-
Notifications
You must be signed in to change notification settings - Fork 72
Reference Counting
LiteCore and Fleece heavily use reference counting for memory management.
A ref-counted object has an internal counter in it, which reflects how many valid references there are to that object. When the object is first created and initialized it has one reference, so the counter is initialized to 1.
You never explicitly delete a ref-counted object; instead when you're done with it you release it, which decrements the counter. When the counter reaches zero, we know nothing is using the object anymore, so the object is automatically freed. Since release may free the object, never use that pointer again afterwards. It's dead to you.
If you need to store another reference to the same object somewhere, you retain the object, which increments the counter. That second reference also requires a release call when it's no longer used.
Note: As a convenience, it's always safe to retain or release a NULL pointer; it's a no-op.
Note: Retain and release are atomic operations, so they are thread-safe. It's OK to release a reference on a different thread than the one where you first obtained or retained it.
We have several categories of ref-counted objects:
- In the C API:
- Types like
C4Database*
are opaque references that have associated functions likec4db_retain()
andc4db_release()
. - Some Fleece types like
FLDoc
,FLMutableDict
FLMutableArray
, are ref-counted and have their associated retain/release functions. -
FLSliceResult
is a ref-counted block of memory, often used as a string, with associated functionsFLSliceResult_Retain()
andFLSliceResult_Release()
.
- Types like
- In the C++ API:
- Any subclass of
fleece::RefCounted
, which includes the LiteCore classesC4Database
etc. These are always stored in aRetained<>
. - Fleece classes like
Doc
,MutableArray
,MutableDict
-- these are all smart-pointer wrappers around their C equivalents. -
alloc_slice
, which is a smart pointer wrapping aFLSliceResult
. - In the innards of LiteCore you'll find a few uses of
std::shared_ptr
, the standard C++ equivalent ofRetained<>
.
- Any subclass of
In C APIs, retain and release are functions that take a pointer. There are separate functions for each type of object; in fact, the existence of functions with "retain" and "release" in their names is a clue that the type they're passed is ref-counted.
The most common way you obtain a reference is by an API call that returns one, like c4db_openNamed()
, whose doc-comment points out that you're responsible for releasing the result. Since the call is passing ownership of the reference to you, you're responsible for calling release when done:
// Temporarily using a ref-counted result:
C4Foo *foo = c4foo_new();
if (foo)
do_something_with(foo);
c4foo_release(foo);
A more complicated case is where you have an existing reference variable and want to make it point to a different object. In this case you need to:
- Retain the new value
- Release the old value
- Store the new value in the variable
The order is important: if you swap steps 1 and 2, then if the new value happens to be the same as the old value, the initial release could delete the object, which would be Very Bad.
// Updating a stored ref-counted reference:
typedef struct { C4Foo* foo; } mystruct;
void updateFoo(mystruct *s, C4Foo* newFoo) {
c4foo_retain(newFoo);
c4foo_release(s->foo);
s->foo = newFoo;
}
This works even if either of newFoo
and/or s->foo
are NULL, or if they point to the same object.
Note: This three-step tango is not thread-safe (and making it thread-safe would be more difficult than it appears.) Never mutate a reference variable when another thread might have access to it!
In C++ APIs, we don't call retain/release directly. Instead we use "smart pointer" types that do it automatically: these are Retained<>
and RetainedConst<>
, as well as alloc_slice
, MutableDict
, MutableArray
. These all do the 'three-step tango' described above when you assign to them, and they release their value in their destructor.
// Temporarily using a ref-counted result:
Retained<C4Foo> foo = C4Foo::newFoo();
if (foo)
do_something_with(foo);
// No need to release; `foo` will release when it goes out of scope.
// Updating a stored ref-counted reference:
class mystruct { Retained<C4Foo> _foo; };
void mystruct::updateFoo(C4Foo* newFoo) {
_foo = newFoo;
}
Note: Another benefit of
Retained<>
(and the other smart pointers) is that they're automatically initialized to NULL, not garbage like a raw pointer.
A question that sometimes comes up is whether you should pass a ref-counted type to a function as a plain pointer or a smart pointer (Foo*
or Retained<Foo>
.) Opinions vary.
- Passing a smart pointer is guaranteed to be safe, but it's expensive (at the micro-level.) The implicit retain/release calls involve atomic operations that take hundreds of CPU cycles. [Citation Needed]
- Passing a raw pointer is very fast ... but there is an edge case where it can bite you: if the function passed the pointer makes a call that releases the caller's reference.
We generally use the fast option: pass a raw pointer.
Inside LiteCore you may find yourself directly creating ref-counted objects using new
. A new RefCounted object must immediately be assigned to a Retained<>
value, otherwise it has a dangling ref-count of zero.
Foo* foo = new Foo(42); // Bad!
auto foo = new Foo(42); // Bad! (foo is type Foo*, just like above)
Retained<Foo> foo = new Foo(42); // Good
auto foo = make_retained<foo>(42); // Best (make_retained<T> returns a Retained<T>.)