Document number | D3268R0 |
Date | 2024-05-07 |
Reply-to | Peter Bindels <dascandy@gmail.com> |
Targeted subgroups | SG21, EWG |
We have a commercial code base of 2.5 million lines of code. Analysis is done on a checkout from 2016. Asserts are found by recursively grepping for either ASSERT or assert. The former returns a company-specific assert, the latter returns the C standard assert. Results are filtered to exclude non-C++ results, and to remove static_assert's (as they are out of scope of this investigation).
This returns us 992 uses of the ASSERT macro, and 6755 uses of the assert macro, for a total of 7747 asserts.
These asserts were visually checked for function invocations, and any function that was invoked that was not a known-good function was retained for later analysis. This removed 7561 asserts, leaving 186 to check manually. About 10% of these checks are of the assert(false); or assert(0); form, indicating that something happened that should never occur. About 15% of these checks check that a pointer (parameter, member) is not null, or is null, either explicitly or implicitly. The rest are arithmetic combinations, boolean members, or function invocations of functions known to be const-correct.
The final 186 function invocations split as follows:
In total, in this code base, we find that the estimated time to fix all problems that constification would cause would take an estimated 2 hours of a single engineer to fix.
In total, about 1 in every 300 asserts needs attention in this sample code base, at an occurrence of about 1 out of 100'000 lines needing attention.
Extrapolating this, I see no reason to remove constification from P2900, as the impact on a code base is too minimal to cause issues.