1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
3 /* This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
8 * Implements a smart pointer asserted to remain within a range specified at
12 #ifndef mozilla_RangedPtr_h
13 #define mozilla_RangedPtr_h
15 #include "mozilla/ArrayUtils.h"
16 #include "mozilla/Assertions.h"
17 #include "mozilla/Attributes.h"
24 * RangedPtr is a smart pointer restricted to an address range specified at
25 * creation. The pointer (and any smart pointers derived from it) must remain
26 * within the range [start, end] (inclusive of end to facilitate use as
27 * sentinels). Dereferencing or indexing into the pointer (or pointers derived
28 * from it) must remain within the range [start, end). All the standard pointer
29 * operators are defined on it; in debug builds these operations assert that the
30 * range specified at construction is respected.
32 * In theory passing a smart pointer instance as an argument can be slightly
33 * slower than passing a T* (due to ABI requirements for passing structs versus
34 * passing pointers), if the method being called isn't inlined. If you are in
35 * extremely performance-critical code, you may want to be careful using this
36 * smart pointer as an argument type.
38 * RangedPtr<T> intentionally does not implicitly convert to T*. Use get() to
39 * explicitly convert to T*. Keep in mind that the raw pointer of course won't
40 * implement bounds checking in debug builds.
52 typedef void (RangedPtr::* ConvertibleToBool
)();
57 MOZ_ASSERT(mRangeStart
<= mPtr
);
58 MOZ_ASSERT(mPtr
<= mRangeEnd
);
61 /* Creates a new pointer for |aPtr|, restricted to this pointer's range. */
62 RangedPtr
<T
> create(T
* aPtr
) const
65 return RangedPtr
<T
>(aPtr
, mRangeStart
, mRangeEnd
);
67 return RangedPtr
<T
>(aPtr
, nullptr, size_t(0));
71 uintptr_t asUintptr() const { return reinterpret_cast<uintptr_t>(mPtr
); }
74 RangedPtr(T
* aPtr
, T
* aStart
, T
* aEnd
)
77 , mRangeStart(aStart
), mRangeEnd(aEnd
)
80 MOZ_ASSERT(mRangeStart
<= mRangeEnd
);
83 RangedPtr(T
* aPtr
, T
* aStart
, size_t aLength
)
86 , mRangeStart(aStart
), mRangeEnd(aStart
+ aLength
)
89 MOZ_ASSERT(aLength
<= size_t(-1) / sizeof(T
));
90 MOZ_ASSERT(reinterpret_cast<uintptr_t>(mRangeStart
) + aLength
* sizeof(T
) >=
91 reinterpret_cast<uintptr_t>(mRangeStart
));
95 /* Equivalent to RangedPtr(aPtr, aPtr, aLength). */
96 RangedPtr(T
* aPtr
, size_t aLength
)
99 , mRangeStart(aPtr
), mRangeEnd(aPtr
+ aLength
)
102 MOZ_ASSERT(aLength
<= size_t(-1) / sizeof(T
));
103 MOZ_ASSERT(reinterpret_cast<uintptr_t>(mRangeStart
) + aLength
* sizeof(T
) >=
104 reinterpret_cast<uintptr_t>(mRangeStart
));
108 /* Equivalent to RangedPtr(aArr, aArr, N). */
110 RangedPtr(T (&aArr
)[N
])
113 , mRangeStart(aArr
), mRangeEnd(aArr
+ N
)
119 T
* get() const { return mPtr
; }
121 operator ConvertibleToBool() const { return mPtr
? &RangedPtr::nonNull
: 0; }
124 * You can only assign one RangedPtr into another if the two pointers have
125 * the same valid range:
127 * char arr1[] = "hi";
128 * char arr2[] = "bye";
129 * RangedPtr<char> p1(arr1, 2);
130 * p1 = RangedPtr<char>(arr1 + 1, arr1, arr1 + 2); // works
131 * p1 = RangedPtr<char>(arr2, 3); // asserts
133 RangedPtr
<T
>& operator=(const RangedPtr
<T
>& aOther
)
135 MOZ_ASSERT(mRangeStart
== aOther
.mRangeStart
);
136 MOZ_ASSERT(mRangeEnd
== aOther
.mRangeEnd
);
142 RangedPtr
<T
> operator+(size_t aInc
)
144 MOZ_ASSERT(aInc
<= size_t(-1) / sizeof(T
));
145 MOZ_ASSERT(asUintptr() + aInc
* sizeof(T
) >= asUintptr());
146 return create(mPtr
+ aInc
);
149 RangedPtr
<T
> operator-(size_t aDec
)
151 MOZ_ASSERT(aDec
<= size_t(-1) / sizeof(T
));
152 MOZ_ASSERT(asUintptr() - aDec
* sizeof(T
) <= asUintptr());
153 return create(mPtr
- aDec
);
157 * You can assign a raw pointer into a RangedPtr if the raw pointer is
158 * within the range specified at creation.
160 template <typename U
>
161 RangedPtr
<T
>& operator=(U
* aPtr
)
163 *this = create(aPtr
);
167 template <typename U
>
168 RangedPtr
<T
>& operator=(const RangedPtr
<U
>& aPtr
)
170 MOZ_ASSERT(mRangeStart
<= aPtr
.mPtr
);
171 MOZ_ASSERT(aPtr
.mPtr
<= mRangeEnd
);
177 RangedPtr
<T
>& operator++()
182 RangedPtr
<T
> operator++(int)
184 RangedPtr
<T
> rcp
= *this;
189 RangedPtr
<T
>& operator--()
194 RangedPtr
<T
> operator--(int)
196 RangedPtr
<T
> rcp
= *this;
201 RangedPtr
<T
>& operator+=(size_t aInc
)
203 *this = *this + aInc
;
207 RangedPtr
<T
>& operator-=(size_t aDec
)
209 *this = *this - aDec
;
213 T
& operator[](int aIndex
) const
215 MOZ_ASSERT(size_t(aIndex
> 0 ? aIndex
: -aIndex
) <= size_t(-1) / sizeof(T
));
216 return *create(mPtr
+ aIndex
);
221 MOZ_ASSERT(mPtr
>= mRangeStart
);
222 MOZ_ASSERT(mPtr
< mRangeEnd
);
226 template <typename U
>
227 bool operator==(const RangedPtr
<U
>& aOther
) const
229 return mPtr
== aOther
.mPtr
;
231 template <typename U
>
232 bool operator!=(const RangedPtr
<U
>& aOther
) const
234 return !(*this == aOther
);
238 bool operator==(const U
* u
) const
243 bool operator!=(const U
* u
) const
245 return !(*this == u
);
248 template <typename U
>
249 bool operator<(const RangedPtr
<U
>& aOther
) const
251 return mPtr
< aOther
.mPtr
;
253 template <typename U
>
254 bool operator<=(const RangedPtr
<U
>& aOther
) const
256 return mPtr
<= aOther
.mPtr
;
259 template <typename U
>
260 bool operator>(const RangedPtr
<U
>& aOther
) const
262 return mPtr
> aOther
.mPtr
;
264 template <typename U
>
265 bool operator>=(const RangedPtr
<U
>& aOther
) const
267 return mPtr
>= aOther
.mPtr
;
270 size_t operator-(const RangedPtr
<T
>& aOther
) const
272 MOZ_ASSERT(mPtr
>= aOther
.mPtr
);
273 return PointerRangeSize(aOther
.mPtr
, mPtr
);
277 RangedPtr() = delete;
278 T
* operator&() = delete;
281 } /* namespace mozilla */
283 #endif /* mozilla_RangedPtr_h */