We don't need to make a list of the target node's ancestors before
iterating over them, since nothing happens while iterating them that
can disturb the list anyway (no arbitrary JS execution etc).
The incessant construction and destruction of handles here was showing
up in profiles of basically every website that uses JavaScript to build
some or all of their DOM tree.
In the upcoming changes, Painter will be used to store the state of
OpenGL context. For example, if Painter is aware of the shader that
have already been loaded, it will be possible to reuse them across
repaints. Also, it would be possible to manage state of loaded textures
and add/remove them depending on which ones are present in the next
sequence of painting commands.
The previous implementation was calling `backtrace()` for every
function call, which is quite slow.
Instead, this implementation provides VM::stack_trace() which unwinds
the native stack, maps it through NativeExecutable::get_source_range
and combines it with source ranges from interpreted call frames.
Flip the order from save-registers,enter and leave,restore-registers
to enter,save-register and restore-registers,leave.
This way the return address is next to the saved frame pointer like
unwinding routines expect.
Previously these handlers duplicated code and used formats that
were different from the one Error.prototype.stack uses.
Now they use the same Error::stack_string function, which accepts
a new parameter for compacting stack traces with repeating frames.
Instead of relying on AK_OS_LINUX, actually use the more accurate
HAS_ACCELERATED_GRAPHICS define to figure out if we should try to use
the generic LibAccelGfx GPU painter.
CalRGBColorSpace::color() converts into a flat xyz space,
which already takes input whitepoint into account.
It shouldn't be taken into account again when converting from
the flat color space to D65.
https://adobe-type-tools.github.io/font-tech-notes/pdfs/T1_SPEC.pdf,
8.4 First Four Subrs Entries:
"""If Flex or hint replacement is used in a Type 1 font program, the
first four entries in the Subrs array in the Private dictionary must be
assigned charstrings that correspond to the following code sequences. If
neither Flex nor hint replacement is used in the font program, then this
requirement is removed, and the first Subrs entry may be a normal
charstring subroutine sequence. The first four Subrs entries contain:
Subrs entry number 0:
3 0 callothersubr pop pop setcurrentpoint return
"""
othersubr handler 0 gets three arguments:
* The flex height (the distance after which the bezier splines
are replaced with just straight lines)
* The current position after the flex
It pushes that position on the postscript stack, where predefined subr
handler number 0 then pops it from. It then passes it to
setcurrentpoint.
In theory, we now correctly do that setcurrentpoint call, which we
previously weren't.
In practice, that setcurrentpoint call always receives the last point of
the flex -- and our path api apparently gets confused when move_to() is
called on it when the current point is already at that same location.
So tweak the SetCurrentPoint handler to not set the current point on
the path if it's already the path's current point, with a FIXME to
figure out what exactly is happening in Gfx::Path.
No big behavior change if flex is used, but this is more correct if it
isn't.
(This only works because our `return` handler is empty, else we would
have to make the callothersubr handler start a call frame.)
https://adobe-type-tools.github.io/font-tech-notes/pdfs/T1_SPEC.pdf,
8.4 First Four Subrs Entries:
"""If Flex or hint replacement is used in a Type 1 font program, the
first four entries in the Subrs array in the Private dictionary must be
assigned charstrings that correspond to the following code sequences. If
neither Flex nor hint replacement is used in the font program, then this
requirement is removed, and the first Subrs entry may be a normal
charstring subroutine sequence. The first four Subrs entries contain:
[...]
Subrs entry number 1:
0 1 callothersubr return
Subrs entry number 2:
0 2 callothersubr return
"""
So subr entry numbers 1 and 2 just call othersubr 1 and and 2, which
means we can just move the handling code over.
No behavior change if flex is used, but more correct if it isn't.
(This only works because our `return` handler is empty, else we would
have to make the callothersubr handler start a call frame.)
When running build while having unsaved changes in HackStudio, it asks
whether you want to save the unsaved files with a separate dialog. When
you click "Yes" to saving the files, but deny the save-file dialog,
HackStudio would crash, since we were expecting there to be a file
to save to. Now, we check whether a file was picked, and if not, we
abort the build.
Previously we would display the score rounded to the nearest integer,
but save the high score by using a static_cast<u32>, which would
always round the score down. This could lead to the final score being
higher than the new high score, when they should be equal.
Now we always round the score to the nearest integer.
This patch updates various parts of the script fetching implementation
to match the current specification.
Notably, the implementation of changes to the import assertions /
attributes proposal are not part of this patch(series).
This patch updates the priority member of fetch requests to be
an enum. The implementation defined struct previously named Priority
has been renamed to InternalPriority in line with the spec.
This patch replaces the use of JS::SafeFunction for the
OnFetchScriptComplete in various script fetching functions with
JS::HeapFunction. The same applies for callbacks in ModuleMap.
This also removes DescendantFetchingContext, which stashed the
on complete function in fetch_descendants_of_a_module_script
for multiple calls to fetch_internal_module_script_graph
previously.
The time zones were stored as a static Span until commit 0bc401a1d6, and
are now stored in a Vector. By continuing to tell the ItemListModel that
the container is a Span, we create a temporary Span in its constructor,
which the model tries to hold a constant reference to. Use the default
Vector container type now instead to prevent creating such temporaries.
The previous implementation created invalid HTTP requests in cases
where the request method was POST or when the request contained a
body. There were two bugs for these cases:
1) the 'Content-Type' header was sent twice
2) a stray CRLF was appended to the request
This works by walking a backtrace until the currently executing
native executable is found, and then mapping the native address
to its bytecode instruction.
Previously we didn't always set the bitmap_intersect correctly when
applying an object-position. This lead to images not correctly being
centered when the axis that it should move along was not the specified
axis.
Previously we assumed a default precision of 6, which made the printed
values quite odd in some cases.
This commit changes that default to print them with just enough
precision to produce the exact same float when roundtripped.
This commit adds some new tests that assert exact format outputs, which
have to be modified if we decide to change the default behaviour.
Previously, all SVG <text> elements were zero-sized boxes, that were
only actually positioned and sized during painting. This led to a number
of problems, the most visible of which being that text could not be
scaled based on the viewBox.
Which this patch, <text> elements get a correctly sized layout box,
that can be hit-tested and respects the SVG viewBox.
To share code with SVGGeometryElement's the PathData (from the prior
commit) has been split into a computed path and computed transforms.
The computed path is specific to geometry elements, but the computed
transforms are shared between all SVG graphics elements.
This removes the awkward hack to recompute the layout transform at paint
time, and makes it possible for path sizes to be computed during layout.
For example, it's possible to use relative units in SVG shapes (e.g.
<rect>), which can be resolved during layout, but would be hard to
resolve again during painting.
For example, serenityos.org does not contain a <link rel="icon"> element
to indicate its favicon. Before navigables, we implemented attempting to
load a fallback favicon in a rather ad-hoc manner. This implements the
full spec steps to do so after the HTML document is parsed.
If we invoke the exit native function from within the exit builtin, the
native call will then invoke global destructors. This ultimately ends up
deleting the JS::NativeFunction that defines the exit builtin, thus we
try to delete the AK::Function held inside the NativeFunction while that
AK::Function is executing. This is explicitly forbidden by AK::Function.
Instead, simply set a flag to exit the REPL after the builtin executes.
These are then restored upon `ContinuePendingUnwind`.
This stops us from forgetting where we needed to jump when we do extra
try-catches in finally blocks.
Co-Authored-By: Jesús "gsus" Lapastora <cyber.gsuscode@gmail.com>
This is currently only used in the bytecode dump to annotate to where
unwinds lead per block, but will be hooked up to the virtual machine in
the next commit.
Now, the 'object-position' property gets properly parsed and is
provided to the rest of the ecosystem.
In the parser we use the same parsing as for the background-position,
which is not entirely correct but almost a <position>.
This patch adds the 'object-position' CSS property description to the
json for code generation.
Also the 'position' enum is added. The values of this enum are the
valid inputs to the object-position property from CSS Values-4.
The postitioning enum values are used by the position CSS property.
Unfortunately, the prior naming clashes with the CSS Values-4 type
named position, which will be implemented in a later commit.
Because slugify function accepts AK::String, which can hold unicode
code_points as well, heading text is normalised to ensure with NFD
form to ensure same binary respresentation of a particular string.
XZ writes filters in the order that they are used during compression, so
we need to process them in the reverse order while decompression.
This wasn't noticed earlier because we only supported the LZMA2 filter.
This makes the code a bit more readable and in conjunction with the
ModRM helper should prevent some operand ordering bugs.
This also includes one incidental bugfix:
`sign_extend_32_to_64_bits`, was not setting the `REX.R` bit when
appropriate,
And one size obvious optimization:
We may now elide the REX prefix on `xor eax, eax` as storing to a 32 bit
register clears the upper 32 bit of said register, which is wanted here.
This also widens the argument coverage of some helpers, to allow
memory offsets, this also consolidates the displacement size choosing.
This also stops us from some out argument ordering bugs, as we now just
need to look up the correct calling convention and call the correct
function.
This change makes RecordingPainter to emit a FillRect command instead
of FillRectWithRoundedCorners if all corners have a radius = 0.
`fill_rect_with_rounded_corners()` in LibGfx already has a similar
optimization. But now when we also have LibAccelGfx, which does not
support painting rectangles with rounded corners yet, it makes sense to
emit FillRect whenever possible.
This change introduces a new 2D graphics library that uses OpenGL to
perform painting operations. For now, it has extremely limited
functionality and supports only rectangle painting, but we have to
start somewhere.
Since this library is intended to be used by LibWeb, where the
WebContent process does not have an associated window, painting occurs
in an offscreen buffer created using EGL.
For now it is only possible to compile this library on linux.
Offscreen context creation on SerenityOS and MacOS will have to be
implemented separately in the future.
Co-Authored-By: Andreas Kling <awesomekling@gmail.com>
Since all conditional instructions use a certain number of bits to
encode the condition type (from my observation of `Jcc`, `SETcc` and
`CMOVcc`), let's abuse that to deduplicate some code!
This adds a `Condition` enum that defines the type of condition we are
jumping based on, whose underlying values are the values that must be
encoded to trigger each condition.
The `test` instruction will have the same result as `cmp` when
comparing to zero, so let's always emit that code. This has no effect
until the following commit.
Passing a value of a type different than number or length-percentage
to transform-origin returned a null pointer, and we didn't take care
of that path before.
This patch fixes a crash caused by an incorrect CSS declaration, such as
`transform-origin: "center"`.
Fixes#21609
After 4318bcf447 RecordingPainter
is suppoed to write commands in coordinate system of stacking context.
This commit adds missing translation for FillRect command.
This clears the handler pointer of the current unwind context
before jumping to it. This is necessary to not loop infinitely
when an exception is thrown from the handler.
In that case control flow should go to the finalizer instead.
This mirrors how unwind_context.handler_called is used in the
Bytecode::Interpreter.
`try { throw 1 } catch (e) { throw 2 } finally {}` now runs
without looping infinitely in the catch block.
Instead of emitting the lengthy exception checking/handling routine,
we only emit code for checking the presence of an exception and jump
to a common exception handler.
This code size optimization saves 2.08MiB on Kraken/ai-astar.js
The cxx_new_* functions have the exact same signature as the underlying
function they redirect to, so there's no need for them. Removing them
saves us a couple of opcodes.
This allows us to use the displacement-less MOV encoding when accessing
register $0 (the accumulator).
This reduces code size by 158 KiB on Kraken/ai-astar.js :^)
This is a subset of #21484: Type 2 CFFs never use the special subrs,
so stop doing them for type 2 at least for now.
Fixes an assert in 0000064.pdf in 0000.zip in the pdfa dataset
(a stack underflow because a subr is supposed to push a bunch of
stuff, but instead it ran one of the built-in routines instead of
the subr from the font file).
As discussed in #21484, this isn't right for type 1 CFFs either,
but just removing the code there regresses Tests/LibPDF/type1.pdf.
A slightly more involved thing is needed there; I added a FIXME
for that here.
Previously, an xref stream with a field with larger than 8 would
result in an undefined shift occurring. We now ensure that each field
width is a number and is less than or equal to 8.
The current helpers assume that a valid URL is a full URL (i.e. contains
the "://" separator between the scheme and domain). This isn't true, as
"file:" alone is parsed as a valid URL.
We must also avoid simply searching for the parsed public suffix in the
original URL string. For example, "com" is a public suffix. If we search
for that in the URL "com.com", we will think the public suffix starts at
index 0.
Instead of pushing and popping every single caller-saved registers,
we can optimize code size (and speed!) by only pushing the one register
we actually care about: RDI (since it holds our VM&).
This means that native calls may clobber every other caller-saved
register, so this is something that you have to be aware of when
emitting native calls in the JIT.
This reduces code size on Kraken/ai-astar.js by 553 KiB and makes
execution time ~6% faster as well! :^)
Instead of JIT::Assembler making the decision for everyone and forcing
out every caller-saved register in the ABI onto the stack, we now leave
that decision to users of JIT::Assembler.
Instead of emitting the "restore callee-saved registers and return"
sequence again and again, just emit it once at the end of the generated
code, and have everyone jump to it.
This is a code size optimization that saves 207KiB on Kraken/ai-astar.js
This restores the bytecode interpreter's original call exception
throwing behaviour to the JIT.
This also fixes 8 of the 10 failing test-js tests when running with the
JIT enabled.
Instead of adjusting the stack pointer before/after making native calls,
just make sure we come out of enter() with the stack pointer aligned
for making calls.
This is strictly a code size reduction. :^)
This replaces the existing sized immediate operands with a unified
immediate operand that leaves the size handling to the assembler,
instead of the user.
This has 2 benefits:
1. The user doesn't need to know which specific operand size the
instruction expects when using it
2. The assembler automatically chooses the minimal operand size that
fits the given value, resulting in smaller code size without any
additional effort from the user. While the change is small, it still
has a noticeable effect on performance (since it increases the I$ hit
rate), resulting in 5% speedup on kraken a-star.
Move TabPosition into its own file, and using it into the global
namespace the same way we do for Gfx::Orientation. This unbreaks the gn
build, and out of tree builds.
All the MOVs in the B8-BF range can use the REX.W prefix, not just B8.
Previously instructions like `48 B9... mov rcx, imm64` were interpreted
as `mov rcx, imm32` because the REX.W prefix was only applied to
`48 B8... mov rax, imm64`.
MAX_GENERATED_VALUES_PER_TEST is now the --randomized_runs flag:
$ ./Build/lagom/bin/TestGenerator --randomized_runs 1000
It's sometimes useful to try larger numbers for it instead of the
default of 100.
MAX_GEN_ATTEMPTS_PER_VALUE is now a constexpr. It's not usually needed
to tweak this value; we can recompile with a different value on the rare
occasion.
unsigned_int(0) doesn't need to draw bits from RandomnessSource.
An expression for getting INT_MAX for u32 didn't need to be
special-cased over the general formula.
This is a follow-up on a few comments
As it turns out, cxx_to_boolean() may return "bool" as other values
than just 0 or 1. This happens when the C++ compiler decides to only
update the AL portion of the RAX return value register instead of
the whole thing.
If a mov instruction is meant to be patchable, we don't want to rewrite
it as a xor, since that removes the slot where we'd patch in the right
value later.
Also, make sure to set both size bits in the REX prefix for xoring a
register with itself.
When we know the value is a positive Int32 less than 0x7fffffff,
it's safe to just add 1 to it and use that as the final result.
This avoids the work of re-adding the INT32_TAG.
Compiler now has a BasicBlockData struct for each BasicBlock. The struct
contains all the stuff that we previously stored with the
Bytecode::BasicBlock.
This uses a new branch_if_both_int32() helper.
It's interesting to note that we can compare encoded Int32 values
without stripping the INT32_TAG, since it doesn't affect signedness
of values.
We now generate a fast path for cached `this` values. The first time
`this` is resolved within a function, we call out to C++, but then
all subsequent accesses will hit the cache in Register::this_value().
