When swapping the same object, we could end up with a double-free error.
This was found while quick-sorting a Vector of Variants holding complex
types, reproduced by the new swap_same_complex_object test case.
Static analysis correctly flags that we are missing an implementation
for `operator delete` for all classes which are annotated with
AK_MAKE_ETERNAL. To appease static analysis define an implementation
which asserts to make sure no one ever calls delete on the object.
The assumption that FlatPtr is 64-bit on every platform except i686 is
not correct, and also makes the definition of explode_byte() less nice
to look at.
The IRC Client application made some sense while our main communication
hub was an IRC channel. Now that we've moved on, IRC is just a random
protocol with no particular relevance to this project.
This also has the benefit of removing one major client of the single-
process Web::InProcessWebView class.
This parsing is already duplicated between LibJS and LibRegex, and will
shortly be needed in more places in those libraries. Move it to AK to
prevent further duplication.
This API will consume escaped Unicode code points of the form:
\\u{code point}
\\unnnn (where each n is a hexadecimal digit)
\\unnnn\\unnnn (where the two escaped values are a surrogate pair)
This is primarily to be able to remove the GenericLexer include out of
Format.h as well. A subsequent commit will add AK::Result to
GenericLexer, which will cause naming conflicts with other structures
named Result. This can be avoided (for now) by preventing nearly every
file in the system from implicitly including GenericLexer.
Other changes in this commit are to add the GenericLexer include to
files where it is missing.
If a member is an empty class, the standard normally stats that it needs
to have a size of at least 1 byte in order to guarantee that the
addresses of distinct objects of the same type are always distinct.
However as of c++20, we can use [[no_unique_address]] to instruct the
compiler that if the member has an empty type, it may optimize it to
occupy no space.
This typo / bug in the Traits<T> implementation for StringView caused
AK::HashMap methods to return a `String` when looking up values out of
a hash map of type HashTable<StringView,StringView>.
This change fixes the typo, and fixes the only consumer, the kernel
Commandline class.
This is basically a complement to adopt_nonnull_ref_or_enomem, and
simplifies boilerplate for try_create functions which just return ENOMEM
or the object based on whether it was able to allocate.
Problem:
- `AK::Detail::integer_sequence_generate_array` is published via a
`using` directive in the `Array.h` header, but this is a `Detail`
function.
Solution:
- Remove the `using` declaration.
In the quest of removing as timespec / timeval usage in the Userland as
possible, we need a way to conveniently retrieving the current clock
time from the kernel and storing it in `AK::Time` format.
Problem:
- ToT clang will not build due to casting `nullptr` to `u8*`. This is
redundant because it casts to get a `0` then subtracts it.
Solution:
- Remove it since subtracting `0` doesn't do anything.
Currently, to append a UTF-16 view to a StringBuilder, callers must
first convert the view to UTF-8 and then append the copy. Add a UTF-16
overload so callers do not need to hold an entire copy in memory.
Without this patch, we would end up printing garbage values when we
encountered floating point infinity or NaN values, and also triggered
UBSAN with Clang. This added code models `std::format`'s behavior: the
sign is added the same way as with normal values and the strings 'nan'
and 'inf' are printed.
On x86, the `fprem` and `fmprem1` instructions may produce a 'partial
remainder', for which we should check by reading a FPU flag. If we don't
check for it, we may end up using values that are outside the expected
range of values.
When compiling this code with Clang, both branches of the ternary
operator get evaluated at compile-time, triggering a warning about a
narrowing implicit conversion. We can use `explode_byte` instead.
On i686, reading integers larger than `2^32 - 1` would fail as the
32-bit `size_t` parameter would overflow. This caused us to read too few
bytes in LibDebug's DWARF parser. Making this method templated solves
this issue, as we now can call this API with a `u64` parameter.
This pattern is no good:
kmalloc(elements * sizeof(T));
Since it silently swallows any multiplication overflow.
This patch adds a simple kmalloc_array() that stops the program if
overflow occurs:
kmalloc_array(elements, sizeof(T));
This container is the same as IntrusiveList, except that it allows
modifications to the elements even if the reference to the
IntrusiveList itself is const, by returning mutable iterators. This
represents a use-case where we want to allow modifications to the
elements while keeping the list itself immutable.
This behavior is explicitely opt-in by using IntrusiveListRelaxedConst
instead of IntrusiveList. It will be useful later on when we model
shared/exclusive locks with the help of const and mutable references.
Problem:
- `any_of` is implemented in 2 different ways, one for the entire
container and a different implementation for a partial container
using iterators.
Solution:
- Follow the "don't repeat yourself" (DRY) idiom and implement the
entire container version in terms of the partial version.
Improve the parsing of data urls in URLParser to bring it more up-to-
spec. At the moment, we cannot parse the components of the MIME type
since it is represented as a string, but the spec requires it to be
parsed as a "MIME type record".
`append()` is almost never going to select the overload that is desired.
e.g. it will append chars when you pass it a Vector<size_t>, which is
definitely not the right overload :)
The current method of iterating through the string to access a code
point hurts performance quite badly for very large strings. The test262
test "RegExp/property-escapes/generated/Any.js" previously took 3 hours
to complete; this one change brings it down to under 10 seconds.
Previously we would just print "ASSERTION FAILED: false", which was
kinda cryptic and also didn't make it clear whether this was a TODO or
an unreachable condition. Now, we actually print "ASSERTION FAILED:
TODO", making it crystal clear.
Problem:
- New `all_of` implementation takes the entire container so the user
does not need to pass explicit begin/end iterators. This is unused
except is in tests.
Solution:
- Make use of the new and more user-friendly version where possible.
Previously there was no way to create a MACAddress by passing a direct
address as a string. This will allow programs like the arp utility to
create a MACAddress instance by user-passed addresses.
Problem:
- Now that a generic free-function form of `find_if` is implemented
the code in `all_of` is redundant.
Solution:
- Follow the "don't repeat yourself" mantra and make the code DRY by
implementing `all_of` in terms of `find_if`.
- One tricky part is that since captures are not permitted in
`constexpr` lambdas, the lambda created to negate the predicate
needs to be created by a function which does not capture and takes
the predicate at run-time instead. This allows `all_of` to continue
to work in a `constexpr` context.
To be used as a RegexStringView variant, Utf16View must provide a couple
more helper methods. It must also not default its assignment operators,
because that implicitly deletes move/copy constructors.
This makes it so these algorithms are usable with arbitrary iterators,
as opposed to just instances of AK::SimpleIterator.
This commit also makes the requirement of ::index() in find_index()
explicit, as previously it was accepting any iterator.
This is a generally nicer-to-use version of the existing {any,all}_of()
that doesn't require the user to explicitly provide two iterators.
As a bonus, it also allows arbitrary iterators (as opposed to the hard
requirement of providing SimpleIterators in the iterator version).
This concept describes a type with a begin()/end() pair that can
function as an iterator, given the following criteria:
- The return type of begin() is comparable with the return type of
end(), and the comparison (with operator!=) yields a bool
- The object returned from begin() can be pre-incremented
- The iterator has an operator*() implementation
By replacing MakeUnsigned<Source> in this specific specialization with a
simple negativity check this now works for floating point source types.
Previously it would attempt a comparison of the destination type and
void.
AK's version should see better inlining behaviors, than the LibM one.
We avoid mixed usage for now though.
Also clean up some stale math includes and improper floatingpoint usage.
This is to implement constexpr template based implementations for
mathematical functions
This also changes math.cpp to use these implementations.
Also adds a fastpath for floating point trucation for values smaller
than the signed 64 bit limit.
The state of the formatter for the previous element should be thrown
away for each iteration. This showed up when trying to format a
Vector<String>, since Formatter<StringView> was unhappy about some state
that gets set when it's called. Add a test for Formatter<Vector>.
This is trivial, and makes it easier to get the code point compared to
the previous `.code_points()[index]` (which was not actually checked
for in-bounds length).
There is still an offset to consider, a zero-length view is very
different from a nonexistent string :P
Co-authored-by: Timothy Flynn <trflynn89@pm.me>
This implements a simple bootloader that is capable of loading ELF64
kernel images. It does this by using QEMU/GRUB to load the kernel image
from disk and pass it to our bootloader as a Multiboot module.
The bootloader then parses the ELF image and sets it up appropriately.
The kernel's entry point is a C++ function with architecture-native
code.
Co-authored-by: Liav A <liavalb@gmail.com>
The previous implementation was too generic, and would cause conflicting
operator overload errors when included in certain code paths. Fix this
by restricting the template parameters to types which have the same
member names as `struct timespec`.
This is a much more ergonomic option than getting a
`VERIFY_NOT_REACHED()` failure at run-time. I encountered this issue
with Clang, where sized deallocation is not the default due to ABI
breakage concerns.
Note that we can't simply just not declare these functions, because the
C++ standard states:
> If this function with size parameter is defined, the program shall
> also define the version without the size parameter.
Prior to this, it'd try to stuff them into an i64, which could fail and
give us nothing.
Even though this is an extension we've made to JSON, the parser should
be able to correctly round-trip from whatever our serialiser has
generated.
Note: this exact implementation is needed for __atomic_is_lock_free to
link with both GCC (for the SerenityOS build) and Clang (for the Fuzzer
build). The size argument must be a compile-time constant, otherwise it
fails to link with both compilers. Alternatively, the following
definition links with GCC but fails with Clang:
template<size_t S>
static inline bool atomic_is_lock_free(volatile void* ptr = nullptr)
{
return __atomic_is_lock_free(S, ptr);
}
When repeatedly enqueing and dequeing a single item in a Queue we end
up faulting in all the pages for the underlying Vector. This is a
performance issue - especially where the element type is large.
Previously the Queue class used a SinglyLinkedList to manage its queue
segments. This changes the Queue class to use the IntrusiveList class
instead which saves us one allocation per segment.
For debugging purposes, it is very useful to look at a Vector in a
simple list representation. Therefore, the new Formatter for Vector
provides a string representation of the following form:
```
[ 1, 2, 3, 4, 5 ]
```
This requires the content type of Vector to be formattable with default
arguments.
The current implementation ignores width and precision, which may be
accounted for later or passed down to the content formatter.
This commit un-confuses the many specialisations of AK::Traits, and
makes it work correctly for all integral types.
Prior to this, `AK::Traits<size_t>` would've been instantiating the
base Traits implementation, not `Traits<u32>` or `Traits<u64>`.
This is an AK::GenericLexer that exposes helper methods for parsing
date and time related literals (years, months, days, hours, minutes,
seconds, fractional seconds & more)
Let's bring this class back, but without the confusing resize() API.
A FixedArray<T> is simply a fixed-size array of T.
The size is provided at run-time, unlike Array<T> where the size is
provided at compile-time.
This was only used by a single class (AK::ByteBuffer) in the kernel
and not in an OOM-safe way.
Now that ByteBuffer no longer uses it, there's no need for the kernel
heap to burden itself with supporting this.
This class is the only reason we have to support krealloc() in the
kernel heap, something which adds a lot of complexity.
Let's move towards a simpler path and do malloc+memset in the
ByteBuffer code (where we know the sizes anyway.)
This patch introduces the SQLServer system server. This service is
supposed to be the only process/application talking to database storage.
This makes things like locking and caching more reliable, easier to
implement, and more efficient.
In LibSQL we added a client component that does the ugly IPC nitty-
gritty for you. All that's needed is setting a number of event handler
lambdas and you can connect to databases and execute statements on them.
Applications that wish to use this SQLClient class obviously need to
link LibSQL and LibIPC.
Clang does not like that we are trying to refer to our own size while
our declaration is not yet complete, and fails to compile this file.
This is fixed by introducing a function which returns the correct
sizeof. This only gets evaluated in the `requires` clause after the
whole class has been parsed, so it will compile fine.
Previously, in LibGFX's `Point` class, calculated distances were passed
to the integer `abs` function, even if the stored type was a float. This
caused the value to unexpectedly be truncated. Luckily, this API was not
used with floating point types, but that can change in the future, so
why not fix it now :^)
Since we are in C++, we can use function overloading to make things
easy, and to automatically use the right version.
This is even better than the LibC/LibM functions, as using a bit of
hackery, they are able to be constant-evaluated. They use compiler
intrinsics, so they do not depend on external code and the compiler can
emit the most optimized code by default.
Since we aren't using the C++ standard library's trick of importing
everything into the `AK` namespace, this `abs` function cannot be
exported to the global namespace, as the names would clash.
If a non-const lvalue reference is passed to these constructors, the
converting constructor will be selected instead of the desired copy/move
constructor.
Since I needed to touch `KResultOr` anyway, I made the forwarding
converting constructor use `forward<U>` instead of `move`. This meant
that previously, if a lvalue was passed to it, a move operation took
place even if no `move()` was called on it. Member initializers and
if-else statements have been changed to match our current coding style.
This fixes a build issue introduced in 23d66fe, where the compiler
statically detected that that mismatching new and delete operators were
used.
Clang generates a warning for this, for the reasons described in the
comment in `AK/kmalloc.cpp`, but GCC does not.
Besides moving the allocator functions into a `.cpp` file, declarations
in `AK/kmalloc.cpp` were reordered to have imports at the top, in order
to make the code more readable.
