- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
There's the new kid on the block named "Swift".
Exception handling in Swift: There isn't any. There aren't any exceptions. Ok, there are conditions that will kill your code immediately, but there are no exceptions that you could catch in Swift code.
That's a huge improvement to Objective-C, where the occasional .net or Java programmer would start throwing and catching exceptions all over the place (until they were told to stop it).
Admin
I suspect their entire exception handling pattern was deeply flawed to begin with.
So this young neophyte was stuck in a Big Ball of Mud with no guidance. You can't blame him for trying to find his way out.
Admin
Once saw a screen-field navigation solution in which each field was responsible for finding the next field. They would set a variable saying they were looked at, then clear it on the way out of the call stack. That way if it looped around and a control saw the next control had the flag set, it would know that there is no field to navigate to and stop.
So, when a field was called, if it couldn't take focus, it would call the next field. This meant that ever field was on the stack (recursively).
If a field was the last in a container, it would call the container to get the next container, adding another call onto the stack.
Unfortunately, this didn't have good exception handling, so fields would get their "I was looked at" flag stuck on, and never receive focus again.
Of course, it had other issues.
It supported arrow key navigation. It calculated a box in that direction using infinite (width/height) and the width/height of the starting control, and recursively visited fields within that box in that direction.
...
Needless to say, it failed so hard, in so many ways.
Admin
Good oh. That was my immediate reaction as well.
Admin
Admin
If he did not understand logging, what is it you're thinking that he will understand recursion?
Admin
That last is such an anti-pattern. This would be much better because it at least guarantees to log something:
myRoutine() { Exception hold; trySomething(); if (something == null) hold = new Exception("blah blah"); while (true) { try { log(hold); break; } catch (Exception e) { hold = e; } } }:-P
Admin
If it log don't work, log harder!
Admin
Look, if the error logger fails, you are on your own!
Or, if you are up to your ass in alligators, you kinda forget that the original objective was to drain the swamp.
Admin
Admin
Didn't think of that:
try { log.write(message); } catch (Exception e) { log.writeHarder(message); }Admin
Admin
Log log log your fail gently down the stack. logger logger logger logger Mushroom mushroom snake ;-)
Admin
Admin
On the Scala project I'm working on now using exceptions and try/catch blocks is considered poor form and I'm finding it rather nice.
Admin
Or maybe even http://en.wikipedia.org/wiki/Buffalo_buffalo_Buffalo_buffalo_buffalo_buffalo_Buffalo_buffalo]Buffalo buffalo Buffalo buffalo buffalo buffalo Buffalo buffalo.
Stupid Akismet!
Admin
Easy fix:
void Application_Error(object sender, EventArgs e) { Server.ClearError(); }Admin
Admin
Admin
THIS! Do we vote for best post?
Admin
Admin
Admin
Admin
Peter told the kid he had a much bigger problem, so the kid created a much bigger solution.
Be careful what you say to youngsters.
Admin
Well, you obviously shouldn't.
Admin
I take it you're not a Monty Python fan.
And that's OK.
Admin
STFU and stop trying to micro-optimize everything.
Admin
I hope I wasn't the only one who thought of badgers upon seeing "LoggerLoggerLoggerLogger".
Admin
Admin
In a lot of our MySQL insert statements we use "insert ignore into table ...". The lead developer even goes through and adds the "ignore" to insert statements. Problem is he even does it to "insert into ... on duplicate key update ..." statements. I can't find anything in the documentation what happens in this case.
Admin
Exception is like another kind of return and you can only return one thing. So inevitably, possibly throwing exceptions within an exception means you now have two things to return. In this case he possible wants a container exception with some kind of linked list. Doesn't Java have something like that (previous exception, etc)?
Admin
Admin
Admin
Heh, thanks! I failed at writing code optimized for TDWTF.
Admin
FTFY
Admin
I see this ALL THE TIME. I can't count the number of times that a program gives an "record saved" or some such message, when in fact it didn't save the record. And I start digging through the code to find the problem, and find one of these empty catch blocks. Arrggghhhh. In one case I suggested to the lead developer that we change it to display the text of the exception on the screen. He said we can't do that because we don't want to give the user an incomprehensible technical error message. I replied, So it's better to tell him that his order was processed when it really wasn't? At least if he gets a message, even if he doesn't understand it, he knows that something went wrong. And he replied, I kid you not, that yes, it's better to tell the user that it worked when it didn't than to give him a mysterious error message.
Admin
Both are really bad, in entirely different ways. Displaying an exception's actual message is a horrible, horrible idea.
Admin
Who will log errors in the logger? Who will guard the guardians?
Admin
So what did he actually do in all these higher-level loggers? I mean, I can see saying that if you have some sophisticated, complex logging tool, that if that throws an exception, write a message to a simple flat file saying "logger failed" or some such. But if that fails, what will you do then? Write to a different flat file? Blow smoke out the back of the computer? I think you'd pretty quickly reach a point where you say, And if plan D fails, just crash the program to force somebody to look at it, or maybe continue without logging the error.
Well, I guess that's the point of the story, that the whole thing is crazy. But what did he try to do in the high-level loggers? I can't help but wonder. If he was just trying to log the error to the same logger that failed to log the previous error, that's doubly stupid.
Admin
Huh, why do you say that?
Yes, it's conceivable that it could reveal information about system internals that could help a hacker. I'm hard pressed to think of examples, though. So it gives away internal table names or names of programs. So what? Unless you have other security holes, I don't see how that would help anyone.
Certainly a message that said, "Password does not match the correct password of 'foo42#3'" would be a really bad idea. Maybe there are some exception messages that would give away something like that. I suppose as I don't know all the possible exception messages, I should be careful.
I was thinking more of showing a user a message like 'Null pointer exception at plugh.vb line 314'. At least if the user called up and said he got that error, we'd have something to look at.
And obviously a message that says, "No such product in catalog" or "Cannot delete customer account while it has outstanding orders" or something actually meaningful to the user is better than something cryptic. I was thinking about cases more like null pointer exceptions and the like, where it's a programming error that slipped through testing.
Admin
http://security.stackexchange.com/questions/4471/is-it-a-vulnerability-to-display-exception-messages-in-an-error-page
It should not be that hard to come up with a line of text that's friendlier and safer.
Admin
The sheer majority of exceptions wont have anything useful to users except "there was a problem", maybe there was a problem doing x. Typically you want to automate this. It's still useful to actually have meaningful messages (ie what the app was trying to do/expected) in logs for debugging rather than a stack trace. Consider exception throwing as a kind of runtime assertion/automated testing feature.
Unless the exception is specifically related to something the user might have done, I consider it a lost cause to try to put in an error message for a user. By default messages should be for developers. If your app is so buggy that you need users to try to work around themselves by giving extra info all the time such as where it failed, you should give up programming.
So exceptions should never be output to the user when one exception. You create a SafeException class that you might use like this...
if input.password is empty throw new SafeException('Password was empty!');
Alternatively you can use codes and separate presentation from logic.
Personally in my systems I tend to wrap all exceptions that are unsafe (not instance of SafeException) as they reach a boundary layer where they are propagated to a conversion handler in a SafeException. This makes a nice simple single channel of communication. The wrapping process logs, adds a generic message and a time stamp so that the error can be found in logs (an identifier or encrypted logout put are other options). I have so few errors that anything too elaborate is usually unnecessary.
In summary, exception messages should be for programmers.
Admin
Logger Logger Logger Logger Logger Logger Logger Logger Logger Logger Logger Logger Mushroom Mushroom
Admin
Give me even a Blue Screen than tell me that everything is fine, my reservations have been approved, just show up after traveling 3,000 miles taking 1 week of time and several thousand dollars. DO NOT TELL ME everything is fine. I much prefer any TDTWF error messages to "OK" when it is NOT OK!!!!!!
Admin
However it's a reasonable temporary solution if you don't even have handling for common, understood problems like "no such product" yet. But replacing this, with user-friendly messages for expected exceptions and logging for unexpected ones, should be a priority.
Admin
omg.wtf: useless.object.class.Name; IncomprehensibleException minor code: DEADBEEF completed: No at you.are.so.screwed(ValueHandlerImpl.lang:199) at you.paid.good.money.to.download.this.app(CDRInputStream.lang:1429) at and.the.apps.developers.have.no.clue(ValueHandlerImpl.lang:625) at demand.your.refund.now(ValueHandlerImpl.lang:273) at because.this.is.but.a.preview(CTROutslutStream.lang:1429)In fact, I'm a developer, and that's what these stacks look like to me too. If I see this displayed as the first description of the failure, I consider whether I really need to use this application or not.
I would be more tolerant of such failures if they were stored in a log file (or a "Details" tab).
Admin
It's loggerheads all the way down.