1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/ipc/glue/MessageLink.cpp Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,383 @@
1.4 +/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
1.5 + * vim: sw=4 ts=4 et :
1.6 + */
1.7 +/* This Source Code Form is subject to the terms of the Mozilla Public
1.8 + * License, v. 2.0. If a copy of the MPL was not distributed with this
1.9 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
1.10 +
1.11 +#include "mozilla/ipc/MessageLink.h"
1.12 +#include "mozilla/ipc/MessageChannel.h"
1.13 +#include "mozilla/ipc/BrowserProcessSubThread.h"
1.14 +#include "mozilla/ipc/ProtocolUtils.h"
1.15 +
1.16 +#ifdef MOZ_NUWA_PROCESS
1.17 +#include "ipc/Nuwa.h"
1.18 +#include "mozilla/Preferences.h"
1.19 +#endif
1.20 +
1.21 +#include "nsDebug.h"
1.22 +#include "nsISupportsImpl.h"
1.23 +#include "nsXULAppAPI.h"
1.24 +
1.25 +using namespace mozilla;
1.26 +using namespace std;
1.27 +
1.28 +template<>
1.29 +struct RunnableMethodTraits<mozilla::ipc::ProcessLink>
1.30 +{
1.31 + static void RetainCallee(mozilla::ipc::ProcessLink* obj) { }
1.32 + static void ReleaseCallee(mozilla::ipc::ProcessLink* obj) { }
1.33 +};
1.34 +
1.35 +// We rely on invariants about the lifetime of the transport:
1.36 +//
1.37 +// - outlives this MessageChannel
1.38 +// - deleted on the IO thread
1.39 +//
1.40 +// These invariants allow us to send messages directly through the
1.41 +// transport without having to worry about orphaned Send() tasks on
1.42 +// the IO thread touching MessageChannel memory after it's been deleted
1.43 +// on the worker thread. We also don't need to refcount the
1.44 +// Transport, because whatever task triggers its deletion only runs on
1.45 +// the IO thread, and only runs after this MessageChannel is done with
1.46 +// the Transport.
1.47 +template<>
1.48 +struct RunnableMethodTraits<mozilla::ipc::MessageChannel::Transport>
1.49 +{
1.50 + static void RetainCallee(mozilla::ipc::MessageChannel::Transport* obj) { }
1.51 + static void ReleaseCallee(mozilla::ipc::MessageChannel::Transport* obj) { }
1.52 +};
1.53 +
1.54 +namespace mozilla {
1.55 +namespace ipc {
1.56 +
1.57 +MessageLink::MessageLink(MessageChannel *aChan)
1.58 + : mChan(aChan)
1.59 +{
1.60 +}
1.61 +
1.62 +MessageLink::~MessageLink()
1.63 +{
1.64 + mChan = nullptr;
1.65 +}
1.66 +
1.67 +ProcessLink::ProcessLink(MessageChannel *aChan)
1.68 + : MessageLink(aChan),
1.69 + mExistingListener(nullptr)
1.70 +{
1.71 +}
1.72 +
1.73 +ProcessLink::~ProcessLink()
1.74 +{
1.75 + mIOLoop = 0;
1.76 + if (mTransport) {
1.77 + mTransport->set_listener(0);
1.78 +
1.79 + // we only hold a weak ref to the transport, which is "owned"
1.80 + // by GeckoChildProcess/GeckoThread
1.81 + mTransport = 0;
1.82 + }
1.83 +}
1.84 +
1.85 +void
1.86 +ProcessLink::Open(mozilla::ipc::Transport* aTransport, MessageLoop *aIOLoop, Side aSide)
1.87 +{
1.88 + NS_PRECONDITION(aTransport, "need transport layer");
1.89 +
1.90 + // FIXME need to check for valid channel
1.91 +
1.92 + mTransport = aTransport;
1.93 +
1.94 + // FIXME figure out whether we're in parent or child, grab IO loop
1.95 + // appropriately
1.96 + bool needOpen = true;
1.97 + if(aIOLoop) {
1.98 + // We're a child or using the new arguments. Either way, we
1.99 + // need an open.
1.100 + needOpen = true;
1.101 + mChan->mSide = (aSide == UnknownSide) ? ChildSide : aSide;
1.102 + } else {
1.103 + NS_PRECONDITION(aSide == UnknownSide, "expected default side arg");
1.104 +
1.105 + // parent
1.106 + mChan->mSide = ParentSide;
1.107 + needOpen = false;
1.108 + aIOLoop = XRE_GetIOMessageLoop();
1.109 + }
1.110 +
1.111 + mIOLoop = aIOLoop;
1.112 +
1.113 + NS_ASSERTION(mIOLoop, "need an IO loop");
1.114 + NS_ASSERTION(mChan->mWorkerLoop, "need a worker loop");
1.115 +
1.116 + {
1.117 + MonitorAutoLock lock(*mChan->mMonitor);
1.118 +
1.119 + if (needOpen) {
1.120 + // Transport::Connect() has not been called. Call it so
1.121 + // we start polling our pipe and processing outgoing
1.122 + // messages.
1.123 + mIOLoop->PostTask(
1.124 + FROM_HERE,
1.125 + NewRunnableMethod(this, &ProcessLink::OnChannelOpened));
1.126 + } else {
1.127 + // Transport::Connect() has already been called. Take
1.128 + // over the channel from the previous listener and process
1.129 + // any queued messages.
1.130 + mIOLoop->PostTask(
1.131 + FROM_HERE,
1.132 + NewRunnableMethod(this, &ProcessLink::OnTakeConnectedChannel));
1.133 + }
1.134 +
1.135 +#ifdef MOZ_NUWA_PROCESS
1.136 + if (IsNuwaProcess() &&
1.137 + Preferences::GetBool("dom.ipc.processPrelaunch.testMode")) {
1.138 + // The pref value is turned on in a deadlock test against the Nuwa
1.139 + // process. The sleep here makes it easy to trigger the deadlock
1.140 + // that an IPC channel is still opening but the worker loop is
1.141 + // already frozen.
1.142 + sleep(5);
1.143 + }
1.144 +#endif
1.145 +
1.146 + // Should not wait here if something goes wrong with the channel.
1.147 + while (!mChan->Connected() && mChan->mChannelState != ChannelError) {
1.148 + mChan->mMonitor->Wait();
1.149 + }
1.150 + }
1.151 +}
1.152 +
1.153 +void
1.154 +ProcessLink::EchoMessage(Message *msg)
1.155 +{
1.156 + mChan->AssertWorkerThread();
1.157 + mChan->mMonitor->AssertCurrentThreadOwns();
1.158 +
1.159 + mIOLoop->PostTask(
1.160 + FROM_HERE,
1.161 + NewRunnableMethod(this, &ProcessLink::OnEchoMessage, msg));
1.162 + // OnEchoMessage takes ownership of |msg|
1.163 +}
1.164 +
1.165 +void
1.166 +ProcessLink::SendMessage(Message *msg)
1.167 +{
1.168 + mChan->AssertWorkerThread();
1.169 + mChan->mMonitor->AssertCurrentThreadOwns();
1.170 +
1.171 + mIOLoop->PostTask(
1.172 + FROM_HERE,
1.173 + NewRunnableMethod(mTransport, &Transport::Send, msg));
1.174 +}
1.175 +
1.176 +void
1.177 +ProcessLink::SendClose()
1.178 +{
1.179 + mChan->AssertWorkerThread();
1.180 + mChan->mMonitor->AssertCurrentThreadOwns();
1.181 +
1.182 + mIOLoop->PostTask(
1.183 + FROM_HERE, NewRunnableMethod(this, &ProcessLink::OnCloseChannel));
1.184 +}
1.185 +
1.186 +ThreadLink::ThreadLink(MessageChannel *aChan, MessageChannel *aTargetChan)
1.187 + : MessageLink(aChan),
1.188 + mTargetChan(aTargetChan)
1.189 +{
1.190 +}
1.191 +
1.192 +ThreadLink::~ThreadLink()
1.193 +{
1.194 + // :TODO: MonitorAutoLock lock(*mChan->mMonitor);
1.195 + // Bug 848949: We need to prevent the other side
1.196 + // from sending us any more messages to avoid Use-After-Free.
1.197 + // The setup here is as shown:
1.198 + //
1.199 + // (Us) (Them)
1.200 + // MessageChannel MessageChannel
1.201 + // | ^ \ / ^ |
1.202 + // | | X | |
1.203 + // v | / \ | v
1.204 + // ThreadLink ThreadLink
1.205 + //
1.206 + // We want to null out the diagonal link from their ThreadLink
1.207 + // to our MessageChannel. Note that we must hold the monitor so
1.208 + // that we do this atomically with respect to them trying to send
1.209 + // us a message.
1.210 + if (mTargetChan) {
1.211 + static_cast<ThreadLink*>(mTargetChan->mLink)->mTargetChan = 0;
1.212 + }
1.213 + mTargetChan = 0;
1.214 +}
1.215 +
1.216 +void
1.217 +ThreadLink::EchoMessage(Message *msg)
1.218 +{
1.219 + mChan->AssertWorkerThread();
1.220 + mChan->mMonitor->AssertCurrentThreadOwns();
1.221 +
1.222 + mChan->OnMessageReceivedFromLink(*msg);
1.223 + delete msg;
1.224 +}
1.225 +
1.226 +void
1.227 +ThreadLink::SendMessage(Message *msg)
1.228 +{
1.229 + mChan->AssertWorkerThread();
1.230 + mChan->mMonitor->AssertCurrentThreadOwns();
1.231 +
1.232 + if (mTargetChan)
1.233 + mTargetChan->OnMessageReceivedFromLink(*msg);
1.234 + delete msg;
1.235 +}
1.236 +
1.237 +void
1.238 +ThreadLink::SendClose()
1.239 +{
1.240 + mChan->AssertWorkerThread();
1.241 + mChan->mMonitor->AssertCurrentThreadOwns();
1.242 +
1.243 + mChan->mChannelState = ChannelClosed;
1.244 +
1.245 + // In a ProcessLink, we would close our half the channel. This
1.246 + // would show up on the other side as an error on the I/O thread.
1.247 + // The I/O thread would then invoke OnChannelErrorFromLink().
1.248 + // As usual, we skip that process and just invoke the
1.249 + // OnChannelErrorFromLink() method directly.
1.250 + if (mTargetChan)
1.251 + mTargetChan->OnChannelErrorFromLink();
1.252 +}
1.253 +
1.254 +bool
1.255 +ThreadLink::Unsound_IsClosed() const
1.256 +{
1.257 + MonitorAutoLock lock(*mChan->mMonitor);
1.258 + return mChan->mChannelState == ChannelClosed;
1.259 +}
1.260 +
1.261 +uint32_t
1.262 +ThreadLink::Unsound_NumQueuedMessages() const
1.263 +{
1.264 + // ThreadLinks don't have a message queue.
1.265 + return 0;
1.266 +}
1.267 +
1.268 +//
1.269 +// The methods below run in the context of the IO thread
1.270 +//
1.271 +
1.272 +void
1.273 +ProcessLink::OnMessageReceived(const Message& msg)
1.274 +{
1.275 + AssertIOThread();
1.276 + NS_ASSERTION(mChan->mChannelState != ChannelError, "Shouldn't get here!");
1.277 + MonitorAutoLock lock(*mChan->mMonitor);
1.278 + mChan->OnMessageReceivedFromLink(msg);
1.279 +}
1.280 +
1.281 +void
1.282 +ProcessLink::OnEchoMessage(Message* msg)
1.283 +{
1.284 + AssertIOThread();
1.285 + OnMessageReceived(*msg);
1.286 + delete msg;
1.287 +}
1.288 +
1.289 +void
1.290 +ProcessLink::OnChannelOpened()
1.291 +{
1.292 + mChan->AssertLinkThread();
1.293 + {
1.294 + MonitorAutoLock lock(*mChan->mMonitor);
1.295 +
1.296 + mExistingListener = mTransport->set_listener(this);
1.297 +#ifdef DEBUG
1.298 + if (mExistingListener) {
1.299 + queue<Message> pending;
1.300 + mExistingListener->GetQueuedMessages(pending);
1.301 + MOZ_ASSERT(pending.empty());
1.302 + }
1.303 +#endif // DEBUG
1.304 +
1.305 + mChan->mChannelState = ChannelOpening;
1.306 + lock.Notify();
1.307 + }
1.308 + /*assert*/mTransport->Connect();
1.309 +}
1.310 +
1.311 +void
1.312 +ProcessLink::OnTakeConnectedChannel()
1.313 +{
1.314 + AssertIOThread();
1.315 +
1.316 + queue<Message> pending;
1.317 + {
1.318 + MonitorAutoLock lock(*mChan->mMonitor);
1.319 +
1.320 + mChan->mChannelState = ChannelConnected;
1.321 +
1.322 + mExistingListener = mTransport->set_listener(this);
1.323 + if (mExistingListener) {
1.324 + mExistingListener->GetQueuedMessages(pending);
1.325 + }
1.326 + lock.Notify();
1.327 + }
1.328 +
1.329 + // Dispatch whatever messages the previous listener had queued up.
1.330 + while (!pending.empty()) {
1.331 + OnMessageReceived(pending.front());
1.332 + pending.pop();
1.333 + }
1.334 +}
1.335 +
1.336 +void
1.337 +ProcessLink::OnChannelConnected(int32_t peer_pid)
1.338 +{
1.339 + AssertIOThread();
1.340 +
1.341 + {
1.342 + MonitorAutoLock lock(*mChan->mMonitor);
1.343 + mChan->mChannelState = ChannelConnected;
1.344 + mChan->mMonitor->Notify();
1.345 + }
1.346 +
1.347 + if (mExistingListener)
1.348 + mExistingListener->OnChannelConnected(peer_pid);
1.349 +
1.350 + mChan->OnChannelConnected(peer_pid);
1.351 +}
1.352 +
1.353 +void
1.354 +ProcessLink::OnChannelError()
1.355 +{
1.356 + AssertIOThread();
1.357 + MonitorAutoLock lock(*mChan->mMonitor);
1.358 + mChan->OnChannelErrorFromLink();
1.359 +}
1.360 +
1.361 +void
1.362 +ProcessLink::OnCloseChannel()
1.363 +{
1.364 + AssertIOThread();
1.365 +
1.366 + mTransport->Close();
1.367 +
1.368 + MonitorAutoLock lock(*mChan->mMonitor);
1.369 + mChan->mChannelState = ChannelClosed;
1.370 + mChan->mMonitor->Notify();
1.371 +}
1.372 +
1.373 +bool
1.374 +ProcessLink::Unsound_IsClosed() const
1.375 +{
1.376 + return mTransport->Unsound_IsClosed();
1.377 +}
1.378 +
1.379 +uint32_t
1.380 +ProcessLink::Unsound_NumQueuedMessages() const
1.381 +{
1.382 + return mTransport->Unsound_NumQueuedMessages();
1.383 +}
1.384 +
1.385 +} // namespace ipc
1.386 +} // namespace mozilla
