<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Issue 3472: counted_iterator is missing preconditions</title>
<meta property="og:title" content="Issue 3472: counted_iterator is missing preconditions">
<meta property="og:description" content="C++ library issue. Status: C++23">
<meta property="og:url" content="https://cplusplus.github.io/LWG/issue3472.html">
<meta property="og:type" content="website">
<meta property="og:image" content="http://cplusplus.github.io/LWG/images/cpp_logo.png">
<meta property="og:image:alt" content="C++ logo">
<style>
  p {text-align:justify}
  li {text-align:justify}
  pre code.backtick::before { content: "`" }
  pre code.backtick::after { content: "`" }
  blockquote.note
  {
    background-color:#E0E0E0;
    padding-left: 15px;
    padding-right: 15px;
    padding-top: 1px;
    padding-bottom: 1px;
  }
  ins {background-color:#A0FFA0}
  del {background-color:#FFA0A0}
  table.issues-index { border: 1px solid; border-collapse: collapse; }
  table.issues-index th { text-align: center; padding: 4px; border: 1px solid; }
  table.issues-index td { padding: 4px; border: 1px solid; }
  table.issues-index td:nth-child(1) { text-align: right; }
  table.issues-index td:nth-child(2) { text-align: left; }
  table.issues-index td:nth-child(3) { text-align: left; }
  table.issues-index td:nth-child(4) { text-align: left; }
  table.issues-index td:nth-child(5) { text-align: center; }
  table.issues-index td:nth-child(6) { text-align: center; }
  table.issues-index td:nth-child(7) { text-align: left; }
  table.issues-index td:nth-child(5) span.no-pr { color: red; }
  @media (prefers-color-scheme: dark) {
     html {
        color: #ddd;
        background-color: black;
     }
     ins {
        background-color: #225522
     }
     del {
        background-color: #662222
     }
     a {
        color: #6af
     }
     a:visited {
        color: #6af
     }
     blockquote.note
     {
        background-color: rgba(255, 255, 255, .10)
     }
  }
</style>
</head>
<body>
<hr>
<p><em>This page is a snapshot from the LWG issues list, see the <a href="lwg-active.html">Library Active Issues List</a> for more information and the meaning of <a href="lwg-active.html#C++23">C++23</a> status.</em></p>
<h3 id="3472"><a href="lwg-defects.html#3472">3472</a>. <code>counted_iterator</code> is missing preconditions</h3>
<p><b>Section:</b> 24.5.7 <a href="https://wg21.link/iterators.counted">[iterators.counted]</a> <b>Status:</b> <a href="lwg-active.html#C++23">C++23</a>
 <b>Submitter:</b> Michael Schellenberger Costa <b>Opened:</b> 2020-07-29 <b>Last modified:</b> 2023-11-22</p>
<p><b>Priority: </b>Not Prioritized
</p>
<p><b>View all issues with</b> <a href="lwg-status.html#C++23">C++23</a> status.</p>
<p><b>Discussion:</b></p>
<p>
C++20 introduces a new iterator <code>counted_iterator</code> that keeps track of the end of its range via an 
additional exposition only member <code>length</code>.  
<p/>
Consequently, there are several preconditions for many member functions of <code>counted_iterator</code>, but 
it seems some are missing:
</p>
<ol>
<li><p><b><code>operator*</code></b>
<p/>
Here we have no precondition regarding <code>length</code>. However, given that <code>length</code> denotes the 
distance to the end of the range it should be invalid to dereference a <code>counted_iterator</code> with 
<code>length 0</code>.
<p/>
Moreover, <code>operator[]</code> has a precondition of "<code>n &lt; length</code>". Consider the following code snippet:
</p>
<blockquote><pre>
int some_ints[] = {0,1,2};
counted_iterator&lt;int*&gt; i{some_ints, 0};
</pre></blockquote>
<p>
Here "<code>i[0]</code>" would be invalid due to the precondition "<code>n &lt; length</code>". However, "<code>*i</code>" 
would be a valid expression. This violates the definition of <code>operator[]</code> which states according to 
7.6.1.2 <a href="https://wg21.link/expr.sub">[expr.sub]</a> p1:
</p>
<blockquote><p>
[&hellip;] The expression <code>E1[E2]</code> is identical (by definition) to <code>*((E1)+(E2))</code> [&hellip;]
</p></blockquote>
<p>
Substituting <code>E2-&gt;0</code> we get  
</p>
<blockquote><p>
[&hellip;] The expression <code>E1[0]</code> is identical (by definition) to <code>*(E1)</code> [&hellip;]
</p></blockquote>
<p>
With the current wording <code>counted_iterator</code> violates that definition and we should add to <code>operator*</code>:
</p>
<blockquote><p>
<i>Preconditions:</i> <code>length &gt; 0</code>.
</p></blockquote></li>
<li><p><b><code>iter_move</code></b>
<p/>
This is a similar case. We have only the <i>Effects</i> element:
</p>
<blockquote><p>
<i>Effects:</i> Equivalent to: <code>return ranges::iter_move(i.current);</code>
</p></blockquote>
<p>
However, looking at the requirements of <code>ranges::iter_move</code> we have in 24.3.3.1 <a href="https://wg21.link/iterator.cust.move">[iterator.cust.move]</a> p2:
</p>
<blockquote><p>
If <code>ranges::iter_move(E)</code> is not equal to <code>*E</code>, the program is ill-formed, no diagnostic required.
</p></blockquote>
<p>
This clearly requires that for <code>counted_iterator::iter_move</code> to be well-formed,  we need 
<code>counted_iterator::operator*</code> to be well formed. Consequently we should also add the same precondition to 
<code>counted_iterator::iter_move</code>:
</p>
<blockquote><p>
<i>Preconditions:</i> <code>length &gt; 0</code>.
</p></blockquote></li>
<li><p><b><code>iter_swap</code></b>
<p/>
This is essentially the same arguing as for <code>counted_iterator::iter_move</code>. The essential observation is that 
<code>ranges::iter_swap</code> is defined in terms of <code>ranges::iter_move</code> (see 24.3.3.2 <a href="https://wg21.link/iterator.cust.swap">[iterator.cust.swap]</a>) 
so it must have the same preconditions and we should add:
</p>
<blockquote><p>
<i>Preconditions:</i> <code>length &gt; 0</code>.
</p></blockquote></li>
</ol>
<p><i>[2020-08-21 Issue processing telecon: moved to Tentatively Ready.]</i></p>

<p><i>[2020-11-09 Approved In November virtual meeting. Status changed: Tentatively Ready &rarr; WP.]</i></p>



<p id="res-3472"><b>Proposed resolution:</b></p>
<p>
This wording is relative to <a href="https://wg21.link/n4861">N4861</a>.
</p>

<ol>
<li><p>Modify 24.5.7.4 <a href="https://wg21.link/counted.iter.elem">[counted.iter.elem]</a> as indicated:</p>

<blockquote>
<pre>
constexpr decltype(auto) operator*();
constexpr decltype(auto) operator*() const
  requires <i>dereferenceable</i>&lt;const I&gt;;
</pre>
<blockquote>
<p>
<ins>-?- <i>Preconditions:</i> <code>length &gt; 0</code>.</ins>
<p/>
-1- <i>Effects:</i> Equivalent to: <code>return *current;</code>
</p>
</blockquote>
</blockquote>
</li>

<li><p>Modify 24.5.7.7 <a href="https://wg21.link/counted.iter.cust">[counted.iter.cust]</a> as indicated:</p>

<blockquote>
<pre>
friend constexpr iter_rvalue_reference_t&lt;I&gt;
  iter_move(const counted_iterator&amp; i)
    noexcept(noexcept(ranges::iter_move(i.current)))
    requires input_iterator&lt;I&gt;;
</pre>
<blockquote>
<p>
<ins>-?- <i>Preconditions:</i> <code>i.length &gt; 0</code>.</ins>
<p/>
-1- <i>Effects:</i> Equivalent to: <code>return ranges::iter_move(i.current);</code>
</p>
</blockquote>
<pre>
template&lt;indirectly_swappable&lt;I&gt; I2&gt;
  friend constexpr void
    iter_swap(const counted_iterator&amp; x, const counted_iterator&lt;I2&gt;&amp; y)
      noexcept(noexcept(ranges::iter_swap(x.current, y.current)));
</pre>
<blockquote>
<p>
<ins>-?- <i>Preconditions:</i> <code>x.length &gt; 0</code> and <code>y.length &gt; 0</code>.</ins>
<p/>
-1- <i>Effects:</i> Equivalent to: <code>return ranges::iter_swap(x.current, y.current);</code>
</p>
</blockquote>
</blockquote>
</li>
</ol>





</body>
</html>
