[bind10-dev] 2009-10-08 BIND 10 meeting
Christos Zoulas
christos at zoulas.com
Thu Oct 8 20:19:22 UTC 2009
On Oct 8, 3:14pm, mgraff at isc.org (Michael Graff) wrote:
-- Subject: Re: [bind10-dev] 2009-10-08 BIND 10 meeting
| -----BEGIN PGP SIGNED MESSAGE-----
| Hash: SHA1
|
| Christos Zoulas wrote:
| > 2. No exceptions at all. Allows code to be compiled with -fno-exceptions
| > (and since you probably are not going to use rtti -fno-rtti)
| > which makes the code a lot more efficient and embeddable. Since you
| > are not going to expose exceptions in the api anyway, why don't
| > you just abort() on such errors, or log+exit(). Finally c++
| > exceptions are unchecked and make programming a lot more difficult.
| > (alexandrescu's c++ 101 rules, guidelines and best practices is
| > a good reading).
|
| abort() or log+exit() are specifically what we are trying to avoid.
|
| The problem is unrolling where you are. BIND 9 used return codes, so
| each and every operation ended up using:
|
| status = foo();
| if (status != ISC_R_SUCCESS)
| ... do stuff ...
|
| In this case, we might be able to avoid some of that using exceptions.
| The trick is to find where we really want one and where we really don't.
|
| If we take exceptions off the table, I say we write the whole thing in
| Python or Ruby. Removing major features of the reason we chose C++
| would mean we chose poorly.
Well, the biggest problem I have with exceptions is that they lead to
resource leaks. Since there are no checked exceptions you cannot know
if I function that you call is going to throw, so for every OS resource
you use (fd, shared memory segment, malloced space without smart pointers)
you must make sure that there is no exception that is going to cause you
to leak it.
christos
More information about the bind10-dev
mailing list