A mechanism of exceptions is an integral part of the C++ standard. It is a recommended way to design error handling in C++ programs. It does, however, have limitations that do not always make it acceptable for real-time systems, especially safety-critical ones.Â
C++ exception handling depends heavily on stack unwinding. Once an exception is thrown, it propagates by the call stack up to the catch block that can handle it. This means that destructors of all local objects in all stack frames in its path are invoked, and it is hard to determine and formally prove the worst-case time of this process.
That is why coding guidelines for safety-critical systems, such as MISRA or JSF, explicitly forbid the use of exceptions for error handling.Â
This does not mean that C++ developers have to revert to the traditional plain C error codes...