This enables further work on implementing KASLR by adding relocation
support to the pre-kernel and updating the kernel to be less dependent
on specific virtual memory layouts.
To transparently support multi-frame images, all decoder plugins have
already been updated to return their only bitmap for frame(0).
This patch completes the remaining cleanup work by removing the
ImageDecoder::bitmap() API and having all clients call frame() instead.
Previously, ImageDecoder::create() would return a NonnullRefPtr and
could not "fail", although the returned decoder may be "invalid" which
you then had to check anyway.
The new interface looks like this:
static RefPtr<Gfx::ImageDecoder> try_create(ReadonlyBytes);
This simplifies ImageDecoder since it no longer has to worry about its
validity. Client code gets slightly clearer as well.
One of the conditions for legal move is that the target square is not
occupied by a piece of the same color as the moving piece.
Instead of checking this for each piece separately at the end, we can
check this at the beginning and avoid more expensive checks.
In preparation for modifying the Kernel IOCTL API to return KResult
instead of int, we need to fix this ioctl to an argument to receive
it's return value, instead of using the actual function return value.
This patch adds a FastBoxBlurFilter to the system. It can be created by
specifying a Bitmap it will work on.
There are two uses implemented:
- apply_single_pass() applys an implementation of a linear-time
box-blur algorithm with the specified radius using a horizontal and a
vertical pass and utilizinga sliding window.
- apply_three_passes() gets a better Gaussian approximation by applying
the filter three times. For this to work the radius of each pass is
calculated to fit Gauss the best.
This class now contains all the fun bits about laying out text in a
rect. It will handle line wrapping at a certain width, cutting off lines
that don't fit the given rect, and handling text elision.
Painter::draw_text now internally uses this.
Future work here would be not laying out text twice (once actually
preparing the lines to be rendered and once to get the bounding box),
and possibly adding left elision if necessary.
Additionally, this commit makes the Utf32View versions of
Painter::draw_text convert to Utf8View internally. The intention is to
completely remove those versions, but they're kept at the moment to keep
the scope of this PR small.
If this is not ignored by default, then one can move the mouse fast
enough to skip hovering over a parent element and hover directly over
the child, causing the parent to never receive an Enter event.
Without this change, when the mouse starts hovering over a child widget,
the parent would receive a Leave event despite the parent widget not
losing mouse hover.
GUI applications automatically have EventLoops created for them via
GUI::Application; however before this commit it was not possible to make
the application event loop inspectable. This exposes a third optional
argument to GUI::Application which allows one to make the application
event loop inspectable.
This is primarily to allow using LibUnicode within LibJS and its REPL.
Note: this seems to be the first time that a Lagom dependency requires
generated source files. For this to work, some of Lagom's CMakeLists.txt
commands needed to be re-organized to include the CMake files that fetch
and parse UnicodeData.txt. The paths required to invoke the generator
also differ depending on what is currently building (SerenityOS vs.
Lagom as part of the Serenity build vs. a standalone Lagom build).
The Unicode standard publishes the Unicode Character Database (UCD) with
information about every code point, such as each code point's upper case
mapping. LibUnicode exists to download and parse UCD files at build time
and to provide accessors to that data.
As a start, LibUnicode includes upper- and lower-case code point
converters.
GCC and Clang allow us to inject a call to a function named
__sanitizer_cov_trace_pc on every edge. This function has to be defined
by us. By noting down the caller in that function we can trace the code
we have encountered during execution. Such information is used by
coverage guided fuzzers like AFL and LibFuzzer to determine if a new
input resulted in a new code path. This makes fuzzing much more
effective.
Additionally this adds a basic KCOV implementation. KCOV is an API that
allows user space to request the kernel to start collecting coverage
information for a given user space thread. Furthermore KCOV then exposes
the collected program counters to user space via a BlockDevice which can
be mmaped from user space.
This work is required to add effective support for fuzzing SerenityOS to
the Syzkaller syscall fuzzer. :^) :^)
We treat all NativeFunctions as strict mode and thus window function
which were called in a global context (i.e. `setTimeout(f, 0)`) got a
null this_value. But we really need to treat all functions not defined
by the ECMAScript specification as non-strict. In most cases this won't
matter however since Window is also the global_object we have an extra
bit of logic.
To fix this more correctly we would need to track the strictness of
NativeFunctions.
Otherwise it will try to convert it to a string later anyway. And as far
as I'm aware there are no style properties with just a number or
JavaScript symbol as name.
We immediately use this in CSSStyleDeclaration to fix that "background"
in element.style did not return true.
This is the mechanism used in css3test.com for detecting support of
features.
Declares all wide character handling functions in wctype.h. All calls
are forwarded to the corresponding character handling function in
ctype.h.
These functions are declared, but not implemented:
- iswctype
- wctype
- towctrans
- wctrans
This should also resolve a build issue with the 'sed' port getting
confused with iswprint being declared twice. Seems like it expected
more functions from wctype.h and then had a backup strategy of adding
its own wctype.h.
This patch changes the semantics of purgeable memory.
- AnonymousVMObject now has a "purgeable" flag. It can only be set when
constructing the object. (Previously, all anonymous memory was
effectively purgeable.)
- AnonymousVMObject now has a "volatile" flag. It covers the entire
range of physical pages. (Previously, we tracked ranges of volatile
pages, effectively making it a page-level concept.)
- Non-volatile objects maintain a physical page reservation via the
committed pages mechanism, to ensure full coverage for page faults.
- When an object is made volatile, it relinquishes any unused committed
pages immediately. If later made non-volatile again, we then attempt
to make a new committed pages reservation. If this fails, we return
ENOMEM to userspace.
mmap() now creates purgeable objects if passed the MAP_PURGEABLE option
together with MAP_ANONYMOUS. anon_create() memory is always purgeable.
Instead of crashing when we can't make the back buffer non-volatile,
we now transition the window into single-buffered mode instead
(assuming it was originally in double-buffered mode.)
This reduces GUI fidelity a bit (by potentially making windows flicker
during repaint) but since it's only triggered in low-memory conditions,
it seems like a reasonable thing to sacrifice in order for the system
to carry on.
This patch also stops us from allocating entirely new backing stores
after the old ones were purged. If they were purged but reallocated
just fine, there's no need to allocate new memory again. We already
have fresh zero-filled pages in the existing bitmap at this point.
Making a bitmap non-volatile after being volatile may fail to allocate
physical pages after the kernel stole the old pages in a purge.
This is different from the pages being purged, but reallocated. In that
case, they are simply replaced with zero-fill-on-demand pages as if
they were freshly allocated.
This was a really weird thing to begin with, purgeable bitmaps were
basically regular bitmaps without a physical memory reservation.
Since all the clients of this code ended up populating the bitmaps
with pixels immediately after allocating them anyway, there was no
need to avoid the reservation.
Instead, all Gfx::Bitmaps are now purgeable, in the sense that they
can be marked as volatile or non-volatile.
The only difference here is that allocation failure is surfaced when
we try to create the bitmap instead of during the handling of a
subsequent page fault.
