1. 08 Nov, 2012 40 commits
    • bdakin@apple.com's avatar
      https://bugs.webkit.org/show_bug.cgi?id=101644 · 5b7d03f1
      bdakin@apple.com authored
      Fixed header on Facebook news feed becomes detached from top of 
      viewport after rubber band scrolling
      -and corresponding-
      <rdar://problem/12651944>
      
      Reviewed by Simon Fraser.
      
      Source/WebCore: 
      
      There is code to handle this for non-threaded scrolling on FrameView. 
      This patch moves most of that code into a convenience function on 
      ScrollingCoordinator.
      
      Have FrameView::scrollOffsetForFixedPosition() call 
      WebCore::scrollOffsetForFixedPosition() with all the right 
      parameters.
      * page/FrameView.cpp:
      (WebCore::FrameView::scrollOffsetForFixedPosition):
      
      Here's where all the math happens.
      * page/scrolling/ScrollingCoordinator.cpp:
      (WebCore::fixedPositionScrollOffset):
      (WebCore::scrollOffsetForFixedPosition):
      
      The viewportRect in these three places needs to have the 
      adjusted-for-fixed offset.
      (WebCore::ScrollingCoordinator::updateMainFrameScrollPosition):
      * page/scrolling/mac/ScrollingTreeScrollingNodeMac.mm:
      (WebCore::ScrollingTreeScrollingNodeMac::setScrollLayerPosition):
      * rendering/RenderLayerCompositor.cpp:
      (WebCore::RenderLayerCompositor::computeFixedViewportConstraints):
      
      LayoutTests: 
      
      New test ensures that negative offsets will not make their way into 
      the FixedPositionViewportConstraints.
      * platform/mac/tiled-drawing/fixed/negative-scroll-offset-expected.txt: Added.
      * platform/mac/tiled-drawing/fixed/negative-scroll-offset.html: Added.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133974 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      5b7d03f1
    • hclam@chromium.org's avatar
      [chromium] Deferred image decoding fails with image orientation · eec827bf
      hclam@chromium.org authored
      https://bugs.webkit.org/show_bug.cgi?id=101648
      
      Reviewed by Stephen White.
      
      Source/WebCore:
      
      When an image is deferred save the orientation state. Once this state
      is cached it can be used to reply future queries since this state is
      static.
      
      No new tests but platform/chromium/virtual/deferred/fast/images/image-orientation.html is passing now.
      
      * platform/graphics/chromium/DeferredImageDecoder.cpp:
      (WebCore::DeferredImageDecoder::DeferredImageDecoder):
      (WebCore::DeferredImageDecoder::frameBufferAtIndex):
      (WebCore::DeferredImageDecoder::orientation):
      * platform/graphics/chromium/DeferredImageDecoder.h:
      (DeferredImageDecoder):
      
      LayoutTests:
      
      Update test expectations and baselines accordingly since these two
      tests are now passing with deferred image decoding.
      
      fast/images/exif-orientation-image-document.html
      fast/images/exif-orientation.html
      
      * platform/chromium-linux/platform/chromium/virtual/deferred/fast/images/exif-orientation-image-document-expected.png: Removed.
      * platform/chromium-mac-lion/platform/chromium/virtual/deferred/fast/images/exif-orientation-image-document-expected.png: Removed.
      * platform/chromium-mac-snowleopard/platform/chromium/virtual/deferred/fast/images/exif-orientation-image-document-expected.png: Removed.
      * platform/chromium-mac/platform/chromium/virtual/deferred/fast/images/exif-orientation-image-document-expected.png: Removed.
      * platform/chromium-win/platform/chromium/virtual/deferred/fast/images/exif-orientation-image-document-expected.png: Removed.
      * platform/chromium/TestExpectations:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133972 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      eec827bf
    • fpizlo@apple.com's avatar
      DFG constant folding and CFG simplification should be smart enough to know... · 5faa4e15
      fpizlo@apple.com authored
      DFG constant folding and CFG simplification should be smart enough to know that if a logical op's operand is proven to have a non-masquerading structure then it always evaluates to true
      https://bugs.webkit.org/show_bug.cgi?id=101511
      
      Reviewed by Oliver Hunt.
      
      To make life easier, this moves BranchDirection into BasicBlock so that after
      running the CFA, we always know, for each block, what direction the CFA
      proved. CFG simplification now both uses and preserves cfaBranchDirection in
      its transformations.
              
      Also made both LogicalNot and Branch check whether the operand is a known cell
      with a known structure, and if so, made them do the appropriate folding.
              
      5% speed-up on V8/raytrace because it makes raytrace's own null checks
      evaporate (i.e. idioms like 'if (!x) throw "unhappiness"') thanks to the fact
      that we were already doing structure check hoisting.
      
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::endBasicBlock):
      (JSC::DFG::AbstractState::execute):
      (JSC::DFG::AbstractState::mergeToSuccessors):
      * dfg/DFGAbstractState.h:
      (AbstractState):
      * dfg/DFGBasicBlock.h:
      (JSC::DFG::BasicBlock::BasicBlock):
      (BasicBlock):
      * dfg/DFGBranchDirection.h: Added.
      (DFG):
      (JSC::DFG::branchDirectionToString):
      (JSC::DFG::isKnownDirection):
      (JSC::DFG::branchCondition):
      * dfg/DFGCFGSimplificationPhase.cpp:
      (JSC::DFG::CFGSimplificationPhase::run):
      (JSC::DFG::CFGSimplificationPhase::mergeBlocks):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133971 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      5faa4e15
    • kling@webkit.org's avatar
      DocumentLoader: Shrink-to-fit the ResourceResponse vector after loading completes. · 3268a6fc
      kling@webkit.org authored
      <http://webkit.org/b/101657>
      
      Reviewed by Anders Carlsson.
      
      Shrink DocumentLoader::m_responses to exact size when we stop adding responses to it,
      as we know it won't grow after that.
      
      520kB progression on Membuster3.
      
      * loader/DocumentLoader.cpp:
      (WebCore::DocumentLoader::stopRecordingResponses):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133970 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      3268a6fc
    • commit-queue@webkit.org's avatar
      [CSS Exclusions] Polygon with horizontal bottom edges returns incorrect segments · 556283fc
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=100874
      
      Patch by Hans Muller <hmuller@adobe.com> on 2012-11-08
      Reviewed by Dirk Schulze.
      
      Source/WebCore:
      
      Revised the way that computeXIntersections() handles intersections with horizotal polygon edges.
      Deciding if a vertex intersection corresponds to a polygon "edge crossing", i.e. a change from inside
      to outside or outside to inside, now depends on which side of the horizontal line the function's
      y parameter corresponds to. If the y corresponds to the top of the line, then isaMinY the parameter
      is true, and an intersection with a horizontal edge is only considered to be an edge crossing if
      if the inside of the polygon is just below the horizontal edge.  When isMinY is false then the inside
      of the polygon must be just above the horizontal edge.
      
      Tests: fast/exclusions/shape-inside/shape-inside-rectilinear-polygon-003.html
             fast/exclusions/shape-inside/shape-inside-rectilinear-polygon-004.html
      
      * rendering/ExclusionPolygon.cpp:
      (WebCore::getVertexIntersectionVertices): Corrected two cases where the next/previous vertex was determined incorrectly.
      (WebCore::ExclusionPolygon::computeXIntersections): Added a bool isMinY parameter which specifies if the y parameter corresponds to the top or bottom a horizontal line.
      (WebCore::ExclusionPolygon::getExcludedIntervals): Added the new computeXIntersections() parameter.
      (WebCore::ExclusionPolygon::getIncludedIntervals): Ditto.
      * rendering/ExclusionPolygon.h:
      (WebCore::ExclusionPolygonEdge::previousEdge): Corrected the previousEdge() function.
      
      LayoutTests:
      
      Added two additional tests for rectilinear polygons, where the tops and bottoms
      of lines intersect the polygons' horizontal edges. More tests of this kind will
      be needed when exclusion layout supports polygons that break horizontal lines up
      into more than one segment.
      
      * fast/exclusions/shape-inside/shape-inside-rectilinear-polygon-003-expected.html: Added.
      * fast/exclusions/shape-inside/shape-inside-rectilinear-polygon-003.html: Added.
      * fast/exclusions/shape-inside/shape-inside-rectilinear-polygon-004-expected.html: Added.
      * fast/exclusions/shape-inside/shape-inside-rectilinear-polygon-004.html: Added.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133968 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      556283fc
    • commit-queue@webkit.org's avatar
      [WK2] Unused parameters on LayerTreeRenderer.cpp · 30bd1fbc
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=101653
      
      Patch by KyungTae Kim <ktf.kim@samsung.com> on 2012-11-08
      Reviewed by Noam Rosenthal.
      
      Because the 'tileID' parameter is not used now,
      comment out it to fix build warning -Wunused-parameter
      
      * UIProcess/CoordinatedGraphics/LayerTreeRenderer.cpp:
      (WebKit::LayerTreeRenderer::removeBackingStoreIfNeeded):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133967 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      30bd1fbc
    • commit-queue@webkit.org's avatar
      [JSC] HTML extensions to String.prototype should escape " as &quot; in argument values · 5f051eb4
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=90667
      
      Patch by Christophe Dumez <christophe.dumez@intel.com> on 2012-11-08
      Reviewed by Benjamin Poulain.
      
      Source/JavaScriptCore:
      
      Escape quotation mark as &quot; in argument values to:
      - String.prototype.anchor(name)
      - String.prototype.fontcolor(color)
      - String.prototype.fontsize(size)
      - String.prototype.link(href)
      
      This behavior matches Chromium/V8 and Firefox/Spidermonkey
      implementations and is requited by:
      http://mathias.html5.org/specs/javascript/#escapeattributevalue
      
      This also fixes a potential security risk (XSS vector).
      
      * runtime/StringPrototype.cpp:
      (JSC::stringProtoFuncFontcolor):
      (JSC::stringProtoFuncFontsize):
      (JSC::stringProtoFuncAnchor):
      (JSC::stringProtoFuncLink):
      
      LayoutTests:
      
      Add layout test coverage for the following String.prototype methods:
      - String.prototype.anchor(name)
      - String.prototype.fontcolor(color)
      - String.prototype.fontsize(size)
      - String.prototype.link(href)
      
      Those tests also check that the quotation mark is correctly escaped
      in argument values to prevent potential exploits.
      
      * fast/js/string-anchor-expected.txt: Added.
      * fast/js/string-anchor.html: Added.
      * fast/js/string-fontcolor-expected.txt: Added.
      * fast/js/string-fontcolor.html: Added.
      * fast/js/string-fontsize-expected.txt: Added.
      * fast/js/string-fontsize.html: Added.
      * fast/js/string-link-expected.txt: Added.
      * fast/js/string-link.html: Added.
      * platform/chromium/TestExpectations: Skip new tests for chromium port due
      to http://code.google.com/p/v8/issues/detail?id=2218
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133966 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      5f051eb4
    • jsbell@chromium.org's avatar
      [Chromium] Unreviewed gardening. Added missing *-expected.txt following rebaselines. · 88d7423b
      jsbell@chromium.org authored
      * platform/chromium-mac/fast/css/text-overflow-input-expected.txt: Added.
      * platform/chromium-mac/fast/forms/input-readonly-dimmed-expected.txt: Added.
      * platform/chromium-mac/fast/forms/input-text-scroll-left-on-blur-expected.txt: Added.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133965 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      88d7423b
    • commit-queue@webkit.org's avatar
      [BlackBerry] Disable cookies on file:// · 3c4ee8b5
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=101646
      
      Patch by Otto Derek Cheung <otcheung@rim.com> on 2012-11-08
      Reviewed by Rob Buis.
      
      Disabling cookies on file and local in the browser app.
      
      PR 239779
      
      Tested by trying to set and retrieve cookies on WI while browsing
      files on the file scheme.
      
      * platform/blackberry/CookieManager.cpp:
      (WebCore):
      (WebCore::shouldIgnoreScheme):
      (WebCore::CookieManager::getRawCookies):
      (WebCore::CookieManager::checkAndTreatCookie):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133964 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      3c4ee8b5
    • jsbell@chromium.org's avatar
      Expose snapshots in platform/leveldb wrapper API · 735098af
      jsbell@chromium.org authored
      https://bugs.webkit.org/show_bug.cgi?id=100786
      
      Reviewed by Tony Chang.
      
      Source/WebCore:
      
      Expose leveldb "snapshots" in the LevelDB API. A snapshot lets you observe the database
      as it was when the snapshot was taken. This can be used to implement parallel transactions,
      e.g. where a read transaction won't see updates made by a later write transaction.
      
      Tests: webkit_unit_tests --gtest_filter='LevelDBDatabaseTest.Transaction*'
      
      * platform/leveldb/LevelDBDatabase.cpp:
      (WebCore::LevelDBSnapshot::LevelDBSnapshot): New (but for now internal-only) wrapper type.
      (WebCore):
      (WebCore::LevelDBSnapshot::~LevelDBSnapshot): Release the leveldb::Snapshot.
      (WebCore::LevelDBDatabase::get): Optional snapshot argument, for use by transactions.
      (WebCore::LevelDBDatabase::createIterator): Ditto.
      * platform/leveldb/LevelDBDatabase.h:
      (leveldb):
      (WebCore):
      (LevelDBSnapshot):
      (LevelDBDatabase):
      * platform/leveldb/LevelDBTransaction.cpp:
      (WebCore::LevelDBTransaction::LevelDBTransaction): Initialize a snapshot.
      (WebCore::LevelDBTransaction::get):
      (WebCore::LevelDBTransaction::TransactionIterator::TransactionIterator):
      * platform/leveldb/LevelDBTransaction.h:
      (LevelDBTransaction):
      
      Source/WebKit/chromium:
      
      Add unit tests for transactions/snapshots.
      
      * tests/LevelDBTest.cpp:
      (WebCore::encodeString): Don't append to pre-sized vector.
      (WebCore::TEST):
      (WebCore):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133963 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      735098af
    • yael@webkit.org's avatar
      Unreviewed. Some more gardening after r133898. · 7853f5d9
      yael@webkit.org authored
      * platform/efl/TestExpectations:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133962 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      7853f5d9
    • commit-queue@webkit.org's avatar
      [EFL][WK2] Add proper support for fullscreen API to MiniBrowser · 5081fb48
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=101615
      
      Patch by Christophe Dumez <christophe.dumez@intel.com> on 2012-11-08
      Reviewed by Kenneth Rohde Christiansen.
      
      Source/WebKit2:
      
      * UIProcess/API/efl/EwkViewImpl.cpp:
      (EwkViewImpl::enterFullScreen):
      * UIProcess/API/efl/ewk_security_origin.cpp:
      (EwkSecurityOrigin::EwkSecurityOrigin):
      * UIProcess/API/efl/ewk_security_origin_private.h:
      (EwkSecurityOrigin::create): Add factory method to construct a
      EwkSecurityOrigin from a KURL.
      (EwkSecurityOrigin):
      * UIProcess/API/efl/ewk_view.cpp:
      (ewk_view_fullscreen_exit): Add public API function to exit
      fullscreen mode.
      * UIProcess/API/efl/ewk_view.h: Add security origin parameter
      to fullscreen_enter smart function since this information is
      useful to the user agent.
      * UIProcess/API/efl/tests/test_ewk2_view.cpp:
      (fullScreenCallback):
      (fullScreenExitCallback):
      (TEST_F):
      
      Tools:
      
      Implement fullscreen API support in MiniBrowser. When entering
      fullscreen a popup is shown to notify the user that something
      is displayed in fullscreen and to advertise that the Escape
      key can be used to exit fullscreen. This behavior is according
      to specification.
      
      * MiniBrowser/efl/main.c:
      (on_key_down):
      (on_fullscreen_accept):
      (on_fullscreen_deny):
      (on_fullscreen_enter):
      (on_fullscreen_exit):
      (window_create):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133961 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      5081fb48
    • jsbell@chromium.org's avatar
      [Chromium] Unreviewed gardening - rebaseline a couple of tests for lion. · 94ec79d4
      jsbell@chromium.org authored
      * platform/chromium-mac-lion/fast/css/text-overflow-ellipsis-text-align-center-expected.png: Added.
      * platform/chromium-mac-lion/fast/forms/basic-textareas-expected.png: Added.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133960 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      94ec79d4
    • andersca@apple.com's avatar
      HeapStatistics::s_pauseTimeStarts and s_pauseTimeEnds should be Vectors · 6946dc3e
      andersca@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=101651
      
      Reviewed by Andreas Kling.
      
      HeapStatistics uses Deques when Vectors would work just as good.
      
      * heap/HeapStatistics.cpp:
      * heap/HeapStatistics.h:
      (HeapStatistics):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133959 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      6946dc3e
    • beidson@apple.com's avatar
      Have NetworkProcess do the actual loading of subresources. · 131a80b0
      beidson@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=101640
      
      Reviewed by Alexey Proskuryakov.
      
      Source/WebCore:
      
      No new tests (No change in behavior in any configuration we test.)
      
      * WebCore.exp.in:
      * loader/ResourceBuffer.h: Virtualize a few methods for ports to override.
      
      Source/WebKit2:
      
      This adds actual loading of subresources in the NetworkProcess.
      
      Currently a resource just gets its entire buffer of data built up and then delivered to the WebProcess in one chunk.
      
      Many FIXMEs point the path towards much better behavior.
      
      Project file stuff:
      * WebKit2.xcodeproj/project.pbxproj:
      
      Add a new Logging channel for scheduling so the one for loading can be separate:
      * Platform/Logging.cpp:
      * Platform/Logging.h:
      
      Add an enhancement FIXME:
      * NetworkProcess/HostRecord.cpp:
      (WebKit::HostRecord::remove):
      
      NetworkRequest now derives from ResourceHandleClient and does actual loading, messaging WebProcess as it does:
      * NetworkProcess/NetworkRequest.cpp:
      (WebKit::NetworkRequest::NetworkRequest):
      (WebKit::NetworkRequest::~NetworkRequest):
      (WebKit::NetworkRequest::start):
      (WebKit::requestsToStopMutex):
      (WebKit::requestsToStop):
      (WebKit::NetworkRequest::scheduleStopOnMainThread): Stop
      (WebKit::NetworkRequest::performStops):
      (WebKit::NetworkRequest::stop): Does NetworkRequest cleanup that happens no matter the state of the network load.
      (WebKit::NetworkRequest::didReceiveResponse):
      (WebKit::NetworkRequest::didReceiveData):
      (WebKit::NetworkRequest::didFinishLoading):
      (WebKit::NetworkRequest::didFail):
      * NetworkProcess/NetworkRequest.h:
      
      Change some logging and now invalid asserts, as well as starting requests in-process instead of relying on WebProcess:
      * NetworkProcess/NetworkResourceLoadScheduler.cpp:
      (WebKit::NetworkResourceLoadScheduler::scheduleNetworkRequest):
      (WebKit::NetworkResourceLoadScheduler::addLoadInProgress):
      (WebKit::NetworkResourceLoadScheduler::removeLoadIdentifier):
      (WebKit::NetworkResourceLoadScheduler::crossOriginRedirectReceived):
      (WebKit::NetworkResourceLoadScheduler::servePendingRequests):
      (WebKit::NetworkResourceLoadScheduler::servePendingRequestsForHost):
      (WebKit::NetworkResourceLoadScheduler::removeScheduledLoadIdentifiers):
      (WebKit::NetworkResourceLoadScheduler::scheduleRemoveLoadIdentifier):
      * NetworkProcess/NetworkResourceLoadScheduler.h:
      (NetworkResourceLoadScheduler):
      
      Add a "ShareableResource" which includes a SharedMemory block, an offset into that block, and a size:
      * Shared/ShareableResource.cpp: Added.
      (WebKit::ShareableResource::Handle::Handle):
      (WebKit::ShareableResource::Handle::encode):
      (WebKit::ShareableResource::Handle::decode):
      (WebKit::ShareableResource::create):
      (WebKit::ShareableResource::ShareableResource):
      (WebKit::ShareableResource::~ShareableResource):
      (WebKit::ShareableResource::createHandle):
      (WebKit::ShareableResource::data):
      (WebKit::ShareableResource::size):
      * Shared/ShareableResource.h:
      (WebKit::ShareableResource::Handle::isNull):
      (WebKit::ShareableResource::Handle::size):
      
      Add an implementation of WebCore::ResourceBuffer that wraps a ShareableResource instead of a SharedBuffer:
      * Shared/WebResourceBuffer.cpp:
      (WebKit::WebResourceBuffer::WebResourceBuffer):
      (WebKit::WebResourceBuffer::~WebResourceBuffer):
      (WebKit::WebResourceBuffer::data):
      (WebKit::WebResourceBuffer::size):
      * Shared/WebResourceBuffer.h:
      (WebResourceBuffer):
      (WebKit::WebResourceBuffer::create):
      
      Add messaging that responds to resource load events from the NetworkProcess and passes them to the scheduler:
      * WebProcess/Network/NetworkProcessConnection.cpp:
      (WebKit::NetworkProcessConnection::didReceiveResponse):
      (WebKit::NetworkProcessConnection::didReceiveResource):
      (WebKit::NetworkProcessConnection::didFailResourceLoad):
      * WebProcess/Network/NetworkProcessConnection.h:
      * WebProcess/Network/NetworkProcessConnection.messages.in:
      
      Takes resource load events passed from the NetworkProcess and hands them off directly to WebCore ResourceLoaders:
      * WebProcess/Network/WebResourceLoadScheduler.cpp:
      (WebKit::WebResourceLoadScheduler::scheduleLoad): Update some logging.
      (WebKit::WebResourceLoadScheduler::addMainResourceLoad): Ditto.
      (WebKit::WebResourceLoadScheduler::remove): Ditto.
      (WebKit::WebResourceLoadScheduler::crossOriginRedirectReceived): Ditto.
      (WebKit::WebResourceLoadScheduler::servePendingRequests): Ditto.
      (WebKit::WebResourceLoadScheduler::didReceiveResponse): Call through to ResourceLoader.
      (WebKit::WebResourceLoadScheduler::didReceiveResource): Ditto.
      (WebKit::WebResourceLoadScheduler::didFailResourceLoad): Ditto.
      * WebProcess/Network/WebResourceLoadScheduler.h:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133957 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      131a80b0
    • fpizlo@apple.com's avatar
      DFG should not assume that something is a double just because it might be undefined · 81f75377
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=101438
      
      Reviewed by Oliver Hunt.
      
      This changes all non-bitop arithmetic to (a) statically expect that variables are
      defined prior to use in arithmetic and (b) not fall off into double paths just
      because a value may not be a number. This is accomplished with two new notions of
      speculation:
              
      shouldSpeculateIntegerExpectingDefined: Should we speculate that the value is an
      integer if we ignore undefined (i.e. SpecOther) predictions?
              
      shouldSpeculateIntegerForArithmetic: Should we speculate that the value is an
      integer if we ignore non-numeric predictions?
              
      This is a ~2x speed-up on programs that seem to our prediction propagator to have
      paths in which otherwise numeric variables are undefined.
      
      * bytecode/SpeculatedType.h:
      (JSC::isInt32SpeculationForArithmetic):
      (JSC):
      (JSC::isInt32SpeculationExpectingDefined):
      (JSC::isDoubleSpeculationForArithmetic):
      (JSC::isNumberSpeculationExpectingDefined):
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::execute):
      * dfg/DFGFixupPhase.cpp:
      (JSC::DFG::FixupPhase::fixupNode):
      * dfg/DFGGraph.h:
      (JSC::DFG::Graph::addShouldSpeculateInteger):
      (JSC::DFG::Graph::mulShouldSpeculateInteger):
      (JSC::DFG::Graph::negateShouldSpeculateInteger):
      (JSC::DFG::Graph::addImmediateShouldSpeculateInteger):
      (JSC::DFG::Graph::mulImmediateShouldSpeculateInteger):
      * dfg/DFGNode.h:
      (JSC::DFG::Node::shouldSpeculateIntegerForArithmetic):
      (Node):
      (JSC::DFG::Node::shouldSpeculateIntegerExpectingDefined):
      (JSC::DFG::Node::shouldSpeculateDoubleForArithmetic):
      (JSC::DFG::Node::shouldSpeculateNumberExpectingDefined):
      * dfg/DFGPredictionPropagationPhase.cpp:
      (JSC::DFG::PredictionPropagationPhase::propagate):
      (JSC::DFG::PredictionPropagationPhase::doRoundOfDoubleVoting):
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::compileAdd):
      (JSC::DFG::SpeculativeJIT::compileArithMod):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * jit/JITArithmetic.cpp:
      (JSC::JIT::emit_op_div):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133956 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      81f75377
    • commit-queue@webkit.org's avatar
      Coordinated Graphics: Remove an invisible TiledBackingStore of CoordinatedGraphicsLayer. · 5febb230
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=101424
      
      Patch by Huang Dongsung <luxtella@company100.net> on 2012-11-08
      Reviewed by Noam Rosenthal.
      
      Source/WebCore:
      
      This patch adds ASSERT to TextureMapperLayer while fixing this bug in
      WebKit2.
      
      * platform/graphics/texmap/TextureMapperLayer.cpp:
      (WebCore::TextureMapperLayer::paintSelf):
      
      Source/WebKit2:
      
      We must remove an invisible TiledBackingStore of CoordinatedGraphicsLayer.
      Currently, CoordinatedGraphicsLayer only removes a TiledBackingStore if
      !drawsContent() while TextureMapperLayer::updateBackingStore() removes a backing
      store if (!m_state.drawsContent || !m_state.contentsVisible || m_size.isEmpty()).
      CoordinatedGraphicsLayer must have the same behavior.
      
      In addition, this patch makes LayerTreeRenderer remove a backing store from
      GraphicsLayerTextureMapper when CoordinatedBackingStore does not have any tiles.
      
      Test: compositing/nested-direct-image-compositing.html
      
      * UIProcess/CoordinatedGraphics/CoordinatedBackingStore.cpp:
      (WebKit::CoordinatedBackingStore::removeTile):
      (WebKit::CoordinatedBackingStore::isEmpty):
      (WebKit):
      (WebKit::CoordinatedBackingStore::commitTileOperations):
      * UIProcess/CoordinatedGraphics/CoordinatedBackingStore.h:
      (CoordinatedBackingStore):
      * UIProcess/CoordinatedGraphics/LayerTreeRenderer.cpp:
      (WebKit::LayerTreeRenderer::removeBackingStoreIfNeeded):
      (WebKit):
      (WebKit::LayerTreeRenderer::removeTile):
      * UIProcess/CoordinatedGraphics/LayerTreeRenderer.h:
      (LayerTreeRenderer):
      * WebProcess/WebPage/CoordinatedGraphics/CoordinatedGraphicsLayer.cpp:
      (WebCore::CoordinatedGraphicsLayer::adjustContentsScale):
      
      LayoutTests:
      
      Coordinated Graphics had a bug when a compositing div has a compositing
      img with an absolute position property. This test is added to prevent from
      a regression.
      
      * compositing/nested-direct-image-compositing-expected.png: Added.
      * compositing/nested-direct-image-compositing-expected.txt: Added.
      * compositing/nested-direct-image-compositing.html: Added.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133955 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      5febb230
    • jsbell@chromium.org's avatar
      Unreviewed, rolling out r133945. · 6c2f4f5b
      jsbell@chromium.org authored
      http://trac.webkit.org/changeset/133945
      https://bugs.webkit.org/show_bug.cgi?id=101645
      
      Numerous layout and unit test failures (Requested by
      jsbell|gardener on #webkit).
      
      Patch by Sheriff Bot <webkit.review.bot@gmail.com> on 2012-11-08
      
      * bindings/scripts/CodeGeneratorV8.pm:
      (GenerateHeader):
      * bindings/scripts/test/V8/V8Float64Array.h:
      (WebCore::V8Float64Array::toNative):
      * bindings/scripts/test/V8/V8TestActiveDOMObject.h:
      (WebCore::V8TestActiveDOMObject::toNative):
      * bindings/scripts/test/V8/V8TestCustomNamedGetter.h:
      (WebCore::V8TestCustomNamedGetter::toNative):
      * bindings/scripts/test/V8/V8TestEventConstructor.h:
      (WebCore::V8TestEventConstructor::toNative):
      * bindings/scripts/test/V8/V8TestEventTarget.h:
      (WebCore::V8TestEventTarget::toNative):
      * bindings/scripts/test/V8/V8TestException.h:
      (WebCore::V8TestException::toNative):
      * bindings/scripts/test/V8/V8TestInterface.h:
      (WebCore::V8TestInterface::toNative):
      * bindings/scripts/test/V8/V8TestMediaQueryListListener.h:
      (WebCore::V8TestMediaQueryListListener::toNative):
      * bindings/scripts/test/V8/V8TestNamedConstructor.h:
      (WebCore::V8TestNamedConstructor::toNative):
      * bindings/scripts/test/V8/V8TestNode.h:
      (WebCore::V8TestNode::toNative):
      * bindings/scripts/test/V8/V8TestObj.h:
      (WebCore::V8TestObj::toNative):
      * bindings/scripts/test/V8/V8TestSerializedScriptValueInterface.h:
      (WebCore::V8TestSerializedScriptValueInterface::toNative):
      * bindings/v8/NPV8Object.cpp:
      (WebCore::v8ObjectToNPObject):
      (WebCore::npCreateV8ScriptObject):
      * bindings/v8/V8Collection.h:
      (WebCore::toNativeCollection):
      * bindings/v8/V8DOMWindowShell.cpp:
      (WebCore::setIsolatedWorldField):
      (WebCore::V8DOMWindowShell::enteredIsolatedWorldContext):
      * bindings/v8/V8DOMWrapper.cpp:
      (WebCore::V8DOMWrapper::isWrapperOfType):
      * bindings/v8/V8DOMWrapper.h:
      (WebCore::V8DOMWrapper::setDOMWrapper):
      (WebCore::V8DOMWrapper::clearDOMWrapper):
      * bindings/v8/WrapperTypeInfo.h:
      (WebCore::toNative):
      (WebCore::toWrapperTypeInfo):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133954 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      6c2f4f5b
    • fpizlo@apple.com's avatar
      JSC should infer when indexed storage contains only integers or doubles · 75c91a79
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=98606
      
      Reviewed by Oliver Hunt.
      
      Source/JavaScriptCore: 
      
      This adds two new indexing types: int32 and double. It also adds array allocation profiling,
      which allows array allocations to converge to allocating arrays using those types to which
      those arrays would have been converted.
              
      20% speed-up on navier-stokes. 40% speed-up on various Kraken DSP tests. Some slow-downs too,
      but a performance win overall on all benchmarks we track.
      
      * API/JSObjectRef.cpp:
      (JSObjectMakeArray):
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * assembler/AbstractMacroAssembler.h:
      (JumpList):
      (JSC::AbstractMacroAssembler::JumpList::JumpList):
      * assembler/MacroAssemblerX86Common.h:
      (JSC::MacroAssemblerX86Common::branchDouble):
      * assembler/X86Assembler.h:
      (JSC::X86Assembler::jnp):
      (X86Assembler):
      (JSC::X86Assembler::X86InstructionFormatter::emitRex):
      * bytecode/ArrayAllocationProfile.cpp: Added.
      (JSC):
      (JSC::ArrayAllocationProfile::updateIndexingType):
      * bytecode/ArrayAllocationProfile.h: Added.
      (JSC):
      (ArrayAllocationProfile):
      (JSC::ArrayAllocationProfile::ArrayAllocationProfile):
      (JSC::ArrayAllocationProfile::selectIndexingType):
      (JSC::ArrayAllocationProfile::updateLastAllocation):
      (JSC::ArrayAllocationProfile::selectIndexingTypeFor):
      (JSC::ArrayAllocationProfile::updateLastAllocationFor):
      * bytecode/ArrayProfile.cpp:
      (JSC::ArrayProfile::updatedObservedArrayModes):
      (JSC):
      * bytecode/ArrayProfile.h:
      (JSC):
      (JSC::arrayModesInclude):
      (JSC::shouldUseSlowPutArrayStorage):
      (JSC::shouldUseFastArrayStorage):
      (JSC::shouldUseContiguous):
      (JSC::shouldUseDouble):
      (JSC::shouldUseInt32):
      (ArrayProfile):
      * bytecode/ByValInfo.h:
      (JSC::isOptimizableIndexingType):
      (JSC::jitArrayModeForIndexingType):
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::dump):
      (JSC::CodeBlock::CodeBlock):
      (JSC::CodeBlock::updateAllPredictionsAndCountLiveness):
      (JSC):
      (JSC::CodeBlock::updateAllValueProfilePredictions):
      (JSC::CodeBlock::updateAllArrayPredictions):
      (JSC::CodeBlock::updateAllPredictions):
      (JSC::CodeBlock::shouldOptimizeNow):
      * bytecode/CodeBlock.h:
      (CodeBlock):
      (JSC::CodeBlock::numberOfArrayAllocationProfiles):
      (JSC::CodeBlock::addArrayAllocationProfile):
      (JSC::CodeBlock::updateAllValueProfilePredictions):
      (JSC::CodeBlock::updateAllArrayPredictions):
      * bytecode/DFGExitProfile.h:
      (JSC::DFG::exitKindToString):
      * bytecode/Instruction.h:
      (JSC):
      (JSC::Instruction::Instruction):
      * bytecode/Opcode.h:
      (JSC):
      (JSC::padOpcodeName):
      * bytecode/SpeculatedType.h:
      (JSC):
      (JSC::isRealNumberSpeculation):
      * bytecode/UnlinkedCodeBlock.cpp:
      (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock):
      * bytecode/UnlinkedCodeBlock.h:
      (JSC):
      (JSC::UnlinkedCodeBlock::addArrayAllocationProfile):
      (JSC::UnlinkedCodeBlock::numberOfArrayAllocationProfiles):
      (UnlinkedCodeBlock):
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::newArrayAllocationProfile):
      (JSC):
      (JSC::BytecodeGenerator::emitNewArray):
      (JSC::BytecodeGenerator::emitExpectedFunctionSnippet):
      * bytecompiler/BytecodeGenerator.h:
      (BytecodeGenerator):
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::execute):
      * dfg/DFGArrayMode.cpp:
      (JSC::DFG::ArrayMode::fromObserved):
      (JSC::DFG::ArrayMode::refine):
      (DFG):
      (JSC::DFG::ArrayMode::alreadyChecked):
      (JSC::DFG::arrayTypeToString):
      * dfg/DFGArrayMode.h:
      (JSC::DFG::ArrayMode::withType):
      (ArrayMode):
      (JSC::DFG::ArrayMode::withTypeAndConversion):
      (JSC::DFG::ArrayMode::usesButterfly):
      (JSC::DFG::ArrayMode::isSpecific):
      (JSC::DFG::ArrayMode::supportsLength):
      (JSC::DFG::ArrayMode::arrayModesThatPassFiltering):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::getArrayMode):
      (ByteCodeParser):
      (JSC::DFG::ByteCodeParser::handleIntrinsic):
      (JSC::DFG::ByteCodeParser::handleConstantInternalFunction):
      (JSC::DFG::ByteCodeParser::parseBlock):
      * dfg/DFGCCallHelpers.h:
      (JSC::DFG::CCallHelpers::setupArgumentsWithExecState):
      (CCallHelpers):
      * dfg/DFGCallArrayAllocatorSlowPathGenerator.h:
      (JSC::DFG::CallArrayAllocatorSlowPathGenerator::generateInternal):
      (JSC::DFG::CallArrayAllocatorWithVariableSizeSlowPathGenerator::generateInternal):
      * dfg/DFGFixupPhase.cpp:
      (JSC::DFG::FixupPhase::fixupNode):
      (JSC::DFG::FixupPhase::checkArray):
      * dfg/DFGGraph.cpp:
      (JSC::DFG::Graph::dump):
      * dfg/DFGGraph.h:
      (JSC::DFG::Graph::byValIsPure):
      * dfg/DFGNode.h:
      (NewArrayBufferData):
      (JSC::DFG::Node::hasIndexingType):
      (Node):
      (JSC::DFG::Node::indexingType):
      (JSC::DFG::Node::setIndexingType):
      * dfg/DFGOperations.cpp:
      * dfg/DFGOperations.h:
      * dfg/DFGPredictionPropagationPhase.cpp:
      (JSC::DFG::PredictionPropagationPhase::doRoundOfDoubleVoting):
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::emitAllocateJSArray):
      (JSC::DFG::SpeculativeJIT::jumpSlowForUnwantedArrayMode):
      (DFG):
      (JSC::DFG::SpeculativeJIT::checkArray):
      (JSC::DFG::SpeculativeJIT::arrayify):
      (JSC::DFG::SpeculativeJIT::compileDoublePutByVal):
      (JSC::DFG::SpeculativeJIT::compileGetArrayLength):
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::callOperation):
      (SpeculativeJIT):
      (SpeculateIntegerOperand):
      (JSC::DFG::SpeculateIntegerOperand::use):
      (SpeculateDoubleOperand):
      (JSC::DFG::SpeculateDoubleOperand::use):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (DFG):
      (JSC::DFG::SpeculativeJIT::compileContiguousPutByVal):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * jit/JIT.h:
      (JSC::JIT::emitInt32GetByVal):
      (JIT):
      (JSC::JIT::emitInt32PutByVal):
      (JSC::JIT::emitDoublePutByVal):
      (JSC::JIT::emitContiguousPutByVal):
      * jit/JITExceptions.cpp:
      (JSC::genericThrow):
      * jit/JITInlineMethods.h:
      (JSC::arrayProfileSaw):
      (JSC::JIT::chooseArrayMode):
      * jit/JITOpcodes.cpp:
      (JSC::JIT::emit_op_new_array):
      (JSC::JIT::emit_op_new_array_with_size):
      (JSC::JIT::emit_op_new_array_buffer):
      * jit/JITPropertyAccess.cpp:
      (JSC::JIT::emit_op_get_by_val):
      (JSC::JIT::emitDoubleGetByVal):
      (JSC):
      (JSC::JIT::emitContiguousGetByVal):
      (JSC::JIT::emit_op_put_by_val):
      (JSC::JIT::emitGenericContiguousPutByVal):
      (JSC::JIT::emitSlow_op_put_by_val):
      (JSC::JIT::privateCompileGetByVal):
      (JSC::JIT::privateCompilePutByVal):
      * jit/JITPropertyAccess32_64.cpp:
      (JSC::JIT::emit_op_get_by_val):
      (JSC::JIT::emitContiguousGetByVal):
      (JSC::JIT::emitDoubleGetByVal):
      (JSC):
      (JSC::JIT::emit_op_put_by_val):
      (JSC::JIT::emitGenericContiguousPutByVal):
      (JSC::JIT::emitSlow_op_put_by_val):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * jit/JITStubs.h:
      (JSC):
      * jsc.cpp:
      (GlobalObject::finishCreation):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::jitCompileAndSetHeuristics):
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      * llint/LowLevelInterpreter.asm:
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm:
      * offlineasm/x86.rb:
      * runtime/ArrayConstructor.cpp:
      (JSC::constructArrayWithSizeQuirk):
      * runtime/ArrayConstructor.h:
      (JSC):
      * runtime/ArrayPrototype.cpp:
      (JSC::arrayProtoFuncConcat):
      (JSC::arrayProtoFuncSlice):
      (JSC::arrayProtoFuncSplice):
      (JSC::arrayProtoFuncFilter):
      (JSC::arrayProtoFuncMap):
      * runtime/Butterfly.h:
      (JSC::Butterfly::contiguousInt32):
      (JSC::Butterfly::contiguousDouble):
      (JSC::Butterfly::fromContiguous):
      * runtime/ButterflyInlineMethods.h:
      (JSC::Butterfly::createUninitializedDuringCollection):
      * runtime/FunctionPrototype.cpp:
      (JSC::functionProtoFuncBind):
      * runtime/IndexingHeaderInlineMethods.h:
      (JSC::IndexingHeader::indexingPayloadSizeInBytes):
      * runtime/IndexingType.cpp:
      (JSC::leastUpperBoundOfIndexingTypes):
      (JSC):
      (JSC::leastUpperBoundOfIndexingTypeAndType):
      (JSC::leastUpperBoundOfIndexingTypeAndValue):
      (JSC::indexingTypeToString):
      * runtime/IndexingType.h:
      (JSC):
      (JSC::hasUndecided):
      (JSC::hasInt32):
      (JSC::hasDouble):
      * runtime/JSArray.cpp:
      (JSC::JSArray::setLength):
      (JSC::JSArray::pop):
      (JSC::JSArray::push):
      (JSC::JSArray::shiftCountWithAnyIndexingType):
      (JSC::JSArray::unshiftCountWithAnyIndexingType):
      (JSC::compareNumbersForQSortWithInt32):
      (JSC):
      (JSC::compareNumbersForQSortWithDouble):
      (JSC::JSArray::sortNumericVector):
      (JSC::JSArray::sortNumeric):
      (JSC::JSArray::sortCompactedVector):
      (JSC::JSArray::sort):
      (JSC::JSArray::sortVector):
      (JSC::JSArray::fillArgList):
      (JSC::JSArray::copyToArguments):
      (JSC::JSArray::compactForSorting):
      * runtime/JSArray.h:
      (JSArray):
      (JSC::createContiguousArrayButterfly):
      (JSC::JSArray::create):
      (JSC::JSArray::tryCreateUninitialized):
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::reset):
      (JSC):
      (JSC::JSGlobalObject::haveABadTime):
      (JSC::JSGlobalObject::visitChildren):
      * runtime/JSGlobalObject.h:
      (JSGlobalObject):
      (JSC::JSGlobalObject::originalArrayStructureForIndexingType):
      (JSC::JSGlobalObject::arrayStructureForIndexingTypeDuringAllocation):
      (JSC::JSGlobalObject::arrayStructureForProfileDuringAllocation):
      (JSC::JSGlobalObject::isOriginalArrayStructure):
      (JSC::constructEmptyArray):
      (JSC::constructArray):
      * runtime/JSObject.cpp:
      (JSC::JSObject::copyButterfly):
      (JSC::JSObject::getOwnPropertySlotByIndex):
      (JSC::JSObject::putByIndex):
      (JSC::JSObject::enterDictionaryIndexingMode):
      (JSC::JSObject::createInitialIndexedStorage):
      (JSC):
      (JSC::JSObject::createInitialUndecided):
      (JSC::JSObject::createInitialInt32):
      (JSC::JSObject::createInitialDouble):
      (JSC::JSObject::createInitialContiguous):
      (JSC::JSObject::convertUndecidedToInt32):
      (JSC::JSObject::convertUndecidedToDouble):
      (JSC::JSObject::convertUndecidedToContiguous):
      (JSC::JSObject::constructConvertedArrayStorageWithoutCopyingElements):
      (JSC::JSObject::convertUndecidedToArrayStorage):
      (JSC::JSObject::convertInt32ToDouble):
      (JSC::JSObject::convertInt32ToContiguous):
      (JSC::JSObject::convertInt32ToArrayStorage):
      (JSC::JSObject::convertDoubleToContiguous):
      (JSC::JSObject::convertDoubleToArrayStorage):
      (JSC::JSObject::convertContiguousToArrayStorage):
      (JSC::JSObject::convertUndecidedForValue):
      (JSC::JSObject::convertInt32ForValue):
      (JSC::JSObject::setIndexQuicklyToUndecided):
      (JSC::JSObject::convertInt32ToDoubleOrContiguousWhilePerformingSetIndex):
      (JSC::JSObject::convertDoubleToContiguousWhilePerformingSetIndex):
      (JSC::JSObject::ensureInt32Slow):
      (JSC::JSObject::ensureDoubleSlow):
      (JSC::JSObject::ensureContiguousSlow):
      (JSC::JSObject::ensureArrayStorageSlow):
      (JSC::JSObject::ensureArrayStorageExistsAndEnterDictionaryIndexingMode):
      (JSC::JSObject::switchToSlowPutArrayStorage):
      (JSC::JSObject::deletePropertyByIndex):
      (JSC::JSObject::getOwnPropertyNames):
      (JSC::JSObject::putByIndexBeyondVectorLengthWithoutAttributes):
      (JSC::JSObject::putByIndexBeyondVectorLength):
      (JSC::JSObject::putDirectIndexBeyondVectorLength):
      (JSC::JSObject::getNewVectorLength):
      (JSC::JSObject::countElements):
      (JSC::JSObject::ensureLengthSlow):
      (JSC::JSObject::getOwnPropertyDescriptor):
      * runtime/JSObject.h:
      (JSC::JSObject::getArrayLength):
      (JSC::JSObject::getVectorLength):
      (JSC::JSObject::canGetIndexQuickly):
      (JSC::JSObject::getIndexQuickly):
      (JSC::JSObject::tryGetIndexQuickly):
      (JSC::JSObject::canSetIndexQuickly):
      (JSC::JSObject::canSetIndexQuicklyForPutDirect):
      (JSC::JSObject::setIndexQuickly):
      (JSC::JSObject::initializeIndex):
      (JSC::JSObject::hasSparseMap):
      (JSC::JSObject::inSparseIndexingMode):
      (JSObject):
      (JSC::JSObject::ensureInt32):
      (JSC::JSObject::ensureDouble):
      (JSC::JSObject::ensureLength):
      (JSC::JSObject::indexingData):
      (JSC::JSObject::currentIndexingData):
      (JSC::JSObject::getHolyIndexQuickly):
      (JSC::JSObject::relevantLength):
      (JSC::JSObject::currentRelevantLength):
      * runtime/JSValue.cpp:
      (JSC::JSValue::description):
      * runtime/LiteralParser.cpp:
      (JSC::::parse):
      * runtime/ObjectConstructor.cpp:
      (JSC::objectConstructorGetOwnPropertyNames):
      (JSC::objectConstructorKeys):
      * runtime/StringPrototype.cpp:
      (JSC::stringProtoFuncMatch):
      (JSC::stringProtoFuncSplit):
      * runtime/Structure.cpp:
      (JSC::Structure::nonPropertyTransition):
      * runtime/StructureTransitionTable.h:
      (JSC::newIndexingType):
      
      Source/WebCore: 
      
      Just refactoring WebCore to pass 0 for the ArrayAllocationProfile*.
      
      * bindings/js/JSCanvasRenderingContext2DCustom.cpp:
      (WebCore::JSCanvasRenderingContext2D::webkitLineDash):
      * bindings/js/JSClipboardCustom.cpp:
      (WebCore::JSClipboard::types):
      * bindings/js/JSDOMBinding.cpp:
      (WebCore::jsArray):
      * bindings/js/JSDOMBinding.h:
      (WebCore::jsArray):
      * bindings/js/JSInjectedScriptHostCustom.cpp:
      (WebCore::getJSListenerFunctions):
      * bindings/js/JSJavaScriptCallFrameCustom.cpp:
      (WebCore::JSJavaScriptCallFrame::scopeChain):
      * bindings/js/JSMessageEventCustom.cpp:
      (WebCore::JSMessageEvent::ports):
      * bindings/js/JSMutationCallbackCustom.cpp:
      (WebCore::JSMutationCallback::handleEvent):
      * bindings/js/JSWebGLRenderingContextCustom.cpp:
      (WebCore::toJS):
      (WebCore::JSWebGLRenderingContext::getAttachedShaders):
      (WebCore::JSWebGLRenderingContext::getSupportedExtensions):
      * bindings/js/SerializedScriptValue.cpp:
      (WebCore::CloneDeserializer::deserialize):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133953 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      75c91a79
    • commit-queue@webkit.org's avatar
      [BlackBerry] Update BB10 date input form. · e00ad08c
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=101075
      
      Patch by Tiancheng Jiang <tijiang@rim.com> on 2012-11-08
      Reviewed by Rob Buis.
      
      RIM PR 234531
      Internally Reviewed by Mike Fenton.
      Change date input appearance to button and hide caret when click on them.
      
      Source/WebCore:
      
      * css/themeBlackBerry.css:
      (input[type="date"], input[type="datetime"], input[type="datetime-local"], input[type="time"], input[type="month"]):
      
      Source/WebKit/blackberry:
      
      * WebCoreSupport/DatePickerClient.cpp:
      (WebCore::DatePickerClient::setValueAndClosePopup):
      * WebKitSupport/InputHandler.cpp:
      (BlackBerry::WebKit::InputHandler::openDatePopup):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133952 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      e00ad08c
    • commit-queue@webkit.org's avatar
      [BlackBerry] Provide pixel coordinates to IMF relative to the screen · 4dba971d
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=101628
      
      Patch by Nima Ghanavatian <nghanavatian@rim.com> on 2012-11-08
      Reviewed by Rob Buis.
      
      Reviewed internally by Mike Fenton and Jakob Petsovits.
      
      We need to provide the correct pixel coordinates to IMF,
      accounting for webkit based fields in UIB as well as browser.
      Getting an offset value from the screen point to the document
      content point allows us to adjust for when the document,
      such as in UIB, does not start at 0,0.
      
      * Api/WebPageClient.h:
      * WebKitSupport/InputHandler.cpp:
      (BlackBerry::WebKit::InputHandler::requestSpellingCheckingOptions):
      * WebKitSupport/InputHandler.h:
      (InputHandler):
      * WebKitSupport/TouchEventHandler.cpp:
      (BlackBerry::WebKit::TouchEventHandler::handleTouchPoint):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133951 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      4dba971d
    • commit-queue@webkit.org's avatar
      ASSERT problem on MIPS · 5e8e8a3b
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=100589
      
      Patch by Balazs Kilvady <kilvadyb@homejinni.com> on 2012-11-08
      Reviewed by Oliver Hunt.
      
      ASSERT fix for MIPS arch.
      
      * jit/JITOpcodes.cpp:
      (JSC::JIT::emit_resolve_operations):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133950 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      5e8e8a3b
    • yael@webkit.org's avatar
      Unreviewed. Some more gardening after r133898. · 03501939
      yael@webkit.org authored
      * platform/efl/TestExpectations:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133948 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      03501939
    • abarth@webkit.org's avatar
      [V8] Update callers to use the aligned pointer API rather than the deprecated unaligned pointer API · 67375a3d
      abarth@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=101519
      
      Reviewed by Ojan Vafai.
      
      There should be no change in behavior.  The new API is slightly faster
      than the old API (and apparently works correctly internally in V8).
      
      * bindings/scripts/CodeGeneratorV8.pm:
      (GenerateHeader):
      * bindings/scripts/test/V8/V8Float64Array.h:
      (WebCore::V8Float64Array::toNative):
      * bindings/scripts/test/V8/V8TestActiveDOMObject.h:
      (WebCore::V8TestActiveDOMObject::toNative):
      * bindings/scripts/test/V8/V8TestCustomNamedGetter.h:
      (WebCore::V8TestCustomNamedGetter::toNative):
      * bindings/scripts/test/V8/V8TestEventConstructor.h:
      (WebCore::V8TestEventConstructor::toNative):
      * bindings/scripts/test/V8/V8TestEventTarget.h:
      (WebCore::V8TestEventTarget::toNative):
      * bindings/scripts/test/V8/V8TestException.h:
      (WebCore::V8TestException::toNative):
      * bindings/scripts/test/V8/V8TestInterface.h:
      (WebCore::V8TestInterface::toNative):
      * bindings/scripts/test/V8/V8TestMediaQueryListListener.h:
      (WebCore::V8TestMediaQueryListListener::toNative):
      * bindings/scripts/test/V8/V8TestNamedConstructor.h:
      (WebCore::V8TestNamedConstructor::toNative):
      * bindings/scripts/test/V8/V8TestNode.h:
      (WebCore::V8TestNode::toNative):
      * bindings/scripts/test/V8/V8TestObj.h:
      (WebCore::V8TestObj::toNative):
      * bindings/scripts/test/V8/V8TestSerializedScriptValueInterface.h:
      (WebCore::V8TestSerializedScriptValueInterface::toNative):
      * bindings/v8/NPV8Object.cpp:
      (WebCore::v8ObjectToNPObject):
      (WebCore::npCreateV8ScriptObject):
      * bindings/v8/V8Collection.h:
      (WebCore::toNativeCollection):
      * bindings/v8/V8DOMWindowShell.cpp:
      (WebCore::setIsolatedWorldField):
      (WebCore::V8DOMWindowShell::enteredIsolatedWorldContext):
      * bindings/v8/V8DOMWrapper.cpp:
      (WebCore::V8DOMWrapper::isWrapperOfType):
      * bindings/v8/V8DOMWrapper.h:
      (WebCore::V8DOMWrapper::setDOMWrapper):
      (WebCore::V8DOMWrapper::clearDOMWrapper):
      * bindings/v8/WrapperTypeInfo.h:
      (WebCore::toNative):
      (WebCore::toWrapperTypeInfo):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133945 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      67375a3d
    • arv@chromium.org's avatar
      setAttributeNode and friends should not have optional argument · 44541ca0
      arv@chromium.org authored
      https://bugs.webkit.org/show_bug.cgi?id=101631
      
      Reviewed by Ojan Vafai.
      
      Source/WebCore:
      
      http://www.w3.org/TR/DOM-Level-3-Core/core.html#ID-887236154
      
      Fix getAttributeNode, getAttributeNodeNS and removeAttributeNode to make the Attr
      argument mandatory.
      
      These used to throw DOMExceptions when an invalid type was passed instead of
      TypeError which is also a spec violation.
      
      Updated existing tests.
      
      * bindings/scripts/CodeGeneratorV8.pm:
      * dom/Element.cpp:
      * dom/Element.idl:
      
      LayoutTests:
      
      Fix getAttributeNode, getAttributeNodeNS and removeAttributeNode to make the Attr
      argument mandatory.
      
      These used to throw DOMExceptions when an invalid type was passed instead of
      TypeError which is also a spec violation.
      
      * fast/dom/Element/attr-param-typechecking-expected.txt:
      * fast/dom/Element/script-tests/attr-param-typechecking.js:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133944 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      44541ca0
    • commit-queue@webkit.org's avatar
      [Chromium] DumpRenderTree fix for canvas in software compositing · cbb5a100
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=101509
      
      Patch by Slavomir Kaslev <skaslev@google.com> on 2012-11-08
      Reviewed by Adrienne Walker.
      
      Don't use accelerated canvas 2d when in software compositing mode.
      
      * DumpRenderTree/chromium/TestShell.cpp:
      (TestShell::runFileTest):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133941 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      cbb5a100
    • jsbell@chromium.org's avatar
      Source/WebCore: IndexedDB: Remove unused error handling clauses when writing to transaction · a50f8353
      jsbell@chromium.org authored
      https://bugs.webkit.org/show_bug.cgi?id=100700
      
      Reviewed by Tony Chang.
      
      Transactions are written into in-memory data structures. This can only fail if allocation
      fails, so "success" results are always returned. Change the return types to void, and delete
      all of the unreachable error handling code.
      
      No new tests - just refactoring/dead code removal.
      
      * Modules/indexeddb/IDBLevelDBBackingStore.cpp:
      (WebCore::putBool): Only write to transactions.
      (WebCore):
      (WebCore::putInt): Ditto.
      (WebCore::putVarInt): Ditto.
      (WebCore::putString): Ditto.
      (WebCore::putIDBKeyPath): Ditto.
      (WebCore::IDBLevelDBBackingStore::updateIDBDatabaseIntVersion):
      (WebCore::IDBLevelDBBackingStore::updateIDBDatabaseMetaData):
      (WebCore::deleteRange): Writes only to transaction, so can't fail.
      (WebCore::setMaxObjectStoreId):
      (WebCore::IDBLevelDBBackingStore::createObjectStore):
      (WebCore::getNewVersionNumber):
      (WebCore::IDBLevelDBBackingStore::putObjectStoreRecord):
      (WebCore::IDBLevelDBBackingStore::maybeUpdateKeyGeneratorCurrentNumber):
      (WebCore::setMaxIndexId):
      (WebCore::IDBLevelDBBackingStore::createIndex):
      (WebCore::IDBLevelDBBackingStore::putIndexDataForRecord):
      * platform/leveldb/LevelDBTransaction.cpp:
      (WebCore::LevelDBTransaction::set): Return type is void.
      (WebCore::LevelDBTransaction::put): Ditto.
      (WebCore::LevelDBTransaction::remove): Ditto.
      * platform/leveldb/LevelDBTransaction.h:
      (LevelDBTransaction):
      
      LayoutTests: [Chromium] Unreviewed gardening.
      
      
      * platform/chromium/TestExpectations:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133940 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      a50f8353
    • rniwa@webkit.org's avatar
      On Chromium, click-after-nested-block.html, focus_editable_html.html, and autoscroll.html · 9e31f269
      rniwa@webkit.org authored
      hit assertion added in r133840
      https://bugs.webkit.org/show_bug.cgi?id=101576
      
      Reviewed by Abhishek Arya.
      
      Update layout before invalidating caret rect as needed.
      Existing tests cover this.
      
      * editing/FrameSelection.cpp:
      (WebCore::FrameSelection::setCaretVisibility): Merged clearCaretRectIfNeeded.
      * editing/FrameSelection.h:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133939 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      9e31f269
    • abarth@webkit.org's avatar
      Unreviewed. · f387efc4
      abarth@webkit.org authored
      Roll Chromium DEPS: 166678 => 166755
      
      * DEPS:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133938 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      f387efc4
    • eae@chromium.org's avatar
      Unreviewed chromium rebaselines. · 579c90c4
      eae@chromium.org authored
      * platform/chromium-linux-x86/fast/css/text-overflow-ellipsis-text-align-center-expected.txt:
      * platform/chromium-linux-x86/fast/css/vertical-text-overflow-ellipsis-text-align-center-expected.txt:
      * platform/chromium-mac-lion/fast/css/text-overflow-ellipsis-bidi-expected.png: Added.
      * platform/chromium-mac-lion/fast/css/text-overflow-ellipsis-expected.png: Added.
      * platform/chromium-mac-lion/fast/css/text-overflow-ellipsis-strict-expected.png: Added.
      * platform/chromium-mac-lion/fast/css/text-overflow-input-expected.png: Added.
      * platform/chromium-mac-lion/fast/css/vertical-text-overflow-ellipsis-text-align-center-expected.png: Added.
      * platform/chromium-mac-lion/fast/forms/basic-textareas-quirks-expected.png: Added.
      * platform/chromium-mac-lion/fast/forms/input-disabled-color-expected.png: Added.
      * platform/chromium-mac-lion/fast/forms/input-readonly-dimmed-expected.png: Added.
      * platform/chromium-mac-lion/fast/forms/input-text-scroll-left-on-blur-expected.png: Added.
      * platform/chromium-mac-lion/fast/forms/search-rtl-expected.png: Added.
      * platform/chromium-mac-lion/fast/multicol/span/anonymous-split-block-crash-expected.png: Added.
      * platform/chromium-mac-lion/fast/multicol/span/clone-anonymous-block-non-inline-child-crash-expected.png: Added.
      * platform/chromium-mac-lion/fast/replaced/width100percent-textarea-expected.png: Added.
      * platform/chromium-mac/fast/css/text-overflow-ellipsis-text-align-center-expected.png:
      * platform/chromium-win-xp/fast/css/text-overflow-ellipsis-text-align-center-expected.txt:
      * platform/chromium-win-xp/fast/css/vertical-text-overflow-ellipsis-text-align-center-expected.txt:
      * platform/chromium-win/fast/css/text-overflow-ellipsis-text-align-center-expected.txt:
      * platform/chromium-win/fast/css/vertical-text-overflow-ellipsis-text-align-center-expected.txt:
      * platform/efl-wk1/fast/css: Added.
      * platform/efl-wk1/fast/css/text-overflow-ellipsis-bidi-expected.png: Added.
      * platform/efl-wk1/fast/css/text-overflow-ellipsis-expected.png: Added.
      * platform/efl-wk1/fast/css/text-overflow-ellipsis-strict-expected.png: Added.
      * platform/efl-wk1/fast/css/text-overflow-ellipsis-text-align-center-expected.png: Added.
      * platform/efl-wk1/fast/css/text-overflow-input-expected.png: Added.
      * platform/efl-wk1/fast/css/text-overflow-input-expected.txt: Added.
      * platform/efl-wk1/fast/css/vertical-text-overflow-ellipsis-text-align-center-expected.png: Added.
      * platform/efl/fast/css/text-overflow-ellipsis-bidi-expected.png: Removed.
      * platform/efl/fast/css/text-overflow-ellipsis-expected.png: Removed.
      * platform/efl/fast/css/text-overflow-ellipsis-strict-expected.png: Removed.
      * platform/efl/fast/css/text-overflow-ellipsis-text-align-center-expected.png: Removed.
      * platform/efl/fast/css/text-overflow-input-expected.png: Removed.
      * platform/efl/fast/css/text-overflow-input-expected.txt: Removed.
      * platform/efl/fast/css/vertical-text-overflow-ellipsis-text-align-center-expected.png: Removed.
      * platform/efl/fast/forms/basic-textareas-quirks-expected.png: Removed.
      * platform/efl/fast/forms/basic-textareas-quirks-expected.txt: Removed.
      * platform/efl/fast/forms/input-disabled-color-expected.png: Removed.
      * platform/efl/fast/forms/input-disabled-color-expected.txt: Removed.
      * platform/efl/fast/forms/input-readonly-dimmed-expected.png: Removed.
      * platform/efl/fast/forms/input-readonly-dimmed-expected.txt: Removed.
      * platform/efl/fast/forms/input-text-scroll-left-on-blur-expected.png: Removed.
      * platform/efl/fast/forms/input-text-scroll-left-on-blur-expected.txt: Removed.
      * platform/efl/fast/multicol/span/anonymous-split-block-crash-expected.png: Removed.
      * platform/efl/fast/multicol/span/clone-anonymous-block-non-inline-child-crash-expected.png: Removed.
      * platform/efl/fast/replaced/width100percent-textarea-expected.png: Removed.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133936 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      579c90c4
    • timothy_horton@apple.com's avatar
      [WK2] Print preview should vend images to the UIProcess instead of PDFs · 0ee64d53
      timothy_horton@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=101382
      <rdar://problem/9866766>
      
      Reviewed by Alexey Proskuryakov.
      
      In the interests of keeping PDF processing inside the WebProcess, we should
      remove print preview's reliance on PDFs, by handing bitmaps back instead.
      
      * Shared/ShareableBitmap.cpp:
      (WebKit::ShareableBitmap::create): Add an optional SharedMemory::Protection argument, so we can make
      ShareableBitmaps from read-only handles if desired. Defaults to read-write as previously.
      (WebKit::ShareableBitmap::createHandle): Add an optional SharedMemory::Protection argument, so we can make
      read-only handles if desired. Defaults to read-write as previously.
      * Shared/ShareableBitmap.h:
      * UIProcess/API/mac/WKPrintingView.h:
      (WebImage): Store WebImages instead of raw PDF data for previews.
      * UIProcess/API/mac/WKPrintingView.mm:
      (pageDidDrawToImage): Add a callback for when a preview we've requested is done rendering into an image.
      Cache the image in _pagePreviews if appropriate.
      (pageDidDrawToPDF): Do not handle PDF data unless we are expecting a real print callback (not a preview).
      (-[WKPrintingView _drawPreview:]): Request an image instead of PDF data when doing a print preview.
      * UIProcess/GenericCallback.h:
      (ImageCallback): Add a callback type with one argument: a ShareableBitmap::Handle.
      I can't use the GenericCallback template because ShareableBitmap::Handle doesn't have a corresponding WK type.
      * UIProcess/WebPageProxy.cpp:
      (WebKit::WebPageProxy::close): Add support for ImageCallback.
      (WebKit::WebPageProxy::imageCallback): Add support for ImageCallback.
      (WebKit::WebPageProxy::drawRectToImage): Rename drawRectToPDF to drawRectToImage.
      * UIProcess/WebPageProxy.h:
      (WebPageProxy): Rename drawRectToPDF to drawRectToImage, add support for ImageCallback.
      * UIProcess/WebPageProxy.messages.in: Add support for ImageCallback.
      * WebProcess/WebPage/WebPage.cpp:
      (WebKit::WebPage::drawRectToImage): Rename drawRectToPDF to drawRectToImage.
      Make drawRectToImage create a bitmap snapshot of the page (using the normal snapshotting code),
      or, if the page is backed by a *PDFPlugin, draw the PDF document into a bitmap and use that.
      * WebProcess/WebPage/WebPage.h:
      (WebPage): Rename drawRectToPDF to drawRectToImage.
      * WebProcess/WebPage/WebPage.messages.in: Rename drawRectToPDF to drawRectToImage.
      * WebProcess/WebPage/mac/WebPageMac.mm:
      (WebKit::WebPage::drawPDFDocument): Rename drawRectToPDFFromPDFDocument to drawPDFDocument,
      because it's more like drawImage than anything else.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133935 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      0ee64d53
    • tony@chromium.org's avatar
      Layout test editing/pasteboard/file-drag-to-editable.html flaky · 9584af13
      tony@chromium.org authored
      https://bugs.webkit.org/show_bug.cgi?id=101092
      
      Reviewed by Ryosuke Niwa.
      
      Fix a flaky test.  The problem was that we were confusing the test harness by
      trying to do a navigation before the initial load finished (the notifyDone()
      call did nothing because waitUntilDone() was missing).  Depending on the state
      of the frame loader when the test run, there was a race in whether or not we
      would dump the results before or after completing the script execution.
      
      Fix this by restructuring the test to run during onload and by calling notifyDone()
      after the file load attempt failed.
      
      * editing/pasteboard/file-drag-to-editable-expected.txt:
      * editing/pasteboard/script-tests/file-drag-to-editable.js:
      (runTest.window.onbeforeunload): Simplify and don't run nofityDone yet.
      (runTest): Run test during onload event.
      * platform/chromium/TestExpectations: Remove flaky marker.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133934 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      9584af13
    • commit-queue@webkit.org's avatar
      Skip frame owner disconnect when there's no frames · d023e69d
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=101619
      
      Patch by Elliott Sprehn <esprehn@chromium.org> on 2012-11-08
      Reviewed by Ojan Vafai.
      
      Even when there's no subframes in the document we traverse down every
      subtree on Node removal looking for frames to disconnect. This patch
      checks document()->frame()->tree()->firstChild() to skip this traversal
      if there's no subframes.
      
      No new tests, this just short circuits code for speed.
      
      * dom/ContainerNodeAlgorithms.h:
      (WebCore::ChildFrameDisconnector::ChildFrameDisconnector):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133933 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d023e69d
    • arv@chromium.org's avatar
      Wrong error type is thrown for type errors in callbacks · 0feef16f
      arv@chromium.org authored
      https://bugs.webkit.org/show_bug.cgi?id=101502
      
      Reviewed by Adam Barth.
      
      We should be throwing a TypeError and not a DOMException with code TYPE_MISMATCH_ERR.
      
      http://www.w3.org/TR/WebIDL/#es-callback-function
      
      Source/WebCore:
      
      Updated existing tests.
      
      * bindings/scripts/CodeGeneratorJS.pm:
      * bindings/scripts/CodeGeneratorV8.pm:
      * bindings/scripts/test/JS/JSTestObj.cpp:
      * bindings/scripts/test/V8/V8TestObj.cpp:
      
      LayoutTests:
      
      * fast/mediastream/argument-types-expected.txt:
      * fast/mediastream/peerconnection-argument-types-expected.txt:
      * fast/mediastream/script-tests/argument-types.js:
      * fast/mediastream/script-tests/peerconnection-argument-types.js:
      * fast/workers/storage/open-database-inputs-sync-expected.txt:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133932 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      0feef16f
    • commit-queue@webkit.org's avatar
      Unreviewed. Rolled DEPS. · da77477d
      commit-queue@webkit.org authored
      Patch by Sheriff Bot <webkit.review.bot@gmail.com> on 2012-11-08
      
      * DEPS:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133931 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      da77477d
    • yael@webkit.org's avatar
      Unreviewed. Even more gardening after r133898. · db940d25
      yael@webkit.org authored
      * platform/efl/TestExpectations:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133930 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      db940d25
    • andersca@apple.com's avatar
      Roll WebKitSystemInterface DEPS. · e92fb78f
      andersca@apple.com authored
      Rubber-stamped by Andreas Kling.
      
      * libWebKitSystemInterfaceLion.a:
      * libWebKitSystemInterfaceMountainLion.a:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133929 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      e92fb78f
    • jpetsovits@rim.com's avatar
      [BlackBerry] Janitor: Remove unused m_isValid bool · b45a668f
      jpetsovits@rim.com authored
      https://bugs.webkit.org/show_bug.cgi?id=101610
      
      Reviewed by Rob Buis.
      
      It's not used anywhere, but as we have a constructor
      that creates an invalid TileIndex, let's add another
      method to check validity - now a correct check.
      
      On top of that, make the stylebot happy by reducing
      "unsigned int" to just "unsigned".
      
      * WebKitSupport/TileIndex.h:
      (BlackBerry::WebKit::TileIndex::TileIndex):
      (BlackBerry::WebKit::TileIndex::i):
      (BlackBerry::WebKit::TileIndex::j):
      (BlackBerry::WebKit::TileIndex::setIndex):
      (BlackBerry::WebKit::TileIndex::isValid):
      (TileIndex):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133928 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      b45a668f
    • commit-queue@webkit.org's avatar
      Introduce WebScreenInfo.deviceScaleFactor · 373e748b
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=101613
      
      Patch by Sami Kyostila <skyostil@chromium.org> on 2012-11-08
      Reviewed by Adam Barth.
      
      Introduce the WebScreenInfo.deviceScaleFactor property, which specifies the
      ratio between physical and logical pixels. This is the first step in replacing
      horizontalDPI/verticalDPI in favor of the deviceScaleFactor.
      
      For now, this value is only initialized on Mac, because the other ports that
      use it initialize the value in Chromium, whereas Windows and X11 default to a
      factor of 1. The value on Mac is truncated to an integer to match the
      expectation in Chromium's RenderWidget.
      
      Source/Platform:
      
      * chromium/public/WebScreenInfo.h:
      (WebScreenInfo):
      (WebKit::WebScreenInfo::WebScreenInfo):
      
      Source/WebKit/chromium:
      
      * src/mac/WebScreenInfoFactory.mm:
      (WebKit::WebScreenInfoFactory::screenInfo):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133927 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      373e748b
    • kling@webkit.org's avatar
      4.68MB below RenderStyle::filter() on Membuster3. · 032b9781
      kling@webkit.org authored
      <http://webkit.org/b/101624>
      <rdar://problem/12663822>
      
      Reviewed by Darin Adler.
      
      Rename the non-const RenderStyle::filter() to mutableFilter() since using it causes us to detach
      from the rare non-inherited data (copy-on-write.)
      Most call sites were calling filter() on a RenderStyle* which was causing the bloat.
      
      4.68MB progression on Membuster3.
      
      * css/StyleResolver.cpp:
      (WebCore::StyleResolver::loadPendingSVGDocuments):
      (WebCore::StyleResolver::loadPendingShaders):
      * rendering/style/RenderStyle.h:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133926 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      032b9781