First page Back Continue Last page Summary Graphics
the basic guarantee
The "death zone" – getting too high
The cost of the strong guarantee
How it can kill applications
The alternative peak
Notes:
On terrestrial mountains above a certain height there is a “death zone” where the supply of oxygen is insufficient to support life.
Something similar happens with exception safety: there is a cost to implementing the strong exception safety guarantee. In our example we've constructed new parts "off to the side’ (to use Herb Sutter's phrase) before making any changes.
We've seen how this works as a technique for reaching the peak, but there is a cost to this practice – it takes time and memory to construct these new parts. Often this isn't a problem – but sometimes the objects are so expensive to construct, or the operation invoked so frequently that we are driven to trade a little exception safety for speed and/or memory.
A very hard route to strong exception-safery is make changes in place and to be prepared to back out changes. It can be done – but be prepared for very careful inspections of such code.
The alternative is to update data structures in place and accept that an exception could leave the changes incomplete and the system in an unknown. The important thing is to ensure that nothing will go horribly wrong – the basic exception safety guarantee.