| blob | d4759939258cd150b1457e1ba5c403da6e3acd04 |
1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
3 /* This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
7 #include <windows.h>
8 #include <threadpoolapiset.h>
34 }
35 };
39 // HandleWatcher::Impl
40 //
41 // The backing implementation of HandleWatcher is a PTP_WAIT, an OS-threadpool
42 // wait-object. Windows doesn't actually create a new thread per wait-object;
43 // OS-threadpool threads are assigned to wait-objects only when their associated
44 // handle become signaled -- although explicit documentation of this fact is
45 // somewhat obscurely placed. [1]
46 //
47 // Throughout this class, we use manual locking and unlocking guarded by Clang's
48 // thread-safety warnings, rather than scope-based lock-guards. See `Replace()`
49 // for an explanation and justification.
50 //
51 // [1]https://learn.microsoft.com/en-us/windows/win32/api/synchapi/nf-synchapi-waitformultipleobjects#remarks
53 NS_DECL_THREADSAFE_ISUPPORTS
62 // The watched handle and its callback.
63 HANDLE handle;
67 // Handle to the threadpool wait-object.
68 WaitHandlePtr waitHandle;
69 // A pointer to ourselves, notionally owned by the wait-object.
72 // (We can't actually do this because a) it has annoying consequences in
73 // C++20 thanks to P1008R1, and b) Clang just ignores it anyway.)
74 //
75 // ~Data() MOZ_EXCLUDES(mMutex) = default;
76 };
81 // Callback from OS threadpool wait-object.
83 PTP_WAIT aWaitHandle,
84 TP_WAIT_RESULT aResult) {
86 }
93 // If this callback is no longer the active callback, skip out.
94 // All cleanup is someone else's problem.
98 aWaitHandle));
101 }
103 // Take our self-pointer so that we release it on exit.
110 // This may fail if (for example) `mData.target` is being shut down, but we
111 // have not yet received the shutdown callback.
114 }
124 }
134 WaitHandlePtr waitHandle{
138 }
140 {
147 }
153 // returns `void`; presumably always succeeds given a successful
154 // `::CreateThreadpoolWait()`
156 // After this point, you must call `FlushWaitHandle(waitHandle.get())`
157 // before destroying the wait handle. (Note that this must be done while
158 // *not* holding `mMutex`!)
165 }
168 }
177 // Clear mData.target, since there's no need to unregister the shutdown task
178 // anymore. Hold onto it until we release the mutex, though, to avoid any
179 // reentrancy issues.
180 //
181 // This is more for internal consistency than safety: someone has to be
182 // shutting `target` down, and that someone isn't us, so there's necessarily
183 // another reference out there. (Although decrementing the refcount might
184 // still have arbitrary effects if someone's been excessively clever with
185 // nsISupports::Release...)
188 // (Static-assert that the mutex has indeed been released.)
190 }
196 }
201 }
204 // Throughout this class, we use manual locking and unlocking guarded by
205 // Clang's thread-safety warnings, rather than scope-based lock-guards. This
206 // is largely driven by `Replace()`, below, which performs both operations
207 // which require the mutex to be held and operations which require it to not
208 // be held, and therefore must explicitly sequence the mutex release.
209 //
210 // These explicit locks, unlocks, and annotations are both alien to C++ and
211 // offensively tedious; but they _are_ still checked for state consistency at
212 // scope boundaries. (The concerned reader is invited to test this by
213 // deliberately removing an `mMutex.Unlock()` call from anywhere in the class
214 // and viewing the resultant compiler diagnostics.)
215 //
216 // A more principled, or at least differently-principled, implementation might
217 // create a scope-based lock-guard and pass it to `Replace()` to dispose of at
218 // the proper time. Alas, it cannot be communicated to Clang's thread-safety
219 // checker that such a guard is associated with `mMutex`.
220 //
222 // either both handles are NULL, or neither is
229 }
233 }
235 // Extract the old data and insert the new -- but hold onto the old data for
236 // now. (See [1] and [2], below.)
239 ////////////////////////////////////////////////////////////////////////////
240 // Release the mutex.
242 ////////////////////////////////////////////////////////////////////////////
244 // [1] `oldData.self` will be unset if the old callback already ran (or if
245 // there was no old callback in the first place). If it's set, though, we
246 // need to explicitly clear out the wait-object first.
250 }
252 // [2] oldData also includes several other reference-counted pointers. It's
253 // possible that these may be the last pointer to something, so releasing
254 // them may have arbitrary side-effects -- like calling this->Stop(), which
255 // will try to reacquire the mutex.
256 //
257 // Now that we've released the mutex, we can (implicitly) release them all
258 // here.
259 }
261 // Either confirm as complete or cancel any callbacks on aWaitHandle. Block
262 // until this is done. (See documentation for ::CloseThreadpoolWait().)
265 // This might block on `OnWaitCompleted()`, so we can't hold `mMutex` here.
267 // ::CloseThreadpoolWait() itself is the caller's responsibility.
268 }
269 };
273 //////
274 // HandleWatcher member function implementations
281 }
282 }
294 }
296 }
301 }
302 }