Boost logo

Boost :

Subject: Re: [boost] [review] Review of Outcome v2 (Fri-19-Jan to Sun-28-Jan, 2018)
From: Vinícius dos Santos Oliveira (vini.ipsmaker_at_[hidden])
Date: 2018-01-31 22:26:09


2018-01-31 18:21 GMT-03:00 Emil Dotchevski via Boost <boost_at_[hidden]>
:

> - Making some or all control paths explicitly detailed to aid code
> correctness auditing, as opposed to having hidden control paths caused by
> exceptions potentially thrown from any place.
>
> This is one of these axiomatic beliefs that need to be substantiated
> instead. It is simply not true that code that uses exception handling
> ("hidden control paths") is more difficult to audit or more prone to
> errors. In my experience it's the other way around: people who don't use
> exceptions are not serious about error handling; they're the ones who also
> need advanced logging libraries to help them figure out what went wrong
> _this_ time around.
>

It's like arguing that RAII doesn't help with resource freeing and this is
just axiomatic belief.

How pushing a "I forgot to do proper error handling" to compile time errors
becomes "this is just axiomatic belief and helps no-one"?

During this same review, Andrzej Krzemienski noted an improper exceptions
handling of exceptions in the swap function:

Also, it is possible that while reswapping, another exception will be
> thrown. In general, you cannot guarantee the roll-back, so maybe it would
> be cleaner for everyone if you just declared that upon throw from swap, one
> cannot rely on the state of `result`: it should be reset or destroyed.
>

Should we remember the variant saga maybe[1][2]? These are not isolated
cases. They keep happening.

How do you see that? The people who made these mistakes or took years to
solve some of them are too dumb and can't use exceptions? What about every
beginner C++ programmer? You'll push all these cases to compile-time
errors. Even expert C++ programmers will make mistakes one time or another.
Meanwhile, I haven't seen any error remotely similar to these ones in Rust.

Is this information incorrect? If this information is true, how is this
axiomatic belief? I see a few concrete cases, one of them happened right in
these last days on the Boost mailing list review. All hidden paths and a
mistake was made. No amount of testing in Boost.Outcome has detected them.

But then it is you who is arguing:

It is simply not true that code that uses exception handling ("hidden
> control paths") is more difficult to audit
>

Can you show me _any_ code using Result-like error handling that had
problems that made people as smart as the C++ committee take so much time
just to design a variant? Because any Rust programmer will design a variant
like this:

enum Either<A, B> {
  Left(A),
  Right(B)
}

What happened here? I designed a variant in less than 10 seconds as robust
as the C++ variant which required effort by many people and wasn't designed
nearly as fast as this one. Could you go into these concrete cases and tell
me what I'm not seeing?

The only mistake you can do is forget to check if a value is contained
before accessing such value. I'll find this easier to audit anytime. And
the operator TRY will make it even easier. In Rust, it is not even possible
to make this mistake.

Most of the possibly dangerous behaviour became compile time errors. The
rest may be subjective, but we have plenty of clues that exception handling
is not that great to say the least.

My axiomatic belief here: compile time errors are easier to manage.

[1] http://davidsankel.com/c/a-variant-for-the-everyday-joe/
[2] https://isocpp.org/blog/2015/11/the-variant-saga-a-happy-ending

-- 
Vinícius dos Santos Oliveira
https://vinipsmaker.github.io/

Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk