summaryrefslogtreecommitdiffstats
path: root/mfbt/Casting.h
diff options
context:
space:
mode:
Diffstat (limited to 'mfbt/Casting.h')
-rw-r--r--mfbt/Casting.h224
1 files changed, 224 insertions, 0 deletions
diff --git a/mfbt/Casting.h b/mfbt/Casting.h
new file mode 100644
index 0000000000..bd8b03f92e
--- /dev/null
+++ b/mfbt/Casting.h
@@ -0,0 +1,224 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* Cast operations to supplement the built-in casting operations. */
+
+#ifndef mozilla_Casting_h
+#define mozilla_Casting_h
+
+#include "mozilla/Assertions.h"
+
+#include <cstring>
+#include <limits.h>
+#include <type_traits>
+
+namespace mozilla {
+
+/**
+ * Sets the outparam value of type |To| with the same underlying bit pattern of
+ * |aFrom|.
+ *
+ * |To| and |From| must be types of the same size; be careful of cross-platform
+ * size differences, or this might fail to compile on some but not all
+ * platforms.
+ *
+ * There is also a variant that returns the value directly. In most cases, the
+ * two variants should be identical. However, in the specific case of x86
+ * chips, the behavior differs: returning floating-point values directly is done
+ * through the x87 stack, and x87 loads and stores turn signaling NaNs into
+ * quiet NaNs... silently. Returning floating-point values via outparam,
+ * however, is done entirely within the SSE registers when SSE2 floating-point
+ * is enabled in the compiler, which has semantics-preserving behavior you would
+ * expect.
+ *
+ * If preserving the distinction between signaling NaNs and quiet NaNs is
+ * important to you, you should use the outparam version. In all other cases,
+ * you should use the direct return version.
+ */
+template <typename To, typename From>
+inline void BitwiseCast(const From aFrom, To* aResult) {
+ static_assert(sizeof(From) == sizeof(To),
+ "To and From must have the same size");
+
+ // We could maybe downgrade these to std::is_trivially_copyable, but the
+ // various STLs we use don't all provide it.
+ static_assert(std::is_trivial<From>::value,
+ "shouldn't bitwise-copy a type having non-trivial "
+ "initialization");
+ static_assert(std::is_trivial<To>::value,
+ "shouldn't bitwise-copy a type having non-trivial "
+ "initialization");
+
+ std::memcpy(static_cast<void*>(aResult), static_cast<const void*>(&aFrom),
+ sizeof(From));
+}
+
+template <typename To, typename From>
+inline To BitwiseCast(const From aFrom) {
+ To temp;
+ BitwiseCast<To, From>(aFrom, &temp);
+ return temp;
+}
+
+namespace detail {
+
+enum ToSignedness { ToIsSigned, ToIsUnsigned };
+enum FromSignedness { FromIsSigned, FromIsUnsigned };
+
+template <typename From, typename To,
+ FromSignedness =
+ std::is_signed_v<From> ? FromIsSigned : FromIsUnsigned,
+ ToSignedness = std::is_signed_v<To> ? ToIsSigned : ToIsUnsigned>
+struct BoundsCheckImpl;
+
+// Implicit conversions on operands to binary operations make this all a bit
+// hard to verify. Attempt to ease the pain below by *only* comparing values
+// that are obviously the same type (and will undergo no further conversions),
+// even when it's not strictly necessary, for explicitness.
+
+enum UUComparison { FromIsBigger, FromIsNotBigger };
+
+// Unsigned-to-unsigned range check
+
+template <typename From, typename To,
+ UUComparison =
+ (sizeof(From) > sizeof(To)) ? FromIsBigger : FromIsNotBigger>
+struct UnsignedUnsignedCheck;
+
+template <typename From, typename To>
+struct UnsignedUnsignedCheck<From, To, FromIsBigger> {
+ public:
+ static bool checkBounds(const From aFrom) { return aFrom <= From(To(-1)); }
+};
+
+template <typename From, typename To>
+struct UnsignedUnsignedCheck<From, To, FromIsNotBigger> {
+ public:
+ static bool checkBounds(const From aFrom) { return true; }
+};
+
+template <typename From, typename To>
+struct BoundsCheckImpl<From, To, FromIsUnsigned, ToIsUnsigned> {
+ public:
+ static bool checkBounds(const From aFrom) {
+ return UnsignedUnsignedCheck<From, To>::checkBounds(aFrom);
+ }
+};
+
+// Signed-to-unsigned range check
+
+template <typename From, typename To>
+struct BoundsCheckImpl<From, To, FromIsSigned, ToIsUnsigned> {
+ public:
+ static bool checkBounds(const From aFrom) {
+ if (aFrom < 0) {
+ return false;
+ }
+ if (sizeof(To) >= sizeof(From)) {
+ return true;
+ }
+ return aFrom <= From(To(-1));
+ }
+};
+
+// Unsigned-to-signed range check
+
+enum USComparison { FromIsSmaller, FromIsNotSmaller };
+
+template <typename From, typename To,
+ USComparison =
+ (sizeof(From) < sizeof(To)) ? FromIsSmaller : FromIsNotSmaller>
+struct UnsignedSignedCheck;
+
+template <typename From, typename To>
+struct UnsignedSignedCheck<From, To, FromIsSmaller> {
+ public:
+ static bool checkBounds(const From aFrom) { return true; }
+};
+
+template <typename From, typename To>
+struct UnsignedSignedCheck<From, To, FromIsNotSmaller> {
+ public:
+ static bool checkBounds(const From aFrom) {
+ const To MaxValue = To((1ULL << (CHAR_BIT * sizeof(To) - 1)) - 1);
+ return aFrom <= From(MaxValue);
+ }
+};
+
+template <typename From, typename To>
+struct BoundsCheckImpl<From, To, FromIsUnsigned, ToIsSigned> {
+ public:
+ static bool checkBounds(const From aFrom) {
+ return UnsignedSignedCheck<From, To>::checkBounds(aFrom);
+ }
+};
+
+// Signed-to-signed range check
+
+template <typename From, typename To>
+struct BoundsCheckImpl<From, To, FromIsSigned, ToIsSigned> {
+ public:
+ static bool checkBounds(const From aFrom) {
+ if (sizeof(From) <= sizeof(To)) {
+ return true;
+ }
+ const To MaxValue = To((1ULL << (CHAR_BIT * sizeof(To) - 1)) - 1);
+ const To MinValue = -MaxValue - To(1);
+ return From(MinValue) <= aFrom && From(aFrom) <= From(MaxValue);
+ }
+};
+
+template <typename From, typename To,
+ bool TypesAreIntegral =
+ std::is_integral_v<From>&& std::is_integral_v<To>>
+class BoundsChecker;
+
+template <typename From>
+class BoundsChecker<From, From, true> {
+ public:
+ static bool checkBounds(const From aFrom) { return true; }
+};
+
+template <typename From, typename To>
+class BoundsChecker<From, To, true> {
+ public:
+ static bool checkBounds(const From aFrom) {
+ return BoundsCheckImpl<From, To>::checkBounds(aFrom);
+ }
+};
+
+template <typename From, typename To>
+inline bool IsInBounds(const From aFrom) {
+ return BoundsChecker<From, To>::checkBounds(aFrom);
+}
+
+} // namespace detail
+
+/**
+ * Cast a value of integral type |From| to a value of integral type |To|,
+ * asserting that the cast will be a safe cast per C++ (that is, that |to| is in
+ * the range of values permitted for the type |From|).
+ */
+template <typename To, typename From>
+inline To AssertedCast(const From aFrom) {
+ MOZ_ASSERT((detail::IsInBounds<From, To>(aFrom)));
+ return static_cast<To>(aFrom);
+}
+
+/**
+ * Cast a value of integral type |From| to a value of integral type |To|,
+ * release asserting that the cast will be a safe cast per C++ (that is, that
+ * |to| is in the range of values permitted for the type |From|).
+ */
+template <typename To, typename From>
+inline To ReleaseAssertedCast(const From aFrom) {
+ MOZ_RELEASE_ASSERT((detail::IsInBounds<From, To>(aFrom)));
+ return static_cast<To>(aFrom);
+}
+
+} // namespace mozilla
+
+#endif /* mozilla_Casting_h */