investigate window.requestIdleCallback() for possible timing leaks

The window.requestIdleCallback() API is available as of Firefox 55. We should determine whether it may be used to learn too much about the performance of the user's computer/device, or if there are other timing leaks we want to avoid. See: ​ https://bugzilla.mozilla.org/show_bug.cgi?id=1314959 ​ https://developer.mozilla.org/en-US/docs/Web/API/Background_Tasks_API

If necessary, we can disable this feature by setting dom.requestIdleCallback.enabled to false.

added TorBrowserTeam201904 component::applications/tor browser ff60-esr owner::tbb-team priority::high resolution::fixed severity::normal status::closed tbb-fingerprinting-time-highres type::defect labels

Trac:
Cc: N/A to arthuredelstein

Bumping prio.

Trac:
Priority: Medium to Immediate

Trac:
Priority: Immediate to High

Move our tickets to August.

Trac:
Keywords: TorBrowserTeam201807 deleted, TorBrowserTeam201808 added

Moving our tickets to September 2018

Trac:
Keywords: TorBrowserTeam201808 deleted, TorBrowserTeam201809 added

Moving tickets to October

Trac:
Keywords: TorBrowserTeam201809 deleted, TorBrowserTeam201810 added

Moving our tickets to November.

Trac:
Keywords: TorBrowserTeam201810 deleted, TorBrowserTeam201811 added

Moving our tickets to December.

Trac:
Keywords: TorBrowserTeam201811 deleted, TorBrowserTeam201812 added

Moving tickets to Jan 2019.

Trac:
Keywords: TorBrowserTeam201812 deleted, TorBrowserTeam201901 added

Moving tickets to February.

Trac:
Keywords: TorBrowserTeam201901 deleted, TorBrowserTeam201902 added

Moving remaining tickets to March.

Trac:
Keywords: TorBrowserTeam201902 deleted, TorBrowserTeam201903 added

Moving tickets to April.

Trac:
Keywords: TorBrowserTeam201903 deleted, TorBrowserTeam201904 added

(TLDR: don't see a way of using this as a high precision timer or to effectively measure device performance)

The callback receives an object which via .timeRemaining() method returns a DOMHighResTimestamp, the number of ms until the 'idle period' is over. The cb function is supposed to do some work and stop when .timeRemaining() is 0.

This .timeRemaining() is calculated like std::max(mDeadline - performance->Now(), 0.0), and mDeadline is a default guess of 50ms which is then refined based on a couple of factors (like estimated time until some event needs to be processed). First I thought this could be used as a high precision timer, but performance->Now() has precision of 100ms in RFP, so that's not possible. Most of the time consecutive calls to .timeRemaining() will have the same value, since performance->Now() only changes every 100ms. As a side effect, values of .timeRemaining() will be bigger with RFP because of this (e.g. if real performance->Now() is ..199, mDeadline is ...249 then with RFP .timeRemaining() will be 149, while without RFP it would be 50).

In any case, RFP should prevent using this as a high precision timer. Also, .timeRemaining() is quite noisy, so I don't see a way of using it for something like measuring time of other events processed between idlecallbacks. One could try to measure the times between requestIdleCallback and the actual callback is called, as a proxy of 'idleness'. But I do not see how this would be more effective than just doing a benchmark to measure computer performance (e.g. running several tasks in workers, etc.)

Thanks!

Trac:
Resolution: N/A to fixed
Status: new to closed

A thing to think about. While we don't have ServiceWorkers yet I wonder whether the following assumption would still hold

// If there's no window, we're in a system scope, and can just use
// a high-resolution TimeStamp::Now();
auto timestamp = TimeStamp::Now() - TimeStamp::ProcessCreation();
return std::max(mDeadline - timestamp.ToMilliseconds(), 0.0);

and whether the direct use of TimeStamp::Now() would be an issue here. However, looking at the implementation in https://bugzilla.mozilla.org/show_bug.cgi?id=1404652 this does indeed be only exposed to the system context. Thus, we should be fine here.

While acat is busy doing his/her thing ... https://trac.torproject.org/projects/tor/ticket/26606 - what's the analysis on this one

Recent reports are that it's starting to break sites (edit: if disabled), mainly images

closed

moved to tpo/applications/tor-browser#26605 (closed)