1 / 17

Object-Oriented Software Construction

This lecture explores the crucial role of exception handling in object-oriented programming, as presented by Bertrand Meyer during the Summer Semester of 2005. It covers key concepts such as failures, exceptions, and their causes, along with effective strategies for handling exceptions safely. Through practical examples, it highlights the importance of using rescue clauses and retry mechanisms. The lecture also addresses best practices and mistakes in exception handling, stressing the need for correctness and invariant restoration.

anise
Télécharger la présentation

Object-Oriented Software Construction

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Object-Oriented Software Construction Lecture 15: Exception handling Bertrand Meyer OOSC - Summer Semester 2005

  2. Exception handling • The need for exceptions arises when the contract is broken. • Two concepts: • Failure: a routine, or other operation, is unable to fulfill its contract. • Exception: an undesirable event occurs during the execution of a routine — as a result of the failure of some operation called by the routine. OOSC - Summer Semester 2005

  3. The original strategy r (...) is require ... do op1 op2 ... opi ... opn ensure ... end Fails, triggering an exception in r (r is recipient of exception). OOSC - Summer Semester 2005

  4. Causes of exceptions • Assertion violation • Void call (x.f with no object attached to x) • Operating system signal (arithmetic overflow, no more memory, interrupt ...) • Program-triggered OOSC - Summer Semester 2005

  5. Handling exceptions properly • Safe exception handling principle: • There are only two acceptable ways to react for the recipient of an exception: • Concede failure, and trigger an exception in the caller (Organized Panic). • Try again, using a different strategy (or repeating the same strategy) (Retrying). OOSC - Summer Semester 2005

  6. How not to do it (From an Ada textbook) sqrt (x: REAL) returnREALis begin ifx < 0.0 then raiseNegative; else normal_square_root_computation; end exception whenNegative => put ("Negative argument"); return; whenothers =>  end; -- sqrt OOSC - Summer Semester 2005

  7. The call chain Routine call r0 r1 r2 r3 r4 OOSC - Summer Semester 2005

  8. Exception mechanism • Two constructs: • A routine may contain a rescue clause. • A rescue clause may contain a retry instruction. • A rescue clause that does not execute a retry leads to failure of the routine (this is the organized panic case). OOSC - Summer Semester 2005

  9. Transmitting over an unreliable line (1) Max_attempts: INTEGERis 100 attempt_transmission (message: STRING) is-- Transmitmessagein at most --Max_attemptsattempts.localfailures: INTEGERdounsafe_transmit (message) rescue failures := failures + 1iffailures < Max_attemptsthen retry end end OOSC - Summer Semester 2005

  10. Transmitting over an unreliable line (2) Max_attempts: INTEGERis 100 failed: BOOLEAN attempt_transmission (message: STRING) is-- Try to transmitmessage; -- if impossible in at most Max_attempts -- attempts, set failed to true. localfailures: INTEGERdoiffailures < Max_attemptsthen unsafe_transmit (message) else failed := True end rescue failures := failures + 1 retry end OOSC - Summer Semester 2005

  11. If no exception clause (1) • Absence of a rescue clause is equivalent, in first approximation, to an empty rescue clause: f (...) is do ...end is an abbreviation for f (...) is do ... rescue -- Nothing hereend • (This is a provisional rule; see next.) OOSC - Summer Semester 2005

  12. The correctness of a class createa.make (…) • (1-n) For every exported routine r: {INV and Prer} dor {Postr and INV} • (1-m) For every creation procedure cp: {Precp} docp {Postcp and INV} S1 a.f (…) S2 a.g (…) S3 a.f (…) S4 OOSC - Summer Semester 2005

  13. Exception correctness: A quiz • For the normal body: {INV and Prer} dor {Postr and INV} • For the exception clause: { ??? } rescuer { ??? } OOSC - Summer Semester 2005

  14. Quiz answers • For the normal body: {INV and Prer} dor {Postr and INV} • For the exception clause: {True} rescuer {INV} OOSC - Summer Semester 2005

  15. If no exception clause (2) • Absence of a rescue clause is equivalent to a default rescue clause: f (...) is do ...end is an abbreviation for f (...) is do ... rescue default_rescueend • The task of default_rescue is to restore the invariant. OOSC - Summer Semester 2005

  16. For finer-grain exception handling • Use class EXCEPTIONS from the Kernel Library. • Some features: • exception (code of last exception that was triggered). • assertion_violation, etc. • raise (“exception_name”) OOSC - Summer Semester 2005

  17. End of lecture 15 OOSC - Summer Semester 2005

More Related