[HARLEQUIN][Common Lisp HyperSpec (TM)] [Previous][Up][Next]

Issue FILE-OPEN-ERROR Writeup

Forum:		Public Review

Issue:		FILE-OPEN-ERROR

References:	Rose & Yen public review comment #3

		OPEN

		PROBE-FILE

		Section 19.1.2, "Pathnames as Filenames"

		Issue PATHNAME-SYNTAX-ERROR-TIME

                Issue PATHNAME-WILD

Category:	CLARIFICATION, CHANGE

Edit history:	26-Dec-1992, Version 1 by Loosemore

Status:         Item (4) removed; remainder of proposal passed 7-0-2,

                  March 1993





Problem description:



  The specification provides no reliable way for application programs

  to detect and recover from file system errors.



  The specific situation raised by the referenced public review comment

  was failure of OPEN due to the file being read- or write-protected.

  However, there are numerous other situations which may also cause OPEN

  (as well as other file-related operations, such as PROBE-FILE,

  DIRECTORY, and the like) to fail.  These include things like directory

  components in the pathname that don't really name directories, or

  invalid symbolic links.  The dictionary pages for most of these

  functions say nothing about what happens in the event the file system

  is unable to perform the request.



  To complicate matters further, there is also a related class of purely

  syntactic pathname errors that were the subject of proposal

  PATHNAME-SYNTAX-ERROR-TIME:EXPLICITLY-VAGUE, which was incorporated

  into draft 12.24 as the second paragraph on page 19-2.  Nothing is

  said in that section either about whether an error must be

  signaled, or the type of such an error.  The problem description of

  that issue left open the possibility that an implementation might

  attempt to make `friendly' corrections to syntactically invalid

  pathnames -- e.g., truncating names that are too long -- instead of

  signaling an error, but the discussion in the draft does not mention

  this explicitly.  Since one of the provisions of the proposal was to

  "warn users clearly about this known source of program portability

  problems", it seems some further clarification of how pathname syntax

  errors may be handled is in order.



  If that weren't enough, some functions specify that the type of error

  signalled when a wildcard pathname is provided is TYPE-ERROR, and

  others specify that it is of type FILE-ERROR.





Proposal (FILE-OPEN-ERROR:SIGNAL-FILE-ERROR):



  (1) Add to the "Exceptional Situations" section of the dictionary

  pages for DIRECTORY, PROBE-FILE, TRUENAME, FILE-AUTHOR, FILE-WRITE-DATE,

  OPEN, WITH-OPEN-FILE, COMPILE-FILE, LOAD, ED, and DRIBBLE a statement

  that an error of type FILE-ERROR is signaled if the file system cannot

  perform the requested operation.  (The entries for RENAME-FILE and 

  DELETE-FILE already include similar language.)



  If the proposals to restore the pathname argument to REQUIRE and/or

  to add the ENSURE-DIRECTORIES-EXIST function pass, add the same

  statement to the dictionary entries for these functions.





  (2) Rewrite and expand the second paragraph on page 19-2 to read:



    The mapping of the pathname components into the concepts peculiar to

    each file system is implementation-defined.  There exist conceivable

    pathnames for which there is no mapping to a syntactically valid

    filename in a particular implementation.  An implementation may use

    various strategies in an attempt to find a mapping; for example, an

    implementation may quietly truncate filenames that exceed length

    limitations imposed by the underlying file system, or ignore certain

    pathname components for which the file system provides no support.  If

    such a mapping cannot be found, an error of type FILE-ERROR is

    signaled.



    The time at which this mapping and associated error signaling occurs

    is implementation-dependent.  Specifically, it may occur at the time

    the pathname is constructed; when coercing a pathname to a namestring;

    or when an attempt is made to open or otherwise access the file 

    designated by the pathname.



  At the editor's discretion, also note this in the "Exceptional 

  Situations" section of the dictionary pages for the affected 

  functions.  These functions are:  PATHNAME, MAKE-PATHNAME,

  PATHNAME-HOST and friends, LOGICAL-PATHNAME-TRANSLATIONS, 

  NAMESTRING and friends, PARSE-NAMESTRING, WILD-PATHNAME-P,

  PATHNAME-MATCH-P, TRANSLATE-LOGICAL-PATHNAME, TRANSLATE-PATHNAME,

  MERGE-PATHNAMES, COMPILE-FILE-PATHNAME, and all of the functions

  mentioned in item (1) of the proposal.



  (3) Change the dictionary entries for PROBE-FILE, TRUENAME,

  FILE-AUTHOR, and FILE-WRITE-DATE to say that the type of error

  signalled when a wildcard pathname is provided is FILE-ERROR rather 

  than TYPE-ERROR.  (The entries for RENAME-FILE, DELETE-FILE, OPEN,

  WITH-OPEN-FILE, COMPILE-FILE, and LOAD already specify a type of

  FILE-ERROR.)



  Also, add a statement that an error of type FILE-ERROR might be

  signalled if the pathname argument is wild to the dictionary entries 

  for COMPILE-FILE-PATHNAME, ED, DRIBBLE, and (if the appropriate

  proposals pass) REQUIRE and ENSURE-DIRECTORIES-EXIST.



  (4) Deprecate the function PROBE-FILE.





Rationale:



  Providing detailed information about when and what type of errors

  might be signalled allows users to include condition handlers at

  relevant places in their programs which can take appropriate action

  to report and/or recover from the error.



  It's clear that FILE-ERROR is the correct condition type for the

  kinds of errors covered by item (1) of the proposal.  It could be

  argued that the errors covered by items (2) and (3) ought to be of

  some other condition type, but since in some cases these errors might

  be reported by the file system in the same way as the errors from 

  item (1), it may be difficult to distinguish them in practice.



  The rationale for deprecating PROBE-FILE is that the general approach

  of trying to check whether a file operation is going to succeed ahead

  of time is not the right way to handle file system access problems.

  Also, its functionality can readily be duplicated by OPEN and/or

  TRUENAME.

  



Current practice:



  Unknown.





Cost to implementors:



  Probably small.





Cost to users:



  Probably small.





Cost of non-adoption:



  Continuing confusion about how to handle file system errors.





Aesthetics:



  I suppose having the standard made more explicit on this issue is an

  improvement, even if it makes it longer.





Editorial impact:



  There are a large number of functions affected, but the changes are

  fairly mechanical in nature.





Discussion:



  A completely different proposal, PROBE-FILE:ADD-DIRECTION-KEYWORD,

  was originally suggested by Rose & Yen in their public review comment.

  The gist of that proposal was to modify PROBE-FILE so it could be used

  to check whether the user had privilege to subsequently OPEN a file.

  The public review committee concluded this was an unsatisfactory

  approach, not only because it didn't allow for detection of other

  kinds of file access problems, but also because it could be defeated

  by changes to the file system in between the check and the attempted

  access.  In subsequent e-mail discussion, the commentors have agreed

  to withdrawing that proposal in favor of the one presented here.



  Loosemore admits to being skeptical about the rationale for deprecating

  PROBE-FILE (in particular, because doing so would seem to indicate

  that there are no valid uses of PROBE-FILE at all), but the original

  commentors requested us to consider it.
[Starting Points][Contents][Index][Symbols][Glossary][Issues]
Copyright 1996, The Harlequin Group Limited. All Rights Reserved.