Prefetch img, scripts and stylesheets during parsing

[asajeffrey]

Eagerly tokenize html input, and scan for script and img tags which can be prefetched into the cache. This allows resources to be loaded concurrently, which would otherwise be loaded sequentially due to being blocked by script execution. On the cloth webgl demo, this takes the time-to-paint down from 732ms to 560ms.

---

• ./mach build -d does not report any errors
• ./mach test-tidy does not report any errors
• These changes fix #3847
• These changes do not require tests because it's a perf improvement

---

This change is 

[highfive]

Heads up! This PR modifies the following files:

• @KiChjang: components/script/dom/servoparser/mod.rs, components/script/dom/servoparser/prefetch.rs, components/net/resource_thread.rs, components/net_traits/lib.rs

[highfive]

Warning

• These commits modify net and script code, but no tests are modified. Please consider adding a test!

[asajeffrey]

IRC chat: https://mozilla.logbot.info/servo/20190904#c16590059 and https://mozilla.logbot.info/servo/20190905#c16593012

[asajeffrey]

r? @jdm

[asajeffrey]

One thing I'm not sure about is that we're issuing a GET when prefetching, even for content which isn't cacheable. We should probably first issue a HEAD to see if the content is cacheable. Perhaps this should be a follow-up issue?

[jdm]

I like the simplicity of this model. We just need to make sure that we don't unintentionally bypass security features of the platform by prefetching more liberally than the actual request the page intends to make.

[jdm]

I would prefer to derive JSTraceable on Tokenizer instead to avoid accidents in the future if we update that struct.

[asajeffrey]

Oh this is weird, I replied to this comment but github appears to have lost the reply...

Anyway, the problem is that HtmlTokenizer doesn't implement JSTraceable, and it's difficult to do so as its generic, and the tokenizer API provides no way to access the sink. If it did, the implementation would be pretty easy:

    impl<Sink: JSTraceable> for HtmlTokenizer<Sink> {
        fn trace(&self) { self.sink().trace() } 
   } 

but there's no sink() method, so we can't really do that.

[jdm]

We have a JSTraceable implementation for the HTML tokenizer in script/dom/servoparser/html.rs. I recommend following its example.

[asajeffrey]

Er, but stripping out the unnecessary code leaves just:

#[allow(unsafe_code)]
unsafe impl JSTraceable for HtmlTokenizer<PrefetchSink>> {
    unsafe fn trace(&self, trc: *mut JSTracer) {
    }
}

which doesn't have obvious advantages over unsafe_no_jsmanaged_fields!.

[jdm]

Can't we still derive JStraceable on Sink and call self.sink.trace() at least?

[asajeffrey]

The problem is we don't have access to the sink, since the tokenizer doesn't expose an API to access it. We couuuld use an Rc, but that seems a bit round-the-houses.

[jdm]

Isn't the tokenizer this type? It has a public sink field. What am I missing?

[asajeffrey]

Argh, I was looking for an accessor method, I didn't spot that the field was public. D'oh!

[asajeffrey]

Okay, fixed.

[asajeffrey]

I don't think there's security issues here, since the data requested by the prefetch is only used to populate the cache, and isn't exposed to script. If we do set the headers according to htmlscriptelement and htmlimageelement, then we do need to make sure we're not sending cookies we shouldn't.

[asajeffrey]

IRC chat at https://mozilla.logbot.info/servo/20190906#c16596185

[asajeffrey]

One thing I realized doing this is that fetch uses the origin, which is mutable, but for speculative prefetching we don't get much choice but to use the original origin.

[jdm]

@bors-servo try=wpt

[bors-servo]

⌛ Trying commit 330b940 with merge 419002d...

[bors-servo]

⌛ Trying commit c6e1b8a with merge 8a20090...

[bors-servo]

💔 Test failed - status-taskcluster

[asajeffrey]

OK, that was a CI failure, the WPT test suite passed!

[asajeffrey]

Now waiting for a review from @nox.

[asajeffrey]

IRC chat https://mozilla.logbot.info/servo/20190910#c16603991

[asajeffrey]

Squashed.

[nox]

I'm a bit anxious about doing that tbh, but it looks ok apart from some nits.

[nox]

Make a new struct type, don't piggy-back the unit type. It's cheap to make a new one anyway.

[asajeffrey]

Done.

[nox]

Let's write a big TODO that we should be carrying the speculative parsing PR to completion and remove that.

[asajeffrey]

Done. The PR you mean is #19203?

[nox]

Early return if the chunk is empty instead of drifting towards the right.

[nox]

Obvious comment is obvious. :)

[asajeffrey]

Yes, but the matching comment on push_string_input_chunk wasn't (at least not to me!).

[nox]

The tokenizer here will be very wrong whenever someone uses document.write, I don't like that but I don't have any suggestion apart from "let's not land this PR and let's land speculative parsing instead".

[asajeffrey]

Indeed. Speculative parsing will also be wrong in that case, not much you can do apart from add this to the list of reasons not to use document.write().

[nox]

Use a new unit struct type.

[asajeffrey]

You are very keen on unit structs. Done.

[nox]

I feel like that's the place where we should not prefetch ever, because the script blocking the parser may very well set window.domain or do stuff that makes this end tag's script not load or whatever.

[asajeffrey]

Yeah, but if we waited to find out if script did any of that, we wouldn't be able to prefetch at all.

[nox]

This is extremely wrong in presence of multiple base tags in an document.

[asajeffrey]

According to https://developer.mozilla.org/en-US/docs/Web/HTML/Element/base "There can be only one element in a document." But yes, I can imagine this causing resources to be prefetched erroneously.

[asajeffrey]

OK, the spec has a note about this (https://html.spec.whatwg.org/multipage/semantics.html#the-base-element). Fixed.

[nox]

Please early return out of the function if token isn't a TagToken, that will help with rightwards drift.

[asajeffrey]

Done.

[nox]

Nothing but script data will be ever return from parsing a script, please use the proper TokenSinkResult return value to tell the tokenizer to switch modes.

[asajeffrey]

Done.

[asajeffrey]

OK, I think I addressed everything.

[asajeffrey]

Done.

[asajeffrey]

Done. The PR you mean is #19203?

[asajeffrey]

Indeed. Speculative parsing will also be wrong in that case, not much you can do apart from add this to the list of reasons not to use document.write().

[asajeffrey]

Yes, but the matching comment on push_string_input_chunk wasn't (at least not to me!).

[asajeffrey]

Not mentioning it was confusing to me though, I spent a while debugging before I realized I was re-encoding UTF-8 string data using the network decoder. I'll remove the comment about tendrils being cheap though, that's more me talking to myself than anything.

[asajeffrey]

You are very keen on unit structs. Done.

[asajeffrey]

Done.

[asajeffrey]

Done.

[asajeffrey]

Yeah, but if we waited to find out if script did any of that, we wouldn't be able to prefetch at all.

[asajeffrey]

According to https://developer.mozilla.org/en-US/docs/Web/HTML/Element/base "There can be only one element in a document." But yes, I can imagine this causing resources to be prefetched erroneously.

[asajeffrey]

@nox, you okay with the changes?

[nox]

@bors-servo r=jdm,nox

[bors-servo]

📌 Commit 2e6f14f has been approved by jdm,nox

[bors-servo]

⌛ Testing commit 2e6f14f with merge 4e9967b...

[bors-servo]

☀️ Test successful - linux-rel-css, linux-rel-wpt, status-taskcluster
Approved by: jdm,nox
Pushing 4e9967b to master...