Coding Guidelines¶
Error Handling / Exceptions¶
- Use a common rsb::Exception for all exceptions
- Rationale: Provides in the client application a way to handle all error from the communication layer uniquely
- In languages where multiple inheritance is a pain, this class inherits from a runtime-like error and a custom exception tree with e.g. InvalidArgument is created underneath this root exception type.
- If multiple inheritance is feasible, use it to reuse the existing language exception types.
- in C++, don't use exceptions in constructors if you have objects that need a manual deallocation (to be verified that the destructor is not called for half-constructed instances)
Barricade Strategy¶
Generally: invalid data must not enter the backends
- Generally user-induced data should be validated on the client level.
- Invalid data causes exception for the user
- Exception to this rule is the converter mechanism -> user data member of the event class
- Generally performing a validation already in client-level code is too expensive
- OutRoute:
- Always using exceptions in the sending stack is not possible for asynchronous sending strategies.
- An invalid combination of data and converter is a (user-induced) fatal error
- exit the program (using a macro/function that creates a segfault in any case to get a backtrace, assert could be switched off and the error would be unnoticed or untraceable)
- InRoute:
- two cases:
- no converter available:
- Could happen because the receiver is not the cause of the message
- for Reader (pull-based model) an exception is possible without any problems
- Asynchronous case requires user checking for exceptions:
- Special event or tag in event for error condition
- A method for the user to check whether the event is an error condition or not
- Error while converting
- Could be possible with UNRELIABLE communication that can cause damaged packages
- For RELIABLE use the same mechanisms as above
- For UNRELIABLE (in a first iteration) only log the error and do not dispatch to the user
- no converter available:
- two cases:
- ParticipantConfig:
- Data holder
- Validation performed by factory (first recipient of user-provided data)
- Connection errors:
- Should be noticeable every time
- UNRELIABLE: errors could be ignored without violating QoS
- InRoute: use (another) special error event
- OutRoute: Reject sending (exception in user call to send) as soon as connection loss is noticed (no further guarantees for already submitted messages)
- RELIABLE: first guess terminate the program because QoS is violated