|  | .. _docs-embedded-cpp: | 
|  |  | 
|  | ================== | 
|  | Embedded C++ Guide | 
|  | ================== | 
|  |  | 
|  | This page contains recommendations for using C++ for embedded software. For | 
|  | Pigweed code, these should be considered as requirements. For external | 
|  | projects, these recommendations can serve as a resource for efficiently using | 
|  | C++ in embedded projects. | 
|  |  | 
|  | These recommendations are subject to change as the C++ standard and compilers | 
|  | evolve, and as the authors continue to gain more knowledge and experience in | 
|  | this area. If you disagree with recommendations, please discuss them with the | 
|  | Pigweed team, as we're always looking to improve the guide or correct any | 
|  | inaccuracies. | 
|  |  | 
|  | Constexpr functions | 
|  | =================== | 
|  | Constexpr functions are functions that may be called from a constant | 
|  | expression, such as a template parameter, constexpr variable initialization, or | 
|  | ``static_assert`` statement. Labeling a function ``constexpr`` does not | 
|  | guarantee that it is executed at compile time; if called from regular code, it | 
|  | will be compiled as a regular function and executed at run time. | 
|  |  | 
|  | Constexpr functions are implicitly inline, which means they are suitable to be | 
|  | defined in header files. Like any function in a header, the compiler is more | 
|  | likely to inline it than other functions. Marking non-trivial functions as | 
|  | ``constexpr`` could increase code size, so check the compilation results if this | 
|  | is a concern. | 
|  |  | 
|  | Simple constructors should be marked ``constexpr`` whenever possible. GCC | 
|  | produces smaller code in some situations when the ``constexpr`` specifier is | 
|  | present. Do not avoid important initialization in order to make the class | 
|  | constexpr-constructible unless it actually needs to be used in a constant | 
|  | expression. | 
|  |  | 
|  | Constexpr variables | 
|  | =================== | 
|  | Constants should be marked ``constexpr`` whenever possible. Constexpr variables | 
|  | can be used in any constant expression, such as a non-type template argument, | 
|  | ``static_assert`` statement, or another constexpr variable initialization. | 
|  | Constexpr variables can be initialized at compile time with values calculated by | 
|  | constexpr functions. | 
|  |  | 
|  | ``constexpr`` implies ``const`` for variables, so there is no need to include | 
|  | the ``const`` qualifier when declaring a constexpr variable. | 
|  |  | 
|  | Unlike constexpr functions, constexpr variables are **not** implicitly inline. | 
|  | Constexpr variables in headers must be declared with the ``inline`` specifier. | 
|  |  | 
|  | .. code-block:: cpp | 
|  |  | 
|  | namespace pw { | 
|  |  | 
|  | inline constexpr const char* kStringConstant = "O_o"; | 
|  |  | 
|  | inline constexpr float kFloatConstant1 = CalculateFloatConstant(1); | 
|  | inline constexpr float kFloatConstant2 = CalculateFloatConstant(2); | 
|  |  | 
|  | }  // namespace pw | 
|  |  | 
|  | Function templates | 
|  | ================== | 
|  | Function templates facilitate writing code that works with different types. For | 
|  | example, the following clamps a value within a minimum and maximum: | 
|  |  | 
|  | .. code-block:: cpp | 
|  |  | 
|  | template <typename T> | 
|  | T Clamp(T min, T max, T value) { | 
|  | if (value < min) { | 
|  | return min; | 
|  | } | 
|  | if (value > max) { | 
|  | return max; | 
|  | } | 
|  | return value; | 
|  | } | 
|  |  | 
|  | The above code works seamlessly with values of any type -- float, int, or even a | 
|  | custom type that supports the < and > operators. | 
|  |  | 
|  | The compiler implements templates by generating a separate version of the | 
|  | function for each set of types it is instantiated with. This can increase code | 
|  | size significantly. | 
|  |  | 
|  | .. tip:: | 
|  |  | 
|  | Be careful when instantiating non-trivial template functions with multiple | 
|  | types. | 
|  |  | 
|  | Virtual functions | 
|  | ================= | 
|  | Virtual functions provide for runtime polymorphism. Unless runtime polymorphism | 
|  | is required, virtual functions should be avoided. Virtual functions require a | 
|  | virtual table, which increases RAM usage and requires extra instructions at each | 
|  | call site. Virtual functions can also inhibit compiler optimizations, since the | 
|  | compiler may not be able to tell which functions will actually be invoked. This | 
|  | can prevent linker garbage collection, resulting in unused functions being | 
|  | linked into a binary. | 
|  |  | 
|  | When runtime polymorphism is required, virtual functions should be considered. | 
|  | C alternatives, such as a struct of function pointers, could be used instead, | 
|  | but these approaches may offer no performance advantage while sacrificing | 
|  | flexibility and ease of use. | 
|  |  | 
|  | .. tip:: | 
|  |  | 
|  | Only use virtual functions when runtime polymorphism is needed. | 
|  |  | 
|  | Compiler warnings | 
|  | ================= | 
|  | Bugs in embedded systems can be difficult to track down. Compiler warnings are | 
|  | one tool to help identify and fix bugs early in development. | 
|  |  | 
|  | Pigweed compiles with a strict set of warnings. The warnings include the | 
|  | following: | 
|  |  | 
|  | * ``-Wall`` and ``-Wextra`` -- Standard sets of compilation warnings, which | 
|  | are recommended for all projects. | 
|  | * ``-Wimplicit-fallthrough`` -- Requires explicit ``[[fallthrough]]`` | 
|  | annotations for fallthrough between switch cases. Prevents unintentional | 
|  | fallthroughs if a ``break`` or ``return`` is forgotten. | 
|  | * ``-Wundef`` -- Requires macros to be defined before using them. This | 
|  | disables the standard, problematic behavior that replaces undefined (or | 
|  | misspelled) macros with ``0``. | 
|  |  | 
|  | Unused variable and function warnings | 
|  | ------------------------------------- | 
|  | The ``-Wall`` and ``-Wextra`` flags enable warnings about unused variables or | 
|  | functions. Usually, the best way to address these warnings is to remove the | 
|  | unused items. In some circumstances, these cannot be removed, so the warning | 
|  | must be silenced. This is done in one of the following ways: | 
|  |  | 
|  | 1. When possible, delete unused variables, functions, or class definitions. | 
|  | 2. If an unused entity must remain in the code, avoid giving it a name. A | 
|  | common situation that triggers unused parameter warnings is implementing a | 
|  | virtual function or callback. In C++, function parameters may be unnamed. | 
|  | If desired, the variable name can remain in the code as a comment. | 
|  |  | 
|  | .. code-block:: cpp | 
|  |  | 
|  | class BaseCalculator { | 
|  | public: | 
|  | virtual int DoMath(int number_1, int number_2, int number_3) = 0; | 
|  | }; | 
|  |  | 
|  | class Calculator : public BaseCalculator { | 
|  | int DoMath(int number_1, int /* number_2 */, int) override { | 
|  | return number_1 * 100; | 
|  | } | 
|  | }; | 
|  |  | 
|  | 3. In C++, annotate unused entities with `[[maybe_unused]] | 
|  | <https://en.cppreference.com/w/cpp/language/attributes/maybe_unused>`_ to | 
|  | silence warnings. | 
|  |  | 
|  | .. code-block:: cpp | 
|  |  | 
|  | // This variable is unused in certain circumstances. | 
|  | [[maybe_unused]] int expected_size = size * 4; | 
|  | #if OPTION_1 | 
|  | DoThing1(expected_size); | 
|  | #elif OPTION_2 | 
|  | DoThing2(expected_size); | 
|  | #endif | 
|  |  | 
|  | 4. As a final option, cast unused variables to ``void`` to silence these | 
|  | warnings. Use ``static_cast<void>(unused_var)`` in C++ or | 
|  | ``(void)unused_var`` in C. | 
|  |  | 
|  | In C, silencing warnings on unused functions may require compiler-specific | 
|  | attributes (``__attribute__((unused))``). Avoid this by removing the | 
|  | functions or compiling with C++ and using ``[[maybe_unused]]``. | 
|  |  | 
|  | Dealing with ``nodiscard`` return values | 
|  | ---------------------------------------- | 
|  | There are rare circumstances where a ``nodiscard`` return value from a function | 
|  | call needs to be discarded.  For ``pw::Status`` value ``.IgnoreError()`` can be | 
|  | appended to the the function call.  For other instances, ``std::ignore`` can be | 
|  | used. | 
|  |  | 
|  | .. code-block:: cpp | 
|  |  | 
|  | // <tuple> defines std::ignore. | 
|  | #include <tuple> | 
|  |  | 
|  | DoThingWithStatus().IgnoreError(); | 
|  | std::ignore = DoThingWithReturnValue(); |