c++exceptiondestructorraii

If you shouldn't throw exceptions in a destructor, how do you handle errors in it?


Most people say never throw an exception out of a destructor - doing so results in undefined behavior. Stroustrup makes the point that "the vector destructor explicitly invokes the destructor for every element. This implies that if an element destructor throws, the vector destruction fails... There is really no good way to protect against exceptions thrown from destructors, so the library makes no guarantees if an element destructor throws" (from Appendix E3.2).

This article seems to say otherwise - that throwing destructors are more or less okay.

So my question is this - if throwing from a destructor results in undefined behavior, how do you handle errors that occur during a destructor?

If an error occurs during a cleanup operation, do you just ignore it? If it is an error that can potentially be handled up the stack but not right in the destructor, doesn't it make sense to throw an exception out of the destructor?

Obviously these kinds of errors are rare, but possible.


Solution

  • Throwing an exception out of a destructor is dangerous.
    If another exception is already propagating the application will terminate.
    But said "terminate" is a very well specified behaviour of majority of compilers, hence it's almost never "Undefined Behaviour" (depending on compiler).

    #include <iostream>
    
    class Bad
    {
        public:
            // Added the noexcept(false) so the code keeps its original meaning.
            // Post C++11 destructors are by default `noexcept(true)` and
            // this will (by default) call terminate if an exception is
            // escapes the destructor.
            //
            // But this example is designed to show that terminate is called
            // if two exceptions are propagating at the same time.
            ~Bad() noexcept(false)
            {
                throw 1;
            }
    };
    class Bad2
    {
        public:
            ~Bad2()
            {
                throw 1;
            }
    };
    
    
    int main(int argc, char* argv[])
    {
        try
        {
            Bad   bad;
        }
        catch(...)
        {
            std::cout << "Print This\n";
        }
    
        try
        {
            if (argc > 3)
            {
                Bad   bad; // This destructor will throw an exception that escapes (see above)
                throw 2;   // But having two exceptions propagating at the
                           // same time causes terminate to be called.
            }
            else
            {
                Bad2  bad; // The exception in this destructor will
                           // cause terminate to be called.
            }
        }
        catch(...)
        {
            std::cout << "Never print this\n";
        }
    
    }
    

    This basically boils down to:

    Anything dangerous (i.e. that could throw an exception) should be done via public methods (not necessarily directly). The user of your class can then potentially handle these situations by using the public methods and catching any potential exceptions.

    The destructor will then finish off the object by calling these methods (if the user did not do so explicitly), but any exceptions throw are caught and dropped (after attempting to fix the problem).

    So in effect you pass the responsibility onto the user. If the user is in a position to correct exceptions they will manually call the appropriate functions and processes any errors. If the user of the object is not worried (as the object will be destroyed) then the destructor is left to take care of business.

    An example:

    std::fstream

    The close() method can potentially throw an exception. The destructor calls close() if the file has been opened but makes sure that any exceptions do not propagate out of the destructor.

    So if the user of a file object wants to do special handling for problems associated to closing the file they will manually call close() and handle any exceptions. If on the other hand they do not care then the destructor will be left to handle the situation.

    Scott Meyers has an excellent article about the subject in his book "Effective C++"

    Edit:

    Apparently also in "More Effective C++"
    Item 11: Prevent exceptions from leaving destructors