[教材] 例外處理設計與重構實作班201309

Teddy Chen
Sept. 14 2013
例外處理設計與重構實作班

我是誰
• 2012年7月成立泰迪軟體，從事敏捷開發顧問、教
育訓練、軟體工具導入等服務。
• 2012年6月，出版暢銷書「笑談軟體工程：敏捷方
法的逆襲」。
• 2012年4月起，多次講授Scrum課程，與學員互動氣
氛佳，滿意度高。
• 超過17年design pattern實務經驗，曾在pattern領域
最著名的PLoP國際研討會發表論文。
– PLoP 2004：A Pattern Language for Personal Authoring
in E-Learning.
– Asia PLoP 2011：Emerging Patterns of Continuous
Integration for Cross-Platform Software Development.
• 2009年取得Certified ScrumMaster。
• 2008年4月起迄今，5年以上Scrum業界導入經驗。
• 2008年取得台北科技大學資工博士。
• 2007年起經營「搞笑談軟工」部落格。
Copyright@2013 Teddysoft

課程內容
• 例外處理基本觀念
• 例外處理的4+1觀點
• 建立例外處理中心思想—Staged Robustness
Model
• EH Bad Smells and Refactoring's

一個軟體開發專案存在著很多互相競爭
且衝突的非功能需求
robustness
(exception handling)
time-to-market, iterative &
incremental design,
maintainability, etc.誰贏、誰輸?

Robustness輸了之後會造成系統不穩定
系統不穩定會有什麼問題?

輕則損失時間、金錢與商譽，
重則可能危害生命安全。

SPECIFICATION
Correctness
Robustness

提升軟體可靠度需同時考慮
Correctness與Robustness這兩個因素
• Correctness
– 軟體產品可以執行規格中所規範的工作或行為
– 可透過Contract Specification來達成
• Robustness
– 軟體系統應付異常狀況的能力
– 可透過Exception Handling來達成

本課程介紹如何透過例外處理
來增加系統的強健度

練習：請分享一個因為例外
處理不良而造成金錢上、時
間上、精神上損失的經驗

例外處理機制—Exception
Handling Mechanism (EHM)

問題: 請說出一個你熟知的程
式語言的例外處理機制

例外處理機制(EHM)是程式語言用來
支援例外處理的方法
• Representation
• Definition
• Signaling
• Propagation
• Resolution
• Continuation

1. Representation
• 程式語言表達例外的方法
– Symbol
• strings or numbers
– Data object
• Used to hold error and failure information only.
• Raised by a language keyword.
– Full object
• Encapsulate signaling, propagation, and continuation
behaviors of exceptions in the class definition.

2. Definition
• 程式設計師如何定義一個例外
–Symbols
• new exceptions are defined as strings or
numbers.
–Data objects and full objects
• a class is used to define an exception.

3. Signaling
• 產生一個例外(的實例)，並且將例外傳給
接收者的指令稱之為：
– throwing, signaling, raising, or triggering
• 例外產生方式有兩種：
– Synchronous exception
• A direct result of performing the instruction.
– Asynchronous exception
• Produced by the runtime environment upon encountering
an internal error or by stopping or suspending a thread.

4. Propagation
• If an exception is signaled and not coped
with locally, the exception can be propagated
to the caller of the signaling method.
• Exception propagation can be explicit or
implicit (or automatic).
– Explicit: a receiver must explicitly re-throw an
unhandled received exception for further propagation
– Implicit: an unhandled exception is automatically
propagated.

5. Resolution
• Exception resolution or handler binding is a process
of finding a suitable handler in the target, which is
resolved by static scoping at compiler-time, dynamic
invocation chain at runtime, or both.
• There are two methods to dynamically find a handler:
stack unwinding and stack cutting.
– Stack unwinding pops the stack frames to search for the
matching exception handler
– Stack cutting maintains a list of registered exception handlers
and looks up the list for a suitable exception handler.

6. Continuation
• An exception continuation or exception
model specifies the execution flow after
an exception handler returns its control.
–Termination model
–Retry model
–Resumption model

容易搞混且重要的觀念：Fault, Error,
Failure, Exception彼此的關係
fault error failure
exception
(1) design
(2) component
cause of failure a state may lead to
failure
service departs from
specification
represented by

以下何者是design fault，何者是component
fault?
1. 除以零 (division by zero)
2. Index Out of Bound
3. 網路斷線
4. 硬碟空間已滿
5. 檔案不存在
24

為什麼要區分design fault與
component fault?

Exception Handling vs. Fault-Tolerant
Programming
• Exception handling deals with component faults
(anticipated exceptions)
• Fault-tolerant programming deals with both
component and design faults (anticipated and
unanticipated exceptions)
26
範圍不同、成本不同!

Java Exception Handling: The try
Statement (before JDK 7)
28Copyright@2013 Teddysoft

Java Exception Handling: The
try_multi_catch in JDK 7

Java Exception Handling: The
try_with_resources in JDK 7

Java Exception Class Hierarchy
31
checked
unchecked
IOException
NullPointerException
Throwable
Exception
RuntimeException
Error
IndexOutOfBoundsException
SQLException

Use checked exceptions for
recoverable conditions and
run-time exceptions for
programming errors

使用Checked Exception須遵循Handle-or-Declare Rule
handle
declare

程式如果違反Handle-or-
Declare Rule將被Java Compiler
視為語法錯誤

例外處理的4+1觀點
Usage (用途)
Design (設計)
Handling (處理)
Tool-Support (工具支援)
Process (流程)

為什麼例外處理這麼難?

Usage View (例外用途觀點)
Exception, 真的只是用來代表
「例外狀況」嗎?

練習：分組討論要如何處理
EOFException與
InterruptedException?

EOFException範例
public void readDataFromFile(String aFileName){
try (DataInputStream input = new DataInputStream
(new FileInputStream(aFileName))) {
while (true) {
System.out.print(input.readChar());
}
}
catch (EOFException e) {
// How to "handle" this exception?
}
catch (IOException e) {
e.printStackTrace();
}
} Copyright@2013 Teddysoft

InterruptedException範例
public void sleepMillisecond(int ms){
try {
Thread.sleep(ms);
} catch (InterruptedException e) {
}
}

Usage View
• Failure
• Notification
– EOFException
– InterruptedException

案情沒有那麼單純，請看另一個
EOFException範例
public void fetchRawBytesAndSetupMessage(DataInputStream aIS)
throws IOException, InvalidPacketException {
int length = aIS.readInt();
setMessageLength(length);
byte[] messageBody = new byte[length];
try {
aIS.readFully(messageBody);
} catch (EOFException e) {
throw new InvalidPacketException("Data Underflow");
}
setMessage(new String(messageBody));
}

Context 決定 exception的用途

Design View
(例外設計觀點)

Design View
• Declared:
– 例外有宣告在元件的介面規範中
– 又稱為anticipated或expected例外
– 代表component fault
• Undeclared:
– 例外沒有宣告在元件的介面規範中
– 又稱為unanticipated或unexpected例外
– 代表design fault

Declared Exception
try {
}
}

Undeclared Exception (1/2)
public Hamburg createHamburger(String type) {
Hamburg ham = null;
switch (type) {
case "pork":
ham = new SweetPorkHamburger();
break;
case "beef":
ham = new SweetBeefHamburger();
break;
default:
throw new RuntimeException
("Unsupported hamburger type:" +
type);
}
return ham;
}

Undeclared Exception (2/2)
public void deposit(int value) {
if (value < 0 ) {
throw new IllegalArgumentException
("存款金額不得為負數.");
}
// doing normal deposit logic
}

你在做例外處理還是容錯設計? (1/2)
public void deposit(int value) throws
llegalArgumentException {
if (value < 0 ) {
}
}
public void deposit(int value) {
if (value < 0 ) {
}
}
D
UC
UCUD

你在做例外處理還是容錯設計? (2/2)
public String execute(String cmd) throws
IOException,
NullPointerException,
IllegalArgumentException;
UCD
CD

Design View小結
撇開程式語言是否區分checked與
unchecked例外，唯有將例外宣告在介面
上(或以某種形式存在程式或文件中)，
在設計階段程式設計師才有機會知道要
如何來因應可能會遭遇到的異常狀況。

Handling View
(例外處理觀點)

Handling View
• Recoverability (可恢復性)
– recoverable, unrecoverable(irrecoverable)
• Exception handling constructs in
languages and utilities
– Roles, responsibilities, and collaborations (e.g., try,
catch, finally in Java)

Handling View之
Recoverability

Recoverability：爽到你，艱苦到我
Thanks Linda

Recoverability：Callee與Caller都要負責任
Thanks Linda

public void sleepMillisecond(int ms){
try {
Thread.sleep(ms);
} catch (InterruptedException e) {
}
}
Recoverability思考練習1
Callee
Caller: InterruptedException是一
個可以被修復的例外狀況嗎?

public void readDataFromFile(String aFileName){
try (DataInputStream input = new DataInputStream
(new FileInputStream(aFileName))) {
while (true) {
System.out.print(input.readChar());
}
}
catch (EOFException e) {
}
}
}
Callee
Caller: EOFException與
IOException的recoverability?

try {
}
}
Callee
Caller: EOFException與
IOException的recoverability?

Handling View之
Exception Handling Constructs
and Utilities

不同的程式語言有不同的例外處理構件
• Java/C#
– try-catch-finally
• C++
– try-catch
– destructor
• Eiffel
– Exception handlers in Eiffel are attached at the method
level and all exceptions are caught by one handler.
61

重新思考try-catch-finally的責任與分工
• Try
– Implement requirements (can have alternatives)
– Prepare state recovery (e.g., make a check point)
• Catch
– Perform error and fault handling
– Report exceptional conditions
– Control retry flow
• Finally
– Release resources
– Drop check points if any
62

例外處理也是一種程式設計，需要程式
設計能力與軟體元件支援
• 設計技巧
– Memento、Smart pointer、Check point、etc.
– Exception hierarchy
– EH best practices and patterns
• 工具
– Logging (e.g., Log4j)
– Common error formats and dialogs
– EH smell detection
– Marker & resolution
63

Handling View小結
要判斷一個例外是否為一個可修復的狀
況，是例外處理「設計」的第一個步驟，
但這個判斷依據並不是一件容易的事。
確定了例外的recoverability之後，接著
可利用程式語言構件與軟體元件的協助
來實作例外處理程式碼。

Tool-Support View
(例外工具支援觀點)

Tool-Support View
• Java語言的tool-support
– 區分Checked與unchecked例外

Java與C#程式比較

Java語言的Tool-Support所造成的後遺症
• Interface evolution problem
• Ignored checked exception
68

Tool-Support View小結
為了提高軟體的強健度，開發人員
需要一個提醒機制，告知那些操作
有可能產生例外，否則開發人員更
容易忽略例外處理，只能等runtime
發生錯誤時再回頭修補。

Process View
(開發流程觀點)

Process View
• Waterfall VS. IID (iterative and
incremental development)
• 如何在IID流程中規劃例外處理?
– I will handle this exception when I have time. 
Never happens!

以Scrum為例
• Story
– Normal scenarios
– Failure scenarios
• 這個sprint先做normal scenarios，下個
sprint再做failure scenarios
敏捷開發讓例外處理變得好簡單啊! 才怪

「先做normal scenarios，再做failure
scenarios」實務上有何問題?

做normal scenarios的時候遇到例外
怎麼辦?
try {
}
}

Process View小結
IID或敏捷開發法不會讓例外處理變
得更簡單。若團隊沒有一套例外處
理設計規範，則很有可能反而會降
低系統的強健度。

例外處理的4+1種觀點結論

建立例外處理中心思想—
Staged Robustness Model
例外處理的目標

Robustness Levels (強健度等級)
80
Undefined
Error-
Reporting
State-
Recovery
Behavior-
Recovery
0
1
2
3
Robustness
unpredictable
All exceptions are
reported
State is correct under the
presence of exceptions
Service is delivered under the
presence of exceptions

Robustness levels of components
Element RL G0 RL G1 RL G2 RL G3
name undefined error-reporting state-recovery behavior-recovery
service
failing implicitly or
explicitly
failing explicitly failing explicitly delivered
state unknown or incorrect
unknown or
incorrect
correct correct
lifetime
terminated or
continued
terminated continued continued
how-
achieved
NA
(1) propagating all
unhandled
exceptions, and
(2) catching and
reporting them in
the main program
(1) error
recovery
and
(2) cleanup
(1) retry, and/or
(2) design
diversity, data
diversity, and
functional diversity
also known
as
NA failing-fast
weakly tolerant
and organized
panic
strongly tolerant,
self-repair, self-
healing, resilience,
and retry

Upgrading and degrading
exception handling goals
82
fail-fast; keep
user informed
G0 G1 G2
restore state, clean up,
and keep programs alive
G3
attempt retries
all retries fail
state restoration
or cleanup fail

Applicability for the robustness levels
83
RL Applicability
G1
 In the early stage of system development
 Prototyping
 Applying an evolutionary development methodology
 Time-to-market
G2
 Outsourcing
 Designing utility components used in different application domains
 Behavior-recovery actions should be administered by the user
G3
 Developing mission critical systems
 Designing components having sufficient application context to
recover from behavioral failures, e.g., application controllers
 Behavior-recovery actions are inappropriate to be administered by
the user

Consequences
• Robustness without costly up-front design
• Guiding exception handling implementation
• Independent of languages

Bad Smells and Refactorings
Refactoring基本觀念
Bad Smells and Refactorings

What is Refactoring
• Improving the internal structure of a
software system without altering its
external behavior [fowler]
• Steps to perform refactoring:
– Identifying code smells
– Applying refactorings to remove the smells
– Verifying satisfaction

Refactoring and EH Refactoring
89
Normal
Behavior
Exceptional
Behavior
Refactoring EH Refactoring
Behavior

EH Smells, Refactorings, and RL
90
EH smell Refactoring RL
Return code Replace Error Code with Exception G1
Ignored checked
exception
Replace Ignored Checked Exception with
Unchecked Exception
G1
Unprotected main
program
Avoid Unexpected Termination with Big
Outer Try Block
G1
Dummy handler Replace Dummy Handler with Rethrow G1
Nested try block Replace Nested Try Block with Method G2
Careless Cleanup
Replace Careless Cleanup with Guaranteed
Cleanup
G2
Ignored checked
exception
Dummy handler
Introduce Checkpoint Class G2
Spare handler Introduce Resourceful Try Clause G3Copyright@2013 Teddysoft

Smell: Return Code
91
public int withdraw(int amount) {
if (amount > this.balance)
return -1;
else {
this.balance = this.balance – amount;
return this.balance;
}
}

Refactoring: Replace Error Code with
Exception
92
public int withdraw(int amount) throws
NotEnoughMoneyException {
if (amount > this.balance)
throw new NotEnoughMoneyException ();
this.balance = this.balance – amount;
}

Smell: Ignored Checked Exception
93
public void writeFile(String fileName, String data) {
Writer writer = null;
try {
writer = new FileWriter(fileName);
// may throw IOException
writer.write(data); // may throw IOException
}
catch (IOException e) { // ignoring the exception }
finally { // code for cleanup }
}

Replace Ignored Checked Exception
with Unchecked Exception
try {
writer = new FileWriter(fileName); /* may throw an IOException */
writer.write(data); /* may throw an IOException */
}
/* ignoring the exception */
}
}
↓
try {
writer = new FileWriter(fileName); /* may throw an IOException */
writer.write(data); /* may throw an IOException */
}
throw new UnhandledException(e, “message”);
}
}
94

Smell: Unprotected Main Program
95
static public void main(String[] args) {
MyApp myapp = new MyApp();
myapp.start();
}

Avoid Unexpected Termination with
Big Outer Try Block
96
myapp.start();
}
↓
try {
myapp.start();
}
catch (Throwable e) {
/* displaying and/or logging the exception */
}
}

Smell: Dummy Handler
97
public void m(String aFileName) {
try{
FileInputStream fis = new FileInputStream(new
File(aFileName));
}
catch(IOException e){
}
finally{ // cleanup }
}

Replace Dummy Handler with Rethrow
98
public void m(String aFileName)
{
try{
FileInputStream fis = new
FileInputStream(new
File(aFileName));
}
}
}
public void m(String aFileName) {
try{
FileInputStream(new
File(aFileName));
}
throw new UnhandledException
(e, “message”);
}
}

Smell: Nested Try Statement
99
FileInputStream in = null;
try {
in = new FileInputStream(…);
}
finally {
try {
if (in != null)
in.close ();
}
/* log the exception */
}
}

Replace Nested Try Statement with
Method
100
try {
}
finally {
try {
if (in != null)
in.close ();
}
}
}
try {
} finally { closeIO (in); }
private void closeIO (Closeable c) {
try {
if (c != null) c.close ();
}
}
}

Smell: Careless Cleanup
101
public void cleanup String aFileName) {
try{
FileInputStream(new
File(aFileName));
fis.close();
}
throw new RuntimeException(e);
}
}

Replace Careless Cleanup with Guaranteed
Cleanup
102
try{
FileInputStream(new
File(aFileName));
fis.close();
}
}
}
FileInputStream fis = null;
try{
fis = new FileInputStream(new
File(aFileName));
}
}
finally { closeIO(fis); }
}

Introduce Checkpoint Class
106
public void foo () throws FailureException {
try {
/* code that may change the state of the object */
}
catch (AnException e) {
throw new FailureException(e);
} finally {/* code for cleanup */}
}
↓
public void foo () throws FailureException {
Checkpoint cp = new Checkpoint (/* parameters */);
try {
cp. establish (); /* establish a checkpoint */
/* code that may change the state of the object */ }
catch (AnException e) {
cp.restore (); /* restore the checkpoint */
throw new FailureException(e); }
finally { cp.drop(); }
} Copyright@2013 Teddysoft

Smell: Spare handler
107
try { /* primary */ }
catch (SomeException e) {
try {/* alternative */}
catch(AnotherException e) {
}
}

Introduce Resourceful Try Clause
108
try { /* primary */ }
catch (SomeException e) {
try {/* alternative */}
catch(AnotherException e) {
}
}
↓
int attempt = 0; int maxAttempt = 2; boolean retry = false;
do {
try { retry = false;
if (attempt == 0) { /* primary */ }
else { /* alternative */ }
} catch (SomeException e) {
attempt++; retry = true;
if (attempt > maxAttempt) throw new FailureException (e);
}
} while (attempt<= maxAttempt && retry)

參考資料

複習
• 例外處理基本觀念
– EHM、fault、error、failure、exception
• 例外處理的4+1觀點
• 建立例外處理中心思想—Staged Robustness
Model
• EH Bad Smells and Refactorings

泰迪軟體敏捷開發訓練藍圖

[教材] 例外處理設計與重構實作班201309

[教材] 例外處理設計與重構實作班201309

Recommended

More Related Content

What's hot

What's hot(20)

Viewers also liked

Viewers also liked(17)

Similar to [教材] 例外處理設計與重構實作班201309

Similar to [教材] 例外處理設計與重構實作班201309(20)

More from teddysoft

More from teddysoft(11)

Recently uploaded

Recently uploaded(20)

[教材] 例外處理設計與重構實作班201309