| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
It has caught some minor bugs.
|
| | |
|
| | |
|
| |
|
|
|
| |
This adds a runtime check to packet readers to ensure that all fds have
been read, and switches to seqs for packet writers.
|
| |
|
|
|
| |
Conflating buffered streams with non-buffered streams is generally a
bad idea.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Now we just pass down the value of n and check errno, plus
readDataLoop/writeDataLoop returns a bool indicating whether it failed.
For now this seems to work OK, but maybe I'll add a better abstraction
in the future.
EOFError is still used for handling failed packets; this is brittle,
and should be replaced once we have a proper buffering mechanism for
them. (That will also let us kill BufStream.)
Unrelated: this also fixes a bug in buffer with cacheId.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
pager: I want to change mailcap command parsing, so a custom
implementation is needed.
term: now it uses a custom buffer for the output stream too.
I don't think there is much difference in performance, but stdio was in
the way.
(Also, this way it will be easier to make it async in the future.)
|
| |
|
|
| |
heh
|
| | |
|
| |
|
|
|
|
|
| |
The fds must be read before the other buffer resumes execution.
Also, for some reason, CMSG_SPACE/CMSG_LEN are inconsistent in their
size with controllen on BSDs...
|
| | |
|
| |
|
|
|
|
|
|
| |
Moves sendfd/recvfd out of C, and fixes some of its flaws too.
The main one is that now all file descriptors are sent together.
Also, I've decided to remove the ServerSocket after all; it's easy to
add it back if it's ever needed again.
|
| |
|
|
|
|
|
|
|
|
|
| |
Now we just pass through a socket created in pager.
This removes the need for a socket directory, and strengthens the buffer
sandbox slightly.
I've kept the ServerSocket code, because I want to add some form of RPC
and communication between separate instances in the future. However,
I don't expect this to be handled outside the main process, so I've
removed the Capsicum-specific connectat/bindat code.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
safeClose was originally added to prevent this bug:
let fd = doSomething() # allocates fd on 0, e.g. by opening a socket
let ps = newPosixStream(fd)
...
discard dup2(ps.fd, STDIN_FILENO)
ps.sclose() # stdin is now closed, despite the opposite intention.
With safeClose called on fds that could be stdin, the goal was that
stdin/stdout/stderr would never be allocated as a different file,
but it was still error-prone. Enter moveFd:
ps.moveFd(STDIN_FILENO)
If ps is already stdin, this does nothing. If not, it dup2's ps to
stdin, closes ps.fd, and sets it to stdin.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, each message (load, resume, passFd, etc.) would open a new
connection to loader's UNIX socket, and assumed the loader was dead
when the loader did not respond (ECONNREFUSED).
As it turns out, this model was hopelessly broken: POSIX does not
specify when a UNIX socket can refuse connections, so while it happened
to work on Linux (which just blocks if it can't accept right now),
FreeBSD would randomly refuse connections whenever its listen queue was
full.
Instead, we now take a socketpair() from the loader in addClient, and
pass on one half to the client (the other half stays in loader); this is
the control stream, and all messages from the specific client are sent
through it. If a message includes a new stream (e.g. lcLoad), then it
sends a new socketpair through the control stream.
Aside from not being completely broken (and being marginally more
efficient), this arrangement has several other benefits: it removes the
need for authentication, almost removes the need for sockdir (now only
buffers use it), and will make it easier to add async message processing
in the future.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
FD_CLOEXEC should hopefully get rid of bugs where buffers outlived the
main process because of some stray child process keeping the canary
pipe alive.
It's not perfect because of the runMailcapWriteFile/runMailcapReadFile
double-forks. Ideally they should be replaced with an implementation
that tracks temporary files in the main process.
|
| |
|
|
|
|
|
|
| |
* correct action on M-b
* add external.bookmark option
* move openFileExpand functionality into unquote
* add menu items
* update docs
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the past, Chawan would read global mailcap (/etc/mailcap, ...) too,
but every now and then that would run entries that I didn't even know
existed and definitely didn't intend to run. So I changed it to only
use ~/.mailcap, but this meant users now had to add mailcap entries for
every single mime type.
At some point I also changed application/octet-stream to always save to
disk, which is usually nice except when a text file is misrecognized as
binary. Often times I just want to decide myself what to do.
So now there are two layers. First, the global mailcap files (path as
per RFC) prompt before executing. Then there is ~/.chawan/auto.mailcap
(or ~/.config/chawan/auto.mailcap) which runs entries automatically.
If you press shift before selecting an option in the prompt, the
corresponding entry gets copied to auto.mailcap. It's also possible to
type a new entry on the fly. Overall I think it's quite convenient.
One unfortunate side effect is that existing users will have to migrate
their entries to auto.mailcap, or redefine external.auto-mailcap to e.g.
~/.mailcap, but this seems acceptable.
|
| |
|
|
|
|
|
|
|
|
| |
* use PosixStream/mmap for mailcap reading too; this finally lets us get
rid of std/streams in the entire codebase
* split up recvDataLoopOrMmap into 3 functions: one that can fall back
to recvAll, one that falls back to recvDataLoop, and one that does not
fall back to anything
* use MAP_PRIVATE in mmap for read (we don't care if changes are
propagated, as we do no changes to cached files)
|
| |
|
|
|
| |
* fall back to recvAll on ilen = -1
* handle zero-length files
|
| |
|
|
|
|
|
| |
one std/streams less
I used mmap for reading the user config. It shouldn't matter in any
realistically sized config, but who knows.
|
| |
|
|
| |
just in case
|
| |
|
|
| |
turns out fchmod on sockets only works on Linux.
|
| |
|
|
|
| |
the man page says this isn't really portable, but it's better than
nothing
|
| |
|
|
|
|
|
|
|
|
| |
* consistently use cint instead of FileHandle
- this was another remnant of winapi support; on posix, they are
the same.
* move "blocking" field to PosixStream
* recvFileHandle -> recvFd, sendFileHandle -> sendFd
* merge serversocket into dynstream
* merge auxiliary C functions into dynstream_aux
|
| |
|
|
|
|
|
|
|
|
|
| |
nativesockets is a wrapper over posix and winapi, but we don't support
winapi, so we can just fall back to PosixStream instead.
SocketStream remains as a constraint over PosixStream to allow
sendFileHandle/recvFileHandle.
As a nice side effect, we can drop some allowed syscalls from the
seccomp filter.
|
| |
|
|
|
|
|
|
|
| |
* use more PosixStream (because it has double-close checking)
* factor out some common mailcap operations
* move console from client to pager
* fix case-insensitive mime type matching
* replace convoluted fdin/fdout comparison logic (that only accidentally
worked) with a boolean flag
|
| |
|
|
| |
now I know why overloading dealloc felt wrong
|
| |
|
|
|
|
|
|
| |
I'm thinking of making libcurl entirely optional; let's start with the
easiest part.
I've added a SOCKS5 client for ALL_PROXY support; I know curl supported
others too, but whatever.
|
| |
|
|
| |
ugh
|
| |
|
|
|
|
|
|
|
|
|
|
| |
std/selectors uses OS-specific selector APIs, which sounds good in
theory (faster than poll!), but sucks for portability in practice.
Sure, you can fix portability bugs, but who knows how many there are
on untested platforms... poll is standard, so if it works on one
computer it should work on all other ones. (I hope.)
As a bonus, I rewrote the timeout API for poll, which incidentally
fixes setTimeout across forks. Also, SIGWINCH should now work on all
platforms (as we self-pipe instead of signalfd/kqueue magic).
|
| |
|
|
|
|
| |
* fix broken int conversion in dynstream
* fix EPIPE handling in forkserver
* merge fdmap and connectingContainers into loader map
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* refactor parseHeader
* optimize response blob()
* add direct "to cache" mode for loader requests which sets stdout to a
file, and use it for image processing
* move image resizing into a separate process
* mmap cache files in between processing steps when possible
At last, resize is no longer a part of image decoding. Also, it feels
much nicer to keep encoded image data in the same cache as everything
else.
The mmap operations *should* be more efficient than copying the whole
RGBA data through a pipe. In practice, it only makes a difference for
loading (well, now just mmapping) the encoded image into the pager,
where it singlehandedly speeds up image display by 10x on my test image.
For the other steps, the unfortunate fact that "tocache" must delay the
next fork/exec in the pipeline until the entire image is processed seems
to equal out any wins we might have gotten from skipping a single raw
RGBA copy.
I have tried moving the delay before the exec (it's possible with yet
another pipe), but it didn't help much and made the code much
uglier. (Not that tocache didn't, but I can live with this...)
|
| |
|
|
| |
+ be a bit more paranoid about double closes
|
| |
|
|
|
|
|
|
|
| |
* xmlhttprequest: fix missing import
* painter: generic tuple workaround
* dynstream: merge module with implementations (so it will work with
vtables)
Not enabling vtables yet since it doesn't work with refc.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously we didn't actually free the main JS runtime, probably because
you can't do this without first waiting for JS to unwind the stack.
(This has the unfortunate effect that code now *can* run after quit().
TODO: find a fix for this.)
This isn't a huge problem per se, we only have one of these and the OS
can clean it up. However, it also disabled the JS_FreeRuntime leak
check, which resulted in sieve-like behavior (manual refcounting is
a pain).
So now we choose the other tradeoff: quit no longer runs exitnow, but
it waits for the event loop to run to the end and only then exits the
browser. Then, before exit we free the JS context & runtime, and also
all JS values allocated by config.
Fixes:
* fix `ad' flag not being set for just one siteconf/omnirule
* fix various leaks (since leak check is enabled now)
* use ptr UncheckedArray[JSValue] for QJS bindings that take an array
* allow JSAtom in jsgetprop etc., also disallow int types other than
uint32
* do not set a destructor for globals
|
| | |
|
| |
|
|
|
|
|
|
| |
This way they are no longer compatible, but we no longer need them to
be compatible anyway.
(This also forces us to throw out the old serialize module, and use
packet writers everywhere.)
|
| | |
|
| |
|
|
| |
analogous to bufwriter
|
| |
|
|
|
|
|
|
|
|
| |
Unsurprisingly enough, calling `write` a million times is never going to
be very fast.
BufferedWriter basically does the same thing as serialize.swrite did,
but queues up writes in batches before sending them.
TODO: give sread a similar treatment
|
|
|
a new abstraction that we derive posixstream from; hopefully with time
we can get rid of std/streams
|