mirror of
https://github.com/LadybirdBrowser/ladybird.git
synced 2024-09-11 13:36:13 +03:00
Truly independent web browser
b645f87b7a
For a long time, our shutdown procedure has basically been: - Acquire big process lock. - Switch framebuffer to Kernel debug console. - Sync and lock all file systems so that disk caches are flushed and files are in a good state. - Use firmware and architecture-specific functionality to perform hardware shutdown. This naive and simple shutdown procedure has multiple issues: - No processes are terminated properly, meaning they cannot perform more complex cleanup work. If they were in the middle of I/O, for instance, only the data that already reached the Kernel is written to disk, and data corruption due to unfinished writes can therefore still occur. - No file systems are unmounted, meaning that any important unmount work will never happen. This is important for e.g. Ext2, which has facilites for detecting improper unmounts (see superblock's s_state variable) and therefore requires a proper unmount to be performed. This was also the starting point for this PR, since I wanted to introduce basic Ext2 file system checking and unmounting. - No hardware is properly shut down beyond what the system firmware does on its own. - Shutdown is performed within the write() call that asked the Kernel to change its power state. If the shutdown procedure takes longer (i.e. when it's done properly), this blocks the process causing the shutdown and prevents any potentially-useful interactions between Kernel and userland during shutdown. In essence, current shutdown is a glorified system crash with minimal file system cleanliness guarantees. Therefore, this commit is the first step in improving our shutdown procedure. The new shutdown flow is now as follows: - From the write() call to the power state SysFS node, a new task is started, the Power State Switch Task. Its only purpose is to change the operating system's power state. This task takes over shutdown and reboot duties, although reboot is not modified in this commit. - The Power State Switch Task assumes that userland has performed all shutdown duties it can perform on its own. In particular, it assumes that all kinds of clean process shutdown have been done, and remaining processes can be hard-killed without consequence. This is an important separation of concerns: While this commit does not modify userland, in the future SystemServer will be responsible for performing proper shutdown of user processes, including timeouts for stubborn processes etc. - As mentioned above, the task hard-kills remaining user processes. - The task hard-kills all Kernel processes except itself and the Finalizer Task. Since Kernel processes can delay their own shutdown indefinitely if they want to, they have plenty opportunity to perform proper shutdown if necessary. This may become a problem with non-cooperative Kernel tasks, but as seen two commits earlier, for now all tasks will cooperate within a few seconds. - The task waits for the Finalizer Task to clean up all processes. - The task hard-kills and finalizes the Finalizer Task itself, meaning that it now is the only remaining process in the system. - The task syncs and locks all file systems, and then unmounts them. Due to an unknown refcount bug we currently cannot unmount the root file system; therefore the task is able to abort the clean unmount if necessary. - The task performs platform-dependent hardware shutdown as before. This commit has multiple remaining issues (or exposed existing ones) which will need to be addressed in the future but are out of scope for now: - Unmounting the root filesystem is impossible due to remaining references to the inodes /home and /home/anon. I investigated this very heavily and could not find whoever is holding the last two references. - Userland cannot perform proper cleanup, since the Kernel's power state variable is accessed directly by tools instead of a proper userland shutdown procedure directed by SystemServer. The recently introduced Firmware/PowerState procedures are removed again, since all of the architecture-independent code can live in the power state switch task. The architecture-specific code is kept, however. |
||
|---|---|---|
| .devcontainer | ||
| .github | ||
| AK | ||
| Base | ||
| Documentation | ||
| Kernel | ||
| Ladybird | ||
| Meta | ||
| Ports | ||
| Tests | ||
| Toolchain | ||
| Userland | ||
| .clang-format | ||
| .clang-tidy | ||
| .editorconfig | ||
| .gitattributes | ||
| .gitignore | ||
| .gn | ||
| .mailmap | ||
| .pre-commit-config.yaml | ||
| .prettierignore | ||
| .prettierrc | ||
| .ycm_extra_conf.py | ||
| azure-pipelines.yml | ||
| CMakeLists.txt | ||
| CONTRIBUTING.md | ||
| LICENSE | ||
| README.md | ||
| SECURITY.md | ||
SerenityOS
Graphical Unix-like operating system for x86-64 computers.
FAQ | Documentation | Build Instructions
About
SerenityOS is a love letter to '90s user interfaces with a custom Unix-like core. It flatters with sincerity by stealing beautiful ideas from various other systems.
Roughly speaking, the goal is a marriage between the aesthetic of late-1990s productivity software and the power-user accessibility of late-2000s *nix. This is a system by us, for us, based on the things we like.
You can watch videos of the system being developed on YouTube:
Screenshot
Features
- Modern x86 64-bit kernel with pre-emptive multi-threading
- Browser with JavaScript, WebAssembly, and more (check the spec compliance for JS, CSS, and Wasm)
- Security features (hardware protections, limited userland capabilities, W^X memory,
pledge&unveil, (K)ASLR, OOM-resistance, web-content isolation, state-of-the-art TLS algorithms, ...) - System services (WindowServer, LoginServer, AudioServer, WebServer, RequestServer, CrashServer, ...) and modern IPC
- Good POSIX compatibility (LibC, Shell, syscalls, signals, pseudoterminals, filesystem notifications, standard Unix utilities, ...)
- POSIX-like virtual file systems (/proc, /dev, /sys, /tmp, ...) and ext2 file system
- Network stack and applications with support for IPv4, TCP, UDP; DNS, HTTP, Gemini, IMAP, NTP
- Profiling, debugging and other development tools (Kernel-supported profiling, detailed program analysis with software emulation in UserspaceEmulator, CrashReporter, interactive GUI playground, HexEditor, HackStudio IDE for C++ and more)
- Libraries for everything from cryptography to OpenGL, audio, JavaScript, GUI, playing chess, ...
- Support for many common and uncommon file formats (PNG, JPEG, GIF, MP3, WAV, FLAC, ZIP, TAR, PDF, QOI, Gemini, ...)
- Unified style and design philosophy, flexible theming system, custom (bitmap and vector) fonts
- Games (Solitaire, Minesweeper, 2048, chess, Conway's Game of Life, ...) and demos (CatDog, Starfield, Eyes, mandelbrot set, WidgetGallery, ...)
- Every-day GUI programs and utilities (Spreadsheet with JavaScript, TextEditor, Terminal, PixelPaint, various multimedia viewers and players, Mail, Assistant, Calculator, ...)
... and all of the above are right in this repository, no extra dependencies, built from-scratch by us :^)
Additionally, there are over two hundred ports of popular open-source software, including games, compilers, Unix tools, multimedia apps and more.
How do I read the documentation?
Man pages are available online at man.serenityos.org. These pages are generated from the Markdown source files in Base/usr/share/man and updated automatically.
When running SerenityOS you can use man for the terminal interface, or help for the GUI.
Code-related documentation can be found in the documentation folder.
How do I build and run this?
See the SerenityOS build instructions. Serenity runs on Linux, macOS (aarch64 might be a challenge), Windows (with WSL2) and many other *Nixes with hardware or software virtualization.
Get in touch and participate!
Join our Discord server: SerenityOS Discord
Before opening an issue, please see the issue policy.
A general guide for contributing can be found in CONTRIBUTING.md.
Authors
- Andreas Kling - awesomekling
- Robin Burchell - rburchell
- Conrad Pankoff - deoxxa
- Sergey Bugaev - bugaevc
- Liav A - supercomputer7
- Linus Groh - linusg
- Ali Mohammad Pur - alimpfard
- Shannon Booth - shannonbooth
- Hüseyin ASLITÜRK - asliturk
- Matthew Olsson - mattco98
- Nico Weber - nico
- Brian Gianforcaro - bgianfo
- Ben Wiederhake - BenWiederhake
- Tom - tomuta
- Paul Scharnofske - asynts
- Itamar Shenhar - itamar8910
- Luke Wilde - Lubrsi
- Brendan Coles - bcoles
- Andrew Kaster - ADKaster
- thankyouverycool - thankyouverycool
- Idan Horowitz - IdanHo
- Gunnar Beutner - gunnarbeutner
- Tim Flynn - trflynn89
- Jean-Baptiste Boric - boricj
- Stephan Unverwerth - sunverwerth
- Max Wipfli - MaxWipfli
- Daniel Bertalan - BertalanD
- Jelle Raaijmakers - GMTA
- Sam Atkins - AtkinsSJ
- Tobias Christiansen - TobyAsE
- Lenny Maiorani - ldm5180
- sin-ack - sin-ack
- Jesse Buhagiar - Quaker762
- Peter Elliott - Petelliott
- Karol Kosek - krkk
- Mustafa Quraish - mustafaquraish
- David Tuin - davidot
- Leon Albrecht - Hendiadyoin1
- Tim Schumacher - timschumi
- Marcus Nilsson - metmo
- Gegga Thor - Xexxa
- kleines Filmröllchen - kleinesfilmroellchen
- Kenneth Myhra - kennethmyhra
- Maciej - sppmacd
- Sahan Fernando - ccapitalK
- Benjamin Maxwell - MacDue
- Dennis Esternon - djwisdom
- frhun - frhun
- networkException - networkException
- Brandon Jordan - electrikmilk
- Lucas Chollet - LucasChollet
- Timon Kruiper - FireFox317
- Martin Falisse - martinfalisse
- Gregory Bertilson - Zaggy1024
- Erik Wouters - EWouters
- Rodrigo Tobar - rtobar
And many more! See here for a full contributor list. The people listed above have landed more than 100 commits in the project. :^)
License
SerenityOS is licensed under a 2-clause BSD license.