238 lines
6.8 KiB
C++
238 lines
6.8 KiB
C++
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
#ifndef mozilla_Monitor_h
|
|
#define mozilla_Monitor_h
|
|
|
|
#include "mozilla/CondVar.h"
|
|
#include "mozilla/Mutex.h"
|
|
|
|
namespace mozilla {
|
|
|
|
/**
|
|
* Monitor provides a *non*-reentrant monitor: *not* a Java-style
|
|
* monitor. If your code needs support for reentrancy, use
|
|
* ReentrantMonitor instead. (Rarely should reentrancy be needed.)
|
|
*
|
|
* Instead of directly calling Monitor methods, it's safer and simpler
|
|
* to instead use the RAII wrappers MonitorAutoLock and
|
|
* MonitorAutoUnlock.
|
|
*/
|
|
class MOZ_CAPABILITY("monitor") Monitor {
|
|
public:
|
|
explicit Monitor(const char* aName)
|
|
: mMutex(aName), mCondVar(mMutex, "[Monitor.mCondVar]") {}
|
|
|
|
~Monitor() = default;
|
|
|
|
void Lock() MOZ_CAPABILITY_ACQUIRE() { mMutex.Lock(); }
|
|
[[nodiscard]] bool TryLock() MOZ_TRY_ACQUIRE(true) {
|
|
return mMutex.TryLock();
|
|
}
|
|
void Unlock() MOZ_CAPABILITY_RELEASE() { mMutex.Unlock(); }
|
|
|
|
void Wait() MOZ_REQUIRES(this) { mCondVar.Wait(); }
|
|
CVStatus Wait(TimeDuration aDuration) MOZ_REQUIRES(this) {
|
|
return mCondVar.Wait(aDuration);
|
|
}
|
|
|
|
void Notify() { mCondVar.Notify(); }
|
|
void NotifyAll() { mCondVar.NotifyAll(); }
|
|
|
|
void AssertCurrentThreadOwns() const MOZ_ASSERT_CAPABILITY(this) {
|
|
mMutex.AssertCurrentThreadOwns();
|
|
}
|
|
void AssertNotCurrentThreadOwns() const MOZ_ASSERT_CAPABILITY(!this) {
|
|
mMutex.AssertNotCurrentThreadOwns();
|
|
}
|
|
|
|
private:
|
|
Monitor() = delete;
|
|
Monitor(const Monitor&) = delete;
|
|
Monitor& operator=(const Monitor&) = delete;
|
|
|
|
Mutex mMutex;
|
|
CondVar mCondVar;
|
|
};
|
|
|
|
/**
|
|
* Lock the monitor for the lexical scope instances of this class are
|
|
* bound to (except for MonitorAutoUnlock in nested scopes).
|
|
*
|
|
* The monitor must be unlocked when instances of this class are
|
|
* created.
|
|
*/
|
|
class MOZ_SCOPED_CAPABILITY MOZ_STACK_CLASS MonitorAutoLock {
|
|
public:
|
|
explicit MonitorAutoLock(Monitor& aMonitor) MOZ_CAPABILITY_ACQUIRE(aMonitor)
|
|
: mMonitor(&aMonitor) {
|
|
mMonitor->Lock();
|
|
}
|
|
|
|
~MonitorAutoLock() MOZ_CAPABILITY_RELEASE() { mMonitor->Unlock(); }
|
|
// It's very hard to mess up MonitorAutoLock lock(mMonitor); ... lock.Wait().
|
|
// The only way you can fail to hold the lock when you call lock.Wait() is to
|
|
// use MonitorAutoUnlock. For now we'll ignore that case.
|
|
void Wait() {
|
|
mMonitor->AssertCurrentThreadOwns();
|
|
mMonitor->Wait();
|
|
}
|
|
CVStatus Wait(TimeDuration aDuration) {
|
|
mMonitor->AssertCurrentThreadOwns();
|
|
return mMonitor->Wait(aDuration);
|
|
}
|
|
|
|
void Notify() { mMonitor->Notify(); }
|
|
void NotifyAll() { mMonitor->NotifyAll(); }
|
|
|
|
// Assert that aLock is the monitor passed to the constructor and that the
|
|
// current thread owns the monitor. In coding patterns such as:
|
|
//
|
|
// void LockedMethod(const BaseAutoLock<T>& aProofOfLock)
|
|
// {
|
|
// aProofOfLock.AssertOwns(mMonitor);
|
|
// ...
|
|
// }
|
|
//
|
|
// Without this assertion, it could be that mMonitor is not actually
|
|
// locked. It's possible to have code like:
|
|
//
|
|
// BaseAutoLock lock(someMonitor);
|
|
// ...
|
|
// BaseAutoUnlock unlock(someMonitor);
|
|
// ...
|
|
// LockedMethod(lock);
|
|
//
|
|
// and in such a case, simply asserting that the monitor pointers match is not
|
|
// sufficient; monitor ownership must be asserted as well.
|
|
//
|
|
// Note that if you are going to use the coding pattern presented above, you
|
|
// should use this method in preference to using AssertCurrentThreadOwns on
|
|
// the mutex you expected to be held, since this method provides stronger
|
|
// guarantees.
|
|
void AssertOwns(const Monitor& aMonitor) const
|
|
MOZ_ASSERT_CAPABILITY(aMonitor) {
|
|
MOZ_ASSERT(&aMonitor == mMonitor);
|
|
mMonitor->AssertCurrentThreadOwns();
|
|
}
|
|
|
|
private:
|
|
MonitorAutoLock() = delete;
|
|
MonitorAutoLock(const MonitorAutoLock&) = delete;
|
|
MonitorAutoLock& operator=(const MonitorAutoLock&) = delete;
|
|
static void* operator new(size_t) noexcept(true);
|
|
|
|
friend class MonitorAutoUnlock;
|
|
|
|
protected:
|
|
Monitor* mMonitor;
|
|
};
|
|
|
|
/**
|
|
* Unlock the monitor for the lexical scope instances of this class
|
|
* are bound to (except for MonitorAutoLock in nested scopes).
|
|
*
|
|
* The monitor must be locked by the current thread when instances of
|
|
* this class are created.
|
|
*/
|
|
class MOZ_STACK_CLASS MOZ_SCOPED_CAPABILITY MonitorAutoUnlock {
|
|
public:
|
|
explicit MonitorAutoUnlock(Monitor& aMonitor)
|
|
MOZ_SCOPED_UNLOCK_RELEASE(aMonitor)
|
|
: mMonitor(&aMonitor) {
|
|
mMonitor->Unlock();
|
|
}
|
|
|
|
~MonitorAutoUnlock() MOZ_SCOPED_UNLOCK_REACQUIRE() { mMonitor->Lock(); }
|
|
|
|
private:
|
|
MonitorAutoUnlock() = delete;
|
|
MonitorAutoUnlock(const MonitorAutoUnlock&) = delete;
|
|
MonitorAutoUnlock& operator=(const MonitorAutoUnlock&) = delete;
|
|
static void* operator new(size_t) noexcept(true);
|
|
|
|
Monitor* mMonitor;
|
|
};
|
|
|
|
/**
|
|
* Lock the monitor for the lexical scope instances of this class are
|
|
* bound to (except for MonitorAutoUnlock in nested scopes).
|
|
*
|
|
* The monitor must be unlocked when instances of this class are
|
|
* created.
|
|
*/
|
|
class MOZ_SCOPED_CAPABILITY MOZ_STACK_CLASS ReleasableMonitorAutoLock {
|
|
public:
|
|
explicit ReleasableMonitorAutoLock(Monitor& aMonitor)
|
|
MOZ_CAPABILITY_ACQUIRE(aMonitor)
|
|
: mMonitor(&aMonitor) {
|
|
mMonitor->Lock();
|
|
mLocked = true;
|
|
}
|
|
|
|
~ReleasableMonitorAutoLock() MOZ_CAPABILITY_RELEASE() {
|
|
if (mLocked) {
|
|
mMonitor->Unlock();
|
|
}
|
|
}
|
|
|
|
// See MonitorAutoLock::Wait
|
|
void Wait() {
|
|
mMonitor->AssertCurrentThreadOwns(); // someone could have called Unlock()
|
|
mMonitor->Wait();
|
|
}
|
|
CVStatus Wait(TimeDuration aDuration) {
|
|
mMonitor->AssertCurrentThreadOwns();
|
|
return mMonitor->Wait(aDuration);
|
|
}
|
|
|
|
void Notify() {
|
|
MOZ_ASSERT(mLocked);
|
|
mMonitor->Notify();
|
|
}
|
|
void NotifyAll() {
|
|
MOZ_ASSERT(mLocked);
|
|
mMonitor->NotifyAll();
|
|
}
|
|
|
|
// Allow dropping the lock prematurely; for example to support something like:
|
|
// clang-format off
|
|
// MonitorAutoLock lock(mMonitor);
|
|
// ...
|
|
// if (foo) {
|
|
// lock.Unlock();
|
|
// MethodThatCantBeCalledWithLock()
|
|
// return;
|
|
// }
|
|
// clang-format on
|
|
void Unlock() MOZ_CAPABILITY_RELEASE() {
|
|
MOZ_ASSERT(mLocked);
|
|
mMonitor->Unlock();
|
|
mLocked = false;
|
|
}
|
|
void Lock() MOZ_CAPABILITY_ACQUIRE() {
|
|
MOZ_ASSERT(!mLocked);
|
|
mMonitor->Lock();
|
|
mLocked = true;
|
|
}
|
|
void AssertCurrentThreadOwns() const MOZ_ASSERT_CAPABILITY() {
|
|
mMonitor->AssertCurrentThreadOwns();
|
|
}
|
|
|
|
private:
|
|
bool mLocked;
|
|
Monitor* mMonitor;
|
|
|
|
ReleasableMonitorAutoLock() = delete;
|
|
ReleasableMonitorAutoLock(const ReleasableMonitorAutoLock&) = delete;
|
|
ReleasableMonitorAutoLock& operator=(const ReleasableMonitorAutoLock&) =
|
|
delete;
|
|
static void* operator new(size_t) noexcept(true);
|
|
};
|
|
|
|
} // namespace mozilla
|
|
|
|
#endif // mozilla_Monitor_h
|