Thorsten van Ellen
Wilhelm Hasselbring
ABSTRACT
We observed a general problem of sequential programs, which often results in design and programming errors in industrial software engineering projects, and propose a solution approach. Telephone lines may be busy, banking accounts may be overdrawn and disks may be full. These things happen in the real world, causing the disruption and non-fulfillment of an expected service. Ignoring these problems leads to violations of the postconditions of the caller that depends on the service. The conditions are exactly known and cannot always be avoided, but measures could be taken afterwards. A good program should handle them as part of the specification. As such they are not specification violations and should not be regarded as errors. Unfortunately, they usually can or shall not be handled immediately within the direct caller, e.g., for information hiding reasons. The problem is similar to the problem of error code handling and handling them with exception mechanisms seems reasonable, but the problem is even more complex. These situations must not terminate the system suddenly, because that also violates postconditions. Consequently, exceptions for these situations must be distinguished from exceptions for errors and are worth handling separately. Therefore, we introduce the new concept contingency for such situations. Since the conditions are defined, they are candidates for forward recovery, but conventional exception mechanisms are not appropriate for that purpose. Appropriate mechanisms are presented in this paper. A systematic inspection and handling of contingencies with these mechanisms before runtime can diagnose and avoid subsets of specification violations effectively. This implies some consequences for the engineering process.
- A. Avizienis, J.-C. Laprie, B. Randell, and C. E. Landwehr. Basic concepts and taxonomy of dependable and secure computing. IEEE Trans. Dependable Sec. Comput., 1(1):11--33, 2004. Google Scholar
Digital Library
- J. B. Goodenough. Exception handling: issues and a proposed notation. Commun. ACM, 18(12):683--696, 1975. Google ScholarDigital Library
- B. H. Liskov and A. Snyder. Exception handling in CLU. IEEE Trans. Softw. Eng., 5(6):546--558, 1979. Google ScholarDigital Library
- B. Meyer. Object-Oriented Software Construction. Prentice-Hall, Inc., Upper Saddle River, NJ, USA, 1988. Google ScholarDigital Library
- Oracle. Oracle9 i database error messages, release 2 (9.2) part no. a96525-01. 2002. http://download.oracle.com/docs/cd/B10501_01/server.920/a96525.pdf.Google Scholar
- K. M. Pitman. Exceptional situations in Lisp. In Proceedings for the First European Conference on the Practical Application of Lisp (EUROPAL'90), Cambridge, UK, 1990.Google Scholar
- M. Raento. What should exceptions look like? Mika Raento's Blog, July 2006. http://www.errorhandling.org/wordpress/?page_id=100.Google Scholar
- B. Ruzek. Effective java exceptions. dev2dev.bea.com, January 2007. http://www.oracle.com/technology/pub/articles/dev2arch/2006/11/effective-exceptions.html.Google Scholar
- P. Seibel. Practical Common Lisp. Apress, September 2004. PDF at http://www.apress.com/resource/freeebook/9781590592397 and HTML at http://gigamonkeys.com/book/. Google ScholarDigital Library
- T. van Ellen and W. Hasselbring. Extended exception mechanisms for contingencies. In SERENE 2008: Proceedings of the Software EngineeRing for rEsilieNt systEms 2008 workshop, Newcastle upon Tyne (UK), 2008. (In press).Google Scholar
- D. Weinreb. What conditions (exceptions) are really about. Dan Weinreb's Weblog, March 2008. http://danweinreb.org/blog/what-conditions-exceptions-are-really-about.Google Scholar
Index Terms
- Extended exceptions for contingencies and their implications for the engineering process
Recommendations
Extended exceptions for contingencies
SERENE '08: Proceedings of the 2008 RISE/EFTS Joint International Workshop on Software Engineering for Resilient SystemsWe observed a general problem of sequential programs, which often results in design and programming errors in industrial software engineering projects, and propose a solution approach. Telephone lines may be busy, banking accounts may be overdrawn and ...
Advanced Exception Handling Mechanisms
It is no longer possible to consider exception handling as a secondary issue in language design, or even worse, a mechanism added after the fact via a library approach. Exception handling is a primary feature in language design and must be integrated ...
A semantics for execution levels with exceptions
FOAL '11: Proceedings of the 10th international workshop on Foundations of aspect-oriented languagesAspect-oriented languages are usually formulated as an extension to existing languages, without paying any special attention to the underlying exception handling mechanisms. Consequently, aspect exceptions and handlers are no different than base ...
Comments