1030. Missing requirements for smart-pointer safety API

Section: D.16 [depr.util.smartptr.shared.atomic] Status: C++11 Submitter: Alisdair Meredith Opened: 2009-03-11 Last modified: 2017-12-02

Priority: Not Prioritized

View all other issues in [depr.util.smartptr.shared.atomic].

View all issues with C++11 status.


Addresses JP 44 [CD1]

The 1st parameter p and 2nd parameter v is now shared_ptr<T>*.

It should be shared_ptr<T>&, or if these are shared_ptr<T>* then add the "p shall not be a null pointer" at the requires.

[ Summit: ]

Agree. All of the functions need a requirement that p (or v) is a pointer to a valid object.

[ 2009-07 post-Frankfurt: ]

Lawrence explained that these signatures match the regular atomics. The regular atomics must not use references because these signatures are shared with C. The decision to pass shared_ptrs by pointer rather than by reference was deliberate and was motivated by the principle of least surprise.

Lawrence to write wording that requires that the pointers not be null.

[ 2009-09-20 Lawrence provided wording: ]

The parameter types for atomic shared pointer access were deliberately chosen to be pointers to match the corresponding parameters of the atomics chapter. Those in turn were deliberately chosen to match C functions, which do not have reference parameters.

We adopt the second suggestion, to require that such pointers not be null.

[ 2009-10 Santa Cruz: ]

Moved to Ready.

Proposed resolution:

In section "shared_ptr atomic access" [util.smartptr.shared.atomic], add to each function the following clause.

Requires: p shall not be null.