| blob | 32728bd8e9ab19f52041e2f6d94a9db621b957ff |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef PPAPI_SHARED_IMPL_PROXY_LOCK_H_
6 #define PPAPI_SHARED_IMPL_PROXY_LOCK_H_
17 }
21 }
25 // This is the one lock to rule them all for the ppapi proxy. All PPB interface
26 // functions that need to be synchronized should lock this lock on entry. This
27 // is normally accomplished by using an appropriate Enter RAII object at the
28 // beginning of each thunk function.
29 //
30 // TODO(dmichael): If this turns out to be too slow and contentious, we'll want
31 // to use multiple locks. E.g., one for the var tracker, one for the resource
32 // tracker, etc.
35 // Return the global ProxyLock. Normally, you should not access this
36 // directly but instead use ProxyAutoLock or ProxyAutoUnlock. But sometimes
37 // you need access to the ProxyLock, for example to create a condition
38 // variable.
41 // Acquire the proxy lock. If it is currently held by another thread, block
42 // until it is available. If the lock has not been set using the 'Set' method,
43 // this operation does nothing. That is the normal case for the host side;
44 // see PluginResourceTracker for where the lock gets set for the out-of-
45 // process plugin case.
47 // Relinquish the proxy lock. If the lock has not been set, this does nothing.
50 // Assert that the lock is owned by the current thread (in the plugin
51 // process). Does nothing when running in-process (or in the host process).
54 #ifndef NDEBUG
56 #endif
57 }
59 // We have some unit tests where one thread pretends to be the host and one
60 // pretends to be the plugin. This allows the lock to do nothing on only one
61 // thread to support these tests. See TwoWayTest for more information.
66 };
70 // On the host side, we do not lock. This must be called at most once at
71 // startup, before other threads that may access the ProxyLock have had a
72 // chance to run.
76 };
78 // A simple RAII class for locking the PPAPI proxy lock on entry and releasing
79 // on exit. This is for simple interfaces that don't use the 'thunk' system,
80 // such as PPB_Var and PPB_Core.
88 };
90 // The inverse of the above; unlock on construction, lock on destruction. This
91 // is useful for calling out to the plugin, when we need to unlock but ensure
92 // that we re-acquire the lock when the plugin is returns or raises an
93 // exception.
101 };
103 // A set of function template overloads for invoking a function pointer while
104 // the ProxyLock is unlocked. This assumes that the luck is held.
105 // CallWhileUnlocked unlocks the ProxyLock just before invoking the given
106 // function. The lock is immediately re-acquired when the invoked function
107 // function returns. CallWhileUnlocked returns whatever the given function
108 // returned.
109 //
110 // Example usage:
111 // *result = CallWhileUnlocked(ppp_input_event_impl_->HandleInputEvent,
112 // instance,
113 // resource->pp_resource());
116 ProxyAutoUnlock unlock;
118 }
119 // Note we use 2 types for the params, even though for the most part we expect
120 // A1 to match P1. We let the compiler determine if P1 can convert safely to
121 // A1. This allows callers to avoid having to do things like
122 // const_cast to add const.
125 ProxyAutoUnlock unlock;
127 }
132 ProxyAutoUnlock unlock;
134 }
141 ProxyAutoUnlock unlock;
143 }
151 ProxyAutoUnlock unlock;
153 }
162 ProxyAutoUnlock unlock;
164 }
178 // CallWhileLocked and destruction might happen on a different thread from
179 // creation.
181 }
183 // Bind thread_checker_ to this thread so we can check in the destructor.
185 ProxyAutoLock lock;
186 {
187 // Use a scope and local Callback to ensure that the callback is cleared
188 // before the lock is released, even in the unlikely event that Run()
189 // throws an exception.
192 }
193 }
196 // Check that the Callback is destroyed on the same thread as where
197 // CallWhileLocked happened (if CallWhileLocked happened).
199 // Here we read callback_ without the lock. This is why the callback must be
200 // destroyed on the same thread where it runs. There are 2 cases where
201 // callback_ will be NULL:
202 // 1) This is the original RunWhileLockedHelper that RunWhileLocked
203 // created. When it was copied somewhere else (e.g., to a MessageLoop
204 // queue), callback_ was passed to the new copy, and the original
205 // RunWhileLockedHelper's callback_ was set to NULL (since scoped_ptrs
206 // only ever have 1 owner). In this case, we don't want to acquire the
207 // lock, because we already have it.
208 // 2) callback_ has already been run via CallWhileLocked. In this case,
209 // there's no need to acquire the lock, because we don't touch any
210 // shared data.
212 // If the callback was not run, we still need to have the lock when we
213 // destroy the callback in case it had a Resource bound to it. This
214 // ensures that the Resource's destructor is invoked only with the lock
215 // held.
216 //
217 // Also: Resource and Var inherit RefCounted (not ThreadSafeRefCounted),
218 // and these callbacks need to be usable on any thread. So we need to lock
219 // when releasing the callback to avoid ref counting races.
220 ProxyAutoLock lock;
222 }
223 }
228 // Used to ensure that the Callback is run and deleted on the same thread.
230 };
239 }
242 ProxyAutoLock lock;
243 {
246 }
247 }
251 ProxyAutoLock lock;
253 }
254 }
259 };
268 }
271 ProxyAutoLock lock;
272 {
275 }
276 }
280 ProxyAutoLock lock;
282 }
283 }
288 };
297 }
300 ProxyAutoLock lock;
301 {
304 }
305 }
309 ProxyAutoLock lock;
311 }
312 }
317 };
321 // RunWhileLocked wraps the given Callback in a new Callback that, when invoked:
322 // 1) Locks the ProxyLock.
323 // 2) Runs the original Callback (forwarding arguments, if any).
324 // 3) Clears the original Callback (while the lock is held).
325 // 4) Unlocks the ProxyLock.
326 // Note that it's important that the callback is cleared in step (3), in case
327 // clearing the Callback causes a destructor (e.g., for a Resource) to run,
328 // which should hold the ProxyLock to avoid data races.
329 //
330 // This is for cases where you want to run a task or store a Callback, but you
331 // want to ensure that the ProxyLock is acquired for the duration of the task
332 // that the Callback runs.
333 // EXAMPLE USAGE:
334 // GetMainThreadMessageLoop()->PostDelayedTask(
335 // FROM_HERE,
336 // RunWhileLocked(base::Bind(&CallbackWrapper, callback, result)),
337 // delay_in_ms);
338 //
339 // In normal usage like the above, this all should "just work". However, if you
340 // do something unusual, you may get a runtime crash due to deadlock. Here are
341 // the ways that the returned Callback must be used to avoid a deadlock:
342 // (1) copied to another Callback. After that, the original callback can be
343 // destroyed with or without the proxy lock acquired, while the newly assigned
344 // callback has to conform to these same restrictions. Or
345 // (2) run without proxy lock acquired (e.g., being posted to a MessageLoop
346 // and run there). The callback must be destroyed on the same thread where it
347 // was run (but can be destroyed with or without the proxy lock acquired). Or
348 // (3) destroyed without the proxy lock acquired.
357 }