Engineering Robust Server Software

Similar documents
CS 241 Honors Memory

Homework 4. Any questions?

Exception Safe Coding

Assertions and Exceptions

COMP6771 Advanced C++ Programming

Smart Pointers. Some slides from Internet

RAII and Smart Pointers. Ali Malik

Lecture 20. Java Exceptional Event Handling. Dr. Martin O Connor CA166

Object-Oriented Programming for Scientific Computing

CA341 - Comparative Programming Languages

Lecture 19 Programming Exceptions CSE11 Fall 2013

Allocation & Efficiency Generic Containers Notes on Assignment 5

Cute C++ idioms Nikhil Marathe.

Object-Oriented Programming for Scientific Computing

COMP6771 Advanced C++ Programming

Programming Languages and Techniques (CIS120)

Pointers. Developed By Ms. K.M.Sanghavi

Types, Values and Variables (Chapter 4, JLS)

Proposed Wording for Concurrent Data Structures: Hazard Pointer and Read Copy Update (RCU)

Exceptions. References. Exceptions. Exceptional Conditions. CSE 413, Autumn 2005 Programming Languages

Exceptions. CSE 142, Summer 2002 Computer Programming 1.

Exceptions. Readings and References. Exceptions. Exceptional Conditions. Reading. CSE 142, Summer 2002 Computer Programming 1.

CS 3 Introduction to Software Engineering. 3: Exceptions

05-01 Discussion Notes

Checked and Unchecked Exceptions in Java

CS159. Nathan Sprague

CSE 333 Lecture smart pointers

Exception Safety. CS 311 Data Structures and Algorithms Lecture Slides Wednesday, October 28, Glenn G. Chappell. continued

National University. Faculty of Computer Since and Technology Object Oriented Programming

Exception Namespaces C Interoperability Templates. More C++ David Chisnall. March 17, 2011

Chapter 13 Exception Handling

Memory Leak. C++: Memory Problems. Memory Leak. Memory Leak. Pointer Ownership. Memory Leak

Memory Management: The Details

Exceptions. Produced by. Algorithms. Eamonn de Leastar Department of Computing, Maths & Physics Waterford Institute of Technology

Inheritance. SOTE notebook. November 06, n Unidirectional association. Inheritance ("extends") Use relationship

CSC207H: Software Design. Exceptions. CSC207 Winter 2018

G52CPP C++ Programming Lecture 16

04-17 Discussion Notes

CSCI-1200 Data Structures Fall 2011 Lecture 24 Garbage Collection & Smart Pointers

Exceptions. Produced by. Introduction to the Java Programming Language. Eamonn de Leastar

COMP322 - Introduction to C++ Lecture 10 - Overloading Operators and Exceptions

MEMORY MANAGEMENT IN C++ AND JAVA

The issues. Programming in C++ Common storage modes. Static storage in C++ Session 8 Memory Management

Financial computing with C++

CSE 331 Software Design & Implementation

CS360 Lecture 5 Object-Oriented Concepts

CSE 333 Lecture smart pointers

Software Engineering Concepts: Invariants Silently Written & Called Functions Simple Class Example

In Java we have the keyword null, which is the value of an uninitialized reference type

Index COPYRIGHTED MATERIAL

BBM 102 Introduction to Programming II Spring Exceptions

Assertions and Exceptions Lecture 11 Fall 2005

CS11 Advanced C++ Fall Lecture 3

Lecture 15a Persistent Memory & Shared Pointers

Object oriented programming. Instructor: Masoud Asghari Web page: Ch: 7

Pages and 68 in [JN] conventions for using exceptions in Java. Chapter 8 in [EJ] guidelines for more effective use of exceptions.

See the CS 2704 notes on C++ Class Basics for more details and examples. Data Structures & OO Development I

void fun() C::C() // ctor try try try : member( ) catch (const E& e) { catch (const E& e) { catch (const E& e) {

ECE 449 OOP and Computer Simulation Lecture 12 Resource Management II

Assoc. Prof. Marenglen Biba. (C) 2010 Pearson Education, Inc. All rights reserved.

Introduction. Exceptions: An OO Way for Handling Errors. Common Runtime Errors. Error Handling. Without Error Handling Example 1

Correctness and Robustness

G Programming Languages - Fall 2012

BBM 102 Introduction to Programming II Spring 2017

Topic 6: Exceptions. Exceptions are a Java mechanism for dealing with errors & unusual situations

CSCI-1200 Data Structures Spring 2017 Lecture 27 Garbage Collection & Smart Pointers

A Crash Course in (Some of) Modern C++

2 ADT Programming User-defined abstract data types

the gamedesigninitiative at cornell university Lecture 9 Memory Management

Objects Managing a Resource

Exception-Handling Overview

COMP200 EXCEPTIONS. OOP using Java, based on slides by Shayan Javed

CSE 100: C++ TEMPLATES AND ITERATORS

Java Errors and Exceptions. Because Murphy s Law never fails

Exceptions and Design

Consider the program...

Midterm Review. PIC 10B Spring 2018

CS201 Some Important Definitions

Garbage Collection. Akim D le, Etienne Renault, Roland Levillain. May 15, CCMP2 Garbage Collection May 15, / 35

CS 61B Data Structures and Programming Methodology. July 7, 2008 David Sun

Defensive Programming

JAC444 - Lecture 4. Segment 1 - Exception. Jordan Anastasiade Java Programming Language Course

Memory Management In C++ And Java

Vector and Free Store (Vectors and Arrays)

Designing Robust Classes

EXCEPTIONS. Objectives. The try and catch Statements. Define exceptions. Use try, catch and finally statements. Describe exception categories

Exception handling & logging Best Practices. Angelin

Programming II (CS300)

17. Handling Runtime Problems

INITIALISING POINTER VARIABLES; DYNAMIC VARIABLES; OPERATIONS ON POINTERS

Fundamentals of Object Oriented Programming

EXCEPTIONS. Java Programming

Writing your own Exceptions. How to extend Exception

14. Exception Handling

Exceptions. CSC207 Winter 2017

3.Constructors and Destructors. Develop cpp program to implement constructor and destructor.

COMP6771 Advanced C++ Programming

Research on the Novel and Efficient Mechanism of Exception Handling Techniques for Java. Xiaoqing Lv 1 1 huihua College Of Hebei Normal University,

Part X. Advanced C ++

Laboratorio di Tecnologie dell'informazione. Ing. Marco Bertini

Transcription:

Engineering Robust Server Software Exceptions

Exceptions Handling problems: exceptions C++ Java temp-and-swap RAII Smart Pointers finally specifications finalizers (and why they are not what you need for this) 2

Exceptions Review: exceptions = way to handle problems Thing goes wrong? throw exception Know how to deal with problem? try/catch exception In python, try/except Why exceptions? Return error code? Cluttery, easy to forget/ignore Do nothing? Automatically pass problem to caller Provide details about error 3

Exceptions: Downsides So exceptions: best idea ever? Downsides too Unexpected things happen in code Well, that is true anyways Used improperly: corrupted objects, resource leaks, Bottom line: Good if you do all things right 4

Exception Safety Continued review: exception safety Remind us of the four levels of exceptions safety? Stronger Guarantees No Throw Strong Basic None Will not throw any exception. Catches and handles any exceptions throw by operations it uses No side-effects if an exception is thrown: objects are unmodified, and no memory is leaked Objects remain in valid states: no dangling pointers, invariants remain intact. No memory is leaked Does not provide even a basic exception guarantee. Unacceptable in professional code. 5

Exception Safety template<typename T> class LList { //other things omitted, but typical LList & operator=(const LList & rhs) { if (this!= &rhs) { deleteall(); Node * curr = rhs.head; while (curr!= null) { addtoback(curr->data); curr = curr->next; Which guarantee does this make? return *this; ; 6

Exception Safety template<typename T> class LList { //other things omitted, but typical LList & operator=(const LList & rhs) { if (this!= &rhs) { deleteall(); Node * curr = rhs.head; while (curr!= null) { addtoback(curr->data); curr = curr->next; Which guarantee does this make? - Need to know what guarantees these make! return *this; ; 7

Exception Safety template<typename T> class LList { //other things omitted, but typical void deleteall(){ while(head!= nullptr) { Node * temp = head->next; delete head; head = temp; Which guarantee does deleteall() make? tail = nullptr; ; No throw guarantee (assuming destructors are no-throw) 8

Exception Safety template<typename T> Which guarantee does addtoback() make? class LList { //other things omitted, but typical Depends on copy constructor for T void addtoback(const T& d){ Node * newnode = new Node(d, nullptr, tail); if (tail = nullptr) { head = tail = newnode; else { tail->next = newnode; newnode->prev = tail; tail = newnode; T's Copy Constructor No Throw Strong Basic (??) addtoback() Strong Strong Basic ; No Guarantee No Guarantee 9

Exception Safety template<typename T> Which guarantee does this make? class LList { Basic //other things omitted, but typical LList & operator=(const LList & rhs) { if (this!= &rhs) { //no throw deleteall(); //no throw Node * curr = rhs.head; //no throw while (curr!= null) { //no throw addtoback(curr->data); //strong [let us suppose] curr = curr->next; //no throw return *this; //no throw ; 10

LList & operator=(const LList & rhs) { if (this!= &rhs) { Node * temp = rhs.head; Node * n1 = nullptr; Node * n2 = nullptr; if (temp!= nullptr){ n1 = n2 = new Node(temp->data, nullptr,nullptr); temp = temp->next; while (temp!= null) { n2->next = new Node(temp->data, n2, nullptr); n2 = n2->next; temp = temp->next; Which guarantee does this version make? deleteall(); head = n1; tail = n2; No guarantee! :( return *this; 11

Exception Safety template<typename T> Which guarantee does this make? class LList { //other things omitted, but typical Strong! LList & operator=(const LList & rhs) { if (this!= &rhs) { LList temp(rhs); std::swap(temp.head, head); std::swap(temp.tail, tail); return *this; ; 12

Exception Safety template<typename T> class LList { //other things omitted, but typical LList & operator=(llist rhs) { std::swap(temp.head, head); std::swap(temp.tail, tail); return *this; ; Same principle, but passed by value instead of reference (going to copy anyways Will waste work if self assignment) 13

Temp-and-swap Common idiom for strong guarantees: temp-and-swap Make temp object Modify temp object to be what you want this to be swap fields of temp and this temp destroyed when you return (destructor cleans up state) Exception? temp destroyed in stack unwinding Downside? Change only some state: may be expensive to copy entire object 14

What About This Code template<typename T> class LList { //other things omitted, but typical LList & operator=(const LList & rhs) { if (this!= &rhs) { m.lock(); rhs.m.lock(); //What if this throws? std::swap(temp.head, head); std::swap(temp.tail, tail); rhs.m.unlock(); m.unlock(); return *this; ; 15

How About Now? template<typename T> class LList { //other things omitted, but typical LList & operator=(const LList & rhs) { ; if (this!= &rhs) { std::lock_guard<std::mutex> lck1(m); std::lock_guard<std::mutex> lck2(rhs.m); std::swap(temp.head, head); std::swap(temp.tail, tail); return *this; //calls m.lock() //calls rhs.m.lock() 16

How About Now? template<typename T> class LList { //other things omitted, but typical LList & operator=(const LList & rhs) { ; if (this!= &rhs) { std::lock_guard<std::mutex> lck1(m); std::lock_guard<std::mutex> lck2(rhs.m); std::swap(temp.head, head); std::swap(temp.tail, tail); //destruction calls.unlock() return *this; //calls m.lock() //calls rhs.m.lock() 17

How About Now? template<typename T> class LList { //other things omitted, but typical LList & operator=(const LList & rhs) { if (this!= &rhs) { std::lock_guard<std::mutex> lck1(m); std::lock_guard<std::mutex> lck2(rhs.m); std::swap(temp.head, head); std::swap(temp.tail, tail); return *this; //what if exn? ; 18

RAII Resource Acquisition Is Initialization Resource lifetime tied to object lifetime Allocation during initialization Released during destruction Example resources: Mutex: lock/unlock Heap Memory: new/delete File: open/close Exception safety benefits? 19

RAII with Heap Objects "Smart Pointers" Objects that wrap pointer and provide RAII C++03: std::auto_ptr (deprecated) C++11: std::unique_ptr std::shared_ptr std::weak_ptr 20

std::unique_ptr { std::unique_ptr<thing> thing1 (new Thing); //other code here //thing1 goes out of scope: delete its pointer Owns a pointer When destroyed, deletes owned pointer 21

std::unique_ptr { std::unique_ptr<thing> thing1 (new Thing); //other code here Thing * tp = thing1.get(); Owns a pointer When destroyed, deletes owned pointer Can use.get() to get raw pointer 22

std::unique_ptr { std::unique_ptr<thing> thing1 (new Thing); //other code here Thing * tp = thing1.get(); thing1->dosomething(); Owns a pointer When destroyed, deletes owned pointer Can use.get() to get raw pointer Can also use * and -> operators 23

std::unique_ptr { std::unique_ptr<thing> thing1 (new Thing); // std::unique_ptr<thing> thing2 (thing1); //thing2 owns pointer, thing1 is empty (holds nullptr) Assignment operator/copy constructor transfer ownership 24

Exception Safety Thing * foo(int x, char c) { Widget * w = new Widget(x); Gadget * g = new Gadget(c); Thing * t = new Thing(w,g); return t; Which guarantee does this make? 25

Exception Safety Thing * foo(int x, char c) { std::unique_ptr<widget> w (new Widget(x)); std::unique_ptr<gadget> g (new Gadget(c)); Thing * t = new Thing(w.get(),g.get()); return t; Is this code correct? 26

Exception Safety Thing * foo(int x, char c) { std::unique_ptr<widget> w (new Widget(x)); std::unique_ptr<gadget> g (new Gadget(c)); Thing * t = new Thing(w.get(),g.get()); return t; w and g go out of scope here, so what happens to their pointers? Is this code correct? No! 27

Exception Safety Thing * foo(int x, char c) { std::unique_ptr<widget> w (new Widget(x)); std::unique_ptr<gadget> g (new Gadget(c)); Thing * t = new Thing(w.release(),g.release()); return t; What about this code? release returns the pointer (like get), but also gives up ownership (sets the owned pointer to nullptr) 28

Exception Safety Thing * foo(int x, char c) { std::unique_ptr<widget> w (new Widget(x)); std::unique_ptr<gadget> g (new Gadget(c)); Thing * t = new Thing(w.release(),g.release()); return t; What if new fails? What about this code? "Whether the allocation function is called before evaluating the constructor arguments or after evaluating the constructor arguments but before entering the constructor is unspecified. It is also unspecified whether the arguments to a constructor are evaluated if the allocation function returns the null pointer or exits using an exception. " C++ standard, 5.3.4 (21) 29

Exception Safety Thing * foo(int x, char c) { std::unique_ptr<widget> w (new Widget(x)); std::unique_ptr<gadget> g (new Gadget(c)); Thing * t = new Thing(w, g); return t; What about this code? (What am I assuming Thing's constructor takes now?) 30

Shared Pointers + Weak Pointers Unique Pointers: exactly one owner Assignment transfers ownership Shared Pointers: many owners Copying increments count of owners Destruction decrements counts of owners Object freed when owner count reaches 0 Weak Pointers: non-owners of shared pointer Can reference object, but does not figure into owner count Use.lock() to obtain shared_ptr: has object (if exists) or nullptr (if not) 31

Java Exceptions: Slightly Different RAII: C++, but not Java (why not?) No objects in stack in Java (all in heap ) Java's plan: finally ALWAYS executed, no matter whether exception or not 32

Java Exceptions: Slightly Different public void doathing(string name) { SomeResource sr = null; try { sr = new SomeResource(name); dostuff(sr); catch(whateverexception we) { dealwithproblem(we); finally { if(sr!= null) { sr.close(); 33

Java Exceptions: Slightly Different public void doathing(string name) throws WhateverException{ SomeResource sr = null; try { sr = new SomeResource(name); dostuff(sr); finally { if(sr!= null) { sr.close(); Can have try-finally (no catch) - Allows exception to propagate out - Cleans up resources 34

Java Exceptions: Slightly Different public void doathing(string name) throws WhateverException{ try (SomeResource sr = new SomeResource(name)) { dostuff(sr); Java also has try-with-resource - declare/initialize AutoCloseable object in () after try o can have multiple declarations, separate with ; - automatically makes a finally which closes it o closes in reverse order of creation - can have explicit catch or finally if you want 35

Java Exceptions: Slightly Different public void doathing(string name) throws WhateverException{ SomeResource sr = null; try { sr = new SomeResource(name); dostuff(sr); finally { if(sr!= null) { sr.close(); Java's exception specification rules different from C++'s 36

Exception Specifications C++ 03 No declaration: can throw anything Declaration: restricted to those types throw(x, y, z) or throw() Checked at runtime: when exception is thrown If lied, std::unexpected() 37

Exception Specifications template<typename T> class Thing { T data; public: Thing() noexcept(noexcept(t())) { // ; C++ 11 C++03 specifications valid but deprecated noexcept for "no throw" Can take a boolean expression to indicate behavior (true=noexcept) noexcept(expr) queries if expr is declared noexcept If noexcept actually throws, calls std::terminate() 38

Exception Specifications Throwable Error Exception Java IOException SQLException RuntimeException Two types of exceptions: checked and unchecked Checked: exception specifications checked at compile time Compiler ensures you don't lie (aka miss one) Unchecked: no need to declare in spec Possible in too many places, would clutter code 39

Exception Specifications Throwable Error Exception VirtualMachineError. IOException SQLException RuntimeException OutOfMemoryError StackOverflowError "Reasonable" applications do not try/catch these 40

Exception Specifications Throwable RuntimeException: too ubiquitous to clutter Error Exception code with specifications (everything might throw them) IOException SQLException RuntimeException. ArrayIndexOutOfBoundsException NullPointerException ArithmeticException 41

Exception Specifications Throwable Checked exceptions: - Rare enough to merit specification - Reasonable enough to try/catch Error Exception. IOException SQLException RuntimeException 42

Java: Finalizers Java objects have.finalize() "Called by the garbage collector on an object when garbage collection determines that there are no more references to the object." Seems like maybe we could use this to help resource management? 43

Lets Look at Stack Overflow http://stackoverflow.com/questions/12958440/closing-class-io-resources-in-overridden-finalize-method http://stackoverflow.com/questions/8051863/how-can-i-close-the-socket-in-a-proper-way 44

Finalizer: NOT For Resource Management Do NOT try to use finalizers for resource management! No guarantee of when they will run (may never gc object!) Do NOT use finalizers in general May run on other threads (possibly multiple finalizers at once) Were you thinking about how to synchronize them? What about deadlock? Likely to run when memory is scarce (may cause problems if you allocate) Could accidentally make object re-referenceable? 45

Exceptions Handling problems: exceptions C++ Java temp-and-swap RAII Smart Pointers finally specifications finalizers (and why they are not what you need for this) 46

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback