Yes, exactly. I've worked with libraries where *opening* the socket throws
an exception if it can't connect, tho. That's just silly.
For server programs? Sure. Some unexpected error happens that you haven't
already caught, you catch the exception, log the error, and then either bail
out or clean everything up, depending.

If it's a video game, say, you put the main game loop inside an exception
catch, then display the traceback when it fails, with the hope that it'll
help you debug during beta test.
Not always, but sure, it ought to be. Depends how big your transactions are,
and how much you do during initialization, termination, and between
transactions. Not everything happens inside a 'transaction' either.

But mainly it's for logging purposes and such.
setjump is a label, longjump is a goto, basically, except it can "goto"
anywhere in the code.
In this case, each function has an optional "rescue" block. If there's no
rescue block, the exception propagates. If the "rescue" block doesn't end in
"retry" then the rescue block runs and then propagates the exception
(basically, catch followed by rethrow, or finally if you would). If the
block ends in "retry", then it basically branches back to the start of the
function. There's no way to execute the line *after* the line that caused
the exception without starting the whole function over from scratch.

So, yes, exactly your example, with retry. Without the retry, you just get
to fix your invariants before returning.
Well, that's what the rest of the language is about. It's all kind of
interrelated. If you don't actually put in code what "restore state" means,
then there's no way to enforce it. But he does have code structures that
indicate what it means to "restore state", so that's OK.
It's a whole tome of a book. It's available online free from some places,
altho I can't say for sure how it got there. (Actually, IIRC, when you buy
the development environment it comes with a PDF copy of the book, so it's
probably at least semi copyright violation.) But the actual text is
worthwhile, even if you never use the language, just to see how you can sit
down and logically design something like that.

But to answer the question, you have to throw an exception if you can't meet
your postconditions, and even if you throw an exception you still have to
fix your invariants. Look up "design by contract" for an idea of what all
that means.

By the way, the answer here would be "no", I think. Thinking on it,
exceptions in Eiffel are really for errors that you can't give an error code
for, more than anything.

The principle of "command/query separation" says that each routine either
modifies state or returns a value. I.e., "functions" don't modify state, and
"procedures" don't return values. So to open or read a socket, you invoke
mysocket.open(....)
then
if !mysocket.is_open then print mysocket.failure_reason
so there's no need for exceptions.

The problem Joel talks about with having out parameters and a return value
telling you whether it worked is a problem of Joel not knowing how to do OO
programming. He's using one "routine" that's neither a function nor a
procedure, instead of making two methods of one object to do the work.

I saw an article saying how great the API for pthreads was, just in terms of
general design, etc etc, even if it wasn't a great threading library per se.
Except it was basically faux-OO on top of C, with command/query separation.

[snip]

It might not. Or more specifically, you should be careful to only catch
the most precise level of exception necessary for the immediate problem.

In most object-oriented languages that handle exceptions, the exception
itself is an object that inherits from some ancestor exception. So the
crude approach might be to capture all network failures and treat them
in the same manner, while the more sophisticated approach would
distinguish between the failure modes and give the application some
additional options in how to handle the failure.

In your example, having the network interface down might be handled
differently than having the remote node being unreachable, perhaps
producing an error message saying "please check you network card
connection" vs "I can't reach the remote computer". And being unable to
reach the remote computer might be a matter of the connection being
refused rather than being actually unreachable.

These would all be cases where you can use sub-classing of the network
exception object to get finer resolution on what the problem is and how
you want to handle it. Of course, if all you want to do is retry no
matter what, then feel free to just use the generic network failure
exception.

Gus

The main thing exceptions seems VITAL for is cases where you just don't know
everything that can go wrong. How else could you code up fragile precarious
operations WITHOUT exceptions?

Without exceptions you'd be forced to try to detect all error cases and react
appropriately. But my point above is that some operations can't have all
failure modes anticipated!

cs

He is a big fan of functional programming and continuations. I bet
that has some bearing on his view of exceptions.
--
Tracy Reed
http://tracyreed.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://www.kernel-panic.org/pipermail/kplug-lpsg/attachments/20100823/d18e8d78/attachment.pgp