Finish merging hsutter#106: Now static_assert for disallowed as cases including bad narrowing, closes hsutter#106

hsutter · hsutter · commit 28f2215031ac · 2023-01-06T10:06:00.000-08:00
diff --git a/include/cpp2util.h b/include/cpp2util.h
@@ -702,7 +702,7 @@ struct nonesuch_ {
 };
 static nonesuch_ nonesuch;
 
-//  Most of the 'as' casts are <To, From> so use that order here
+//  The 'as' cast functions are <To, From> so use that order here
 //  If it's confusing, we can switch this to <From, To>
 template< typename To, typename From >
 inline constexpr auto is_narrowing_v =
@@ -747,12 +747,9 @@ template< typename C, auto x >
 inline constexpr auto as() -> auto
 {
     if constexpr ( is_castable_v<C, x> ) {
-        return static_cast<C>(CPP2_TYPEOF(x)(x));
+        return static_cast<C>(x);
     } else {
-        static_assert(
-            program_violates_type_safety_guarantee<C, CPP2_TYPEOF(x)>,
-            "No safe 'as' cast available - if this is narrowing and you're sure the conversion is safe, consider using `unsafe_narrow<T>()` to force the conversion"
-            );
+        return nonesuch;
     }
 }
 
@@ -764,10 +761,7 @@ inline constexpr auto as(auto const& x) -> auto
         sizeof(CPP2_TYPEOF(x)) > sizeof(C)
     )
 {
-    static_assert(
-        program_violates_type_safety_guarantee<C, CPP2_TYPEOF(x)>,
-        "No safe 'as' cast from larger to smaller floating point precision - if you're sure you want this unsafe conversion, consider using `unsafe_narrow<T>()` to force the conversion"
-        );
+    return nonesuch;
 }
 
 //  Signed/unsigned conversions to a not-smaller type are handled as a precondition,
@@ -805,10 +799,7 @@ auto as( X const& x ) -> auto
     //  those types themselves don't defend against them
     if constexpr( requires{ typename C::value_type; } && std::is_convertible_v<X, typename C::value_type> ) {
         if constexpr( is_narrowing_v<typename C::value_type, X>) {
-            static_assert(
-                program_violates_type_safety_guarantee<C, CPP2_TYPEOF(x)>,
-                "This is a narrowing 'as' cast to a dynamic library type - if you're sure you want this unsafe conversion, consider adding an `unsafe_narrow<T>()` separately first to force the narrowing conversion, then 'as' to the library type"
-                );
+            return nonesuch;
         }
     }
     return C{x};
@@ -1296,6 +1287,64 @@ auto unsafe_narrow( X&& x ) noexcept -> decltype(auto)
     return static_cast<C>(CPP2_FORWARD(x));
 }
 
+
+//-----------------------------------------------------------------------
+//
+//  A static-asserting "as" for better diagnostics than raw 'nonesuch'
+//
+//  Note for the future: This needs go after all 'as', which is fine for
+//  the ones in this file but will have problems with further user-
+//  defined 'as' customizations. One solution would be to make the main
+//  'as' be a class template, and have all customizations be actual
+//  specializations... that way name lookup should find the primary
+//  template first and then see later specializations. Or we could just
+//  remove this and live with the 'nonesuch' error messages. Either way,
+//  we don't need anything more right now, this solution is fine to
+//  unblock general progress
+//
+//-----------------------------------------------------------------------
+//
+template< typename C >
+inline constexpr auto as_( auto&& x ) -> auto
+{
+    if constexpr (is_narrowing_v<C, CPP2_TYPEOF(x)>) {
+        static_assert(
+            program_violates_type_safety_guarantee<C, CPP2_TYPEOF(x)>,
+            "'as' does not allow unsafe narrowing conversions - if you're sure you want this, use `unsafe_narrow<T>()` to force the conversion"
+        );
+    }
+    else if constexpr( std::is_same_v< CPP2_TYPEOF(as<C>(CPP2_FORWARD(x))), nonesuch_ > ) {
+        static_assert(
+            program_violates_type_safety_guarantee<C, CPP2_TYPEOF(x)>,
+            "No safe 'as' cast available - please check your cast"
+        );
+    }
+    //  else
+    return as<C>(CPP2_FORWARD(x));
+}
+
+template< typename C, auto x >
+inline constexpr auto as_() -> auto
+{
+    if constexpr (requires { as<C, x>(); }) {
+        if constexpr( std::is_same_v< CPP2_TYPEOF((as<C, x>())), nonesuch_ > ) {
+            static_assert(
+                program_violates_type_safety_guarantee<C, CPP2_TYPEOF(x)>,
+                "Literal cannot be narrowed using 'as' -  if you're sure you want this, use 'unsafe_narrow<T>()' to force the conversion"
+            );
+        }
+    }
+    else {
+        static_assert(
+            program_violates_type_safety_guarantee<C, CPP2_TYPEOF(x)>,
+            "No safe 'as' cast available - please check your cast"
+        );
+    }
+    //  else
+    return as<C,x>();
+}
+
+
 }
 
 
diff --git a/regression-tests/test-results/mixed-inspect-values.cpp b/regression-tests/test-results/mixed-inspect-values.cpp
@@ -30,15 +30,15 @@ auto test(auto const& x) -> void;
 
     std::any a { 0 }; 
     test(a);
-    a = cpp2::as<std::string>("plugh");
+    a = cpp2::as_<std::string>("plugh");
     test(std::move(a));
 
     test(0);
     test(1);
     test(2);
     test(3);
     test(-42);
-    test(cpp2::as<std::string>("xyzzy"));
+    test(cpp2::as_<std::string>("xyzzy"));
     test(3.14);
 }
 
diff --git a/regression-tests/test-results/pure2-inspect-expression-in-generic-function-multiple-types.cpp b/regression-tests/test-results/pure2-inspect-expression-in-generic-function-multiple-types.cpp
@@ -13,7 +13,7 @@ auto test_generic(auto const& x, auto const& msg) -> void;
 #line 1 "pure2-inspect-expression-in-generic-function-multiple-types.cpp2"
 [[nodiscard]] auto main() -> int{
     std::variant<int,int,double> v { 42.0 }; 
-    std::any a { cpp2::as<std::string>("xyzzy") }; 
+    std::any a { cpp2::as_<std::string>("xyzzy") }; 
     std::optional<int> o {  }; 
 
     test_generic(3.14, "double");
diff --git a/regression-tests/test-results/pure2-inspect-fallback-with-variant-any-optional.cpp b/regression-tests/test-results/pure2-inspect-fallback-with-variant-any-optional.cpp
@@ -13,9 +13,9 @@ auto test_generic(auto const& x, auto const& msg) -> void;
 #line 1 "pure2-inspect-fallback-with-variant-any-optional.cpp2"
 
 [[nodiscard]] auto main() -> int{
-    std::variant<int,int,std::string> v { cpp2::as<std::string>("xyzzy") }; 
-    std::any a { cpp2::as<std::string>("xyzzy") }; 
-    std::optional<std::string> o { cpp2::as<std::string>("xyzzy") }; 
+    std::variant<int,int,std::string> v { cpp2::as_<std::string>("xyzzy") }; 
+    std::any a { cpp2::as_<std::string>("xyzzy") }; 
+    std::optional<std::string> o { cpp2::as_<std::string>("xyzzy") }; 
 
     std::cout << "\nAll these cases satisfy \"matches std::string\"\n";
 
diff --git a/source/common.h b/source/common.h
@@ -265,6 +265,26 @@ auto strip_path(std::string const& file) -> std::string
 }
 
 
+//-----------------------------------------------------------------------
+//
+//  Misc helpers
+//
+//-----------------------------------------------------------------------
+//
+auto replace_all(std::string& s, std::string_view what, std::string_view with)
+{
+    for (
+        std::string::size_type pos{};
+        s.npos != (pos = s.find(what.data(), pos, what.length()));
+        pos += with.length()
+        )
+    {
+        s.replace(pos, what.length(), with.data(), with.length());
+    }
+    return s;
+}
+
+
 //-----------------------------------------------------------------------
 //
 //  Command line handling
diff --git a/source/cppfront.cpp b/source/cppfront.cpp
@@ -1359,6 +1359,8 @@ class cppfront
                     statement.pop_back();
                 }
 
+                replace_all( statement, "cpp2::as_<", "cpp2::as<" );
+
                 //  If this is an inspect-expression, we'll have to wrap each alternative
                 //  in an 'if constexpr' so that its type is ignored for mismatches with
                 //  the inspect-expression's type
@@ -2057,7 +2059,11 @@ class cppfront
                     }
                 }
                 else {
-                    prefix += "cpp2::" + i->op->to_string(true) + "<" + print_to_string(*i->type) + ">(";
+                    auto op_name = i->op->to_string(true);
+                    if (op_name == "as") {
+                        op_name = "as_";    // use the static_assert-checked 'as' by default...
+                    }                       // we'll override this inside inspect-expressions
+                    prefix += "cpp2::" + op_name + "<" + print_to_string(*i->type) + ">(";
                     suffix = ")" + suffix;
                 }
             }

Original file line number	Diff line number	Diff line change
`@@ -1359,6 +1359,8 @@ class cppfront`
`1359`	`1359`	`statement.pop_back();`
`1360`	`1360`	`}`
`1361`	`1361`
	`1362`	`+ replace_all( statement, "cpp2::as_<", "cpp2::as<" );`
	`1363`	`+`
`1362`	`1364`	`// If this is an inspect-expression, we'll have to wrap each alternative`
`1363`	`1365`	`// in an 'if constexpr' so that its type is ignored for mismatches with`
`1364`	`1366`	`// the inspect-expression's type`
`@@ -2057,7 +2059,11 @@ class cppfront`
`2057`	`2059`	`}`
`2058`	`2060`	`}`
`2059`	`2061`	`else {`
`2060`		`- prefix += "cpp2::" + i->op->to_string(true) + "<" + print_to_string(*i->type) + ">(";`
	`2062`	`+ auto op_name = i->op->to_string(true);`
	`2063`	`+ if (op_name == "as") {`
	`2064`	`+ op_name = "as_"; // use the static_assert-checked 'as' by default...`
	`2065`	`+ } // we'll override this inside inspect-expressions`
	`2066`	`+ prefix += "cpp2::" + op_name + "<" + print_to_string(*i->type) + ">(";`
`2061`	`2067`	`suffix = ")" + suffix;`
`2062`	`2068`	`}`
`2063`	`2069`	`}`