Timeline
Dec 28, 2008:
- 5:35 PM Changeset in webkit [39497] by
-
- 2 edits in trunk/WebCore
2008-12-28 Cameron Zwarich <cwzwarich@uwaterloo.ca>
Reviewed by Sam Weinig.
Bug 23016: JavaScriptDebugServer::recompileAllJSFunctions() should not execute JS while reparsing all functions
<https://bugs.webkit.org/show_bug.cgi?id=23016>
<rdar://problem/6425077>
JavaScriptDebugServer::recompileAllJSFunctions() calls sourceParsed() while
reparsing all JS functions, which will execute JS in the inspector. Depending
on the order in which functions are recompiled, a function could have a new
body but other functions that have not been recompiled could have an optimized
(in the sense of inline caching) call to it, bypassing the check of whether or
not there is generated bytecode. This leads to a crash caused by accessing
indices off of a null pointer.
To fix the problem, simply delay calling sourceParsed() until after all functions
have been reparsed. The crash isn't 100% reproducible, but on the one test case
I have, this makes it impossible to reproduce after a large number of attempts,
when it used to happen every few attempts.
- inspector/JavaScriptDebugServer.cpp: (WebCore::JavaScriptDebugServer::recompileAllJSFunctions):
- 4:25 PM Changeset in webkit [39496] by
-
- 3 edits in trunk/WebCore
Rubber-stamped by Antti Koivisto.
Oops, remove some last minute ASSERTS that are obviously wrong.
- 4:16 PM Changeset in webkit [39495] by
-
- 10 edits1 add in trunk/WebCore
Reviewed by Antti Koivisto.
Fixes: https://bugs.webkit.org/show_bug.cgi?id=23015
Don't rely on HTMLFormControlElement in RenderTextControl.
Introduce an abstract FormControlElement class, containing the
valueMatchesRenderer/setValueMatchesRenderer, the only HTMLFormControlElement
specific methods that RenderTextControl relies on.
This makes it possible for WML to reuse RenderTextControl.
RenderTextControlSingleLine still relies on HTMLInputElement,
this will change if WMLInputElement is introduced.
- 1:33 PM Changeset in webkit [39494] by
-
- 3 edits in trunk/WebCore
2008-12-28 Cameron Zwarich <cwzwarich@uwaterloo.ca>
Reviewed by Darin Adler.
Bug 23006: Many Loader::Host member functions are not safe to use reentrantly
<https://bugs.webkit.org/show_bug.cgi?id=23006>
<rdar://problem/6216106>
Many Loader::Host member functions set m_processingResource to true when they
begin processing a resource and set it to false when they are done. Thanks to
JavaScript and the web inspector, almost anything can happen during the
processing of a resource, including these functions being called reentrantly,
which is unsafe due to this way of using m_processingResource.
This can theoretically cause a Loader::Host to be used after it is freed,
because when Loader::servedPendingRequests() is called, it will free Hosts
that have m_processingResource set to false.
To fix this, we replace m_processingResource with m_numResourcesProcessing,
which is incremented and decremented using a helper object, ProcessingResource.
There are no occurrences of crashes caused by this bug that are reproducible
by multiple people, but this fixes the problem of m_processingResource being
set to false while a Host is still alive.
- loader/loader.cpp: (WebCore::Loader::Host::Host): (WebCore::Loader::Host::didFinishLoading): Change to use ProcessingResource instead of manually setting m_processingResource. (WebCore::Loader::Host::didFail): Ditto. (WebCore::Loader::Host::didReceiveData): Ditto.
- loader/loader.h: (WebCore::Loader::Host::ProcessingResource::ProcessingResource): Added. (WebCore::Loader::Host::ProcessingResource::~ProcessingResource): Added. (WebCore::Loader::Host::processingResource): Change to use m_numResourcesProcessing instead of just getting m_processingResource.
- 11:40 AM Changeset in webkit [39493] by
-
- 3 edits2 adds in trunk
Reviewed by Darin Adler.
https://bugs.webkit.org/show_bug.cgi?id=23007
REGRESSION: Timer-related crash when closing Web Inspector
Test: fast/dom/Window/remove-timeout-crash.html
- bindings/js/DOMTimer.cpp: (WebCore::DOMTimer::fired): Besides deleting the timer, make sure to remove it from a Document map.
- 9:19 AM Changeset in webkit [39492] by
-
- 3 edits4 adds in trunk
Reviewed by Anders Carlsson.
https://bugs.webkit.org/show_bug.cgi?id=23012
Bring application cache manifest parsing up to date
Test: http/tests/appcache/manifest-parsing.html
- loader/appcache/ManifestParser.cpp: (WebCore::Mode): Added a constant for unknown sections, which are ignored when parsing. This is necessary for future extensions. (WebCore::parseManifest): Parse unknown sections correctly. Ignore trailing tokens in supported sections.
- 9:12 AM Changeset in webkit [39491] by
-
- 9 edits2 moves7 adds in trunk/LayoutTests
Reviewed by Anders Carlsson.
https://bugs.webkit.org/show_bug.cgi?id=23009
Add a test for application cache offline operation
- http/tests/resources/network-simulator.php: A proxy script to simulate a network connection that can go offline, using an infinite redirect loop in offline mode to generate an error.
- http/tests/appcache/offline-access-expected.txt: Added.
- http/tests/appcache/offline-access.html: Added.
- http/tests/appcache/resources/offline-access-frame.html: Added.
- http/tests/appcache/resources/offline-access.js: Added.
- http/tests/appcache/resources/offline-access.manifest: Added. Test that an application loads successfully from cache.
- http/tests/resources: Added.
- http/tests/resources/portabilityLayer.php: Copied from LayoutTests/http/tests/xmlhttprequest/resources/portabilityLayer.php.
- http/tests/resources/reset-temp-file.php: Copied from LayoutTests/http/tests/xmlhttprequest/resources/reset-temp-file.php.
- http/tests/xmlhttprequest/access-control-basic-allow-preflight-cache-invalidation-by-header.html:
- http/tests/xmlhttprequest/access-control-basic-allow-preflight-cache-invalidation-by-method.html:
- http/tests/xmlhttprequest/access-control-basic-allow-preflight-cache-timeout.html:
- http/tests/xmlhttprequest/access-control-basic-allow-preflight-cache.html:
- http/tests/xmlhttprequest/resources/access-control-basic-preflight-cache-invalidation.php:
- http/tests/xmlhttprequest/resources/access-control-basic-preflight-cache-timeout.php:
- http/tests/xmlhttprequest/resources/access-control-basic-preflight-cache.php:
- http/tests/xmlhttprequest/resources/portabilityLayer.php: Removed.
- http/tests/xmlhttprequest/resources/reset-temp-file.php: Removed.
- http/tests/appcache/resources/fail-on-update.php: Moved some common scripts from xmlhttprequest/resources/ to resources/
- 5:54 AM Changeset in webkit [39490] by
-
- 13 edits4 adds in trunk/WebCore
Reviewed by Darin Adler.
Fixes: https://bugs.webkit.org/show_bug.cgi?id=22996
RenderTextControl heavily depends on HTMLInputElement & HTMLTextAreaElement.
It handles multi & single line text control rendering in one class. Split up
in two new classes: RenderTextControlSingleLine & RenderTextControlMultiLine.
This has several benefits - code is more readable now, the memory usage
for RenderTextControlMultiLine is reduced, as all stuff related to search fields
lives in RenderTextControlSingleLine, and it's easier to introduce an
abstraction for input/textarea-like elements for other HTML flavours like WML.
- 2:05 AM Changeset in webkit [39489] by
-
- 8 edits in trunk/WebCore
2008-12-28 Dmitry Titov <dimich@chromium.org>
Reviewed by Darin Adler.
https://bugs.webkit.org/show_bug.cgi?id=22755
Prepare to add create/remove timeout methods to JSWorkerContext by moving
timer-specific code from JSDOMWindowBase to DOMTimer.
Moved everything JS-related from DOMTimer to ScheduledAction.
Now ScheduledAction is what it wanted to be all the time: a JS engine-specific
container for timer callback that knows how to invoke it.
DOMTimer is not anymore JS-specific.
This is mostly moving the code around. No intended functional changes.
- bindings/js/DOMTimer.cpp: (WebCore::DOMTimer::DOMTimer): (WebCore::DOMTimer::~DOMTimer): (WebCore::DOMTimer::install): (WebCore::DOMTimer::removeById): (WebCore::DOMTimer::fired): (WebCore::DOMTimer::stop):
- bindings/js/DOMTimer.h:
- bindings/js/JSDOMWindowBase.cpp: (WebCore::JSDOMWindowBase::installTimeout): (WebCore::JSDOMWindowBase::removeTimeout):
- bindings/js/JSDOMWindowBase.h:
- bindings/js/ScheduledAction.cpp: (WebCore::ScheduledAction::execute):
- bindings/js/ScheduledAction.h:
- dom/Document.cpp: (WebCore::Document::addTimeout):
- 12:52 AM Changeset in webkit [39488] by
-
- 3 edits2 adds in trunk
2008-12-28 Cameron Zwarich <cwzwarich@uwaterloo.ca>
Reviewed by Oliver Hunt.
Bug 22840: REGRESSION (r38349): Gmail doesn't load with profiling enabled
<https://bugs.webkit.org/show_bug.cgi?id=22840>
<rdar://problem/6468077>
- bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::emitNewArray): Add an assertion that the range of registers passed to op_new_array is sequential. (JSC::BytecodeGenerator::emitCall): Correct the relocation of registers when emitting profiler hooks so that registers aren't leaked. Also, add an assertion that the 'this' register is always ref'd (because it is), remove the needless protection of the 'this' register when relocating, and add an assertion that the range of registers passed to op_call for function call arguments is sequential. (JSC::BytecodeGenerator::emitConstruct): Correct the relocation of registers when emitting profiler hooks so that registers aren't leaked. Also, add an assertion that the range of registers passed to op_construct for function call arguments is sequential.
LayoutTests:
- fast/profiler/call-register-leak-expected.txt: Added.
- fast/profiler/call-register-leak.html: Added.
Dec 27, 2008:
- 6:54 PM Changeset in webkit [39487] by
-
- 13 edits1 add in trunk/JavaScriptCore
<rdar://problem/6467376> Race condition in WTF::currentThread can lead to a thread using two different identifiers during its lifetime
If a newly-created thread calls WTF::currentThread() before WTF::createThread calls establishIdentifierForPthreadHandle
then more than one identifier will be used for the same thread. We can avoid this by adding some extra synchronization
during thread creation that delays the execution of the thread function until the thread identifier has been set up, and
an assertion to catch this problem should it reappear in the future.
Reviewed by Alexey Proskuryakov.
- wtf/Threading.cpp: Added.
(WTF::NewThreadContext::NewThreadContext):
(WTF::threadEntryPoint):
(WTF::createThread): Add cross-platform createThread function that delays the execution of the thread function until
after the thread identifier has been set up.
- wtf/Threading.h:
- wtf/ThreadingGtk.cpp:
(WTF::establishIdentifierForThread):
(WTF::createThreadInternal):
- wtf/ThreadingNone.cpp:
(WTF::createThreadInternal):
- wtf/ThreadingPthreads.cpp:
(WTF::establishIdentifierForPthreadHandle):
(WTF::createThreadInternal):
- wtf/ThreadingQt.cpp:
(WTF::identifierByQthreadHandle):
(WTF::establishIdentifierForThread):
(WTF::createThreadInternal):
- wtf/ThreadingWin.cpp:
(WTF::storeThreadHandleByIdentifier):
(WTF::createThreadInternal):
Add Threading.cpp to the build.
- GNUmakefile.am:
- JavaScriptCore.pri:
- JavaScriptCore.scons:
- JavaScriptCore.vcproj/WTF/WTF.vcproj:
- JavaScriptCore.xcodeproj/project.pbxproj:
- JavaScriptCoreSources.bkl:
- 12:30 AM Changeset in webkit [39486] by
-
- 2 edits in trunk/LayoutTests
Suggested by Dave Levin.
Another attempt to fix the failing XHR tests on Tiger buildbot: make file_put_contents
portable implementation return a result.
- http/tests/xmlhttprequest/resources/portabilityLayer.php:
Dec 26, 2008:
- 1:31 PM Changeset in webkit [39485] by
-
- 2 edits in trunk/LayoutTests
2008-12-26 David Levin <levin@chromium.org>
Reviewed by Alexey Proskuryakov.
Remove ensureTrailingSlash from appcache test.
- http/tests/appcache/resources/fail-on-update.php:
- 1:19 PM Changeset in webkit [39484] by
-
- 2 edits in trunk/WebCore
2008-12-26 Zalan Bujtas <zbujtas@gmail.com>
Reviewed by Darin Adler.
https://bugs.webkit.org/show_bug.cgi?id=22999
Check if database thread exists.
- storage/Database.cpp: (WebCore::Database::openAndVerifyVersion): (WebCore::Database::markAsDeletedAndClose): (WebCore::Database::tableNames):
- 1:01 PM Changeset in webkit [39483] by
-
- 2 edits in trunk/JavaScriptCore
2008-12-26 Sam Weinig <sam@webkit.org>
Reviewed by Alexey Proskuryakov.
Remove unused method.
- runtime/Structure.h: Remove mutableTypeInfo.
- 12:00 PM Changeset in webkit [39482] by
-
- 6 edits in trunk/LayoutTests
2008-12-26 David Levin <levin@chromium.org>
Reviewed by Alexey Proskuryakov.
Attempt to fix the failiing XHR tests on tiger buildbot.
Remove the no longer needed ensureTrailingSlash function.
- http/tests/xmlhttprequest/resources/access-control-basic-preflight-cache-invalidation.php:
- http/tests/xmlhttprequest/resources/access-control-basic-preflight-cache-timeout.php:
- http/tests/xmlhttprequest/resources/access-control-basic-preflight-cache.php:
- http/tests/xmlhttprequest/resources/portabilityLayer.php: Make sys_get_temp_dir() return "/tmp" when it can't find the temp directory through other means.
- http/tests/xmlhttprequest/resources/reset-temp-file.php:
- 11:54 AM Changeset in webkit [39481] by
-
- 2 edits in trunk/WebKit/mac
Reviewed by Sam Weinig.
- fix <rdar://problem/6467608> lastVisitWasFailure flag persists in global history after a successful visit
- History/WebHistory.mm: (-[WebHistory _visitedURL:withTitle:wasFailure:]): Changed to always update the wasFailure flag on the HistoryItem.
- 11:05 AM Changeset in webkit [39480] by
-
- 2 edits in trunk/LayoutTests
Reviewed by Anders Carlsson.
Fix a layout test that was broken by the previous appcache commit
(it only passed every other time as a result).
- http/tests/appcache/fail-on-update.html:
- 10:59 AM Changeset in webkit [39479] by
-
- 5 edits in trunk/LayoutTests
2008-12-26 Simon Fraser <Simon Fraser>
Update more svg-as-image test results affected by the fix
for SVGImage drawing.
- platform/mac/fast/borders/svg-as-border-image-2-expected.checksum:
- platform/mac/fast/borders/svg-as-border-image-2-expected.png:
- platform/mac/fast/borders/svg-as-border-image-expected.checksum:
- platform/mac/fast/borders/svg-as-border-image-expected.png:
- 10:52 AM Changeset in webkit [39478] by
-
- 3 edits3 adds in trunk
Reviewed by Darin Adler.
https://bugs.webkit.org/show_bug.cgi?id=23001
A call to applicationCache.update() from a cached event listener should be ignored
Test: http/tests/appcache/idempotent-update.html
- loader/appcache/ApplicationCacheGroup.cpp: (WebCore::ApplicationCacheGroup::checkIfLoadIsComplete): Only reset m_status after dispatching events.
- 9:40 AM Changeset in webkit [39477] by
-
- 4 edits16 adds in trunk
Reviewed by Darin Adler.
https://bugs.webkit.org/show_bug.cgi?id=22997
ASSERTION FAILED: !m_resources.contains(url) in ApplicationCache::addResource()
Tests: http/tests/appcache/top-frame-1.html
http/tests/appcache/top-frame-2.html
http/tests/appcache/top-frame-3.html
http/tests/appcache/top-frame-4.html
- loader/appcache/ApplicationCacheGroup.cpp: (WebCore::ApplicationCacheGroup::cacheForMainRequest): Fixed one more instance of top level frame being used for caching purposes.
- 3:03 AM Changeset in webkit [39476] by
-
- 3 edits in trunk/LayoutTests
2008-12-26 David Levin <levin@chromium.org>
Reviewed by Alexey Proskuryakov.
https://bugs.webkit.org/show_bug.cgi?id=22950
Added more logging to reset-temp-file to help expose potential issues that could cause test failures (on the tiger buildbot).
If there are issues in reset-temp-file, they are printed from the test access-control-basic-allow-preflight-cache.html
- http/tests/xmlhttprequest/access-control-basic-allow-preflight-cache.html:
- http/tests/xmlhttprequest/resources/reset-temp-file.php:
- 12:46 AM Changeset in webkit [39475] by
-
- 2 edits in trunk/WebCore
2008-12-26 Dmitry Titov <dimich@chromium.org>
Reviewed by Darin Adler.
https://bugs.webkit.org/show_bug.cgi?id=22987
Fix for broken test editing/execCommand/5763082.html
- editing/CompositeEditCommand.cpp: (WebCore::CompositeEditCommand::mergeIdenticalElements): Used local RefPtr to hold onto function parameter across multiple calls.
Dec 25, 2008:
- 1:12 PM Changeset in webkit [39474] by
-
- 7 edits5 adds in trunk
Reviewed by Darin Adler.
https://bugs.webkit.org/show_bug.cgi?id=22993
Application cache shouldn't be inherited by subframes
<rdar://problem/6284708> AppCache crashes in ApplicationCacheResource::addType()
This crash happened because main resource for subframe was looked up in top frame's
appcache. If not for the spec change, it could have been fixed by preventing the load
altogether.
Test: http/tests/appcache/foreign-iframe-main.html
I intend to write additional tests for the behavior change.
- loader/DocumentLoader.cpp: (WebCore::DocumentLoader::shouldLoadResourceFromApplicationCache):
- loader/DocumentLoader.h: (WebCore::DocumentLoader::applicationCache):
- loader/MainResourceLoader.cpp: (WebCore::MainResourceLoader::load):
- loader/appcache/DOMApplicationCache.cpp: (WebCore::DOMApplicationCache::associatedCache): Removed DocumentLoader::topLevelApplicationCache(), and changed callers accordingly.
- loader/appcache/ApplicationCacheGroup.cpp: (WebCore::ApplicationCacheGroup::selectCache): (WebCore::ApplicationCacheGroup::selectCacheWithoutManifestURL): Removed checks for the frame being top-level one, now that subframes are cached independently.
- 6:18 AM Changeset in webkit [39473] by
-
- 6 edits in trunk/WebCore
2008-12-25 Antti Koivisto <Antti Koivisto>
Reviewed by Oliver Hunt.
<rdar://problem/6465669> Frequent !isPurgeable() assertion in WebCore::CachedResource::addClient
Disallow turning resources that are being revalidated to purgable state.
No test, the condition is difficult to produce in DRT.
- loader/CachedCSSStyleSheet.cpp: (WebCore::CachedCSSStyleSheet::allClientsRemoved):
- loader/CachedImage.cpp: (WebCore::CachedImage::destroyDecodedData):
- loader/CachedResource.cpp: (WebCore::CachedResource::isSafeToMakePurgeable): (WebCore::CachedResource::makePurgeable):
- loader/CachedResource.h:
- loader/CachedScript.cpp: (WebCore::CachedScript::destroyDecodedData):
- 2:55 AM Changeset in webkit [39472] by
-
- 2 edits in trunk/WebCore
Qt build fix.
- WebCore.pro: Added ThreadGlobalData.cpp.
Dec 24, 2008:
- 9:26 PM Changeset in webkit [39471] by
-
- 3 edits in trunk/WebKitTools
Move the guts of determineCurrentSVNRevision to VCSUtils as svnRevisionForDirectory,
and make it work for git too.
Reviewed by Timothy Hatcher.
- Scripts/VCSUtils.pm:
- Scripts/webkitdirs.pm:
- 4:42 PM Changeset in webkit [39470] by
-
- 2 edits in trunk/WebCore
Build fix.
- WebCore.base.exp: Remove a symbol from the export file now that it is no longer generated.
- 1:39 PM Changeset in webkit [39469] by
-
- 7 edits in trunk/LayoutTests
2008-12-24 Simon Fraser <Simon Fraser>
Reviewed by Oliver Hunt
Update more svg-as-image test results affected by the fix
for SVGImage drawing.
- platform/mac/fast/images/svg-as-background-expected.checksum:
- platform/mac/fast/images/svg-as-background-expected.png:
- platform/mac/fast/images/svg-as-image-expected.checksum:
- platform/mac/fast/images/svg-as-image-expected.png:
- platform/mac/fast/images/svg-as-relative-image-expected.checksum:
- platform/mac/fast/images/svg-as-relative-image-expected.png:
- transforms/2d/compound-transforms-vs-containers.html:
- 10:08 AM Changeset in webkit [39468] by
-
- 1 edit in trunk/LayoutTests/ChangeLog
Fix a typo in ChangeLog.
- 10:06 AM Changeset in webkit [39467] by
-
- 3 edits2 moves in trunk/LayoutTests
Reviewed by Dan Bernstein.
https://bugs.webkit.org/show_bug.cgi?id=22982
http/tests/navigation/post-goback-repost-policy.html fails on Tiger
Change resources that are accessed with POST form .html to .php. I don't know why Apache 2.0
had no problem with this.
- http/tests/navigation/post-goback-repost-policy.html:
- http/tests/navigation/resources/goback-with-policydelegate.html: Removed.
- http/tests/navigation/resources/goback-with-policydelegate.php: Copied from LayoutTests/http/tests/navigation/resources/goback-with-policydelegate.html.
- http/tests/navigation/resources/post-target-policy-test.html: Removed.
- http/tests/navigation/resources/post-target-policy-test.php: Copied from LayoutTests/http/tests/navigation/resources/post-target-policy-test.html.
- 4:44 AM Changeset in webkit [39466] by
-
- 2 edits in trunk/WebCore
Unreviewed build fix to find addSubresourceURL
This is needed to compile on WebKit/Gtk+
