The fact that we used a Vector meant that even if creating a Mount
object succeeded, we were still at a risk that appending to the actual
mounts Vector could fail due to OOM condition. To guard against this,
the mount table is now an IntrusiveList, which always means that when
allocation of a Mount object succeeded, then inserting that object to
the list will succeed, which allows us to fail early in case of OOM
condition.
From now on, we don't allow jailed processes to open all device nodes in
/dev, but only allow jailed processes to open /dev/full, /dev/zero,
/dev/null, and various TTY and PTY devices (and not including virtual
consoles) so we basically restrict applications to what they can do when
they are in jail.
The motivation for this type of restriction is to ensure that even if a
remote code execution occurred, the damage that can be done is very
small.
We also don't restrict reading and writing on device nodes that were
already opened, because that limit seems not useful, especially in the
case where we do want to provide an OpenFileDescription to such device
but nothing further than that.
This ensures the value goes through the regular ToPrimitive mechanism,
which PropertyKey::from_value() bypasses. This is relevant for objects
with a @@toPrimitive method, for example.
Also enables one skipped test in delete-basic.js, which now passes.
This is not in the spec and does pointless work:
- If either of them is true, we would determine the same result with the
manual code point iteration and comparison
- If neither of them is true, we iterate from the start again and repeat
the work that was just done
Instead, only have the manual loop from the spec and do a length
comparison at the end.
Removing it brings the following microbenchmark from ~5.5s down to ~3.5s
on my machine:
```js
const a = "x".repeat(100_000_000) + "a";
const b = "x".repeat(100_000_000) + "b";
a < b
```
Discord modals/pop-outs are in a "layerContainer" <div> with
`z-index: 1002`, which then has an immediate child <div> called
"positionLayer" with `z-index: 0`. We only ever hit test child stacking
contexts with z-index set to anything but 0 (step 7 and step 1 of the
hit test), but not for exactly 0 (step 6). This made it impossible to
hit any element inside positionLayer, making pop-ups such as the emojis
and GIFs unusable.
For example, Document.getSelection returns Selection, which is in the
Selection namespace.
Namespaces.h has Linus' copyright since he changed the "is_one_of" list
to an Array.
Instead of creating a new global object and proxying everything through
it, we now evaluate console inputs inside a `with` environment.
This seems to match the behavior of WebKit and Gecko in my basic
testing, and removes the ConsoleGlobalObject which has been a source of
confusion and invalid downcasts.
The globals now live in a class called ConsoleGlobalObjectExtensions
(renamed from ConsoleGlobalObject since it's no longer a global object).
To make this possible, I had to add a way to override the initial
lexical environment when calling JS::Interpreter::run(). This is plumbed
via Web::HTML::ClassicScript::run().
There was a FIXME about using raw delta y value of the mousewheel event
in TreeMapWidget::mousewheel_event. Some time after that code was
written, a raw delta x/y API was added to GUI::MouseEvent. This patch
simply uses that API and removes the FIXME message there.
- Wrapped sequence should be inserted before first non-match
node instead of next sibling of first non-match node
- If sequence is not empty after sibling traversal it should be
wrapped
This change makes outer min-content width and outer max-content
width for cells to be calculated in the way specifed in the spec:
- The outer min-content width of a table-cell is max(min-width,
min-content width) adjusted by the cell intrinsic offsets.
- The outer max-content width of a table-cell in a non-constrained
column is max(min-width, width, min-content width, min(max-width,
max-content width)) adjusted by the cell intrinsic offsets.
- The outer max-content width of a table-cell in a constrained
column is max(min-width, width, min-content width, min(max-width,
width)) adjusted by the cell intrinsic offsets.
Vectors that stick around in the AST were wasting a fair bit of memory
due to the growth padding we keep by default. This patch goes after some
of these vectors with the shrink_to_fit() stick to reduce waste.
Since the AST can stay around for a long time, it is worth making an
effort to shrink it down when we have a chance.
After setting up all the bindings in function_declaration_instantiation,
we now ask DeclarativeEnvironment to do a shrink_to_fit() on its vector
of bindings.
This ends up saving 5.6 MiB on twitter.com/awesomekling :^)
Instead of CallExpression storing its arguments in a Vector<Argument>,
we now custom-allocate the memory slot for CallExpression (and its
subclass NewExpression) so that it fits both CallExpression and its list
of Arguments in one allocation.
This reduces memory usage on twitter.com/awesomekling by 8.8 MiB :^)
This template allows us to allocate an AST node and an array of some
arbitrary type T with one allocation instead of two. This can save
a lot of memory in some cases.
Thanks to Jonathan Müller for suggesting this technique! :^)
ASTNode inherits from RefCounted, which has a single 32-bit member.
This means that there's a 32-bit padding hole after RefCounted,
where we are free to put something (or it will go to waste!)
This patch moves ASTNode::m_start_offset into that padding hole,
and we now have a 32-bit padding hole at the end of ASTNode instead.
This will allow ASTNode subclasses to put things in the ASTNode hole
by moving them to the head of the member list.
