@@ -8,20 +8,20 @@ manipulating recoverable error conditions.
88Error handling is a well-trod path, with many different approaches in
99other languages, many of them problematic in various ways. We believe
1010that our approach provides an elegant solution, drawing on the lessons
11- we\ '
11+ we've learned from other languages and fixing or avoiding some of the
1212pitfalls. The result is expressive and concise while still feeling
1313explicit, safe, and familiar; and we believe it will work beautifully
1414with the Cocoa APIs.
1515
16- We\ '\ "\ "
16+ We're intentionally not using the term "exception handling", which
1717carries a lot of connotations from its use in other languages. Our
1818proposal has some similarities to the exceptions systems in those
1919languages, but it also has a lot of important differences.
2020
2121## Kinds of Error
2222
23- What exactly is an \ "\ "
24- and they don\ '
23+ What exactly is an "error"? There are many possible error conditions,
24+ and they don't all make sense to handle in exactly the same way,
2525because they arise in different circumstances and programmers have to
2626react to them differently.
2727
@@ -30,22 +30,22 @@ severity:
3030
3131A ** simple domain error** arises from an operation that can fail in some
3232obvious way and which is often invoked speculatively. Parsing an integer
33- from a string is a really good example. The client doesn\ '
33+ from a string is a really good example. The client doesn't need a
3434detailed description of the error and will usually want to handle the
3535error immediately. These errors are already well-modeled by returning an
36- optional value; we don\ '
36+ optional value; we don't need a more complex language solution for
3737them.
3838
3939A ** recoverable error** arises from an operation which can fail in
4040complex ways, but whose errors can be reasonably anticipated in advance.
4141Examples including opening a file or reading from a network connection.
42- These are the kinds of errors that Apple\ '
42+ These are the kinds of errors that Apple's APIs use NSError for today,
4343but there are close analogues in many other APIs, such as ` errno ` in
4444POSIX.
4545
4646Ignoring this kind of error is usually a bad idea, and it can even be
4747dangerous (e.g. by introducing a security hole). Developers should be
48- strongly encouraged to write code that handles the error. It\ '
48+ strongly encouraged to write code that handles the error. It's common
4949for developers to want to handle errors from different operations in the
5050same basic way, either by reporting the error to the user or passing the
5151error back to their own clients.
@@ -54,7 +54,7 @@ These errors will be the focus of this proposal.
5454
5555The final two classes of error are outside the scope of this proposal. A
5656** universal error** is theoretically recoverable, but by its nature the
57- language can\ '
57+ language can't help the programmer anticipate where it will come from.
5858A ** logic failure** arises from a programmer mistake and should not be
5959recoverable at all. In our system, these kinds of errors are reported
6060either with Objective-C/C++ exceptions or simply by logging a message
@@ -77,13 +77,13 @@ Notably, the approach preserves these advantages of this convention:
7777 and a simple inspection reveals how the function reacts to the
7878 error.
7979- Throwing an error provides similar performance to allocating an
80- error and returning it \- - it isn\ '
80+ error and returning it \- - it isn't an expensive, table-based stack
8181 unwinding process.
8282- Cocoa APIs using standard ` NSError ` patterns can be imported into
8383 this world automatically. Other common patterns (e.g. ` CFError ` ,
8484 ` errno ` ) can be added to the model in future versions of Swift.
8585
86- In addition, we feel that this design improves on Objective-C\ '
86+ In addition, we feel that this design improves on Objective-C's error
8787handling approach in a number of ways:
8888
8989- It eliminates a lot of boilerplate control-flow code for propagating
@@ -98,25 +98,25 @@ exception handling. We considered intentionally using different terms
9898(like ` raise ` / ` handle ` ) to try to distinguish our approach from other
9999languages. However, by and large, error propagation in this proposal
100100works like it does in exception handling, and people are inevitably
101- going to make the connection. Given that, we couldn\ '
101+ going to make the connection. Given that, we couldn't find a compelling
102102reason to deviate from the ` throw ` / ` catch ` legacy.
103103
104104This document just contains the basic proposal and will be very light on
105105rationale. We considered many different languages and programming
106- environments as part of making this proposal, and there\ '
106+ environments as part of making this proposal, and there's an extensive
107107discussion of them in the separate rationale document. For example, that
108- document explains why we don\ '
109- we don\ '` ErrorOr<T> ` return type, and
110- why we don\ '
111- feature. We encourage you to read that rationale if you\ '
108+ document explains why we don't simply allow all functions to throw, why
109+ we don't propagate errors using simply an ` ErrorOr<T> ` return type, and
110+ why we don't just make error propagation part of a general monad
111+ feature. We encourage you to read that rationale if you're interested
112112in understanding why we made the decisions we did.
113113
114- With that out of the way, let\ '
114+ With that out of the way, let's get to the details of the proposal.
115115
116116## Typed propagation
117117
118118Whether a function can throw is part of its type. This applies to all
119- functions, whether they\ '
119+ functions, whether they're global functions, methods, or closures.
120120
121121By default, a function cannot throw. The compiler statically enforces
122122this: anything the function does which can throw must appear in a
@@ -126,7 +126,7 @@ A function can be declared to throw by writing `throws` on the function
126126declaration or type:
127127
128128``` swift
129- func foo () -> Int { // This function is not permitted to throw.
129+ func foo () -> Int { // This function is not permitted to throw.
130130func bar () throws -> Int { // This function is permitted to throw.
131131```
132132
@@ -156,7 +156,7 @@ func jerry(_ i: Int)(j: Int) throws -> Int {
156156
157157`throws ` is tracked as part of the type system: a function value must
158158also declare whether it can throw . Functions that cannot throw are a
159- subtype of functions that can, so you can use a function that can\ 't
159+ subtype of functions that can, so you can use a function that can't
160160throw anywhere you could use a function that can:
161161
162162```swift
@@ -172,7 +172,7 @@ handle the error.
172172A call to a function which can throw within a context that is not
173173allowed to throw is rejected by the compiler.
174174
175- It isn\ 't possible to overload functions solely based on whether the
175+ It isn't possible to overload functions solely based on whether the
176176functions throw . That is , this is not legal:
177177
178178```swift
@@ -227,13 +227,15 @@ a direct call to a `rethrows` function is considered to not throw if it
227227is fully applied and none of the function arguments can throw . For
228228example:
229229
230- // This call to map is considered not to throw because its
231- // argument function does not throw.
232- let absolutePaths = paths.map { " /" + $0 }
230+ ```swift
231+ // This call to map is considered not to throw because its
232+ // argument function does not throw.
233+ let absolutePaths = paths.map { " /" + $0 }
233234
234- // This call to map is considered to throw because its
235- // argument function does throw.
236- let streams = try absolutePaths.map { try InputStream (filename : $0 ) }
235+ // This call to map is considered to throw because its
236+ // argument function does throw.
237+ let streams = try absolutePaths.map { try InputStream (filename : $0 ) }
238+ ```
237239
238240For now, `rethrows ` is a property of declared functions, not of function
239241values. Binding a variable (even a constant) to a function loses the
@@ -345,7 +347,7 @@ scopes (that permit it), rather than relying on the programmer to
345347manually check for errors and do their own control flow. This is just a
346348lot less boilerplate for common error handling tasks. However, doing
347349this naively would introduce a lot of implicit control flow, which makes
348- it difficult to reason about the function\ 's behavior. This is a serious
350+ it difficult to reason about the function's behavior. This is a serious
349351maintenance problem and has traditionally been a considerable source of
350352bugs in languages that heavily use exceptions.
351353
@@ -378,7 +380,7 @@ func readStuff() throws {
378380}
379381```
380382
381- Developers can choose to \ " scope\ "
383+ Developers can choose to " scope" try ` very tightly by writing it
382384within parentheses or on a specific argument or list element:
383385
384386```swift
@@ -395,7 +397,7 @@ let array = [ try foo(), bar(), baz() ]
395397
396398Some developers may wish to do this to make the specific throwing calls
397399very clear. Other developers may be content with knowing that something
398- within a statement can throw. The compiler\ '
400+ within a statement can throw . The compiler's fixit hints will guide
399401developers towards inserting a single `try ` that covers the entire
400402statement. This could potentially be controlled someday by a coding
401403style flag passed to the compiler.
@@ -411,7 +413,7 @@ expression is considered to handle any error originating from within its
411413operand.
412414
413415`try ! ` is otherwise exactly like `try `: it can appear in exactly the
414- same positions and doesn\ '
416+ same positions and doesn't affect the type of an expression.
415417
416418## Manual propagation and manipulation of errors
417419
@@ -430,7 +432,7 @@ As such, the Swift standard library should provide a standard Rust-like
430432 propagating the error in the current context.
431433
432434This is something that composes on top of the basic model, but that has
433- not been designed yet and details aren\ '
435+ not been designed yet and details aren't included in this proposal.
434436
435437The name `Result< T> ` is a stand- in and needs to be designed and
436438reviewed, as well as the basic operations on the type.
@@ -488,7 +490,7 @@ based on real-world usage experience.
488490
489491## Importing Cocoa
490492
491- If possible, Swift\ '
493+ If possible, Swift's error-handling model should transparently work
492494with the SDK with a minimal amount of effort from framework owners.
493495
494496We believe that we can cover the vast majority of Objective-C APIs with
@@ -521,7 +523,7 @@ couple of simple heuristics:
521523- Also common is a pointer result, where a `nil` result usually means
522524 an error occurred. This appears to be universal in Objective-C; APIs
523525 that can return `nil` results seem to do so via out-parameters. So
524- it seems to be safe to make a policy decision that it\ '
526+ it seems to be safe to make a policy decision that it's okay to
525527 assume that a `nil` result is an error by default.
526528
527529 If the pattern for a method is that a `nil` result means it produced
@@ -534,7 +536,7 @@ For other sentinel cases, we can consider adding a new clang attribute
534536to indicate to the compiler what the sentinel is:
535537
536538- There are several APIs returning `NSInteger` or `NSUInteger`. At
537- least some of these return 0 on error, but that doesn\ '
539+ least some of these return 0 on error, but that doesn't seem like a
538540 reasonable general assumption.
539541- `AVFoundation` provides a couple methods returning
540542 `AVKeyValueStatus`. These produce an error if the API returned
@@ -564,16 +566,16 @@ just Swift. (For example, they could try to detect an invalid error
564566check.)
565567
566568Cases that do not match the automatically imported patterns and that
567- lack an attribute would be left unmodified (i.e., they\ '
568- NSErrorPointer argument) and considered \ "\ "
569+ lack an attribute would be left unmodified (i.e., they'd keep their
570+ NSErrorPointer argument) and considered "not awesome" in the SDK
569571auditing tool. These will still be usable in Swift: callers will get the
570572NSError back like they do today, and have to throw the result manually.
571573
572574For initializers, importing an initializer as throwing takes precedence
573575over importing it as failable. That is, an imported initializer with a
574576nullable result and an error parameter would be imported as throwing.
575577Throwing initializers have very similar constraints to failable
576- initializers; in a way, it\ '
578+ initializers; in a way, it's just a new axis of failability.
577579
578580One limitation of this approach is that we need to be able to
579581reconstruct the selector to use when an overload of a method is
@@ -601,38 +603,38 @@ APIs in the public API:
601603The above translation rule would import methods like this one from
602604`NSDocument`:
603605
604- ```objc
605- - (NSDocument *)duplicateAndReturnError:(NSError **)outError;
606- ```
606+ ```objc
607+ - (NSDocument *)duplicateAndReturnError:(NSError **)outError ;
608+ ```
607609
608610like so:
609611
610- ```swift
611- func duplicateAndReturnError() throws -> NSDocument
612- ```
612+ ```swift
613+ func duplicateAndReturnError() throws -> NSDocument
614+ ```
613615
614616The `AndReturnError` bit is common but far from universal; consider this
615617method from `NSManagedObject`:
616618
617- ```objc
618- - (BOOL)validateForDelete:(NSError **)error;
619- ```
619+ ```objc
620+ - (BOOL)validateForDelete:(NSError **)error ;
621+ ```
620622
621623This would be imported as:
622624
623- ```swift
624- func validateForDelete() throws
625- ```
625+ ```swift
626+ func validateForDelete() throws
627+ ```
626628
627- This is a really nice import, and it\ '
628- can\ '
629+ This is a really nice import, and it's somewhat unfortunate that we
630+ can't import `duplicateAndReturnError:` as `duplicate ()` .
629631
630632## Potential future extensions to this model
631633
632634We believe that the proposal above is sufficient to provide a huge step
633635forward in error handling in Swift programs, but there is always more to
634- consider in the future. Some specific things we\ '
635- come back to in the future) but don\ '
636+ consider in the future. Some specific things we've discussed (and may
637+ come back to in the future) but don't consider to be core to the Swift
6366382.0 model are:
637639
638640### Higher-order polymorphism
@@ -649,7 +651,7 @@ func map<T, U>(_ array: [T], fn: T -> U) throwsIf(fn) -> [U] {
649651}
650652```
651653
652- There\ '
654+ There's no need for a more complex logical operator than disjunction
653655for normal higher- order stuff.
654656
655657This feature is highly desired (e.g . it would allow many otherwise
@@ -682,30 +684,30 @@ autoreleasepool {
682684}
683685```
684686
685- The error-handling model doesn\ '
687+ The error- handling model doesn't cause major problems for this. The
686688compiler can infer that the closure throws , and `autoreleasepool` can be
687689overloaded on whether its argument closure throws ; the overload that
688690takes a throwing closures would itself throw .
689691
690692There is one minor usability problem here, though. If the closure
691693contains throwing expressions, those expressions must be explicitly
692- marked within the closure with `try`. However, from the compiler\ '
694+ marked within the closure with `try `. However, from the compiler's
693695perspective, the call to `autoreleasepool` is also a call that can
694696throw , and so it must also be marked with `try `:
695697
696698```swift
697- try autoreleasepool { // 'try' is required here...
699+ try autoreleasepool { // 'try' is required here...
698700 let string = try parseString () // ...and here.
699701 ...
700702}
701703```
702704
703705This marking feels redundant. We want functions like `autoreleasepool`
704706to feel like statements, but marks inside built- in statements like `if `
705- don\ '
706- the compiler didn\ '
707+ don't require the outer statement to be marked. It would be better if
708+ the compiler didn't require the outer `try `.
707709
708- On the other hand, the \ "\ "
710+ On the other hand, the " statement-like"
709711other holes: for example, `break `, `continue `, and `return ` behave
710712differently in the argument closure than in statements. In the future,
711713we may consider fixing that; that fix will also need to address the
@@ -727,9 +729,9 @@ here: 1) the memory management rules for CFErrors are unclear and
727729potentially inconsistent. 2 ) we need to know when an error is raised.
728730
729731In principle, we could import POSIX functions into Swift as throwing
730- functions, filling in the error from `errno`. It\ '
732+ functions, filling in the error from `errno`. It's nearly impossible to
731733imagine doing this with an automatic import rule, however; much more
732- likely, we\ '
734+ likely, we'd need to wrap them all in an overlay.
733735
734736In both cases, it is possible to pull these into the Swift error
735737handling model, but because this is likely to require massive SDK
0 commit comments