<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8">
<meta name="generator" content="dascandy/fiets">
<title>
C++ Contracts Constification Challenges Concerning Current Code</title>
  <style type="text/css">
body {
  margin: 5em;
  font-family: sans-serif;
  hyphens: auto;
  line-height: 1.35;
}
ul {
  padding-left: 2em;
}
h1, h2, h3, h4 {
  position: relative;
  line-height: 1;
}
h1.title {
}
h2.subtitle {
}
h1.toc a, h2.toc a, h3.toc a, h4.toc a {
  text-decoration: none;
  color: #000000;
}
h1.toc a:hover, h2.toc a:hover, h3.toc a:hover, h4.toc a:hover {
  text-decoration: underline;
}
a.self-link {
  position: absolute;
  top: 0;
  left: calc(-1 * (3.5rem - 26px));
  width: calc(3.5rem - 26px);
  height: 2em;
  text-align: center;
  border: none;
  transition: opacity .2s;
  opacity: .5;
  font-family: sans-serif;
  font-weight: normal;
  font-size: 83%;
}
a.self-link:hover { opacity: 1; }
a.self-link::before { content: "§"; }
span.identifier {
  font-style: italic;
}
span.new {
  text-decoration: underline;
  background-color: #006e28;
}
div.code, span.code {
  font-family: Courier New, monospace;
  background-color: #e8e8e8;
  white-space: pre;
}
span.delete {
  text-decoration: line-through;
  background-color: #bf0303;
}
p.indent {
  margin-left: 50px;
}
p.quote {
  margin-left: 50px;
  border: 2px solid black;
  background-color: #f0f0e0;
}
table {
  border: 1px solid black;
  border-collapse: collapse;
  margin-left: auto;
  margin-right: auto;
  margin-top: 0.8em;
  text-align: left;
  hyphens: none; 
}
td, th {
  padding-left: 1em;
  padding-right: 1em;
  vertical-align: top;
}
th {
  border-bottom: 2px solid black;
  background-color: #f0f0f0;
}
</style>
</head>
<body>
<h1 class="title" style="text-align:center">C++ Contracts Constification Challenges Concerning Current Code</h1><table><tbody><tr><td> Document number </td><td> D3268R0 </td></tr><tr><td> Date </td><td> 2024-05-07 </td></tr><tr><td> Reply-to </td><td> Peter Bindels &lt;dascandy@gmail.com&gt; </td></tr><tr><td> Targeted subgroups </td><td> SG21, EWG </td></tr></tbody></table><h1 data-number="1" id="Overview-of-code-base"><span class="header-section-number">1</span> Overview of code base<a href="#Overview-of-code-base" class="self-link"></a></h1><p>We have a commercial code base of 2.5 million lines of code. Analysis is done on a checkout from 2016. Asserts are found by recursively grepping for either ASSERT or assert. The former returns a company-specific assert, the latter returns the C standard assert. Results are filtered to exclude non-C++ results, and to remove static_assert's (as they are out of scope of this investigation).</p><p>This returns us 992 uses of the ASSERT macro, and 6755 uses of the assert macro, for a total of 7747 asserts.</p><p>These asserts were visually checked for function invocations, and any function that was invoked that was not a known-good function was retained for later analysis. This removed 7561 asserts, leaving 186 to check manually. About 10% of these checks are of the <span class="code">assert(false);</span> or <span class="code">assert(0);</span> form, indicating that something happened that should never occur. About 15% of these checks check that a pointer (parameter, member) is not null, or is null, either explicitly or implicitly. The rest are arithmetic combinations, boolean members, or function invocations of functions known to be const-correct.</p><p>The final 186 function invocations split as follows:</p><ul><li>160 invoke const correct functions and are no issue.</li><li>One invokes just a dynamic_cast, which is not an issue.</li><li>8 invoke a function that is not const correct, but that does not modify the affected object.</li><li>13 invoke a function that retrieves an object for further action, where the function is lacking the const-returning const-qualified overload. This affects two functions, and is easily fixed.</li><li>4 invoke a function that is not const correct, and that will take more than a trivial amount of effort to fix.</li></ul><p>In total, in this code base, we find that the estimated time to fix all problems that constification would cause would take an estimated 2 hours of a single engineer to fix. </p><p>In total, about 1 in every 300 asserts needs attention in this sample code base, at an occurrence of about 1 out of 100'000 lines needing attention.</p><p>Extrapolating this, I see no reason to remove constification from P2900, as the impact on a code base is too minimal to cause issues.</p></body></html>
