Google Git
Sign in
chromium / chromium / src.git / 63.0.3235.2 / . / base / threading / thread_restrictions.h
blob: f03c36de495648004e76e95dfbf8c426022051b2 [file] [log] [blame]
// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef BASE_THREADING_THREAD_RESTRICTIONS_H_
#define BASE_THREADING_THREAD_RESTRICTIONS_H_
#include "base/base_export.h"
#include "base/gtest_prod_util.h"
#include "base/logging.h"
#include "base/macros.h"
class BrowserProcessImpl;
class HistogramSynchronizer;
class NativeBackendKWallet;
namespace android_webview {
class AwFormDatabaseService;
class CookieManager;
}
namespace cc {
class CompletionEvent;
class SingleThreadTaskGraphRunner;
}
namespace chromeos {
class BlockingMethodCaller;
namespace system {
class StatisticsProviderImpl;
}
}
namespace chrome_browser_net {
class Predictor;
}
namespace content {
class BrowserGpuChannelHostFactory;
class BrowserGpuMemoryBufferManager;
class BrowserMainLoop;
class BrowserShutdownProfileDumper;
class BrowserSurfaceViewManager;
class BrowserTestBase;
class CategorizedWorkerPool;
class NestedMessagePumpAndroid;
class ScopedAllowWaitForAndroidLayoutTests;
class ScopedAllowWaitForDebugURL;
class SoftwareOutputDeviceMus;
class SynchronousCompositor;
class SynchronousCompositorBrowserFilter;
class SynchronousCompositorHost;
class TextInputClientMac;
} // namespace content
namespace dbus {
class Bus;
}
namespace disk_cache {
class BackendImpl;
class InFlightIO;
}
namespace gpu {
class GpuChannelHost;
}
namespace mojo {
class SyncCallRestrictions;
namespace edk {
class ScopedIPCSupport;
}
}
namespace ui {
class CommandBufferClientImpl;
class CommandBufferLocal;
class GpuState;
}
namespace net {
class NetworkChangeNotifierMac;
class OSCPScopedAllowBaseSyncPrimitives;
namespace internal {
class AddressTrackerLinux;
}
}
namespace remoting {
class AutoThread;
}
namespace ui {
class WindowResizeHelperMac;
}
namespace views {
class ScreenMus;
}
namespace viz {
class ServerGpuMemoryBufferManager;
}
namespace base {
namespace android {
class JavaHandlerThread;
}
namespace internal {
class TaskTracker;
}
class SequencedWorkerPool;
class SimpleThread;
class StackSamplingProfiler;
class Thread;
class ThreadTestHelper;
#if DCHECK_IS_ON()
#define INLINE_IF_DCHECK_IS_OFF BASE_EXPORT
#define EMPTY_BODY_IF_DCHECK_IS_OFF
#else
#define INLINE_IF_DCHECK_IS_OFF inline
#define EMPTY_BODY_IF_DCHECK_IS_OFF \
{}
#endif
// A "blocking call" refers to any call that causes the calling thread to wait
// off-CPU. It includes but is not limited to calls that wait on synchronous
// file I/O operations: read or write a file from disk, interact with a pipe or
// a socket, rename or delete a file, enumerate files in a directory, etc.
// Acquiring a low contention lock is not considered a blocking call.
// Asserts that blocking calls are allowed in the current scope.
INLINE_IF_DCHECK_IS_OFF void AssertBlockingAllowed()
EMPTY_BODY_IF_DCHECK_IS_OFF;
// Disallows blocking on the current thread.
INLINE_IF_DCHECK_IS_OFF void DisallowBlocking() EMPTY_BODY_IF_DCHECK_IS_OFF;
// Disallows blocking calls within its scope.
class BASE_EXPORT ScopedDisallowBlocking {
public:
ScopedDisallowBlocking() EMPTY_BODY_IF_DCHECK_IS_OFF;
~ScopedDisallowBlocking() EMPTY_BODY_IF_DCHECK_IS_OFF;
private:
#if DCHECK_IS_ON()
const bool was_disallowed_;
#endif
DISALLOW_COPY_AND_ASSIGN(ScopedDisallowBlocking);
};
// ScopedAllowBlocking(ForTesting) allow blocking calls within a scope where
// they are normally disallowed.
//
// Avoid using this. Prefer making blocking calls from tasks posted to
// base::TaskScheduler with base::MayBlock().
class BASE_EXPORT ScopedAllowBlocking {
private:
// This can only be instantiated by friends. Use ScopedAllowBlockingForTesting
// in unit tests to avoid the friend requirement.
FRIEND_TEST_ALL_PREFIXES(ThreadRestrictionsTest, ScopedAllowBlocking);
friend class ScopedAllowBlockingForTesting;
ScopedAllowBlocking() EMPTY_BODY_IF_DCHECK_IS_OFF;
~ScopedAllowBlocking() EMPTY_BODY_IF_DCHECK_IS_OFF;
#if DCHECK_IS_ON()
const bool was_disallowed_;
#endif
DISALLOW_COPY_AND_ASSIGN(ScopedAllowBlocking);
};
class ScopedAllowBlockingForTesting {
public:
ScopedAllowBlockingForTesting() {}
~ScopedAllowBlockingForTesting() {}
private:
#if DCHECK_IS_ON()
ScopedAllowBlocking scoped_allow_blocking_;
#endif
DISALLOW_COPY_AND_ASSIGN(ScopedAllowBlockingForTesting);
};
// "Waiting on a //base sync primitive" refers to calling
// base::WaitableEvent::*Wait* or base::ConditionVariable::*Wait*.
// Disallows waiting on a //base sync primitive on the current thread.
INLINE_IF_DCHECK_IS_OFF void DisallowBaseSyncPrimitives()
EMPTY_BODY_IF_DCHECK_IS_OFF;
// ScopedAllowBaseSyncPrimitives(ForTesting)(OutsideBlockingScope) allow waiting
// on a //base sync primitive within a scope where this is normally disallowed.
//
// Avoid using this. Instead of waiting on a WaitableEvent or a
// ConditionVariable, put the work that should happen after the wait in a
// callback and post that callback from where the WaitableEvent or
// ConditionVariable would have been signaled. If something needs to be
// scheduled after many tasks have executed, use base::BarrierClosure.
// This can only be used in a scope where blocking is allowed.
class BASE_EXPORT ScopedAllowBaseSyncPrimitives {
private:
// This can only be instantiated by friends. Use
// ScopedAllowBaseSyncPrimitivesForTesting in unit tests to avoid the friend
// requirement.
FRIEND_TEST_ALL_PREFIXES(ThreadRestrictionsTest,
ScopedAllowBaseSyncPrimitives);
FRIEND_TEST_ALL_PREFIXES(ThreadRestrictionsTest,
ScopedAllowBaseSyncPrimitivesResetsState);
FRIEND_TEST_ALL_PREFIXES(ThreadRestrictionsTest,
ScopedAllowBaseSyncPrimitivesWithBlockingDisallowed);
friend class net::OSCPScopedAllowBaseSyncPrimitives;
ScopedAllowBaseSyncPrimitives() EMPTY_BODY_IF_DCHECK_IS_OFF;
~ScopedAllowBaseSyncPrimitives() EMPTY_BODY_IF_DCHECK_IS_OFF;
#if DCHECK_IS_ON()
const bool was_disallowed_;
#endif
DISALLOW_COPY_AND_ASSIGN(ScopedAllowBaseSyncPrimitives);
};
// This can be used in a scope where blocking is disallowed.
class BASE_EXPORT ScopedAllowBaseSyncPrimitivesOutsideBlockingScope {
private:
// This can only be instantiated by friends. Use
// ScopedAllowBaseSyncPrimitivesForTesting in unit tests to avoid the friend
// requirement.
FRIEND_TEST_ALL_PREFIXES(ThreadRestrictionsTest,
ScopedAllowBaseSyncPrimitivesOutsideBlockingScope);
FRIEND_TEST_ALL_PREFIXES(
ThreadRestrictionsTest,
ScopedAllowBaseSyncPrimitivesOutsideBlockingScopeResetsState);
ScopedAllowBaseSyncPrimitivesOutsideBlockingScope()
EMPTY_BODY_IF_DCHECK_IS_OFF;
~ScopedAllowBaseSyncPrimitivesOutsideBlockingScope()
EMPTY_BODY_IF_DCHECK_IS_OFF;
#if DCHECK_IS_ON()
const bool was_disallowed_;
#endif
DISALLOW_COPY_AND_ASSIGN(ScopedAllowBaseSyncPrimitivesOutsideBlockingScope);
};
// This can be used in tests without being a friend of
// ScopedAllowBaseSyncPrimitives(OutsideBlockingScope).
class BASE_EXPORT ScopedAllowBaseSyncPrimitivesForTesting {
public:
ScopedAllowBaseSyncPrimitivesForTesting() EMPTY_BODY_IF_DCHECK_IS_OFF;
~ScopedAllowBaseSyncPrimitivesForTesting() EMPTY_BODY_IF_DCHECK_IS_OFF;
private:
#if DCHECK_IS_ON()
const bool was_disallowed_;
#endif
DISALLOW_COPY_AND_ASSIGN(ScopedAllowBaseSyncPrimitivesForTesting);
};
namespace internal {
// Asserts that waiting on a //base sync primitive is allowed in the current
// scope.
INLINE_IF_DCHECK_IS_OFF void AssertBaseSyncPrimitivesAllowed()
EMPTY_BODY_IF_DCHECK_IS_OFF;
// Resets all thread restrictions on the current thread.
INLINE_IF_DCHECK_IS_OFF void ResetThreadRestrictionsForTesting()
EMPTY_BODY_IF_DCHECK_IS_OFF;
} // namespace internal
// Certain behavior is disallowed on certain threads. ThreadRestrictions helps
// enforce these rules. Examples of such rules:
//
// * Do not do blocking IO (makes the thread janky)
// * Do not access Singleton/LazyInstance (may lead to shutdown crashes)
//
// Here's more about how the protection works:
//
// 1) If a thread should not be allowed to make IO calls, mark it:
// base::ThreadRestrictions::SetIOAllowed(false);
// By default, threads *are* allowed to make IO calls.
// In Chrome browser code, IO calls should be proxied to a TaskRunner with
// the base::MayBlock() trait.
//
// 2) If a function makes a call that will go out to disk, check whether the
// current thread is allowed:
// base::ThreadRestrictions::AssertIOAllowed();
//
//
// Style tip: where should you put AssertIOAllowed checks? It's best
// if you put them as close to the disk access as possible, at the
// lowest level. This rule is simple to follow and helps catch all
// callers. For example, if your function GoDoSomeBlockingDiskCall()
// only calls other functions in Chrome and not fopen(), you should go
// add the AssertIOAllowed checks in the helper functions.
class BASE_EXPORT ThreadRestrictions {
public:
// Constructing a ScopedAllowIO temporarily allows IO for the current
// thread. Doing this is almost certainly always incorrect.
//
// DEPRECATED. Use ScopedAllowBlocking(ForTesting).
class BASE_EXPORT ScopedAllowIO {
public:
ScopedAllowIO() { previous_value_ = SetIOAllowed(true); }
~ScopedAllowIO() { SetIOAllowed(previous_value_); }
private:
// Whether IO is allowed when the ScopedAllowIO was constructed.
bool previous_value_;
DISALLOW_COPY_AND_ASSIGN(ScopedAllowIO);
};
#if DCHECK_IS_ON()
// Set whether the current thread to make IO calls.
// Threads start out in the *allowed* state.
// Returns the previous value.
//
// DEPRECATED. Use ScopedAllowBlocking(ForTesting) or ScopedDisallowBlocking.
static bool SetIOAllowed(bool allowed);
// Check whether the current thread is allowed to make IO calls,
// and DCHECK if not. See the block comment above the class for
// a discussion of where to add these checks.
//
// DEPRECATED. Use AssertBlockingAllowed.
static void AssertIOAllowed();
// Set whether the current thread can use singletons. Returns the previous
// value.
static bool SetSingletonAllowed(bool allowed);
// Check whether the current thread is allowed to use singletons (Singleton /
// LazyInstance). DCHECKs if not.
static void AssertSingletonAllowed();
// Disable waiting on the current thread. Threads start out in the *allowed*
// state. Returns the previous value.
//
// DEPRECATED. Use DisallowBaseSyncPrimitives.
static void DisallowWaiting();
#else
// Inline the empty definitions of these functions so that they can be
// compiled out.
static bool SetIOAllowed(bool allowed) { return true; }
static void AssertIOAllowed() {}
static bool SetSingletonAllowed(bool allowed) { return true; }
static void AssertSingletonAllowed() {}
static void DisallowWaiting() {}
#endif
private:
// DO NOT ADD ANY OTHER FRIEND STATEMENTS, talk to jam or brettw first.
// BEGIN ALLOWED USAGE.
friend class android_webview::AwFormDatabaseService;
friend class android_webview::CookieManager;
friend class base::StackSamplingProfiler;
friend class content::BrowserMainLoop;
friend class content::BrowserShutdownProfileDumper;
friend class content::BrowserSurfaceViewManager;
friend class content::BrowserTestBase;
friend class content::NestedMessagePumpAndroid;
friend class content::ScopedAllowWaitForAndroidLayoutTests;
friend class content::ScopedAllowWaitForDebugURL;
friend class content::SynchronousCompositor;
friend class content::SynchronousCompositorBrowserFilter;
friend class content::SynchronousCompositorHost;
friend class ::HistogramSynchronizer;
friend class internal::TaskTracker;
friend class cc::CompletionEvent;
friend class cc::SingleThreadTaskGraphRunner;
friend class content::CategorizedWorkerPool;
friend class remoting::AutoThread;
friend class ui::WindowResizeHelperMac;
friend class MessagePumpDefault;
friend class SequencedWorkerPool;
friend class SimpleThread;
friend class Thread;
friend class ThreadTestHelper;
friend class PlatformThread;
friend class android::JavaHandlerThread;
friend class mojo::SyncCallRestrictions;
friend class mojo::edk::ScopedIPCSupport;
friend class ui::CommandBufferClientImpl;
friend class ui::CommandBufferLocal;
friend class ui::GpuState;
// END ALLOWED USAGE.
// BEGIN USAGE THAT NEEDS TO BE FIXED.
friend class ::chromeos::BlockingMethodCaller; // http://crbug.com/125360
friend class ::chromeos::system::StatisticsProviderImpl; // http://crbug.com/125385
friend class chrome_browser_net::Predictor; // http://crbug.com/78451
friend class
content::BrowserGpuChannelHostFactory; // http://crbug.com/125248
friend class
content::BrowserGpuMemoryBufferManager; // http://crbug.com/420368
friend class content::TextInputClientMac; // http://crbug.com/121917
friend class dbus::Bus; // http://crbug.com/125222
friend class disk_cache::BackendImpl; // http://crbug.com/74623
friend class disk_cache::InFlightIO; // http://crbug.com/74623
friend class gpu::GpuChannelHost; // http://crbug.com/125264
friend class net::internal::AddressTrackerLinux; // http://crbug.com/125097
friend class net::NetworkChangeNotifierMac; // http://crbug.com/125097
friend class ::BrowserProcessImpl; // http://crbug.com/125207
friend class ::NativeBackendKWallet; // http://crbug.com/125331
#if !defined(OFFICIAL_BUILD)
friend class content::SoftwareOutputDeviceMus; // Interim non-production code
#endif
friend class views::ScreenMus;
friend class viz::ServerGpuMemoryBufferManager;
// END USAGE THAT NEEDS TO BE FIXED.
#if DCHECK_IS_ON()
// DEPRECATED. Use ScopedAllowBaseSyncPrimitives.
static bool SetWaitAllowed(bool allowed);
#else
static bool SetWaitAllowed(bool allowed) { return true; }
#endif
// Constructing a ScopedAllowWait temporarily allows waiting on the current
// thread. Doing this is almost always incorrect, which is why we limit who
// can use this through friend. If you find yourself needing to use this, find
// another way. Talk to jam or brettw.
//
// DEPRECATED. Use ScopedAllowBaseSyncPrimitives.
class BASE_EXPORT ScopedAllowWait {
public:
ScopedAllowWait() { previous_value_ = SetWaitAllowed(true); }
~ScopedAllowWait() { SetWaitAllowed(previous_value_); }
private:
// Whether singleton use is allowed when the ScopedAllowWait was
// constructed.
bool previous_value_;
DISALLOW_COPY_AND_ASSIGN(ScopedAllowWait);
};
DISALLOW_IMPLICIT_CONSTRUCTORS(ThreadRestrictions);
};
} // namespace base
#endif // BASE_THREADING_THREAD_RESTRICTIONS_H_