When the parent process has trouble deserializing an IPC message from the content
process, it originally killed that content process. This doesn't result in us
creating a crash report (and doing so is difficult if the FatalError is hit
off main thread). We now crash the parent process if we hit such a FatalError
in the parent process. This will hopefully give us an idea of how frequent
these FatalErrors are, since up until now we've been getting no crash data
for them.
--HG--
extra : commitid : J1E7vnGmvOa
extra : rebase_source : 66a4cfc599bc6f5ce113dd49439e247a474c48a4
extra : amend_source : 1d6f5f26455dd810c3c3ffb4b807e734c74d87a7
This is motivated by three separate but related problems:
1. Our concept of recursion depth is broken for things that run from AfterProcessNextEvent observers (e.g. Promises). We decrement the recursionDepth counter before firing observers, so a Promise callback running at the lowest event loop depth has a recursion depth of 0 (whereas a regular nsIRunnable would be 1). This is a problem because it's impossible to distinguish a Promise running after a sync XHR's onreadystatechange handler from a top-level event (since the former runs with depth 2 - 1 = 1, and the latter runs with just 1).
2. The nsIThreadObserver mechanism that is used by a lot of code to run "after" the current event is a poor fit for anything that runs script. First, the order the observers fire in is the order they were added, not anything fixed by spec. Additionally, running script can cause the event loop to spin, which is a big source of pain here (bholley has some nasty bug caused by this).
3. We run Promises from different points in the code for workers and main thread. The latter runs from XPConnect's nsIThreadObserver callbacks, while the former runs from a hardcoded call to run Promises in the worker event loop. What workers do is particularly problematic because it means we can't get the right recursion depth no matter what we do to nsThread.
The solve this, this patch does the following:
1. Consolidate some handling of microtasks and all handling of stable state from appshell and WorkerPrivate into CycleCollectedJSRuntime.
2. Make the recursionDepth counter only available to CycleCollectedJSRuntime (and its consumers) and remove it from the nsIThreadInternal and nsIThreadObserver APIs.
3. Adjust the recursionDepth counter so that microtasks run with the recursionDepth of the task they are associated with.
4. Introduce the concept of metastable state to replace appshell's RunBeforeNextEvent. Metastable state is reached after every microtask or task is completed. This provides the semantics that bent and I want for IndexedDB, where transactions autocommit at the end of a microtask and do not "spill" from one microtask into a subsequent microtask. This differs from appshell's RunBeforeNextEvent in two ways:
a) It fires between microtasks, which was the motivation for starting this.
b) It no longer ensures that we're at the same event loop depth in the native event queue. bent decided we don't care about this.
5. Reorder stable state to happen after microtasks such as Promises, per HTML. Right now we call the regular thread observers, including appshell, before the main thread observer (XPConnect), so stable state tasks happen before microtasks.
|DaemonSocketConnector| is a copy of |BluetoothDaemonConnector| and
also includes |BluetoothDaemonInterface::CreateRandomAddressString|.
--HG--
rename : dom/bluetooth/bluedroid/BluetoothDaemonConnector.cpp => ipc/hal/DaemonSocketConnector.cpp
rename : dom/bluetooth/bluedroid/BluetoothDaemonConnector.h => ipc/hal/DaemonSocketConnector.h
This allows us to send a sync fork request to the Nuwa process when we need one but there is no
spare process available. After an app is launched, the request to fork a spare process is still
handled asynchronously.
--HG--
extra : rebase_source : 9b692a647f4fc861285d95f0372d6a9913eadf64
This also moves the initialization of the sandbox TargetServices to earlier in
plugin-container.cpp content_process_main, because it needs to happen before
xul.dll loads.
The current situation looks like this: Firefox launches the plugin-container
with two environment variables set:
LD_LIBRARY_PATH=$FIREFOX_DIR:$LD_LIBRARY_PATH
LD_PRELOAD=$FIREFOX_DIR/libmozgtk2.so:$LD_PRELOAD
libxul.so has a dependency on libmozgtk.so (without "2"), but libmozgtk2.so
has a SONAME of libmozgtk.so, so ld.so recognizes libmozgtk2.so as a
dependency of libxul.so, and uses it instead of the actual libmozgtk.so,
making the plugin-container use Gtk+2 instead of Gtk+3 to load Gtk+2 plugins.
Now, ASan sets things up in shared libraries such that they needs a symbol
from the executable binary. So in the case of plugin-container, the
plugin-container executable itself contains some ASan symbols such as
__asan_init_v3. libmozgtk2.so, OTOH, contains an undefined weak reference to
that symbol, like all other Firefox shared libraries.
Since libmozgtk2.so is LD_PRELOADed, it is loaded _before_ the
plugin-container executable, and __asan_init_v3 can't be resolved.
Disabling ASan for libmozgtk2.so would be a possibility, but the build system
doesn't really know how to do that, and filtering out -fsanitize=address
can be fragile.
The alternative possibility, implemented here, is to change the library
loading strategy, renaming libmozgtk2.so to gtk2/libmozgtk.so, and setting
the following environment variable when Firefox launches the plugin-container:
LD_LIBRARY_PATH=$FIREFOX_DIR/gtk2:$FIREFOX_DIR:$LD_LIBRARY_PATH
There are a variety of ways that the parent and child process ensure that
the child process exits quickly in opt builds, but for AddressSanitizer
builds we want to let the child process to run to completion, so that we
can get a LeakSanitizer report.
This requires adding some addition LSan suppressions, because running
LSan in child processes detects some new leaks.
The new daemon runnables are generalized implementations of the
Bluetooth daemon runnables. The code is unchanged, except for name
changes and fixes to the coding style.
The new daemon runnables are generalized implementations of the
Bluetooth daemon runnables. The code is unchanged, except for name
changes and fixes to the coding style.
The shutdown procedure for socket classes ensures that the I/O class is
deleted independently from its socket class. If the socket class has been
deleted, no I/O is performed and no socket events are forwarded. The I/O
class therefore doesn't require a strong reference to its socket class.
This patch removes the remaining ref-counted pointers from the socket I/O
classes. The socket class clears the weak reference in its socket I/O class
when closing the socket.
This patch finally breaks up forwarding received RIL messages to the
main thread before they go to the RIL worker. Any RIL message that is
received on th I/O thread is forwarded directly to the RIL worker
thread and handed over to the RIL worker JS code.
The patch includes a number of changes. They all depend on each other,
so there's no good way of landing them one-by-one.
* |RilConsumer| now runs on the RIL worker thread.
* |RilWorker| uses tasks to register/unregister |RilConsumer| in the worker.
* |RilConsumer| uses |RilSocket| instead of |StreamSocket|.
* With |RilSocket|, received RIL messages do not go through main. They are
forwared to the RIL worker and handed over to JS immediately.
This patch separates the current interface of |RilConsumer| into
two distinct classes. |RilWorker| provides the public interface
and |RilConsumer| provides the internal implementation. Running
|RilConsumer| on a worker thread will be easier this way.
With this patch, |RilSocket| and it's helpers forward received data
via a WCTD. This will hand over the worker's JS context to the RIL
consumer.
In a later patch, the RIL consumer will be moved onto the RIL worker
thread and call the JS ril-worker code directly.
|RilSocket| and |RilSocketConsumer| are copies of the respective stream-
socket classes. Improvements to the RIL I/O code will be implemented on
top of the new classes.
--HG--
rename : ipc/unixsocket/StreamSocket.cpp => ipc/ril/RilSocket.cpp
rename : ipc/unixsocket/StreamSocket.h => ipc/ril/RilSocket.h
rename : ipc/unixsocket/StreamSocketConsumer.cpp => ipc/ril/RilSocketConsumer.cpp
rename : ipc/unixsocket/StreamSocketConsumer.h => ipc/ril/RilSocketConsumer.h
This patch finally breaks up forwarding received RIL messages to the
main thread before they go to the RIL worker. Any RIL message that is
received on th I/O thread is forwarded directly to the RIL worker
thread and handed over to the RIL worker JS code.
The patch includes a number of changes. They all depend on each other,
so there's no good way of landing them one-by-one.
* |RilConsumer| now runs on the RIL worker thread.
* |RilWorker| uses tasks to register/unregister |RilConsumer| in the worker.
* |RilConsumer| uses |RilSocket| instead of |StreamSocket|.
* With |RilSocket|, received RIL messages do not go through main. They are
forwared to the RIL worker and handed over to JS immediately.
This patch separates the current interface of |RilConsumer| into
two distinct classes. |RilWorker| provides the public interface
and |RilConsumer| provides the internal implementation. Running
|RilConsumer| on a worker thread will be easier this way.
With this patch, |RilSocket| and it's helpers forward received data
via a WCTD. This will hand over the worker's JS context to the RIL
consumer.
In a later patch, the RIL consumer will be moved onto the RIL worker
thread and call the JS ril-worker code directly.
|RilSocket| and |RilSocketConsumer| are copies of the respective stream-
socket classes. Improvements to the RIL I/O code will be implemented on
top of the new classes.
--HG--
rename : ipc/unixsocket/StreamSocket.cpp => ipc/ril/RilSocket.cpp
rename : ipc/unixsocket/StreamSocket.h => ipc/ril/RilSocket.h
rename : ipc/unixsocket/StreamSocketConsumer.cpp => ipc/ril/RilSocketConsumer.cpp
rename : ipc/unixsocket/StreamSocketConsumer.h => ipc/ril/RilSocketConsumer.h
The bulk of this commit was generated by running:
run-clang-tidy.py \
-checks='-*,llvm-namespace-comment' \
-header-filter=^/.../mozilla-central/.* \
-fix
We were deallocating very small regions instead of the entire
region we had originally allocated. Mamma mia!
--HG--
extra : commitid : KlEr9q3Lnxj
extra : rebase_source : d72c362347354a7384790788e0e48feba0dbe69a
The class |DaemonSocket| and its helpers implement a service-
neutral connection to a HAL daemon. This patch moves the code
to an appropriate directory and breaks up the code into smaller
pieces.
--HG--
rename : ipc/bluetooth/BluetoothDaemonConnection.cpp => ipc/hal/DaemonSocket.cpp
rename : ipc/bluetooth/BluetoothDaemonConnection.h => ipc/hal/DaemonSocket.h
rename : ipc/bluetooth/BluetoothDaemonConnectionConsumer.cpp => ipc/hal/DaemonSocketConsumer.cpp
rename : ipc/bluetooth/BluetoothDaemonConnectionConsumer.h => ipc/hal/DaemonSocketConsumer.h
rename : ipc/bluetooth/moz.build => ipc/hal/moz.build
Dispatching events via |nsIThread| doesn't work with worker threads. This
patch replaces all uses of |nsIThread| in the socket code by equivalent
uses of |MessageLoop|.
Different users of the socket I/O code have different requirements
for their I/O buffers. This patch moves the buffer management into
sub-classes of |UnixSocketBuffer|. Each of them can maintain memory
according to its needs.
Make it harder for users to accidentally reintroduce usage of the PR_LOG macros
when using 'mozilla/Logging.h'. This can still be worked around by directly
including 'prlog.h' (and not 'mozilla/Logging.h') if absolutely necessary.
The socket IPC interfaces still use 'main thread' in a number of
places. This patch changes all such interfaces and documentation
to speak of 'consumer thread' instead.
The consumer thread handles socket creation, destruction, and
data processing for socket IPC. Traditionally this has been
done on the main thread.
This patch extends the socket IPC classes to support arbitrary
consumer threads. The thread is configured when establishing a
connection, and performs all of the above operations until the
socket is closed.
The I/O thread sends and receives data on a file descriptor. This
has traditionally been performed on a single I/O thread.
This patch extends the socket IPC classes to support arbitrary I/O
threads. The thread is configured when a connection is established
and used until the socket gets closed.
Both types, |union sockaddr_any| and |struct sockaddr_storage|, provide
a sockaddr type that can hold any address. The latter is standardized by
POSIX, so we prefer it.
This patch integrates the functionality of |BluetoothDaemonChannel|
into |BluetoothDaemonConnection|. All users are adapted, the former
class is removed.
This patch converts |ListenSocket| to forward events to an instance
of |ListenSocketConsumer|. All users are converted and the related
listener and consumer classes are removed.
This patch converts |StreamSocket| to forward events and data to an
instance of |StreamSocketConsumer|. All users are converted and the
related listener and consumer classes are removed.
Mike Hommey
Mike Conley
Kyle Huey
Botond Ballo
Carsten "Tomcat" Book
Thomas Zimmermann
Bob Owen
Makoto Kato
Jesse Ruderman
Cervantes Yu
Andrea Marchesini
Ryan VanderMeulen
Bobby Holley
Aaron Klotz
Ehsan Akhgari
David Anderson
Andrew McCreight
Jeff Muizelaar
Christoph Kerschbaumer
Bill McCloskey
Jim Mathies
Wes Kocher
Birunthan Mohanathas
Juan Gomez
Dragana Damjanovic
Emanuel Hoogeveen
Phil Ringnalda
Hamzata Diallo
Hiroyuki Ikezoe
Ben Turner
Jan de Mooij
Brad Lassey
Jan-Ivar Bruaroey
Shelly Lin
Markus Stange
Fredrik Lanker
Mike Hommey
Eric Rahm
James Willcox
Randell Jesup
Nicholas Nethercote
Lee Salzman
Michael Layzell
Nathan Froyd