APIDesignPatterns:Exceptions

From APIDesign

(Difference between revisions)
Jump to: navigation, search
Line 87: Line 87:
== Extensibility ==
== Extensibility ==
-
It has been mentioned that changing a code to throw a new exception is not compatible change. However this is not fully true, because [[Java]] exceptions are regular classes, and classes support inheritance, one can define new subtypes of existing exceptions and yet keep the code written by your API users compatible. Imagine there is a method in version one throwing ordinary I/O exception:
+
Exceptions are [[APIDesignPatterns:ExceptionExtensibility|easily extensible]] via subclassing.
-
 
+
-
<source lang="java">
+
-
public static int compute(int x, int y) throws IOException {
+
-
if (y - x == 1) throw new IOException("For some reason I cannot deal with this!");
+
-
return x + y;
+
-
}
+
-
</source>
+
-
 
+
-
Now people can use this method to do many things, complex ones or trivial like to sum two numbers:
+
-
 
+
-
<source lang="java">
+
-
int result;
+
-
try {
+
-
result = compute(1, 2);
+
-
} catch (IOException ex) {
+
-
Logger.getLogger("mylogger").log(Level.WARNING, "Problem!", ex);
+
-
result = -1;
+
-
}
+
-
</source>
+
-
 
+
-
This is a valid use of the compute API method. As authors of the library, we value our users and want to support this API use in future. However we also want to please more and more users. If some other ones require us to provide better information about the values of '''x''' and '''y''', instead of just throwing the '''IOException''', can we help them? Can we change the contract and yet pretend we have not changed anything? Yes, this is possible, just imagine version two of the library:
+
-
 
+
-
<source lang="java">
+
-
public static int compute(int x, int y) throws IOException {
+
-
if (y - x == 1) throw new StrangeXYException(x, y);
+
-
return x + y;
+
-
}
+
-
 
+
-
public final class StrangeXYException extends IOException {
+
-
int x, y;
+
-
StrangeXYException(int x, int y) {
+
-
super("For some reason I cannot deal with this!");
+
-
this.x = x;
+
-
this.y = y;
+
-
}
+
-
 
+
-
public int getX() { return x; }
+
-
public int getY() { return y; }
+
-
}
+
-
</source>
+
-
 
+
-
The previously written client code remains valid. A subclass of '''IOException''' is thrown, it is matched by the '''catch (IOException ex)''' block and everything continues to work as it used to. Yet, if one is interested in more detailed information about the failure, one can catch the version two newly defined exception:
+
-
 
+
-
<source lang="java">
+
-
int result;
+
-
try {
+
-
result = compute(1, 2);
+
-
} catch (StrangeXYException ex) {
+
-
// compute ourselves meaningful result
+
-
result = ex.getX() + ex.getY();
+
-
} catch (IOException ex) {
+
-
Logger.getLogger("mylogger").log(Level.WARNING, "Problem!", ex);
+
-
result = -1;
+
-
}
+
-
</source>
+
-
 
+
-
The object oriented nature of '''try/catch''' statements makes evolution perfectly possible. With every new release one can define new specialized exception as subclass of some already existing one. The previously working code can remain unaffected, the new client code can extract the additional information from the new exception class exposed in the API. This is much more pleasant evolution than for example the one available with [[Talk:Blogs:AndreiBadea:EnumsInAPIs#Joel_Neely_said_...|switch/case]] where inheritance is not taken into account at all.
+
-
 
+
-
 
+
-
<comments/>
+

Revision as of 18:14, 8 November 2008

Casper Bang asked following question after reading the TheAPIBook:

I was curious as to know how come, in a book strictly about API design in Java, you do not mention exceptions (particular checked exceptions) and the role they play in documenting assertions vs. hampering versionability. Did you simply think this to be too controversial an issue I wonder?

--Casper Bang 05:17, 5 September 2008 (CEST)

Contents

Nothing special

One reason why there is no special attention paid to exceptions is that at the end, exceptions are just classes. As such the same rules that can be applied to any class that shows up in the API can be applied to exceptions in the API as well. When adding exceptions in your API you will not do anything bad if you follow the do not expose more than necessary credo of Chapter 5. If your exception is supposed to be thrown just by your code, it is quite OK to make its constructor package private. That will guarantee the intended purpose of the exception, which is, to be thrown only by you and caught by clients of your API. It will guarantee that nobody can misuse and misinterpret this intention. From the opposite point of view: if you want your clients to throw an exception and only your code to consume it, you do not need public getters to get values passed into the constructor at the time the exception is thrown.

On the other hand, Chapter 5 also advices to prefer factory methods over exposing constructors. I tried that few times, but I have a feeling that this feels a bit unnatural and as such I cannot recommend code like:

throw CommandException.exitCode(1);
 
 
/** Exception to signal result of execution of external process */
public final class CommandException {
  private int exitCode;
 
  private CommandException(int e) { exitCode = e; }
 
  public static CommandException exitCode(int exitCode) {
    return new CommandException(exitcode);
  }
}

The common mindshare among Java developers seems to expect that exceptions are raised by writing throw new Something and it is therefore likely better to expose constructor of your exception class instead of factory method. Still, if you do not expect people to benefit from subclassing your exception, make it final - your options for future evolution will remain more open.

In short, exceptions are classes. They shall follow the evolution rules applicable to classes, as discussed in Chapter 6. It is not wise to add abstract methods into exceptions that could have been subclassed in prior versions, it is not wise to expose fields, remove elements already available, etc. However Casper is right, this is not all that can be said about exceptions, it seems that something special remains unsaid.

Runtime vs. Checked

Java is the first industrial language that introduced checked exceptions. As such, when talking about exceptions in context of Java, one cannot escape from talking about runtime vs. checked benefits and drawbacks. However this is tricky, as far as I know this is a perfect topic to start never-ending flamewar. Even the wikipedia's article related to pros and cons is written very defensively (some say.., others mean..., etc.), so it seems important to approach the topic carefully.

There may differences between checked and unchecked exception in comprehensibility, readability or maintainability of the code written against libraries using the first or the latter. However as I argued in Chapter 11, Runtime Aspects of APIs, from the point of view of API evolution, there is no difference. When a method in a library is written so it can throw some exception in one version and in some newer version decides to throw yet another exception type under some circumstances, then this is an incompatible change. And the change is incompatible in both cases. When using checked exceptions, the change is source incompatible, as one needs to change the signature of the method to define the new exception. As a result code that was compilable, may get broken. In the case of unchecked exceptions, the change is functionally incompatible - as the code which originally caught all exceptions thrown from the method, will no longer work as expected. As such the difference between runtime and checked for API design is not as big as it might have seen.

My Single Exception

Very common design flaw (maybe flaw is too strong, we can calling it design attempt) is to define your own completely new exception when designing your library. An example of this approach can be found in Ant or in Maven. The first defines own BuildException, the later does something similar. These two exceptions are completely unrelated to any other exception defined by the Java platform. As a result, whenever one writes a build task, it is not enough to just read and write files - e.g. something very natural to almost every build step, but one needs to try/catch the I/O operations' exception and encapsulate it into

try {
  // do some operations
} catch (IOException ex) {
  throw new BuildException(oldEx);
}

This is overcomingly verbose, especially if we keep in mind that almost every task needs to deal with I/O. Also the final error reports are not really easy to read - for one I/O failure, there are two exceptions chained to each other. Moreover only the inner one is important, the other is quite useless. Things can get even messier when you imagine that some maven goals are wrappers around Ant tasks. As such one gets chain of at least three exceptions, as maven goal needs to wrap the Ant's task invocation and the tasks wraps the I/O.

It would be much simpler if both Ant and Maven designers admitted that it is natural to throw IOException from inside its tasks/goal implementations. Then there could be:

public abstract class Task {
  public abstract void execute() throws IOException;
}
 
public class BuildException extends IOException {
}

The code inside custom execute implementation could be shorter, as there would be no need for the try/catch of I/O operation exceptions, users would get no wrapped I/O exceptions and the expressiveness would remain the same, as the possibility to raise the BuildException would be kept.

Deciding on Importance

When dealing with flow of exceptions in a complex, modular system, one needs to solve an important problem: decide whether an exception is important or not. This may sound easy, but when you get an exception from a library, how can you tell whether this is something that shall be shown to the user as an information about failed I/O or whether this is an unexpected error state that needs to be logged and workarounded somehow? This is tough. Usual solution builds on the assumption that the top most caller knows the scope of an action (like I want to save a file, I want to compile, etc.) and this top most caller will decide on the importance. This is easy to understand model, and it works well in most situations (especially if there are no exceptional states), however in NetBeans we needed more granular identification. As such we created a model of annotating an exception with additional attributes:

public final class Exceptions {
  private Exceptions() { }
 
  public static <T extends Throwable> T attachMessage(T ex, String msg);
  public string <T extends Throwable> T attachLocalizedMessage(T ex, String msg);
  public string <T extends Throwable> T attachImportance(T ex, java.util.Level level);
 
  public static Level findImportance(Throwable t);
  public static String findMessage(Throwable t);
  public static String findLocalizedMessage(Throwable t);
}

More info at logging FAQ. As a result any code on the exception thrown chain can jump in and mark the exception as important or unimportant and pass it on. The final catch block then gets the importance information and uses it decide whether show a dialog to the user, or swallow the exception.

Extensibility

Exceptions are easily extensible via subclassing.

Personal tools
buy