2 * Copyright 2017 Facebook, Inc.
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
21 * DestructorCheck is a helper class that helps to detect if a tracked object
23 * This is useful for objects that request callbacks from other components.
25 * Classes needing this functionality should:
26 * - derive from DestructorCheck
28 * Callback context can be extended with an instance of DestructorCheck::Safety
29 * object initialized with a reference to the object dereferenced from the
30 * callback. Once the callback is invoked, it can use this safety object to
31 * check if the object was not deallocated yet before dereferencing it.
33 * DestructorCheck does not perform any locking. It is intended to be used
34 * only from a single thread.
38 * class AsyncFoo : public DestructorCheck {
41 * // awesome async code with circuitous deletion paths
46 * righteousFunc(AsyncFoo& f) {
47 * DestructorCheck::Safety safety(f);
49 * f.async1(); // might have deleted f, oh noes
50 * if (!safety.destroyed()) {
51 * // phew, still there
57 class DestructorCheck {
59 virtual ~DestructorCheck() {
60 rootGuard_.setAllDestroyed();
66 // These methods are mostly private because an outside caller could violate
67 // the integrity of the linked list.
69 void setAllDestroyed() {
70 for (auto guard = next_; guard; guard = guard->next_) {
71 guard->setDestroyed();
75 // This is used to maintain the double-linked list. An intrusive list does
76 // not require any heap allocations, like a standard container would. This
77 // isolation of next_ in its own class means that the DestructorCheck can
78 // easily hold a next_ pointer without needing to hold a prev_ pointer.
79 // DestructorCheck never needs a prev_ pointer because it is the head node
80 // and this is a special list where the head never moves and never has a
82 Safety* next_{nullptr};
84 friend DestructorCheck::~DestructorCheck();
88 // See above example for usage
89 class Safety : public ForwardLink {
91 explicit Safety(DestructorCheck& destructorCheck) {
92 // Insert this node at the head of the list.
93 prev_ = &destructorCheck.rootGuard_;
95 if (next_ != nullptr) {
103 // Remove this node from the list.
104 prev_->next_ = next_;
105 if (next_ != nullptr) {
106 next_->prev_ = prev_;
111 Safety(const Safety&) = delete;
112 Safety(Safety&& goner) = delete;
113 Safety& operator=(const Safety&) = delete;
114 Safety& operator=(Safety&&) = delete;
116 bool destroyed() const {
117 return prev_ == nullptr;
121 void setDestroyed() {
125 // This field is used to maintain the double-linked list. If the root has
126 // been destroyed then the field is set to the nullptr sentinel value.
129 friend class ForwardLink;
133 ForwardLink rootGuard_;