Re: Why is boost::scoped_ptr implemented this way?

From: Philipp Bachmann (ed.soxi_at_nnamhcab.ppilihp)
Date: 03/11/04 

Date: Thu, 11 Mar 2004 11:11:23 +0100

"Siemel Naran" <SiemelNaran@att.net> wrote in message news:e2975357.0403101641.3925059a@posting.google.com...
> But I think to be atomic means that if any sub-part fails, the object
> is unchanged. Or maybe I'm mixing this up with strong exception
> safety. If they want this garauntee,
>
> void reset(T* p = 0)
> {
> T * ptrsave = ptr;
> try
> {
> ptr = p;
> delete ptrsave;
> }
> catch (...)
> {
> ptr = ptrsave;
> try
> {
> delete p;
> }
> catch (...)
> {
> terminate();
> }
> throw;
> }
> }
>
> So in a call to p.reset(new T) if the reset operation failed, 'p'
> would be the same.

This opens the question, whether we take not only the state of
the "scoped_ptr<>", but also the state of callers of member
functions on "scoped_ptr<>" into account, when we talk about
"strong exception safety". In my opinion, if "reset()" fails, it should
"fully" fail - and not take ownership over the instance supplied.

So, according to my definition of "strong exception safety",
if a member function "consume()" potentially taking ownership over other
instances isn't "throw()", then it's unsafe to write
"x.consume(new Y);", because the instance of Y may leak. Instead,
you will have to write something like this:
"Y *y=new Y;
 try {
   x.consume(y);
 }
 catch(...) {
   delete y;
   throw;
 }"
or let "consume()" take a "std::auto_ptr< Y >" instead of "Y *" and
internally assign its argument as the latest operation before returning.

To avoid this kind of problems / the potential notational inconvenience,
I'd like to advice to design functions taking ownership such that they
can be declared "throw()" like e.g. "std::auto_ptr<>::reset()".

Of course, this is both a question of the definition and a bit
theoretical, because you run into trouble anyway, as already stated
by many people, if "delete" throws.

Cheers,
Philipp.

Relevant Pages

  • Re: Threading and Serial port issue
    ... "fails" is pretty useless information. ... If it generates an exception, ... I then sit in a loop waiting for data to arrive. ... private void SetupBoard_Click ...
    (microsoft.public.dotnet.framework.compactframework)
  • Re: Strange error when app starts
    ... installed correctly via the installer ... machines and until recently they all worked perfectly. ... updated the application to a new version one of the machines fails ... unhandled exception when the application starts. ...
    (microsoft.public.dotnet.framework.windowsforms)
  • Re: Coding inside the debugger
    ... but why isn't the test written so that the reason it fails is ... If something fails in tests like these, ... public void testCreateWithDefaultthrows Exception { ... Ghostworld world = worldWithClass; ...
    (comp.object)
  • Re: update multiple rows continue past exceptions
    ... that fails causes the entire transaction to fail. ... don't have the exception. ... UPDATE MYTAB SET request = REPLACE(request, '$tpsToModify', ... Indeks er oprettet. ...
    (comp.databases.oracle.server)
  • Re: Why is boost::scoped_ptr implemented this way?
    ... That seems to be the reason why you say you don't understand me. ... If a member function, which takes ownership ... It is a question of the definition of "strong exception safety" and the documentation ... and during assignment of the argument to the member. ...
    (comp.lang.cpp)