google
diff --git a/‎src/base/strings/BUILD.bazel‎
Lines changed: 32 additions & 0 deletions b/‎src/base/strings/BUILD.bazel‎
Lines changed: 32 additions & 0 deletions
diff --git a/‎src/base/strings/const_init_immutable_string.h‎
Lines changed: 141 additions & 0 deletions b/‎src/base/strings/const_init_immutable_string.h‎
Lines changed: 141 additions & 0 deletions
diff --git a/‎src/base/strings/const_init_immutable_string_test.cc‎
Lines changed: 78 additions & 0 deletions b/‎src/base/strings/const_init_immutable_string_test.cc‎
Lines changed: 78 additions & 0 deletions
diff --git a/‎src/base/strings/const_init_mutable_string.h‎
Lines changed: 138 additions & 0 deletions b/‎src/base/strings/const_init_mutable_string.h‎
Lines changed: 138 additions & 0 deletions
@@ -75,6 +75,38 @@ mozc_cc_test(
     ],
 )
 
+mozc_cc_library(
+    name = "const_init_immutable_string",
+    hdrs = ["const_init_immutable_string.h"],
+    deps = ["//base/strings/internal:const_init_string_helpers"],
+)
+
+mozc_cc_test(
+    name = "const_init_immutable_string_test",
+    size = "small",
+    srcs = ["const_init_immutable_string_test.cc"],
+    deps = [
+        ":const_init_immutable_string",
+        "//testing:gunit_main",
+    ],
+)
+
+mozc_cc_library(
+    name = "const_init_mutable_string",
+    hdrs = ["const_init_mutable_string.h"],
+    deps = [":const_init_immutable_string"],
+)
+
+mozc_cc_test(
+    name = "const_init_mutable_string_test",
+    size = "small",
+    srcs = ["const_init_mutable_string_test.cc"],
+    deps = [
+        ":const_init_mutable_string",
+        "//testing:gunit_main",
+    ],
+)
+
 mozc_cc_library(
     name = "japanese",
     srcs = [
 
@@ -0,0 +1,141 @@
+// Copyright 2010-2021, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+//     * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+//     * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+//     * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+#ifndef MOZC_BASE_STRINGS_CONST_INIT_IMMUTABLE_STRING_H_
+#define MOZC_BASE_STRINGS_CONST_INIT_IMMUTABLE_STRING_H_
+
+#include <array>
+#include <atomic>
+#include <cstddef>
+#include <memory>
+#include <mutex>
+#include <string>
+#include <string_view>
+#include <type_traits>
+
+#include "base/strings/internal/const_init_string_helpers.h"
+
+namespace mozc {
+
+// A utility class to deal with constant global strings whose value is known
+// only at runtime. It has the following capabilities:
+// 1. It allows the library users to lazily initialize the string by calling
+//    `GetOrInit()` only after it becomes ready, e.g. only after dependent
+//    modules are fully loaded.
+// 2. It is thread-safe, meaning that multiple threads can call `GetOrInit()`
+//    concurrently without causing data race, with an assumption that the
+//    `idempotent_initializer` is idempotent (i.e., it always returns the same
+//    value when called multiple times) and thread-safe.
+// 3. It guarantees that the string is null-terminated.
+// 4. It is trivially destructible, which means it can be used in static
+//    storage duration objects without causing destructor order issues, with a
+//    caveat that it may leak memory if the string is larger than the fixed
+//    array size provided by the template parameter.
+//
+// Once the string is published it cannot be replaced. See
+// `ConstInitMutableString` for a variant that additionally supports
+// thread-safe `Set()`.
+template <size_t fixed_array_size,
+          const_init_string_internal::SupportedChar CharT = char>
+class ConstInitImmutableString {
+ public:
+  using StringT = std::basic_string<CharT>;
+  using StringViewT = std::basic_string_view<CharT>;
+
+  // A data initializer that is guaranteed to return the same value no matter
+  // how many times it is called. It must also be reentrant and safe to call
+  // from multiple threads concurrently.
+  using IdempotentInitializer = std::add_pointer_t<StringT()>;
+
+  ConstInitImmutableString() = delete;
+  ~ConstInitImmutableString() = default;
+
+  consteval explicit ConstInitImmutableString(
+      IdempotentInitializer idempotent_initializer)
+      : idempotent_initializer_(idempotent_initializer) {}
+
+  [[nodiscard]] StringViewT GetOrInit() {
+    // Fast path: result already published.
+    if (const CharT* ptr = result_ptr_.load(std::memory_order::acquire))
+        [[likely]] {
+      return StringViewT(ptr, result_size_);
+    }
+
+    // The initializer is called outside any lock so that no foreign code
+    // runs under a lock held by this class. This avoids classic deadlock
+    // scenarios such as Win32 Loader Lock recursion when `GetOrInit()` is
+    // called from `DllMain` and the initializer internally invokes
+    // `LoadLibrary`. Racing threads may each call it; per the
+    // `IdempotentInitializer` contract that is acceptable.
+    // https://learn.microsoft.com/en-us/windows/win32/dlls/dynamic-link-library-best-practices#deadlocks-caused-by-lock-order-inversion
+    const StringT value = idempotent_initializer_();
+
+    // Stage any heap fallback outside the spinlock so that the critical
+    // section is bounded by `fixed_array_size` and a throwing
+    // allocation cannot leave the spinlock held.
+    std::unique_ptr<CharT[]> heap_fallback =
+        const_init_string_internal::StageHeapFallback<CharT>(value,
+                                                             std::size(value_));
+
+    std::lock_guard<const_init_string_internal::SpinLock> l(committing_);
+    if (const CharT* ptr = result_ptr_.load(std::memory_order::relaxed)) {
+      // Another thread already published; staged `heap_fallback` is
+      // freed by its destructor when this scope unwinds.
+      return StringViewT(ptr, result_size_);
+    }
+
+    // Winner: any staged heap buffer is intentionally leaked for the
+    // remainder of the process so that `ConstInitImmutableString` itself
+    // remains trivially destructible.
+    CharT* dest = const_init_string_internal::CommitStagedValue<CharT>(
+        value, heap_fallback, value_.data());
+    result_size_ = value.size();
+    result_ptr_.store(dest, std::memory_order::release);
+    return StringViewT(dest, value.size());
+  }
+
+ private:
+  std::atomic<const CharT*> result_ptr_ = nullptr;
+  size_t result_size_ = 0;
+  const_init_string_internal::SpinLock committing_;
+  std::array<CharT, fixed_array_size> value_ = {};
+  const IdempotentInitializer idempotent_initializer_;
+};
+
+// Verify the trivial destructibility contract for both supported `CharT`
+// instantiations so misuse (e.g. accidentally adding a non-trivial member)
+// is caught at compile time even if no instance is constructed.
+static_assert(
+    std::is_trivially_destructible_v<ConstInitImmutableString<1, char>>);
+static_assert(
+    std::is_trivially_destructible_v<ConstInitImmutableString<1, wchar_t>>);
+
+}  // namespace mozc
+
+#endif  // MOZC_BASE_STRINGS_CONST_INIT_IMMUTABLE_STRING_H_
@@ -0,0 +1,78 @@
+// Copyright 2010-2021, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+//     * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+//     * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+//     * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+#include "base/strings/const_init_immutable_string.h"
+
+#include <string>
+#include <string_view>
+
+#include "testing/gunit.h"
+
+namespace mozc::strings {
+namespace {
+
+constinit ConstInitImmutableString<256> g_value_simple_init(
+    []() -> std::string { return "Mozc"; });
+
+TEST(ConstInitImmutableStringTest, SimpleInit) {
+  EXPECT_EQ(g_value_simple_init.GetOrInit(), "Mozc");
+  EXPECT_EQ(g_value_simple_init.GetOrInit(), "Mozc");
+}
+
+TEST(ConstInitImmutableStringTest, NullTermination) {
+  const auto value = g_value_simple_init.GetOrInit();
+  EXPECT_EQ(value.data()[value.size()], '\0');
+}
+
+constexpr std::string_view kLongValue =
+    "this string is longer than the inline buffer";
+
+constinit ConstInitImmutableString<8> g_value_overflow([]() -> std::string {
+  return std::string("this string is longer than the inline buffer");
+});
+
+TEST(ConstInitImmutableStringTest, HeapFallback) {
+  const auto value = g_value_overflow.GetOrInit();
+  EXPECT_EQ(value, kLongValue);
+  EXPECT_EQ(value.data()[value.size()], '\0');
+  // Repeated calls return the same pointer (stable storage).
+  EXPECT_EQ(g_value_overflow.GetOrInit().data(), value.data());
+}
+
+constinit ConstInitImmutableString<256, wchar_t> g_value_wide(
+    []() -> std::wstring { return L"WideMozc"; });
+
+TEST(ConstInitImmutableStringTest, WideChar) {
+  EXPECT_EQ(g_value_wide.GetOrInit(), std::wstring_view(L"WideMozc"));
+  const auto value = g_value_wide.GetOrInit();
+  EXPECT_EQ(value.data()[value.size()], L'\0');
+}
+
+}  // namespace
+}  // namespace mozc::strings
@@ -0,0 +1,138 @@
+// Copyright 2010-2021, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+//     * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+//     * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+//     * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+#ifndef MOZC_BASE_STRINGS_CONST_INIT_MUTABLE_STRING_H_
+#define MOZC_BASE_STRINGS_CONST_INIT_MUTABLE_STRING_H_
+
+#include <array>
+#include <atomic>
+#include <cstddef>
+#include <memory>
+#include <mutex>
+#include <string>
+#include <string_view>
+#include <type_traits>
+
+#include "base/strings/internal/const_init_string_helpers.h"
+
+namespace mozc {
+
+// A variant of `ConstInitImmutableString` that additionally supports
+// thread-safe `Set()`. Like `ConstInitImmutableString`,
+// `ConstInitMutableString` is trivially destructible and may be used in
+// `constinit` globals.
+//
+// Semantics:
+//   * `Get()` returns a snapshot of the most recent `Set` value, or an
+//     empty string if `Set` has never been called. Empty thus doubles as
+//     the "never set" sentinel; callers that need lazy default behaviour
+//     should compute the default themselves on observing empty and call
+//     `Set` to publish it.
+//   * `Set(value)` atomically replaces the stored value.
+//
+// Storage:
+//   * Values that fit in `fixed_array_size` characters (including the
+//     terminating NUL) live in an inline array.
+//   * Larger values live in a heap buffer. When `Set` replaces a heap-backed
+//     value, the prior heap allocation is freed before `Set` returns.
+//   * The currently-installed heap buffer (if any) is intentionally leaked at
+//     process exit so that the class itself remains trivially destructible.
+template <size_t fixed_array_size,
+          const_init_string_internal::SupportedChar CharT = char>
+class ConstInitMutableString {
+ public:
+  using StringT = std::basic_string<CharT>;
+  using StringViewT = std::basic_string_view<CharT>;
+
+  consteval ConstInitMutableString() noexcept = default;
+  ~ConstInitMutableString() = default;
+
+  void Set(StringViewT value);
+  StringT Get();
+
+ private:
+  std::atomic<bool> initialized_ = {};
+  CharT* current_ptr_ = nullptr;
+  size_t current_size_ = 0;
+  const_init_string_internal::SpinLock committing_;
+  std::array<CharT, fixed_array_size> value_ = {};
+};
+
+template <size_t fixed_array_size,
+          const_init_string_internal::SupportedChar CharT>
+void ConstInitMutableString<fixed_array_size, CharT>::Set(StringViewT value) {
+  // Stage any heap fallback outside the spinlock so the critical section
+  // is bounded by `fixed_array_size` and a throwing `bad_alloc` cannot
+  // leave the spinlock held.
+  std::unique_ptr<CharT[]> heap_fallback =
+      const_init_string_internal::StageHeapFallback<CharT>(value,
+                                                           std::size(value_));
+
+  std::unique_ptr<CharT[]> old_heap;
+  {
+    std::lock_guard<const_init_string_internal::SpinLock> l(committing_);
+    // If the previously-installed buffer was on the heap, hand it to a
+    // local `unique_ptr` so it is freed after we drop the lock. Readers
+    // complete their copy under the same lock, so no one is left
+    // holding the old pointer.
+    if (current_ptr_ != nullptr && current_ptr_ != value_.data()) {
+      old_heap.reset(current_ptr_);
+    }
+    current_ptr_ = const_init_string_internal::CommitStagedValue<CharT>(
+        value, heap_fallback, value_.data());
+    current_size_ = value.size();
+    initialized_.store(true, std::memory_order::release);
+  }
+}
+
+template <size_t fixed_array_size,
+          const_init_string_internal::SupportedChar CharT>
+auto ConstInitMutableString<fixed_array_size, CharT>::Get() -> StringT {
+  // Lock-free fast exit when nothing has ever been set.
+  if (!initialized_.load(std::memory_order::acquire)) {
+    return StringT();
+  }
+  // Snapshot under the lock since `Set` may concurrently swap pointers.
+  // The `lock_guard` releases the lock if the `StringT` allocation
+  // here throws.
+  std::lock_guard<const_init_string_internal::SpinLock> l(committing_);
+  return StringT(current_ptr_, current_size_);
+}
+
+// Verify the trivial destructibility contract for both supported `CharT`
+// instantiations so misuse (e.g. accidentally adding a non-trivial member)
+// is caught at compile time even if no instance is constructed.
+static_assert(
+    std::is_trivially_destructible_v<ConstInitMutableString<1, char>>);
+static_assert(
+    std::is_trivially_destructible_v<ConstInitMutableString<1, wchar_t>>);
+
+}  // namespace mozc
+
+#endif  // MOZC_BASE_STRINGS_CONST_INIT_MUTABLE_STRING_H_