Difference between revisions of "DIP33"

From D Wiki
Jump to: navigation, search
Line 47: Line 47:
 
*** <code>FilesystemException</code>
 
*** <code>FilesystemException</code>
 
*** <code>IOException</code>
 
*** <code>IOException</code>
**** <code>NetworkException</code>
 
 
*** <code>ParseException</code>
 
*** <code>ParseException</code>
 
**** <code>DocParseException</code>
 
**** <code>DocParseException</code>
Line 71: Line 70:
 
In general, <code>Error</code>s should not be caught, primarily because they indicate that the program logic is compromised, and that the program may therefore be in an invalid state from which there is no recovery.  Furthermore, one cannot rely on them being thrown at all.  For example, <code>assert</code> statements and array bounds checks, which both trigger <code>Error</code>s, may be disabled by compiler switches.
 
In general, <code>Error</code>s should not be caught, primarily because they indicate that the program logic is compromised, and that the program may therefore be in an invalid state from which there is no recovery.  Furthermore, one cannot rely on them being thrown at all.  For example, <code>assert</code> statements and array bounds checks, which both trigger <code>Error</code>s, may be disabled by compiler switches.
  
If an <code>Error</code> ''must'' be caught, it is recommended to do so at a very high level (e.g. in <code>main()</code>), and then only to perform critical cleanup work before terminating the program gracefully.
+
If an <code>Error</code> ''must'' be caught, it is recommended to do so at a very high level (e.g. in <code>main()</code>), and then only to perform critical cleanup work before terminating the program.
  
 
=== Exception ===
 
=== Exception ===
Line 78: Line 77:
 
</syntaxhighlight>
 
</syntaxhighlight>
  
<code>Exception</code> and its descendants are used to signal normal runtime errors.  These are exceptional circumstances that the programmer cannot be expected to avoid by design.  Examples include file not found, problems with parsing a document, system errors, etc.
+
<code>Exception</code> and its descendants are used to signal normal run-time errors.  These are exceptional circumstances that the programmer cannot reasonably be expected to avoid by design.  Examples include file not found, problems with parsing a document, system errors, etc.  Most errors fall into this category.
  
 
=== OutOfMemory ===
 
=== OutOfMemory ===
Line 86: Line 85:
  
 
This exception is thrown on an attempt to allocate more memory than what is currently available for the program.  Strictly speaking, this is ''not'' an <code>Error</code>, as the programmer cannot reasonably be expected to check memory availability before each allocation.  However, is not desirable to catch it along with normal <code>Exception</code>s either, as an out-of-memory condition requires special treatment.  Therefore, this DIP places <code>OutOfMemory</code> at the top level of the hierarchy, alongside <code>Error</code> and <code>Exception</code>.
 
This exception is thrown on an attempt to allocate more memory than what is currently available for the program.  Strictly speaking, this is ''not'' an <code>Error</code>, as the programmer cannot reasonably be expected to check memory availability before each allocation.  However, is not desirable to catch it along with normal <code>Exception</code>s either, as an out-of-memory condition requires special treatment.  Therefore, this DIP places <code>OutOfMemory</code> at the top level of the hierarchy, alongside <code>Error</code> and <code>Exception</code>.
 +
 +
'''Supersedes:''' <code>core.exception.OutOfMemoryError</code>
 +
  
 
== Errors ==
 
== Errors ==
Line 103: Line 105:
 
</syntaxhighlight>
 
</syntaxhighlight>
  
This error is thrown by functions such as <code>std.format.formattedWrite()</code>, <code>std.stdio.writeln()</code>, and so on, to signal a mismatch between format specifiers and the provided objects.
+
This error is thrown by functions such as <code>std.format.formattedWrite()</code>, <code>std.stdio.writeln()</code>, and so on, to signal a mismatch between format specifiers and the provided objects. It could also be thrown by future date/time formatting functions in <code>std.datetime</code> and other functions that have similar purposes.
 +
 
 +
Sometimes, it may be desirable to pass user-provided format strings to such functions.  However, bad user input should ''never'' result in an <code>Error</code>.  In such cases, it is both acceptable and recommended to catch the <code>FormatError</code>, but note that it should be caught as close as possible to the offending function call, and not be allowed to propagate through the public API.
 +
<syntaxhighlight lang="d">
 +
auto fmt = getUserInput("Please enter format string: ");
 +
try
 +
{
 +
    writefln(fmt, 2.3, 107, "Hello World!");
 +
}
 +
catch (FormatError e)
 +
{
 +
    stderr.writeln("Bad format string");
 +
}
 +
</syntaxhighlight>
 +
Alternatively, if not terribly inconvenient, the function's own validation code could be placed in a separate function, which could be used directly:
 +
<syntaxhighlight lang="d">
 +
// Phobos code
 +
bool isValidFormat(string fmt) { ... }
 +
void writefln(string fmt, ...)
 +
{
 +
    if (!isValidFormat(fmt)) throw new FormatError("Invalid format string");
 +
    ...
 +
}
 +
 
 +
// User code
 +
auto fmt = getUserInput("Please enter format string: ");
 +
if (!isValidFormat(fmt)) stderr.writeln("Bad format string");
 +
else writefln(fmt, 2.3, 107, "Hello World!");
 +
</syntaxhighlight>
  
 
'''Supersedes:''' <code>std.format.FormatException</code>
 
'''Supersedes:''' <code>std.format.FormatException</code>
Line 156: Line 186:
 
}
 
}
 
</syntaxhighlight>
 
</syntaxhighlight>
 +
 +
=== Other Errors ===
 +
 +
Currently, there exist a set of error classes which are used only in the runtime, for very specific purposes.  Some of these may have been rendered obsolete by language changes, and if so, they should be removed.  In any case, they are never to be used in high-level code (e.g. Phobos).
 +
 +
* <code>core.exception.FinalizeError</code>
 +
* <code>core.exception.HiddenFuncError</code>
 +
* <code>core.exception.InvalidMemoryOperationError</code>
 +
* <code>core.exception.SwitchError</code>
 +
  
 
== Exceptions ==
 
== Exceptions ==
Line 185: Line 225:
 
</syntaxhighlight>
 
</syntaxhighlight>
  
This exception is thrown when an error is detected in a low-level data encoding.  Normally, this will be binary encodings such as UTF, Base64, various compressed data formats, etc.
+
This exception is thrown when an error is detected in a low-level data encoding.  This will typically be binary encodings such as UTF, Base64, various compressed data formats, etc.
  
 
'''Supersedes:''' <code>core.exception.UnicodeException</code>, <code>std.base64.Base64Exception</code>, <code>std.encoding.EncodingException</code>, <code>std.encoding.UnrecognizedEncodingException</code>, <code>std.utf.UTFException</code>, to some extent <code>std.zip.ZipException</code>
 
'''Supersedes:''' <code>core.exception.UnicodeException</code>, <code>std.base64.Base64Exception</code>, <code>std.encoding.EncodingException</code>, <code>std.encoding.UnrecognizedEncodingException</code>, <code>std.utf.UTFException</code>, to some extent <code>std.zip.ZipException</code>
Line 218: Line 258:
  
 
This exception is thrown on errors that occur during filesystem operations such as file lookup/deletion/renaming, directory change, etc.
 
This exception is thrown on errors that occur during filesystem operations such as file lookup/deletion/renaming, directory change, etc.
 +
 +
'''Supersedes:''' <code>std.file.FileException</code>, some uses of <code>std.exception.ErrnoException</code>, some uses of <code>std.stdio.StdioException</code>, <code>std.stream.StreamFileException</code> and subclasses
 +
 +
=== IOException ===
 +
<syntaxhighlight lang="d">
 +
class IOException : Exception { }
 +
</syntaxhighlight>
 +
 +
This exception is thrown on errors during read/write operations.  This could signal disk failure, low-level network errors, problems in creating/accessing anonymous pipes, etc.
 +
 +
'''Supersedes:''' <code>std.stream.StreamException</code> and most of its subclasses, some uses of <code>std.stdio.StdioException</code>, some uses of <code>std.socket.SocketException</code> and subclasses
 +
 +
'''See also:''' [[#FilesystemException]], [[#NetworkingException]]
 +
 +
=== NetworkingException ===
 +
<syntaxhighlight lang="d">
 +
class NetworkingException : Exception { }
 +
</syntaxhighlight>
 +
 +
This exception signals a high-level networking failure.  Examples include host/ip lookup failure, timeout, etc.
 +
 +
'''Supersedes:''' <code>std.net.curl.CurlException</code> and subclasses, some uses of <code>std.socket.SocketException</code> and subclasses
 +
 +
'''See also:''' [[#IOException]]
  
 
=== ParseException, DocParseException ===
 
=== ParseException, DocParseException ===
Line 243: Line 307:
  
 
These exceptions are thrown on errors that are detected while parsing a high-level file or data format.  Typical examples are markup languages (XML, JSON, etc.), programming languages, high level data containers (ZIP, OGG, etc.).  Use <code>DocParseException</code> for human-readable formats where the error can be traced back to a specific file, line and/or column.
 
These exceptions are thrown on errors that are detected while parsing a high-level file or data format.  Typical examples are markup languages (XML, JSON, etc.), programming languages, high level data containers (ZIP, OGG, etc.).  Use <code>DocParseException</code> for human-readable formats where the error can be traced back to a specific file, line and/or column.
 +
 +
'''Supersedes:''' <code>std.csv.CSVException</code> and subclasses, <code>std.json.JSONException</code>, <code>std.uuid.UUIDParsingException</code>, <code>std.xml.XMLException</code> and subclasses.
  
 
'''See also:''' [[#EncodingException]]
 
'''See also:''' [[#EncodingException]]
  
== Exceptions from C errors ==
+
=== ProcessException ===
 +
<syntaxhighlight lang="d">
 +
class ProcessException : Exception { }
 +
</syntaxhighlight>
 +
 
 +
This exception is thrown on errors that occur during process handling.  This includes failure to start a process, failure to wait for a process, etc.
 +
 
 +
=== SystemException, ErrnoException, WinAPIException ===
 +
<syntaxhighlight lang="d">
 +
class SystemException : Exception { }
 +
 
 +
class ErrnoException : SystemException
 +
{
 +
    /// The errno code with which this error is associated.
 +
    int errno;
 +
}
 +
 
 +
class WinAPIException : SystemException
 +
{
 +
    /// The Windows error code with which this error is associated.
 +
    int code;
 +
}
 +
</syntaxhighlight>
 +
 
 +
These exceptions are thrown for errors that originate in underlying OS-specific APIs or other C APIs.
 +
 
 +
<code>ErrnoException</code> and <code>WinAPIException</code> pick up an <code>errno</code> code or Windows <code>GetLastError()</code>, respectively, on construction, and automatically retrieve the standard textual description of the error (e.g. using <code>strerror</code>).  In most cases, it is recommended that these two only be thrown from functions which are thin wrappers around C functions, and that they are chained to higher-level exceptions before leaving the D API.  (See [[#Exceptions that originate in C errors]] below.)
 +
 
 +
A plain <code>SystemException</code> may be useful for signaling a general system error which is not associated with a particular code, and which does not fit naturally into any of the other exception categories.
 +
 
 +
'''Supersedes:''' <code>std.windows.registry.Win32Exception</code>, <code>std.windows.registry.RegistryException</code>
 +
 
 +
=== ThreadException ===
 +
<syntaxhighlight lang="d">
 +
class ThreadException : public Exception { }
 +
</syntaxhighlight>
 +
 
 +
This exception is thrown on errors during thread and fiber management.
 +
 
 +
'''Supersedes:''' <code>core.thread.FiberException</code>
 +
 
 +
== Exceptions that originate in C errors ==
  
 
The D standard libraries make heavy use of C APIs under the hood.  These typically signal errors by means of an <code>errno</code> code, or, in the case of the Windows API, a code returned by <code>GetLastError()</code>.  As such, the exceptions described in this DIP will often be associated with such an error code, and it may sometimes be useful for the programmer to be able to access it.
 
The D standard libraries make heavy use of C APIs under the hood.  These typically signal errors by means of an <code>errno</code> code, or, in the case of the Windows API, a code returned by <code>GetLastError()</code>.  As such, the exceptions described in this DIP will often be associated with such an error code, and it may sometimes be useful for the programmer to be able to access it.

Revision as of 10:10, 1 April 2013

This DIP is currently under construction. Please come back later.

Title: A new exception hierarchy
DIP: 33
Version: 1
Status: Draft
Created: 2013-04-01
Last Modified: 2013-04-01
Author: Lars T. Kyllingstad
Links:

Abstract

This is a proposal for a new exception hierarchy for Druntime and Phobos.

Rationale

Overview

The following is an outline of the exceptions in the hierarchy, and how they are related to each other. Deeper levels are subclasses of those above.

  • Throwable
    • Error
      • AssertError
      • FormatError
      • InvalidArgumentError
      • RangeError
    • Exception
      • ConversionException
      • EncodingException
      • FilesystemException
      • IOException
      • ParseException
        • DocParseException
      • ProcessException
      • SystemException
        • ErrnoException
        • WinAPIException
      • ThreadException
    • OutOfMemory


Top-level classes

Strictly speaking, Throwable is of course the (only) top-level exception class. Here, however, we discuss its direct descendants, from which all other exception classes derive.

Error

class Error : Throwable { }

Error and its subclasses are used to signal programming errors. If an Error is thrown, it means that there is something wrong with how the program is constructed. Examples include array index out of bounds, invalid function arguments, etc. Importantly, it should always be possible to avoid an Error by design.

In general, Errors should not be caught, primarily because they indicate that the program logic is compromised, and that the program may therefore be in an invalid state from which there is no recovery. Furthermore, one cannot rely on them being thrown at all. For example, assert statements and array bounds checks, which both trigger Errors, may be disabled by compiler switches.

If an Error must be caught, it is recommended to do so at a very high level (e.g. in main()), and then only to perform critical cleanup work before terminating the program.

Exception

class Exception : Throwable { }

Exception and its descendants are used to signal normal run-time errors. These are exceptional circumstances that the programmer cannot reasonably be expected to avoid by design. Examples include file not found, problems with parsing a document, system errors, etc. Most errors fall into this category.

OutOfMemory

class OutOfMemory : Throwable { }

This exception is thrown on an attempt to allocate more memory than what is currently available for the program. Strictly speaking, this is not an Error, as the programmer cannot reasonably be expected to check memory availability before each allocation. However, is not desirable to catch it along with normal Exceptions either, as an out-of-memory condition requires special treatment. Therefore, this DIP places OutOfMemory at the top level of the hierarchy, alongside Error and Exception.

Supersedes: core.exception.OutOfMemoryError


Errors

Here follows a more detailed description of the various Error subclasses.

AssertError

class AssertError : Error { }

This error is thrown when an assert statement fails.

FormatError

class FormatError : Error { }

This error is thrown by functions such as std.format.formattedWrite(), std.stdio.writeln(), and so on, to signal a mismatch between format specifiers and the provided objects. It could also be thrown by future date/time formatting functions in std.datetime and other functions that have similar purposes.

Sometimes, it may be desirable to pass user-provided format strings to such functions. However, bad user input should never result in an Error. In such cases, it is both acceptable and recommended to catch the FormatError, but note that it should be caught as close as possible to the offending function call, and not be allowed to propagate through the public API.

auto fmt = getUserInput("Please enter format string: ");
try
{
    writefln(fmt, 2.3, 107, "Hello World!");
}
catch (FormatError e)
{
    stderr.writeln("Bad format string");
}

Alternatively, if not terribly inconvenient, the function's own validation code could be placed in a separate function, which could be used directly:

// Phobos code
bool isValidFormat(string fmt) { ... }
void writefln(string fmt, ...)
{
    if (!isValidFormat(fmt)) throw new FormatError("Invalid format string");
    ...
}

// User code
auto fmt = getUserInput("Please enter format string: ");
if (!isValidFormat(fmt)) stderr.writeln("Bad format string");
else writefln(fmt, 2.3, 107, "Hello World!");

Supersedes: std.format.FormatException

InvalidArgumentError

class InvalidArgumentError : Error { }

This error is thrown when one or more function arguments are invalid. Since it is an Error, it should only be used to signal errors that the programmer (i.e. the user of the function in question) can reasonably be expected to avoid, and which are not too costly to check. Circumstances that are out of the programmer's control, or which are so expensive to verify that it is undesirable to have them checked by both the caller and the callee, should be signalled with an Exception instead.

void processFile(string path)
{
    // The following is an acceptable use of InvalidArgumentError,
    // as the function should never be given an empty path, and the
    // check is trivial.
    if (path.empty)
        throw new InvalidArgumentError("path is empty");

    // The function caller should not be expected to verify file existence.
    // Firstly, it could change between the time it is checked and the time
    // the function is called, and secondly, it requires filesystem lookup
    // which is a relatively expensive operation.
    if (!exists(path))
        throw new FilesystemException("File not found: "~path);
}

RangeError

class RangeError : Error { }

This error is thrown on illegal range operations. Examples include when an array index is out of bounds, when front or popFront() is called on an empty range, etc.

struct MyRange(T)
{
    @property bool empty() { ... }
    @property T front()
    {
        if (empty) throw new RangeError("front called on empty range");
        ...
    }
    void popFront()
    {
        if (empty) throw new RangeError("popFront() called on empty range");
        ...
    }
    ...
}

Other Errors

Currently, there exist a set of error classes which are used only in the runtime, for very specific purposes. Some of these may have been rendered obsolete by language changes, and if so, they should be removed. In any case, they are never to be used in high-level code (e.g. Phobos).

  • core.exception.FinalizeError
  • core.exception.HiddenFuncError
  • core.exception.InvalidMemoryOperationError
  • core.exception.SwitchError


Exceptions

ConversionException

class ConversionException : Exception
{
    /// Different kinds of conversion errors.
    enum Kind
    {
        invalid,
        overflow,
        underflow
    }

    /// Which kind of conversion exception we are dealing with.
    Kind kind;
}

This exception is thrown on failure to convert one value/type to another. Its most prominent use will of course be in std.conv, but it is by no means limited to this module.

Supersedes: std.conv.ConvException, std.conv.ConvOverflowException

EncodingException

class EncodingException : Exception { }

This exception is thrown when an error is detected in a low-level data encoding. This will typically be binary encodings such as UTF, Base64, various compressed data formats, etc.

Supersedes: core.exception.UnicodeException, std.base64.Base64Exception, std.encoding.EncodingException, std.encoding.UnrecognizedEncodingException, std.utf.UTFException, to some extent std.zip.ZipException

See also: #ParseException, DocParseException

FilesystemException

class FilesystemException : Exception
{
    /// The various kinds of filesystem errors.
    enum Kind
    {
        unknown,
        fileNotFound,
        permissionDenied,
        fileExists,
        invalidFilename,
        notAFile,
        notADirectory,
    }

    /** The path to the filesystem node with which there was a problem,
        or null if the exception is not associated with a particular node.
    */
    string path;

    /// Which kind of error we are dealing with.
    Kind kind;
}

This exception is thrown on errors that occur during filesystem operations such as file lookup/deletion/renaming, directory change, etc.

Supersedes: std.file.FileException, some uses of std.exception.ErrnoException, some uses of std.stdio.StdioException, std.stream.StreamFileException and subclasses

IOException

class IOException : Exception { }

This exception is thrown on errors during read/write operations. This could signal disk failure, low-level network errors, problems in creating/accessing anonymous pipes, etc.

Supersedes: std.stream.StreamException and most of its subclasses, some uses of std.stdio.StdioException, some uses of std.socket.SocketException and subclasses

See also: #FilesystemException, #NetworkingException

NetworkingException

class NetworkingException : Exception { }

This exception signals a high-level networking failure. Examples include host/ip lookup failure, timeout, etc.

Supersedes: std.net.curl.CurlException and subclasses, some uses of std.socket.SocketException and subclasses

See also: #IOException

ParseException, DocParseException

class ParseException : Exception { }

class DocParseException : ParseException
{
    /** The path to the file in which the error was detected, or null if
        the exception is not associated with a disk file.
    */
    string file;

    /** The line number at which the error was detected, or 0 if the exception
        is not associated with a particular line.
    */
    uint line;

    /** The column number at which the error was detected, or 0 if the exception
        is not associated with a particular column.
    */
    uint column;
}

These exceptions are thrown on errors that are detected while parsing a high-level file or data format. Typical examples are markup languages (XML, JSON, etc.), programming languages, high level data containers (ZIP, OGG, etc.). Use DocParseException for human-readable formats where the error can be traced back to a specific file, line and/or column.

Supersedes: std.csv.CSVException and subclasses, std.json.JSONException, std.uuid.UUIDParsingException, std.xml.XMLException and subclasses.

See also: #EncodingException

ProcessException

class ProcessException : Exception { }

This exception is thrown on errors that occur during process handling. This includes failure to start a process, failure to wait for a process, etc.

SystemException, ErrnoException, WinAPIException

class SystemException : Exception { }

class ErrnoException : SystemException
{
    /// The errno code with which this error is associated.
    int errno;
}

class WinAPIException : SystemException
{
    /// The Windows error code with which this error is associated.
    int code;
}

These exceptions are thrown for errors that originate in underlying OS-specific APIs or other C APIs.

ErrnoException and WinAPIException pick up an errno code or Windows GetLastError(), respectively, on construction, and automatically retrieve the standard textual description of the error (e.g. using strerror). In most cases, it is recommended that these two only be thrown from functions which are thin wrappers around C functions, and that they are chained to higher-level exceptions before leaving the D API. (See #Exceptions that originate in C errors below.)

A plain SystemException may be useful for signaling a general system error which is not associated with a particular code, and which does not fit naturally into any of the other exception categories.

Supersedes: std.windows.registry.Win32Exception, std.windows.registry.RegistryException

ThreadException

class ThreadException : public Exception { }

This exception is thrown on errors during thread and fiber management.

Supersedes: core.thread.FiberException

Exceptions that originate in C errors

The D standard libraries make heavy use of C APIs under the hood. These typically signal errors by means of an errno code, or, in the case of the Windows API, a code returned by GetLastError(). As such, the exceptions described in this DIP will often be associated with such an error code, and it may sometimes be useful for the programmer to be able to access it.

Today, many exception classes have this functionality built in, such as std.file.FileException, std.socket.SocketOSException, std.stdio.StdioException, etc. There are a few problems with this:

  1. The same error-code handling functionality is duplicated across several classes.
  2. These classes may also signal errors which are not associated with a system error code, and in this case the presence of such functionality may be confusing.

Another approach which is also used in Phobos is to throw an std.exception.ErrnoException. This makes it obvious that the error is associated with an errno code, but it does not statically classify the error. It could be a filesystem error, a read/write error, a process creation error, or, basically, anything. This defeats the purpose of having an exception hierarchy in the first place.

This DIP therefore proposes that the standard way to handle this situation should be to create a separate exception for the system error, in the form of a #SystemException or one of its descendants, and to chain this exception to a higher-level exception. Here is an example:

struct MyFile
{
    this(string path, string mode)
    {
        try
        {
            myOpen(path, mode);
        }
        catch (ErrnoException ex)
        {
            switch (ex.errno)
            {
            case EINVAL: throw new InvalidArgumentError("Invalid file mode: "~mode, ex);
            case EACCES: throw new FilesystemException(path, FilesystemException.Kind.permissionDenied, ex);
            case EEXIST: throw new FilesystemException(path, FilesystemException.Kind.fileExists, ex);
            // ...and so on.
            }
        }
    }

private:
    void myOpen(string path, string mode)
    {
        m_file = fopen(toStringz(path), toStringz(mode));
        if (!m_file) throw new ErrnoException; // errno is automatically picked up
    }

    FILE* m_file;
}

Copyright

This document has been placed in the Public Domain.