Commit graph

52366 commits

Author SHA1 Message Date
Lucas CHOLLET
8ef5170bd5 LibGfx/WebP: Remove a typo
:redthakis:
2023-07-15 09:34:07 +02:00
Lucas CHOLLET
4adef05e6d LibGfx/WebP: Decode the first chunk in create()
And remove `initialize()`.

This is done as a part of #19893.
2023-07-15 09:34:07 +02:00
Xexxa
ed67acb16d Base: Add more emoji
👣 - U+1F463 FOOTPRINTS
👕 - U+1F455 T-SHIRT
👝 - U+1F45D CLUTCH BAG
👒 - U+1F452 WOMAN’S HAT
🎸 - U+1F3B8 GUITAR
2023-07-15 09:33:54 +02:00
Andreas Kling
2d6c1bbf88 LibWeb: Paint relatively positioned inline-level elements
Since we deliberately skip positioned elements in paint_descendants(),
we have to make sure we actually paint them in the subsequent
paint_internal() pass.

Before this change, we were only painting positioned elements whose
paintable was a PaintableBox, neglecting inline-level relpos elements.
2023-07-15 07:10:34 +02:00
Andreas Kling
268492413a LibWeb: Add Paintable::stacking_context_rooted_here()
This is a convenience helper that lets you get the stacking context
rooted at a given paintable, without checking that the paintable is a
box first.
2023-07-15 07:10:34 +02:00
Aliaksandr Kalenik
2138c164c9 LibWeb: Respect justify-items property of grid container 2023-07-15 05:50:51 +02:00
Aliaksandr Kalenik
f060f89220 LibWeb: Add support for justify-items property in CSS parser 2023-07-15 05:50:51 +02:00
Luke Wilde
e86d7cab06 LibJS: Don't crash on broken promises in AsyncGenerator#return
See: https://github.com/tc39/ecma262/pull/2683
2023-07-15 01:08:52 +02:00
Luke Wilde
d1cb78c411 LibJS/Bytecode: Implement async generators 2023-07-15 01:08:52 +02:00
Luke Wilde
d4e30710e7 LibJS: Enable bytecode default parameter values for async generators 2023-07-15 01:08:52 +02:00
Luke Wilde
3373626dd5 LibJS/Bytecode: Enable local variables for async generators
See 8b64508 and 71c54dd
2023-07-15 01:08:52 +02:00
Luke Wilde
53e527281f LibJS/Bytecode: Propagate FDI errors normally for async generators
Previously it returned a rejected promise, which is not correct:
https://tc39.es/ecma262/#sec-runtime-semantics-evaluateasyncgeneratorbody
```
1. Perform ? FunctionDeclarationInstantiation(functionObject,
   argumentsList).
```
2023-07-15 01:08:52 +02:00
Luke Wilde
265a9b5ffc LibJS/Bytecode: Add function to determine if we're in an async generator 2023-07-15 01:08:52 +02:00
Luke Wilde
c37ef5694b LibJS/Bytecode: Class async generators as async functions 2023-07-15 01:08:52 +02:00
Luke Wilde
d66eb4e3ba LibJS/Bytecode: Add Await and AsyncIteratorClose instructions 2023-07-15 01:08:52 +02:00
kleines Filmröllchen
b645f87b7a Kernel: Overhaul system shutdown procedure
For a long time, our shutdown procedure has basically been:
- Acquire big process lock.
- Switch framebuffer to Kernel debug console.
- Sync and lock all file systems so that disk caches are flushed and
  files are in a good state.
- Use firmware and architecture-specific functionality to perform
  hardware shutdown.

This naive and simple shutdown procedure has multiple issues:
- No processes are terminated properly, meaning they cannot perform more
  complex cleanup work. If they were in the middle of I/O, for instance,
  only the data that already reached the Kernel is written to disk, and
  data corruption due to unfinished writes can therefore still occur.
- No file systems are unmounted, meaning that any important unmount work
  will never happen. This is important for e.g. Ext2, which has
  facilites for detecting improper unmounts (see superblock's s_state
  variable) and therefore requires a proper unmount to be performed.
  This was also the starting point for this PR, since I wanted to
  introduce basic Ext2 file system checking and unmounting.
- No hardware is properly shut down beyond what the system firmware does
  on its own.
- Shutdown is performed within the write() call that asked the Kernel to
  change its power state. If the shutdown procedure takes longer (i.e.
  when it's done properly), this blocks the process causing the shutdown
  and prevents any potentially-useful interactions between Kernel and
  userland during shutdown.

In essence, current shutdown is a glorified system crash with minimal
file system cleanliness guarantees.

Therefore, this commit is the first step in improving our shutdown
procedure. The new shutdown flow is now as follows:
- From the write() call to the power state SysFS node, a new task is
  started, the Power State Switch Task. Its only purpose is to change
  the operating system's power state. This task takes over shutdown and
  reboot duties, although reboot is not modified in this commit.
- The Power State Switch Task assumes that userland has performed all
  shutdown duties it can perform on its own. In particular, it assumes
  that all kinds of clean process shutdown have been done, and remaining
  processes can be hard-killed without consequence. This is an important
  separation of concerns: While this commit does not modify userland, in
  the future SystemServer will be responsible for performing proper
  shutdown of user processes, including timeouts for stubborn processes
  etc.
- As mentioned above, the task hard-kills remaining user processes.
- The task hard-kills all Kernel processes except itself and the
  Finalizer Task. Since Kernel processes can delay their own shutdown
  indefinitely if they want to, they have plenty opportunity to perform
  proper shutdown if necessary. This may become a problem with
  non-cooperative Kernel tasks, but as seen two commits earlier, for now
  all tasks will cooperate within a few seconds.
- The task waits for the Finalizer Task to clean up all processes.
- The task hard-kills and finalizes the Finalizer Task itself, meaning
  that it now is the only remaining process in the system.
- The task syncs and locks all file systems, and then unmounts them. Due
  to an unknown refcount bug we currently cannot unmount the root file
  system; therefore the task is able to abort the clean unmount if
  necessary.
- The task performs platform-dependent hardware shutdown as before.

This commit has multiple remaining issues (or exposed existing ones)
which will need to be addressed in the future but are out of scope for
now:
- Unmounting the root filesystem is impossible due to remaining
  references to the inodes /home and /home/anon. I investigated this
  very heavily and could not find whoever is holding the last two
  references.
- Userland cannot perform proper cleanup, since the Kernel's power state
  variable is accessed directly by tools instead of a proper userland
  shutdown procedure directed by SystemServer.

The recently introduced Firmware/PowerState procedures are removed
again, since all of the architecture-independent code can live in the
power state switch task. The architecture-specific code is kept,
however.
2023-07-15 00:12:01 +02:00
kleines Filmröllchen
2fd23745a9 Kernel: Allow relaxing cleanup task rules during system shutdown
Once we move to a more proper shutdown procedure, processes other than
the finalizer task must be able to perform cleanup and finalization
duties, not only because the finalizer task itself needs to be cleaned
up by someone. This global variable, mirroring the early boot flags,
allows a future shutdown process to perform cleanup on its own.

Note that while this *could* be considered a weakening in security, the
attack surface is minimal and the results are not dramatic. To exploit
this, an attacker would have to gain a Kernel write primitive to this
global variable (bypassing KASLR among other things) and then gain some
way of calling the relevant functions, all of this only to destroy some
other running process. The same effect can be achieved with LPE which
can often be gained with significantly simpler userspace exploits (e.g.
of setuid binaries).
2023-07-15 00:12:01 +02:00
kleines Filmröllchen
021fb3ea05 Kernel/Tasks: Allow Kernel processes to be shut down
Since we never check a kernel process's state like a userland process,
it's possible for a kernel process to ignore the fact that someone is
trying to kill it, and continue running. This is not desireable if we
want to properly shutdown all processes, including Kernel ones.
2023-07-15 00:12:01 +02:00
kleines Filmröllchen
8940552d1d Kernel/VirtualFileSystem: Allow unmounting via inode and mount path
This pair of information uniquely identifies any mount point, and it can
be used in situations where mount point custodies are not available.
2023-07-15 00:12:01 +02:00
kleines Filmröllchen
abc1eaff36 Kernel/VirtualFileSystem: Count bind mounts towards normal FS mountcount
This is correct since unmount doesn't treat bind mounts specially. If we
don't do this, unmounting bind mounts will call
prepare_for_last_unmount() on the guest FS much too early, which will
most likely fail due to a busy file system.
2023-07-15 00:12:01 +02:00
kleines Filmröllchen
251b17085b Kernel/Ext2: Check and set file system state
This is supposed to detect whether a file system was unmounted
cleanly or not.
2023-07-15 00:12:01 +02:00
kleines Filmröllchen
8fb126bec6 Kernel/FileSystem: Pass last mount point guest inode to unmount prepare
This will be important later on when we check file system busyness.
2023-07-15 00:12:01 +02:00
kleines Filmröllchen
2fe5ece449 Kernel: Add accessor for mount host custody
There's no reason this information needs to be secret.
2023-07-15 00:12:01 +02:00
networkException
103913305b README+Meta: Update the screenshot :^)
Recreating the previous screenshot in a current build of the system will
show many, usually subtle, changes in comparison.

This patch adds a new screenshot of the SerenityOS desktop with
Terminal, File Manager, System Monitor and Ladybird visible.
2023-07-14 23:40:58 +02:00
Xexxa
c03b788892 Base: Add more emoji
🧑‍🎓 - U+1F9D1 U+200D U+1F393 STUDENT
🏯 - U+1F3EF JAPANESE CASTLE
🏙️ - U+1F3D9 CITYSCAPE
🚓 - U+1F693 POLICE CAR
🚙 - U+1F699 SPORT UTILITY VEHICLE
2023-07-14 15:42:48 -04:00
Lucas CHOLLET
15bd708cfd file: Use the mime-type description provided by LibCore
This allows us to get rid of another mime-type list in the codebase.

To do so, the `get_description_from_mime_type` function is introduced in
this patch.
2023-07-14 17:33:06 +01:00
Lucas CHOLLET
c543a13835 LibCore: Share the mime-type list between the two detection methods
We used to have two separate lists for mime-type detection, one for
detection based on the file extension, and the other one for detection
based on byte sniffing.

This list also contains a general description that will be of use in
`file.cpp`.

To create this list, I had to fill in some gaps as the two lists started
to diverge.
2023-07-14 17:33:06 +01:00
Daniel Bertalan
e3f65f215d LibJS/Bytecode: Do not rethrow caught exception from finally
If the exception from the `try` block has already been caught by
`catch`, we need to clear the saved exception before entering `finally`
so that ContinuePendingUnwind will not re-throw it.

9 new passes on test262 :^)
2023-07-14 17:05:29 +02:00
Nico Weber
93b3f12680 LibPDF: Fix quadratic runtime in stream dumping
DeprecatedString::substring() makes a copy of the substring.
Instead, use a StringView, which can make substring views in constant
time.

Reduces time for `pdf --dump-contents image-based-pdf-sample.pdf` to
2.2s (from not completing for 1+ minutes).

That file contains a 221 kB jpeg.

Find it on the internet here:
https://nlsblog.org/wp-content/uploads/2020/06/image-based-pdf-sample.pdf
2023-07-14 09:50:30 -04:00
Nico Weber
d18f01d7d7 LibPDF: Simplify a loop
No behavior change.
2023-07-14 09:50:30 -04:00
Aliaksandr Kalenik
e4e1208050 LibWeb: Respect justify-self property of grid items 2023-07-14 15:48:58 +02:00
Aliaksandr Kalenik
fedbb39e9e LibWeb: Add support for justify-self property in CSS parser 2023-07-14 15:48:58 +02:00
Ali Mohammad Pur
fbab9bc330 LibRegex: Avoid pointlessly slicing a UTF-16 string for one code unit
This simple change is a nice 9% speedup on the regex test suite :^)
2023-07-14 11:22:21 +02:00
Andreas Kling
17bff999c8 LibRegex: Remove redundant VERIFY in OpCode::argument()
The bounds check here is already performed by the at() we're calling,
and removing it appears to have non-trivial performance impact.
2023-07-14 09:09:11 +02:00
Ali Mohammad Pur
4bff4219ff LibRegex: Replace the checkpoint backing store with a Vector
This makes repeated lookups and insertions much faster, yielding a
general performance improvement of about 10% in the regex test suite.
2023-07-14 08:59:19 +02:00
Ali Mohammad Pur
2d6f50932b LibRegex: Assign unique serial IDs to checkpoints
This makes the compiler assign a serial ID to each checkpoint instead of
using the IP as the identifier.
This will be used in a future commit to replace the backing store of
checkpoints with a vector.
2023-07-14 08:59:19 +02:00
Ali Mohammad Pur
06573cd46d LibRegex: Enable the atomic rewrite optimisation for unicode properties 2023-07-14 08:59:19 +02:00
Lucas CHOLLET
c5a6f0fb4d FileManager: Exit the properties window on escape 2023-07-14 06:52:38 +02:00
Lucas CHOLLET
3e6e75bb5e FileManager: Return a StringView from PropertiesWindow::get_description 2023-07-14 06:52:38 +02:00
Lucas CHOLLET
ea2ffdfd0e LibGUI: Bubble up Key_Escape if no hook is plugged in TextEditor
The TextEditor widget was always accepting the Key_Escape event even if
the `on_escape_pressed` was empty. In other words, it was discarding the
event.

This behavior prevented shortcuts to be activated at a higher level.
2023-07-14 06:52:38 +02:00
Lucas CHOLLET
201890e109 LibGUI: Don't call on_escape_pressed from EditingEngines
The call will be handled in `TextEditor::keydown_event`, just after that
`EditingEngine::on_key()` is called.
2023-07-14 06:52:38 +02:00
MacDue
4aa0ef9f98 ImageViewer: Support displaying vector graphics (at arbitrary scales)
With this, you can scale, flip, and rotate vector graphics in the image
viewer like any other image, but with no pixelation :^)

With this change, vector graphics are decoded in-process (since there's
no standard way to encode them over IPC, a new encoding would be needed
for each format, which would be pretty much just be recreating that
format).

Raster images are still decoded out of process, so the surface area for
attack is still kept to a minimum.
2023-07-14 06:51:05 +02:00
MacDue
57c81c1719 LibGfx: Lazily load TinyVG image data
This matches the behavior of other decoders, and ensures just getting
the size (e.g. for the `file` command) does not read the whole file.
2023-07-14 06:51:05 +02:00
MacDue
753cf04be8 LibGfx: Allow requesting vector graphic frames from ImageDecoder
Only supported for plugins that set is_vector() to true. This returns
the frames as Gfx::VectorGraphics, which allows painting/rasterizing
them with arbitrary transforms and scales.
2023-07-14 06:51:05 +02:00
MacDue
8784568a36 LibGUI: Pass ideal size when requesting thumbnail bitmaps
This makes thumbnails for vector graphics look much nicer :^)
2023-07-14 06:51:05 +02:00
MacDue
90e836deae LibGfx: Fix elliptical arcs after non orientation preserving transform
That is flipping/reflecting the arc.
2023-07-14 06:51:05 +02:00
MacDue
9ecc78db1b LibGfx: Add AffineTransform::determinant() 2023-07-14 06:51:05 +02:00
MacDue
16b487c270 LibGfx: Add simple VectorGraphic abstract base class
This is currently very bare-bones with just the size and a few methods
to rasterize/draw the graphic.
2023-07-14 06:51:05 +02:00
Daniel Bertalan
aaf1b762ea AK: Remove redundant information from TypeErasedFormatParams
The array which contains the actual parameters is always located
immediately after the base `TypeErasedFormatParams` object of
`VariadicFormatParams`. Hence, storing a pointer to it inside a `Span`
is redundant. Changing it to a zero-length array saves 8 bytes.

Secondly, we limit the number of parameters to 256, so `m_size` and
`m_next_index` can be stored in a smaller data type than `size_t`,
saving us another 8 bytes.

This decreases the size of a single-element `VariadicFormatParams` from
48 to 32 bytes, thus reducing the code size overhead of setting up
parameters for `dbgln()`.

Note that [arrays of length zero][1] are a GNU extension, but it's used
elsewhere in the codebase already and is explicitly supported by Clang
and GCC.

[1]: https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
2023-07-14 06:37:11 +02:00
Nico Weber
281e3158c0 LibPDF: Some preparatory work for AESV3
This detects AESV3, and copies over the spec comments explaining what
needs to be done, but doesn't actually do it yet.

AESV3 is technically PDF 2.0-only, but
https://cipa.jp/std/documents/download_e.html?CIPA_DC-007-2021_E has a
1.7 PDF that uses it.

Previously we'd claim that we need a password to decrypt it.
Now, we cleanly crash with a TODO() \o/
2023-07-14 06:34:03 +02:00