I think I personally agree with you here. However, whenever I try to
promote this philosophy, I encounter so much resistance, that I am forced
to drop before I have chance to present rational arguments.
No disagreement here. It is just that my sense tells me preconditions
should be defined so that breaking them is rare. So rare that I do not even
mind my debugger interrupting me.
Same here. How often C functions in your program return error codes? If it
is "quite often" then this might be a problem on its own.
Maybe you are right. Of course "real" and "unreal" are very subjective, but
maybe you have got a point. When writing a low-level asynchronous library
like AFIO, situations like not being able to open a file or write to it at
a given moment should not be treated as a "real error", because at this
level, in this context, there is no corresponding postcondition. But still,
a dedicated library for representing variant return values is needed. and
`variant` is not good enough.
I think this is where you do not appreciate the power of static checking.
Yes, technically it is possible just access the `o.value()` manually and
get a throw or some unintended behavior. But I would consider it an
irresponsible use and compare it the situation where you use type
unique_ptr, and only call `get()` and `release() to compromise it safety:

```
unique_ptr<T> factory(X x, Y y)
{
unique_ptr<T> ans = make_unique<T>(x)
T* raw = ans.release();
raw->m = compute_and_maybe_throw(y);
return unique_ptr<T>(raw);
}
```

And you might argue that `unique_ptr` is unsafe, or that using `unique_ptr`
is dangerous. But that would be false, because only because you can
compromise a type's static-safety it does not mean that it is not safe.
Same goes for outcome:

```
outcome<T> append_Y(T t, Y y);

outcome<T> fun(X x, Y y)
{
outcome<T> t = make_X(x);
return append_Y(t, y); // fails to compile

return append_Y(TRY(t), y); // ok, and safe
}
```

If you forget to check for the error the compiler will remind you. Not the
runtime, not the call to std::terminate(), but the compiler!
std::terminate() is better than ignoring exceptions in this case, yes. But
having the compiler tell you that you have this problem is even better. And
this is what `outcome` offers.
If I measure how much area of my program needs a `variant` it might be
about 5%. And in some programs I do not need it at all. But I appreciate
that I have a standard library (well tested, well designed) for it. Some of
the Standard Library components I have never used, but I still consider the
decision to have it there to be correct.
I agree with your diagnosis. I am not advocating for Java exceptions. My
apologies if I have confused you.

Regards,
&rzej;

_______________________________________________
Unsubscribe & other changes: ht

That's true enough for applications, less so for libraries. A
library may simply be re-initialized upon throwing a logic error (if it permits),
and the using application may try to use the library's functionality again with
modified input data. That won't, of course, fix the logic error, but
it may circumvent it and produce useful application output.
Python effectively achieves this by having assert raise a catchable
AssertionError.
Well, no. C functions return error codes also as both a way to
describe exceptional conditions (e.g. ENOMEM), user error (e.g. EINVAL) as
well as informing the user of what they should do (e.g. EAGAIN). (I
prefer to treat them as status codes for this reason.)
Exceptions can only cover the first two cases, and only the first is
non-recoverable. Breaking in those cases makes more sense than
breaking when C functions return error codes precisely because of the
likes of EAGAIN.

Effectively, C++ exceptions occupy the middle ground between
unrecoverable error states and status codes, i.e. situations that
users may wish to recover from, but that should lead to program
terminiation if they choose not to.

One *good* example is throwing a logic_error in the default case of a
switch statement (specifically a domain_error, in this case). Not in every
situation, of course.

I hope that makes sense,
Jens

While I don't disagree with that, and I use a debugger which by default
does not pause on caught exceptions, I tend to run it configured to
pause on all thrown exceptions regardless.

This is because in the codebases I tend to work with, exceptions are
rare and unusual and generally indicative of a serious problem in either
the code or the input, and thus they ought to be investigated whenever
they happen, because they're not supposed to ever happen.

As a result, code that throws exceptions for other reasons irritates me,
and I try to avoid using it.

Even where I might normally run without that enabled, at some point I
find myself needing to track down a logged exception, so I turn it on,
and then get irritated if exceptions other than the one I was looking
for turn up. So again it's preferable to not have them happen unless
they're serious.

And of course there's the old adage about not using exceptions for
"normal" control flow (whatever normal means to your method).


_______________________________________________
Unsubscribe & other changes: http://lists.boost.org/mailman/listinfo.cgi/boost