Just a simple question. What is the status of Design by contract in C+
+?
Is it planned, rejected, not discussed, etc...

Design by contract is one of most useful ideas I have stumbled upon
while developing software. It opens really new possibilities including
better optimizations, better code control during compilation, and even
some level of automatic verification. Would be really nice to see it
implemented in C++.

Thx for answers...
Bc. Simon Toth

---
[ comp.std.c++ is moderated.  To submit articles, try just posting with ]
[ your news-reader.  If that fails, use mailto:std-c++@ncar.ucar.edu    ]
[              --- Please see the FAQ before posting. ---               ]
[ FAQ: http://www.comeaucomputing.com/csc/faq.html                      ]

Let_Me_Be wrote:
> Just a simple question. What is the status of Design by contract in C+
> +?
> Is it planned, rejected, not discussed, etc...
>
> Design by contract is one of most useful ideas I have stumbled upon
> while developing software. It opens really new possibilities including
> better optimizations, better code control during compilation, and even
> some level of automatic verification. Would be really nice to see it
> implemented in C++.
>
> Thx for answers...
> Bc. Simon Toth

    It's basically hopeless for C++.  The semantics of the language
aren't tight enough to make it sound.  People make noises in that
direction occasionally, and there are some hacks that create the
illusion of actually enforcing some rules, but none of them really
create any strong assurances of anything.  Until you're willing to
declare "undefined behavior" to be a program error, fix the language
so that you never have to lie to the compiler, and define a way
for the language to know which locks lock which data, your language
isn't ready for design by contract.

    But take a look at "Spec#", which is design by contract for C#,
backed by a proof of correctness system and theorem prover.  That's
a project out of Microsoft Research, and the approach is sound.
Some of the people who did the proof of correctness system for
Modula 3 at DEC SRL, before Compaq bought DEC and killed research,
are working on Spec#.

    John Nagle
    Animats

---
[ comp.std.c++ is moderated.  To submit articles, try just posting with ]
[ your news-reader.  If that fails, use mailto:std-c++@ncar.ucar.edu    ]
[              --- Please see the FAQ before posting. ---               ]
[ FAQ: http://www.comeaucomputing.com/csc/faq.html                      ]

John Nagle wrote:
> Let_Me_Be wrote:
>
>> Just a simple question. What is the status of Design by contract in C+
>> +?
>> Is it planned, rejected, not discussed, etc...

It is certainly not discussed for the time being as all time is being
used for C++0x. You may view the latest proposal here:

   http://www.open-std.org/JTC1/SC22/WG21/docs/papers/2006/n1962.html

The proposal is stalled because we don't have resources to implement
it.

>> Design by contract is one of most useful ideas I have stumbled upon
>> while developing software. It opens really new possibilities including
>> better optimizations, better code control during compilation, and even
>> some level of automatic verification. Would be really nice to see it
>> implemented in C++.

Indeed.

>    It's basically hopeless for C++.  The semantics of the language
> aren't tight enough to make it sound.  People make noises in that
> direction occasionally, and there are some hacks that create the
> illusion of actually enforcing some rules, but none of them really
> create any strong assurances of anything.

This is a bit wierd to read.

> Until you're willing to
> declare "undefined behavior" to be a program error, fix the language
> so that you never have to lie to the compiler, and define a way
> for the language to know which locks lock which data, your language
> isn't ready for design by contract.

So you can't have design by contract without getting read of undefined
behavior first?

I strongly disagree. It seems to me that DbC is even more important in
such a language becuase it via runtime cheks can help remove cases of
undefined behavior.

-Thorsten

---
[ comp.std.c++ is moderated.  To submit articles, try just posting with ]
[ your news-reader.  If that fails, use mailto:std-c++@ncar.ucar.edu    ]
[              --- Please see the FAQ before posting. ---               ]
[ FAQ: http://www.comeaucomputing.com/csc/faq.html                      ]

On Mar 2, 12:29 am, "Let_Me_Be" <Happy.Cerbe...@gmail.com> wrote:
> Just a simple question. What is the status of Design by
> contract in C+ +?  Is it planned, rejected, not discussed,
> etc...

There's a proposal to add it to the language.  (Not that I think
it's really necessary.)

> Design by contract is one of most useful ideas I have stumbled upon
> while developing software. It opens really new possibilities including
> better optimizations, better code control during compilation, and even
> some level of automatic verification. Would be really nice to see it
> implemented in C++.

I regularly use design by contract in C++.  Compilers don't
support it directly, so you don't normally get better
optimizations (but you could, if the compiler were more
intelligent), but that's not the purpose, either.  The purpose
is to increase the reliability of the code, and this is
currently available already, albeit at the cost of a few
additional lines of code.

--
James Kanze (GABI Software)             email:james.kanze@gmail.com
Conseils en informatique orient   e objet/
                   Beratung in objektorientierter Datenverarbeitung
9 place S   mard, 78210 St.-Cyr-l'   cole, France, +33 (0)1 30 23 00 34


---
[ comp.std.c++ is moderated.  To submit articles, try just posting with ]
[ your news-reader.  If that fails, use mailto:std-c++@ncar.ucar.edu    ]
[              --- Please see the FAQ before posting. ---               ]
[ FAQ: http://www.comeaucomputing.com/csc/faq.html                      ]

John Nagle napsal:
> Let_Me_Be wrote:
> > Just a simple question. What is the status of Design by contract in C+
> > +?
> > Is it planned, rejected, not discussed, etc...
> >
> > Design by contract is one of most useful ideas I have stumbled upon
> > while developing software. It opens really new possibilities including
> > better optimizations, better code control during compilation, and even
> > some level of automatic verification. Would be really nice to see it
> > implemented in C++.
> >
> > Thx for answers...
> > Bc. Simon Toth
>
>     It's basically hopeless for C++.  The semantics of the language
> aren't tight enough to make it sound.  People make noises in that
> direction occasionally, and there are some hacks that create the
> illusion of actually enforcing some rules, but none of them really
> create any strong assurances of anything.  Until you're willing to
> declare "undefined behavior" to be a program error, fix the language
> so that you never have to lie to the compiler, and define a way
> for the language to know which locks lock which data, your language
> isn't ready for design by contract.

I have to strongly disagree. There have to be two steps, 1) add syntax
for design by contract + define the behaviour, 2) implement support in
compiler. Your are actually mixing this two steps into one.

Adding syntax support + defining the behaviour is the purpose of
language standard. The second step (what will be done with the
informations provided by the programmer) is the purpose of the
compiler. Of course it will take some time, before anyone implements
such feature, but if it is not made a standard feature, will won't get
past hacks, which simply don't work.

>     But take a look at "Spec#", which is design by contract for C#,
> backed by a proof of correctness system and theorem prover.  That's
> a project out of Microsoft Research, and the approach is sound.
> Some of the people who did the proof of correctness system for
> Modula 3 at DEC SRL, before Compaq bought DEC and killed research,
> are working on Spec#.

Microsoft is giving big hopes into automatic verification lately. But
C# is a dead language for me. If I would have to write some GUI/
Business application, I would rather choose Java. For everything else
(well except some repetitive stuff where I use a mix of scripting
languages) i use C++.

Bc. Simon Toth

---
[ comp.std.c++ is moderated.  To submit articles, try just posting with ]
[ your news-reader.  If that fails, use mailto:std-c++@ncar.ucar.edu    ]
[              --- Please see the FAQ before posting. ---               ]
[ FAQ: http://www.comeaucomputing.com/csc/faq.html                      ]