The extent of trust in errors and error handling
Ali Çehreli via Digitalmars-d
digitalmars-d at puremagic.com
Sat Feb 4 23:48:48 PST 2017
On 02/04/2017 08:17 AM, Chris Wright wrote:
> On Fri, 03 Feb 2017 23:24:12 -0800, Ali Çehreli wrote:
> Again, this is for a restricted type of application that I happen to
write
> rather often. And it's restricted to a subset of the application that
> shares very little state with the rest.
I agree that there are different kinds of applications that require
different levels of correctness.
>> What operations can you safely assume that you can still perform? Can
>> you log? Are you sure? Even if you caught RangeError, are you sure that
>> arr.ptr is still sane? etc.
>
> You seem to be assuming that I'll write:
>
> try {
> foo = foo[1..$];
> } catch (RangeError e) {
> log(foo);
> }
>
> I'm actually talking about:
>
> try {
> results = process(documentName, document);
> } catch (Throwable t) {
> logf("error while processing %s: %s", documentName, t);
> }
Doesn't change what I'm saying. :) For example, RangeError may be thrown
due to a rogue function writing over memory that it did not intend to.
An index 42 may have become 42000 and that the RangeError may have been
thrown. Fine. What if nearby data that logf depends on has also been
overwritten? logf will fail as well.
What I and many others who say Errors should not be caught are saying
is, once the program is in an unexpected state, attempting to do
anything further is wishful thinking.
Again, in practice, it is likely that the program will log correctly but
there is no guarantee that it will do so; it's merely "likely" and
likely is far from "correct".
> where somewhere deep in `process` I get a RangeError.
>
>> Even if you caught RangeError, are you sure that
>> arr.ptr is still sane?
>
> Well, yes. Bounds checking happens before the slice gets assigned for
> obvious reasons. But I'm not going to touch the slice that produced the
> problem, so it's irrelevant anyway.
Agreed but the slice is just one part of the application's memory. We're
not sure what happened to the rest of it.
Ali
More information about the Digitalmars-d
mailing list