Re: Safety of the Booch Ada 95 Components

[Simon Wright <simon@pogner.demon.co.uk>]

herwin@gmu.edu (Harry Erwin) writes:

> Matthew Heaney <matthew_heaney@acm.org> wrote:
> 
> >   procedure Copy
> >     (From : in     Source_Type;
> >      To   : in out Target_Type) is
> >   begin
> >     if From'Address = To'Address then
> >       return;  -- do nothing, because From is same object as To
> >     end if;
> 
> That's missing from the code I've been looking at.

Yes, a clear defect, logged.

> Strong exception-safety == supports commit/rollback semantics.

Is that a standard definition?

> Apparently in the Booch components, if the copy goes bad, the To
> container has been cleared and is partially written. Basic exception
> safety (== the container is still useable) is probably supported.

Yes, this is the case for the Copy operation (which is *not* the
standard assignment operation!).

In a previous reply, I quoted the ALRM [7.6(17)] on controlled
assignment. I must say I don't fully understand from that what is
expected. At first (& nth) sight I don't see how one could achieve
your idea of strong exception safety.

I wonder what happens in C++ STL-based programming if operator new
fails in the middle of things?