1// Copyright 2014 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5// This file contains macros and macro-like constructs (e.g., templates) that
6// are commonly used throughout Chromium source. (It may also contain things
7// that are closely related to things that are commonly used that belong in this
8// file.)
9
10#ifndef BASE_MACROS_H_
11#define BASE_MACROS_H_
12
13#include <stddef.h>  // For size_t.
14#include <string.h>  // For memcpy.
15
16#include "base/compiler_specific.h"  // For ALLOW_UNUSED.
17
18// Put this in the private: declarations for a class to be uncopyable.
19#define DISALLOW_COPY(TypeName) \
20  TypeName(const TypeName&)
21
22// Put this in the private: declarations for a class to be unassignable.
23#define DISALLOW_ASSIGN(TypeName) \
24  void operator=(const TypeName&)
25
26// A macro to disallow the copy constructor and operator= functions
27// This should be used in the private: declarations for a class
28#define DISALLOW_COPY_AND_ASSIGN(TypeName) \
29  TypeName(const TypeName&);               \
30  void operator=(const TypeName&)
31
32// An older, deprecated, politically incorrect name for the above.
33// NOTE: The usage of this macro was banned from our code base, but some
34// third_party libraries are yet using it.
35// TODO(tfarina): Figure out how to fix the usage of this macro in the
36// third_party libraries and get rid of it.
37#define DISALLOW_EVIL_CONSTRUCTORS(TypeName) DISALLOW_COPY_AND_ASSIGN(TypeName)
38
39// A macro to disallow all the implicit constructors, namely the
40// default constructor, copy constructor and operator= functions.
41//
42// This should be used in the private: declarations for a class
43// that wants to prevent anyone from instantiating it. This is
44// especially useful for classes containing only static methods.
45#define DISALLOW_IMPLICIT_CONSTRUCTORS(TypeName) \
46  TypeName();                                    \
47  DISALLOW_COPY_AND_ASSIGN(TypeName)
48
49// The arraysize(arr) macro returns the # of elements in an array arr.
50// The expression is a compile-time constant, and therefore can be
51// used in defining new arrays, for example.  If you use arraysize on
52// a pointer by mistake, you will get a compile-time error.
53//
54// One caveat is that arraysize() doesn't accept any array of an
55// anonymous type or a type defined inside a function.  In these rare
56// cases, you have to use the unsafe ARRAYSIZE_UNSAFE() macro below.  This is
57// due to a limitation in C++'s template system.  The limitation might
58// eventually be removed, but it hasn't happened yet.
59
60// This template function declaration is used in defining arraysize.
61// Note that the function doesn't need an implementation, as we only
62// use its type.
63template <typename T, size_t N>
64char (&ArraySizeHelper(T (&array)[N]))[N];
65
66// That gcc wants both of these prototypes seems mysterious. VC, for
67// its part, can't decide which to use (another mystery). Matching of
68// template overloads: the final frontier.
69#ifndef _MSC_VER
70template <typename T, size_t N>
71char (&ArraySizeHelper(const T (&array)[N]))[N];
72#endif
73
74#define arraysize(array) (sizeof(ArraySizeHelper(array)))
75
76// ARRAYSIZE_UNSAFE performs essentially the same calculation as arraysize,
77// but can be used on anonymous types or types defined inside
78// functions.  It's less safe than arraysize as it accepts some
79// (although not all) pointers.  Therefore, you should use arraysize
80// whenever possible.
81//
82// The expression ARRAYSIZE_UNSAFE(a) is a compile-time constant of type
83// size_t.
84//
85// ARRAYSIZE_UNSAFE catches a few type errors.  If you see a compiler error
86//
87//   "warning: division by zero in ..."
88//
89// when using ARRAYSIZE_UNSAFE, you are (wrongfully) giving it a pointer.
90// You should only use ARRAYSIZE_UNSAFE on statically allocated arrays.
91//
92// The following comments are on the implementation details, and can
93// be ignored by the users.
94//
95// ARRAYSIZE_UNSAFE(arr) works by inspecting sizeof(arr) (the # of bytes in
96// the array) and sizeof(*(arr)) (the # of bytes in one array
97// element).  If the former is divisible by the latter, perhaps arr is
98// indeed an array, in which case the division result is the # of
99// elements in the array.  Otherwise, arr cannot possibly be an array,
100// and we generate a compiler error to prevent the code from
101// compiling.
102//
103// Since the size of bool is implementation-defined, we need to cast
104// !(sizeof(a) & sizeof(*(a))) to size_t in order to ensure the final
105// result has type size_t.
106//
107// This macro is not perfect as it wrongfully accepts certain
108// pointers, namely where the pointer size is divisible by the pointee
109// size.  Since all our code has to go through a 32-bit compiler,
110// where a pointer is 4 bytes, this means all pointers to a type whose
111// size is 3 or greater than 4 will be (righteously) rejected.
112
113#define ARRAYSIZE_UNSAFE(a) \
114  ((sizeof(a) / sizeof(*(a))) / \
115   static_cast<size_t>(!(sizeof(a) % sizeof(*(a)))))
116
117
118// Use implicit_cast as a safe version of static_cast or const_cast
119// for upcasting in the type hierarchy (i.e. casting a pointer to Foo
120// to a pointer to SuperclassOfFoo or casting a pointer to Foo to
121// a const pointer to Foo).
122// When you use implicit_cast, the compiler checks that the cast is safe.
123// Such explicit implicit_casts are necessary in surprisingly many
124// situations where C++ demands an exact type match instead of an
125// argument type convertible to a target type.
126//
127// The From type can be inferred, so the preferred syntax for using
128// implicit_cast is the same as for static_cast etc.:
129//
130//   implicit_cast<ToType>(expr)
131//
132// implicit_cast would have been part of the C++ standard library,
133// but the proposal was submitted too late.  It will probably make
134// its way into the language in the future.
135template<typename To, typename From>
136inline To implicit_cast(From const &f) {
137  return f;
138}
139
140// The COMPILE_ASSERT macro can be used to verify that a compile time
141// expression is true. For example, you could use it to verify the
142// size of a static array:
143//
144//   COMPILE_ASSERT(ARRAYSIZE_UNSAFE(content_type_names) == CONTENT_NUM_TYPES,
145//                  content_type_names_incorrect_size);
146//
147// or to make sure a struct is smaller than a certain size:
148//
149//   COMPILE_ASSERT(sizeof(foo) < 128, foo_too_large);
150//
151// The second argument to the macro is the name of the variable. If
152// the expression is false, most compilers will issue a warning/error
153// containing the name of the variable.
154
155#undef COMPILE_ASSERT
156#define COMPILE_ASSERT(expr, msg) static_assert(expr, #msg)
157
158// bit_cast<Dest,Source> is a template function that implements the
159// equivalent of "*reinterpret_cast<Dest*>(&source)".  We need this in
160// very low-level functions like the protobuf library and fast math
161// support.
162//
163//   float f = 3.14159265358979;
164//   int i = bit_cast<int32>(f);
165//   // i = 0x40490fdb
166//
167// The classical address-casting method is:
168//
169//   // WRONG
170//   float f = 3.14159265358979;            // WRONG
171//   int i = * reinterpret_cast<int*>(&f);  // WRONG
172//
173// The address-casting method actually produces undefined behavior
174// according to ISO C++ specification section 3.10 -15 -.  Roughly, this
175// section says: if an object in memory has one type, and a program
176// accesses it with a different type, then the result is undefined
177// behavior for most values of "different type".
178//
179// This is true for any cast syntax, either *(int*)&f or
180// *reinterpret_cast<int*>(&f).  And it is particularly true for
181// conversions between integral lvalues and floating-point lvalues.
182//
183// The purpose of 3.10 -15- is to allow optimizing compilers to assume
184// that expressions with different types refer to different memory.  gcc
185// 4.0.1 has an optimizer that takes advantage of this.  So a
186// non-conforming program quietly produces wildly incorrect output.
187//
188// The problem is not the use of reinterpret_cast.  The problem is type
189// punning: holding an object in memory of one type and reading its bits
190// back using a different type.
191//
192// The C++ standard is more subtle and complex than this, but that
193// is the basic idea.
194//
195// Anyways ...
196//
197// bit_cast<> calls memcpy() which is blessed by the standard,
198// especially by the example in section 3.9 .  Also, of course,
199// bit_cast<> wraps up the nasty logic in one place.
200//
201// Fortunately memcpy() is very fast.  In optimized mode, with a
202// constant size, gcc 2.95.3, gcc 4.0.1, and msvc 7.1 produce inline
203// code with the minimal amount of data movement.  On a 32-bit system,
204// memcpy(d,s,4) compiles to one load and one store, and memcpy(d,s,8)
205// compiles to two loads and two stores.
206//
207// I tested this code with gcc 2.95.3, gcc 4.0.1, icc 8.1, and msvc 7.1.
208//
209// WARNING: if Dest or Source is a non-POD type, the result of the memcpy
210// is likely to surprise you.
211
212template <class Dest, class Source>
213inline Dest bit_cast(const Source& source) {
214  COMPILE_ASSERT(sizeof(Dest) == sizeof(Source), VerifySizesAreEqual);
215
216  Dest dest;
217  memcpy(&dest, &source, sizeof(dest));
218  return dest;
219}
220
221// Used to explicitly mark the return value of a function as unused. If you are
222// really sure you don't want to do anything with the return value of a function
223// that has been marked WARN_UNUSED_RESULT, wrap it with this. Example:
224//
225//   scoped_ptr<MyType> my_var = ...;
226//   if (TakeOwnership(my_var.get()) == SUCCESS)
227//     ignore_result(my_var.release());
228//
229template<typename T>
230inline void ignore_result(const T&) {
231}
232
233// The following enum should be used only as a constructor argument to indicate
234// that the variable has static storage class, and that the constructor should
235// do nothing to its state.  It indicates to the reader that it is legal to
236// declare a static instance of the class, provided the constructor is given
237// the base::LINKER_INITIALIZED argument.  Normally, it is unsafe to declare a
238// static variable that has a constructor or a destructor because invocation
239// order is undefined.  However, IF the type can be initialized by filling with
240// zeroes (which the loader does for static variables), AND the destructor also
241// does nothing to the storage, AND there are no virtual methods, then a
242// constructor declared as
243//       explicit MyClass(base::LinkerInitialized x) {}
244// and invoked as
245//       static MyClass my_variable_name(base::LINKER_INITIALIZED);
246namespace base {
247enum LinkerInitialized { LINKER_INITIALIZED };
248
249// Use these to declare and define a static local variable (static T;) so that
250// it is leaked so that its destructors are not called at exit. If you need
251// thread-safe initialization, use base/lazy_instance.h instead.
252#define CR_DEFINE_STATIC_LOCAL(type, name, arguments) \
253  static type& name = *new type arguments
254
255}  // base
256
257#endif  // BASE_MACROS_H_
258