Path: news.cs.au.dk!not-for-mail From: "Jorgen Lindskov Knudsen" Newsgroups: comp.lang.beta Subject: Re: Static vs. dynamic exceptions Date: Tue, 20 Jun 2000 23:22:42 +0200 Organization: University of Aarhus, Department of Computer Science (DAIMI) Lines: 41 Message-ID: <8ionb2$a77g$1@xinwen.cs.au.dk> References: <20000619173848.8485.qmail@noatun.mjolner.dk> <8im02p$8s5j$1@xinwen.cs.au.dk> <8infta$9jn7$1@xinwen.cs.au.dk> <394F9765.21D28D31@skynet.be> NNTP-Posting-Host: isdn-002.cs.au.dk X-Trace: xinwen.cs.au.dk 961536162 335088 255.255.255.255 (20 Jun 2000 21:22:42 GMT) X-Complaints-To: news@cs.au.dk NNTP-Posting-Date: 20 Jun 2000 21:22:42 GMT X-Newsreader: Microsoft Outlook Express 4.72.3155.0 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3155.0 Xref: news.cs.au.dk comp.lang.beta:12467 Peter von der Ahé wrote in message ... >... > >What is so dangerous about dynamic exceptions? Runtime exceptions >happens whether you like it or not. Some times the programmer will >forget to bind an exception. Consider the example of a flight >reservation system considered in Chapter 16 in the BETA book. An even >more mission critical system could be the system used by flight >controllers (the people in the contol towers in the Airport). > >Lets say that such a system is created by using some third party >software libraries. What if you can't guarantee that *all* possible >exceptions in functions in such a library are bound. Then where are >your safety belts? I argue that dynamic exceptions provide improved >security, as they allow you to catch more runtime errors. Well, it's a little difficult to discuss in short messages on a newsgroup, but the argument goes something like: for well-defined systams/components, the exception handling is an intrinsic part of the system design (there are actually people who states, that taking the design offspring in the exceptional cases, leads to better designs). Since it is part of the design, we should use controlable constructs (i.e. constructs, that are predictable from the source code), implying that static constructe are prefered. [aggreed: this is a short answer, but I hope it will do :-)] The arguments for considering also having dynamic exception handling, are in fact not to dela with error/exception handling, but rather to make the program (more) fault tolerant, exactly as you points out to ensure the program from ill-designed/implemented objects which does not handle internal errors sufficiently (or makes them available in the interface). This is exactly the contents of the ECOOP'2000 discussions last week (at least the BETA related part of that workshop :-). Regards, Jørgen