/////////////////////////////////////////////////////////////////////////////// // // Copyright (c) 2015 Microsoft Corporation. All rights reserved. // // This code is licensed under the MIT License (MIT). // // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN // THE SOFTWARE. // /////////////////////////////////////////////////////////////////////////////// #ifndef GSL_POINTERS_H #define GSL_POINTERS_H #include "gsl/assert" // for Ensures, Expects #include // for ptrdiff_t, nullptr_t, size_t #include // for less, greater #include // for shared_ptr, unique_ptr, hash #include // for enable_if_t, is_convertible, is_assignable #include // for declval, forward #if !defined(GSL_NO_IOSTREAMS) #include // for ostream #endif // !defined(GSL_NO_IOSTREAMS) namespace gsl { namespace details { template struct is_comparable_to_nullptr : std::false_type { }; template struct is_comparable_to_nullptr< T, std::enable_if_t() != nullptr), bool>::value>> : std::true_type { }; // Resolves to the more efficient of `const T` or `const T&`, in the context of returning a const-qualified value // of type T. // // Copied from cppfront's implementation of the CppCoreGuidelines F.16 (https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#Rf-in) template using value_or_reference_return_t = std::conditional_t< sizeof(T) < 2*sizeof(void*) && std::is_trivially_copy_constructible::value, const T, const T&>; } // namespace details // // GSL.owner: ownership pointers // using std::shared_ptr; using std::unique_ptr; // // owner // // `gsl::owner` is designed as a safety mechanism for code that must deal directly with raw pointers that own memory. // Ideally such code should be restricted to the implementation of low-level abstractions. `gsl::owner` can also be used // as a stepping point in converting legacy code to use more modern RAII constructs, such as smart pointers. // // T must be a pointer type // - disallow construction from any type other than pointer type // template ::value, bool> = true> using owner = T; // // not_null // // Restricts a pointer or smart pointer to only hold non-null values. // // Has zero size overhead over T. // // If T is a pointer (i.e. T == U*) then // - allow construction from U* // - disallow construction from nullptr_t // - disallow default construction // - ensure construction from null U* fails // - allow implicit conversion to U* // template class not_null { public: static_assert(details::is_comparable_to_nullptr::value, "T cannot be compared to nullptr."); template ::value>> constexpr not_null(U&& u) noexcept(std::is_nothrow_move_constructible::value) : ptr_(std::forward(u)) { Expects(ptr_ != nullptr); } template ::value>> constexpr not_null(T u) noexcept(std::is_nothrow_move_constructible::value) : ptr_(std::move(u)) { Expects(ptr_ != nullptr); } template ::value>> constexpr not_null(const not_null& other) noexcept(std::is_nothrow_move_constructible::value) : not_null(other.get()) {} not_null(const not_null& other) = default; not_null& operator=(const not_null& other) = default; constexpr details::value_or_reference_return_t get() const noexcept(noexcept(details::value_or_reference_return_t(std::declval()))) { return ptr_; } constexpr operator T() const { return get(); } constexpr decltype(auto) operator->() const { return get(); } constexpr decltype(auto) operator*() const { return *get(); } // prevents compilation when someone attempts to assign a null pointer constant not_null(std::nullptr_t) = delete; not_null& operator=(std::nullptr_t) = delete; // unwanted operators...pointers only point to single objects! not_null& operator++() = delete; not_null& operator--() = delete; not_null operator++(int) = delete; not_null operator--(int) = delete; not_null& operator+=(std::ptrdiff_t) = delete; not_null& operator-=(std::ptrdiff_t) = delete; void operator[](std::ptrdiff_t) const = delete; void swap(not_null& other) { std::swap(ptr_, other.ptr_); } private: T ptr_; }; template ::value && std::is_move_constructible::value, bool> = true> void swap(not_null& a, not_null& b) { a.swap(b); } template auto make_not_null(T&& t) noexcept { return not_null>>{std::forward(t)}; } #if !defined(GSL_NO_IOSTREAMS) template std::ostream& operator<<(std::ostream& os, const not_null& val) { os << val.get(); return os; } #endif // !defined(GSL_NO_IOSTREAMS) template auto operator==(const not_null& lhs, const not_null& rhs) noexcept(noexcept(lhs.get() == rhs.get())) -> decltype(lhs.get() == rhs.get()) { return lhs.get() == rhs.get(); } template auto operator!=(const not_null& lhs, const not_null& rhs) noexcept(noexcept(lhs.get() != rhs.get())) -> decltype(lhs.get() != rhs.get()) { return lhs.get() != rhs.get(); } template auto operator<(const not_null& lhs, const not_null& rhs) noexcept(noexcept(std::less<>{}(lhs.get(), rhs.get()))) -> decltype(std::less<>{}(lhs.get(), rhs.get())) { return std::less<>{}(lhs.get(), rhs.get()); } template auto operator<=(const not_null& lhs, const not_null& rhs) noexcept(noexcept(std::less_equal<>{}(lhs.get(), rhs.get()))) -> decltype(std::less_equal<>{}(lhs.get(), rhs.get())) { return std::less_equal<>{}(lhs.get(), rhs.get()); } template auto operator>(const not_null& lhs, const not_null& rhs) noexcept(noexcept(std::greater<>{}(lhs.get(), rhs.get()))) -> decltype(std::greater<>{}(lhs.get(), rhs.get())) { return std::greater<>{}(lhs.get(), rhs.get()); } template auto operator>=(const not_null& lhs, const not_null& rhs) noexcept(noexcept(std::greater_equal<>{}(lhs.get(), rhs.get()))) -> decltype(std::greater_equal<>{}(lhs.get(), rhs.get())) { return std::greater_equal<>{}(lhs.get(), rhs.get()); } // more unwanted operators template std::ptrdiff_t operator-(const not_null&, const not_null&) = delete; template not_null operator-(const not_null&, std::ptrdiff_t) = delete; template not_null operator+(const not_null&, std::ptrdiff_t) = delete; template not_null operator+(std::ptrdiff_t, const not_null&) = delete; template ().get()), bool = std::is_default_constructible>::value> struct not_null_hash { std::size_t operator()(const T& value) const { return std::hash{}(value.get()); } }; template struct not_null_hash { not_null_hash() = delete; not_null_hash(const not_null_hash&) = delete; not_null_hash& operator=(const not_null_hash&) = delete; }; } // namespace gsl namespace std { template struct hash> : gsl::not_null_hash> { }; } // namespace std namespace gsl { // // strict_not_null // // Restricts a pointer or smart pointer to only hold non-null values, // // - provides a strict (i.e. explicit constructor from T) wrapper of not_null // - to be used for new code that wishes the design to be cleaner and make not_null // checks intentional, or in old code that would like to make the transition. // // To make the transition from not_null, incrementally replace not_null // by strict_not_null and fix compilation errors // // Expect to // - remove all unneeded conversions from raw pointer to not_null and back // - make API clear by specifying not_null in parameters where needed // - remove unnecessary asserts // template class strict_not_null : public not_null { public: template ::value>> constexpr explicit strict_not_null(U&& u) noexcept(std::is_nothrow_move_constructible::value) : not_null(std::forward(u)) {} template ::value>> constexpr explicit strict_not_null(T u) noexcept(std::is_nothrow_move_constructible::value) : not_null(std::move(u)) {} template ::value>> constexpr strict_not_null(const not_null& other) noexcept(std::is_nothrow_move_constructible::value) : not_null(other) {} template ::value>> constexpr strict_not_null(const strict_not_null& other) noexcept(std::is_nothrow_move_constructible::value) : not_null(other) {} // To avoid invalidating the "not null" invariant, the contained pointer is actually copied // instead of moved. If it is a custom pointer, its constructor could in theory throw exceptions. strict_not_null(strict_not_null&& other) noexcept(std::is_nothrow_copy_constructible::value) = default; strict_not_null(const strict_not_null& other) = default; strict_not_null& operator=(const strict_not_null& other) = default; strict_not_null& operator=(const not_null& other) { not_null::operator=(other); return *this; } // prevents compilation when someone attempts to assign a null pointer constant strict_not_null(std::nullptr_t) = delete; strict_not_null& operator=(std::nullptr_t) = delete; // unwanted operators...pointers only point to single objects! strict_not_null& operator++() = delete; strict_not_null& operator--() = delete; strict_not_null operator++(int) = delete; strict_not_null operator--(int) = delete; strict_not_null& operator+=(std::ptrdiff_t) = delete; strict_not_null& operator-=(std::ptrdiff_t) = delete; void operator[](std::ptrdiff_t) const = delete; }; // more unwanted operators template std::ptrdiff_t operator-(const strict_not_null&, const strict_not_null&) = delete; template strict_not_null operator-(const strict_not_null&, std::ptrdiff_t) = delete; template strict_not_null operator+(const strict_not_null&, std::ptrdiff_t) = delete; template strict_not_null operator+(std::ptrdiff_t, const strict_not_null&) = delete; template auto make_strict_not_null(T&& t) noexcept { return strict_not_null>>{std::forward(t)}; } #if (defined(__cpp_deduction_guides) && (__cpp_deduction_guides >= 201611L)) // deduction guides to prevent the ctad-maybe-unsupported warning template not_null(T) -> not_null; template strict_not_null(T) -> strict_not_null; #endif // ( defined(__cpp_deduction_guides) && (__cpp_deduction_guides >= 201611L) ) } // namespace gsl namespace std { template struct hash> : gsl::not_null_hash> { }; } // namespace std #endif // GSL_POINTERS_H