<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Issue 3157: Allocator destroy and fancy pointer operations must be non-throwing</title>
<meta property="og:title" content="Issue 3157: Allocator destroy and fancy pointer operations must be non-throwing">
<meta property="og:description" content="C++ library issue. Status: New">
<meta property="og:url" content="https://cplusplus.github.io/LWG/issue3157.html">
<meta property="og:type" content="website">
<meta property="og:image" content="http://cplusplus.github.io/LWG/images/cpp_logo.png">
<meta property="og:image:alt" content="C++ logo">
<style>
  p {text-align:justify}
  li {text-align:justify}
  pre code.backtick::before { content: "`" }
  pre code.backtick::after { content: "`" }
  blockquote.note
  {
    background-color:#E0E0E0;
    padding-left: 15px;
    padding-right: 15px;
    padding-top: 1px;
    padding-bottom: 1px;
  }
  ins {background-color:#A0FFA0}
  del {background-color:#FFA0A0}
  table.issues-index { border: 1px solid; border-collapse: collapse; }
  table.issues-index th { text-align: center; padding: 4px; border: 1px solid; }
  table.issues-index td { padding: 4px; border: 1px solid; }
  table.issues-index td:nth-child(1) { text-align: right; }
  table.issues-index td:nth-child(2) { text-align: left; }
  table.issues-index td:nth-child(3) { text-align: left; }
  table.issues-index td:nth-child(4) { text-align: left; }
  table.issues-index td:nth-child(5) { text-align: center; }
  table.issues-index td:nth-child(6) { text-align: center; }
  table.issues-index td:nth-child(7) { text-align: left; }
  table.issues-index td:nth-child(5) span.no-pr { color: red; }
  @media (prefers-color-scheme: dark) {
     html {
        color: #ddd;
        background-color: black;
     }
     ins {
        background-color: #225522
     }
     del {
        background-color: #662222
     }
     a {
        color: #6af
     }
     a:visited {
        color: #6af
     }
     blockquote.note
     {
        background-color: rgba(255, 255, 255, .10)
     }
  }
</style>
</head>
<body>
<hr>
<p><em>This page is a snapshot from the LWG issues list, see the <a href="lwg-active.html">Library Active Issues List</a> for more information and the meaning of <a href="lwg-active.html#New">New</a> status.</em></p>
<h3 id="3157"><a href="lwg-active.html#3157">3157</a>. Allocator <code>destroy</code> and fancy pointer operations must be non-throwing</h3>
<p><b>Section:</b> 16.4.4.6 <a href="https://wg21.link/allocator.requirements">[allocator.requirements]</a> <b>Status:</b> <a href="lwg-active.html#New">New</a>
 <b>Submitter:</b> Billy O'Neal III <b>Opened:</b> 2018-09-07 <b>Last modified:</b> 2018-12-16</p>
<p><b>Priority: </b>3
</p>
<p><b>View other</b> <a href="lwg-index-open.html#allocator.requirements">active issues</a> in [allocator.requirements].</p>
<p><b>View all other</b> <a href="lwg-index.html#allocator.requirements">issues</a> in [allocator.requirements].</p>
<p><b>View all issues with</b> <a href="lwg-status.html#New">New</a> status.</p>
<p><b>Discussion:</b></p>
<p>
In annotating things required to be called by <code>~vector</code>, Casey pointed out that several operations I guarded 
with <code>noexcept</code> aren't actually mandated by the standard to be <code>noexcept</code>. However, the STL, and more 
specifically here, containers, consider inability to destroy an element an unrecoverable condition. This is evidenced 
for the whole STL by 16.4.6.14 <a href="https://wg21.link/res.on.exception.handling">[res.on.exception.handling]</a>/3 "Every destructor in the C ++ standard library shall 
behave as if it had a non-throwing exception specification.".
<p/>
As a result, <code>allocator::destroy</code> and fancy pointer operations must be non-throwing for valid input, or the 
containers don't make any sense. This is obvious for things like <code>vector::~vector</code>, but less obviously the 
containers rely on these guarantees whenever inserting more than one element, etc.
<p/>
Moreover, we too narrowly specify the domain of the <code>pointer_traits::pointer_to</code> requirement in the 
<code><i>Cpp17Allocator</i></code> requirements, because any node-based container that uses container-internal sentinel 
nodes needs to be able to form pointers to said sentinel nodes; that operation must also be non-throwing.
</p>

<p><i>[2018-09 Reflector prioritization]</i></p>

<p>Set Priority to 3</p>


<p id="res-3157"><b>Proposed resolution:</b></p>

<p>This wording is relative to <a href="https://wg21.link/n4762">N4762</a>.</p>

<ol>
<li><p>Modify 16.4.4.6 <a href="https://wg21.link/allocator.requirements">[allocator.requirements]</a>, Table 32 "Descriptive variable definitions" as indicated:</p>
<blockquote>
<table border="1">
<caption>Table 32 &mdash; Descriptive variable definitions</caption>
<tr>
<th>Variable</th>
<th>Definition</th>
</tr>

<tr>
<td colspan="2" align="center">
<code>&hellip;</code>
</td>
</tr>

<tr>
<td>
<code>YY</code>
</td>
<td>
the type <code>allocator_traits&lt;Y&gt;</code>
</td>
</tr>

<tr>
<td>
<ins><code>Z</code></ins>
</td>
<td>
<ins>an allocator-aware container type (23.2.2 <a href="https://wg21.link/container.requirements.general">[container.requirements.general]</a>)</ins>
</td>
</tr>

<tr>
<td colspan="2" align="center">
<code>&hellip;</code>
</td>
</tr>

<tr>
<td>
<code>y</code>
</td>
<td>
a value of type <code>XX::const_void_pointer</code> obtained by<br/>
conversion from a result value of <code>YY::allocate</code>, or else a<br/>
value of type (possibly <code>const</code>) <code>std::nullptr_t</code>.
</td>
</tr>

<tr>
<td>
<code><ins>z</ins></code>
</td>
<td>
<ins>an lvalue of type <code>Z</code> such that <code>z.get_allocator() == a</code></ins>
</td>
</tr>

<tr>
<td>
<code><ins>r1</ins></code>
</td>
<td>
<ins>a reference to any member subobject of <code>z</code></ins>
</td>
</tr>

<tr>
<td>
<code>n</code>
</td>
<td>
a value of type <code>XX::size_type</code>.
</td>
</tr>

<tr>
<td colspan="2" align="center">
<code>&hellip;</code>
</td>
</tr>

</table>
</blockquote>

</li>

<li><p>Modify 16.4.4.6 <a href="https://wg21.link/allocator.requirements">[allocator.requirements]</a>, Table 33 "<code><i>Cpp17Allocator</i></code> requirements" as indicated:</p>
<blockquote>
<table border="1">
<caption>Table 33 &mdash; <code><i>Cpp17Allocator</i></code> requirements</caption>
<tr>
<th>Expression</th>
<th>Return type</th>
<th>Assertion&#47;note<br/>pre-&#47;post-condition</th>
<th>Default</th>
</tr>

<tr>
<td colspan="4" align="center">
<code>&hellip;</code>
</td>
</tr>

<tr>
<td>
<code>pointer_traits&lt;<br/>
X::pointer<br/>
&gt;::pointer_to(r)</code>
</td>
<td>
<code>X::pointer</code>
</td>
<td>
<ins>S</ins><del>s</del>ame as <code>p</code><ins>.<br/>
<i>Throws:</i> Nothing.</ins>
</td>
<td>
</td>
</tr>

<tr>
<td>
<ins><code>pointer_traits&lt;<br/>
X::pointer<br/>
&gt;::pointer_to(r1)</code></ins>
</td>
<td>
</td>
<td>
<ins>A value of type <code>YY::pointer</code> or<br/>
<code>YY::const_pointer</code> <code>k</code> such that<br/> 
<code>*k</code> is <code>r1</code>.<br/>
<i>Throws:</i> Nothing.</ins>
</td>
<td>
</td>
</tr>

<tr>
<td colspan="4" align="center">
<code>&hellip;</code>
</td>
</tr>

<tr>
<td>
<code>a.destroy(c)</code>
</td>
<td>
(not used)
</td>
<td>
<i>Effects:</i> Destroys the object at <code>c</code><ins>.</ins><br/>
<ins><i>Throws:</i> Nothing.</ins>
</td>
<td>
<code>c-&gt;~C()</code>
</td>
</tr>

<tr>
<td colspan="4" align="center">
<code>&hellip;</code>
</td>
</tr>

</table>
</blockquote>
</li>

<li><p>Modify 16.4.4.6 <a href="https://wg21.link/allocator.requirements">[allocator.requirements]</a>, p5, as indicated:</p>

<blockquote>
<p>
-5- An allocator type <code>X</code> shall satisfy the <code><i>Cpp17CopyConstructible</i></code> requirements (Table 26). 
The <code>X::pointer</code>, <code>X::const_pointer</code>, <code>X::void_pointer</code>, and <code>X::const_void_pointer</code> 
types shall satisfy the <code><i>Cpp17NullablePointer</i></code> requirements (Table 30). No constructor, comparison 
function, copy operation, move operation, or swap operation on these pointer types shall exit via an exception. 
<code>X::pointer</code> and <code>X::const_pointer</code> shall also satisfy the requirements for a random access iterator 
(24.3.5.7 <a href="https://wg21.link/random.access.iterators">[random.access.iterators]</a>) and of a contiguous iterator (24.3.1 <a href="https://wg21.link/iterator.requirements.general">[iterator.requirements.general]</a>)
<ins>and operations in those requirements shall not exit via an exception so long as resulting iterators are 
dereferencable or past-the-end</ins>.
</p>
</blockquote>
</li>

<li><p>Modify 20.2.9.3 <a href="https://wg21.link/allocator.traits.members">[allocator.traits.members]</a>, as indicated:</p>

<blockquote>
<pre>
template&lt;class T&gt;
  static void destroy(Alloc&amp; a, T* p);
</pre>
<blockquote>
<p>
-6- <i>Effects:</i> Calls <code>a.destroy(p)</code> if that call is well-formed; otherwise, invokes <code>p-&gt;~T()</code>.
<p/>
<ins>-?- <i>Throws:</i> Nothing.</ins>
</p>
</blockquote>
</blockquote>
</li>

</ol>





</body>
</html>
