Part of #39418. See that PR for a full description.
Moves:
- `read_json_from_file`
- `write_json_to_file`
- `IpcSendResult`
- `IpcSend`
Renames:
- `CoreResourceThreadPool` to `ThreadPool` (shorter and more
descriptive, as we use it for more than the core resource thread now)
Signed-off-by: Ashwin Naren <arihant2math@gmail.com>
This PR **removes** `ScriptToConstellationMessage::ForwardToEmbedder`,
and replaces it with an explicit `ScriptToEmbedderChannel`. This new
channel is based on `GenericCallback` and in single-process mode will
directly send the message the to the embedder and wake it. In
multi-process mode, the message is routed via the ROUTER, since waking
is only possible from the same process currently. This means in
multi-process mode there are likely no direct perf benefits, since we
still need to hop the message over the ROUTER (instead of over the
constellation).
In single-process mode we can directly send the message to the embedder,
which should provide a noticable latency improvement in all cases where
script is blocked waiting on the embedder to reply.
This does not change the way the embedder receives messages - the
receiving end is unchanged.
## How was sending messages to the embedder working before?
1. Script wraps it's message to the embedder in
`ScriptToConstellationMessage::ForwardToEmbedder` and sends it to
constellation.
2. The [constellation event loop] receives the message in
[handle_request]
3. If deserialization fails, [an error is logged and the message is
ignored]
4. Since our message came from script, it is handle in
[handle_request_from_script]
5. The message is logged with trace log level
6. If the pipeline is closed, [a warning is logged and the message
ignored]
7. The wrapped `EmbedderMsg` [is forwarded to the embedder]. Sending the
message also invokes `wake()` on the embedder eventloop waker.
[constellation event loop]:
2e1b2e7260/components/constellation/constellation.rs (L755)
[handle request]:
2e1b2e7260/components/constellation/constellation.rs (L1182)
[an error is logged and the message is ignored]:
2e1b2e7260/components/constellation/constellation.rs (L1252)
[handle_request_from_script]:
https://github.com/servo/servo/blob/main/components/constellation/constellation.rs#L1590
[a warning is logged and the message ignored]:
2e1b2e7260/components/constellation/constellation.rs (L1599)
[is forwarded to the embedder]:
2e1b2e7260/components/constellation/constellation.rs (L1701)
Testing: Communication between Script and Embedder is extensive, so this
should be covered by existing tests.
Signed-off-by: Jonathan Schwender <schwenderjonathan@gmail.com>
This doesn't appear to make a big difference in speedometer results, but
this removes some code from the hot path of creating DomRoot values.
Before: `Score: 30.381097406624708 ± 2.0393225244958018`
After: `Score: 30.344639420871395 ± 1.9359337921154696`
Testing: Existing WPT coverage
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
This change makes it so that every `GlobalScope` can contain an optional
`FontContext`. This will be necessary for every `GlobalScope` that
accesses canvas. Currently, `FontContext` is created and accessed via
the canvas worker thread, but this means that web fonts are not
available to canvas. This change will eventually make it possible for
canvas to share web fonts with the `Document` that owns them.
Testing: This should not change behavior and is thus covered by existing
tests.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
The method now doesn't need unsafe in its signature because it no longer
accepts unsafe pointers as arguments. We move the unsafe marker to the
method itself.
Testing: I opened the browser and went to google.com; I ran some WPT
(IndexedDB) tests.
Fixes: #38361
---------
Signed-off-by: criskell <96352451+criskell@users.noreply.github.com>
currently our devtools impl creates source actors in script, when
executing scripts in HTMLScriptElement or DedicatedWorkerGlobalScope.
this approach is cumbersome, and it means that many pathways to running
scripts are missed, such as imported ES modules.
with the [SpiderMonkey Debugger
API](https://firefox-source-docs.mozilla.org/js/Debugger/), we can pick
up all of the scripts and all of their sources without any extra code,
as long as we tell it about every global we create (#38333, #38551).
this patch adds a [Debugger#onNewScript()
hook](https://firefox-source-docs.mozilla.org/js/Debugger/Debugger.html#onnewscript-script-global)
to the debugger script, which calls
DebuggerGlobalScope#notifyNewSource() to notify our script system when a
new script runs. if the source is relevant to the file tree in the
Sources tab, script tells devtools to create a source actor.
Testing: adds several new automated devtools tests
Fixes: part of #36027
Signed-off-by: Delan Azabani <dazabani@igalia.com>
Co-authored-by: atbrakhi <atbrakhi@igalia.com>
to debug workers in a page with the [SpiderMonkey Debugger
API](https://firefox-source-docs.mozilla.org/js/Debugger/), we need to
pass the worker’s global object to
[Debugger.prototype.**addDebuggee()**](https://firefox-source-docs.mozilla.org/js/Debugger/Debugger.html#adddebuggee-global).
we could pick up the global via the [onNewGlobalObject()
hook](https://firefox-source-docs.mozilla.org/js/Debugger/Debugger.html#onnewglobalobject-global),
but if our script system passes the global to the debugger script
instead, we can later add details like the PipelineId that will help
servo identify debuggees that the API is notifying us about (#38334).
this patch creates a debugger global in worker threads, runs the
debugger script in those new globals, and plumbs new worker globals from
those threads into addDebuggee() via the debugger script. since worker
threads can’t generate PipelineId values, but they only ever run workers
on behalf of one pipeline, we use that pipeline’s PipelineId as the
PipelineId of the debugger global, rather than generating a unique
PipelineId like we do in script threads.
Testing: will undergo many automated tests in #38334
Fixes: part of #36027
Signed-off-by: Delan Azabani <dazabani@igalia.com>
Co-authored-by: atbrakhi <atbrakhi@igalia.com>
- [Dispatch Event](https://dom.spec.whatwg.org/#concept-event-dispatch)
should return a Boolean. This function is used frequently in spec and
the change makes things easier to follow.
- Remove `enum EventStatus` and related functions.
- Update some dead spec link.
- Update some steps.
This is intended as cleanup before working on #38435 and reduces binary
size by 488KB in Release profile.
Testing: No behaviour change.
---------
Signed-off-by: Euclid Ye <euclid.ye@huawei.com>
in the devtools protocol, [source
forms](https://firefox-source-docs.mozilla.org/devtools/backend/protocol.html#loading-script-sources)
announced in `resources-available-array` messages can include the
`introductionType`, which more or less mirrors the field of the same
name in SpiderMonkey’s CompileOptions.
this patch exposes `introductionType` accordingly, allowing us to check
for the correct values in automated tests.
Testing: new coverage in devtools tests
Fixes: part of #36027
---------
Signed-off-by: Delan Azabani <dazabani@igalia.com>
Co-authored-by: atbrakhi <atbrakhi@igalia.com>
Any CSP violations happening when loading a worker should be reported
on the global of the document that creates the worker. Since workers
run in different threads, we can't pass in this parent global into
the worker global scope. Instead, we need to send a message to the
parent event loop to report it on the correct global.
Part of https://github.com/servo/servo/issues/4577
Fixes https://github.com/servo/servo/issues/37027
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Workers created from Blobs inherit their CSP. Now we inherit the CSP and
set the correct base API url. The base API url should be used when
determining the
report-uri endpoint. Otherwise, the blob URL would be used as a base,
which is invalid and the report wouldn't be sent.
Also create a helper method to concatenate two optionals of CSPList,
which was used in several places.
Part of #4577
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Does not yet handle failures of endpoints, which requires us to update
metadata. I don't see that metadata being used anywhere, so I am not
sure if there is WPT coverage for it.
Part of #37238
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
This refactoring moves various CSP-related methods away from GlobalScope
and Document into a dedicated entrypoint. It also reduces the amount of
imports of the CSP crate, so that types are consolidated into this one
entrypoint. That way, we control how CSP code interacts with the script
crate.
For reviewing purposes, I split up the refactoring into separate
distinct commits that all move 1 method(group) into the new file.
Testing: no change in behavior, only a build improvement + code cleanup
---------
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Signed-off-by: Tim van der Lippe <TimvdLippe@users.noreply.github.com>
To show the contents of inline scripts in the Sources panel, we need to
send the whole HTML file from script to devtools, not just the script
code. This is trickier than the external script case, but we can look to
[how Firefox does
it](https://servo.zulipchat.com/#narrow/channel/263398-general/topic/Getting.20the.20original.20page.20HTML.20from.20script/near/524392861)
for some inspiration. The process is as follows:
- when we execute a script
- notify devtools to create the source actor
- if it’s an external script, send the script code to the devtools
server
- if it’s an inline script, don’t send any source contents yet
- devtools stores the contents in the source actor
- while loading a new document
- buffer the markup, so we can send it to devtools
- when we finish loading a new document
- send the buffered markup to the devtools server
- devtools stores the contents in any source actors with no contents yet
- when a source actor gets a `source` request
- if we have the contents, send those contents to the client
- if we don’t have the contents (inline script that loaded while
devtools was closed)
- FUTURE: try to fetch the markup out of cache
- otherwise send `<!-- not available; please reload! -->`
Testing: Several tests added to test the changes, also updates an
existing test with correct assertion
Fixes: https://github.com/servo/servo/issues/36874
---------
Signed-off-by: atbrakhi <atbrakhi@igalia.com>
Signed-off-by: Delan Azabani <dazabani@igalia.com>
Co-authored-by: Delan Azabani <dazabani@igalia.com>
Stop DedicatedWorker from handling remaining messages after closed
Testing: WPT workers/WorkerGlobalScope-close.html
Signed-off-by: Xiaocheng Hu <xiaochengh.work@gmail.com>
This patch adds support for showing source_content in `Debugger >
Source` panel. This works by handling the clients `source` messages in
the source actor. These source actors are already advertised as resource
via the watcher, populating the source list. We also update the
`sources` handler in thread actor for future work in thread debugging.
Note: while this PR also adds support for showing worker script
source_content, worker has been broken (See
https://github.com/servo/servo/issues/37012). I was able to confirm the
`content_type` and `source_content` for worker script in logs.
Fixes: part of https://github.com/servo/servo/issues/36027
---------
Signed-off-by: atbrakhi <atbrakhi@igalia.com>
This makes sure that when workers are created, their global scope has
the correct policy-container set
so that we can do CSP-checks.
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
These changes make us match Gecko's setup for how Window and non-Window
globals are initialized. Since Window globals are much more common than
Worker globals, using lazy interface definitions can be a useful memory
optimization at the expense of increased complexity for property
lookups.
Also adds the MayResolve hook for all globals, which is an optimization
for the JIT to avoid calling resolve hooks unnecessarily.
Testing: Existing test coverage on global interfaces should suffice.
---------
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
It also updates the FetchResponseListener to process CSP violations to
ensure that iframe elements (amongst others) properly generate the CSP
events. These iframe elements are used in the Trusted Types tests
themselves and weren't propagating the violations before.
However, the tests themselves are still not passing since they also use
Websockets, which currently aren't using the fetch machinery itself.
That is fixed as part of [1].
[1]: https://github.com/servo/servo/issues/35028
---------
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Co-authored-by: Josh Matthews <josh@joshmatthews.net>
This is the last big change necessary to create the
`constellation_traits` crate. This moves the data structure for messages
that originate from the `ScriptThread` and are sent to the
`Contellation` to `constellation_traits`, effectively splitting
`script_traits` in half. Before, `script_traits` was responsible for
exposing the API of both the `ScriptThread` and the `Constellation` to
the rest of Servo.
- Data structures that are used by `ScriptToConstellationMsg` are moved
to `constellation_traits`. The dependency graph looks a bit like this:
`script_layout_interface` depends on `script_traits` depends on
`constellation_traits` depends on `embedder_traits`.
- Data structures that are used in the embedding layer
(`UntrustedNodeAddress`, `CompositorHitTestResult`, `TouchEventResult`
and `AnimationState`) are moved to embedder_traits, to avoid a
dependency cycle between `webrender_traits` and
`constellation_traits`.
- Types dealing with MessagePorts and serialization are moved to
`constellation_traits::message_port`.
Testing: This is covered by existing tests as it just moves types
around.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Propagate through documents a flag that represents if any of the
ancestor navigables has a potentially trustworthy origin.
The "potentially trustworthy origin" concept appears to have gotten
confused in a couple of places and we were instead testing if a URL had
"potentially trustworthy" properties.
The main test for the ancestor navigables is
[mixed-content/nested-iframes](https://github.com/web-platform-tests/wpt/blob/master/mixed-content/nested-iframes.window.js)
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by
`[X]` when the step is complete, and replace `___` with appropriate
data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix#36108
<!-- Either: -->
- [X] There are tests for these changes
---------
Signed-off-by: Sebastian C <sebsebmc@gmail.com>
* Migrate to 2024 edition
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Allow unsafe_op_in_unsafe_fn lint
This lint warns by default in the 2024
edition, but is *way* too noisy for servo.
We might enable it in the future, but not now.
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Compile using the 2024 edition
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
The `WebViewId` name is a lot more descriptive these days to the casual
reader, so I think we can go ahead and finish the rename.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
* Use 2024 style edition
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Reformat all code
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* script: Make DOM proxy handlers generic over DOM types.
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
* script: Make finalize and trace hooks generic over DOM types.
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
---------
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
`EmbedderMsg` was previously paired with an implicit
`Option<WebViewId>`, even though almost all variants were either always
`Some` or always `None`, depending on whether there was a `WebView
involved.
This patch adds the `WebViewId` to as many `EmbedderMsg` variants as
possible, so we can call their associated `WebView` delegate methods
without needing to check and unwrap the `Option`. In many cases, this
required more changes to plumb through the `WebViewId`.
Notably, all `Request`s now explicitly need a `WebView` or not, in order
to ensure that it is passed when appropriate.
Signed-off-by: Delan Azabani <dazabani@igalia.com>
Co-authored-by: Martin Robinson <mrobinson@igalia.com>
Previously, senders and receivers to different kinds of event loops (the
main `ScriptThread`, different types of workers) used a rust `trait`
mechanism to implement dynamic behavior. This led to having many unused
implementations of this `trait`. This change moves to using an `enum`
based approach for these senders and receivers and removes all of the
dead code.
In addition, to allowing for use of rust's dead code detection, it
simplifies the code a great deal. All of these generic senders and
receivers are moved to the `messaging.rs` file and given proper
documentation.
Finally, empty an `JSTraceable` implementation is made for all
crossbeam `Sender<...>`s to avoid having to manually skip them everytime
they are included in structs. The pre-existing empty `MallocSizeOf`
implementation is used more thoroughly.
Other unecessary wrappers around these senders and receivers are removed
as well.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
No longer hide errors while queueing tasks on the main thread. This
requires creating two types of `TaskSource`s: one for the main thread
and one that can be sent to other threads. This makes queueing a bit
more efficient on the main thread and more importantly, no longer hides
task queue errors.
Fixes#25688.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Mukilan Thiyagarajan <mukilan@igalia.com>
This is a simplification of the internal `TaskQueue` API that moves the
`TaskManager` to the `GlobalScope` itself. In addition, the handling of
cancellers is moved to the `TaskManager` as well. This means that no
arguments other than the `task` are necessary for queueing tasks, which
makes the API a lot easier to use and cleaner.
`TaskSource` now also keeps a copy of the canceller with it, so that
they always know the proper way to cancel any tasks queued on them.
There is one complication here. The event loop `sender` for dedicated
workers is constantly changing as it is set to `None` when not handling
messages. This is because this sender keeps a handle to the main
thread's `Worker` object, preventing garbage collection while any
messages are still in flight or being handled. This change allows
setting the `sender` on the `TaskManager` to `None` to allow proper
garbabge collection.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
The new version of rust allows us to elide some lifetimes and clippy is
now complaining about this. This change elides them where possible and
removes the clippy exceptions.
Fixes#34804.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Instead of creating a type for each `TaskSource` variety have each `TaskSource`
hold the same kind of sender (this was inconsistent before, but each
sender was effectively the same trait object), a pipeline, and a
`TaskSourceName`. This elminates the need to reimplement the same
queuing code for every task source.
In addition, have workers hold their own `TaskManager`. This allows just
exposing the manager on the `GlobalScope`. Currently the `TaskCanceller`
is different, but this will also be eliminated in a followup change.
This is a the first step toward having a shared set of `Sender`s on
`GlobalScope`.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Create two new data structures in the `script` crate to hold senders and
receiver:
- `ScriptThreadSenders`: holds all outgoing channels from the
`ScriptThread` including a channel to the `ScriptThread` itself. The
ultimate goal with this is to reduce duplication by giving a boxed
version of this this to `Window`s.
- `ScriptThradReceivers`: holds all incoming channels to the
`ScriptThread`. This isn't cloenable like the senders. This is used to
abstract away `recv()` and `try_recv()` methods used to make the
`ScriptThread` event loop easier to read.
In addition:
- The many duplicated `ScriptThread` self-senders for the `TaskManager`
have been removed and, in general, a lot of boilerplate is removed as
well.
- Visibilty of all methods affected by this change is changed to
`pub(crate)` in order to take advantage of dead code detection. Some
dead code produced from macros is removed.
- Some conversion code is refactord into implementations of the `From`
trait.
- The names of channels uses a standard "sender" and "receiver" naming
as well as trying to be descriptive of where they go in `ScriptThread`
as well as `InitialScriptState`
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Before all timers were managed by the Constellation process, meaning
that they had to trigger IPC calls to be scheduled and fired. Currently,
timers are only used in the `ScriptThread`, so it makes sense that they
are per-process.
This change restores the timer thread functionality that existed before
avoided entirely. Completion is done using a callback that is sent to
the timer thread similarly to how fetch is done. This allows reusing the
existing task queue without making any new channels.
Fixes#15219.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
* Make CanGc non-sendable, and add documentation.
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
* Update CanGc usage to fix usages that were moved between threads/tasks.
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
---------
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
* More files with CanGc fixes
Signed-off-by: L Ashwin B <lashwinib@gmail.com>
* removed the can_gc inside !task
Signed-off-by: L Ashwin B <lashwinib@gmail.com>
---------
Signed-off-by: L Ashwin B <lashwinib@gmail.com>
This change:
1. Adds safety documentation where it was missing.
2. Limits the scope of unsafe code in some cases to where it is actually
unsafe.
3. Converts some free functions to associated functions and methods,
thereby making them more likely to be called safely.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
