summaryrefslogtreecommitdiffstats
path: root/dom/workers/WorkerPrivate.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'dom/workers/WorkerPrivate.cpp')
-rw-r--r--dom/workers/WorkerPrivate.cpp6003
1 files changed, 6003 insertions, 0 deletions
diff --git a/dom/workers/WorkerPrivate.cpp b/dom/workers/WorkerPrivate.cpp
new file mode 100644
index 0000000000..fc349c1642
--- /dev/null
+++ b/dom/workers/WorkerPrivate.cpp
@@ -0,0 +1,6003 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "WorkerPrivate.h"
+
+#include <utility>
+
+#include "js/CallAndConstruct.h" // JS_CallFunctionValue
+#include "js/CompilationAndEvaluation.h"
+#include "js/ContextOptions.h"
+#include "js/Exception.h"
+#include "js/friend/ErrorMessages.h" // JSMSG_OUT_OF_MEMORY
+#include "js/LocaleSensitive.h"
+#include "js/MemoryMetrics.h"
+#include "js/SourceText.h"
+#include "MessageEventRunnable.h"
+#include "mozilla/AntiTrackingUtils.h"
+#include "mozilla/BasePrincipal.h"
+#include "mozilla/CycleCollectedJSContext.h"
+#include "mozilla/ExtensionPolicyService.h"
+#include "mozilla/ProfilerLabels.h"
+#include "mozilla/Result.h"
+#include "mozilla/ScopeExit.h"
+#include "mozilla/StaticPrefs_browser.h"
+#include "mozilla/StaticPrefs_dom.h"
+#include "mozilla/dom/BrowsingContextGroup.h"
+#include "mozilla/dom/CallbackDebuggerNotification.h"
+#include "mozilla/dom/ClientManager.h"
+#include "mozilla/dom/ClientState.h"
+#include "mozilla/dom/Console.h"
+#include "mozilla/dom/DocGroup.h"
+#include "mozilla/dom/Document.h"
+#include "mozilla/dom/DOMTypes.h"
+#include "mozilla/dom/Event.h"
+#include "mozilla/dom/Exceptions.h"
+#include "mozilla/dom/FunctionBinding.h"
+#include "mozilla/dom/IndexedDatabaseManager.h"
+#include "mozilla/dom/MessageEvent.h"
+#include "mozilla/dom/MessageEventBinding.h"
+#include "mozilla/dom/MessagePort.h"
+#include "mozilla/dom/MessagePortBinding.h"
+#include "mozilla/dom/nsCSPContext.h"
+#include "mozilla/dom/nsCSPUtils.h"
+#include "mozilla/dom/Performance.h"
+#include "mozilla/dom/PerformanceStorageWorker.h"
+#include "mozilla/dom/PromiseDebugging.h"
+#include "mozilla/dom/ReferrerInfo.h"
+#include "mozilla/dom/RemoteWorkerChild.h"
+#include "mozilla/dom/RemoteWorkerService.h"
+#include "mozilla/dom/RootedDictionary.h"
+#include "mozilla/dom/TimeoutHandler.h"
+#include "mozilla/dom/WorkerBinding.h"
+#include "mozilla/dom/WorkerScope.h"
+#include "mozilla/dom/WebTaskScheduler.h"
+#include "mozilla/dom/JSExecutionManager.h"
+#include "mozilla/dom/WindowContext.h"
+#include "mozilla/extensions/ExtensionBrowser.h" // extensions::Create{AndDispatchInitWorkerContext,WorkerLoaded,WorkerDestroyed}Runnable
+#include "mozilla/extensions/WebExtensionPolicy.h"
+#include "mozilla/StorageAccess.h"
+#include "mozilla/StoragePrincipalHelper.h"
+#include "mozilla/Telemetry.h"
+#include "mozilla/ThreadEventQueue.h"
+#include "mozilla/ThrottledEventQueue.h"
+#include "mozilla/TimelineConsumers.h"
+#include "mozilla/WorkerTimelineMarker.h"
+#include "nsCycleCollector.h"
+#include "nsGlobalWindowInner.h"
+#include "nsIDUtils.h"
+#include "nsNetUtil.h"
+#include "nsIFile.h"
+#include "nsIMemoryReporter.h"
+#include "nsIPermissionManager.h"
+#include "nsIProtocolHandler.h"
+#include "nsIScriptError.h"
+#include "nsIURI.h"
+#include "nsIURL.h"
+#include "nsIUUIDGenerator.h"
+#include "nsPrintfCString.h"
+#include "nsProxyRelease.h"
+#include "nsQueryObject.h"
+#include "nsRFPService.h"
+#include "nsSandboxFlags.h"
+#include "nsUTF8Utils.h"
+
+#include "RuntimeService.h"
+#include "ScriptLoader.h"
+#include "mozilla/dom/ServiceWorkerEvents.h"
+#include "mozilla/dom/ServiceWorkerManager.h"
+#include "mozilla/net/CookieJarSettings.h"
+#include "WorkerCSPEventListener.h"
+#include "WorkerDebugger.h"
+#include "WorkerDebuggerManager.h"
+#include "WorkerError.h"
+#include "WorkerEventTarget.h"
+#include "WorkerNavigator.h"
+#include "WorkerRef.h"
+#include "WorkerRunnable.h"
+#include "WorkerThread.h"
+#include "nsContentSecurityManager.h"
+
+#include "nsThreadManager.h"
+
+#ifdef XP_WIN
+# undef PostMessage
+#endif
+
+// JS_MaybeGC will run once every second during normal execution.
+#define PERIODIC_GC_TIMER_DELAY_SEC 1
+
+// A shrinking GC will run five seconds after the last event is processed.
+#define IDLE_GC_TIMER_DELAY_SEC 5
+
+static mozilla::LazyLogModule sWorkerPrivateLog("WorkerPrivate");
+static mozilla::LazyLogModule sWorkerTimeoutsLog("WorkerTimeouts");
+
+mozilla::LogModule* WorkerLog() { return sWorkerPrivateLog; }
+
+mozilla::LogModule* TimeoutsLog() { return sWorkerTimeoutsLog; }
+
+#ifdef LOG
+# undef LOG
+#endif
+#define LOG(log, _args) MOZ_LOG(log, LogLevel::Debug, _args);
+
+namespace mozilla {
+
+using namespace ipc;
+
+namespace dom {
+
+using namespace workerinternals;
+
+MOZ_DEFINE_MALLOC_SIZE_OF(JsWorkerMallocSizeOf)
+
+namespace {
+
+#ifdef DEBUG
+
+const nsIID kDEBUGWorkerEventTargetIID = {
+ 0xccaba3fa,
+ 0x5be2,
+ 0x4de2,
+ {0xba, 0x87, 0x3b, 0x3b, 0x5b, 0x1d, 0x5, 0xfb}};
+
+#endif
+
+template <class T>
+class UniquePtrComparator {
+ using A = UniquePtr<T>;
+ using B = T*;
+
+ public:
+ bool Equals(const A& a, const A& b) const {
+ return (a && b) ? (*a == *b) : (!a && !b);
+ }
+ bool LessThan(const A& a, const A& b) const {
+ return (a && b) ? (*a < *b) : !!b;
+ }
+};
+
+template <class T>
+inline UniquePtrComparator<T> GetUniquePtrComparator(
+ const nsTArray<UniquePtr<T>>&) {
+ return UniquePtrComparator<T>();
+}
+
+// This class is used to wrap any runnables that the worker receives via the
+// nsIEventTarget::Dispatch() method (either from NS_DispatchToCurrentThread or
+// from the worker's EventTarget).
+class ExternalRunnableWrapper final : public WorkerRunnable {
+ nsCOMPtr<nsIRunnable> mWrappedRunnable;
+
+ public:
+ ExternalRunnableWrapper(WorkerPrivate* aWorkerPrivate,
+ nsIRunnable* aWrappedRunnable)
+ : WorkerRunnable(aWorkerPrivate, WorkerThreadUnchangedBusyCount),
+ mWrappedRunnable(aWrappedRunnable) {
+ MOZ_ASSERT(aWorkerPrivate);
+ MOZ_ASSERT(aWrappedRunnable);
+ }
+
+ NS_INLINE_DECL_REFCOUNTING_INHERITED(ExternalRunnableWrapper, WorkerRunnable)
+
+ private:
+ ~ExternalRunnableWrapper() = default;
+
+ virtual bool PreDispatch(WorkerPrivate* aWorkerPrivate) override {
+ // Silence bad assertions.
+ return true;
+ }
+
+ virtual void PostDispatch(WorkerPrivate* aWorkerPrivate,
+ bool aDispatchResult) override {
+ // Silence bad assertions.
+ }
+
+ virtual bool WorkerRun(JSContext* aCx,
+ WorkerPrivate* aWorkerPrivate) override {
+ nsresult rv = mWrappedRunnable->Run();
+ mWrappedRunnable = nullptr;
+ if (NS_FAILED(rv)) {
+ if (!JS_IsExceptionPending(aCx)) {
+ Throw(aCx, rv);
+ }
+ return false;
+ }
+ return true;
+ }
+
+ nsresult Cancel() override {
+ // We need to check first if cancel is called twice
+ nsresult rv = WorkerRunnable::Cancel();
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ nsCOMPtr<nsIDiscardableRunnable> doomed =
+ do_QueryInterface(mWrappedRunnable);
+ MOZ_ASSERT(doomed); // We checked this earlier!
+ doomed->OnDiscard();
+ mWrappedRunnable = nullptr;
+ return NS_OK;
+ }
+};
+
+struct WindowAction {
+ nsPIDOMWindowInner* mWindow;
+ bool mDefaultAction;
+
+ MOZ_IMPLICIT WindowAction(nsPIDOMWindowInner* aWindow)
+ : mWindow(aWindow), mDefaultAction(true) {}
+
+ bool operator==(const WindowAction& aOther) const {
+ return mWindow == aOther.mWindow;
+ }
+};
+
+class WorkerFinishedRunnable final : public WorkerControlRunnable {
+ WorkerPrivate* mFinishedWorker;
+
+ public:
+ WorkerFinishedRunnable(WorkerPrivate* aWorkerPrivate,
+ WorkerPrivate* aFinishedWorker)
+ : WorkerControlRunnable(aWorkerPrivate, WorkerThreadUnchangedBusyCount),
+ mFinishedWorker(aFinishedWorker) {
+ aFinishedWorker->IncreaseWorkerFinishedRunnableCount();
+ }
+
+ private:
+ virtual bool PreDispatch(WorkerPrivate* aWorkerPrivate) override {
+ // Silence bad assertions.
+ return true;
+ }
+
+ virtual void PostDispatch(WorkerPrivate* aWorkerPrivate,
+ bool aDispatchResult) override {
+ // Silence bad assertions.
+ }
+
+ virtual bool WorkerRun(JSContext* aCx,
+ WorkerPrivate* aWorkerPrivate) override {
+ // This may block on the main thread.
+ AutoYieldJSThreadExecution yield;
+
+ mFinishedWorker->DecreaseWorkerFinishedRunnableCount();
+
+ if (!mFinishedWorker->ProxyReleaseMainThreadObjects()) {
+ NS_WARNING("Failed to dispatch, going to leak!");
+ }
+
+ RuntimeService* runtime = RuntimeService::GetService();
+ NS_ASSERTION(runtime, "This should never be null!");
+
+ mFinishedWorker->DisableDebugger();
+
+ runtime->UnregisterWorker(*mFinishedWorker);
+
+ mFinishedWorker->ClearSelfAndParentEventTargetRef();
+ return true;
+ }
+};
+
+class TopLevelWorkerFinishedRunnable final : public Runnable {
+ WorkerPrivate* mFinishedWorker;
+
+ public:
+ explicit TopLevelWorkerFinishedRunnable(WorkerPrivate* aFinishedWorker)
+ : mozilla::Runnable("TopLevelWorkerFinishedRunnable"),
+ mFinishedWorker(aFinishedWorker) {
+ aFinishedWorker->AssertIsOnWorkerThread();
+ aFinishedWorker->IncreaseTopLevelWorkerFinishedRunnableCount();
+ }
+
+ NS_INLINE_DECL_REFCOUNTING_INHERITED(TopLevelWorkerFinishedRunnable, Runnable)
+
+ private:
+ ~TopLevelWorkerFinishedRunnable() = default;
+
+ NS_IMETHOD
+ Run() override {
+ AssertIsOnMainThread();
+
+ mFinishedWorker->DecreaseTopLevelWorkerFinishedRunnableCount();
+
+ RuntimeService* runtime = RuntimeService::GetService();
+ MOZ_ASSERT(runtime);
+
+ mFinishedWorker->DisableDebugger();
+
+ runtime->UnregisterWorker(*mFinishedWorker);
+
+ if (!mFinishedWorker->ProxyReleaseMainThreadObjects()) {
+ NS_WARNING("Failed to dispatch, going to leak!");
+ }
+
+ mFinishedWorker->ClearSelfAndParentEventTargetRef();
+ return NS_OK;
+ }
+};
+
+class ModifyBusyCountRunnable final : public WorkerControlRunnable {
+ bool mIncrease;
+
+ public:
+ ModifyBusyCountRunnable(WorkerPrivate* aWorkerPrivate, bool aIncrease)
+ : WorkerControlRunnable(aWorkerPrivate, ParentThreadUnchangedBusyCount),
+ mIncrease(aIncrease) {}
+
+ private:
+ virtual bool WorkerRun(JSContext* aCx,
+ WorkerPrivate* aWorkerPrivate) override {
+ return aWorkerPrivate->ModifyBusyCount(mIncrease);
+ }
+
+ virtual void PostRun(JSContext* aCx, WorkerPrivate* aWorkerPrivate,
+ bool aRunResult) override {
+ if (mIncrease) {
+ WorkerControlRunnable::PostRun(aCx, aWorkerPrivate, aRunResult);
+ return;
+ }
+ // Don't do anything here as it's possible that aWorkerPrivate has been
+ // deleted.
+ }
+};
+
+class CompileScriptRunnable final : public WorkerDebuggeeRunnable {
+ nsString mScriptURL;
+ const mozilla::Encoding* mDocumentEncoding;
+ UniquePtr<SerializedStackHolder> mOriginStack;
+
+ public:
+ explicit CompileScriptRunnable(WorkerPrivate* aWorkerPrivate,
+ UniquePtr<SerializedStackHolder> aOriginStack,
+ const nsAString& aScriptURL,
+ const mozilla::Encoding* aDocumentEncoding)
+ : WorkerDebuggeeRunnable(aWorkerPrivate, WorkerThreadModifyBusyCount),
+ mScriptURL(aScriptURL),
+ mDocumentEncoding(aDocumentEncoding),
+ mOriginStack(aOriginStack.release()) {}
+
+ private:
+ // We can't implement PreRun effectively, because at the point when that would
+ // run we have not yet done our load so don't know things like our final
+ // principal and whatnot.
+
+ virtual bool WorkerRun(JSContext* aCx,
+ WorkerPrivate* aWorkerPrivate) override {
+ aWorkerPrivate->AssertIsOnWorkerThread();
+
+ WorkerGlobalScope* globalScope =
+ aWorkerPrivate->GetOrCreateGlobalScope(aCx);
+ if (NS_WARN_IF(!globalScope)) {
+ return false;
+ }
+
+ if (NS_WARN_IF(!aWorkerPrivate->EnsureCSPEventListener())) {
+ return false;
+ }
+
+ ErrorResult rv;
+ workerinternals::LoadMainScript(aWorkerPrivate, std::move(mOriginStack),
+ mScriptURL, WorkerScript, rv,
+ mDocumentEncoding);
+
+ if (aWorkerPrivate->ExtensionAPIAllowed()) {
+ MOZ_ASSERT(aWorkerPrivate->IsServiceWorker());
+ RefPtr<Runnable> extWorkerRunnable =
+ extensions::CreateWorkerLoadedRunnable(
+ aWorkerPrivate->ServiceWorkerID(), aWorkerPrivate->GetBaseURI());
+ // Dispatch as a low priority runnable.
+ if (NS_FAILED(aWorkerPrivate->DispatchToMainThreadForMessaging(
+ extWorkerRunnable.forget()))) {
+ NS_WARNING(
+ "Failed to dispatch runnable to notify extensions worker loaded");
+ }
+ }
+
+ rv.WouldReportJSException();
+ // Explicitly ignore NS_BINDING_ABORTED on rv. Or more precisely, still
+ // return false and don't SetWorkerScriptExecutedSuccessfully() in that
+ // case, but don't throw anything on aCx. The idea is to not dispatch error
+ // events if our load is canceled with that error code.
+ if (rv.ErrorCodeIs(NS_BINDING_ABORTED)) {
+ rv.SuppressException();
+ return false;
+ }
+
+ // Make sure to propagate exceptions from rv onto aCx, so that they will get
+ // reported after we return. We want to propagate just JS exceptions,
+ // because all the other errors are handled when the script is loaded.
+ // See: https://dom.spec.whatwg.org/#concept-event-fire
+ if (rv.Failed() && !rv.IsJSException()) {
+ WorkerErrorReport::CreateAndDispatchGenericErrorRunnableToParent(
+ aWorkerPrivate);
+ rv.SuppressException();
+ return false;
+ }
+
+ // This is a little dumb, but aCx is in the null realm here because we
+ // set it up that way in our Run(), since we had not created the global at
+ // that point yet. So we need to enter the realm of our global,
+ // because setting a pending exception on aCx involves wrapping into its
+ // current compartment. Luckily we have a global now.
+ JSAutoRealm ar(aCx, globalScope->GetGlobalJSObject());
+ if (rv.MaybeSetPendingException(aCx)) {
+ // In the event of an uncaught exception, the worker should still keep
+ // running (return true) but should not be marked as having executed
+ // successfully (which will cause ServiceWorker installation to fail).
+ // In previous error handling cases in this method, we return false (to
+ // trigger CloseInternal) because the global is not in an operable
+ // state at all.
+ //
+ // For ServiceWorkers, this would correspond to the "Run Service Worker"
+ // algorithm returning an "abrupt completion" and _not_ failure.
+ //
+ // For DedicatedWorkers and SharedWorkers, this would correspond to the
+ // "run a worker" algorithm disregarding the return value of "run the
+ // classic script"/"run the module script" in step 24:
+ //
+ // "If script is a classic script, then run the classic script script.
+ // Otherwise, it is a module script; run the module script script."
+ return true;
+ }
+
+ aWorkerPrivate->SetWorkerScriptExecutedSuccessfully();
+ return true;
+ }
+
+ void PostRun(JSContext* aCx, WorkerPrivate* aWorkerPrivate,
+ bool aRunResult) override {
+ if (!aRunResult) {
+ aWorkerPrivate->CloseInternal();
+ }
+ WorkerRunnable::PostRun(aCx, aWorkerPrivate, aRunResult);
+ }
+};
+
+class NotifyRunnable final : public WorkerControlRunnable {
+ WorkerStatus mStatus;
+
+ public:
+ NotifyRunnable(WorkerPrivate* aWorkerPrivate, WorkerStatus aStatus)
+ : WorkerControlRunnable(aWorkerPrivate, WorkerThreadUnchangedBusyCount),
+ mStatus(aStatus) {
+ MOZ_ASSERT(aStatus == Closing || aStatus == Canceling ||
+ aStatus == Killing);
+ }
+
+ private:
+ virtual bool PreDispatch(WorkerPrivate* aWorkerPrivate) override {
+ aWorkerPrivate->AssertIsOnParentThread();
+ return aWorkerPrivate->ModifyBusyCount(true);
+ }
+
+ virtual void PostDispatch(WorkerPrivate* aWorkerPrivate,
+ bool aDispatchResult) override {
+ aWorkerPrivate->AssertIsOnParentThread();
+ if (!aDispatchResult) {
+ // We couldn't dispatch to the worker, which means it's already dead.
+ // Undo the busy count modification.
+ aWorkerPrivate->ModifyBusyCount(false);
+ }
+ }
+
+ virtual void PostRun(JSContext* aCx, WorkerPrivate* aWorkerPrivate,
+ bool aRunResult) override {
+ aWorkerPrivate->ModifyBusyCountFromWorker(false);
+ }
+
+ virtual bool WorkerRun(JSContext* aCx,
+ WorkerPrivate* aWorkerPrivate) override {
+ return aWorkerPrivate->NotifyInternal(mStatus);
+ }
+};
+
+class FreezeRunnable final : public WorkerControlRunnable {
+ public:
+ explicit FreezeRunnable(WorkerPrivate* aWorkerPrivate)
+ : WorkerControlRunnable(aWorkerPrivate, WorkerThreadUnchangedBusyCount) {}
+
+ private:
+ virtual bool WorkerRun(JSContext* aCx,
+ WorkerPrivate* aWorkerPrivate) override {
+ return aWorkerPrivate->FreezeInternal();
+ }
+};
+
+class ThawRunnable final : public WorkerControlRunnable {
+ public:
+ explicit ThawRunnable(WorkerPrivate* aWorkerPrivate)
+ : WorkerControlRunnable(aWorkerPrivate, WorkerThreadUnchangedBusyCount) {}
+
+ private:
+ virtual bool WorkerRun(JSContext* aCx,
+ WorkerPrivate* aWorkerPrivate) override {
+ return aWorkerPrivate->ThawInternal();
+ }
+};
+
+class PropagateStorageAccessPermissionGrantedRunnable final
+ : public WorkerControlRunnable {
+ public:
+ explicit PropagateStorageAccessPermissionGrantedRunnable(
+ WorkerPrivate* aWorkerPrivate)
+ : WorkerControlRunnable(aWorkerPrivate, WorkerThreadUnchangedBusyCount) {}
+
+ private:
+ bool WorkerRun(JSContext* aCx, WorkerPrivate* aWorkerPrivate) override {
+ aWorkerPrivate->PropagateStorageAccessPermissionGrantedInternal();
+ return true;
+ }
+};
+
+class ReportErrorToConsoleRunnable final : public WorkerRunnable {
+ const char* mMessage;
+ const nsTArray<nsString> mParams;
+
+ public:
+ // aWorkerPrivate is the worker thread we're on (or the main thread, if null)
+ static void Report(WorkerPrivate* aWorkerPrivate, const char* aMessage,
+ const nsTArray<nsString>& aParams) {
+ if (aWorkerPrivate) {
+ aWorkerPrivate->AssertIsOnWorkerThread();
+ } else {
+ AssertIsOnMainThread();
+ }
+
+ // Now fire a runnable to do the same on the parent's thread if we can.
+ if (aWorkerPrivate) {
+ RefPtr<ReportErrorToConsoleRunnable> runnable =
+ new ReportErrorToConsoleRunnable(aWorkerPrivate, aMessage, aParams);
+ runnable->Dispatch();
+ return;
+ }
+
+ // Log a warning to the console.
+ nsContentUtils::ReportToConsole(nsIScriptError::warningFlag, "DOM"_ns,
+ nullptr, nsContentUtils::eDOM_PROPERTIES,
+ aMessage, aParams);
+ }
+
+ private:
+ ReportErrorToConsoleRunnable(WorkerPrivate* aWorkerPrivate,
+ const char* aMessage,
+ const nsTArray<nsString>& aParams)
+ : WorkerRunnable(aWorkerPrivate, ParentThreadUnchangedBusyCount),
+ mMessage(aMessage),
+ mParams(aParams.Clone()) {}
+
+ virtual void PostDispatch(WorkerPrivate* aWorkerPrivate,
+ bool aDispatchResult) override {
+ aWorkerPrivate->AssertIsOnWorkerThread();
+
+ // Dispatch may fail if the worker was canceled, no need to report that as
+ // an error, so don't call base class PostDispatch.
+ }
+
+ virtual bool WorkerRun(JSContext* aCx,
+ WorkerPrivate* aWorkerPrivate) override {
+ WorkerPrivate* parent = aWorkerPrivate->GetParent();
+ MOZ_ASSERT_IF(!parent, NS_IsMainThread());
+ Report(parent, mMessage, mParams);
+ return true;
+ }
+};
+
+class TimerRunnable final : public WorkerRunnable,
+ public nsITimerCallback,
+ public nsINamed {
+ public:
+ NS_DECL_ISUPPORTS_INHERITED
+
+ explicit TimerRunnable(WorkerPrivate* aWorkerPrivate)
+ : WorkerRunnable(aWorkerPrivate, WorkerThreadUnchangedBusyCount) {}
+
+ private:
+ ~TimerRunnable() = default;
+
+ virtual bool PreDispatch(WorkerPrivate* aWorkerPrivate) override {
+ // Silence bad assertions.
+ return true;
+ }
+
+ virtual void PostDispatch(WorkerPrivate* aWorkerPrivate,
+ bool aDispatchResult) override {
+ // Silence bad assertions.
+ }
+
+ // MOZ_CAN_RUN_SCRIPT_BOUNDARY until worker runnables are generally
+ // MOZ_CAN_RUN_SCRIPT.
+ MOZ_CAN_RUN_SCRIPT_BOUNDARY
+ virtual bool WorkerRun(JSContext* aCx,
+ WorkerPrivate* aWorkerPrivate) override {
+ return aWorkerPrivate->RunExpiredTimeouts(aCx);
+ }
+
+ NS_IMETHOD
+ Notify(nsITimer* aTimer) override { return Run(); }
+
+ NS_IMETHOD
+ GetName(nsACString& aName) override {
+ aName.AssignLiteral("TimerRunnable");
+ return NS_OK;
+ }
+};
+
+NS_IMPL_ISUPPORTS_INHERITED(TimerRunnable, WorkerRunnable, nsITimerCallback,
+ nsINamed)
+
+class DebuggerImmediateRunnable : public WorkerRunnable {
+ RefPtr<dom::Function> mHandler;
+
+ public:
+ explicit DebuggerImmediateRunnable(WorkerPrivate* aWorkerPrivate,
+ dom::Function& aHandler)
+ : WorkerRunnable(aWorkerPrivate, WorkerThreadUnchangedBusyCount),
+ mHandler(&aHandler) {}
+
+ private:
+ virtual bool IsDebuggerRunnable() const override { return true; }
+
+ virtual bool PreDispatch(WorkerPrivate* aWorkerPrivate) override {
+ // Silence bad assertions.
+ return true;
+ }
+
+ virtual void PostDispatch(WorkerPrivate* aWorkerPrivate,
+ bool aDispatchResult) override {
+ // Silence bad assertions.
+ }
+
+ virtual bool WorkerRun(JSContext* aCx,
+ WorkerPrivate* aWorkerPrivate) override {
+ JS::Rooted<JSObject*> global(aCx, JS::CurrentGlobalOrNull(aCx));
+ JS::Rooted<JS::Value> callable(
+ aCx, JS::ObjectOrNullValue(mHandler->CallableOrNull()));
+ JS::HandleValueArray args = JS::HandleValueArray::empty();
+ JS::Rooted<JS::Value> rval(aCx);
+
+ // WorkerRunnable::Run will report the exception if it happens.
+ return JS_CallFunctionValue(aCx, global, callable, args, &rval);
+ }
+};
+
+// GetJSContext() is safe on the worker thread
+void PeriodicGCTimerCallback(nsITimer* aTimer,
+ void* aClosure) MOZ_NO_THREAD_SAFETY_ANALYSIS {
+ auto* workerPrivate = static_cast<WorkerPrivate*>(aClosure);
+ MOZ_DIAGNOSTIC_ASSERT(workerPrivate);
+ workerPrivate->AssertIsOnWorkerThread();
+ workerPrivate->GarbageCollectInternal(workerPrivate->GetJSContext(),
+ false /* shrinking */,
+ false /* collect children */);
+ LOG(WorkerLog(), ("Worker %p run periodic GC\n", workerPrivate));
+}
+
+void IdleGCTimerCallback(nsITimer* aTimer,
+ void* aClosure) MOZ_NO_THREAD_SAFETY_ANALYSIS {
+ auto* workerPrivate = static_cast<WorkerPrivate*>(aClosure);
+ MOZ_DIAGNOSTIC_ASSERT(workerPrivate);
+ workerPrivate->AssertIsOnWorkerThread();
+ workerPrivate->GarbageCollectInternal(workerPrivate->GetJSContext(),
+ true /* shrinking */,
+ false /* collect children */);
+ LOG(WorkerLog(), ("Worker %p run idle GC\n", workerPrivate));
+
+ // After running idle GC we can cancel the current timers.
+ workerPrivate->CancelGCTimers();
+}
+
+class UpdateContextOptionsRunnable final : public WorkerControlRunnable {
+ JS::ContextOptions mContextOptions;
+
+ public:
+ UpdateContextOptionsRunnable(WorkerPrivate* aWorkerPrivate,
+ const JS::ContextOptions& aContextOptions)
+ : WorkerControlRunnable(aWorkerPrivate, WorkerThreadUnchangedBusyCount),
+ mContextOptions(aContextOptions) {}
+
+ private:
+ virtual bool WorkerRun(JSContext* aCx,
+ WorkerPrivate* aWorkerPrivate) override {
+ aWorkerPrivate->UpdateContextOptionsInternal(aCx, mContextOptions);
+ return true;
+ }
+};
+
+class UpdateLanguagesRunnable final : public WorkerRunnable {
+ nsTArray<nsString> mLanguages;
+
+ public:
+ UpdateLanguagesRunnable(WorkerPrivate* aWorkerPrivate,
+ const nsTArray<nsString>& aLanguages)
+ : WorkerRunnable(aWorkerPrivate), mLanguages(aLanguages.Clone()) {}
+
+ virtual bool WorkerRun(JSContext* aCx,
+ WorkerPrivate* aWorkerPrivate) override {
+ aWorkerPrivate->UpdateLanguagesInternal(mLanguages);
+ return true;
+ }
+};
+
+class UpdateJSWorkerMemoryParameterRunnable final
+ : public WorkerControlRunnable {
+ Maybe<uint32_t> mValue;
+ JSGCParamKey mKey;
+
+ public:
+ UpdateJSWorkerMemoryParameterRunnable(WorkerPrivate* aWorkerPrivate,
+ JSGCParamKey aKey,
+ Maybe<uint32_t> aValue)
+ : WorkerControlRunnable(aWorkerPrivate, WorkerThreadUnchangedBusyCount),
+ mValue(aValue),
+ mKey(aKey) {}
+
+ private:
+ virtual bool WorkerRun(JSContext* aCx,
+ WorkerPrivate* aWorkerPrivate) override {
+ aWorkerPrivate->UpdateJSWorkerMemoryParameterInternal(aCx, mKey, mValue);
+ return true;
+ }
+};
+
+#ifdef JS_GC_ZEAL
+class UpdateGCZealRunnable final : public WorkerControlRunnable {
+ uint8_t mGCZeal;
+ uint32_t mFrequency;
+
+ public:
+ UpdateGCZealRunnable(WorkerPrivate* aWorkerPrivate, uint8_t aGCZeal,
+ uint32_t aFrequency)
+ : WorkerControlRunnable(aWorkerPrivate, WorkerThreadUnchangedBusyCount),
+ mGCZeal(aGCZeal),
+ mFrequency(aFrequency) {}
+
+ private:
+ virtual bool WorkerRun(JSContext* aCx,
+ WorkerPrivate* aWorkerPrivate) override {
+ aWorkerPrivate->UpdateGCZealInternal(aCx, mGCZeal, mFrequency);
+ return true;
+ }
+};
+#endif
+
+class SetLowMemoryStateRunnable final : public WorkerControlRunnable {
+ bool mState;
+
+ public:
+ SetLowMemoryStateRunnable(WorkerPrivate* aWorkerPrivate, bool aState)
+ : WorkerControlRunnable(aWorkerPrivate, WorkerThreadUnchangedBusyCount),
+ mState(aState) {}
+
+ private:
+ virtual bool WorkerRun(JSContext* aCx,
+ WorkerPrivate* aWorkerPrivate) override {
+ aWorkerPrivate->SetLowMemoryStateInternal(aCx, mState);
+ return true;
+ }
+};
+
+class GarbageCollectRunnable final : public WorkerControlRunnable {
+ bool mShrinking;
+ bool mCollectChildren;
+
+ public:
+ GarbageCollectRunnable(WorkerPrivate* aWorkerPrivate, bool aShrinking,
+ bool aCollectChildren)
+ : WorkerControlRunnable(aWorkerPrivate, WorkerThreadUnchangedBusyCount),
+ mShrinking(aShrinking),
+ mCollectChildren(aCollectChildren) {}
+
+ private:
+ virtual bool PreDispatch(WorkerPrivate* aWorkerPrivate) override {
+ // Silence bad assertions, this can be dispatched from either the main
+ // thread or the timer thread..
+ return true;
+ }
+
+ virtual void PostDispatch(WorkerPrivate* aWorkerPrivate,
+ bool aDispatchResult) override {
+ // Silence bad assertions, this can be dispatched from either the main
+ // thread or the timer thread..
+ }
+
+ virtual bool WorkerRun(JSContext* aCx,
+ WorkerPrivate* aWorkerPrivate) override {
+ aWorkerPrivate->GarbageCollectInternal(aCx, mShrinking, mCollectChildren);
+ if (mShrinking) {
+ // Either we've run the idle GC or explicit GC call from the parent,
+ // we can cancel the current timers.
+ aWorkerPrivate->CancelGCTimers();
+ }
+ return true;
+ }
+};
+
+class CycleCollectRunnable : public WorkerControlRunnable {
+ bool mCollectChildren;
+
+ public:
+ CycleCollectRunnable(WorkerPrivate* aWorkerPrivate, bool aCollectChildren)
+ : WorkerControlRunnable(aWorkerPrivate, WorkerThreadUnchangedBusyCount),
+ mCollectChildren(aCollectChildren) {}
+
+ bool WorkerRun(JSContext* aCx, WorkerPrivate* aWorkerPrivate) override {
+ aWorkerPrivate->CycleCollectInternal(mCollectChildren);
+ return true;
+ }
+};
+
+class OfflineStatusChangeRunnable : public WorkerRunnable {
+ public:
+ OfflineStatusChangeRunnable(WorkerPrivate* aWorkerPrivate, bool aIsOffline)
+ : WorkerRunnable(aWorkerPrivate), mIsOffline(aIsOffline) {}
+
+ bool WorkerRun(JSContext* aCx, WorkerPrivate* aWorkerPrivate) override {
+ aWorkerPrivate->OfflineStatusChangeEventInternal(mIsOffline);
+ return true;
+ }
+
+ private:
+ bool mIsOffline;
+};
+
+class MemoryPressureRunnable : public WorkerControlRunnable {
+ public:
+ explicit MemoryPressureRunnable(WorkerPrivate* aWorkerPrivate)
+ : WorkerControlRunnable(aWorkerPrivate, WorkerThreadUnchangedBusyCount) {}
+
+ bool WorkerRun(JSContext* aCx, WorkerPrivate* aWorkerPrivate) override {
+ aWorkerPrivate->MemoryPressureInternal();
+ return true;
+ }
+};
+
+#ifdef DEBUG
+static bool StartsWithExplicit(nsACString& s) {
+ return StringBeginsWith(s, "explicit/"_ns);
+}
+#endif
+
+PRThread* PRThreadFromThread(nsIThread* aThread) {
+ MOZ_ASSERT(aThread);
+
+ PRThread* result;
+ MOZ_ALWAYS_SUCCEEDS(aThread->GetPRThread(&result));
+ MOZ_ASSERT(result);
+
+ return result;
+}
+
+// A runnable to cancel the worker from the parent thread when self.close() is
+// called. This runnable is executed on the parent process in order to cancel
+// the current runnable. It uses a normal WorkerDebuggeeRunnable in order to be
+// sure that all the pending WorkerDebuggeeRunnables are executed before this.
+class CancelingOnParentRunnable final : public WorkerDebuggeeRunnable {
+ public:
+ explicit CancelingOnParentRunnable(WorkerPrivate* aWorkerPrivate)
+ : WorkerDebuggeeRunnable(aWorkerPrivate, ParentThreadUnchangedBusyCount) {
+ }
+
+ bool WorkerRun(JSContext* aCx, WorkerPrivate* aWorkerPrivate) override {
+ aWorkerPrivate->Cancel();
+ return true;
+ }
+};
+
+// A runnable to cancel the worker from the parent process.
+class CancelingWithTimeoutOnParentRunnable final
+ : public WorkerControlRunnable {
+ public:
+ explicit CancelingWithTimeoutOnParentRunnable(WorkerPrivate* aWorkerPrivate)
+ : WorkerControlRunnable(aWorkerPrivate, ParentThreadUnchangedBusyCount) {}
+
+ bool WorkerRun(JSContext* aCx, WorkerPrivate* aWorkerPrivate) override {
+ aWorkerPrivate->AssertIsOnParentThread();
+ aWorkerPrivate->StartCancelingTimer();
+ return true;
+ }
+};
+
+class CancelingTimerCallback final : public nsITimerCallback {
+ public:
+ NS_DECL_ISUPPORTS
+
+ explicit CancelingTimerCallback(WorkerPrivate* aWorkerPrivate)
+ : mWorkerPrivate(aWorkerPrivate) {}
+
+ NS_IMETHOD
+ Notify(nsITimer* aTimer) override {
+ mWorkerPrivate->AssertIsOnParentThread();
+ mWorkerPrivate->Cancel();
+ return NS_OK;
+ }
+
+ private:
+ ~CancelingTimerCallback() = default;
+
+ // Raw pointer here is OK because the timer is canceled during the shutdown
+ // steps.
+ WorkerPrivate* mWorkerPrivate;
+};
+
+NS_IMPL_ISUPPORTS(CancelingTimerCallback, nsITimerCallback)
+
+// This runnable starts the canceling of a worker after a self.close().
+class CancelingRunnable final : public Runnable {
+ public:
+ CancelingRunnable() : Runnable("CancelingRunnable") {}
+
+ NS_IMETHOD
+ Run() override {
+ WorkerPrivate* workerPrivate = GetCurrentThreadWorkerPrivate();
+ MOZ_ASSERT(workerPrivate);
+ workerPrivate->AssertIsOnWorkerThread();
+
+ // Now we can cancel the this worker from the parent process.
+ RefPtr<CancelingOnParentRunnable> r =
+ new CancelingOnParentRunnable(workerPrivate);
+ r->Dispatch();
+
+ return NS_OK;
+ }
+};
+
+} /* anonymous namespace */
+
+nsString ComputeWorkerPrivateId() {
+ nsID uuid = nsID::GenerateUUID();
+ return NSID_TrimBracketsUTF16(uuid);
+}
+
+class WorkerPrivate::EventTarget final : public nsISerialEventTarget {
+ // This mutex protects mWorkerPrivate and must be acquired *before* the
+ // WorkerPrivate's mutex whenever they must both be held.
+ mozilla::Mutex mMutex;
+ WorkerPrivate* mWorkerPrivate MOZ_GUARDED_BY(mMutex);
+ nsCOMPtr<nsIEventTarget> mNestedEventTarget MOZ_GUARDED_BY(mMutex);
+ bool mDisabled MOZ_GUARDED_BY(mMutex);
+ bool mShutdown MOZ_GUARDED_BY(mMutex);
+
+ public:
+ EventTarget(WorkerPrivate* aWorkerPrivate, nsIEventTarget* aNestedEventTarget)
+ : mMutex("WorkerPrivate::EventTarget::mMutex"),
+ mWorkerPrivate(aWorkerPrivate),
+ mNestedEventTarget(aNestedEventTarget),
+ mDisabled(false),
+ mShutdown(false) {
+ MOZ_ASSERT(aWorkerPrivate);
+ MOZ_ASSERT(aNestedEventTarget);
+ }
+
+ void Disable() {
+ {
+ MutexAutoLock lock(mMutex);
+
+ // Note, Disable() can be called more than once safely.
+ mDisabled = true;
+ }
+ }
+
+ void Shutdown() {
+ nsCOMPtr<nsIEventTarget> nestedEventTarget;
+ {
+ MutexAutoLock lock(mMutex);
+
+ mWorkerPrivate = nullptr;
+ mNestedEventTarget.swap(nestedEventTarget);
+ MOZ_ASSERT(mDisabled);
+ mShutdown = true;
+ }
+ }
+
+ RefPtr<nsIEventTarget> GetNestedEventTarget() {
+ RefPtr<nsIEventTarget> nestedEventTarget = nullptr;
+ {
+ MutexAutoLock lock(mMutex);
+ if (mWorkerPrivate) {
+ mWorkerPrivate->AssertIsOnWorkerThread();
+ nestedEventTarget = mNestedEventTarget.get();
+ }
+ }
+ return nestedEventTarget;
+ }
+
+ NS_DECL_THREADSAFE_ISUPPORTS
+ NS_DECL_NSIEVENTTARGET_FULL
+
+ private:
+ ~EventTarget() = default;
+};
+
+struct WorkerPrivate::TimeoutInfo {
+ TimeoutInfo()
+ : mId(0),
+ mNestingLevel(0),
+ mReason(Timeout::Reason::eTimeoutOrInterval),
+ mIsInterval(false),
+ mCanceled(false),
+ mOnChromeWorker(false) {
+ MOZ_COUNT_CTOR(mozilla::dom::WorkerPrivate::TimeoutInfo);
+ }
+
+ ~TimeoutInfo() { MOZ_COUNT_DTOR(mozilla::dom::WorkerPrivate::TimeoutInfo); }
+
+ bool operator==(const TimeoutInfo& aOther) const {
+ return mTargetTime == aOther.mTargetTime;
+ }
+
+ bool operator<(const TimeoutInfo& aOther) const {
+ return mTargetTime < aOther.mTargetTime;
+ }
+
+ void AccumulateNestingLevel(const uint32_t& aBaseLevel) {
+ if (aBaseLevel < StaticPrefs::dom_clamp_timeout_nesting_level_AtStartup()) {
+ mNestingLevel = aBaseLevel + 1;
+ return;
+ }
+ mNestingLevel = StaticPrefs::dom_clamp_timeout_nesting_level_AtStartup();
+ }
+
+ void CalculateTargetTime() {
+ auto target = mInterval;
+ // Don't clamp timeout for chrome workers
+ if (mNestingLevel >=
+ StaticPrefs::dom_clamp_timeout_nesting_level_AtStartup() &&
+ !mOnChromeWorker) {
+ target = TimeDuration::Max(
+ mInterval,
+ TimeDuration::FromMilliseconds(StaticPrefs::dom_min_timeout_value()));
+ }
+ mTargetTime = TimeStamp::Now() + target;
+ }
+
+ RefPtr<TimeoutHandler> mHandler;
+ mozilla::TimeStamp mTargetTime;
+ mozilla::TimeDuration mInterval;
+ int32_t mId;
+ uint32_t mNestingLevel;
+ Timeout::Reason mReason;
+ bool mIsInterval;
+ bool mCanceled;
+ bool mOnChromeWorker;
+};
+
+class WorkerJSContextStats final : public JS::RuntimeStats {
+ const nsCString mRtPath;
+
+ public:
+ explicit WorkerJSContextStats(const nsACString& aRtPath)
+ : JS::RuntimeStats(JsWorkerMallocSizeOf), mRtPath(aRtPath) {}
+
+ ~WorkerJSContextStats() {
+ for (JS::ZoneStats& stats : zoneStatsVector) {
+ delete static_cast<xpc::ZoneStatsExtras*>(stats.extra);
+ }
+
+ for (JS::RealmStats& stats : realmStatsVector) {
+ delete static_cast<xpc::RealmStatsExtras*>(stats.extra);
+ }
+ }
+
+ const nsCString& Path() const { return mRtPath; }
+
+ virtual void initExtraZoneStats(JS::Zone* aZone, JS::ZoneStats* aZoneStats,
+ const JS::AutoRequireNoGC& nogc) override {
+ MOZ_ASSERT(!aZoneStats->extra);
+
+ // ReportJSRuntimeExplicitTreeStats expects that
+ // aZoneStats->extra is a xpc::ZoneStatsExtras pointer.
+ xpc::ZoneStatsExtras* extras = new xpc::ZoneStatsExtras;
+ extras->pathPrefix = mRtPath;
+ extras->pathPrefix += nsPrintfCString("zone(0x%p)/", (void*)aZone);
+
+ MOZ_ASSERT(StartsWithExplicit(extras->pathPrefix));
+
+ aZoneStats->extra = extras;
+ }
+
+ virtual void initExtraRealmStats(JS::Realm* aRealm,
+ JS::RealmStats* aRealmStats,
+ const JS::AutoRequireNoGC& nogc) override {
+ MOZ_ASSERT(!aRealmStats->extra);
+
+ // ReportJSRuntimeExplicitTreeStats expects that
+ // aRealmStats->extra is a xpc::RealmStatsExtras pointer.
+ xpc::RealmStatsExtras* extras = new xpc::RealmStatsExtras;
+
+ // This is the |jsPathPrefix|. Each worker has exactly one realm.
+ extras->jsPathPrefix.Assign(mRtPath);
+ extras->jsPathPrefix +=
+ nsPrintfCString("zone(0x%p)/", (void*)js::GetRealmZone(aRealm));
+ extras->jsPathPrefix += "realm(web-worker)/"_ns;
+
+ // This should never be used when reporting with workers (hence the "?!").
+ extras->domPathPrefix.AssignLiteral("explicit/workers/?!/");
+
+ MOZ_ASSERT(StartsWithExplicit(extras->jsPathPrefix));
+ MOZ_ASSERT(StartsWithExplicit(extras->domPathPrefix));
+
+ extras->location = nullptr;
+
+ aRealmStats->extra = extras;
+ }
+};
+
+class WorkerPrivate::MemoryReporter final : public nsIMemoryReporter {
+ NS_DECL_THREADSAFE_ISUPPORTS
+
+ friend class WorkerPrivate;
+
+ SharedMutex mMutex;
+ WorkerPrivate* mWorkerPrivate;
+
+ public:
+ explicit MemoryReporter(WorkerPrivate* aWorkerPrivate)
+ : mMutex(aWorkerPrivate->mMutex), mWorkerPrivate(aWorkerPrivate) {
+ aWorkerPrivate->AssertIsOnWorkerThread();
+ }
+
+ NS_IMETHOD
+ CollectReports(nsIHandleReportCallback* aHandleReport, nsISupports* aData,
+ bool aAnonymize) override;
+
+ private:
+ class FinishCollectRunnable;
+
+ class CollectReportsRunnable final : public MainThreadWorkerControlRunnable {
+ RefPtr<FinishCollectRunnable> mFinishCollectRunnable;
+ const bool mAnonymize;
+
+ public:
+ CollectReportsRunnable(WorkerPrivate* aWorkerPrivate,
+ nsIHandleReportCallback* aHandleReport,
+ nsISupports* aHandlerData, bool aAnonymize,
+ const nsACString& aPath);
+
+ private:
+ bool WorkerRun(JSContext* aCx, WorkerPrivate* aWorkerPrivate) override;
+
+ ~CollectReportsRunnable() {
+ if (NS_IsMainThread()) {
+ mFinishCollectRunnable->Run();
+ return;
+ }
+
+ WorkerPrivate* workerPrivate = GetCurrentThreadWorkerPrivate();
+ MOZ_ASSERT(workerPrivate);
+ MOZ_ALWAYS_SUCCEEDS(workerPrivate->DispatchToMainThreadForMessaging(
+ mFinishCollectRunnable.forget()));
+ }
+ };
+
+ class FinishCollectRunnable final : public Runnable {
+ nsCOMPtr<nsIHandleReportCallback> mHandleReport;
+ nsCOMPtr<nsISupports> mHandlerData;
+ size_t mPerformanceUserEntries;
+ size_t mPerformanceResourceEntries;
+ const bool mAnonymize;
+ bool mSuccess;
+
+ public:
+ WorkerJSContextStats mCxStats;
+
+ explicit FinishCollectRunnable(nsIHandleReportCallback* aHandleReport,
+ nsISupports* aHandlerData, bool aAnonymize,
+ const nsACString& aPath);
+
+ NS_IMETHOD Run() override;
+
+ void SetPerformanceSizes(size_t userEntries, size_t resourceEntries) {
+ mPerformanceUserEntries = userEntries;
+ mPerformanceResourceEntries = resourceEntries;
+ }
+
+ void SetSuccess(bool success) { mSuccess = success; }
+
+ FinishCollectRunnable(const FinishCollectRunnable&) = delete;
+ FinishCollectRunnable& operator=(const FinishCollectRunnable&) = delete;
+ FinishCollectRunnable& operator=(const FinishCollectRunnable&&) = delete;
+
+ private:
+ ~FinishCollectRunnable() {
+ // mHandleReport and mHandlerData are released on the main thread.
+ AssertIsOnMainThread();
+ }
+ };
+
+ ~MemoryReporter() = default;
+
+ void Disable() {
+ // Called from WorkerPrivate::DisableMemoryReporter.
+ mMutex.AssertCurrentThreadOwns();
+
+ NS_ASSERTION(mWorkerPrivate, "Disabled more than once!");
+ mWorkerPrivate = nullptr;
+ }
+};
+
+NS_IMPL_ISUPPORTS(WorkerPrivate::MemoryReporter, nsIMemoryReporter)
+
+NS_IMETHODIMP
+WorkerPrivate::MemoryReporter::CollectReports(
+ nsIHandleReportCallback* aHandleReport, nsISupports* aData,
+ bool aAnonymize) {
+ AssertIsOnMainThread();
+
+ RefPtr<CollectReportsRunnable> runnable;
+
+ {
+ MutexAutoLock lock(mMutex);
+
+ if (!mWorkerPrivate) {
+ // This will effectively report 0 memory.
+ nsCOMPtr<nsIMemoryReporterManager> manager =
+ do_GetService("@mozilla.org/memory-reporter-manager;1");
+ if (manager) {
+ manager->EndReport();
+ }
+ return NS_OK;
+ }
+
+ nsAutoCString path;
+ path.AppendLiteral("explicit/workers/workers(");
+ if (aAnonymize && !mWorkerPrivate->Domain().IsEmpty()) {
+ path.AppendLiteral("<anonymized-domain>)/worker(<anonymized-url>");
+ } else {
+ nsAutoCString escapedDomain(mWorkerPrivate->Domain());
+ if (escapedDomain.IsEmpty()) {
+ escapedDomain += "chrome";
+ } else {
+ escapedDomain.ReplaceChar('/', '\\');
+ }
+ path.Append(escapedDomain);
+ path.AppendLiteral(")/worker(");
+ NS_ConvertUTF16toUTF8 escapedURL(mWorkerPrivate->ScriptURL());
+ escapedURL.ReplaceChar('/', '\\');
+ path.Append(escapedURL);
+ }
+ path.AppendPrintf(", 0x%p)/", static_cast<void*>(mWorkerPrivate));
+
+ runnable = new CollectReportsRunnable(mWorkerPrivate, aHandleReport, aData,
+ aAnonymize, path);
+ }
+
+ if (!runnable->Dispatch()) {
+ return NS_ERROR_UNEXPECTED;
+ }
+
+ return NS_OK;
+}
+
+WorkerPrivate::MemoryReporter::CollectReportsRunnable::CollectReportsRunnable(
+ WorkerPrivate* aWorkerPrivate, nsIHandleReportCallback* aHandleReport,
+ nsISupports* aHandlerData, bool aAnonymize, const nsACString& aPath)
+ : MainThreadWorkerControlRunnable(aWorkerPrivate),
+ mFinishCollectRunnable(new FinishCollectRunnable(
+ aHandleReport, aHandlerData, aAnonymize, aPath)),
+ mAnonymize(aAnonymize) {}
+
+bool WorkerPrivate::MemoryReporter::CollectReportsRunnable::WorkerRun(
+ JSContext* aCx, WorkerPrivate* aWorkerPrivate) {
+ aWorkerPrivate->AssertIsOnWorkerThread();
+
+ RefPtr<WorkerGlobalScope> scope = aWorkerPrivate->GlobalScope();
+ RefPtr<Performance> performance =
+ scope ? scope->GetPerformanceIfExists() : nullptr;
+ if (performance) {
+ size_t userEntries = performance->SizeOfUserEntries(JsWorkerMallocSizeOf);
+ size_t resourceEntries =
+ performance->SizeOfResourceEntries(JsWorkerMallocSizeOf);
+ mFinishCollectRunnable->SetPerformanceSizes(userEntries, resourceEntries);
+ }
+
+ mFinishCollectRunnable->SetSuccess(aWorkerPrivate->CollectRuntimeStats(
+ &mFinishCollectRunnable->mCxStats, mAnonymize));
+
+ return true;
+}
+
+WorkerPrivate::MemoryReporter::FinishCollectRunnable::FinishCollectRunnable(
+ nsIHandleReportCallback* aHandleReport, nsISupports* aHandlerData,
+ bool aAnonymize, const nsACString& aPath)
+ : mozilla::Runnable(
+ "dom::WorkerPrivate::MemoryReporter::FinishCollectRunnable"),
+ mHandleReport(aHandleReport),
+ mHandlerData(aHandlerData),
+ mPerformanceUserEntries(0),
+ mPerformanceResourceEntries(0),
+ mAnonymize(aAnonymize),
+ mSuccess(false),
+ mCxStats(aPath) {}
+
+NS_IMETHODIMP
+WorkerPrivate::MemoryReporter::FinishCollectRunnable::Run() {
+ AssertIsOnMainThread();
+
+ nsCOMPtr<nsIMemoryReporterManager> manager =
+ do_GetService("@mozilla.org/memory-reporter-manager;1");
+
+ if (!manager) return NS_OK;
+
+ if (mSuccess) {
+ xpc::ReportJSRuntimeExplicitTreeStats(
+ mCxStats, mCxStats.Path(), mHandleReport, mHandlerData, mAnonymize);
+
+ if (mPerformanceUserEntries) {
+ nsCString path = mCxStats.Path();
+ path.AppendLiteral("dom/performance/user-entries");
+ mHandleReport->Callback(""_ns, path, nsIMemoryReporter::KIND_HEAP,
+ nsIMemoryReporter::UNITS_BYTES,
+ static_cast<int64_t>(mPerformanceUserEntries),
+ "Memory used for performance user entries."_ns,
+ mHandlerData);
+ }
+
+ if (mPerformanceResourceEntries) {
+ nsCString path = mCxStats.Path();
+ path.AppendLiteral("dom/performance/resource-entries");
+ mHandleReport->Callback(
+ ""_ns, path, nsIMemoryReporter::KIND_HEAP,
+ nsIMemoryReporter::UNITS_BYTES,
+ static_cast<int64_t>(mPerformanceResourceEntries),
+ "Memory used for performance resource entries."_ns, mHandlerData);
+ }
+ }
+
+ manager->EndReport();
+
+ return NS_OK;
+}
+
+WorkerPrivate::SyncLoopInfo::SyncLoopInfo(EventTarget* aEventTarget)
+ : mEventTarget(aEventTarget),
+ mResult(NS_ERROR_FAILURE),
+ mCompleted(false)
+#ifdef DEBUG
+ ,
+ mHasRun(false)
+#endif
+{
+}
+
+Document* WorkerPrivate::GetDocument() const {
+ AssertIsOnMainThread();
+ if (nsPIDOMWindowInner* window = GetAncestorWindow()) {
+ return window->GetExtantDoc();
+ }
+ // couldn't query a document, give up and return nullptr
+ return nullptr;
+}
+
+nsPIDOMWindowInner* WorkerPrivate::GetAncestorWindow() const {
+ AssertIsOnMainThread();
+ if (mLoadInfo.mWindow) {
+ return mLoadInfo.mWindow;
+ }
+ // if we don't have a document, we should query the document
+ // from the parent in case of a nested worker
+ WorkerPrivate* parent = mParent;
+ while (parent) {
+ if (parent->mLoadInfo.mWindow) {
+ return parent->mLoadInfo.mWindow;
+ }
+ parent = parent->GetParent();
+ }
+ // couldn't query a window, give up and return nullptr
+ return nullptr;
+}
+
+class EvictFromBFCacheRunnable final : public WorkerProxyToMainThreadRunnable {
+ public:
+ void RunOnMainThread(WorkerPrivate* aWorkerPrivate) override {
+ MOZ_ASSERT(aWorkerPrivate);
+ AssertIsOnMainThread();
+ if (nsCOMPtr<nsPIDOMWindowInner> win =
+ aWorkerPrivate->GetAncestorWindow()) {
+ win->RemoveFromBFCacheSync();
+ }
+ }
+
+ void RunBackOnWorkerThreadForCleanup(WorkerPrivate* aWorkerPrivate) override {
+ MOZ_ASSERT(aWorkerPrivate);
+ aWorkerPrivate->AssertIsOnWorkerThread();
+ }
+};
+
+void WorkerPrivate::EvictFromBFCache() {
+ AssertIsOnWorkerThread();
+ RefPtr<EvictFromBFCacheRunnable> runnable = new EvictFromBFCacheRunnable();
+ runnable->Dispatch(this);
+}
+
+void WorkerPrivate::SetCsp(nsIContentSecurityPolicy* aCSP) {
+ AssertIsOnMainThread();
+ if (!aCSP) {
+ return;
+ }
+ aCSP->EnsureEventTarget(mMainThreadEventTarget);
+
+ mLoadInfo.mCSP = aCSP;
+ mLoadInfo.mCSPInfo = MakeUnique<CSPInfo>();
+ nsresult rv = CSPToCSPInfo(mLoadInfo.mCSP, mLoadInfo.mCSPInfo.get());
+ if (NS_WARN_IF(NS_FAILED(rv))) {
+ return;
+ }
+}
+
+nsresult WorkerPrivate::SetCSPFromHeaderValues(
+ const nsACString& aCSPHeaderValue,
+ const nsACString& aCSPReportOnlyHeaderValue) {
+ AssertIsOnMainThread();
+ MOZ_DIAGNOSTIC_ASSERT(!mLoadInfo.mCSP);
+
+ NS_ConvertASCIItoUTF16 cspHeaderValue(aCSPHeaderValue);
+ NS_ConvertASCIItoUTF16 cspROHeaderValue(aCSPReportOnlyHeaderValue);
+
+ nsresult rv;
+ nsCOMPtr<nsIContentSecurityPolicy> csp = new nsCSPContext();
+
+ // First, we try to query the URI from the Principal, but
+ // in case selfURI remains empty (e.g in case the Principal
+ // is a SystemPrincipal) then we fall back and use the
+ // base URI as selfURI for CSP.
+ nsCOMPtr<nsIURI> selfURI;
+ // Its not recommended to use the BasePrincipal to get the URI
+ // but in this case we need to make an exception
+ auto* basePrin = BasePrincipal::Cast(mLoadInfo.mPrincipal);
+ if (basePrin) {
+ basePrin->GetURI(getter_AddRefs(selfURI));
+ }
+ if (!selfURI) {
+ selfURI = mLoadInfo.mBaseURI;
+ }
+ MOZ_ASSERT(selfURI, "need a self URI for CSP");
+
+ rv = csp->SetRequestContextWithPrincipal(mLoadInfo.mPrincipal, selfURI,
+ u""_ns, 0);
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ csp->EnsureEventTarget(mMainThreadEventTarget);
+
+ // If there's a CSP header, apply it.
+ if (!cspHeaderValue.IsEmpty()) {
+ rv = CSP_AppendCSPFromHeader(csp, cspHeaderValue, false);
+ NS_ENSURE_SUCCESS(rv, rv);
+ }
+ // If there's a report-only CSP header, apply it.
+ if (!cspROHeaderValue.IsEmpty()) {
+ rv = CSP_AppendCSPFromHeader(csp, cspROHeaderValue, true);
+ NS_ENSURE_SUCCESS(rv, rv);
+ }
+
+ RefPtr<extensions::WebExtensionPolicy> addonPolicy;
+
+ if (basePrin) {
+ addonPolicy = basePrin->AddonPolicy();
+ }
+
+ // For extension workers there aren't any csp header values,
+ // instead it will inherit the Extension CSP.
+ if (addonPolicy) {
+ csp->AppendPolicy(addonPolicy->BaseCSP(), false, false);
+ csp->AppendPolicy(addonPolicy->ExtensionPageCSP(), false, false);
+ }
+
+ mLoadInfo.mCSP = csp;
+
+ // Set evalAllowed, default value is set in GetAllowsEval
+ bool evalAllowed = false;
+ bool reportEvalViolations = false;
+ rv = csp->GetAllowsEval(&reportEvalViolations, &evalAllowed);
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ mLoadInfo.mEvalAllowed = evalAllowed;
+ mLoadInfo.mReportEvalCSPViolations = reportEvalViolations;
+
+ // Set wasmEvalAllowed
+ bool wasmEvalAllowed = false;
+ bool reportWasmEvalViolations = false;
+ rv = csp->GetAllowsWasmEval(&reportWasmEvalViolations, &wasmEvalAllowed);
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ // As for nsScriptSecurityManager::ContentSecurityPolicyPermitsJSAction,
+ // for MV2 extensions we have to allow wasm by default and report violations
+ // for historical reasons.
+ // TODO bug 1770909: remove this exception.
+ if (!wasmEvalAllowed && addonPolicy && addonPolicy->ManifestVersion() == 2) {
+ wasmEvalAllowed = true;
+ reportWasmEvalViolations = true;
+ }
+
+ mLoadInfo.mWasmEvalAllowed = wasmEvalAllowed;
+ mLoadInfo.mReportWasmEvalCSPViolations = reportWasmEvalViolations;
+
+ mLoadInfo.mCSPInfo = MakeUnique<CSPInfo>();
+ rv = CSPToCSPInfo(csp, mLoadInfo.mCSPInfo.get());
+ if (NS_WARN_IF(NS_FAILED(rv))) {
+ return rv;
+ }
+ return NS_OK;
+}
+
+void WorkerPrivate::StoreCSPOnClient() {
+ auto data = mWorkerThreadAccessible.Access();
+ MOZ_ASSERT(data->mScope);
+ if (mLoadInfo.mCSPInfo) {
+ data->mScope->MutableClientSourceRef().SetCspInfo(*mLoadInfo.mCSPInfo);
+ }
+}
+
+void WorkerPrivate::UpdateReferrerInfoFromHeader(
+ const nsACString& aReferrerPolicyHeaderValue) {
+ NS_ConvertUTF8toUTF16 headerValue(aReferrerPolicyHeaderValue);
+
+ if (headerValue.IsEmpty()) {
+ return;
+ }
+
+ ReferrerPolicy policy =
+ ReferrerInfo::ReferrerPolicyFromHeaderString(headerValue);
+ if (policy == ReferrerPolicy::_empty) {
+ return;
+ }
+
+ nsCOMPtr<nsIReferrerInfo> referrerInfo =
+ static_cast<ReferrerInfo*>(GetReferrerInfo())->CloneWithNewPolicy(policy);
+ SetReferrerInfo(referrerInfo);
+}
+
+void WorkerPrivate::Traverse(nsCycleCollectionTraversalCallback& aCb) {
+ AssertIsOnParentThread();
+
+ // The WorkerPrivate::mParentEventTargetRef has a reference to the exposed
+ // Worker object, which is really held by the worker thread. We traverse this
+ // reference if and only if our busy count is zero and we have not released
+ // the main thread reference. We do not unlink it. This allows the CC to
+ // break cycles involving the Worker and begin shutting it down (which does
+ // happen in unlink) but ensures that the WorkerPrivate won't be deleted
+ // before we're done shutting down the thread.
+ if (!mBusyCount && !mMainThreadObjectsForgotten) {
+ nsCycleCollectionTraversalCallback& cb = aCb;
+ WorkerPrivate* tmp = this;
+ NS_IMPL_CYCLE_COLLECTION_TRAVERSE(mParentEventTargetRef);
+ }
+}
+
+nsresult WorkerPrivate::Dispatch(already_AddRefed<WorkerRunnable> aRunnable,
+ nsIEventTarget* aSyncLoopTarget) {
+ // May be called on any thread!
+ MutexAutoLock lock(mMutex);
+ return DispatchLockHeld(std::move(aRunnable), aSyncLoopTarget, lock);
+}
+
+nsresult WorkerPrivate::DispatchLockHeld(
+ already_AddRefed<WorkerRunnable> aRunnable, nsIEventTarget* aSyncLoopTarget,
+ const MutexAutoLock& aProofOfLock) {
+ // May be called on any thread!
+ RefPtr<WorkerRunnable> runnable(aRunnable);
+
+ MOZ_ASSERT_IF(aSyncLoopTarget, mThread);
+
+ if (mStatus == Dead || (!aSyncLoopTarget && ParentStatus() > Running)) {
+ NS_WARNING(
+ "A runnable was posted to a worker that is already shutting "
+ "down!");
+ return NS_ERROR_UNEXPECTED;
+ }
+
+ if (runnable->IsDebuggeeRunnable() && !mDebuggerReady) {
+ MOZ_RELEASE_ASSERT(!aSyncLoopTarget);
+ mDelayedDebuggeeRunnables.AppendElement(runnable);
+ return NS_OK;
+ }
+
+ if (!mThread) {
+ if (ParentStatus() == Pending || mStatus == Pending) {
+ mPreStartRunnables.AppendElement(runnable);
+ return NS_OK;
+ }
+
+ NS_WARNING(
+ "Using a worker event target after the thread has already"
+ "been released!");
+ return NS_ERROR_UNEXPECTED;
+ }
+
+ nsresult rv;
+ if (aSyncLoopTarget) {
+ rv = aSyncLoopTarget->Dispatch(runnable.forget(), NS_DISPATCH_NORMAL);
+ } else {
+ // WorkerDebuggeeRunnables don't need any special treatment here. True,
+ // they should not be delivered to a frozen worker. But frozen workers
+ // aren't drawing from the thread's main event queue anyway, only from
+ // mControlQueue.
+ rv = mThread->DispatchAnyThread(WorkerThreadFriendKey(), runnable.forget());
+ }
+
+ if (NS_WARN_IF(NS_FAILED(rv))) {
+ return rv;
+ }
+
+ mCondVar.Notify();
+ return NS_OK;
+}
+
+void WorkerPrivate::EnableDebugger() {
+ AssertIsOnParentThread();
+
+ if (NS_FAILED(RegisterWorkerDebugger(this))) {
+ NS_WARNING("Failed to register worker debugger!");
+ return;
+ }
+}
+
+void WorkerPrivate::DisableDebugger() {
+ AssertIsOnParentThread();
+
+ // RegisterDebuggerMainThreadRunnable might be dispatched but not executed.
+ // Wait for its execution before unregistraion.
+ if (!NS_IsMainThread()) {
+ WaitForIsDebuggerRegistered(true);
+ }
+
+ if (NS_FAILED(UnregisterWorkerDebugger(this))) {
+ NS_WARNING("Failed to unregister worker debugger!");
+ }
+}
+
+nsresult WorkerPrivate::DispatchControlRunnable(
+ already_AddRefed<WorkerControlRunnable> aWorkerControlRunnable) {
+ // May be called on any thread!
+ RefPtr<WorkerControlRunnable> runnable(aWorkerControlRunnable);
+ MOZ_ASSERT(runnable);
+
+ {
+ MutexAutoLock lock(mMutex);
+
+ if (mStatus == Dead) {
+ return NS_ERROR_UNEXPECTED;
+ }
+
+ // Transfer ownership to the control queue.
+ mControlQueue.Push(runnable.forget().take());
+
+ if (JSContext* cx = mJSContext) {
+ MOZ_ASSERT(mThread);
+ JS_RequestInterruptCallback(cx);
+ }
+
+ mCondVar.Notify();
+ }
+
+ return NS_OK;
+}
+
+nsresult WorkerPrivate::DispatchDebuggerRunnable(
+ already_AddRefed<WorkerRunnable> aDebuggerRunnable) {
+ // May be called on any thread!
+
+ RefPtr<WorkerRunnable> runnable(aDebuggerRunnable);
+
+ MOZ_ASSERT(runnable);
+
+ {
+ MutexAutoLock lock(mMutex);
+
+ if (mStatus == Dead) {
+ NS_WARNING(
+ "A debugger runnable was posted to a worker that is already "
+ "shutting down!");
+ return NS_ERROR_UNEXPECTED;
+ }
+
+ // Transfer ownership to the debugger queue.
+ mDebuggerQueue.Push(runnable.forget().take());
+
+ mCondVar.Notify();
+ }
+
+ return NS_OK;
+}
+
+already_AddRefed<WorkerRunnable> WorkerPrivate::MaybeWrapAsWorkerRunnable(
+ already_AddRefed<nsIRunnable> aRunnable) {
+ // May be called on any thread!
+
+ nsCOMPtr<nsIRunnable> runnable(aRunnable);
+ MOZ_ASSERT(runnable);
+
+ RefPtr<WorkerRunnable> workerRunnable =
+ WorkerRunnable::FromRunnable(runnable);
+ if (workerRunnable) {
+ return workerRunnable.forget();
+ }
+
+ nsCOMPtr<nsIDiscardableRunnable> maybe = do_QueryInterface(runnable);
+ if (!maybe) {
+ MOZ_CRASH(
+ "All runnables destined for a worker thread must be "
+ "nsIDiscardableRunnable!");
+ }
+
+ workerRunnable = new ExternalRunnableWrapper(this, runnable);
+ return workerRunnable.forget();
+}
+
+bool WorkerPrivate::Start() {
+ // May be called on any thread!
+ {
+ MutexAutoLock lock(mMutex);
+ NS_ASSERTION(mParentStatus != Running, "How can this be?!");
+
+ if (mParentStatus == Pending) {
+ mParentStatus = Running;
+ return true;
+ }
+ }
+
+ return false;
+}
+
+// aCx is null when called from the finalizer
+bool WorkerPrivate::Notify(WorkerStatus aStatus) {
+ AssertIsOnParentThread();
+ // This method is only called for Canceling or later.
+ MOZ_DIAGNOSTIC_ASSERT(aStatus >= Canceling);
+
+ bool pending;
+ {
+ MutexAutoLock lock(mMutex);
+
+ if (mParentStatus >= aStatus) {
+ return true;
+ }
+
+ pending = mParentStatus == Pending;
+ mParentStatus = aStatus;
+ }
+
+ if (mCancellationCallback) {
+ mCancellationCallback(!pending);
+ mCancellationCallback = nullptr;
+ }
+
+ if (pending) {
+#ifdef DEBUG
+ {
+ // Fake a thread here just so that our assertions don't go off for no
+ // reason.
+ nsIThread* currentThread = NS_GetCurrentThread();
+ MOZ_ASSERT(currentThread);
+
+ MOZ_ASSERT(!mPRThread);
+ mPRThread = PRThreadFromThread(currentThread);
+ MOZ_ASSERT(mPRThread);
+ }
+#endif
+
+ // Worker never got a chance to run, go ahead and delete it.
+ ScheduleDeletion(WorkerPrivate::WorkerNeverRan);
+ return true;
+ }
+
+ // No Canceling timeout is needed.
+ if (mCancelingTimer) {
+ mCancelingTimer->Cancel();
+ mCancelingTimer = nullptr;
+ }
+
+ RefPtr<NotifyRunnable> runnable = new NotifyRunnable(this, aStatus);
+ return runnable->Dispatch();
+}
+
+bool WorkerPrivate::Freeze(const nsPIDOMWindowInner* aWindow) {
+ AssertIsOnParentThread();
+
+ mParentFrozen = true;
+
+ // WorkerDebuggeeRunnables sent from a worker to content must not be delivered
+ // while the worker is frozen.
+ //
+ // Since a top-level worker and all its children share the same
+ // mMainThreadDebuggeeEventTarget, it's sufficient to do this only in the
+ // top-level worker.
+ if (aWindow) {
+ // This is called from WorkerPrivate construction, and We may not have
+ // allocated mMainThreadDebuggeeEventTarget yet.
+ if (mMainThreadDebuggeeEventTarget) {
+ // Pausing a ThrottledEventQueue is infallible.
+ MOZ_ALWAYS_SUCCEEDS(mMainThreadDebuggeeEventTarget->SetIsPaused(true));
+ }
+ }
+
+ {
+ MutexAutoLock lock(mMutex);
+
+ if (mParentStatus >= Canceling) {
+ return true;
+ }
+ }
+
+ DisableDebugger();
+
+ RefPtr<FreezeRunnable> runnable = new FreezeRunnable(this);
+ return runnable->Dispatch();
+}
+
+bool WorkerPrivate::Thaw(const nsPIDOMWindowInner* aWindow) {
+ AssertIsOnParentThread();
+ MOZ_ASSERT(mParentFrozen);
+
+ mParentFrozen = false;
+
+ // Delivery of WorkerDebuggeeRunnables to the window may resume.
+ //
+ // Since a top-level worker and all its children share the same
+ // mMainThreadDebuggeeEventTarget, it's sufficient to do this only in the
+ // top-level worker.
+ if (aWindow) {
+ // Since the worker is no longer frozen, only a paused parent window should
+ // require the queue to remain paused.
+ //
+ // This can only fail if the ThrottledEventQueue cannot dispatch its
+ // executor to the main thread, in which case the main thread was never
+ // going to draw runnables from it anyway, so the failure doesn't matter.
+ Unused << mMainThreadDebuggeeEventTarget->SetIsPaused(
+ IsParentWindowPaused());
+ }
+
+ {
+ MutexAutoLock lock(mMutex);
+
+ if (mParentStatus >= Canceling) {
+ return true;
+ }
+ }
+
+ EnableDebugger();
+
+ RefPtr<ThawRunnable> runnable = new ThawRunnable(this);
+ return runnable->Dispatch();
+}
+
+void WorkerPrivate::ParentWindowPaused() {
+ AssertIsOnMainThread();
+ MOZ_ASSERT(!mParentWindowPaused);
+ mParentWindowPaused = true;
+
+ // This is called from WorkerPrivate construction, and we may not have
+ // allocated mMainThreadDebuggeeEventTarget yet.
+ if (mMainThreadDebuggeeEventTarget) {
+ // Pausing a ThrottledEventQueue is infallible.
+ MOZ_ALWAYS_SUCCEEDS(mMainThreadDebuggeeEventTarget->SetIsPaused(true));
+ }
+}
+
+void WorkerPrivate::ParentWindowResumed() {
+ AssertIsOnMainThread();
+
+ MOZ_ASSERT(mParentWindowPaused);
+ mParentWindowPaused = false;
+
+ {
+ MutexAutoLock lock(mMutex);
+
+ if (mParentStatus >= Canceling) {
+ return;
+ }
+ }
+
+ // Since the window is no longer paused, the queue should only remain paused
+ // if the worker is frozen.
+ //
+ // This can only fail if the ThrottledEventQueue cannot dispatch its executor
+ // to the main thread, in which case the main thread was never going to draw
+ // runnables from it anyway, so the failure doesn't matter.
+ Unused << mMainThreadDebuggeeEventTarget->SetIsPaused(IsFrozen());
+}
+
+void WorkerPrivate::PropagateStorageAccessPermissionGranted() {
+ AssertIsOnParentThread();
+
+ {
+ MutexAutoLock lock(mMutex);
+
+ if (mParentStatus >= Canceling) {
+ return;
+ }
+ }
+
+ RefPtr<PropagateStorageAccessPermissionGrantedRunnable> runnable =
+ new PropagateStorageAccessPermissionGrantedRunnable(this);
+ Unused << NS_WARN_IF(!runnable->Dispatch());
+}
+
+bool WorkerPrivate::Close() {
+ mMutex.AssertCurrentThreadOwns();
+ if (mParentStatus < Closing) {
+ mParentStatus = Closing;
+ }
+
+ return true;
+}
+
+bool WorkerPrivate::ModifyBusyCount(bool aIncrease) {
+ AssertIsOnParentThread();
+
+ MOZ_ASSERT(aIncrease || mBusyCount, "Mismatched busy count mods!");
+
+ if (aIncrease) {
+ mBusyCount++;
+ return true;
+ }
+
+ if (--mBusyCount == 0) {
+ bool shouldCancel;
+ {
+ MutexAutoLock lock(mMutex);
+ shouldCancel = mParentStatus == Canceling;
+ }
+
+ if (shouldCancel && !Cancel()) {
+ return false;
+ }
+ }
+
+ return true;
+}
+
+bool WorkerPrivate::ProxyReleaseMainThreadObjects() {
+ AssertIsOnParentThread();
+ MOZ_ASSERT(!mMainThreadObjectsForgotten);
+
+ nsCOMPtr<nsILoadGroup> loadGroupToCancel;
+ // If we're not overriden, then do nothing here. Let the load group get
+ // handled in ForgetMainThreadObjects().
+ if (mLoadInfo.mInterfaceRequestor) {
+ mLoadInfo.mLoadGroup.swap(loadGroupToCancel);
+ }
+
+ bool result = mLoadInfo.ProxyReleaseMainThreadObjects(
+ this, std::move(loadGroupToCancel));
+
+ mMainThreadObjectsForgotten = true;
+
+ return result;
+}
+
+void WorkerPrivate::UpdateContextOptions(
+ const JS::ContextOptions& aContextOptions) {
+ AssertIsOnParentThread();
+
+ {
+ MutexAutoLock lock(mMutex);
+ mJSSettings.contextOptions = aContextOptions;
+ }
+
+ RefPtr<UpdateContextOptionsRunnable> runnable =
+ new UpdateContextOptionsRunnable(this, aContextOptions);
+ if (!runnable->Dispatch()) {
+ NS_WARNING("Failed to update worker context options!");
+ }
+}
+
+void WorkerPrivate::UpdateLanguages(const nsTArray<nsString>& aLanguages) {
+ AssertIsOnParentThread();
+
+ RefPtr<UpdateLanguagesRunnable> runnable =
+ new UpdateLanguagesRunnable(this, aLanguages);
+ if (!runnable->Dispatch()) {
+ NS_WARNING("Failed to update worker languages!");
+ }
+}
+
+void WorkerPrivate::UpdateJSWorkerMemoryParameter(JSGCParamKey aKey,
+ Maybe<uint32_t> aValue) {
+ AssertIsOnParentThread();
+
+ bool changed = false;
+
+ {
+ MutexAutoLock lock(mMutex);
+ changed = mJSSettings.ApplyGCSetting(aKey, aValue);
+ }
+
+ if (changed) {
+ RefPtr<UpdateJSWorkerMemoryParameterRunnable> runnable =
+ new UpdateJSWorkerMemoryParameterRunnable(this, aKey, aValue);
+ if (!runnable->Dispatch()) {
+ NS_WARNING("Failed to update memory parameter!");
+ }
+ }
+}
+
+#ifdef JS_GC_ZEAL
+void WorkerPrivate::UpdateGCZeal(uint8_t aGCZeal, uint32_t aFrequency) {
+ AssertIsOnParentThread();
+
+ {
+ MutexAutoLock lock(mMutex);
+ mJSSettings.gcZeal = aGCZeal;
+ mJSSettings.gcZealFrequency = aFrequency;
+ }
+
+ RefPtr<UpdateGCZealRunnable> runnable =
+ new UpdateGCZealRunnable(this, aGCZeal, aFrequency);
+ if (!runnable->Dispatch()) {
+ NS_WARNING("Failed to update worker gczeal!");
+ }
+}
+#endif
+
+void WorkerPrivate::SetLowMemoryState(bool aState) {
+ AssertIsOnParentThread();
+
+ RefPtr<SetLowMemoryStateRunnable> runnable =
+ new SetLowMemoryStateRunnable(this, aState);
+ if (!runnable->Dispatch()) {
+ NS_WARNING("Failed to set low memory state!");
+ }
+}
+
+void WorkerPrivate::GarbageCollect(bool aShrinking) {
+ AssertIsOnParentThread();
+
+ RefPtr<GarbageCollectRunnable> runnable = new GarbageCollectRunnable(
+ this, aShrinking, /* aCollectChildren = */ true);
+ if (!runnable->Dispatch()) {
+ NS_WARNING("Failed to GC worker!");
+ }
+}
+
+void WorkerPrivate::CycleCollect() {
+ AssertIsOnParentThread();
+
+ RefPtr<CycleCollectRunnable> runnable =
+ new CycleCollectRunnable(this, /* aCollectChildren = */ true);
+ if (!runnable->Dispatch()) {
+ NS_WARNING("Failed to CC worker!");
+ }
+}
+
+void WorkerPrivate::OfflineStatusChangeEvent(bool aIsOffline) {
+ AssertIsOnParentThread();
+
+ RefPtr<OfflineStatusChangeRunnable> runnable =
+ new OfflineStatusChangeRunnable(this, aIsOffline);
+ if (!runnable->Dispatch()) {
+ NS_WARNING("Failed to dispatch offline status change event!");
+ }
+}
+
+void WorkerPrivate::OfflineStatusChangeEventInternal(bool aIsOffline) {
+ auto data = mWorkerThreadAccessible.Access();
+
+ // The worker is already in this state. No need to dispatch an event.
+ if (data->mOnLine == !aIsOffline) {
+ return;
+ }
+
+ for (uint32_t index = 0; index < data->mChildWorkers.Length(); ++index) {
+ data->mChildWorkers[index]->OfflineStatusChangeEvent(aIsOffline);
+ }
+
+ data->mOnLine = !aIsOffline;
+ WorkerGlobalScope* globalScope = GlobalScope();
+ RefPtr<WorkerNavigator> nav = globalScope->GetExistingNavigator();
+ if (nav) {
+ nav->SetOnLine(data->mOnLine);
+ }
+
+ nsString eventType;
+ if (aIsOffline) {
+ eventType.AssignLiteral("offline");
+ } else {
+ eventType.AssignLiteral("online");
+ }
+
+ RefPtr<Event> event = NS_NewDOMEvent(globalScope, nullptr, nullptr);
+
+ event->InitEvent(eventType, false, false);
+ event->SetTrusted(true);
+
+ globalScope->DispatchEvent(*event);
+}
+
+void WorkerPrivate::MemoryPressure() {
+ AssertIsOnParentThread();
+
+ RefPtr<MemoryPressureRunnable> runnable = new MemoryPressureRunnable(this);
+ Unused << NS_WARN_IF(!runnable->Dispatch());
+}
+
+RefPtr<WorkerPrivate::JSMemoryUsagePromise> WorkerPrivate::GetJSMemoryUsage() {
+ AssertIsOnMainThread();
+
+ {
+ MutexAutoLock lock(mMutex);
+ // If we have started shutting down the worker, do not dispatch a runnable
+ // to measure its memory.
+ if (ParentStatus() > Running) {
+ return nullptr;
+ }
+ }
+
+ return InvokeAsync(ControlEventTarget(), __func__, []() {
+ WorkerPrivate* wp = GetCurrentThreadWorkerPrivate();
+ MOZ_ASSERT(wp);
+ wp->AssertIsOnWorkerThread();
+ MutexAutoLock lock(wp->mMutex);
+ return JSMemoryUsagePromise::CreateAndResolve(
+ js::GetGCHeapUsage(wp->mJSContext), __func__);
+ });
+}
+
+void WorkerPrivate::WorkerScriptLoaded() {
+ AssertIsOnMainThread();
+
+ if (IsSharedWorker() || IsServiceWorker()) {
+ // No longer need to hold references to the window or document we came from.
+ mLoadInfo.mWindow = nullptr;
+ mLoadInfo.mScriptContext = nullptr;
+ }
+}
+
+void WorkerPrivate::SetBaseURI(nsIURI* aBaseURI) {
+ AssertIsOnMainThread();
+
+ if (!mLoadInfo.mBaseURI) {
+ NS_ASSERTION(GetParent(), "Shouldn't happen without a parent!");
+ mLoadInfo.mResolvedScriptURI = aBaseURI;
+ }
+
+ mLoadInfo.mBaseURI = aBaseURI;
+
+ if (NS_FAILED(aBaseURI->GetSpec(mLocationInfo.mHref))) {
+ mLocationInfo.mHref.Truncate();
+ }
+
+ mLocationInfo.mHostname.Truncate();
+ nsContentUtils::GetHostOrIPv6WithBrackets(aBaseURI, mLocationInfo.mHostname);
+
+ nsCOMPtr<nsIURL> url(do_QueryInterface(aBaseURI));
+ if (!url || NS_FAILED(url->GetFilePath(mLocationInfo.mPathname))) {
+ mLocationInfo.mPathname.Truncate();
+ }
+
+ nsCString temp;
+
+ if (url && NS_SUCCEEDED(url->GetQuery(temp)) && !temp.IsEmpty()) {
+ mLocationInfo.mSearch.Assign('?');
+ mLocationInfo.mSearch.Append(temp);
+ }
+
+ if (NS_SUCCEEDED(aBaseURI->GetRef(temp)) && !temp.IsEmpty()) {
+ if (mLocationInfo.mHash.IsEmpty()) {
+ mLocationInfo.mHash.Assign('#');
+ mLocationInfo.mHash.Append(temp);
+ }
+ }
+
+ if (NS_SUCCEEDED(aBaseURI->GetScheme(mLocationInfo.mProtocol))) {
+ mLocationInfo.mProtocol.Append(':');
+ } else {
+ mLocationInfo.mProtocol.Truncate();
+ }
+
+ int32_t port;
+ if (NS_SUCCEEDED(aBaseURI->GetPort(&port)) && port != -1) {
+ mLocationInfo.mPort.AppendInt(port);
+
+ nsAutoCString host(mLocationInfo.mHostname);
+ host.Append(':');
+ host.Append(mLocationInfo.mPort);
+
+ mLocationInfo.mHost.Assign(host);
+ } else {
+ mLocationInfo.mHost.Assign(mLocationInfo.mHostname);
+ }
+
+ nsContentUtils::GetUTFOrigin(aBaseURI, mLocationInfo.mOrigin);
+}
+
+nsresult WorkerPrivate::SetPrincipalsAndCSPOnMainThread(
+ nsIPrincipal* aPrincipal, nsIPrincipal* aPartitionedPrincipal,
+ nsILoadGroup* aLoadGroup, nsIContentSecurityPolicy* aCsp) {
+ return mLoadInfo.SetPrincipalsAndCSPOnMainThread(
+ aPrincipal, aPartitionedPrincipal, aLoadGroup, aCsp);
+}
+
+nsresult WorkerPrivate::SetPrincipalsAndCSPFromChannel(nsIChannel* aChannel) {
+ return mLoadInfo.SetPrincipalsAndCSPFromChannel(aChannel);
+}
+
+bool WorkerPrivate::FinalChannelPrincipalIsValid(nsIChannel* aChannel) {
+ return mLoadInfo.FinalChannelPrincipalIsValid(aChannel);
+}
+
+#ifdef MOZ_DIAGNOSTIC_ASSERT_ENABLED
+bool WorkerPrivate::PrincipalURIMatchesScriptURL() {
+ return mLoadInfo.PrincipalURIMatchesScriptURL();
+}
+#endif
+
+void WorkerPrivate::UpdateOverridenLoadGroup(nsILoadGroup* aBaseLoadGroup) {
+ AssertIsOnMainThread();
+
+ // The load group should have been overriden at init time.
+ mLoadInfo.mInterfaceRequestor->MaybeAddBrowserChild(aBaseLoadGroup);
+}
+
+#ifdef DEBUG
+
+void WorkerPrivate::AssertIsOnParentThread() const {
+ if (GetParent()) {
+ GetParent()->AssertIsOnWorkerThread();
+ } else {
+ AssertIsOnMainThread();
+ }
+}
+
+void WorkerPrivate::AssertInnerWindowIsCorrect() const {
+ AssertIsOnParentThread();
+
+ // Only care about top level workers from windows.
+ if (mParent || !mLoadInfo.mWindow) {
+ return;
+ }
+
+ AssertIsOnMainThread();
+
+ nsPIDOMWindowOuter* outer = mLoadInfo.mWindow->GetOuterWindow();
+ NS_ASSERTION(outer && outer->GetCurrentInnerWindow() == mLoadInfo.mWindow,
+ "Inner window no longer correct!");
+}
+
+#endif
+
+#ifdef MOZ_DIAGNOSTIC_ASSERT_ENABLED
+bool WorkerPrivate::PrincipalIsValid() const {
+ return mLoadInfo.PrincipalIsValid();
+}
+#endif
+
+WorkerPrivate::WorkerThreadAccessible::WorkerThreadAccessible(
+ WorkerPrivate* const aParent)
+ : mNumWorkerRefsPreventingShutdownStart(0),
+ mDebuggerEventLoopLevel(0),
+ mErrorHandlerRecursionCount(0),
+ mNextTimeoutId(1),
+ mCurrentTimerNestingLevel(0),
+ mFrozen(false),
+ mTimerRunning(false),
+ mRunningExpiredTimeouts(false),
+ mPeriodicGCTimerRunning(false),
+ mIdleGCTimerRunning(false),
+ mOnLine(aParent ? aParent->OnLine() : !NS_IsOffline()),
+ mJSThreadExecutionGranted(false),
+ mCCCollectedAnything(false) {}
+
+namespace {
+
+bool IsNewWorkerSecureContext(const WorkerPrivate* const aParent,
+ const WorkerKind aWorkerKind,
+ const WorkerLoadInfo& aLoadInfo) {
+ if (aParent) {
+ return aParent->IsSecureContext();
+ }
+
+ // Our secure context state depends on the kind of worker we have.
+
+ if (aLoadInfo.mPrincipal && aLoadInfo.mPrincipal->IsSystemPrincipal()) {
+ return true;
+ }
+
+ if (aWorkerKind == WorkerKindService) {
+ return true;
+ }
+
+ if (aLoadInfo.mSecureContext != WorkerLoadInfo::eNotSet) {
+ return aLoadInfo.mSecureContext == WorkerLoadInfo::eSecureContext;
+ }
+
+ MOZ_ASSERT_UNREACHABLE(
+ "non-chrome worker that is not a service worker "
+ "that has no parent and no associated window");
+
+ return false;
+}
+
+} // namespace
+
+WorkerPrivate::WorkerPrivate(
+ WorkerPrivate* aParent, const nsAString& aScriptURL, bool aIsChromeWorker,
+ WorkerKind aWorkerKind, RequestCredentials aRequestCredentials,
+ enum WorkerType aWorkerType, const nsAString& aWorkerName,
+ const nsACString& aServiceWorkerScope, WorkerLoadInfo& aLoadInfo,
+ nsString&& aId, const nsID& aAgentClusterId,
+ const nsILoadInfo::CrossOriginOpenerPolicy aAgentClusterOpenerPolicy,
+ CancellationCallback&& aCancellationCallback,
+ TerminationCallback&& aTerminationCallback)
+ : mMutex("WorkerPrivate Mutex"),
+ mCondVar(mMutex, "WorkerPrivate CondVar"),
+ mParent(aParent),
+ mScriptURL(aScriptURL),
+ mWorkerName(aWorkerName),
+ mCredentialsMode(aRequestCredentials),
+ mWorkerType(aWorkerType), // If the worker runs as a script or a module
+ mWorkerKind(aWorkerKind),
+ mCancellationCallback(std::move(aCancellationCallback)),
+ mTerminationCallback(std::move(aTerminationCallback)),
+ mLoadInfo(std::move(aLoadInfo)),
+ mDebugger(nullptr),
+ mJSContext(nullptr),
+ mPRThread(nullptr),
+ mWorkerControlEventTarget(new WorkerEventTarget(
+ this, WorkerEventTarget::Behavior::ControlOnly)),
+ mWorkerHybridEventTarget(
+ new WorkerEventTarget(this, WorkerEventTarget::Behavior::Hybrid)),
+ mParentStatus(Pending),
+ mStatus(Pending),
+ mBusyCount(0),
+ mCreationTimeStamp(TimeStamp::Now()),
+ mCreationTimeHighRes((double)PR_Now() / PR_USEC_PER_MSEC),
+ mReportedUseCounters(false),
+ mAgentClusterId(aAgentClusterId),
+ mWorkerThreadAccessible(aParent),
+ mPostSyncLoopOperations(0),
+ mParentWindowPaused(false),
+ mCancelAllPendingRunnables(false),
+ mWorkerScriptExecutedSuccessfully(false),
+ mFetchHandlerWasAdded(false),
+ mMainThreadObjectsForgotten(false),
+ mIsChromeWorker(aIsChromeWorker),
+ mParentFrozen(false),
+ mIsSecureContext(
+ IsNewWorkerSecureContext(mParent, mWorkerKind, mLoadInfo)),
+ mDebuggerRegistered(false),
+ mDebuggerReady(true),
+ mExtensionAPIAllowed(false),
+ mIsInAutomation(false),
+ mId(std::move(aId)),
+ mAgentClusterOpenerPolicy(aAgentClusterOpenerPolicy),
+ mIsPrivilegedAddonGlobal(false),
+ mTopLevelWorkerFinishedRunnableCount(0),
+ mWorkerFinishedRunnableCount(0) {
+ MOZ_ASSERT_IF(!IsDedicatedWorker(), NS_IsMainThread());
+
+ if (aParent) {
+ aParent->AssertIsOnWorkerThread();
+
+ // Note that this copies our parent's secure context state into mJSSettings.
+ aParent->CopyJSSettings(mJSSettings);
+
+ MOZ_ASSERT_IF(mIsChromeWorker, mIsSecureContext);
+
+ mIsInAutomation = aParent->IsInAutomation();
+
+ MOZ_ASSERT(IsDedicatedWorker());
+
+ if (aParent->mParentFrozen) {
+ Freeze(nullptr);
+ }
+
+ mIsPrivilegedAddonGlobal = aParent->mIsPrivilegedAddonGlobal;
+ } else {
+ AssertIsOnMainThread();
+
+ RuntimeService::GetDefaultJSSettings(mJSSettings);
+
+ {
+ JS::RealmOptions& chromeRealmOptions = mJSSettings.chromeRealmOptions;
+ JS::RealmOptions& contentRealmOptions = mJSSettings.contentRealmOptions;
+
+ JS::RealmBehaviors& chromeRealmBehaviors = chromeRealmOptions.behaviors();
+ JS::RealmBehaviors& contentRealmBehaviors =
+ contentRealmOptions.behaviors();
+
+ bool usesSystemPrincipal = UsesSystemPrincipal();
+
+ // Make timing imprecise in unprivileged code to blunt Spectre timing
+ // attacks.
+ bool clampAndJitterTime = !usesSystemPrincipal;
+ chromeRealmBehaviors.setClampAndJitterTime(clampAndJitterTime)
+ .setShouldResistFingerprinting(false);
+ contentRealmBehaviors.setClampAndJitterTime(clampAndJitterTime)
+ .setShouldResistFingerprinting(mLoadInfo.mShouldResistFingerprinting);
+
+ JS::RealmCreationOptions& chromeCreationOptions =
+ chromeRealmOptions.creationOptions();
+ JS::RealmCreationOptions& contentCreationOptions =
+ contentRealmOptions.creationOptions();
+
+ // Expose uneval and toSource functions only if this is privileged code.
+ bool toSourceEnabled = usesSystemPrincipal;
+ chromeCreationOptions.setToSourceEnabled(toSourceEnabled);
+ contentCreationOptions.setToSourceEnabled(toSourceEnabled);
+
+ if (mIsSecureContext) {
+ chromeCreationOptions.setSecureContext(true);
+ contentCreationOptions.setSecureContext(true);
+ }
+
+ // Check if it's a privileged addon executing in order to allow access
+ // to SharedArrayBuffer
+ if (mLoadInfo.mPrincipal) {
+ if (auto* policy =
+ BasePrincipal::Cast(mLoadInfo.mPrincipal)->AddonPolicy()) {
+ if (policy->IsPrivileged() &&
+ ExtensionPolicyService::GetSingleton().IsExtensionProcess()) {
+ // Privileged extensions are allowed to use SharedArrayBuffer in
+ // their extension process, but never in content scripts in
+ // content processes.
+ mIsPrivilegedAddonGlobal = true;
+ }
+
+ if (StaticPrefs::
+ extensions_backgroundServiceWorker_enabled_AtStartup() &&
+ mWorkerKind == WorkerKindService &&
+ policy->IsManifestBackgroundWorker(mScriptURL)) {
+ // Only allows ExtensionAPI for extension service workers
+ // that are declared in the extension manifest json as
+ // the background service worker.
+ mExtensionAPIAllowed = true;
+ }
+ }
+ }
+
+ // The SharedArrayBuffer global constructor property should not be present
+ // in a fresh global object when shared memory objects aren't allowed
+ // (because COOP/COEP support isn't enabled, or because COOP/COEP don't
+ // act to isolate this worker to a separate process).
+ const bool defineSharedArrayBufferConstructor = IsSharedMemoryAllowed();
+ chromeCreationOptions.setDefineSharedArrayBufferConstructor(
+ defineSharedArrayBufferConstructor);
+ contentCreationOptions.setDefineSharedArrayBufferConstructor(
+ defineSharedArrayBufferConstructor);
+ }
+
+ mIsInAutomation = xpc::IsInAutomation();
+
+ // Our parent can get suspended after it initiates the async creation
+ // of a new worker thread. In this case suspend the new worker as well.
+ if (mLoadInfo.mWindow && mLoadInfo.mWindow->IsSuspended()) {
+ ParentWindowPaused();
+ }
+
+ if (mLoadInfo.mWindow && mLoadInfo.mWindow->IsFrozen()) {
+ Freeze(mLoadInfo.mWindow);
+ }
+ }
+
+ nsCOMPtr<nsISerialEventTarget> target;
+
+ // A child worker just inherits the parent workers ThrottledEventQueue
+ // and main thread target for now. This is mainly due to the restriction
+ // that ThrottledEventQueue can only be created on the main thread at the
+ // moment.
+ if (aParent) {
+ mMainThreadEventTargetForMessaging =
+ aParent->mMainThreadEventTargetForMessaging;
+ mMainThreadEventTarget = aParent->mMainThreadEventTarget;
+ mMainThreadDebuggeeEventTarget = aParent->mMainThreadDebuggeeEventTarget;
+ return;
+ }
+
+ MOZ_ASSERT(NS_IsMainThread());
+ target = GetWindow()
+ ? GetWindow()->GetBrowsingContextGroup()->GetWorkerEventQueue()
+ : nullptr;
+
+ if (!target) {
+ target = GetMainThreadSerialEventTarget();
+ MOZ_DIAGNOSTIC_ASSERT(target);
+ }
+
+ // Throttle events to the main thread using a ThrottledEventQueue specific to
+ // this tree of worker threads.
+ mMainThreadEventTargetForMessaging =
+ ThrottledEventQueue::Create(target, "Worker queue for messaging");
+ if (StaticPrefs::dom_worker_use_medium_high_event_queue()) {
+ mMainThreadEventTarget = ThrottledEventQueue::Create(
+ GetMainThreadSerialEventTarget(), "Worker queue",
+ nsIRunnablePriority::PRIORITY_MEDIUMHIGH);
+ } else {
+ mMainThreadEventTarget = mMainThreadEventTargetForMessaging;
+ }
+ mMainThreadDebuggeeEventTarget =
+ ThrottledEventQueue::Create(target, "Worker debuggee queue");
+ if (IsParentWindowPaused() || IsFrozen()) {
+ MOZ_ALWAYS_SUCCEEDS(mMainThreadDebuggeeEventTarget->SetIsPaused(true));
+ }
+}
+
+WorkerPrivate::~WorkerPrivate() {
+ MOZ_DIAGNOSTIC_ASSERT(mTopLevelWorkerFinishedRunnableCount == 0);
+ MOZ_DIAGNOSTIC_ASSERT(mWorkerFinishedRunnableCount == 0);
+
+ mWorkerControlEventTarget->ForgetWorkerPrivate(this);
+
+ // We force the hybrid event target to forget the thread when we
+ // enter the Killing state, but we do it again here to be safe.
+ // Its possible that we may be created and destroyed without progressing
+ // to Killing via some obscure code path.
+ mWorkerHybridEventTarget->ForgetWorkerPrivate(this);
+}
+
+WorkerPrivate::AgentClusterIdAndCoop
+WorkerPrivate::ComputeAgentClusterIdAndCoop(WorkerPrivate* aParent,
+ WorkerKind aWorkerKind,
+ WorkerLoadInfo* aLoadInfo) {
+ nsILoadInfo::CrossOriginOpenerPolicy agentClusterCoop =
+ nsILoadInfo::OPENER_POLICY_UNSAFE_NONE;
+
+ if (aParent) {
+ MOZ_ASSERT(aWorkerKind == WorkerKind::WorkerKindDedicated);
+
+ return {aParent->AgentClusterId(), aParent->mAgentClusterOpenerPolicy};
+ }
+
+ AssertIsOnMainThread();
+
+ if (aWorkerKind == WorkerKind::WorkerKindService ||
+ aWorkerKind == WorkerKind::WorkerKindShared) {
+ return {aLoadInfo->mAgentClusterId, agentClusterCoop};
+ }
+
+ if (aLoadInfo->mWindow) {
+ Document* doc = aLoadInfo->mWindow->GetExtantDoc();
+ MOZ_DIAGNOSTIC_ASSERT(doc);
+ RefPtr<DocGroup> docGroup = doc->GetDocGroup();
+
+ nsID agentClusterId =
+ docGroup ? docGroup->AgentClusterId() : nsID::GenerateUUID();
+
+ BrowsingContext* bc = aLoadInfo->mWindow->GetBrowsingContext();
+ MOZ_DIAGNOSTIC_ASSERT(bc);
+ return {agentClusterId, bc->Top()->GetOpenerPolicy()};
+ }
+
+ // If the window object was failed to be set into the WorkerLoadInfo, we
+ // make the worker into another agent cluster group instead of failures.
+ return {nsID::GenerateUUID(), agentClusterCoop};
+}
+
+// static
+already_AddRefed<WorkerPrivate> WorkerPrivate::Constructor(
+ JSContext* aCx, const nsAString& aScriptURL, bool aIsChromeWorker,
+ WorkerKind aWorkerKind, RequestCredentials aRequestCredentials,
+ enum WorkerType aWorkerType, const nsAString& aWorkerName,
+ const nsACString& aServiceWorkerScope, WorkerLoadInfo* aLoadInfo,
+ ErrorResult& aRv, nsString aId,
+ CancellationCallback&& aCancellationCallback,
+ TerminationCallback&& aTerminationCallback) {
+ WorkerPrivate* parent =
+ NS_IsMainThread() ? nullptr : GetCurrentThreadWorkerPrivate();
+
+ // If this is a sub-worker, we need to keep the parent worker alive until this
+ // one is registered.
+ RefPtr<StrongWorkerRef> workerRef;
+ if (parent) {
+ parent->AssertIsOnWorkerThread();
+
+ workerRef = StrongWorkerRef::Create(parent, "WorkerPrivate::Constructor");
+ if (NS_WARN_IF(!workerRef)) {
+ aRv.Throw(NS_ERROR_DOM_INVALID_STATE_ERR);
+ return nullptr;
+ }
+ } else {
+ AssertIsOnMainThread();
+ }
+
+ Maybe<WorkerLoadInfo> stackLoadInfo;
+ if (!aLoadInfo) {
+ stackLoadInfo.emplace();
+
+ nsresult rv = GetLoadInfo(
+ aCx, nullptr, parent, aScriptURL, aWorkerType, aRequestCredentials,
+ aIsChromeWorker, InheritLoadGroup, aWorkerKind, stackLoadInfo.ptr());
+ aRv.MightThrowJSException();
+ if (NS_FAILED(rv)) {
+ workerinternals::ReportLoadError(aRv, rv, aScriptURL);
+ return nullptr;
+ }
+
+ aLoadInfo = stackLoadInfo.ptr();
+ }
+
+ // NB: This has to be done before creating the WorkerPrivate, because it will
+ // attempt to use static variables that are initialized in the RuntimeService
+ // constructor.
+ RuntimeService* runtimeService;
+
+ if (!parent) {
+ runtimeService = RuntimeService::GetOrCreateService();
+ if (!runtimeService) {
+ aRv.Throw(NS_ERROR_FAILURE);
+ return nullptr;
+ }
+ } else {
+ runtimeService = RuntimeService::GetService();
+ }
+
+ MOZ_ASSERT(runtimeService);
+
+ // Don't create a worker with the shutting down RuntimeService.
+ if (runtimeService->IsShuttingDown()) {
+ aRv.Throw(NS_ERROR_UNEXPECTED);
+ return nullptr;
+ }
+
+ AgentClusterIdAndCoop idAndCoop =
+ ComputeAgentClusterIdAndCoop(parent, aWorkerKind, aLoadInfo);
+
+ RefPtr<WorkerPrivate> worker = new WorkerPrivate(
+ parent, aScriptURL, aIsChromeWorker, aWorkerKind, aRequestCredentials,
+ aWorkerType, aWorkerName, aServiceWorkerScope, *aLoadInfo, std::move(aId),
+ idAndCoop.mId, idAndCoop.mCoop, std::move(aCancellationCallback),
+ std::move(aTerminationCallback));
+
+ // Gecko contexts always have an explicitly-set default locale (set by
+ // XPJSRuntime::Initialize for the main thread, set by
+ // WorkerThreadPrimaryRunnable::Run for workers just before running worker
+ // code), so this is never SpiderMonkey's builtin default locale.
+ JS::UniqueChars defaultLocale = JS_GetDefaultLocale(aCx);
+ if (NS_WARN_IF(!defaultLocale)) {
+ aRv.Throw(NS_ERROR_UNEXPECTED);
+ return nullptr;
+ }
+
+ worker->mDefaultLocale = std::move(defaultLocale);
+
+ if (!runtimeService->RegisterWorker(*worker)) {
+ aRv.Throw(NS_ERROR_UNEXPECTED);
+ return nullptr;
+ }
+
+ // From this point on (worker thread has been started) we
+ // must keep ourself alive. We can now only be cleared by
+ // ClearSelfAndParentEventTargetRef().
+ worker->mSelfRef = worker;
+
+ worker->EnableDebugger();
+
+ MOZ_DIAGNOSTIC_ASSERT(worker->PrincipalIsValid());
+
+ UniquePtr<SerializedStackHolder> stack;
+ if (worker->IsWatchedByDevTools()) {
+ stack = GetCurrentStackForNetMonitor(aCx);
+ }
+
+ // This should be non-null for dedicated workers and null for Shared and
+ // Service workers. All Encoding values are static and will live as long
+ // as the process and the convention is to therefore use raw pointers.
+ const mozilla::Encoding* aDocumentEncoding =
+ NS_IsMainThread() && !worker->GetParent() && worker->GetDocument()
+ ? worker->GetDocument()->GetDocumentCharacterSet().get()
+ : nullptr;
+
+ RefPtr<CompileScriptRunnable> compiler = new CompileScriptRunnable(
+ worker, std::move(stack), aScriptURL, aDocumentEncoding);
+ if (!compiler->Dispatch()) {
+ aRv.Throw(NS_ERROR_UNEXPECTED);
+ return nullptr;
+ }
+
+ return worker.forget();
+}
+
+nsresult WorkerPrivate::SetIsDebuggerReady(bool aReady) {
+ AssertIsOnMainThread();
+ MutexAutoLock lock(mMutex);
+
+ if (mDebuggerReady == aReady) {
+ return NS_OK;
+ }
+
+ if (!aReady && mDebuggerRegistered) {
+ // The debugger can only be marked as not ready during registration.
+ return NS_ERROR_FAILURE;
+ }
+
+ mDebuggerReady = aReady;
+
+ if (aReady && mDebuggerRegistered) {
+ // Dispatch all the delayed runnables without releasing the lock, to ensure
+ // that the order in which debuggee runnables execute is the same as the
+ // order in which they were originally dispatched.
+ auto pending = std::move(mDelayedDebuggeeRunnables);
+ for (uint32_t i = 0; i < pending.Length(); i++) {
+ RefPtr<WorkerRunnable> runnable = std::move(pending[i]);
+ nsresult rv = DispatchLockHeld(runnable.forget(), nullptr, lock);
+ NS_ENSURE_SUCCESS(rv, rv);
+ }
+ MOZ_RELEASE_ASSERT(mDelayedDebuggeeRunnables.IsEmpty());
+ }
+
+ return NS_OK;
+}
+
+// static
+nsresult WorkerPrivate::GetLoadInfo(
+ JSContext* aCx, nsPIDOMWindowInner* aWindow, WorkerPrivate* aParent,
+ const nsAString& aScriptURL, const enum WorkerType& aWorkerType,
+ const RequestCredentials& aCredentials, bool aIsChromeWorker,
+ LoadGroupBehavior aLoadGroupBehavior, WorkerKind aWorkerKind,
+ WorkerLoadInfo* aLoadInfo) {
+ using namespace mozilla::dom::workerinternals;
+
+ MOZ_ASSERT(aCx);
+ MOZ_ASSERT_IF(NS_IsMainThread(),
+ aCx == nsContentUtils::GetCurrentJSContext());
+
+ if (aWindow) {
+ AssertIsOnMainThread();
+ }
+
+ WorkerLoadInfo loadInfo;
+ nsresult rv;
+
+ if (aParent) {
+ aParent->AssertIsOnWorkerThread();
+
+ // If the parent is going away give up now.
+ WorkerStatus parentStatus;
+ {
+ MutexAutoLock lock(aParent->mMutex);
+ parentStatus = aParent->mStatus;
+ }
+
+ if (parentStatus > Running) {
+ return NS_ERROR_FAILURE;
+ }
+
+ // Passing a pointer to our stack loadInfo is safe here because this
+ // method uses a sync runnable to get the channel from the main thread.
+ rv = ChannelFromScriptURLWorkerThread(aCx, aParent, aScriptURL, aWorkerType,
+ aCredentials, loadInfo);
+ if (NS_FAILED(rv)) {
+ MOZ_ALWAYS_TRUE(loadInfo.ProxyReleaseMainThreadObjects(aParent));
+ return rv;
+ }
+
+ // Now that we've spun the loop there's no guarantee that our parent is
+ // still alive. We may have received control messages initiating shutdown.
+ {
+ MutexAutoLock lock(aParent->mMutex);
+ parentStatus = aParent->mStatus;
+ }
+
+ if (parentStatus > Running) {
+ MOZ_ALWAYS_TRUE(loadInfo.ProxyReleaseMainThreadObjects(aParent));
+ return NS_ERROR_FAILURE;
+ }
+
+ loadInfo.mTrials = aParent->Trials();
+ loadInfo.mDomain = aParent->Domain();
+ loadInfo.mFromWindow = aParent->IsFromWindow();
+ loadInfo.mWindowID = aParent->WindowID();
+ loadInfo.mAssociatedBrowsingContextID =
+ aParent->AssociatedBrowsingContextID();
+ loadInfo.mStorageAccess = aParent->StorageAccess();
+ loadInfo.mUseRegularPrincipal = aParent->UseRegularPrincipal();
+ loadInfo.mHasStorageAccessPermissionGranted =
+ aParent->HasStorageAccessPermissionGranted();
+ loadInfo.mCookieJarSettings = aParent->CookieJarSettings();
+ if (loadInfo.mCookieJarSettings) {
+ loadInfo.mCookieJarSettingsArgs = aParent->CookieJarSettingsArgs();
+ }
+ loadInfo.mOriginAttributes = aParent->GetOriginAttributes();
+ loadInfo.mServiceWorkersTestingInWindow =
+ aParent->ServiceWorkersTestingInWindow();
+ loadInfo.mIsThirdPartyContextToTopWindow =
+ aParent->IsThirdPartyContextToTopWindow();
+ loadInfo.mShouldResistFingerprinting =
+ aParent->GlobalScope()->ShouldResistFingerprinting(
+ RFPTarget::IsAlwaysEnabledForPrecompute);
+ loadInfo.mParentController = aParent->GlobalScope()->GetController();
+ loadInfo.mWatchedByDevTools = aParent->IsWatchedByDevTools();
+ } else {
+ AssertIsOnMainThread();
+
+ // Make sure that the IndexedDatabaseManager is set up
+ Unused << NS_WARN_IF(!IndexedDatabaseManager::GetOrCreate());
+
+ nsIScriptSecurityManager* ssm = nsContentUtils::GetSecurityManager();
+ MOZ_ASSERT(ssm);
+
+ bool isChrome = nsContentUtils::IsSystemCaller(aCx);
+
+ // First check to make sure the caller has permission to make a privileged
+ // worker if they called the ChromeWorker/ChromeSharedWorker constructor.
+ if (aIsChromeWorker && !isChrome) {
+ return NS_ERROR_DOM_SECURITY_ERR;
+ }
+
+ // Chrome callers (whether creating a ChromeWorker or Worker) always get the
+ // system principal here as they're allowed to load anything. The script
+ // loader will refuse to run any script that does not also have the system
+ // principal.
+ if (isChrome) {
+ rv = ssm->GetSystemPrincipal(getter_AddRefs(loadInfo.mLoadingPrincipal));
+ NS_ENSURE_SUCCESS(rv, rv);
+ }
+
+ // See if we're being called from a window.
+ nsCOMPtr<nsPIDOMWindowInner> globalWindow = aWindow;
+ if (!globalWindow) {
+ globalWindow = xpc::CurrentWindowOrNull(aCx);
+ }
+
+ nsCOMPtr<Document> document;
+ Maybe<ClientInfo> clientInfo;
+
+ if (globalWindow) {
+ // Only use the current inner window, and only use it if the caller can
+ // access it.
+ if (nsPIDOMWindowOuter* outerWindow = globalWindow->GetOuterWindow()) {
+ loadInfo.mWindow = outerWindow->GetCurrentInnerWindow();
+ }
+
+ loadInfo.mTrials =
+ OriginTrials::FromWindow(nsGlobalWindowInner::Cast(loadInfo.mWindow));
+
+ BrowsingContext* browsingContext = globalWindow->GetBrowsingContext();
+
+ // TODO: fix this for SharedWorkers with multiple documents (bug
+ // 1177935)
+ loadInfo.mServiceWorkersTestingInWindow =
+ browsingContext &&
+ browsingContext->Top()->ServiceWorkersTestingEnabled();
+
+ if (!loadInfo.mWindow ||
+ (globalWindow != loadInfo.mWindow &&
+ !nsContentUtils::CanCallerAccess(loadInfo.mWindow))) {
+ return NS_ERROR_DOM_SECURITY_ERR;
+ }
+
+ nsCOMPtr<nsIScriptGlobalObject> sgo = do_QueryInterface(loadInfo.mWindow);
+ MOZ_ASSERT(sgo);
+
+ loadInfo.mScriptContext = sgo->GetContext();
+ NS_ENSURE_TRUE(loadInfo.mScriptContext, NS_ERROR_FAILURE);
+
+ // If we're called from a window then we can dig out the principal and URI
+ // from the document.
+ document = loadInfo.mWindow->GetExtantDoc();
+ NS_ENSURE_TRUE(document, NS_ERROR_FAILURE);
+
+ loadInfo.mBaseURI = document->GetDocBaseURI();
+ loadInfo.mLoadGroup = document->GetDocumentLoadGroup();
+ NS_ENSURE_TRUE(loadInfo.mLoadGroup, NS_ERROR_FAILURE);
+
+ clientInfo = globalWindow->GetClientInfo();
+
+ // Use the document's NodePrincipal as loading principal if we're not
+ // being called from chrome.
+ if (!loadInfo.mLoadingPrincipal) {
+ loadInfo.mLoadingPrincipal = document->NodePrincipal();
+ NS_ENSURE_TRUE(loadInfo.mLoadingPrincipal, NS_ERROR_FAILURE);
+
+ // We use the document's base domain to limit the number of workers
+ // each domain can create. For sandboxed documents, we use the domain
+ // of their first non-sandboxed document, walking up until we find
+ // one. If we can't find one, we fall back to using the GUID of the
+ // null principal as the base domain.
+ if (document->GetSandboxFlags() & SANDBOXED_ORIGIN) {
+ nsCOMPtr<Document> tmpDoc = document;
+ do {
+ tmpDoc = tmpDoc->GetInProcessParentDocument();
+ } while (tmpDoc && tmpDoc->GetSandboxFlags() & SANDBOXED_ORIGIN);
+
+ if (tmpDoc) {
+ // There was an unsandboxed ancestor, yay!
+ nsCOMPtr<nsIPrincipal> tmpPrincipal = tmpDoc->NodePrincipal();
+ rv = tmpPrincipal->GetBaseDomain(loadInfo.mDomain);
+ NS_ENSURE_SUCCESS(rv, rv);
+ } else {
+ // No unsandboxed ancestor, use our GUID.
+ rv = loadInfo.mLoadingPrincipal->GetBaseDomain(loadInfo.mDomain);
+ NS_ENSURE_SUCCESS(rv, rv);
+ }
+ } else {
+ // Document creating the worker is not sandboxed.
+ rv = loadInfo.mLoadingPrincipal->GetBaseDomain(loadInfo.mDomain);
+ NS_ENSURE_SUCCESS(rv, rv);
+ }
+ }
+
+ NS_ENSURE_TRUE(NS_LoadGroupMatchesPrincipal(loadInfo.mLoadGroup,
+ loadInfo.mLoadingPrincipal),
+ NS_ERROR_FAILURE);
+
+ nsCOMPtr<nsIPermissionManager> permMgr =
+ do_GetService(NS_PERMISSIONMANAGER_CONTRACTID, &rv);
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ uint32_t perm;
+ rv = permMgr->TestPermissionFromPrincipal(loadInfo.mLoadingPrincipal,
+ "systemXHR"_ns, &perm);
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ loadInfo.mXHRParamsAllowed = perm == nsIPermissionManager::ALLOW_ACTION;
+
+ loadInfo.mWatchedByDevTools =
+ browsingContext && browsingContext->WatchedByDevTools();
+
+ loadInfo.mReferrerInfo =
+ ReferrerInfo::CreateForFetch(loadInfo.mLoadingPrincipal, document);
+ loadInfo.mFromWindow = true;
+ loadInfo.mWindowID = globalWindow->WindowID();
+ loadInfo.mAssociatedBrowsingContextID =
+ globalWindow->GetBrowsingContext()->Id();
+ loadInfo.mStorageAccess = StorageAllowedForWindow(globalWindow);
+ loadInfo.mUseRegularPrincipal = document->UseRegularPrincipal();
+ loadInfo.mHasStorageAccessPermissionGranted =
+ document->HasStorageAccessPermissionGranted();
+ loadInfo.mShouldResistFingerprinting =
+ document->ShouldResistFingerprinting(
+ RFPTarget::IsAlwaysEnabledForPrecompute);
+
+ // This is an hack to deny the storage-access-permission for workers of
+ // sub-iframes.
+ if (loadInfo.mHasStorageAccessPermissionGranted &&
+ StorageAllowedForDocument(document) != StorageAccess::eAllow) {
+ loadInfo.mHasStorageAccessPermissionGranted = false;
+ }
+ loadInfo.mIsThirdPartyContextToTopWindow =
+ AntiTrackingUtils::IsThirdPartyWindow(globalWindow, nullptr);
+ loadInfo.mCookieJarSettings = document->CookieJarSettings();
+ if (loadInfo.mCookieJarSettings) {
+ auto* cookieJarSettings =
+ net::CookieJarSettings::Cast(loadInfo.mCookieJarSettings);
+ cookieJarSettings->Serialize(loadInfo.mCookieJarSettingsArgs);
+ }
+ StoragePrincipalHelper::GetRegularPrincipalOriginAttributes(
+ document, loadInfo.mOriginAttributes);
+ loadInfo.mParentController = globalWindow->GetController();
+ loadInfo.mSecureContext = loadInfo.mWindow->IsSecureContext()
+ ? WorkerLoadInfo::eSecureContext
+ : WorkerLoadInfo::eInsecureContext;
+ } else {
+ // Not a window
+ MOZ_ASSERT(isChrome);
+
+ // We're being created outside of a window. Need to figure out the script
+ // that is creating us in order for us to use relative URIs later on.
+ JS::AutoFilename fileName;
+ if (JS::DescribeScriptedCaller(aCx, &fileName)) {
+ // In most cases, fileName is URI. In a few other cases
+ // (e.g. xpcshell), fileName is a file path. Ideally, we would
+ // prefer testing whether fileName parses as an URI and fallback
+ // to file path in case of error, but Windows file paths have
+ // the interesting property that they can be parsed as bogus
+ // URIs (e.g. C:/Windows/Tmp is interpreted as scheme "C",
+ // hostname "Windows", path "Tmp"), which defeats this algorithm.
+ // Therefore, we adopt the opposite convention.
+ nsCOMPtr<nsIFile> scriptFile =
+ do_CreateInstance("@mozilla.org/file/local;1", &rv);
+ if (NS_FAILED(rv)) {
+ return rv;
+ }
+
+ rv = scriptFile->InitWithPath(NS_ConvertUTF8toUTF16(fileName.get()));
+ if (NS_SUCCEEDED(rv)) {
+ rv = NS_NewFileURI(getter_AddRefs(loadInfo.mBaseURI), scriptFile);
+ }
+ if (NS_FAILED(rv)) {
+ // As expected, fileName is not a path, so proceed with
+ // a uri.
+ rv = NS_NewURI(getter_AddRefs(loadInfo.mBaseURI), fileName.get());
+ }
+ if (NS_FAILED(rv)) {
+ return rv;
+ }
+ }
+ loadInfo.mXHRParamsAllowed = true;
+ loadInfo.mFromWindow = false;
+ loadInfo.mWindowID = UINT64_MAX;
+ loadInfo.mStorageAccess = StorageAccess::eAllow;
+ loadInfo.mUseRegularPrincipal = true;
+ loadInfo.mHasStorageAccessPermissionGranted = false;
+ loadInfo.mCookieJarSettings =
+ mozilla::net::CookieJarSettings::Create(loadInfo.mLoadingPrincipal);
+ loadInfo.mShouldResistFingerprinting =
+ nsContentUtils::ShouldResistFingerprinting_dangerous(
+ loadInfo.mLoadingPrincipal,
+ "Unusual situation - we have no document or CookieJarSettings",
+ RFPTarget::IsAlwaysEnabledForPrecompute);
+ MOZ_ASSERT(loadInfo.mCookieJarSettings);
+ auto* cookieJarSettings =
+ net::CookieJarSettings::Cast(loadInfo.mCookieJarSettings);
+ cookieJarSettings->Serialize(loadInfo.mCookieJarSettingsArgs);
+
+ loadInfo.mOriginAttributes = OriginAttributes();
+ loadInfo.mIsThirdPartyContextToTopWindow = false;
+ }
+
+ MOZ_ASSERT(loadInfo.mLoadingPrincipal);
+ MOZ_ASSERT(isChrome || !loadInfo.mDomain.IsEmpty());
+
+ if (!loadInfo.mLoadGroup || aLoadGroupBehavior == OverrideLoadGroup) {
+ OverrideLoadInfoLoadGroup(loadInfo, loadInfo.mLoadingPrincipal);
+ }
+ MOZ_ASSERT(NS_LoadGroupMatchesPrincipal(loadInfo.mLoadGroup,
+ loadInfo.mLoadingPrincipal));
+
+ // Top level workers' main script use the document charset for the script
+ // uri encoding.
+ nsCOMPtr<nsIURI> url;
+ rv = nsContentUtils::NewURIWithDocumentCharset(
+ getter_AddRefs(url), aScriptURL, document, loadInfo.mBaseURI);
+ NS_ENSURE_SUCCESS(rv, NS_ERROR_DOM_SYNTAX_ERR);
+
+ rv = ChannelFromScriptURLMainThread(
+ loadInfo.mLoadingPrincipal, document, loadInfo.mLoadGroup, url,
+ aWorkerType, aCredentials, clientInfo, ContentPolicyType(aWorkerKind),
+ loadInfo.mCookieJarSettings, loadInfo.mReferrerInfo,
+ getter_AddRefs(loadInfo.mChannel));
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ rv = NS_GetFinalChannelURI(loadInfo.mChannel,
+ getter_AddRefs(loadInfo.mResolvedScriptURI));
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ // We need the correct hasStoragePermission flag for the channel here since
+ // we will do a content blocking check later when we set the storage
+ // principal for the worker. The channel here won't be opened when we do the
+ // check later, so the hasStoragePermission flag is incorrect. To address
+ // this, We copy the hasStoragePermission flag from the document if there is
+ // a window. The worker is created as the same origin of the window. So, the
+ // worker is supposed to have the same storage permission as the window as
+ // well as the hasStoragePermission flag.
+ nsCOMPtr<nsILoadInfo> channelLoadInfo = loadInfo.mChannel->LoadInfo();
+ rv = channelLoadInfo->SetStoragePermission(
+ loadInfo.mHasStorageAccessPermissionGranted
+ ? nsILoadInfo::HasStoragePermission
+ : nsILoadInfo::NoStoragePermission);
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ rv = loadInfo.SetPrincipalsAndCSPFromChannel(loadInfo.mChannel);
+ NS_ENSURE_SUCCESS(rv, rv);
+ }
+
+ MOZ_DIAGNOSTIC_ASSERT(loadInfo.mLoadingPrincipal);
+ MOZ_DIAGNOSTIC_ASSERT(loadInfo.PrincipalIsValid());
+
+ *aLoadInfo = std::move(loadInfo);
+ return NS_OK;
+}
+
+// static
+void WorkerPrivate::OverrideLoadInfoLoadGroup(WorkerLoadInfo& aLoadInfo,
+ nsIPrincipal* aPrincipal) {
+ MOZ_ASSERT(!aLoadInfo.mInterfaceRequestor);
+ MOZ_ASSERT(aLoadInfo.mLoadingPrincipal == aPrincipal);
+
+ aLoadInfo.mInterfaceRequestor =
+ new WorkerLoadInfo::InterfaceRequestor(aPrincipal, aLoadInfo.mLoadGroup);
+ aLoadInfo.mInterfaceRequestor->MaybeAddBrowserChild(aLoadInfo.mLoadGroup);
+
+ // NOTE: this defaults the load context to:
+ // - private browsing = false
+ // - content = true
+ // - use remote tabs = false
+ nsCOMPtr<nsILoadGroup> loadGroup = do_CreateInstance(NS_LOADGROUP_CONTRACTID);
+
+ nsresult rv =
+ loadGroup->SetNotificationCallbacks(aLoadInfo.mInterfaceRequestor);
+ MOZ_ALWAYS_SUCCEEDS(rv);
+
+ aLoadInfo.mLoadGroup = std::move(loadGroup);
+
+ MOZ_ASSERT(NS_LoadGroupMatchesPrincipal(aLoadInfo.mLoadGroup, aPrincipal));
+}
+
+void WorkerPrivate::RunLoopNeverRan() {
+ {
+ MutexAutoLock lock(mMutex);
+
+ mStatus = Dead;
+ }
+
+ // After mStatus is set to Dead there can be no more
+ // WorkerControlRunnables so no need to lock here.
+ if (!mControlQueue.IsEmpty()) {
+ WorkerControlRunnable* runnable = nullptr;
+ while (mControlQueue.Pop(runnable)) {
+ runnable->Cancel();
+ runnable->Release();
+ }
+ }
+
+ NotifyWorkerRefs(Killing);
+
+ ScheduleDeletion(WorkerPrivate::WorkerRan);
+}
+
+void WorkerPrivate::UnrootGlobalScopes() {
+ auto data = mWorkerThreadAccessible.Access();
+
+ RefPtr<WorkerDebuggerGlobalScope> debugScope = data->mDebuggerScope.forget();
+ if (debugScope) {
+ MOZ_ASSERT(debugScope->mWorkerPrivate == this);
+ }
+ RefPtr<WorkerGlobalScope> scope = data->mScope.forget();
+ if (scope) {
+ MOZ_ASSERT(scope->mWorkerPrivate == this);
+ }
+}
+
+void WorkerPrivate::DoRunLoop(JSContext* aCx) {
+ auto data = mWorkerThreadAccessible.Access();
+ MOZ_RELEASE_ASSERT(!GetExecutionManager());
+
+ RefPtr<WorkerThread> thread;
+ {
+ MutexAutoLock lock(mMutex);
+ mJSContext = aCx;
+ // mThread is set before we enter, and is never changed during DoRunLoop.
+ // copy to local so we don't trigger mutex analysis
+ MOZ_ASSERT(mThread);
+ thread = mThread;
+
+ MOZ_ASSERT(mStatus == Pending);
+ mStatus = Running;
+ }
+
+ // Now that we've done that, we can go ahead and set up our AutoJSAPI. We
+ // can't before this point, because it can't find the right JSContext before
+ // then, since it gets it from our mJSContext.
+ AutoJSAPI jsapi;
+ jsapi.Init();
+ MOZ_ASSERT(jsapi.cx() == aCx);
+
+ EnableMemoryReporter();
+
+ InitializeGCTimers();
+
+ for (;;) {
+ WorkerStatus currentStatus;
+ bool debuggerRunnablesPending = false;
+ bool normalRunnablesPending = false;
+
+ {
+ MutexAutoLock lock(mMutex);
+
+ // Wait for a runnable to arrive that we can execute, or for it to be okay
+ // to shutdown this worker once all holders have been removed.
+ // Holders may be removed from inside normal runnables, but we don't check
+ // for that after processing normal runnables, so we need to let control
+ // flow to the shutdown logic without blocking.
+ while (mControlQueue.IsEmpty() &&
+ !(debuggerRunnablesPending = !mDebuggerQueue.IsEmpty()) &&
+ !(normalRunnablesPending = NS_HasPendingEvents(thread)) &&
+ !(mStatus != Running && !HasActiveWorkerRefs())) {
+ // We pop out to this loop when there are no pending events.
+ // If we don't reset these, we may not re-enter ProcessNextEvent()
+ // until we have events to process, and it may seem like we have
+ // an event running for a very long time.
+ thread->SetRunningEventDelay(TimeDuration(), TimeStamp());
+
+ WaitForWorkerEvents();
+ }
+
+ auto result = ProcessAllControlRunnablesLocked();
+ if (result != ProcessAllControlRunnablesResult::Nothing) {
+ // NB: There's no JS on the stack here, so Abort vs MayContinue is
+ // irrelevant
+
+ // The state of the world may have changed, recheck it.
+ normalRunnablesPending = NS_HasPendingEvents(thread);
+ // The debugger queue doesn't get cleared, so we can ignore that.
+ }
+
+ currentStatus = mStatus;
+ }
+
+ // if all holders are done then we can kill this thread.
+ if (currentStatus != Running && !HasActiveWorkerRefs()) {
+ // Now we are ready to kill the worker thread.
+ if (currentStatus == Canceling) {
+ NotifyInternal(Killing);
+
+#ifdef DEBUG
+ {
+ MutexAutoLock lock(mMutex);
+ currentStatus = mStatus;
+ }
+ MOZ_ASSERT(currentStatus == Killing);
+#else
+ currentStatus = Killing;
+#endif
+ }
+
+ // If we're supposed to die then we should exit the loop.
+ if (currentStatus == Killing) {
+ // We are about to destroy worker, report all use counters.
+ ReportUseCounters();
+
+ // Flush uncaught rejections immediately, without
+ // waiting for a next tick.
+ PromiseDebugging::FlushUncaughtRejections();
+
+ ShutdownGCTimers();
+
+ DisableMemoryReporter();
+
+ {
+ MutexAutoLock lock(mMutex);
+
+ mStatus = Dead;
+ mJSContext = nullptr;
+ }
+
+ // After mStatus is set to Dead there can be no more
+ // WorkerControlRunnables so no need to lock here.
+ if (!mControlQueue.IsEmpty()) {
+ WorkerControlRunnable* runnable = nullptr;
+ while (mControlQueue.Pop(runnable)) {
+ runnable->Cancel();
+ runnable->Release();
+ }
+ }
+
+ // We do not need the timeouts any more, they have been canceled
+ // by NotifyInternal(Killing) above if they were active.
+ UnlinkTimeouts();
+
+ return;
+ }
+ }
+
+ if (debuggerRunnablesPending || normalRunnablesPending) {
+ // Start the periodic GC timer if it is not already running.
+ SetGCTimerMode(PeriodicTimer);
+ }
+
+ if (debuggerRunnablesPending) {
+ WorkerRunnable* runnable = nullptr;
+
+ {
+ MutexAutoLock lock(mMutex);
+
+ mDebuggerQueue.Pop(runnable);
+ debuggerRunnablesPending = !mDebuggerQueue.IsEmpty();
+ }
+
+ MOZ_ASSERT(runnable);
+ static_cast<nsIRunnable*>(runnable)->Run();
+ runnable->Release();
+
+ CycleCollectedJSContext* ccjs = CycleCollectedJSContext::Get();
+ ccjs->PerformDebuggerMicroTaskCheckpoint();
+
+ if (debuggerRunnablesPending) {
+ WorkerDebuggerGlobalScope* globalScope = DebuggerGlobalScope();
+ MOZ_ASSERT(globalScope);
+
+ // Now *might* be a good time to GC. Let the JS engine make the
+ // decision.
+ JSAutoRealm ar(aCx, globalScope->GetGlobalJSObject());
+ JS_MaybeGC(aCx);
+ }
+ } else if (normalRunnablesPending) {
+ // Process a single runnable from the main queue.
+ NS_ProcessNextEvent(thread, false);
+
+ normalRunnablesPending = NS_HasPendingEvents(thread);
+ if (normalRunnablesPending && GlobalScope()) {
+ // Now *might* be a good time to GC. Let the JS engine make the
+ // decision.
+ JSAutoRealm ar(aCx, GlobalScope()->GetGlobalJSObject());
+ JS_MaybeGC(aCx);
+ }
+ }
+
+ if (!debuggerRunnablesPending && !normalRunnablesPending) {
+ // Both the debugger event queue and the normal event queue has been
+ // exhausted, cancel the periodic GC timer and schedule the idle GC timer.
+ SetGCTimerMode(IdleTimer);
+ }
+
+ // If the worker thread is spamming the main thread faster than it can
+ // process the work, then pause the worker thread until the main thread
+ // catches up.
+ size_t queuedEvents = mMainThreadEventTargetForMessaging->Length() +
+ mMainThreadDebuggeeEventTarget->Length();
+ if (queuedEvents > 5000) {
+ // Note, postMessage uses mMainThreadDebuggeeEventTarget!
+ mMainThreadDebuggeeEventTarget->AwaitIdle();
+ }
+ }
+
+ MOZ_CRASH("Shouldn't get here!");
+}
+
+namespace {
+/**
+ * If there is a current CycleCollectedJSContext, return its recursion depth,
+ * otherwise return 1.
+ *
+ * In the edge case where a worker is starting up so late that PBackground is
+ * already shutting down, the cycle collected context will never be created,
+ * but we will need to drain the event loop in ClearMainEventQueue. This will
+ * result in a normal NS_ProcessPendingEvents invocation which will call
+ * WorkerPrivate::OnProcessNextEvent and WorkerPrivate::AfterProcessNextEvent
+ * which want to handle the need to process control runnables and perform a
+ * sanity check assertion, respectively.
+ *
+ * We claim a depth of 1 when there's no CCJS because this most corresponds to
+ * reality, but this doesn't meant that other code might want to drain various
+ * runnable queues as part of this cleanup.
+ */
+uint32_t GetEffectiveEventLoopRecursionDepth() {
+ auto* ccjs = CycleCollectedJSContext::Get();
+ if (ccjs) {
+ return ccjs->RecursionDepth();
+ }
+
+ return 1;
+}
+
+} // namespace
+
+void WorkerPrivate::OnProcessNextEvent() {
+ AssertIsOnWorkerThread();
+
+ uint32_t recursionDepth = GetEffectiveEventLoopRecursionDepth();
+ MOZ_ASSERT(recursionDepth);
+
+ // Normally we process control runnables in DoRunLoop or RunCurrentSyncLoop.
+ // However, it's possible that non-worker C++ could spin its own nested event
+ // loop, and in that case we must ensure that we continue to process control
+ // runnables here.
+ if (recursionDepth > 1 && mSyncLoopStack.Length() < recursionDepth - 1) {
+ Unused << ProcessAllControlRunnables();
+ // There's no running JS, and no state to revalidate, so we can ignore the
+ // return value.
+ }
+}
+
+void WorkerPrivate::AfterProcessNextEvent() {
+ AssertIsOnWorkerThread();
+ MOZ_ASSERT(GetEffectiveEventLoopRecursionDepth());
+}
+
+nsISerialEventTarget* WorkerPrivate::MainThreadEventTargetForMessaging() {
+ return mMainThreadEventTargetForMessaging;
+}
+
+nsresult WorkerPrivate::DispatchToMainThreadForMessaging(nsIRunnable* aRunnable,
+ uint32_t aFlags) {
+ nsCOMPtr<nsIRunnable> r = aRunnable;
+ return DispatchToMainThreadForMessaging(r.forget(), aFlags);
+}
+
+nsresult WorkerPrivate::DispatchToMainThreadForMessaging(
+ already_AddRefed<nsIRunnable> aRunnable, uint32_t aFlags) {
+ return mMainThreadEventTargetForMessaging->Dispatch(std::move(aRunnable),
+ aFlags);
+}
+
+nsISerialEventTarget* WorkerPrivate::MainThreadEventTarget() {
+ return mMainThreadEventTarget;
+}
+
+nsresult WorkerPrivate::DispatchToMainThread(nsIRunnable* aRunnable,
+ uint32_t aFlags) {
+ nsCOMPtr<nsIRunnable> r = aRunnable;
+ return DispatchToMainThread(r.forget(), aFlags);
+}
+
+nsresult WorkerPrivate::DispatchToMainThread(
+ already_AddRefed<nsIRunnable> aRunnable, uint32_t aFlags) {
+ return mMainThreadEventTarget->Dispatch(std::move(aRunnable), aFlags);
+}
+
+nsresult WorkerPrivate::DispatchDebuggeeToMainThread(
+ already_AddRefed<WorkerDebuggeeRunnable> aRunnable, uint32_t aFlags) {
+ return mMainThreadDebuggeeEventTarget->Dispatch(std::move(aRunnable), aFlags);
+}
+
+nsISerialEventTarget* WorkerPrivate::ControlEventTarget() {
+ return mWorkerControlEventTarget;
+}
+
+nsISerialEventTarget* WorkerPrivate::HybridEventTarget() {
+ return mWorkerHybridEventTarget;
+}
+
+ClientType WorkerPrivate::GetClientType() const {
+ switch (Kind()) {
+ case WorkerKindDedicated:
+ return ClientType::Worker;
+ case WorkerKindShared:
+ return ClientType::Sharedworker;
+ case WorkerKindService:
+ return ClientType::Serviceworker;
+ default:
+ MOZ_CRASH("unknown worker type!");
+ }
+}
+
+UniquePtr<ClientSource> WorkerPrivate::CreateClientSource() {
+ auto data = mWorkerThreadAccessible.Access();
+ MOZ_ASSERT(!data->mScope, "Client should be created before the global");
+
+ auto clientSource = ClientManager::CreateSource(
+ GetClientType(), mWorkerHybridEventTarget,
+ StoragePrincipalHelper::ShouldUsePartitionPrincipalForServiceWorker(this)
+ ? GetPartitionedPrincipalInfo()
+ : GetPrincipalInfo());
+ MOZ_DIAGNOSTIC_ASSERT(clientSource);
+
+ clientSource->SetAgentClusterId(mAgentClusterId);
+
+ if (data->mFrozen) {
+ clientSource->Freeze();
+ }
+
+ // Shortly after the client is reserved we will try loading the main script
+ // for the worker. This may get intercepted by the ServiceWorkerManager
+ // which will then try to create a ClientHandle. Its actually possible for
+ // the main thread to create this ClientHandle before our IPC message creating
+ // the ClientSource completes. To avoid this race we synchronously ping our
+ // parent Client actor here. This ensure the worker ClientSource is created
+ // in the parent before the main thread might try reaching it with a
+ // ClientHandle.
+ //
+ // An alternative solution would have been to handle the out-of-order
+ // operations on the parent side. We could have created a small window where
+ // we allow ClientHandle objects to exist without a ClientSource. We would
+ // then time out these handles if they stayed orphaned for too long. This
+ // approach would be much more complex, but also avoid this extra bit of
+ // latency when starting workers.
+ //
+ // Note, we only have to do this for workers that can be controlled by a
+ // service worker. So avoid the sync overhead here if we are starting a
+ // service worker or a chrome worker.
+ if (Kind() != WorkerKindService && !IsChromeWorker()) {
+ clientSource->WorkerSyncPing(this);
+ }
+
+ return clientSource;
+}
+
+bool WorkerPrivate::EnsureCSPEventListener() {
+ if (!mCSPEventListener) {
+ mCSPEventListener = WorkerCSPEventListener::Create(this);
+ if (NS_WARN_IF(!mCSPEventListener)) {
+ return false;
+ }
+ }
+ return true;
+}
+
+nsICSPEventListener* WorkerPrivate::CSPEventListener() const {
+ MOZ_ASSERT(mCSPEventListener);
+ return mCSPEventListener;
+}
+
+void WorkerPrivate::EnsurePerformanceStorage() {
+ AssertIsOnWorkerThread();
+
+ if (!mPerformanceStorage) {
+ mPerformanceStorage = PerformanceStorageWorker::Create(this);
+ }
+}
+
+bool WorkerPrivate::GetExecutionGranted() const {
+ auto data = mWorkerThreadAccessible.Access();
+ return data->mJSThreadExecutionGranted;
+}
+
+void WorkerPrivate::SetExecutionGranted(bool aGranted) {
+ auto data = mWorkerThreadAccessible.Access();
+ data->mJSThreadExecutionGranted = aGranted;
+}
+
+void WorkerPrivate::ScheduleTimeSliceExpiration(uint32_t aDelay) {
+ auto data = mWorkerThreadAccessible.Access();
+
+ if (!data->mTSTimer) {
+ data->mTSTimer = NS_NewTimer();
+ MOZ_ALWAYS_SUCCEEDS(data->mTSTimer->SetTarget(mWorkerControlEventTarget));
+ }
+
+ // Whenever an event is scheduled on the WorkerControlEventTarget an
+ // interrupt is automatically requested which causes us to yield JS execution
+ // and the next JS execution in the queue to execute.
+ // This allows for simple code reuse of the existing interrupt callback code
+ // used for control events.
+ MOZ_ALWAYS_SUCCEEDS(data->mTSTimer->InitWithNamedFuncCallback(
+ [](nsITimer* Timer, void* aClosure) { return; }, nullptr, aDelay,
+ nsITimer::TYPE_ONE_SHOT, "TimeSliceExpirationTimer"));
+}
+
+void WorkerPrivate::CancelTimeSliceExpiration() {
+ auto data = mWorkerThreadAccessible.Access();
+ MOZ_ALWAYS_SUCCEEDS(data->mTSTimer->Cancel());
+}
+
+JSExecutionManager* WorkerPrivate::GetExecutionManager() const {
+ auto data = mWorkerThreadAccessible.Access();
+ return data->mExecutionManager.get();
+}
+
+void WorkerPrivate::SetExecutionManager(JSExecutionManager* aManager) {
+ auto data = mWorkerThreadAccessible.Access();
+ data->mExecutionManager = aManager;
+}
+
+void WorkerPrivate::ExecutionReady() {
+ auto data = mWorkerThreadAccessible.Access();
+ {
+ MutexAutoLock lock(mMutex);
+ if (mStatus >= Canceling) {
+ return;
+ }
+ }
+
+ data->mScope->MutableClientSourceRef().WorkerExecutionReady(this);
+
+ if (ExtensionAPIAllowed()) {
+ extensions::CreateAndDispatchInitWorkerContextRunnable();
+ }
+}
+
+void WorkerPrivate::InitializeGCTimers() {
+ auto data = mWorkerThreadAccessible.Access();
+
+ // We need timers for GC. The basic plan is to run a non-shrinking GC
+ // periodically (PERIODIC_GC_TIMER_DELAY_SEC) while the worker is running.
+ // Once the worker goes idle we set a short (IDLE_GC_TIMER_DELAY_SEC) timer to
+ // run a shrinking GC.
+ data->mPeriodicGCTimer = NS_NewTimer();
+ data->mIdleGCTimer = NS_NewTimer();
+
+ data->mPeriodicGCTimerRunning = false;
+ data->mIdleGCTimerRunning = false;
+}
+
+void WorkerPrivate::SetGCTimerMode(GCTimerMode aMode) {
+ auto data = mWorkerThreadAccessible.Access();
+
+ if (!data->mPeriodicGCTimer || !data->mIdleGCTimer) {
+ // GC timers have been cleared already.
+ return;
+ }
+
+ if (aMode == NoTimer) {
+ MOZ_ALWAYS_SUCCEEDS(data->mPeriodicGCTimer->Cancel());
+ data->mPeriodicGCTimerRunning = false;
+ MOZ_ALWAYS_SUCCEEDS(data->mIdleGCTimer->Cancel());
+ data->mIdleGCTimerRunning = false;
+ return;
+ }
+
+ WorkerStatus status;
+ {
+ MutexAutoLock lock(mMutex);
+ status = mStatus;
+ }
+
+ if (status >= Killing) {
+ ShutdownGCTimers();
+ return;
+ }
+
+ // If the idle timer is running, don't cancel it when the periodic timer
+ // is scheduled since we do want shrinking GC to be called occasionally.
+ if (aMode == PeriodicTimer && data->mPeriodicGCTimerRunning) {
+ return;
+ }
+
+ if (aMode == IdleTimer) {
+ if (!data->mPeriodicGCTimerRunning) {
+ // Since running idle GC cancels both GC timers, after that we want
+ // first at least periodic GC timer getting activated, since that tells
+ // us that there have been some non-control tasks to process. Otherwise
+ // idle GC timer would keep running all the time.
+ return;
+ }
+
+ // Cancel the periodic timer now, since the event loop is (in the common
+ // case) empty now.
+ MOZ_ALWAYS_SUCCEEDS(data->mPeriodicGCTimer->Cancel());
+ data->mPeriodicGCTimerRunning = false;
+
+ if (data->mIdleGCTimerRunning) {
+ return;
+ }
+ }
+
+ MOZ_ASSERT(aMode == PeriodicTimer || aMode == IdleTimer);
+
+ uint32_t delay = 0;
+ int16_t type = nsITimer::TYPE_ONE_SHOT;
+ nsTimerCallbackFunc callback = nullptr;
+ const char* name = nullptr;
+ nsITimer* timer = nullptr;
+
+ if (aMode == PeriodicTimer) {
+ delay = PERIODIC_GC_TIMER_DELAY_SEC * 1000;
+ type = nsITimer::TYPE_REPEATING_SLACK;
+ callback = PeriodicGCTimerCallback;
+ name = "dom::PeriodicGCTimerCallback";
+ timer = data->mPeriodicGCTimer;
+ data->mPeriodicGCTimerRunning = true;
+ LOG(WorkerLog(), ("Worker %p scheduled periodic GC timer\n", this));
+ } else {
+ delay = IDLE_GC_TIMER_DELAY_SEC * 1000;
+ type = nsITimer::TYPE_ONE_SHOT;
+ callback = IdleGCTimerCallback;
+ name = "dom::IdleGCTimerCallback";
+ timer = data->mIdleGCTimer;
+ data->mIdleGCTimerRunning = true;
+ LOG(WorkerLog(), ("Worker %p scheduled idle GC timer\n", this));
+ }
+
+ MOZ_ALWAYS_SUCCEEDS(timer->SetTarget(mWorkerControlEventTarget));
+ MOZ_ALWAYS_SUCCEEDS(
+ timer->InitWithNamedFuncCallback(callback, this, delay, type, name));
+}
+
+void WorkerPrivate::ShutdownGCTimers() {
+ auto data = mWorkerThreadAccessible.Access();
+
+ MOZ_ASSERT(!data->mPeriodicGCTimer == !data->mIdleGCTimer);
+
+ if (!data->mPeriodicGCTimer && !data->mIdleGCTimer) {
+ return;
+ }
+
+ // Always make sure the timers are canceled.
+ MOZ_ALWAYS_SUCCEEDS(data->mPeriodicGCTimer->Cancel());
+ MOZ_ALWAYS_SUCCEEDS(data->mIdleGCTimer->Cancel());
+
+ LOG(WorkerLog(), ("Worker %p killed the GC timers\n", this));
+
+ data->mPeriodicGCTimer = nullptr;
+ data->mIdleGCTimer = nullptr;
+ data->mPeriodicGCTimerRunning = false;
+ data->mIdleGCTimerRunning = false;
+}
+
+bool WorkerPrivate::InterruptCallback(JSContext* aCx) {
+ auto data = mWorkerThreadAccessible.Access();
+
+ AutoYieldJSThreadExecution yield;
+
+ // If we are here it's because a WorkerControlRunnable has been dispatched.
+ // The runnable could be processed here or it could have already been
+ // processed by a sync event loop.
+ // The most important thing this method must do, is to decide if the JS
+ // execution should continue or not. If the runnable returns an error or if
+ // the worker status is >= Canceling, we should stop the JS execution.
+
+ MOZ_ASSERT(!JS_IsExceptionPending(aCx));
+
+ bool mayContinue = true;
+ bool scheduledIdleGC = false;
+
+ for (;;) {
+ // Run all control events now.
+ auto result = ProcessAllControlRunnables();
+ if (result == ProcessAllControlRunnablesResult::Abort) {
+ mayContinue = false;
+ }
+
+ bool mayFreeze = data->mFrozen;
+
+ {
+ MutexAutoLock lock(mMutex);
+
+ if (mayFreeze) {
+ mayFreeze = mStatus <= Running;
+ }
+
+ if (mStatus >= Canceling) {
+ mayContinue = false;
+ }
+ }
+
+ if (!mayContinue || !mayFreeze) {
+ break;
+ }
+
+ // Cancel the periodic GC timer here before freezing. The idle GC timer
+ // will clean everything up once it runs.
+ if (!scheduledIdleGC) {
+ SetGCTimerMode(IdleTimer);
+ scheduledIdleGC = true;
+ }
+
+ while ((mayContinue = MayContinueRunning())) {
+ MutexAutoLock lock(mMutex);
+ if (!mControlQueue.IsEmpty()) {
+ break;
+ }
+
+ WaitForWorkerEvents();
+ }
+ }
+
+ if (!mayContinue) {
+ // We want only uncatchable exceptions here.
+ NS_ASSERTION(!JS_IsExceptionPending(aCx),
+ "Should not have an exception set here!");
+ return false;
+ }
+
+ // Make sure the periodic timer gets turned back on here.
+ SetGCTimerMode(PeriodicTimer);
+
+ return true;
+}
+
+void WorkerPrivate::CloseInternal() {
+ AssertIsOnWorkerThread();
+ NotifyInternal(Closing);
+}
+
+bool WorkerPrivate::IsOnCurrentThread() {
+ // May be called on any thread!
+
+ MOZ_ASSERT(mPRThread);
+ return PR_GetCurrentThread() == mPRThread;
+}
+
+void WorkerPrivate::ScheduleDeletion(WorkerRanOrNot aRanOrNot) {
+ AssertIsOnWorkerThread();
+ {
+ // mWorkerThreadAccessible's accessor must be destructed before
+ // the scheduled Runnable gets to run.
+ auto data = mWorkerThreadAccessible.Access();
+ MOZ_ASSERT(data->mChildWorkers.IsEmpty());
+
+ MOZ_RELEASE_ASSERT(!data->mDeletionScheduled);
+ data->mDeletionScheduled.Flip();
+ }
+ MOZ_ASSERT(mSyncLoopStack.IsEmpty());
+ MOZ_ASSERT(mPostSyncLoopOperations == 0);
+
+ ClearMainEventQueue(aRanOrNot);
+#ifdef DEBUG
+ if (WorkerRan == aRanOrNot) {
+ nsIThread* currentThread = NS_GetCurrentThread();
+ MOZ_ASSERT(currentThread);
+ MOZ_ASSERT(!NS_HasPendingEvents(currentThread));
+ }
+#endif
+
+ if (WorkerPrivate* parent = GetParent()) {
+ RefPtr<WorkerFinishedRunnable> runnable =
+ new WorkerFinishedRunnable(parent, this);
+ if (!runnable->Dispatch()) {
+ NS_WARNING("Failed to dispatch runnable!");
+ }
+ } else {
+ if (ExtensionAPIAllowed()) {
+ MOZ_ASSERT(IsServiceWorker());
+ RefPtr<Runnable> extWorkerRunnable =
+ extensions::CreateWorkerDestroyedRunnable(ServiceWorkerID(),
+ GetBaseURI());
+ // Dispatch as a low priority runnable.
+ if (NS_FAILED(
+ DispatchToMainThreadForMessaging(extWorkerRunnable.forget()))) {
+ NS_WARNING(
+ "Failed to dispatch runnable to notify extensions worker "
+ "destroyed");
+ }
+ }
+
+ // Note, this uses the lower priority DispatchToMainThreadForMessaging for
+ // dispatching TopLevelWorkerFinishedRunnable to the main thread so that
+ // other relevant runnables are guaranteed to run before it.
+ RefPtr<TopLevelWorkerFinishedRunnable> runnable =
+ new TopLevelWorkerFinishedRunnable(this);
+ if (NS_FAILED(DispatchToMainThreadForMessaging(runnable.forget()))) {
+ NS_WARNING("Failed to dispatch runnable!");
+ }
+
+ // NOTE: Calling any WorkerPrivate methods (or accessing member data) after
+ // this point is unsafe (the TopLevelWorkerFinishedRunnable just dispatched
+ // may be able to call ClearSelfAndParentEventTargetRef on this
+ // WorkerPrivate instance and by the time we get here the WorkerPrivate
+ // instance destructor may have been already called).
+ }
+}
+
+bool WorkerPrivate::CollectRuntimeStats(
+ JS::RuntimeStats* aRtStats, bool aAnonymize) MOZ_NO_THREAD_SAFETY_ANALYSIS {
+ // We don't have a lock to access mJSContext, but it's safe to access on this
+ // thread.
+ AssertIsOnWorkerThread();
+ NS_ASSERTION(aRtStats, "Null RuntimeStats!");
+ // We don't really own it, but it's safe to access on this thread
+ NS_ASSERTION(mJSContext, "This must never be null!");
+
+ return JS::CollectRuntimeStats(mJSContext, aRtStats, nullptr, aAnonymize);
+}
+
+void WorkerPrivate::EnableMemoryReporter() {
+ auto data = mWorkerThreadAccessible.Access();
+ MOZ_ASSERT(!data->mMemoryReporter);
+
+ // No need to lock here since the main thread can't race until we've
+ // successfully registered the reporter.
+ data->mMemoryReporter = new MemoryReporter(this);
+
+ if (NS_FAILED(RegisterWeakAsyncMemoryReporter(data->mMemoryReporter))) {
+ NS_WARNING("Failed to register memory reporter!");
+ // No need to lock here since a failed registration means our memory
+ // reporter can't start running. Just clean up.
+ data->mMemoryReporter = nullptr;
+ }
+}
+
+void WorkerPrivate::DisableMemoryReporter() {
+ auto data = mWorkerThreadAccessible.Access();
+
+ RefPtr<MemoryReporter> memoryReporter;
+ {
+ // Mutex protectes MemoryReporter::mWorkerPrivate which is cleared by
+ // MemoryReporter::Disable() below.
+ MutexAutoLock lock(mMutex);
+
+ // There is nothing to do here if the memory reporter was never successfully
+ // registered.
+ if (!data->mMemoryReporter) {
+ return;
+ }
+
+ // We don't need this set any longer. Swap it out so that we can unregister
+ // below.
+ data->mMemoryReporter.swap(memoryReporter);
+
+ // Next disable the memory reporter so that the main thread stops trying to
+ // signal us.
+ memoryReporter->Disable();
+ }
+
+ // Finally unregister the memory reporter.
+ if (NS_FAILED(UnregisterWeakMemoryReporter(memoryReporter))) {
+ NS_WARNING("Failed to unregister memory reporter!");
+ }
+}
+
+void WorkerPrivate::WaitForWorkerEvents() {
+ AUTO_PROFILER_LABEL("WorkerPrivate::WaitForWorkerEvents", IDLE);
+
+ AssertIsOnWorkerThread();
+ mMutex.AssertCurrentThreadOwns();
+
+ // Wait for a worker event.
+ mCondVar.Wait();
+}
+
+WorkerPrivate::ProcessAllControlRunnablesResult
+WorkerPrivate::ProcessAllControlRunnablesLocked() {
+ AssertIsOnWorkerThread();
+ mMutex.AssertCurrentThreadOwns();
+
+ AutoYieldJSThreadExecution yield;
+
+ auto result = ProcessAllControlRunnablesResult::Nothing;
+
+ for (;;) {
+ WorkerControlRunnable* event;
+ if (!mControlQueue.Pop(event)) {
+ break;
+ }
+
+ MutexAutoUnlock unlock(mMutex);
+
+ MOZ_ASSERT(event);
+ if (NS_FAILED(static_cast<nsIRunnable*>(event)->Run())) {
+ result = ProcessAllControlRunnablesResult::Abort;
+ }
+
+ if (result == ProcessAllControlRunnablesResult::Nothing) {
+ // We ran at least one thing.
+ result = ProcessAllControlRunnablesResult::MayContinue;
+ }
+ event->Release();
+ }
+
+ return result;
+}
+
+void WorkerPrivate::ShutdownModuleLoader() {
+ AssertIsOnWorkerThread();
+
+ WorkerGlobalScope* globalScope = GlobalScope();
+ if (globalScope) {
+ if (globalScope->GetModuleLoader(nullptr)) {
+ globalScope->GetModuleLoader(nullptr)->Shutdown();
+ }
+ }
+ WorkerDebuggerGlobalScope* debugGlobalScope = DebuggerGlobalScope();
+ if (debugGlobalScope) {
+ if (debugGlobalScope->GetModuleLoader(nullptr)) {
+ debugGlobalScope->GetModuleLoader(nullptr)->Shutdown();
+ }
+ }
+}
+
+void WorkerPrivate::ClearMainEventQueue(WorkerRanOrNot aRanOrNot) {
+ AssertIsOnWorkerThread();
+
+ MOZ_ASSERT((mPostSyncLoopOperations & ePendingEventQueueClearing)
+ ? (mSyncLoopStack.Length() == 1)
+ : mSyncLoopStack.IsEmpty());
+ MOZ_ASSERT(!mCancelAllPendingRunnables);
+
+ mCancelAllPendingRunnables = true;
+ WorkerGlobalScope* globalScope = GlobalScope();
+ if (globalScope) {
+ // It's appropriate to disconnect event targets at the point that it's no
+ // longer possible for new tasks to be dispatched at the global, and this is
+ // that point.
+ globalScope->DisconnectGlobalTeardownObservers();
+
+ globalScope->WorkerPrivateSaysForbidScript();
+ }
+
+ if (WorkerNeverRan == aRanOrNot) {
+ nsTArray<RefPtr<WorkerRunnable>> prestart;
+ {
+ MutexAutoLock lock(mMutex);
+ mPreStartRunnables.SwapElements(prestart);
+ }
+ for (uint32_t count = prestart.Length(), index = 0; index < count;
+ index++) {
+ RefPtr<WorkerRunnable> runnable = std::move(prestart[index]);
+ static_cast<nsIRunnable*>(runnable.get())->Run();
+ }
+ } else {
+ nsIThread* currentThread = NS_GetCurrentThread();
+ MOZ_ASSERT(currentThread);
+
+ NS_ProcessPendingEvents(currentThread);
+ }
+
+ if (globalScope) {
+ globalScope->WorkerPrivateSaysAllowScript();
+ }
+ MOZ_ASSERT(mCancelAllPendingRunnables);
+ mCancelAllPendingRunnables = false;
+}
+
+void WorkerPrivate::ClearDebuggerEventQueue() {
+ while (!mDebuggerQueue.IsEmpty()) {
+ WorkerRunnable* runnable = nullptr;
+ mDebuggerQueue.Pop(runnable);
+ // It should be ok to simply release the runnable, without running it.
+ runnable->Release();
+ }
+}
+
+bool WorkerPrivate::FreezeInternal() {
+ auto data = mWorkerThreadAccessible.Access();
+ NS_ASSERTION(!data->mFrozen, "Already frozen!");
+
+ AutoYieldJSThreadExecution yield;
+
+ // The worker can freeze even if it failed to run (and doesn't have a global).
+ if (data->mScope) {
+ data->mScope->MutableClientSourceRef().Freeze();
+ }
+
+ data->mFrozen = true;
+
+ for (uint32_t index = 0; index < data->mChildWorkers.Length(); index++) {
+ data->mChildWorkers[index]->Freeze(nullptr);
+ }
+
+ return true;
+}
+
+bool WorkerPrivate::ThawInternal() {
+ auto data = mWorkerThreadAccessible.Access();
+ NS_ASSERTION(data->mFrozen, "Not yet frozen!");
+
+ for (uint32_t index = 0; index < data->mChildWorkers.Length(); index++) {
+ data->mChildWorkers[index]->Thaw(nullptr);
+ }
+
+ data->mFrozen = false;
+
+ // The worker can thaw even if it failed to run (and doesn't have a global).
+ if (data->mScope) {
+ data->mScope->MutableClientSourceRef().Thaw();
+ }
+
+ return true;
+}
+
+void WorkerPrivate::PropagateStorageAccessPermissionGrantedInternal() {
+ auto data = mWorkerThreadAccessible.Access();
+
+ mLoadInfo.mUseRegularPrincipal = true;
+ mLoadInfo.mHasStorageAccessPermissionGranted = true;
+
+ WorkerGlobalScope* globalScope = GlobalScope();
+ if (globalScope) {
+ globalScope->StorageAccessPermissionGranted();
+ }
+
+ for (uint32_t index = 0; index < data->mChildWorkers.Length(); index++) {
+ data->mChildWorkers[index]->PropagateStorageAccessPermissionGranted();
+ }
+}
+
+void WorkerPrivate::TraverseTimeouts(nsCycleCollectionTraversalCallback& cb) {
+ auto data = mWorkerThreadAccessible.Access();
+ for (uint32_t i = 0; i < data->mTimeouts.Length(); ++i) {
+ // TODO(erahm): No idea what's going on here.
+ TimeoutInfo* tmp = data->mTimeouts[i].get();
+ NS_IMPL_CYCLE_COLLECTION_TRAVERSE(mHandler)
+ }
+}
+
+void WorkerPrivate::UnlinkTimeouts() {
+ auto data = mWorkerThreadAccessible.Access();
+ data->mTimeouts.Clear();
+}
+
+bool WorkerPrivate::ModifyBusyCountFromWorker(bool aIncrease) {
+ AssertIsOnWorkerThread();
+
+ {
+ MutexAutoLock lock(mMutex);
+
+ // If we're in shutdown then the busy count is no longer being considered so
+ // just return now.
+ if (mStatus >= Killing) {
+ return true;
+ }
+ }
+
+ RefPtr<ModifyBusyCountRunnable> runnable =
+ new ModifyBusyCountRunnable(this, aIncrease);
+ return runnable->Dispatch();
+}
+
+bool WorkerPrivate::AddChildWorker(WorkerPrivate& aChildWorker) {
+ auto data = mWorkerThreadAccessible.Access();
+
+#ifdef DEBUG
+ {
+ WorkerStatus currentStatus;
+ {
+ MutexAutoLock lock(mMutex);
+ currentStatus = mStatus;
+ }
+
+ MOZ_ASSERT(currentStatus == Running);
+ }
+#endif
+
+ NS_ASSERTION(!data->mChildWorkers.Contains(&aChildWorker),
+ "Already know about this one!");
+ data->mChildWorkers.AppendElement(&aChildWorker);
+
+ return data->mChildWorkers.Length() == 1 ? ModifyBusyCountFromWorker(true)
+ : true;
+}
+
+void WorkerPrivate::RemoveChildWorker(WorkerPrivate& aChildWorker) {
+ auto data = mWorkerThreadAccessible.Access();
+
+ NS_ASSERTION(data->mChildWorkers.Contains(&aChildWorker),
+ "Didn't know about this one!");
+ data->mChildWorkers.RemoveElement(&aChildWorker);
+
+ if (data->mChildWorkers.IsEmpty() && !ModifyBusyCountFromWorker(false)) {
+ NS_WARNING("Failed to modify busy count!");
+ }
+}
+
+bool WorkerPrivate::AddWorkerRef(WorkerRef* aWorkerRef,
+ WorkerStatus aFailStatus) {
+ MOZ_ASSERT(aWorkerRef);
+ auto data = mWorkerThreadAccessible.Access();
+
+ {
+ MutexAutoLock lock(mMutex);
+
+ if (mStatus >= aFailStatus) {
+ return false;
+ }
+
+ // We shouldn't create strong references to workers before their main loop
+ // begins running. Strong references must be disposed of on the worker
+ // thread, so strong references from other threads use a control runnable
+ // for that purpose. If the worker fails to reach the main loop stage then
+ // no control runnables get run and it would be impossible to get rid of the
+ // reference properly.
+ MOZ_DIAGNOSTIC_ASSERT_IF(aWorkerRef->IsPreventingShutdown(),
+ mStatus >= WorkerStatus::Running);
+ }
+
+ MOZ_ASSERT(!data->mWorkerRefs.Contains(aWorkerRef),
+ "Already know about this one!");
+
+ if (aWorkerRef->IsPreventingShutdown()) {
+ if (!data->mNumWorkerRefsPreventingShutdownStart &&
+ !ModifyBusyCountFromWorker(true)) {
+ return false;
+ }
+ data->mNumWorkerRefsPreventingShutdownStart += 1;
+ }
+
+ data->mWorkerRefs.AppendElement(aWorkerRef);
+ return true;
+}
+
+void WorkerPrivate::RemoveWorkerRef(WorkerRef* aWorkerRef) {
+ MOZ_ASSERT(aWorkerRef);
+ auto data = mWorkerThreadAccessible.Access();
+
+ MOZ_ASSERT(data->mWorkerRefs.Contains(aWorkerRef),
+ "Didn't know about this one!");
+ data->mWorkerRefs.RemoveElement(aWorkerRef);
+
+ if (aWorkerRef->IsPreventingShutdown()) {
+ data->mNumWorkerRefsPreventingShutdownStart -= 1;
+ if (!data->mNumWorkerRefsPreventingShutdownStart &&
+ !ModifyBusyCountFromWorker(false)) {
+ NS_WARNING("Failed to modify busy count!");
+ }
+ }
+}
+
+void WorkerPrivate::NotifyWorkerRefs(WorkerStatus aStatus) {
+ auto data = mWorkerThreadAccessible.Access();
+
+ NS_ASSERTION(aStatus > Closing, "Bad status!");
+
+ for (auto* workerRef : data->mWorkerRefs.ForwardRange()) {
+ workerRef->Notify();
+ }
+
+ AutoTArray<CheckedUnsafePtr<WorkerPrivate>, 10> children;
+ children.AppendElements(data->mChildWorkers);
+
+ for (uint32_t index = 0; index < children.Length(); index++) {
+ if (!children[index]->Notify(aStatus)) {
+ NS_WARNING("Failed to notify child worker!");
+ }
+ }
+}
+
+nsresult WorkerPrivate::RegisterShutdownTask(nsITargetShutdownTask* aTask) {
+ NS_ENSURE_ARG(aTask);
+
+ MutexAutoLock lock(mMutex);
+
+ // If we've already started running shutdown tasks, don't allow registering
+ // new ones.
+ if (mShutdownTasksRun) {
+ return NS_ERROR_UNEXPECTED;
+ }
+
+ MOZ_ASSERT(!mShutdownTasks.Contains(aTask));
+ mShutdownTasks.AppendElement(aTask);
+ return NS_OK;
+}
+
+nsresult WorkerPrivate::UnregisterShutdownTask(nsITargetShutdownTask* aTask) {
+ NS_ENSURE_ARG(aTask);
+
+ MutexAutoLock lock(mMutex);
+
+ // We've already started running shutdown tasks, so can't unregister them
+ // anymore.
+ if (mShutdownTasksRun) {
+ return NS_ERROR_UNEXPECTED;
+ }
+
+ return mShutdownTasks.RemoveElement(aTask) ? NS_OK : NS_ERROR_UNEXPECTED;
+}
+
+void WorkerPrivate::RunShutdownTasks() {
+ nsTArray<nsCOMPtr<nsITargetShutdownTask>> shutdownTasks;
+
+ {
+ MutexAutoLock lock(mMutex);
+ shutdownTasks = std::move(mShutdownTasks);
+ mShutdownTasks.Clear();
+ mShutdownTasksRun = true;
+ }
+
+ for (auto& task : shutdownTasks) {
+ task->TargetShutdown();
+ }
+ mWorkerHybridEventTarget->ForgetWorkerPrivate(this);
+}
+
+void WorkerPrivate::CancelAllTimeouts() {
+ auto data = mWorkerThreadAccessible.Access();
+
+ LOG(TimeoutsLog(), ("Worker %p CancelAllTimeouts.\n", this));
+
+ if (data->mTimerRunning) {
+ NS_ASSERTION(data->mTimer && data->mTimerRunnable, "Huh?!");
+ NS_ASSERTION(!data->mTimeouts.IsEmpty(), "Huh?!");
+
+ if (NS_FAILED(data->mTimer->Cancel())) {
+ NS_WARNING("Failed to cancel timer!");
+ }
+
+ for (uint32_t index = 0; index < data->mTimeouts.Length(); index++) {
+ data->mTimeouts[index]->mCanceled = true;
+ }
+
+ // If mRunningExpiredTimeouts, then the fact that they are all canceled now
+ // means that the currently executing RunExpiredTimeouts will deal with
+ // them. Otherwise, we need to clean them up ourselves.
+ if (!data->mRunningExpiredTimeouts) {
+ data->mTimeouts.Clear();
+ ModifyBusyCountFromWorker(false);
+ }
+
+ // Set mTimerRunning false even if mRunningExpiredTimeouts is true, so that
+ // if we get reentered under this same RunExpiredTimeouts call we don't
+ // assert above that !mTimeouts().IsEmpty(), because that's clearly false
+ // now.
+ data->mTimerRunning = false;
+ }
+#ifdef DEBUG
+ else if (!data->mRunningExpiredTimeouts) {
+ NS_ASSERTION(data->mTimeouts.IsEmpty(), "Huh?!");
+ }
+#endif
+
+ data->mTimer = nullptr;
+ data->mTimerRunnable = nullptr;
+}
+
+already_AddRefed<nsISerialEventTarget> WorkerPrivate::CreateNewSyncLoop(
+ WorkerStatus aFailStatus) {
+ AssertIsOnWorkerThread();
+ MOZ_ASSERT(
+ aFailStatus >= Canceling,
+ "Sync loops can be created when the worker is in Running/Closing state!");
+
+ ThreadEventQueue* queue = nullptr;
+ {
+ MutexAutoLock lock(mMutex);
+
+ if (mStatus >= aFailStatus) {
+ return nullptr;
+ }
+ queue = static_cast<ThreadEventQueue*>(mThread->EventQueue());
+ }
+
+ nsCOMPtr<nsISerialEventTarget> nestedEventTarget = queue->PushEventQueue();
+ MOZ_ASSERT(nestedEventTarget);
+
+ RefPtr<EventTarget> workerEventTarget =
+ new EventTarget(this, nestedEventTarget);
+
+ {
+ // Modifications must be protected by mMutex in DEBUG builds, see comment
+ // about mSyncLoopStack in WorkerPrivate.h.
+#ifdef DEBUG
+ MutexAutoLock lock(mMutex);
+#endif
+
+ mSyncLoopStack.AppendElement(new SyncLoopInfo(workerEventTarget));
+ }
+
+ return workerEventTarget.forget();
+}
+
+nsresult WorkerPrivate::RunCurrentSyncLoop() {
+ AssertIsOnWorkerThread();
+ RefPtr<WorkerThread> thread;
+ JSContext* cx = GetJSContext();
+ MOZ_ASSERT(cx);
+ // mThread is set before we enter, and is never changed during
+ // RunCurrentSyncLoop.
+ {
+ MutexAutoLock lock(mMutex);
+ // Copy to local so we don't trigger mutex analysis lower down
+ // mThread is set before we enter, and is never changed during
+ // RunCurrentSyncLoop copy to local so we don't trigger mutex analysis
+ thread = mThread;
+ }
+
+ AutoPushEventLoopGlobal eventLoopGlobal(this, cx);
+
+ // This should not change between now and the time we finish running this sync
+ // loop.
+ uint32_t currentLoopIndex = mSyncLoopStack.Length() - 1;
+
+ SyncLoopInfo* loopInfo = mSyncLoopStack[currentLoopIndex].get();
+
+ AutoYieldJSThreadExecution yield;
+
+ MOZ_ASSERT(loopInfo);
+ MOZ_ASSERT(!loopInfo->mHasRun);
+ MOZ_ASSERT(!loopInfo->mCompleted);
+
+#ifdef DEBUG
+ loopInfo->mHasRun = true;
+#endif
+
+ {
+ while (!loopInfo->mCompleted) {
+ bool normalRunnablesPending = false;
+
+ // Don't block with the periodic GC timer running.
+ if (!NS_HasPendingEvents(thread)) {
+ SetGCTimerMode(IdleTimer);
+ }
+
+ // Wait for something to do.
+ {
+ MutexAutoLock lock(mMutex);
+
+ for (;;) {
+ while (mControlQueue.IsEmpty() && !normalRunnablesPending &&
+ !(normalRunnablesPending = NS_HasPendingEvents(thread))) {
+ WaitForWorkerEvents();
+ }
+
+ auto result = ProcessAllControlRunnablesLocked();
+ if (result != ProcessAllControlRunnablesResult::Nothing) {
+ // The state of the world may have changed. Recheck it if we need to
+ // continue.
+ normalRunnablesPending =
+ result == ProcessAllControlRunnablesResult::MayContinue &&
+ NS_HasPendingEvents(thread);
+
+ // NB: If we processed a NotifyRunnable, we might have run
+ // non-control runnables, one of which may have shut down the
+ // sync loop.
+ if (loopInfo->mCompleted) {
+ break;
+ }
+ }
+
+ // If we *didn't* run any control runnables, this should be unchanged.
+ MOZ_ASSERT(!loopInfo->mCompleted);
+
+ if (normalRunnablesPending) {
+ break;
+ }
+ }
+ }
+
+ if (normalRunnablesPending) {
+ // Make sure the periodic timer is running before we continue.
+ SetGCTimerMode(PeriodicTimer);
+
+ MOZ_ALWAYS_TRUE(NS_ProcessNextEvent(thread, false));
+
+ // Now *might* be a good time to GC. Let the JS engine make the
+ // decision.
+ if (GetCurrentEventLoopGlobal()) {
+ // If GetCurrentEventLoopGlobal() is non-null, our JSContext is in a
+ // Realm, so it's safe to try to GC.
+ MOZ_ASSERT(JS::CurrentGlobalOrNull(cx));
+ JS_MaybeGC(cx);
+ }
+ }
+ }
+ }
+
+ // Make sure that the stack didn't change underneath us.
+ MOZ_ASSERT(mSyncLoopStack[currentLoopIndex].get() == loopInfo);
+
+ return DestroySyncLoop(currentLoopIndex);
+}
+
+nsresult WorkerPrivate::DestroySyncLoop(uint32_t aLoopIndex) {
+ MOZ_ASSERT(!mSyncLoopStack.IsEmpty());
+ MOZ_ASSERT(mSyncLoopStack.Length() - 1 == aLoopIndex);
+
+ AutoYieldJSThreadExecution yield;
+
+ // We're about to delete the loop, stash its event target and result.
+ const auto& loopInfo = mSyncLoopStack[aLoopIndex];
+
+ nsresult result = loopInfo->mResult;
+
+ {
+ RefPtr<nsIEventTarget> nestedEventTarget(
+ loopInfo->mEventTarget->GetNestedEventTarget());
+ MOZ_ASSERT(nestedEventTarget);
+
+ loopInfo->mEventTarget->Shutdown();
+
+ {
+ MutexAutoLock lock(mMutex);
+ static_cast<ThreadEventQueue*>(mThread->EventQueue())
+ ->PopEventQueue(nestedEventTarget);
+ }
+ }
+
+ // Are we making a 1 -> 0 transition here?
+ if (mSyncLoopStack.Length() == 1) {
+ if ((mPostSyncLoopOperations & ePendingEventQueueClearing)) {
+ ClearMainEventQueue(WorkerRan);
+ }
+
+ if ((mPostSyncLoopOperations & eDispatchCancelingRunnable)) {
+ DispatchCancelingRunnable();
+ }
+
+ mPostSyncLoopOperations = 0;
+ }
+
+ {
+ // Modifications must be protected by mMutex in DEBUG builds, see comment
+ // about mSyncLoopStack in WorkerPrivate.h.
+#ifdef DEBUG
+ MutexAutoLock lock(mMutex);
+#endif
+
+ // This will delete |loopInfo|!
+ mSyncLoopStack.RemoveElementAt(aLoopIndex);
+ }
+
+ return result;
+}
+
+void WorkerPrivate::DispatchCancelingRunnable() {
+ // Here we use a normal runnable to know when the current JS chunk of code
+ // is finished. We cannot use a WorkerRunnable because they are not
+ // accepted any more by the worker, and we do not want to use a
+ // WorkerControlRunnable because they are immediately executed.
+ RefPtr<CancelingRunnable> r = new CancelingRunnable();
+ {
+ MutexAutoLock lock(mMutex);
+ mThread->nsThread::Dispatch(r.forget(), NS_DISPATCH_NORMAL);
+ }
+
+ // At the same time, we want to be sure that we interrupt infinite loops.
+ // The following runnable starts a timer that cancel the worker, from the
+ // parent thread, after CANCELING_TIMEOUT millseconds.
+ RefPtr<CancelingWithTimeoutOnParentRunnable> rr =
+ new CancelingWithTimeoutOnParentRunnable(this);
+ rr->Dispatch();
+}
+
+void WorkerPrivate::ReportUseCounters() {
+ AssertIsOnWorkerThread();
+
+ if (mReportedUseCounters) {
+ return;
+ }
+ mReportedUseCounters = true;
+
+ if (Telemetry::HistogramUseCounterWorkerCount <= 0 || IsChromeWorker()) {
+ return;
+ }
+
+ const size_t kind = Kind();
+ switch (kind) {
+ case WorkerKindDedicated:
+ Telemetry::Accumulate(Telemetry::DEDICATED_WORKER_DESTROYED, 1);
+ break;
+ case WorkerKindShared:
+ Telemetry::Accumulate(Telemetry::SHARED_WORKER_DESTROYED, 1);
+ break;
+ case WorkerKindService:
+ Telemetry::Accumulate(Telemetry::SERVICE_WORKER_DESTROYED, 1);
+ break;
+ default:
+ MOZ_ASSERT(false, "Unknown worker kind");
+ return;
+ }
+
+ Maybe<nsCString> workerPathForLogging;
+ const bool dumpCounters = StaticPrefs::dom_use_counters_dump_worker();
+ if (dumpCounters) {
+ nsAutoCString path(Domain());
+ path.AppendLiteral("(");
+ NS_ConvertUTF16toUTF8 script(ScriptURL());
+ path.Append(script);
+ path.AppendPrintf(", 0x%p)", this);
+ workerPathForLogging.emplace(std::move(path));
+ }
+
+ static_assert(
+ static_cast<size_t>(UseCounterWorker::Count) * 3 ==
+ static_cast<size_t>(Telemetry::HistogramUseCounterWorkerCount),
+ "There should be three histograms (dedicated and shared and "
+ "servie) for each worker use counter");
+ const size_t count = static_cast<size_t>(UseCounterWorker::Count);
+ const size_t factor =
+ static_cast<size_t>(Telemetry::HistogramUseCounterWorkerCount) / count;
+ MOZ_ASSERT(factor > kind);
+
+ for (size_t c = 0; c < count; ++c) {
+ // Histograms for worker use counters use the same order as the worker kinds
+ // , so we can use the worker kind to index to corresponding histogram.
+ auto id = static_cast<Telemetry::HistogramID>(
+ Telemetry::HistogramFirstUseCounterWorker + c * factor + kind);
+ MOZ_ASSERT(id <= Telemetry::HistogramLastUseCounterWorker);
+
+ if (!GetUseCounter(static_cast<UseCounterWorker>(c))) {
+ continue;
+ }
+ if (dumpCounters) {
+ printf_stderr("USE_COUNTER_WORKER: %s - %s\n",
+ Telemetry::GetHistogramName(id),
+ workerPathForLogging->get());
+ }
+ Telemetry::Accumulate(id, 1);
+ }
+}
+
+void WorkerPrivate::StopSyncLoop(nsIEventTarget* aSyncLoopTarget,
+ nsresult aResult) {
+ AssertIsOnWorkerThread();
+ AssertValidSyncLoop(aSyncLoopTarget);
+
+ MOZ_ASSERT(!mSyncLoopStack.IsEmpty());
+
+ for (uint32_t index = mSyncLoopStack.Length(); index > 0; index--) {
+ const auto& loopInfo = mSyncLoopStack[index - 1];
+ MOZ_ASSERT(loopInfo);
+ MOZ_ASSERT(loopInfo->mEventTarget);
+
+ if (loopInfo->mEventTarget == aSyncLoopTarget) {
+ // Can't assert |loop->mHasRun| here because dispatch failures can cause
+ // us to bail out early.
+ MOZ_ASSERT(!loopInfo->mCompleted);
+
+ loopInfo->mResult = aResult;
+ loopInfo->mCompleted = true;
+
+ loopInfo->mEventTarget->Disable();
+
+ return;
+ }
+
+ MOZ_ASSERT(!SameCOMIdentity(loopInfo->mEventTarget, aSyncLoopTarget));
+ }
+
+ MOZ_CRASH("Unknown sync loop!");
+}
+
+#ifdef DEBUG
+void WorkerPrivate::AssertValidSyncLoop(nsIEventTarget* aSyncLoopTarget) {
+ MOZ_ASSERT(aSyncLoopTarget);
+
+ EventTarget* workerTarget;
+ nsresult rv = aSyncLoopTarget->QueryInterface(
+ kDEBUGWorkerEventTargetIID, reinterpret_cast<void**>(&workerTarget));
+ MOZ_ASSERT(NS_SUCCEEDED(rv));
+ MOZ_ASSERT(workerTarget);
+
+ bool valid = false;
+
+ {
+ MutexAutoLock lock(mMutex);
+
+ for (uint32_t index = 0; index < mSyncLoopStack.Length(); index++) {
+ const auto& loopInfo = mSyncLoopStack[index];
+ MOZ_ASSERT(loopInfo);
+ MOZ_ASSERT(loopInfo->mEventTarget);
+
+ if (loopInfo->mEventTarget == aSyncLoopTarget) {
+ valid = true;
+ break;
+ }
+
+ MOZ_ASSERT(!SameCOMIdentity(loopInfo->mEventTarget, aSyncLoopTarget));
+ }
+ }
+
+ MOZ_ASSERT(valid);
+}
+#endif
+
+void WorkerPrivate::PostMessageToParent(
+ JSContext* aCx, JS::Handle<JS::Value> aMessage,
+ const Sequence<JSObject*>& aTransferable, ErrorResult& aRv) {
+ AssertIsOnWorkerThread();
+ MOZ_DIAGNOSTIC_ASSERT(IsDedicatedWorker());
+
+ JS::Rooted<JS::Value> transferable(aCx, JS::UndefinedValue());
+
+ aRv = nsContentUtils::CreateJSValueFromSequenceOfObject(aCx, aTransferable,
+ &transferable);
+ if (NS_WARN_IF(aRv.Failed())) {
+ return;
+ }
+
+ RefPtr<MessageEventRunnable> runnable = new MessageEventRunnable(
+ this, WorkerRunnable::ParentThreadUnchangedBusyCount);
+
+ UniquePtr<AbstractTimelineMarker> start;
+ UniquePtr<AbstractTimelineMarker> end;
+ bool isTimelineRecording = !TimelineConsumers::IsEmpty();
+
+ if (isTimelineRecording) {
+ start = MakeUnique<WorkerTimelineMarker>(
+ NS_IsMainThread()
+ ? ProfileTimelineWorkerOperationType::SerializeDataOnMainThread
+ : ProfileTimelineWorkerOperationType::SerializeDataOffMainThread,
+ MarkerTracingType::START);
+ }
+
+ JS::CloneDataPolicy clonePolicy;
+
+ // Parent and dedicated workers are always part of the same cluster.
+ clonePolicy.allowIntraClusterClonableSharedObjects();
+
+ if (IsSharedMemoryAllowed()) {
+ clonePolicy.allowSharedMemoryObjects();
+ }
+
+ runnable->Write(aCx, aMessage, transferable, clonePolicy, aRv);
+
+ if (isTimelineRecording) {
+ end = MakeUnique<WorkerTimelineMarker>(
+ NS_IsMainThread()
+ ? ProfileTimelineWorkerOperationType::SerializeDataOnMainThread
+ : ProfileTimelineWorkerOperationType::SerializeDataOffMainThread,
+ MarkerTracingType::END);
+ TimelineConsumers::AddMarkerForAllObservedDocShells(start);
+ TimelineConsumers::AddMarkerForAllObservedDocShells(end);
+ }
+
+ if (NS_WARN_IF(aRv.Failed())) {
+ return;
+ }
+
+ if (!runnable->Dispatch()) {
+ aRv = NS_ERROR_FAILURE;
+ }
+}
+
+void WorkerPrivate::EnterDebuggerEventLoop() {
+ auto data = mWorkerThreadAccessible.Access();
+
+ JSContext* cx = GetJSContext();
+ MOZ_ASSERT(cx);
+
+ AutoPushEventLoopGlobal eventLoopGlobal(this, cx);
+ AutoYieldJSThreadExecution yield;
+
+ CycleCollectedJSContext* ccjscx = CycleCollectedJSContext::Get();
+
+ uint32_t currentEventLoopLevel = ++data->mDebuggerEventLoopLevel;
+
+ while (currentEventLoopLevel <= data->mDebuggerEventLoopLevel) {
+ bool debuggerRunnablesPending = false;
+
+ {
+ MutexAutoLock lock(mMutex);
+
+ debuggerRunnablesPending = !mDebuggerQueue.IsEmpty();
+ }
+
+ // Don't block with the periodic GC timer running.
+ if (!debuggerRunnablesPending) {
+ SetGCTimerMode(IdleTimer);
+ }
+
+ // Wait for something to do
+ {
+ MutexAutoLock lock(mMutex);
+
+ std::deque<RefPtr<MicroTaskRunnable>>& debuggerMtQueue =
+ ccjscx->GetDebuggerMicroTaskQueue();
+ while (mControlQueue.IsEmpty() &&
+ !(debuggerRunnablesPending = !mDebuggerQueue.IsEmpty()) &&
+ debuggerMtQueue.empty()) {
+ WaitForWorkerEvents();
+ }
+
+ ProcessAllControlRunnablesLocked();
+
+ // XXXkhuey should we abort JS on the stack here if we got Abort above?
+ }
+ ccjscx->PerformDebuggerMicroTaskCheckpoint();
+ if (debuggerRunnablesPending) {
+ // Start the periodic GC timer if it is not already running.
+ SetGCTimerMode(PeriodicTimer);
+
+ WorkerRunnable* runnable = nullptr;
+
+ {
+ MutexAutoLock lock(mMutex);
+
+ mDebuggerQueue.Pop(runnable);
+ }
+
+ MOZ_ASSERT(runnable);
+ static_cast<nsIRunnable*>(runnable)->Run();
+ runnable->Release();
+
+ ccjscx->PerformDebuggerMicroTaskCheckpoint();
+
+ // Now *might* be a good time to GC. Let the JS engine make the decision.
+ if (GetCurrentEventLoopGlobal()) {
+ // If GetCurrentEventLoopGlobal() is non-null, our JSContext is in a
+ // Realm, so it's safe to try to GC.
+ MOZ_ASSERT(JS::CurrentGlobalOrNull(cx));
+ JS_MaybeGC(cx);
+ }
+ }
+ }
+}
+
+void WorkerPrivate::LeaveDebuggerEventLoop() {
+ auto data = mWorkerThreadAccessible.Access();
+
+ // TODO: Why lock the mutex if we're accessing data accessible to one thread
+ // only?
+ MutexAutoLock lock(mMutex);
+
+ if (data->mDebuggerEventLoopLevel > 0) {
+ --data->mDebuggerEventLoopLevel;
+ }
+}
+
+void WorkerPrivate::PostMessageToDebugger(const nsAString& aMessage) {
+ mDebugger->PostMessageToDebugger(aMessage);
+}
+
+void WorkerPrivate::SetDebuggerImmediate(dom::Function& aHandler,
+ ErrorResult& aRv) {
+ AssertIsOnWorkerThread();
+
+ RefPtr<DebuggerImmediateRunnable> runnable =
+ new DebuggerImmediateRunnable(this, aHandler);
+ if (!runnable->Dispatch()) {
+ aRv.Throw(NS_ERROR_FAILURE);
+ }
+}
+
+void WorkerPrivate::ReportErrorToDebugger(const nsAString& aFilename,
+ uint32_t aLineno,
+ const nsAString& aMessage) {
+ mDebugger->ReportErrorToDebugger(aFilename, aLineno, aMessage);
+}
+
+bool WorkerPrivate::NotifyInternal(WorkerStatus aStatus) {
+ auto data = mWorkerThreadAccessible.Access();
+
+ // Yield execution while notifying out-of-module WorkerRefs and cancelling
+ // runnables.
+ AutoYieldJSThreadExecution yield;
+
+ NS_ASSERTION(aStatus > Running && aStatus < Dead, "Bad status!");
+
+ RefPtr<EventTarget> eventTarget;
+
+ // Save the old status and set the new status.
+ WorkerStatus previousStatus;
+ {
+ MutexAutoLock lock(mMutex);
+
+ if (mStatus >= aStatus) {
+ return true;
+ }
+
+ MOZ_ASSERT_IF(aStatus == Killing, mStatus == Canceling);
+
+ if (aStatus >= Canceling) {
+ MutexAutoUnlock unlock(mMutex);
+ if (data->mScope) {
+ if (aStatus == Canceling) {
+ data->mScope->NoteTerminating();
+ } else {
+ data->mScope->NoteShuttingDown();
+ }
+ }
+ }
+
+ previousStatus = mStatus;
+ mStatus = aStatus;
+
+ // Mark parent status as closing immediately to avoid new events being
+ // dispatched after we clear the queue below.
+ if (aStatus == Closing) {
+ Close();
+ }
+ }
+
+ MOZ_ASSERT(previousStatus != Pending);
+
+ if (aStatus >= Closing) {
+ CancelAllTimeouts();
+ }
+
+ // Let all our holders know the new status.
+ if (aStatus > Closing) {
+ NotifyWorkerRefs(aStatus);
+ }
+
+ // If this is the first time our status has changed then we need to clear the
+ // main event queue.
+ if (previousStatus == Running) {
+ // NB: If we're in a sync loop, we can't clear the queue immediately,
+ // because this is the wrong queue. So we have to defer it until later.
+ if (!mSyncLoopStack.IsEmpty()) {
+ mPostSyncLoopOperations |= ePendingEventQueueClearing;
+ } else {
+ ClearMainEventQueue(WorkerRan);
+ }
+ }
+
+ // If the worker script never ran, or failed to compile, we don't need to do
+ // anything else.
+ WorkerGlobalScope* global = GlobalScope();
+ if (!global) {
+ return true;
+ }
+
+ if (WebTaskScheduler* scheduler = global->GetExistingScheduler()) {
+ scheduler->Disconnect();
+ }
+
+ // Don't abort the script now, but we dispatch a runnable to do it when the
+ // current JS frame is executed.
+ if (aStatus == Closing) {
+ if (!mSyncLoopStack.IsEmpty()) {
+ mPostSyncLoopOperations |= eDispatchCancelingRunnable;
+ } else {
+ DispatchCancelingRunnable();
+ }
+ return true;
+ }
+
+ MOZ_ASSERT(aStatus == Canceling || aStatus == Killing);
+
+ // Always abort the script.
+ return false;
+}
+
+void WorkerPrivate::ReportError(JSContext* aCx,
+ JS::ConstUTF8CharsZ aToStringResult,
+ JSErrorReport* aReport) {
+ auto data = mWorkerThreadAccessible.Access();
+
+ if (!MayContinueRunning() || data->mErrorHandlerRecursionCount == 2) {
+ return;
+ }
+
+ NS_ASSERTION(data->mErrorHandlerRecursionCount == 0 ||
+ data->mErrorHandlerRecursionCount == 1,
+ "Bad recursion logic!");
+
+ UniquePtr<WorkerErrorReport> report = MakeUnique<WorkerErrorReport>();
+ if (aReport) {
+ report->AssignErrorReport(aReport);
+ }
+
+ JS::ExceptionStack exnStack(aCx);
+ if (JS_IsExceptionPending(aCx)) {
+ if (!JS::StealPendingExceptionStack(aCx, &exnStack)) {
+ JS_ClearPendingException(aCx);
+ return;
+ }
+
+ JS::Rooted<JSObject*> stack(aCx), stackGlobal(aCx);
+ xpc::FindExceptionStackForConsoleReport(
+ nullptr, exnStack.exception(), exnStack.stack(), &stack, &stackGlobal);
+
+ if (stack) {
+ JSAutoRealm ar(aCx, stackGlobal);
+ report->SerializeWorkerStack(aCx, this, stack);
+ }
+ } else {
+ // ReportError is also used for reporting warnings,
+ // so there won't be a pending exception.
+ MOZ_ASSERT(aReport && aReport->isWarning());
+ }
+
+ if (report->mMessage.IsEmpty() && aToStringResult) {
+ nsDependentCString toStringResult(aToStringResult.c_str());
+ if (!AppendUTF8toUTF16(toStringResult, report->mMessage,
+ mozilla::fallible)) {
+ // Try again, with only a 1 KB string. Do this infallibly this time.
+ // If the user doesn't have 1 KB to spare we're done anyways.
+ size_t index = std::min<size_t>(1024, toStringResult.Length());
+
+ // Drop the last code point that may be cropped.
+ index = RewindToPriorUTF8Codepoint(toStringResult.BeginReading(), index);
+
+ nsDependentCString truncatedToStringResult(aToStringResult.c_str(),
+ index);
+ AppendUTF8toUTF16(truncatedToStringResult, report->mMessage);
+ }
+ }
+
+ data->mErrorHandlerRecursionCount++;
+
+ // Don't want to run the scope's error handler if this is a recursive error or
+ // if we ran out of memory.
+ bool fireAtScope = data->mErrorHandlerRecursionCount == 1 &&
+ report->mErrorNumber != JSMSG_OUT_OF_MEMORY &&
+ JS::CurrentGlobalOrNull(aCx);
+
+ WorkerErrorReport::ReportError(aCx, this, fireAtScope, nullptr,
+ std::move(report), 0, exnStack.exception());
+
+ data->mErrorHandlerRecursionCount--;
+}
+
+// static
+void WorkerPrivate::ReportErrorToConsole(const char* aMessage) {
+ nsTArray<nsString> emptyParams;
+ WorkerPrivate::ReportErrorToConsole(aMessage, emptyParams);
+}
+
+// static
+void WorkerPrivate::ReportErrorToConsole(const char* aMessage,
+ const nsTArray<nsString>& aParams) {
+ WorkerPrivate* wp = nullptr;
+ if (!NS_IsMainThread()) {
+ wp = GetCurrentThreadWorkerPrivate();
+ }
+
+ ReportErrorToConsoleRunnable::Report(wp, aMessage, aParams);
+}
+
+int32_t WorkerPrivate::SetTimeout(JSContext* aCx, TimeoutHandler* aHandler,
+ int32_t aTimeout, bool aIsInterval,
+ Timeout::Reason aReason, ErrorResult& aRv) {
+ auto data = mWorkerThreadAccessible.Access();
+ MOZ_ASSERT(aHandler);
+
+ // Reasons that doesn't support cancellation will get -1 as their ids.
+ int32_t timerId = -1;
+ if (aReason == Timeout::Reason::eTimeoutOrInterval) {
+ timerId = data->mNextTimeoutId;
+ data->mNextTimeoutId += 1;
+ }
+
+ WorkerStatus currentStatus;
+ {
+ MutexAutoLock lock(mMutex);
+ currentStatus = mStatus;
+ }
+
+ // If the worker is trying to call setTimeout/setInterval and the parent
+ // thread has initiated the close process then just silently fail.
+ if (currentStatus >= Closing) {
+ return timerId;
+ }
+
+ auto newInfo = MakeUnique<TimeoutInfo>();
+ newInfo->mReason = aReason;
+ newInfo->mOnChromeWorker = mIsChromeWorker;
+ newInfo->mIsInterval = aIsInterval;
+ newInfo->mId = timerId;
+ if (newInfo->mReason == Timeout::Reason::eTimeoutOrInterval ||
+ newInfo->mReason == Timeout::Reason::eIdleCallbackTimeout) {
+ newInfo->AccumulateNestingLevel(data->mCurrentTimerNestingLevel);
+ }
+
+ if (MOZ_UNLIKELY(timerId == INT32_MAX)) {
+ NS_WARNING("Timeout ids overflowed!");
+ if (aReason == Timeout::Reason::eTimeoutOrInterval) {
+ data->mNextTimeoutId = 1;
+ }
+ }
+
+ newInfo->mHandler = aHandler;
+
+ // See if any of the optional arguments were passed.
+ aTimeout = std::max(0, aTimeout);
+ newInfo->mInterval = TimeDuration::FromMilliseconds(aTimeout);
+ newInfo->CalculateTargetTime();
+
+ const auto& insertedInfo = data->mTimeouts.InsertElementSorted(
+ std::move(newInfo), GetUniquePtrComparator(data->mTimeouts));
+
+ LOG(TimeoutsLog(), ("Worker %p has new timeout: delay=%d interval=%s\n", this,
+ aTimeout, aIsInterval ? "yes" : "no"));
+
+ // If the timeout we just made is set to fire next then we need to update the
+ // timer, unless we're currently running timeouts.
+ if (insertedInfo == data->mTimeouts.Elements() &&
+ !data->mRunningExpiredTimeouts) {
+ if (!data->mTimer) {
+ data->mTimer =
+ NS_NewTimer(GlobalScope()->EventTargetFor(TaskCategory::Timer));
+ if (!data->mTimer) {
+ aRv.Throw(NS_ERROR_UNEXPECTED);
+ return 0;
+ }
+
+ data->mTimerRunnable = new TimerRunnable(this);
+ }
+
+ if (!data->mTimerRunning) {
+ if (!ModifyBusyCountFromWorker(true)) {
+ aRv.Throw(NS_ERROR_FAILURE);
+ return 0;
+ }
+ data->mTimerRunning = true;
+ }
+
+ if (!RescheduleTimeoutTimer(aCx)) {
+ aRv.Throw(NS_ERROR_FAILURE);
+ return 0;
+ }
+ }
+
+ return timerId;
+}
+
+void WorkerPrivate::ClearTimeout(int32_t aId, Timeout::Reason aReason) {
+ MOZ_ASSERT(aReason == Timeout::Reason::eTimeoutOrInterval,
+ "This timeout reason doesn't support cancellation.");
+
+ auto data = mWorkerThreadAccessible.Access();
+
+ if (!data->mTimeouts.IsEmpty()) {
+ NS_ASSERTION(data->mTimerRunning, "Huh?!");
+
+ for (uint32_t index = 0; index < data->mTimeouts.Length(); index++) {
+ const auto& info = data->mTimeouts[index];
+ if (info->mId == aId && info->mReason == aReason) {
+ info->mCanceled = true;
+ break;
+ }
+ }
+ }
+}
+
+bool WorkerPrivate::RunExpiredTimeouts(JSContext* aCx) {
+ auto data = mWorkerThreadAccessible.Access();
+
+ // We may be called recursively (e.g. close() inside a timeout) or we could
+ // have been canceled while this event was pending, bail out if there is
+ // nothing to do.
+ if (data->mRunningExpiredTimeouts || !data->mTimerRunning) {
+ return true;
+ }
+
+ NS_ASSERTION(data->mTimer && data->mTimerRunnable, "Must have a timer!");
+ NS_ASSERTION(!data->mTimeouts.IsEmpty(), "Should have some work to do!");
+
+ bool retval = true;
+
+ auto comparator = GetUniquePtrComparator(data->mTimeouts);
+ JS::Rooted<JSObject*> global(aCx, JS::CurrentGlobalOrNull(aCx));
+
+ // We want to make sure to run *something*, even if the timer fired a little
+ // early. Fudge the value of now to at least include the first timeout.
+ const TimeStamp actual_now = TimeStamp::Now();
+ const TimeStamp now = std::max(actual_now, data->mTimeouts[0]->mTargetTime);
+
+ if (now != actual_now) {
+ LOG(TimeoutsLog(), ("Worker %p fudged timeout by %f ms.\n", this,
+ (now - actual_now).ToMilliseconds()));
+#ifdef DEBUG
+ double microseconds = (now - actual_now).ToMicroseconds();
+ uint32_t allowedEarlyFiringMicroseconds;
+ data->mTimer->GetAllowedEarlyFiringMicroseconds(
+ &allowedEarlyFiringMicroseconds);
+ MOZ_ASSERT(microseconds < allowedEarlyFiringMicroseconds);
+#endif
+ }
+
+ AutoTArray<TimeoutInfo*, 10> expiredTimeouts;
+ for (uint32_t index = 0; index < data->mTimeouts.Length(); index++) {
+ TimeoutInfo* info = data->mTimeouts[index].get();
+ if (info->mTargetTime > now) {
+ break;
+ }
+ expiredTimeouts.AppendElement(info);
+ }
+
+ // Guard against recursion.
+ data->mRunningExpiredTimeouts = true;
+
+ MOZ_DIAGNOSTIC_ASSERT(data->mCurrentTimerNestingLevel == 0);
+
+ // Run expired timeouts.
+ for (uint32_t index = 0; index < expiredTimeouts.Length(); index++) {
+ TimeoutInfo*& info = expiredTimeouts[index];
+ AutoRestore<uint32_t> nestingLevel(data->mCurrentTimerNestingLevel);
+
+ if (info->mCanceled) {
+ continue;
+ }
+
+ // Set current timer nesting level to current running timer handler's
+ // nesting level
+ data->mCurrentTimerNestingLevel = info->mNestingLevel;
+
+ LOG(TimeoutsLog(),
+ ("Worker %p executing timeout with original delay %f ms.\n", this,
+ info->mInterval.ToMilliseconds()));
+
+ // Always check JS_IsExceptionPending if something fails, and if
+ // JS_IsExceptionPending returns false (i.e. uncatchable exception) then
+ // break out of the loop.
+
+ RefPtr<TimeoutHandler> handler(info->mHandler);
+
+ const char* reason;
+ switch (info->mReason) {
+ case Timeout::Reason::eTimeoutOrInterval:
+ if (info->mIsInterval) {
+ reason = "setInterval handler";
+ } else {
+ reason = "setTimeout handler";
+ }
+ break;
+ case Timeout::Reason::eDelayedWebTaskTimeout:
+ reason = "delayedWebTask handler";
+ break;
+ default:
+ MOZ_ASSERT(info->mReason == Timeout::Reason::eAbortSignalTimeout);
+ reason = "AbortSignal Timeout";
+ }
+ if (info->mReason == Timeout::Reason::eTimeoutOrInterval ||
+ info->mReason == Timeout::Reason::eDelayedWebTaskTimeout) {
+ RefPtr<WorkerGlobalScope> scope(this->GlobalScope());
+ CallbackDebuggerNotificationGuard guard(
+ scope, info->mIsInterval
+ ? DebuggerNotificationType::SetIntervalCallback
+ : DebuggerNotificationType::SetTimeoutCallback);
+
+ if (!handler->Call(reason)) {
+ retval = false;
+ break;
+ }
+ } else {
+ MOZ_ASSERT(info->mReason == Timeout::Reason::eAbortSignalTimeout);
+ MOZ_ALWAYS_TRUE(handler->Call(reason));
+ }
+
+ NS_ASSERTION(data->mRunningExpiredTimeouts, "Someone changed this!");
+ }
+
+ // No longer possible to be called recursively.
+ data->mRunningExpiredTimeouts = false;
+
+ // Now remove canceled and expired timeouts from the main list.
+ // NB: The timeouts present in expiredTimeouts must have the same order
+ // with respect to each other in mTimeouts. That is, mTimeouts is just
+ // expiredTimeouts with extra elements inserted. There may be unexpired
+ // timeouts that have been inserted between the expired timeouts if the
+ // timeout event handler called setTimeout/setInterval.
+ for (uint32_t index = 0, expiredTimeoutIndex = 0,
+ expiredTimeoutLength = expiredTimeouts.Length();
+ index < data->mTimeouts.Length();) {
+ const auto& info = data->mTimeouts[index];
+ if ((expiredTimeoutIndex < expiredTimeoutLength &&
+ info == expiredTimeouts[expiredTimeoutIndex] &&
+ ++expiredTimeoutIndex) ||
+ info->mCanceled) {
+ if (info->mIsInterval && !info->mCanceled) {
+ // Reschedule intervals.
+ // Reschedule a timeout, if needed, increase the nesting level.
+ info->AccumulateNestingLevel(info->mNestingLevel);
+ info->CalculateTargetTime();
+ // Don't resort the list here, we'll do that at the end.
+ ++index;
+ } else {
+ data->mTimeouts.RemoveElement(info);
+ }
+ } else {
+ // If info did not match the current entry in expiredTimeouts, it
+ // shouldn't be there at all.
+ NS_ASSERTION(!expiredTimeouts.Contains(info),
+ "Our timeouts are out of order!");
+ ++index;
+ }
+ }
+
+ data->mTimeouts.Sort(comparator);
+
+ // Either signal the parent that we're no longer using timeouts or reschedule
+ // the timer.
+ if (data->mTimeouts.IsEmpty()) {
+ if (!ModifyBusyCountFromWorker(false)) {
+ retval = false;
+ }
+ data->mTimerRunning = false;
+ } else if (retval && !RescheduleTimeoutTimer(aCx)) {
+ retval = false;
+ }
+
+ return retval;
+}
+
+bool WorkerPrivate::RescheduleTimeoutTimer(JSContext* aCx) {
+ auto data = mWorkerThreadAccessible.Access();
+ MOZ_ASSERT(!data->mRunningExpiredTimeouts);
+ NS_ASSERTION(!data->mTimeouts.IsEmpty(), "Should have some timeouts!");
+ NS_ASSERTION(data->mTimer && data->mTimerRunnable, "Should have a timer!");
+
+ // NB: This is important! The timer may have already fired, e.g. if a timeout
+ // callback itself calls setTimeout for a short duration and then takes longer
+ // than that to finish executing. If that has happened, it's very important
+ // that we don't execute the event that is now pending in our event queue, or
+ // our code in RunExpiredTimeouts to "fudge" the timeout value will unleash an
+ // early timeout when we execute the event we're about to queue.
+ data->mTimer->Cancel();
+
+ double delta =
+ (data->mTimeouts[0]->mTargetTime - TimeStamp::Now()).ToMilliseconds();
+ uint32_t delay = delta > 0 ? static_cast<uint32_t>(std::ceil(
+ std::min(delta, double(UINT32_MAX))))
+ : 0;
+
+ LOG(TimeoutsLog(),
+ ("Worker %p scheduled timer for %d ms, %zu pending timeouts\n", this,
+ delay, data->mTimeouts.Length()));
+
+ nsresult rv = data->mTimer->InitWithCallback(data->mTimerRunnable, delay,
+ nsITimer::TYPE_ONE_SHOT);
+ if (NS_FAILED(rv)) {
+ JS_ReportErrorASCII(aCx, "Failed to start timer!");
+ return false;
+ }
+
+ return true;
+}
+
+void WorkerPrivate::StartCancelingTimer() {
+ AssertIsOnParentThread();
+
+ auto errorCleanup = MakeScopeExit([&] { mCancelingTimer = nullptr; });
+
+ MOZ_ASSERT(!mCancelingTimer);
+
+ if (WorkerPrivate* parent = GetParent()) {
+ mCancelingTimer = NS_NewTimer(parent->ControlEventTarget());
+ } else {
+ mCancelingTimer = NS_NewTimer();
+ }
+
+ if (NS_WARN_IF(!mCancelingTimer)) {
+ return;
+ }
+
+ // This is not needed if we are already in an advanced shutdown state.
+ {
+ MutexAutoLock lock(mMutex);
+ if (ParentStatus() >= Canceling) {
+ return;
+ }
+ }
+
+ uint32_t cancelingTimeoutMillis =
+ StaticPrefs::dom_worker_canceling_timeoutMilliseconds();
+
+ RefPtr<CancelingTimerCallback> callback = new CancelingTimerCallback(this);
+ nsresult rv = mCancelingTimer->InitWithCallback(
+ callback, cancelingTimeoutMillis, nsITimer::TYPE_ONE_SHOT);
+ if (NS_WARN_IF(NS_FAILED(rv))) {
+ return;
+ }
+
+ errorCleanup.release();
+}
+
+void WorkerPrivate::UpdateContextOptionsInternal(
+ JSContext* aCx, const JS::ContextOptions& aContextOptions) {
+ auto data = mWorkerThreadAccessible.Access();
+
+ JS::ContextOptionsRef(aCx) = aContextOptions;
+
+ for (uint32_t index = 0; index < data->mChildWorkers.Length(); index++) {
+ data->mChildWorkers[index]->UpdateContextOptions(aContextOptions);
+ }
+}
+
+void WorkerPrivate::UpdateLanguagesInternal(
+ const nsTArray<nsString>& aLanguages) {
+ WorkerGlobalScope* globalScope = GlobalScope();
+ RefPtr<WorkerNavigator> nav = globalScope->GetExistingNavigator();
+ if (nav) {
+ nav->SetLanguages(aLanguages);
+ }
+
+ auto data = mWorkerThreadAccessible.Access();
+ for (uint32_t index = 0; index < data->mChildWorkers.Length(); index++) {
+ data->mChildWorkers[index]->UpdateLanguages(aLanguages);
+ }
+
+ RefPtr<Event> event = NS_NewDOMEvent(globalScope, nullptr, nullptr);
+
+ event->InitEvent(u"languagechange"_ns, false, false);
+ event->SetTrusted(true);
+
+ globalScope->DispatchEvent(*event);
+}
+
+void WorkerPrivate::UpdateJSWorkerMemoryParameterInternal(
+ JSContext* aCx, JSGCParamKey aKey, Maybe<uint32_t> aValue) {
+ auto data = mWorkerThreadAccessible.Access();
+
+ if (aValue) {
+ JS_SetGCParameter(aCx, aKey, *aValue);
+ } else {
+ JS_ResetGCParameter(aCx, aKey);
+ }
+
+ for (uint32_t index = 0; index < data->mChildWorkers.Length(); index++) {
+ data->mChildWorkers[index]->UpdateJSWorkerMemoryParameter(aKey, aValue);
+ }
+}
+
+#ifdef JS_GC_ZEAL
+void WorkerPrivate::UpdateGCZealInternal(JSContext* aCx, uint8_t aGCZeal,
+ uint32_t aFrequency) {
+ auto data = mWorkerThreadAccessible.Access();
+
+ JS_SetGCZeal(aCx, aGCZeal, aFrequency);
+
+ for (uint32_t index = 0; index < data->mChildWorkers.Length(); index++) {
+ data->mChildWorkers[index]->UpdateGCZeal(aGCZeal, aFrequency);
+ }
+}
+#endif
+
+void WorkerPrivate::SetLowMemoryStateInternal(JSContext* aCx, bool aState) {
+ auto data = mWorkerThreadAccessible.Access();
+
+ JS::SetLowMemoryState(aCx, aState);
+
+ for (uint32_t index = 0; index < data->mChildWorkers.Length(); index++) {
+ data->mChildWorkers[index]->SetLowMemoryState(aState);
+ }
+}
+
+void WorkerPrivate::SetCCCollectedAnything(bool collectedAnything) {
+ mWorkerThreadAccessible.Access()->mCCCollectedAnything = collectedAnything;
+}
+
+bool WorkerPrivate::isLastCCCollectedAnything() {
+ return mWorkerThreadAccessible.Access()->mCCCollectedAnything;
+}
+
+void WorkerPrivate::GarbageCollectInternal(JSContext* aCx, bool aShrinking,
+ bool aCollectChildren) {
+ // Perform GC followed by CC (the CC is triggered by
+ // WorkerJSRuntime::CustomGCCallback at the end of the collection).
+
+ auto data = mWorkerThreadAccessible.Access();
+
+ if (!GlobalScope()) {
+ // We haven't compiled anything yet. Just bail out.
+ return;
+ }
+
+ if (aShrinking || aCollectChildren) {
+ JS::PrepareForFullGC(aCx);
+
+ if (aShrinking && mSyncLoopStack.IsEmpty()) {
+ JS::NonIncrementalGC(aCx, JS::GCOptions::Shrink,
+ JS::GCReason::DOM_WORKER);
+
+ // Check whether the CC collected anything and if so GC again. This is
+ // necessary to collect all garbage.
+ if (data->mCCCollectedAnything) {
+ JS::NonIncrementalGC(aCx, JS::GCOptions::Normal,
+ JS::GCReason::DOM_WORKER);
+ }
+
+ if (!aCollectChildren) {
+ LOG(WorkerLog(), ("Worker %p collected idle garbage\n", this));
+ }
+ } else {
+ JS::NonIncrementalGC(aCx, JS::GCOptions::Normal,
+ JS::GCReason::DOM_WORKER);
+ LOG(WorkerLog(), ("Worker %p collected garbage\n", this));
+ }
+ } else {
+ JS_MaybeGC(aCx);
+ LOG(WorkerLog(), ("Worker %p collected periodic garbage\n", this));
+ }
+
+ if (aCollectChildren) {
+ for (uint32_t index = 0; index < data->mChildWorkers.Length(); index++) {
+ data->mChildWorkers[index]->GarbageCollect(aShrinking);
+ }
+ }
+}
+
+void WorkerPrivate::CycleCollectInternal(bool aCollectChildren) {
+ auto data = mWorkerThreadAccessible.Access();
+
+ nsCycleCollector_collect(CCReason::WORKER, nullptr);
+
+ if (aCollectChildren) {
+ for (uint32_t index = 0; index < data->mChildWorkers.Length(); index++) {
+ data->mChildWorkers[index]->CycleCollect();
+ }
+ }
+}
+
+void WorkerPrivate::MemoryPressureInternal() {
+ auto data = mWorkerThreadAccessible.Access();
+
+ if (data->mScope) {
+ RefPtr<Console> console = data->mScope->GetConsoleIfExists();
+ if (console) {
+ console->ClearStorage();
+ }
+
+ RefPtr<Performance> performance = data->mScope->GetPerformanceIfExists();
+ if (performance) {
+ performance->MemoryPressure();
+ }
+
+ data->mScope->RemoveReportRecords();
+ }
+
+ if (data->mDebuggerScope) {
+ RefPtr<Console> console = data->mDebuggerScope->GetConsoleIfExists();
+ if (console) {
+ console->ClearStorage();
+ }
+ }
+
+ for (uint32_t index = 0; index < data->mChildWorkers.Length(); index++) {
+ data->mChildWorkers[index]->MemoryPressure();
+ }
+}
+
+void WorkerPrivate::SetThread(WorkerThread* aThread) {
+ if (aThread) {
+#ifdef DEBUG
+ {
+ bool isOnCurrentThread;
+ MOZ_ASSERT(NS_SUCCEEDED(aThread->IsOnCurrentThread(&isOnCurrentThread)));
+ MOZ_ASSERT(!isOnCurrentThread);
+ }
+#endif
+
+ MOZ_ASSERT(!mPRThread);
+ mPRThread = PRThreadFromThread(aThread);
+ MOZ_ASSERT(mPRThread);
+
+ mWorkerThreadAccessible.Transfer(mPRThread);
+ } else {
+ MOZ_ASSERT(mPRThread);
+ }
+}
+
+void WorkerPrivate::SetWorkerPrivateInWorkerThread(
+ WorkerThread* const aThread) {
+ MutexAutoLock lock(mMutex);
+
+ MOZ_ASSERT(!mThread);
+ MOZ_ASSERT(mStatus == Pending);
+
+ mThread = aThread;
+ mThread->SetWorker(WorkerThreadFriendKey{}, this);
+
+ if (!mPreStartRunnables.IsEmpty()) {
+ for (uint32_t index = 0; index < mPreStartRunnables.Length(); index++) {
+ MOZ_ALWAYS_SUCCEEDS(mThread->DispatchAnyThread(
+ WorkerThreadFriendKey{}, mPreStartRunnables[index].forget()));
+ }
+ mPreStartRunnables.Clear();
+ }
+}
+
+void WorkerPrivate::ResetWorkerPrivateInWorkerThread() {
+ RefPtr<WorkerThread> doomedThread;
+
+ // Release the mutex before doomedThread.
+ MutexAutoLock lock(mMutex);
+
+ MOZ_ASSERT(mThread);
+
+ mThread->SetWorker(WorkerThreadFriendKey{}, nullptr);
+ mThread.swap(doomedThread);
+}
+
+void WorkerPrivate::BeginCTypesCall() {
+ AssertIsOnWorkerThread();
+ auto data = mWorkerThreadAccessible.Access();
+
+ // Don't try to GC while we're blocked in a ctypes call.
+ SetGCTimerMode(NoTimer);
+
+ data->mYieldJSThreadExecution.EmplaceBack();
+}
+
+void WorkerPrivate::EndCTypesCall() {
+ AssertIsOnWorkerThread();
+ auto data = mWorkerThreadAccessible.Access();
+
+ data->mYieldJSThreadExecution.RemoveLastElement();
+
+ // Make sure the periodic timer is running before we start running JS again.
+ SetGCTimerMode(PeriodicTimer);
+}
+
+void WorkerPrivate::BeginCTypesCallback() {
+ AssertIsOnWorkerThread();
+
+ // Make sure the periodic timer is running before we start running JS again.
+ SetGCTimerMode(PeriodicTimer);
+
+ // Re-requesting execution is not needed since the JSRuntime code calling
+ // this will do an AutoEntryScript.
+}
+
+void WorkerPrivate::EndCTypesCallback() {
+ AssertIsOnWorkerThread();
+
+ // Don't try to GC while we're blocked in a ctypes call.
+ SetGCTimerMode(NoTimer);
+}
+
+bool WorkerPrivate::ConnectMessagePort(JSContext* aCx,
+ UniqueMessagePortId& aIdentifier) {
+ AssertIsOnWorkerThread();
+
+ WorkerGlobalScope* globalScope = GlobalScope();
+
+ JS::Rooted<JSObject*> jsGlobal(aCx, globalScope->GetWrapper());
+ MOZ_ASSERT(jsGlobal);
+
+ // This UniqueMessagePortId is used to create a new port, still connected
+ // with the other one, but in the worker thread.
+ ErrorResult rv;
+ RefPtr<MessagePort> port = MessagePort::Create(globalScope, aIdentifier, rv);
+ if (NS_WARN_IF(rv.Failed())) {
+ rv.SuppressException();
+ return false;
+ }
+
+ GlobalObject globalObject(aCx, jsGlobal);
+ if (globalObject.Failed()) {
+ return false;
+ }
+
+ RootedDictionary<MessageEventInit> init(aCx);
+ init.mData = JS_GetEmptyStringValue(aCx);
+ init.mBubbles = false;
+ init.mCancelable = false;
+ init.mSource.SetValue().SetAsMessagePort() = port;
+ if (!init.mPorts.AppendElement(port.forget(), fallible)) {
+ return false;
+ }
+
+ RefPtr<MessageEvent> event =
+ MessageEvent::Constructor(globalObject, u"connect"_ns, init);
+
+ event->SetTrusted(true);
+
+ globalScope->DispatchEvent(*event);
+
+ return true;
+}
+
+WorkerGlobalScope* WorkerPrivate::GetOrCreateGlobalScope(JSContext* aCx) {
+ auto data = mWorkerThreadAccessible.Access();
+
+ if (data->mScope) {
+ return data->mScope;
+ }
+
+ bool rfp = mLoadInfo.mShouldResistFingerprinting;
+
+ if (IsSharedWorker()) {
+ data->mScope = new SharedWorkerGlobalScope(this, CreateClientSource(),
+ WorkerName(), rfp);
+ } else if (IsServiceWorker()) {
+ data->mScope = new ServiceWorkerGlobalScope(
+ this, CreateClientSource(), GetServiceWorkerRegistrationDescriptor(),
+ rfp);
+ } else {
+ data->mScope = new DedicatedWorkerGlobalScope(this, CreateClientSource(),
+ WorkerName(), rfp);
+ }
+
+ JS::Rooted<JSObject*> global(aCx);
+ NS_ENSURE_TRUE(data->mScope->WrapGlobalObject(aCx, &global), nullptr);
+
+ JSAutoRealm ar(aCx, global);
+
+ if (!RegisterBindings(aCx, global)) {
+ data->mScope = nullptr;
+ return nullptr;
+ }
+
+ JS_FireOnNewGlobalObject(aCx, global);
+
+ return data->mScope;
+}
+
+WorkerDebuggerGlobalScope* WorkerPrivate::CreateDebuggerGlobalScope(
+ JSContext* aCx) {
+ auto data = mWorkerThreadAccessible.Access();
+ MOZ_ASSERT(!data->mDebuggerScope);
+
+ // The debugger global gets a dummy client, not the "real" client used by the
+ // debugee worker.
+ auto clientSource = ClientManager::CreateSource(
+ GetClientType(), HybridEventTarget(), NullPrincipalInfo());
+
+ bool rfp = false; // The debugger for a worker can exempt RFP; it is not
+ // client-exposed
+ data->mDebuggerScope =
+ new WorkerDebuggerGlobalScope(this, std::move(clientSource), rfp);
+
+ JS::Rooted<JSObject*> global(aCx);
+ NS_ENSURE_TRUE(data->mDebuggerScope->WrapGlobalObject(aCx, &global), nullptr);
+
+ JSAutoRealm ar(aCx, global);
+
+ if (!RegisterDebuggerBindings(aCx, global)) {
+ data->mDebuggerScope = nullptr;
+ return nullptr;
+ }
+
+ JS_FireOnNewGlobalObject(aCx, global);
+
+ return data->mDebuggerScope;
+}
+
+bool WorkerPrivate::IsOnWorkerThread() const {
+ // We can't use mThread because it must be protected by mMutex and sometimes
+ // this method is called when mMutex is already locked. This method should
+ // always work.
+ MOZ_ASSERT(mPRThread,
+ "AssertIsOnWorkerThread() called before a thread was assigned!");
+
+ return mPRThread == PR_GetCurrentThread();
+}
+
+#ifdef DEBUG
+void WorkerPrivate::AssertIsOnWorkerThread() const {
+ MOZ_ASSERT(IsOnWorkerThread());
+}
+#endif // DEBUG
+
+void WorkerPrivate::DumpCrashInformation(nsACString& aString) {
+ auto data = mWorkerThreadAccessible.Access();
+
+ aString.Append("IsChromeWorker(");
+ if (IsChromeWorker()) {
+ aString.Append(NS_ConvertUTF16toUTF8(ScriptURL()));
+ } else {
+ aString.Append("false");
+ }
+ aString.Append(")");
+ for (const auto* workerRef : data->mWorkerRefs.NonObservingRange()) {
+ if (workerRef->IsPreventingShutdown()) {
+ aString.Append("|");
+ aString.Append(workerRef->Name());
+ }
+ }
+}
+
+PerformanceStorage* WorkerPrivate::GetPerformanceStorage() {
+ MOZ_ASSERT(mPerformanceStorage);
+ return mPerformanceStorage;
+}
+
+void WorkerPrivate::SetRemoteWorkerController(RemoteWorkerChild* aController) {
+ AssertIsOnMainThread();
+ MOZ_ASSERT(aController);
+ MOZ_ASSERT(!mRemoteWorkerController);
+
+ mRemoteWorkerController = aController;
+}
+
+RemoteWorkerChild* WorkerPrivate::GetRemoteWorkerController() {
+ AssertIsOnMainThread();
+ MOZ_ASSERT(mRemoteWorkerController);
+ return mRemoteWorkerController;
+}
+
+RefPtr<GenericPromise> WorkerPrivate::SetServiceWorkerSkipWaitingFlag() {
+ AssertIsOnWorkerThread();
+ MOZ_ASSERT(IsServiceWorker());
+
+ RefPtr<RemoteWorkerChild> rwc = mRemoteWorkerController;
+
+ if (!rwc) {
+ return GenericPromise::CreateAndReject(NS_ERROR_DOM_ABORT_ERR, __func__);
+ }
+
+ RefPtr<GenericPromise> promise =
+ rwc->MaybeSendSetServiceWorkerSkipWaitingFlag();
+
+ return promise;
+}
+
+const nsAString& WorkerPrivate::Id() {
+ AssertIsOnMainThread();
+
+ if (mId.IsEmpty()) {
+ mId = ComputeWorkerPrivateId();
+ }
+
+ MOZ_ASSERT(!mId.IsEmpty());
+
+ return mId;
+}
+
+bool WorkerPrivate::IsSharedMemoryAllowed() const {
+ if (StaticPrefs::
+ dom_postMessage_sharedArrayBuffer_bypassCOOP_COEP_insecure_enabled()) {
+ return true;
+ }
+
+ if (mIsPrivilegedAddonGlobal) {
+ return true;
+ }
+
+ return CrossOriginIsolated();
+}
+
+bool WorkerPrivate::CrossOriginIsolated() const {
+ if (!StaticPrefs::
+ dom_postMessage_sharedArrayBuffer_withCOOP_COEP_AtStartup()) {
+ return false;
+ }
+
+ return mAgentClusterOpenerPolicy ==
+ nsILoadInfo::OPENER_POLICY_SAME_ORIGIN_EMBEDDER_POLICY_REQUIRE_CORP;
+}
+
+nsILoadInfo::CrossOriginEmbedderPolicy WorkerPrivate::GetEmbedderPolicy()
+ const {
+ if (!StaticPrefs::browser_tabs_remote_useCrossOriginEmbedderPolicy()) {
+ return nsILoadInfo::EMBEDDER_POLICY_NULL;
+ }
+
+ return mEmbedderPolicy.valueOr(nsILoadInfo::EMBEDDER_POLICY_NULL);
+}
+
+Result<Ok, nsresult> WorkerPrivate::SetEmbedderPolicy(
+ nsILoadInfo::CrossOriginEmbedderPolicy aPolicy) {
+ MOZ_ASSERT(NS_IsMainThread());
+ MOZ_ASSERT(mEmbedderPolicy.isNothing());
+
+ if (!StaticPrefs::browser_tabs_remote_useCrossOriginEmbedderPolicy()) {
+ return Ok();
+ }
+
+ // https://html.spec.whatwg.org/multipage/browsers.html#check-a-global-object's-embedder-policy
+ // If ownerPolicy's value is not compatible with cross-origin isolation or
+ // policy's value is compatible with cross-origin isolation, then return true.
+ EnsureOwnerEmbedderPolicy();
+ nsILoadInfo::CrossOriginEmbedderPolicy ownerPolicy =
+ mOwnerEmbedderPolicy.valueOr(nsILoadInfo::EMBEDDER_POLICY_NULL);
+ if (nsContentSecurityManager::IsCompatibleWithCrossOriginIsolation(
+ ownerPolicy) &&
+ !nsContentSecurityManager::IsCompatibleWithCrossOriginIsolation(
+ aPolicy)) {
+ return Err(NS_ERROR_BLOCKED_BY_POLICY);
+ }
+
+ mEmbedderPolicy.emplace(aPolicy);
+
+ return Ok();
+}
+
+void WorkerPrivate::InheritOwnerEmbedderPolicyOrNull(nsIRequest* aRequest) {
+ MOZ_ASSERT(NS_IsMainThread());
+ MOZ_ASSERT(aRequest);
+
+ EnsureOwnerEmbedderPolicy();
+
+ if (mOwnerEmbedderPolicy.isSome()) {
+ nsCOMPtr<nsIChannel> channel = do_QueryInterface(aRequest);
+ MOZ_ASSERT(channel);
+
+ nsCOMPtr<nsIURI> scriptURI;
+ MOZ_ALWAYS_SUCCEEDS(channel->GetURI(getter_AddRefs(scriptURI)));
+
+ bool isLocalScriptURI = false;
+ MOZ_ALWAYS_SUCCEEDS(NS_URIChainHasFlags(
+ scriptURI, nsIProtocolHandler::URI_IS_LOCAL_RESOURCE,
+ &isLocalScriptURI));
+
+ MOZ_RELEASE_ASSERT(isLocalScriptURI);
+ }
+
+ mEmbedderPolicy.emplace(
+ mOwnerEmbedderPolicy.valueOr(nsILoadInfo::EMBEDDER_POLICY_NULL));
+}
+
+bool WorkerPrivate::MatchEmbedderPolicy(
+ nsILoadInfo::CrossOriginEmbedderPolicy aPolicy) const {
+ MOZ_ASSERT(NS_IsMainThread());
+
+ if (!StaticPrefs::browser_tabs_remote_useCrossOriginEmbedderPolicy()) {
+ return true;
+ }
+
+ return mEmbedderPolicy.value() == aPolicy;
+}
+
+nsILoadInfo::CrossOriginEmbedderPolicy WorkerPrivate::GetOwnerEmbedderPolicy()
+ const {
+ if (!StaticPrefs::browser_tabs_remote_useCrossOriginEmbedderPolicy()) {
+ return nsILoadInfo::EMBEDDER_POLICY_NULL;
+ }
+
+ return mOwnerEmbedderPolicy.valueOr(nsILoadInfo::EMBEDDER_POLICY_NULL);
+}
+
+void WorkerPrivate::EnsureOwnerEmbedderPolicy() {
+ MOZ_ASSERT(NS_IsMainThread());
+ MOZ_ASSERT(mOwnerEmbedderPolicy.isNothing());
+
+ if (GetParent()) {
+ mOwnerEmbedderPolicy.emplace(GetParent()->GetEmbedderPolicy());
+ } else if (GetWindow() && GetWindow()->GetWindowContext()) {
+ mOwnerEmbedderPolicy.emplace(
+ GetWindow()->GetWindowContext()->GetEmbedderPolicy());
+ }
+}
+
+nsIPrincipal* WorkerPrivate::GetEffectiveStoragePrincipal() const {
+ AssertIsOnWorkerThread();
+
+ if (mLoadInfo.mUseRegularPrincipal) {
+ return mLoadInfo.mPrincipal;
+ }
+
+ return mLoadInfo.mPartitionedPrincipal;
+}
+
+const mozilla::ipc::PrincipalInfo&
+WorkerPrivate::GetEffectiveStoragePrincipalInfo() const {
+ AssertIsOnWorkerThread();
+
+ if (mLoadInfo.mUseRegularPrincipal) {
+ return *mLoadInfo.mPrincipalInfo;
+ }
+
+ return *mLoadInfo.mPartitionedPrincipalInfo;
+}
+
+NS_IMPL_ADDREF(WorkerPrivate::EventTarget)
+NS_IMPL_RELEASE(WorkerPrivate::EventTarget)
+
+NS_INTERFACE_MAP_BEGIN(WorkerPrivate::EventTarget)
+ NS_INTERFACE_MAP_ENTRY(nsISerialEventTarget)
+ NS_INTERFACE_MAP_ENTRY(nsIEventTarget)
+ NS_INTERFACE_MAP_ENTRY(nsISupports)
+#ifdef DEBUG
+ // kDEBUGWorkerEventTargetIID is special in that it does not AddRef its
+ // result.
+ if (aIID.Equals(kDEBUGWorkerEventTargetIID)) {
+ *aInstancePtr = this;
+ return NS_OK;
+ } else
+#endif
+NS_INTERFACE_MAP_END
+
+NS_IMETHODIMP
+WorkerPrivate::EventTarget::DispatchFromScript(nsIRunnable* aRunnable,
+ uint32_t aFlags) {
+ nsCOMPtr<nsIRunnable> event(aRunnable);
+ return Dispatch(event.forget(), aFlags);
+}
+
+NS_IMETHODIMP
+WorkerPrivate::EventTarget::Dispatch(already_AddRefed<nsIRunnable> aRunnable,
+ uint32_t aFlags) {
+ // May be called on any thread!
+ nsCOMPtr<nsIRunnable> event(aRunnable);
+
+ // Workers only support asynchronous dispatch for now.
+ if (NS_WARN_IF(aFlags != NS_DISPATCH_NORMAL)) {
+ return NS_ERROR_UNEXPECTED;
+ }
+
+ RefPtr<WorkerRunnable> workerRunnable;
+
+ MutexAutoLock lock(mMutex);
+
+ if (mDisabled) {
+ NS_WARNING(
+ "A runnable was posted to a worker that is already shutting "
+ "down!");
+ return NS_ERROR_UNEXPECTED;
+ }
+
+ MOZ_ASSERT(mWorkerPrivate);
+ MOZ_ASSERT(mNestedEventTarget);
+
+ if (event) {
+ workerRunnable = mWorkerPrivate->MaybeWrapAsWorkerRunnable(event.forget());
+ }
+
+ nsresult rv =
+ mWorkerPrivate->Dispatch(workerRunnable.forget(), mNestedEventTarget);
+ if (NS_WARN_IF(NS_FAILED(rv))) {
+ return rv;
+ }
+
+ return NS_OK;
+}
+
+NS_IMETHODIMP
+WorkerPrivate::EventTarget::DelayedDispatch(already_AddRefed<nsIRunnable>,
+ uint32_t)
+
+{
+ return NS_ERROR_NOT_IMPLEMENTED;
+}
+
+NS_IMETHODIMP
+WorkerPrivate::EventTarget::RegisterShutdownTask(nsITargetShutdownTask* aTask) {
+ return NS_ERROR_NOT_IMPLEMENTED;
+}
+
+NS_IMETHODIMP
+WorkerPrivate::EventTarget::UnregisterShutdownTask(
+ nsITargetShutdownTask* aTask) {
+ return NS_ERROR_NOT_IMPLEMENTED;
+}
+
+NS_IMETHODIMP
+WorkerPrivate::EventTarget::IsOnCurrentThread(bool* aIsOnCurrentThread) {
+ // May be called on any thread!
+
+ MOZ_ASSERT(aIsOnCurrentThread);
+
+ MutexAutoLock lock(mMutex);
+
+ if (mShutdown) {
+ NS_WARNING(
+ "A worker's event target was used after the worker has shutdown!");
+ return NS_ERROR_UNEXPECTED;
+ }
+
+ MOZ_ASSERT(mNestedEventTarget);
+
+ *aIsOnCurrentThread = mNestedEventTarget->IsOnCurrentThread();
+ return NS_OK;
+}
+
+NS_IMETHODIMP_(bool)
+WorkerPrivate::EventTarget::IsOnCurrentThreadInfallible() {
+ // May be called on any thread!
+
+ MutexAutoLock lock(mMutex);
+
+ if (mShutdown) {
+ NS_WARNING(
+ "A worker's event target was used after the worker has shutdown!");
+ return false;
+ }
+
+ MOZ_ASSERT(mNestedEventTarget);
+
+ return mNestedEventTarget->IsOnCurrentThread();
+}
+
+WorkerPrivate::AutoPushEventLoopGlobal::AutoPushEventLoopGlobal(
+ WorkerPrivate* aWorkerPrivate, JSContext* aCx)
+ : mWorkerPrivate(aWorkerPrivate) {
+ auto data = mWorkerPrivate->mWorkerThreadAccessible.Access();
+ mOldEventLoopGlobal = std::move(data->mCurrentEventLoopGlobal);
+ if (JSObject* global = JS::CurrentGlobalOrNull(aCx)) {
+ data->mCurrentEventLoopGlobal = xpc::NativeGlobal(global);
+ }
+}
+
+WorkerPrivate::AutoPushEventLoopGlobal::~AutoPushEventLoopGlobal() {
+ auto data = mWorkerPrivate->mWorkerThreadAccessible.Access();
+ data->mCurrentEventLoopGlobal = std::move(mOldEventLoopGlobal);
+}
+
+} // namespace dom
+} // namespace mozilla