Problem:
- Many constructors are defined as `{}` rather than using the ` =
default` compiler-provided constructor.
- Some types provide an implicit conversion operator from `nullptr_t`
instead of requiring the caller to default construct. This violates
the C++ Core Guidelines suggestion to declare single-argument
constructors explicit
(https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#c46-by-default-declare-single-argument-constructors-explicit).
Solution:
- Change default constructors to use the compiler-provided default
constructor.
- Remove implicit conversion operators from `nullptr_t` and change
usage to enforce type consistency without conversion.
It's not an error to create a Userspace<T> that points to kernel memory
as the point of Userspace<T> is not to validate the address, but rather
to choose safe overloads that do validation before any data transfer
takes place.
Fixes#4581.
We were casting the address to Userspace<T> without validating it first
which is no good and will trap an assertion soon after.
Let's catch this sooner with an ASSERT in the Userspace<T> constructor
and update the PT_PEEK and PT_POKE handlers to avoid it.
Fixes#4505.
The Coverity compiler doesn't support C++2a yet, and thus doesn't
even recognize concept keywords. To allow serenity to be built and
analyzed on such compilers, add a fallback underdef to perform
the same template restriction based on AK::EnableIf<..> meta
programming.
Note: Coverity does seem to (annoyingly) define __cpp_concepts, even
though it doesn't support them, so we need to further check for
__COVERITY__ explicitly.
When using Userspace<T> there are certain syscalls where being able
to cast between types is needed. You should be able to easily cast
away the Userspace<T> wrapper, but it's perfectly safe to be able to
cast the internal type that is being wrapped.
This is a very cheesy patch and I don't like it, but as Qt Creator does
not grok C++20 concepts yet, this makes it possible to still use syntax
highlighting.
We'll remove this hack the moment it stops being a problem. Note that
it doesn't actually affect the build since we use GCC, not Clang.
It was a bit odd that you could create a Userspace<int> and that
Userspace<int>::ptr() returned an int instead of an int*.
Let's use C++20 concepts to only allow creating Userspace objects with
pointer types. :^)
Since we already have the type information in the Userspace template,
it was a bit silly to cast manually everywhere. Just add a sufficiently
scary-sounding getter for a typed pointer.
Thanks @alimpfard for pointing out that I was being silly with tossing
out the type.
In the future we may want to make this API non-public as well.
This will be used in the kernel to wrap pointers into userspace memory
without convenient direct access. The idea is to use the compiler to
enforce that we don't dereference userspace pointers.