[dmd-internals] Throwing Errors

Thu Mar 15 09:29:55 PDT 2012

On Mar 14, 2012, at 4:42 PM, Walter Bright <walter at digitalmars.com> wrote:

> 
> 
> On 3/12/2012 7:07 PM, Sean Kelly wrote:
>> On Mar 12, 2012, at 5:35 PM, Walter Bright<walter at digitalmars.com>  wrote:
>> 
>>> 
>>> On 3/12/2012 2:39 PM, Sean Kelly wrote:
>>>> On Mar 12, 2012, at 2:30 PM, Walter Bright wrote:
>>>>> On 3/12/2012 12:34 PM, Sean Kelly wrote:
>>>>>> I'm on the fence about whether attempting cleanup when an Error is thrown is desired behavior.  If there is no cleanup, why allow Errors to be caught at all?  We may as well simply call abort() at the point they're thrown.
>>>>>> 
>>>>> So that an informative message can be printed, the backup engaged, attempt to shut down gracefully, log the failure details to a file, etc.
>>>> … none of which may work if scope(exit) calls weren't run when the stack was unwound, since acquired mutexes would still be locked, etc.  I'd feel a lot less safe with having effectively done a longjmp across code that normally assumes finalization than with whatever the cause of the assertion did in the first place.
>>>> 
>>> It's understood it may not work.
>> So what's the reason to not call finalizers?
>> 
> 
> The program is corrupted at that point. The less code one attempts to run, the better.

Is the program really corrupted though?  Errors are typically generated when a condition check fails, but typically before things go completely off the rails. I agree that errors typically shouldn't be recoverable because they generally indicate a problem in the program logic, but that doesn't mean the program is already in a bad state. I use C at my day job so my perspective may be a bit skewed, but when the program is corrupted there I don't get any indication of that until much later, at which point I agree that doing anything but abort with a message is a bad idea. 

It seems there may be somewhat of a difference between D and SafeD here, because the latter should be immune to memory corruption (which is what I think of when you say the program is corrupted). So for SafeD I'd expect most errors to come from contract clauses and RangeErrors. Should D still make things worse by not attempting any cleanup?  I'll admit I'm torn. 