<aside> 💡 Exception Safety

• Is it NOT
  • exception never happen
  • all exceptions get handled
• It IS
  • after an exception has been handled, the program is not left in a broken or unusable state </aside>

<aside> 💡 Specifically, 3 levels of exn safety for a f’n f:

1. Basic guarantee
   • if an exn occurs, the program will be in some valid state
   • nothing is leaked, no corrupted data structures, all class invariants maintained
2. Strong guarantee
   • if an exn is raised while executing f, the state of the program will be as if f had not been called
3. No-throw guarantee
   • f will never throw or propagate an exn and will always accomplish its task </aside>

class A {...};
class B {...};
class C {
	A a;
	B b;
	public:
	void f() {
		a.g(); // may throw (strong guarantee)
		b.h(); // may throw (strong guarantee)
	}
}

Is C::f exn safe?

• If a.g() throws
  • nothing’s happend yet. ok
• If b.h() throws
  • effects of g would have to be undone to offer the strong guarantee
  • very hard / impossible if g has non-local side-effect

thus: no, probably not exn safe

If A::a and B::h do not have non-local side effects, can use copy + swap:

class C {
	...
	void f() {
		A atemp = a;
		B btemp = b;
		atemp.g();
		btemp.h();
// ↑ If those throw, original a + b still intact(無傷)
		a = atemp;
		b = btemp;
// ↑ But what if copy assignment throw?
// In particular what if a a=atemp succeed, but b=btemp fails?
	}
};

Better if swap was no throw.

Recall: copying ptrs can’t throw

• Sol’n: Access C’s internal state through a ptr (called the pimpl idiom)

struct CImpl {
	A a;
	B b;
};

class C {
	unique.ptr<CImpl> pImpl;
	void f() {
		auto tmp = make.unique<CImpl>(* pImpl);
		temp->a.g();
		temp->b.h();
		std::swap(pImpl, tmp); // no-throw
	}
};
// If either A::g or B::b offer no exn safety guarantee,
// then neither can f

<aside> 💡 Exception Safety of STL - vector

vectors

• encapsulate a heap-allocated array
• follow RAII
• when a stack-allocated vector goes out of scope, the internal heap array is freed

void f() {
	vector<c> v;
	...
}
// v goes out of scope, array is freed,
// C's dtor runs for all objects in v

But…

void g() {
	vector<c*> v;
	...
// array is freed, ptrs don't have dtors,
// and objs ptd to by the ptrs are NOT deleted
// no explicit deallocation
}

</aside>

<aside> 💡 vector<c> - owns the objs

vector<c*> - does not own the objs

vector<unique.ptr<c>> - owns the objs

vector<T>::emplace.back - offers the strong guarantee

• if the array is full(i.e. size == cap)
  • allocate new array
  • copy objs over (copy ctor)
    • if a copty ctor throws
      • destroy the new array
      • old array still intact
  • delete old array (no throw)
• But… copying is expensive & the old array will be thrown away wouldn’y moving the objs be more efficient?
  • allocate new array
  • move the objs over (move ctor)
    • if a move ctor throws
      • original no longer intact
      • can’t offer the strong guarantee
  • delete old array(no-throw) </aside>

If the move ctor offer the nothrow guarantee, emplace_back will use the move ctor. Otherwise, it will use the copy ctor, which may be slower

• So your move ops should offer the nothrow guarantee, and you should indicate thay they do:

class C {
	public:
	C(C &&other) noexcept {...}
	C &operator=(C &&other) noexcept {...}
};

If you know a f’n will never throw or propagate an exn, declare if noexcept. Facilitates optimization At minimam: moves & swaps should be noexcept

<aside> 💡 Casting

In C

Node n;
int *ip = (int *) &n; // const-forces C++ to treat a Node* as an int*

• C - style casts should be avoided in C++

<aside> 💡 If you must const, use a C++ - style cast:

1. Static.cast - “sensible casts” - casts with a well-defined semantics eg. double -> int

   double d;
   void f(int x);
   void f(double d);
   f(static_cast<int>(d)); // calls void f(int x);
   

   eg. superclass ptr → subclass ptr

   Book *b = new Text {...};
   Text *t = static.cast<Text*>(b);
   

</aside>

</aside>