Narrow Contracts and `noexcept` are Inherently Incompatible in C++ - John Lakos - ACCU 2024
ฝัง
- เผยแพร่เมื่อ 27 มิ.ย. 2024
- ACCU Membership: tinyurl.com/ydnfkcyn
---
Narrow Contracts and `noexcept` are Inherently Incompatible in C++ - John Lakos - ACCU 2024
---
A contract is a plain-language specification of whatever essential behavior a given function promises to deliver when invoked in contract. A function that has at least one syntactically valid combination of state and input for which the behavior is undefined has a precondition and is therefore said to have a narrow contract. The Lakos Rule effectively prohibits placing the `noexcept` specifier (introduced in C++11) on any function that would otherwise have a narrow contract.
This talk begins with a reprise of contracts, essential behavior, and preconditions. We’ll then go on to contrast two classic software design principles, Design by Contract and Liskov Substitutability, and then use the latter to explain how both backward compatibility and wide implementations benefit from scrupulously adhering to The Lakos Rule. We conclude that best practice is to follow this rule, especially in the specification of the C++ Standard Library, and we close with a welcome solution that satisfies essentially all needs and wants of the eclectic C++ multiverse.
Slides: accu.org/conf-previous/accu2024/
Sponsored By think-cell and Bloomberg
---
John Lakos
John Lakos, author of Large-Scale C++ Software Design (Pearson, 1997), serves at Bloomberg LP in New York City as a senior architect and mentor for C++ Software Development worldwide. He is also an active voting member of the C++ Standards Committee’s Evolution Working Group. Previously, Dr. Lakos directed the design and development of infrastructure libraries for proprietary analytical financial applications at Bear Stearns. For 12 years prior, Dr. Lakos developed large frameworks and advanced ICCAD applications at Mentor Graphics, for which he holds multiple software patents. His academic credentials include a Ph.D. in Computer Science ('97) and an Sc.D. in Electrical Engineering ('89) from Columbia University. Dr. Lakos received his undergraduate degrees from MIT in Mathematics ('82) and Computer Science ('81). He is the author of the multi-volume book Large-Scale C++, the first volume of which, Volume I: Process and Architecture (Pearson, 2020), is currently available, and subsequent volumes are forthcoming. He is the coauthor of Embracing Modern C++ Safely (Pearson, 2021) along with Vittorio Romeo, Rostislav Khlebnikov, and Alisdair Meredith.
---
The ACCU Conference is the annual conference of the ACCU membership, but is open to any and all who wish to attend. The tagline for the ACCU is 'Professionalism in Programming', which captures the whole spectrum of programming languages, tools, techniques and processes involved in advancing our craft. While there remains a core of C and C++ - with many members participating in respective ISO standards bodies - the conference, like the organisation, embraces other language ecosystems and you should expect to see sessions on C#, D, F#, Go, Javascript, Haskell, Java, Kotlin, Lisp, Python, Ruby, Rust, Swift and more.The ACCU Conference is a conference by programmers for programmers about programming.
Discounted rates for members.
ACCU Membership: tinyurl.com/ydnfkcyn
2024 Program: accu.org/conf-previous/accu2024/
accu.org
www.accuconference.org/
mastodon.social/@ACCUConf
/ accu-conference
bsky.app/profile/accuconf.bsk...
/ accuorg
/ accuconf
---
TH-cam Videos Filmed, Edited & Optimised by Digital Medium: events.digital-medium.co.uk
#accuconf #programming #cplusplus #cppprogramming #softwareengineering - วิทยาศาสตร์และเทคโนโลยี
![Keynote: Safety, Security, Safety[sic] and C/C++[sic] - C++ Evolution - Herb Sutter - ACCU 2024](http://i.ytimg.com/vi/EB7yR-1317k/mqdefault.jpg)
![Keynote: Safety, Security, Safety[sic] and C/C++[sic] - C++ Evolution - Herb Sutter - ACCU 2024](/img/tr.png)
Awesome, a new John Lakos talk: strapping in!
17:18 vectors have a member called size_type. Only any size that fits within that type can be the sizes of a vector. If a std::vector already has std::numeric_limits::max elements a push_back can't just grow the vector's size. I don't know if/how push_back is defined in this (extremely unlikely and on basically all machines and implementations impossible) case.
(on that slide. capacity specifically also returns size_type which usually is size_t but doesn't need to be)
@17:30 std::vector::max_size(), I don't think the standard actually specifies what happens when you try to push_back() when size() == max_size().
noexcept is important for reasons beyond performance, such as safety, realtime programming, and intuitive, predictable API's. Tragically, the C++ stdlb continues to rely on exceptions in 2024, ultimately encouraging programmers to switch to C, Go, Rust, assembler, and so on. Exceptions encourage bad data models. Exceptions overcomplicate program control flow. Exceptions waste screen real estate and mental cycles.
Any conflicts with noexcept are bugs in the compiler or bugs in language design.