Date: Thu, 20 Feb 2025 15:21:39 -0600
After reading the discussion and thinking for a week, I wonder if what you really want isn't a contract for lifetime.
class foo {
public:
foo(sometype* A, othertype& B )
pre(std::objectHasLifetimeOfClass(A))
pre(std::objectHasLifetimeOfClass(B))
// other contract items here
};
Of course the syntax is bikeshedable, the idea is that I want a contract on lifetime, which I think is clear. Anyone who does a lot of dependency injection often runs into cases where you have a constructor parameter that you don't want to own or make a shared_ptr since program construction should already correctly defined your lifetime and so tracking it again is just a waste of system resources. However you do need to indicate to your fellow programmers that you are saving this parameter beyond the scope of the function in question so that your whole program construction/setup happens correctly
In particular I want the compiler to optimize out everything about the system in production. I don't care that much that there is a race condition if this is used multi-threaded: the program is already broke. I want sanitizers to stop if I destroy the main object and there are any observers - even if the observers will provably never be dereferenced I still have a bug if the object is invalid. This is an indication to my fellow programmer about intent that can also be used to prove the system is sane in various ways.
The above is what I want. I do not know how I the above could be implemented and so it isn't worth trying to write a paper. What you have proposed is similar enough to what I want that I would use it.
Note that I've described very different sets of wants from what your proposal would give if you just write it in the obvious way. Your paper should at least discuss what I want, and if it is what you desire. Even though I don't have a need I can see a use for your object pointer that has the forced one owner schematics of a unique_ptr, but non-owners find out when it is destroyed if that is what you want.
class foo {
public:
foo(sometype* A, othertype& B )
pre(std::objectHasLifetimeOfClass(A))
pre(std::objectHasLifetimeOfClass(B))
// other contract items here
};
Of course the syntax is bikeshedable, the idea is that I want a contract on lifetime, which I think is clear. Anyone who does a lot of dependency injection often runs into cases where you have a constructor parameter that you don't want to own or make a shared_ptr since program construction should already correctly defined your lifetime and so tracking it again is just a waste of system resources. However you do need to indicate to your fellow programmers that you are saving this parameter beyond the scope of the function in question so that your whole program construction/setup happens correctly
In particular I want the compiler to optimize out everything about the system in production. I don't care that much that there is a race condition if this is used multi-threaded: the program is already broke. I want sanitizers to stop if I destroy the main object and there are any observers - even if the observers will provably never be dereferenced I still have a bug if the object is invalid. This is an indication to my fellow programmer about intent that can also be used to prove the system is sane in various ways.
The above is what I want. I do not know how I the above could be implemented and so it isn't worth trying to write a paper. What you have proposed is similar enough to what I want that I would use it.
Note that I've described very different sets of wants from what your proposal would give if you just write it in the obvious way. Your paper should at least discuss what I want, and if it is what you desire. Even though I don't have a need I can see a use for your object pointer that has the forced one owner schematics of a unique_ptr, but non-owners find out when it is destroyed if that is what you want.
Received on 2025-02-20 21:22:03