on Tue Jul 19 2011, lcaminiti <lorcaminiti-AT-gmail.com> wrote:
Dave Abrahams wrote:
on Tue Jul 19 2011, Lorenzo Caminiti <lorcaminiti-AT-gmail.com> wrote:
I'm sorry I managed to confuse everyone with this post because I meant to ask something different...
My question instead, is: What shall I do if I fail to copy an oldof value?
I don't think I misunderstood your question, although I don't happen to know what "oldof" means here...
Specifically, what shall I do if an oldof copy throws an exception? This is not specified by N1962 (as far as I can see). I decided that if I fail to copy and olfof value then I call the postcondition_broken handler but only after executing the body (even if oldof values are internally copied before the body is executed).
As I said, that doesn't make any sense to me, for the reasons I already gave, and because failure to allocate memory in precondition checking does not amount to a broken postcondition.
But in this case the failure is in allocating memory to copy an old value and NOT in checking preconditions.
Failing to copy an old value (e.g., for an alloc failure) will indeed not allow to check postconditions because the postconditions use the old value. Therefore, the postconditions should be considered failed because they cannot be checked and postcondition_broken should be called.
No (IMO). postcondition_broken indicates a program bug. As I mentioned in my guidelines, anticipated failure to satisfy a postcondition is a recoverable condition and should normally result in an exception. Of course, if that would change the contract of the function, it's unacceptable ;-) -- Dave Abrahams BoostPro Computing http://www.boostpro.com