Date: Tue, 14 Oct 2025 22:21:56 +0300
On Tue, Oct 14, 2025, 21:47 Ville Voutilainen via SG15 <
sg15_at_[hidden]> wrote:
> On Tue, 14 Oct 2025 at 21:42, Ryan McDougall <mcdougall.ryan_at_[hidden]>
> wrote:
> >
> > And there are existing deployments where it's not desired and not a
> requirement...
>
> That doesn't mean that hardening should be possible to be turned off
> by a contract evaluation semantic choice
>
One of the fundamental aspects of p2900 is that the person who write the
contract is not the one who selects the semantics for the application.
Is this aspect of contracts aligned with hardened libraries needs? The
discussion seems to reveal that not. And therefore the draft paper
mentioned earlier seems to be correct - contracts are not good fit for
standard library hardening.
applying to other code. Or more in the opposite direction, it doesn't
> mean that the choice of a contract evaluation semantic
> for other code should turn the hardening off.
>
> > The original sin is thinking that any one engineer knows all domains and
> anything that doesn't fit their preconceptions is universally wrong.
>
> Funny, you seem to be the only person in this discussion stating that
> something is universally wrong, or otherwise I have misunderstood
> what you think "patently false" means.
>
> >P2900 has been in development for a long time, and is useful and needed.
> The idea it's "unsafe" shows a lack of understanding of what that word
> means.
>
> Oh sure, it's a likely story that the critics of P2900 simply
> misunderstand something. In fact, a story so unlikely that it's safe
> to say it's patently false.
> _______________________________________________
> SG15 mailing list
> SG15_at_[hidden]
> https://lists.isocpp.org/mailman/listinfo.cgi/sg15
>
sg15_at_[hidden]> wrote:
> On Tue, 14 Oct 2025 at 21:42, Ryan McDougall <mcdougall.ryan_at_[hidden]>
> wrote:
> >
> > And there are existing deployments where it's not desired and not a
> requirement...
>
> That doesn't mean that hardening should be possible to be turned off
> by a contract evaluation semantic choice
>
One of the fundamental aspects of p2900 is that the person who write the
contract is not the one who selects the semantics for the application.
Is this aspect of contracts aligned with hardened libraries needs? The
discussion seems to reveal that not. And therefore the draft paper
mentioned earlier seems to be correct - contracts are not good fit for
standard library hardening.
applying to other code. Or more in the opposite direction, it doesn't
> mean that the choice of a contract evaluation semantic
> for other code should turn the hardening off.
>
> > The original sin is thinking that any one engineer knows all domains and
> anything that doesn't fit their preconceptions is universally wrong.
>
> Funny, you seem to be the only person in this discussion stating that
> something is universally wrong, or otherwise I have misunderstood
> what you think "patently false" means.
>
> >P2900 has been in development for a long time, and is useful and needed.
> The idea it's "unsafe" shows a lack of understanding of what that word
> means.
>
> Oh sure, it's a likely story that the critics of P2900 simply
> misunderstand something. In fact, a story so unlikely that it's safe
> to say it's patently false.
> _______________________________________________
> SG15 mailing list
> SG15_at_[hidden]
> https://lists.isocpp.org/mailman/listinfo.cgi/sg15
>
Received on 2025-10-14 19:22:11