Qumicaorgnica 130731235558-phpapp01-131119103244-phpapp01-131122091004-phpapp01
201309 130917200320-phpapp01
-
Upload
simon-lin -
Category
Technology
-
view
339 -
download
0
description
Transcript of 201309 130917200320-phpapp01
Teddy Chen
Sept. 14 2013
例外處理設計與重構實作班
Copyright@2013 Teddysoft
我是誰
• 2012年7月成立泰迪軟體,從事敏捷開發顧問、教育訓練、軟體工具導入等服務。
• 2012年6月,出版暢銷書「笑談軟體工程:敏捷方法的逆襲」。
• 2012年4月起,多次講授Scrum課程,與學員互動氣氛佳,滿意度高。
• 超過17年design pattern實務經驗,曾在pattern領域最著名的PLoP國際研討會發表論文。 – PLoP 2004:A Pattern Language for Personal Authoring
in E-Learning.
– Asia PLoP 2011:Emerging Patterns of Continuous Integration for Cross-Platform Software Development.
• 2009年取得Certified ScrumMaster。
• 2008年4月起迄今,5年以上Scrum業界導入經驗。
• 2008年取得台北科技大學資工博士。
• 2007年起經營「搞笑談軟工」部落格。
Copyright@2013 Teddysoft
課程內容
• 例外處理基本觀念
• 例外處理的4+1觀點
• 建立例外處理中心思想—Staged Robustness Model
• EH Bad Smells and Refactoring's
Copyright@2013 Teddysoft
例外處理基本觀念
一個軟體開發專案存在著很多互相競爭且衝突的非功能需求
Copyright@2013 Teddysoft
robustness
(exception handling)
time-to-market, iterative & incremental design, maintainability, etc. 誰贏、誰輸?
Robustness輸了之後會造成系統不穩定
Copyright@2013 Teddysoft
系統不穩定會有什麼問題?
Copyright@2013 Teddysoft
輕則損失時間、金錢與商譽, 重則可能危害生命安全。
SPECIFICATION Correctness
Robustness
提升軟體可靠度需同時考慮Correctness與Robustness這兩個因素
• Correctness –軟體產品可以執行規格中所規範的工作或行為
–可透過Contract Specification來達成
• Robustness –軟體系統應付異常狀況的能力
–可透過Exception Handling來達成
Copyright@2013 Teddysoft
本課程介紹如何透過例外處理來增加系統的強健度
練習:請分享一個因為例外處理不良而造成金錢上、時間上、精神上損失的經驗
例外處理機制—Exception
Handling Mechanism (EHM)
問題: 請說出一個你熟知的程式語言的例外處理機制
例外處理機制(EHM)是程式語言用來支援例外處理的方法
• Representation
• Definition
• Signaling
• Propagation
• Resolution
• Continuation
Copyright@2013 Teddysoft
1. Representation
• 程式語言表達例外的方法 – Symbol
• strings or numbers
– Data object • Used to hold error and failure information only.
• Raised by a language keyword.
– Full object • Encapsulate signaling, propagation, and continuation
behaviors of exceptions in the class definition.
Copyright@2013 Teddysoft
2. Definition
• 程式設計師如何定義一個例外
– Symbols
• new exceptions are defined as strings or numbers.
–Data objects and full objects
• a class is used to define an exception.
Copyright@2013 Teddysoft
3. Signaling
• 產生一個例外(的實例),並且將例外傳給接收者的指令稱之為: – throwing, signaling, raising, or triggering
• 例外產生方式有兩種: – Synchronous exception
• A direct result of performing the instruction.
– Asynchronous exception • Produced by the runtime environment upon encountering
an internal error or by stopping or suspending a thread.
Copyright@2013 Teddysoft
4. Propagation
• If an exception is signaled and not coped with locally, the exception can be propagated to the caller of the signaling method.
• Exception propagation can be explicit or implicit (or automatic). – Explicit: a receiver must explicitly re-throw an
unhandled received exception for further propagation
– Implicit: an unhandled exception is automatically propagated.
Copyright@2013 Teddysoft
5. Resolution
• Exception resolution or handler binding is a process of finding a suitable handler in the target, which is resolved by static scoping at compiler-time, dynamic invocation chain at runtime, or both.
• There are two methods to dynamically find a handler: stack unwinding and stack cutting. – Stack unwinding pops the stack frames to search for the
matching exception handler – Stack cutting maintains a list of registered exception handlers
and looks up the list for a suitable exception handler.
Copyright@2013 Teddysoft
6. Continuation
• An exception continuation or exception model specifies the execution flow after an exception handler returns its control.
– Termination model
–Retry model
–Resumption model
Copyright@2013 Teddysoft
容易搞混且重要的觀念:Fault, Error, Failure, Exception彼此的關係
fault error failure
exception
(1) design (2) component
cause of failure a state may lead to failure
service departs from specification
represented by
Copyright@2013 Teddysoft
以下何者是design fault,何者是component
fault?
1. 除以零 (division by zero)
2. Index Out of Bound
3. 網路斷線
4. 硬碟空間已滿
5. 檔案不存在
24 Copyright@2013 Teddysoft
為什麼要區分design fault與component fault?
Exception Handling vs. Fault-Tolerant Programming
• Exception handling deals with component faults (anticipated exceptions)
• Fault-tolerant programming deals with both component and design faults (anticipated and unanticipated exceptions)
26 Copyright@2013 Teddysoft
範圍不同、成本不同!
Java例外處理機制
Java Exception Handling: The try
Statement (before JDK 7)
28 Copyright@2013 Teddysoft
Java Exception Handling: The try_multi_catch in JDK 7
29 Copyright@2013 Teddysoft
Java Exception Handling: The try_with_resources in JDK 7
30 Copyright@2013 Teddysoft
Java Exception Class Hierarchy
31
checked
unchecked
IOException
NullPointerException
Throwable
Exception
RuntimeException
Error
IndexOutOfBoundsException
SQLException
Copyright@2013 Teddysoft
Use checked exceptions for recoverable conditions and
run-time exceptions for programming errors
使用Checked Exception須遵循Handle-or-Declare Rule
Copyright@2013 Teddysoft
handle
declare
程式如果違反Handle-or-Declare Rule將被Java Compiler
視為語法錯誤
例外處理的4+1觀點 Usage (用途)
Design (設計)
Handling (處理)
Tool-Support (工具支援)
Process (流程)
為什麼例外處理這麼難?
Usage View (例外用途觀點)
Exception, 真的只是用來代表「例外狀況」嗎?
練習:分組討論要如何處理EOFException與InterruptedException?
EOFException範例 public void readDataFromFile(String aFileName){
try (DataInputStream input = new DataInputStream
(new FileInputStream(aFileName))) {
while (true) {
System.out.print(input.readChar());
}
}
catch (EOFException e) {
// How to "handle" this exception?
}
catch (IOException e) {
e.printStackTrace();
} }
Copyright@2013 Teddysoft
InterruptedException範例
public void sleepMillisecond(int ms){
try {
Thread.sleep(ms);
} catch (InterruptedException e) {
// How to "handle" this exception?
}
}
Copyright@2013 Teddysoft
Usage View
• Failure
• Notification – EOFException
– InterruptedException
Copyright@2013 Teddysoft
案情沒有那麼單純,請看另一個EOFException範例
Copyright@2013 Teddysoft
public void fetchRawBytesAndSetupMessage(DataInputStream aIS)
throws IOException, InvalidPacketException {
int length = aIS.readInt();
setMessageLength(length);
byte[] messageBody = new byte[length];
try {
aIS.readFully(messageBody);
} catch (EOFException e) {
throw new InvalidPacketException("Data Underflow");
}
setMessage(new String(messageBody)); }
Context 決定 exception的用途
Design View
(例外設計觀點)
Design View
• Declared: –例外有宣告在元件的介面規範中
–又稱為anticipated或expected例外
–代表component fault
• Undeclared: –例外沒有宣告在元件的介面規範中
–又稱為unanticipated或unexpected例外
–代表design fault
Copyright@2013 Teddysoft
Declared Exception
Copyright@2013 Teddysoft
public void fetchRawBytesAndSetupMessage(DataInputStream aIS)
throws IOException, InvalidPacketException {
int length = aIS.readInt();
setMessageLength(length);
byte[] messageBody = new byte[length];
try {
aIS.readFully(messageBody);
} catch (EOFException e) {
throw new InvalidPacketException("Data Underflow");
}
setMessage(new String(messageBody)); }
Undeclared Exception (1/2)
Copyright@2013 Teddysoft
public Hamburg createHamburger(String type) {
Hamburg ham = null;
switch (type) {
case "pork":
ham = new SweetPorkHamburger();
break;
case "beef":
ham = new SweetBeefHamburger();
break;
default:
throw new RuntimeException
("Unsupported hamburger type:" +
type);
}
return ham;
}
Undeclared Exception (2/2)
Copyright@2013 Teddysoft
public void deposit(int value) {
if (value < 0 ) {
throw new IllegalArgumentException
("存款金額不得為負數.");
}
// doing normal deposit logic
}
你在做例外處理還是容錯設計? (1/2)
Copyright@2013 Teddysoft
public void deposit(int value) throws
llegalArgumentException {
if (value < 0 ) {
throw new IllegalArgumentException
("存款金額不得為負數.");
}
// doing normal deposit logic
}
public void deposit(int value) {
if (value < 0 ) {
throw new IllegalArgumentException
("存款金額不得為負數.");
}
// doing normal deposit logic
}
D
UC
UC UD
你在做例外處理還是容錯設計? (2/2)
public String execute(String cmd) throws
IOException,
NullPointerException,
IllegalArgumentException;
Copyright@2013 Teddysoft
UC D
C D
Design View小結
撇開程式語言是否區分checked與unchecked例外,唯有將例外宣告在介面上(或以某種形式存在程式或文件中),在設計階段程式設計師才有機會知道要如何來因應可能會遭遇到的異常狀況。
Copyright@2013 Teddysoft
Handling View
(例外處理觀點)
Handling View
• Recoverability (可恢復性) – recoverable, unrecoverable(irrecoverable)
• Exception handling constructs in languages and utilities – Roles, responsibilities, and collaborations (e.g., try,
catch, finally in Java)
Copyright@2013 Teddysoft
Handling View之 Recoverability
Recoverability:爽到你,艱苦到我
Copyright@2013 Teddysoft
Thanks Linda
Recoverability:Callee與Caller都要負責任
Copyright@2013 Teddysoft
Thanks Linda
public void sleepMillisecond(int ms){
try {
Thread.sleep(ms);
} catch (InterruptedException e) {
// How to "handle" this exception?
}
}
Recoverability思考練習1
Copyright@2013 Teddysoft
Callee
Caller: InterruptedException是一個可以被修復的例外狀況嗎?
public void readDataFromFile(String aFileName){
try (DataInputStream input = new DataInputStream
(new FileInputStream(aFileName))) {
while (true) {
System.out.print(input.readChar());
}
}
catch (EOFException e) {
// How to "handle" this exception?
}
catch (IOException e) {
e.printStackTrace();
} }
Recoverability思考練習2
Copyright@2013 Teddysoft
Callee
Caller: EOFException與IOException的recoverability?
public void fetchRawBytesAndSetupMessage(DataInputStream aIS)
throws IOException, InvalidPacketException {
int length = aIS.readInt();
setMessageLength(length);
byte[] messageBody = new byte[length];
try {
aIS.readFully(messageBody);
} catch (EOFException e) {
throw new InvalidPacketException("Data Underflow");
}
setMessage(new String(messageBody)); }
Recoverability思考練習3
Copyright@2013 Teddysoft
Callee
Caller: EOFException與IOException的recoverability?
Handling View之 Exception Handling Constructs
and Utilities
不同的程式語言有不同的例外處理構件
• Java/C# – try-catch-finally
• C++ – try-catch
– destructor
• Eiffel – Exception handlers in Eiffel are attached at the method
level and all exceptions are caught by one handler.
61 Copyright@2013 Teddysoft
重新思考try-catch-finally的責任與分工
• Try – Implement requirements (can have alternatives) – Prepare state recovery (e.g., make a check point)
• Catch – Perform error and fault handling – Report exceptional conditions – Control retry flow
• Finally – Release resources – Drop check points if any
62 Copyright@2013 Teddysoft
例外處理也是一種程式設計,需要程式設計能力與軟體元件支援
• 設計技巧 – Memento、Smart pointer、Check point、etc.
– Exception hierarchy
– EH best practices and patterns
• 工具 – Logging (e.g., Log4j)
– Common error formats and dialogs
– EH smell detection
– Marker & resolution
63 Copyright@2013 Teddysoft
Handling View小結
要判斷一個例外是否為一個可修復的狀況,是例外處理「設計」的第一個步驟,但這個判斷依據並不是一件容易的事。
確定了例外的recoverability之後,接著可利用程式語言構件與軟體元件的協助
來實作例外處理程式碼。
Copyright@2013 Teddysoft
Tool-Support View
(例外工具支援觀點)
Tool-Support View
• Java語言的tool-support –區分Checked與unchecked例外
Copyright@2013 Teddysoft
Java與C#程式比較
Copyright@2013 Teddysoft
Java語言的Tool-Support所造成的後遺症
• Interface evolution problem
• Ignored checked exception
68 Copyright@2013 Teddysoft
Tool-Support View小結
為了提高軟體的強健度,開發人員需要一個提醒機制,告知那些操作有可能產生例外,否則開發人員更容易忽略例外處理,只能等runtime
發生錯誤時再回頭修補。
Copyright@2013 Teddysoft
Process View
(開發流程觀點)
Process View
• Waterfall VS. IID (iterative and incremental development)
• 如何在IID流程中規劃例外處理? – I will handle this exception when I have time.
Never happens!
Copyright@2013 Teddysoft
以Scrum為例
• Story – Normal scenarios
– Failure scenarios
• 這個sprint先做normal scenarios,下個sprint再做failure scenarios
Copyright@2013 Teddysoft
敏捷開發讓例外處理變得好簡單啊! 才怪
「先做normal scenarios,再做failure scenarios」實務上有何問題?
Copyright@2013 Teddysoft
做normal scenarios的時候遇到例外怎麼辦?
Copyright@2013 Teddysoft
public void fetchRawBytesAndSetupMessage(DataInputStream aIS)
throws IOException, InvalidPacketException {
int length = aIS.readInt();
setMessageLength(length);
byte[] messageBody = new byte[length];
try {
aIS.readFully(messageBody);
} catch (EOFException e) {
throw new InvalidPacketException("Data Underflow");
}
setMessage(new String(messageBody)); }
Process View小結
IID或敏捷開發法不會讓例外處理變得更簡單。若團隊沒有一套例外處理設計規範,則很有可能反而會降
低系統的強健度。
Copyright@2013 Teddysoft
例外處理的4+1種觀點結論
例外處理…好難…Orz
建立例外處理中心思想—
Staged Robustness Model
例外處理的目標
例外處理的目標
Robustness Levels (強健度等級)
80
Undefined
Error-
Reporting
State-
Recovery
Behavior-
Recovery
0
1
2
3
Robustness
unpredictable
All exceptions are
reported
State is correct under the
presence of exceptions
Service is delivered under the
presence of exceptions
Copyright@2013 Teddysoft
Robustness levels of components Element RL G0 RL G1 RL G2 RL G3
name undefined error-reporting state-recovery behavior-recovery
service failing implicitly or
explicitly failing explicitly failing explicitly delivered
state unknown or incorrect unknown or
incorrect correct correct
lifetime terminated or
continued terminated continued continued
how-
achieved NA
(1) propagating all
unhandled
exceptions, and
(2) catching and
reporting them in
the main program
(1) error
recovery
and
(2) cleanup
(1) retry, and/or
(2) design
diversity, data
diversity, and
functional diversity
also known
as NA failing-fast
weakly tolerant
and organized
panic
strongly tolerant,
self-repair, self-
healing, resilience,
and retry Copyright@2013 Teddysoft
Upgrading and degrading exception handling goals
82
fail-fast; keep
user informed
G0 G1 G2
restore state, clean up,
and keep programs alive
G3
attempt retries
all retries failstate restoration
or cleanup fail
Copyright@2013 Teddysoft
Applicability for the robustness levels
83
RL Applicability
G1
In the early stage of system development
Prototyping
Applying an evolutionary development methodology
Time-to-market
G2
Outsourcing
Designing utility components used in different application domains
Behavior-recovery actions should be administered by the user
G3
Developing mission critical systems
Designing components having sufficient application context to
recover from behavioral failures, e.g., application controllers
Behavior-recovery actions are inappropriate to be administered by
the user
Copyright@2013 Teddysoft
強健度等級小結
Consequences
• Robustness without costly up-front design
• Guiding exception handling implementation
• Independent of languages
Copyright@2013 Teddysoft
Bad Smells and Refactorings
Refactoring基本觀念
Bad Smells and Refactorings
Refactoring基本觀念
What is Refactoring
• Improving the internal structure of a
software system without altering its
external behavior [fowler]
• Steps to perform refactoring:
– Identifying code smells
– Applying refactorings to remove the smells
– Verifying satisfaction
Copyright@2013 Teddysoft
Refactoring and EH Refactoring
89
Normal
Behavior
Exceptional
Behavior
Refactoring EH Refactoring
Behavior
Copyright@2013 Teddysoft
EH Smells, Refactorings, and RL
90
EH smell Refactoring RL
Return code Replace Error Code with Exception G1
Ignored checked
exception
Replace Ignored Checked Exception with
Unchecked Exception G1
Unprotected main
program
Avoid Unexpected Termination with Big
Outer Try Block G1
Dummy handler Replace Dummy Handler with Rethrow G1
Nested try block Replace Nested Try Block with Method G2
Careless Cleanup Replace Careless Cleanup with Guaranteed
Cleanup G2
Ignored checked
exception
Dummy handler
Introduce Checkpoint Class G2
Spare handler Introduce Resourceful Try Clause G3 Copyright@2013 Teddysoft
Smell: Return Code
91 Copyright@2013 Teddysoft
public int withdraw(int amount) { if (amount > this.balance) return -1; else { this.balance = this.balance – amount; return this.balance; } }
Refactoring: Replace Error Code with Exception
92 Copyright@2013 Teddysoft
public int withdraw(int amount) throws NotEnoughMoneyException { if (amount > this.balance) throw new NotEnoughMoneyException (); this.balance = this.balance – amount; }
Smell: Ignored Checked Exception
93 Copyright@2013 Teddysoft
public void writeFile(String fileName, String data) { Writer writer = null; try { writer = new FileWriter(fileName); // may throw IOException writer.write(data); // may throw IOException } catch (IOException e) { // ignoring the exception } finally { // code for cleanup } }
Replace Ignored Checked Exception with Unchecked Exception
public void writeFile(String fileName, String data) { Writer writer = null; try { writer = new FileWriter(fileName); /* may throw an IOException */ writer.write(data); /* may throw an IOException */ } catch (IOException e) { /* ignoring the exception */ } } ↓ public void writeFile(String fileName, String data) { Writer writer = null; try { writer = new FileWriter(fileName); /* may throw an IOException */ writer.write(data); /* may throw an IOException */ } catch (IOException e) { throw new UnhandledException(e, “message”); } }
94 Copyright@2013 Teddysoft
Smell: Unprotected Main Program
95 Copyright@2013 Teddysoft
static public void main(String[] args) { MyApp myapp = new MyApp(); myapp.start(); }
Avoid Unexpected Termination with Big Outer Try Block
96
static public void main(String[] args) { MyApp myapp = new MyApp(); myapp.start(); } ↓ static public void main(String[] args) { try { MyApp myapp = new MyApp(); myapp.start(); } catch (Throwable e) { /* displaying and/or logging the exception */ } }
Copyright@2013 Teddysoft
Smell: Dummy Handler
97 Copyright@2013 Teddysoft
public void m(String aFileName) { try{ FileInputStream fis = new FileInputStream(new File(aFileName)); } catch(IOException e){ e.printStackTrace(); } finally{ // cleanup } }
Replace Dummy Handler with Rethrow
98 Copyright@2013 Teddysoft
public void m(String aFileName) { try{ FileInputStream fis = new FileInputStream(new File(aFileName)); } catch(IOException e){ e.printStackTrace(); } finally{ // cleanup } }
public void m(String aFileName) { try{ FileInputStream fis = new FileInputStream(new File(aFileName)); } catch(IOException e){
throw new UnhandledException (e, “message”);
} finally{ // cleanup } }
Smell: Nested Try Statement
99 Copyright@2013 Teddysoft
FileInputStream in = null; try { in = new FileInputStream(…); } finally { try { if (in != null) in.close (); } catch (IOException e) { /* log the exception */ } }
Replace Nested Try Statement with Method
100
FileInputStream in = null; try { in = new FileInputStream(…); } finally { try { if (in != null) in.close (); } catch (IOException e) { /* log the exception */ } }
Copyright@2013 Teddysoft
FileInputStream in = null; try { in = new FileInputStream(…); } finally { closeIO (in); } private void closeIO (Closeable c) { try { if (c != null) c.close (); } catch (IOException e) { /* log the exception */ } }
Smell: Careless Cleanup
101 Copyright@2013 Teddysoft
public void cleanup String aFileName) { try{ FileInputStream fis = new FileInputStream(new File(aFileName)); fis.close(); } catch(IOException e){ throw new RuntimeException(e); } }
Replace Careless Cleanup with Guaranteed Cleanup
102 Copyright@2013 Teddysoft
public void cleanup String aFileName) { try{ FileInputStream fis = new FileInputStream(new File(aFileName)); fis.close(); } catch(IOException e){ throw new RuntimeException(e); } }
public void cleanup String aFileName) { FileInputStream fis = null; try{ fis = new FileInputStream(new File(aFileName)); } catch(IOException e){ throw new RuntimeException(e); } finally { closeIO(fis); } }
練習:尋找 Smells
練習:EH Refactoring
Advanced Refactoring
Introduce Checkpoint Class
106
public void foo () throws FailureException { try { /* code that may change the state of the object */ } catch (AnException e) { throw new FailureException(e); } finally {/* code for cleanup */} } ↓ public void foo () throws FailureException { Checkpoint cp = new Checkpoint (/* parameters */); try { cp. establish (); /* establish a checkpoint */ /* code that may change the state of the object */ } catch (AnException e) { cp.restore (); /* restore the checkpoint */ throw new FailureException(e); } finally { cp.drop(); } } Copyright@2013 Teddysoft
Smell: Spare handler
107 Copyright@2013 Teddysoft
try { /* primary */ } catch (SomeException e) { try {/* alternative */} catch(AnotherException e) { throw new FailureException(e); } }
Introduce Resourceful Try Clause
108
try { /* primary */ } catch (SomeException e) { try {/* alternative */} catch(AnotherException e) { throw new FailureException(e); } } ↓ int attempt = 0; int maxAttempt = 2; boolean retry = false; do { try { retry = false; if (attempt == 0) { /* primary */ } else { /* alternative */ } } catch (SomeException e) { attempt++; retry = true; if (attempt > maxAttempt) throw new FailureException (e); } } while (attempt<= maxAttempt && retry)
Copyright@2013 Teddysoft
參考資料
Copyright@2013 Teddysoft
複習
• 例外處理基本觀念
– EHM、fault、error、failure、exception
• 例外處理的4+1觀點
• 建立例外處理中心思想—Staged Robustness Model
• EH Bad Smells and Refactorings
泰迪軟體敏捷開發訓練藍圖
Copyright@2013 Teddysoft
謝謝,再見 XD