In `sys$accept4()` and `get_sock_or_peer_name()` we were not
initializing the padding of the `sockaddr_un` struct, leading to
an kernel information leak if the
caller looked back at it's contents.
Before Fix:
37.766 Clipboard(11:11): accept4 Bytes:
2f746d702f706f7274616c2f636c6970626f61726440eac130e7fbc1e8abbfc
19c10ffc18440eac15485bcc130e7fbc1549feaca6c9deaca549feaca1bb0bc
03efdf62c0e056eac1b402d7acd010ffc14602000001b0bc030100000050bf0
5c24602000001e7fbc1b402d7ac6bdc
After Fix:
0.603 Clipboard(11:11): accept4 Bytes:
2f746d702f706f7274616c2f636c6970626f617264000000000000000000000
000000000000000000000000000000000000000000000000000000000000000
000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000
In FB_IOCTL_GET_PROPERTIES we were not initializing the padding of the
struct, leading to the potential of an kernel information leak if the
caller looked back at it's contents.
Lets just be extra paranoid and zero initialize all these structs
in we store on the stack while handling ioctls(..).
This patch adds a ptrace based gdb backend, which is then enlightended
to known how to read the serenity i386 registers via ptrace.
This is just a basic implementation to get the port bootstrapped.
Stack regions can't be made volatile, which makes it impossible for
malloc to manage memory that's used for `sigaltstack()`. Let's use mmap
instead.
Co-authored-by: Idan Horowitz <idan.horowitz@gmail.com>
... instead of returning the maximum number of Processor objects that we
can allocate.
Some ports (e.g. gdb) rely on this information to determine the number
of worker threads to spawn. When gdb spawned 64 threads, the kernel
could not cope with generating backtraces for it, which prevented us
from debugging it properly.
This commit also removes the confusingly named
`Processor::processor_count` function so that this mistake can't happen
again.
Since RefCounted automatically calls a method named `will_be_destoyed`
on classes that have one, so there's no need to have a custom
implementation of unref in File.
This will allow File and it's descendants to use RefCounted instead of
having a custom implementation of unref. (Since RefCounted calls
will_be_destroyed automatically)
This commit also removes an erroneous call to `before_removing` in
AHCIPort, this is a duplicate call, as the only reference to the device
is immediately dropped following the call, which in turns calls
`before_removing` via File::unref.
Custody's unref is one of many implementions of ListedRefCounted's
behaviour in the Kernel, which results in avoidable bugs caused by
the fragmentation of the implementations. This commit starts the work
of replacing all custom implementations with ListedRefCounted by
porting Custody to it.
The this value is only supposed to be set via the BindThisValue and
accessed via the GetThisBinding AOs, so exposing a direct getter/setter
would only lead to potentially non-spec-compliant behavior down the
line.
This change moves from wrapping lines at the start to operating on whole
lines and wrapping them as needed.
This has a few added benefits:
- line numbers are now always accurate.
- going to a line actually works
This patch returns an empty Optional<...> instead of an Error for
Core::System::getgrname and Core::System::getpwnam if we can't find a
matching group or user entry.
It also updates the 'chown' utility to support this new behavior.
This adds a new view mode to profiler which displays source lines and
samples that occured at those lines. This view can be opened via the
menu or by pressing CTRL-S.
It does this by mapping file names from DWARF to "/usr/src/serenity/..."
i.e. source code should be copied to /usr/src/serenity/Userland and
/usr/src/serenity/Kernel to be visible in this mode.
Currently *all* files contributing to the selected function are loaded
completely which could be a lot of data when dealing with lots of
inlined code.
Add a kernel data segment and make the user code segment come after
the data segment. We need the GDT to be in a certain order to support
the syscall and sysret instruction pair.
This allows using pls on a program with arguments more ergonomically,
e.g. `pls -- echo "hello friends"` can now simply be done as:
`pls echo "hello friends"`.
We've finally gotten kmalloc to a point where it feels decent enough
to drop this comment.
There's still a lot of room for improvement, and we'll continue working
on it.
This was a premature optimization from the early days of SerenityOS.
The eternal heap was a simple bump pointer allocator over a static
byte array. My original idea was to avoid heap fragmentation and improve
data locality, but both ideas were rooted in cargo culting, not data.
We would reserve 4 MiB at boot and only ended up using ~256 KiB, wasting
the rest.
This patch replaces all kmalloc_eternal() usage by regular kmalloc().
Since a socket can be accessed by multiple threads concurrently, we need
to protect shared data behind the socket mutex.
There's very likely more places where we need to fix this, the purpose
of this patch is to fix a VERIFY() failure in getsockopt() seen on CI.
If we do not mark these ranges as reserved, RangeAllocator might later
give us addresses that overlap these, which then causes an assertion
failure in the SoftMMU. This behavior led to recurring CI failures, and
sometimes made programs as simple as `/bin/true` fail.
Fixes "Crash 1" reported in #9104
Addresses an issue in which a window resize event after history
overflow would cause the Terminal to crash due to a failed assertion.
The problematic assertion was removed and the logic updated to
support inserting lines even when the start of the history is at an
offset (due to an overflow).
Resolves#10987
Implement a mechanism that allows us to alter colors so that they
mimic those a colorblind person would see. From the color we can then
alter the colors for the whole preview so we can simulate everything
in the theme including icons/decorations.
This filter is also available as a Filter in LibGfx so it can be
reused in multiple other places.
The color simulation algorithm is based on this one
https://github.com/MaPePeR/jsColorblindSimulator publicly available.
...for now - the reason being that the AST breaks 'completion bubbling'
and returns a plain Value, and code at the call site relies on the VM
having an exception set when converting the plain value back into a
completion.
Fixes#11301.
We were doing this dance in notify_watchers():
set_metadata_dirty(true);
set_metadata_dirty(false);
This was done in order to force out inode watcher events immediately.
Unfortunately, this was racy, as if SyncTask got scheduled at the wrong
moment, it would try to flush metadata for a clean inode. This then got
trapped by the VERIFY() statement in Inode::sync_all():
VERIFY(inode.is_metadata_dirty());
This patch fixes the issue by replacing notify_watchers() with lazy
metadata notifications like all other filesystems.
This change updates the port to the latest version, as part of that work
I basically reported the application, as we have added a lot of LibC
functionality which we were missing before. I've also updated the port
to mark stressor's we don't support as nops, instead of trying to avoid
compiling them at all. This will make the port much easier to maintain
in the future.
