mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-28 15:23:51 +00:00
Bug 1207753 - dom misc thread-safety annotations r=hsivonen,smaug,media-playback-reviewers,alwu
Differential Revision: https://phabricator.services.mozilla.com/D130598
This commit is contained in:
parent
08c4fc6891
commit
b18c3e4ebb
@ -78,10 +78,10 @@ class ConsoleReportCollector final : public nsIConsoleReportCollector {
|
||||
const CopyableTArray<nsString> mStringParams;
|
||||
};
|
||||
|
||||
Mutex mMutex MOZ_UNANNOTATED;
|
||||
Mutex mMutex;
|
||||
|
||||
// protected by mMutex
|
||||
nsTArray<PendingReport> mPendingReports;
|
||||
nsTArray<PendingReport> mPendingReports GUARDED_BY(mMutex);
|
||||
|
||||
public:
|
||||
NS_DECL_THREADSAFE_ISUPPORTS
|
||||
|
@ -148,26 +148,28 @@ class HangMonitorChild : public PProcessHangMonitorChild,
|
||||
static Atomic<HangMonitorChild*, SequentiallyConsistent> sInstance;
|
||||
|
||||
const RefPtr<ProcessHangMonitor> mHangMonitor;
|
||||
Monitor mMonitor MOZ_UNANNOTATED;
|
||||
Monitor mMonitor;
|
||||
|
||||
// Main thread-only.
|
||||
bool mSentReport;
|
||||
|
||||
// These fields must be accessed with mMonitor held.
|
||||
bool mTerminateScript;
|
||||
bool mStartDebugger;
|
||||
bool mFinishedStartingDebugger;
|
||||
bool mPaintWhileInterruptingJS;
|
||||
TabId mPaintWhileInterruptingJSTab;
|
||||
MOZ_INIT_OUTSIDE_CTOR LayersObserverEpoch mPaintWhileInterruptingJSEpoch;
|
||||
bool mCancelContentJS;
|
||||
TabId mCancelContentJSTab;
|
||||
nsIRemoteTab::NavigationType mCancelContentJSNavigationType;
|
||||
int32_t mCancelContentJSNavigationIndex;
|
||||
mozilla::Maybe<nsCString> mCancelContentJSNavigationURI;
|
||||
int32_t mCancelContentJSEpoch;
|
||||
JSContext* mContext;
|
||||
bool mShutdownDone;
|
||||
bool mTerminateScript GUARDED_BY(mMonitor);
|
||||
bool mStartDebugger GUARDED_BY(mMonitor);
|
||||
bool mFinishedStartingDebugger GUARDED_BY(mMonitor);
|
||||
bool mPaintWhileInterruptingJS GUARDED_BY(mMonitor);
|
||||
TabId mPaintWhileInterruptingJSTab GUARDED_BY(mMonitor);
|
||||
MOZ_INIT_OUTSIDE_CTOR LayersObserverEpoch mPaintWhileInterruptingJSEpoch
|
||||
GUARDED_BY(mMonitor);
|
||||
bool mCancelContentJS GUARDED_BY(mMonitor);
|
||||
TabId mCancelContentJSTab GUARDED_BY(mMonitor);
|
||||
nsIRemoteTab::NavigationType mCancelContentJSNavigationType
|
||||
GUARDED_BY(mMonitor);
|
||||
int32_t mCancelContentJSNavigationIndex GUARDED_BY(mMonitor);
|
||||
mozilla::Maybe<nsCString> mCancelContentJSNavigationURI GUARDED_BY(mMonitor);
|
||||
int32_t mCancelContentJSEpoch GUARDED_BY(mMonitor);
|
||||
JSContext* mContext GUARDED_BY(mMonitor);
|
||||
bool mShutdownDone GUARDED_BY(mMonitor);
|
||||
|
||||
// This field is only accessed on the hang thread.
|
||||
bool mIPCOpen;
|
||||
@ -282,16 +284,18 @@ class HangMonitorParent : public PProcessHangMonitorParent,
|
||||
// This field is only accessed on the hang thread.
|
||||
bool mIPCOpen;
|
||||
|
||||
Monitor mMonitor MOZ_UNANNOTATED;
|
||||
Monitor mMonitor;
|
||||
|
||||
// Must be accessed with mMonitor held.
|
||||
RefPtr<HangMonitoredProcess> mProcess;
|
||||
bool mShutdownDone;
|
||||
RefPtr<HangMonitoredProcess> mProcess GUARDED_BY(mMonitor);
|
||||
bool mShutdownDone GUARDED_BY(mMonitor);
|
||||
// Map from plugin ID to crash dump ID. Protected by
|
||||
// mBrowserCrashDumpHashLock.
|
||||
nsTHashMap<nsUint32HashKey, nsString> mBrowserCrashDumpIds;
|
||||
Mutex mBrowserCrashDumpHashLock MOZ_UNANNOTATED;
|
||||
mozilla::ipc::TaskFactory<HangMonitorParent> mMainThreadTaskFactory;
|
||||
nsTHashMap<nsUint32HashKey, nsString> mBrowserCrashDumpIds
|
||||
GUARDED_BY(mMonitor);
|
||||
Mutex mBrowserCrashDumpHashLock GUARDED_BY(mMonitor);
|
||||
mozilla::ipc::TaskFactory<HangMonitorParent> mMainThreadTaskFactory
|
||||
GUARDED_BY(mMonitor);
|
||||
};
|
||||
|
||||
} // namespace
|
||||
|
@ -20,30 +20,28 @@ namespace mozilla {
|
||||
|
||||
// Default reader locking strategy, using a mutex to ensure that concurrent
|
||||
// PopAll calls won't overlap.
|
||||
class MultiWriterQueueReaderLocking_Mutex {
|
||||
class CAPABILITY MultiWriterQueueReaderLocking_Mutex {
|
||||
public:
|
||||
MultiWriterQueueReaderLocking_Mutex()
|
||||
: mMutex("MultiWriterQueueReaderLocking_Mutex") {}
|
||||
PUSH_IGNORE_THREAD_SAFETY
|
||||
void Lock() { mMutex.Lock(); };
|
||||
void Unlock() { mMutex.Unlock(); };
|
||||
POP_THREAD_SAFETY
|
||||
void Lock() CAPABILITY_ACQUIRE(mMutex) { mMutex.Lock(); };
|
||||
void Unlock() CAPABILITY_RELEASE(mMutex) { mMutex.Unlock(); };
|
||||
|
||||
private:
|
||||
Mutex mMutex MOZ_UNANNOTATED;
|
||||
Mutex mMutex;
|
||||
};
|
||||
|
||||
// Reader non-locking strategy, trusting that PopAll will never be called
|
||||
// concurrently (e.g., by only calling it from a specific thread).
|
||||
class MultiWriterQueueReaderLocking_None {
|
||||
class CAPABILITY MultiWriterQueueReaderLocking_None {
|
||||
public:
|
||||
#ifndef DEBUG
|
||||
void Lock(){};
|
||||
void Unlock(){};
|
||||
void Lock() CAPABILITY_ACQUIRE(){};
|
||||
void Unlock() CAPABILITY_RELEASE(){};
|
||||
#else
|
||||
// DEBUG-mode checks to catch concurrent misuses.
|
||||
void Lock() { MOZ_ASSERT(mLocked.compareExchange(false, true)); };
|
||||
void Unlock() { MOZ_ASSERT(mLocked.compareExchange(true, false)); };
|
||||
void Lock() CAPABILITY_ACQUIRE() { MOZ_ASSERT(mLocked.compareExchange(false, true)); };
|
||||
void Unlock() CAPABILITY_RELEASE() { MOZ_ASSERT(mLocked.compareExchange(true, false)); };
|
||||
|
||||
private:
|
||||
Atomic<bool> mLocked{false};
|
||||
|
@ -73,6 +73,7 @@ already_AddRefed<PerformanceStorageWorker> PerformanceStorageWorker::Create(
|
||||
|
||||
RefPtr<PerformanceStorageWorker> storage = new PerformanceStorageWorker();
|
||||
|
||||
MutexAutoLock lock(storage->mMutex); // for thread-safety analysis
|
||||
storage->mWorkerRef = WeakWorkerRef::Create(
|
||||
aWorkerPrivate, [storage]() { storage->ShutdownOnWorker(); });
|
||||
|
||||
|
@ -37,11 +37,11 @@ class PerformanceStorageWorker final : public PerformanceStorage {
|
||||
PerformanceStorageWorker();
|
||||
~PerformanceStorageWorker();
|
||||
|
||||
Mutex mMutex MOZ_UNANNOTATED;
|
||||
Mutex mMutex;
|
||||
|
||||
// Protected by mutex.
|
||||
// Created and released on worker-thread. Used also on main-thread.
|
||||
RefPtr<WeakWorkerRef> mWorkerRef;
|
||||
RefPtr<WeakWorkerRef> mWorkerRef GUARDED_BY(mMutex);
|
||||
};
|
||||
|
||||
} // namespace dom
|
||||
|
@ -144,7 +144,7 @@ class PromiseWorkerProxy : public PromiseNativeHandler,
|
||||
// Main thread callers must hold Lock() and check CleanUp() before calling
|
||||
// this. Worker thread callers, this will assert that the proxy has not been
|
||||
// cleaned up.
|
||||
WorkerPrivate* GetWorkerPrivate() const;
|
||||
WorkerPrivate* GetWorkerPrivate() const NO_THREAD_SAFETY_ANALYSIS;
|
||||
|
||||
// This should only be used within WorkerRunnable::WorkerRun() running on the
|
||||
// worker thread! Do not call this after calling CleanUp().
|
||||
@ -156,9 +156,9 @@ class PromiseWorkerProxy : public PromiseNativeHandler,
|
||||
// 2. WorkerPromise() will crash!
|
||||
void CleanUp();
|
||||
|
||||
Mutex& Lock() { return mCleanUpLock; }
|
||||
Mutex& Lock() RETURN_CAPABILITY(mCleanUpLock) { return mCleanUpLock; }
|
||||
|
||||
bool CleanedUp() const {
|
||||
bool CleanedUp() const REQUIRES(mCleanUpLock) {
|
||||
mCleanUpLock.AssertCurrentThreadOwns();
|
||||
return mCleanedUp;
|
||||
}
|
||||
@ -207,7 +207,7 @@ class PromiseWorkerProxy : public PromiseNativeHandler,
|
||||
const PromiseWorkerProxyStructuredCloneCallbacks* mCallbacks;
|
||||
|
||||
// Ensure the worker and the main thread won't race to access |mCleanedUp|.
|
||||
Mutex mCleanUpLock MOZ_UNANNOTATED;
|
||||
Mutex mCleanUpLock;
|
||||
};
|
||||
} // namespace dom
|
||||
} // namespace mozilla
|
||||
|
@ -116,18 +116,19 @@ class ArrayBufferBuilder {
|
||||
ArrayBufferBuilder& operator=(const ArrayBufferBuilder&) = delete;
|
||||
ArrayBufferBuilder& operator=(const ArrayBufferBuilder&&) = delete;
|
||||
|
||||
bool SetCapacityInternal(uint32_t aNewCap, const MutexAutoLock& aProofOfLock);
|
||||
bool SetCapacityInternal(uint32_t aNewCap, const MutexAutoLock& aProofOfLock)
|
||||
REQUIRES(mMutex);
|
||||
|
||||
static bool AreOverlappingRegions(const uint8_t* aStart1, uint32_t aLength1,
|
||||
const uint8_t* aStart2, uint32_t aLength2);
|
||||
|
||||
Mutex mMutex MOZ_UNANNOTATED;
|
||||
Mutex mMutex;
|
||||
|
||||
// All of these are protected by mMutex.
|
||||
uint8_t* mDataPtr;
|
||||
uint32_t mCapacity;
|
||||
uint32_t mLength;
|
||||
void* mMapPtr;
|
||||
uint8_t* mDataPtr GUARDED_BY(mMutex);
|
||||
uint32_t mCapacity GUARDED_BY(mMutex);
|
||||
uint32_t mLength GUARDED_BY(mMutex);
|
||||
void* mMapPtr GUARDED_BY(mMutex);
|
||||
|
||||
// This is used in assertions only.
|
||||
bool mNeutered;
|
||||
|
@ -26,10 +26,12 @@ class XMLHttpRequestStringBuffer final {
|
||||
return mData.Length();
|
||||
}
|
||||
|
||||
uint32_t UnsafeLength() const { return mData.Length(); }
|
||||
uint32_t UnsafeLength() const NO_THREAD_SAFETY_ANALYSIS {
|
||||
return mData.Length();
|
||||
}
|
||||
|
||||
mozilla::Result<mozilla::BulkWriteHandle<char16_t>, nsresult> UnsafeBulkWrite(
|
||||
uint32_t aCapacity) {
|
||||
uint32_t aCapacity) NO_THREAD_SAFETY_ANALYSIS {
|
||||
return mData.BulkWrite(aCapacity, UnsafeLength(), false);
|
||||
}
|
||||
|
||||
@ -82,10 +84,10 @@ class XMLHttpRequestStringBuffer final {
|
||||
|
||||
nsString& UnsafeData() { return mData; }
|
||||
|
||||
Mutex mMutex MOZ_UNANNOTATED;
|
||||
Mutex mMutex;
|
||||
|
||||
// The following member variable is protected by mutex.
|
||||
nsString mData;
|
||||
nsString mData GUARDED_BY(mMutex);
|
||||
};
|
||||
|
||||
// ---------------------------------------------------------------------------
|
||||
|
Loading…
Reference in New Issue
Block a user