Lambda the Ultimate

inactiveTopic Checked and unchecked exceptions in Java
started 3/11/2003; 3:53:02 AM - last post 3/12/2003; 1:06:59 PM
Ehud Lamm - Checked and unchecked exceptions in Java  blueArrow
3/11/2003; 3:53:02 AM (reads: 3181, responses: 11)
Checked and unchecked exceptions in Java
This is yet another concrete language design decision: Should exception consistency be checked?

Checked exceptions, declared as part of subroutine signatures, are appealing. They make the abstraction interface more readable, and ensure error handling consistency.

However, they introduce coupling into the system, can be seen to break encapsualtion, and can cause a ripple effect of changes during maintenance.

This article weighs the pros and cons.


Posted to Software-Eng by Ehud Lamm on 3/11/03; 3:53:32 AM

Daniel Bonniot - Re: Checked and unchecked exceptions in Java  blueArrow
3/12/2003; 5:05:09 AM (reads: 2326, responses: 8)
Actually, the article's goal is more to define an exception policy in a language that offers both checked and unckecked exceptions (Java). It seems that its two main points are: - both types of exceptions are useful, in different situations - exception signature should not escape the package borders. That is, a public method should not forward an exception generated by another package's method, but wrap it.

The second point is probably designed to try to prevent breaking the encapsulation, by limiting the propagation of changes.

I would actually be interested to hear opinions about language design. Are all-checked exceptions a false good idea, that reveals too much of the implementation? Are unckecked exceptions a significant hole in compile-time safety in practice?

In Nice, all exceptions are currently unchecked. Note that with higher-order functions, it is not trivial to check exceptions precisely. For instance, imagine:

<T,U> U appy(T->U f, T v, U default) =

try { return f(v); } catch (SomeException e) { return default; }

the apply(f,v) throws every exception that f throws, *except* SomeException. So you would need at least type variables representing thrown exception, and set substraction.

Ehud Lamm - Re: Checked and unchecked exceptions in Java  blueArrow
3/12/2003; 8:12:37 AM (reads: 2300, responses: 6)
Good point.

I am also concerened about the other problems mentioned (esp. impact on maintenance costs).

The more I think about it, it seems to me that we are trying to do too much. Routine signatures should specify, in the name of abstraction and quality of interfaces, which expcetions are explicitly raised by the routine.

The transitive closure sounds like a good idea until you consider the implications.

Daniel Bonniot - Re: Checked and unchecked exceptions in Java  blueArrow
3/12/2003; 10:15:01 AM (reads: 2350, responses: 5)
Interesting position. At that point, the exception signature is merely documentation, right?

Ehud Lamm - Re: Checked and unchecked exceptions in Java  blueArrow
3/12/2003; 10:43:58 AM (reads: 2398, responses: 4)
Checked documentation, yes.

The point is that interfaces are (amond other things) about documentation. Just as DbC is important even when you rid your code of contract violations.

Luke Gorrie - Re: Checked and unchecked exceptions in Java  blueArrow
3/12/2003; 11:40:29 AM (reads: 2244, responses: 1)
One interesting thing about error handling in general that Joe Armstrong has pointed out is what nice properties you have in Unix processes. In a C program, it's okay to exit (or crash) without freeing memory or closing files and sockets, because the operating system give you the invariant that "when a process terminates, all of its memory is freed, and all of its open files are closed." Just imagine how hard day to day life on Unix would be without this.

You lose these nice properties when you have large C or Java programs that are all running inside one process and have to recover from partial failures manually. I think that checked exceptions are (at least in part) a response to this problem: you have no adequate "default" error handling, so you have to make sure you explicitly handle your errors correctly, and checked exceptions make sure you don't ignore error cases. If you did leave a Java exception uncaught, you could get into trouble - your thread may terminate without the rest of the system knowing, your files and sockets may stay open (hopefully to be finalize()d by the garbage collector some day, but not necessarily.) This has been a real problem for me in my Java programming.

In C without checked exceptions, I think there are a lot more ignored error cases than in Java in general (at least in my programs :-)).

Now, I'm sure this will surprise you all, but I rather like Erlang's approach. It gives you back the operating-system-like invariants on processes, and the processes can be small enough to realistically represent a single task, e.g. copying a file or serving an SMTP request. When an Erlang process opens a file, the file is linked with the process, so if the process terminates the file will get an "EXIT" signal and close automatically.Also, because processes are also linked with each other you don't need one part of the system to explicitly notify another that it has crashed and needs to be fixed, because the linked processes will find out automatically (and either trap the EXIT signal and recover, or crash aswell.)

So, it seems to me that Erlang avoids the annoyance of checked exceptions, while still being less prone to not recovering properly from errors.

Although, Java's <tt>finally</tt> and Lispy <tt>with-open-file</tt> constructs do seem to make a lot of simple cases easier. But, it doesn't seem as general for longer-lived things to require that the cleanup code is on the stack.

(Perhaps I'm taking too narrow a view of what you want to do in response to exceptions..)

Ehud Lamm - Re: Checked and unchecked exceptions in Java  blueArrow
3/12/2003; 1:06:59 PM (reads: 2268, responses: 0)
When I was responsible for some large, complicated, system level infrastructure (tp monitors and such), it was common practice to use seperate os tasks (i.e., processes) for different components, exactly for this reason: the os ensures cleanup on failure.

Ehud Lamm - Re: Checked and unchecked exceptions in Java  blueArrow
3/12/2003; 1:17:27 PM (reads: 2288, responses: 0)
I would actually be interested to hear opinions about language design.

From a language desing point of view, I prefer the Java approach over C++/Ada. Java has both checked and unchecked exceptions, giving the the programmer the freedom to choose what's appropriate in each case.

Daniel Bonniot - Re: Checked and unchecked exceptions in Java  blueArrow
3/13/2003; 10:18:38 AM (reads: 2345, responses: 1)
What do you check in that documentation? Since you propose to remove the transitive closure, I don't see what's left to check. You don't check that exceptions are caught, otherwise the closure question doesn't matter. (Or did you mean that all exceptions from your callees must be caught and potentially rethrown explicitely?) I don't think you want to check that the exceptions are indeed thrown (Java doesn't). It would prevent writting dummy methods that do nothing, but have the correct signature.

Daniel Bonniot - Re: Checked and unchecked exceptions in Java  blueArrow
3/13/2003; 10:19:31 AM (reads: 2367, responses: 1)
Sorry, there was a failure when I posted the article, so I sent it again. Since the post is duplicated, I change this text to make a remark about the site. I quite frequently (say every 10 visits) get failure when accessing it (e.g. HTTP timeout). Is the server a bit overloaded?

Ehud Lamm - Re: Checked and unchecked exceptions in Java  blueArrow
3/13/2003; 10:54:12 AM (reads: 2400, responses: 0)
I guess I didn't think this through (well, like I said, I am still not sure about the best approach).

What I meant was that you indeed check that the exceptions are explicitly raised (I am talking about programmer defined exceptions). I agree this complicates dummy methods a bit, but it is similar to Ada dummy functions that require a "return" statement.

Ehud Lamm - Re: Checked and unchecked exceptions in Java  blueArrow
3/13/2003; 10:55:25 AM (reads: 2410, responses: 0)
Yes. There are problems with the server recently.