Slashdot Mirror

← Back to Stories (view on slashdot.org)

Design by Contract in C++?

Posted by ryuzaki0 on from the take-from-one-language-for-use-in-another dept.

An anonymous reader asks: "I have read some of the stuff on Eiffel, watched their tutorial videos about design by contract, and the entire thing sounds like a pretty good idea. However, the problem is that we don't use Eiffel at work, and I highly doubt I could get people to come around to the idea of switching to it. Although we use a lot of C++, I can imagine that a lot of the ideas from Eiffel can be applied there. I have looked around on the net and found a few articles talking about different ways of applying design by contract using assert statements and the like. I also found the dlib C++ library on SourceForge which, among other things, puts a design by contract face on a lot of API calls. So, there are obviously people doing it. What is everyone's experience with Design by Contract in C++? What tools are there that help make it a workable system? Lastly, are there any pitfalls to taking this approach in C++?"

9 of 114 comments (clear)

  1. Must Buy New Book For Latest Proggramming Fad! by __aaclcg7560 · · Score: 3, Informative

    It must be a conspiracy with the technical publishers to keep coming up with new technology fads to create a demand for new editions of old books. I stopped buying doorstoppers years ago because of this.

  2. C++0x by DreadSpoon · · Score: 3, Informative

    One of the proposed additions for C++0x includes Contract Programming functionality built into the core language/library.

    Do a Google search for "c++ std wg" to find the working group page, which includes a list of papers and proposals.

  3. The Pragmatic Programmer by Psionicist · · Score: 3, Informative


    The book The Pragmatic Programmer by Andrew Hunt and David Thomas has a chapter about Design by Contract. As it's a very good book (almost a classic) about lots of different things, I suggest you read it. Check out the reviews at Amazon, they are true.

  4. Use AOP by LLuthor · · Score: 2, Informative

    I have only every used AspectJ, not AspectC so take this with a grain of salt. AOP is basically the holy grail of design by contract. You can decide and implement powerful contracts and assertions and apply them at compile time or runtime with very little effort. They can be maintained with the code itself or as a separate aspect implemented at a higher level.

    Best of all, you can use as little or as much as you want and it will not interfere with your current code.

    AspectC++

    --
    LL
  5. How about D by Hyram+Graff · · Score: 2, Informative

    The D programming language seems to support the idea of design by contract as a standard. From the litle I know about D, the language is close enough to C++ that a switch would be easy.

    --
    0*0
    00*
    ***
    1. Re:How about D by Anonymous Coward · · Score: 1, Informative

      You mean the programming language which it's author keeps on spamming the C++ newsgroups about how great D is and how everyone should drop C/C++ and move to D?

      Do you mean the programming language which the author, trying to compare it to other languages in terms of features, insists on ignoring obvious functionality and features of the other languages and insists on ignoring and not correcting the comparissons even when hordes of messages informing and demonstrating him that his comparisson are full bullshit? For god's sake, the man claims that C++ doesn't have resizeable arrays, built-in strings, garbage collection or even class properties!

      Do you mean the programming language which the author, in the code comparisson between D and other languages, insists in writing piss-poor, mangled code in the other language examples and insists on presenting that same piss-poor code even when hordes of complaints and corrections are sent to him?

      No thanks. The D programming language is simply a C++ clone with cosmetic changes and braindamaged options which doesn't offer anything new or better than C++. To top things off, the author is a troll who acts like he wants a piece of the admiration that Stroustrup gets.

  6. Never use assertions to check input by coyote-san · · Score: 2, Informative

    I mostly agree with you, but there's one key difference. You should never use assertions in place of input validation. You must always code as if the assertions aren't there.

    BUT, and this is important, there are times when you can have a legitimate business decision to skip input validation when the cost of the checking is higher than the cost of a mistake, esp. when these are internal methods that should never get unsanitized input. In those cases you may want to have contractual assertions without a corresponding regular check. Those cases should be clearly indicated, e.g., by using a different set of assert macros.

    --
    For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
  7. Several options by Coryoth · · Score: 4, Informative

    There are several options. You can simply use macros as many people do. It's clunky and tends to have issues with inheritance and documentation, but it gets the job done. Alternatively you can try the digital mars c++ compiler which supports design by contract, or if your co-workers are willing to stretch a little bit you can try the D programming language from digital mars which is very similar to C++ but offers native contracts as well as a host of other nice features. Otherwise you can go the proprietary route and get C2 which is a C++ code generator that uses comment annotations to manage contracts and is a little slicker than the macro approach.

    --
    Craft Beer Programming T-shirts
  8. Design by Contract already implemented by WalterBright · · Score: 2, Informative

    in Digital Mars C++. See contracts.