----- Original Message ----- [...] From: "Andreas Huber" <ah2003@gmx.net>
The above is the best reasoning I can currently give to show that failing exit actions do not make any sense. For me, this is more than enough to not ever consider them again (at least for an FSM library implemented in C++). I will answer questions arising from this post and I am interested in feedback whether this convinces people but I will not try to reason any further as I have run out of arguments and I think I have already invested too much time into this.
Your default exception handling isn't very intuitive. What you've done may be the best way to go but I don't have a strong opinion on how to deploy it in practice or how to adopt it to existing methodologies of state machine design. I don't want to repeat my arguments but as I suggested in one of my previous posts, I would prefer if by default no action (entry or exit) may throw so that in terms of the user actions, fsm doesn't provide any exception safety guarantees (I realize that for most boost folks, it sounds controversial, to say the least :) ... but this will make fsm (by default!) act according to the well established state machine standards. If the user wants to enable the guarantees and play with the new stuff, she should do it explicitly. To conclude: Andreas, whatever you decide is fine with me. Even now, fsm gives you a lot of flexibility in how to handle faults. Great job overall and thanks for sharing it! Eugene