1 / 18

Advanced Topics in Object Technology

Advanced Topics in Object Technology. Bertrand Meyer. Lecture 25: Exception handling by Karine Arnout. Exception handling. The need for exceptions arises when the contract is broken. Two concepts: Failure : a routine, or other operation, is unable to fulfill its contract.

calista-schneider
Download Presentation

Advanced Topics in Object Technology

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Advanced Topics in Object Technology Bertrand Meyer ATOT - Lecture 25, 30 June 2003

  2. Lecture 25: Exception handlingby Karine Arnout ATOT - Lecture 25, 30 June 2003

  3. Exception handling • The need for exceptions arises when the contract is broken. • Two concepts: • Failure: a routine, or other operation, is unable to fulfill its contract. • Exception: an undesirable event occurs during the execution of a routine — as a result of the failure of some operation called by the routine. ATOT - Lecture 25, 30 June 2003

  4. The original strategy r (...) is require ... do op1 op2 ... opi ... opn ensure ... end Fails, triggering an exception in r (r is recipient of exception). ATOT - Lecture 25, 30 June 2003

  5. Causes of exceptions • Assertion violation • Void call (x.f with no object attached to x) • Operating system signal (arithmetic overflow, no more memory, interrupt ...) ATOT - Lecture 25, 30 June 2003

  6. Handling exceptions properly • Safe exception handling principle: • There are only two acceptable ways to react for the recipient of an exception: • Concede failure, and trigger an exception in the caller (Organized Panic). • Try again, using a different strategy (or repeating the same strategy) (Retrying). ATOT - Lecture 25, 30 June 2003

  7. How not to do it (From an Ada textbook) sqrt (x: REAL) returnREALis begin ifx < 0.0 then raiseNegative; else normal_square_root_computation; end exception whenNegative => put ("Negative argument"); return; whenothers =>  end; -- sqrt ATOT - Lecture 25, 30 June 2003

  8. The call chain Routine call r0 r1 r2 r3 r4 ATOT - Lecture 25, 30 June 2003

  9. Exception mechanism • Two constructs: • A routine may contain a rescue clause. • A rescue clause may contain a retry instruction. • A rescue clause that does not execute a retry leads to failure of the routine (this is the organized panic case). ATOT - Lecture 25, 30 June 2003

  10. Transmitting over an unreliable line (1) Max_attempts: INTEGERis 100 attempt_transmission (message: STRING) is-- Transmitmessagein at most --Max_attemptsattempts.localfailures: INTEGERdounsafe_transmit (message) rescue failures := failures + 1iffailures < Max_attemptsthen retry end end ATOT - Lecture 25, 30 June 2003

  11. Transmitting over an unreliable line (2) Max_attempts: INTEGERis 100 failed: BOOLEAN attempt_transmission (message: STRING) is-- Try to transmitmessage; -- if impossible in at most Max_attempts -- attempts, set failed to true. localfailures: INTEGERdoiffailures < Max_attemptsthen unsafe_transmit (message) else failed := True end rescue failures := failures + 1 retry end ATOT - Lecture 25, 30 June 2003

  12. If no exception clause (1) • Absence of a rescue clause is equivalent, in first approximation, to an empty rescue clause: f (...) is do ...end is an abbreviation for f (...) is do ... rescue -- Nothing hereend • (This is a provisional rule; see next.) ATOT - Lecture 25, 30 June 2003

  13. The correctness of a class createa.make (…) • (1-n) For every exported routine r: {INV and Prer} dor {Postr and INV} • (1-m) For every creation procedure cp: {Precp} docp {Postcp and INV} S1 a.f (…) S2 a.g (…) S3 a.f (…) S4 ATOT - Lecture 25, 30 June 2003

  14. Exception correctness: A quiz • For the normal body: {INV and Prer} dor {Postr and INV} • For the exception clause: { ??? } rescuer { ??? } ATOT - Lecture 25, 30 June 2003

  15. Quiz answers • For the normal body: {INV and Prer} dor {Postr and INV} • For the exception clause: {True} rescuer {INV} ATOT - Lecture 25, 30 June 2003

  16. If no exception clause (2) • Absence of a rescue clause is equivalent to a default rescue clause: f (...) is do ...end is an abbreviation for f (...) is do ... rescue default_rescueend • The task of default_rescue is to restore the invariant. ATOT - Lecture 25, 30 June 2003

  17. For finer-grain exception handling • Use class EXCEPTIONS from the Kernel Library. • Some features: • exception (code of last exception that was triggered). • assertion_violation, etc. • raise (“exception_name”) ATOT - Lecture 25, 30 June 2003

  18. End of lecture 25 ATOT - Lecture 25, 30 June 2003

More Related