1. 14 May, 2011 18 commits
    • oliver@apple.com's avatar
      2011-05-13 Oliver Hunt <oliver@apple.com> · 4103716d
      oliver@apple.com authored
              Reviewed by Geoffrey Garen.
      
              Make GC validation more aggressive
              https://bugs.webkit.org/show_bug.cgi?id=60802
      
              This patch makes the checks performed under GC_VALIDATION
              much more aggressive, and adds the checks to more places
              in order to allow us to catch GC bugs much closer to the
              point of failure.
      
              * JavaScriptCore.exp:
              * JavaScriptCore.xcodeproj/project.pbxproj:
              * debugger/DebuggerActivation.cpp:
              (JSC::DebuggerActivation::visitChildren):
              * heap/MarkedBlock.cpp:
              (JSC::MarkedBlock::MarkedBlock):
              * heap/MarkedSpace.cpp:
              * runtime/Arguments.cpp:
              (JSC::Arguments::visitChildren):
              * runtime/Executable.cpp:
              (JSC::EvalExecutable::visitChildren):
              (JSC::ProgramExecutable::visitChildren):
              (JSC::FunctionExecutable::visitChildren):
              * runtime/Executable.h:
              * runtime/GetterSetter.cpp:
              (JSC::GetterSetter::visitChildren):
              * runtime/GetterSetter.h:
              * runtime/JSAPIValueWrapper.h:
              (JSC::JSAPIValueWrapper::createStructure):
              (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
              * runtime/JSActivation.cpp:
              (JSC::JSActivation::visitChildren):
              * runtime/JSArray.cpp:
              (JSC::JSArray::visitChildren):
              * runtime/JSCell.cpp:
              (JSC::slowValidateCell):
              * runtime/JSCell.h:
              (JSC::JSCell::JSCell::unvalidatedStructure):
              (JSC::JSCell::JSCell::JSCell):
              * runtime/JSFunction.cpp:
              (JSC::JSFunction::visitChildren):
              * runtime/JSGlobalObject.cpp:
              (JSC::JSGlobalObject::visitChildren):
              (JSC::slowValidateCell):
              * runtime/JSONObject.h:
              * runtime/JSObject.cpp:
              (JSC::JSObject::visitChildren):
              * runtime/JSPropertyNameIterator.cpp:
              (JSC::JSPropertyNameIterator::visitChildren):
              * runtime/JSPropertyNameIterator.h:
              * runtime/JSStaticScopeObject.cpp:
              (JSC::JSStaticScopeObject::visitChildren):
              * runtime/JSString.h:
              (JSC::RopeBuilder::JSString):
              * runtime/JSWrapperObject.cpp:
              (JSC::JSWrapperObject::visitChildren):
              * runtime/NativeErrorConstructor.cpp:
              (JSC::NativeErrorConstructor::visitChildren):
              * runtime/PropertyMapHashTable.h:
              (JSC::PropertyMapEntry::PropertyMapEntry):
              * runtime/RegExpObject.cpp:
              (JSC::RegExpObject::visitChildren):
              * runtime/ScopeChain.cpp:
              (JSC::ScopeChainNode::visitChildren):
              * runtime/ScopeChain.h:
              (JSC::ScopeChainNode::ScopeChainNode):
              * runtime/Structure.cpp:
              (JSC::Structure::Structure):
              (JSC::Structure::addPropertyTransition):
              (JSC::Structure::visitChildren):
              * runtime/Structure.h:
              (JSC::JSCell::classInfo):
              * runtime/StructureChain.cpp:
              (JSC::StructureChain::visitChildren):
              * runtime/StructureChain.h:
              * runtime/WriteBarrier.h:
              (JSC::validateCell):
              (JSC::JSCell):
              (JSC::JSGlobalObject):
              (JSC::WriteBarrierBase::set):
              (JSC::WriteBarrierBase::setMayBeNull):
              (JSC::WriteBarrierBase::setEarlyValue):
              (JSC::WriteBarrierBase::get):
              (JSC::WriteBarrierBase::operator*):
              (JSC::WriteBarrierBase::operator->):
              (JSC::WriteBarrierBase::unvalidatedGet):
              (JSC::WriteBarrier::WriteBarrier):
              * wtf/Assertions.h:
      2011-05-13  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoffrey Garen.
      
              Make GC validation more aggressive
              https://bugs.webkit.org/show_bug.cgi?id=60802
      
              This makes GC_VALIDATION much more aggressive in webcore,
              adding logic to every visitChildren method to ensure that
              the structure still has correct flags.
      
              Additionally every function generated for the dom bindings
              makes use of the new GC_VALIDATION object assertions to further
              ensure that the object appears to be sensible.
      
              * bindings/js/JSAttrCustom.cpp:
              (WebCore::JSAttr::visitChildren):
              * bindings/js/JSAudioContextCustom.cpp:
              (WebCore::JSAudioContext::visitChildren):
              * bindings/js/JSCSSRuleCustom.cpp:
              (WebCore::JSCSSRule::visitChildren):
              * bindings/js/JSCSSStyleDeclarationCustom.cpp:
              (WebCore::JSCSSStyleDeclaration::visitChildren):
              * bindings/js/JSCanvasRenderingContextCustom.cpp:
              (WebCore::JSCanvasRenderingContext::visitChildren):
              * bindings/js/JSDOMGlobalObject.cpp:
              (WebCore::JSDOMGlobalObject::visitChildren):
              (WebCore::JSDOMGlobalObject::setInjectedScript):
              * bindings/js/JSDOMWindowCustom.cpp:
              (WebCore::JSDOMWindow::visitChildren):
              * bindings/js/JSDOMWindowShell.cpp:
              (WebCore::JSDOMWindowShell::visitChildren):
              * bindings/js/JSEventListener.cpp:
              (WebCore::JSEventListener::JSEventListener):
              * bindings/js/JSEventListener.h:
              (WebCore::JSEventListener::jsFunction):
              * bindings/js/JSJavaScriptAudioNodeCustom.cpp:
              (WebCore::JSJavaScriptAudioNode::visitChildren):
              * bindings/js/JSMessageChannelCustom.cpp:
              (WebCore::JSMessageChannel::visitChildren):
              * bindings/js/JSMessagePortCustom.cpp:
              (WebCore::JSMessagePort::visitChildren):
              * bindings/js/JSNamedNodeMapCustom.cpp:
              (WebCore::JSNamedNodeMap::visitChildren):
              * bindings/js/JSNodeCustom.cpp:
              (WebCore::JSNode::visitChildren):
              * bindings/js/JSNodeFilterCustom.cpp:
              (WebCore::JSNodeFilter::visitChildren):
              * bindings/js/JSNodeIteratorCustom.cpp:
              (WebCore::JSNodeIterator::visitChildren):
              * bindings/js/JSSVGElementInstanceCustom.cpp:
              (WebCore::JSSVGElementInstance::visitChildren):
              * bindings/js/JSSharedWorkerCustom.cpp:
              (WebCore::JSSharedWorker::visitChildren):
              * bindings/js/JSStyleSheetCustom.cpp:
              (WebCore::JSStyleSheet::visitChildren):
              * bindings/js/JSTreeWalkerCustom.cpp:
              (WebCore::JSTreeWalker::visitChildren):
              * bindings/js/JSWebGLRenderingContextCustom.cpp:
              (WebCore::JSWebGLRenderingContext::visitChildren):
              * bindings/js/JSWorkerContextCustom.cpp:
              (WebCore::JSWorkerContext::visitChildren):
              * bindings/js/JSXMLHttpRequestCustom.cpp:
              (WebCore::JSXMLHttpRequest::visitChildren):
              * bindings/js/JSXPathResultCustom.cpp:
              (WebCore::JSXPathResult::visitChildren):
              * bindings/scripts/CodeGeneratorJS.pm:
      2011-05-13  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoffrey Garen.
      
              Make GC validation more aggressive
              https://bugs.webkit.org/show_bug.cgi?id=60802
      
              Add GC_VALIDATION calls to all the JSNPObject methods.
      
              * WebProcess/Plugins/Netscape/JSNPObject.cpp:
              (WebKit::JSNPObject::invalidate):
              (WebKit::JSNPObject::callMethod):
              (WebKit::JSNPObject::callObject):
              (WebKit::JSNPObject::callConstructor):
              (WebKit::JSNPObject::getCallData):
              (WebKit::JSNPObject::getConstructData):
              (WebKit::JSNPObject::getOwnPropertySlot):
              (WebKit::JSNPObject::getOwnPropertyDescriptor):
              (WebKit::JSNPObject::put):
              (WebKit::JSNPObject::getOwnPropertyNames):
              (WebKit::JSNPObject::propertyGetter):
              (WebKit::JSNPObject::methodGetter):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86499 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      4103716d
    • oliver@apple.com's avatar
      2011-05-14 Oliver Hunt <oliver@apple.com> · aa00ad0c
      oliver@apple.com authored
              Reviewed by Anders Carlsson.
      
              Make Qt bindings GC safe
              https://bugs.webkit.org/show_bug.cgi?id=60841
      
              Trying to do cache management by using "this" as a key from a GC
              object's destructor leads to a violation of GC semantics.  Make
              the qt bindings use a Weak<> handle for finalization.
      
              * bridge/qt/qt_runtime.cpp:
              (JSC::Bindings::QtRuntimeMethod::QtRuntimeMethod):
              (JSC::Bindings::QtRuntimeMethod::~QtRuntimeMethod):
              * bridge/qt/qt_runtime.h:
              (JSC::Bindings::QtRuntimeMethodData::finalize):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86498 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      aa00ad0c
    • ap@apple.com's avatar
      2011-05-14 Alexey Proskuryakov <ap@apple.com> · 3e84409c
      ap@apple.com authored
              Reviewed by Sam Weinig.
      
              WebKit2: Smart cut&paste is broken
              https://bugs.webkit.org/show_bug.cgi?id=60840
              <rdar://problem/9439927>
      
              * UIProcess/mac/TextCheckerMac.mm: (WebKit::TextChecker::isSmartInsertDeleteEnabled):
              Match WK1 - this default defaults to YES if not present.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86497 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      3e84409c
    • atwilson@chromium.org's avatar
      Unreviewed chromium expectations change. · ff67c135
      atwilson@chromium.org authored
      * platform/chromium/test_expectations.txt:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86496 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      ff67c135
    • mitz@apple.com's avatar
      WKView does not draw after forced repaint before the first update · 2c5eef49
      mitz@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=60845
      
      Reviewed by Alice Liu.
      
      * UIProcess/DrawingAreaProxy.h:
      (WebKit::DrawingAreaProxy::waitForBackingStoreUpdateOnNextPaint): Added.
      * UIProcess/DrawingAreaProxyImpl.cpp:
      (WebKit::DrawingAreaProxyImpl::waitForBackingStoreUpdateOnNextPaint): Set m_hasReceivedFirstUpdate
      to true, ensuring that paint() will wait for an update if needed.
      * UIProcess/DrawingAreaProxyImpl.h:
      * UIProcess/WebPageProxy.cpp:
      (WebKit::WebPageProxy::forceRepaint): Call DrawingAreaProxy::waitForBackingStoreUpdateOnNextPaint().
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86495 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      2c5eef49
    • andersca@apple.com's avatar
      2011-05-14 Anders Carlsson <andersca@apple.com> · d53f9c82
      andersca@apple.com authored
              Reviewed by Sam Weinig.
      
              Document the WantsMozillaUserAgent quirk and make it Windows specific
              https://bugs.webkit.org/show_bug.cgi?id=60843
      
              * Shared/Plugins/PluginQuirks.h:
              * WebProcess/Plugins/Netscape/NetscapePlugin.cpp:
              (WebKit::NetscapePlugin::userAgent):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86494 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d53f9c82
    • abarth@webkit.org's avatar
      2011-05-14 Arno Renevier <arno@renevier.net> · d540564f
      abarth@webkit.org authored
              Reviewed by Martin Robinson.
      
              make run-gtk-tests executable
              https://bugs.webkit.org/show_bug.cgi?id=59278
      
              * Scripts/run-gtk-tests:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86493 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d540564f
    • rniwa@webkit.org's avatar
      2011-05-14 Ryosuke Niwa <rniwa@webkit.org> · 2a3b3f76
      rniwa@webkit.org authored
              Reviewed by Eric Seidel.
      
              Make canHaveChildrenForEditing more efficient
              https://bugs.webkit.org/show_bug.cgi?id=53564
      
              Improved the performance (1-2% in release and 20% in debug) by adding virtual member function
              canContainRangeEndPoint to Node. It returns true whenever the associated node can have be a container
              node for a position.
      
              As of this revision, canContainRangeEndPoint returns true on Document, DocumentFragment, Text nodes
              and any elements except:
      
              HTML: applet, br, embed, frame, frameset, hr (unless has children), img, input, keygen,
                    meter, object (unless uses fallback content), output, progress, select, and textarea.
      
              No new tests are added since this change cannot be tested directly.
      
              * dom/Document.h:
              (WebCore::Document::canContainRangeEndPoint): Added; returns false.
              * dom/DocumentFragment.h:
              (WebCore::DocumentFragment::canContainRangeEndPoint): Added; returns true.
              * dom/Element.h:
              (WebCore::Element::canContainRangeEndPoint): Ditto.
              * dom/Node.h:
              (WebCore::Node::canContainRangeEndPoint): Added; returns false.
              * dom/Text.h:
              (WebCore::Text::canContainRangeEndPoint): Added; returns true.
              * editing/htmlediting.cpp: Removed editingIgnoresContent and canHaveChildrenForEditing.
              * editing/htmlediting.h:
              (WebCore::editingIgnoresContent): Moved from htmlediting.cpp; made it inline.
              (WebCore::canHaveChildrenForEditing): Ditto.
              * html/HTMLBRElement.h:
              (WebCore::HTMLBRElement::canContainRangeEndPoint): Added; returns false.
              * html/HTMLButtonElement.h:
              (WebCore::HTMLDataGridElement::canContainRangeEndPoint): Ditto.
              * html/HTMLFormControlElement.h:
              (WebCore::HTMLFormControlElementWithState::canContainRangeEndPoint): Ditto.
              * html/HTMLFrameElementBase.h:
              (WebCore::HTMLFrameElementBase::canContainRangeEndPoint): Ditto.
              * html/HTMLImageElement.h:
              (WebCore::HTMLImageElement::canContainRangeEndPoint): Ditto.
              * html/HTMLMeterElement.h:
              (WebCore::HTMLMeterElement::canContainRangeEndPoint): Ditto.
              * html/HTMLOutputElement.h:
              (WebCore::HTMLOutputElement::canContainRangeEndPoint): Ditto.
              * html/HTMLPlugInElement.h:
              (WebCore::HTMLPlugInElement::canContainRangeEndPoint): Ditto.
              * html/HTMLProgressElement.h:
              (WebCore::HTMLProgressElement::canContainRangeEndPoint): Ditto.
              * html/HTMLHRElement.h:
              (WebCore::HTMLHRElement::canContainRangeEndPoint): Added; returns true iff it has children.
              * html/HTMLObjectElement.h:
              (WebCore::HTMLObjectElement::canContainRangeEndPoint): Added; returns true iff it uses fallback
              content.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86491 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      2a3b3f76
    • andersca@apple.com's avatar
      * platform/qt/Skipped: · f8394750
      andersca@apple.com authored
      Add plugins/get-url-notify-with-url-that-fails-to-load.html to the skipped list.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86490 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      f8394750
    • andersca@apple.com's avatar
      2011-05-14 Anders Carlsson <andersca@apple.com> · 03ec1234
      andersca@apple.com authored
              Reviewed by Sam Weinig.
      
              Consolidate plug-in creation parameters to a single struct
              https://bugs.webkit.org/show_bug.cgi?id=60839
      
              * PluginProcess/PluginControllerProxy.cpp:
              (WebKit::PluginControllerProxy::create):
              (WebKit::PluginControllerProxy::PluginControllerProxy):
              * PluginProcess/PluginControllerProxy.h:
              * PluginProcess/PluginCreationParameters.cpp: Added.
              (WebKit::PluginCreationParameters::PluginCreationParameters):
              (WebKit::PluginCreationParameters::encode):
              (WebKit::PluginCreationParameters::decode):
              * PluginProcess/PluginCreationParameters.h: Added.
              * PluginProcess/WebProcessConnection.cpp:
              (WebKit::WebProcessConnection::createPlugin):
              * PluginProcess/WebProcessConnection.h:
              * PluginProcess/WebProcessConnection.messages.in:
              * Scripts/webkit2/messages.py:
              * WebKit2.xcodeproj/project.pbxproj:
              * WebProcess/Plugins/PluginProxy.cpp:
              (WebKit::PluginProxy::initialize):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86489 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      03ec1234
    • jer.noble@apple.com's avatar
      2011-05-14 Jeremy Noble <jer.noble@apple.com> · 5a4d18ec
      jer.noble@apple.com authored
              Reviewed by Darin Adler.
      
              Exiting full screen causes <video> element inline controls to become visible
              https://bugs.webkit.org/show_bug.cgi?id=60142
      
              * fullscreen/video-controls-override-expected.txt: Added.
              * fullscreen/video-controls-override.html: Added.
      2011-05-14  Jeremy Noble  <jer.noble@apple.com>
      
              Reviewed by Darin Adler.
      
              Exiting full screen causes <video> element inline controls to become visible
              https://bugs.webkit.org/show_bug.cgi?id=60142
      
              Create a queue of elements who must be targeted with webkitfullscreenchange events. Instead of dispatching
              a single event with whatever the current value of m_fullScreenElement is (which may have been cleared, or
              changed since the timer was asked to fire), dispatch one event for each entry in the queue.
      
              Test: fullscreen/video-controls-override.html
      
              * dom/Document.cpp:
              (WebCore::Document::webkitDidEnterFullScreenForElement): Push current full screen element onto the
                  webkitfullscreenchange event delay queue.
              (WebCore::Document::webkitDidExitFullScreenForElement): Ditto.
              (WebCore::Document::fullScreenElementRemoved): Ditto.
              (WebCore::Document::fullScreenChangeDelayTimerFired): Empty the queue, dispatching a
                  webkitfullscreenchange event for each entry.
              * dom/Document.h:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86488 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      5a4d18ec
    • andersca@apple.com's avatar
      2011-05-14 Anders Carlsson <andersca@apple.com> · 9ad633aa
      andersca@apple.com authored
              Reviewed by Kevin Decker.
      
              NPP_URLNotify is not called if a URL passed to NPN_GetURLNotify fails to load
              https://bugs.webkit.org/show_bug.cgi?id=60823
              <rdar://problem/9430386>
      
              Add test that calls NPN_GetURLNotify on a URL that can't be loaded, and checks if NPP_URLNotify is called.
      
              * DumpRenderTree/DumpRenderTree.gypi:
              * DumpRenderTree/DumpRenderTree.xcodeproj/project.pbxproj:
              * DumpRenderTree/TestNetscapePlugIn/Tests/GetURLNotifyWithURLThatFailsToLoad.cpp: Added.
              (GetURLNotifyWithURLThatFailsToLoad::GetURLNotifyWithURLThatFailsToLoad):
              (GetURLNotifyWithURLThatFailsToLoad::NPP_New):
              (GetURLNotifyWithURLThatFailsToLoad::NPP_URLNotify):
              * DumpRenderTree/TestNetscapePlugIn/win/TestNetscapePlugin.vcproj:
              * DumpRenderTree/qt/TestNetscapePlugin/TestNetscapePlugin.pro:
              * GNUmakefile.am:
      2011-05-14  Anders Carlsson  <andersca@apple.com>
      
              Reviewed by Kevin Decker.
      
              NPP_URLNotify is not called if a URL passed to NPN_GetURLNotify fails to load
              https://bugs.webkit.org/show_bug.cgi?id=60823
              <rdar://problem/9430386>
      
              Add test.
      
              * platform/gtk/Skipped:
              Add test to Skipped list since it apparently crashes.
      
              * plugins/get-url-notify-with-url-that-fails-to-load-expected.txt: Added.
              * plugins/get-url-notify-with-url-that-fails-to-load.html: Added.
      2011-05-14  Anders Carlsson  <andersca@apple.com>
      
              Reviewed by Kevin Decker.
      
              NPP_URLNotify is not called if a URL passed to NPN_GetURLNotify fails to load
              https://bugs.webkit.org/show_bug.cgi?id=60823
              <rdar://problem/9430386>
      
              If a plug-in stream fails to load before it's been started, we won't destroy the stream.
      
              * WebProcess/Plugins/Netscape/NetscapePluginStream.cpp:
              (WebKit::NetscapePluginStream::stop):
              Call notifyAndDestroyStream which will call NPP_URLNotify if necessary, and also destroy the stream.
      
              (WebKit::NetscapePluginStream::notifyAndDestroyStream):
              Pass the request URL to NPP_URLNotify, matching other browsers.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86487 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      9ad633aa
    • jer.noble@apple.com's avatar
      2011-05-14 Jer Noble <jer.noble@apple.com> · 704a434c
      jer.noble@apple.com authored
              Reviewed by Simon Fraser.
      
              Flashing window frame and graphical glitches after exiting full screen mode.
              https://bugs.webkit.org/show_bug.cgi?id=60825
      
              A layer-backed WebView throws an exception when moved from a layer-backed parent view
              to a non-layer-backed one, so make the WebView a child of the content view, instead of
              the animation view.  There is an unrelated fix in beganExitFullScreen, which was calling
              finishedExitFullScreenAnimation: instead of finishedEnterFullScreenAnimation: when
              notifications come out of order.
      
              * UIProcess/mac/WKFullScreenWindowController.mm:
              (-[WKFullScreenWindowController finishedEnterFullScreenAnimation:]): Add the _webView
                  to the full screen window's content view, instead of the _animationView.
              (-[WKFullScreenWindowController beganExitFullScreenAnimation]): Call
                  finishedEnterFullScreenAnimation: instead of finishedExitFullScreenAnimation:.
              (-[WKFullScreenWindowController enterAcceleratedCompositingMode:WebKit::]): Add the
                  _layerHostingView to the contentView, instead of the animationView.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86486 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      704a434c
    • paroga@webkit.org's avatar
      2011-05-14 Patrick Gansterer <paroga@webkit.org> · 1ba9a225
      paroga@webkit.org authored
              Reviewed by Andreas Kling.
      
              Buildfix for SharedTimerWx.cpp
              https://bugs.webkit.org/show_bug.cgi?id=60829
      
              * platform/wx/SharedTimerWx.cpp:
              (WebCore::WebKitTimer::WebKitTimer):
              We can't call the constructor of a base class in the body of the constructor.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86485 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      1ba9a225
    • paroga@webkit.org's avatar
      2011-05-14 Patrick Gansterer <paroga@webkit.org> · 4c91ff01
      paroga@webkit.org authored
              Unreviewed WinCE build fix for r86477.
      
              Remove the global namespace prefix from GlobalLock/GlobalUnlock.
      
              * platform/win/ClipboardUtilitiesWin.cpp:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86484 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      4c91ff01
    • ossy@webkit.org's avatar
      [Qt]fast/events/remove-target-in-mouseup* tests fail · 5a202018
      ossy@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=60833
      
      [Qt][GTK] plugins/get-url-with-javascript-url.html fails
      https://bugs.webkit.org/show_bug.cgi?id=60834
      
      * platform/qt/Skipped: Add failing tests.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86483 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      5a202018
    • ossy@webkit.org's avatar
      Unreviewed, rolling out r86469 and r86471, because they made hundreds tests crash on Qt. · 8c10d800
      ossy@webkit.org authored
      Make GC validation more aggressive
      https://bugs.webkit.org/show_bug.cgi?id=60802
      
      Source/JavaScriptCore:
      
      * JavaScriptCore.exp:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * debugger/DebuggerActivation.cpp:
      (JSC::DebuggerActivation::visitChildren):
      * heap/MarkedBlock.cpp:
      (JSC::MarkedBlock::MarkedBlock):
      * heap/MarkedSpace.cpp:
      * runtime/Arguments.cpp:
      (JSC::Arguments::visitChildren):
      * runtime/Executable.cpp:
      (JSC::EvalExecutable::visitChildren):
      (JSC::ProgramExecutable::visitChildren):
      (JSC::FunctionExecutable::visitChildren):
      * runtime/Executable.h:
      (JSC::ProgramExecutable::createStructure):
      (JSC::FunctionExecutable::createStructure):
      * runtime/GetterSetter.cpp:
      (JSC::GetterSetter::visitChildren):
      * runtime/GetterSetter.h:
      (JSC::GetterSetter::createStructure):
      * runtime/JSAPIValueWrapper.h:
      (JSC::JSAPIValueWrapper::createStructure):
      * runtime/JSActivation.cpp:
      (JSC::JSActivation::visitChildren):
      * runtime/JSArray.cpp:
      (JSC::JSArray::visitChildren):
      * runtime/JSCell.cpp:
      * runtime/JSCell.h:
      (JSC::JSCell::JSCell::JSCell):
      * runtime/JSFunction.cpp:
      (JSC::JSFunction::visitChildren):
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::visitChildren):
      * runtime/JSONObject.h:
      (JSC::JSONObject::createStructure):
      * runtime/JSObject.cpp:
      (JSC::JSObject::visitChildren):
      * runtime/JSPropertyNameIterator.cpp:
      (JSC::JSPropertyNameIterator::visitChildren):
      * runtime/JSPropertyNameIterator.h:
      * runtime/JSStaticScopeObject.cpp:
      (JSC::JSStaticScopeObject::visitChildren):
      * runtime/JSString.h:
      (JSC::RopeBuilder::createStructure):
      * runtime/JSWrapperObject.cpp:
      (JSC::JSWrapperObject::visitChildren):
      * runtime/NativeErrorConstructor.cpp:
      (JSC::NativeErrorConstructor::visitChildren):
      * runtime/PropertyMapHashTable.h:
      (JSC::PropertyMapEntry::PropertyMapEntry):
      * runtime/RegExpObject.cpp:
      (JSC::RegExpObject::visitChildren):
      * runtime/ScopeChain.cpp:
      (JSC::ScopeChainNode::visitChildren):
      * runtime/ScopeChain.h:
      (JSC::ScopeChainNode::ScopeChainNode):
      * runtime/Structure.cpp:
      (JSC::Structure::Structure):
      (JSC::Structure::addPropertyTransition):
      (JSC::Structure::visitChildren):
      * runtime/Structure.h:
      (JSC::Structure::createStructure):
      (JSC::JSCell::classInfo):
      * runtime/StructureChain.cpp:
      (JSC::StructureChain::visitChildren):
      * runtime/StructureChain.h:
      * runtime/WriteBarrier.h:
      (JSC::WriteBarrierBase::set):
      (JSC::WriteBarrierBase::get):
      (JSC::WriteBarrierBase::operator*):
      (JSC::WriteBarrierBase::operator->):
      (JSC::WriteBarrier::WriteBarrier):
      * wtf/Assertions.h:
      
      Source/WebCore:
      
      * bindings/js/JSAttrCustom.cpp:
      (WebCore::JSAttr::visitChildren):
      * bindings/js/JSAudioContextCustom.cpp:
      (WebCore::JSAudioContext::visitChildren):
      * bindings/js/JSCSSRuleCustom.cpp:
      (WebCore::JSCSSRule::visitChildren):
      * bindings/js/JSCSSStyleDeclarationCustom.cpp:
      (WebCore::JSCSSStyleDeclaration::visitChildren):
      * bindings/js/JSCanvasRenderingContextCustom.cpp:
      (WebCore::JSCanvasRenderingContext::visitChildren):
      * bindings/js/JSDOMGlobalObject.cpp:
      (WebCore::JSDOMGlobalObject::visitChildren):
      (WebCore::JSDOMGlobalObject::setInjectedScript):
      * bindings/js/JSDOMWindowCustom.cpp:
      (WebCore::JSDOMWindow::visitChildren):
      * bindings/js/JSDOMWindowShell.cpp:
      (WebCore::JSDOMWindowShell::visitChildren):
      * bindings/js/JSEventListener.cpp:
      (WebCore::JSEventListener::JSEventListener):
      * bindings/js/JSEventListener.h:
      (WebCore::JSEventListener::jsFunction):
      * bindings/js/JSJavaScriptAudioNodeCustom.cpp:
      (WebCore::JSJavaScriptAudioNode::visitChildren):
      * bindings/js/JSMessageChannelCustom.cpp:
      (WebCore::JSMessageChannel::visitChildren):
      * bindings/js/JSMessagePortCustom.cpp:
      (WebCore::JSMessagePort::visitChildren):
      * bindings/js/JSNamedNodeMapCustom.cpp:
      (WebCore::JSNamedNodeMap::visitChildren):
      * bindings/js/JSNodeCustom.cpp:
      (WebCore::JSNode::visitChildren):
      * bindings/js/JSNodeFilterCustom.cpp:
      (WebCore::JSNodeFilter::visitChildren):
      * bindings/js/JSNodeIteratorCustom.cpp:
      (WebCore::JSNodeIterator::visitChildren):
      * bindings/js/JSSVGElementInstanceCustom.cpp:
      (WebCore::JSSVGElementInstance::visitChildren):
      * bindings/js/JSSharedWorkerCustom.cpp:
      (WebCore::JSSharedWorker::visitChildren):
      * bindings/js/JSStyleSheetCustom.cpp:
      (WebCore::JSStyleSheet::visitChildren):
      * bindings/js/JSTreeWalkerCustom.cpp:
      (WebCore::JSTreeWalker::visitChildren):
      * bindings/js/JSWebGLRenderingContextCustom.cpp:
      (WebCore::JSWebGLRenderingContext::visitChildren):
      * bindings/js/JSWorkerContextCustom.cpp:
      (WebCore::JSWorkerContext::visitChildren):
      * bindings/js/JSXMLHttpRequestCustom.cpp:
      (WebCore::JSXMLHttpRequest::visitChildren):
      * bindings/js/JSXPathResultCustom.cpp:
      (WebCore::JSXPathResult::visitChildren):
      * bindings/scripts/CodeGeneratorJS.pm:
      
      Source/WebKit2:
      
      * WebProcess/Plugins/Netscape/JSNPObject.cpp:
      (WebKit::JSNPObject::invalidate):
      (WebKit::JSNPObject::callMethod):
      (WebKit::JSNPObject::callObject):
      (WebKit::JSNPObject::callConstructor):
      (WebKit::JSNPObject::getCallData):
      (WebKit::JSNPObject::getConstructData):
      (WebKit::JSNPObject::getOwnPropertySlot):
      (WebKit::JSNPObject::getOwnPropertyDescriptor):
      (WebKit::JSNPObject::put):
      (WebKit::JSNPObject::getOwnPropertyNames):
      (WebKit::JSNPObject::propertyGetter):
      (WebKit::JSNPObject::methodGetter):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86482 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      8c10d800
    • ossy@webkit.org's avatar
      Unreviewed, rolling out r86476. · 6bf2006b
      ossy@webkit.org authored
      http://trac.webkit.org/changeset/86476
      https://bugs.webkit.org/show_bug.cgi?id=60832
      
      Patch by Sheriff Bot <webkit.review.bot@gmail.com> on 2011-05-14
      It made plugins/get-url-notify-with-url-that-fails-to-
      load.html crash on GTK (Requested by Ossy on #webkit).
      
      Source/WebKit2:
      
      * WebProcess/Plugins/Netscape/NetscapePluginStream.cpp:
      (WebKit::NetscapePluginStream::stop):
      (WebKit::NetscapePluginStream::notifyAndDestroyStream):
      
      Tools:
      
      * DumpRenderTree/DumpRenderTree.gypi:
      * DumpRenderTree/DumpRenderTree.xcodeproj/project.pbxproj:
      * DumpRenderTree/TestNetscapePlugIn/Tests/GetURLNotifyWithURLThatFailsToLoad.cpp: Removed.
      * DumpRenderTree/TestNetscapePlugIn/win/TestNetscapePlugin.vcproj:
      * DumpRenderTree/qt/TestNetscapePlugin/TestNetscapePlugin.pro:
      * GNUmakefile.am:
      
      LayoutTests:
      
      * plugins/get-url-notify-with-url-that-fails-to-load-expected.txt: Removed.
      * plugins/get-url-notify-with-url-that-fails-to-load.html: Removed.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86481 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      6bf2006b
  2. 13 May, 2011 22 commits
    • gyuyoung.kim@samsung.com's avatar
      2011-05-13 Gyuyoung Kim <gyuyoung.kim@samsung.com> · b261333c
      gyuyoung.kim@samsung.com authored
              Unreviewed. Fix style error.
      
              * ewk/ewk_history.cpp:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86480 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      b261333c
    • ap@apple.com's avatar
      2011-05-13 Alexey Proskuryakov <ap@apple.com> · ade36feb
      ap@apple.com authored
              Reviewed by Darin Adler.
      
              HTML5 Application Cache Update Failures on Page Refresh
              https://bugs.webkit.org/show_bug.cgi?id=60598
              <rdar://problem/9418639>
      
              * http/tests/appcache/interrupted-update-expected.txt: Added.
              * http/tests/appcache/interrupted-update.html: Added.
              * http/tests/appcache/resources/interrupted-update.manifest: Added.
      
              * http/tests/appcache/main-resource-redirect.html:
              * http/tests/appcache/non-html.xhtml:
              Now that we dispatch an error even when aborting a load due to navigation, error event
              handler was getting called after notifyDone().
      2011-05-13  Alexey Proskuryakov  <ap@apple.com>
      
              Reviewed by Darin Adler.
      
              HTML5 Application Cache Update Failures on Page Refresh
              https://bugs.webkit.org/show_bug.cgi?id=60598
              <rdar://problem/9418639>
      
              Test: http/tests/appcache/interrupted-update.html
      
              The reason was two-fold:
              1) Cache group state wasn't fully reset after a failed cache update (or an initial load).
              2) The cache group is not deleted until after after the navigation (from autorelease pool),
              so the failed and sorry old version was picked up by cache selection algorithm.
      
              The latter is more of a surprising behavior than a problem in itself. Keeping an appcache in
              memory for reload is generally a good thing for performance.
      
              * loader/appcache/ApplicationCacheGroup.cpp:
              (WebCore::ApplicationCacheGroup::stopLoading): Added a FIXME about half-baked state resetting
              code that sent me looking for a wrong fix originally.
              (WebCore::ApplicationCacheGroup::stopLoadingInFrame): Stopped load is an update failure like
              any other, so we should call cacheUpdateFailed(), which knows how to reset state.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86478 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      ade36feb
    • enrica@apple.com's avatar
      REGRESSION (WK2): Can't drag and drop a link or image from Safari to Desktop · c9cd1be8
      enrica@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=60819
      <rdar://problem/9370689>
      
      Reviewed by Darin Adler and Brian Weinstein.
      
      Source/WebCore: 
      
      To support drag-and-drop to the desktop and other windows applications,
      we need to support the fileDescriptor and fileContentZero clipboard formats.
      This patch adds the support for serializing these types across the process boundary.
      It also fixes a regression introduced by r70914, that was causing the content of the
      shortcut files to be corrupted. Using ascii() to convert from String to CString was
      causing '\n' and '\r' to be replaced with '?'.
              
      * platform/DragData.h:
      * platform/win/ClipboardUtilitiesWin.cpp:
      (WebCore::fileDescriptorFormat): Moved from ClipboardWin.cpp.
      (WebCore::fileContentFormatZero): Moved from ClipboardWin.cpp.
      (WebCore::getFileDescriptorData): Serialize FileDescriptor type.
      (WebCore::getFileContentData): Serialize FileContent type.
      (WebCore::setFileDescriptorData): Deserialize FileDescriptor type.
      (WebCore::setFileContentData): Deserialize FileContent type.
      (WebCore::setCFData): Added missing initialization of the tymed field
      that was causing the cfHDrop format not to be deserialized correctly. 
      * platform/win/ClipboardUtilitiesWin.h:
      * platform/win/ClipboardWin.cpp:
      (WebCore::createGlobalHDropContent): Changed ascii() to latin1().
      (WebCore::ClipboardWin::writeURL):
      * platform/win/DragDataWin.cpp:
      (WebCore::DragData::getDragFileDescriptorData):
      (WebCore::DragData::getDragFileContentData):
      
      Source/WebKit2: 
      
      To support drag-and-drop to the desktop and other windows applications,
      we need to support the fileDescriptor and fileContentZero clipboard formats.
      This patch adds the support for serializing these types across the process boundary.
      
      * Platform/CoreIPC/Arguments.h: Added support for messages with 10 arguments.
      (CoreIPC::Arguments10::Arguments10):
      (CoreIPC::Arguments10::encode):
      (CoreIPC::Arguments10::decode):
      (CoreIPC::In):
      (CoreIPC::Out):
      * Platform/CoreIPC/HandleMessage.h:
      (CoreIPC::callMemberFunction): Added support for memebers with 10 arguments.
      * UIProcess/WebPageProxy.cpp:
      (WebKit::WebPageProxy::startDragDrop):
      * UIProcess/WebPageProxy.h:
      * UIProcess/WebPageProxy.messages.in:
      * WebProcess/WebCoreSupport/win/WebDragClientWin.cpp:
      (WebKit::WebDragClient::startDrag):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86477 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      c9cd1be8
    • andersca@apple.com's avatar
      2011-05-13 Anders Carlsson <andersca@apple.com> · bfd978e3
      andersca@apple.com authored
              Reviewed by Sam Weinig.
      
              NPP_URLNotify is not called if a URL passed to NPN_GetURLNotify fails to load
              https://bugs.webkit.org/show_bug.cgi?id=60823
              <rdar://problem/9430386>
      
              Add test that calls NPN_GetURLNotify on a URL that can't be loaded, and checks if NPP_URLNotify is called.
      
              * DumpRenderTree/DumpRenderTree.gypi:
              * DumpRenderTree/DumpRenderTree.xcodeproj/project.pbxproj:
              * DumpRenderTree/TestNetscapePlugIn/Tests/GetURLNotifyWithURLThatFailsToLoad.cpp: Added.
              (GetURLNotifyWithURLThatFailsToLoad::GetURLNotifyWithURLThatFailsToLoad):
              (GetURLNotifyWithURLThatFailsToLoad::NPP_New):
              (GetURLNotifyWithURLThatFailsToLoad::NPP_URLNotify):
              * DumpRenderTree/TestNetscapePlugIn/win/TestNetscapePlugin.vcproj:
              * DumpRenderTree/qt/TestNetscapePlugin/TestNetscapePlugin.pro:
              * GNUmakefile.am:
      2011-05-13  Anders Carlsson  <andersca@apple.com>
      
              Reviewed by Sam Weinig.
      
              NPP_URLNotify is not called if a URL passed to NPN_GetURLNotify fails to load
              https://bugs.webkit.org/show_bug.cgi?id=60823
              <rdar://problem/9430386>
      
              Add test.
      
              * plugins/get-url-notify-with-url-that-fails-to-load-expected.txt: Added.
              * plugins/get-url-notify-with-url-that-fails-to-load.html: Added.
      2011-05-13  Anders Carlsson  <andersca@apple.com>
      
              Reviewed by Sam Weinig.
      
              NPP_URLNotify is not called if a URL passed to NPN_GetURLNotify fails to load
              https://bugs.webkit.org/show_bug.cgi?id=60823
              <rdar://problem/9430386>
      
              If a plug-in stream fails to load before it's been started, we won't destroy the stream.
      
              * WebProcess/Plugins/Netscape/NetscapePluginStream.cpp:
              (WebKit::NetscapePluginStream::stop):
              Call notifyAndDestroyStream which will call NPP_URLNotify if necessary, and also destroy the stream.
      
              (WebKit::NetscapePluginStream::notifyAndDestroyStream):
              Pass the request URL to NPP_URLNotify, matching other browsers.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86476 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      bfd978e3
    • dcheng@chromium.org's avatar
      2011-05-13 Daniel Cheng <dcheng@chromium.org> · ea76b711
      dcheng@chromium.org authored
              Fix the build.
      
              Add includes that the builders are suddenly complaining about...
      
              * page/DragState.h:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86475 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      ea76b711
    • atwilson@chromium.org's avatar
      Disable failing test on chromium. Unreviewed. · 91728630
      atwilson@chromium.org authored
      * platform/chromium/test_expectations.txt:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86474 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      91728630
    • msaboff@apple.com's avatar
      2011-05-13 Michael Saboff <msaboff@apple.com> · 2857663f
      msaboff@apple.com authored
              Reviewed by Geoffrey Garen.
      
              Backing store may not get discarded due to stopped timer
              https://bugs.webkit.org/show_bug.cgi?id=60816
      
              Changed the backing store timer to restart if it has been stopped.
              The evaluation is done when the view's state is changed.
              This change appears to be worth ~3MB (one backing store worth)
              during memory tests.
      
              * UIProcess/DrawingAreaProxyImpl.cpp:
              (WebKit::DrawingAreaProxyImpl::discardBackingStoreSoon):
              * UIProcess/WebPageProxy.cpp:
              (WebKit::WebPageProxy::viewStateDidChange):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86473 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      2857663f
    • dcheng@chromium.org's avatar
      2011-05-13 Daniel Cheng <dcheng@chromium.org> · 0eb6dc60
      dcheng@chromium.org authored
              Reviewed by Tony Chang.
      
              Improve drag start logic
              https://bugs.webkit.org/show_bug.cgi?id=59409
      
              Add a new test to test drag start edge cases on Mac (because of a non-zero text drag delay)
              as well as rebase an existing test.
      
              * fast/css/user-drag-none.html: Text nodes are no longer draggable.
              * platform/mac/editing/pasteboard/drag-selections-to-contenteditable-expected.txt: Added.
              * platform/mac/editing/pasteboard/drag-selections-to-contenteditable.html: Added.
      2011-05-13  Daniel Cheng  <dcheng@chromium.org>
      
              Reviewed by Tony Chang.
      
              Improve drag start logic
              https://bugs.webkit.org/show_bug.cgi?id=59409
      
              Rewrite and simplify the dragging logic to better match IE, Firefox, and the behavior
              defined in the spec. Among other things:
              - draggableNode() no longer returns text nodes when dragging anchors.
              - When starting a drag over an image in a selection, prefer to drag the selection.
              - Several redundant hit tests have been removed.
              - Minor refactoring to make the logic easier to follow.
      
              Test: platform/mac/editing/pasteboard/drag-selections-to-contenteditable.html
      
              * WebCore.xcodeproj/project.pbxproj:
              * page/DragController.cpp:
              (WebCore::DragController::draggableNode):
              (WebCore::DragController::startDrag):
              * page/DragController.h:
              * page/DragState.h:
              (WebCore::DragState::shouldDispatchEvents):
              * page/EventHandler.cpp:
              (WebCore::EventHandler::EventHandler):
              (WebCore::EventHandler::eventMayStartDrag):
              (WebCore::EventHandler::updateDragSourceActionsAllowed):
              (WebCore::EventHandler::updateDragAndDrop):
              (WebCore::EventHandler::cancelDragAndDrop):
              (WebCore::EventHandler::dragHysteresisExceeded):
              (WebCore::EventHandler::dragSourceEndedAt):
              (WebCore::ExactlyOneBitSet):
              (WebCore::EventHandler::handleDrag):
              * page/EventHandler.h:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86472 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      0eb6dc60
    • oliver@apple.com's avatar
      Build fix. · 14c5dd6c
      oliver@apple.com authored
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86471 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      14c5dd6c
    • oliver@apple.com's avatar
      2011-05-13 Oliver Hunt <oliver@apple.com> · d369c8cd
      oliver@apple.com authored
              Reviewed by Geoffrey Garen.
      
              Make GC validation more aggressive
              https://bugs.webkit.org/show_bug.cgi?id=60802
      
              This patch makes the checks performed under GC_VALIDATION
              much more aggressive, and adds the checks to more places
              in order to allow us to catch GC bugs much closer to the
              point of failure.
      
              * JavaScriptCore.exp:
              * JavaScriptCore.xcodeproj/project.pbxproj:
              * debugger/DebuggerActivation.cpp:
              (JSC::DebuggerActivation::visitChildren):
              * heap/MarkedBlock.cpp:
              (JSC::MarkedBlock::MarkedBlock):
              * heap/MarkedSpace.cpp:
              * runtime/Arguments.cpp:
              (JSC::Arguments::visitChildren):
              * runtime/Executable.cpp:
              (JSC::EvalExecutable::visitChildren):
              (JSC::ProgramExecutable::visitChildren):
              (JSC::FunctionExecutable::visitChildren):
              * runtime/Executable.h:
              * runtime/GetterSetter.cpp:
              (JSC::GetterSetter::visitChildren):
              * runtime/GetterSetter.h:
              * runtime/JSAPIValueWrapper.h:
              (JSC::JSAPIValueWrapper::createStructure):
              (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
              * runtime/JSActivation.cpp:
              (JSC::JSActivation::visitChildren):
              * runtime/JSArray.cpp:
              (JSC::JSArray::visitChildren):
              * runtime/JSCell.cpp:
              (JSC::slowValidateCell):
              * runtime/JSCell.h:
              (JSC::JSCell::JSCell::unvalidatedStructure):
              (JSC::JSCell::JSCell::JSCell):
              * runtime/JSFunction.cpp:
              (JSC::JSFunction::visitChildren):
              * runtime/JSGlobalObject.cpp:
              (JSC::JSGlobalObject::visitChildren):
              (JSC::slowValidateCell):
              * runtime/JSONObject.h:
              * runtime/JSObject.cpp:
              (JSC::JSObject::visitChildren):
              * runtime/JSPropertyNameIterator.cpp:
              (JSC::JSPropertyNameIterator::visitChildren):
              * runtime/JSPropertyNameIterator.h:
              * runtime/JSStaticScopeObject.cpp:
              (JSC::JSStaticScopeObject::visitChildren):
              * runtime/JSString.h:
              (JSC::RopeBuilder::JSString):
              * runtime/JSWrapperObject.cpp:
              (JSC::JSWrapperObject::visitChildren):
              * runtime/NativeErrorConstructor.cpp:
              (JSC::NativeErrorConstructor::visitChildren):
              * runtime/PropertyMapHashTable.h:
              (JSC::PropertyMapEntry::PropertyMapEntry):
              * runtime/RegExpObject.cpp:
              (JSC::RegExpObject::visitChildren):
              * runtime/ScopeChain.cpp:
              (JSC::ScopeChainNode::visitChildren):
              * runtime/ScopeChain.h:
              (JSC::ScopeChainNode::ScopeChainNode):
              * runtime/Structure.cpp:
              (JSC::Structure::Structure):
              (JSC::Structure::addPropertyTransition):
              (JSC::Structure::visitChildren):
              * runtime/Structure.h:
              (JSC::JSCell::classInfo):
              * runtime/StructureChain.cpp:
              (JSC::StructureChain::visitChildren):
              * runtime/StructureChain.h:
              * runtime/WriteBarrier.h:
              (JSC::validateCell):
              (JSC::JSCell):
              (JSC::JSGlobalObject):
              (JSC::WriteBarrierBase::set):
              (JSC::WriteBarrierBase::setMayBeNull):
              (JSC::WriteBarrierBase::setEarlyValue):
              (JSC::WriteBarrierBase::get):
              (JSC::WriteBarrierBase::operator*):
              (JSC::WriteBarrierBase::operator->):
              (JSC::WriteBarrierBase::unvalidatedGet):
              (JSC::WriteBarrier::WriteBarrier):
              * wtf/Assertions.h:
      2011-05-13  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoffrey Garen.
      
              Make GC validation more aggressive
              https://bugs.webkit.org/show_bug.cgi?id=60802
      
              This makes GC_VALIDATION much more aggressive in webcore,
              adding logic to every visitChildren method to ensure that
              the structure still has correct flags.
      
              Additionally every function generated for the dom bindings
              makes use of the new GC_VALIDATION object assertions to further
              ensure that the object appears to be sensible.
      
              * bindings/js/JSAttrCustom.cpp:
              (WebCore::JSAttr::visitChildren):
              * bindings/js/JSAudioContextCustom.cpp:
              (WebCore::JSAudioContext::visitChildren):
              * bindings/js/JSCSSRuleCustom.cpp:
              (WebCore::JSCSSRule::visitChildren):
              * bindings/js/JSCSSStyleDeclarationCustom.cpp:
              (WebCore::JSCSSStyleDeclaration::visitChildren):
              * bindings/js/JSCanvasRenderingContextCustom.cpp:
              (WebCore::JSCanvasRenderingContext::visitChildren):
              * bindings/js/JSDOMGlobalObject.cpp:
              (WebCore::JSDOMGlobalObject::visitChildren):
              (WebCore::JSDOMGlobalObject::setInjectedScript):
              * bindings/js/JSDOMWindowCustom.cpp:
              (WebCore::JSDOMWindow::visitChildren):
              * bindings/js/JSDOMWindowShell.cpp:
              (WebCore::JSDOMWindowShell::visitChildren):
              * bindings/js/JSEventListener.cpp:
              (WebCore::JSEventListener::JSEventListener):
              * bindings/js/JSEventListener.h:
              (WebCore::JSEventListener::jsFunction):
              * bindings/js/JSJavaScriptAudioNodeCustom.cpp:
              (WebCore::JSJavaScriptAudioNode::visitChildren):
              * bindings/js/JSMessageChannelCustom.cpp:
              (WebCore::JSMessageChannel::visitChildren):
              * bindings/js/JSMessagePortCustom.cpp:
              (WebCore::JSMessagePort::visitChildren):
              * bindings/js/JSNamedNodeMapCustom.cpp:
              (WebCore::JSNamedNodeMap::visitChildren):
              * bindings/js/JSNodeCustom.cpp:
              (WebCore::JSNode::visitChildren):
              * bindings/js/JSNodeFilterCustom.cpp:
              (WebCore::JSNodeFilter::visitChildren):
              * bindings/js/JSNodeIteratorCustom.cpp:
              (WebCore::JSNodeIterator::visitChildren):
              * bindings/js/JSSVGElementInstanceCustom.cpp:
              (WebCore::JSSVGElementInstance::visitChildren):
              * bindings/js/JSSharedWorkerCustom.cpp:
              (WebCore::JSSharedWorker::visitChildren):
              * bindings/js/JSStyleSheetCustom.cpp:
              (WebCore::JSStyleSheet::visitChildren):
              * bindings/js/JSTreeWalkerCustom.cpp:
              (WebCore::JSTreeWalker::visitChildren):
              * bindings/js/JSWebGLRenderingContextCustom.cpp:
              (WebCore::JSWebGLRenderingContext::visitChildren):
              * bindings/js/JSWorkerContextCustom.cpp:
              (WebCore::JSWorkerContext::visitChildren):
              * bindings/js/JSXMLHttpRequestCustom.cpp:
              (WebCore::JSXMLHttpRequest::visitChildren):
              * bindings/js/JSXPathResultCustom.cpp:
              (WebCore::JSXPathResult::visitChildren):
              * bindings/scripts/CodeGeneratorJS.pm:
      2011-05-13  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoffrey Garen.
      
              Make GC validation more aggressive
              https://bugs.webkit.org/show_bug.cgi?id=60802
      
              Add GC_VALIDATION calls to all the JSNPObject methods.
      
              * WebProcess/Plugins/Netscape/JSNPObject.cpp:
              (WebKit::JSNPObject::invalidate):
              (WebKit::JSNPObject::callMethod):
              (WebKit::JSNPObject::callObject):
              (WebKit::JSNPObject::callConstructor):
              (WebKit::JSNPObject::getCallData):
              (WebKit::JSNPObject::getConstructData):
              (WebKit::JSNPObject::getOwnPropertySlot):
              (WebKit::JSNPObject::getOwnPropertyDescriptor):
              (WebKit::JSNPObject::put):
              (WebKit::JSNPObject::getOwnPropertyNames):
              (WebKit::JSNPObject::propertyGetter):
              (WebKit::JSNPObject::methodGetter):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86469 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d369c8cd
    • andersca@apple.com's avatar
      Build fix. · 9bc6caa7
      andersca@apple.com authored
      * DumpRenderTree/TestNetscapePlugIn/Tests/GetURLWithJavaScriptURL.cpp:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86468 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      9bc6caa7
    • andersca@apple.com's avatar
      2011-05-13 Anders Carlsson <andersca@apple.com> · 4c8ba961
      andersca@apple.com authored
              Reviewed by Sam Weinig.
      
              NPN_GetURL with a javascript: URL doesn't send back the result in the stream
              https://bugs.webkit.org/show_bug.cgi?id=60810
      
              In NetscapePluginStream::sendJavaScriptStream, we were incorrectly passing the result URL
              to the stream, instead of the result. Also, store the request URL in the NetscapePluginStream object
              to avoid sending it over the wire.
      
              * PluginProcess/PluginControllerProxy.cpp:
              (WebKit::PluginControllerProxy::didEvaluateJavaScript):
              * PluginProcess/PluginControllerProxy.h:
              * PluginProcess/PluginControllerProxy.messages.in:
              * WebProcess/Plugins/Netscape/NetscapePlugin.cpp:
              (WebKit::NetscapePlugin::loadURL):
              (WebKit::NetscapePlugin::didEvaluateJavaScript):
              (WebKit::NetscapePlugin::manualStreamDidReceiveResponse):
              * WebProcess/Plugins/Netscape/NetscapePlugin.h:
              * WebProcess/Plugins/Netscape/NetscapePluginStream.cpp:
              (WebKit::NetscapePluginStream::NetscapePluginStream):
              (WebKit::NetscapePluginStream::sendJavaScriptStream):
              * WebProcess/Plugins/Netscape/NetscapePluginStream.h:
              (WebKit::NetscapePluginStream::create):
              * WebProcess/Plugins/Plugin.h:
              * WebProcess/Plugins/PluginProxy.cpp:
              (WebKit::PluginProxy::didEvaluateJavaScript):
              * WebProcess/Plugins/PluginProxy.h:
              * WebProcess/Plugins/PluginView.cpp:
              (WebKit::PluginView::performJavaScriptURLRequest):
      2011-05-13  Anders Carlsson  <andersca@apple.com>
      
              Reviewed by Sam Weinig.
      
              NPN_GetURL with a javascript: URL doesn't send back the result in the stream
              https://bugs.webkit.org/show_bug.cgi?id=60810
      
              Add a test that calls NPN_GetURL on a javascript: URL and checks that it gets back the expected result.
      
              * plugins/get-url-with-javascript-url-expected.txt: Added.
              * plugins/get-url-with-javascript-url.html: Added.
      2011-05-13  Anders Carlsson  <andersca@apple.com>
      
              Reviewed by Sam Weinig.
      
              NPN_GetURL with a javascript: URL doesn't send back the result in the stream
              https://bugs.webkit.org/show_bug.cgi?id=60810
      
              Add a test that calls NPN_GetURL on a javascript: URL and checks that it gets back the expected result.
      
              * DumpRenderTree/DumpRenderTree.gypi:
              * DumpRenderTree/DumpRenderTree.xcodeproj/project.pbxproj:
              * DumpRenderTree/TestNetscapePlugIn/win/TestNetscapePlugin.vcproj:
              * DumpRenderTree/qt/TestNetscapePlugin/TestNetscapePlugin.pro:
              * GNUmakefile.am:
              Add files.
      
              * DumpRenderTree/TestNetscapePlugIn/PluginTest.cpp:
              * DumpRenderTree/TestNetscapePlugIn/PluginTest.h:
              Add new NPN and NPP wrappers and sort them according to the order they appear in npfunctions.h
      
              * DumpRenderTree/TestNetscapePlugIn/Tests/GetURLWithJavaScriptURL.cpp: Added.
              (GetURLWithJavaScriptURL::GetURLWithJavaScriptURL):
              (GetURLWithJavaScriptURL::NPP_New):
              (GetURLWithJavaScriptURL::NPP_NewStream):
              (GetURLWithJavaScriptURL::NPP_DestroyStream):
              (GetURLWithJavaScriptURL::NPP_WriteReady):
              (GetURLWithJavaScriptURL::NPP_Write):
              * DumpRenderTree/TestNetscapePlugIn/main.cpp:
              (NPP_NewStream):
              (NPP_WriteReady):
              (NPP_Write):
              (NPP_URLNotify):
              call the PluginTest NPP wrappers.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86467 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      4c8ba961
    • commit-queue@webkit.org's avatar
      2011-05-13 Mark Pilgrim <pilgrim@chromium.org> · 1bee0824
      commit-queue@webkit.org authored
              Reviewed by Tony Chang.
      
              Port Mozilla's IndexedDB tests: remove objectstore
              https://bugs.webkit.org/show_bug.cgi?id=60768
      
              This test creates an objectstore, populates it with 100 records,
              deletes the objectstore, and checks that the objectStoreNames array
              is updated properly at each step.
      
              * storage/indexeddb/mozilla/remove-objectstore-expected.txt: Added.
              * storage/indexeddb/mozilla/remove-objectstore.html: Added.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86466 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      1bee0824
    • atwilson@chromium.org's avatar
      Removed chromium border-fit-lines.html suppression as it seems to pass now. Unreviewed. · 353d4773
      atwilson@chromium.org authored
      * platform/chromium/test_expectations.txt:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86465 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      353d4773
    • commit-queue@webkit.org's avatar
      2011-05-13 Sheriff Bot <webkit.review.bot@gmail.com> · 725013a7
      commit-queue@webkit.org authored
              Unreviewed, rolling out r86447.
              http://trac.webkit.org/changeset/86447
              https://bugs.webkit.org/show_bug.cgi?id=60809
      
              "Broke some uses of EventSender object on Qt" (Requested by
              mwenge on #webkit).
      
              * platform/qt/Skipped:
              * platform/qt/http/tests/plugins/plugin-document-has-focus-expected.txt: Removed.
      2011-05-13  Sheriff Bot  <webkit.review.bot@gmail.com>
      
              Unreviewed, rolling out r86447.
              http://trac.webkit.org/changeset/86447
              https://bugs.webkit.org/show_bug.cgi?id=60809
      
              "Broke some uses of EventSender object on Qt" (Requested by
              mwenge on #webkit).
      
              * WebCoreSupport/DumpRenderTreeSupportQt.cpp:
              * WebCoreSupport/DumpRenderTreeSupportQt.h:
      2011-05-13  Sheriff Bot  <webkit.review.bot@gmail.com>
      
              Unreviewed, rolling out r86447.
              http://trac.webkit.org/changeset/86447
              https://bugs.webkit.org/show_bug.cgi?id=60809
      
              "Broke some uses of EventSender object on Qt" (Requested by
              mwenge on #webkit).
      
              * DumpRenderTree/qt/DumpRenderTreeQt.cpp:
              (WebCore::WebPage::WebPage):
              (WebCore::DumpRenderTree::DumpRenderTree):
              (WebCore::DumpRenderTree::initJSObjects):
              (WebCore::DumpRenderTree::createWindow):
              * DumpRenderTree/qt/DumpRenderTreeQt.h:
              (WebCore::DumpRenderTree::eventSender):
              * DumpRenderTree/unix/TestNetscapePlugin/TestNetscapePlugin.cpp:
              (webkit_test_plugin_new_instance):
              (webkit_test_plugin_set_window):
              (webkit_test_plugin_handle_event):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86464 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      725013a7
    • mnaganov@chromium.org's avatar
      2011-05-13 Mikhail Naganov <mnaganov@chromium.org> · c2bcfc8b
      mnaganov@chromium.org authored
              Web Inspector: Unreviewed image glyph position fix in CSS after r85588.
      
              * inspector/front-end/heapProfiler.css:
              (.heapshot-help-status-bar-item .glyph):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86463 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      c2bcfc8b
    • abarth@webkit.org's avatar
      2011-05-13 Adam Barth <abarth@webkit.org> · 56813fa6
      abarth@webkit.org authored
              Reviewed by Eric Seidel.
      
              iframe sandbox doesn't properly block popups
              https://bugs.webkit.org/show_bug.cgi?id=60784
      
              Test that we block popup windows from inside sandbox.
      
              * http/tests/security/no-popup-from-sandbox-expected.txt: Added.
              * http/tests/security/no-popup-from-sandbox-top-expected.txt: Added.
              * http/tests/security/no-popup-from-sandbox-top.html: Added.
              * http/tests/security/no-popup-from-sandbox.html: Added.
      2011-05-13  Adam Barth  <abarth@webkit.org>
      
              Reviewed by Eric Seidel.
      
              iframe sandbox doesn't properly block popups
              https://bugs.webkit.org/show_bug.cgi?id=60784
      
              Previously, we weren't implementing this requirement from the spec:
      
              "This flag also prevents content from creating new auxiliary browsing
              contexts, e.g. using the target attribute or the window.open() method."
      
              Tests: http/tests/security/no-popup-from-sandbox-top.html
                     http/tests/security/no-popup-from-sandbox.html
      
              * loader/PolicyChecker.cpp:
              (WebCore::PolicyChecker::checkNewWindowPolicy):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86462 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      56813fa6
    • rniwa@webkit.org's avatar
      2011-05-13 Ryosuke Niwa <rniwa@webkit.org> · 91cc070e
      rniwa@webkit.org authored
              Reviewed by Darin Adler.
      
              click event shouldn't fire when the target is ever removed in mouseup
              https://bugs.webkit.org/show_bug.cgi?id=60600
      
              Added tests to ensure WebKit does not fire click event when the target node
              is removed in mouseup event.
      
              * fast/events/remove-target-in-mouseup-deep-expected.txt: Added.
              * fast/events/remove-target-in-mouseup-deep.html: Added.
              * fast/events/remove-target-in-mouseup-expected.txt: Added.
              * fast/events/remove-target-in-mouseup-insertback-expected.txt: Added.
              * fast/events/remove-target-in-mouseup-insertback.html: Added.
              * fast/events/remove-target-in-mouseup-twice-expected.txt: Added.
              * fast/events/remove-target-in-mouseup-twice.html: Added.
              * fast/events/remove-target-in-mouseup.html: Added.
      2011-05-13  Ryosuke Niwa  <rniwa@webkit.org>
      
              Reviewed by Darin Adler.
      
              click event shouldn't fire when the target is ever removed in mouseup
              https://bugs.webkit.org/show_bug.cgi?id=60600
      
              Fixed the bug by invalidating m_clickNode when it or one of its ancestors has been removed
              from the document. New behavior matches Internet Explorer and Firefox.
      
              Tests: fast/events/remove-target-in-mouseup-deep.html
                     fast/events/remove-target-in-mouseup-insertback.html
                     fast/events/remove-target-in-mouseup-twice.html
                     fast/events/remove-target-in-mouseup.html
      
              * dom/Document.cpp:
              (WebCore::Document::nodeChildrenWillBeRemoved): Calls EventHandler::nodeWillBeRemoved.
              (WebCore::Document::nodeWillBeRemoved): Calls EventHandler::nodeWillBeRemoved.
              * page/EventHandler.cpp:
              (WebCore::EventHandler::nodeWillBeRemoved): Added; invalidates m_clickNode when m_clickNode
              or one of its ancestor is removed from the document.
              * page/EventHandler.h:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86461 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      91cc070e
    • ap@apple.com's avatar
      Reviewed by Joseph Pecoraro. · 05fdb04b
      ap@apple.com authored
              Hide appcache status bar items
              https://bugs.webkit.org/show_bug.cgi?id=60799
      
              We have a number of non-trivial bugs that make these more misleading than helpful to developers.
      
              * inspector/front-end/ApplicationCacheItemsView.js: (WebInspector.ApplicationCacheItemsView):
              Just hide the items for now. Removing all support code would be complicated, and not helpful.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86460 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      05fdb04b
    • jeffm@apple.com's avatar
      2011-05-13 Jeff Miller <jeffm@apple.com> · 7bea0541
      jeffm@apple.com authored
              Reviewed by Darin Adler.
      
              Make some page() member functions const
              https://bugs.webkit.org/show_bug.cgi?id=60794
      
              * UIProcess/ChunkedUpdateDrawingAreaProxy.h: Make page() const.
              * UIProcess/WebFrameProxy.h:
              (WebKit::WebFrameProxy::page): Make page() const.
              * UIProcess/WebInspectorProxy.h:
              (WebKit::WebInspectorProxy::page): Make page() const.
              * UIProcess/gtk/ChunkedUpdateDrawingAreaProxyGtk.cpp:
              (WebKit::ChunkedUpdateDrawingAreaProxy::page): Make page() const.
              * UIProcess/mac/ChunkedUpdateDrawingAreaProxyMac.mm:
              (WebKit::ChunkedUpdateDrawingAreaProxy::page): Make page() const.
              * UIProcess/qt/ChunkedUpdateDrawingAreaProxyQt.cpp:
              (WebKit::ChunkedUpdateDrawingAreaProxy::page): Make page() const.
              * UIProcess/win/ChunkedUpdateDrawingAreaProxyWin.cpp:
              (WebKit::ChunkedUpdateDrawingAreaProxy::page): Make page() const.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86459 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      7bea0541
    • abarth@webkit.org's avatar
      2011-05-13 Adam Barth <abarth@webkit.org> · c46976c3
      abarth@webkit.org authored
              Reviewed by Eric Seidel.
      
              indexedDB is visible inside iframe sandbox
              https://bugs.webkit.org/show_bug.cgi?id=60785
      
              * http/tests/security/no-indexeddb-from-sandbox-expected.txt: Added.
              * http/tests/security/no-indexeddb-from-sandbox.html: Added.
      2011-05-13  Adam Barth  <abarth@webkit.org>
      
              Reviewed by Eric Seidel.
      
              indexedDB is visible inside iframe sandbox
              https://bugs.webkit.org/show_bug.cgi?id=60785
      
              We're supposed to return a null indexedDB factory when inside an iframe
              sandbox.
      
              Test: http/tests/security/no-indexeddb-from-sandbox.html
      
              * page/DOMWindow.cpp:
              (WebCore::DOMWindow::webkitIndexedDB):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86458 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      c46976c3
    • commit-queue@webkit.org's avatar
      2011-05-13 Mark Pilgrim <pilgrim@chromium.org> · 0cad0fe3
      commit-queue@webkit.org authored
              Reviewed by Tony Chang.
      
              Port Mozilla's IndexedDB tests: indexes with keys and key ranges
              https://bugs.webkit.org/show_bug.cgi?id=60733
      
              This megatest creates an object store with several rows of data,
              creates indexes on each key, then iterates each index in a variety
              of ways (keys, key ranges, etc).
      
              * storage/indexeddb/mozilla/indexes-expected.txt: Added.
              * storage/indexeddb/mozilla/indexes.html: Added.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86457 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      0cad0fe3