Newsgroups: comp.object,comp.lang.eiffel,comp.lang.c++,comp.lang.beta,comp.lang.java,comp.lang.sather Path: news.daimi.aau.dk!news.uni-c.dk!newsfeed.sunet.se!news01.sunet.se!sunic!mn6.swip.net!plug.news.pipex.net!pipex!tank.news.pipex.net!pipex!news.mathworks.com!uhog.mit.edu!uw-beaver!uw-coco!news-wa16!lego.wes.mot.com!mothost!schbbs!news From: shang@corp.mot.com (David L. Shang) Subject: Re: What Should An Exception Handling Do? -- Clarification of rules Reply-To: shang@corp.mot.com Organization: MOTOROLA Date: Mon, 25 Mar 1996 16:07:02 GMT Message-ID: <1996Mar25.160702.14229@schbbs.mot.com> References: Sender: news@schbbs.mot.com (SCHBBS News Account) Nntp-Posting-Host: 129.188.128.126 Lines: 145 Xref: news.daimi.aau.dk comp.object:53199 comp.lang.eiffel:22502 comp.lang.c++:175010 comp.lang.beta:10679 comp.lang.java:28487 comp.lang.sather:12358 comp.object,comp.lang.eiffel,comp.lang.c++,comp.lang.beta,comp.lang.java,comp.l ang.sather In article bs@research.att.com (Bjarne Stroustrup <9758-26353> 0112760) writes: > billf@jovial.com (Bill Foote) writes > > > > > quote explaining why C++ (and Java) uses the termination model > > > of exception handling > > > > A cynic might conclude something more along these lines: "It would be > > hard to implement resumable exceptions in C++, so they decided to punt." > > and that "cynic" would be wrong, guilty of not having done his homework, > and guilty of making unkind conjectures without basis in facts. > But I don't see what's wrong with the cynic. It is true that to implement resumable exceptions in C++ is very hard. It is also true that resumable exception is useful, see below. > Here, I'd like to quote a key section: > > Then, at the Palo Alto meeting in November 1991, we heard a > brilliant summary of the arguments for termination semantics > backed with both personal experience and data from Jim Mitchell > (from Sun, formerly from Xerox PARC). Jim had used exception > handling in half a dozen languages over a period of 20 years > and was an early proponent of resumption semantics as one of > the main designers and implementers of Xerox's Cedar/Mesa system. > His message was > > ``termination is preferred over resumption; this is > not a matter of opinion but a matter of years of > experience. Resumption is seductive, but not valid.'' > > He backed this statement with experience from several operating > systems. The key example was Cedar/Mesa: It was written by people > who liked and used resumption, but after ten years of use, there > was only one use of resumption left in the half million line > system -- and that was a context inquiry. Because resumption > wasn't actually necessary for such a context inquiry, they removed > it and found a significant speed increase in that part of the > system. In each and every case where resumption had been used > it had -- over the ten years -- become a problem and a more > appropriate design had replaced it. Basically, every use of > resumption had represented a failure to keep separate levels > of abstraction disjoint > > Mary Fontana presented similar data from the TI Explorer system > where resumption was found to be used for debugging only, Aron > Insinga presented evidence of the very limited and nonessential > use of resumption in DEC's VMS, and Kim Knuttilla related exactly > the same story as Jim Mitchell for two large and long-lived > projects inside IBM. To this we added a strong opinion in favor > of termination based on experience at L.M.Ericsson relayed to > us by Dag Bruck. > > Thus, the C++ committee endorsed termination semantics. > The key point is: WHAT IS AN EXCEPTION? The definition: > "Exception handling is intended to allow code that has encountered >a condition it cannot cope with to return to some other code that >directly or indirectly invoked it. There is no way for an exception >handler to request the thread of control to resume from the throw point. >In other words, "throw" implements the termination model of exception >handling." -ARM, Ellis & Stroustrup, page 354 > narrows exceptions to error conditions only. If it is this case termination would be sufficient, and resumptions would be useless. But an exception is not necessarily an error. Sometimes it is an condition that requires some extraordinary computation, a condition that is not supposed for a regular case, for example, to open a configuration file in an application directory and the file is not found. This condition requires a further processing, e.g. to look up the file in system directory. This is a quite common case in every system design. More examples: * the font does not exist and a query to the user is required to get the substituting font; * the input is in the wrong type and an input retry is required; * the file is not associated with a default handler, would you like to associate one and let me try to re-open the file? * the format is not understood, would you suggest me a converter? * the embedded object is re-located, would give me the directory to the new place? These conditions are not errors but only require some extraordinary work. Similar examples were also given by Bill Foote in his previous post. It is not hard for people to figure out more examples that requires the following struture: result = try do_something() { when condition1: some_extraordinary_work1; retry; when condition2: some_extraordinary_work2; retry; when condition3: some_extraordinary_work3; retry; when condition4: return null; } is certainly better than: result = do_something(); exceptional_condition = check_error_message(); while (exceptional_condition) { if (exceptional_condition==condition4) { result = null; break; } switch (exceptional_condition) { case condition1: some_extraordinary_work1; do_something(); break; case condition2: some_extraordinary_work2; do_something(); break; case condition3: some_extraordinary_work3; do_something(); break; } } Oh, well! It takes me ten time longer to figure out the second piece of code and I am still not sure whether this code is correct or not. After a second look, yes, there are errors! "check_error_message()" should also be called in the loop to get the new exceptional condition after a retry. David Shang