473,699 Members | 2,768 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Exception Specifications

Hi all,

Just wondering whether there's any reason why exception specifications are
enforced at runtime, rather than at compile-time like in Java? (This was
prompted by reading an article on GOTW, incidentally.) Is there something
about C++ that makes it harder/impossible to check at compile-time?

Cheers,
Stu
Sep 23 '06
41 3062
"Jerry Coffin" <jc*****@taeus. comwrote in message
news:MP******** *************** @news.sunsite.d k...
In article <AL************ ********@pipex. net>,
sg*******@dNiOa Sl.PpAiMpPeLxE. AcSoEm says...
>Hi all,

Just wondering whether there's any reason why exception specifications
are
enforced at runtime, rather than at compile-time like in Java? (This was
prompted by reading an article on GOTW, incidentally.) Is there something
about C++ that makes it harder/impossible to check at compile-time?

The following is based primarily on recollection, so it may need to be
taken with a grain of salt.

In a phrase, backward compatibility. Exception specifications were added
to C++ after there were a number of implementations of exception
handling. These were consistent enough that it was considered reasoanble
and important to maintain compatibility with them. To maintain
compatibility with this code, the rule was made that lack of an
exception specification meant "can throw anything."

Unfortunately, that also meant that essentially all existing code was
seen (by the compiler) as being able to throw anything -- even pure C
code that had no notion of exception handling at all.

If exception specifications were enforced at compile time, new code that
used them would have had to do one of two things: either rewrite all
existing code to include exception speciifications (incidentally,
breaking all C compatibility) or else include a 'catch(...)' clause in
the new code to catch and convert the (probably nonexistent) "other"
exceptions to something it was allowed to throw.

Neither of these was seen as acceptable, leaving run-time enforcement as
nearly the only possible solution.

--
Later,
Jerry.

The universe is a figment of its own imagination.
Hmm :) Assuming your recollection is accurate, it does make a fair amount of
sense. It's a tad unfortunate that it went that way, though. Oh well, I
suppose we'll just have to make do without using exception specifications.
Thanks for the explanation, anyhow.

Cheers,
Stu
Sep 23 '06 #11
In article <4v************ ********@pipex. net>,
sg*******@dNiOa Sl.PpAiMpPeLxE. AcSoEm says...

[ ... ]
Hmm :) Assuming your recollection is accurate, it does make a fair amount of
sense. It's a tad unfortunate that it went that way, though. Oh well, I
suppose we'll just have to make do without using exception specifications.
I originally thought it was unfortunate, but I've changed my mind. I've
since become convinced that exception specifications (at least as
currently defined) are a fundamentally mistaken design that runs
directly counter to the intent and usefulness of exception handling in
the first place.

One of the basic ideas of exception handling is that the code that
detects a problem rarely has the context to deal appropriately with that
problem -- and in fact, the two will be separated by some arbitrary (but
often large) distance both conceptually and in the call chain. One of
the primary advantages of exception handling is that it allows the
intermediate levels in that call chain to ignore all but those
exceptions can (at least help to) handle. Other than that, their sole
obligation is to be written in an exception-safe fashion.

Exception specifications directly violate that, however. Instead of
allowing all the intermediate levels to ignore all but the exceptions to
which they can contribute handling, exception specifications demand that
all the software, at all the intermediate layers, excplicitly know and
acknowledge _all_ of the exceptions that might orignate from anything
they might call. This is not merely impractical, but negates much (if
not most) of the advantage exception handing provides in the first
place.

I believe virtually nobody really even _wants_ this. What they really
want isn't an assurance that every level in a call chain is aware of all
the exceptions that may originate down the call chain. Rather, the want
an assurance that some code at SOME level in the call chain knows how to
handle all of the exceptions that may happen in whatever it calls. If we
could do THAT at compile time (or more likely link time, since it needs
a view of the program as a whole) it would probably be truly worthwhile.

Exception specifications wouldn't really be very helpful in that though.
To enforce this at compile time, we'd basically start from the lowest
level in a particular call stack, and put together a list of all the
exceptions that can be thrown from that level. We'd then take a step up
the call stack, and add in all the exceptions that level can throw, and
so on. At each level we'd also look for any exception handlers, and
examine their contents to see what exceptions that came from below would
be caught at that level. We'd have to look at the contents of the
handler to see whether it re-throws the current exception. Those that
are caught but not re-thrown could be subtracted from the list of
possible exception. Of course, the compiler would also have to take
inheritance into account -- catching a base class obviously catches all
derived classes.

If there are any exceptions left in the list when we've looked at any
exception handlers in main, these are exceptions that can be thrown but
never caught. Being able to give at least a warning for that situation
would almost certainly be useful. The difficult part of this analysis
would probably be intermediate catch blocks that might only re-throw an
exception conditionally -- and if the condition related to the type of
the exception, it could be difficult to sort out which exceptions that
were caught mnight be re-thrown and which never would.

--
Later,
Jerry.

The universe is a figment of its own imagination.
Sep 23 '06 #12
"Stuart Golodetz" <sg*******@dNiO aSl.PpAiMpPeLxE .AcSoEmwrites:
"Jerry Coffin" <jc*****@taeus. comwrote in message
news:MP******** *************** @news.sunsite.d k...
In article <AL************ ********@pipex. net>,
sg*******@dNiOa Sl.PpAiMpPeLxE. AcSoEm says...
Hi all,

Just wondering whether there's any reason why exception
specifications are enforced at runtime, rather than at
compile-time like in Java?
[...]
Neither of these was seen as acceptable, leaving run-time enforcement as
nearly the only possible solution.
Hmm :) Assuming your recollection is accurate, it does make a fair
amount of sense. It's a tad unfortunate that it went that way,
though. Oh well, I suppose we'll just have to make do without using
exception specifications. Thanks for the explanation, anyhow.
One other issue, though: exception specifications are IIRC nearly
impossible to deal with correctly when writing templates. You don't
know, when writing the template (either function or class) what
operations on the templated type may or may not throw, nor do you
know what do to with them. I don't think anybody's come up with a
good way for templates and exception specs to play nicely together.

----------------------------------------------------------------------
Dave Steffen, Ph.D.
Software Engineer IV Disobey this command!
Numerica Corporation - Douglas Hofstadter
dgsteffen at numerica dot us
Sep 25 '06 #13
Geo

Stuart Golodetz wrote:
Hi all,

Just wondering whether there's any reason why exception specifications are
enforced at runtime, rather than at compile-time like in Java? (This was
C++ is NOT Java, why would you even hope that it might work the same,
especially since Java exception handling is horrible, at least C++'s is
so broken that it is unusable (in fact it is dangerous to use it), and
therefore you never neeed to worry about it.
prompted by reading an article on GOTW, incidentally.) Is there something
about C++ that makes it harder/impossible to check at compile-time?

Cheers,
Stu
Sep 25 '06 #14
On 25 Sep 2006 09:17:22 -0700, "Geo" <gg@remm.orgwro te:
>C++ is NOT Java, why would you even hope that it might work the same,
especially since Java exception handling is horrible, at least C++'s is
so broken that it is unusable (in fact it is dangerous to use it), and
therefore you never neeed to worry about it.
Neither is Java exception handling 'horrible' (it's just different
from C++) nor are C++ exception specifications 'broken'. WRT to the
latter you propagate the widespread 'Stroustrup-had-a-bad-day' myth.
It declares that everything in the C++ language is fine (more or
less), just exception specifications are 'broken' and 'unusable'. The
same article is usually quoted as reference.
It's true that C++ exception specifications are not standardized in
the most practical way (they are not even standardized as Stroustrup
describes them in his book). But they are not more 'broken' than other
C++ language elements like templates or the look-up rules.
Exception specifications make sense for at least 2 use cases:
1. you guarantee that no exception is thrown form a (usually low
level) function. This eg. is important to implement assignment
operators.
2. you guarantee that the specified and only the specified
exception(s) is(are) thrown from a function. Since exception
specifications are part of the contract between the user and you, the
implementer, all high level library interfaces should explicitly
specify exceptions in code.

Best regards,
Roland Pibinger

Sep 25 '06 #15
Roland Pibinger wrote:
On 25 Sep 2006 09:17:22 -0700, "Geo" <gg@remm.orgwro te:
C++ is NOT Java, why would you even hope that it might work the same,
especially since Java exception handling is horrible, at least C++'s is
so broken that it is unusable (in fact it is dangerous to use it), and
therefore you never neeed to worry about it.

Neither is Java exception handling 'horrible' (it's just different
from C++) nor are C++ exception specifications 'broken'. WRT to the
latter you propagate the widespread 'Stroustrup-had-a-bad-day' myth.
It declares that everything in the C++ language is fine (more or
less), just exception specifications are 'broken' and 'unusable'. The
same article is usually quoted as reference.
It's true that C++ exception specifications are not standardized in
the most practical way (they are not even standardized as Stroustrup
describes them in his book). But they are not more 'broken' than other
C++ language elements like templates or the look-up rules.
Exception specifications make sense for at least 2 use cases:
1. you guarantee that no exception is thrown form a (usually low
level) function. This eg. is important to implement assignment
operators.
2. you guarantee that the specified and only the specified
exception(s) is(are) thrown from a function. Since exception
specifications are part of the contract between the user and you, the
implementer, all high level library interfaces should explicitly
specify exceptions in code.
You also guarantee that your whole aplication will crumble whenever you
or anything that you call breaks that contract. I really don't see the
point, beside the moderate documentation value of such specifications.
But even then, everyone knows that destructors and assignment operators
are nothrow.

Yes, crashing early is better, yes, I know about all the pretty stuff
like "contracts" that looks very good on whiteboards and in
conferences. But when you get down to pragmatic every-day details a
contract like this may not even be enforceable in a dynamic run-time
environment where many things can happen, and bringing the whole
application down because one of the zillions of components broke its
contract is not acceptable in many real world situations.

Regards,
Bart.

Sep 25 '06 #16
On 25 Sep 2006 10:59:22 -0700, "Bart" <ba***********@ gmail.comwrote:
>You also guarantee that your whole aplication will crumble whenever you
or anything that you call breaks that contract...
Yes, crashing early is better, yes, I know about all the pretty stuff
like "contracts" that looks very good on whiteboards and in
conferences. But when you get down to pragmatic every-day details a
contract like this may not even be enforceable in a dynamic run-time
environment where many things can happen, and bringing the whole
application down because one of the zillions of components broke its
contract is not acceptable in many real world situations.
You seem to belief that one cannot programmaticall y control which
exception(s) may be thrown from a function (and therefore not use
except. spec.). Of course, you can. As a library user I want reliable
information about what a function may throw, eg.

class Database {
public:
void connect (...) throw (DBexcept);
};

or maybe even

class Database {
public:
ErrorCode connect (...) throw();
};
Best wishes,
Roland Pibinger
Sep 25 '06 #17

Roland Pibinger wrote:
On 25 Sep 2006 10:59:22 -0700, "Bart" <ba***********@ gmail.comwrote:
You also guarantee that your whole aplication will crumble whenever you
or anything that you call breaks that contract...
Yes, crashing early is better, yes, I know about all the pretty stuff
like "contracts" that looks very good on whiteboards and in
conferences. But when you get down to pragmatic every-day details a
contract like this may not even be enforceable in a dynamic run-time
environment where many things can happen, and bringing the whole
application down because one of the zillions of components broke its
contract is not acceptable in many real world situations.

You seem to belief that one cannot programmaticall y control which
exception(s) may be thrown from a function (and therefore not use
except. spec.). Of course, you can. As a library user I want reliable
information about what a function may throw, eg.

class Database {
public:
void connect (...) throw (DBexcept);
};
So what do you do when your network connection fails? Or when a simple
memory allocation fails? Do you catch every possible exception and then
re-throw the corresponding DBexcept equivalent? What practical value is
added by this approach as opposed to just letting everything that you
don't care about go through?

Besides, trivial examples are great for classrooms and CTO meatings but
in general they are of fairly limited applicability. What do you do
when a third party plug-in doesn't respect its contract? Do you just
die because you didn't expect it?

Regards,
Bart.

Sep 25 '06 #18

Bart wrote:
Roland Pibinger wrote:
On 25 Sep 2006 10:59:22 -0700, "Bart" <ba***********@ gmail.comwrote:
>You also guarantee that your whole aplication will crumble whenever you
>or anything that you call breaks that contract...
>Yes, crashing early is better, yes, I know about all the pretty stuff
>like "contracts" that looks very good on whiteboards and in
>conferences. But when you get down to pragmatic every-day details a
>contract like this may not even be enforceable in a dynamic run-time
>environment where many things can happen, and bringing the whole
>application down because one of the zillions of components broke its
>contract is not acceptable in many real world situations.
You seem to belief that one cannot programmaticall y control which
exception(s) may be thrown from a function (and therefore not use
except. spec.). Of course, you can. As a library user I want reliable
information about what a function may throw, eg.

class Database {
public:
void connect (...) throw (DBexcept);
};

So what do you do when your network connection fails? Or when a simple
memory allocation fails? Do you catch every possible exception and then
re-throw the corresponding DBexcept equivalent? What practical value is
added by this approach as opposed to just letting everything that you
don't care about go through?

Besides, trivial examples are great for classrooms and CTO meatings but
Typo there. Should be 'meetings'.

Regards,
Bart.

Sep 25 '06 #19

Bart wrote:
Besides, trivial examples are great for classrooms and CTO meatings but
in general they are of fairly limited applicability. What do you do
when a third party plug-in doesn't respect its contract? Do you just
die because you didn't expect it?
The first thing you should do is consider an alternative supplier. As
long as the concept of a third party plug-in (or any other API) failing
to respect its contract[*] is considered by users of plug-ins to be in
any way expected or acceptable, software engineering will remain the
woefully immature discipline it currently is.

Gavin Deane

Sep 25 '06 #20

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

6
2365
by: Philipp Holzschneider | last post by:
Are there any available c++ compilers around that strictly implement the mentioned "Exception Specification" feature?? where the following compiles void func() { throw A(); }; void gunc() throw(A,B) { throw A(); }; ---- void thrower() throw(A) { throw A(); };
28
2183
by: Scott Brady Drummonds | last post by:
Hi, all, I just got out of a meeting with a team of software developers that I recently joined as they are staffing to create a medium-sized project (potentially all of which will be written in C++). From my experience and readings, I've come to this group indoctrinated to use exceptions for error handling. The experience in this group that leads them to believe that exceptions should only be used where severe runtime errors require...
10
4993
by: linq936 | last post by:
Hi, I have many assert() call in my code, now I am considering to replace them with exception. The reason I want to do this change is that with the program going bigger and bigger, it is hard to test all the corner cases, and thus assert() does not work as good as before. The problem is if there are something really bad which was not captured by assert(), then in runtime, most likely the program will crash. This is the worst user...
6
1517
by: benben | last post by:
Why doesn't the following code work? template <typename ExceptionT> void f(void) throw (ExceptionT) { throw ExceptionT(); } Ben
1
3069
by: Brian | last post by:
I'm trying to comile some managed C++ code in VC++ 2005 beta that has a lot of exception specifications,ie int func() throw( SomeException*) ; I'm getting these messages: error C2353: exception specification is not allowed. unfortunately MSDN isn't much help here. Obviously, C++/CLI is not allowing
13
2629
by: junw2000 | last post by:
Is C++ Exception handling useful? think it is too complicated. What kinds of project need to use it? Thanks.
11
2112
by: George2 | last post by:
Hello everyone, How do you understand the Bjarne's comments about exception specification? Especially, "not required to be checked across compilation-unit" and "violations will not be caught at run time"? section 14.6.1 Checking Exception Specifications --------------------
12
2756
by: Ioannis Vranos | last post by:
Perhaps a mechanism can be introduced in the C++0x/1x standard, something simple like defining a function as: void somefunc(void) throw() { // ... }
7
248
by: Keith Halligan | last post by:
I'm a bit unsure about exception specifications and the rules that they enforce. I've had a look at the C++ spec and it doesn't state about the errors that it enforces, if an exception is thrown in a function that isn't specified in its exception specification (assuming there's one there). If I compile the code below on Solaris, Linux and AIX, I get the program coring, causing the "std::exception" to be thrown back to the
0
8686
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
0
9033
jinu1996
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
1
8911
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
0
8882
tracyyun
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
0
7748
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
0
5872
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
0
4627
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
2
2345
muto222
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
3
2009
bsmnconsultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.