can't set source dynamically #2

nwtn · 2013-04-17T01:51:55Z

<picture> does not load a <source> that is set dynamically with JS, using for e.g. source.src = 'file.png'.

The text was updated successfully, but these errors were encountered:

The change has resulted in ASAN failures: http://build.chromium.org/p/chromium.webkit/builders/WebKit%20Linux%20ASAN/builds/7635/steps/webkit_tests/logs/stdio ==2535==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x604000176835 at pc 0x5b315d5 bp 0x7fffeec0d570 sp 0x7fffeec0d568 READ of size 1 at 0x604000176835 thread T0 (content_shell) #0 0x5b315d4 in WebCore::Length WebCore::parseDimension<unsigned char>(unsigned char const*, unsigned long, unsigned long) ../third_party/WebKit/Source/core/html/HTMLDimension.cpp:62:0 #1 0x5b3111b in WebCore::parseDimension(WTF::String const&, unsigned long, unsigned long) ../third_party/WebKit/Source/core/html/HTMLDimension.cpp:97:0 #2 0x5b30fab in WebCore::parseListOfDimensions(WTF::String const&) ../third_party/WebKit/Source/core/html/HTMLDimension.cpp:129:0 #3 0x5a4ae7f in WebCore::HTMLFrameSetElement::parseAttribute(WebCore::QualifiedName const&, WTF::AtomicString const&) ../third_party/WebKit/Source/core/html/HTMLFrameSetElement.cpp:84:0 This reverts commit ac7e5c0. TBR=jchaffraix@chromium.org Review URL: https://codereview.chromium.org/18565005 git-svn-id: svn://svn.chromium.org/blink/trunk@154013 bbb929c8-8fbe-4397-9dbb-9b2b20218538

This is attempt #2. Attempt #1 was reverted due to some object lifetime issues which were tackled in separate bugs. I also noted the paradigm of RefPtr<AtomicStringImpl> as a map key, which I replaced with functionally-equivalent AtomicString. This may have the advantage of less template specializations. BUG=250050 TEST=layout tests under ASAN ok Review URL: https://chromiumcodereview.appspot.com/19804005 git-svn-id: svn://svn.chromium.org/blink/trunk@154790 bbb929c8-8fbe-4397-9dbb-9b2b20218538

Shapes's polygon tests didn't run because of a typo and some missing js include. Merged revisions: - #1 http://trac.webkit.org/changeset/153338 - #2 http://trac.webkit.org/changeset/153350 Review URL: https://chromiumcodereview.appspot.com/20489004 git-svn-id: svn://svn.chromium.org/blink/trunk@155102 bbb929c8-8fbe-4397-9dbb-9b2b20218538

This patch changes offsetWidth, offsetHeight, offsetLeft, and offsetTop to only layout a portion of the render tree, up to the target renderer. Partial layout leaves the root needing layout so a full layout must happen before painting. An example of the benefit of this patch is wikipedia where the following pattern is common: 1) page load 2) javascript calls offsetWidth, forcing a full layout 3) javascript injects style into the page, invalidating layout 4) a full layout is performed for painting With this patch, the offsetWidth call in #2 is significantly improved. Text autosizing currently removes most of the benefit of this patch, this will be addressed in a followup patch. Similarly, non-overlay scrollbars reduce the benefit from this patch. This is currently implemented behind the PartialLayout runtime enabled feature flag. BUG=283623 Review URL: https://chromiumcodereview.appspot.com/18601002 git-svn-id: svn://svn.chromium.org/blink/trunk@157252 bbb929c8-8fbe-4397-9dbb-9b2b20218538

A lot of code uses isComposited() and compositedLayerMapping() as booleans to check the compositing state of a RenderLayer or RenderObject. However, in the code there are actually 3 different states: (1) not composited (paints into CompositedLayerMapping of a composited ancestor) (2) paints into own CompositedLayerMapping (3) has its own CompositedLayerMapping but actually still paints into composited ancestor. Furthermore, upcoming changes to compositing will add a fourth state: (4) paints into a GraphicsLayer that is shared by a group of layers. This patch removes isComposited() boolean check, and replaces it with compositingState() that returns an enum. Most call sites outside of RenderLayer, CompositedLayerMapping, and RenderLayerCompositor have been updated to reflect what states they really intended to check for. Remaining call sites have been replaced with the compositedLayerMapping() accessor for now, which is exactly equivalent to the old isComposited() boolean, and those sites will be updated in follow-up patches. BUG=261605 R=jamesr@chromium.org, jchaffraix@chromium.org, vollick@chromium.org Review URL: https://codereview.chromium.org/24921002 git-svn-id: svn://svn.chromium.org/blink/trunk@159118 bbb929c8-8fbe-4397-9dbb-9b2b20218538

…removed)" This is in an attempt to remove the crashing occurring on tip of tree. There's no strong reason to suspect this patch except that this patch was a bit large. BUG=306096 TBR=kareng@chromium.org, vollick@chromium.org Review URL: https://codereview.chromium.org/27030009 git-svn-id: svn://svn.chromium.org/blink/trunk@159473 bbb929c8-8fbe-4397-9dbb-9b2b20218538

This switches fastMalloc to PartitionAlloc for Android. Previously, we only used PartitionAlloc for fastMalloc on Mac OS X. According to primiano's measurements, this CL should improve PLT performance on Android by 7%. See referenced bug for details. alexa_us on N10 with default alloc (without # ms/page PSS Dirty #1 227.6 60410 44904 #2 226.1 61547 46008 #3 222.4 55595 40072 #4 224.2 57293 41728 AVG 225.1 58711 43178 alexa_us on N10 with partalloc # ms/page PSS Dirty #1 204.68 54862 39456 #2 208.73 59240 43844 #3 208.57 55164 39788 #4 217.28 58280 42904 AVG 209.81 56886 41498 BUG=312725 R=tonyg@chromium.org Review URL: https://codereview.chromium.org/148013010 git-svn-id: svn://svn.chromium.org/blink/trunk@166271 bbb929c8-8fbe-4397-9dbb-9b2b20218538

…mpatible to tcmalloc R=esprehn@chromium.org TEST=Compile Android build with Deep Memory Profiler support. Go to lenta.ru. Open some news pages. Should not crash. ********** Crash dump: ********** Build fingerprint: 'samsung/GT-I9100/GT-I9100:4.0.3/IML74K/XXLPQ:user/release-keys' pid: 3431, tid: 3444 >>> org.chromium.content_shell_apk:sandboxed_process1 <<< signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 00000039 Stack frame #00 pc 02263b44 /data/data/org.chromium.content_shell_apk/lib/libcontent_shell_content_view.so: Routine Abort in ../../third_party/tcmalloc/chromium/src/base/abort.cc:15 Stack frame #1 pc 0226ccd8 /data/data/org.chromium.content_shell_apk/lib/libcontent_shell_content_view.so: Routine Log in ../../third_party/tcmalloc/chromium/src/internal_logging.cc:120 Stack frame #2 pc 0227584c /data/data/org.chromium.content_shell_apk/lib/libcontent_shell_content_view.so: Routine InvalidFree in (null):0 Stack frame #3 pc 02277698 /data/data/org.chromium.content_shell_apk/lib/libcontent_shell_content_view.so: Routine do_free_with_callback in ../../third_party/tcmalloc/chromium/src/tcmalloc.cc:1166 Stack frame #4 pc 02277898 /data/data/org.chromium.content_shell_apk/lib/libcontent_shell_content_view.so: Routine do_free in ../../third_party/tcmalloc/chromium/src/tcmalloc.cc:1209 Stack frame #5 pc 0229f914 /data/data/org.chromium.content_shell_apk/lib/libcontent_shell_content_view.so: Routine tc_free in ../../third_party/tcmalloc/chromium/src/tcmalloc.cc:1569 Stack frame #6 pc 0158af50 /data/data/org.chromium.content_shell_apk/lib/libcontent_shell_content_view.so: Routine error in (null):0 Stack frame #7 pc 0158aff8 /data/data/org.chromium.content_shell_apk/lib/libcontent_shell_content_view.so: Routine normalErrorHandler in ../../third_party/WebKit/Source/core/xml/parser/XMLDocumentParser.cpp:1305 Stack frame #8 pc 01166dac /data/data/org.chromium.content_shell_apk/lib/libcontent_shell_content_view.so: Routine __xmlRaiseError in ../../third_party/libxml/src/error.c:572 Stack frame #9 pc 0116b7a8 /data/data/org.chromium.content_shell_apk/lib/libcontent_shell_content_view.so: Routine xmlFatalErr in (null):0 Stack frame #10 pc 0117e424 /data/data/org.chromium.content_shell_apk/lib/libcontent_shell_content_view.so: Routine xmlParseTryOrFinish in ../../third_party/libxml/src/parser.c:11453 Stack frame #11 pc 0117ea88 /data/data/org.chromium.content_shell_apk/lib/libcontent_shell_content_view.so: Routine xmlParseChunk in ../../third_party/libxml/src/parser.c:11767 Stack frame #12 pc 0158891c /data/data/org.chromium.content_shell_apk/lib/libcontent_shell_content_view.so: Routine parseChunk in (null):0 Stack frame #13 pc 01589da0 /data/data/org.chromium.content_shell_apk/lib/libcontent_shell_content_view.so: Routine doWrite in ../../third_party/WebKit/Source/core/xml/parser/XMLDocumentParser.cpp:876 Stack frame #14 pc 01589f3c /data/data/org.chromium.content_shell_apk/lib/libcontent_shell_content_view.so: Routine append in ../../third_party/WebKit/Source/wtf/RefPtr.h:49 Stack frame #15 pc 00d07e70 /data/data/org.chromium.content_shell_apk/lib/libcontent_shell_content_view.so: Routine setContent in ../../third_party/WebKit/Source/wtf/PassRefPtr.h:70 Stack frame #16 pc 015770bc /data/data/org.chromium.content_shell_apk/lib/libcontent_shell_content_view.so: Routine responseXML in ../../third_party/WebKit/Source/wtf/PassRefPtr.h:70 Stack frame #17 pc 017bdd20 /data/data/org.chromium.content_shell_apk/lib/libcontent_shell_content_view.so: Routine responseXMLAttributeGetter in ../../third_party/WebKit/Source/wtf/PassRefPtr.h:47 Stack frame #18 pc 017bddc8 /data/data/org.chromium.content_shell_apk/lib/libcontent_shell_content_view.so: Routine responseXMLAttributeGetterCallback in gen/blink/bindings/V8XMLHttpRequest.cpp:219 Stack frame #19 pc 00eb86d8 /data/data/org.chromium.content_shell_apk/lib/libcontent_shell_content_view.so: Routine Call in ../../v8/src/arguments.cc:110 Stack frame #20 pc 01024b5c /data/data/org.chromium.content_shell_apk/lib/libcontent_shell_content_view.so: Routine GetPropertyWithCallback in ../../v8/src/objects.cc:443 Stack frame #21 pc 010304c8 /data/data/org.chromium.content_shell_apk/lib/libcontent_shell_content_view.so: Routine GetProperty in ../../v8/src/objects.cc:971 Stack frame #22 pc 010305dc /data/data/org.chromium.content_shell_apk/lib/libcontent_shell_content_view.so: Routine GetProperty in ../../v8/src/objects.cc:845 Stack frame #23 pc 00fb12f8 /data/data/org.chromium.content_shell_apk/lib/libcontent_shell_content_view.so: Routine Load in ../../v8/src/ic.cc:875 Stack frame #24 pc 00fb1b78 /data/data/org.chromium.content_shell_apk/lib/libcontent_shell_content_view.so: Routine __RT_impl_LoadIC_Miss in ../../v8/src/ic.cc:2076 Stack frame #25 pc 00fb1bd0 /data/data/org.chromium.content_shell_apk/lib/libcontent_shell_content_view.so: Routine LoadIC_Miss in (null):0 Review URL: https://codereview.chromium.org/143903018 git-svn-id: svn://svn.chromium.org/blink/trunk@166520 bbb929c8-8fbe-4397-9dbb-9b2b20218538

…dereview.chromium.org/183793002/) Reason for revert: Possibly causing content_browsertests EndToEnd to fail. See: http://build.chromium.org/p/chromium.webkit/builders/Linux%20Tests%20%28dbg%29/builds/2095/steps/content_browsertests/logs/stdio Output: [20917:20917:0327/122353:3268961829:INFO:CONSOLE(0)] "Uncaught TypeError: Cannot convert undefined or null to object", source: http://127.0.0.1:34379/files/web_ui_mojo.html (0) [20917:20917:0327/122353:3269022437:INFO:CONSOLE(28)] "Uncaught TypeError: undefined is not a function", source: http://127.0.0.1:34379/files/web_ui_mojo.js (28) BrowserTestBase signal handler received SIGTERM. Backtrace: #0 0x000000a593be base::debug::StackTrace::StackTrace() #1 0x000002bfc17b content::(anonymous namespace)::DumpStackTraceSignalHandler() #2 0x7f9c3e4ab4a0 <unknown> #3 0x7f9c3e55da43 __poll #4 0x7f9c42aabff6 <unknown> #5 0x7f9c42aac124 g_main_context_iteration #6 0x000000aaaf5f base::MessagePumpGlib::RunWithDispatcher() #7 0x000000a8e802 base::RunLoop::Run() #8 0x00000058256e content::(anonymous namespace)::WebUIMojoTest_EndToEnd_Test::RunTestOnMainThread() Original issue's description: > Make start/stop loading notifications per-frame > > Also, make ProgressTracker a frame-level concept rather than a page-level concept and merge it with FrameLoader's FrameProgressTracker helper. Send per-frame progress change notifications accordingly. > > This depends on https://codereview.chromium.org/180113003/ landing in chromium. > > BUG=347643 > > Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=170192 TBR=abarth@chromium.org,japhet@chromium.org NOTREECHECKS=true NOTRY=true BUG=347643 Review URL: https://codereview.chromium.org/215533004 git-svn-id: svn://svn.chromium.org/blink/trunk@170218 bbb929c8-8fbe-4397-9dbb-9b2b20218538

…ttps://codereview.chromium.org/215533004/) Reason for revert: r170192 was not a culprit. Original issue's description: > Revert of Make start/stop loading notifications per-frame (https://codereview.chromium.org/183793002/) > > Reason for revert: > Possibly causing content_browsertests EndToEnd to fail. > > See: http://build.chromium.org/p/chromium.webkit/builders/Linux%20Tests%20%28dbg%29/builds/2095/steps/content_browsertests/logs/stdio > > Output: > [20917:20917:0327/122353:3268961829:INFO:CONSOLE(0)] "Uncaught TypeError: Cannot convert undefined or null to object", source: http://127.0.0.1:34379/files/web_ui_mojo.html (0) > [20917:20917:0327/122353:3269022437:INFO:CONSOLE(28)] "Uncaught TypeError: undefined is not a function", source: http://127.0.0.1:34379/files/web_ui_mojo.js (28) > BrowserTestBase signal handler received SIGTERM. Backtrace: > #0 0x000000a593be base::debug::StackTrace::StackTrace() > #1 0x000002bfc17b content::(anonymous namespace)::DumpStackTraceSignalHandler() > #2 0x7f9c3e4ab4a0 <unknown> > #3 0x7f9c3e55da43 __poll > #4 0x7f9c42aabff6 <unknown> > #5 0x7f9c42aac124 g_main_context_iteration > #6 0x000000aaaf5f base::MessagePumpGlib::RunWithDispatcher() > #7 0x000000a8e802 base::RunLoop::Run() > #8 0x00000058256e content::(anonymous namespace)::WebUIMojoTest_EndToEnd_Test::RunTestOnMainThread() > > Original issue's description: > > Make start/stop loading notifications per-frame > > > > Also, make ProgressTracker a frame-level concept rather than a page-level concept and merge it with FrameLoader's FrameProgressTracker helper. Send per-frame progress change notifications accordingly. > > > > This depends on https://codereview.chromium.org/180113003/ landing in chromium. > > > > BUG=347643 > > > > Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=170192 > > TBR=abarth@chromium.org,japhet@chromium.org > NOTREECHECKS=true > NOTRY=true > BUG=347643 > > Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=170218 TBR=abarth@chromium.org,japhet@chromium.org,enne@chromium.org NOTREECHECKS=true NOTRY=true BUG=347643 Review URL: https://codereview.chromium.org/216083002 git-svn-id: svn://svn.chromium.org/blink/trunk@170248 bbb929c8-8fbe-4397-9dbb-9b2b20218538

…of a pointer (https://codereview.chromium.org/209713003/) Also reverting dependent patch https://codereview.chromium.org/213543004 Reason for revert: Likely to have caused memory leaks: http://build.chromium.org/p/chromium.memory/builders/Linux%20ASan%2BLSan%20Tests%20%282%29/builds/989/steps/browser_tests/logs/stdio#failure1 (1) Direct leak of 32 byte(s) in 1 object(s) allocated from: #0 0x4b50d1 in operator new(unsigned long) /usr/local/google/home/hwennborg/chromium/src/third_party/llvm/projects/compiler-rt/lib/asan/asan_new_delete.cc:62 #1 0x9bdfd8a in WebCore::V8PerContextDataHolder::install(v8::Handle<v8::Context>, WTF::PassRefPtr<WebCore::DOMWrapperWorld>) third_party/WebKit/Source/bindings/v8/V8PerContextData.cpp:56 #2 0x9bdfa06 in WebCore::V8PerContextData::V8PerContextData(v8::Handle<v8::Context>, WTF::PassRefPtr<WebCore::DOMWrapperWorld>) third_party/WebKit/Source/bindings/v8/V8PerContextData.cpp:108 #3 0x9bc1afd in WebCore::V8PerContextData::create(v8::Handle<v8::Context>, WTF::PassRefPtr<WebCore::DOMWrapperWorld>) third_party/WebKit/Source/bindings/v8/V8PerContextData.h:66:16 #4 0x9be64fc in WebCore::V8PerIsolateData::ensureDomInJSContext() third_party/WebKit/Source/bindings/v8/V8PerIsolateData.cpp:132 (2) Indirect leak of 40 byte(s) in 1 object(s) allocated from: #0 0x4b50d1 in operator new(unsigned long) /usr/local/google/home/hwennborg/chromium/src/third_party/llvm/projects/compiler-rt/lib/asan/asan_new_delete.cc:62 #1 0x9b2ee18 in operator new third_party/WebKit/Source/bindings/v8/DOMWrapperWorld.cpp:59:22 #2 0x9b2ee18 in WebCore::DOMWrapperWorld::create(int, int) third_party/WebKit/Source/bindings/v8/DOMWrapperWorld.cpp:53 #3 0x9be64e7 in WebCore::V8PerIsolateData::ensureDomInJSContext() third_party/WebKit/Source/bindings/v8/V8PerIsolateData.cpp:132 (3) Indirect leak of 24 byte(s) in 1 object(s) allocated from: #0 0x4b46c1 in __interceptor_malloc /usr/local/google/home/hwennborg/chromium/src/third_party/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:75 #1 0x62caf0a in partitionAllocGenericFlags third_party/WebKit/Source/wtf/PartitionAlloc.h:533 #2 0x62caf0a in partitionAllocGeneric third_party/WebKit/Source/wtf/PartitionAlloc.h:549 #3 0x62caf0a in WTF::fastMalloc(unsigned long) third_party/WebKit/Source/wtf/FastMalloc.cpp:125 #4 0x9b2ed61 in operator new third_party/WebKit/Source/wtf/RefCounted.h:175 #5 0x9b2ed61 in WebCore::DOMWrapperWorld::create(int, int) third_party/WebKit/Source/bindings/v8/DOMWrapperWorld.cpp:53 Original issue's description: > Make DOMWrapperWorld::current() return a reference instead of a pointer > > Now that it's guaranteed that DOMWrapperWorld is not 0 at any given time, we can make it a reference instead of a pointer. > > BUG=341032 > > Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=170261 TBR=jochen@chromium.org,dcarney@chromium.org,abarth@chromium.org,haraken@chromium.org NOTREECHECKS=true NOTRY=true BUG=341032 Review URL: https://codereview.chromium.org/217053007 git-svn-id: svn://svn.chromium.org/blink/trunk@170357 bbb929c8-8fbe-4397-9dbb-9b2b20218538

This is a revert of the revert of r170261. r170261 was reverted because it introduced new memory leaks, but the leaks were false-positive. > Revert of Make DOMWrapperWorld::current() return a reference instead of a pointer (https://codereview.chromium.org/209713003/) > > Also reverting dependent patch https://codereview.chromium.org/213543004 > > Reason for revert: > Likely to have caused memory leaks: > http://build.chromium.org/p/chromium.memory/builders/Linux%20ASan%2BLSan%20Tests%20%282%29/builds/989/steps/browser_tests/logs/stdio#failure1 > > (1) > Direct leak of 32 byte(s) in 1 object(s) allocated from: > #0 0x4b50d1 in operator new(unsigned long) /usr/local/google/home/hwennborg/chromium/src/third_party/llvm/projects/compiler-rt/lib/asan/asan_new_delete.cc:62 > #1 0x9bdfd8a in WebCore::V8PerContextDataHolder::install(v8::Handle<v8::Context>, WTF::PassRefPtr<WebCore::DOMWrapperWorld>) third_party/WebKit/Source/bindings/v8/V8PerContextData.cpp:56 > #2 0x9bdfa06 in WebCore::V8PerContextData::V8PerContextData(v8::Handle<v8::Context>, WTF::PassRefPtr<WebCore::DOMWrapperWorld>) third_party/WebKit/Source/bindings/v8/V8PerContextData.cpp:108 > #3 0x9bc1afd in WebCore::V8PerContextData::create(v8::Handle<v8::Context>, WTF::PassRefPtr<WebCore::DOMWrapperWorld>) third_party/WebKit/Source/bindings/v8/V8PerContextData.h:66:16 > #4 0x9be64fc in WebCore::V8PerIsolateData::ensureDomInJSContext() third_party/WebKit/Source/bindings/v8/V8PerIsolateData.cpp:132 > > (2) > Indirect leak of 40 byte(s) in 1 object(s) allocated from: > #0 0x4b50d1 in operator new(unsigned long) /usr/local/google/home/hwennborg/chromium/src/third_party/llvm/projects/compiler-rt/lib/asan/asan_new_delete.cc:62 > #1 0x9b2ee18 in operator new third_party/WebKit/Source/bindings/v8/DOMWrapperWorld.cpp:59:22 > #2 0x9b2ee18 in WebCore::DOMWrapperWorld::create(int, int) third_party/WebKit/Source/bindings/v8/DOMWrapperWorld.cpp:53 > #3 0x9be64e7 in WebCore::V8PerIsolateData::ensureDomInJSContext() third_party/WebKit/Source/bindings/v8/V8PerIsolateData.cpp:132 > > (3) > Indirect leak of 24 byte(s) in 1 object(s) allocated from: > #0 0x4b46c1 in __interceptor_malloc /usr/local/google/home/hwennborg/chromium/src/third_party/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:75 > #1 0x62caf0a in partitionAllocGenericFlags third_party/WebKit/Source/wtf/PartitionAlloc.h:533 > #2 0x62caf0a in partitionAllocGeneric third_party/WebKit/Source/wtf/PartitionAlloc.h:549 > #3 0x62caf0a in WTF::fastMalloc(unsigned long) third_party/WebKit/Source/wtf/FastMalloc.cpp:125 > #4 0x9b2ed61 in operator new third_party/WebKit/Source/wtf/RefCounted.h:175 > #5 0x9b2ed61 in WebCore::DOMWrapperWorld::create(int, int) third_party/WebKit/Source/bindings/v8/DOMWrapperWorld.cpp:53 > > Original issue's description: > > Make DOMWrapperWorld::current() return a reference instead of a pointer > > > > Now that it's guaranteed that DOMWrapperWorld is not 0 at any given time, we can make it a reference instead of a pointer. > > > > BUG=341032 > > > > Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=170261 > > TBR=jochen@chromium.org,dcarney@chromium.org,abarth@chromium.org,haraken@chromium.org > NOTREECHECKS=true > NOTRY=true > BUG=341032 > > Review URL: https://codereview.chromium.org/217053007 TBR=enne@chromium.org Review URL: https://codereview.chromium.org/218813002 git-svn-id: svn://svn.chromium.org/blink/trunk@170424 bbb929c8-8fbe-4397-9dbb-9b2b20218538

This is the final patch in a three-part series towards early termination of flings when scrolling is impossible, cleaning up now unused portions of the WebGestureCurveTarget interface. Blink patch (#1) https://codereview.chromium.org/139493003/ Chromium patch (#2): https://codereview.chromium.org/136173004/ Review URL: https://codereview.chromium.org/217893004 git-svn-id: svn://svn.chromium.org/blink/trunk@170887 bbb929c8-8fbe-4397-9dbb-9b2b20218538

…nd shorthand background-repeat serialization did not handle initial keyword values in background-repeat value lists. Initial values in value lists are introduced by setting the background shorthand to multiple background values while omitting background-repeat properties. Example: background: url(#1), url(#2), url(#3); The background-repeat gets stored internally as "initial, initial, initial". This patch updates StylePropertySerializer::backgroundRepeatPropertyValue() to handle this case correctly. BUG=378167 Review URL: https://codereview.chromium.org/303993003 git-svn-id: svn://svn.chromium.org/blink/trunk@175261 bbb929c8-8fbe-4397-9dbb-9b2b20218538

This ctor is expected to be added to the spec: w3c/ServiceWorker#192 Eventually we'll also have ctors for String, Stream, and ArrayBuffer bodies. Multi-sided patch to implement blob-type fetch event response bodies: #1: blink-side, THIS PATCH #2: chromium-side: https://codereview.chromium.org/304153015/ #3: blink-side: https://codereview.chromium.org/304233017 BUG=379074 Review URL: https://codereview.chromium.org/307063002 git-svn-id: svn://svn.chromium.org/blink/trunk@175350 bbb929c8-8fbe-4397-9dbb-9b2b20218538

…//codereview.chromium.org/312683005/) Reason for revert: This patch is the most likely candidate for browser test failures: http://build.chromium.org/p/chromium.webkit/builders/Linux%20Tests%20%28dbg%29/builds/2905 BrowserTestBase signal handler received SIGTERM. Backtrace: #0 0x7f2c2a201a1d base::debug::StackTrace::StackTrace() #1 0x00000460caf2 content::(anonymous namespace)::DumpStackTraceSignalHandler() #2 0x7f2c232cd4a0 \u003Cunknown> #3 0x7f2c2337f313 __poll #4 0x7f2c240b6036 \u003Cunknown> #5 0x7f2c240b6164 g_main_context_iteration #6 0x7f2c2a1c9b45 base::MessagePumpGlib::Run() #7 0x7f2c2a29eed7 base::MessageLoop::RunHandler() #8 0x7f2c2a2f69d8 base::RunLoop::Run() #9 0x00000466bd59 content::RunThisRunLoop() #10 0x00000466c1b8 content::MessageLoopRunner::Run() #11 0x000004610946 content::TitleWatcher::WaitAndGetTitle() #12 0x0000011fdf00 MediaBrowserTest::RunTest() #13 0x0000011fdc00 MediaBrowserTest::RunMediaTestPage() #14 0x0000011ec98b EncryptedMediaTestBase::RunEncryptedMediaTestPage() #15 0x0000011ee5fa EncryptedMediaTest::TestConfigChange() #16 0x0000011eb73a EncryptedMediaTest_ConfigChangeVideo_Test::RunTestOnMainThread() ... Please look into it. An alterate possible candidate is https://codereview.chromium.org/327553002 but I think that's less likely. Original issue's description: > IDL: Support optional argument default value syntax > > Adds support for parsing default values of different types, but > only handles null default values when generating code. > > Replaces existing > > [Default=Null] optional SomeInterface arg > [Default=NullString] optional DOMString arg > > with the now equivalent > > optional SomeInterface arg = null > optional DOMString arg = null > > in IDL files, and drops support for those [Default] attributes. > > No changes to generated code. > > BUG=258153 > > Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=176200 TBR=nbarth@chromium.org,haraken@chromium.org,pavan.e@samsung.com,jsbell@chromium.org,jl@opera.com NOTREECHECKS=true NOTRY=true BUG=258153 Review URL: https://codereview.chromium.org/339683002 git-svn-id: svn://svn.chromium.org/blink/trunk@176220 bbb929c8-8fbe-4397-9dbb-9b2b20218538

…ax (https://codereview.chromium.org/339683002/) Reason for revert: Revert the revert because the bot went green even without this revert, and other bots had no trouble. Original issue's description: > Revert of IDL: Support optional argument default value syntax (https://codereview.chromium.org/312683005/) > > Reason for revert: > This patch is the most likely candidate for browser test failures: http://build.chromium.org/p/chromium.webkit/builders/Linux%20Tests%20%28dbg%29/builds/2905 > > BrowserTestBase signal handler received SIGTERM. Backtrace: > #0 0x7f2c2a201a1d base::debug::StackTrace::StackTrace() > #1 0x00000460caf2 content::(anonymous namespace)::DumpStackTraceSignalHandler() > #2 0x7f2c232cd4a0 \u003Cunknown> > #3 0x7f2c2337f313 __poll > #4 0x7f2c240b6036 \u003Cunknown> > #5 0x7f2c240b6164 g_main_context_iteration > #6 0x7f2c2a1c9b45 base::MessagePumpGlib::Run() > #7 0x7f2c2a29eed7 base::MessageLoop::RunHandler() > #8 0x7f2c2a2f69d8 base::RunLoop::Run() > #9 0x00000466bd59 content::RunThisRunLoop() > #10 0x00000466c1b8 content::MessageLoopRunner::Run() > #11 0x000004610946 content::TitleWatcher::WaitAndGetTitle() > #12 0x0000011fdf00 MediaBrowserTest::RunTest() > #13 0x0000011fdc00 MediaBrowserTest::RunMediaTestPage() > #14 0x0000011ec98b EncryptedMediaTestBase::RunEncryptedMediaTestPage() > #15 0x0000011ee5fa EncryptedMediaTest::TestConfigChange() > #16 0x0000011eb73a EncryptedMediaTest_ConfigChangeVideo_Test::RunTestOnMainThread() > ... > > Please look into it. An alterate possible candidate is https://codereview.chromium.org/327553002 but I think that's less likely. > > Original issue's description: > > IDL: Support optional argument default value syntax > > > > Adds support for parsing default values of different types, but > > only handles null default values when generating code. > > > > Replaces existing > > > > [Default=Null] optional SomeInterface arg > > [Default=NullString] optional DOMString arg > > > > with the now equivalent > > > > optional SomeInterface arg = null > > optional DOMString arg = null > > > > in IDL files, and drops support for those [Default] attributes. > > > > No changes to generated code. > > > > BUG=258153 > > > > Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=176200 > > TBR=nbarth@chromium.org,haraken@chromium.org,pavan.e@samsung.com,jsbell@chromium.org,jl@opera.com > NOTREECHECKS=true > NOTRY=true > BUG=258153 > > Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=176220 TBR=nbarth@chromium.org,haraken@chromium.org,pavan.e@samsung.com,jsbell@chromium.org,jl@opera.com NOTREECHECKS=true NOTRY=true BUG=258153 Review URL: https://codereview.chromium.org/339723002 git-svn-id: svn://svn.chromium.org/blink/trunk@176231 bbb929c8-8fbe-4397-9dbb-9b2b20218538

…ructed Currently an unresolved Promise on RespondWithObserver is forcibly rejected when the RespondWithObserver is destructed. This means that an unresolved Promise registered with fetchEvent.respondWith() is forcibly rejected when the fetchEvent is destructed. This behavior is not good because it makes GC observable. (For more details, see comment #2 and #4 in the CL discussion.) Given the above, this CL stops rejecting an unresolved Promise in RespondWithObserver's destructor. Also this CL removes a test that were testing the behavior. The removed test should hang after this change (because an unresolved Promise is never resolved nor rejected). BUG=400645 Review URL: https://codereview.chromium.org/442183003 git-svn-id: svn://svn.chromium.org/blink/trunk@179695 bbb929c8-8fbe-4397-9dbb-9b2b20218538

…ots first and conservative second. (http… (patchset #2 of https://codereview.chromium.org/413133006/) Reason for revert: This breaks strongification of ephemerons when there are pointers on the stack. See: https://codereview.chromium.org/461413002/ for details. Original issue's description: > Revert "Revert of [oilpan]: Change marking to do precise roots first and conservative second. (https://codereview.chromium.org/405403003/)" > > This reverts commit 765af3a. > > AFAICT the CrossThreadPointerToOrphanedPage test was a bit flaky in the sense that the compiler was free to reuse the slot where the stackPtrValue was located after the RELEASE_ASSERT. However the test assumed the stackPtrValue was on the stack (to mimic a rogue integer value finding a dead object) when doing the conservative GC further down. > After my change to Heap::CollectGarbage it seemed the android compiler no longer kept the value around and hence the test started failing. I have now moved the RELEASE_ASSERT down to after the point where we do the conservative GC which makes the test pass on android again. > > I uploaded the unfixed diff first and then a second diff (moved RELEASE_ASSERT) with the fix. > > R=ager@chromium.org, erik.corry@gmail.com, haraken@chromium.org, oilpan-reviews@chromium.org, sigbjornf@opera.com, tkent@chromium.org, zerny@chromium.org > BUG= > > Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=178845 NOTRY=true NOTREECHECKS=true Review URL: https://codereview.chromium.org/464253002 git-svn-id: svn://svn.chromium.org/blink/trunk@180160 bbb929c8-8fbe-4397-9dbb-9b2b20218538

of https://codereview.chromium.org/475803002/) Reason for revert: 'common' should not be aware of profiler. Original issue's description: > Make profiling lock global rather than per Target > > We should pause any actions that could affect performance if any of the targets is being profiled, not only current target. > > BUG=403684 > R=sergeyv@chromium.org > > Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=180336 TBR=sergeyv@chromium.org,apavlov@chromium.org,yurys@chromium.org NOTREECHECKS=true NOTRY=true BUG=403684 Review URL: https://codereview.chromium.org/471393002 git-svn-id: svn://svn.chromium.org/blink/trunk@180342 bbb929c8-8fbe-4397-9dbb-9b2b20218538

#2) The previous commit was rolled out because it did not make the required changes to PaintInvalidationState in order to teach it how to cross frame boundaries. Previously, the *actual* paint invalidation container, meaning the enclosing compositing layer / root RenderView, could already have been across a frame boundary. The logic to do this correctly was done via special code in RenderView. Instead, generalize the existing mechanisms to find a paint invalidation container and map rects to repaint container coordinate space to cross frame boundaries. This simplifies the code, and also causes paint invalidation rects to always be stored in the coordinate space of their graphics layer backing. The latter is important if we want to use these rects for determining which parts of a graphics layer need to be painted. BUG= Review URL: https://codereview.chromium.org/482063005 git-svn-id: svn://svn.chromium.org/blink/trunk@180736 bbb929c8-8fbe-4397-9dbb-9b2b20218538

…#2 of https://codereview.chromium.org/491773002/) Reason for revert: Breaking android bots most of the time Original issue's description: > Directly composited images are images: ASSERT that > > isDirectlyCompositedImage only applies to images. ASSERT that and > make callers do all the isImage() testing. > > BUG=405803 > > Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=180721 TBR=vollick@chromium.org,benm@chromium.org,noel@chromium.org NOTREECHECKS=true NOTRY=true BUG=405803 Review URL: https://codereview.chromium.org/497143002 git-svn-id: svn://svn.chromium.org/blink/trunk@180779 bbb929c8-8fbe-4397-9dbb-9b2b20218538

makeContextCurrent() has two roles; 1. Initialize. 2. Makes the OpenGL context current on the current thread. #2 is the legacy of WebKit and chromium GPU architecture doesn't require it. So all #2 usages are removed. BUG=404121 Review URL: https://codereview.chromium.org/481433002 git-svn-id: svn://svn.chromium.org/blink/trunk@181032 bbb929c8-8fbe-4397-9dbb-9b2b20218538

…patchset #2 id:40001 of https://codereview.chromium.org/544573002/) Reason for revert: calls V8 from a non-V8 context Original issue's description: > Mixed Content: Move subframe checks into ResourceFetcher. > > Currently we're checking for mixed content when loading the main > resource of subframes in two places: DocumentLoader and ResourceFetcher. > The former properly checks against the frame's parent frame, while the > latter bypasses the checks entirely by virtue of the request's > 'Resource::Type' being 'Main'. > > This is both confusing and difficult to replicate when moving to the > brave new world of request contexts and frame types that Fetch now > defines. > > This patch drops the DocumentLoader check, and moves the relevant > logic into ResourceFetcher::canRequest and > ResourceFetcher::checkInsecureContent. > > BUG=400087 > > Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=181383 TBR=mkwst@chromium.org NOTREECHECKS=true NOTRY=true BUG=400087 Review URL: https://codereview.chromium.org/550083003 git-svn-id: svn://svn.chromium.org/blink/trunk@181543 bbb929c8-8fbe-4397-9dbb-9b2b20218538

…hset #2 id:20001 of https://codereview.chromium.org/550163003/) Reason for revert: Many tests failed on WinXP because of different underline position. Original issue's description: > Go back to old underline position and thickness logic > > In r174431 from May this year we changed the underline position and > thickness logic to respect the underline data specified in the font. > While this improved rendering for certain fonts and scripts it did cause > a regression for others. This change reverts to the old behavior while > we figure out how to handle fonts with inaccurate or undesirable > metrics. > > BUG=408075 > R=scottmg@chromium.org, cpu@chromium.org > > Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=181591 TBR=scottmg@chromium.org,cpu@chromium.org,eae@chromium.org NOTREECHECKS=true NOTRY=true BUG=408075 Review URL: https://codereview.chromium.org/557653002 git-svn-id: svn://svn.chromium.org/blink/trunk@181607 bbb929c8-8fbe-4397-9dbb-9b2b20218538

…Fetcher. (patchset #1 id:1 of https://codereview.chromium.org/550083003/) Reason for revert: This wasn't the root cause of the non-V8 context call. Original issue's description: > Revert of Mixed Content: Move subframe checks into ResourceFetcher. (patchset #2 id:40001 of https://codereview.chromium.org/544573002/) > > Reason for revert: > calls V8 from a non-V8 context > > Original issue's description: > > Mixed Content: Move subframe checks into ResourceFetcher. > > > > Currently we're checking for mixed content when loading the main > > resource of subframes in two places: DocumentLoader and ResourceFetcher. > > The former properly checks against the frame's parent frame, while the > > latter bypasses the checks entirely by virtue of the request's > > 'Resource::Type' being 'Main'. > > > > This is both confusing and difficult to replicate when moving to the > > brave new world of request contexts and frame types that Fetch now > > defines. > > > > This patch drops the DocumentLoader check, and moves the relevant > > logic into ResourceFetcher::canRequest and > > ResourceFetcher::checkInsecureContent. > > > > BUG=400087 > > > > Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=181383 > > TBR=mkwst@chromium.org > NOTREECHECKS=true > NOTRY=true > BUG=400087 > > Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=181543 TBR=jochen@chromium.org NOTREECHECKS=true NOTRY=true BUG=400087 Review URL: https://codereview.chromium.org/559333002 git-svn-id: svn://svn.chromium.org/blink/trunk@181798 bbb929c8-8fbe-4397-9dbb-9b2b20218538

…idatePaintForWholeRenderer (patchset #2 id:70001 of https://codereview.chromium.org/574773002/) Reason for revert: The RenderText change needs to be reverted because it causes failure of some chromium browsertest. Original issue's description: > Revert of Temporarily let DocumentMakerController use invalidatePaintForWholeRenderer (patchset #3 id:60001 of https://codereview.chromium.org/499493003/) > > Reason for revert: > We have fixed the RenderText invalidation issue (crbug.com/394133). > > Original issue's description: > > Temporarily let DocumentMakerController use invalidatePaintForWholeRenderer > > > > setShouldDoFullPaintInvalidation doesn't work for RenderText yet. > > > > BUG=405501 > > > > Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=180877 > > TBR=jchaffraix@chromium.org,esprehn@chromium.org,leviw@chromium.org > BUG=405501 > > Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=182089 TBR=jchaffraix@chromium.org,esprehn@chromium.org,leviw@chromium.org NOTREECHECKS=true NOTRY=true BUG=405501 Review URL: https://codereview.chromium.org/574913002 git-svn-id: svn://svn.chromium.org/blink/trunk@182126 bbb929c8-8fbe-4397-9dbb-9b2b20218538

…tests. (patchset #2 id:20001 of https://codereview.chromium.org/591563002/) Reason for revert: Reverting, since this broke mac bots: UnicodeEncodeError raised: 'ascii' codec can't encode characters in position 11332-11333: ordinal not in range(128) Original issue's description: > Try #3 to fix the android layout tests crash in run-webkit-tests. > > This patch forcibly reencodes to ASCII at a different layer, matching > where we're actually seeing the stack trace. This seems like an > overly broad solution, but may at least get us past the crash so I can > see where things might really be failing. > > This change also backs out the change in r182282, since it didn't seem > to help anything. > > TBR=peter@chromium.org > BUG=386343 > > Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=182358 TBR=peter@chromium.org,dpranke@chromium.org NOTREECHECKS=true NOTRY=true BUG=386343 Review URL: https://codereview.chromium.org/590983002 git-svn-id: svn://svn.chromium.org/blink/trunk@182387 bbb929c8-8fbe-4397-9dbb-9b2b20218538

…(patchset #2 id:20001 of https://codereview.chromium.org/603883002/) Reason for revert: Broke several cross-site iframe tests. Original issue's description: > Remove default args to several PageWidgetDelegate members. > > No one passes the correct local root here yet; eventually, something.... > > BUG=411993 > > Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=182705 TBR=japhet@chromium.org,kenrb@chromium.org NOTREECHECKS=true NOTRY=true BUG=411993 Review URL: https://codereview.chromium.org/600823005 git-svn-id: svn://svn.chromium.org/blink/trunk@182716 bbb929c8-8fbe-4397-9dbb-9b2b20218538

…ation names clash (patchset #2 id:20001 of https://codereview.chromium.org/607893002/) Reason for revert: This patch makes the "build_applications" target always dirty. Original issue's description: > DevTools: Avoid build errors when dynamic module and application names clash > > This is a provisional fix that should let developers name > dynamically loaded modules the same as existing applications. > > Drive-by: > - Clean up devtools.gypi > - Stop generating obsolete code when concatenating workers > > R=dgozman, pfeldman, yurys > > Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=182769 TBR=dgozman@chromium.org,pfeldman@chromium.org,yurys@chromium.org NOTREECHECKS=true NOTRY=true Review URL: https://codereview.chromium.org/607113002 git-svn-id: svn://svn.chromium.org/blink/trunk@182775 bbb929c8-8fbe-4397-9dbb-9b2b20218538

id:20001 of https://codereview.chromium.org/609793002/) Reason for revert: This patch, probably, broke AccesibilityDl test on Mac http://build.chromium.org/p/chromium.webkit/builders/Win7%20Tests/builds/5898 Original issue's description: > Add AX role ,'AXDescriptionList', for dl element. > > There are related patches from WebKit, the patch written by > James Craig<james@cookiecrook.com> wkrev.com/147520 and the > patch written by Mario Sanchez Prada <mario.prada@samsung.com> > wkrev.com/161492. > And I modified them based on the current blink. > > BUG=226505 > > Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=182813 TBR=dmazzoni@chromium.org,je_julie.kim@samsung.com NOTREECHECKS=true NOTRY=true BUG=226505 Review URL: https://codereview.chromium.org/616553002 git-svn-id: svn://svn.chromium.org/blink/trunk@182847 bbb929c8-8fbe-4397-9dbb-9b2b20218538

…try 2. (patchset #2 id:20001 of https://codereview.chromium.org/604463004/) Reason for revert: Causing crashes on canary. Original issue's description: > Remove default args to several PageWidgetDelegate members, try 2. > > BUG=411993 > > Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=182737 TBR=japhet@chromium.org,kenrb@chromium.org NOTREECHECKS=true NOTRY=true BUG=411993 Review URL: https://codereview.chromium.org/598503003 git-svn-id: svn://svn.chromium.org/blink/trunk@182873 bbb929c8-8fbe-4397-9dbb-9b2b20218538

…tchset #2 id:20001 of https://codereview.chromium.org/408293002/) Reason for revert: HTML spec has been modified [1] to disable support for :enabled CSS selector on Anchor, Area & Link elements, after discussion on W3C Bugzilla [2]. [1] https://html5.org/r/8818 [2] https://www.w3.org/Bugs/Public/show_bug.cgi?id=26622 Original issue's description: > Support for :enabled selector on Anchor & Area elements > > Updates the PseudoEnabled selector checker to check for Anchor & Area > elements with a link. Reverts ef7563d > which removed relevant Shadow DOM tests. > > Spec: http://html.spec.whatwg.org/#selector-enabled > > BUG=393105 > > Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=179427 TBR=esprehn@chromium.org,alexis.menard@intel.com,dglazkov@chromium.org,jchaffraix@chromium.org BUG=393105 Review URL: https://codereview.chromium.org/610683002 git-svn-id: svn://svn.chromium.org/blink/trunk@182932 bbb929c8-8fbe-4397-9dbb-9b2b20218538

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

can't set source dynamically #2

can't set source dynamically #2

nwtn commented Apr 17, 2013

can't set source dynamically #2

can't set source dynamically #2

Comments

nwtn commented Apr 17, 2013