asioexec::completion_token: Conversion & Dangling References

RobertLeahy · RobertLeahy · commit 8bb5b46f33a1 · 2025-09-07T20:35:10.000-04:00
Asio operations declare a set of completion signatures but may send different, convertible arguments upon completion. This is overwhelmingly (exclusively?) observed with differing value categories: An operation declares std::error_code but actually sends const std::error_code&. As originally added (35a3e31) asioexec::completion_token works around the above by pre-converting the arguments provided to the Asio completion handler. This ensures that the correct type with the correct cv- and ref-qualification is provided when sending the completion signal and also was intended to ensure that no operation which would be performed within stdexec::set_value is liable to throw an exception (i.e. performing a conversion which is not noexcept). The implementation-detail function used to provide the above-mentioned pre-conversion is asioexec::detail::completion_token::convert which has two overloads with the following intentions: - One which may change the cv- and ref-qualification but otherwise performs no actions (and is therefore marked noexcept), and - One which may perform any conversion (and is therefore not marked noexcept) Unfortunately as originally implemented the former overload was constrained on std::is_convertible_v which permits conversions beyond changing cv- and ref-qualification. Combined with the fact that the former overload returns a reference (since it's similar to std::forward) this meant that the function could: - Throw internally (thereby calling std::terminate as it is marked noexcept), and - Return a dangling reference (since a prvalue could be synthesized to effect the required conversion) Added reproducing tests and updated the constraints on the former overload so that it is only a candidate when the involved conversions involve changing cv- and ref-qualification (and therefore involve no potentially-throwing operations and cannot produce dangling references).
diff --git a/include/asioexec/completion_token.hpp b/include/asioexec/completion_token.hpp
@@ -26,6 +26,7 @@
 #include <tuple>
 #include <type_traits>
 #include <utility>
+#include <version>
 #include <asioexec/as_default_on.hpp>
 #include <asioexec/asio_config.hpp>
 #include <stdexec/execution.hpp>
@@ -69,7 +70,32 @@ namespace asioexec {
     };
 
     template <typename T, typename U>
-      requires std::is_same_v<T&&, U&&> || std::is_convertible_v<U&&, T&&>
+    inline constexpr bool at_least_as_const_qualified_v = std::is_const_v<T> || !std::is_const_v<U>;
+    template <typename T, typename U>
+    inline constexpr bool at_least_as_volatile_qualified_v = std::is_volatile_v<T>
+                                                          || !std::is_volatile_v<U>;
+    template <typename T, typename U>
+    inline constexpr bool at_least_as_qualified_v = at_least_as_const_qualified_v<T, U>
+                                                 && at_least_as_volatile_qualified_v<T, U>;
+
+    template <typename T, typename U>
+      requires
+#ifdef __cpp_lib_reference_from_temporary
+      (std::is_convertible_v<U &&, T &&> && !std::reference_converts_from_temporary_v<T &&, U &&>)
+#else
+      (
+        //  Just using is_base_of_v is insufficient because it always reports false for built-in types
+        (std::is_base_of_v<std::remove_cvref_t<T>, std::remove_cvref_t<U>>
+         || std::is_same_v<std::remove_cvref_t<T>, std::remove_cvref_t<U>>)
+        &&
+        //  The returned type must be at least as cv-qualified as the input type (it can be more cv-qualified)
+        at_least_as_qualified_v<std::remove_reference_t<T>, std::remove_reference_t<U>>
+        && (
+          //  Reference type must agree except...
+          (std::is_lvalue_reference_v<T> == std::is_lvalue_reference_v<T>) ||
+          //  ...special rules for const& which allows rvalues to bind thereto
+          (std::is_lvalue_reference_v<T> && std::is_const_v<std::remove_reference_t<T>>) ))
+#endif
     constexpr T&& convert(U&& u) noexcept {
       return static_cast<U&&>(u);
     }
diff --git a/test/asioexec/test_completion_token.cpp b/test/asioexec/test_completion_token.cpp
@@ -42,6 +42,17 @@ using namespace asioexec;
 
 namespace {
 
+  static_assert(
+    noexcept(detail::completion_token::convert<const int&>(std::declval<int&>())));
+  static_assert(
+    noexcept(detail::completion_token::convert<const int>(std::declval<int>())));
+  static_assert(
+    noexcept(detail::completion_token::convert<std::string>(std::declval<std::string>())));
+  static_assert(
+    !noexcept(detail::completion_token::convert<std::string>(std::declval<const std::string&>())));
+  static_assert(
+    !noexcept(detail::completion_token::convert<std::string>(std::declval<const char*>())));
+
   //  connect_shared and start_shared ensure the operation state's lifetime ends
   //  within the completion signal handling of the receiver thereby ensuring any
   //  use of the operation state by the operation after it's sent a completion
