Convert WriteData...() to use the new user pointer handling (see r285350).

mojo/system/local_data_pipe.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 // TODO(vtl): I currently potentially overflow in doing index calculations.
 // E.g., |start_index_| and |current_num_bytes_| fit into a |uint32_t|, but
 // their sum may not. This is bad and poses a security risk. (We're currently
 // saved by the limit on capacity -- the maximum size of the buffer, checked in
 // |DataPipe::ValidateOptions()|, is currently sufficiently small.)
 
@@ skipping 26 matching lines @@
   // could do this -- requiring a check on every read -- but that seems to be
   // optimizing for the uncommon case.)
   if (!consumer_open_no_lock() || !current_num_bytes_) {
     // Note: There can only be a two-phase *read* (by the consumer) if we still
     // have data.
     DCHECK(!consumer_in_two_phase_read_no_lock());
     DestroyBufferNoLock();
   }
 }
 
-MojoResult LocalDataPipe::ProducerWriteDataImplNoLock(const void* elements,
-                                                      uint32_t* num_bytes,
-                                                      bool all_or_none) {
-  DCHECK_EQ(*num_bytes % element_num_bytes(), 0u);
-  DCHECK_GT(*num_bytes, 0u);
+MojoResult LocalDataPipe::ProducerWriteDataImplNoLock(
+    UserPointer<const void> elements,
+    UserPointer<uint32_t> num_bytes,
+    uint32_t max_num_bytes_to_write,
+    uint32_t min_num_bytes_to_write) {
+  DCHECK_EQ(max_num_bytes_to_write % element_num_bytes(), 0u);
+  DCHECK_EQ(min_num_bytes_to_write % element_num_bytes(), 0u);
+  DCHECK_GT(max_num_bytes_to_write, 0u);
   DCHECK(consumer_open_no_lock());
 
   size_t num_bytes_to_write = 0;
   if (may_discard()) {
-    if (all_or_none && *num_bytes > capacity_num_bytes())
+    if (min_num_bytes_to_write > capacity_num_bytes())
       return MOJO_RESULT_OUT_OF_RANGE;
 
-    num_bytes_to_write = std::min(static_cast<size_t>(*num_bytes),
+    num_bytes_to_write = std::min(static_cast<size_t>(max_num_bytes_to_write),
                                   capacity_num_bytes());
     if (num_bytes_to_write > capacity_num_bytes() - current_num_bytes_) {
       // Discard as much as needed (discard oldest first).
       MarkDataAsConsumedNoLock(
           num_bytes_to_write - (capacity_num_bytes() - current_num_bytes_));
       // No need to wake up write waiters, since we're definitely going to leave
       // the buffer full.
     }
   } else {
-    if (all_or_none && *num_bytes > capacity_num_bytes() - current_num_bytes_) {
+    if (min_num_bytes_to_write > capacity_num_bytes() - current_num_bytes_) {
       // Don't return "should wait" since you can't wait for a specified amount
       // of data.
       return MOJO_RESULT_OUT_OF_RANGE;
     }
 
-    num_bytes_to_write = std::min(static_cast<size_t>(*num_bytes),
+    num_bytes_to_write = std::min(static_cast<size_t>(max_num_bytes_to_write),
                                   capacity_num_bytes() - current_num_bytes_);
   }
   if (num_bytes_to_write == 0)
     return MOJO_RESULT_SHOULD_WAIT;
 
   // The amount we can write in our first |memcpy()|.
   size_t num_bytes_to_write_first =
       std::min(num_bytes_to_write, GetMaxNumBytesToWriteNoLock());
   // Do the first (and possibly only) |memcpy()|.
   size_t first_write_index =
       (start_index_ + current_num_bytes_) % capacity_num_bytes();
   EnsureBufferNoLock();
-  memcpy(buffer_.get() + first_write_index, elements, num_bytes_to_write_first);
+  elements.GetArray(buffer_.get() + first_write_index,
+                    num_bytes_to_write_first);
 
   if (num_bytes_to_write_first < num_bytes_to_write) {
     // The "second write index" is zero.
-    memcpy(buffer_.get(),
-           static_cast<const char*>(elements) + num_bytes_to_write_first,
-           num_bytes_to_write - num_bytes_to_write_first);
+    elements.At(num_bytes_to_write_first).GetArray(
+        buffer_.get(), num_bytes_to_write - num_bytes_to_write_first);
   }
 
   current_num_bytes_ += num_bytes_to_write;
   DCHECK_LE(current_num_bytes_, capacity_num_bytes());
-  *num_bytes = static_cast<uint32_t>(num_bytes_to_write);
+  num_bytes.Put(static_cast<uint32_t>(num_bytes_to_write));
   return MOJO_RESULT_OK;
 }
 
 MojoResult LocalDataPipe::ProducerBeginWriteDataImplNoLock(
     UserPointer<void*> buffer,
     UserPointer<uint32_t> buffer_num_bytes,
     uint32_t min_num_bytes_to_write) {
   DCHECK(consumer_open_no_lock());
 
   // The index we need to start writing at.
@@ skipping 220 matching lines @@
 
 void LocalDataPipe::MarkDataAsConsumedNoLock(size_t num_bytes) {
   DCHECK_LE(num_bytes, current_num_bytes_);
   start_index_ += num_bytes;
   start_index_ %= capacity_num_bytes();
   current_num_bytes_ -= num_bytes;
 }
 
 }  // namespace system
 }  // namespace mojo