// Copyright 2017 PDFium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifndef CORE_FXCRT_UNOWNED_PTR_H_ #define CORE_FXCRT_UNOWNED_PTR_H_ #include <functional> #include <memory> #include <type_traits> #include <utility> // UnownedPtr is a smart pointer class that behaves very much like a // standard C-style pointer. The advantages of using it over raw // pointers are: // // 1. It documents the nature of the pointer with no need to add a comment // explaining that is it // Not owned. Additionally, an attempt to delete // an unowned ptr will fail to compile rather than silently succeeding, // since it is a class and not a raw pointer. // // 2. When built for a memory tool like ASAN, the class provides a destructor // which checks that the object being pointed to is still alive. // // Hence, when using UnownedPtr, no dangling pointers are ever permitted, // even if they are not de-referenced after becoming dangling. The style of // programming required is that the lifetime an object containing an // UnownedPtr must be strictly less than the object to which it points. // // The same checks are also performed at assignment time to prove that the // old value was not a dangling pointer, either. // // The array indexing operation [] is not supported on an unowned ptr, // because an unowned ptr expresses a one to one relationship with some // other heap object. namespace fxcrt { template <class T> class UnownedPtr { public: UnownedPtr() = default; UnownedPtr(const UnownedPtr& that) : UnownedPtr(that.Get()) {} template <typename U> explicit UnownedPtr(U* pObj) : m_pObj(pObj) {} // Deliberately implicit to allow returning nullptrs. // NOLINTNEXTLINE(runtime/explicit) UnownedPtr(std::nullptr_t ptr) {} ~UnownedPtr() { ProbeForLowSeverityLifetimeIssue(); } UnownedPtr& operator=(T* that) { ProbeForLowSeverityLifetimeIssue(); m_pObj = that; return *this; } UnownedPtr& operator=(const UnownedPtr& that) { ProbeForLowSeverityLifetimeIssue(); if (*this != that) m_pObj = that.Get(); return *this; } bool operator==(const UnownedPtr& that) const { return Get() == that.Get(); } bool operator!=(const UnownedPtr& that) const { return !(*this == that); } bool operator<(const UnownedPtr& that) const { return std::less<T*>()(Get(), that.Get()); } template <typename U> bool operator==(const U* that) const { return Get() == that; } template <typename U> bool operator!=(const U* that) const { return !(*this == that); } T* Get() const { return m_pObj; } T* Release() { ProbeForLowSeverityLifetimeIssue(); T* pTemp = nullptr; std::swap(pTemp, m_pObj); return pTemp; } explicit operator bool() const { return !!m_pObj; } T& operator*() const { return *m_pObj; } T* operator->() const { return m_pObj; } private: inline void ProbeForLowSeverityLifetimeIssue() { #if defined(MEMORY_TOOL_REPLACES_ALLOCATOR) if (m_pObj) reinterpret_cast<const volatile uint8_t*>(m_pObj)[0]; #endif } T* m_pObj = nullptr; }; template <typename T, typename U> inline bool operator==(const U* lhs, const UnownedPtr<T>& rhs) { return rhs == lhs; } template <typename T, typename U> inline bool operator!=(const U* lhs, const UnownedPtr<T>& rhs) { return rhs != lhs; } } // namespace fxcrt using fxcrt::UnownedPtr; #endif // CORE_FXCRT_UNOWNED_PTR_H_