cannam@62: // Copyright (c) 2013-2014 Sandstorm Development Group, Inc. and contributors cannam@62: // Licensed under the MIT License: cannam@62: // cannam@62: // Permission is hereby granted, free of charge, to any person obtaining a copy cannam@62: // of this software and associated documentation files (the "Software"), to deal cannam@62: // in the Software without restriction, including without limitation the rights cannam@62: // to use, copy, modify, merge, publish, distribute, sublicense, and/or sell cannam@62: // copies of the Software, and to permit persons to whom the Software is cannam@62: // furnished to do so, subject to the following conditions: cannam@62: // cannam@62: // The above copyright notice and this permission notice shall be included in cannam@62: // all copies or substantial portions of the Software. cannam@62: // cannam@62: // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR cannam@62: // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, cannam@62: // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE cannam@62: // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER cannam@62: // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, cannam@62: // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN cannam@62: // THE SOFTWARE. cannam@62: cannam@62: #ifndef CAPNP_ORPHAN_H_ cannam@62: #define CAPNP_ORPHAN_H_ cannam@62: cannam@62: #if defined(__GNUC__) && !defined(CAPNP_HEADER_WARNINGS) cannam@62: #pragma GCC system_header cannam@62: #endif cannam@62: cannam@62: #include "layout.h" cannam@62: cannam@62: namespace capnp { cannam@62: cannam@62: class StructSchema; cannam@62: class ListSchema; cannam@62: struct DynamicStruct; cannam@62: struct DynamicList; cannam@62: namespace _ { struct OrphanageInternal; } cannam@62: cannam@62: template cannam@62: class Orphan { cannam@62: // Represents an object which is allocated within some message builder but has no pointers cannam@62: // pointing at it. An Orphan can later be "adopted" by some other object as one of that object's cannam@62: // fields, without having to copy the orphan. For a field `foo` of pointer type, the generated cannam@62: // code will define builder methods `void adoptFoo(Orphan)` and `Orphan disownFoo()`. cannam@62: // Orphans can also be created independently of any parent using an Orphanage. cannam@62: // cannam@62: // `Orphan` can be moved but not copied, like `Own`, so that it is impossible for one cannam@62: // orphan to be adopted multiple times. If an orphan is destroyed without being adopted, its cannam@62: // contents are zero'd out (and possibly reused, if we ever implement the ability to reuse space cannam@62: // in a message arena). cannam@62: cannam@62: public: cannam@62: Orphan() = default; cannam@62: KJ_DISALLOW_COPY(Orphan); cannam@62: Orphan(Orphan&&) = default; cannam@62: Orphan& operator=(Orphan&&) = default; cannam@62: inline Orphan(_::OrphanBuilder&& builder): builder(kj::mv(builder)) {} cannam@62: cannam@62: inline BuilderFor get(); cannam@62: // Get the underlying builder. If the orphan is null, this will allocate and return a default cannam@62: // object rather than crash. This is done for security -- otherwise, you might enable a DoS cannam@62: // attack any time you disown a field and fail to check if it is null. In the case of structs, cannam@62: // this means that the orphan is no longer null after get() returns. In the case of lists, cannam@62: // no actual object is allocated since a simple empty ListBuilder can be returned. cannam@62: cannam@62: inline ReaderFor getReader() const; cannam@62: cannam@62: inline bool operator==(decltype(nullptr)) const { return builder == nullptr; } cannam@62: inline bool operator!=(decltype(nullptr)) const { return builder != nullptr; } cannam@62: cannam@62: inline void truncate(uint size); cannam@62: // Resize an object (which must be a list or a blob) to the given size. cannam@62: // cannam@62: // If the new size is less than the original, the remaining elements will be discarded. The cannam@62: // list is never moved in this case. If the list happens to be located at the end of its segment cannam@62: // (which is always true if the list was the last thing allocated), the removed memory will be cannam@62: // reclaimed (reducing the messag size), otherwise it is simply zeroed. The reclaiming behavior cannam@62: // is particularly useful for allocating buffer space when you aren't sure how much space you cannam@62: // actually need: you can pre-allocate, say, a 4k byte array, read() from a file into it, and cannam@62: // then truncate it back to the amount of space actually used. cannam@62: // cannam@62: // If the new size is greater than the original, the list is extended with default values. If cannam@62: // the list is the last object in its segment *and* there is enough space left in the segment to cannam@62: // extend it to cover the new values, then the list is extended in-place. Otherwise, it must be cannam@62: // moved to a new location, leaving a zero'd hole in the previous space that won't be filled. cannam@62: // This copy is shallow; sub-objects will simply be reparented, not copied. cannam@62: // cannam@62: // Any existing readers or builders pointing at the object are invalidated by this call (even if cannam@62: // it doesn't move). You must call `get()` or `getReader()` again to get the new, valid pointer. cannam@62: cannam@62: private: cannam@62: _::OrphanBuilder builder; cannam@62: cannam@62: template cannam@62: friend struct _::PointerHelpers; cannam@62: template cannam@62: friend struct List; cannam@62: template cannam@62: friend class Orphan; cannam@62: friend class Orphanage; cannam@62: friend class MessageBuilder; cannam@62: }; cannam@62: cannam@62: class Orphanage: private kj::DisallowConstCopy { cannam@62: // Use to directly allocate Orphan objects, without having a parent object allocate and then cannam@62: // disown the object. cannam@62: cannam@62: public: cannam@62: inline Orphanage(): arena(nullptr) {} cannam@62: cannam@62: template cannam@62: static Orphanage getForMessageContaining(BuilderType builder); cannam@62: // Construct an Orphanage that allocates within the message containing the given Builder. This cannam@62: // allows the constructed Orphans to be adopted by objects within said message. cannam@62: // cannam@62: // This constructor takes the builder rather than having the builder have a getOrphanage() method cannam@62: // because this is an advanced feature and we don't want to pollute the builder APIs with it. cannam@62: // cannam@62: // Note that if you have a direct pointer to the `MessageBuilder`, you can simply call its cannam@62: // `getOrphanage()` method. cannam@62: cannam@62: template cannam@62: Orphan newOrphan() const; cannam@62: // Allocate a new orphaned struct. cannam@62: cannam@62: template cannam@62: Orphan newOrphan(uint size) const; cannam@62: // Allocate a new orphaned list or blob. cannam@62: cannam@62: Orphan newOrphan(StructSchema schema) const; cannam@62: // Dynamically create an orphan struct with the given schema. You must cannam@62: // #include to use this. cannam@62: cannam@62: Orphan newOrphan(ListSchema schema, uint size) const; cannam@62: // Dynamically create an orphan list with the given schema. You must #include cannam@62: // to use this. cannam@62: cannam@62: template cannam@62: Orphan> newOrphanCopy(Reader copyFrom) const; cannam@62: // Allocate a new orphaned object (struct, list, or blob) and initialize it as a copy of the cannam@62: // given object. cannam@62: cannam@62: template cannam@62: Orphan>>> newOrphanConcat(kj::ArrayPtr lists) const; cannam@62: template cannam@62: Orphan>>> newOrphanConcat(kj::ArrayPtr lists) const; cannam@62: // Given an array of List readers, copy and concatenate the lists, creating a new Orphan. cannam@62: // cannam@62: // Note that compared to allocating the list yourself and using `setWithCaveats()` to set each cannam@62: // item, this method avoids the "caveats": the new list will be allocated with the element size cannam@62: // being the maximum of that from all the input lists. This is particularly important when cannam@62: // concatenating struct lists: if the lists were created using a newer version of the protocol cannam@62: // in which some new fields had been added to the struct, using `setWithCaveats()` would cannam@62: // truncate off those new fields. cannam@62: cannam@62: Orphan referenceExternalData(Data::Reader data) const; cannam@62: // Creates an Orphan that points at an existing region of memory (e.g. from another message) cannam@62: // without copying it. There are some SEVERE restrictions on how this can be used: cannam@62: // - The memory must remain valid until the `MessageBuilder` is destroyed (even if the orphan is cannam@62: // abandoned). cannam@62: // - Because the data is const, you will not be allowed to obtain a `Data::Builder` cannam@62: // for this blob. Any call which would return such a builder will throw an exception. You cannam@62: // can, however, obtain a Reader, e.g. via orphan.getReader() or from a parent Reader (once cannam@62: // the orphan is adopted). It is your responsibility to make sure your code can deal with cannam@62: // these problems when using this optimization; if you can't, allocate a copy instead. cannam@62: // - `data.begin()` must be aligned to a machine word boundary (32-bit or 64-bit depending on cannam@62: // the CPU). Any pointer returned by malloc() as well as any data blob obtained from another cannam@62: // Cap'n Proto message satisfies this. cannam@62: // - If `data.size()` is not a multiple of 8, extra bytes past data.end() up until the next 8-byte cannam@62: // boundary will be visible in the raw message when it is written out. Thus, there must be no cannam@62: // secrets in these bytes. Data blobs obtained from other Cap'n Proto messages should be safe cannam@62: // as these bytes should be zero (unless the sender had the same problem). cannam@62: // cannam@62: // The array will actually become one of the message's segments. The data can thus be adopted cannam@62: // into the message tree without copying it. This is particularly useful when referencing very cannam@62: // large blobs, such as whole mmap'd files. cannam@62: cannam@62: private: cannam@62: _::BuilderArena* arena; cannam@62: _::CapTableBuilder* capTable; cannam@62: cannam@62: inline explicit Orphanage(_::BuilderArena* arena, _::CapTableBuilder* capTable) cannam@62: : arena(arena), capTable(capTable) {} cannam@62: cannam@62: template cannam@62: struct GetInnerBuilder; cannam@62: template cannam@62: struct GetInnerReader; cannam@62: template cannam@62: struct NewOrphanListImpl; cannam@62: cannam@62: friend class MessageBuilder; cannam@62: friend struct _::OrphanageInternal; cannam@62: }; cannam@62: cannam@62: // ======================================================================================= cannam@62: // Inline implementation details. cannam@62: cannam@62: namespace _ { // private cannam@62: cannam@62: template cannam@62: struct OrphanGetImpl; cannam@62: cannam@62: template cannam@62: struct OrphanGetImpl { cannam@62: static inline void truncateListOf(_::OrphanBuilder& builder, ElementCount size) { cannam@62: builder.truncate(size, _::elementSizeForType()); cannam@62: } cannam@62: }; cannam@62: cannam@62: template cannam@62: struct OrphanGetImpl { cannam@62: static inline typename T::Builder apply(_::OrphanBuilder& builder) { cannam@62: return typename T::Builder(builder.asStruct(_::structSize())); cannam@62: } cannam@62: static inline typename T::Reader applyReader(const _::OrphanBuilder& builder) { cannam@62: return typename T::Reader(builder.asStructReader(_::structSize())); cannam@62: } cannam@62: static inline void truncateListOf(_::OrphanBuilder& builder, ElementCount size) { cannam@62: builder.truncate(size, _::structSize()); cannam@62: } cannam@62: }; cannam@62: cannam@62: #if !CAPNP_LITE cannam@62: template cannam@62: struct OrphanGetImpl { cannam@62: static inline typename T::Client apply(_::OrphanBuilder& builder) { cannam@62: return typename T::Client(builder.asCapability()); cannam@62: } cannam@62: static inline typename T::Client applyReader(const _::OrphanBuilder& builder) { cannam@62: return typename T::Client(builder.asCapability()); cannam@62: } cannam@62: static inline void truncateListOf(_::OrphanBuilder& builder, ElementCount size) { cannam@62: builder.truncate(size, ElementSize::POINTER); cannam@62: } cannam@62: }; cannam@62: #endif // !CAPNP_LITE cannam@62: cannam@62: template cannam@62: struct OrphanGetImpl, Kind::LIST> { cannam@62: static inline typename List::Builder apply(_::OrphanBuilder& builder) { cannam@62: return typename List::Builder(builder.asList(_::ElementSizeForType::value)); cannam@62: } cannam@62: static inline typename List::Reader applyReader(const _::OrphanBuilder& builder) { cannam@62: return typename List::Reader(builder.asListReader(_::ElementSizeForType::value)); cannam@62: } cannam@62: static inline void truncateListOf(_::OrphanBuilder& builder, ElementCount size) { cannam@62: builder.truncate(size, ElementSize::POINTER); cannam@62: } cannam@62: }; cannam@62: cannam@62: template cannam@62: struct OrphanGetImpl, Kind::LIST> { cannam@62: static inline typename List::Builder apply(_::OrphanBuilder& builder) { cannam@62: return typename List::Builder(builder.asStructList(_::structSize())); cannam@62: } cannam@62: static inline typename List::Reader applyReader(const _::OrphanBuilder& builder) { cannam@62: return typename List::Reader(builder.asListReader(_::ElementSizeForType::value)); cannam@62: } cannam@62: static inline void truncateListOf(_::OrphanBuilder& builder, ElementCount size) { cannam@62: builder.truncate(size, ElementSize::POINTER); cannam@62: } cannam@62: }; cannam@62: cannam@62: template <> cannam@62: struct OrphanGetImpl { cannam@62: static inline Text::Builder apply(_::OrphanBuilder& builder) { cannam@62: return Text::Builder(builder.asText()); cannam@62: } cannam@62: static inline Text::Reader applyReader(const _::OrphanBuilder& builder) { cannam@62: return Text::Reader(builder.asTextReader()); cannam@62: } cannam@62: static inline void truncateListOf(_::OrphanBuilder& builder, ElementCount size) { cannam@62: builder.truncate(size, ElementSize::POINTER); cannam@62: } cannam@62: }; cannam@62: cannam@62: template <> cannam@62: struct OrphanGetImpl { cannam@62: static inline Data::Builder apply(_::OrphanBuilder& builder) { cannam@62: return Data::Builder(builder.asData()); cannam@62: } cannam@62: static inline Data::Reader applyReader(const _::OrphanBuilder& builder) { cannam@62: return Data::Reader(builder.asDataReader()); cannam@62: } cannam@62: static inline void truncateListOf(_::OrphanBuilder& builder, ElementCount size) { cannam@62: builder.truncate(size, ElementSize::POINTER); cannam@62: } cannam@62: }; cannam@62: cannam@62: struct OrphanageInternal { cannam@62: static inline _::BuilderArena* getArena(Orphanage orphanage) { return orphanage.arena; } cannam@62: static inline _::CapTableBuilder* getCapTable(Orphanage orphanage) { return orphanage.capTable; } cannam@62: }; cannam@62: cannam@62: } // namespace _ (private) cannam@62: cannam@62: template cannam@62: inline BuilderFor Orphan::get() { cannam@62: return _::OrphanGetImpl::apply(builder); cannam@62: } cannam@62: cannam@62: template cannam@62: inline ReaderFor Orphan::getReader() const { cannam@62: return _::OrphanGetImpl::applyReader(builder); cannam@62: } cannam@62: cannam@62: template cannam@62: inline void Orphan::truncate(uint size) { cannam@62: _::OrphanGetImpl>::truncateListOf(builder, bounded(size) * ELEMENTS); cannam@62: } cannam@62: cannam@62: template <> cannam@62: inline void Orphan::truncate(uint size) { cannam@62: builder.truncateText(bounded(size) * ELEMENTS); cannam@62: } cannam@62: cannam@62: template <> cannam@62: inline void Orphan::truncate(uint size) { cannam@62: builder.truncate(bounded(size) * ELEMENTS, ElementSize::BYTE); cannam@62: } cannam@62: cannam@62: template cannam@62: struct Orphanage::GetInnerBuilder { cannam@62: static inline _::StructBuilder apply(typename T::Builder& t) { cannam@62: return t._builder; cannam@62: } cannam@62: }; cannam@62: cannam@62: template cannam@62: struct Orphanage::GetInnerBuilder { cannam@62: static inline _::ListBuilder apply(typename T::Builder& t) { cannam@62: return t.builder; cannam@62: } cannam@62: }; cannam@62: cannam@62: template cannam@62: Orphanage Orphanage::getForMessageContaining(BuilderType builder) { cannam@62: auto inner = GetInnerBuilder>::apply(builder); cannam@62: return Orphanage(inner.getArena(), inner.getCapTable()); cannam@62: } cannam@62: cannam@62: template cannam@62: Orphan Orphanage::newOrphan() const { cannam@62: return Orphan(_::OrphanBuilder::initStruct(arena, capTable, _::structSize())); cannam@62: } cannam@62: cannam@62: template cannam@62: struct Orphanage::NewOrphanListImpl> { cannam@62: static inline _::OrphanBuilder apply( cannam@62: _::BuilderArena* arena, _::CapTableBuilder* capTable, uint size) { cannam@62: return _::OrphanBuilder::initList( cannam@62: arena, capTable, bounded(size) * ELEMENTS, _::ElementSizeForType::value); cannam@62: } cannam@62: }; cannam@62: cannam@62: template cannam@62: struct Orphanage::NewOrphanListImpl> { cannam@62: static inline _::OrphanBuilder apply( cannam@62: _::BuilderArena* arena, _::CapTableBuilder* capTable, uint size) { cannam@62: return _::OrphanBuilder::initStructList( cannam@62: arena, capTable, bounded(size) * ELEMENTS, _::structSize()); cannam@62: } cannam@62: }; cannam@62: cannam@62: template <> cannam@62: struct Orphanage::NewOrphanListImpl { cannam@62: static inline _::OrphanBuilder apply( cannam@62: _::BuilderArena* arena, _::CapTableBuilder* capTable, uint size) { cannam@62: return _::OrphanBuilder::initText(arena, capTable, bounded(size) * BYTES); cannam@62: } cannam@62: }; cannam@62: cannam@62: template <> cannam@62: struct Orphanage::NewOrphanListImpl { cannam@62: static inline _::OrphanBuilder apply( cannam@62: _::BuilderArena* arena, _::CapTableBuilder* capTable, uint size) { cannam@62: return _::OrphanBuilder::initData(arena, capTable, bounded(size) * BYTES); cannam@62: } cannam@62: }; cannam@62: cannam@62: template cannam@62: Orphan Orphanage::newOrphan(uint size) const { cannam@62: return Orphan(NewOrphanListImpl::apply(arena, capTable, size)); cannam@62: } cannam@62: cannam@62: template cannam@62: struct Orphanage::GetInnerReader { cannam@62: static inline _::StructReader apply(const typename T::Reader& t) { cannam@62: return t._reader; cannam@62: } cannam@62: }; cannam@62: cannam@62: template cannam@62: struct Orphanage::GetInnerReader { cannam@62: static inline _::ListReader apply(const typename T::Reader& t) { cannam@62: return t.reader; cannam@62: } cannam@62: }; cannam@62: cannam@62: template cannam@62: struct Orphanage::GetInnerReader { cannam@62: static inline const typename T::Reader& apply(const typename T::Reader& t) { cannam@62: return t; cannam@62: } cannam@62: }; cannam@62: cannam@62: template cannam@62: inline Orphan> Orphanage::newOrphanCopy(Reader copyFrom) const { cannam@62: return Orphan>(_::OrphanBuilder::copy( cannam@62: arena, capTable, GetInnerReader>::apply(copyFrom))); cannam@62: } cannam@62: cannam@62: template cannam@62: inline Orphan>>> cannam@62: Orphanage::newOrphanConcat(kj::ArrayPtr lists) const { cannam@62: return newOrphanConcat(kj::implicitCast>(lists)); cannam@62: } cannam@62: template cannam@62: inline Orphan>>> cannam@62: Orphanage::newOrphanConcat(kj::ArrayPtr lists) const { cannam@62: // Optimization / simplification: Rely on List::Reader containing nothing except a cannam@62: // _::ListReader. cannam@62: static_assert(sizeof(T) == sizeof(_::ListReader), "lists are not bare readers?"); cannam@62: kj::ArrayPtr raw( cannam@62: reinterpret_cast(lists.begin()), lists.size()); cannam@62: typedef ListElementType> Element; cannam@62: return Orphan>( cannam@62: _::OrphanBuilder::concat(arena, capTable, cannam@62: _::elementSizeForType(), cannam@62: _::minStructSizeForElement(), raw)); cannam@62: } cannam@62: cannam@62: inline Orphan Orphanage::referenceExternalData(Data::Reader data) const { cannam@62: return Orphan(_::OrphanBuilder::referenceExternalData(arena, data)); cannam@62: } cannam@62: cannam@62: } // namespace capnp cannam@62: cannam@62: #endif // CAPNP_ORPHAN_H_