Hacker News new | ask | show | jobs
by pierrebai 3332 days ago
Double-exception handling during stack unwinding in C++ is the thing I disagree most with.

And Í talk from experience.

Back in the early 2000, I modified both MS VS runtime and gcc to be able to safely throw from destructors. Note to doubters that Java allows such double-exception cases and gcc already had code back then to deal with the Java case.

The way to do it is to implicitly assume that every destructor ran during stack unwinding has a try/catch surrounding it. This way, a first exception can be thrown from a destructor, but all exceptions that ultimately escape a destructor invoked during unwinding gets eaten. (Note: you can still provide your own explicit try catch in a destructor if you care about it.)

My experience with this tweak was that the horror story people come up with to reject this approach is unfounded. Here are the reasons:

1. The actual case of double-exceptions are very, very rare.

2. In the case that do arise, the second exception is often either a consequence of the first (for example, trying to access a DB were teh first exception was a failure in some DB code) or the exact same (for example running out of memory).

3. In my experience (although, since the 2nd exception is lost, I cannot actively prove this), the first exceptionis the relevant one. This is especially true due to point #2.

4. In my experience, code that care about the exact type of exception is most often either wrong or misguided. This is because such code assumes complete prescient power over what exceptions can be thrown.

5. In my experience, catching exceptions is 99% done in the top-level message or task dispatching, which doesn't care about the type of exceptions or how many occured: you just abort the operation and do some logging.

6. The fact that double exceptions are handled gracefully informs your design, which builds up and reinforce all previous points.

I once had discussion on this in the 90s in comp.lang.std.c++ and comp.lang.c++. People would not listen.

Note: to do it with STL, you do have to add try/catch within destroy() calls within containers to be able to destroy all items.
1 comments
cwzwarich 3332 days ago
I agree. The sad thing is that an effect system to ensure that destructors and other unwinding code can't throw new exceptions is quite simple to add to a language. Depending on the language/libraries it might cause a need to expose some new library functions that don't throw exceptions, but it's already a bad sign if you're doing nontrivial failure-prone work in destructors anyways.
link