Commit graph

53 commits

Author SHA1 Message Date
Andreas Kling
b7e847e58b AK: Fix crash during teardown of self-owning objects
We now null out smart pointers *before* calling unref on the pointee.
This ensures that the same smart pointer can't be used to acquire a new
reference to the pointee after its destruction has begun.

I ran into this when destroying a non-empty IntrusiveList of RefPtrs,
but the problem was more general so this fixes it for all of RefPtr,
NonnullRefPtr, OwnPtr and NonnullOwnPtr.
2023-04-21 18:15:00 +02:00
Nico Weber
3c842d9d76 AK: Move try_make() to NonnullOwnPtr.h 2023-02-11 08:53:00 -05:00
Nico Weber
ca6090889a AK: Move adopt_nonnull_own_or_enomem() to NonnullOwnPtr.h
Rewrite the implementation to not depend on OwnPtr.h.

No intended behavior change.
2023-02-11 10:36:48 +01:00
Lenny Maiorani
f2336d0144 AK+Everywhere: Move custom deleter capability to OwnPtr
`OwnPtrWithCustomDeleter` was a decorator which provided the ability
to add a custom deleter to `OwnPtr` by wrapping and taking the deleter
as a run-time argument to the constructor. This solution means that no
additional space is needed for the `OwnPtr` because it doesn't need to
store a pointer to the deleter, but comes at the cost of having an
extra type that stores a pointer for every instance.

This logic is moved directly into `OwnPtr` by adding a template
argument that is defaulted to the default deleter for the type. This
means that the type itself stores the pointer to the deleter instead
of every instance and adds some type safety by encoding the deleter in
the type itself instead of taking a run-time argument.
2022-12-17 16:00:08 -05:00
Ali Mohammad Pur
f96a3c002a Everywhere: Stop shoving things into ::std and mentioning them as such
Note that this still keeps the old behaviour of putting things in std by
default on serenity so the tools can be happy, but if USING_AK_GLOBALLY
is unset, AK behaves like a good citizen and doesn't try to put things
in the ::std namespace.

std::nothrow_t and its friends get to stay because I'm being told that
compilers assume things about them and I can't yeet them into a
different namespace...for now.
2022-12-14 11:44:32 +01:00
Linus Groh
d26aabff04 Everywhere: Run clang-format 2022-12-03 23:52:23 +00:00
Andreas Kling
ae3ffdd521 AK: Make it possible to not using AK classes into the global namespace
This patch adds the `USING_AK_GLOBALLY` macro which is enabled by
default, but can be overridden by build flags.

This is a step towards integrating Jakt and AK types.
2022-11-26 15:51:34 +01:00
MacDue
3483407ddc AK: Return non-const types from Ptr class operators
Even if the pointer value is const, the value they point to is not
necessarily const, so these functions should not add the qualifier.

This also removes the redundant non-const implementations of these
operators.
2022-11-19 14:37:31 +00:00
Idan Horowitz
086969277e Everywhere: Run clang-format 2022-04-01 21:24:45 +01:00
Idan Horowitz
18b98f8c28 AK: Convert the try_make<T> factory function to use ErrorOr
This allows more ergonomic memory allocation failure related error
checking using the TRY macro.
2022-02-03 23:33:20 +01:00
sin-ack
9569841589 AK: Use Error::from_errno in adopt_nonnull_own_or_enomem
This fails to build on Lagom otherwise.
2022-01-13 15:16:12 +03:30
Sam Atkins
5013a6480d AK: Mark smart pointer classes as [[nodiscard]]
This makes it an error to not do something with a returned smart
pointer, which should help prevent mistakes. In cases where you do need
to ignore the value, casting to void will placate the compiler.

I did have to add comments to disable clang-format on a couple of lines,
where it wanted to format the code like this:

```c++
private : NonnullRefPtr() = delete;
```
2021-12-05 15:31:03 +01:00
Andreas Kling
79fa9765ca Kernel: Replace KResult and KResultOr<T> with Error and ErrorOr<T>
We now use AK::Error and AK::ErrorOr<T> in both kernel and userspace!
This was a slightly tedious refactoring that took a long time, so it's
not unlikely that some bugs crept in.

Nevertheless, it does pass basic functionality testing, and it's just
real nice to finally see the same pattern in all contexts. :^)
2021-11-08 01:10:53 +01:00
Andreas Kling
e841f3c283 AK: Add a variant of adopt_nonnull_own_or_enomem() for userspace
This variant returns ErrorOr<NonnullOwnPtr<T>> instead of KResultOr.
Eventually the KResultOr variant should go away once the kernel adopts
Error and ErrorOr<T>.
2021-11-08 00:35:27 +01:00
Luke Wilde
49259777ef Kernel: Note if the page fault address is a destroyed smart pointer
While I was working on LibWeb, I got a page fault at 0xe0e0e0e4.
This indicates a destroyed RefPtr if compiled with SANITIZE_PTRS
defined. However, the page fault handler didn't print out this
indication.

This makes the page fault handler print out a note if the faulting
address looks like a recently destroyed RefPtr, OwnPtr, NonnullRefPtr,
NonnullOwnPtr, ThreadSafeRefPtr or ThreadSafeNonnullRefPtr. It will
only do this if SANITIZE_PTRS is defined, as smart pointers don't get
scrubbed without it being defined.
2021-10-07 21:30:13 +02:00
sin-ack
566c5d1e99 AK+Kernel: Move KResult.h to Kernel/API for userspace access
This commit moves the KResult and KResultOr objects to Kernel/API to
signify that they may now be freely used by userspace code at points
where a syscall-related error result is to be expected. It also exposes
KResult and KResultOr to the global namespace to make it nicer to use
for userspace code.
2021-09-05 12:54:48 +02:00
Hendiadyoin1
607bddac96 AK: Use explode_byte for pointer sanitization 2021-08-23 12:30:29 +04:30
sin-ack
8269e1a197 AK: Add adopt_nonnull_own_or_enomem
This is basically a complement to adopt_nonnull_ref_or_enomem, and
simplifies boilerplate for try_create functions which just return ENOMEM
or the object based on whether it was able to allocate.
2021-08-15 15:41:02 +02:00
Daniel Bertalan
3c6bdb8a61 AK: Make smart pointer factories work with aggregates
Aggregate initialization with brace-enclosed parameters is a
[C++20 feature][1] not yet implemented by Clang. This caused compile
errors if we tried to use the factory functions to create smart pointers
to aggregates.

As a (temporary) fix, [the LWG's previously proposed solution][2] is
implemented by this commit.

Now, wherever it's not possible to direct-initialize, aggregate
initialization is performed.

[1]:
http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2019/p0960r3.html
[2]: http://www.open-std.org/jtc1/sc22/wg21/docs/lwg-active.html#2089
2021-07-03 01:56:31 +04:30
Daniel Bertalan
3162c9e214 AK: Make (Nonnull)OwnPtr work with abstract classes
Clang produced a compile error at this requires statement if `T` was an
abstract class.
2021-07-03 01:56:31 +04:30
Daniel Bertalan
00915e8948 AK: Add factory methods for creating smart pointers
These functions abstract away the need to call the proper new operator
("throwing" or "non-throwing") and manually adopt the resulting raw
pointer. Modelled after the existing `NonnullOwnPtr<T> make()`
functions, these forward their parameters to the object's constructor.

Note: These can't be used in the common "factory method" idiom, as
private constructors can't be called from a standalone function.

The naming is consistent with AK's and Shell's previous implementation
of these:
- `make` creates a `NonnullOwnPtr<T>` and aborts if the allocation could
  not be performed.
- `try_make` creates an `OwnPtr<T>`, which may be null if the allocation
  failed.
- `create` creates a `NonnullRefPtr<T>`, and aborts on allocation
  failure.
- `try_create` creates a `RefPtr<T>`, which may be null if the
  allocation was not successful.
2021-06-24 17:35:49 +04:30
Ali Mohammad Pur
2b5732ab77 AK+Kernel: Disallow implicitly lifting pointers to OwnPtr's
This doesn't really _fix_ anything, it just gets rid of the API and
instead makes the users explicitly use `adopt_own_if_non_null()`.
2021-05-31 17:09:12 +04:30
Brian Gianforcaro
b0fef03e3f AK: Introduce adopt_own_if_nonnull(..) to aid in Kernel OOM hardening
Unfortunately adopt_own requires a reference, which obviously does not
work well with when attempting to harden against allocation failure.
The adopt_own_if_nonnull() variant will allow you to avoid using bare
pointers, while still allowing you to handle allocation failure.
2021-05-13 08:29:01 +02:00
Itamar
b816bd0806 AK: Add ConstPeekType to Traits
Also, the PeekType of smart pointers is now T* instead of const T*.

Note: This commit doesn't compile, it breaks HashMap::get() for some
types. Fixed in the next commit.
2021-05-08 18:10:56 +02:00
Brian Gianforcaro
1682f0b760 Everything: Move to SPDX license identifiers in all files.
SPDX License Identifiers are a more compact / standardized
way of representing file license information.

See: https://spdx.dev/resources/use/#identifiers

This was done with the `ambr` search and replace tool.

 ambr --no-parent-ignore --key-from-file --rep-from-file key.txt rep.txt *
2021-04-22 11:22:27 +02:00
Andreas Kling
ef1e5db1d0 Everywhere: Remove klog(), dbg() and purge all LogStream usage :^)
Good-bye LogStream. Long live AK::Format!
2021-03-12 17:29:37 +01:00
Andreas Kling
5d180d1f99 Everywhere: Rename ASSERT => VERIFY
(...and ASSERT_NOT_REACHED => VERIFY_NOT_REACHED)

Since all of these checks are done in release builds as well,
let's rename them to VERIFY to prevent confusion, as everyone is
used to assertions being compiled out in release.

We can introduce a new ASSERT macro that is specifically for debug
checks, but I'm doing this wholesale conversion first since we've
accumulated thousands of these already, and it's not immediately
obvious which ones are suitable for ASSERT.
2021-02-23 20:56:54 +01:00
Lenny Maiorani
e6f907a155 AK: Simplify constructors and conversions from nullptr_t
Problem:
- Many constructors are defined as `{}` rather than using the ` =
  default` compiler-provided constructor.
- Some types provide an implicit conversion operator from `nullptr_t`
  instead of requiring the caller to default construct. This violates
  the C++ Core Guidelines suggestion to declare single-argument
  constructors explicit
  (https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#c46-by-default-declare-single-argument-constructors-explicit).

Solution:
- Change default constructors to use the compiler-provided default
  constructor.
- Remove implicit conversion operators from `nullptr_t` and change
  usage to enforce type consistency without conversion.
2021-01-12 09:11:45 +01:00
AnotherTest
060ddd2a7a AK: Really disallow making OwnPtrs from refcounted types
This looks at three things:
- if the type has a typedef `AllowOwnPtr', respect that
- if not, disallow construction if both of `ref()' and `unref()' are
  present.
Note that in the second case, if a type only defines `ref()' or only
defines `unref()', an OwnPtr can be created, as a RefPtr of that type
would be ill-formed.

Also marks a `Performance' to explicitly allow OwnPtrs.
2020-11-03 19:14:34 +01:00
Brian Gianforcaro
fa625a2690 AK: Decorate AK::OwnPtr::leak_ptr() with [[nodiscard]]
We should always leak to an observed variable, otherwise
it's an actual leak. This is similar to AK::RefPtr::leak_ref()
which is also marked as [[nodiscard]].
2020-08-05 16:12:00 +02:00
Sergey Bugaev
0466810638 AK: Ensure we never use OwnPtr<> with RefCounted types 2020-06-12 16:08:45 +02:00
Andreas Kling
4f200def9c AK: Stop allowing implicit downcast with OwnPtr and NonnullOwnPtr
Same issue here as we had with RefPtr and NonnullRefPtr.

Since we can't make copies of an owning pointer, we don't get quite the
same static_ptr_cast<T> here. Instead I've only added a new templated
version of OwnPtr::release_nonnull() in this patch, to solve the only
issue that popped up.

I'm not sure what the best solution here is, but this works for now.
2020-04-05 11:32:30 +02:00
joshua stein
7e6ac544f7 AK: Add ptr_hash to use int_hash or u64_hash depending on pointer size 2020-02-25 15:32:58 +01:00
Andreas Kling
6cbd72f54f AK: Remove bitrotted Traits::dump() mechanism
This was only used by HashTable::dump() which I used when doing the
first HashTable implementation. Removing this allows us to also remove
most includes of <AK/kstdio.h>.
2020-02-10 11:55:34 +01:00
Andreas Kling
ca413a5b50 AK: Use swap-based assignment in OwnPtr
Also provide a specialized swap(OwnPtr, OwnPtr) that allows swapping
an OwnPtr with itself.
2020-01-24 09:35:55 +01:00
Andreas Kling
94ca55cefd Meta: Add license header to source files
As suggested by Joshua, this commit adds the 2-clause BSD license as a
comment block to the top of every source file.

For the first pass, I've just added myself for simplicity. I encourage
everyone to add themselves as copyright holders of any file they've
added or modified in some significant way. If I've added myself in
error somewhere, feel free to replace it with the appropriate copyright
holder instead.

Going forward, all new source files should include a license header.
2020-01-18 09:45:54 +01:00
Andreas Kling
eaa9cf58f5 AK: Use int_hash() to generate less idiotic hashes for {Nonnull,}OwnPtr 2019-08-14 21:21:15 +02:00
Andreas Kling
fdcff7d15e AK: Make it possible to use HashMap<K, NonnullOwnPtr>::get()
Add the concept of a PeekType to Traits<T>. This is the type we'll
return (wrapped in an Optional) from HashMap::get().

The PeekType for OwnPtr<T> and NonnullOwnPtr<T> is const T*,
which means that HashMap::get() will return an Optional<const T*> for
maps-of-those.
2019-08-14 11:47:38 +02:00
Andreas Kling
f75b1127b2 OwnPtr: Add a way to turn an OwnPtr into a NonnullOwnPtr
Okay, so, OwnPtr<T>::release_nonnull() returns a NonnullOwnPtr<T>.
It assumes that the OwnPtr is non-null to begin with.

Note that this removes the value from the OwnPtr, as there can only be
a single owner.
2019-08-14 11:04:19 +02:00
Andreas Kling
d9cc3e453c AK: Add assertions when dereferencing an OwnPtr.
This will make it immediately obvious what the problem is when you're
dereferencing a null OwnPtr.
2019-08-02 10:34:40 +02:00
Andreas Kling
eeff0cd570 AK: Don't allow constructing an OwnPtr from a const NonnullOwnPtr&
OwnPtr's must move around, they can't be copy constructed.
2019-08-01 15:46:18 +02:00
Andreas Kling
28da5b002f AK: Add NonnullOwnPtr.
This is just like OwnPtr (also single-owner), except it cannot be null.

NonnullOwnPtr is perfect as the return type of functions that never need to
return nullptr.

It's also useful as an argument type to encode the fact that the argument
must not be nullptr.

The make<Foo>() helper is changed to return NonnullOwnPtr<Foo>.

Note: You can move() out of a NonnullOwnPtr, and after that the object is
in an invalid state. Internally it will be a nullptr at this point, so we'll
still catch misuse, but the only thing that should be done in this state
is running the destructor. I've used consumable annotations to generate some
warnings when using a NonnullOwnPtr after moving from it, but these only
work when compiling with clang, so be aware of that.
2019-07-24 08:32:11 +02:00
Andreas Kling
25e3d46502 AK: Delete bad pointer assignment operators and constructors.
We shouldn't allow constructing e.g an OwnPtr from a RefPtr, and similar
conversions. Instead just delete those functions so the compiler whines
loudly if you try to use them.

This patch also deletes constructing OwnPtr from a WeakPtr, even though
that *may* be a valid thing to do, it's sufficiently weird that we can
make the client jump through some hoops if he really wants it. :^)
2019-07-11 16:50:30 +02:00
Andreas Kling
1b013ba699 AK: Move some of LogStream out of line & add overloads for smart pointers. 2019-07-04 07:05:58 +02:00
Andreas Kling
d5bb98acbc AK: Defer to Traits<T> for equality comparison in container templates.
This is prep work for supporting HashMap with NonnullRefPtr<T> as values.
It's currently not possible because many HashTable functions require being
able to default-construct the value type.
2019-06-29 19:14:03 +02:00
Robin Burchell
0dc9af5f7e Add clang-format file
Also run it across the whole tree to get everything using the One True Style.
We don't yet run this in an automated fashion as it's a little slow, but
there is a snippet to do so in makeall.sh.
2019-05-28 17:31:20 +02:00
Andreas Kling
3f6408919f AK: Improve smart pointer ergonomics a bit. 2019-04-14 02:36:06 +02:00
Andreas Kling
ffab6897aa Big, possibly complete sweep of naming changes. 2019-01-31 17:31:23 +01:00
Andreas Kling
d2bb139c46 Support inserting a newline. 2018-12-05 01:43:07 +01:00
Andreas Kling
ca6847b5bb Import a simple text editor I started working on. 2018-12-04 00:27:16 +01:00