



Leaks are typically unacceptable. Manual resource release is error-prone. RAII ("Resource Acquisition Is Initialization") is the simplest, most systematic way of preventing leaks.



void f1(int i)   // Bad: possible leak
   int* p = new int[12];
   // ...
   if (i < 17) throw Bad{"in f()", i};
   // ...

We could carefully release the resource before the throw:


void f2(int i)   // Clumsy and error-prone: explicit release
   int* p = new int[12];
   // ...
   if (i < 17) {
       delete[] p;
       throw Bad{"in f()", i};
   // ...

This is verbose. In larger code with multiple possible throws explicit releases become repetitive and error-prone.


void f3(int i)   // OK: resource management done by a handle (but see below)
   auto p = make_unique(12);
   // ...
   if (i < 17) throw Bad{"in f()", i};
   // ...

Note that this works even when the throw is implicit because it happened in a called function:


void f4(int i)   // OK: resource management done by a handle (but see below)
   auto p = make_unique(12);
   // ...
   helper(i);   // may throw
   // ...

Unless you really need pointer semantics, use a local resource object:


void f5(int i)   // OK: resource management done by local object
   vector v(12);
   // ...
   helper(i);   // may throw
   // ...

That's even simpler and safer, and often more efficient.



If there is no obvious resource handle and for some reason defining a proper RAII object/handle is infeasible, as a last resort, cleanup actions can be represented by a final_action object.



But what do we do if we are writing a program where exceptions cannot be used? First challenge that assumption; there are many anti-exceptions myths around. We know of only a few good reasons:


  • We are on a system so small that the exception support would eat up most of our 2K memory.

  • 你正在工作的系统是如此之小,支持异常会吃掉最多2K内存(都无法承受)。

  • We are in a hard-real-time system and we don't have tools that guarantee us that an exception is handled within the required time.

  • 我们处在一个硬实时系统中,没有工具可以保证异常处理会在要求的时间内完成。

  • We are in a system with tons of legacy code using lots of pointers in difficult-to-understand ways (in particular without a recognizable ownership strategy) so that exceptions could cause leaks.

  • 我们所处的系统包含成吨的遗留代码,这些代码以难以理解的方式大量使用指针(通常没有可识别的所有权策略),因此异常可能引发泄露。

  • Our implementation of the C++ exception mechanisms is unreasonably poor (slow, memory consuming, failing to work correctly for dynamically linked libraries, etc.). Complain to your implementation purveyor; if no user complains, no improvement will happen.

  • 正在使用的C++实现,其异常机制超乎想象的差劲(缓慢,过多消费内存,使用动态链接库时无法工作等)。投诉你的提供者;如果没有用户投诉,就不会发生改进。

  • We get fired if we challenge our manager's ancient wisdom.

  • 如果我们挑战管理者的老套经验,就会被开除。

Only the first of these reasons is fundamental, so whenever possible, use exceptions to implement RAII, or design your RAII objects to never fail. When exceptions cannot be used, simulate RAII. That is, systematically check that objects are valid after construction and still release all resources in the destructor. One strategy is to add a valid() operation to every resource handle:


void f()
   vector vs(100);   // not std::vector: valid() added
   if (!vs.valid()) {
       // handle error or exit

   ifstream fs("foo");   // not std::ifstream: valid() added
   if (!fs.valid()) {
       // handle error or exit

   // ...
} // destructors clean up as usual

