| /* |
| * Copyright 2018 Google LLC |
| * |
| * Use of this source code is governed by a BSD-style license that can be |
| * found in the LICENSE file. |
| */ |
| #ifndef SkNoDestructor_DEFINED |
| #define SkNoDestructor_DEFINED |
| |
| #include <cstddef> |
| #include <new> |
| #include <type_traits> // IWYU pragma: keep |
| #include <utility> |
| |
| // Helper type to create a function-local static variable of type `T` when `T` |
| // has a non-trivial destructor. Storing a `T` in a `SkNoDestructor<T>` will |
| // prevent `~T()` from running, even when the variable goes out of scope. This |
| // code is adapted from `base::NoDestructor<T>` in Chromium. |
| // |
| // Useful when a variable has static storage duration but its type has a |
| // non-trivial destructor. Chromium (and transitively, Skia) bans global |
| // constructors and destructors: using a function-local static variable prevents |
| // the former, while using `SkNoDestructor<T>` prevents the latter. |
| // |
| // ## Caveats |
| // |
| // - Must not be used for locals or fields; by definition, this does not run |
| // destructors, and this will likely lead to memory leaks and other |
| // surprising and undesirable behaviour. |
| // |
| // - If `T` is not constexpr constructible, must be a function-local static |
| // variable, since a global `NoDestructor<T>` will still generate a static |
| // initializer. |
| // |
| // - If `T` is constinit constructible, may be used as a global, but mark the |
| // global `constinit` (once C++20 is available) |
| // |
| // - If the data is rarely used, consider creating it on demand rather than |
| // caching it for the lifetime of the program. Though `SkNoDestructor<T>` |
| // does not heap allocate, the compiler still reserves space in bss for |
| // storing `T`, which costs memory at runtime. |
| // |
| // - If `T` is trivially destructible, do not use `SkNoDestructor<T>`: |
| // |
| // const uint64_t GetUnstableSessionSeed() { |
| // // No need to use `SkNoDestructor<T>` as `uint64_t` is trivially |
| // // destructible and does not require a global destructor. |
| // static const uint64_t kSessionSeed = GetRandUint64(); |
| // return kSessionSeed; |
| // } |
| // |
| // ## Example Usage |
| // |
| // const std::string& GetDefaultText() { |
| // // Required since `static const std::string` requires a global destructor. |
| // static const SkNoDestructor<std::string> s("Hello world!"); |
| // return *s; |
| // } |
| // |
| // More complex initialization using a lambda: |
| // |
| // const std::string& GetRandomNonce() { |
| // // `nonce` is initialized with random data the first time this function is |
| // // called, but its value is fixed thereafter. |
| // static const SkNoDestructor<std::string> nonce([] { |
| // std::string s(16); |
| // GetRandString(s.data(), s.size()); |
| // return s; |
| // }()); |
| // return *nonce; |
| // } |
| // |
| // ## Thread safety |
| // |
| // Initialization of function-local static variables is thread-safe since C++11. |
| // The standard guarantees that: |
| // |
| // - function-local static variables will be initialised the first time |
| // execution passes through the declaration. |
| // |
| // - if another thread's execution concurrently passes through the declaration |
| // in the middle of initialisation, that thread will wait for the in-progress |
| // initialisation to complete. |
| template <typename T> class SkNoDestructor { |
| public: |
| static_assert(!(std::is_trivially_constructible_v<T> && std::is_trivially_destructible_v<T>), |
| "T is trivially constructible and destructible; please use a constinit object of " |
| "type T directly instead"); |
| |
| static_assert(!std::is_trivially_destructible_v<T>, |
| "T is trivially destructible; please use a function-local static of type T " |
| "directly instead"); |
| |
| // Not constexpr; just write static constexpr T x = ...; if the value should be a constexpr. |
| template <typename... Args> explicit SkNoDestructor(Args&&... args) { |
| new (fStorage) T(std::forward<Args>(args)...); |
| } |
| |
| // Allows copy and move construction of the contained type, to allow construction from an |
| // initializer list, e.g. for std::vector. |
| explicit SkNoDestructor(const T& x) { new (fStorage) T(x); } |
| explicit SkNoDestructor(T&& x) { new (fStorage) T(std::move(x)); } |
| |
| SkNoDestructor(const SkNoDestructor&) = delete; |
| SkNoDestructor& operator=(const SkNoDestructor&) = delete; |
| |
| ~SkNoDestructor() = default; |
| |
| const T& operator*() const { return *get(); } |
| T& operator*() { return *get(); } |
| |
| const T* operator->() const { return get(); } |
| T* operator->() { return get(); } |
| |
| const T* get() const { return reinterpret_cast<const T*>(fStorage); } |
| T* get() { return reinterpret_cast<T*>(fStorage); } |
| |
| private: |
| alignas(T) std::byte fStorage[sizeof(T)]; |
| |
| #if defined(__clang__) && defined(__has_feature) |
| #if __has_feature(leak_sanitizer) || __has_feature(address_sanitizer) |
| // TODO(https://crbug.com/812277): This is a hack to work around the fact that LSan doesn't seem |
| // to treat SkNoDestructor as a root for reachability analysis. This means that code like this: |
| // static SkNoDestructor<std::vector<int>> v({1, 2, 3}); |
| // is considered a leak. Using the standard leak sanitizer annotations to suppress leaks doesn't |
| // work: std::vector is implicitly constructed before calling the SkNoDestructor constructor. |
| // |
| // Unfortunately, I haven't been able to demonstrate this issue in simpler reproductions: until |
| // that's resolved, hold an explicit pointer to the placement-new'd object in leak sanitizer |
| // mode to help LSan realize that objects allocated by the contained type are still reachable. |
| T* fStoragePtr = reinterpret_cast<T*>(fStorage); |
| #endif // leak_sanitizer/address_sanitizer |
| #endif // __has_feature |
| }; |
| |
| #endif // SkNoDestructor_DEFINED |
