More explicit thread checking in SafeBrowsingDatabase.

chrome/browser/safe_browsing/safe_browsing_database.h

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CHROME_BROWSER_SAFE_BROWSING_SAFE_BROWSING_DATABASE_H_
 #define CHROME_BROWSER_SAFE_BROWSING_SAFE_BROWSING_DATABASE_H_
 
 #include <map>
 #include <set>
 #include <string>
 #include <vector>
 
 #include "base/containers/hash_tables.h"
 #include "base/files/file_path.h"
 #include "base/gtest_prod_util.h"
 #include "base/memory/scoped_ptr.h"
 #include "base/memory/weak_ptr.h"
 #include "base/synchronization/lock.h"
+#include "base/threading/thread_checker.h"
 #include "base/time/time.h"
 #include "chrome/browser/safe_browsing/safe_browsing_store.h"
 
-namespace base {
-class MessageLoop;
-}
-
 namespace safe_browsing {
 class PrefixSet;
 }
 
 class GURL;
 class SafeBrowsingDatabase;
 
 // Factory for creating SafeBrowsingDatabase. Tests implement this factory
 // to create fake Databases for testing.
 class SafeBrowsingDatabaseFactory {
@@ skipping 77 matching lines @@
   // matching hash prefixes which had no cached results and |cache_hits|
   // contains any matching cached gethash results.  This function is safe to
   // call from any thread.
   virtual bool ContainsUnwantedSoftwareUrl(
       const GURL& url,
       std::vector<SBPrefix>* prefix_hits,
       std::vector<SBFullHashResult>* cache_hits) = 0;
 
   // Returns false if none of |urls| are in Download database. If it returns
   // true, |prefix_hits| should contain the prefixes for the URLs that were in
-  // the database.  This function could ONLY be accessed from creation thread.
+  // the database.  This function can ONLY be called from the creation thread.
   virtual bool ContainsDownloadUrl(const std::vector<GURL>& urls,
                                    std::vector<SBPrefix>* prefix_hits) = 0;
 
   // Returns false if |url| is not on the client-side phishing detection
   // whitelist.  Otherwise, this function returns true.  Note: the whitelist
-  // only contains full-length hashes so we don't return any prefix hit.
-  // This function should only be called from the IO thread.
+  // only contains full-length hashes so we don't return any prefix hit. This
+  // function is safe to call from any thread.
   virtual bool ContainsCsdWhitelistedUrl(const GURL& url) = 0;
 
   // The download whitelist is used for two purposes: a white-domain list of
   // sites that are considered to host only harmless binaries as well as a
   // whitelist of arbitrary strings such as hashed certificate authorities that
-  // are considered to be trusted.  The two methods below let you lookup
-  // the whitelist either for a URL or an arbitrary string.  These methods will
-  // return false if no match is found and true otherwise.
-  // This function could ONLY be accessed from the IO thread.
+  // are considered to be trusted.  The two methods below let you lookup the
+  // whitelist either for a URL or an arbitrary string.  These methods will
+  // return false if no match is found and true otherwise. This function is safe
+  // to call from any thread.
   virtual bool ContainsDownloadWhitelistedUrl(const GURL& url) = 0;
   virtual bool ContainsDownloadWhitelistedString(const std::string& str) = 0;
 
   // Populates |prefix_hits| with any prefixes in |prefixes| that have matches
   // in the database.
   //
-  // This function can ONLY be accessed from the creation thread.
+  // This function can ONLY be called from the creation thread.
   virtual bool ContainsExtensionPrefixes(
       const std::vector<SBPrefix>& prefixes,
       std::vector<SBPrefix>* prefix_hits) = 0;
 
   // Returns false unless the hash of |url| is on the side-effect free
-  // whitelist.
+  // whitelist. This function is safe to call from any thread.
   virtual bool ContainsSideEffectFreeWhitelistUrl(const GURL& url) = 0;
 
   // Returns true iff the given IP is currently on the csd malware IP blacklist.
+  // This function is safe to call from any thread.
   virtual bool ContainsMalwareIP(const std::string& ip_address) = 0;
 
   // A database transaction should look like:
   //
   // std::vector<SBListChunkRanges> lists;
   // if (db.UpdateStarted(&lists)) {
   //   // Do something with |lists|.
   //
   //   // Process add/sub commands.
   //   db.InsertChunks(list_name, chunks);
@@ skipping 12 matching lines @@
   // the other functions.
   virtual bool UpdateStarted(std::vector<SBListChunkRanges>* lists) = 0;
   virtual void InsertChunks(const std::string& list_name,
                             const std::vector<SBChunkData*>& chunks) = 0;
   virtual void DeleteChunks(
       const std::vector<SBChunkDelete>& chunk_deletes) = 0;
   virtual void UpdateFinished(bool update_succeeded) = 0;
 
   // Store the results of a GetHash response. In the case of empty results, we
   // cache the prefixes until the next update so that we don't have to issue
-  // further GetHash requests we know will be empty.
+  // further GetHash requests we know will be empty. This function is safe to
+  // call from any thread.
   virtual void CacheHashResults(
       const std::vector<SBPrefix>& prefixes,
       const std::vector<SBFullHashResult>& full_hits,
       const base::TimeDelta& cache_lifetime) = 0;
 
   // Returns true if the malware IP blacklisting killswitch URL is present
-  // in the csd whitelist.
+  // in the csd whitelist. This function is safe to call from any thread.
   virtual bool IsMalwareIPMatchKillSwitchOn() = 0;
 
   // Returns true if the whitelist killswitch URL is present in the csd
-  // whitelist.
+  // whitelist. This function is safe to call from any thread.
   virtual bool IsCsdWhitelistKillSwitchOn() = 0;
 
   // The name of the bloom-filter file for the given database file.
   // NOTE(shess): OBSOLETE.  Present for deleting stale files.
   static base::FilePath BloomFilterForFilename(
       const base::FilePath& db_filename);
 
   // The name of the prefix set file for the given database file.
   static base::FilePath PrefixSetForFilename(const base::FilePath& db_filename);
 
@@ skipping 253 matching lines @@
                       scoped_ptr<const safe_browsing::PrefixSet>* prefix_set,
                       FailureType failure_type);
 
   void UpdateSideEffectFreeWhitelistStore();
   void UpdateWhitelistStore(const base::FilePath& store_filename,
                             SafeBrowsingStore* store,
                             SBWhitelist* whitelist);
   void UpdateIpBlacklistStore();
 
   // Used to verify that various calls are made from the thread the
-  // object was created on.
-  base::MessageLoop* creation_loop_;
+  // object was created on (i.e., the safe_browsing_thread).
+  base::ThreadChecker thread_checker_;
 
   // The base filename passed to Init(), used to generate the store and prefix
   // set filenames used to store data on disk.
   base::FilePath filename_base_;
 
   // Underlying persistent store for chunk data.
   // For browsing related (phishing and malware URLs) chunks and prefixes.
   scoped_ptr<SafeBrowsingStore> browse_store_;
 
   // For download related (download URL and binary hash) chunks and prefixes.
@@ skipping 12 matching lines @@
 
   // For side-effect free whitelist.
   scoped_ptr<SafeBrowsingStore> side_effect_free_whitelist_store_;
 
   // For IP blacklist.
   scoped_ptr<SafeBrowsingStore> ip_blacklist_store_;
 
   // For unwanted software list.
   scoped_ptr<SafeBrowsingStore> unwanted_software_store_;
 
-  // Lock for protecting access to variables that may be used on the IO thread.
-  // This includes |(browse|unwanted_software)_prefix_set_|,
-  // |prefix_gethash_cache_|, |csd_whitelist_|.
+  // Lock for protecting access to variables that may be used on any threads.
+  // This includes all SBWhitelist's, PrefixSet's, and caches.
   base::Lock lookup_lock_;
 
   SBWhitelist csd_whitelist_;
   SBWhitelist download_whitelist_;
 
   // The IP blacklist should be small.  At most a couple hundred IPs.
   IPBlacklist ip_blacklist_;
 
   // Cache of gethash results for prefix stores. Entries should not be used if
   // they are older than their expire_after field.  Cached misses will have
@@ skipping 18 matching lines @@
   scoped_ptr<const safe_browsing::PrefixSet> browse_prefix_set_;
   scoped_ptr<const safe_browsing::PrefixSet>
       side_effect_free_whitelist_prefix_set_;
   scoped_ptr<const safe_browsing::PrefixSet> unwanted_software_prefix_set_;
 
   // Used to schedule resetting the database because of corruption.
   base::WeakPtrFactory<SafeBrowsingDatabaseNew> reset_factory_;
 };
 
 #endif  // CHROME_BROWSER_SAFE_BROWSING_SAFE_BROWSING_DATABASE_H_