Boost logo

Boost :

Subject: [boost] Formal Review Request: Boost.Contract
From: Lorenzo Caminiti (lorcaminiti_at_[hidden])
Date: 2012-06-04 13:37:54

Hello all,

I have released Contract++ 0.4.0 on SourceForge. If ever accepted into
Boost, this library will be Boost.Contract (and all macros/symbols
will be prefixed by BOOST_/boost::).

This library implements Contract Programming for the C++ programming
language (see the end of this email). In addition, the library
implements virtual specifiers (final, override, and new, see C++11),
concept checking, and named parameters.
This library is implemented for the C++03 standard and it does not
require C++11.



I would like to request a formal Boost review of the library.

Comments are welcome!



Contract Programming is also known as Design by Contract(TM) and it
was first introduced by the Eiffel programming language. All Contract
Programming features of the Eiffel programming language are supported
by this library, among others:

* Support for preconditions, postconditions, class invariants, block
invariants, and loop variants.
* Subcontract derived classes (with support for pure virtual functions
and multiple inheritance).
* Access expression old values and function return value in postconditions.
* Optional compilation and checking of preconditions, postconditions,
class invariants, block invariants, and loop variants.
* Customizable actions on contract assertion failure (terminate by
default but it can throw, exit, etc).

All features:


The example below shows how to use this library to program contracts
for the STL member function std::vector::push_back (in order to
illustrate subcontracting, the vector class inherits from the somewhat
arbitrary pushable base class).

#include <contract.hpp> // This library.
#include <boost/concept_check.hpp>
#include <vector>
#include "pushable.hpp" // Some base class.

    template( typename T ) requires( boost::CopyConstructible<T> ) // Concepts.
    class (vector) extends( public pushable<T> ) // Subcontracting.
) {
        empty() == (size() == 0) // More class invariants here...

    public: typedef typename std::vector<T>::size_type size_type;
    public: typedef typename std::vector<T>::const_reference const_reference;

        public void (push_back) ( (T const&) value ) override
                size() < max_size() // More preconditions here...
                auto old_size = CONTRACT_OLDOF size(), // Old-of values.
                size() == old_size + 1 // More postconditions here...
    ) {
        vector_.push_back(value); // Original function body.

    // Rest of class here (possibly with more contracts)...
    public: bool empty ( void ) const { return vector_.empty(); }
    public: size_type size ( void ) const { return vector_.size(); }
    public: size_type max_size ( void ) const { return vector_.max_size(); }
    public: const_reference back ( void ) const { return vector_.back(); }

    private: std::vector<T> vector_;


This library suffers of two limitations:

1. The unusual syntax used to declare classes and functions within the
macros which causes cryptic compiler errors when not used correctly
(syntax error checking and reporting could be somewhat improved in
future revisions of the library but there are fundamental limitations
on what can be done using the preprocessor).

2. High compilation times (the authors have not tried to optimize the
library proprocessor and template meta-programming code yet, that will
be the focus of future releases).

This library could be extended to also support concept definitions (at
least for C++11):

Boost list run by bdawes at, gregod at, cpdaniel at, john at