The previous behavior was to always VERIFY that the UTF-8 bytes were
valid when iterating over the code points of an UTF8View. This change
makes it so we instead output the 0xFFFD 'REPLACEMENT CHARACTER'
code point when encountering invalid bytes, and keep iterating the
view after skipping one byte.
Leaving the decision to the consumer would break symmetry with the
UTF32View API, which would in turn require heavy refactoring and/or
code duplication in generic code such as the one found in
Gfx::Painter and the Shell.
To make it easier for the consumers to detect the original bytes, we
provide a new method on the iterator that returns a Span over the
data that has been decoded. This method is immediately used in the
TextNode::compute_text_for_rendering method, which previously did
this in a ad-hoc waay.
This also add tests for the new behavior in TestUtf8.cpp, as well
as reinforcements to the existing tests to check if the underlying
bytes match up with their expected values.
This replaces ctype.h with CharacterType.h everywhere I could find
issues with narrowing conversions. While using it will probably make
sense almost everywhere in the future, the most critical places should
have been addressed.
This patch introduces CharacterTypes.h, which aims to be a replacement
for most usages of ctype.h. In contrast to that implementation, this
header makes use of exclusively constexpr functions and support the full
Unicode code point set without any narrowing-conversion issues.
In order for IntrusiveList to be capable of replacing InlineLinkedList,
it needs to support reverse iteration. InlineLinkedList currently
supports manual reverse iteration by calling list->last() followed by
node->prev().
Also shifts logic of starting game length timer into function
`start_timer_if_necessary`, so it can be called from original
mouse event handler and new `auto_move_eligible_cards_to_stacks`
Rather than aborting when a LIMIT clause of the form 'LIMIT expr, expr'
is encountered, fail the parser with a syntax error. This will be nicer
for the user and fixes the following fuzzer bug:
https://crbug.com/oss-fuzz/34837
Previously we'd incur the costs for a function call via the PLT even
for the most trivial ref-count actions like increasing/decreasing the
reference count.
By moving the code to the header file we allow the compiler to inline
this code into the caller's function.
Previously Profiler was using timestamps to distinguish processes.
However it is possible that separate processes with the same PID exist
at the exact same timestamp (e.g. for execve). This changes Profiler
to use unique serial numbers for each event instead.
Previous to this commit, if a `Window` wanted to set its width or height
greater than `INT16_MAX` (32768), both the application owning the Window
and the WindowServer would crash.
The root of this issue is that `size_would_overflow` check in `Bitmap`
has checks for `INT16_MAX`, and `Window.cpp:786` that is called by
`Gfx::Bitmap::create_with_anonymous_buffer` would get null back, then
causing a chain of events resulting in crashes.
Crashes can still occur but with `VERIFY` and `did_misbehave` the
causes of the crash can be more readily identified.
This avoids allocations in the VMObject constructor. The number of
inline elements was determined empirically and covers most common cases
including LibC malloc.
This doesn't change anything because our global operator delete also
calls kfree() - however instead of relying on this implementation
detail this makes this dependency more explicit.
In hindsight declaring these prematurely wasn't the greatest idea - that
just makes any script checking for their existence believe they'll work,
and what follows next is a crash of the js or WebContent process. If we
omit the declarations, a polyfill can be provided instead.
This also affects the test262, which tests these - instead of reporting
a bunch of assertion crash errors, we should simply report test failure
for 'not a function', which in turn makes it easier to spot any actual
bugs causing crashes.
There's no reason at all for this to be a string or to accept arbitrary
values - just because it's displayed as strings in the spec doesn't mean
we have to do the same :^)
When setting a Widget->set_visible(false), if that Widget->has_focus()
it will continue to have focus, even though it's not visible to the user
anymore.
Now calling Widget->set_visible(false) will remove focus from the Widget
if it had focus, and the Window will give focus back to the Widget
that had it previously, if there was one.
This ensures the store to mutex->lock doesn't get re-ordered before
the store to mutex->owner which could otherwise result in a locked
owner-less mutex if another thread tries to acquire the lock at
the same time.