Backed out changeset 818165fa787b (bug 1257415) for breaking l10n nightly's
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- *//* vim: set ts=8 sts=2 et sw=2 tw=80: *//* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. *//* Smart pointer managing sole ownership of a resource. */#ifndef mozilla_UniquePtr_h#define mozilla_UniquePtr_h#include"mozilla/Assertions.h"#include"mozilla/Attributes.h"#include"mozilla/Compiler.h"#include"mozilla/Move.h"#include"mozilla/Pair.h"#include"mozilla/TypeTraits.h"namespacemozilla{template<typenameT>classDefaultDelete;template<typenameT,classD=DefaultDelete<T>>classUniquePtr;}// namespace mozillanamespacemozilla{namespacedetail{structHasPointerTypeHelper{template<classU>staticdoubleTest(...);template<classU>staticcharTest(typenameU::pointer*=0);};template<classT>classHasPointerType:publicIntegralConstant<bool,sizeof(HasPointerTypeHelper::Test<T>(0))==1>{};template<classT,classD,bool=HasPointerType<D>::value>structPointerTypeImpl{typedeftypenameD::pointerType;};template<classT,classD>structPointerTypeImpl<T,D,false>{typedefT*Type;};template<classT,classD>structPointerType{typedeftypenamePointerTypeImpl<T,typenameRemoveReference<D>::Type>::TypeType;};}// namespace detail/** * UniquePtr is a smart pointer that wholly owns a resource. Ownership may be * transferred out of a UniquePtr through explicit action, but otherwise the * resource is destroyed when the UniquePtr is destroyed. * * UniquePtr is similar to C++98's std::auto_ptr, but it improves upon auto_ptr * in one crucial way: it's impossible to copy a UniquePtr. Copying an auto_ptr * obviously *can't* copy ownership of its singly-owned resource. So what * happens if you try to copy one? Bizarrely, ownership is implicitly * *transferred*, preserving single ownership but breaking code that assumes a * copy of an object is identical to the original. (This is why auto_ptr is * prohibited in STL containers.) * * UniquePtr solves this problem by being *movable* rather than copyable. * Instead of passing a |UniquePtr u| directly to the constructor or assignment * operator, you pass |Move(u)|. In doing so you indicate that you're *moving* * ownership out of |u|, into the target of the construction/assignment. After * the transfer completes, |u| contains |nullptr| and may be safely destroyed. * This preserves single ownership but also allows UniquePtr to be moved by * algorithms that have been made move-safe. (Note: if |u| is instead a * temporary expression, don't use |Move()|: just pass the expression, because * it's already move-ready. For more information see Move.h.) * * UniquePtr is also better than std::auto_ptr in that the deletion operation is * customizable. An optional second template parameter specifies a class that * (through its operator()(T*)) implements the desired deletion policy. If no * policy is specified, mozilla::DefaultDelete<T> is used -- which will either * |delete| or |delete[]| the resource, depending whether the resource is an * array. Custom deletion policies ideally should be empty classes (no member * fields, no member fields in base classes, no virtual methods/inheritance), * because then UniquePtr can be just as efficient as a raw pointer. * * Use of UniquePtr proceeds like so: * * UniquePtr<int> g1; // initializes to nullptr * g1.reset(new int); // switch resources using reset() * g1 = nullptr; // clears g1, deletes the int * * UniquePtr<int> g2(new int); // owns that int * int* p = g2.release(); // g2 leaks its int -- still requires deletion * delete p; // now freed * * struct S { int x; S(int x) : x(x) {} }; * UniquePtr<S> g3, g4(new S(5)); * g3 = Move(g4); // g3 owns the S, g4 cleared * S* p = g3.get(); // g3 still owns |p| * assert(g3->x == 5); // operator-> works (if .get() != nullptr) * assert((*g3).x == 5); // also operator* (again, if not cleared) * Swap(g3, g4); // g4 now owns the S, g3 cleared * g3.swap(g4); // g3 now owns the S, g4 cleared * UniquePtr<S> g5(Move(g3)); // g5 owns the S, g3 cleared * g5.reset(); // deletes the S, g5 cleared * * struct FreePolicy { void operator()(void* p) { free(p); } }; * UniquePtr<int, FreePolicy> g6(static_cast<int*>(malloc(sizeof(int)))); * int* ptr = g6.get(); * g6 = nullptr; // calls free(ptr) * * Now, carefully note a few things you *can't* do: * * UniquePtr<int> b1; * b1 = new int; // BAD: can only assign another UniquePtr * int* ptr = b1; // BAD: no auto-conversion to pointer, use get() * * UniquePtr<int> b2(b1); // BAD: can't copy a UniquePtr * UniquePtr<int> b3 = b1; // BAD: can't copy-assign a UniquePtr * * (Note that changing a UniquePtr to store a direct |new| expression is * permitted, but usually you should use MakeUnique, defined at the end of this * header.) * * A few miscellaneous notes: * * UniquePtr, when not instantiated for an array type, can be move-constructed * and move-assigned, not only from itself but from "derived" UniquePtr<U, E> * instantiations where U converts to T and E converts to D. If you want to use * this, you're going to have to specify a deletion policy for both UniquePtr * instantations, and T pretty much has to have a virtual destructor. In other * words, this doesn't work: * * struct Base { virtual ~Base() {} }; * struct Derived : Base {}; * * UniquePtr<Base> b1; * // BAD: DefaultDelete<Base> and DefaultDelete<Derived> don't interconvert * UniquePtr<Derived> d1(Move(b)); * * UniquePtr<Base> b2; * UniquePtr<Derived, DefaultDelete<Base>> d2(Move(b2)); // okay * * UniquePtr is specialized for array types. Specializing with an array type * creates a smart-pointer version of that array -- not a pointer to such an * array. * * UniquePtr<int[]> arr(new int[5]); * arr[0] = 4; * * What else is different? Deletion of course uses |delete[]|. An operator[] * is provided. Functionality that doesn't make sense for arrays is removed. * The constructors and mutating methods only accept array pointers (not T*, U* * that converts to T*, or UniquePtr<U[]> or UniquePtr<U>) or |nullptr|. * * It's perfectly okay to return a UniquePtr from a method to assure the related * resource is properly deleted. You'll need to use |Move()| when returning a * local UniquePtr. Otherwise you can return |nullptr|, or you can return * |UniquePtr(ptr)|. * * UniquePtr will commonly be a member of a class, with lifetime equivalent to * that of that class. If you want to expose the related resource, you could * expose a raw pointer via |get()|, but ownership of a raw pointer is * inherently unclear. So it's better to expose a |const UniquePtr&| instead. * This prohibits mutation but still allows use of |get()| when needed (but * operator-> is preferred). Of course, you can only use this smart pointer as * long as the enclosing class instance remains live -- no different than if you * exposed the |get()| raw pointer. * * To pass a UniquePtr-managed resource as a pointer, use a |const UniquePtr&| * argument. To specify an inout parameter (where the method may or may not * take ownership of the resource, or reset it), or to specify an out parameter * (where simply returning a |UniquePtr| isn't possible), use a |UniquePtr&| * argument. To unconditionally transfer ownership of a UniquePtr * into a method, use a |UniquePtr| argument. To conditionally transfer * ownership of a resource into a method, should the method want it, use a * |UniquePtr&&| argument. */template<typenameT,classD>classUniquePtr{public:typedefTElementType;typedefDDeleterType;typedeftypenamedetail::PointerType<T,DeleterType>::TypePointer;private:Pair<Pointer,DeleterType>mTuple;Pointer&ptr(){returnmTuple.first();}constPointer&ptr()const{returnmTuple.first();}DeleterType&del(){returnmTuple.second();}constDeleterType&del()const{returnmTuple.second();}public:/** * Construct a UniquePtr containing |nullptr|. */MOZ_CONSTEXPRUniquePtr():mTuple(static_cast<Pointer>(nullptr),DeleterType()){static_assert(!IsPointer<D>::value,"must provide a deleter instance");static_assert(!IsReference<D>::value,"must provide a deleter instance");}/** * Construct a UniquePtr containing |aPtr|. */explicitUniquePtr(PointeraPtr):mTuple(aPtr,DeleterType()){static_assert(!IsPointer<D>::value,"must provide a deleter instance");static_assert(!IsReference<D>::value,"must provide a deleter instance");}UniquePtr(PointeraPtr,typenameConditional<IsReference<D>::value,D,constD&>::TypeaD1):mTuple(aPtr,aD1){}// If you encounter an error with MSVC10 about RemoveReference below, along// the lines that "more than one partial specialization matches the template// argument list": don't use UniquePtr<T, reference to function>! Ideally// you should make deletion use the same function every time, using a// deleter policy://// // BAD, won't compile with MSVC10, deleter doesn't need to be a// // variable at all// typedef void (&FreeSignature)(void*);// UniquePtr<int, FreeSignature> ptr((int*) malloc(sizeof(int)), free);//// // GOOD, compiles with MSVC10, deletion behavior statically known and// // optimizable// struct DeleteByFreeing// {// void operator()(void* aPtr) { free(aPtr); }// };//// If deletion really, truly, must be a variable: you might be able to work// around this with a deleter class that contains the function reference.// But this workaround is untried and untested, because variable deletion// behavior really isn't something you should use.UniquePtr(PointeraPtr,typenameRemoveReference<D>::Type&&aD2):mTuple(aPtr,Move(aD2)){static_assert(!IsReference<D>::value,"rvalue deleter can't be stored by reference");}UniquePtr(UniquePtr&&aOther):mTuple(aOther.release(),Forward<DeleterType>(aOther.get_deleter())){}MOZ_IMPLICITUniquePtr(decltype(nullptr)):mTuple(nullptr,DeleterType()){static_assert(!IsPointer<D>::value,"must provide a deleter instance");static_assert(!IsReference<D>::value,"must provide a deleter instance");}template<typenameU,classE>MOZ_IMPLICITUniquePtr(UniquePtr<U,E>&&aOther,typenameEnableIf<IsConvertible<typenameUniquePtr<U,E>::Pointer,Pointer>::value&&!IsArray<U>::value&&(IsReference<D>::value?IsSame<D,E>::value:IsConvertible<E,D>::value),int>::TypeaDummy=0):mTuple(aOther.release(),Forward<E>(aOther.get_deleter())){}~UniquePtr(){reset(nullptr);}UniquePtr&operator=(UniquePtr&&aOther){reset(aOther.release());get_deleter()=Forward<DeleterType>(aOther.get_deleter());return*this;}template<typenameU,typenameE>UniquePtr&operator=(UniquePtr<U,E>&&aOther){static_assert(IsConvertible<typenameUniquePtr<U,E>::Pointer,Pointer>::value,"incompatible UniquePtr pointees");static_assert(!IsArray<U>::value,"can't assign from UniquePtr holding an array");reset(aOther.release());get_deleter()=Forward<E>(aOther.get_deleter());return*this;}UniquePtr&operator=(decltype(nullptr)){reset(nullptr);return*this;}T&operator*()const{return*get();}Pointeroperator->()const{MOZ_ASSERT(get(),"dereferencing a UniquePtr containing nullptr");returnget();}explicitoperatorbool()const{returnget()!=nullptr;}Pointerget()const{returnptr();}DeleterType&get_deleter(){returndel();}constDeleterType&get_deleter()const{returndel();}MOZ_WARN_UNUSED_RESULTPointerrelease(){Pointerp=ptr();ptr()=nullptr;returnp;}voidreset(PointeraPtr=Pointer()){Pointerold=ptr();ptr()=aPtr;if(old!=nullptr){get_deleter()(old);}}voidswap(UniquePtr&aOther){mTuple.swap(aOther.mTuple);}UniquePtr(constUniquePtr&aOther)=delete;// construct using Move()!voidoperator=(constUniquePtr&aOther)=delete;// assign using Move()!};// In case you didn't read the comment by the main definition (you should!): the// UniquePtr<T[]> specialization exists to manage array pointers. It deletes// such pointers using delete[], it will reject construction and modification// attempts using U* or U[]. Otherwise it works like the normal UniquePtr.template<typenameT,classD>classUniquePtr<T[],D>{public:typedefT*Pointer;typedefTElementType;typedefDDeleterType;private:Pair<Pointer,DeleterType>mTuple;public:/** * Construct a UniquePtr containing nullptr. */MOZ_CONSTEXPRUniquePtr():mTuple(static_cast<Pointer>(nullptr),DeleterType()){static_assert(!IsPointer<D>::value,"must provide a deleter instance");static_assert(!IsReference<D>::value,"must provide a deleter instance");}/** * Construct a UniquePtr containing |aPtr|. */explicitUniquePtr(PointeraPtr):mTuple(aPtr,DeleterType()){static_assert(!IsPointer<D>::value,"must provide a deleter instance");static_assert(!IsReference<D>::value,"must provide a deleter instance");}// delete[] knows how to handle *only* an array of a single class type. For// delete[] to work correctly, it must know the size of each element, the// fields and base classes of each element requiring destruction, and so on.// So forbid all overloads which would end up invoking delete[] on a pointer// of the wrong type.template<typenameU>UniquePtr(U&&aU,typenameEnableIf<IsPointer<U>::value&&IsConvertible<U,Pointer>::value,int>::TypeaDummy=0)=delete;UniquePtr(PointeraPtr,typenameConditional<IsReference<D>::value,D,constD&>::TypeaD1):mTuple(aPtr,aD1){}// If you encounter an error with MSVC10 about RemoveReference below, along// the lines that "more than one partial specialization matches the template// argument list": don't use UniquePtr<T[], reference to function>! See the// comment by this constructor in the non-T[] specialization above.UniquePtr(PointeraPtr,typenameRemoveReference<D>::Type&&aD2):mTuple(aPtr,Move(aD2)){static_assert(!IsReference<D>::value,"rvalue deleter can't be stored by reference");}// Forbidden for the same reasons as stated above.template<typenameU,typenameV>UniquePtr(U&&aU,V&&aV,typenameEnableIf<IsPointer<U>::value&&IsConvertible<U,Pointer>::value,int>::TypeaDummy=0)=delete;UniquePtr(UniquePtr&&aOther):mTuple(aOther.release(),Forward<DeleterType>(aOther.get_deleter())){}MOZ_IMPLICITUniquePtr(decltype(nullptr)):mTuple(nullptr,DeleterType()){static_assert(!IsPointer<D>::value,"must provide a deleter instance");static_assert(!IsReference<D>::value,"must provide a deleter instance");}~UniquePtr(){reset(nullptr);}UniquePtr&operator=(UniquePtr&&aOther){reset(aOther.release());get_deleter()=Forward<DeleterType>(aOther.get_deleter());return*this;}UniquePtr&operator=(decltype(nullptr)){reset();return*this;}explicitoperatorbool()const{returnget()!=nullptr;}T&operator[](decltype(sizeof(int))aIndex)const{returnget()[aIndex];}Pointerget()const{returnmTuple.first();}DeleterType&get_deleter(){returnmTuple.second();}constDeleterType&get_deleter()const{returnmTuple.second();}MOZ_WARN_UNUSED_RESULTPointerrelease(){Pointerp=mTuple.first();mTuple.first()=nullptr;returnp;}voidreset(PointeraPtr=Pointer()){Pointerold=mTuple.first();mTuple.first()=aPtr;if(old!=nullptr){mTuple.second()(old);}}voidreset(decltype(nullptr)){Pointerold=mTuple.first();mTuple.first()=nullptr;if(old!=nullptr){mTuple.second()(old);}}template<typenameU>voidreset(U)=delete;voidswap(UniquePtr&aOther){mTuple.swap(aOther.mTuple);}UniquePtr(constUniquePtr&aOther)=delete;// construct using Move()!voidoperator=(constUniquePtr&aOther)=delete;// assign using Move()!};/** * A default deletion policy using plain old operator delete. * * Note that this type can be specialized, but authors should beware of the risk * that the specialization may at some point cease to match (either because it * gets moved to a different compilation unit or the signature changes). If the * non-specialized (|delete|-based) version compiles for that type but does the * wrong thing, bad things could happen. * * This is a non-issue for types which are always incomplete (i.e. opaque handle * types), since |delete|-ing such a type will always trigger a compilation * error. */template<typenameT>classDefaultDelete{public:MOZ_CONSTEXPRDefaultDelete(){}template<typenameU>MOZ_IMPLICITDefaultDelete(constDefaultDelete<U>&aOther,typenameEnableIf<mozilla::IsConvertible<U*,T*>::value,int>::TypeaDummy=0){}voidoperator()(T*aPtr)const{static_assert(sizeof(T)>0,"T must be complete");deleteaPtr;}};/** A default deletion policy using operator delete[]. */template<typenameT>classDefaultDelete<T[]>{public:MOZ_CONSTEXPRDefaultDelete(){}voidoperator()(T*aPtr)const{static_assert(sizeof(T)>0,"T must be complete");delete[]aPtr;}template<typenameU>voidoperator()(U*aPtr)const=delete;};template<typenameT,classD>voidSwap(UniquePtr<T,D>&aX,UniquePtr<T,D>&aY){aX.swap(aY);}template<typenameT,classD,typenameU,classE>booloperator==(constUniquePtr<T,D>&aX,constUniquePtr<U,E>&aY){returnaX.get()==aY.get();}template<typenameT,classD,typenameU,classE>booloperator!=(constUniquePtr<T,D>&aX,constUniquePtr<U,E>&aY){returnaX.get()!=aY.get();}template<typenameT,classD>booloperator==(constUniquePtr<T,D>&aX,decltype(nullptr)){return!aX;}template<typenameT,classD>booloperator==(decltype(nullptr),constUniquePtr<T,D>&aX){return!aX;}template<typenameT,classD>booloperator!=(constUniquePtr<T,D>&aX,decltype(nullptr)){returnbool(aX);}template<typenameT,classD>booloperator!=(decltype(nullptr),constUniquePtr<T,D>&aX){returnbool(aX);}// No operator<, operator>, operator<=, operator>= for now because simplicity.namespacedetail{template<typenameT>structUniqueSelector{typedefUniquePtr<T>SingleObject;};template<typenameT>structUniqueSelector<T[]>{typedefUniquePtr<T[]>UnknownBound;};template<typenameT,decltype(sizeof(int))N>structUniqueSelector<T[N]>{typedefUniquePtr<T[N]>KnownBound;};}// namespace detail/** * MakeUnique is a helper function for allocating new'd objects and arrays, * returning a UniquePtr containing the resulting pointer. The semantics of * MakeUnique<Type>(...) are as follows. * * If Type is an array T[n]: * Disallowed, deleted, no overload for you! * If Type is an array T[]: * MakeUnique<T[]>(size_t) is the only valid overload. The pointer returned * is as if by |new T[n]()|, which value-initializes each element. (If T * isn't a class type, this will zero each element. If T is a class type, * then roughly speaking, each element will be constructed using its default * constructor. See C++11 [dcl.init]p7 for the full gory details.) * If Type is non-array T: * The arguments passed to MakeUnique<T>(...) are forwarded into a * |new T(...)| call, initializing the T as would happen if executing * |T(...)|. * * There are various benefits to using MakeUnique instead of |new| expressions. * * First, MakeUnique eliminates use of |new| from code entirely. If objects are * only created through UniquePtr, then (assuming all explicit release() calls * are safe, including transitively, and no type-safety casting funniness) * correctly maintained ownership of the UniquePtr guarantees no leaks are * possible. (This pays off best if a class is only ever created through a * factory method on the class, using a private constructor.) * * Second, initializing a UniquePtr using a |new| expression requires repeating * the name of the new'd type, whereas MakeUnique in concert with the |auto| * keyword names it only once: * * UniquePtr<char> ptr1(new char()); // repetitive * auto ptr2 = MakeUnique<char>(); // shorter * * Of course this assumes the reader understands the operation MakeUnique * performs. In the long run this is probably a reasonable assumption. In the * short run you'll have to use your judgment about what readers can be expected * to know, or to quickly look up. * * Third, a call to MakeUnique can be assigned directly to a UniquePtr. In * contrast you can't assign a pointer into a UniquePtr without using the * cumbersome reset(). * * UniquePtr<char> p; * p = new char; // ERROR * p.reset(new char); // works, but fugly * p = MakeUnique<char>(); // preferred * * (And third, although not relevant to Mozilla: MakeUnique is exception-safe. * An exception thrown after |new T| succeeds will leak that memory, unless the * pointer is assigned to an object that will manage its ownership. UniquePtr * ably serves this function.) */template<typenameT,typename...Args>typenamedetail::UniqueSelector<T>::SingleObjectMakeUnique(Args&&...aArgs){returnUniquePtr<T>(newT(Forward<Args>(aArgs)...));}template<typenameT>typenamedetail::UniqueSelector<T>::UnknownBoundMakeUnique(decltype(sizeof(int))aN){typedeftypenameRemoveExtent<T>::TypeArrayType;returnUniquePtr<T>(newArrayType[aN]());}template<typenameT,typename...Args>typenamedetail::UniqueSelector<T>::KnownBoundMakeUnique(Args&&...aArgs)=delete;}// namespace mozilla#endif /* mozilla_UniquePtr_h */
