1479 lines
57 KiB
ReStructuredText
1479 lines
57 KiB
ReStructuredText
PEP: 654
|
|
Title: Exception Groups and except*
|
|
Author: Irit Katriel <iritkatriel@gmail.com>,
|
|
Yury Selivanov <yury@edgedb.com>,
|
|
Guido van Rossum <guido@python.org>
|
|
Status: Draft
|
|
Type: Standards Track
|
|
Content-Type: text/x-rst
|
|
Created: 22-Feb-2021
|
|
Post-History: 22-Feb-2021, 20-Mar-2021
|
|
|
|
|
|
Abstract
|
|
========
|
|
|
|
This document proposes language extensions that allow programs to raise and handle
|
|
multiple unrelated exceptions simultaneously:
|
|
|
|
* A new standard exception type, the ``ExceptionGroup``, which represents a
|
|
group of unrelated exceptions being propagated together.
|
|
|
|
* A new syntax ``except*`` for handling ``ExceptionGroups``.
|
|
|
|
Motivation
|
|
==========
|
|
|
|
The interpreter is currently able to propagate at most one exception at a
|
|
time. The chaining features introduced in :pep:`3134` link together
|
|
exceptions that are related to each other as the cause or context, but
|
|
there are situations where multiple unrelated exceptions need to be propagated
|
|
together as the stack unwinds. Several real world use cases are listed below.
|
|
|
|
* **Concurrent errors**. Libraries for async concurrency provide APIs to invoke
|
|
multiple tasks and return their results in aggregate. There isn't currently
|
|
a good way for such libraries to handle situations where multiple tasks
|
|
raise exceptions. The Python standard library's ``asyncio.gather()`` [1]_
|
|
function provides two options: raise the first exception, or return the
|
|
exceptions in the results list. The Trio [2]_
|
|
library has a ``MultiError`` exception type which it raises to report a
|
|
collection of errors. Work on this PEP was initially motivated by the
|
|
difficulties in handling ``MultiErrors`` [9]_, which are detailed in a design
|
|
document for an improved version, ``MultiError2`` [3]_.
|
|
That document demonstrates how difficult it is to create an effective API
|
|
for reporting and handling multiple errors without the language changes we
|
|
are proposing (see also the `Programming Without 'except \*'`_ section.)
|
|
|
|
Implementing a better task spawning API in asyncio, inspired by Trio
|
|
nurseries, was the main motivation for this PEP. That work is currently
|
|
blocked on Python not having native language level support for exception
|
|
groups.
|
|
|
|
* **Multiple failures when retrying an operation.** The Python standard
|
|
library's ``socket.create_connection`` function may attempt to connect to
|
|
different addresses, and if all attempts fail it needs to report that to the
|
|
user. It is an open issue how to aggregate these errors, particularly when
|
|
they are different (see issue 29980 [4]_.)
|
|
|
|
* **Multiple user callbacks fail.** Python's ``atexit.register()`` function
|
|
allows users to register functions that are called on system exit. If any of
|
|
them raise exceptions, only the last one is reraised, but it would be better
|
|
to reraised all of them together (see ``atexit`` documentation [5]_.)
|
|
Similarly, the pytest library allows users to register finalizers which
|
|
are executed at teardown. If more than one of these finalizers raises an
|
|
exception, only the first is reported to the user. This can be improved with
|
|
``ExceptionGroups``, as explained in this issue by pytest developer Ran Benita
|
|
(see pytest issue 8217 [6]_.)
|
|
|
|
* **Multiple errors in a complex calculation.** The Hypothesis library performs
|
|
automatic bug reduction (simplifying code that demonstrates a bug). In the
|
|
process it may find variations that generate different errors, and
|
|
(optionally) reports all of them (see the Hypothesis documentation [7]_.)
|
|
An ``ExceptionGroup`` mechanism as we are proposing here can resolve some of
|
|
the difficulties with debugging that are mentioned in the link above, and
|
|
which are due to the loss of context/cause information (communicated
|
|
by Hypothesis Core Developer Zac Hatfield-Dodds).
|
|
|
|
* **Errors in wrapper code.** The Python standard library's
|
|
``tempfile.TemporaryDirectory`` context manager
|
|
had an issue where an exception raised during cleanup in ``__exit__``
|
|
effectively masked an exception that the user's code raised inside the context
|
|
manager scope. While the user's exception was chained as the context of the
|
|
cleanup error, it was not caught by the user's except clause
|
|
(see issue 40857 [8]_.)
|
|
|
|
The issue was resolved by making the cleanup code ignore errors, thus
|
|
sidestepping the multiple exception problem. With the features we propose
|
|
here, it would be possible for ``__exit__`` to raise an ``ExceptionGroup``
|
|
containing its own errors along with the user's errors, and this would allow
|
|
the user to catch their own exceptions by their types.
|
|
|
|
|
|
Rationale
|
|
=========
|
|
|
|
Grouping several exceptions together can be done without changes to the
|
|
language, simply by creating a container exception type.
|
|
Trio [2]_ is an example of a library that has made use of this technique in its
|
|
``MultiError`` [9]_ type. However, such an approach requires calling code to catch
|
|
the container exception type, and then to inspect it to determine the types of
|
|
errors that had occurred, extract the ones it wants to handle, and reraise the
|
|
rest. Furthermore, exceptions in Python have important information attached to
|
|
their ``__traceback__``, ``__cause__`` and ``__context__`` fields, and
|
|
designing a container type that preserves the integrity of this information
|
|
requires care; it is not as simple as collecting exceptions into a set.
|
|
|
|
Changes to the language are required in order to extend support for
|
|
exception groups in the style of existing exception handling mechanisms. At
|
|
the very least we would like to be able to catch an exception group only if
|
|
it contains an exception of a type that we choose to handle. Exceptions of
|
|
other types in the same group need to be automatically reraised,
|
|
otherwise it is too easy for user code to inadvertently swallow exceptions
|
|
that it is not handling.
|
|
|
|
We considered whether it is possible to modify the semantics of ``except``
|
|
for this purpose, in a backwards-compatible manner, and found that it is not.
|
|
See the `Rejected Ideas`_ section for more on this.
|
|
|
|
The purpose of this PEP, then, is to add the ``ExceptionGroup`` builtin type
|
|
and the ``except*`` syntax for handling exception groups in the interpreter.
|
|
The desired semantics of ``except*`` are sufficiently different from the
|
|
current exception handling semantics that we are not proposing to modify the
|
|
behavior of the ``except`` keyword but rather to add the new ``except*``
|
|
syntax.
|
|
|
|
Our premise is that exception groups and ``except*`` will be used
|
|
selectively, only when they are needed. We do not expect them to become
|
|
the default mechanism for exception handling. The decision to raise
|
|
exception groups from a library needs to be considered carefully and
|
|
regarded as an API-breaking change. We expect that this will normally be
|
|
done by introducing a new API rather than modifying an existing one.
|
|
|
|
|
|
Specification
|
|
=============
|
|
|
|
ExceptionGroup and BaseExceptionGroup
|
|
-------------------------------------
|
|
|
|
We propose to add two new builtin exception types:
|
|
``BaseExceptionGroup(BaseException)`` and
|
|
``ExceptionGroup(BaseExceptionGroup, Exception)``. They are assignable to
|
|
``Exception.__cause__`` and ``Exception.__context__``, and they can be
|
|
raised and handled as any exception with ``raise ExceptionGroup(...)`` and
|
|
``try: ... except ExceptionGroup: ...`` or ``raise BaseExceptionGroup(...)``
|
|
and ``try: ... except BaseExceptionGroup: ...``.
|
|
|
|
Both have a constructor that takes two positional-only arguments: a message
|
|
string and a sequence of the nested exceptions, which are exposed in the
|
|
fields ``message`` and ``exceptions``. For example:
|
|
``ExceptionGroup('issues', [ValueError('bad value'), TypeError('bad type')])``.
|
|
The difference between them is that ``ExceptionGroup`` can only wrap
|
|
``Exception`` subclasses while ``BaseExceptionGroup`` can wrap any
|
|
``BaseException`` subclass. A factory method that inspects the nested
|
|
execptions and selects between ``ExceptionGroup`` and ``BaseExceptionGroup``
|
|
makes the choice automatic. In the rest of the document, when we refer to
|
|
an exception group, we mean either an ``ExceptionGroup`` or a
|
|
``BaseExceptionGroup``. When it is necessary to make the distunction, we
|
|
use the class name. For brevity, we will use ``ExceptionGroup`` in code
|
|
examples that are relevant to both.
|
|
|
|
Since an exception group can be nested, it represents a tree of exceptions,
|
|
where the leaves are plain exceptions and each internal node represents a time
|
|
at which the program grouped some unrelated exceptions into a new group and
|
|
raised them together.
|
|
|
|
The ``BaseExceptionGroup.subgroup(condition)`` method gives us a way to obtain
|
|
an exception group that has the same metadata (message, cause, context,
|
|
traceback) as the original group, and the same nested structure of groups, but
|
|
contains only those exceptions for which the condition is true:
|
|
|
|
.. code-block::
|
|
|
|
>>> eg = ExceptionGroup(
|
|
... "one",
|
|
... [
|
|
... TypeError(1),
|
|
... ExceptionGroup(
|
|
... "two",
|
|
... [TypeError(2), ValueError(3)]
|
|
... ),
|
|
... ExceptionGroup(
|
|
... "three",
|
|
... [OSError(4)]
|
|
... )
|
|
... ]
|
|
... )
|
|
>>> traceback.print_exception(eg)
|
|
| ExceptionGroup: one
|
|
| with 3 sub-exceptions:
|
|
+-+---------------- 1 ----------------
|
|
| TypeError: 1
|
|
+---------------- 2 ----------------
|
|
| ExceptionGroup: two
|
|
| with 2 sub-exceptions:
|
|
+-+---------------- 2.1 ----------------
|
|
| TypeError: 2
|
|
+---------------- 2.2 ----------------
|
|
| ValueError: 3
|
|
+------------------------------------
|
|
+---------------- 3 ----------------
|
|
| ExceptionGroup: three
|
|
| with one sub-exception:
|
|
+-+---------------- 3.1 ----------------
|
|
| OSError: 4
|
|
+------------------------------------
|
|
>>> type_errors = eg.subgroup(lambda e: isinstance(e, TypeError))
|
|
>>> traceback.print_exception(type_errors)
|
|
| ExceptionGroup: one
|
|
| with 2 sub-exceptions:
|
|
+-+---------------- 1 ----------------
|
|
| TypeError: 1
|
|
+---------------- 2 ----------------
|
|
| ExceptionGroup: two
|
|
| with one sub-exception:
|
|
+-+---------------- 2.1 ----------------
|
|
| TypeError: 2
|
|
+------------------------------------
|
|
>>>
|
|
|
|
|
|
Empty nested groups are omitted from the result, as in the
|
|
case of ``ExceptionGroup("three")`` in the example above. If none of the
|
|
leaf exceptions match the condition, ``subgroup`` returns ``None`` rather
|
|
than an empty group. The original ``eg``
|
|
is unchanged by ``subgroup``, but the value returned is not necessarily a full
|
|
new copy. Leaf exceptions are not copied, nor are exception groups which are
|
|
fully contained in the result. When it is necessary to partition a
|
|
group because the condition holds for some, but not all of its
|
|
contained exceptions, a new ``ExceptionGroup`` or ``BaseExceptionGroup``
|
|
instance is created, while the ``__cause__``, ``__context__`` and
|
|
``__traceback__`` fields are copied by reference, so they are shared with
|
|
the original ``eg``.
|
|
|
|
If both the subgroup and its complement are needed, the
|
|
``BaseExceptionGroup.split(condition)`` method can be used:
|
|
|
|
.. code-block::
|
|
|
|
>>> type_errors, other_errors = eg.split(lambda e: isinstance(e, TypeError))
|
|
>>> traceback.print_exception(type_errors)
|
|
| ExceptionGroup: one
|
|
| with 2 sub-exceptions:
|
|
+-+---------------- 1 ----------------
|
|
| TypeError: 1
|
|
+---------------- 2 ----------------
|
|
| ExceptionGroup: two
|
|
| with one sub-exception:
|
|
+-+---------------- 2.1 ----------------
|
|
| TypeError: 2
|
|
+------------------------------------
|
|
>>> traceback.print_exception(other_errors)
|
|
| ExceptionGroup: one
|
|
| with 2 sub-exceptions:
|
|
+-+---------------- 1 ----------------
|
|
| ExceptionGroup: two
|
|
| with one sub-exception:
|
|
+-+---------------- 1.1 ----------------
|
|
| ValueError: 3
|
|
+------------------------------------
|
|
+---------------- 2 ----------------
|
|
| ExceptionGroup: three
|
|
| with one sub-exception:
|
|
+-+---------------- 2.1 ----------------
|
|
| OSError: 4
|
|
+------------------------------------
|
|
>>>
|
|
|
|
|
|
If a split is trivial (one side is empty), then None is returned for the
|
|
other side:
|
|
|
|
.. code-block::
|
|
|
|
>>> other_errors.split(lambda e: isinstance(e, SyntaxError))
|
|
(None, ExceptionGroup('one', [
|
|
ExceptionGroup('two', [
|
|
ValueError(3)
|
|
]),
|
|
ExceptionGroup('three', [
|
|
OSError(4)])]))
|
|
|
|
Since splitting by exception type is a very common use case, ``subgroup`` and
|
|
``split`` can take an exception type or tuple of exception types and treat it
|
|
as a shorthand for matching that type: ``eg.split(T)`` divides ``eg`` into the
|
|
subgroup of leaf exceptions that match the type ``T``, and the subgroup of those
|
|
that do not (using the same check as ``except`` for a match).
|
|
|
|
Subclassing Exception Groups
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
It is possible to subclass exception groups, but when doing that it is
|
|
usually necessary to specify how ``subgroup()`` and ``split()`` should
|
|
create new instances for the matching or non-matching part of the partition.
|
|
``BaseExceptionGroup`` exposes an instance method ``derive(self, excs)``
|
|
which is called whenever ``subgroup`` and ``split`` need to create a new
|
|
exception group. The parameter ``excs`` is the sequence of exceptions to
|
|
include in the new group. Since ``derive`` has access to self, it can
|
|
copy data from it to the new object. For example, if we need an exception
|
|
group subclass that has an additional error code field, we can do this:
|
|
|
|
.. code-block::
|
|
|
|
class MyExceptionGroup(ExceptionGroup):
|
|
def __new__(cls, message, excs, errcode):
|
|
obj = super().__new__(cls, message, excs)
|
|
obj.errcode = errcode
|
|
return obj
|
|
|
|
def derive(self, excs):
|
|
return MyExceptionGroup(self.message, excs, self.errcode)
|
|
|
|
|
|
Note that we override ``__new__`` rather than ``__init__``; this is because
|
|
``BaseExceptionGroup.__new__`` needs to inspect the constructor arguments, and
|
|
its signature is different from that of the subclass. Note also that our
|
|
``derive`` function does not copy the ``__context__``, ``__cause__`` and
|
|
``__traceback__`` fields, because ``subgroup`` and ``split`` do that for us.
|
|
|
|
With the class defined above, we have the following:
|
|
|
|
.. code-block::
|
|
|
|
>>> eg = MyExceptionGroup("eg", [TypeError(1), ValueError(2)], 42)
|
|
>>>
|
|
>>> match, rest = eg.split(ValueError)
|
|
>>> print(f'match: {match!r}: {match.errcode}')
|
|
match: MyExceptionGroup('eg', [ValueError(2)], 42): 42
|
|
>>> print(f'rest: {rest!r}: {rest.errcode}')
|
|
rest: MyExceptionGroup('eg', [TypeError(1)], 42): 42
|
|
>>>
|
|
|
|
If we do not override ``derive``, then split calls the one defined
|
|
on ``BaseExceptionGroup``, which returns an instance of ``ExceptionGroup``
|
|
if all contained exceptions are of type ``Exception``, and
|
|
``BaseExceptionGroup`` otherwise. For example:
|
|
|
|
.. code-block::
|
|
|
|
>>> class MyExceptionGroup(BaseExceptionGroup):
|
|
... pass
|
|
...
|
|
>>> eg = MyExceptionGroup("eg", [ValueError(1), KeyboardInterrupt(2)])
|
|
>>> match, rest = eg.split(ValueError)
|
|
>>> print(f'match: {match!r}')
|
|
match: ExceptionGroup('eg', [ValueError(1)])
|
|
>>> print(f'rest: {rest!r}')
|
|
rest: BaseExceptionGroup('eg', [KeyboardInterrupt(2)])
|
|
>>>
|
|
|
|
|
|
The Traceback of an Exception Group
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
For regular exceptions, the traceback represents a simple path of frames,
|
|
from the frame in which the exception was raised to the frame in which it
|
|
was caught or, if it hasn't been caught yet, the frame that the program's
|
|
execution is currently in. The list is constructed by the interpreter, which
|
|
appends any frame from which it exits to the traceback of the 'current
|
|
exception' if one exists. To support efficient appends, the links in a
|
|
traceback's list of frames are from the oldest to the newest frame. Appending
|
|
a new frame is then simply a matter of inserting a new head to the linked
|
|
list referenced from the exception's ``__traceback__`` field. Crucially, the
|
|
traceback's frame list is immutable in the sense that frames only need to be
|
|
added at the head, and never need to be removed.
|
|
|
|
We do not need to make any changes to this data structure. The ``__traceback__``
|
|
field of the exception group instance represents the path that the contained
|
|
exceptions travelled through together after being joined into the
|
|
group, and the same field on each of the nested exceptions
|
|
represents the path through which this exception arrived at the frame of the
|
|
merge.
|
|
|
|
What we do need to change is any code that interprets and displays tracebacks,
|
|
because it now needs to continue into tracebacks of nested exceptions, as
|
|
in the following example:
|
|
|
|
.. code-block::
|
|
|
|
>>> def f(v):
|
|
... try:
|
|
... raise ValueError(v)
|
|
... except ValueError as e:
|
|
... return e
|
|
...
|
|
>>> try:
|
|
... raise ExceptionGroup("one", [f(1)])
|
|
... except ExceptionGroup as e:
|
|
... eg = e
|
|
...
|
|
>>> raise ExceptionGroup("two", [f(2), eg])
|
|
| Traceback (most recent call last):
|
|
| File "<stdin>", line 1, in <module>
|
|
| ExceptionGroup: two
|
|
| with 2 sub-exceptions:
|
|
+-+---------------- 1 ----------------
|
|
| Traceback (most recent call last):
|
|
| File "<stdin>", line 3, in f
|
|
| ValueError: 2
|
|
+---------------- 2 ----------------
|
|
| Traceback (most recent call last):
|
|
| File "<stdin>", line 2, in <module>
|
|
| ExceptionGroup: one
|
|
| with one sub-exception:
|
|
+-+---------------- 2.1 ----------------
|
|
| Traceback (most recent call last):
|
|
| File "<stdin>", line 3, in f
|
|
| ValueError: 1
|
|
+------------------------------------
|
|
>>>
|
|
|
|
Handling Exception Groups
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
We expect that when programs catch and handle exception groups, they will
|
|
typically either query to check if it has leaf exceptions for which some
|
|
condition holds (using ``subgroup`` or ``split``) or format the exception
|
|
(using the ``traceback`` module's methods).
|
|
|
|
It is less likely to be useful to iterate over the individual leaf exceptions.
|
|
To see why, suppose that an application caught an exception group raised by
|
|
an ``asyncio.gather()`` call. At this stage, the context for each specific
|
|
exception is lost. Any recovery for this exception should have been performed
|
|
before it was grouped with other exceptions [10]_.
|
|
Furthermore, the application is likely to react in the same way to any number
|
|
of instances of a certain exception type, so it is more likely that we will
|
|
want to know whether ``eg.subgroup(T)`` is None or not, than we are to be
|
|
interested in the number of ``Ts`` in ``eg``.
|
|
|
|
However, there are situations where it is necessary to inspect the
|
|
individual leaf exceptions. For example, suppose that we have an
|
|
exception group ``eg`` and that we want to log the ``OSErrors`` that have a
|
|
specific error code and reraise everything else. We can do this by passing
|
|
a function with side effects to ``subgroup``, as follows:
|
|
|
|
.. code-block::
|
|
|
|
def log_and_ignore_ENOENT(err):
|
|
if isinstance(err, OSError) and err.errno == ENOENT:
|
|
log(err)
|
|
return False
|
|
else:
|
|
return True
|
|
|
|
try:
|
|
. . .
|
|
except ExceptionGroup as eg:
|
|
eg = eg.subgroup(log_and_ignore_ENOENT)
|
|
if eg is not None:
|
|
raise eg
|
|
|
|
|
|
In the previous example, when ``log_and_ignore_ENOENT`` is invoked on a leaf
|
|
exception, only part of this exception's traceback is accessible -- the part
|
|
referenced from its ``__traceback__`` field. If we need the full traceback,
|
|
we need to look at the concatenation of the tracebacks of the exceptions on
|
|
the path from the root to this leaf. We can get that with direct iteration,
|
|
recursively, as follows:
|
|
|
|
.. code-block::
|
|
|
|
def leaf_generator(exc, tbs=None):
|
|
if tbs is None:
|
|
tbs = []
|
|
|
|
tbs.append(exc.__traceback__)
|
|
if isinstance(exc, ExceptionGroup):
|
|
for e in exc.exceptions:
|
|
yield from leaf_generator(e, tbs)
|
|
else:
|
|
# exc is a leaf exception and its traceback
|
|
# is the concatenation of the traceback
|
|
# segments in tbs
|
|
yield exc, tbs
|
|
tbs.pop()
|
|
|
|
|
|
We can then process the full tracebacks of the leaf exceptions:
|
|
|
|
.. code-block::
|
|
|
|
>>> import traceback
|
|
>>>
|
|
>>> def g(v):
|
|
... try:
|
|
... raise ValueError(v)
|
|
... except Exception as e:
|
|
... return e
|
|
...
|
|
>>> def f():
|
|
... raise ExceptionGroup("eg", [g(1), g(2)])
|
|
...
|
|
>>> try:
|
|
... f()
|
|
... except BaseException as e:
|
|
... eg = e
|
|
...
|
|
>>> for (i, (exc, tbs)) in enumerate(leaf_generator(eg)):
|
|
... print(f"\n=== Exception #{i+1}:")
|
|
... traceback.print_exception(exc)
|
|
... print(f"The complete traceback for Exception #{i+1}:")
|
|
... for tb in tbs:
|
|
... traceback.print_tb(tb)
|
|
...
|
|
|
|
=== Exception #1:
|
|
Traceback (most recent call last):
|
|
File "<stdin>", line 3, in g
|
|
ValueError: 1
|
|
The complete traceback for Exception #1
|
|
File "<stdin>", line 2, in <module>
|
|
File "<stdin>", line 2, in f
|
|
File "<stdin>", line 3, in g
|
|
|
|
=== Exception #2:
|
|
Traceback (most recent call last):
|
|
File "<stdin>", line 3, in g
|
|
ValueError: 2
|
|
The complete traceback for Exception #2:
|
|
File "<stdin>", line 2, in <module>
|
|
File "<stdin>", line 2, in f
|
|
File "<stdin>", line 3, in g
|
|
>>>
|
|
|
|
except*
|
|
-------
|
|
|
|
We are proposing to introduce a new variant of the ``try..except`` syntax to
|
|
simplify working with exception groups. The ``*`` symbol indicates that multiple
|
|
exceptions can be handled by each ``except*`` clause:
|
|
|
|
.. code-block::
|
|
|
|
try:
|
|
...
|
|
except *SpamError:
|
|
...
|
|
except *FooError as e:
|
|
...
|
|
except *(BarError, BazError) as e:
|
|
...
|
|
|
|
In a traditional ``try-except`` statement there is only one exception to handle,
|
|
so the body of at most one ``except`` clause executes; the first one that matches
|
|
the exception. With the new syntax, an ``except*`` clause can match a subgroup
|
|
of the exception group that was raised, while the remaining part is matched
|
|
by following ``except*`` clauses. In other words, a single exception group can
|
|
cause several ``except*`` clauses to execute, but each such clause executes at
|
|
most once (for all matching exceptions from the group) and each exception is
|
|
either handled by exactly one clause (the first one that matches its type)
|
|
or is reraised at the end. The manner in which each exception is handled by
|
|
a ``try-except*`` block is independent of any other exceptions in the group.
|
|
|
|
For example, suppose that the body of the ``try`` block above raises
|
|
``eg = ExceptionGroup('msg', [FooError(1), FooError(2), BazError()])``.
|
|
The ``except*`` clauses are evaluated in order by calling ``split`` on the
|
|
``unhandled`` exception group, which is initially equal to ``eg`` and then shrinks
|
|
as exceptions are matched and extracted from it. In the first ``except*`` clause,
|
|
``unhandled.split(SpamError)`` returns ``(None, unhandled)`` so the body of this
|
|
block is not executed and ``unhandled`` is unchanged. For the second block,
|
|
``unhandled.split(FooError)`` returns a non-trivial split ``(match, rest)`` with
|
|
``match = ExceptionGroup('msg', [FooError(1), FooError(2)])``
|
|
and ``rest = ExceptionGroup('msg', [BazError()])``. The body of this ``except*``
|
|
block is executed, with the value of ``e`` and ``sys.exc_info()`` set to ``match``.
|
|
Then, ``unhandled`` is set to ``rest``.
|
|
Finally, the third block matches the remaining exception so it is executed
|
|
with ``e`` and ``sys.exc_info()`` set to ``ExceptionGroup('msg', [BazError()])``.
|
|
|
|
|
|
Exceptions are matched using a subclass check. For example:
|
|
|
|
.. code-block::
|
|
|
|
try:
|
|
low_level_os_operation()
|
|
except *OSError as eg:
|
|
for e in eg.exceptions:
|
|
print(type(e).__name__)
|
|
|
|
could output:
|
|
|
|
.. code-block::
|
|
|
|
BlockingIOError
|
|
ConnectionRefusedError
|
|
OSError
|
|
InterruptedError
|
|
BlockingIOError
|
|
|
|
The order of ``except*`` clauses is significant just like with the regular
|
|
``try..except``:
|
|
|
|
.. code-block::
|
|
|
|
>>> try:
|
|
... raise ExceptionGroup("problem", [BlockingIOError()])
|
|
... except *OSError as e: # Would catch the error
|
|
... print(repr(e))
|
|
... except *BlockingIOError: # Would never run
|
|
... print('never')
|
|
...
|
|
ExceptionGroup('problem', [BlockingIOError()])
|
|
|
|
Recursive Matching
|
|
~~~~~~~~~~~~~~~~~~
|
|
|
|
The matching of ``except*`` clauses against an exception group is performed
|
|
recursively, using the ``split()`` method:
|
|
|
|
.. code-block::
|
|
|
|
>>> try:
|
|
... raise ExceptionGroup(
|
|
... "eg",
|
|
... [
|
|
... ValueError('a'),
|
|
... TypeError('b'),
|
|
... ExceptionGroup(
|
|
... "nested",
|
|
... [TypeError('c'), KeyError('d')])
|
|
... ]
|
|
... )
|
|
... except *TypeError as e1:
|
|
... print(f'e1 = {e1!r}')
|
|
... except *Exception as e2:
|
|
... print(f'e2 = {e2!r}')
|
|
...
|
|
e1 = ExceptionGroup('eg', [TypeError('b'), ExceptionGroup('nested', [TypeError('c')])])
|
|
e2 = ExceptionGroup('eg', [ValueError('a'), ExceptionGroup('nested', [KeyError('d')])])
|
|
>>>
|
|
|
|
Unmatched Exceptions
|
|
~~~~~~~~~~~~~~~~~~~~
|
|
|
|
If not all exceptions in an exception group were matched by the ``except*``
|
|
clauses, the remaining part of the group is propagated on:
|
|
|
|
.. code-block::
|
|
|
|
>>> try:
|
|
... try:
|
|
... raise ExceptionGroup(
|
|
... "msg", [
|
|
... ValueError('a'), TypeError('b'),
|
|
... TypeError('c'), KeyError('e')
|
|
... ]
|
|
... )
|
|
... except *ValueError as e:
|
|
... print(f'got some ValueErrors: {e!r}')
|
|
... except *TypeError as e:
|
|
... print(f'got some TypeErrors: {e!r}')
|
|
... except ExceptionGroup as e:
|
|
... print(f'propagated: {e!r}')
|
|
...
|
|
got some ValueErrors: ExceptionGroup('msg', [ValueError('a')])
|
|
got some TypeErrors: ExceptionGroup('msg', [TypeError('b'), TypeError('c')])
|
|
propagated: ExceptionGroup('msg', [KeyError('e')])
|
|
>>>
|
|
|
|
|
|
Naked Exceptions
|
|
~~~~~~~~~~~~~~~~
|
|
|
|
If the exception raised inside the ``try`` body is not of type ``ExceptionGroup``
|
|
or ``BaseExceptionGroup``, we call it a ``naked`` exception. If its type matches
|
|
one of the ``except*`` clauses, it is caught and wrapped by an ``ExceptionGroup``
|
|
(or ``BaseExceptionGroup`` if it is not an ``Exception`` subclass) with an empty
|
|
message string. This is to make the type of ``e`` consistent and statically known:
|
|
|
|
.. code-block::
|
|
|
|
>>> try:
|
|
... raise BlockingIOError
|
|
... except *OSError as e:
|
|
... print(repr(e))
|
|
...
|
|
ExceptionGroup('', [BlockingIOError()])
|
|
|
|
However, if a naked exception is not caught, it propagates in its original
|
|
naked form:
|
|
|
|
.. code-block::
|
|
|
|
>>> try:
|
|
... try:
|
|
... raise ValueError(12)
|
|
... except *TypeError as e:
|
|
... print('never')
|
|
... except ValueError as e:
|
|
... print(f'caught ValueError: {e!r}')
|
|
...
|
|
caught ValueError: ValueError(12)
|
|
>>>
|
|
|
|
Raising exceptions in an ``except*`` block
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
In a traditional ``except`` block, there are two ways to raise exceptions:
|
|
``raise e`` to explicitly raise an exception object ``e``, or naked ``raise`` to
|
|
reraise the 'current exception'. When ``e`` is the current exception, the two
|
|
forms are not equivalent because a reraise does not add the current frame to
|
|
the stack:
|
|
|
|
.. code-block::
|
|
|
|
def foo(): | def foo():
|
|
try: | try:
|
|
1 / 0 | 1 / 0
|
|
except ZeroDivisionError as e: | except ZeroDivisionError:
|
|
raise e | raise
|
|
|
|
|
foo() | foo()
|
|
|
|
|
Traceback (most recent call last): | Traceback (most recent call last):
|
|
File "/Users/guido/a.py", line 7 | File "/Users/guido/b.py", line 7
|
|
foo() | foo()
|
|
File "/Users/guido/a.py", line 5 | File "/Users/guido/b.py", line 3
|
|
raise e | 1/0
|
|
File "/Users/guido/a.py", line 3 | ZeroDivisionError: division by zero
|
|
1/0 |
|
|
ZeroDivisionError: division by zero |
|
|
|
|
|
|
This holds for exception groups as well, but the situation is now more complex
|
|
because there can be exceptions raised and reraised from multiple ``except*``
|
|
clauses, as well as unhandled exceptions that need to propagate.
|
|
The interpreter needs to combine all those exceptions into a result, and
|
|
raise that.
|
|
|
|
The reraised exceptions and the unhandled exceptions are subgroups of the
|
|
original group, and share its metadata (cause, context, traceback).
|
|
On the other hand, each of the explicitly raised exceptions has its own
|
|
metadata - the traceback contains the line from which it was raised, its
|
|
cause is whatever it may have been explicitly chained to, and its context is the
|
|
value of ``sys.exc_info()`` in the ``except*`` clause of the raise.
|
|
|
|
In the aggregated exception group, the reraised and unhandled exceptions have
|
|
the same relative structure as in the original exception, as if they were split
|
|
off together in one ``subgroup`` call. For example, in the snippet below the
|
|
inner ``try-except*`` block raises an ``ExceptionGroup`` that contains all
|
|
``ValueErrors`` and ``TypeErrors`` merged back into the same shape they had in
|
|
the original ``ExceptionGroup``:
|
|
|
|
.. code-block::
|
|
|
|
>>> try:
|
|
... try:
|
|
... raise ExceptionGroup(
|
|
... "eg",
|
|
... [
|
|
... ValueError(1),
|
|
... TypeError(2),
|
|
... OSError(3),
|
|
... ExceptionGroup(
|
|
... "nested",
|
|
... [OSError(4), TypeError(5), ValueError(6)])
|
|
... ]
|
|
... )
|
|
... except *ValueError as e:
|
|
... print(f'*ValueError: {e!r}')
|
|
... raise
|
|
... except *OSError as e:
|
|
... print(f'*OSError: {e!r}')
|
|
... except ExceptionGroup as e:
|
|
... print(repr(e))
|
|
...
|
|
*ValueError: ExceptionGroup('eg', [ValueError(1), ExceptionGroup('nested', [ValueError(6)])])
|
|
*OSError: ExceptionGroup('eg', [OSError(3), ExceptionGroup('nested', [OSError(4)])])
|
|
ExceptionGroup('eg', [ValueError(1), TypeError(2), ExceptionGroup('nested', [TypeError(5), ValueError(6)])])
|
|
>>>
|
|
|
|
|
|
When exceptions are raised explicitly, they are independent of the original
|
|
exception group, and cannot be merged with it (they have their own cause,
|
|
context and traceback). Instead, they are combined into a new ``ExceptionGroup``
|
|
(or ``BaseExceptionGroup``), which also contains the reraised/unhandled
|
|
subgroup described above.
|
|
|
|
In the following example, the ``ValueErrors`` were raised so they are in their
|
|
own ``ExceptionGroup``, while the ``OSErrors`` were reraised so they were
|
|
merged with the unhandled ``TypeErrors``.
|
|
|
|
.. code-block::
|
|
|
|
>>> try:
|
|
... raise ExceptionGroup(
|
|
... "eg",
|
|
... [
|
|
... ValueError(1),
|
|
... TypeError(2),
|
|
... OSError(3),
|
|
... ExceptionGroup(
|
|
... "nested",
|
|
... [OSError(4), TypeError(5), ValueError(6)])
|
|
... ]
|
|
... )
|
|
... except *ValueError as e:
|
|
... print(f'*ValueError: {e!r}')
|
|
... raise e
|
|
... except *OSError as e:
|
|
... print(f'*OSError: {e!r}')
|
|
... raise
|
|
...
|
|
*ValueError: ExceptionGroup('eg', [ValueError(1), ExceptionGroup('nested', [ValueError(6)])])
|
|
*OSError: ExceptionGroup('eg', [OSError(3), ExceptionGroup('nested', [OSError(4)])])
|
|
| ExceptionGroup
|
|
| with 2 sub-exceptions:
|
|
+-+---------------- 1 ----------------
|
|
| Traceback (most recent call last):
|
|
| File "<stdin>", line 15, in <module>
|
|
| File "<stdin>", line 2, in <module>
|
|
| ExceptionGroup: eg
|
|
| with 2 sub-exceptions:
|
|
+-+---------------- 1.1 ----------------
|
|
| ValueError: 1
|
|
+---------------- 1.2 ----------------
|
|
| ExceptionGroup: nested
|
|
| with one sub-exception:
|
|
+-+---------------- 1.2.1 ----------------
|
|
| ValueError: 6
|
|
+------------------------------------
|
|
+---------------- 2 ----------------
|
|
| Traceback (most recent call last):
|
|
| File "<stdin>", line 2, in <module>
|
|
| ExceptionGroup: eg
|
|
| with 3 sub-exceptions:
|
|
+-+---------------- 2.1 ----------------
|
|
| TypeError: 2
|
|
+---------------- 2.2 ----------------
|
|
| OSError: 3
|
|
+---------------- 2.3 ----------------
|
|
| ExceptionGroup: nested
|
|
| with 2 sub-exceptions:
|
|
+-+---------------- 2.3.1 ----------------
|
|
| OSError: 4
|
|
+---------------- 2.3.2 ----------------
|
|
| TypeError: 5
|
|
+------------------------------------
|
|
>>>
|
|
|
|
|
|
Chaining
|
|
~~~~~~~~
|
|
|
|
Explicitly raised exception groups are chained as with any exceptions. The
|
|
following example shows how part of ``ExceptionGroup`` "one" became the
|
|
context for ``ExceptionGroup`` "two", while the other part was combined with
|
|
it into the new ``ExceptionGroup``.
|
|
|
|
.. code-block::
|
|
|
|
>>> try:
|
|
... raise ExceptionGroup("one", [ValueError('a'), TypeError('b')])
|
|
... except *ValueError:
|
|
... raise ExceptionGroup("two", [KeyError('x'), KeyError('y')])
|
|
...
|
|
| ExceptionGroup
|
|
| with 2 sub-exceptions:
|
|
+-+---------------- 1 ----------------
|
|
| Traceback (most recent call last):
|
|
| File "<stdin>", line 2, in <module>
|
|
| ExceptionGroup: one
|
|
| with one sub-exception:
|
|
+-+---------------- 1.context.1 ----------------
|
|
| ValueError: a
|
|
+------------------------------------
|
|
|
|
|
| During handling of the above exception, another exception occurred:
|
|
|
|
|
| Traceback (most recent call last):
|
|
| File "<stdin>", line 4, in <module>
|
|
| ExceptionGroup: two
|
|
| with 2 sub-exceptions:
|
|
+-+---------------- 1.1 ----------------
|
|
| KeyError: 'x'
|
|
+---------------- 1.2 ----------------
|
|
| KeyError: 'y'
|
|
+------------------------------------
|
|
+---------------- 2 ----------------
|
|
| Traceback (most recent call last):
|
|
| File "<stdin>", line 2, in <module>
|
|
| ExceptionGroup: one
|
|
| with one sub-exception:
|
|
+-+---------------- 2.1 ----------------
|
|
| TypeError: b
|
|
+------------------------------------
|
|
>>>
|
|
|
|
|
|
Raising New Exceptions
|
|
~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
In the previous examples the explicit raises were of the exceptions that
|
|
were caught, so for completion we show a new exception being raised, with
|
|
chaining:
|
|
|
|
.. code-block::
|
|
|
|
>>> try:
|
|
... raise TypeError('bad type')
|
|
... except *TypeError as e:
|
|
... raise ValueError('bad value') from e
|
|
...
|
|
| ExceptionGroup
|
|
| with one sub-exception:
|
|
+-+---------------- 1 ----------------
|
|
| ExceptionGroup
|
|
| with one sub-exception:
|
|
+-+---------------- 1.cause.1 ----------------
|
|
| Traceback (most recent call last):
|
|
| File "<stdin>", line 2, in <module>
|
|
| TypeError: bad type
|
|
+------------------------------------
|
|
|
|
|
| The above exception was the direct cause of the following exception:
|
|
|
|
|
| Traceback (most recent call last):
|
|
| File "<stdin>", line 4, in <module>
|
|
| ValueError: bad value
|
|
+------------------------------------
|
|
>>>
|
|
|
|
|
|
Note that exceptions raised in one ``except*`` clause are not eligible to match
|
|
other clauses from the same ``try`` statement:
|
|
|
|
.. code-block::
|
|
|
|
>>> try:
|
|
... raise TypeError(1)
|
|
... except *TypeError:
|
|
... raise ValueError(2) from None # <- not caught in the next clause
|
|
... except *ValueError:
|
|
... print('never')
|
|
...
|
|
| ExceptionGroup
|
|
| with one sub-exception:
|
|
+-+---------------- 1 ----------------
|
|
| Traceback (most recent call last):
|
|
| File "<stdin>", line 4, in <module>
|
|
| ValueError: 2
|
|
+----------------------------------------
|
|
>>>
|
|
|
|
|
|
Raising a new instance of a naked exception does not cause this exception to
|
|
be wrapped by an exception group. Rather, the exception is raised as is, and
|
|
if it needs to be combined with other propagated exceptions, it becomes a
|
|
direct child of the new exception group created for that:
|
|
|
|
|
|
.. code-block::
|
|
|
|
>>> try:
|
|
... raise ExceptionGroup("eg", [ValueError('a')])
|
|
... except *ValueError:
|
|
... raise KeyError('x')
|
|
...
|
|
| ExceptionGroup
|
|
| with one sub-exception:
|
|
+-+---------------- 1 ----------------
|
|
| Traceback (most recent call last):
|
|
| File "<stdin>", line 2, in <module>
|
|
| ExceptionGroup: eg
|
|
| with one sub-exception:
|
|
+-+---------------- 1.context.1 ----------------
|
|
| ValueError: a
|
|
+------------------------------------
|
|
|
|
|
| During handling of the above exception, another exception occurred:
|
|
|
|
|
| Traceback (most recent call last):
|
|
| File "<stdin>", line 4, in <module>
|
|
| KeyError: 'x'
|
|
+------------------------------------
|
|
>>>
|
|
>>> try:
|
|
... raise ExceptionGroup("eg", [ValueError('a'), TypeError('b')])
|
|
... except *ValueError:
|
|
... raise KeyError('x')
|
|
...
|
|
| ExceptionGroup
|
|
| with 2 sub-exceptions:
|
|
+-+---------------- 1 ----------------
|
|
| Traceback (most recent call last):
|
|
| File "<stdin>", line 2, in <module>
|
|
| ExceptionGroup: eg
|
|
| with one sub-exception:
|
|
+-+---------------- 1.context.1 ----------------
|
|
| ValueError: a
|
|
+------------------------------------
|
|
|
|
|
| During handling of the above exception, another exception occurred:
|
|
|
|
|
| Traceback (most recent call last):
|
|
| File "<stdin>", line 4, in <module>
|
|
| KeyError: 'x'
|
|
+---------------- 2 ----------------
|
|
| Traceback (most recent call last):
|
|
| File "<stdin>", line 2, in <module>
|
|
| ExceptionGroup: eg
|
|
| with one sub-exception:
|
|
+-+---------------- 2.1 ----------------
|
|
| TypeError: b
|
|
+------------------------------------
|
|
>>>
|
|
|
|
|
|
Finally, as an example of how the proposed semantics can help us work
|
|
effectively with exception groups, the following code ignores all ``EPIPE``
|
|
OS errors, while letting all other exceptions propagate.
|
|
|
|
.. code-block::
|
|
|
|
try:
|
|
low_level_os_operation()
|
|
except *OSError as errors:
|
|
raise errors.subgroup(lambda e: e.errno != errno.EPIPE) from None
|
|
|
|
|
|
Caught Exception Objects
|
|
~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
It is important to point out that the exception group bound to ``e`` in an
|
|
``except*`` clause is an ephemeral object. Raising it via ``raise`` or
|
|
``raise e`` will not cause changes to the overall shape of the original
|
|
exception group. Any modifications to ``e`` will likely be lost:
|
|
|
|
.. code-block::
|
|
|
|
>>> eg = ExceptionGroup("eg", [TypeError(12)])
|
|
>>> eg.foo = 'foo'
|
|
>>> try:
|
|
... raise eg
|
|
... except *TypeError as e:
|
|
... e.foo = 'bar'
|
|
... # ^----------- ``e`` is an ephemeral object that might get
|
|
>>> # destroyed after the ``except*`` clause.
|
|
>>> eg.foo
|
|
'foo'
|
|
|
|
|
|
Forbidden Combinations
|
|
~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
It is not possible to use both traditional ``except`` blocks and the new
|
|
``except*`` clauses in the same ``try`` statement. The following is a
|
|
``SyntaxError``:
|
|
|
|
.. code-block::
|
|
|
|
try:
|
|
...
|
|
except ValueError:
|
|
pass
|
|
except *CancelledError: # <- SyntaxError:
|
|
pass # combining ``except`` and ``except*``
|
|
# is prohibited
|
|
|
|
It is possible to catch the ``ExceptionGroup`` and ``BaseExceptionGroup``
|
|
types with ``except``, but not with ``except*`` because the latter is
|
|
ambiguous:
|
|
|
|
.. code-block::
|
|
|
|
try:
|
|
...
|
|
except ExceptionGroup: # <- This works
|
|
pass
|
|
|
|
try:
|
|
...
|
|
except *ExceptionGroup: # <- Runtime error
|
|
pass
|
|
|
|
try:
|
|
...
|
|
except *(TypeError, ExceptionGroup): # <- Runtime error
|
|
pass
|
|
|
|
|
|
An empty "match anything" ``except*`` block is not supported as its meaning may
|
|
be confusing:
|
|
|
|
.. code-block::
|
|
|
|
try:
|
|
...
|
|
except*: # <- SyntaxError
|
|
pass
|
|
|
|
|
|
``continue``, ``break``, and ``return`` are disallowed in ``except*`` clauses,
|
|
causing a ``SyntaxError``. This is because the exceptions in an
|
|
``ExceptionGroup`` are assumed to be independent, and the presence or absence
|
|
of one of them should not impact handling of the others, as could happen if we
|
|
allow an ``except*`` clause to change the way control flows through other
|
|
clauses.
|
|
|
|
|
|
Backwards Compatibility
|
|
=======================
|
|
|
|
Backwards compatibility was a requirement of our design, and the changes we
|
|
propose in this PEP will not break any existing code:
|
|
|
|
* The addition of the new builtin exception types ``ExceptionGroup`` and
|
|
``BaseExceptionGroup`` does not impact existing programs. The way that
|
|
existing exceptions are handled and displayed does not change in any way.
|
|
|
|
* The behaviour of ``except`` is unchanged so existing code will continue to work.
|
|
Programs will only be impacted by the changes proposed in this PEP once they
|
|
begin to use exception groups and ``except*``.
|
|
|
|
* An important concern was that ``except Exception:`` will continue to catch
|
|
almost all exceptions, and by making ``ExceptionGroup`` extend ``Exception``
|
|
we ensured that this will be the case. ``BaseExceptionGroups`` will not be
|
|
caught, which is appropriate because they include exceptions that would not
|
|
have been caught by ``except Exception``.
|
|
|
|
Once programs begin to use these features, there will be migration issues to
|
|
consider:
|
|
|
|
* An ``except T:`` clause that wraps code which is now potentially raising
|
|
an exception group may need to become ``except *T:``, and its body may
|
|
need to be updated. This means that raising an exception group is an
|
|
API-breaking change and will likely be done in new APIs rather than
|
|
added to existing ones.
|
|
|
|
* Libraries that need to support older Python versions will not be able to use
|
|
``except*`` or raise exception groups.
|
|
|
|
|
|
How to Teach This
|
|
=================
|
|
|
|
Exception groups and ``except*`` will be documented as part of the language
|
|
standard. Libraries that raise exception groups such as ``asyncio`` will need
|
|
to specify this in their documentation and clarify which API calls need to be
|
|
wrapped with ``try-except*`` rather than ``try-except``.
|
|
|
|
|
|
Reference Implementation
|
|
========================
|
|
|
|
We developed these concepts (and the examples for this PEP) with
|
|
the help of the reference implementation [11]_.
|
|
|
|
It has the builtin ``ExceptionGroup`` along with the changes to the traceback
|
|
formatting code, in addition to the grammar, compiler and interpreter changes
|
|
required to support ``except*``. ``BaseExceptionGroup`` will be added
|
|
soon.
|
|
|
|
Two opcodes were added: one implements the exception type match check via
|
|
``ExceptionGroup.split()``, and the other is used at the end of a ``try-except``
|
|
construct to merge all unhandled, raised and reraised exceptions (if any).
|
|
The raised/reraised exceptions are collected in a list on the runtime stack.
|
|
For this purpose, the body of each ``except*`` clause is wrapped in a traditional
|
|
``try-except`` which captures any exceptions raised. Both raised and reraised
|
|
exceptions are collected in the same list. When the time comes to merge them
|
|
into a result, the raised and reraised exceptions are distinguished by comparing
|
|
their metadata fields (context, cause, traceback) with those of the originally
|
|
raised exception. As mentioned above, the reraised exceptions have the same
|
|
metadata as the original, while the raised ones do not.
|
|
|
|
Rejected Ideas
|
|
==============
|
|
|
|
Make Exception Groups Iterable
|
|
------------------------------
|
|
|
|
We considered making exception groups iterable, so that ``list(eg)`` would
|
|
produce a flattened list of the leaf exceptions contained in the group.
|
|
We decided that this would not be a sound API, because the metadata
|
|
(cause, context and traceback) of the individual exceptions in a group is
|
|
incomplete and this could create problems.
|
|
|
|
Furthermore, as we explained in the `Handling Exception Groups`_ section, we
|
|
find it unlikely that iteration over leaf exceptions will have many use cases.
|
|
We did, however, provide there the code for a traversal algorithm that
|
|
correctly constructs each leaf exceptions' metadata. If it does turn out to
|
|
be useful in practice, we can add that utility to the standard library.
|
|
|
|
Make ``ExceptionGroup`` Extend ``BaseException``
|
|
------------------------------------------------
|
|
|
|
We considered making ``ExceptionGroup`` subclass only ``BaseException``,
|
|
and not ``Exception``. The rationale of this was that we expect exception
|
|
groups to be used in a deliberate manner where they are needed, and raised
|
|
only by APIs that are specifically designed and documented to do so. In
|
|
this context, an ``ExceptionGroup`` escaping from an API that is not
|
|
intended to raise one is a bug, and we wanted to give it "fatal error"
|
|
status so that ``except Exception`` will not inadvertently swallow it.
|
|
This would have been consistent with the way ``except T:`` does not catch
|
|
exception groups that contain ``T`` for all other types, and would help
|
|
contain ``ExceptionGroups`` to the parts of the program in which they are
|
|
supposed to appear. However, it was clear from the public discussion that
|
|
``T=Exception`` is a special case, and there are developers who feel strongly
|
|
that ``except Exception:`` should catch "almost everything", including
|
|
exception groups. This is why we decided to make ``ExceptionGroup`` a
|
|
subclass of ``Exception``.
|
|
|
|
Make it Impossible to Wrap ``BaseExceptions`` in an Exception Group
|
|
-------------------------------------------------------------------
|
|
|
|
A consequence of the decision to make ``ExceptionGroup`` extend
|
|
``Exception`` is that ``ExceptionGroup`` should not wrap ``BaseExceptions``
|
|
like ``KeyboardInterrupt``, as they are not currently caught by
|
|
``except Exception:``. We considered the option of simply making it
|
|
impossible to wrap ``BaseExceptions``, but eventually decided to make
|
|
it possible through the ``BaseExceptionGroup`` type, which extends
|
|
``BaseException`` rather than ``Exception``. Making this possible
|
|
adds flexibility to the language and leaves it for the programmer to
|
|
weigh the benefit of wrapping ``BaseExceptions`` rather than propagating
|
|
them in their naked form while discarding any other exceptions.
|
|
|
|
Traceback Representation
|
|
------------------------
|
|
|
|
We considered options for adapting the traceback data structure to represent
|
|
trees, but it became apparent that a traceback tree is not meaningful once
|
|
separated from the exceptions it refers to. While a simple-path traceback can
|
|
be attached to any exception by a ``with_traceback()`` call, it is hard to
|
|
imagine a case where it makes sense to assign a traceback tree to an exception
|
|
group. Furthermore, a useful display of the traceback includes information
|
|
about the nested exceptions. For these reasons we decided that it is best to
|
|
leave the traceback mechanism as it is and modify the traceback display code.
|
|
|
|
Extend ``except`` to Handle Exception Groups
|
|
---------------------------------------------
|
|
|
|
We considered extending the semantics of ``except`` to handle
|
|
exception groups, instead of introducing ``except*``. There were two
|
|
backwards compatibility concerns with this. The first is the type of the
|
|
caught exception. Consider this example:
|
|
|
|
.. code-block::
|
|
|
|
try:
|
|
. . .
|
|
except OSError as err:
|
|
if err.errno != ENOENT:
|
|
raise
|
|
|
|
If the value assigned to err is an exception group containing all of
|
|
the ``OSErrors`` that were raised, then the attribute access ``err.errno``
|
|
no longer works. So we would need to execute the body of the ``except``
|
|
clause multiple times, once for each exception in the group. However, this
|
|
too is a potentially breaking change because at the moment we write ``except``
|
|
clauses with the knowledge that they are only executed once. If there is
|
|
a non-idempotent operation there, such as releasing a resource, the
|
|
repetition could be harmful.
|
|
|
|
Another option that came up in the public discussion was to add ``except*``,
|
|
but also make ``except`` treat ``ExceptionGroups`` as a special case.
|
|
``except`` would then do something along the lines of extracting one exception
|
|
of matching type from the group in order to handle it. The motivation behind
|
|
these suggestions was to make the adoption of exception groups safer, in that
|
|
``except T`` catches ``Ts`` that are wrapped in exception groups. We decided
|
|
that such an approach adds considerable complexity to the semantics of the
|
|
language without making it more powerful. Even if it would make the adoption
|
|
of exception groups slightly easier (which is not at all obvious), these are
|
|
not the semantics we would like to have in the long term.
|
|
|
|
|
|
A New ``except`` Alternative
|
|
----------------------------
|
|
|
|
We considered introducing a new keyword (such as ``catch``) which can be used
|
|
to handle both naked exceptions and exception groups. Its semantics would
|
|
be the same as those of ``except*`` when catching an exception group, but
|
|
it would not wrap a naked exception to create an exception group. This
|
|
would have been part of a long term plan to replace ``except`` by ``catch``,
|
|
but we decided that deprecating ``except`` in favour of an enhanced keyword
|
|
would be too confusing for users at this time, so it is more appropriate
|
|
to introduce the ``except*`` syntax for exception groups while ``except``
|
|
continues to be used for simple exceptions.
|
|
|
|
Applying an ``except*`` Clause on One Exception at a Time
|
|
---------------------------------------------------------
|
|
|
|
We explained above that it is unsafe to execute an ``except`` clause in
|
|
existing code more than once, because the code may not be idempotent.
|
|
We considered doing this in the new ``except*`` clauses,
|
|
where the backwards compatibility considerations do not exist.
|
|
The idea is to always execute an ``except*`` clause on a single exception,
|
|
possibly executing the same clause multiple times when it matches multiple
|
|
exceptions. We decided instead to execute each ``except*`` clause at most
|
|
once, giving it an exception group that contains all matching exceptions. The
|
|
reason for this decision was the observation that when a program needs to know
|
|
the particular context of an exception it is handling, the exception is
|
|
handled before it is grouped and raised together with other exceptions.
|
|
|
|
For example, ``KeyError`` is an exception that typically relates to a certain
|
|
operation. Any recovery code would be local to the place where the error
|
|
occurred, and would use the traditional ``except``:
|
|
|
|
.. code-block::
|
|
|
|
try:
|
|
dct[key]
|
|
except KeyError:
|
|
# handle the exception
|
|
|
|
It is unlikely that asyncio users would want to do something like this:
|
|
|
|
.. code-block::
|
|
|
|
try:
|
|
async with asyncio.TaskGroup() as g:
|
|
g.create_task(task1); g.create_task(task2)
|
|
except *KeyError:
|
|
# handling KeyError here is meaningless, there's
|
|
# no context to do anything with it but to log it.
|
|
|
|
When a program handles a collection of exceptions that were aggregated into
|
|
an exception group, it would not typically attempt to recover from any
|
|
particular failed operation, but will rather use the types of the errors to
|
|
determine how they should impact the program's control flow or what logging
|
|
or cleanup is required. This decision is likely to be the same whether the group
|
|
contains a single or multiple instances of something like a ``KeyboardInterrupt``
|
|
or ``asyncio.CancelledError``. Therefore, it is more convenient to handle all
|
|
exceptions matching an ``except*`` at once. If it does turn out to be necessary,
|
|
the handler can inpect the exception group and process the individual
|
|
exceptions in it.
|
|
|
|
Not Matching Naked Exceptions in ``except*``
|
|
--------------------------------------------
|
|
|
|
We considered the option of making ``except *T`` match only exception groups
|
|
that contain ``Ts``, but not naked ``Ts``. To see why we thought this would
|
|
not be a desirable feature, return to the distinction in the previous paragraph
|
|
between operation errors and control flow exceptions. If we don't know whether
|
|
we should expect naked exceptions or exception groups from the body of a
|
|
``try`` block, then we're not in the position of handling operation errors.
|
|
Rather, we are likely calling a fairly generic function and will be handling
|
|
errors to make control flow decisions. We are likely to do the same thing
|
|
whether we catch a naked exception of type ``T`` or an exception group
|
|
with one or more ``Ts``. Therefore, the burden of having to explicitly handle
|
|
both is not likely to have semantic benefit.
|
|
|
|
If it does turn out to be necessary to make the distinction, it is always
|
|
possible to nest in the ``try-except*`` clause an additional ``try-except``
|
|
clause which intercepts and handles a naked exception before the ``except*``
|
|
clause has a chance to wrap it in an exception group. In this case the
|
|
overhead of specifying both is not additional burden - we really do need to
|
|
write a separate code block to handle each case:
|
|
|
|
.. code-block::
|
|
|
|
try:
|
|
try:
|
|
...
|
|
except SomeError:
|
|
# handle the naked exception
|
|
except *SomeError:
|
|
# handle the exception group
|
|
|
|
|
|
Allow mixing ``except:`` and ``except*:`` in the same ``try``
|
|
-------------------------------------------------------------
|
|
|
|
This option was rejected because it adds complexity without adding useful
|
|
semantics. Presumably the intention would be that an ``except T:`` block handles
|
|
only naked exceptions of type ``T``, while ``except *T:`` handles ``T`` in
|
|
exception groups. We already discussed above why this is unlikely
|
|
to be useful in practice, and if it is needed then the nested ``try-except``
|
|
block can be used instead to achieve the same result.
|
|
|
|
``try*`` instead of ``except*``
|
|
-------------------------------
|
|
|
|
Since either all or none of the clauses of a ``try`` construct are ``except*``,
|
|
we considered changing the syntax of the ``try`` instead of all the ``except*``
|
|
clauses. We rejected this because it would be less obvious. The fact that we
|
|
are handling exception groups of ``T`` rather than only naked ``Ts`` should be
|
|
specified in the same place where we state ``T``.
|
|
|
|
|
|
Programming Without 'except \*'
|
|
===============================
|
|
|
|
Consider the following simple example of the ``except *`` syntax (pretending
|
|
Trio natively supported this proposal):
|
|
|
|
.. code-block::
|
|
|
|
try:
|
|
async with trio.open_nursery() as nursery:
|
|
# Make two concurrent calls to child()
|
|
nursery.start_soon(child)
|
|
nursery.start_soon(child)
|
|
except *ValueError:
|
|
pass
|
|
|
|
Here is how this code would look in Python 3.9:
|
|
|
|
.. code-block::
|
|
|
|
def handle_ValueError(exc):
|
|
if isinstance(exc, ValueError):
|
|
return None
|
|
else:
|
|
return exc # reraise exc
|
|
|
|
with MultiError.catch(handle_ValueError):
|
|
async with trio.open_nursery() as nursery:
|
|
# Make two concurrent calls to child()
|
|
nursery.start_soon(child)
|
|
nursery.start_soon(child)
|
|
|
|
This example clearly demonstrates how unintuitive and cumbersome handling
|
|
of multiple errors is in current Python. The exception handling logic has
|
|
to be in a separate closure and is fairly low level, requiring the writer to
|
|
have non-trivial understanding of both Python exceptions mechanics and the
|
|
Trio APIs. Instead of using the ``try..except`` block we have to use a
|
|
``with`` block. We need to explicitly reraise exceptions we are not handling.
|
|
Handling more exception types or implementing more complex
|
|
exception handling logic will only further complicate the code to the point
|
|
of it being unreadable.
|
|
|
|
|
|
See Also
|
|
========
|
|
|
|
* An analysis of how exception groups will likely be used in asyncio
|
|
programs: [10]_.
|
|
|
|
* The issue where the ``except*`` concept was first formalized: [12]_.
|
|
|
|
* ``MultiError2`` design document: [3]_.
|
|
|
|
* Reporting Multiple Errors in the Hypothesis library: [7]_.
|
|
|
|
|
|
References
|
|
==========
|
|
|
|
.. [1] https://docs.python.org/3/library/asyncio-task.html#asyncio.gather
|
|
|
|
.. [2] https://trio.readthedocs.io/en/stable/
|
|
|
|
.. [3] https://github.com/python-trio/trio/issues/611
|
|
|
|
.. [4] https://bugs.python.org/issue29980
|
|
|
|
.. [5] https://docs.python.org/3/library/atexit.html#atexit.register
|
|
|
|
.. [6] https://github.com/pytest-dev/pytest/issues/8217
|
|
|
|
.. [7] https://hypothesis.readthedocs.io/en/latest/settings.html#hypothesis.settings.report_multiple_bugs
|
|
|
|
.. [8] https://bugs.python.org/issue40857
|
|
|
|
.. [9] https://trio.readthedocs.io/en/stable/reference-core.html#trio.MultiError
|
|
|
|
.. [10] https://github.com/python/exceptiongroups/issues/3#issuecomment-716203284
|
|
|
|
.. [11] https://github.com/iritkatriel/cpython/tree/exceptionGroup-stage5
|
|
|
|
.. [12] https://github.com/python/exceptiongroups/issues/4
|
|
|
|
.. [13] https://trio.readthedocs.io/en/stable/reference-core.html#nurseries-and-spawning
|
|
|
|
Copyright
|
|
=========
|
|
|
|
This document is placed in the public domain or under the
|
|
CC0-1.0-Universal license, whichever is more permissive.
|
|
|
|
|
|
..
|
|
Local Variables:
|
|
mode: indented-text
|
|
indent-tabs-mode: nil
|
|
sentence-end-double-space: t
|
|
fill-column: 70
|
|
coding: utf-8
|
|
End:
|