Error Handling - Fatal Error or Highway to hell

back-end developer and team lead at DA-14
~ 3.5 years in software development area
hold tech meetups

ABOUT ME

CONTENTS

DEFINITION OF ERROR

something goes wrong
something doesn't work the way it should
something does strange things
something comes with things you don't even know what to do with
you do something wrong, so consequently, it does everything from above
you have got issues in DNA

DEFINITION OF ERROR: IN LIFE

error resulting from bad code within some program involved in producing the erroneous result
unexpected conditions which aren’t a part of program’s normal operation
bug in a program that causes it to operate incorrectly, but not to terminate abnormally (or crash).

DEFINITION OF ERROR: PROGRAMMING

ERROR TYPES

Operation Errors

Developer Errors

ERROR TYPES

Operation Errors

Run-time issues experienced by correctly-written software
Not bugs
Problems with environment or external things
- system itself
- system configuration
- hardware
- network
- etc.

ERROR TYPES

Developer Errors

Bugs
Something that can be fixed by changing a code
Can never be handled properly becuase a code is under the question

ERROR TYPES

SOURCE OF ERRORS

"I think I've got an awesome idea.
Frank, take your chainsaw and a flamethrower,let's have fun"

Typo
Not validated data
Incompetence
Carelessness
Unsuitable environment
Overconfidence
Superstition
Corrupted library / service / module
Environment problems

SOURCE OF ERRORS

ERROR HANDLING PATTERNS

Return a neutral value

ERROR HANDLING PATTERNS

Return the same answer as the previous time

ERROR HANDLING PATTERNS

Substitute the next piece of valid data

ERROR HANDLING PATTERNS

Substitute the closest legal value

ERROR HANDLING PATTERNS

Log a warning message

ERROR HANDLING PATTERNS

Return an error code

ERROR HANDLING PATTERNS

Call an error-processing routine/object

ERROR HANDLING PATTERNS

Display an error message wherever the error
is encountered

ERROR HANDLING PATTERNS

Handle the error in whatever way works best locally

ERROR HANDLING PATTERNS

Shut down

ERROR HANDLING PATTERNS

EXCEPTIONS

anomalous or exceptional conditions
requires special processing
breaks a normal system flow

EXCEPTIONS

Handling:

use catch, try-catch
use events (event emitter)

EXCEPTIONS

Important:

shut down a system because of unclear app state

EXCEPTIONS

SECURITY ISSUES

SECURITY ISSUES: INFORMATION LEAKAGE

Syntax error message

ReferenceError: foo is not defined\n at /home/roman_sachenko/Projects/API/app/controllers/main.js:28:9\n at wrapped (/home/roman_sachenko/Projects/API/node_modules/newrelic/lib/transaction/tracer/index.js:183:28)\n at wrappedPromise.linkTransaction (/home/roman_sachenko/Projects/API/node_modules/newrelic/lib/instrumentation/promise.js:273:65)\n at wrappedPromise.wrapped [as __NR_wrapper]

SECURITY ISSUES: INFORMATION LEAKAGE

Application error message

Authentication: "Email doesn't exist"

SECURITY ISSUES: INFORMATION LEAKAGE

Painkiller

limit stack trace
map error messages

SECURITY ISSUES: INFORMATION LEAKAGE

IN CONTEXT OF NODE.JS

Assert API is not for tests only

IN CONTEXT OF NODE.JS

Assert API is not for tests only

const assert = require('assert');

const getResult = () => {
  return {
    err: 'error message',
    value: null,
  };
};


const result = getResult();

assert.ifError(result.err);

//do something else

IN CONTEXT OF NODE.JS

Yes, we've got more than just new Error();

IN CONTEXT OF NODE.JS

Yes, we've got more than just new Error();

Error

AssertionError

Range
Error

ReferenceError

Syntax

Error

Type

Error

IN CONTEXT OF NODE.JS

Still not enough? Let's extend the Error object

IN CONTEXT OF NODE.JS

Error

Still not enough? Let's extend the Error object

IN CONTEXT OF NODE.JS

Error

API
Error

Custom features

Bad
Request

Not
Found

Oops

Extend the Error object? How does it look like?

const httpStatus = require('http-status');


module.exports = class ApiError extends Error {
  constructor(message, status) {
    super(message);

    this.name = this.constructor.name;

    Error.captureStackTrace(this, this.constructor);

    this.status = status || httpStatus.INTERNAL_SERVER_ERROR;

    this.message = message;
  }
};

IN CONTEXT OF NODE.JS

Want more? Events are everywhere

IN CONTEXT OF NODE.JS

Want more? Events are everywhere

IN CONTEXT OF NODE.JS

Event Emitter

Main Service

Error

Handling

Service

Events? Show me the code -_-

const EventEmitter = require('events');

class MainService extends EventEmitter {
  constructor(serviceName) {
    super();

    this._serviceName = serviceName;

    this.on('error', (err) => {
      // handle ${err}
      // from ${this._serviceName}
    });
  }
};

IN CONTEXT OF NODE.JS

class MyService extends MainService {
  constructor() {
    super('My Service');
  }

  foo() {
    try {
      // do something
    } catch (err) {
      this.emit('error', err);
    }
  }
};

Don't forget to catch exceptions and shut down the system

IN CONTEXT OF NODE.JS

Don't forget to catch exceptions and shut down the system

process
    .on('uncaughtException', (err) => {
      //log error
      //do asynchronous OR synchronous stuff
      process.exit(1) //shut down the system
    })
    .on('exit', () => {
      //do synchronous stuff only - last chance 
    });

IN CONTEXT OF NODE.JS

And don't reveal too much

IN CONTEXT OF NODE.JS

And don't reveal too much

const applicationStartupFunction = () => {

  if (process.env.NODE_ENV = 'production') {

    Error.stackTraceLimit = -1;

  }

};

IN CONTEXT OF NODE.JS

BEST PRACTICES

Use analysis
Use native API
- Assert (https://nodejs.org/api/assert.html)
- Errors (https://nodejs.org/api/errors.html)
To prevent information leakage wrap
system and environment errors

BEST PRACTICES

CHECKLIST

Setup uncaught exception handler
- Log
- Stop/Kill process because of unknown state
Setup and configure single point of error processing
Create custom error object
- Extend from existing NodeJS Error object
limit stack trace size for Production Environment
- Error.stackTraceLimit