Without limiting the size of the launchpad window, the application
prepares itself for the worst case, taking the screen size as maximum
size to allocate its pixel buffers. Limiting the maximum width to a
reasonable value reduces the memory footprint.
When an invalid opcode gets executed, OKL4 switches to the kernel debugger
console instead of sending an exception IPC to the userland. This patch
fixes the problem by removing the code that invokes the debugger console.
This patch fixes#95.
It does not suffice to constrain the amount of returned data with chunk
size of the transport buffer because the client may have specified an
even smaller value. For example, libreadline reads single characters
from the terminal and expects a single character in return. A different
amount is interpreted as EOF.
This patch makes use of the recently added support for const RPC
functions by turning 'Framebuffer::Session::mode()' and
'Input::Session::is_pending()' into const functions.
Until now, the RPC framework did not support const RPC functions. Rather
than being a limitation inherent to the concept, const RPC functions
plainly did not exist. So supporting them was not deemed too important.
However, there are uses of RPC interfaces that would benefit from a way
to declare an RPC function as const. Candidates are functions like
'Framebuffer::Session::mode()' and 'Input::Session::is_pending()'.
This patch clears the way towards declaring such functions as const.
Even though the patch is simple enough, the thorough support for
const-qualified RPC functions would double the number of overloads for
the 'call_member' function template (in 'base/include/util/meta.h'). For
this reason, the patch does support const getter functions with no
arguments only. This appears to be the most common use of such
functions.
Linux DDE used to implement Linux spin locks based on 'dde_kit_lock'.
This works fine if a spin lock is initialized only once and used
infinitely. But if spin locks are initialized on-the-fly at a high rate,
each initialization causes the allocation of a new 'dde_kit_lock'.
Because in contrast to normal locks, spinlocks cannot be explicitly
destroyed, the spin-lock emulating locks are never freed. To solve the
leakage of locks, there seems to be no other way than to support the
semantics as expected by the Linux drivers. Hence, this patch introduces
a DDE Kit API for spin locks.
This patch implements the support needed to handle exceptions that occur
during the construction of objects dynamically allocated via the
'Allocator' interface. In this case, the compiler automatically invokes
a special delete operator that takes the allocator type (as supplied to
'new') as second argument. The implementation of this delete operator
has been added to the 'cxx' library. Because the operator delete is
called without the size of the object, we can use only those allocators
that ignore the size argument of the free function and print a warning
otherwise. The added 'Allocator::need_size_for_free()' function is used
to distinguish safe and unsafe allocators.
The new d3m component is the designated device-driver manager for the
upcoming live CD. It addresses the auto probing of USB storage and ATAPI
boot devices (issue #94) and the aggregation of user input coming from
USB HID and PS/2.
The new 'Slave_policy' and 'Slave' classes are built upon the existing
child framework. They support the implementation of scenarios where a
service is started as a child of the client. This is usefull for
employing an existing service implementation as a local utility or
plugin.
This library was used during the first porting steps of Genode to NOVA
for executing parts of the framework API without core. Those bare-metal
tests are not maintained anymore. So this library can be removed.
The 'mode_sigh' function allows the client to receive notifications
about server-side display-mode changes. To respond to such a signal, the
client can use the new 'release' function, which acknowledges the mode
change at the server and frees the original framebuffer dataspace. Via a
subsequent call of 'dataspace', a framebuffer dataspace corresponding to
the new mode can be obtained. Related to issue #11.
As a preliminary step for working on issue #11, this patch revisits the
'Framebuffer::info' RPC call. Instead of using C-style out paramters,
the new 'mode()' RPC call returns the mode information as an object of
type 'Mode'. Consequently, mode-specific functions such as
'bytes_per_pixel' have been moved to the new 'Framebuffer::Mode' class.
This version of the library was hardwired to the former USB storage
driver supplied with DDE Linux. This driver is no more. The ffat.mk lib
is superseded by the libc_ffat plugin anyway. This plugin uses Genode's
block session interface instead of co-locating the block driver with the
application.
The probing and I/O resource allocation is done only once at the
creation time of the first session. When closing and re-opening the
session, the '_device' object is simply reused. This patch fixes#92.
Normally, the build system creates libraries as mere side effects of
building targets. There is no way to explicitly trigger the build of
libraries only. However, in some circumstances (for example for testing
the thorough build of all libraries) a mechanism for explicitly building
libraries would be convenient. This patch implements this feature. It
consists of two changes.
The new pseudo target at 'base/src/lib/target.mk' gathers all libraries
that are available in all repositories specified for the build directory
and makes its target depend on them. This way, by building 'lib', all
libraries would be traversed. However, in the (likely) situation that
those libraries include one or more invalid libraries (libraries with
unsatisfied build requirements), the build system would skip the target.
Hence, the second change introduces a new condition 'FORCE_BUILD_LIBS'
to the build system. By setting this variable to 'yes' in the 'target.mk'
file, we let the build system to traverse library dependencies for
all valid libraries regardless of the presence of any invalid library.
When using an ELF image as returned from the iso9660 server, such an
image is represented as a managed dataspace composed of various portions
of one RAM dataspace, each portion attached with a different offset.
Now, when mapping the text segment of the ELF image (usually starting at
0x1000 within the image), the code mapped at 0x1000 may correspond to
any offset within the RAM dataspace used by the iso9660 server. In
particular, the src-fault address (the one within the RAM dataspace) may
be higher than dst-fault address (somewhere just above 0x1000 where a
page-fault occurred). Thereby, 'curr_rm_base' may become negative
during the reverse lookup of 'Rm_client::pager'. This corner case used
to let the 'Fault_area::constrain' function return an invalid fault
area, and thereby let the reverse lookup fail. The improved version
explicitly checks for the address overflow condition and tries to
constrain the dst fault address to the largest possible log2 page within
the positive address range.
It turns out that recent subversion clients are more nitpicking with respect to
the usage of 'svn update'. Formerly it was ok to just checkout a toplevel
directory of some repository, and then update that parts in the repo that are
needed. This is used in the preparation makefile in 'base-foc' to just checkout
a small part of the L4Re software stack. Recent clients complain about using
update with some remote target, so we've to use 'checkout' here too.
This commit fixes#84.
With the recent change of Genode's development process and the switch to
GitHub, the contributions document has become a bit outdated. I rewrote
the document in a tutorial-like style and incorporated several practical
hints, in particular related to the recommended use of Git.
The patch fixes a corner-case problem with using the two-byte 'INT 0'
instruction for breakpoints. The fix changes the breakpoint instruction
to the single-byte 'HLT'. 'HLT' is a privileged instruction and triggers
an exception when executed in user mode. Patch by Christian Prochaska.
The new 'gdb_monitor_interactive.run' script extends the original
'gdb_monitor.run' script with a startup sequence that automates the
initial break-in at the main function of a dynamically linked binary.
Patch by Christian Prochaska.
When reading the values of environment variables supplied via Genode
config mechanism, the XML attribute values were taken as is. On the libc
side, however, the values are processed using Genode's 'Arg_string'
functions. When unquoted, 'Arg_string' expects values to be either
identifiers or numbers. In the general case, however, env values cannot
be expected to satisfy these requirements. Hence, it is better to always
quote these values when reading the XML config. An alternative (maybe
better) solution would be to not use the 'Arg_string' classes in the
libc side.
