Timeline



Dec 31, 2008:

6:33 PM Changeset in webkit [39533] by oliver@apple.com
  • 5 edits in trunk

[jsfunfuzz] Computed exception offset wrong when first instruction is attempt to resolve deleted eval
<https://bugs.webkit.org/show_bug.cgi?id=23062>

Reviewed by Gavin Barraclough.

This was caused by the expression information for the initial resolve of
eval not being emitted. If this resolve was the first instruction that
could throw an exception the information search would fail leading to an
assertion failure. If it was not the first throwable opcode the wrong
expression information would used.

Fix is simply to emit the expression info.

9:52 AM Changeset in webkit [39532] by zecke@webkit.org
  • 12 edits in trunk/WebKit/gtk

Add section information for View, Frame, Settings, HistoryItem, BackForwardList, WindowFeatures and Inspector

Add section information and informal examples for WebKitWebView,
WebKitWebFrame, WebKitWebSettings, WebKitWebNetworkRequest,
WebKitWebWindowFeatures, WebKitWebHistoryItem,
WebKitWebBackForwardList and WebKitWebInspector.

9:31 AM Changeset in webkit [39531] by zecke@webkit.org
  • 2 edits in trunk/WebKitTools

2008-12-31 Zan Dobersek <zandobersek@gmail.com>

Reviewed by Holger Freyther.

https://bugs.webkit.org/show_bug.cgi?id=22812

Prevent TestNetscapePlugin from installing system-wide.

  • GNUmakefile.am:
9:12 AM Changeset in webkit [39530] by zecke@webkit.org
  • 2 edits in trunk/WebCore

2008-12-31 Laszlo Gombos <Laszlo Gombos>

Reviewed by Holger Freyther.

Fixes: https://bugs.webkit.org/show_bug.cgi?id=22964

MinGW build failure.

  • platform/graphics/qt/SimpleFontDataQt.cpp: (WebCore::SimpleFontData::containsCharacters):
8:52 AM Changeset in webkit [39529] by zecke@webkit.org
  • 2 edits in trunk/WebKitTools

2008-12-31 Zan Dobersek <zandobersek@gmail.com>

Reviewed by Holger Freyther.

https://bugs.webkit.org/show_bug.cgi?id=22842

Move WebKitWebView's size allocation into a proper place.

  • DumpRenderTree/gtk/DumpRenderTree.cpp: (dump): (runTest):
8:37 AM Changeset in webkit [39528] by zecke@webkit.org
  • 2 edits in trunk/WebCore

2008-12-31 Alexander V. Butenko <alex@digiqube.com>

Reviewed by Holger Freyther.

https://bugs.webkit.org/show_bug.cgi?id=22750
[gtk] webkit up to r39121 crash on image urls like
http:///sitename.com

  • platform/network/soup/ResourceHandleSoup.cpp: (WebCore::ResourceHandle::start):
8:17 AM Changeset in webkit [39527] by zecke@webkit.org
  • 2 edits in trunk/WebCore

2008-12-31 Hiroyuki Ikezoe <poincare@ikezoe.net>

Reviewed by Holger Freyther.

https://bugs.webkit.org/show_bug.cgi?id=18310

  • platform/graphics/gtk/SimpleFontDataPango.cpp: (WebCore::SimpleFontData::determinePitch): Do not invoke isFixedPitch() when the font is a custom font.
4:32 AM Changeset in webkit [39526] by oliver@apple.com
  • 2 edits in trunk/WebCore

More work on Bug 3781: Animation via canvas could be faster
<https://bugs.webkit.org/show_bug.cgi?id=3781>

Reviewed by Cameron Zwarich

Make use of the fast path parsing of color strings that Color
uses. This improves performance of '#rgb', '#rrggbb', etc and
named (eg. 'green') colors.

Improves frame rate of test by around 40%

2:17 AM Changeset in webkit [39525] by cwzwarich@webkit.org
  • 3 edits
    2 adds in trunk

2008-12-31 Cameron Zwarich <cwzwarich@uwaterloo.ca>

Reviewed by Oliver Hunt.

Bug 23054: Caching of global lookups occurs even when the global object has become a dictionary
<https://bugs.webkit.org/show_bug.cgi?id=23054>
<rdar://problem/6469905>

JavaScriptCore:

  • interpreter/Interpreter.cpp: (JSC::Interpreter::resolveGlobal): Do not cache lookup if the global object has transitioned to a dictionary. (JSC::Interpreter::cti_op_resolve_global): Do not cache lookup if the global object has transitioned to a dictionary.

LayoutTests:

  • fast/js/pic/delete-global-object-expected.txt: Added.
  • fast/js/pic/delete-global-object.html: Added.

Dec 30, 2008:

10:49 PM Changeset in webkit [39524] by oliver@apple.com
  • 7 edits
    3 adds in trunk

<https://bugs.webkit.org/show_bug.cgi?id=23049> [jsfunfuzz] With blocks do not correctly protect their scope object
<rdar://problem/6469742> Crash in JSC::TypeInfo::hasStandardGetOwnPropertySlot() running jsfunfuzz

Reviewed by Darin Adler

The problem that caused this was that with nodes were not correctly protecting
the final object that was placed in the scope chain. We correct this by forcing
the use of a temporary register (which stops us relying on a local register
protecting the scope) and changing the behaviour of op_push_scope so that it
will store the final scope object.

9:16 PM Changeset in webkit [39523] by Simon Fraser
  • 6 edits in trunk/LayoutTests

2008-12-30 Simon Fraser <Simon Fraser>

Fix spurious test failures by rounding floating point values to
mask math differences between machines.

  • transitions/transform-op-list-match-expected.txt:
  • transitions/transform-op-list-match.html:
  • transitions/transform-op-list-no-match-expected.txt:
  • transitions/transform-op-list-no-match.html:
  • transitions/transition-test-helpers.js: (roundNumber):
4:11 PM Changeset in webkit [39522] by Simon Fraser
  • 5 edits
    4 adds in trunk

2008-12-30 Simon Fraser <Simon Fraser>

Reviewed by Darin Adler

https://bugs.webkit.org/show_bug.cgi?id=23042

Rather than doing a repaint() inside of computeAbsoluteRepaintRect()
when there is a reflection, compute the location of the rect inside
the reflection and take the union of the unreflected and reflected rects.

Test: fast/repaint/reflection-redraw.html

  • rendering/RenderBox.cpp: (WebCore::RenderBox::computeAbsoluteRepaintRect):
  • rendering/RenderObject.cpp: (WebCore::RenderObject::reflectedRect):
  • rendering/RenderObject.h:
4:07 PM Changeset in webkit [39521] by cwzwarich@webkit.org
  • 5 edits
    3 adds in trunk

2008-12-30 Cameron Zwarich <cwzwarich@uwaterloo.ca>

Reviewed by Sam Weinig.

Bug 23037: Parsing and reparsing disagree on automatic semicolon insertion
<https://bugs.webkit.org/show_bug.cgi?id=23037>
<rdar://problem/6467124>

Parsing and reparsing disagree about automatic semicolon insertion, so that a
function like

function() { a = 1, }

is parsed as being syntactically valid but gets a syntax error upon reparsing.
This leads to an assertion failure in Parser::reparse(). It is not that big of
an issue in practice, because in a Release build such a function will return
'undefined' when called.

In this case, we are not following the spec and it should be a syntax error.
However, unless there is a newline separating the ',' and the '}', WebKit would
not treat it as a syntax error in the past either. It would be a bit of work to
make the automatic semicolon insertion match the spec exactly, so this patch
changes it to match our past behaviour.

The problem is that even during reparsing, the Lexer adds a semicolon at the
end of the input, which confuses allowAutomaticSemicolon(), because it is
expecting either a '}', the end of input, or a terminator like a newline.

JavaScriptCore:

  • parser/Lexer.cpp: (JSC::Lexer::Lexer): Initialize m_isReparsing to false. (JSC::Lexer::lex): Do not perform automatic semicolon insertion in the Lexer if we are in the middle of reparsing. (JSC::Lexer::clear): Set m_isReparsing to false.
  • parser/Lexer.h: (JSC::Lexer::setIsReparsing): Added.
  • parser/Parser.cpp: (JSC::Parser::reparse): Call Lexer::setIsReparsing() to notify the Lexer of reparsing.

LayoutTests:

  • fast/js/reparsing-semicolon-insertion-expected.txt: Added.
  • fast/js/reparsing-semicolon-insertion.html: Added.
  • fast/js/resources/reparsing-semicolon-insertion.js: Added.
2:30 PM Changeset in webkit [39520] by mitz@apple.com
  • 3 edits
    2 adds in trunk

WebCore:

Reviewed by Adele Peterson.

  • fix <rdar://problem/6469944> REGRESSION(3.2.1-ToT): Repro crash in WebCore::HTMLInputElement::updatePlaceholderVisibility opening http://billshrink.com

Test: fast/forms/placeholder-non-textfield.html

  • html/HTMLInputElement.cpp: (WebCore::HTMLInputElement::parseMappedAttribute): Only call updatePlaceholderVisibility() when the placeholder attribute changes if the element is a text field.

LayoutTests:

Reviewed by Adele Peterson.

  • test for <rdar://problem/6469944> REGRESSION(3.2.1-ToT): Repro crash in WebCore::HTMLInputElement::updatePlaceholderVisibility opening http://billshrink.com
  • fast/forms/placeholder-non-textfield-expected.txt: Added.
  • fast/forms/placeholder-non-textfield.html: Added.
11:24 AM Changeset in webkit [39519] by pam@chromium.org
  • 2 edits in trunk/WebKitSite

2008-12-30 Brent Fulgham <bfulgham@gmail.com>

Reviewed by Darin Adler.
Landed by Pamela Greene.

Fixes: https://bugs.webkit.org/show_bug.cgi?id=22908.
Update website so that newbies are told they must set the
WebKitOutputDir to get a valid build.

  • building/build.html: Add language (and link) indicating the importance of setting the WebKitOutputDir variable, as well as a link to instructions on how to do so.
4:19 AM Changeset in webkit [39518] by oliver@apple.com
  • 3 edits in trunk/WebCore

First step of Bug 3781: Animation via canvas could be faster

Reviewed by Antti Koivisto.

Amortise the cost of calling repaint by coalescing repaint rects
while the canvas is drawn to. In a later step we'll stop calling
repaint() directly, and instead have all dirty canvases repaint
at the end of JS execution.

3:08 AM Changeset in webkit [39517] by cwzwarich@webkit.org
  • 3 edits in trunk/WebCore

2008-12-30 Cameron Zwarich <cwzwarich@uwaterloo.ca>

Reviewed by Antti Koivisto.

Bug 22931: Using the inspector with purgeable resources leads to assertion failures
<https://bugs.webkit.org/show_bug.cgi?id=22931>

Change InspectorResource::sourceString() so that it doesn't attempt to
unsafely get the data of a purgeable CachedResource.

  • inspector/InspectorController.cpp: (WebCore::InspectorResource::sourceString): Attempt to make a purgeable resource unpurgeable, and if this not possible, return an empty string.
  • loader/CachedResource.h: Make InspectorResource a friend of CachedResource.

Dec 29, 2008:

11:54 PM Changeset in webkit [39516] by oliver@apple.com
  • 2 edits in trunk/JavaScriptCore

Yet another attempt to fix Tiger.

Reviewed by NOBODY(Build fix)

11:46 PM Changeset in webkit [39515] by oliver@apple.com
  • 2 edits in trunk/JavaScriptCore

Tiger build fix (correct this time)

Reviewed by NOBODY(build fix)

11:46 PM Changeset in webkit [39514] by ap@webkit.org
  • 5 edits in trunk/WebCore

Reviewed by Sam Weinig.

https://bugs.webkit.org/show_bug.cgi?id=23023
Remove incomplete support for opportunistic appcache entries

No change in behavior, thus no test.

  • loader/appcache/ApplicationCacheResource.h: (WebCore::ApplicationCacheResource::Type): Removed Opportunistic bit, will re-use when schema version changes.
  • loader/DocumentLoader.cpp: (WebCore::DocumentLoader::scheduleApplicationCacheLoad):
  • loader/appcache/ApplicationCacheGroup.cpp: (WebCore::ApplicationCacheGroup::didFinishLoadingManifest):
  • loader/appcache/ApplicationCacheResource.cpp: (WebCore::ApplicationCacheResource::dumpType):
11:42 PM Changeset in webkit [39513] by cwzwarich@webkit.org
  • 2 edits in trunk/JavaScriptCore

2008-12-29 Cameron Zwarich <cwzwarich@uwaterloo.ca>

Rubber-stamped by Alexey Proskuryakov.

Revert r39509, because kjsyydebug is used in the generated code if YYDEBUG is 1.

  • parser/Grammar.y:
11:39 PM Changeset in webkit [39512] by oliver@apple.com
  • 2 edits in trunk/JavaScriptCore

Tiger build fix

Reviewed by NOBODY(build fix)

11:33 PM Changeset in webkit [39511] by krit@webkit.org
  • 2 edits in trunk/WebCore

2008-12-29 Dirk Schulze <krit@webkit.org>

Reviewed by Oliver Hunt.

Add arcTo support for Cairo. This is needed by Canvas.
Cairo has no native support for arcTo. We have to make our
own implementation.

[Canvas] Cairo needs arcTo
https://bugs.webkit.org/show_bug.cgi?id=23003

  • platform/graphics/cairo/PathCairo.cpp: (WebCore::Path::addArcTo):
11:21 PM Changeset in webkit [39510] by oliver@apple.com
  • 3 edits in trunk/JavaScriptCore

<rdar://problem/6358108> Insecure randomness in Math.random() leads to user tracking

Reviewed by Mark Rowe

Switch to arc4random on PLATFORM(DARWIN), this is ~1.5x slower than random(), but the
it is still so fast that there is no fathomable way it could be a bottleneck for anything.

randomNumber is called in two places

  • During form submission where it is called once per form
  • Math.random in JSC. For this difference to show up you have to be looping on a cached local copy of random, for a large (>10000) calls.

No change in SunSpider.

10:15 PM Changeset in webkit [39509] by cwzwarich@webkit.org
  • 2 edits in trunk/JavaScriptCore

2008-12-29 Cameron Zwarich <cwzwarich@uwaterloo.ca>

Rubber-stamped by Sam Weinig.

Remove unused kjsyydebug #define.

  • parser/Grammar.y:
10:15 PM Changeset in webkit [39508] by oliver@apple.com
  • 3 edits
    3 adds in trunk

Bug 23030: Cannot setTransform with a non-invertible ctm

Reviewed by Cameron Zwarich.

Removed a series of unnecessary and incorrect checks for an invertible
transform.

Test: fast/canvas/canvas-set-properties-with-non-invertible-ctm.html

9:37 PM Changeset in webkit [39507] by cwzwarich@webkit.org
  • 2 edits in trunk/JavaScriptCore

2008-12-29 Cameron Zwarich <cwzwarich@uwaterloo.ca>

Reviewed by Oliver Hunt and Sam Weinig.

Bug 23029: REGRESSION (r39337): jsfunfuzz generates identical test files
<https://bugs.webkit.org/show_bug.cgi?id=23029>
<rdar://problem/6469185>

The unification of random number generation in r39337 resulted in random()
being initialized on Darwin, but rand() actually being used. Fix this by
making randomNumber() use random() instead of rand() on Darwin.

  • wtf/RandomNumber.cpp: (WTF::randomNumber):
9:10 PM Changeset in webkit [39506] by oliver@apple.com
  • 2 edits in trunk/WebCore

2008-12-29 Josh Roesslein <jroesslein@gmail.com>

Reviewed by Oliver Hunt.

Fixes: https://bugs.webkit.org/show_bug.cgi?id=22968

Context menu rendering error when full page zoomed

7:00 PM Changeset in webkit [39505] by weinig@apple.com
  • 2 edits in trunk/JavaScriptCore

2008-12-29 Sam Weinig <sam@webkit.org>

Fix buildbots.

  • runtime/Structure.cpp:
6:05 PM Changeset in webkit [39504] by weinig@apple.com
  • 3 edits in trunk/WebCore

2008-12-29 Sam Weinig <sam@webkit.org>

Reviewed by Mark Rowe.

Add some basic memory statistic logging for Node.

  • dom/Node.cpp: (WebCore::Node::dumpStatistics): (WebCore::Node::Node): (WebCore::Node::~Node): (WebCore::Node::setDocument):
  • dom/Node.h:
6:03 PM Changeset in webkit [39503] by weinig@apple.com
  • 3 edits in trunk/WebCore

2008-12-29 Sam Weinig <sam@webkit.org>

Reviewed by Anders Carlsson.

Remove one use of DeprecatedPtrList.

  • css/CSSRuleList.cpp: (WebCore::CSSRuleList::~CSSRuleList): (WebCore::CSSRuleList::length): (WebCore::CSSRuleList::item): (WebCore::CSSRuleList::deleteRule): (WebCore::CSSRuleList::append): (WebCore::CSSRuleList::insertRule):
  • css/CSSRuleList.h: Change m_lstCSSRules from using DeprecatedPtrList to a Vector. I measured no performance change and was comforted by the fact that we use a Vector for StyleList, which serves the exact same purpose.
4:28 PM Changeset in webkit [39502] by weinig@apple.com
  • 4 edits in trunk/JavaScriptCore

2008-12-29 Sam Weinig <sam@webkit.org>

Reviewed by Oliver Hunt.

Patch for https://bugs.webkit.org/show_bug.cgi?id=23026
Move the deleted offsets vector into the PropertyMap

Saves 3 words per Structure.

  • runtime/PropertyMapHashTable.h:
  • runtime/Structure.cpp: (JSC::Structure::addPropertyTransition): (JSC::Structure::changePrototypeTransition): (JSC::Structure::getterSetterTransition): (JSC::Structure::toDictionaryTransition): (JSC::Structure::fromDictionaryTransition): (JSC::Structure::copyPropertyTable): (JSC::Structure::put): (JSC::Structure::remove): (JSC::Structure::rehashPropertyMapHashTable):
  • runtime/Structure.h: (JSC::Structure::propertyStorageSize):
1:42 PM Changeset in webkit [39501] by adele@apple.com
  • 2 edits in trunk/WebCore

2008-12-29 Adele Peterson <adele@apple.com>

Reviewed by Brady Eidson.

Fix for https://bugs.webkit.org/show_bug.cgi?id=21797
<rdar://problem/6310682> REGRESSION: Crash in CFHTTPCookieStorageCopy beneath WebCore::cookies() when
running fast/dom/document-attribute-js-null.html and http/tests/security/cookies/create-document.html


Return early if the document is trying to get or set a cookie with an empty cookie url.

  • dom/Document.cpp: (WebCore::Document::cookie): (WebCore::Document::setCookie):
12:30 PM Changeset in webkit [39500] by ap@webkit.org
  • 1 edit
    1 add
    1 delete in trunk/LayoutTests

Index: LayoutTests/ChangeLog
===================================================================
--- LayoutTests/ChangeLog (revision 39499)
+++ LayoutTests/ChangeLog (working copy)
@@ -1,3 +1,12 @@
+2008-12-29 Alexey Proskuryakov <ap@webkit.org>
+
+ Reviewed by NOBODY (OOPS!).
+
+ Fix Windows svn update - replace a file with a semicolon in its name with an Apache rewrite.
+
+ * http/tests/appcache/resources/.htaccess: Added.
+ * http/tests/appcache/resources/UNKNOWN_SECTION:: Removed.
+

2008-12-29 Glenn Wilson <gwilson@chromium.org>


Reviewed by Darin Adler.

Index: LayoutTests/http/tests/appcache/resources/.htaccess
===================================================================
--- LayoutTests/http/tests/appcache/resources/.htaccess (revision 0)
+++ LayoutTests/http/tests/appcache/resources/.htaccess (revision 0)
@@ -0,0 +1,2 @@
+RewriteEngine on
+RewriteRule UNKNOWN_SECTION: simple.txt [L,NS]
Index: LayoutTests/http/tests/appcache/resources/UNKNOWN_SECTION:
===================================================================

11:22 AM Changeset in webkit [39499] by pam@chromium.org
  • 1 edit
    2 adds in trunk/LayoutTests

2008-12-29 Glenn Wilson <gwilson@chromium.org>

Reviewed by Darin Adler.
Landed by Pamela Greene.

Added new layout tests verifying that using a locally-scoped
variable in an event handler of a form takes precedence over
names of items in that form.

See: https://bugs.webkit.org/show_bug.cgi?id=22977

  • fast/forms/var-name-conflict-in-form-event-handler-expected.txt: Added.
  • fast/forms/var-name-conflict-in-form-event-handler.html: Added.
3:08 AM Changeset in webkit [39498] by cwzwarich@webkit.org
  • 2 edits in trunk/JavaScriptCore

2008-12-29 Cameron Zwarich <cwzwarich@uwaterloo.ca>

Reviewed by Oliver Hunt.

Change code using m_body.get() as a boolean to take advantage of the
implicit conversion of RefPtr to boolean.

  • runtime/JSFunction.cpp: (JSC::JSFunction::~JSFunction):

Dec 28, 2008:

5:35 PM Changeset in webkit [39497] by cwzwarich@webkit.org
  • 2 edits in trunk/WebCore

2008-12-28 Cameron Zwarich <cwzwarich@uwaterloo.ca>

Reviewed by Sam Weinig.

Bug 23016: JavaScriptDebugServer::recompileAllJSFunctions() should not execute JS while reparsing all functions
<https://bugs.webkit.org/show_bug.cgi?id=23016>
<rdar://problem/6425077>

JavaScriptDebugServer::recompileAllJSFunctions() calls sourceParsed() while
reparsing all JS functions, which will execute JS in the inspector. Depending
on the order in which functions are recompiled, a function could have a new
body but other functions that have not been recompiled could have an optimized
(in the sense of inline caching) call to it, bypassing the check of whether or
not there is generated bytecode. This leads to a crash caused by accessing
indices off of a null pointer.

To fix the problem, simply delay calling sourceParsed() until after all functions
have been reparsed. The crash isn't 100% reproducible, but on the one test case
I have, this makes it impossible to reproduce after a large number of attempts,
when it used to happen every few attempts.

  • inspector/JavaScriptDebugServer.cpp: (WebCore::JavaScriptDebugServer::recompileAllJSFunctions):
4:25 PM Changeset in webkit [39496] by Nikolas Zimmermann
  • 3 edits in trunk/WebCore

Rubber-stamped by Antti Koivisto.
Oops, remove some last minute ASSERTS that are obviously wrong.

4:16 PM Changeset in webkit [39495] by Nikolas Zimmermann
  • 10 edits
    1 add in trunk/WebCore

Reviewed by Antti Koivisto.

Fixes: https://bugs.webkit.org/show_bug.cgi?id=23015

Don't rely on HTMLFormControlElement in RenderTextControl.

Introduce an abstract FormControlElement class, containing the
valueMatchesRenderer/setValueMatchesRenderer, the only HTMLFormControlElement
specific methods that RenderTextControl relies on.

This makes it possible for WML to reuse RenderTextControl.
RenderTextControlSingleLine still relies on HTMLInputElement,
this will change if WMLInputElement is introduced.

1:33 PM Changeset in webkit [39494] by cwzwarich@webkit.org
  • 3 edits in trunk/WebCore

2008-12-28 Cameron Zwarich <cwzwarich@uwaterloo.ca>

Reviewed by Darin Adler.

Bug 23006: Many Loader::Host member functions are not safe to use reentrantly
<https://bugs.webkit.org/show_bug.cgi?id=23006>
<rdar://problem/6216106>

Many Loader::Host member functions set m_processingResource to true when they
begin processing a resource and set it to false when they are done. Thanks to
JavaScript and the web inspector, almost anything can happen during the
processing of a resource, including these functions being called reentrantly,
which is unsafe due to this way of using m_processingResource.

This can theoretically cause a Loader::Host to be used after it is freed,
because when Loader::servedPendingRequests() is called, it will free Hosts
that have m_processingResource set to false.

To fix this, we replace m_processingResource with m_numResourcesProcessing,
which is incremented and decremented using a helper object, ProcessingResource.

There are no occurrences of crashes caused by this bug that are reproducible
by multiple people, but this fixes the problem of m_processingResource being
set to false while a Host is still alive.

  • loader/loader.cpp: (WebCore::Loader::Host::Host): (WebCore::Loader::Host::didFinishLoading): Change to use ProcessingResource instead of manually setting m_processingResource. (WebCore::Loader::Host::didFail): Ditto. (WebCore::Loader::Host::didReceiveData): Ditto.
  • loader/loader.h: (WebCore::Loader::Host::ProcessingResource::ProcessingResource): Added. (WebCore::Loader::Host::ProcessingResource::~ProcessingResource): Added. (WebCore::Loader::Host::processingResource): Change to use m_numResourcesProcessing instead of just getting m_processingResource.
11:40 AM Changeset in webkit [39493] by ap@webkit.org
  • 3 edits
    2 adds in trunk

Reviewed by Darin Adler.

https://bugs.webkit.org/show_bug.cgi?id=23007
REGRESSION: Timer-related crash when closing Web Inspector

Test: fast/dom/Window/remove-timeout-crash.html

  • bindings/js/DOMTimer.cpp: (WebCore::DOMTimer::fired): Besides deleting the timer, make sure to remove it from a Document map.
9:19 AM Changeset in webkit [39492] by ap@webkit.org
  • 3 edits
    4 adds in trunk

Reviewed by Anders Carlsson.

https://bugs.webkit.org/show_bug.cgi?id=23012
Bring application cache manifest parsing up to date

Test: http/tests/appcache/manifest-parsing.html

  • loader/appcache/ManifestParser.cpp: (WebCore::Mode): Added a constant for unknown sections, which are ignored when parsing. This is necessary for future extensions. (WebCore::parseManifest): Parse unknown sections correctly. Ignore trailing tokens in supported sections.
9:12 AM Changeset in webkit [39491] by ap@webkit.org
  • 9 edits
    2 moves
    7 adds in trunk/LayoutTests

Reviewed by Anders Carlsson.

https://bugs.webkit.org/show_bug.cgi?id=23009
Add a test for application cache offline operation

  • http/tests/resources/network-simulator.php: A proxy script to simulate a network connection that can go offline, using an infinite redirect loop in offline mode to generate an error.
  • http/tests/appcache/offline-access-expected.txt: Added.
  • http/tests/appcache/offline-access.html: Added.
  • http/tests/appcache/resources/offline-access-frame.html: Added.
  • http/tests/appcache/resources/offline-access.js: Added.
  • http/tests/appcache/resources/offline-access.manifest: Added. Test that an application loads successfully from cache.
  • http/tests/resources: Added.
  • http/tests/resources/portabilityLayer.php: Copied from LayoutTests/http/tests/xmlhttprequest/resources/portabilityLayer.php.
  • http/tests/resources/reset-temp-file.php: Copied from LayoutTests/http/tests/xmlhttprequest/resources/reset-temp-file.php.
  • http/tests/xmlhttprequest/access-control-basic-allow-preflight-cache-invalidation-by-header.html:
  • http/tests/xmlhttprequest/access-control-basic-allow-preflight-cache-invalidation-by-method.html:
  • http/tests/xmlhttprequest/access-control-basic-allow-preflight-cache-timeout.html:
  • http/tests/xmlhttprequest/access-control-basic-allow-preflight-cache.html:
  • http/tests/xmlhttprequest/resources/access-control-basic-preflight-cache-invalidation.php:
  • http/tests/xmlhttprequest/resources/access-control-basic-preflight-cache-timeout.php:
  • http/tests/xmlhttprequest/resources/access-control-basic-preflight-cache.php:
  • http/tests/xmlhttprequest/resources/portabilityLayer.php: Removed.
  • http/tests/xmlhttprequest/resources/reset-temp-file.php: Removed.
  • http/tests/appcache/resources/fail-on-update.php: Moved some common scripts from xmlhttprequest/resources/ to resources/
5:54 AM Changeset in webkit [39490] by Nikolas Zimmermann
  • 13 edits
    4 adds in trunk/WebCore

Reviewed by Darin Adler.

Fixes: https://bugs.webkit.org/show_bug.cgi?id=22996

RenderTextControl heavily depends on HTMLInputElement & HTMLTextAreaElement.
It handles multi & single line text control rendering in one class. Split up
in two new classes: RenderTextControlSingleLine & RenderTextControlMultiLine.

This has several benefits - code is more readable now, the memory usage
for RenderTextControlMultiLine is reduced, as all stuff related to search fields
lives in RenderTextControlSingleLine, and it's easier to introduce an
abstraction for input/textarea-like elements for other HTML flavours like WML.

2:05 AM Changeset in webkit [39489] by ap@webkit.org
  • 8 edits in trunk/WebCore

2008-12-28 Dmitry Titov <dimich@chromium.org>

Reviewed by Darin Adler.

https://bugs.webkit.org/show_bug.cgi?id=22755
Prepare to add create/remove timeout methods to JSWorkerContext by moving
timer-specific code from JSDOMWindowBase to DOMTimer.
Moved everything JS-related from DOMTimer to ScheduledAction.
Now ScheduledAction is what it wanted to be all the time: a JS engine-specific
container for timer callback that knows how to invoke it.
DOMTimer is not anymore JS-specific.

This is mostly moving the code around. No intended functional changes.

  • bindings/js/DOMTimer.cpp: (WebCore::DOMTimer::DOMTimer): (WebCore::DOMTimer::~DOMTimer): (WebCore::DOMTimer::install): (WebCore::DOMTimer::removeById): (WebCore::DOMTimer::fired): (WebCore::DOMTimer::stop):
  • bindings/js/DOMTimer.h:
  • bindings/js/JSDOMWindowBase.cpp: (WebCore::JSDOMWindowBase::installTimeout): (WebCore::JSDOMWindowBase::removeTimeout):
  • bindings/js/JSDOMWindowBase.h:
  • bindings/js/ScheduledAction.cpp: (WebCore::ScheduledAction::execute):
  • bindings/js/ScheduledAction.h:
  • dom/Document.cpp: (WebCore::Document::addTimeout):
12:52 AM Changeset in webkit [39488] by cwzwarich@webkit.org
  • 3 edits
    2 adds in trunk

2008-12-28 Cameron Zwarich <cwzwarich@uwaterloo.ca>

Reviewed by Oliver Hunt.

Bug 22840: REGRESSION (r38349): Gmail doesn't load with profiling enabled
<https://bugs.webkit.org/show_bug.cgi?id=22840>
<rdar://problem/6468077>

JavaScriptCore:

  • bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::emitNewArray): Add an assertion that the range of registers passed to op_new_array is sequential. (JSC::BytecodeGenerator::emitCall): Correct the relocation of registers when emitting profiler hooks so that registers aren't leaked. Also, add an assertion that the 'this' register is always ref'd (because it is), remove the needless protection of the 'this' register when relocating, and add an assertion that the range of registers passed to op_call for function call arguments is sequential. (JSC::BytecodeGenerator::emitConstruct): Correct the relocation of registers when emitting profiler hooks so that registers aren't leaked. Also, add an assertion that the range of registers passed to op_construct for function call arguments is sequential.

LayoutTests:

  • fast/profiler/call-register-leak-expected.txt: Added.
  • fast/profiler/call-register-leak.html: Added.

Dec 27, 2008:

6:54 PM Changeset in webkit [39487] by mrowe@apple.com
  • 13 edits
    1 add in trunk/JavaScriptCore

<rdar://problem/6467376> Race condition in WTF::currentThread can lead to a thread using two different identifiers during its lifetime

If a newly-created thread calls WTF::currentThread() before WTF::createThread calls establishIdentifierForPthreadHandle
then more than one identifier will be used for the same thread. We can avoid this by adding some extra synchronization
during thread creation that delays the execution of the thread function until the thread identifier has been set up, and
an assertion to catch this problem should it reappear in the future.

Reviewed by Alexey Proskuryakov.

  • wtf/Threading.cpp: Added.

(WTF::NewThreadContext::NewThreadContext):
(WTF::threadEntryPoint):
(WTF::createThread): Add cross-platform createThread function that delays the execution of the thread function until
after the thread identifier has been set up.

  • wtf/Threading.h:
  • wtf/ThreadingGtk.cpp:

(WTF::establishIdentifierForThread):
(WTF::createThreadInternal):

  • wtf/ThreadingNone.cpp:

(WTF::createThreadInternal):

  • wtf/ThreadingPthreads.cpp:

(WTF::establishIdentifierForPthreadHandle):
(WTF::createThreadInternal):

  • wtf/ThreadingQt.cpp:

(WTF::identifierByQthreadHandle):
(WTF::establishIdentifierForThread):
(WTF::createThreadInternal):

  • wtf/ThreadingWin.cpp:

(WTF::storeThreadHandleByIdentifier):
(WTF::createThreadInternal):

Add Threading.cpp to the build.

12:30 AM Changeset in webkit [39486] by ap@webkit.org
  • 2 edits in trunk/LayoutTests

Suggested by Dave Levin.

https://bugs.webkit.org/show_bug.cgi?id=22950

Another attempt to fix the failing XHR tests on Tiger buildbot: make file_put_contents
portable implementation return a result.

  • http/tests/xmlhttprequest/resources/portabilityLayer.php:
Note: See TracTimeline for information about the timeline view.