Fault Tolerance and Tidy Code

Today's software is so complex that anticipating every execution environment is impossible. By "environment" I mean the contents of your process's address space, the values of your function's parameters, and the effects of other processes running on the same system. Because of the complexity, services, which run continuously for months on end, must be fault tolerant.

Most of us have had our share of college professors who adamantly expressed their views on how to perform proper error checking and recovery from within our functions. We developers know that writing error-tolerant code is what we should do, but frequently we view the required attention to detail as tedious and so omit it. We've become complacent, thinking that the operating system will "just take care of us." Many developers out there actually believe that memory is endless, and that leaking various resources is OK because they know that the operating system will clean up everything automatically when the process dies.

Certainly many applications are implemented in this way, and the results are not devastating because the applications tend to run for short periods of time and then are restarted. However, services run forever, and omitting the proper error-recovery and resource-cleanup code is catastrophic!

In my opinion the only way to write an application capable of running 24 hours a day, seven days a week, is to use exception handling. For this reason, I highly recommend that you become familiar with exception handling techniques. There are two types of exception handling: structured exception handling, a mechanism offered by Windows operating systems; and C++ exception handling, a mechanism offered by the compiler. Both of these mechanisms allow you to write code capable of recovering from unanticipated failures and hard errors such as access violations, divisions by zero, and stack overflows.

Both exception handling mechanisms are useful in different scenarios, and fortunately Microsoft Visual C++ allows us to use them interchangeably within a single application. The sample applications in this book demonstrate the concepts involved in creating robust server applications, and many of them use exception handling liberally. If you desire more information about exception handling, see Programming Applications for Microsoft Windows, Fourth Edition (Jeffrey Richter, Microsoft Press, 1999).

Proper use of C++ in a service can make your coding life substantially easier. I find that wrapping simple Windows objects in C++ classes is useful for several reasons, which follow. Many of the sample applications in this book use C++ classes for exactly these reasons.

• By placing the code to close the object in the C++ class's destructor, the compiler ensures that the object is destroyed.
• Wrapping calls to Windows functions inside C++ class methods allows you to enforce the proper calling of Windows functions.
• Calling Windows functions via a C++ class method allows you to place certain checks and verify assertions in one place. This makes it substantially easier to find bugs in your code.
• C++ classes reduce the amount of code you write, making your code more readable and maintainable.
• You get code reuse by using C++ classes. If you use C++ template classes, you can create generic solutions while preserving type safety.