Timeline



Aug 6, 2007:

11:25 PM Changeset in webkit [24905] by weinig
  • 1 edit in trunk/JavaScriptCore/ChangeLog

Fix changelog

11:21 PM Changeset in webkit [24904] by weinig
  • 3 edits
    2 adds in trunk

JavaScriptCore:

Reviewed by Oliver.

Fix for http://bugs.webkit.org/show_bug.cgi?id=14891
Decompilation of try block immediately following "else" fails

Test: fast/js/toString-try-else.html

  • kjs/nodes2string.cpp: (TryNode::streamTo): Add newline before else.

LayoutTests:

Reviewed by Oliver.

Test for http://bugs.webkit.org/show_bug.cgi?id=14891
Decompilation of try block immediately following "else" fails

  • fast/js/toString-try-else-expected.txt: Added.
  • fast/js/toString-try-else.html: Added.
10:41 PM Changeset in webkit [24903] by bdash
  • 1 edit in tags/Safari-5522.13.1/WebKit/Configurations/Version.xcconfig

Versioning.

10:41 PM Changeset in webkit [24902] by bdash
  • 3 edits in tags/Safari-5522.13.1/WebKit

Merge r24811.

Reviewed by Anders Carlsson and Kevin Decker.

  • fix <rdar://problem/5377432> Removal of MakeDataExecutable from 64-bit breaks WebKit build

The trick was to ifdef out more of the code that's only needed to support CFM, which exists
only for 32-bit PowerPC.

  • Plugins/WebNetscapePluginPackage.h: Define a SUPPORT_CFM symbol in this internal header when we support CFM. We support it only on 32-bit PowerPC. Only define the isBundle, isCFM, and connID fields when SUPPORT_CFM is on. Also use ResFileRefNum instead of SInt16.
  • Plugins/WebNetscapePluginPackage.m: Only compile the function pointer and transition vector functions when SUPPORT_CFM is on. (-[WebNetscapePluginPackage openResourceFile]): Put the non-bundle case inside a SUPPORT_CFM ifdef, since all non-CFM plug-ins are bundles. (-[WebNetscapePluginPackage closeResourceFile:]): Ditto. (-[WebNetscapePluginPackage _initWithPath:]): Use SUPPORT_CFM to compile out the code for non-bundle and bundle-based CFM plug-ins, and code that sets isBundle and isCFM. (-[WebNetscapePluginPackage executableType]): Put the CFM case inside SUPPORT_CFM. (-[WebNetscapePluginPackage load]): Put the non-bundle and CFM cases inside SUPPORT_CFM. There was a bit of dead code here. (-[WebNetscapePluginPackage _unloadWithShutdown:]): Put the non-bundle case inside SUPPORT_CFM.
8:24 PM Changeset in webkit [24901] by weinig
  • 3 edits in trunk/LayoutTests

Reviewed by Oliver.

Update test to not timeout.

  • http/tests/security/javascriptURL/xss-ALLOWED-to-javascript-url-sub-frame-2-level-expected.txt:
  • http/tests/security/javascriptURL/xss-ALLOWED-to-javascript-url-sub-frame-2-level.html:
8:08 PM Changeset in webkit [24900] by weinig
  • 7 edits
    32 adds in trunk

LayoutTests:

Reviewed by Maciej.

Tests for <rdar://problem/5354689>

  • http/tests/security/javascriptURL: Added.
  • http/tests/security/javascriptURL/resources: Added.
  • http/tests/security/javascriptURL/resources/foreign-domain-javascipt-url-accessee-iframe.html: Added.
  • http/tests/security/javascriptURL/resources/foreign-domain-javascipt-url-accessee-opened-frame.html: Added.
  • http/tests/security/javascriptURL/resources/foreign-domain-javascipt-url-accessor-iframe.html: Added.
  • http/tests/security/javascriptURL/resources/foreign-domain-javascipt-url-accessor-opened-frame.html: Added.
  • http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-sub-frame-2-level-expected.txt: Added.
  • http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-sub-frame-2-level.html: Added.
  • http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-sub-frame-expected.txt: Added.
  • http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-sub-frame-to-javascript-url-sub-frame-expected.txt: Added.
  • http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-sub-frame-to-javascript-url-sub-frame.html: Added.
  • http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-sub-frame.html: Added.
  • http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-to-javscript-url-expected.txt: Added.
  • http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-to-javscript-url.html: Added.
  • http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-window-open-expected.txt: Added.
  • http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-window-open.html: Added.
  • http/tests/security/javascriptURL/xss-ALLOWED-to-javascript-url-from-javscript-url-expected.txt: Added.
  • http/tests/security/javascriptURL/xss-ALLOWED-to-javascript-url-from-javscript-url.html: Added.
  • http/tests/security/javascriptURL/xss-ALLOWED-to-javascript-url-sub-frame-2-level-expected.txt: Added.
  • http/tests/security/javascriptURL/xss-ALLOWED-to-javascript-url-sub-frame-2-level.html: Added.
  • http/tests/security/javascriptURL/xss-ALLOWED-to-javascript-url-sub-frame-expected.txt: Added.
  • http/tests/security/javascriptURL/xss-ALLOWED-to-javascript-url-sub-frame.html: Added.
  • http/tests/security/javascriptURL/xss-ALLOWED-to-javascript-url-window-open-expected.txt: Added.
  • http/tests/security/javascriptURL/xss-ALLOWED-to-javascript-url-window-open.html: Added.
  • http/tests/security/javascriptURL/xss-DENIED-from-javascipt-url-in-foriegn-domain-subframe-expected.txt: Added.
  • http/tests/security/javascriptURL/xss-DENIED-from-javascipt-url-in-foriegn-domain-subframe.html: Added.
  • http/tests/security/javascriptURL/xss-DENIED-from-javascipt-url-in-foriegn-domain-window-open-expected.txt: Added.
  • http/tests/security/javascriptURL/xss-DENIED-from-javascipt-url-in-foriegn-domain-window-open.html: Added.
  • http/tests/security/javascriptURL/xss-DENIED-to-javascipt-url-in-foriegn-domain-subframe-expected.txt: Added.
  • http/tests/security/javascriptURL/xss-DENIED-to-javascipt-url-in-foriegn-domain-subframe.html: Added.
  • http/tests/security/javascriptURL/xss-DENIED-to-javascipt-url-in-foriegn-domain-window-open-expected.txt: Added.
  • http/tests/security/javascriptURL/xss-DENIED-to-javascipt-url-in-foriegn-domain-window-open.html: Added.
  • http/tests/security/resources/cross-frame-access.js:

WebCore:

Reviewed by Maciej.

Fix for <rdar://problem/5354689>

  • Use document variable to determine permissions instead of traversing the frame tree.
  • bindings/js/kjs_window.cpp: (KJS::Window::isSafeScript):
  • dom/Document.cpp: (WebCore::Document::Document): (WebCore::Document::initSecurityPolicyURL):
  • dom/Document.h: (WebCore::Document::securityPolicyURL):
  • loader/FrameLoader.cpp: (WebCore::FrameLoader::setOpener): We must re-initialize the safeScript URL when setting the opener because the opener was not known at Document construction.
7:31 PM Changeset in webkit [24899] by bdash
  • 4 edits in trunk

Versioning.

7:22 PM Changeset in webkit [24898] by bdash
  • 6 edits
    2 deletes in trunk

Roll out r24889.

6:45 PM Changeset in webkit [24897] by bdash
  • 4 edits in trunk/JavaScriptCore

2007-08-07 Mark Rowe <mrowe@apple.com>

Reviewed by Maciej.

<rdar://problem/5388774> REGRESSION: Hang occurs after clicking "Attach a file " link in a new .Mac message

Attempting to acquire the JSLock inside CollectorHeap::forceLock can lead to a deadlock if the thread currently
holding the lock is waiting on the thread that is forking. It is not considered safe to use system frameworks
after a fork without first execing[*] so it is not particularly important to ensure that the collector and
fastMalloc allocators are unlocked in the child process. If the child process wishes to use JavaScriptCore it
should exec after forking like it would to use any other system framework.
[*]: <http://lists.apple.com/archives/Cocoa-dev/2005/Jan/msg00676.html>

  • kjs/CollectorHeapIntrospector.cpp: Remove forceLock and forceUnlock implementations.
  • kjs/CollectorHeapIntrospector.h: Stub out forceLock and forceUnlock methods.
  • wtf/FastMalloc.cpp: Ditto.
5:10 PM Changeset in webkit [24896] by hyatt
  • 2 edits in trunk/WebCore

Make sure to clear out the parent of the ellipsis box so that it doesn't
trigger the consistency check for line boxes.

Reviewed by darin

  • ChangeLog:
  • rendering/RootInlineBox.cpp: (WebCore::RootInlineBox::detachEllipsisBox):
5:09 PM Changeset in webkit [24895] by bdash
  • 1 edit in tags/Safari-5522.13.1/JavaScriptCore/Configurations/Version.xcconfig

Versioning.

5:09 PM Changeset in webkit [24894] by bdash
  • 2 edits in tags/Safari-5522.13.1/JavaScriptCore

Merge r24884.

Reviewed by Anders.

  • fix <rdar://problem/5387589> 9A514: Quartz Composer crash on launch in KJS::jsString
  • API/JSBase.cpp: (JSEvaluateScript): Turn NULL for sourceURL into UString::null(), just as JSObjectMakeFunction already does. (JSCheckScriptSyntax): Ditto.
3:33 PM Changeset in webkit [24893] by bdash
  • 1 copy in tags/Safari-5522.13.1

New tag.

2:50 PM Changeset in webkit [24892] by hyatt
  • 4 edits in trunk/WebCore

Back out fix for <rdar://problem/5366582> and replace it with the correct
fix. Make sure to delete the line box tree before splitting an inline flow
into a continuation. The added layout test for the original checkin covers
the problem.

Reviewed by beth

  • rendering/RenderBlock.cpp: (WebCore::RenderBlock::makeChildrenNonInline): Back out fix.
  • rendering/RenderFlow.cpp: (WebCore::RenderFlow::destroy): Back out fix.
  • rendering/RenderInline.cpp: (WebCore::RenderInline::splitFlow): Here's the new fix.
2:43 PM Changeset in webkit [24891] by ggaren
  • 2 edits in trunk/WebCore

Reviewed by Darin Adler.


Touching a file to force a re-build.

1:53 PM Changeset in webkit [24890] by darin
  • 2 edits in trunk/WebCore
  • fix release build
  • rendering/RenderText.h: (WebCore::RenderText::checkConsistency): Add missing const.
1:10 PM Changeset in webkit [24889] by andersca
  • 6 edits
    2 adds in trunk

LayoutTests:

Reviewed by Darin.

<rdar://problem/5360748>
REGRESSION(r21002-r21003) Flash widget sniffer doesn't work (affects iWeb)


Add test case by Kurt Revis.


  • fast/dom/NodeList/invalidate-node-lists-when-parsing-expected.txt: Added.
  • fast/dom/NodeList/invalidate-node-lists-when-parsing.html: Added.

WebCore:

Reviewed by Darin.

<rdar://problem/5360748>
REGRESSION(r21002-r21003) Flash widget sniffer doesn't work


Add a per-document NodeList counter. When parsing, only call notifyNodeListsChildrenChanged
if the document has node lists.


  • dom/ContainerNode.cpp: (WebCore::ContainerNode::addChild):
  • dom/Document.cpp: (WebCore::Document::Document):
  • dom/Document.h: (WebCore::Document::addNodeList): (WebCore::Document::removeNodeList): (WebCore::Document::hasNodeLists):
  • dom/Node.cpp: (WebCore::Node::registerNodeList): (WebCore::Node::unregisterNodeList):
1:02 PM Changeset in webkit [24888] by sfalken
  • 1 edit in trunk/WebKit/win/WebKit.vcproj/PRODUCTVERSION

Bump version.

12:51 PM Changeset in webkit [24887] by darin
  • 14 edits
    2 adds in trunk

LayoutTests:

Beth made this reduction/test, Geoff and I both helped refine it.

  • test for <rdar://problem/5366582> crash on it.eurosport.yahoo.com page
  • fast/dynamic/inline-to-block-crash-expected.txt: Added.
  • fast/dynamic/inline-to-block-crash.html: Added.

WebCore:

Reviewed by Maciej.

  • fix <rdar://problem/5366582> crash on it.eurosport.yahoo.com page

Test: fast/dynamic/inline-to-block-crash.html

I added some consistency checks for the line box tree, which helped me figure out
what was going on with this bug pretty quickly.

  • rendering/RenderBlock.cpp: (WebCore::RenderBlock::makeChildrenNonInline): This is the actual fix. If the block needs layout, then don't try to delete the line box tree because it's going to be rebuilt as part of layout. More importantly, the child list in the tree is no good, so we will crash if we try to delete here.
  • rendering/RenderFlow.cpp: (WebCore::RenderFlow::destroy): Here's a second fix. We have the same issue in the code that handles anonymous blocks -- if it's already running as part of layout, we can't walk through the already partly destroyed line box tree. This crashed in one of the layout tests.
  • rendering/InlineBox.h: Made more fields private, since I wanted to do a bit more work in setters. Made setNextOnLine() and setPrevOnLine() assert that the box has a parent. Made parent() assert that the parent is good. Also removed the unused isChildOfParent() function.
  • rendering/InlineBox.cpp: (WebCore::InlineBox::~InlineBox): At destruction time, if we are still attached to a parent, tag that parent as having a "bad" child list.
  • rendering/InlineFlowBox.h: Added m_reasonForBadChildList, checkConsistency(), setHasBadChildList(), and hasBadChildList(). Also changed firstChild() and lastChild() so they call checkConsistency() and made all the fields private instead of protected.
  • rendering/InlineFlowBox.cpp: (WebCore::InlineFlowBox::addToLine): Added consistency checks before and after adding a box to the line. Also checked that next and prev start out as 0. Changed manipulation of next and prev to use accessor functions. (WebCore::InlineFlowBox::removeChild): Added consistency checks before and after removing the box from the line. (WebCore::InlineFlowBox::deleteLine): Use firstChild() instead of getting at m_firstChild directly so we get a consistency check. Also set the parent to 0 before destroying so that the assertion in ~InlineBox will work properly. (WebCore::InlineFlowBox::extractLine): Ditto. (WebCore::InlineFlowBox::attachLine): Ditto. (WebCore::InlineFlowBox::adjustPosition): Ditto. (WebCore::InlineFlowBox::checkConsistency): Added. Checks consistency of the child list by looking at the parent, next, and prev pointers. Also asserts that we are not yet in the "bad" child list state, which happens if one of our children is destroyed without removing it from our list; that's normal, but once it happens we can't look at our child list again.
  • rendering/InlineTextBox.h:
  • rendering/InlineTextBox.cpp: Remove unnneeded destroy/new/delete functions -- these are inherited from the InlineBox base class and don't need to be defined again.
  • rendering/RenderFlow.h:
  • rendering/RenderFlow.cpp: (WebCore::RenderFlow::~RenderFlow): Assert that there are no children to confirm that we didn't leak something. (WebCore::RenderFlow::extractLineBox): Added consistency checks before and after removing a run of boxes from the list. (WebCore::RenderFlow::attachLineBox): Added consistency checks before and after adding a box to the list. (WebCore::RenderFlow::removeLineBox): Added consistency checks before and after removing a box from the list. (WebCore::RenderFlow::createInlineBox): Added consistency checks before and after adding a box to the list. (WebCore::RenderFlow::checkConsistency): Added.
  • rendering/RenderText.h:
  • rendering/RenderText.cpp: (WebCore::RenderText::~RenderText): Assert that there are no children to confirm that we didn't leak something. (WebCore::RenderText::extractTextBox): Added consistency checks before and after removing a run of boxes from the list. (WebCore::RenderText::attachTextBox): Added consistency checks before and after adding a box to the list. (WebCore::RenderText::removeTextBox): Added consistency checks before and after removing a box from the list. (WebCore::RenderText::deleteTextBoxes): Added code to call setHasBadChildList since this destroys line boxes without informing the parent. (WebCore::RenderText::checkConsistency): Added.
12:49 PM Changeset in webkit [24886] by adele
  • 4 edits
    4 adds in trunk

LayoutTests:

Reviewed by Darin.

Test for <rdar://problem/5382483> REGRESSION: <select> element's text is clipped when a CSS line-height is specified

  • fast/forms/menulist-restrict-line-height-expected.checksum: Added.
  • fast/forms/menulist-restrict-line-height-expected.png: Added.
  • fast/forms/menulist-restrict-line-height-expected.txt: Added.
  • fast/forms/menulist-restrict-line-height.html: Added.

WebCore:

Reviewed by Darin.

Fix for <rdar://problem/5382483> REGRESSION: <select> element's text is clipped when a CSS line-height is specified

Don't honor line-height for styled popup buttons. We already don't honor line-height for unstyled popups
and since IE and FF don't honor it at all for popups, we shouldn't either.

  • rendering/RenderThemeMac.mm: (WebCore::RenderThemeMac::adjustMenuListButtonStyle):
  • rendering/RenderThemeSafari.cpp: (WebCore::RenderThemeSafari::adjustMenuListButtonStyle):
12:34 PM Changeset in webkit [24885] by darin
  • 2 edits in trunk/JavaScriptCore

Rubber stamped by Geoff.

  • kjs/ustring.h: Added an assertion which would have helped us find the previous bug more easily.
12:00 PM Changeset in webkit [24884] by darin
  • 2 edits in trunk/JavaScriptCore

Reviewed by Anders.

  • fix <rdar://problem/5387589> 9A514: Quartz Composer crash on launch in KJS::jsString
  • API/JSBase.cpp: (JSEvaluateScript): Turn NULL for sourceURL into UString::null(), just as JSObjectMakeFunction already does. (JSCheckScriptSyntax): Ditto.
11:08 AM Changeset in webkit [24883] by ddkilzer
  • 2 edits in trunk/WebKitTools

2007-08-06 Nigel Tao <nigeltao@gnome.org>

Reviewed by David Kilzer.

Fix bug 14745: WebKitTools/Scripts/run-launcher doesn't speak --gdk
http://bugs.webkit.org/show_bug.cgi?id=14745

  • Scripts/run-launcher: Scrub the "--gdk" out of the command line args, if given, so that GdkLauncher doesn't try to interpret it as a URL.
11:07 AM Changeset in webkit [24882] by sfalken
  • 3 edits in trunk

Build fix

9:30 AM BuildingGdk edited by alp@atoker.com
Update curl backend/theming notes (diff)
9:23 AM BuildingGdk edited by alp@atoker.com
Add note about not being Gtk+WebCore, and update build deps (diff)

Aug 5, 2007:

10:48 PM Changeset in webkit [24881] by pewtermoose
  • 2 edits in trunk/JavaScriptCore

Not reviewed, build fix.

  • kjs/string_object.cpp: (KJS::StringProtoFunc::callAsFunction):
7:23 PM Changeset in webkit [24880] by darin
  • 3 edits in trunk/LayoutTests
  • mac/leopard/Skipped: Removed 3 non-platform-specific failing tests.
  • win/Skipped: Ditto.
7:07 PM Changeset in webkit [24879] by darin
  • 1 edit in trunk/LayoutTests/ChangeLog

Change log entry to mention that my fix was an attempt (that didn't work).

7:05 PM Changeset in webkit [24878] by antti
  • 6 edits in trunk/WebCore

Reviewed by Darin.

Fix <rdar://problem/5378214>
Mail crashes at RenderLayer::paintLayer() when dragging a selection over To Do text


ObjC interface does not guarantee that Document::updateRendering() gets called after
modification are made to document. This can lead to situation where paint()
is invoked with document still dirty which can then crash in number of interesting ways.


  • add hasChangedChild() as needsLayout() condition. layout() will then call recalcStyle() catching most cases and making sure document is not dirty when entering painting.
  • protect recalcStyle() and layout() from being executed during painting. There are some cases needsLayout() protection does not cover.


No layout test, these states are very hard or impossible to reach using Javascript interface
(which generally guarantees that updateRendering() is done right after execution).

  • dom/Document.cpp: (WebCore::Document::recalcStyle):
  • page/Frame.cpp: (WebCore::Frame::paint): (WebCore::Frame::setPaintRestriction): (WebCore::Frame::isPainting): (WebCore::FramePrivate::FramePrivate):
  • page/Frame.h:
  • page/FramePrivate.h:
  • page/FrameView.cpp: (WebCore::FrameView::layout): (WebCore::FrameView::needsLayout):
6:03 PM Changeset in webkit [24877] by darin
  • 2 edits in trunk/LayoutTests
  • fix <rdar://problem/5383382> Drag/drop of image is failing in fast/events/standalone-image-drag-to-editable.html
  • fast/events/standalone-image-drag-to-editable.html: Fixed race condition in test by using a frame counter rather than running the test after a particular frame loads.
5:58 PM Changeset in webkit [24876] by darin
  • 2 edits in trunk/LayoutTests
  • fast/dom/delete-contents-expected.txt: Updated results, which changed due to r24831, which allows comments as children of <html>.
3:52 AM Changeset in webkit [24875] by mjs
  • 2 edits in trunk/WebCore

Reviewed by Darin Adler.


<rdar://problem/5369110> CrashTracer: [USER] reproducible crash opening particular mail messages

  • platform/network/mac/ResourceHandleMac.mm: (-[WebCoreResourceHandleAsDelegate connection:willSendRequest:redirectResponse:]): Make sure to retain self for the body of this method. Otherwise, the willSendRequest could trigger events which will cancel the connection, and we access ivars after this point. (-[WebCoreSynchronousLoader connection:willSendRequest:redirectResponse:]): retain and release in the right order.
3:16 AM Changeset in webkit [24874] by darin
  • 4 edits in trunk/JavaScriptCore

Reviewed by Maciej.

  • fix <rdar://problem/5371862> crash in Dashcode due to Quartz Composer JavaScript garbage collector reentrancy
  • API/JSBase.cpp: (JSGarbageCollect): Don't call collector() if isBusy() returns true.
  • kjs/collector.h: Added isBusy(), removed the unused return value from collect()
  • kjs/collector.cpp: Added an "operation in progress" flag to the allocator. (KJS::Collector::allocate): Call abort() if an operation is already in progress. Set the new flag instead of using the debug-only GCLock. (KJS::Collector::collect): Ditto. (KJS::Collector::isBusy): Added.

Aug 4, 2007:

10:20 PM Changeset in webkit [24873] by mjs
  • 3 edits in trunk/JavaScriptCore

Reviewed by Darin and Adam.


<rdar://problem/5368990> REGRESSION: newsgator.com sign-on 6x slower than Safari 3 beta due to GC changes (14808)

  • kjs/string_object.cpp: (KJS::replace): if the string didn't change (very common in some cases) reuse the original string value. (KJS::StringProtoFunc::callAsFunction): Pass in the StringImp* when replacing, not just the UString.
  • kjs/string_object.h: (KJS::StringInstance::internalValue): covariant override to return StringImp for convenience
9:21 PM Changeset in webkit [24872] by aroben
  • 2 edits in trunk/WebCore

Another workaround for <rdar://problem/5386894>

Reviewed by Sam.

This fixed ~150 failing tests.

  • platform/network/cf/ResourceResponseCFNet.cpp: (WebCore::ResourceResponse::doUpdateResourceResponse): Hardcode the MIME type for .svg files as well.
8:04 PM Changeset in webkit [24871] by aroben
  • 2 edits in trunk/WebCore

Workaround for <rdar://problem/5386894> CFURLResponseGetMIMEType returns "text/html" for local .xhtml and .xml files

Reviewed by Sam.

This fixes ~350 failing tests.

  • platform/network/cf/ResourceResponseCFNet.cpp: (WebCore::ResourceResponse::doUpdateResourceResponse): Use a workaround identical to the one in ResourceResponseMac.mm, but include .xml files as well.
7:15 PM Changeset in webkit [24870] by oliver
  • 1 edit
    3 adds in trunk/LayoutTests

Reviewed by Sam.


Layout test for <rdar://problem/5386550> REGRESSION (r24866): text/plain documents are always downloaded

  • fast/loader/plain-text-document-expected.txt: Added.
  • fast/loader/plain-text-document.html: Added.
  • fast/loader/plain-text-document.txt: Added.
7:06 PM Changeset in webkit [24869] by ddkilzer
  • 4 edits in trunk/WebCore

WebCore:

Reviewed by Oliver.

The supportedNonImageMimeTypes list is used to determine which MIME types may be viewed
within the web browser (e.g., plug-ins add their own MIME types to the list during
initialization), so we must add "text/plain" and "text/" back to the list. Since
this change would then break DOMImplementation::isTextMIMEType(), that method was reverted
to its original form and MIMETypeRegistry::shouldTreatAsText() was removed.

  • dom/DOMImplementation.cpp: (WebCore::DOMImplementation::isTextMIMEType): Revert to previous version.
  • platform/MIMETypeRegistry.cpp: (WebCore::initialiseSupportedNonImageMimeTypes): Added back "text/plain" and "text/" to the list. (WebCore::MIMETypeRegistry::shouldTreatAsText): Removed.
  • platform/MIMETypeRegistry.h:
1:58 AM Changeset in webkit [24868] by bdash
  • 4 edits in trunk/JavaScriptCore

2007-08-04 Mark Rowe <mrowe@apple.com>

Reviewed by Oliver Hunt.

<rdar://problem/5385145> r24843 introduces a crash on calling fork() (14878)
http://bugs.webkit.org/show_bug.cgi?id=14878

Provide nooop functions for all members of the malloc_zone_t and malloc_introspection_t structures that we
register to avoid crashes in system code that assumes they will be non-null.

  • kjs/CollectorHeapIntrospector.cpp: (KJS::CollectorHeapIntrospector::CollectorHeapIntrospector): (KJS::CollectorHeapIntrospector::forceLock): Grab the lock. (KJS::CollectorHeapIntrospector::forceUnlock): Release the lock.
  • kjs/CollectorHeapIntrospector.h: (KJS::CollectorHeapIntrospector::goodSize): (KJS::CollectorHeapIntrospector::check): (KJS::CollectorHeapIntrospector::print): (KJS::CollectorHeapIntrospector::log): (KJS::CollectorHeapIntrospector::statistics): (KJS::CollectorHeapIntrospector::size): (KJS::CollectorHeapIntrospector::zoneMalloc): (KJS::CollectorHeapIntrospector::zoneCalloc): (KJS::CollectorHeapIntrospector::zoneFree):
  • wtf/FastMalloc.cpp: (WTF::FastMallocZone::goodSize): (WTF::FastMallocZone::check): (WTF::FastMallocZone::print): (WTF::FastMallocZone::log): (WTF::FastMallocZone::forceLock): Grab the TCMalloc locks. (WTF::FastMallocZone::forceUnlock): Release the TCMalloc locks. (WTF::FastMallocZone::FastMallocZone):
12:37 AM Changeset in webkit [24867] by beidson
  • 1 edit in trunk/WebKit/WebView/WebView.mm

Added the radar # to my FIXME text

12:29 AM Changeset in webkit [24866] by beidson
  • 6 edits in trunk

WebCore:

Reviewed by Oliver

Fix for http://bugs.webkit.org/show_bug.cgi?id=14824 and <rdar://problem/5372989>

Two issues -
1 - The WebCore MIMEType registry was designed assuming the list of types would never change

That is false, as WebKit has API and SPI calls which directly mutate the MIMETypeRegistry

2 - DOMImplementation didn't consult the registry for any MIMEType that started with "text/",

instead maintaining it's own hard coded rules

  • dom/DOMImplementation.cpp: (WebCore::DOMImplementation::isTextMIMEType): For now, call through to the MIMETypeRegistry until we decided a different fate for this function
  • platform/MIMETypeRegistry.cpp: (WebCore::initialiseSupportedNonImageMimeTypes): "SupportedNonImageMIMETypes" is really a misnomer for "MIMETypes we should show as HTML" but that line has slowly been blurred since Tiger. In an attempt to start to unblur it, remove "text/" and "text/plain" (WebCore::MIMETypeRegistry::shouldTreatAsText): The decision is very close to the old DOMImplementation method, except we don't automatically hand off "text/" types as true if they are in the set of supported MIMETypes (WebCore::MIMETypeRegistry::getSupportedImageMIMETypes): Non-const (can be changed!) (WebCore::MIMETypeRegistry::getSupportedImageResourceMIMETypes): Non-const (can be changed!) (WebCore::MIMETypeRegistry::getSupportedNonImageMIMETypes): Non-const (can be changed!)
  • platform/MIMETypeRegistry.h:

WebKit:

Reviewed by Oliver

Fix for http://bugs.webkit.org/show_bug.cgi?id=14824 and <rdar://problem/5372989>

When unregistering a MIMEType, remove it from the WebCore registry unconditionally
When registrying a MIMEType whose view class is WebHTMLView, add it to the WebCore registry

  • WebView/WebView.mm: (+[WebView _unregisterViewClassAndRepresentationClassForMIMEType:]): (+[WebView _registerViewClass:representationClass:forURLScheme:]): (+[WebView registerViewClass:representationClass:forMIMEType:]):

Aug 3, 2007:

8:57 PM Changeset in webkit [24865] by aroben
  • 2 edits in trunk/WebKitTools

Catch SIGPIPE on Windows so that run-webkit-tests doesn't quit when DRT crashes

Reviewed by Sam.

  • Scripts/run-webkit-tests: Also close ERROR when we finish running the tests.
6:09 PM Changeset in webkit [24864] by adele
  • 2 edits in trunk/WebCore

Reviewed by Adam.

Fix for <rdar://problem/5345862> CrashTracer: [USER] 4 crashes in Safari at com.apple.WebCore: WebCore::Frame::isContentEditable const + 10

Couldn't reproduce the problem, but a nil check for the frame should fix this.

  • css/CSSStyleSelector.cpp: (WebCore::CSSStyleSelector::adjustRenderStyle):
5:22 PM Changeset in webkit [24863] by weinig
  • 12 edits in trunk

LayoutTests:

Reviewed by Darin.

Dump contents of subframes using new layoutTestController.dumpChildFramesAsText()
function.

  • http/tests/security/cross-frame-access-port-expected.txt:
  • http/tests/security/cross-frame-access-port-explicit-domain-expected.txt:
  • http/tests/security/cross-frame-access-protocol-expected.txt:
  • http/tests/security/cross-frame-access-protocol-explicit-domain-expected.txt:
  • http/tests/security/resources/cross-frame-access.js:

WebKitTools:

Reviewed by Darin.

Recursively dump all frames as text using new
layoutTestController.dumpChildFramesAsText() function.

  • DumpRenderTree/DumpRenderTree.m: (dumpFramesAsText): (dump): (+[LayoutTestController isSelectorExcludedFromWebScript:]): (-[LayoutTestController dumpChildFramesAsText]): (runTest):
  • DumpRenderTree/DumpRenderTree.vcproj/DumpRenderTree/DumpRenderTree.cpp: (dumpFramesAsText): (dump): (runTest):
  • DumpRenderTree/DumpRenderTree.vcproj/DumpRenderTree/DumpRenderTree.h:
  • DumpRenderTree/DumpRenderTree.vcproj/DumpRenderTree/LayoutTestController.cpp: (dumpChildFramesAsTextCallback):
  • DumpRenderTree/DumpRenderTree.xcodeproj/project.pbxproj:
4:53 PM Changeset in webkit [24862] by andersca
  • 7 edits in trunk/WebCore

Reviewed by Oliver.

<rdar://problem/5383286>
XMLHTTPRequest does not return 401 when user cancels authentication dialog (affects .Mac)


  • loader/ResourceLoader.h: Make receivedCancellation virtual.


  • loader/SubresourceLoader.cpp: (WebCore::SubresourceLoader::receivedCancellation): Call SubresourceLoaderClient::receivedCancellation.


  • xml/XMLHttpRequest.cpp: (WebCore::XMLHttpRequest::receivedCancellation): Save the failure response.
4:07 PM Changeset in webkit [24861] by andersca
  • 2 edits in trunk/WebCore

Reviewed by Geoff.

<rdar://problem/5374393>
Image change on disk not noticed by WebView; -[WebCache setDisabled:] used to cause a reload every time


This is essentially a better fix for the crash in <rdar://problem/5362783>.


  • loader/DocLoader.cpp: (WebCore::DocLoader::requestResource): If the resource already exists in the m_docResources map, remove it and disassociate it from the doc loader.
3:37 PM Changeset in webkit [24860] by oliver
  • 3 edits in trunk/WebCore

Reviewed by Geoff.

<rdar://problem/5375190> Mail crashed in WebCore::CachedImage::imageSize() const when viewing a particular message

Fix the uncached load path to confirm that the type of resource being
returned actually matches the type that was requested.

Also make sure we never create a resource in the Cache for invalid urls.

  • loader/Cache.cpp: (WebCore::Cache::requestResource):
  • loader/DocLoader.cpp: (WebCore::DocLoader::requestResource):
3:17 PM Changeset in webkit [24859] by sfalken
  • 1 copy in tags/Safari-522.16.1b

New tag.

3:17 PM Changeset in webkit [24858] by sfalken
  • 1 edit in trunk/WebKit/win/WebKit.vcproj/VERSION

Bump version for submit

3:15 PM Changeset in webkit [24857] by adele
  • 3 edits
    4 adds in trunk

LayoutTests:

Reviewed by Adele.

  • fast/forms/menulist-deselect-update-expected.checksum: Added.
  • fast/forms/menulist-deselect-update-expected.png: Added.
  • fast/forms/menulist-deselect-update-expected.txt: Added.
  • fast/forms/menulist-deselect-update.html: Added.

WebCore:

Reviewed by Adele.

Test: fast/forms/menulist-deselect-update.html

  • html/HTMLOptionElement.cpp: (WebCore::HTMLOptionElement::setSelected): Reordered to allow setSelectedIndex() to call setChanged().
2:42 PM Changeset in webkit [24856] by spadma
  • 7 edits in S60/trunk/WebKit

2007-07-31 vmalaiya, <vikram.malaiya@nokia.com>

Reviewed by Sachin
DESC: AKUR-74Q7EL - Browser crashes when Vote button selected on second window
http://bugs.webkit.org/show_bug.cgi?id=14829

  • BrowserView/inc/FormDataLoginStore.h:
  • BrowserView/inc/FormDataManager.h:
  • BrowserView/src/FormDataLoginStore.cpp: (CFormDataLoginStore::CLoginDataElement::~CLoginDataElement): (CFormDataLoginStore::NewL): (CFormDataLoginStore::ConstructL): (CFormDataLoginStore::GetDataL): (CFormDataLoginStore::SaveDataL): (CFormDataLoginStore::SaveDialogL):
  • BrowserView/src/FormDataManager.cpp: (CFormDataManager::NewL): (CFormDataManager::ConstructL): (CFormDataManager::SaveDataL):
  • BrowserView/src/WebKitControl.cpp: (CStaticObjectContainer::FormDataManagerHandlerL):
  • BrowserView/src/webkitbridge.cpp: (CWebKitBridge::SaveFormData):
2:41 PM Changeset in webkit [24855] by spadma
  • 3 edits in S60/trunk/WebKit

2007-07-24 vmalaiya, <vikram.malaiya@nokia.com>

Reviewed by Sachin
DESC: VMAA-75EP3L - Browser plugin does not implement memory collection on an out-of-memory condition
http://bugs.webkit.org/show_bug.cgi?id=14753


  • Plugin/inc/PluginSkin.h:
  • Plugin/src/PluginSkin.cpp: (COOMPluginCollector::COOMPluginCollector): (COOMPluginCollector::~COOMPluginCollector): (COOMPluginCollector::Collect): (COOMPluginCollector::Restore): (COOMPluginCollector::Priority): (COOMPluginCollector::IsCollecting): (CPluginSkin::ConstructL): (CPluginSkin::~CPluginSkin): (CPluginSkin::CreatePluginWinL):
2:28 PM Changeset in webkit [24854] by brmorris
  • 2 edits in S60/branches/3.1m/WebKit

brmorris, rs'd by johnshi

DESC: remove generated header from releasables list (merge of r24167 & r24121 to 3.1m)


Turns out some build systems delete the releasables list after the
makmake phase but before the compilation, and hence the generated
header was not found at compile time.



  • group/version.mk: Added.
2:21 PM Changeset in webkit [24853] by spadma
  • 2 edits in S60/trunk/WebKit

yadavall, reviewed by <sachin.padma@nokia.com>

DESC: Center key press must be sent to Engine
http://bugs.webkit.org/show_bug.cgi?id=14593

  • BrowserView/src/KeyEventHandler.cpp: (CKeyEventHandler::HandleOfferKeyEventL):
2:04 PM Changeset in webkit [24852] by spadma
  • 2 edits in S60/trunk/WebKit

lebril, reviewed by Sachin

DESC: ELFN-7535HR: Operator manu: Both time stamps in Link-1 and Link-2 are same when opening link is in Expires Date header 1A iteam
http://bugs.webkit.org/show_bug.cgi?id=

  • ResourceLoader/CacheSrc/HttpCacheUtil.cpp:
1:09 PM Changeset in webkit [24851] by andersca
  • 2 edits in trunk/WebCore

Reviewed by Darin.

<rdar://problem/5286444>
http://bugs.webkit.org/show_bug.cgi?id=14269
REGRESSION: Gmail links stop working after computer sleep


Add a PowerNotifier object that takes care of resetting and firing the shared timer when coming
back from sleep.


  • platform/mac/SharedTimerMac.cpp: (-[PowerNotifier init]): (-[PowerNotifier didWake:]): (WebCore::setSharedTimerFireTime):
11:46 AM Changeset in webkit [24850] by bdash
  • 2 edits in trunk/WebCore

2007-08-04 Mark Rowe <mrowe@apple.com>

Windows build fix.

  • rendering/RenderTextControl.cpp: Don't use the same name for two arguments.
11:19 AM Changeset in webkit [24849] by bdash
  • 2 edits in trunk/JavaScriptCore

2007-08-04 Mark Rowe <mrowe@apple.com>

Rubber-stamped by Anders.

  • pcre/pcre_compile.c: Remove non-ASCII character from a comment.
11:03 AM Changeset in webkit [24848] by thatcher
  • 2 edits in trunk/WebKit

Reviewed by Mark Rowe.

Correct the bundle version check to work in Debug and Release builds too.

  • WebKit.xcodeproj/project.pbxproj:
10:58 AM Changeset in webkit [24847] by bdash
  • 4 edits in trunk

Bump versioning to avoid 4. issues.

10:20 AM Changeset in webkit [24846] by zbujtas
  • 3 edits in S60/trunk/WebKit

2007-08-02 yadavall <sriram.yadavalli@nokia.com>

Reviewed by Zalan Bujtas (zbujtas@gmail.com).
DESC: Widget Cascade menu not in FIFO order
http://bugs.webkit.org/show_bug.cgi?id=14866

10:18 AM Changeset in webkit [24845] by zbujtas
  • 4 edits in S60/branches/3.1m

2007-08-02 yadavall <sriram.yadavalli@nokia.com>

Reviewed by Zalan Bujtas (zbujtas@gmail.com).
DESC: Widget Cascade menu not in FIFO order
http://bugs.webkit.org/show_bug.cgi?id=14866

9:31 AM Changeset in webkit [24844] by yongjzha
  • 2 edits in S60/branches/3.1m/WebCore

w3liu, reviewed by <yongjun.zhang@nokia.com>

DESC: FPER-74HDN2: Strange character are shown instead of Chinese on www.sina.com.cn
http://bugs.webkit.org/show_bug.cgi?id=14830

WARNING: NO TEST CASES ADDED OR CHANGED

  • khtml/khtml_part.cpp: (KHTMLPart::write):
9:21 AM Changeset in webkit [24843] by bdash
  • 7 edits
    3 adds in trunk/JavaScriptCore

2007-08-02 Mark Rowe <mrowe@apple.com>

Reviewed by Geoff Garen.

<rdar://problem/4212199> 'leaks' reports false leaks in WebKit (because the WTF allocator uses mmap?)

Implement malloc zone introspection routines to allow leaks, heap, and friends to request information
about specific memory regions that were allocated by FastMalloc or the JavaScriptCore collector.

This requires tool-side support before the regions will be displayed. The addition of that support is
tracked by <rdar://problems/5353057&5353060>.

  • JavaScriptCore.exp: Export the two variables that are used by leaks to introspect the allocators.
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • kjs/AllInOneFile.cpp:
  • kjs/CollectorZone.cpp: Added. (KJS::): (KJS::CollectorZone::registerZone): (KJS::CollectorZone::CollectorZone): Create and register our zone with the system. (KJS::CollectorZone::zoneEnumerator): Iterate over the CollectorBlocks that are in use and report them to the caller as being used.
  • kjs/CollectorZone.h: Added. (KJS::CollectorZone::zoneObjectSize): Return zero to indicate the specified pointer does not belong to this zone.
  • kjs/collector.cpp: (KJS::Collector::registerThread): Register the CollectorZone with the system when the first thread is registered with the collector.
  • wtf/FastMalloc.cpp: (WTF::TCMalloc_PageHeap::GetDescriptorEnsureSafe): (WTF::TCMalloc_ThreadCache_FreeList::enumerateFreeObjects): Enumerate the objects on the free list. (WTF::TCMalloc_ThreadCache::enumerateFreeObjects): Ditto. (WTF::TCMalloc_Central_FreeList::enumerateFreeObjects): Ditto. (WTF::TCMalloc_ThreadCache::InitModule): Register the FastMallocZone with the system when initializing TCMalloc. (WTF::FreeObjectFinder::FreeObjectFinder): (WTF::FreeObjectFinder::visit): Add an object to the free list. (WTF::FreeObjectFinder::isFreeObject): (WTF::FreeObjectFinder::freeObjectCount): (WTF::FreeObjectFinder::findFreeObjects): Find the free objects within a thread cache or free list. (WTF::PageMapFreeObjectFinder::PageMapFreeObjectFinder): Find the free objects within a TC_PageMap. (WTF::PageMapFreeObjectFinder::visit): Called once per allocated span. Record whether the span or any subobjects are free. (WTF::PageMapMemoryUsageRecorder::PageMapMemoryUsageRecorder): (WTF::PageMapMemoryUsageRecorder::visit): Called once per allocated span. Report the range of memory as being allocated, and the span or it's subobjects as being used if they do not appear on the free list. (WTF::FastMallocZone::zoneEnumerator): Map the key remote TCMalloc data structures into our address space. We then locate all free memory ranges before reporting the other ranges as being in use. (WTF::FastMallocZone::zoneObjectSize): Determine whether the given pointer originates from within our allocation zone. If so, we return its allocation size. (WTF::FastMallocZone::zoneMalloc): (WTF::FastMallocZone::zoneCalloc): (WTF::FastMallocZone::zoneFree): (WTF::FastMallocZone::zoneRealloc): (WTF::): (WTF::FastMallocZone::FastMallocZone): Create and register our zone with the system. (WTF::FastMallocZone::registerZone):
  • wtf/MallocZoneSupport.h: Added. (WTF::RemoteMemoryReader::RemoteMemoryReader): A helper class to ease the process of mapping memory in a different process into our local address space (WTF::RemoteMemoryReader::operator()):
  • wtf/TCPageMap.h: (TCMalloc_PageMap2::visit): Walk over the heap and visit each allocated span. (TCMalloc_PageMap3::visit): Ditto.
7:29 AM Changeset in webkit [24842] by bdash
  • 3 edits
    2 adds in trunk

2007-08-03 Mitz Pettel <mitz@webkit.org>

Reviewed by Darin.

Test: fast/forms/search-click-in-placeholder.html

Defined a subclass of RenderBlock that never hit-tests children for use in
text controls. This avoids returning placeholder text as the hit node.
Since text controls cannot contain inline elements, there is no harm in
doing that unconditionally, and not just in the case that the field is
showing placeholder text.

  • rendering/RenderTextControl.cpp: (WebCore::RenderTextControlInnerBlock::RenderTextControlInnerBlock): (WebCore::RenderTextControlInnerBlock::~RenderTextControlInnerBlock): (WebCore::RenderTextControlInnerBlock::nodeAtPoint): (WebCore::RenderTextControl::createSubtreeIfNeeded):

2007-08-03 Mitz Pettel <mitz@webkit.org>

Reviewed by Darin.

  • fast/forms/search-click-in-placeholder-expected.txt: Added.
  • fast/forms/search-click-in-placeholder.html: Added.
4:57 AM Changeset in webkit [24841] by bdash
  • 3 edits in tags/Safari-5522.13/WebCore

Merge r24810.

Reviewed by Justin.

<rdar://problem/5376156> Mail crash in DeleteButtonController::hide() when dropping selected image on DIV's border

Add the container element back so the selection can not touch the deletion UI nodes. The container
has style to prevent user selection, user drag and user modification.

  • editing/DeleteButtonController.cpp: (WebCore::DeleteButtonController::show): Make the container node, and append the button and outline elements. (WebCore::DeleteButtonController::hide): Remove the container elements and null out the other nodes.
  • editing/DeleteButtonController.h:
4:33 AM Changeset in webkit [24840] by bdash
  • 4 edits in trunk

Versioning.

4:32 AM Changeset in webkit [24839] by bdash
  • 1 copy in tags/Safari-5522.13

New tag.

12:21 AM Changeset in webkit [24838] by aroben
  • 3 edits in trunk/LayoutTests

Updated Skipped files for Windows and Leopard.

  • mac/leopard/Skipped: Removed a test that has been moved (and only fails on Windows), and added new failures.
  • win/Skipped: Added new failures and annotated some old ones.
12:21 AM Changeset in webkit [24837] by aroben
  • 3 edits in trunk/LayoutTests

Fix a typo in fast/events/no-blur-on-page

Reviewed by Sam.

  • fast/events/no-blur-on-page-leave-expected.txt: Updated.
  • fast/events/no-blur-on-page-leave.html: Fixed typo.
12:21 AM Changeset in webkit [24836] by aroben
  • 2 edits in trunk/WebKitTools

Fix fast/dom/Window/alert-undefined.html

Reviewed by Sam.

  • DumpRenderTree/DumpRenderTree.vcproj/DumpRenderTree/WaitUntilDoneDelegate.cpp: (WaitUntilDoneDelegate::runJavaScriptAlertPanelWithMessage): Don't let Windows translate a null BSTR into "(null)"

Aug 2, 2007:

8:17 PM Changeset in webkit [24835] by oliver
  • 6 edits in trunk/WebCore

Reviewed by Geoff

Fix for <rdar://problem/5369332> Xcode crashes while selecting a hyperlink within a AppleScript dictionary (WebCore::Font::drawGlyphBuffer)

There were many places where we were not correctly retaining/releasing the
NSFont object stored in the C++ PlatformFontData object, this resulted in
the GC incorrectly collecting the NSFont.

This patch fixes the problem by prevent direct modification of the PlatformFontData
font pointer, allowing us to enforce correct CFRetain/Release behaviour.

  • platform/FontData.h: (WebCore::FontData::getNSFont):
  • platform/mac/FontCacheMac.mm: (WebCore::FontCache::getFontDataForCharacters): (WebCore::FontCache::createFontPlatformData):
  • platform/mac/FontDataMac.mm: (WebCore::initFontData): (WebCore::FontData::platformInit): (WebCore::FontData::platformDestroy): (WebCore::FontData::smallCapsFontData): (WebCore::FontData::containsCharacters): (WebCore::FontData::determinePitch): (WebCore::FontData::platformWidthForGlyph): (WebCore::FontData::checkShapesArabic):
  • platform/mac/FontMac.mm: (WebCore::initializeATSUStyle): (WebCore::overrideLayoutOperation): (WebCore::Font::drawGlyphs):
  • platform/mac/FontPlatformData.h: (WebCore::FontPlatformData::FontPlatformData): (WebCore::FontPlatformData::~FontPlatformData): (WebCore::FontPlatformData::hash): (WebCore::FontPlatformData::operator==): (WebCore::FontPlatformData::font): (WebCore::FontPlatformData::setFont):
5:24 PM Changeset in webkit [24834] by weinig
  • 3 edits in trunk/LayoutTests

Reviewed by Kevin McCullough.

Change test to use shared shouldBe function to
show failures more clearly.

  • fast/dom/Window/window-resize-expected.txt:
  • fast/dom/Window/window-resize.html:
4:54 PM Changeset in webkit [24833] by antti
  • 2 edits in trunk/WebCore

Oops, this change wasn't supposed to be commited.

  • page/mac/WebCoreFrameBridge.mm: (-[WebCoreFrameBridge setBaseBackgroundColor:]):
4:45 PM Changeset in webkit [24832] by antti
  • 4 edits in trunk/WebCore

Reviewed by Darin.

<rdar://problem/5355951>
plainText() fragments TCMalloc heap badly on large pages


also likely fixes some cases of
<rdar://problem/5335382>
CrashTracer: [REGRESSION] 73 crashes in Safari at com.apple.WebCore: WebCore::DeprecatedStringData::increaseUnicodeSize + 52


If you load http://dscoder.com/test.txt with WebKit build with TCMalloc and system malloc you see that
Safari RPRVT with TCMalloc is 118.8MB
Safari RPRVT with system malloc is 69.7MB


Difference is almost entirely caused by heap fragmentation from a full document plainText() call (for indexing purposes).


The patch helps in two ways:

  • construct plainText string in pieces to avoid O(n2) reallocs
  • allocate buffers using system malloc so they can be returned back to OS and don't fragment and grow TCMalloc heap


This shrinks http://dscoder.com/test.txt RPRVT to 79.0MB and makes full document plainText() take 50ms instead of 500ms.
The benefits are not limited to extreme cases, web pages above ~200kB can show substantial improvement in RPRVT.

  • editing/TextIterator.cpp: (WebCore::plainTextToMallocAllocatedBuffer): (WebCore::plainText):
  • editing/TextIterator.h:
  • page/mac/WebCoreFrameBridge.mm: (-[WebCoreFrameBridge selectedString]): (-[WebCoreFrameBridge stringForRange:]):
3:50 PM Changeset in webkit [24831] by hyatt
  • 3 edits in trunk/WebCore

Fix for 5374437, allow comment nodes to be the child of a document.
Refine the check to always make a root element to check documentElement()
rather than firstChild(), since a comment node could be present as the
firstChild() now.

Reviewed by Tim Hatcher

  • html/HTMLDocument.cpp: (WebCore::HTMLDocument::childAllowed):
  • html/HTMLParser.cpp: (WebCore::HTMLParser::finished):
3:39 PM Changeset in webkit [24830] by kmccullo
  • 2 edits in trunk/WebKitTools

Reviewed by Tim.

  • It would help if I actually called the right function.
  • Drosera/DebuggerDocument.cpp: (DebuggerDocument::showConsole):
3:00 PM Changeset in webkit [24829] by antti
  • 6 edits
    5 adds in trunk

LayoutTests:

Reviewed by Darin.


<rdar://problem/5228138>
REGRESSION(Leopard): test failures: tests that test Georgian numbering


Correct counter test results for Georgian numbers.
Add leopard specific versions needed due to font changes (actual characters instead of boxes).

  • css2.1/t1202-counter-09-b-expected.txt:
  • css2.1/t1202-counters-09-b-expected.txt:
  • mac/leopard/Skipped:
  • mac/leopard/css2.1: Added.
  • mac/leopard/css2.1/t1202-counter-09-b-expected.txt: Added.
  • mac/leopard/css2.1/t1202-counters-09-b-expected.txt: Added.
  • mac/leopard/fast/lists: Added.
  • mac/leopard/fast/lists/w3-list-styles-expected.txt: Added.

WebCore:

Reviewed by Darin.


<rdar://problem/5228138>
REGRESSION(Leopard): test failures: tests that test Georgian numbering

Fix to Georgian number tables to get CSS2.1 test results right. Font has relevant characters now
which revealed that results were actually wrong.

  • rendering/RenderListMarker.cpp: (WebCore::toGeorgian):
2:41 PM Changeset in webkit [24828] by antti
  • 6 edits in trunk/LayoutTests

Reviewed by Geoff.


Fix <rdar://problem/5228233>
REGRESSION(Leopard): layout test failures: fast/table/absolute-table-at-bottom


Remove an arrow symbol unrelated to what is being tested. It has different metrics on Leopard.

  • fast/table/absolute-table-at-bottom-expected.checksum:
  • fast/table/absolute-table-at-bottom-expected.png:
  • fast/table/absolute-table-at-bottom-expected.txt:
  • fast/table/absolute-table-at-bottom.html:
  • mac/leopard/Skipped:
1:08 PM Changeset in webkit [24827] by beidson
  • 2 edits in trunk/WebKit

Reviewed by Tim

<rdar://problem/5381463> - setMIMETypesShownAsHTML mutates while enumerating

  • WebView/WebView.mm: (+[WebView setMIMETypesShownAsHTML:]): Copy the dictionary before we work with it.
11:24 AM Changeset in webkit [24826] by adachan
  • 8 edits in trunk

2007-08-02 Ada Chan <adachan@apple.com>

Reviewed by Steve.

WebCore:

<rdar://problem/5079175> Added parameters headerHeight and footerHeight to
computePageRectsForFrame() so we can account for the header and footer when
calculating page heights for this frame.

  • bridge/win/FrameWin.cpp: (WebCore::computePageRectsForFrame):
  • bridge/win/FrameWin.h:


WebKit/win:

<rdar://problem/5079175> Printing header and footer

  • Interfaces/IWebUIDelegate.idl: added methods for header/footer drawing.
  • WebFrame.cpp: (WebFrame::headerAndFooterHeights): ask client for the header and footer heights via IWebUIDelegate2 methods. (WebFrame::computePageRects): pass in header and footer heights when calculating page rect heights. (WebFrame::spoolPages): ask client to draw header and footer via IWebUIDelegate2 methods.
  • WebFrame.h:
  • WebKitGraphics.cpp: (DrawTextAtPoint): the code assumes color has 4 components - might as well assert it.
7:08 AM Changeset in webkit [24825] by yongjzha
  • 2 edits in S60/branches/3.1m/MemoryManager

2007-08-01 vmalaiya, <vikram.malaiya@nokia.com>

Reviewed by Yongjun
DESC: - Added error check in case an attempt to commit memory fails.
TSW Id - SKAR-74YPNV
http://bugs.webkit.org/show_bug.cgi?id=14844

  • Src/fast_malloc.cpp: (chunkMoreCore): (symbian_mmap):
7:02 AM Changeset in webkit [24824] by yongjzha
  • 2 edits in S60/trunk/MemoryManager

2007-08-01 vmalaiya, <vikram.malaiya@nokia.com>

Reviewed by Yongjun
DESC: - Added error check in case an attempt to commit memory fails.
TSW Id - SKAR-74YPNV
http://bugs.webkit.org/show_bug.cgi?id=14844

  • Src/fast_malloc.cpp: (chunkMoreCore): (symbian_mmap):
4:56 AM Changeset in webkit [24823] by staikos
  • 4 edits in trunk/WebKitQt

Add an interface for the useragent string

3:01 AM Changeset in webkit [24822] by bdash
  • 2 edits in trunk/LayoutTests

2007-08-02 Mark Rowe <mrowe@apple.com>

Layout test fix, rubber-stamped by Oliver.

  • fast/js/resources/string-concatenate-outofmemory.js: Don't let an out of memory exception during verification cause a failure. The exception is a perfectly valid success case as it shows that access the string did not cause a crash.
2:49 AM Changeset in webkit [24821] by bdash
  • 2 edits in trunk/JavaScriptCore

2007-08-02 Mark Rowe <mrowe@apple.com>

Build fix.

  • kjs/ustring.cpp: (KJS::UString::expandedSize): Use std::numeric_limits<size_t>::max() rather than the non-portable SIZE_T_MAX.
2:33 AM Changeset in webkit [24820] by bdash
  • 7 edits in trunk

2007-08-02 Mark Rowe <mrowe@apple.com>

Reviewed by Maciej.

<rdar://problem/5352887> "Out of memory" error during repeated JS string concatenation leaks hundreds of MBs of RAM

A call to fastRealloc was failing which lead to UString::expandCapacity leaking the buffer it was trying to reallocate.
It also resulted in the underlying UString::rep having both a null baseString and buf field, which meant that attempting
to access the contents of the string after the failed memory reallocation would crash.

A third issue is that expandedSize size was calculating the new length in a way that led to an integer overflow occurring.
Attempting to allocate a string more than 190,000,000 characters long would fail a the integer overflow would lead to a
memory allocation of around 3.6GB being attempted rather than the expected 390MB. Sizes that would lead to an overflow
are now returned as zero and callers are updated to treat this as though the memory allocation has failed.

  • kjs/array_object.cpp: (ArrayProtoFunc::callAsFunction): Check whether the append failed and raise an "Out of memory" exception if it did.
  • kjs/ustring.cpp: (KJS::allocChars): Wrapper around fastMalloc that takes a length in characters. It will return 0 when asked to allocate a zero-length buffer. (KJS::reallocChars): Wrapper around fastRealloc that takes a length in characters. It will return 0 when asked to allocate a zero-length buffer. (KJS::UString::expandedSize): Split the size calculation in two and guard against overflow during each step. (KJS::UString::expandCapacity): Don't leak r->buf if reallocation fails. Instead free the memory and use the null representation. (KJS::UString::expandPreCapacity): If fastMalloc fails then use the null representation rather than crashing in memcpy. (KJS::UString::UString): If calls to expandCapacity, expandPreCapacity or fastMalloc fail then use the null representation rather than crashing in memcpy. (KJS::UString::append): Ditto. (KJS::UString::operator=): Ditto.
  • kjs/ustring.h: Change return type of expandedSize from int to size_t.

2007-08-02 Mark Rowe <mrowe@apple.com>

Reviewed by Maciej.

<rdar://problem/5352887> "Out of memory" error during repeated JS string concatenation leaks hundreds of MBs of RAM

Update test to check that accessing the string after the "Out of memory" exception was raised does not crash.

  • fast/js/resources/string-concatenate-outofmemory.js:
  • fast/js/string-concatenate-outofmemory-expected.txt:
12:24 AM Changeset in webkit [24819] by aliceli1
  • 1 edit in trunk/WebKit/ChangeLog

forgot to add info about the bug being fixed

12:13 AM Changeset in webkit [24818] by aliceli1
  • 4 edits
    1 add in trunk

WebCore:

Reviewed by Kevin McCullough.

fixed <rdar://problem/5310312> REGRESSION: javascript is mis-escaped at http://labs.zarate.org/passwd causing bookmarklet to break


  • WebCore.exp: expose some calls for WebKit to call.
  • manual-tests/JavaScript-bookmarklets.html: Added.

WebKit:

Reviewed by Kevin McCullough.

  • Misc/WebNSURLExtras.mm: (+[NSURL _web_URLWithUserTypedString:relativeToURL:]): (-[NSURL _web_userVisibleString]): (-[NSURL _web_URLWithLowercasedScheme]): (-[NSURL _web_dataForURLComponentType:]): These 4 changes are just casting changes.

(-[NSString _webkit_stringByReplacingValidPercentEscapes]):
This change replaces the call to an NSURL method with a webcore one that doesn't abort the escaping effort once an illegal character is encountered.

12:01 AM Changeset in webkit [24817] by aroben
  • 2 edits in trunk/WebKitTools

Don't delete the stderr file right after creating it

Reviewed by NOBODY.

  • Scripts/run-webkit-tests:
Note: See TracTimeline for information about the timeline view.