Re: [webkit-dev] stack alignment bug
Hi, actually there was a bug which took me a day to find out what happened. It was somewhere deep in libc, called by a function in DateMath.cpp. It seemed that the stack was overwritten. By libc??? I can't belive it. Finally I realized that gcc's alloca realigned the stack (to 8 bytes on ARM), so everything was in a wrong place (looked overwritten at first sight). My fake stack pointer idea: fake_sp: any non-volatile general purpose register JIT_entry: mov fake_sp, sp sub sp, sp, 32 ; I belive this is enough for the JIT, ; correct me if I am wrong ; use fake_sp instead of sp for push/pops JIT_leava: add sp, sp, 32 I hope this even works for PPC (if someone ever wants to port the JIT to old macs). Zoltan Zoltan, I filed a bug here: https://bugs.webkit.org/show_bug.cgi?id=26164 Stack is originally aligned then jit code destroys it; and, some data structure or point to double is not aligned and I'm still trying to find where they are. I'm not sure how the fake stack would be, would you mind explains a bit more? Did you face same problem? Thanks also for your articles that gives new ideas. rgds joe --- On Wed, 6/3/09, Zoltan Herczeg zherc...@inf.u-szeged.hu wrote: From: Zoltan Herczeg zherc...@inf.u-szeged.hu Subject: Re: [webkit-dev] stack alignment bug To: x yz last...@yahoo.com Cc: webkit-dev@lists.webkit.org Date: Wednesday, June 3, 2009, 7:35 PM Hi, true, some architectures have strict policies for stack handling. Perhaps the worst one is PowerPC with its organized stack frame (back chains, pre-defined register save areas, etc). I think a fake stack pointer for JIT can solve the x86 compatibility problem. 1) allocate enough aligned stack space for the worst case when you enter to JIT 2) the fake stack pointer should use this pre-allocated stack frame. Zoltan I don't know how to file bug so I posted here. In privateCompileCTIMachineTrampolines() there are multiple align() to align code on 16byte margin, yet, the stack can be put on 32bit margin that causes crush. Suppose original stack is aligned to 8/16bytes, the above function frequently pop/push regT3 that makes stack mis-aligned. Then int to double conversion uses stack that will fail. rgds joe ___ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
Re: [webkit-dev] stack alignment bug
Hi Zoltan, I'm a little confused – maybe I'm misunderstanding you, but the JIT does just subtract a fixed amount from the stack pointer on entry (28 on x86, for a total frame size including return address, caller frame pointer and callee preserved registers of 48, a multiple of 16 to preserve stack alignment). All JIT code then runs at the same stack depth. The only pops in the JIT are simply removing the the return address implicitly pushed on x86, and the only pushes (bar a function call in put property access transition realloc) are restoring the return address prior to a return (or a tail call). It is not clear to me what you're envisaging 'fake_sp' would be used for. I've just landed a patch to move the pushes pops in wrapper functions, and to switch put transition realloc to use a regular function call, hopefully this tidies things up a little. cheers, G. On Jun 4, 2009, at 1:19 AM, Zoltan Herczeg wrote: Hi, actually there was a bug which took me a day to find out what happened. It was somewhere deep in libc, called by a function in DateMath.cpp. It seemed that the stack was overwritten. By libc??? I can't belive it. Finally I realized that gcc's alloca realigned the stack (to 8 bytes on ARM), so everything was in a wrong place (looked overwritten at first sight). My fake stack pointer idea: fake_sp: any non-volatile general purpose register JIT_entry: mov fake_sp, sp sub sp, sp, 32 ; I belive this is enough for the JIT, ; correct me if I am wrong ; use fake_sp instead of sp for push/pops JIT_leava: add sp, sp, 32 I hope this even works for PPC (if someone ever wants to port the JIT to old macs). Zoltan Zoltan, I filed a bug here: https://bugs.webkit.org/show_bug.cgi?id=26164 Stack is originally aligned then jit code destroys it; and, some data structure or point to double is not aligned and I'm still trying to find where they are. I'm not sure how the fake stack would be, would you mind explains a bit more? Did you face same problem? Thanks also for your articles that gives new ideas. rgds joe --- On Wed, 6/3/09, Zoltan Herczeg zherc...@inf.u-szeged.hu wrote: From: Zoltan Herczeg zherc...@inf.u-szeged.hu Subject: Re: [webkit-dev] stack alignment bug To: x yz last...@yahoo.com Cc: webkit-dev@lists.webkit.org Date: Wednesday, June 3, 2009, 7:35 PM Hi, true, some architectures have strict policies for stack handling. Perhaps the worst one is PowerPC with its organized stack frame (back chains, pre-defined register save areas, etc). I think a fake stack pointer for JIT can solve the x86 compatibility problem. 1) allocate enough aligned stack space for the worst case when you enter to JIT 2) the fake stack pointer should use this pre-allocated stack frame. Zoltan I don't know how to file bug so I posted here. In privateCompileCTIMachineTrampolines() there are multiple align() to align code on 16byte margin, yet, the stack can be put on 32bit margin that causes crush. Suppose original stack is aligned to 8/16bytes, the above function frequently pop/push regT3 that makes stack mis-aligned. Then int to double conversion uses stack that will fail. rgds joe ___ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev ___ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
Re: [webkit-dev] stack alignment bug
Hi Gavin, the alignment error was not your fault. When you start porting the JIT, you need to keep many things in your head, and I totally forgot about stack alignment. The entry and exit functions are not portable, and you have to arrange the stack frame by yourself for your architecture. I am happy that pushes/pops are removed entirely from the code, but perhaps the new inline functions should be moved to macro assembler level. Pushes and pops are x86 helpers instructions, since x86-32 has only 8 general purpose registers. We have no idea when and how they are used (especially not in the future), that is why I came up with the fake stack. Of course it would be better to remove them. (And use the link register on non-x86 machines) By the way, could you take a look at our macro-assembler based ARM JIT port (bug #24986) Regards Zoltan Hi Zoltan, I'm a little confused – maybe I'm misunderstanding you, but the JIT does just subtract a fixed amount from the stack pointer on entry (28 on x86, for a total frame size including return address, caller frame pointer and callee preserved registers of 48, a multiple of 16 to preserve stack alignment). All JIT code then runs at the same stack depth. The only pops in the JIT are simply removing the the return address implicitly pushed on x86, and the only pushes (bar a function call in put property access transition realloc) are restoring the return address prior to a return (or a tail call). It is not clear to me what you're envisaging 'fake_sp' would be used for. I've just landed a patch to move the pushes pops in wrapper functions, and to switch put transition realloc to use a regular function call, hopefully this tidies things up a little. cheers, G. On Jun 4, 2009, at 1:19 AM, Zoltan Herczeg wrote: Hi, actually there was a bug which took me a day to find out what happened. It was somewhere deep in libc, called by a function in DateMath.cpp. It seemed that the stack was overwritten. By libc??? I can't belive it. Finally I realized that gcc's alloca realigned the stack (to 8 bytes on ARM), so everything was in a wrong place (looked overwritten at first sight). My fake stack pointer idea: fake_sp: any non-volatile general purpose register JIT_entry: mov fake_sp, sp sub sp, sp, 32 ; I belive this is enough for the JIT, ; correct me if I am wrong ; use fake_sp instead of sp for push/pops JIT_leava: add sp, sp, 32 I hope this even works for PPC (if someone ever wants to port the JIT to old macs). Zoltan Zoltan, I filed a bug here: https://bugs.webkit.org/show_bug.cgi?id=26164 Stack is originally aligned then jit code destroys it; and, some data structure or point to double is not aligned and I'm still trying to find where they are. I'm not sure how the fake stack would be, would you mind explains a bit more? Did you face same problem? Thanks also for your articles that gives new ideas. rgds joe --- On Wed, 6/3/09, Zoltan Herczeg zherc...@inf.u-szeged.hu wrote: From: Zoltan Herczeg zherc...@inf.u-szeged.hu Subject: Re: [webkit-dev] stack alignment bug To: x yz last...@yahoo.com Cc: webkit-dev@lists.webkit.org Date: Wednesday, June 3, 2009, 7:35 PM Hi, true, some architectures have strict policies for stack handling. Perhaps the worst one is PowerPC with its organized stack frame (back chains, pre-defined register save areas, etc). I think a fake stack pointer for JIT can solve the x86 compatibility problem. 1) allocate enough aligned stack space for the worst case when you enter to JIT 2) the fake stack pointer should use this pre-allocated stack frame. Zoltan I don't know how to file bug so I posted here. In privateCompileCTIMachineTrampolines() there are multiple align() to align code on 16byte margin, yet, the stack can be put on 32bit margin that causes crush. Suppose original stack is aligned to 8/16bytes, the above function frequently pop/push regT3 that makes stack mis-aligned. Then int to double conversion uses stack that will fail. rgds joe ___ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev ___ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev ___ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
[webkit-dev] What's going on with the debug Leopard bot on build.webkit.org?
This bot has had 93 tests failing for quite some time. Does anyone know what's causing these failures? -Adam ___ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
[webkit-dev] Coding style
Hi there, I'm having a question regarding the coding style. According to 2. An else statement should go on the same line as a preceding close brace. I would always need a brace when using if-else, in order to but the else statement on the same line as the preceding close brace, is this right? or would something like this is OK: if (condition) func1(); else func2(); And what about this case if (condition) func1(); else { func2(); func3(); } It would be nice to have this defined in the coding style, as well as adding the case that when you have a comment inside a one line if statement you will need braces, like if (condition) { // comment func() } Cheers, Kenneth ___ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
[webkit-dev] How to disable webkit image loading
Hi, Is there any configuration/setting in the code which can dynamically enable/disable image loading? If yes, can you please tell me how to do that in the code? Thank you. ___ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
Re: [webkit-dev] Coding style
OK, done! :-) https://bugs.webkit.org/show_bug.cgi?id=26188 Cheers, Kenneth On Thu, Jun 4, 2009 at 12:13 PM, David Kilzer ddkil...@webkit.org wrote: Hi Kenneth, The examples you give below are correct (with the exception of the number of spaces used to indent the code in the else blocks). Please file a bug on bugs.webkit.org and attach a patch. The webkit.org web site is in the svn repository, so you may create patches against the HTML. Thanks! Dave From: Kenneth Christiansen kenneth.christian...@openbossa.org To: webkit-dev webkit-dev@lists.webkit.org Sent: Thursday, June 4, 2009 7:52:29 AM Subject: [webkit-dev] Coding style Hi there, I'm having a question regarding the coding style. According to 2. An else statement should go on the same line as a preceding close brace. I would always need a brace when using if-else, in order to but the else statement on the same line as the preceding close brace, is this right? or would something like this is OK: if (condition) func1(); else func2(); And what about this case if (condition) func1(); else { func2(); func3(); } It would be nice to have this defined in the coding style, as well as adding the case that when you have a comment inside a one line if statement you will need braces, like if (condition) { // comment func() } Cheers, Kenneth ___ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev ___ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
Re: [webkit-dev] Coding style
I've thought rule of the rule as this Control clauses (including any preceeding comments) that are one* physical *line should not use braces. So something like if (test) { myFunction(reallyLongParam1, reallyLongParam2, ... reallyLongParam4); } would also have braces. Is that how others interpret it? Dave On Thu, Jun 4, 2009 at 9:50 AM, Kenneth Christiansen kenneth.christian...@openbossa.org wrote: OK, done! :-) https://bugs.webkit.org/show_bug.cgi?id=26188 Cheers, Kenneth On Thu, Jun 4, 2009 at 12:13 PM, David Kilzer ddkil...@webkit.org wrote: Hi Kenneth, The examples you give below are correct (with the exception of the number of spaces used to indent the code in the else blocks). Please file a bug on bugs.webkit.org and attach a patch. The webkit.orgweb site is in the svn repository, so you may create patches against the HTML. Thanks! Dave From: Kenneth Christiansen kenneth.christian...@openbossa.org To: webkit-dev webkit-dev@lists.webkit.org Sent: Thursday, June 4, 2009 7:52:29 AM Subject: [webkit-dev] Coding style Hi there, I'm having a question regarding the coding style. According to 2. An else statement should go on the same line as a preceding close brace. I would always need a brace when using if-else, in order to but the else statement on the same line as the preceding close brace, is this right? or would something like this is OK: if (condition) func1(); else func2(); And what about this case if (condition) func1(); else { func2(); func3(); } It would be nice to have this defined in the coding style, as well as adding the case that when you have a comment inside a one line if statement you will need braces, like if (condition) { // comment func() } Cheers, Kenneth ___ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev ___ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev ___ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
[webkit-dev] Automatically generated -expected.txt is missing editing delegate
Hi, I'm trying to generate -expected.txt with editing delegate information for test cases in editing/execCommand (revision: 44389), but it seems like run-webkit-tests doesn't generate editing delegate. Is it platform specific problem (I'm trying to do this on Windows)? Or is there some option to turn on editing delegate? Ryosuke Niwa ___ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
Re: [webkit-dev] Automatically generated -expected.txt is missing editing delegate
On Jun 4, 2009, at 12:41 PM, Ryosuke Niwa wrote: it seems like run-webkit-tests doesn't generate editing delegate. Is it platform specific problem (I'm trying to do this on Windows)? Yes, that's not implemented on Windows yet. -- Darin ___ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
Re: [webkit-dev] Question about CSS in Webkit
On Jun 4, 2009, at 1:19 PM, Nathan Summer wrote: My question is if the CSS information stored Twice? onces are in the internal data structure built after parsing the CSS and other is in RenderStyle? The CSS stores the style rules. The RenderStyle stores the actual style chosen for each element. This is analogous to the way the DOM stores the actual document elements, and the RenderObject stores the actual rendering chosen for each element. -- Darin ___ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
[webkit-dev] cti_op_call_ArityCheck question
I don't understand this code in JITStubs::cti_op_call_arityCheck(): ASSERT(argCount != newCodeBlock-m_numParameters); It's ensuring that the argument count does not equal the number of parameters expected by the newCodeBlock. I could understand if it was ensuring the argCount was the same, but why different? Toshi ___ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
Re: [webkit-dev] Question about CSS in Webkit
On Jun 4, 2009, at 3:24 PM, Darin Adler wrote: On Jun 4, 2009, at 1:19 PM, Nathan Summer wrote: My question is if the CSS information stored Twice? onces are in the internal data structure built after parsing the CSS and other is in RenderStyle? The CSS stores the style rules. The RenderStyle stores the actual style chosen for each element. This is analogous to the way the DOM stores the actual document elements, and the RenderObject stores the actual rendering chosen for each element. In terms of the CSS specification, you can think of RenderStyle as holding the computed values of properties. dave (hy...@apple.com) ___ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
Re: [webkit-dev] cti_op_call_ArityCheck question
On Jun 4, 2009, at 1:50 PM, Toshiyasu Morita wrote: I don't understand this code in JITStubs::cti_op_call_arityCheck(): ASSERT(argCount != newCodeBlock-m_numParameters); It's ensuring that the argument count does not equal the number of parameters expected by the newCodeBlock. I could understand if it was ensuring the argCount was the same, but why different? This slower code path must only be used when the number of parameters is not equal. If it was used when the number of parameters was equal, it would be a performance bug. -- Darin ___ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
Re: [webkit-dev] cti_op_call_ArityCheck question
We check in JIT code for cases where arity match, and skip the call to the stub; this function is only called if there is a mismatch to be resolved. The function would probably be better named something like 'cti_op_call_handleArityMismatch'. cheers, G. On Jun 4, 2009, at 1:50 PM, Toshiyasu Morita wrote: I don't understand this code in JITStubs::cti_op_call_arityCheck(): ASSERT(argCount != newCodeBlock-m_numParameters); It's ensuring that the argument count does not equal the number of parameters expected by the newCodeBlock. I could understand if it was ensuring the argCount was the same, but why different? Toshi ___ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev ___ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
Re: [webkit-dev] cti_op_call_ArityCheck question
Thanks guys. One request - please write more comments in the code to clarify situations like this. Toshi --- On Thu, 6/4/09, Darin Adler da...@apple.com wrote: From: Darin Adler da...@apple.com Subject: Re: [webkit-dev] cti_op_call_ArityCheck question To: Toshiyasu Morita tm_web...@yahoo.com Cc: webkit-dev@lists.webkit.org Date: Thursday, June 4, 2009, 8:54 PM On Jun 4, 2009, at 1:50 PM, Toshiyasu Morita wrote: I don't understand this code in JITStubs::cti_op_call_arityCheck(): ASSERT(argCount != newCodeBlock-m_numParameters); It's ensuring that the argument count does not equal the number of parameters expected by the newCodeBlock. I could understand if it was ensuring the argCount was the same, but why different? This slower code path must only be used when the number of parameters is not equal. If it was used when the number of parameters was equal, it would be a performance bug. -- Darin ___ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
Re: [webkit-dev] Rendering Video using video overlay rather than on a Cairo surface (Graphics overlay)
The first problem which i'm facing in this endaveour is of translating the coordinates from WebKit domain to the BCM Framebuffer. Basically the coordinates supplied in paint/setsize cannot be directly used on the native graphics software layer. Let me explain: I'm trying to render a web page of 1280x720, I also made sue that DirectFB creates a Frame Buffer of 1280x720 and then finally I made sure that output resolution of the display is also 1280x720. In this web page the Video Element is at an offset of x=300,y=300, w=160,120 with a Background Poster. when I try to create a rectangle with the supplied coordinates on the video plane, it does not completely cover the background poster, or in other words the coordinate cannot be directly used. Do you guys have some suggestion ? -Original Message- From: Simon Fraser [mailto:simon.fra...@apple.com] Sent: Sat 5/30/2009 8:52 AM To: Sriram Neelakandan Cc: Ajit Singh; webkit-dev@lists.webkit.org Subject: Re: [webkit-dev] Rendering Video using video overlay rather than on a Cairo surface (Graphics overlay) On May 29, 2009, at 10:12 PM, Sriram Neelakandan wrote: On Sat, May 30, 2009 at 9:44 AM, Ajit Singh ajit.si...@2wire.com wrote: a custom MIPS processor which has a dedicated video scalar on it. I guess the BCM7xxx chip must have an attribute window to control the Video and Graphics Plane blending. I want to render video using a video scalar instead of this Cairo surface. I came to know the video coordinates of the Videobox are inside paint function of MediaPlayerPrivateGstreamer.. What is the best way to do it? So what u can do is this: When the setSize/paint function gets called; size and rect indicate the visible video area to be displayed Setup the Attribute window to blend the Graphics over Video. In case you dont have an attribute window and use the Alpha bits in ARGB OSD mode ; then u will have to fill the necessary Alpha bits in your primary OSD plane ! Something else you should consider here is ways that the video can be clipped and transformed. Video should be clipped by CSS overflow and clip, and can also be scrolled inside an iframe. All these need to clip the video correctly. You should also consider CSS transforms, which can cause the video to be rotated, or scaled. Any solution which naively puts a hardware surface over some rect where the video is supposed to be will be broken in many cases. Now the tough job is to blend Graphics/HTML controls that the page will render on top of the Video plane That may require some hacking in the Renderer to see whats below and ensure we tweak the Alpha bits to bring Graphics on top for those player controls alone (with transparency maintained as per CSS rules !) Will be interested in knowing your proceedings .. This is exactly what the ACCELERATED_COMPOSITING code path does. There is currently a Core Animation backend for Mac (GraphicsLayerCA.mm); you'd have to write a backend for your compositing system if you wish to use this code path. Simon ___ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
Re: [webkit-dev] Rendering Video using video overlay rather than on a Cairo surface (Graphics overlay)
On Fri, Jun 5, 2009 at 9:56 AM, Ajit Singh ajit.si...@2wire.com wrote: The first problem which i'm facing in this endaveour is of translating the coordinates from WebKit domain to the BCM Framebuffer. Basically the coordinates supplied in paint/setsize cannot be directly used on the native graphics software layer. Do you guys have some suggestion ? Firstly the Webkit Coordinates is from the Window Origin of the Frame i guess. So who will add the offset for the Toolbar / Address Bar if any on top of the frame ? Also Most TVs (including HD LCD or PLASMA) do not display the full 1280x720 pixels on the screen. There is some amount of underscan that cuts off a few pixels from all the sides.. So my guess is you have to check what exactly is 0x0.. So even if the resolution is 1280x720 u dont actually display exactly from 0x0.. Basically there will be some X-offset and Y-offset which needs to be considerd... This is what i have seen with my development exp on HD platforms.. so i usually cut off a good 10-15% Not sure if this is the exact problem you are seeing. -Original Message- From: Simon Fraser [mailto:simon.fra...@apple.com] Sent: Sat 5/30/2009 8:52 AM To: Sriram Neelakandan Cc: Ajit Singh; webkit-dev@lists.webkit.org Subject: Re: [webkit-dev] Rendering Video using video overlay rather than on a Cairo surface (Graphics overlay) On May 29, 2009, at 10:12 PM, Sriram Neelakandan wrote: On Sat, May 30, 2009 at 9:44 AM, Ajit Singh ajit.si...@2wire.com wrote: a custom MIPS processor which has a dedicated video scalar on it. I guess the BCM7xxx chip must have an attribute window to control the Video and Graphics Plane blending. I want to render video using a video scalar instead of this Cairo surface. I came to know the video coordinates of the Videobox are inside paint function of MediaPlayerPrivateGstreamer.. What is the best way to do it? So what u can do is this: When the setSize/paint function gets called; size and rect indicate the visible video area to be displayed Setup the Attribute window to blend the Graphics over Video. In case you dont have an attribute window and use the Alpha bits in ARGB OSD mode ; then u will have to fill the necessary Alpha bits in your primary OSD plane ! Something else you should consider here is ways that the video can be clipped and transformed. Video should be clipped by CSS overflow and clip, and can also be scrolled inside an iframe. All these need to clip the video correctly. You should also consider CSS transforms, which can cause the video to be rotated, or scaled. Any solution which naively puts a hardware surface over some rect where the video is supposed to be will be broken in many cases. Now the tough job is to blend Graphics/HTML controls that the page will render on top of the Video plane That may require some hacking in the Renderer to see whats below and ensure we tweak the Alpha bits to bring Graphics on top for those player controls alone (with transparency maintained as per CSS rules !) Will be interested in knowing your proceedings .. This is exactly what the ACCELERATED_COMPOSITING code path does. There is currently a Core Animation backend for Mac (GraphicsLayerCA.mm); you'd have to write a backend for your compositing system if you wish to use this code path. Simon -- Sriram Neelakandan Author - Embedded Linux System Design And Development (http://tinyurl.com/2doosu) ___ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev