llvm-project/llvm/docs/CodingStandards.rst

1696 lines
62 KiB
ReStructuredText

=====================
LLVM Coding Standards
=====================
.. contents::
:local:
Introduction
============
This document describes coding standards that are used in the LLVM project.
Although no coding standards should be regarded as absolute requirements to be
followed in all instances, coding standards are
particularly important for large-scale code bases that follow a library-based
design (like LLVM).
While this document may provide guidance for some mechanical formatting issues,
whitespace, or other "microscopic details", these are not fixed standards.
Always follow the golden rule:
.. _Golden Rule:
**If you are extending, enhancing, or bug fixing already implemented code,
use the style that is already being used so that the source is uniform and
easy to follow.**
Note that some code bases (e.g. ``libc++``) have special reasons to deviate
from the coding standards. For example, in the case of ``libc++``, this is
because the naming and other conventions are dictated by the C++ standard.
There are some conventions that are not uniformly followed in the code base
(e.g. the naming convention). This is because they are relatively new, and a
lot of code was written before they were put in place. Our long term goal is
for the entire codebase to follow the convention, but we explicitly *do not*
want patches that do large-scale reformatting of existing code. On the other
hand, it is reasonable to rename the methods of a class if you're about to
change it in some other way. Please commit such changes separately to
make code review easier.
The ultimate goal of these guidelines is to increase the readability and
maintainability of our common source base.
Languages, Libraries, and Standards
===================================
Most source code in LLVM and other LLVM projects using these coding standards
is C++ code. There are some places where C code is used either due to
environment restrictions, historical restrictions, or due to third-party source
code imported into the tree. Generally, our preference is for standards
conforming, modern, and portable C++ code as the implementation language of
choice.
C++ Standard Versions
---------------------
Unless otherwise documented, LLVM subprojects are written using standard C++14
code and avoid unnecessary vendor-specific extensions.
Nevertheless, we restrict ourselves to features which are available in the
major toolchains supported as host compilers (see :doc:`GettingStarted` page,
section `Software`).
Each toolchain provides a good reference for what it accepts:
* Clang: https://clang.llvm.org/cxx_status.html
* GCC: https://gcc.gnu.org/projects/cxx-status.html#cxx14
* MSVC: https://msdn.microsoft.com/en-us/library/hh567368.aspx
C++ Standard Library
--------------------
Instead of implementing custom data structures, we encourage the use of C++
standard library facilities or LLVM support libraries whenever they are
available for a particular task. LLVM and related projects emphasize and rely
on the standard library facilities and the LLVM support libraries as much as
possible.
LLVM support libraries (for example, `ADT
<https://github.com/llvm/llvm-project/tree/master/llvm/include/llvm/ADT>`_)
implement specialized data structures or functionality missing in the standard
library. Such libraries are usually implemented in the ``llvm`` namespace and
follow the expected standard interface, when there is one.
When both C++ and the LLVM support libraries provide similar functionality, and
there isn't a specific reason to favor the C++ implementation, it is generally
preferable to use the LLVM library. For example, ``llvm::DenseMap`` should
almost always be used instead of ``std::map`` or ``std::unordered_map``, and
``llvm::SmallVector`` should usually be used instead of ``std::vector``.
We explicitly avoid some standard facilities, like the I/O streams, and instead
use LLVM's streams library (raw_ostream_). More detailed information on these
subjects is available in the :doc:`ProgrammersManual`.
For more information about LLVM's data structures and the tradeoffs they make,
please consult [that section of the programmer's
manual](https://llvm.org/docs/ProgrammersManual.html#picking-the-right-data-structure-for-a-task).
Guidelines for Go code
----------------------
Any code written in the Go programming language is not subject to the
formatting rules below. Instead, we adopt the formatting rules enforced by
the `gofmt`_ tool.
Go code should strive to be idiomatic. Two good sets of guidelines for what
this means are `Effective Go`_ and `Go Code Review Comments`_.
.. _gofmt:
https://golang.org/cmd/gofmt/
.. _Effective Go:
https://golang.org/doc/effective_go.html
.. _Go Code Review Comments:
https://github.com/golang/go/wiki/CodeReviewComments
Mechanical Source Issues
========================
Source Code Formatting
----------------------
Commenting
^^^^^^^^^^
Comments are important for readability and maintainability. When writing comments,
write them as English prose, using proper capitalization, punctuation, etc.
Aim to describe what the code is trying to do and why, not *how* it does it at
a micro level. Here are a few important things to document:
.. _header file comment:
File Headers
""""""""""""
Every source file should have a header on it that describes the basic purpose of
the file. The standard header looks like this:
.. code-block:: c++
//===-- llvm/Instruction.h - Instruction class definition -------*- C++ -*-===//
//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//
//===----------------------------------------------------------------------===//
///
/// \file
/// This file contains the declaration of the Instruction class, which is the
/// base class for all of the VM instructions.
///
//===----------------------------------------------------------------------===//
A few things to note about this particular format: The "``-*- C++ -*-``" string
on the first line is there to tell Emacs that the source file is a C++ file, not
a C file (Emacs assumes ``.h`` files are C files by default).
.. note::
This tag is not necessary in ``.cpp`` files. The name of the file is also
on the first line, along with a very short description of the purpose of the
file.
The next section in the file is a concise note that defines the license that the
file is released under. This makes it perfectly clear what terms the source
code can be distributed under and should not be modified in any way.
The main body is a `Doxygen <http://www.doxygen.nl/>`_ comment (identified by
the ``///`` comment marker instead of the usual ``//``) describing the purpose
of the file. The first sentence (or a passage beginning with ``\brief``) is
used as an abstract. Any additional information should be separated by a blank
line. If an algorithm is based on a paper or is described in another source,
provide a reference.
Header Guard
""""""""""""
The header file's guard should be the all-caps path that a user of this header
would #include, using '_' instead of path separator and extension marker.
For example, the header file
``llvm/include/llvm/Analysis/Utils/Local.h`` would be ``#include``-ed as
``#include "llvm/Analysis/Utils/Local.h"``, so its guard is
``LLVM_ANALYSIS_UTILS_LOCAL_H``.
Class overviews
"""""""""""""""
Classes are a fundamental part of an object-oriented design. As such, a
class definition should have a comment block that explains what the class is
used for and how it works. Every non-trivial class is expected to have a
``doxygen`` comment block.
Method information
""""""""""""""""""
Methods and global functions should also be documented. A quick note about
what it does and a description of the edge cases is all that is necessary here.
The reader should be able to understand how to use interfaces without reading
the code itself.
Good things to talk about here are what happens when something unexpected
happens, for instance, does the method return null?
Comment Formatting
^^^^^^^^^^^^^^^^^^
In general, prefer C++-style comments (``//`` for normal comments, ``///`` for
``doxygen`` documentation comments). There are a few cases when it is
useful to use C-style (``/* */``) comments however:
#. When writing C code to be compatible with C89.
#. When writing a header file that may be ``#include``\d by a C source file.
#. When writing a source file that is used by a tool that only accepts C-style
comments.
#. When documenting the significance of constants used as actual parameters in
a call. This is most helpful for ``bool`` parameters, or passing ``0`` or
``nullptr``. The comment should contain the parameter name, which ought to be
meaningful. For example, it's not clear what the parameter means in this call:
.. code-block:: c++
Object.emitName(nullptr);
An in-line C-style comment makes the intent obvious:
.. code-block:: c++
Object.emitName(/*Prefix=*/nullptr);
Commenting out large blocks of code is discouraged, but if you really have to do
this (for documentation purposes or as a suggestion for debug printing), use
``#if 0`` and ``#endif``. These nest properly and are better behaved in general
than C style comments.
Doxygen Use in Documentation Comments
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Use the ``\file`` command to turn the standard file header into a file-level
comment.
Include descriptive paragraphs for all public interfaces (public classes,
member and non-member functions). Avoid restating the information that can
be inferred from the API name. The first sentence (or a paragraph beginning
with ``\brief``) is used as an abstract. Try to use a single sentence as the
``\brief`` adds visual clutter. Put detailed discussion into separate
paragraphs.
To refer to parameter names inside a paragraph, use the ``\p name`` command.
Don't use the ``\arg name`` command since it starts a new paragraph that
contains documentation for the parameter.
Wrap non-inline code examples in ``\code ... \endcode``.
To document a function parameter, start a new paragraph with the
``\param name`` command. If the parameter is used as an out or an in/out
parameter, use the ``\param [out] name`` or ``\param [in,out] name`` command,
respectively.
To describe function return value, start a new paragraph with the ``\returns``
command.
A minimal documentation comment:
.. code-block:: c++
/// Sets the xyzzy property to \p Baz.
void setXyzzy(bool Baz);
A documentation comment that uses all Doxygen features in a preferred way:
.. code-block:: c++
/// Does foo and bar.
///
/// Does not do foo the usual way if \p Baz is true.
///
/// Typical usage:
/// \code
/// fooBar(false, "quux", Res);
/// \endcode
///
/// \param Quux kind of foo to do.
/// \param [out] Result filled with bar sequence on foo success.
///
/// \returns true on success.
bool fooBar(bool Baz, StringRef Quux, std::vector<int> &Result);
Don't duplicate the documentation comment in the header file and in the
implementation file. Put the documentation comments for public APIs into the
header file. Documentation comments for private APIs can go to the
implementation file. In any case, implementation files can include additional
comments (not necessarily in Doxygen markup) to explain implementation details
as needed.
Don't duplicate function or class name at the beginning of the comment.
For humans it is obvious which function or class is being documented;
automatic documentation processing tools are smart enough to bind the comment
to the correct declaration.
Avoid:
.. code-block:: c++
// Example.h:
// example - Does something important.
void example();
// Example.cpp:
// example - Does something important.
void example() { ... }
Preferred:
.. code-block:: c++
// Example.h:
/// Does something important.
void example();
// Example.cpp:
/// Builds a B-tree in order to do foo. See paper by...
void example() { ... }
Error and Warning Messages
^^^^^^^^^^^^^^^^^^^^^^^^^^
Clear diagnostic messages are important to help users identify and fix issues in
their inputs. Use succinct but correct English prose that gives the user the
context needed to understand what went wrong. Also, to match error message
styles commonly produced by other tools, start the first sentence with a
lower-case letter, and finish the last sentence without a period, if it would
end in one otherwise. Sentences which end with different punctuation, such as
"did you forget ';'?", should still do so.
For example this is a good error message:
.. code-block:: none
error: file.o: section header 3 is corrupt. Size is 10 when it should be 20
This is a bad message, since it does not provide useful information and uses the
wrong style:
.. code-block:: none
error: file.o: Corrupt section header.
As with other coding standards, individual projects, such as the Clang Static
Analyzer, may have preexisting styles that do not conform to this. If a
different formatting scheme is used consistently throughout the project, use
that style instead. Otherwise, this standard applies to all LLVM tools,
including clang, clang-tidy, and so on.
If the tool or project does not have existing functions to emit warnings or
errors, use the error and warning handlers provided in ``Support/WithColor.h``
to ensure they are printed in the appropriate style, rather than printing to
stderr directly.
When using ``report_fatal_error``, follow the same standards for the message as
regular error messages. Assertion messages and ``llvm_unreachable`` calls do not
necessarily need to follow these same styles as they are automatically
formatted, and thus these guidelines may not be suitable.
``#include`` Style
^^^^^^^^^^^^^^^^^^
Immediately after the `header file comment`_ (and include guards if working on a
header file), the `minimal list of #includes`_ required by the file should be
listed. We prefer these ``#include``\s to be listed in this order:
.. _Main Module Header:
.. _Local/Private Headers:
#. Main Module Header
#. Local/Private Headers
#. LLVM project/subproject headers (``clang/...``, ``lldb/...``, ``llvm/...``, etc)
#. System ``#include``\s
and each category should be sorted lexicographically by the full path.
The `Main Module Header`_ file applies to ``.cpp`` files which implement an
interface defined by a ``.h`` file. This ``#include`` should always be included
**first** regardless of where it lives on the file system. By including a
header file first in the ``.cpp`` files that implement the interfaces, we ensure
that the header does not have any hidden dependencies which are not explicitly
``#include``\d in the header, but should be. It is also a form of documentation
in the ``.cpp`` file to indicate where the interfaces it implements are defined.
LLVM project and subproject headers should be grouped from most specific to least
specific, for the same reasons described above. For example, LLDB depends on
both clang and LLVM, and clang depends on LLVM. So an LLDB source file should
include ``lldb`` headers first, followed by ``clang`` headers, followed by
``llvm`` headers, to reduce the possibility (for example) of an LLDB header
accidentally picking up a missing include due to the previous inclusion of that
header in the main source file or some earlier header file. clang should
similarly include its own headers before including llvm headers. This rule
applies to all LLVM subprojects.
.. _fit into 80 columns:
Source Code Width
^^^^^^^^^^^^^^^^^
Write your code to fit within 80 columns.
There must be some limit to the width of the code in
order to allow developers to have multiple files side-by-side in
windows on a modest display. If you are going to pick a width limit, it is
somewhat arbitrary but you might as well pick something standard. Going with 90
columns (for example) instead of 80 columns wouldn't add any significant value
and would be detrimental to printing out code. Also many other projects have
standardized on 80 columns, so some people have already configured their editors
for it (vs something else, like 90 columns).
Whitespace
^^^^^^^^^^
In all cases, prefer spaces to tabs in source files. People have different
preferred indentation levels, and different styles of indentation that they
like; this is fine. What isn't fine is that different editors/viewers expand
tabs out to different tab stops. This can cause your code to look completely
unreadable, and it is not worth dealing with.
As always, follow the `Golden Rule`_ above: follow the style of existing code
if you are modifying and extending it.
Do not add trailing whitespace. Some common editors will automatically remove
trailing whitespace when saving a file which causes unrelated changes to appear
in diffs and commits.
Format Lambdas Like Blocks Of Code
""""""""""""""""""""""""""""""""""
When formatting a multi-line lambda, format it like a block of code. If there
is only one multi-line lambda in a statement, and there are no expressions
lexically after it in the statement, drop the indent to the standard two space
indent for a block of code, as if it were an if-block opened by the preceding
part of the statement:
.. code-block:: c++
std::sort(foo.begin(), foo.end(), [&](Foo a, Foo b) -> bool {
if (a.blah < b.blah)
return true;
if (a.baz < b.baz)
return true;
return a.bam < b.bam;
});
To take best advantage of this formatting, if you are designing an API which
accepts a continuation or single callable argument (be it a function object, or
a ``std::function``), it should be the last argument if at all possible.
If there are multiple multi-line lambdas in a statement, or additional
parameters after the lambda, indent the block two spaces from the indent of the
``[]``:
.. code-block:: c++
dyn_switch(V->stripPointerCasts(),
[] (PHINode *PN) {
// process phis...
},
[] (SelectInst *SI) {
// process selects...
},
[] (LoadInst *LI) {
// process loads...
},
[] (AllocaInst *AI) {
// process allocas...
});
Braced Initializer Lists
""""""""""""""""""""""""
Starting from C++11, there are significantly more uses of braced lists to
perform initialization. For example, they can be used to construct aggregate
temporaries in expressions. They now have a natural way of ending up nested
within each other and within function calls in order to build up aggregates
(such as option structs) from local variables.
The historically common formatting of braced initialization of aggregate
variables does not mix cleanly with deep nesting, general expression contexts,
function arguments, and lambdas. We suggest new code use a simple rule for
formatting braced initialization lists: act as-if the braces were parentheses
in a function call. The formatting rules exactly match those already well
understood for formatting nested function calls. Examples:
.. code-block:: c++
foo({a, b, c}, {1, 2, 3});
llvm::Constant *Mask[] = {
llvm::ConstantInt::get(llvm::Type::getInt32Ty(getLLVMContext()), 0),
llvm::ConstantInt::get(llvm::Type::getInt32Ty(getLLVMContext()), 1),
llvm::ConstantInt::get(llvm::Type::getInt32Ty(getLLVMContext()), 2)};
This formatting scheme also makes it particularly easy to get predictable,
consistent, and automatic formatting with tools like `Clang Format`_.
.. _Clang Format: https://clang.llvm.org/docs/ClangFormat.html
Language and Compiler Issues
----------------------------
Treat Compiler Warnings Like Errors
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Compiler warnings are often useful and help improve the code. Those that are
not useful, can be often suppressed with a small code change. For example, an
assignment in the ``if`` condition is often a typo:
.. code-block:: c++
if (V = getValue()) {
...
}
Several compilers will print a warning for the code above. It can be suppressed
by adding parentheses:
.. code-block:: c++
if ((V = getValue())) {
...
}
Write Portable Code
^^^^^^^^^^^^^^^^^^^
In almost all cases, it is possible to write completely portable code. When
you need to rely on non-portable code, put it behind a well-defined and
well-documented interface.
Do not use RTTI or Exceptions
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
In an effort to reduce code and executable size, LLVM does not use exceptions
or RTTI (`runtime type information
<https://en.wikipedia.org/wiki/Run-time_type_information>`_, for example,
``dynamic_cast<>``).
That said, LLVM does make extensive use of a hand-rolled form of RTTI that use
templates like :ref:`isa\<>, cast\<>, and dyn_cast\<> <isa>`.
This form of RTTI is opt-in and can be
:doc:`added to any class <HowToSetUpLLVMStyleRTTI>`.
.. _static constructor:
Do not use Static Constructors
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Static constructors and destructors (e.g., global variables whose types have a
constructor or destructor) should not be added to the code base, and should be
removed wherever possible.
Globals in different source files are initialized in `arbitrary order
<https://yosefk.com/c++fqa/ctors.html#fqa-10.12>`, making the code more
difficult to reason about.
Static constructors have negative impact on launch time of programs that use
LLVM as a library. We would really like for there to be zero cost for linking
in an additional LLVM target or other library into an application, but static
constructors undermine this goal.
Use of ``class`` and ``struct`` Keywords
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
In C++, the ``class`` and ``struct`` keywords can be used almost
interchangeably. The only difference is when they are used to declare a class:
``class`` makes all members private by default while ``struct`` makes all
members public by default.
* All declarations and definitions of a given ``class`` or ``struct`` must use
the same keyword. For example:
.. code-block:: c++
// Avoid if `Example` is defined as a struct.
class Example;
// OK.
struct Example;
struct Example { ... };
* ``struct`` should be used when *all* members are declared public.
.. code-block:: c++
// Avoid using `struct` here, use `class` instead.
struct Foo {
private:
int Data;
public:
Foo() : Data(0) { }
int getData() const { return Data; }
void setData(int D) { Data = D; }
};
// OK to use `struct`: all members are public.
struct Bar {
int Data;
Bar() : Data(0) { }
};
Do not use Braced Initializer Lists to Call a Constructor
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Starting from C++11 there is a "generalized initialization syntax" which allows
calling constructors using braced initializer lists. Do not use these to call
constructors with non-trivial logic or if you care that you're calling some
*particular* constructor. Those should look like function calls using
parentheses rather than like aggregate initialization. Similarly, if you need
to explicitly name the type and call its constructor to create a temporary,
don't use a braced initializer list. Instead, use a braced initializer list
(without any type for temporaries) when doing aggregate initialization or
something notionally equivalent. Examples:
.. code-block:: c++
class Foo {
public:
// Construct a Foo by reading data from the disk in the whizbang format, ...
Foo(std::string filename);
// Construct a Foo by looking up the Nth element of some global data ...
Foo(int N);
// ...
};
// The Foo constructor call is reading a file, don't use braces to call it.
std::fill(foo.begin(), foo.end(), Foo("name"));
// The pair is being constructed like an aggregate, use braces.
bar_map.insert({my_key, my_value});
If you use a braced initializer list when initializing a variable, use an equals before the open curly brace:
.. code-block:: c++
int data[] = {0, 1, 2, 3};
Use ``auto`` Type Deduction to Make Code More Readable
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Some are advocating a policy of "almost always ``auto``" in C++11, however LLVM
uses a more moderate stance. Use ``auto`` if and only if it makes the code more
readable or easier to maintain. Don't "almost always" use ``auto``, but do use
``auto`` with initializers like ``cast<Foo>(...)`` or other places where the
type is already obvious from the context. Another time when ``auto`` works well
for these purposes is when the type would have been abstracted away anyways,
often behind a container's typedef such as ``std::vector<T>::iterator``.
Similarly, C++14 adds generic lambda expressions where parameter types can be
``auto``. Use these where you would have used a template.
Beware unnecessary copies with ``auto``
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The convenience of ``auto`` makes it easy to forget that its default behavior
is a copy. Particularly in range-based ``for`` loops, careless copies are
expensive.
Use ``auto &`` for values and ``auto *`` for pointers unless you need to make a
copy.
.. code-block:: c++
// Typically there's no reason to copy.
for (const auto &Val : Container) observe(Val);
for (auto &Val : Container) Val.change();
// Remove the reference if you really want a new copy.
for (auto Val : Container) { Val.change(); saveSomewhere(Val); }
// Copy pointers, but make it clear that they're pointers.
for (const auto *Ptr : Container) observe(*Ptr);
for (auto *Ptr : Container) Ptr->change();
Beware of non-determinism due to ordering of pointers
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
In general, there is no relative ordering among pointers. As a result,
when unordered containers like sets and maps are used with pointer keys
the iteration order is undefined. Hence, iterating such containers may
result in non-deterministic code generation. While the generated code
might work correctly, non-determinism can make it harder to reproduce bugs and
debug the compiler.
In case an ordered result is expected, remember to
sort an unordered container before iteration. Or use ordered containers
like ``vector``/``MapVector``/``SetVector`` if you want to iterate pointer
keys.
Beware of non-deterministic sorting order of equal elements
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
``std::sort`` uses a non-stable sorting algorithm in which the order of equal
elements is not guaranteed to be preserved. Thus using ``std::sort`` for a
container having equal elements may result in non-deterministic behavior.
To uncover such instances of non-determinism, LLVM has introduced a new
llvm::sort wrapper function. For an EXPENSIVE_CHECKS build this will randomly
shuffle the container before sorting. Default to using ``llvm::sort`` instead
of ``std::sort``.
Style Issues
============
The High-Level Issues
---------------------
Self-contained Headers
^^^^^^^^^^^^^^^^^^^^^^
Header files should be self-contained (compile on their own) and end in ``.h``.
Non-header files that are meant for inclusion should end in ``.inc`` and be
used sparingly.
All header files should be self-contained. Users and refactoring tools should
not have to adhere to special conditions to include the header. Specifically, a
header should have header guards and include all other headers it needs.
There are rare cases where a file designed to be included is not
self-contained. These are typically intended to be included at unusual
locations, such as the middle of another file. They might not use header
guards, and might not include their prerequisites. Name such files with the
.inc extension. Use sparingly, and prefer self-contained headers when possible.
In general, a header should be implemented by one or more ``.cpp`` files. Each
of these ``.cpp`` files should include the header that defines their interface
first. This ensures that all of the dependences of the header have been
properly added to the header itself, and are not implicit. System headers
should be included after user headers for a translation unit.
Library Layering
^^^^^^^^^^^^^^^^
A directory of header files (for example ``include/llvm/Foo``) defines a
library (``Foo``). One library (both
its headers and implementation) should only use things from the libraries
listed in its dependencies.
Some of this constraint can be enforced by classic Unix linkers (Mac & Windows
linkers, as well as lld, do not enforce this constraint). A Unix linker
searches left to right through the libraries specified on its command line and
never revisits a library. In this way, no circular dependencies between
libraries can exist.
This doesn't fully enforce all inter-library dependencies, and importantly
doesn't enforce header file circular dependencies created by inline functions.
A good way to answer the "is this layered correctly" would be to consider
whether a Unix linker would succeed at linking the program if all inline
functions were defined out-of-line. (& for all valid orderings of dependencies
- since linking resolution is linear, it's possible that some implicit
dependencies can sneak through: A depends on B and C, so valid orderings are
"C B A" or "B C A", in both cases the explicit dependencies come before their
use. But in the first case, B could still link successfully if it implicitly
depended on C, or the opposite in the second case)
.. _minimal list of #includes:
``#include`` as Little as Possible
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
``#include`` hurts compile time performance. Don't do it unless you have to,
especially in header files.
But wait! Sometimes you need to have the definition of a class to use it, or to
inherit from it. In these cases go ahead and ``#include`` that header file. Be
aware however that there are many cases where you don't need to have the full
definition of a class. If you are using a pointer or reference to a class, you
don't need the header file. If you are simply returning a class instance from a
prototyped function or method, you don't need it. In fact, for most cases, you
simply don't need the definition of a class. And not ``#include``\ing speeds up
compilation.
It is easy to try to go too overboard on this recommendation, however. You
**must** include all of the header files that you are using --- you can include
them either directly or indirectly through another header file. To make sure
that you don't accidentally forget to include a header file in your module
header, make sure to include your module header **first** in the implementation
file (as mentioned above). This way there won't be any hidden dependencies that
you'll find out about later.
Keep "Internal" Headers Private
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Many modules have a complex implementation that causes them to use more than one
implementation (``.cpp``) file. It is often tempting to put the internal
communication interface (helper classes, extra functions, etc) in the public
module header file. Don't do this!
If you really need to do something like this, put a private header file in the
same directory as the source files, and include it locally. This ensures that
your private interface remains private and undisturbed by outsiders.
.. note::
It's okay to put extra implementation methods in a public class itself. Just
make them private (or protected) and all is well.
Use Namespace Qualifiers to Implement Previously Declared Functions
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
When providing an out of line implementation of a function in a source file, do
not open namespace blocks in the source file. Instead, use namespace qualifiers
to help ensure that your definition matches an existing declaration. Do this:
.. code-block:: c++
// Foo.h
namespace llvm {
int foo(const char *s);
}
// Foo.cpp
#include "Foo.h"
using namespace llvm;
int llvm::foo(const char *s) {
// ...
}
Doing this helps to avoid bugs where the definition does not match the
declaration from the header. For example, the following C++ code defines a new
overload of ``llvm::foo`` instead of providing a definition for the existing
function declared in the header:
.. code-block:: c++
// Foo.cpp
#include "Foo.h"
namespace llvm {
int foo(char *s) { // Mismatch between "const char *" and "char *"
}
} // end namespace llvm
This error will not be caught until the build is nearly complete, when the
linker fails to find a definition for any uses of the original function. If the
function were instead defined with a namespace qualifier, the error would have
been caught immediately when the definition was compiled.
Class method implementations must already name the class and new overloads
cannot be introduced out of line, so this recommendation does not apply to them.
.. _early exits:
Use Early Exits and ``continue`` to Simplify Code
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
When reading code, keep in mind how much state and how many previous decisions
have to be remembered by the reader to understand a block of code. Aim to
reduce indentation where possible when it doesn't make it more difficult to
understand the code. One great way to do this is by making use of early exits
and the ``continue`` keyword in long loops. Consider this code that does not
use an early exit:
.. code-block:: c++
Value *doSomething(Instruction *I) {
if (!I->isTerminator() &&
I->hasOneUse() && doOtherThing(I)) {
... some long code ....
}
return 0;
}
This code has several problems if the body of the ``'if'`` is large. When
you're looking at the top of the function, it isn't immediately clear that this
*only* does interesting things with non-terminator instructions, and only
applies to things with the other predicates. Second, it is relatively difficult
to describe (in comments) why these predicates are important because the ``if``
statement makes it difficult to lay out the comments. Third, when you're deep
within the body of the code, it is indented an extra level. Finally, when
reading the top of the function, it isn't clear what the result is if the
predicate isn't true; you have to read to the end of the function to know that
it returns null.
It is much preferred to format the code like this:
.. code-block:: c++
Value *doSomething(Instruction *I) {
// Terminators never need 'something' done to them because ...
if (I->isTerminator())
return 0;
// We conservatively avoid transforming instructions with multiple uses
// because goats like cheese.
if (!I->hasOneUse())
return 0;
// This is really just here for example.
if (!doOtherThing(I))
return 0;
... some long code ....
}
This fixes these problems. A similar problem frequently happens in ``for``
loops. A silly example is something like this:
.. code-block:: c++
for (Instruction &I : BB) {
if (auto *BO = dyn_cast<BinaryOperator>(&I)) {
Value *LHS = BO->getOperand(0);
Value *RHS = BO->getOperand(1);
if (LHS != RHS) {
...
}
}
}
When you have very, very small loops, this sort of structure is fine. But if it
exceeds more than 10-15 lines, it becomes difficult for people to read and
understand at a glance. The problem with this sort of code is that it gets very
nested very quickly. Meaning that the reader of the code has to keep a lot of
context in their brain to remember what is going immediately on in the loop,
because they don't know if/when the ``if`` conditions will have ``else``\s etc.
It is strongly preferred to structure the loop like this:
.. code-block:: c++
for (Instruction &I : BB) {
auto *BO = dyn_cast<BinaryOperator>(&I);
if (!BO) continue;
Value *LHS = BO->getOperand(0);
Value *RHS = BO->getOperand(1);
if (LHS == RHS) continue;
...
}
This has all the benefits of using early exits for functions: it reduces nesting
of the loop, it makes it easier to describe why the conditions are true, and it
makes it obvious to the reader that there is no ``else`` coming up that they
have to push context into their brain for. If a loop is large, this can be a
big understandability win.
Don't use ``else`` after a ``return``
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
For similar reasons as above (reduction of indentation and easier reading), please
do not use ``'else'`` or ``'else if'`` after something that interrupts control
flow --- like ``return``, ``break``, ``continue``, ``goto``, etc. For example:
.. code-block:: c++
case 'J': {
if (Signed) {
Type = Context.getsigjmp_bufType();
if (Type.isNull()) {
Error = ASTContext::GE_Missing_sigjmp_buf;
return QualType();
} else {
break; // Unnecessary.
}
} else {
Type = Context.getjmp_bufType();
if (Type.isNull()) {
Error = ASTContext::GE_Missing_jmp_buf;
return QualType();
} else {
break; // Unnecessary.
}
}
}
It is better to write it like this:
.. code-block:: c++
case 'J':
if (Signed) {
Type = Context.getsigjmp_bufType();
if (Type.isNull()) {
Error = ASTContext::GE_Missing_sigjmp_buf;
return QualType();
}
} else {
Type = Context.getjmp_bufType();
if (Type.isNull()) {
Error = ASTContext::GE_Missing_jmp_buf;
return QualType();
}
}
break;
Or better yet (in this case) as:
.. code-block:: c++
case 'J':
if (Signed)
Type = Context.getsigjmp_bufType();
else
Type = Context.getjmp_bufType();
if (Type.isNull()) {
Error = Signed ? ASTContext::GE_Missing_sigjmp_buf :
ASTContext::GE_Missing_jmp_buf;
return QualType();
}
break;
The idea is to reduce indentation and the amount of code you have to keep track
of when reading the code.
Turn Predicate Loops into Predicate Functions
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
It is very common to write small loops that just compute a boolean value. There
are a number of ways that people commonly write these, but an example of this
sort of thing is:
.. code-block:: c++
bool FoundFoo = false;
for (unsigned I = 0, E = BarList.size(); I != E; ++I)
if (BarList[I]->isFoo()) {
FoundFoo = true;
break;
}
if (FoundFoo) {
...
}
Instead of this sort of loop, we prefer to use a predicate function (which may
be `static`_) that uses `early exits`_:
.. code-block:: c++
/// \returns true if the specified list has an element that is a foo.
static bool containsFoo(const std::vector<Bar*> &List) {
for (unsigned I = 0, E = List.size(); I != E; ++I)
if (List[I]->isFoo())
return true;
return false;
}
...
if (containsFoo(BarList)) {
...
}
There are many reasons for doing this: it reduces indentation and factors out
code which can often be shared by other code that checks for the same predicate.
More importantly, it *forces you to pick a name* for the function, and forces
you to write a comment for it. In this silly example, this doesn't add much
value. However, if the condition is complex, this can make it a lot easier for
the reader to understand the code that queries for this predicate. Instead of
being faced with the in-line details of how we check to see if the BarList
contains a foo, we can trust the function name and continue reading with better
locality.
The Low-Level Issues
--------------------
Name Types, Functions, Variables, and Enumerators Properly
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Poorly-chosen names can mislead the reader and cause bugs. We cannot stress
enough how important it is to use *descriptive* names. Pick names that match
the semantics and role of the underlying entities, within reason. Avoid
abbreviations unless they are well known. After picking a good name, make sure
to use consistent capitalization for the name, as inconsistency requires clients
to either memorize the APIs or to look it up to find the exact spelling.
In general, names should be in camel case (e.g. ``TextFileReader`` and
``isLValue()``). Different kinds of declarations have different rules:
* **Type names** (including classes, structs, enums, typedefs, etc) should be
nouns and start with an upper-case letter (e.g. ``TextFileReader``).
* **Variable names** should be nouns (as they represent state). The name should
be camel case, and start with an upper case letter (e.g. ``Leader`` or
``Boats``).
* **Function names** should be verb phrases (as they represent actions), and
command-like function should be imperative. The name should be camel case,
and start with a lower case letter (e.g. ``openFile()`` or ``isFoo()``).
* **Enum declarations** (e.g. ``enum Foo {...}``) are types, so they should
follow the naming conventions for types. A common use for enums is as a
discriminator for a union, or an indicator of a subclass. When an enum is
used for something like this, it should have a ``Kind`` suffix
(e.g. ``ValueKind``).
* **Enumerators** (e.g. ``enum { Foo, Bar }``) and **public member variables**
should start with an upper-case letter, just like types. Unless the
enumerators are defined in their own small namespace or inside a class,
enumerators should have a prefix corresponding to the enum declaration name.
For example, ``enum ValueKind { ... };`` may contain enumerators like
``VK_Argument``, ``VK_BasicBlock``, etc. Enumerators that are just
convenience constants are exempt from the requirement for a prefix. For
instance:
.. code-block:: c++
enum {
MaxSize = 42,
Density = 12
};
As an exception, classes that mimic STL classes can have member names in STL's
style of lower-case words separated by underscores (e.g. ``begin()``,
``push_back()``, and ``empty()``). Classes that provide multiple
iterators should add a singular prefix to ``begin()`` and ``end()``
(e.g. ``global_begin()`` and ``use_begin()``).
Here are some examples:
.. code-block:: c++
class VehicleMaker {
...
Factory<Tire> F; // Avoid: a non-descriptive abbreviation.
Factory<Tire> Factory; // Better: more descriptive.
Factory<Tire> TireFactory; // Even better: if VehicleMaker has more than one
// kind of factories.
};
Vehicle makeVehicle(VehicleType Type) {
VehicleMaker M; // Might be OK if scope is small.
Tire Tmp1 = M.makeTire(); // Avoid: 'Tmp1' provides no information.
Light Headlight = M.makeLight("head"); // Good: descriptive.
...
}
Assert Liberally
^^^^^^^^^^^^^^^^
Use the "``assert``" macro to its fullest. Check all of your preconditions and
assumptions, you never know when a bug (not necessarily even yours) might be
caught early by an assertion, which reduces debugging time dramatically. The
"``<cassert>``" header file is probably already included by the header files you
are using, so it doesn't cost anything to use it.
To further assist with debugging, make sure to put some kind of error message in
the assertion statement, which is printed if the assertion is tripped. This
helps the poor debugger make sense of why an assertion is being made and
enforced, and hopefully what to do about it. Here is one complete example:
.. code-block:: c++
inline Value *getOperand(unsigned I) {
assert(I < Operands.size() && "getOperand() out of range!");
return Operands[I];
}
Here are more examples:
.. code-block:: c++
assert(Ty->isPointerType() && "Can't allocate a non-pointer type!");
assert((Opcode == Shl || Opcode == Shr) && "ShiftInst Opcode invalid!");
assert(idx < getNumSuccessors() && "Successor # out of range!");
assert(V1.getType() == V2.getType() && "Constant types must be identical!");
assert(isa<PHINode>(Succ->front()) && "Only works on PHId BBs!");
You get the idea.
In the past, asserts were used to indicate a piece of code that should not be
reached. These were typically of the form:
.. code-block:: c++
assert(0 && "Invalid radix for integer literal");
This has a few issues, the main one being that some compilers might not
understand the assertion, or warn about a missing return in builds where
assertions are compiled out.
Today, we have something much better: ``llvm_unreachable``:
.. code-block:: c++
llvm_unreachable("Invalid radix for integer literal");
When assertions are enabled, this will print the message if it's ever reached
and then exit the program. When assertions are disabled (i.e. in release
builds), ``llvm_unreachable`` becomes a hint to compilers to skip generating
code for this branch. If the compiler does not support this, it will fall back
to the "abort" implementation.
Use ``llvm_unreachable`` to mark a specific point in code that should never be
reached. This is especially desirable for addressing warnings about unreachable
branches, etc., but can be used whenever reaching a particular code path is
unconditionally a bug (not originating from user input; see below) of some kind.
Use of ``assert`` should always include a testable predicate (as opposed to
``assert(false)``).
If the error condition can be triggered by user input then the
recoverable error mechanism described in :doc:`ProgrammersManual` should be
used instead. In cases where this is not practical, ``report_fatal_error`` may
be used.
Another issue is that values used only by assertions will produce an "unused
value" warning when assertions are disabled. For example, this code will warn:
.. code-block:: c++
unsigned Size = V.size();
assert(Size > 42 && "Vector smaller than it should be");
bool NewToSet = Myset.insert(Value);
assert(NewToSet && "The value shouldn't be in the set yet");
These are two interesting different cases. In the first case, the call to
``V.size()`` is only useful for the assert, and we don't want it executed when
assertions are disabled. Code like this should move the call into the assert
itself. In the second case, the side effects of the call must happen whether
the assert is enabled or not. In this case, the value should be cast to void to
disable the warning. To be specific, it is preferred to write the code like
this:
.. code-block:: c++
assert(V.size() > 42 && "Vector smaller than it should be");
bool NewToSet = Myset.insert(Value); (void)NewToSet;
assert(NewToSet && "The value shouldn't be in the set yet");
Do Not Use ``using namespace std``
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
In LLVM, we prefer to explicitly prefix all identifiers from the standard
namespace with an "``std::``" prefix, rather than rely on "``using namespace
std;``".
In header files, adding a ``'using namespace XXX'`` directive pollutes the
namespace of any source file that ``#include``\s the header, creating
maintenance issues.
In implementation files (e.g. ``.cpp`` files), the rule is more of a stylistic
rule, but is still important. Basically, using explicit namespace prefixes
makes the code **clearer**, because it is immediately obvious what facilities
are being used and where they are coming from. And **more portable**, because
namespace clashes cannot occur between LLVM code and other namespaces. The
portability rule is important because different standard library implementations
expose different symbols (potentially ones they shouldn't), and future revisions
to the C++ standard will add more symbols to the ``std`` namespace. As such, we
never use ``'using namespace std;'`` in LLVM.
The exception to the general rule (i.e. it's not an exception for the ``std``
namespace) is for implementation files. For example, all of the code in the
LLVM project implements code that lives in the 'llvm' namespace. As such, it is
ok, and actually clearer, for the ``.cpp`` files to have a ``'using namespace
llvm;'`` directive at the top, after the ``#include``\s. This reduces
indentation in the body of the file for source editors that indent based on
braces, and keeps the conceptual context cleaner. The general form of this rule
is that any ``.cpp`` file that implements code in any namespace may use that
namespace (and its parents'), but should not use any others.
Provide a Virtual Method Anchor for Classes in Headers
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If a class is defined in a header file and has a vtable (either it has virtual
methods or it derives from classes with virtual methods), it must always have at
least one out-of-line virtual method in the class. Without this, the compiler
will copy the vtable and RTTI into every ``.o`` file that ``#include``\s the
header, bloating ``.o`` file sizes and increasing link times.
Don't use default labels in fully covered switches over enumerations
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
``-Wswitch`` warns if a switch, without a default label, over an enumeration
does not cover every enumeration value. If you write a default label on a fully
covered switch over an enumeration then the ``-Wswitch`` warning won't fire
when new elements are added to that enumeration. To help avoid adding these
kinds of defaults, Clang has the warning ``-Wcovered-switch-default`` which is
off by default but turned on when building LLVM with a version of Clang that
supports the warning.
A knock-on effect of this stylistic requirement is that when building LLVM with
GCC you may get warnings related to "control may reach end of non-void function"
if you return from each case of a covered switch-over-enum because GCC assumes
that the enum expression may take any representable value, not just those of
individual enumerators. To suppress this warning, use ``llvm_unreachable`` after
the switch.
Use range-based ``for`` loops wherever possible
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The introduction of range-based ``for`` loops in C++11 means that explicit
manipulation of iterators is rarely necessary. We use range-based ``for``
loops wherever possible for all newly added code. For example:
.. code-block:: c++
BasicBlock *BB = ...
for (Instruction &I : *BB)
... use I ...
Usage of ``std::for_each()``/``llvm::for_each()`` functions is discouraged,
unless the the callable object already exists.
Don't evaluate ``end()`` every time through a loop
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
In cases where range-based ``for`` loops can't be used and it is necessary
to write an explicit iterator-based loop, pay close attention to whether
``end()`` is re-evaluated on each loop iteration. One common mistake is to
write a loop in this style:
.. code-block:: c++
BasicBlock *BB = ...
for (auto I = BB->begin(); I != BB->end(); ++I)
... use I ...
The problem with this construct is that it evaluates "``BB->end()``" every time
through the loop. Instead of writing the loop like this, we strongly prefer
loops to be written so that they evaluate it once before the loop starts. A
convenient way to do this is like so:
.. code-block:: c++
BasicBlock *BB = ...
for (auto I = BB->begin(), E = BB->end(); I != E; ++I)
... use I ...
The observant may quickly point out that these two loops may have different
semantics: if the container (a basic block in this case) is being mutated, then
"``BB->end()``" may change its value every time through the loop and the second
loop may not in fact be correct. If you actually do depend on this behavior,
please write the loop in the first form and add a comment indicating that you
did it intentionally.
Why do we prefer the second form (when correct)? Writing the loop in the first
form has two problems. First it may be less efficient than evaluating it at the
start of the loop. In this case, the cost is probably minor --- a few extra
loads every time through the loop. However, if the base expression is more
complex, then the cost can rise quickly. I've seen loops where the end
expression was actually something like: "``SomeMap[X]->end()``" and map lookups
really aren't cheap. By writing it in the second form consistently, you
eliminate the issue entirely and don't even have to think about it.
The second (even bigger) issue is that writing the loop in the first form hints
to the reader that the loop is mutating the container (a fact that a comment
would handily confirm!). If you write the loop in the second form, it is
immediately obvious without even looking at the body of the loop that the
container isn't being modified, which makes it easier to read the code and
understand what it does.
While the second form of the loop is a few extra keystrokes, we do strongly
prefer it.
``#include <iostream>`` is Forbidden
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The use of ``#include <iostream>`` in library files is hereby **forbidden**,
because many common implementations transparently inject a `static constructor`_
into every translation unit that includes it.
Note that using the other stream headers (``<sstream>`` for example) is not
problematic in this regard --- just ``<iostream>``. However, ``raw_ostream``
provides various APIs that are better performing for almost every use than
``std::ostream`` style APIs.
.. note::
New code should always use `raw_ostream`_ for writing, or the
``llvm::MemoryBuffer`` API for reading files.
.. _raw_ostream:
Use ``raw_ostream``
^^^^^^^^^^^^^^^^^^^
LLVM includes a lightweight, simple, and efficient stream implementation in
``llvm/Support/raw_ostream.h``, which provides all of the common features of
``std::ostream``. All new code should use ``raw_ostream`` instead of
``ostream``.
Unlike ``std::ostream``, ``raw_ostream`` is not a template and can be forward
declared as ``class raw_ostream``. Public headers should generally not include
the ``raw_ostream`` header, but use forward declarations and constant references
to ``raw_ostream`` instances.
Avoid ``std::endl``
^^^^^^^^^^^^^^^^^^^
The ``std::endl`` modifier, when used with ``iostreams`` outputs a newline to
the output stream specified. In addition to doing this, however, it also
flushes the output stream. In other words, these are equivalent:
.. code-block:: c++
std::cout << std::endl;
std::cout << '\n' << std::flush;
Most of the time, you probably have no reason to flush the output stream, so
it's better to use a literal ``'\n'``.
Don't use ``inline`` when defining a function in a class definition
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
A member function defined in a class definition is implicitly inline, so don't
put the ``inline`` keyword in this case.
Don't:
.. code-block:: c++
class Foo {
public:
inline void bar() {
// ...
}
};
Do:
.. code-block:: c++
class Foo {
public:
void bar() {
// ...
}
};
Microscopic Details
-------------------
This section describes preferred low-level formatting guidelines along with
reasoning on why we prefer them.
Spaces Before Parentheses
^^^^^^^^^^^^^^^^^^^^^^^^^
Put a space before an open parenthesis only in control flow statements, but not
in normal function call expressions and function-like macros. For example:
.. code-block:: c++
if (X) ...
for (I = 0; I != 100; ++I) ...
while (LLVMRocks) ...
somefunc(42);
assert(3 != 4 && "laws of math are failing me");
A = foo(42, 92) + bar(X);
The reason for doing this is not completely arbitrary. This style makes control
flow operators stand out more, and makes expressions flow better.
Prefer Preincrement
^^^^^^^^^^^^^^^^^^^
Hard fast rule: Preincrement (``++X``) may be no slower than postincrement
(``X++``) and could very well be a lot faster than it. Use preincrementation
whenever possible.
The semantics of postincrement include making a copy of the value being
incremented, returning it, and then preincrementing the "work value". For
primitive types, this isn't a big deal. But for iterators, it can be a huge
issue (for example, some iterators contains stack and set objects in them...
copying an iterator could invoke the copy ctor's of these as well). In general,
get in the habit of always using preincrement, and you won't have a problem.
Namespace Indentation
^^^^^^^^^^^^^^^^^^^^^
In general, we strive to reduce indentation wherever possible. This is useful
because we want code to `fit into 80 columns`_ without excessive wrapping, but
also because it makes it easier to understand the code. To facilitate this and
avoid some insanely deep nesting on occasion, don't indent namespaces. If it
helps readability, feel free to add a comment indicating what namespace is
being closed by a ``}``. For example:
.. code-block:: c++
namespace llvm {
namespace knowledge {
/// This class represents things that Smith can have an intimate
/// understanding of and contains the data associated with it.
class Grokable {
...
public:
explicit Grokable() { ... }
virtual ~Grokable() = 0;
...
};
} // end namespace knowledge
} // end namespace llvm
Feel free to skip the closing comment when the namespace being closed is
obvious for any reason. For example, the outer-most namespace in a header file
is rarely a source of confusion. But namespaces both anonymous and named in
source files that are being closed half way through the file probably could use
clarification.
.. _static:
Anonymous Namespaces
^^^^^^^^^^^^^^^^^^^^
After talking about namespaces in general, you may be wondering about anonymous
namespaces in particular. Anonymous namespaces are a great language feature
that tells the C++ compiler that the contents of the namespace are only visible
within the current translation unit, allowing more aggressive optimization and
eliminating the possibility of symbol name collisions. Anonymous namespaces are
to C++ as "static" is to C functions and global variables. While "``static``"
is available in C++, anonymous namespaces are more general: they can make entire
classes private to a file.
The problem with anonymous namespaces is that they naturally want to encourage
indentation of their body, and they reduce locality of reference: if you see a
random function definition in a C++ file, it is easy to see if it is marked
static, but seeing if it is in an anonymous namespace requires scanning a big
chunk of the file.
Because of this, we have a simple guideline: make anonymous namespaces as small
as possible, and only use them for class declarations. For example:
.. code-block:: c++
namespace {
class StringSort {
...
public:
StringSort(...)
bool operator<(const char *RHS) const;
};
} // end anonymous namespace
static void runHelper() {
...
}
bool StringSort::operator<(const char *RHS) const {
...
}
Avoid putting declarations other than classes into anonymous namespaces:
.. code-block:: c++
namespace {
// ... many declarations ...
void runHelper() {
...
}
// ... many declarations ...
} // end anonymous namespace
When you are looking at "``runHelper``" in the middle of a large C++ file,
you have no immediate way to tell if this function is local to the file. In
contrast, when the function is marked static, you don't need to cross-reference
faraway places in the file to tell that the function is local.
Don't Use Braces on Simple Single-Statement Bodies of if/else/loop Statements
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
When writing the body of an ``if``, ``else``, or loop statement, we prefer to
omit the braces to avoid unnecessary line noise. However, braces should be used
in cases where the omission of braces harm the readability and maintainability
of the code.
We consider that readability is harmed when omitting the brace in the presence
of a single statement that is accompanied by a comment (assuming the comment
can't be hoisted above the ``if`` or loop statement, see below).
Similarly, braces should be used when a single-statement body is complex enough
that it becomes difficult to see where the block containing the following
statement began. An ``if``/``else`` chain or a loop is considered a single
statement for this rule, and this rule applies recursively.
This list is not exhaustive, for example, readability is also harmed if an
``if``/``else`` chain does not use braced bodies for either all or none of its
members, with complex conditionals, deep nesting, etc. The examples below
intend to provide some guidelines.
Maintainability is harmed if the body of an ``if`` ends with a (directly or
indirectly) nested ``if`` statement with no ``else``. Braces on the outer ``if``
would help to avoid running into a "dangling else" situation.
.. code-block:: c++
// Omit the braces, since the body is simple and clearly associated with the if.
if (isa<FunctionDecl>(D))
handleFunctionDecl(D);
else if (isa<VarDecl>(D))
handleVarDecl(D);
// Here we document the condition itself and not the body.
if (isa<VarDecl>(D)) {
// It is necessary that we explain the situation with this surprisingly long
// comment, so it would be unclear without the braces whether the following
// statement is in the scope of the `if`.
// Because the condition is documented, we can't really hoist this
// comment that applies to the body above the if.
handleOtherDecl(D);
}
// Use braces on the outer `if` to avoid a potential dangling else situation.
if (isa<VarDecl>(D)) {
for (auto *A : D.attrs())
if (shouldProcessAttr(A))
handleAttr(A);
}
// Use braces for the `if` block to keep it uniform with the else block.
if (isa<FunctionDecl>(D)) {
handleFunctionDecl(D);
} else {
// In this else case, it is necessary that we explain the situation with this
// surprisingly long comment, so it would be unclear without the braces whether
// the following statement is in the scope of the `if`.
handleOtherDecl(D);
}
// This should also omit braces. The `for` loop contains only a single statement,
// so it shouldn't have braces. The `if` also only contains a single simple
// statement (the for loop), so it also should omit braces.
if (isa<FunctionDecl>(D))
for (auto *A : D.attrs())
handleAttr(A);
// Use braces for the outer `if` since the nested `for` is braced.
if (isa<FunctionDecl>(D)) {
for (auto *A : D.attrs()) {
// In this for loop body, it is necessary that we explain the situation
// with this surprisingly long comment, forcing braces on the `for` block.
handleAttr(A);
}
}
// Use braces on the outer block because there are more than two levels of nesting.
if (isa<FunctionDecl>(D)) {
for (auto *A : D.attrs())
for (ssize_t i : llvm::seq<ssize_t>(count))
handleAttrOnDecl(D, A, i);
}
// Use braces on the outer block because of a nested `if`, otherwise the
// compiler would warn: `add explicit braces to avoid dangling else`
if (auto *D = dyn_cast<FunctionDecl>(D)) {
if (shouldProcess(D))
handleVarDecl(D);
else
markAsIgnored(D);
}
See Also
========
A lot of these comments and recommendations have been culled from other sources.
Two particularly important books for our work are:
#. `Effective C++
<https://www.amazon.com/Effective-Specific-Addison-Wesley-Professional-Computing/dp/0321334876>`_
by Scott Meyers. Also interesting and useful are "More Effective C++" and
"Effective STL" by the same author.
#. `Large-Scale C++ Software Design
<https://www.amazon.com/Large-Scale-Software-Design-John-Lakos/dp/0201633620>`_
by John Lakos
If you get some free time, and you haven't read them: do so, you might learn
something.