typedef struct {
int id;
char* group;
} status_t;id == 0 denotes success.
id != 0 denotes failure.
a status is identified by (group, id).
the canonical success value is:
{ status_id_success, status_group_undefined }only functions that can fail return status_t.
functions that cannot fail do not return status_t.
this is a semantic partition, not a stylistic choice.
a fallible function declares:
status_declare;
this establishes a success-initialized local status.
status_set(group_id, status_id);
status_goto; status_set_goto(group_id, status_id);
control transfers to:
exit:
status_return; status_i_return;
status_require(callee(...));
semantics:
statusstatus.id != 0, transfer to exitstatus_i_require(callee(...));
semantics:
status.idstatus.id != 0, transfer to exitgroup assignment is the caller's responsibility.
status_require_return(callee(...));
a function may define a single convergence point:
exit:
both normal and failure paths may reach it.
each owned resource has a neutral value representing "not owned".
the resource variable itself encodes ownership state.
no auxiliary tracking variables are introduced if the resource variable suffices.
for each resource:
at exit::
cleanup is expressed solely in terms of resource variables.
status.id == 0 implies successstatus.id != 0 implies failure(group, id) identifies the failure(group, id) unless reassignedthe convention is correct if and only if:
status_texit: or return immediatelyexit: