SEI CERT C++ Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 8

changes.mady.by.user Aaron Ballman

Saved on

compared with

New Version 9

changes.mady.by.user Aaron Ballman

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Added some words and moved existing words around

...

When implementing a copy operator, do not mutate any externally observable members of the source object operand or globally accessible information. Externally observable members include, but are not limited to, members that participate in comparison or equality operations, members whose values are exposed via public APIs, and global variables.

Before C++11, a copy operation that mutated the source operand was the only way to provide move-like semantics. However, the language did not provide a way to enforce that this operation only occurred when the source operand was at the end of its lifetime, which led to fragile APIs like std::auto_ptr. In C++11 and later, such a situation is a good candidate for a move operation instead of a copy operation.

auto_ptr

For example, in C++03, std::auto_ptr had the following copy operation signatures (note: std::auto_ptr was deprecated in C++11) [ISO/IEC 14882-2003]:

Copy constructorauto_ptr(auto_ptr &A);
Copy assignmentauto_ptr& operator=(auto_ptr &A);

...

At this point, the sorting algorithm assumes that pivot_element and *mid_point have equivalent value representations and will compare equal. However, for std::auto_ptr, this is not the case because *mid_point has been mutated, and results unexpected behavior.

Before In C++11, a copy operation that mutated the source operand was the only way to provide move-like semantics. However, the language did not provide a way to enforce that this operation only occurred when the source operand was at the end of its lifetime, which led to fragile APIs like the std::unique_ptr smart pointer class was introduced as a replacement for std::auto_ptr to better specify the ownership semantics of pointer objects. Rather than mutate the source argument in a copy operation, std::unique_ptr explicitly deletes the copy constructor and copy assignment operator, and instead uses a move constructor and move assignment operator. Subsequently, std::auto_ptr. In  was deprecated in C++11 and later, such a situation is a good candidate for a move operation instead of a copy operation.

Noncompliant Code Example

In this noncompliant code example, the copy operations for A mutate the source operand by resetting its member variable m to 0. When std::fill() is called, the first element copied will have the original value of obj.m12, at which point obj.m is set to 0. The subsequent nine copies will all retain the value 0.

...