| blob | 67540b4ac8029e40aabd8402e6a2f1cc4f4a2573 |
1 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*-
2 * vim: sw=2 ts=4 et :
3 */
4 /* This Source Code Form is subject to the terms of the Mozilla Public
5 * License, v. 2.0. If a copy of the MPL was not distributed with this
6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
8 #ifndef ipc_glue_MessageChannel_h
9 #define ipc_glue_MessageChannel_h
17 #if defined(XP_WIN)
21 #include <functional>
22 #include <map>
23 #include <stack>
24 #include <vector>
30 #ifdef FUZZING_SNAPSHOT
32 #endif
39 }
54 }
60 };
63 eSending,
64 eReceiving,
65 };
68 Endpoint,
69 TransferStart,
70 TransferEnd,
71 };
74 SendSuccess,
75 PreviousTimeout,
76 SendingCPOWWhileDispatchingSync,
77 SendingCPOWWhileDispatchingUrgent,
78 NotConnectedBeforeSend,
79 DisconnectedDuringSend,
80 CancelledBeforeSend,
81 CancelledAfterSend,
82 TimedOut,
83 ReplyError,
84 };
87 SendError,
88 ChannelClosed,
89 HandlerRejected,
90 ActorDestroyed,
91 ResolverDestroyed,
92 EndGuard_,
93 };
101 ChannelClosed,
102 ChannelConnected,
103 ChannelClosing,
104 ChannelError
105 };
130 RejectCallback mReject;
131 };
143 };
159 // Returns the event target which the worker lives on and must be used for
160 // operations on the current thread. Only safe to access after the
161 // MessageChannel has been opened.
164 // "Open" a connection using an existing ScopedPort. The ScopedPort must be
165 // valid and connected to a remote.
166 //
167 // The `aEventTarget` parameter must be on the current thread.
171 // "Open" a connection to another thread in the same process.
172 //
173 // Returns true if the transport layer was successfully connected,
174 // i.e., mChannelState == ChannelConnected.
175 //
176 // For more details on the process of opening a channel between
177 // threads, see the extended comment on this function
178 // in MessageChannel.cpp.
180 Side aSide);
182 // "Open" a connection to an actor on the current thread.
183 //
184 // Returns true if the transport layer was successfully connected,
185 // i.e., mChannelState == ChannelConnected.
186 //
187 // Same-thread channels may not perform synchronous or blocking message
188 // sends, to avoid deadlocks.
191 /**
192 * This sends a special message that is processed on the IO thread, so that
193 * other actors can know that the process will soon shutdown.
194 */
197 // Close the underlying transport channel.
200 // Induce an error in this MessageChannel's connection.
201 //
202 // After this method is called, no more message notifications will be
203 // delivered to the listener, and the channel will be unable to send or
204 // receive future messages, as if the peer dropped the connection
205 // unexpectedly.
206 //
207 // The OnChannelError notification will be delivered either asynchronously or
208 // during an explicit call to Close(), whichever happens first.
209 //
210 // NOTE: If SetAbortOnError(true) has been called on this MessageChannel,
211 // calling this function will immediately exit the current process.
217 }
219 // Call aInvoke for each pending message until it returns false.
220 // XXX: You must get permission from an IPC peer to use this function
221 // since it requires custom deserialization and re-orders events.
225 // Misc. behavioral traits consumers can request for this channel
228 // Windows: if this channel operates on the UI thread, indicates
229 // WindowsMessageLoop code should enable deferred native message
230 // handling to prevent deadlocks. Should only be used for protocols
231 // that manage child processes which might create native UI, like
232 // plugins.
234 };
238 // Asynchronously send a message to the other side of the channel
241 // Asynchronously send a message to the other side of the channel
242 // and wait for asynchronous reply.
252 }
258 gUnresolvedResponses++;
259 }
266 }
268 // Synchronously send |aMsg| (i.e., wait for |aReply|)
274 // Remove and return a callback that needs reply
278 // Used to reject and remove pending responses owned by the given
279 // actor when it's about to be destroyed.
282 // If sending a sync message returns an error, this function gives a more
283 // descriptive error message.
287 }
295 // IsClosed and NumQueuedMessages are safe to call from any thread, but
296 // may provide an out-of-date value.
300 }
304 }
309 }
311 /**
312 * Does this MessageChannel currently cross process boundaries?
313 */
320 }
322 #ifdef FUZZING_SNAPSHOT
326 }
327 #endif
329 #ifdef XP_WIN
338 // The previous stack frame for this channel.
341 // The previous stack frame on any channel.
343 };
349 }
351 }
354 // The deepest sync stack frame for this channel.
359 // The deepest sync stack frame on any channel.
394 // Dispatches an incoming message to its appropriate handler.
398 // DispatchMessage will route to one of these functions depending on the
399 // protocol type of the message.
405 // Return true if the wait ended because a notification was received.
406 //
407 // Return false if the time elapsed from when we started the process of
408 // waiting until afterwards exceeded the currently allotted timeout.
409 // That *DOES NOT* mean false => "no event" (== timeout); there are many
410 // circumstances that could cause the measured elapsed time to exceed the
411 // timeout EVEN WHEN we were notified.
412 //
413 // So in sum: true is a meaningful return value; false isn't,
414 // necessarily.
429 }
438 // Returns true if we're dispatching an async message's callback.
442 }
447 }
449 // Check if there is still a live connection to our peer. This may change to
450 // `false` at any time due to the connection to our peer being closed or
451 // dropped (e.g. due to a crash).
454 // Check if there is either still a live connection to our peer, or we have
455 // received a `Goodbye` from our peer, and are actively shutting down our
456 // connection with our peer.
460 // Executed on the IO thread.
463 // Return true if |aMsg| is a special message targeted at the IO
464 // thread, in which case it shouldn't be delivered to the worker.
468 // Returns true if ShouldDeferMessage(aMsg) is guaranteed to return true.
469 // Otherwise, the result of ShouldDeferMessage(aMsg) may be true or false,
470 // depending on context.
473 // Helper for sending a message via the link. If the message is [LazySend], it
474 // will be queued, and if the message is not-[LazySend], it will flush any
475 // pending [LazySend] messages.
478 // Called to flush [LazySend] messages to the link.
488 // Clear this channel, and notify the listener that the channel has either
489 // closed or errored.
490 //
491 // These methods must be called on the worker thread, passing in a
492 // `ReleasableMonitorAutoLock`. This lock guard will be reset before the
493 // listener is called, allowing for the monitor to be unlocked before the
494 // MessageChannel is potentially destroyed.
505 }
517 NS_DECL_ISUPPORTS_INHERITED
522 NS_DECL_NSIRUNNABLEIPCMESSAGETYPE
528 }
533 }
537 }
542 }
551 }
553 // The connected MessageChannel's monitor. Guards `mChannel` and
554 // `mScheduled`.
556 // The channel which this MessageTask is associated with. Only valid while
557 // `mMonitor` is held, and this MessageTask `isInList()`.
562 #ifdef FUZZING_SNAPSHOT
565 #endif
566 };
574 NS_DECL_THREADSAFE_ISUPPORTS
586 // Cleared by MessageChannel before it is destroyed.
588 };
594 NS_DECL_ISUPPORTS_INHERITED
605 // Cleared by MessageChannel before it is destroyed.
608 // LazySend messages which haven't been sent yet, but will be sent as soon
609 // as a non-LazySend message is sent, or this runnable is executed.
611 };
618 // This will be a string literal, so lifetime is not an issue.
621 // ID for each MessageChannel. Set when it is opened, and never cleared
622 // afterwards.
623 //
624 // This ID is only intended for diagnostics, debugging, and reporting
625 // purposes, and shouldn't be used for message routing or permissions checks.
628 // Based on presumption the listener owns and overlives the channel,
629 // this is never nullified.
632 // This monitor guards all state in this MessageChannel, except where
633 // otherwise noted. It is refcounted so a reference to it can be shared with
634 // IPC listener objects which need to access weak references to this
635 // `MessageChannel`.
643 // NotifyMaybeChannelError runnable
646 // Thread we are allowed to send and receive on. Set in Open(); never
647 // changed, and we can only call Open() once. We shouldn't be accessing
648 // from multiple threads before Open().
651 // Shutdown task to close the channel before mWorkerThread goes away.
654 // Task to force sending lazy messages when mQueuedLazyMessages is non-empty.
658 // Timeout periods are broken up in two to prevent system suspension from
659 // triggering an abort. This method (called by WaitForEvent with a 'did
660 // timeout' flag) decides if we should wait again for half of mTimeoutMs
661 // or give up.
662 // only accessed on WorkerThread
666 // Worker-thread only; sequence numbers for messages that require
667 // replies.
672 // If ::Send returns false, this gives a more descriptive error.
681 }
683 // The value may have been zeroed if the transaction was
684 // canceled. In that case we shouldn't return it to its previous
685 // value.
688 }
689 }
693 T mPrev;
694 T mNew;
695 };
700 // When we send an urgent request from the parent process, we could race
701 // with an RPC message that was issued by the child beforehand. In this
702 // case, if the parent were to wake up while waiting for the urgent reply,
703 // and process the RPC, it could send an additional urgent message. The
704 // child would wake up to process the urgent message (as it always will),
705 // then send a reply, which could be received by the parent out-of-order
706 // with respect to the first urgent reply.
707 //
708 // To address this problem, urgent or RPC requests are associated with a
709 // "transaction". Whenever one side of the channel wishes to start a
710 // chain of RPC/urgent messages, it allocates a new transaction ID. Any
711 // messages the parent receives, not apart of this transaction, are
712 // deferred. When issuing RPC/urgent requests on top of a started
713 // transaction, the initiating transaction ID is used.
714 //
715 // To ensure IDs are unique, we use sequence numbers for transaction IDs,
716 // which grow in opposite directions from child to parent.
729 #ifdef DEBUG
731 #else
733 #endif
735 // If a sync message times out, we store its sequence number here. Any
736 // future sync messages will fail immediately. Once the reply for original
737 // sync message is received, we allow sync messages again.
738 //
739 // When a message times out, nothing is done to inform the other side. The
740 // other side will eventually dispatch the message and send a reply. Our
741 // side is responsible for replying to all sync messages sent by the other
742 // side when it dispatches the timed out message. The response is always an
743 // error.
744 //
745 // A message is only timed out if it initiated a transaction. This avoids
746 // hitting a lot of corner cases with message nesting that we don't really
747 // care about.
751 // Queue of all incoming messages.
752 //
753 // If both this side and the other side are functioning correctly, the other
754 // side can send as many async messages as it wants before sending us a
755 // blocking message. After sending a blocking message, the other side must be
756 // blocked, and thus can't send us any more messages until we process the sync
757 // in-msg.
758 //
761 // The number of messages in mPending for which IsAlwaysDeferred is false
762 // (i.e., the number of messages that might not be deferred, depending on
763 // context).
766 // Is there currently MessageChannel logic for this channel on the C++ stack?
767 // This member is only accessed on the worker thread, and so is not protected
768 // by mMonitor.
771 // Map of async Callbacks that are still waiting replies.
772 CallbackMap mPendingResponses;
774 #ifdef XP_WIN
775 HANDLE mEvent;
776 #endif
778 // Should the channel abort the process from the I/O thread when
779 // a channel error occurs?
782 // True if the listener has already been notified of a channel close or
783 // error.
786 // See SetChannelFlags
791 // If this is true, both ends of this message channel have event targets
792 // on the same thread.
794 };
815 }
824 // This payload still streams a startTime and endTime property because it
825 // made the migration to MarkerTiming on the front-end easier.
842 // Tech note: If `ToNumber()` returns a uint64_t, the conversion to
843 // int64_t is "implementation-defined" before C++20. This is acceptable
844 // here, because this is a one-way conversion to a unique identifier
845 // that's used to visually separate data by thread on the front-end.
849 }
850 }
853 }
867 }
868 }
882 }
883 }
884 };