472,984 Members | 1,974 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > c / c++ > questions > bjarne's exception safe sample

Join Bytes to post your question to a community of 472,984 software developers and data experts.

Bjarne's exception safe sample

Hello everyone,
Here is Bjarne's exception safe sample,

http://www.research.att.com/~bs/3rd_safe.pdf

Expand|Select|Wrap|Line Numbers
  1. template <class Tclass Safe {
  2.  
  3. T* p ; // p points to a T allocated using new
  4. public :
  5. Safe () :p (new T ) { }
  6. ~Safe () { delete p ; }
  7. Safe & operator =(const Safe & a) { *p = *a .p ; return *this; }
  8. / / ...
  9. };
  10. template <class Tclass Unsafe { // sloppy and dangerous code
  11. T* p ; // p points to a T
  12. public :
  13. Unsafe (T* pp ) :p (pp ) { }
  14. ~Unsafe () { if (!p ->destructible ()) throw E(); delete p; }
  15. Unsafe & operator =(const Unsafe & a)
  16. {
  17. p ->~T (); // destroy old value (§10.4.11)
  18. new (p) T (a .p ); // construct copy of a.p in *p (§10.4.11)
  19. return *this;
  20. }
  21. / / ...
  22. };
  23.  
What makes me confused is, the description about why it is not
exception safe,

--------------------
The assignment operator may fail by throwing an exception from T 's
copy constructor. This would
leave a T in an undefined state because the old value of *p was
destroyed and no new value
replaced it.
--------------------

In my study, I can not find a case why there is exception thrown from
Unsafe's copy constructor. Any ideas?

BTW: it is also appreciated if you could share some experiences about
what in your minds does invariant status mean

(in Bjarne's minds, exception safety means making the object into
invariant status). I find the word *invariant* is

somethings hard to understand. :-)
thanks in advance,
George
Dec 23 '07 #1
4 1870
George2 wrote:
: Hello everyone,
:
:
: Here is Bjarne's exception safe sample,
:
: http://www.research.att.com/~bs/3rd_safe.pdf
:
:
Expand|Select|Wrap|Line Numbers
  1. : template <class Tclass Safe {
  2. :
  3. : T* p ; // p points to a T allocated using new
  4. : public :
  5. : Safe () :p (new T ) { }
  6. : ~Safe () { delete p ; }
  7. : Safe & operator =(const Safe & a) { *p = *a .p ; return *this; }
  8. : / / ...
  9. : };
  10. : template <class Tclass Unsafe { // sloppy and dangerous code
  11. : T* p ; // p points to a T
  12. : public :
  13. : Unsafe (T* pp ) :p (pp ) { }
  14. : ~Unsafe () { if (!p ->destructible ()) throw E(); delete p; }
  15. : Unsafe & operator =(const Unsafe & a)
  16. : {
  17. : p ->~T (); // destroy old value (§10.4.11)
  18. : new (p) T (a .p ); // construct copy of a.p in *p (§10.4.11)
  19. : return *this;
  20. : }
  21. : / / ...
  22. : };
:
: What makes me confused is, the description about why it is not
: exception safe,
:
: --------------------
: The assignment operator may fail by throwing an exception from T 's
: copy constructor. This would
: leave a T in an undefined state because the old value of *p was
: destroyed and no new value
: replaced it.
: --------------------
:
: In my study, I can not find a case why there is exception thrown
: from Unsafe's copy constructor. Any ideas?

I think Bjarne says it all in the above paragraph. :-)

If you destroy a T (p->~T()), and the fail to construct a new T, the
Unsafe object is in an invalid state. Later, when trying to destroy
Unsafe, you will be in real trouble!

:
: BTW: it is also appreciated if you could share some experiences
: about what in your minds does invariant status mean
:
: (in Bjarne's minds, exception safety means making the object into
: invariant status). I find the word *invariant* is
: somethings hard to understand. :-)

In invariant is something that doesn't vary, something that is always
true, like an object being in a valid state.

Having an object that cannot be used, and that cannot be safely
destroyed, is just Not Good(tm).
Bo Persson
Dec 23 '07 #2
On 2007-12-23 13:07, George2 wrote:
Hello everyone,
Here is Bjarne's exception safe sample,

http://www.research.att.com/~bs/3rd_safe.pdf

Expand|Select|Wrap|Line Numbers
  1. template <class Tclass Safe {
  3. T* p ; // p points to a T allocated using new
  4. public :
  5. Safe () :p (new T ) { }
  6. ~Safe () { delete p ; }
  7. Safe & operator =(const Safe & a) { *p = *a .p ; return *this; }
  8. / / ...
  9. };
  10. template <class Tclass Unsafe { // sloppy and dangerous code
  11. T* p ; // p points to a T
  12. public :
  13. Unsafe (T* pp ) :p (pp ) { }
  14. ~Unsafe () { if (!p ->destructible ()) throw E(); delete p; }
  15. Unsafe & operator =(const Unsafe & a)
  16. {
  17. p ->~T (); // destroy old value (§10.4.11)
  18. new (p) T (a .p ); // construct copy of a.p in *p (§10.4.11)
  19. return *this;
  20. }
  21. / / ...
  22. };
  23.  

What makes me confused is, the description about why it is not
exception safe,

--------------------
The assignment operator may fail by throwing an exception from T 's
copy constructor. This would
leave a T in an undefined state because the old value of *p was
destroyed and no new value
replaced it.
--------------------

In my study, I can not find a case why there is exception thrown from
Unsafe's copy constructor. Any ideas?
The critical part is "new (p) T (a .p );" since we do not know what T is
we can not guarantee that constructing an object of type T will succeed
(the most trivial example would be a failure to allocate memory for it).
If that happens the Unsafe object is left in a bad state since we have
already deleted the pointer to the old T object.
BTW: it is also appreciated if you could share some experiences about
what in your minds does invariant status mean

(in Bjarne's minds, exception safety means making the object into
invariant status). I find the word *invariant* is somethings hard to
understand. :-)
Invariants are some conditions that always have to be true for an
object. So if we have an object and performs some kind of operation on
it, then those conditions have to be true after the operations were
performed if they also were true before.

In the case above an invariant might be that p must always be a valid
pointer to an object of type T.

--
Erik Wikström
Dec 23 '07 #3
In article
<9f**********************************@s19g2000prg. googlegroups.com>,
George2 <ge*************@yahoo.comwrote:
Hello everyone,
Here is Bjarne's exception safe sample,

http://www.research.att.com/~bs/3rd_safe.pdf

Expand|Select|Wrap|Line Numbers
  1. template <class Tclass Safe {
  3. T* p ; // p points to a T allocated using new
  4. public :
  5. Safe () :p (new T ) { }
  6. ~Safe () { delete p ; }
  7. Safe & operator =(const Safe & a) { *p = *a .p ; return *this; }
  8. / / ...
  9. };
  10. template <class Tclass Unsafe { // sloppy and dangerous code
  11. T* p ; // p points to a T
  12. public :
  13. Unsafe (T* pp ) :p (pp ) { }
  14. ~Unsafe () { if (!p ->destructible ()) throw E(); delete p; }
  15. Unsafe & operator =(const Unsafe & a)
  16. {
  17. p ->~T (); // destroy old value (§10.4.11)
  18. new (p) T (a .p ); // construct copy of a.p in *p (§10.4.11)
  19. return *this;
  20. }
  21. / / ...
  22. };
  23.  

What makes me confused is, the description about why it is not
exception safe,

--------------------
The assignment operator may fail by throwing an exception from T 's
copy constructor. This would
leave a T in an undefined state because the old value of *p was
destroyed and no new value
replaced it.
--------------------

In my study, I can not find a case why there is exception thrown from
Unsafe's copy constructor. Any ideas?
Not Unsafe's copy constructor, but T's copy constructor. If during the
call to Unsafe's op=, T's copy constructor throws an exception, the
object that Unsafe points to will be in an indeterminate state.

(Just as a BTW, neither class above is really safe because they are both
missing appropriate copy constructors.)
BTW: it is also appreciated if you could share some experiences about
what in your minds does invariant status mean

(in Bjarne's minds, exception safety means making the object into
invariant status). I find the word *invariant* is
somethings hard to understand. :-)
An invariant of a class is something that is always true about all
objects of that class. One of Safe's invariants is that it always points
to a valid T. Unsafe can't make that claim.

You might want to read (http://citeseer.ist.psu.edu/227598.html) as well.
Dec 23 '07 #4
: BTW: it is also appreciated if you could share some experiences
: about what in your minds does invariant status mean
:
: (in Bjarne's minds, exception safety means making the object into
: invariant status). I find the word *invariant* is
: somethings hard to understand. :-)

In invariant is something that doesn't vary, something that is always
true, like an object being in a valid state.
The JSF-AV coding standard
(http://www.research.att.com/~bs/JSF-AV-rules.pdf) has a good
formalization of what an invariant is:

"A class invariant is a statement-of-fact about a class that must be
true for all stable instances of the class. A class is considered to be
in a stable state immediately after construction, immediately before
destruction, and immediately before and after any remote public method
invocation."

-dr
Dec 24 '07 #5
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

3
C-style File Operations, C++ Streams, Exception Safety
by: Scott Brady Drummonds | last post by:
Hello, all, My most recent assignment has me working on a medium- to large-sized Windows-based C++ software project. My background is entirely on UNIX systems, where it appears that most of my...
C / C++
2
SAFE MODE,fopen, and chmod
by: Joseph S. | last post by:
Hi all, Consider this case: I have a free php hosting account (a LAMP host) with an account name (also the name of my directory) 'sample'. Under 'sample', I have php scripts which can create...
PHP
8
Expected Exception
by: Hayato Iriumi | last post by:
It's a big taboo to manipulate Windows Form directly from another thread and I did come across the issue in my actual development. My colleague and I were talking about it this morning and we...
Visual Basic .NET
2
auto_ptr's exception safe
by: Kuba_O | last post by:
Hello, i've got simple question about std::auto_ptr: what makes it is exceptions safe? Lets say i have class "int_smart_ptr" implemented like this: class int_smart_ptr { private: int...
C / C++
1
FA: (UK Only) Book: "The C++ Programming Language" 3rd Ed by Bjarne Stroustrup
by: Mike | last post by:
Hi, I'm auctioning the book "The C++ Programming Language" 3rd Ed. by Bjarne Stroustrup on ebay, details as follows or see eBay item number 250030480853. Softback. Condition : Good. Pub....
C / C++
132
C++ exception handling is defective
by: Zorro | last post by:
The simplicity of stack unraveling of C++ is not without defective consequences. The following article points to C++ examples showing the defects. An engineer aware of defects can avoid...
C / C++
4
Bjarne's exception safe sample
by: George2 | last post by:
Hello everyone, Here is Bjarne's exception safe sample, http://www.research.att.com/~bs/3rd_safe.pdf template <class T> class Safe {
C / C++
16
using swap to make assignment operator exception safe
by: George2 | last post by:
Hello everyone, The following swap technique is used to make assignment operator exception safe (means even if there is exception, the current object instance's state is invariant). It used a...
C / C++
11
Bjarne's comments about exception specification
by: George2 | last post by:
Hello everyone, How do you understand the Bjarne's comments about exception specification? Especially, "not required to be checked across compilation-unit" and "violations will not be caught...
C / C++
0
React to native button blinking effect
by: lllomh | last post by:
Define the method first this.state = { buttonBackgroundColor: 'green', isBlinking: false, // A new status is added to identify whether the button is blinking or not } autoStart=()=>{
Software Development
2
Windows 11 and Access Combo Box Issue
by: DJRhino | last post by:
Was curious if anyone else was having this same issue or not.... I was just Up/Down graded to windows 11 and now my access combo boxes are not acting right. With win 10 I could start typing...
Microsoft Access / VBA
2
isladogs
Access Europe meeting on Wed 4 Oct - The future of Access
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 4 Oct 2023 starting at 18:00 UK time (6PM UTC+1) and finishing at about 19:15 (7.15PM) The start time is equivalent to 19:00 (7PM) in Central...
Microsoft Access / VBA
0
How to find best mobile app development company in usa
by: Aliciasmith | last post by:
In an age dominated by smartphones, having a mobile app for your business is no longer an option; it's a necessity. Whether you're a startup or an established enterprise, finding the right mobile app...
Mobile Development
3
NeoPa
VBA Class Basics
by: NeoPa | last post by:
Introduction For this article I'll be using a very simple database which has Form (clsForm) & Report (clsReport) classes that simply handle making the calling Form invisible until the Form, or all...
Microsoft Access / VBA
1
Report value list
by: Teri B | last post by:
Hi, I have created a sub-form Roles. In my course form the user selects the roles assigned to the course. 0ne-to-many. One course many roles. Then I created a report based on the Course form and...
Microsoft Access / VBA
0
isladogs
Access Europe Meeting - Wed 1 Nov - Using SQL Server skills to extend Access
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 1 Nov 2023 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM) Please note that the UK and Europe revert to winter time on...
Microsoft Access / VBA
3
Finding a record, and then saving a new record after the record has been amended.
by: nia12 | last post by:
Hi there, I am very new to Access so apologies if any of this is obvious/not clear. I am creating a data collection tool for health care employees to complete. It consists of a number of...
Microsoft Access / VBA
4
Take a Database to the Next Level
by: GKJR | last post by:
Does anyone have a recommendation to build a standalone application to replace an Access database? I have my bookkeeping software I developed in Access that I would like to make available to other...
Microsoft Access / VBA

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2023
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!