|
|
|
|
|
|
by twic
1481 days ago
|
|
|
> The rationale is that in a correctly written program, an Error should never be thrown. [...] you shouldn't catch them, or at least not catch them and continue In that case, why not just abort? Why give the user a footgun like this? |
|
|
> Non-throwing functions are permitted to call potentially-throwing functions. Whenever an exception is thrown and the search for a handler encounters the outermost block of a non-throwing function, the function std::terminate or std::unexpected (until C++17) is called:
Microsoft's dialect of C++ has a nothrow attribute which is purely advisory, like D's, and is now deprecated in favour of noexcept [2]:
> We recommend that all new code use the noexcept operator rather than __declspec(nothrow).
> This attribute tells the compiler that the declared function and the functions it calls never throw an exception. However, it does not enforce the directive. In other words, it never causes std::terminate to be invoked, unlike noexcept, or in std:c++17 mode (Visual Studio 2017 version 15.5 and later), throw().
Rust has panics, which by default unwind, like exceptions, but can be compiled to abort instead [3]:
> By default, when a panic occurs, the program starts unwinding, which means Rust walks back up the stack and cleans up the data from each function it encounters. However, this walking back and cleanup is a lot of work. Rust, therefore, allows you to choose the alternative of immediately aborting, which ends the program without cleaning up.
I don't believe there is any stable or planned way to declare that normal Rust functions cannot panic (so should abort instead of letting the panic escape). But there is some work towards the idea that extern "C" functions should do so [4].
[1] https://en.cppreference.com/w/cpp/language/noexcept_spec
[2] https://docs.microsoft.com/en-us/cpp/cpp/nothrow-cpp?view=ms...
[3] https://doc.rust-lang.org/book/ch09-01-unrecoverable-errors-...
[4] https://github.com/rust-lang/project-ffi-unwind/blob/master/...