2018-11-30 22:52:05 +03:00
|
|
|
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*-
|
2018-11-30 18:39:55 +03:00
|
|
|
* vim: sw=2 ts=4 et :
|
2013-09-28 05:42:08 +04:00
|
|
|
*/
|
|
|
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
|
|
|
|
|
|
#include "mozilla/ipc/MessageLink.h"
|
2021-06-22 21:17:22 +03:00
|
|
|
#include "mojo/core/ports/event.h"
|
|
|
|
|
#include "mojo/core/ports/node.h"
|
2013-09-28 05:42:08 +04:00
|
|
|
#include "mozilla/ipc/MessageChannel.h"
|
|
|
|
|
#include "mozilla/ipc/BrowserProcessSubThread.h"
|
|
|
|
|
#include "mozilla/ipc/ProtocolUtils.h"
|
2021-06-22 21:17:22 +03:00
|
|
|
#include "mozilla/ipc/NodeController.h"
|
2016-05-05 03:38:53 +03:00
|
|
|
#include "chrome/common/ipc_channel.h"
|
2020-02-07 01:41:56 +03:00
|
|
|
#include "base/task.h"
|
2013-09-28 05:42:08 +04:00
|
|
|
|
2014-08-09 05:19:33 +04:00
|
|
|
#include "mozilla/Assertions.h"
|
2014-08-11 21:09:30 +04:00
|
|
|
#include "mozilla/DebugOnly.h"
|
2013-09-28 05:42:08 +04:00
|
|
|
#include "nsDebug.h"
|
2016-05-23 21:15:47 +03:00
|
|
|
#include "nsExceptionHandler.h"
|
2014-02-27 01:36:35 +04:00
|
|
|
#include "nsISupportsImpl.h"
|
2017-03-14 14:29:43 +03:00
|
|
|
#include "nsPrintfCString.h"
|
2013-09-28 05:42:08 +04:00
|
|
|
#include "nsXULAppAPI.h"
|
|
|
|
|
|
|
|
|
|
using namespace mozilla;
|
|
|
|
|
|
|
|
|
|
namespace mozilla {
|
|
|
|
|
namespace ipc {
|
|
|
|
|
|
2023-09-05 21:09:30 +03:00
|
|
|
const char* StringFromIPCSide(Side side) {
|
|
|
|
|
switch (side) {
|
|
|
|
|
case ChildSide:
|
|
|
|
|
return "Child";
|
|
|
|
|
case ParentSide:
|
|
|
|
|
return "Parent";
|
|
|
|
|
default:
|
|
|
|
|
return "Unknown";
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2013-09-28 05:42:08 +04:00
|
|
|
MessageLink::MessageLink(MessageChannel* aChan) : mChan(aChan) {}
|
|
|
|
|
|
|
|
|
|
MessageLink::~MessageLink() {
|
2014-08-09 05:19:33 +04:00
|
|
|
#ifdef DEBUG
|
2013-09-28 05:42:08 +04:00
|
|
|
mChan = nullptr;
|
2014-08-09 05:19:33 +04:00
|
|
|
#endif
|
2013-09-28 05:42:08 +04:00
|
|
|
}
|
|
|
|
|
|
2021-06-22 21:17:22 +03:00
|
|
|
class PortLink::PortObserverThunk : public NodeController::PortObserver {
|
|
|
|
|
public:
|
|
|
|
|
PortObserverThunk(RefCountedMonitor* aMonitor, PortLink* aLink)
|
|
|
|
|
: mMonitor(aMonitor), mLink(aLink) {}
|
|
|
|
|
|
|
|
|
|
void OnPortStatusChanged() override {
|
|
|
|
|
MonitorAutoLock lock(*mMonitor);
|
|
|
|
|
if (mLink) {
|
|
|
|
|
mLink->OnPortStatusChanged();
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private:
|
|
|
|
|
friend class PortLink;
|
|
|
|
|
|
|
|
|
|
// The monitor from our PortLink's MessageChannel. Guards access to `mLink`.
|
|
|
|
|
RefPtr<RefCountedMonitor> mMonitor;
|
|
|
|
|
|
|
|
|
|
// Cleared by `PortLink` in `PortLink::Clear()`.
|
|
|
|
|
PortLink* MOZ_NON_OWNING_REF mLink;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
PortLink::PortLink(MessageChannel* aChan, ScopedPort aPort)
|
|
|
|
|
: MessageLink(aChan), mNode(aPort.Controller()), mPort(aPort.Release()) {
|
2021-07-23 22:14:57 +03:00
|
|
|
mChan->mMonitor->AssertCurrentThreadOwns();
|
2021-07-12 23:36:20 +03:00
|
|
|
|
2021-06-22 21:17:22 +03:00
|
|
|
mObserver = new PortObserverThunk(mChan->mMonitor, this);
|
|
|
|
|
mNode->SetPortObserver(mPort, mObserver);
|
|
|
|
|
|
|
|
|
|
// Dispatch an event to the IO loop to trigger an initial
|
|
|
|
|
// `OnPortStatusChanged` to deliver any pending messages. This needs to be run
|
2021-06-22 21:17:25 +03:00
|
|
|
// asynchronously from a different thread (or in the case of a same-thread
|
|
|
|
|
// channel, from the current thread), for now due to assertions in
|
2021-06-22 21:17:22 +03:00
|
|
|
// `MessageChannel`.
|
2021-06-22 21:17:25 +03:00
|
|
|
nsCOMPtr<nsIRunnable> openRunnable = NewRunnableMethod(
|
|
|
|
|
"PortLink::Open", mObserver, &PortObserverThunk::OnPortStatusChanged);
|
|
|
|
|
if (aChan->mIsSameThreadChannel) {
|
|
|
|
|
aChan->mWorkerThread->Dispatch(openRunnable.forget());
|
|
|
|
|
} else {
|
|
|
|
|
XRE_GetIOMessageLoop()->PostTask(openRunnable.forget());
|
|
|
|
|
}
|
2021-06-22 21:17:22 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
PortLink::~PortLink() {
|
|
|
|
|
MOZ_RELEASE_ASSERT(!mObserver, "PortLink destroyed without being closed!");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void PortLink::SendMessage(UniquePtr<Message> aMessage) {
|
|
|
|
|
mChan->mMonitor->AssertCurrentThreadOwns();
|
|
|
|
|
|
|
|
|
|
if (aMessage->size() > IPC::Channel::kMaximumMessageSize) {
|
Bug 1831092 - Use the new pull-based API for all crash annotations and remove the global annotations table r=jgilbert,necko-reviewers,media-playback-reviewers,profiler-reviewers,win-reviewers,padenot,handyman,afranchuk,valentin,alwu,sotaro
This changes comes with several different refactorings all rolled into one,
unfotunately I couldn't find a way to pull them apart:
- First of all annotations now can either recorded (that is, we copy the value
and have the crash reporting code own the copy) or registered. Several
annotations are changed to use this functionality so that we don't need to
update them as their value change.
- The code in the exception handler is modified to read the annotations from
the mozannotation_client crate. This has the unfortunate side-effect that
we need three different bits of code to serialize them: one for annotations
read from a child process, one for reading annotations from the main process
outside of the exception handler and one for reading annotations from the
main process within the exception handler. As we move to fully
out-of-process crash reporting the last two methods will go away.
- The mozannotation_client crate now doesn't record annotation types anymore.
I realized as I was working on this that storing types at runtime has two
issues: the first one is that buggy code might change the type of an
annotation (that is record it under two different types at two different
moments), the second issue is that types might become corrupt during a
crash, so better enforce them at annotation-writing time. The end result is
that the mozannotation_* crates now only store byte buffers, track the
format the data is stored in (null-terminated string, fixed size buffer,
etc...) but not the type of data each annotation is supposed to contain.
- Which brings us to the next change: concrete types for annotations are now
enforced when they're written out. If an annotation doesn't match the
expected type it's skipped. Storing an annotation with the wrong type will
also trigger an assertion in debug builds.
Differential Revision: https://phabricator.services.mozilla.com/D195248
2024-03-04 13:24:43 +03:00
|
|
|
CrashReporter::RecordAnnotationCString(
|
|
|
|
|
CrashReporter::Annotation::IPCMessageName, aMessage->name());
|
|
|
|
|
CrashReporter::RecordAnnotationU32(
|
|
|
|
|
CrashReporter::Annotation::IPCMessageSize, aMessage->size());
|
2024-05-15 19:33:26 +03:00
|
|
|
CrashReporter::RecordAnnotationU32(
|
|
|
|
|
CrashReporter::Annotation::IPCMessageLargeBufferShmemFailureSize,
|
|
|
|
|
aMessage->LargeBufferShmemFailureSize());
|
2021-06-22 21:17:22 +03:00
|
|
|
MOZ_CRASH("IPC message size is too large");
|
|
|
|
|
}
|
|
|
|
|
aMessage->AssertAsLargeAsHeader();
|
|
|
|
|
|
|
|
|
|
RefPtr<PortObserverThunk> observer = mObserver;
|
|
|
|
|
if (!observer) {
|
|
|
|
|
NS_WARNING("Ignoring message to closed PortLink");
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Make local copies of relevant member variables, so we can unlock the
|
|
|
|
|
// monitor for the rest of this function. This protects us in case `this` is
|
|
|
|
|
// deleted during the call (although that shouldn't happen in practice).
|
|
|
|
|
//
|
|
|
|
|
// We don't want the monitor to be held when calling into ports, as we may be
|
|
|
|
|
// re-entrantly called by our `PortObserverThunk` which will attempt to
|
|
|
|
|
// acquire the monitor.
|
|
|
|
|
RefPtr<RefCountedMonitor> monitor = mChan->mMonitor;
|
|
|
|
|
RefPtr<NodeController> node = mNode;
|
|
|
|
|
PortRef port = mPort;
|
|
|
|
|
|
|
|
|
|
bool ok = false;
|
2022-03-17 21:39:15 +03:00
|
|
|
monitor->AssertCurrentThreadOwns();
|
2021-06-22 21:17:22 +03:00
|
|
|
{
|
|
|
|
|
MonitorAutoUnlock guard(*monitor);
|
|
|
|
|
ok = node->SendUserMessage(port, std::move(aMessage));
|
|
|
|
|
}
|
|
|
|
|
if (!ok) {
|
|
|
|
|
// The send failed, but double-check that we weren't closed racily while
|
|
|
|
|
// sending, which could lead to an invalid state error.
|
|
|
|
|
if (observer->mLink) {
|
|
|
|
|
MOZ_CRASH("Invalid argument to SendUserMessage");
|
|
|
|
|
}
|
|
|
|
|
NS_WARNING("Message dropped as PortLink was closed");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
Bug 1807049 - Refactor MessageChannel shutdown states, r=ipc-reviewers,mccr8
This refactoring cleans up some dead code, and makes some semantic
changes to how the MessageChannel lifecycle is handled.
These changes ensure that messages which were sent by a peer before the
GOODBYE message will be delivered, without allowing messages sent after
the GOODBYE message (e.g. by a misbehaving process) to be delivered.
The lifecycle and shutdown states were simplified, and moved to be
entirely in MessageChannel, rather than split between MessageChannel and
MessageLink.
The dead-code ChannelTimeout error state was removed, along with the
corresponding CloseWithTimeout method.
The CloseWithError method was updated to behave more consistently with
the normal Close method, synchronously triggering a connection error,
and closing the MessageLink. This method is currently unused, but will
useful in the future for handling processing errors.
Differential Revision: https://phabricator.services.mozilla.com/D178382
2023-05-26 20:44:57 +03:00
|
|
|
void PortLink::Close() {
|
2021-06-22 21:17:22 +03:00
|
|
|
mChan->mMonitor->AssertCurrentThreadOwns();
|
|
|
|
|
|
|
|
|
|
if (!mObserver) {
|
|
|
|
|
// We're already being closed.
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
Clear();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void PortLink::Clear() {
|
|
|
|
|
mChan->mMonitor->AssertCurrentThreadOwns();
|
|
|
|
|
|
|
|
|
|
// NOTE: We're calling into `ports` with our monitor held! Usually, this could
|
|
|
|
|
// lead to deadlocks due to the PortObserverThunk acquiring the lock
|
|
|
|
|
// re-entrantly, but is OK here as we're immediately clearing the port's
|
|
|
|
|
// observer. We shouldn't have issues with any re-entrant calls on this thread
|
|
|
|
|
// acquiring this MessageChannel's monitor.
|
|
|
|
|
//
|
|
|
|
|
// We also clear out the reference in `mObserver` back to this type so that
|
|
|
|
|
// notifications from other threads won't try to call us again once we release
|
|
|
|
|
// the monitor.
|
|
|
|
|
mNode->SetPortObserver(mPort, nullptr);
|
|
|
|
|
mObserver->mLink = nullptr;
|
|
|
|
|
mObserver = nullptr;
|
|
|
|
|
mNode->ClosePort(mPort);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void PortLink::OnPortStatusChanged() {
|
|
|
|
|
mChan->mMonitor->AssertCurrentThreadOwns();
|
|
|
|
|
|
|
|
|
|
// Check if the port's remoteness status has updated, and tell our channel if
|
|
|
|
|
// it has.
|
|
|
|
|
if (Maybe<PortStatus> status = mNode->GetStatus(mPort);
|
|
|
|
|
status && status->peer_remote != mChan->IsCrossProcess()) {
|
|
|
|
|
mChan->SetIsCrossProcess(status->peer_remote);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
while (mObserver) {
|
|
|
|
|
UniquePtr<IPC::Message> message;
|
|
|
|
|
if (!mNode->GetMessage(mPort, &message)) {
|
|
|
|
|
Clear();
|
|
|
|
|
mChan->OnChannelErrorFromLink();
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
if (!message) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2022-05-11 00:37:25 +03:00
|
|
|
mChan->OnMessageReceivedFromLink(std::move(message));
|
2021-06-22 21:17:22 +03:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-02-11 01:01:17 +03:00
|
|
|
bool PortLink::IsClosed() const {
|
2021-06-22 21:17:22 +03:00
|
|
|
if (Maybe<PortStatus> status = mNode->GetStatus(mPort)) {
|
|
|
|
|
return !(status->has_messages || status->receiving_messages);
|
|
|
|
|
}
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2013-09-28 05:42:08 +04:00
|
|
|
} // namespace ipc
|
|
|
|
|
} // namespace mozilla
|
