Before this, it has been possible to assign a RefCounted object to another
RefCounted object. Hilariosly (or sadly), that copied the refcount among
the other fields, meaning the target value ended up with a wrong refcount.
Ensure this never happens by disallowing copies and moves for RefCounted types.
This fixes all sorts of race conditions, primarily in the kernel, where till
now it's been possible to obtain either double free or use-after-free by
exploiting refcounting races.
If these methods get inlined, the compiler is able to statically eliminate most
of the assertions. Alas, it doesn't realize this, and believes inlining them to
be too expensive. So give it a strong hint that it's not the case.
This *decreases* the kernel binary size.
We allow the ref-counting parts of an object to be mutated even when the
object itself is a const.
An important detail is that we allow invoking 'will_be_destroyed' and
'one_ref_left', which are not required to be const qualified, on const
objects.
As suggested by Joshua, this commit adds the 2-clause BSD license as a
comment block to the top of every source file.
For the first pass, I've just added myself for simplicity. I encourage
everyone to add themselves as copyright holders of any file they've
added or modified in some significant way. If I've added myself in
error somewhere, feel free to replace it with the appropriate copyright
holder instead.
Going forward, all new source files should include a license header.