you should do what's idiomatic for that language, e.g.: return an error in Rust; raise an exception in Python or Java; return an integer != 0 in C; etc.
Panic/crash/segfault
probably the worst option for a library
this post was submitted on 04 Aug 2025
11 points (100.0% liked)
Programming
22006 readers
137 users here now
Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!
Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.
Hope you enjoy the instance!
Rules
Rules
- Follow the programming.dev instance rules
- Keep content related to programming in some way
- If you're posting long videos try to add in some form of tldr for those who don't want to watch videos
Wormhole
Follow the wormhole through a path of communities !webdev@programming.dev
founded 2 years ago
MODERATORS
+1. If your library makes it impossible to recover from errors, then it will be unusable from any program that requires recovering from errors.
probably the worst option for a library
Even worse than returning garbage? :)
If it's garbage as in a string with a bunch of information that is hard to parse, yeah, crashing without giving the caller a way to avoid it might be worse. But what is exactly this garbage and in what cases are you considering returning it at all?
Uninitialized automatic variables. E.g. (in C/C++):
int get_time() {
int time;
syscall(/* something that fails */, &time);
return time;
}
Raising an exception would be standard practice, IMO. A library should not dictate how an application behaves. Let the application handle it.
If that's the only error mechanism, sure. Exceptions in most languages tend to be relatively expensive, though, and most have a cheaper idiomatic way of returning error codes; you'd want to use those if they're available, right?
Does Rust use exceptions a lot? I don't know. V has panic and catch, but you almost never see them. Idiomatic is Option (?) and Return (!) values, which I thought V borrowed from Rust. Go does the (val, error) tuple-ish return thing, and while it too has catchable panics, they're discouraged in favor of (error) return values.
Depends on the language. "Higher level" is a pretty broad field!
If that’s the only error mechanism, sure. Exceptions in most languages tend to be relatively expensive, though, and most have a cheaper idiomatic way of returning error codes; you’d want to use those if they’re available, right?
I think not being able to get the current time from the system is very exceptional. And I think exceptional circumstances should act that way and not “look like” normal executions. To me, that means letting hell break loose, and not “silently” return a 1 instead of a 0.
By similar reasoning, “Exceptions in most languages tend to be relatively expensive” is a very weak argument. We don’t expect this error-throwing code to execute a lot.
I can think if plenty of situations where system time is
- Optional
- Unreliable
- And even potentially disallowed by the user
In fact, if you don't set up your containers right, the system time is almost always wrong.
Return an error, respectively, in a language that supports it, raise an exception.
In my systems, nearly every call returns a status, and it is advisable to check this status. I had a number of long calls with windows programmers who complained about my system failing at some point, and most often, the reason was an ignored Non-OK status return at some point in the past.
Like "Your system loses the file I'm writing!". FileSystem_Open() returned a non-OK value (I don't remember the reason, but there was one). FileSystem_Write() returned a non-OK value (file pointer invalid). FileSystem_Close() returned a non-OK value (file pointer invalid). And he complains about a file that is not there...
I think you should make the overwhelmingly likely case crash in a controlled way, but provide a way to handle it for people who truly want to keep going in such strange conditions.
In rust I would panic in now(), but also provide a alternative call that returns a result named something like try_now(), similar to Vec::with_capacity and Vec::try_with_capacity.
In languages that provide them, you could also throw a runtime exception that can be ignored and just bubbles up to main unless explicitly caught.
Interestingly, Rust is what brought me to this rabbit hole. It does indeed panic in now()[1], but the devs seem to be reluctant to provide the try_now() variant[2].
[1] https://doc.rust-lang.org/nightly/src/std/sys/pal/unix/time.rs.html#124 [2] https://github.com/rust-lang/rust/issues/115482
For Rust, return Result<> , as is idomatic in Rust.
Another possible method is having an installable handler that handles the error at the place it is detected. Common Lisp does that and it is very powerful.