cannam@135: // Copyright (c) 2013-2014 Sandstorm Development Group, Inc. and contributors cannam@135: // Licensed under the MIT License: cannam@135: // cannam@135: // Permission is hereby granted, free of charge, to any person obtaining a copy cannam@135: // of this software and associated documentation files (the "Software"), to deal cannam@135: // in the Software without restriction, including without limitation the rights cannam@135: // to use, copy, modify, merge, publish, distribute, sublicense, and/or sell cannam@135: // copies of the Software, and to permit persons to whom the Software is cannam@135: // furnished to do so, subject to the following conditions: cannam@135: // cannam@135: // The above copyright notice and this permission notice shall be included in cannam@135: // all copies or substantial portions of the Software. cannam@135: // cannam@135: // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR cannam@135: // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, cannam@135: // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE cannam@135: // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER cannam@135: // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, cannam@135: // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN cannam@135: // THE SOFTWARE. cannam@135: cannam@135: // This file implements a simple serialization format for Cap'n Proto messages. The format cannam@135: // is as follows: cannam@135: // cannam@135: // * 32-bit little-endian segment count (4 bytes). cannam@135: // * 32-bit little-endian size of each segment (4*(segment count) bytes). cannam@135: // * Padding so that subsequent data is 64-bit-aligned (0 or 4 bytes). (I.e., if there are an even cannam@135: // number of segments, there are 4 bytes of zeros here, otherwise there is no padding.) cannam@135: // * Data from each segment, in order (8*sum(segment sizes) bytes) cannam@135: // cannam@135: // This format has some important properties: cannam@135: // - It is self-delimiting, so multiple messages may be written to a stream without any external cannam@135: // delimiter. cannam@135: // - The total size and position of each segment can be determined by reading only the first part cannam@135: // of the message, allowing lazy and random-access reading of the segment data. cannam@135: // - A message is always at least 8 bytes. cannam@135: // - A single-segment message can be read entirely in two system calls with no buffering. cannam@135: // - A multi-segment message can be read entirely in three system calls with no buffering. cannam@135: // - The format is appropriate for mmap()ing since all data is aligned. cannam@135: cannam@135: #ifndef CAPNP_SERIALIZE_H_ cannam@135: #define CAPNP_SERIALIZE_H_ cannam@135: cannam@135: #if defined(__GNUC__) && !defined(CAPNP_HEADER_WARNINGS) cannam@135: #pragma GCC system_header cannam@135: #endif cannam@135: cannam@135: #include "message.h" cannam@135: #include cannam@135: cannam@135: namespace capnp { cannam@135: cannam@135: class FlatArrayMessageReader: public MessageReader { cannam@135: // Parses a message from a flat array. Note that it makes sense to use this together with mmap() cannam@135: // for extremely fast parsing. cannam@135: cannam@135: public: cannam@135: FlatArrayMessageReader(kj::ArrayPtr array, ReaderOptions options = ReaderOptions()); cannam@135: // The array must remain valid until the MessageReader is destroyed. cannam@135: cannam@135: kj::ArrayPtr getSegment(uint id) override; cannam@135: cannam@135: const word* getEnd() const { return end; } cannam@135: // Get a pointer just past the end of the message as determined by reading the message header. cannam@135: // This could actually be before the end of the input array. This pointer is useful e.g. if cannam@135: // you know that the input array has extra stuff appended after the message and you want to cannam@135: // get at it. cannam@135: cannam@135: private: cannam@135: // Optimize for single-segment case. cannam@135: kj::ArrayPtr segment0; cannam@135: kj::Array> moreSegments; cannam@135: const word* end; cannam@135: }; cannam@135: cannam@135: kj::ArrayPtr initMessageBuilderFromFlatArrayCopy( cannam@135: kj::ArrayPtr array, MessageBuilder& target, cannam@135: ReaderOptions options = ReaderOptions()); cannam@135: // Convenience function which reads a message using `FlatArrayMessageReader` then copies the cannam@135: // content into the target `MessageBuilder`, verifying that the message structure is valid cannam@135: // (although not necessarily that it matches the desired schema). cannam@135: // cannam@135: // Returns an ArrayPtr containing any words left over in the array after consuming the whole cannam@135: // message. This is useful when reading multiple messages that have been concatenated. See also cannam@135: // FlatArrayMessageReader::getEnd(). cannam@135: // cannam@135: // (Note that it's also possible to initialize a `MessageBuilder` directly without a copy using one cannam@135: // of `MessageBuilder`'s constructors. However, this approach skips the validation step and is not cannam@135: // safe to use on untrusted input. Therefore, we do not provide a convenience method for it.) cannam@135: cannam@135: kj::Array messageToFlatArray(MessageBuilder& builder); cannam@135: // Constructs a flat array containing the entire content of the given message. cannam@135: // cannam@135: // To output the message as bytes, use `.asBytes()` on the returned word array. Keep in mind that cannam@135: // `asBytes()` returns an ArrayPtr, so you have to save the Array as well to prevent it from being cannam@135: // deleted. For example: cannam@135: // cannam@135: // kj::Array words = messageToFlatArray(myMessage); cannam@135: // kj::ArrayPtr bytes = words.asBytes(); cannam@135: // write(fd, bytes.begin(), bytes.size()); cannam@135: cannam@135: kj::Array messageToFlatArray(kj::ArrayPtr> segments); cannam@135: // Version of messageToFlatArray that takes a raw segment array. cannam@135: cannam@135: size_t computeSerializedSizeInWords(MessageBuilder& builder); cannam@135: // Returns the size, in words, that will be needed to serialize the message, including the header. cannam@135: cannam@135: size_t computeSerializedSizeInWords(kj::ArrayPtr> segments); cannam@135: // Version of computeSerializedSizeInWords that takes a raw segment array. cannam@135: cannam@135: size_t expectedSizeInWordsFromPrefix(kj::ArrayPtr messagePrefix); cannam@135: // Given a prefix of a serialized message, try to determine the expected total size of the message, cannam@135: // in words. The returned size is based on the information known so far; it may be an underestimate cannam@135: // if the prefix doesn't contain the full segment table. cannam@135: // cannam@135: // If the returned value is greater than `messagePrefix.size()`, then the message is not yet cannam@135: // complete and the app cannot parse it yet. If the returned value is less than or equal to cannam@135: // `messagePrefix.size()`, then the returned value is the exact total size of the message; any cannam@135: // remaining bytes are part of the next message. cannam@135: // cannam@135: // This function is useful when reading messages from a stream in an asynchronous way, but when cannam@135: // using the full KJ async infrastructure would be too difficult. Each time bytes are received, cannam@135: // use this function to determine if an entire message is ready to be parsed. cannam@135: cannam@135: // ======================================================================================= cannam@135: cannam@135: class InputStreamMessageReader: public MessageReader { cannam@135: // A MessageReader that reads from an abstract kj::InputStream. See also StreamFdMessageReader cannam@135: // for a subclass specific to file descriptors. cannam@135: cannam@135: public: cannam@135: InputStreamMessageReader(kj::InputStream& inputStream, cannam@135: ReaderOptions options = ReaderOptions(), cannam@135: kj::ArrayPtr scratchSpace = nullptr); cannam@135: ~InputStreamMessageReader() noexcept(false); cannam@135: cannam@135: // implements MessageReader ---------------------------------------- cannam@135: kj::ArrayPtr getSegment(uint id) override; cannam@135: cannam@135: private: cannam@135: kj::InputStream& inputStream; cannam@135: byte* readPos; cannam@135: cannam@135: // Optimize for single-segment case. cannam@135: kj::ArrayPtr segment0; cannam@135: kj::Array> moreSegments; cannam@135: cannam@135: kj::Array ownedSpace; cannam@135: // Only if scratchSpace wasn't big enough. cannam@135: cannam@135: kj::UnwindDetector unwindDetector; cannam@135: }; cannam@135: cannam@135: void readMessageCopy(kj::InputStream& input, MessageBuilder& target, cannam@135: ReaderOptions options = ReaderOptions(), cannam@135: kj::ArrayPtr scratchSpace = nullptr); cannam@135: // Convenience function which reads a message using `InputStreamMessageReader` then copies the cannam@135: // content into the target `MessageBuilder`, verifying that the message structure is valid cannam@135: // (although not necessarily that it matches the desired schema). cannam@135: // cannam@135: // (Note that it's also possible to initialize a `MessageBuilder` directly without a copy using one cannam@135: // of `MessageBuilder`'s constructors. However, this approach skips the validation step and is not cannam@135: // safe to use on untrusted input. Therefore, we do not provide a convenience method for it.) cannam@135: cannam@135: void writeMessage(kj::OutputStream& output, MessageBuilder& builder); cannam@135: // Write the message to the given output stream. cannam@135: cannam@135: void writeMessage(kj::OutputStream& output, kj::ArrayPtr> segments); cannam@135: // Write the segment array to the given output stream. cannam@135: cannam@135: // ======================================================================================= cannam@135: // Specializations for reading from / writing to file descriptors. cannam@135: cannam@135: class StreamFdMessageReader: private kj::FdInputStream, public InputStreamMessageReader { cannam@135: // A MessageReader that reads from a steam-based file descriptor. cannam@135: cannam@135: public: cannam@135: StreamFdMessageReader(int fd, ReaderOptions options = ReaderOptions(), cannam@135: kj::ArrayPtr scratchSpace = nullptr) cannam@135: : FdInputStream(fd), InputStreamMessageReader(*this, options, scratchSpace) {} cannam@135: // Read message from a file descriptor, without taking ownership of the descriptor. cannam@135: cannam@135: StreamFdMessageReader(kj::AutoCloseFd fd, ReaderOptions options = ReaderOptions(), cannam@135: kj::ArrayPtr scratchSpace = nullptr) cannam@135: : FdInputStream(kj::mv(fd)), InputStreamMessageReader(*this, options, scratchSpace) {} cannam@135: // Read a message from a file descriptor, taking ownership of the descriptor. cannam@135: cannam@135: ~StreamFdMessageReader() noexcept(false); cannam@135: }; cannam@135: cannam@135: void readMessageCopyFromFd(int fd, MessageBuilder& target, cannam@135: ReaderOptions options = ReaderOptions(), cannam@135: kj::ArrayPtr scratchSpace = nullptr); cannam@135: // Convenience function which reads a message using `StreamFdMessageReader` then copies the cannam@135: // content into the target `MessageBuilder`, verifying that the message structure is valid cannam@135: // (although not necessarily that it matches the desired schema). cannam@135: // cannam@135: // (Note that it's also possible to initialize a `MessageBuilder` directly without a copy using one cannam@135: // of `MessageBuilder`'s constructors. However, this approach skips the validation step and is not cannam@135: // safe to use on untrusted input. Therefore, we do not provide a convenience method for it.) cannam@135: cannam@135: void writeMessageToFd(int fd, MessageBuilder& builder); cannam@135: // Write the message to the given file descriptor. cannam@135: // cannam@135: // This function throws an exception on any I/O error. If your code is not exception-safe, be sure cannam@135: // you catch this exception at the call site. If throwing an exception is not acceptable, you cannam@135: // can implement your own OutputStream with arbitrary error handling and then use writeMessage(). cannam@135: cannam@135: void writeMessageToFd(int fd, kj::ArrayPtr> segments); cannam@135: // Write the segment array to the given file descriptor. cannam@135: // cannam@135: // This function throws an exception on any I/O error. If your code is not exception-safe, be sure cannam@135: // you catch this exception at the call site. If throwing an exception is not acceptable, you cannam@135: // can implement your own OutputStream with arbitrary error handling and then use writeMessage(). cannam@135: cannam@135: // ======================================================================================= cannam@135: // inline stuff cannam@135: cannam@135: inline kj::Array messageToFlatArray(MessageBuilder& builder) { cannam@135: return messageToFlatArray(builder.getSegmentsForOutput()); cannam@135: } cannam@135: cannam@135: inline size_t computeSerializedSizeInWords(MessageBuilder& builder) { cannam@135: return computeSerializedSizeInWords(builder.getSegmentsForOutput()); cannam@135: } cannam@135: cannam@135: inline void writeMessage(kj::OutputStream& output, MessageBuilder& builder) { cannam@135: writeMessage(output, builder.getSegmentsForOutput()); cannam@135: } cannam@135: cannam@135: inline void writeMessageToFd(int fd, MessageBuilder& builder) { cannam@135: writeMessageToFd(fd, builder.getSegmentsForOutput()); cannam@135: } cannam@135: cannam@135: } // namespace capnp cannam@135: cannam@135: #endif // SERIALIZE_H_