P4009R0 — A proposal for solving all of the contracts concerns
(6 items)
EWG
This paper proposes a tweak to the C++26 contracts facility that shifts semantic selection from language-level configuration to library functions. Contract predicates use enforce semantics by default unless they return std::ignore, while standard library functions std::pre(), std::post(), and std::cassert() consult an implementation-defined configuration to select among observe, quick_enforce, enforce, or ignore semantics. The design aims to satisfy both audiences requiring guaranteed-enforced contracts and those needing flexible, configurable semantics, while keeping extensibility simple through ordinary function calls rather than complex language mechanisms.
- Section 'Diagnostic quality for violations', paragraph 2 — 'implementation-define' is missing the trailing 'd'; should be 'implementation-defined'. [1]
- Section 'Why do this now...', paragraph 1 — Subject-verb disagreement: 'reason ... are' should be 'reason ... is'. [2]
- Section 'Syntax and semantics', list item 3 (std::pre) — 'detemine' is misspelled; should be 'determine'. [3]
- Section 'Syntax and semantics', list item 4 (std::post) — 'detemine' is misspelled; should be 'determine'. [4]
- Section 'Syntax and semantics', list item 5 (std::cassert) — 'detemine' is misspelled; should be 'determine'. [5]
- Section 'Syntax and semantics', list item 3D (std::pre, 'enforce' semantic) — Double period '..' at end of sentence; should be a single '.'. [6]
References — Anthropic Citations API
[1]
"queries an implementation-defined configuration facility to detemine which semantic the precondition assertion should have"
"queries an implementation-defined configuration facility to detemine which semantic the precondition assertion should have"
[2]
"std::post() is a standard library function that queries an implementation-defined configuration facility to detemine which semantic the postcondition assertion should have"
"std::post() is a standard library function that queries an implementation-defined configuration facility to detemine which semantic the postcondition assertion should have"
[3]
"std::cassert() is a standard library function that queries an implementation-defined configuration facility to detemine which semantic the assertion statement should have"
"std::cassert() is a standard library function that queries an implementation-defined configuration facility to detemine which semantic the assertion statement should have"
[4]
"calls the violation handler and then contract-terminates the program.."
"calls the violation handler and then contract-terminates the program.."
[5]
"Non-portable ones can of course again choose to use the implementation-define mechanism directly."
"Non-portable ones can of course again choose to use the implementation-define mechanism directly."
[6]
"The reason this is being worked on are OMDB (and, OMNB) objections to what's in the draft now."
"The reason this is being worked on are OMDB (and, OMNB) objections to what's in the draft now."
Summary: Proposes replacing the current contracts syntax with library-based primitives (std::pre, std::post, std::cassert) that encode preconditions, postconditions, and assertions as function calls with configurable semantics (ignore, observe, enforce), aiming to resolve outstanding EWG concerns about the Contracts MVP.
Pipeline: Discovery (Anthropic Opus + Citations API) → Verification Gate (OpenRouter Opus) → Report Writer (OpenRouter Opus)
Provenance: All references are machine-verified character positions from the Anthropic Citations API — deterministic, exact substrings, not model-generated quotes.
Provenance: All references are machine-verified character positions from the Anthropic Citations API — deterministic, exact substrings, not model-generated quotes.