Re: Bjarne's exception safe sample

Hello everyone,

Here is Bjarne's exception safe sample,

http://www.research.att.com/~bs/3rd_safe.pdf

[Code]
template <class T> class Safe {

T* p ; // p points to a T allocated using new
public :
Safe () :p (new T ) { }
~Safe () { delete p ; }
Safe & operator =(const Safe & a) { *p = *a .p ; return *this; }
/ / ...
};
template <class T> class Unsafe { // sloppy and dangerous code
T* p ; // p points to a T
public :
Unsafe (T* pp ) :p (pp ) { }
~Unsafe () { if (!p ->destructible ()) throw E(); delete p; }
Unsafe & operator =(const Unsafe & a)
{
p ->~T (); // destroy old value (?10.4.11)
new (p) T (a .p ); // construct copy of a.p in *p (?10.4.11)
return *this;
}
/ / ...
};
[/Code]

What makes me confused is, the description about why it is not
exception safe,

--------------------
The assignment operator may fail by throwing an exception from T 's
copy constructor. This would
leave a T in an undefined state because the old value of *p was
destroyed and no new value
replaced it.
--------------------

In my study, I can not find a case why there is exception thrown from
Unsafe's copy constructor. Any ideas?

BTW: it is also appreciated if you could share some experiences about
what in your minds does invariant status mean

(in Bjarne's minds, exception safety means making the object into
invariant status). I find the word *invariant* is
somethings hard to understand. :-)