Re: Bjarne's exception safe sample

George2 wrote:
: Hello everyone,
:
:
: Here is Bjarne's exception safe sample,
:
: http://www.research.att.com/~bs/3rd_safe.pdf
:
: [Code]
: template <class T> class Safe {
:
: T* p ; // p points to a T allocated using new
: public :
: Safe () :p (new T ) { }
: ~Safe () { delete p ; }
: Safe & operator =(const Safe & a) { *p = *a .p ; return *this; }
: / / ...
: };
: template <class T> class Unsafe { // sloppy and dangerous code
: T* p ; // p points to a T
: public :
: Unsafe (T* pp ) :p (pp ) { }
: ~Unsafe () { if (!p ->destructible ()) throw E(); delete p; }
: Unsafe & operator =(const Unsafe & a)
: {
: p ->~T (); // destroy old value (?10.4.11)
: new (p) T (a .p ); // construct copy of a.p in *p (?10.4.11)
: return *this;
: }
: / / ...
: };
: [/Code]
:
: What makes me confused is, the description about why it is not
: exception safe,
:
: --------------------
: The assignment operator may fail by throwing an exception from T 's
: copy constructor. This would
: leave a T in an undefined state because the old value of *p was
: destroyed and no new value
: replaced it.
: --------------------
:
: In my study, I can not find a case why there is exception thrown
: from Unsafe's copy constructor. Any ideas?

I think Bjarne says it all in the above paragraph. :-)

If you destroy a T (p->~T()), and the fail to construct a new T, the
Unsafe object is in an invalid state. Later, when trying to destroy
Unsafe, you will be in real trouble!

:
: BTW: it is also appreciated if you could share some experiences
: about what in your minds does invariant status mean
:
: (in Bjarne's minds, exception safety means making the object into
: invariant status). I find the word *invariant* is
: somethings hard to understand. :-)

In invariant is something that doesn't vary, something that is always
true, like an object being in a valid state.

Having an object that cannot be used, and that cannot be safely
destroyed, is just Not Good(tm).

Bo Persson