Bug 125294

Created attachment 218495 [details] patch 1: work in progress. Not review worthy.

Comment on attachment 218495 [details] patch 1: work in progress. Not review worthy. Patch 1 works for the C Loop LLINT, but causes an assertion failure on JIT runs (which needs to be fixed). It's not review worthy yet.

Comment on attachment 218495 [details] patch 1: work in progress. Not review worthy. Attachment 218495 [details] did not pass mac-wk2-ews (mac-wk2): Output: http://webkit-queues.appspot.com/results/39228243 New failing tests: webgl/1.0.2/conformance/more/functions/drawArrays.html webgl/1.0.1/conformance/more/functions/vertexAttribPointerBadArgs.html js/dom/dfg-proto-stub-watchpoint-fire.html webgl/1.0.1/conformance/more/functions/vertexAttribBadArgs.html webgl/1.0.1/conformance/more/functions/uniformiBadArgs.html webgl/1.0.1/conformance/more/functions/uniformfBadArgs.html webgl/1.0.2/conformance/more/functions/copyTexSubImage2DBadArgs.html webgl/1.0.1/conformance/more/functions/copyTexImage2DBadArgs.html webgl/1.0.2/conformance/more/functions/vertexAttribBadArgs.html webgl/1.0.1/conformance/more/functions/drawArrays.html js/sort-randomly.html webgl/1.0.2/conformance/more/functions/bufferSubDataBadArgs.html webgl/1.0.2/conformance/more/functions/drawArraysOutOfBounds.html webgl/1.0.2/conformance/more/functions/copyTexImage2DBadArgs.html webgl/1.0.2/conformance/more/functions/uniformMatrixBadArgs.html webgl/1.0.2/conformance/more/functions/uniformiBadArgs.html js/polymorphic-construct.html webgl/1.0.1/conformance/more/functions/drawArraysOutOfBounds.html webgl/1.0.2/conformance/more/functions/drawElementsBadArgs.html webgl/1.0.1/conformance/more/functions/uniformMatrixBadArgs.html webgl/1.0.1/conformance/more/functions/bufferSubDataBadArgs.html webgl/1.0.2/conformance/more/functions/vertexAttribPointerBadArgs.html webgl/1.0.1/conformance/more/functions/drawElementsBadArgs.html fast/media/w3c/test_media_queries.html webgl/1.0.1/conformance/more/functions/drawElements.html webgl/1.0.2/conformance/more/functions/drawElements.html webgl/1.0.2/conformance/more/functions/uniformfBadArgs.html js/apply-varargs.html fast/table/recalc-section-first-body-crash-main.html webgl/1.0.1/conformance/more/functions/copyTexSubImage2DBadArgs.html

Created attachment 218499 [details] Archive of layout-test-results from webkit-ews-15 for mac-mountainlion-wk2 The attached test failures were seen while running run-webkit-tests on the mac-wk2-ews. Bot: webkit-ews-15 Port: mac-mountainlion-wk2 Platform: Mac OS X 10.8.5

Created attachment 218508 [details] patch 2: JIT issue fixed. patch 2 is ready for a review. When the C Loop build is run against the layout tests, there are some assertion failures which results in crashes in the following tests (amongst others): 1. fast/frames/sandboxed-iframe-plugins.html 2. fast/frames/sandboxed-iframe-navigation-allowed.html 3. fast/frames/sandboxed-iframe-about-blank.html 4. fast/replaced/no-focus-ring-object.html These exist in ToT independent of this patch. I'll look into them in a separate bug later.

Attachment 218508 [details] did not pass style-queue: Failed to run "['Tools/Scripts/check-webkit-style', '--diff-files', u'Source/JavaScriptCore/ChangeLog', u'Source/JavaScriptCore/interpreter/CachedCall.h', u'Source/JavaScriptCore/interpreter/CallFrameClosure.h', u'Source/JavaScriptCore/interpreter/Interpreter.cpp', u'Source/JavaScriptCore/interpreter/Interpreter.h', u'Source/JavaScriptCore/interpreter/JSStack.h', u'Source/JavaScriptCore/interpreter/JSStackInlines.h', u'Source/JavaScriptCore/interpreter/ProtoCallFrame.h', u'Source/JavaScriptCore/jit/JITCode.cpp', u'Source/JavaScriptCore/jit/JITCode.h', u'Source/JavaScriptCore/jit/JITExceptions.cpp', u'Source/JavaScriptCore/llint/LLIntCLoop.cpp', u'Source/JavaScriptCore/llint/LLIntCLoop.h', u'Source/JavaScriptCore/llint/LLIntEntrypoint.cpp', u'Source/JavaScriptCore/llint/LLIntOpcode.h', u'Source/JavaScriptCore/llint/LLIntThunks.cpp', u'Source/JavaScriptCore/llint/LLIntThunks.h', u'Source/JavaScriptCore/llint/LowLevelInterpreter.cpp', u'Source/JavaScriptCore/runtime/Executable.h', u'Source/JavaScriptCore/runtime/JSArray.cpp', u'Source/JavaScriptCore/runtime/StringPrototype.cpp', u'Source/JavaScriptCore/runtime/VM.cpp', '--commit-queue']" exit_code: 1 ERROR: Source/JavaScriptCore/ChangeLog:17: Line contains tab character. [whitespace/tab] [5] Total errors found: 1 in 19 files If any of these errors are false positives, please file a bug against check-webkit-style.

Comment on attachment 218508 [details] patch 2: JIT issue fixed. Lgtm but I think it could use a second review.

Comment on attachment 218508 [details] patch 2: JIT issue fixed. r=me. Fix the tab in the change log.

Thanks for the reviews. Landed in r160186: <http://trac.webkit.org/r160186>.