in echo * Fix exitcode expectation * Make 'echo' raise IOError on Windows if it fails * Add nimLegacyEchoNoRaise for prior no-IOError echo behavior * Use checkErrMaybe template
This reverts commit 23d23ec.
This was (wrongly IMO) reverted in #18460 |
Any discussion on why it was reverted? @narimiran (I'm just seeing this) This change fixed a really difficult-to-debug problem I was having with some code. |
It was reverted because the policy is "what used not to raise, cannot start to raise". Which is a pretty bad policy but we need consensus of how to deal with it. |
when you have a function like:
raising a new exception breaks that code at compile time - if instead you have:
you're breaking runtime code without any way to detect it at compile time, really - not only have you caused a leak - this code also changes the semantics of the whole application, because it introduces a new control flow - that's not acceptable for many applications. you could argue that if you're using two ways to write to the same output that have different semantics (write and echo), the problem lies with the code that does that, and not with echo itself. |
Would the addition of an |
Since breaking changes are allowed in devel now for Nim 2.0, maybe this PR can be re-merged again? Or maybe we need an RFC to discuss if |
|
Attempt to address #16366 and to see what breaks with this change.