Move CheckedInt.h to Source/platform

Source/core/html/canvas/CheckedInt.h

-/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this file,
- * You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-/* Provides checked integers, detecting integer overflow and divide-by-0. */
-
-// Necessary modifications are made to the original CheckedInt.h file when
-// incorporating it into WebKit:
-// 1) Comment out #define MOZ_CHECKEDINT_ENABLE_MOZ_ASSERTS
-// 2) Comment out #include "mozilla/StandardInteger.h"
-// 3) Define MOZ_DELETE
-// 4) Change namespace mozilla to namespace WebCore
-
-#ifndef mozilla_CheckedInt_h_
-#define mozilla_CheckedInt_h_
-
-/*
- * Build options. Comment out these #defines to disable the corresponding
- * optional feature. Disabling features may be useful for code using
- * CheckedInt outside of Mozilla (e.g. WebKit)
- */
-
-// Enable usage of MOZ_STATIC_ASSERT to check for unsupported types.
-// If disabled, static asserts are replaced by regular assert().
-// #define MOZ_CHECKEDINT_ENABLE_MOZ_ASSERTS
-
-/*
- * End of build options
- */
-
-#ifdef MOZ_CHECKEDINT_ENABLE_MOZ_ASSERTS
-#  include "mozilla/Assertions.h"
-#else
-#  ifndef MOZ_STATIC_ASSERT
-#    include <cassert>
-#    define MOZ_STATIC_ASSERT(cond, reason) assert((cond) && reason)
-#    define MOZ_ASSERT(cond, reason) assert((cond) && reason)
-#  endif
-#endif
-
-// #include "mozilla/StandardInteger.h"
-
-#ifndef MOZ_DELETE
-#define MOZ_DELETE
-#endif
-
-#include <climits>
-#include <cstddef>
-
-namespace WebCore {
-
-namespace detail {
-
-/*
- * Step 1: manually record supported types
- *
- * What's nontrivial here is that there are different families of integer
- * types: basic integer types and stdint types. It is merrily undefined which
- * types from one family may be just typedefs for a type from another family.
- *
- * For example, on GCC 4.6, aside from the basic integer types, the only other
- * type that isn't just a typedef for some of them, is int8_t.
- */
-
-struct UnsupportedType {};
-
-template<typename IntegerType>
-struct IsSupportedPass2
-{
-    static const bool value = false;
-};
-
-template<typename IntegerType>
-struct IsSupported
-{
-    static const bool value = IsSupportedPass2<IntegerType>::value;
-};
-
-template<>
-struct IsSupported<int8_t>
-{ static const bool value = true; };
-
-template<>
-struct IsSupported<uint8_t>
-{ static const bool value = true; };
-
-template<>
-struct IsSupported<int16_t>
-{ static const bool value = true; };
-
-template<>
-struct IsSupported<uint16_t>
-{ static const bool value = true; };
-
-template<>
-struct IsSupported<int32_t>
-{ static const bool value = true; };
-
-template<>
-struct IsSupported<uint32_t>
-{ static const bool value = true; };
-
-template<>
-struct IsSupported<int64_t>
-{ static const bool value = true; };
-
-template<>
-struct IsSupported<uint64_t>
-{ static const bool value = true; };
-
-
-template<>
-struct IsSupportedPass2<char>
-{ static const bool value = true; };
-
-template<>
-struct IsSupportedPass2<unsigned char>
-{ static const bool value = true; };
-
-template<>
-struct IsSupportedPass2<short>
-{ static const bool value = true; };
-
-template<>
-struct IsSupportedPass2<unsigned short>
-{ static const bool value = true; };
-
-template<>
-struct IsSupportedPass2<int>
-{ static const bool value = true; };
-
-template<>
-struct IsSupportedPass2<unsigned int>
-{ static const bool value = true; };
-
-template<>
-struct IsSupportedPass2<long>
-{ static const bool value = true; };
-
-template<>
-struct IsSupportedPass2<unsigned long>
-{ static const bool value = true; };
-
-
-/*
- * Step 2: some integer-traits kind of stuff.
- */
-
-template<size_t Size, bool Signedness>
-struct StdintTypeForSizeAndSignedness
-{};
-
-template<>
-struct StdintTypeForSizeAndSignedness<1, true>
-{ typedef int8_t   Type; };
-
-template<>
-struct StdintTypeForSizeAndSignedness<1, false>
-{ typedef uint8_t  Type; };
-
-template<>
-struct StdintTypeForSizeAndSignedness<2, true>
-{ typedef int16_t  Type; };
-
-template<>
-struct StdintTypeForSizeAndSignedness<2, false>
-{ typedef uint16_t Type; };
-
-template<>
-struct StdintTypeForSizeAndSignedness<4, true>
-{ typedef int32_t  Type; };
-
-template<>
-struct StdintTypeForSizeAndSignedness<4, false>
-{ typedef uint32_t Type; };
-
-template<>
-struct StdintTypeForSizeAndSignedness<8, true>
-{ typedef int64_t  Type; };
-
-template<>
-struct StdintTypeForSizeAndSignedness<8, false>
-{ typedef uint64_t Type; };
-
-template<typename IntegerType>
-struct UnsignedType
-{
-    typedef typename StdintTypeForSizeAndSignedness<sizeof(IntegerType),
-                                                    false>::Type Type;
-};
-
-template<typename IntegerType>
-struct IsSigned
-{
-    static const bool value = IntegerType(-1) <= IntegerType(0);
-};
-
-template<typename IntegerType, size_t Size = sizeof(IntegerType)>
-struct TwiceBiggerType
-{
-    typedef typename StdintTypeForSizeAndSignedness<
-                       sizeof(IntegerType) * 2,
-                       IsSigned<IntegerType>::value
-                     >::Type Type;
-};
-
-template<typename IntegerType>
-struct TwiceBiggerType<IntegerType, 8>
-{
-    typedef UnsupportedType Type;
-};
-
-template<typename IntegerType>
-struct PositionOfSignBit
-{
-    static const size_t value = CHAR_BIT * sizeof(IntegerType) - 1;
-};
-
-template<typename IntegerType>
-struct MinValue
-{
-  private:
-    typedef typename UnsignedType<IntegerType>::Type UnsignedIntegerType;
-    static const size_t PosOfSignBit = PositionOfSignBit<IntegerType>::value;
-
-  public:
-    // Bitwise ops may return a larger type, that's why we cast explicitly.
-    // In C++, left bit shifts on signed values is undefined by the standard
-    // unless the shifted value is representable.
-    // Notice that signed-to-unsigned conversions are always well-defined in
-    // the standard as the value congruent to 2**n, as expected. By contrast,
-    // unsigned-to-signed is only well-defined if the value is representable.
-    static const IntegerType value =
-        IsSigned<IntegerType>::value
-        ? IntegerType(UnsignedIntegerType(1) << PosOfSignBit)
-        : IntegerType(0);
-};
-
-template<typename IntegerType>
-struct MaxValue
-{
-    // Tricksy, but covered by the unit test.
-    // Relies heavily on the type of MinValue<IntegerType>::value
-    // being IntegerType.
-    static const IntegerType value = ~MinValue<IntegerType>::value;
-};
-
-/*
- * Step 3: Implement the actual validity checks.
- *
- * Ideas taken from IntegerLib, code different.
- */
-
-template<typename T>
-inline bool
-HasSignBit(T x)
-{
-  // In C++, right bit shifts on negative values is undefined by the standard.
-  // Notice that signed-to-unsigned conversions are always well-defined in the
-  // standard, as the value congruent modulo 2**n as expected. By contrast,
-  // unsigned-to-signed is only well-defined if the value is representable.
-  return bool(typename UnsignedType<T>::Type(x)
-                >> PositionOfSignBit<T>::value);
-}
-
-// Bitwise ops may return a larger type, so it's good to use this inline
-// helper guaranteeing that the result is really of type T.
-template<typename T>
-inline T
-BinaryComplement(T x)
-{
-  return ~x;
-}
-
-template<typename T,
-         typename U,
-         bool IsTSigned = IsSigned<T>::value,
-         bool IsUSigned = IsSigned<U>::value>
-struct DoesRangeContainRange
-{
-};
-
-template<typename T, typename U, bool Signedness>
-struct DoesRangeContainRange<T, U, Signedness, Signedness>
-{
-    static const bool value = sizeof(T) >= sizeof(U);
-};
-
-template<typename T, typename U>
-struct DoesRangeContainRange<T, U, true, false>
-{
-    static const bool value = sizeof(T) > sizeof(U);
-};
-
-template<typename T, typename U>
-struct DoesRangeContainRange<T, U, false, true>
-{
-    static const bool value = false;
-};
-
-template<typename T,
-         typename U,
-         bool IsTSigned = IsSigned<T>::value,
-         bool IsUSigned = IsSigned<U>::value,
-         bool DoesTRangeContainURange = DoesRangeContainRange<T, U>::value>
-struct IsInRangeImpl {};
-
-template<typename T, typename U, bool IsTSigned, bool IsUSigned>
-struct IsInRangeImpl<T, U, IsTSigned, IsUSigned, true>
-{
-    static bool run(U)
-    {
-       return true;
-    }
-};
-
-template<typename T, typename U>
-struct IsInRangeImpl<T, U, true, true, false>
-{
-    static bool run(U x)
-    {
-      return x <= MaxValue<T>::value && x >= MinValue<T>::value;
-    }
-};
-
-template<typename T, typename U>
-struct IsInRangeImpl<T, U, false, false, false>
-{
-    static bool run(U x)
-    {
-      return x <= MaxValue<T>::value;
-    }
-};
-
-template<typename T, typename U>
-struct IsInRangeImpl<T, U, true, false, false>
-{
-    static bool run(U x)
-    {
-      return sizeof(T) > sizeof(U) || x <= U(MaxValue<T>::value);
-    }
-};
-
-template<typename T, typename U>
-struct IsInRangeImpl<T, U, false, true, false>
-{
-    static bool run(U x)
-    {
-      return sizeof(T) >= sizeof(U)
-             ? x >= 0
-             : x >= 0 && x <= U(MaxValue<T>::value);
-    }
-};
-
-template<typename T, typename U>
-inline bool
-IsInRange(U x)
-{
-  return IsInRangeImpl<T, U>::run(x);
-}
-
-template<typename T>
-inline bool
-IsAddValid(T x, T y)
-{
-  // Addition is valid if the sign of x+y is equal to either that of x or that
-  // of y. Since the value of x+y is undefined if we have a signed type, we
-  // compute it using the unsigned type of the same size.
-  // Beware! These bitwise operations can return a larger integer type,
-  // if T was a small type like int8_t, so we explicitly cast to T.
-
-  typename UnsignedType<T>::Type ux = x;
-  typename UnsignedType<T>::Type uy = y;
-  typename UnsignedType<T>::Type result = ux + uy;
-  return IsSigned<T>::value
-         ? HasSignBit(BinaryComplement(T((result ^ x) & (result ^ y))))
-         : BinaryComplement(x) >= y;
-}
-
-template<typename T>
-inline bool
-IsSubValid(T x, T y)
-{
-  // Subtraction is valid if either x and y have same sign, or x-y and x have
-  // same sign. Since the value of x-y is undefined if we have a signed type,
-  // we compute it using the unsigned type of the same size.
-  typename UnsignedType<T>::Type ux = x;
-  typename UnsignedType<T>::Type uy = y;
-  typename UnsignedType<T>::Type result = ux - uy;
-
-  return IsSigned<T>::value
-         ? HasSignBit(BinaryComplement(T((result ^ x) & (x ^ y))))
-         : x >= y;
-}
-
-template<typename T,
-         bool IsSigned = IsSigned<T>::value,
-         bool TwiceBiggerTypeIsSupported =
-           IsSupported<typename TwiceBiggerType<T>::Type>::value>
-struct IsMulValidImpl {};
-
-template<typename T, bool IsSigned>
-struct IsMulValidImpl<T, IsSigned, true>
-{
-    static bool run(T x, T y)
-    {
-      typedef typename TwiceBiggerType<T>::Type TwiceBiggerType;
-      TwiceBiggerType product = TwiceBiggerType(x) * TwiceBiggerType(y);
-      return IsInRange<T>(product);
-    }
-};
-
-template<typename T>
-struct IsMulValidImpl<T, true, false>
-{
-    static bool run(T x, T y)
-    {
-      const T max = MaxValue<T>::value;
-      const T min = MinValue<T>::value;
-
-      if (x == 0 || y == 0)
-        return true;
-
-      if (x > 0) {
-        return y > 0
-               ? x <= max / y
-               : y >= min / x;
-      }
-
-      // If we reach this point, we know that x < 0.
-      return y > 0
-             ? x >= min / y
-             : y >= max / x;
-    }
-};
-
-template<typename T>
-struct IsMulValidImpl<T, false, false>
-{
-    static bool run(T x, T y)
-    {
-      return y == 0 ||  x <= MaxValue<T>::value / y;
-    }
-};
-
-template<typename T>
-inline bool
-IsMulValid(T x, T y)
-{
-  return IsMulValidImpl<T>::run(x, y);
-}
-
-template<typename T>
-inline bool
-IsDivValid(T x, T y)
-{
-  // Keep in mind that in the signed case, min/-1 is invalid because abs(min)>max.
-  return y != 0 &&
-         !(IsSigned<T>::value && x == MinValue<T>::value && y == T(-1));
-}
-
-// This is just to shut up msvc warnings about negating unsigned ints.
-template<typename T, bool IsSigned = IsSigned<T>::value>
-struct OppositeIfSignedImpl
-{
-    static T run(T x) { return -x; }
-};
-template<typename T>
-struct OppositeIfSignedImpl<T, false>
-{
-    static T run(T x) { return x; }
-};
-template<typename T>
-inline T
-OppositeIfSigned(T x)
-{
-  return OppositeIfSignedImpl<T>::run(x);
-}
-
-} // namespace detail
-
-
-/*
- * Step 4: Now define the CheckedInt class.
- */
-
-/**
- * @class CheckedInt
- * @brief Integer wrapper class checking for integer overflow and other errors
- * @param T the integer type to wrap. Can be any type among the following:
- *            - any basic integer type such as |int|
- *            - any stdint type such as |int8_t|
- *
- * This class implements guarded integer arithmetic. Do a computation, check
- * that isValid() returns true, you then have a guarantee that no problem, such
- * as integer overflow, happened during this computation, and you can call
- * value() to get the plain integer value.
- *
- * The arithmetic operators in this class are guaranteed not to raise a signal
- * (e.g. in case of a division by zero).
- *
- * For example, suppose that you want to implement a function that computes
- * (x+y)/z, that doesn't crash if z==0, and that reports on error (divide by
- * zero or integer overflow). You could code it as follows:
-   @code
-   bool computeXPlusYOverZ(int x, int y, int z, int *result)
-   {
-       CheckedInt<int> checkedResult = (CheckedInt<int>(x) + y) / z;
-       if (checkedResult.isValid()) {
-           *result = checkedResult.value();
-           return true;
-       } else {
-           return false;
-       }
-   }
-   @endcode
- *
- * Implicit conversion from plain integers to checked integers is allowed. The
- * plain integer is checked to be in range before being casted to the
- * destination type. This means that the following lines all compile, and the
- * resulting CheckedInts are correctly detected as valid or invalid:
- * @code
-   // 1 is of type int, is found to be in range for uint8_t, x is valid
-   CheckedInt<uint8_t> x(1);
-   // -1 is of type int, is found not to be in range for uint8_t, x is invalid
-   CheckedInt<uint8_t> x(-1);
-   // -1 is of type int, is found to be in range for int8_t, x is valid
-   CheckedInt<int8_t> x(-1);
-   // 1000 is of type int16_t, is found not to be in range for int8_t,
-   // x is invalid
-   CheckedInt<int8_t> x(int16_t(1000));
-   // 3123456789 is of type uint32_t, is found not to be in range for int32_t,
-   // x is invalid
-   CheckedInt<int32_t> x(uint32_t(3123456789));
- * @endcode
- * Implicit conversion from
- * checked integers to plain integers is not allowed. As shown in the
- * above example, to get the value of a checked integer as a normal integer,
- * call value().
- *
- * Arithmetic operations between checked and plain integers is allowed; the
- * result type is the type of the checked integer.
- *
- * Checked integers of different types cannot be used in the same arithmetic
- * expression.
- *
- * There are convenience typedefs for all stdint types, of the following form
- * (these are just 2 examples):
-   @code
-   typedef CheckedInt<int32_t> CheckedInt32;
-   typedef CheckedInt<uint16_t> CheckedUint16;
-   @endcode
- */
-template<typename T>
-class CheckedInt
-{
-  protected:
-    T mValue;
-    bool mIsValid;
-
-    template<typename U>
-    CheckedInt(U value, bool isValid) : mValue(value), mIsValid(isValid)
-    {
-      MOZ_STATIC_ASSERT(detail::IsSupported<T>::value,
-                        "This type is not supported by CheckedInt");
-    }
-
-  public:
-    /**
-     * Constructs a checked integer with given @a value. The checked integer is
-     * initialized as valid or invalid depending on whether the @a value
-     * is in range.
-     *
-     * This constructor is not explicit. Instead, the type of its argument is a
-     * separate template parameter, ensuring that no conversion is performed
-     * before this constructor is actually called. As explained in the above
-     * documentation for class CheckedInt, this constructor checks that its
-     * argument is valid.
-     */
-    template<typename U>
-    CheckedInt(U value)
-      : mValue(T(value)),
-        mIsValid(detail::IsInRange<T>(value))
-    {
-      MOZ_STATIC_ASSERT(detail::IsSupported<T>::value,
-                        "This type is not supported by CheckedInt");
-    }
-
-    /** Constructs a valid checked integer with initial value 0 */
-    CheckedInt() : mValue(0), mIsValid(true)
-    {
-      MOZ_STATIC_ASSERT(detail::IsSupported<T>::value,
-                        "This type is not supported by CheckedInt");
-    }
-
-    /** @returns the actual value */
-    T value() const
-    {
-      MOZ_ASSERT(mIsValid, "Invalid checked integer (division by zero or integer overflow)");
-      return mValue;
-    }
-
-    /**
-     * @returns true if the checked integer is valid, i.e. is not the result
-     * of an invalid operation or of an operation involving an invalid checked
-     * integer
-     */
-    bool isValid() const
-    {
-      return mIsValid;
-    }
-
-    template<typename U>
-    friend CheckedInt<U> operator +(const CheckedInt<U>& lhs,
-                                    const CheckedInt<U>& rhs);
-    template<typename U>
-    CheckedInt& operator +=(U rhs);
-    template<typename U>
-    friend CheckedInt<U> operator -(const CheckedInt<U>& lhs,
-                                    const CheckedInt<U> &rhs);
-    template<typename U>
-    CheckedInt& operator -=(U rhs);
-    template<typename U>
-    friend CheckedInt<U> operator *(const CheckedInt<U>& lhs,
-                                    const CheckedInt<U> &rhs);
-    template<typename U>
-    CheckedInt& operator *=(U rhs);
-    template<typename U>
-    friend CheckedInt<U> operator /(const CheckedInt<U>& lhs,
-                                    const CheckedInt<U> &rhs);
-    template<typename U>
-    CheckedInt& operator /=(U rhs);
-
-    CheckedInt operator -() const
-    {
-      // Circumvent msvc warning about - applied to unsigned int.
-      // if we're unsigned, the only valid case anyway is 0
-      // in which case - is a no-op.
-      T result = detail::OppositeIfSigned(mValue);
-      /* Help the compiler perform RVO (return value optimization). */
-      return CheckedInt(result,
-                        mIsValid && detail::IsSubValid(T(0),
-                                                       mValue));
-    }
-
-    /**
-     * @returns true if the left and right hand sides are valid
-     * and have the same value.
-     *
-     * Note that these semantics are the reason why we don't offer
-     * a operator!=. Indeed, we'd want to have a!=b be equivalent to !(a==b)
-     * but that would mean that whenever a or b is invalid, a!=b
-     * is always true, which would be very confusing.
-     *
-     * For similar reasons, operators <, >, <=, >= would be very tricky to
-     * specify, so we just avoid offering them.
-     *
-     * Notice that these == semantics are made more reasonable by these facts:
-     *  1. a==b implies equality at the raw data level
-     *     (the converse is false, as a==b is never true among invalids)
-     *  2. This is similar to the behavior of IEEE floats, where a==b
-     *     means that a and b have the same value *and* neither is NaN.
-     */
-    bool operator ==(const CheckedInt& other) const
-    {
-      return mIsValid && other.mIsValid && mValue == other.mValue;
-    }
-
-    /** prefix ++ */
-    CheckedInt& operator++()
-    {
-      *this += 1;
-      return *this;
-    }
-
-    /** postfix ++ */
-    CheckedInt operator++(int)
-    {
-      CheckedInt tmp = *this;
-      *this += 1;
-      return tmp;
-    }
-
-    /** prefix -- */
-    CheckedInt& operator--()
-    {
-      *this -= 1;
-      return *this;
-    }
-
-    /** postfix -- */
-    CheckedInt operator--(int)
-    {
-      CheckedInt tmp = *this;
-      *this -= 1;
-      return tmp;
-    }
-
-  private:
-    /**
-     * The !=, <, <=, >, >= operators are disabled:
-     * see the comment on operator==.
-     */
-    template<typename U>
-    bool operator !=(U other) const MOZ_DELETE;
-    template<typename U>
-    bool operator <(U other) const MOZ_DELETE;
-    template<typename U>
-    bool operator <=(U other) const MOZ_DELETE;
-    template<typename U>
-    bool operator >(U other) const MOZ_DELETE;
-    template<typename U>
-    bool operator >=(U other) const MOZ_DELETE;
-};
-
-#define MOZ_CHECKEDINT_BASIC_BINARY_OPERATOR(NAME, OP)                \
-template<typename T>                                                  \
-inline CheckedInt<T> operator OP(const CheckedInt<T> &lhs,            \
-                                 const CheckedInt<T> &rhs)            \
-{                                                                     \
-  if (!detail::Is##NAME##Valid(lhs.mValue, rhs.mValue))               \
-    return CheckedInt<T>(0, false);                                   \
-                                                                      \
-  return CheckedInt<T>(lhs.mValue OP rhs.mValue,                      \
-                       lhs.mIsValid && rhs.mIsValid);                 \
-}
-
-MOZ_CHECKEDINT_BASIC_BINARY_OPERATOR(Add, +)
-MOZ_CHECKEDINT_BASIC_BINARY_OPERATOR(Sub, -)
-MOZ_CHECKEDINT_BASIC_BINARY_OPERATOR(Mul, *)
-MOZ_CHECKEDINT_BASIC_BINARY_OPERATOR(Div, /)
-
-#undef MOZ_CHECKEDINT_BASIC_BINARY_OPERATOR
-
-// Implement castToCheckedInt<T>(x), making sure that
-//  - it allows x to be either a CheckedInt<T> or any integer type
-//    that can be casted to T
-//  - if x is already a CheckedInt<T>, we just return a reference to it,
-//    instead of copying it (optimization)
-
-namespace detail {
-
-template<typename T, typename U>
-struct CastToCheckedIntImpl
-{
-    typedef CheckedInt<T> ReturnType;
-    static CheckedInt<T> run(U u) { return u; }
-};
-
-template<typename T>
-struct CastToCheckedIntImpl<T, CheckedInt<T> >
-{
-    typedef const CheckedInt<T>& ReturnType;
-    static const CheckedInt<T>& run(const CheckedInt<T>& u) { return u; }
-};
-
-} // namespace detail
-
-template<typename T, typename U>
-inline typename detail::CastToCheckedIntImpl<T, U>::ReturnType
-castToCheckedInt(U u)
-{
-  return detail::CastToCheckedIntImpl<T, U>::run(u);
-}
-
-#define MOZ_CHECKEDINT_CONVENIENCE_BINARY_OPERATORS(OP, COMPOUND_OP)  \
-template<typename T>                                              \
-template<typename U>                                              \
-CheckedInt<T>& CheckedInt<T>::operator COMPOUND_OP(U rhs)         \
-{                                                                 \
-  *this = *this OP castToCheckedInt<T>(rhs);                      \
-  return *this;                                                   \
-}                                                                 \
-template<typename T, typename U>                                  \
-inline CheckedInt<T> operator OP(const CheckedInt<T> &lhs, U rhs) \
-{                                                                 \
-  return lhs OP castToCheckedInt<T>(rhs);                         \
-}                                                                 \
-template<typename T, typename U>                                  \
-inline CheckedInt<T> operator OP(U lhs, const CheckedInt<T> &rhs) \
-{                                                                 \
-  return castToCheckedInt<T>(lhs) OP rhs;                         \
-}
-
-MOZ_CHECKEDINT_CONVENIENCE_BINARY_OPERATORS(+, +=)
-MOZ_CHECKEDINT_CONVENIENCE_BINARY_OPERATORS(*, *=)
-MOZ_CHECKEDINT_CONVENIENCE_BINARY_OPERATORS(-, -=)
-MOZ_CHECKEDINT_CONVENIENCE_BINARY_OPERATORS(/, /=)
-
-#undef MOZ_CHECKEDINT_CONVENIENCE_BINARY_OPERATORS
-
-template<typename T, typename U>
-inline bool
-operator ==(const CheckedInt<T> &lhs, U rhs)
-{
-  return lhs == castToCheckedInt<T>(rhs);
-}
-
-template<typename T, typename U>
-inline bool
-operator ==(U  lhs, const CheckedInt<T> &rhs)
-{
-  return castToCheckedInt<T>(lhs) == rhs;
-}
-
-// Convenience typedefs.
-typedef CheckedInt<int8_t>   CheckedInt8;
-typedef CheckedInt<uint8_t>  CheckedUint8;
-typedef CheckedInt<int16_t>  CheckedInt16;
-typedef CheckedInt<uint16_t> CheckedUint16;
-typedef CheckedInt<int32_t>  CheckedInt32;
-typedef CheckedInt<uint32_t> CheckedUint32;
-typedef CheckedInt<int64_t>  CheckedInt64;
-typedef CheckedInt<uint64_t> CheckedUint64;
-
-} // namespace WebCore
-
-#endif /* mozilla_CheckedInt_h_ */