-6 - exception handlingcse452/overheads/exceptionsineiffel.pdf · exception handling: another...
TRANSCRIPT
![Page 1: -6 - Exception handlingcse452/Overheads/exceptionsInEiffel.pdf · Exception handling: another approach Introduce notion of contract The need for exceptions arises when a contract](https://reader034.vdocuments.mx/reader034/viewer/2022052021/603555105254d423d0787977/html5/thumbnails/1.jpg)
Chair of Software Engineering
- 6 -Exception handling
![Page 2: -6 - Exception handlingcse452/Overheads/exceptionsInEiffel.pdf · Exception handling: another approach Introduce notion of contract The need for exceptions arises when a contract](https://reader034.vdocuments.mx/reader034/viewer/2022052021/603555105254d423d0787977/html5/thumbnails/2.jpg)
How to use exceptions?
Two opposite styles:
Exceptions as a control structure:Use an exception to handle all casesother than the most favorable ones
(e.g. a key not found in a hash table triggersan exception)
Exceptions as a technique of last resort
![Page 3: -6 - Exception handlingcse452/Overheads/exceptionsInEiffel.pdf · Exception handling: another approach Introduce notion of contract The need for exceptions arises when a contract](https://reader034.vdocuments.mx/reader034/viewer/2022052021/603555105254d423d0787977/html5/thumbnails/3.jpg)
(From an Ada textbook)
sqrt (x : REAL) return REAL isbegin
if x < 0.0 thenraise Negative ;
elsenormal_square_root_computation ;
endexception
when Negative =>put ("Negative argument");return;
when others => …end; -- sqrt
How not to do it
![Page 4: -6 - Exception handlingcse452/Overheads/exceptionsInEiffel.pdf · Exception handling: another approach Introduce notion of contract The need for exceptions arises when a contract](https://reader034.vdocuments.mx/reader034/viewer/2022052021/603555105254d423d0787977/html5/thumbnails/4.jpg)
C++, Java, C#: raising programmer-defined exception
Instruction:throw my_exception;try … catch (Exception e) …try … finally …
The enclosing routine should be of the formmy_routine (…) throws my_exception {
…if abnormal_condition
throw my_exception;}
The calling routine must handle the exception (even if the handling code does nothing).
![Page 5: -6 - Exception handlingcse452/Overheads/exceptionsInEiffel.pdf · Exception handling: another approach Introduce notion of contract The need for exceptions arises when a contract](https://reader034.vdocuments.mx/reader034/viewer/2022052021/603555105254d423d0787977/html5/thumbnails/5.jpg)
Exception handling: another approach
Introduce notion of contract
The need for exceptions arises when a contract is broken by either of its parties (client, supplier)
Two concepts:
Failure: a routine, or other operation, is unable to fulfill its contract.
Exception: an undesirable event occurs during the execution of a routine — as a result of the failure of some operation called by the routine.
![Page 6: -6 - Exception handlingcse452/Overheads/exceptionsInEiffel.pdf · Exception handling: another approach Introduce notion of contract The need for exceptions arises when a contract](https://reader034.vdocuments.mx/reader034/viewer/2022052021/603555105254d423d0787977/html5/thumbnails/6.jpg)
The original strategy
r (...)require
...do
op1op2...opi...opn
ensure...
end
![Page 7: -6 - Exception handlingcse452/Overheads/exceptionsInEiffel.pdf · Exception handling: another approach Introduce notion of contract The need for exceptions arises when a contract](https://reader034.vdocuments.mx/reader034/viewer/2022052021/603555105254d423d0787977/html5/thumbnails/7.jpg)
Not going according to plan
r (...)require
...do
op1op2...opi...opn
ensure...
end
Fails, triggering an exception in r(r is recipient of exception).
![Page 8: -6 - Exception handlingcse452/Overheads/exceptionsInEiffel.pdf · Exception handling: another approach Introduce notion of contract The need for exceptions arises when a contract](https://reader034.vdocuments.mx/reader034/viewer/2022052021/603555105254d423d0787977/html5/thumbnails/8.jpg)
Causes of exceptions in O-O programming
Four major kinds:
Operating system signal: arithmetic overflow, no more memory, interrupt ...
Assertion violation (if contracts are being monitored)
Void call (x.f with no object attached to x)
Programmer-triggered Not any more in Eiffel & Spec#
![Page 9: -6 - Exception handlingcse452/Overheads/exceptionsInEiffel.pdf · Exception handling: another approach Introduce notion of contract The need for exceptions arises when a contract](https://reader034.vdocuments.mx/reader034/viewer/2022052021/603555105254d423d0787977/html5/thumbnails/9.jpg)
Handling exceptions properly
Exception handling principle
There are only two acceptable ways to react for the recipient of an exception:
Failure: Concede impossibility of fulfilling contract, and trigger an exception in the caller
(also called Organized Panic).Retry: Try again, using a different strategy (or repeating the same one)
(Rare third case: false alarm)
![Page 10: -6 - Exception handlingcse452/Overheads/exceptionsInEiffel.pdf · Exception handling: another approach Introduce notion of contract The need for exceptions arises when a contract](https://reader034.vdocuments.mx/reader034/viewer/2022052021/603555105254d423d0787977/html5/thumbnails/10.jpg)
The call chain
r0
r1
r2
r3
r4
Routine call
![Page 11: -6 - Exception handlingcse452/Overheads/exceptionsInEiffel.pdf · Exception handling: another approach Introduce notion of contract The need for exceptions arises when a contract](https://reader034.vdocuments.mx/reader034/viewer/2022052021/603555105254d423d0787977/html5/thumbnails/11.jpg)
Exception mechanism
Two constructs:A routine may contain a rescue clause.A rescue clause may contain a retry instruction.
A rescue clause that does not execute a retry leads to failure of the routine (this is the organized panic case).
![Page 12: -6 - Exception handlingcse452/Overheads/exceptionsInEiffel.pdf · Exception handling: another approach Introduce notion of contract The need for exceptions arises when a contract](https://reader034.vdocuments.mx/reader034/viewer/2022052021/603555105254d423d0787977/html5/thumbnails/12.jpg)
Exception mechanism (2)
f (...) isrequire
preconditionlocal
… local entity declarations…do
bodyensure
postconditionrescue
rescue_clauseend
![Page 13: -6 - Exception handlingcse452/Overheads/exceptionsInEiffel.pdf · Exception handling: another approach Introduce notion of contract The need for exceptions arises when a contract](https://reader034.vdocuments.mx/reader034/viewer/2022052021/603555105254d423d0787977/html5/thumbnails/13.jpg)
If no exception clause (1)
Absence of a rescue clause is equivalent, in a first approximation, to an empty rescue clause:
f (...)do
...end
is an abbreviation for f (...)
do...
rescue-- Nothing here
end
(This is a provisional rule; see next.)
![Page 14: -6 - Exception handlingcse452/Overheads/exceptionsInEiffel.pdf · Exception handling: another approach Introduce notion of contract The need for exceptions arises when a contract](https://reader034.vdocuments.mx/reader034/viewer/2022052021/603555105254d423d0787977/html5/thumbnails/14.jpg)
Transmitting over an unreliable line (1)Max_attempts : INTEGER is 100
attempt_transmission (message : STRING) is-- Transmit message in at most -- Max_attempts attempts.
localfailures : INTEGER
dounsafe_transmit (message)
rescuefailures := failures + 1if failures < Max_attempts then
retryend
end
![Page 15: -6 - Exception handlingcse452/Overheads/exceptionsInEiffel.pdf · Exception handling: another approach Introduce notion of contract The need for exceptions arises when a contract](https://reader034.vdocuments.mx/reader034/viewer/2022052021/603555105254d423d0787977/html5/thumbnails/15.jpg)
Transmitting over an unreliable line (2)Max_attempts : INTEGER is 100
failed : BOOLEAN
attempt_transmission (message: STRING) is-- Try to transmit message; -- if impossible in at most Max_attempts-- attempts, set failed to true.
localfailures: INTEGER
doif failures < Max_attempts then
unsafe_transmit (message)else
failed := Trueend
rescuefailures := failures + 1retry
end
![Page 16: -6 - Exception handlingcse452/Overheads/exceptionsInEiffel.pdf · Exception handling: another approach Introduce notion of contract The need for exceptions arises when a contract](https://reader034.vdocuments.mx/reader034/viewer/2022052021/603555105254d423d0787977/html5/thumbnails/16.jpg)
Max_attempts: INTEGER is 100failed : BOOLEAN
attempt_transmission (message: STRING) is-- Transmit message in at most -- Max_attempts attempts.
localfailures: INTEGER
dounsafe_transmit (message)
rescuefailures := failures + 1if failures < Max_attempts then
retryendfailed := true …
end
Transmitting over an unreliable line (3)
![Page 17: -6 - Exception handlingcse452/Overheads/exceptionsInEiffel.pdf · Exception handling: another approach Introduce notion of contract The need for exceptions arises when a contract](https://reader034.vdocuments.mx/reader034/viewer/2022052021/603555105254d423d0787977/html5/thumbnails/17.jpg)
Dealing with arithmetic overflow
quasi_inverse (x: REAL): REAL-- 1/x if possible, otherwise 0
localdivision_tried: BOOLEAN
doif not division_tried then
Result := 1/xend
rescuedivision_tried := TrueRetry
end
![Page 18: -6 - Exception handlingcse452/Overheads/exceptionsInEiffel.pdf · Exception handling: another approach Introduce notion of contract The need for exceptions arises when a contract](https://reader034.vdocuments.mx/reader034/viewer/2022052021/603555105254d423d0787977/html5/thumbnails/18.jpg)
ETL3: Exception mechanism
Two constructs:A routine may contain a rescue clauseA rescue clause may set the Retry boolean variable
A rescue clause that ends with Retry not set leads to failure of the routine (“organized panic”).
![Page 19: -6 - Exception handlingcse452/Overheads/exceptionsInEiffel.pdf · Exception handling: another approach Introduce notion of contract The need for exceptions arises when a contract](https://reader034.vdocuments.mx/reader034/viewer/2022052021/603555105254d423d0787977/html5/thumbnails/19.jpg)
ETL3:Transmitting over an unreliable line (1)
Max_tries : INTEGER = 100attempt_transmission_1 (message : STRING )
localfailures : INTEGER
dounsafe_transmit (message)
rescuefailures := failures + 1Retry := (failures < Max_tries)
end
-- Transmit message in at most Max_tries attempts.
![Page 20: -6 - Exception handlingcse452/Overheads/exceptionsInEiffel.pdf · Exception handling: another approach Introduce notion of contract The need for exceptions arises when a contract](https://reader034.vdocuments.mx/reader034/viewer/2022052021/603555105254d423d0787977/html5/thumbnails/20.jpg)
ETL3: Transmitting over an unreliable line (2)
Max_tries : INTEGER = 100attempt_transmission_2 (message : STRING )
localfailures : INTEGER
do
rescue
Retry := True end
-- Try to transmit message in at most Max_tries-- attempts; if impossible, set could_not to True.
; could_not: BOOLEAN
if failures < Max_tries thenunsafe_transmit (message)
elsecould_not := True
end
![Page 21: -6 - Exception handlingcse452/Overheads/exceptionsInEiffel.pdf · Exception handling: another approach Introduce notion of contract The need for exceptions arises when a contract](https://reader034.vdocuments.mx/reader034/viewer/2022052021/603555105254d423d0787977/html5/thumbnails/21.jpg)
ETL3: Dealing with arithmetic overflow
quasi_inverse (x: REAL): REAL-- 1/x if possible, otherwise 0
localdivision_tried: BOOLEAN
doif not division_tried then
Result := 1/xend
rescuedivision_tried := TrueRetry := True
end
![Page 22: -6 - Exception handlingcse452/Overheads/exceptionsInEiffel.pdf · Exception handling: another approach Introduce notion of contract The need for exceptions arises when a contract](https://reader034.vdocuments.mx/reader034/viewer/2022052021/603555105254d423d0787977/html5/thumbnails/22.jpg)
Further reading
Bertrand Meyer: Object-Oriented Software Construction, 2nd edition, Prentice Hall, 1997 Chapter 12: When the contract is broken: exception
handling
Bertrand Meyer: Eiffel: The Languagehttp://se.inf.ethz.ch/~meyer/ongoing/etl/ Chapter 26: Exception handling