Nothrow Functions
written by Walter Bright
Sep 28, 2008
In my last installment, I covered pure functions in the D programming language. Also new for D 2.0 is the notion of nothrow functions.
A nothrow function is a function that is guaranteed to not throw any exceptions. It must complete (or abort the program). The nothrow condition is statically checked by the compiler:
void bar(); nothrow void abc(); nothrow void foo() { bar(); // error, bar() may throw abc(); // ok, abc() does not throw throw new Exception(); // error, cannot throw }
A function whose internals throw exceptions can be converted to nothrow by wrapping the throwing code into an exception handler:
nothrow void foo() { try { ... code that may throw ... } catch (Object o) { ... handle any exceptions ... } ... now we are nothrow ... }
Nothrow functions offer the highest level of exception safety (1). Allowing functions to be annotated with the nothrow attribute enables the compiler to statically enforce it.
As with pure functions, the most obvious advantage of nothrow functions is the self documenting aspect of it. Since the compiler guarantees that a nothrow function really doesn't throw, the programmer need look no further to verify it. This is especially convenient when the source for the function isn't available, like in an API for a library.
Nothrow is needed for move and swap functions, because for transactional programming all the work is done on the side, and then the result is move()d into the target. If such a move could throw an exception, this could not be made correct.
Declaring a function nothrow enables the compiler to omit the default behavior of generating exception handlers to unwind objects just in case the function throws. For example,
void foo(); void abc() { scope (exit) bar(); foo(); }
causes the compiler to generate the equivalent of:
void abc() { try { foo(); } finally { bar(); } }
But if foo() were declared nothrow, the simpler form:
nothrow void foo(); void abc() { foo(); bar(); }
can be generated.
In conclusion, nothrow functions have a compelling case for them made up of their inherently self-documenting nature, the highest exception safety level, their utility in writing correct transactional code, and their usefulness in enabling the compiler to generate better code.
References
- Exception-Safety in Generic Components by David Abrahams
Acknowledgements
Thanks to Andrei Alexandrescu and Bartosz Milewski for reviewing this.