I usually only give one new talk a year, but this year I volunteered to give a second new talk at CppCon on a topic I haven’t spoken on before: draft C++26 contracts.
Thank you to all the experts, including the actual implementers and people who are for and against having contracts in C++26, for their time answering questions and providing papers and examples! I’ve done by best to represent the current status as I understand it, including all major positive must-knows and all major outstanding concerns and objections; any remaining errors are mine, not theirs.
I hope you find it useful!
Here is a copy of the talk abstract…
This talk is all about the C++26 contracts feature. It covers the following topics:
- Why defensive programming is a Good Thing (mainly for functional safety, but occasionally also for memory safety)
- Brief overview of C++26 contracts, and why they’re way better than C assert (spoiler: writing them on declarations, being able to use them in release builds, and language support is just way better than macros)
- The 3-page “Effective C++ Contracts book” — best practices you need to know to use them (spoiler: keep compound conditions together, don’t write side effects, understand the pros and cons of installing a throwing violation handler… that’s pretty much… it?)
- Why they’re viable, because they address the key things we need in production (which we’ll list)
- Why they’re minimal, because we actually need every part in C++26 to use them at scale (which we’ll do by systematically summarizing why each piece is necessary)
- What the future evolution of contracts holds (spoiler: virtual functions! groups/labels!)
- A review of Frequently Asked Questions
Sutter’s Mill 