Exceptions are Bad™

By Jed Wesley-Smith, Performance Engineer
About Developer
On May 29, 2011

We had an internal discussion recently on checked versus unchecked exceptions somewhat mirroring Howard Lewis Ship’s recent commentary on the subject. The discussion was about a library that throws a `RuntimeException` in cases where the client programmers really should be handling the situation – there is some predictable error case and the client _can and should_ handle it. There was heated argument that this should therefore be a _checked exception_ – I am not a fan of checked exceptions and suggested alternatives.

Now, Java is almost the only language that actually supports checked exceptions. Even in Java they are many who consider them _A Bad Idea™_ that should be avoided. Why? Because they are still exceptions – designed for exceptional circumstances – and using them for control flow just isn’t good programming[1]. Checked exceptions force the client code to deal with the exceptional case using clumsy constructs and are generally so un-user-friendly that the most common way of handling them is to catch then call `ex.printStacktrace()` which is actually _the worst possible thing to do_! The ever increasing use of alternate languages on the JVM means that exceptions are absent in any other language that needs to interop with your Java API anyway.

There are further ways in which exceptions are just not _ergonomic_. Exceptions do compose reasonably well, but exception ergonomics are not just about the compositional semantics. There is no possibility of contravariance in an exception signature for instance (so you have to either have `throws Exception` (eg. `Callable.call()`) which is meaningless and defeats the whole point – or you have parametric exceptions (which I have never seen actually used). While you can have covariant exception signatures they aren’t very useful in practice either. One of the major reasons the closure proposal has been delayed so much is the complexities thrown up by checked exceptions. Lastly, an API with a checked exception in it is stunningly hard to modify and maintain source backwards-compatibility. Your only chance is if you have parameterised your exception type (again, see closure proposal discussions for how well _that_ works).

So given how bad they are, what are our alternatives?

For instance if you have the following signature:

/** Get the numeric value contained in the parameter **/
Integer parse(String) throws NumberFormatException

How do we make this handle cases where the input isn’t made solely of digits without throwing exceptions? We could return `null`? bzzzzt! Back of the class. Nulls are very, very bad, and encoding null with any sort of meaning (in this case that the input was unparsable) is terrible. Nulls are attractive in that null is always a member of any reference type, but they lead to all sorts of problems – not the least being the dreaded `NullPointerException`. So, no nulls and no exceptions, where do we go next?

A good first effort is to use an `Option` or `Maybe` type, where the possible results are `Some` number or `None`. This is how it looks now:

/** Get Some numeric value from the parameter, or None */
Option parse(String);

This is quite a lot better than null as the result is definitely not null and can have lots of useful functions on it for dealing with the result if present, but it doesn’t really deal with the failure case very well. Ie. what happened if I get a `None`? Why did it not parse?

In this case what we want is something like an `Either` (technically a disjoint union). This fairly straight-forward type represents _either_ an `X` or an `A`. By convention the `X` (left) is for problems/exceptions and the `A` (right) is for the expected result as it is the _right_ side.

/**
* Get either a numeric value from the parameter,
* or a NumberFormatValidation explaining what was wrong
*/
Either parse(String);

Now we have a more honest result type. It tells you that it will definitely for each and every `String` return you something, either the `Integer` value or a `NumberFormatValidation` (or an `ErrorMessage`, or an error `String` or whatever). There is no `null` to deal with anywhere and no ugly catch blocks.

Furthermore, as the actual type if the lhs is not restricted to subclasses of `Exception`, the opportunity to use it for carrying data is much broader. Subclassing `Exception` to allow carrying of data (such as `ValidationException` or some-such) has been clumsy at best in practice. With `Either` we can use any structure to represent failure at all.

Java doesn’t make using these things syntactically much nicer than using checked exceptions (that is a general problem with Java) but there are enough benefits to seriously consider these techniques as significant alternatives even in a pure Java project.

Whether or not you use these features directly, you are likely to come across more and more code that uses them as the state of the art moves on.

[1]: There are of course specialised [ahem] exceptions to this rule but we’ll ignore that for now.

Atlassian Summit 2012 is right around the corner. Check out the speaker lineup »

Announcing Atlassian Stash - Git repository management built for the enterprise »

Comments (31)

Throw us a bone, buddy. Contravariance deserves either a definition or at least a link. Otherwise you’re limiting your audience to only those who already know enough about the subject matter to not need to read it.

By Brian Farmer on May 30, 2011 / Reply
Brian,
Apologies: http://en.wikipedia.org/wiki/Covariance_and_contravariance_(computer_science)
tl;dr: Covariance is the ability to specialise the type (for instance in Java from `Number` to `Integer`) and Contravariance is the opposite (to be able to specify a super type).
Checked exceptions do allow covariance in their call site definition, but it is basically useless (see `java.sql.SQLException` and its hierarchy for example).
For more advanced information on co/contra variance I can definitely recommend this series of vids from Erik Meijer and Dr Brian Beckman:
http://channel9.msdn.com/Shows/Going+Deep/C9-Lectures-Brian-Beckman-Covariance-and-Contravariance-in-Physics-1-of-1
http://channel9.msdn.com/Shows/Going+Deep/E2E-Brian-Beckman-and-Erik-Meijer-CoContravariance-in-Physics-and-Programming-2-of-2
http://channel9.msdn.com/Shows/Going+Deep/E2E-Brian-Beckman-and-Erik-Meijer-CoContravariance-in-Physics-and-Programming-3-of-3

By Jed Wesley-Smith on May 30, 2011 / Reply
I’m a bit tired of reading the exception bashing posts….
I don’t find the suggested Either construct more elegant or more practical than throwing a NumberFormatException, in the contrary since at one point you will have to check whether the call actually returned an Integer or not, won’t you? then you will disrupt the flow yourself, instead of letting the natural exception mechanism handle it. What have you gained?
“Subclassing Exception to allow carrying of data has been clumsy at best in practice”… What makes you say so? An exception is a class, so what makes it more clumsy to add additional data about the context of the exception in the exception itself, rather than in any other class? I don’t get it.
Exceptions ar already a different type of return, so the “either” construct is implicit in the Java language: a method either returns a result of the declared type, OR throws an exception. And I’d rather have Java handle the control flow than have to test the result myself. That is too reminiscent of the infamous “errno” in C.

By Olivier Gérardin on May 30, 2011 / Reply
How would handle the case when you need to implement an Interface:
interface
{
int getNumber();
};
The interface does not expose any possibility for you to return an error except by throwing an exception.
JE

By JE on May 30, 2011 / Reply
Olivier, like all things in programming there are trade-offs and compromises to consider. This isn’t meant as an exception bashing exercise, but as something to consider in the alternative.
As to the elegance or otherwise of the construct, checked exceptions in Java are inelegant and this is an alternative. Personally I find that there are some idiomatic ways in which the Either can be more elegant and offer more opportunities for reuse of handlers than standard Java exception handlers allow, but it is still clumsy in Java (this maybe more a reflection on the language than the construct though).
Where Either/Option return types really shine though is in a polyglot setting where my clients are not necessarily written in Java and checked exceptions are not in the API.
As to the subclassing a concrete type, I have yet to see a practical Java method for unifying a datatype and an exception supertype that is ergonomically practical such that people use it. The tax of creating a class to carry another class as data proves too much a cost in practice to be often used, and doesn’t yield to any general pattern or library in practice.
As noted, the exception and the return type pair definitely make up a disjoint union return type. Having the lhs restricted to a subtype of Exception may or may not suit your purposes.

By Jed Wesley-Smith on May 30, 2011 / Reply
I don’t really get the message this article is trying to bring across either. It says ‘Exceptions are bad ™’, but if you actually read the article, it doesn’t actually give any definite reasons as to why ‘exceptions are bad ™’. Except for the observation that if you don’t handle them properly, if you throw untyped exceptions, or if you use exceptions for control flow, that you are writing bad code. Well don’t do any of that then, and just use exceptions properly. The article then goes on to state how it is clumsy or bad to subclass exceptions and add data to them, but gives no real arguments for it. Isn’t subclassing exceptions and adding data to it such that the caller can properly recover or inform the user exactly what you’d need and want? Last but not least a ‘solution’ to the problem is introduced that doesn’t actually make anything any better. How is a function with multiple return types (which you still have to check otherwise you are screwed) any better than catching an exception?
Also, as a side node, I don’t see anything particularly wrong with returning null, NaN, nil, NULL, None or whatever other status code indicating an invalid return value either, as long as you are careful you are not returning a type that is implicitly convertible to some valid return value (such as returning NULL in C++ in a function that can also return 0).
It doesn’t matter if you go right or left with error handling, as long as you don’t actually *handle* errors or exceptions in the first place. That should be the main point of this article. Exceptions aren’t bad, improper exception handling is bad, just like improper handling of invalid return values, abusing exceptions for non-exceptional conditions, throwing RuntimeExceptions because you don’t feel like writing a typed exceptions, etc.

By d-range on May 30, 2011 / Reply
OK I have been called out, “Exceptions are Bad™” is a a little joke meaning -> “Exceptions are for when really bad shit happens”.
There is definitely a place for exceptions but it is not for places where the client code might be expected to handle to the problem.
A classic example of this is validation. There are generally two types of validation: bad programmer data and bad user data. The first is a program invariant – there is an unrecoverable problem in the configuration of the system, throw an error and get out of here.
The second is more interesting, the user has put in invalid data. For this, the program should totally handle it and give friendly messages. This is part of the normal program flow. This is the bit that is not exceptional.
Lastly, there is a big difference between not handling an error code an not handling the exception/error/incorrect type in an Either. They not the same thing at all and do not afford you the opportunity to ignore them implicitly (you can alway explicitly _ignore_ exceptions, this is in fact a common pattern).

By Jed Wesley-Smith on May 30, 2011 / Reply
Exceptions are great. It is also sometimes elegant programming to use them for control flow. Of course, in Java exceptions are awkward (but so is the rest of the language …). Try my language babel-17 (http://www.babel-17.com), where exceptions are well-integrated into the language.

By Steven Obua on May 30, 2011 / Reply
> Nulls are very, very bad, and encoding null with any sort of meaning is terrible.
Why?

By John Tantalo on May 30, 2011 / Reply
so throwing an exception is bad… but returning an alternate return type is ok? Isn’t that what throwing an exception does?
And why is returning null bad exactly? If I have a List stringList that has .size() = 5, and I ask for stringList.get(124125)… What should happen?

By Jon on May 30, 2011 / Reply
Also, presenting your view as if there is not alternative reeks of insecurity and under qualification. I would try instead try to lead the user so they conclude your conclusion. This will be far more effective in convincing anyone of your point. If you’re indeed correct, you should step through why the competing theories are incorrect. Instead, you sound like an (mis-informed) elitist, which is really quite funny to the rest of us.

By Jon on May 30, 2011 / Reply
Okay, so I can accept your Haskell-flavored solution, but have you seen exceptions in other languages? I think what you’re saying is that *Java’s* exceptions suck, and yes, in that case, I’d agree with you.
Consider:
>>> def f(n):
… try:
… return int(n)
… except ValueError:
… return None
…
>>> f(“5″)
5
>>> f(“5.0″)
>>> f(“asdf”)
>>>
Python doesn’t have its feelings hurt by None the way Java suffers from null, and exceptions are near-zero-cost if not actually thrown, so just use them for, y’know, exceptional behavior.
This could be thought of as yet another reason why Java’s not that great of a language.
(Hmm, whitespace got eaten, but thankfully this example’s unambiguous.)

By Corbin Simpson on May 30, 2011 / Reply
@Jon, I specifically state at the top that this is opinion, and that it is presenting an alternative to exceptions. I have tried to prefer brevity and readability to an extended tutorial on exception ergonomics. For that see the link to the Tapestry blog.
This is definitely a polyglot and functional programming flavoured alternative to exceptions for flow control. If you aren’t using any other language apart from Java and you don’t see the need for or understand functional approaches then this isn’t going to seem that useful.

By Jed Wesley-Smith on May 30, 2011 / Reply
@Steven, babel-17 looks interesting and I’ll definitely have a look, but I’m confused that you state it is a pure functional language and that it has “well integrated exceptions”. Exceptions are a side effect and are therefore impure.

By Jed Wesley-Smith on May 30, 2011 / Reply
I’m torn with things like this – yes, I think checked exceptions in Java are relatively ghastly, and nulls are abused horribly, leading to all sorts of grief.
For completeness’ sake, it’s worth mentioning the other 2 ways of dealing with this (which don’t necessarily apply so well in this case): the Null Object pattern (http://en.wikipedia.org/wiki/Null_Object_pattern), caller-specified default objects (so passing in a default to parse(), say), or callbacks (passing in ‘success’ and ‘failure’ callbacks to a method, for example).

By Paul on May 31, 2011 / Reply
(ack, missed a sentence in there — the first paragraph was supposed to finish with something like “But, sometimes, I can’t help but feel that fighting against the natural flow of the language like this is sometimes a cure worse than the disease.”)

By Paul on May 31, 2011 / Reply
The reason it’s bad to ascribe any particular meaning to ‘null’ in a certain context is that that meaning will still be indistinguishable from ‘missing information’ anyway.
For the record I’ll just say I still strongly agree with Effective Java on the subject of checked exceptions. They’re good for what they’re good for (which may be, like, 1/3 of what they’re actually used for). Page 246:
“[A checked exception] puts a nontrivial burden on the programmer. The burden is justified if the exceptional condition cannot be prevented by proper use of the API and the programmer using the API can take some useful action once confronted with the exception. Unless both of these conditions hold, an unchecked exception is more appropriate.”

By kevinb on May 31, 2011 / Reply
(btw: “hopelessly compromised”? Really?)

By kevinb on May 31, 2011 / Reply
As has been shown on the web, exceptions are conceptually equivalent to Either as they form Monads. The difference between (checked) exceptions and Either is syntax.
Best
Stephan
–
http://codemonkeyism.com

By Stephan Schmidt on June 1, 2011 / Reply
One would ne some integrated syntax to
a. better work with the result and exceptions (like case in Scala)
b. to compose and abstract over exceptions (like map etc.) like on can with Either (or Option, ….)
Sadly this is nowhere on the roadmap for Java.
Best
Stephan
–
http://codemonkeyism.com

By Stephan Schmidt on June 1, 2011 / Reply
A method returning Either instead of throwing an exception is for sure much more elegant. Some have argued that exception is equivalent to a return type. “A method returns whether the declared return type or an exception.” But the code that will receive the “return type” will be impacted by that.
For instance:
try {
i = calculateResult();
} catch (Exception e) {
logger.error(e.getMessage());
i = 0; // use default value
}
You can “catch” you return value by assignment or by catch block. But you code will be based on jumps and interruptions.
With Either you can have
Either e = calculateResult();
i = e.getOrElse(0); // use default value
Note that I’m mixing here different approches. Either is operating much like an Option. I’m passing a default value in case of an Error.
You can also implement some other features to log your error or test if calculateResult returned an error or a useful result.
Agree with @StephanSchmidt about case control flow in Scala. Nothing beats its elegance. Either or Option combined with pattern matching.

By Renato on June 1, 2011 / Reply
@Stephan exceptions and Either are conceptually similar in that they form a disjoint union type that may be returned from a method, but the difference is a whole lot more important than just syntactic. Exceptions break purity.
The biggest difference is that an Either return type is an honest type. A function that returns an Either is a function where the type is preserved. This preservation of the type in the signature means that I can actually have a referentially-transparent function. Essentially, referential transparency means that I can replace the evaluation of the function with its result. This is impossible with an exception as there is no such value as a thrown exception. For this reason exceptions are a side-effect, and are incompatible with the normal operation of a functional program.
Exceptions on the other hand are there to signal that bad stuff happened that prevented the normal operation of the program. For some reason, usually beyond the client programmer’s ability to recover usefully in a way that the program can recover, something stuffed up.

By Jed Wesley-Smith on June 1, 2011 / Reply
@kevinb I don’t disagree, but simply make the point that while checked exceptions do a reasonable job of that for Java clients of your API, an explicit disjoint union type of some sort does the same for all clients whether they are Java or not.

By Jed Wesley-Smith on June 1, 2011 / Reply
All I have to say about Howard Ship and Tapestry was already said for me: http://www.bileblog.org/2007/09/the-tapestry-bearded-wonder/
And as far as the exception debate is concerned:
Option parse(String);
Either parse(String);
You must really like dividing all your lines of code up with if statements and brackets.

By eko on June 1, 2011 / Reply
@eko you link to a post where he gets mocked for swapping from commons-logging to slf4j? I do believe history has shown that move to be correct.
I have said it before, this isn’t “debate”, simply an alternative that has a different set of features/benefits and trade-offs.

By Jed Wesley-Smith on June 1, 2011 / Reply
@Jed: One can easily translate “returns A throws E” into “returns Either” and “try { } catch {}” into “case Either” on compiler level.
Best
Stephan

By Stephan Schmidt on June 1, 2011 / Reply
I’ve come to the conclusion that exceptions are useful for two things:
1. Fail-fast (and loud) when there’s a bug (index out of bounds, illegal argument, null pointer, etc). In Java, this category basically corresponds to RuntimeExceptions. Only ever catch these at the very top of your program/module, if at all.
2. I/O, which is inherently imperative, even if you’re using abstractions associated with functional programming. In Java, this corresponds to a subset of checked exceptions. Things like SQLException are just specialised I/O exceptions.
But Java also uses checked exceptions in a third context, which is reporting a condition that prevented the program from producing a result. The classic example is parsing a string that may have invalid syntax. E.g. java.text.ParseException. This is where Either is definitely far superior, even with the massive syntactic noise forced on you by Java.

By Lachlan O'Dea on June 2, 2011 / Reply
Stephan,
I’m not sure there is really an exact semantic equivalence, but even if there is, having to enclose the called method in try-catch blocks is really breaking the program flow because you have to provide exceptional behavior right away. OTOH when you get an Either from a method call, you can provide the “exceptional” behavior when you want.
It is also easier to cumulate results. For example, it’s not easy to write something like that:
int call() throws Exception;
String client(String a, String b){
int i = call(a);
int j = call(b);
// how to use try/catch blocks to return:
// “Got: ij” when i and j can be evaluated
// “Got: i” when only i can be evaluated
// “Got: j” when only j can be evaluated
// “Got: none” when none can be evaluated
}
with Either and some appropriate methods (well, Option would be enough in that case,…):
String client(String a, String b){
Either i = call(a);
Either j = call(b);
return “Got: “+i.getOrElse(“”) +
j.getOrElse(“”) +
i.orElse(j).map(“”).getOrElse(“none”);
}
This may be a contrived example but I’ve seen more than once nested messes of try/catch blocks and local variables dealing with the various results.
Some of them resulted in nice NPEs when the developer forgot to assign a default value somewhere.
That being said, without first-class functions, harnessing the full power of Option and Either types in Java is not easy.
Eric.

By Eric Torreborre on June 2, 2011 / Reply
Okay. This might seem ugly, but while rapidly developing a system where everything seems to be breaking all the time, the Either approach is terrible. I would much rather have the fail fast semantics of Exceptions than keep hoping and praying that I have caught all the errors passed through the return values – especially when code is changing rapidly.
My personal experience has been that putting in exceptions all over the code for anything not being as expected ensures that the program works as intended in the default cases and any unhandled cases get identified real quick. You can then take the decision on whether to let the program crash on that case or whether the case is worthy enough of graceful handling and that handling can be put in at any level of abstraction in the code due to the bubbling nature of exceptions. This is very sadly not the case for return value based checking that you’re advocating.

By Divye on June 6, 2011 / Reply
There are several reasons that make Either/Option/Maybe a worse solution:
- Once you go down that path, you have to change all your return types to being an Option, which leads to some pretty horrendous API’s.
- Now you have infected all your return values with error codes, which is exactly what HRESULT and other similar atrocities from the 80′s taught us was bad in the first place. There are excellent reasons why errors should use an alternative path in your code.
- You also completely ignored the non local benefit of exceptions. Sometimes, an error happens deep in your code and only a caller three stack frames up is able to handle it. How are you going to handle this, by bubbling up the Exceptional Option all the way back up? If you do that, you are basically doing manually what the exception mechanism is doing for you for free.
I think the commenter called d-range nailed it: you are essentially saying that “handling exceptions badly is bad”. The solution to this is not to replace exceptions but to handle them well, which has been documented to death in a lot of places (e.g. Effective Java).

By Cedric on June 9, 2011 / Reply
Per usual, all Cedric’s points are moot. Suggested reading for the curious:
* Monad transformers
* Applicative functors
I’m happy to answer questions and explain the details — to the intellectually honest/curious only.

By Tony Morris on June 9, 2011 / Reply