Found by fuzz-syscalls. Can be reproduced by running this in the Shell:
$ syscall exit_thread
This leaves the process in the 'Dying' state but never actually removes it.
Therefore, avoid this scenario by pretending to exit the entire process.
Since the payload size is user-controlled, this could be used to
overflow the kernel stack.
We should probably also be breaking things into smaller packets at a
higher level, e.g TCPSocket::protocol_send(), but let's do that as
a separate exercise.
Fixes#5310.
This currently breaks the OSS-Fuzz build, and attempts to make it build
with clang >= 12 were unsuccessful, so let's just disable dbgln() checks
for any clang version.
This reverts commit 338bb73289.
This didn't work, the OSS-Fuzz build (using clang 12) is still failing.
We'll just disable dbgln() checks when compiling with any clang for now.
Not sure why this was 4 MiB in the first place, but that's a lot of
memory to reserve for each thread when we're running with 512 MiB
total in the default testing setup. :^)
Allocate GC heap blocks with mmap(MAP_RANDOMIZED) for ASLR.
This may very well be too aggressive in terms of fragmentation, and we
can figure out ways to scale that back once it becomes a big problem.
For now, this makes the GC heap a lot less predictable for an attacker.
* We don't have to lock the "all IPv4 sockets" in exclusive mode, shared mode is
enough for just reading the list (as opposed to modifying it).
* We don't have to lock socket's own lock at all, the IPv4Socket::did_receive()
implementation takes care of this.
* Most importantly, we don't have to hold the "all IPv4 sockets" across the
IPv4Socket::did_receive() call(s). We can copy the current ICMP socket list
while holding the lock, then release the lock, and then call
IPv4Socket::did_receive() on all the ICMP sockets in our list.
These changes fix a deadlock triggered by receiving ICMP messages when using tap
networking setup (as opposed to QEMU's default user/SLIRP networking) on the host.
These don't do short-circuit evaluation, and so I ran into some
some very subtle side-effects when converting code to DistinctNumeric.
In code like this:
MyDistinctNumeric n;
if (n && check_thing(n))
return;
There would be no short-circuit evaluation if the return type of
check_thing() was implicitly convertible to MyDistinctNumeric.
Ran into this while making Ext2FS::GroupIndex a DistinctNumeric.
The way we read/write directories is very inefficient, and this doesn't
solve any of that. It does however reduce memory usage of directory
entry vectors by 25% which has nice immediate benefits.
CLion doesn't understand that we switch compilers mid-build (which I
can understand since it's a bit unusual.) Defining __serenity__ makes
the majority of IDE features work correctly in the kernel context.
