Rob Stewart wrote:
Assume that the state machine dtor only releases resources, that it doesn't do any FSM things like exit actions or transitions. Assume that the library states clearly and emphatically that state object dtors may only release resources, and that they may not do any FSM things like exit actions or transitions. Then, once the state machine has been halted (akin to std::terminate()) for any reason, the library can disallow further FSM behavior or it can just state that doing any such things once the state machine has been halted results in undefined behavior.
Ok, I think I got it. I don't like the undefined behavior part but in general I agree that once an exception has left the state machine, the state machine is essentially no longer usable. boost::fsm currently terminates the state machine before the exception is propagated to the client. I agree that termination may be too much, as this inevitably exits all states but I think it is a good idea to put the state machine into a defined state whenever an exception is propagated. This way there's much less room for error when someone accidentially uses such a state machine object. Regards, Andreas