Exceptions and Control Flow

6.1  Exceptions

MzScheme supports the exception system proposed by Friedman, Haynes, and Dybvig.12 MzScheme's implementation extends that proposal by defining the specific exception values that are raised by each primitive error.

The following example defines a divide procedure that returns +inf.0 when dividing by zero instead of signaling an exception (other exceptions raised by / are signaled):

(define div-w-inf
  (lambda (n d)
    (with-handlers ([exn:fail:contract:divide-by-zero? 
                     (lambda (exn) +inf.0)])
      (/ n d))))

The following example catches and ignores file exceptions, but lets the enclosing context handle breaks:

(define (file-date-if-there filename)
  (with-handlers ([exn:fail:filesystem? (lambda (exn) #f)])
    (file-or-directory-modify-seconds filename)))

6.1.1  Primitive Exceptions

Whenever a primitive error occurs in MzScheme, an exception is raised. The value that is passed to the current exception handler is always an instance of the exn structure type. Every exn structure value has a message field that is a string, the primitive error message. The default exception handler recognizes exception values with the exn? predicate and passes the error message to the current error display handler (see error-display-handler in section

Primitive errors do not create immediate instances of the exn structure type. Instead, an instance from a hierarchy of subtypes of exn is instantiated. The subtype more precisely identifies the error that occurred and may contain additional information about the error. The table below defines the type hierarchy that is used by primitive errors and matches each subtype with the primitive errors that instantiate it. In the table, each bulleted line is a separate structure type. A type is nested under another when it is a subtype.

For example, reading an ill-formed expression raises an exception as an instance of exn:fail:read. An exception handler can test for this kind of exception using the global exn:fail:read? predicate. Given such an exception, an error string can be extracted using exn-message, while exn:fail:read-source accesses a list of source locations for the error.

Fields of the built-in exn structure types are immutable, so field mutators are not provided. Field-type contracts are enforced through guards; for example, (make-exn "Hello" #f) raises exn:fail:contract because the second argument is not a continuation mark set. All built-in exn structure types are transparent to all inspectors (see section 4.5).

  • exn:fail:contract:arity : application with the wrong number of arguments

  • exn:fail:contract:divide-by-zero : divide by zero

  • exn:fail:contract:continuation : attempt to cross a continuation barrier

  • exn:fail:contract:variable : unbound/not-yet-defined global or module variable

    id field, symbol -- the variable's identifier

  • exn:fail:read:eof : unexpected end-of-file

  • exn:fail:read:non-char : unexpected non-character

  • exn:fail:filesystem:exists : attempt to create a file that exists already

  • exn:fail:filesystem:version : version mismatch loading an extension

In addition to the built-in structure types for exceptions, MzScheme provides one built-in structure-type property (see section 4.4):

Primitive procedures that accept a procedure argument with a particular required arity (e.g., call-with-input-file, call/cc) check the argument's arity immediately, raising exn:fail:contract if the arity is incorrect.

6.2  Errors

The procedure error raises the exception exn:fail (which contains an error string). The error procedure has three forms:

In all cases, the constructed message string is passed to make-exn:fail and the resulting exception is raised.

6.2.1  Application Type Errors

(raise-type-error name-symbol expected-string v) creates an exn:fail:contract value and raises it as an exception. The name-symbol argument is used as the source procedure's name in the error message. The expected-string argument is used as a description of the expected type, and v is the value received by the procedure that does not have the expected type.

(raise-type-error name-symbol expected-string bad-k v) is similar, except that the bad argument is indicated by an index (from 0), and all of the original arguments v are provided (in order). The resulting error message names the bad argument and also lists the other arguments. If bad-k is not less than the number of vs, the exn:fail:contract exception is raised.

6.2.2  Application Mismatch Errors

(raise-mismatch-error name-symbol message-string v) creates an exn:fail:contract value and raises it as an exception. The name-symbol is used as the source procedure's name in the error message. The message-string is the error message. The v argument is the improper argument received by the procedure. The printed form of v is appended to message-string (using the error value conversion handler; see section

6.2.3  Syntax Errors

(raise-syntax-error name message-string [expr sub-expr]) creates an exn:fail:syntax value and raises it as an exception. Macros use this procedure to report syntax errors. The name argument is usually #f when expr is provided; it is described in more detail below. The message-string is used as the main body of the error message. The optional expr argument is the erroneous source syntax object or S-expression. The optional sub-expr argument is a syntax object or S-expression within expr that more precisely locates the error. If sub-expr is provided, it is used (in syntax form) for the exprs field of the generated exception record, else the expr is used if provided, otherwise the exprs field is the empty list. Source location information in the error-message text is similarly extracted from sub-expr or expr, when at least one is a syntax object.

The form name used in the generated error message is determined through a combination of the name, expr, and sub-expr arguments. The name argument can #f or a symbol:

See also section

6.2.4  Inferred Value Names

To improve error reporting, names are inferred at compile-time for certain kinds of values, such as procedures. For example, evaluating the following expression:

(let ([f (lambda () 0)]) (f 1 2 3))

produces an error message because too many arguments are provided to the procedure. The error message is able to report ``f'' as the name of the procedure. In this case, MzScheme decides, at compile-time, to name as f all procedures created by the let-bound lambda.

Names are inferred whenever possible for procedures. Names closer to an expression take precedence. For example, in

(define my-f
  (let ([f (lambda () 0)]) f))

the procedure bound to my-f will have the inferred name ``f''.

When an 'inferred-name property is attached to a syntax object for an expression (see section 12.6.2), the property value is used for naming the expression, and it overrides any name that was inferred from the expression's context.

When an inferred name is not available, but a source location is available, a name is constructed using the source location information. Inferred and property-assigned names are also available to syntax transformers, via syntax-local-name; see section 12.6 for more information.

(object-name v) returns a value for the name of v if v has a name, #f otherwise. The argument v can be any value, but only (some) procedures, structs, struct types, struct type properties, regexp values, and ports have names. The name of a procedure, struct, struct type, or struct type property is always a symbol. The name of a regexp value is a string, and a byte-regexp value's name is a byte string. The name of a port is typically a path or a string, but it can be arbitrary. All primitive procedures have names (see section 3.12.2).

6.3  Continuations

MzScheme supports fully re-entrant call-with-current-continuation (or call/cc). The macro let/cc binds a variable to the continuation in an immediate body of expressions:

 (let/cc k expr ···1)
 (call/cc (lambda (k) expr ···1))

Capturing a continuation also captures the current continuation marks (see section 6.5) and parameterization (see section 7.9). A continuation can be invoked from the thread (see Chapter 7) other than the one where it was captured. Multiple return values can be passed to a continuation (see section 2.2).

MzScheme installs a continuation barrier around evaluation in the following contexts, preventing full-continuation jumps across the barrier:

In addition, extensions of MzScheme may install barriers in additional contexts. In particular, MrEd installs a continuation barrier around most every callback. Finally, (call-with-continuation-barrier thunk) applies thunk with a barrier between the application and the current continuation.

In addition to regular call/cc, MzScheme provides call-with-escape-continuation (or call/ec) and let/ec. A continuation obtained from call/ec can only be used to escape back to the continuation; i.e., an escape continuation is only valid when the current continuation is an extension of the escape continuation. The application of call/ec's argument is not a tail call.

Escape continuations are provided for two reasons: 1) they are significantly cheaper than full continuations; and 2) they can cross continuation boundaries (which full continuations cannot cross).

The exn:fail:contract:continuation exception is raised when a continuation application would cross a continuation barrier, or an escape continuation is applied outside of its dynamic scope.

6.4  Dynamic Wind

(dynamic-wind pre-thunk value-thunk post-thunk) applies its three thunk arguments in order. The value of a dynamic-wind expression is the value returned by value-thunk. The pre-thunk procedure is invoked before calling value-thunk and post-thunk is invoked after value-thunk returns. The special properties of dynamic-wind are manifest when control jumps into or out of the value-thunk application (either due to an exception or a continuation invocation): every time control jumps into the value-thunk application, pre-thunk is invoked, and every time control jumps out of value-thunk, post-thunk is invoked. (No special handling is performed for jumps into or out of the pre-thunk and post-thunk applications.)

When dynamic-wind calls pre-thunk for normal evaluation of value-thunk, the continuation of the pre-thunk application calls value-thunk (with dynamic-wind's special jump handling) and then post-thunk. Similarly, the continuation of the post-thunk application returns the value of the preceding value-thunk application to the continuation of the entire dynamic-wind application.

When pre-thunk is called due to a continuation jump, the continuation of pre-thunk

  1. jumps to a more deeply nested pre-thunk, if any, or jumps to the destination continuation; then

  2. continues with the context of the pre-thunk's dynamic-wind call.

Normally, the second part of this continuation is never reached, due to a jump in the first part. However, the second part is relevant because it enables jumps to escape continuations that are contained in the context of the dynamic-wind call. Furthermore, it means that the continuation marks (see section 6.5) and parameterization (see section 7.9) for pre-thunk correspond to those of the dynamic-wind call that installed pre-thunk. The pre-thunk call, however, is parameterize-breaked to disable breaks (see also section 6.6).

Similarly, when post-thunk is called due to a continuation jump, the continuation of post-thunk jumps to a less deeply nested post-thunk, if any, or jumps to a pre-thunk protecting the destination, if any, or jumps to the destination continuation, then continues from the post-thunk's dynamic-wind application. As for pre-thunk, the parameterization of the original dynamic-wind call is restored for the call, and the call is parameterize-breaked to disable breaks.


(let ([v (let/ec out 
            (lambda () (display "in ")) 
            (lambda () 
              (display "pre ") 
              (display (call/cc out))
            (lambda () (display "out "))))])  
  (when v (v "post "))) 
 ; => displays in pre out in post out

(let/ec k0
  (let/ec k1
     (lambda () (k0 'cancel))
     (lambda () (k1 'cancel-canceled)))))
 ; => 'cancel-canceled

(let* ([x (make-parameter 0)]
       [l null]
       [add (lambda (a b)
              (set! l (append l (list (cons a b)))))])
  (let ([k (parameterize ([x 5])
                 (lambda () (add 1 (x)))
                 (lambda () (parameterize ([x 6])
                              (let ([k+e (let/cc k (cons k void))])
                                (add 2 (x))
                                ((cdr k+e))
                                (car k+e))))
                 (lambda () (add 3 (x)))))])
    (parameterize ([x 7])
      (let/cc esc
        (k (cons void esc)))))
  l) ; => '((1 . 5) (2 . 6) (3 . 5) (1 . 5) (2 . 6) (3 . 5))

6.5  Continuation Marks

To evaluate a sub-expression, MzScheme creates a continuation for the sub-expression that extends the current continuation. For example, to evaluate expr1 in the expression


MzScheme extends the continuation of the begin expression with one continuation frame to create the continuation for expr1. In contrast, expr2 is in tail position for the begin expression, so its continuation is the same as the continuation of the begin expression.

A continuation mark is a keyed mark in a continuation frame. A program can install a mark in the first frame of its current continuation, and it can extract the marks from all of the frames in any continuation. Continuation marks support debuggers and other program-tracing facilities; in particular, continuation frames roughly correspond to stack frames in traditional languages. For example, a debugger can annotate a source program to store continuation marks that relate each expression to its source location; when an exception occurs, the marks are extracted from the current continuation to produce a ``stack trace'' for the exception.

The list of continuation marks for a key k and a continuation C that extends C0 is defined as follows:

The with-continuation-mark form installs a mark on the first frame of the current continuation:

(with-continuation-mark key-expr mark-expr 

The key-expr, mark-expr, and body-expr expressions are evaluated in order. After key-expr is evaluated to obtain a key and mark-expr is evaluated to obtain a mark, the key is mapped to the mark in the current continuation's initial frame. If the frame already has a mark for the key, it is replaced. Finally, the body-expr is evaluated; the continuation for evaluating body-expr is the continuation of the with-continuation-mark expression (so the result of the body-expr is the result of the with-continuation-mark expression, and body-expr is in tail position for the with-continuation-mark expression).

The continuation-marks procedure extracts the complete set of continuation marks from a continuation, and The continuation-mark-set->list procedure extracts mark values for a particular key from a continuation mark set. The complete set of continuation-mark procedures follows:


(define (extract-current-continuation-marks key) 

(with-continuation-mark 'key 'mark 
  (extract-current-continuation-marks 'key)) ; => '(mark) 

(with-continuation-mark 'key1 'mark1 
  (with-continuation-mark 'key2 'mark2 
     (extract-current-continuation-marks 'key1) 
     (extract-current-continuation-marks 'key2)))) ; => '((mark1) (mark2)) 

(with-continuation-mark 'key 'mark1 
  (with-continuation-mark 'key 'mark2 ; replaces the previous mark 
    (extract-current-continuation-marks 'key)))) ; => '(mark2) 

(with-continuation-mark 'key 'mark1 
  (list ; continuation extended to evaluate the argument 
   (with-continuation-mark 'key 'mark2 
      (extract-current-continuation-marks 'key)))) ; => '((mark1 mark2)) 

(let loop ([n 1000])
  (if (zero? n) 
      (extract-current-continuation-marks 'key) 
      (with-continuation-mark 'key n
        (loop (sub1 n))))) ; => '(1)

In the final example, the continuation mark is set 1000 times, but extract-current-continuation-marks returns only one mark value. Because loop is called tail-recursively, the continuation of each call to loop is always the continuation of the entire expression. Therefore, the with-continuation-mark expression replaces the existing mark each time rather than adding a new one.

Whenever MzScheme creates an exception record, it fills the continuation-marks field with the value of (current-continuation-marks), thus providing a snapshot of the continuation marks at the time of the exception.

When a continuation procedure returned by call-with-current-continuation is invoked, it restores the captured continuation, and also restores the marks in the continuation's frames to the marks that were present when call-with-current-continuation was invoked.

6.6  Breaks

A break is an asynchronous exception, usually triggered through an external source controlled by the user, or through the break-thread procedure (see section 7.3). A break exception can only occur in a thread while breaks are enabled. When a break is detected and enabled, the exn:break exception is raised in the thread sometime afterward; if breaking is disabled when break-thread is called, the break is suspended until breaking is again enabled for the thread. While a thread has a suspended break, additional breaks are ignored.

Breaks are enabled through the break-enabled parameter-like procedure, and through the parameterize-break form, which is analogous to parameterize (see section 7.9). The break-enabled procedure does not represent a parameter to be used with parameterize, because changing the break-enabled state of a thread requires an explicit check for breaks, and this check is incompatible with the tail evaluation of a parameterize expression's body.

Certain procedures, such as semaphore-wait/enable-break, enable breaks temporarily while performing a blocking action. If breaks are enabled for a thread, and if a break is triggered for the thread but not yet delivered as an exn:break exception, then the break is guaranteed to be delivered before breaks can be disabled in the thread. The timing of exn:break exceptions is not guaranteed in any other way.

Before calling a with-handlers predicate or handler, an exception handler, an error display handler, an error escape handler, an error value conversion handler, or a pre-thunk or post-thunk for a dynamic-wind (see section 6.4), the call is parameterize-breaked to disable breaks. Furthermore, breaks are disabled during the transitions among handlers related to exceptions, during the transitions between pre-thunks and post-thunks for dynamic-wind, and during other transitions for a continuation jump. For example, if breaks are disabled when a continuation is invoked, and if breaks are also disabled in the target continuation, then breaks will remain disabled until from the time of the invocation until the target continuation executes unless a relevant dynamic-wind pre-thunk or post-thunk explicitly enables breaks.

If a break is triggered for a thread that is blocked on a nested thread (see call-in-nested-thread), and if breaks are enabled in the blocked thread, the break is implicitly handled by transferring it to the nested thread.

When breaks are enabled, they can occur at any point within execution, which makes certain implementation tasks subtle. For example, assuming breaks are enabled when the following code is executed,

(with-handlers ([exn:break? (lambda (x) (void))])
  (semaphore-wait s))

then it is not the case that a void result means the semaphore was decremented or a break was received, exclusively. It is possible that both occur: the break may occur after the semaphore is successfully decremented but before a void result is returned by semaphore-wait. A break exception will never damage a semaphore, or any other built-in construct, but many built-in procedures (including semaphore-wait) contain internal sub-expressions that can be interrupted by a break.

In general, it is impossible using only semaphore-wait to implement the guarantee that either the semaphore is decremented or an exception is raised, but not both. MzScheme therefore supplies semaphore-wait/enable-break (see section 7.4), which does permit the implementation of such an exclusive guarantee:

(parameterize ([break-enabled #f])
  (with-handlers ([exn:break? (lambda (x) (void))])
    (semaphore-wait/enable-break s)))

In the above expression, a break can occur at any point until break are disabled, in which case a break exception is propagated to the enclosing exception handler. Otherwise, the break can only occur within semaphore-wait/enable-break, which guarantees that if a break exception is raised, the semaphore will not have been decremented.

To allow similar implementation patterns over blocking port operations, MzScheme provides read-bytes-avail!/enable-break (see section 11.2.1), write-bytes-avail/enable-break (see section 11.2.2), and other procedures.

6.7  Error Escape Handler

Special control flow for exceptions is performed by an error escape handler that is called by the default exception handler. An error escape handler takes no arguments and must escape from the expression that raised the exception. The error escape handler is obtained or set using the error-escape-handler parameter (see section

An error escape handler cannot invoke a full continuation that was created prior to the exception, but it can invoke an escape continuation (see section 6.3).

The error escape handler is normally called directly by an exception handler, in a parameterization that sets the error display and escape handlers to the default handlers, and parametrize-breaked to disable breaks. To escape from a run-time error, use raise (see section 6.1) or error (see section 6.2) instead.

If an exception is raised while the error escape handler is executing, an error message is printed using a primitive error printer and a primitive error escape handler is invoked.

In the following example, the error escape handler is set so that errors do not escape from a custom read-eval-print loop:

(let ([orig (error-escape-handler)])
  (let/ec exit
    (let retry-loop ()
      (let/ec escape
         (lambda () (escape #f)))
        (let loop ()
          (let ([e (my-read)])
            (if (eof-object? e)
                (exit 'done)
                (let ([v (my-eval e)])
                  (my-print v)
  (error-escape-handler orig))

See also read-eval-print-loop in section 14.1 for a simpler implementation of this example.

12 See http://www.cs.indiana.edu/scheme-repository/doc.proposals.exceptions.html

13 If the current error display handler is the default handler, then the error-display call is parameterized to install an emergency error display handler that attempts to print directly to a console and never fails.