1. 06 Mar, 2012 2 commits
    • barraclough@apple.com's avatar
      putByIndex should throw in strict mode · b1db28d8
      barraclough@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=80335
      
      Reviewed by Filip Pizlo.
      
      Make the MethodTable PutByIndex trap take a boolean 'shouldThrow' parameter.
      
      Source/JavaScriptCore: 
      
      This is a largely mechanical change, simply adding an extra parameter to a number
      of functions. Some call sites need perform additional exception checks, and
      operationPutByValBeyondArrayBounds needs to know whether it is strict or not.
      
      This patch doesn't fix a missing throw from some cases of shift/unshift (this is
      an existing bug), I'll follow up with a third patch to handle that.
      
      * API/JSObjectRef.cpp:
      (JSObjectSetPropertyAtIndex):
      * JSCTypedArrayStubs.h:
      (JSC):
      * dfg/DFGOperations.cpp:
      (JSC::DFG::putByVal):
      * dfg/DFGOperations.h:
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::privateExecute):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * jsc.cpp:
      (GlobalObject::finishCreation):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      * runtime/Arguments.cpp:
      (JSC::Arguments::putByIndex):
      * runtime/Arguments.h:
      (Arguments):
      * runtime/ArrayPrototype.cpp:
      (JSC::arrayProtoFuncPush):
      (JSC::arrayProtoFuncReverse):
      (JSC::arrayProtoFuncShift):
      (JSC::arrayProtoFuncSort):
      (JSC::arrayProtoFuncSplice):
      (JSC::arrayProtoFuncUnShift):
      * runtime/ClassInfo.h:
      (MethodTable):
      * runtime/JSArray.cpp:
      (JSC::SparseArrayValueMap::put):
      (JSC::JSArray::put):
      (JSC::JSArray::putByIndex):
      (JSC::JSArray::putByIndexBeyondVectorLength):
      (JSC::JSArray::push):
      (JSC::JSArray::shiftCount):
      (JSC::JSArray::unshiftCount):
      * runtime/JSArray.h:
      (SparseArrayValueMap):
      (JSArray):
      * runtime/JSByteArray.cpp:
      (JSC::JSByteArray::putByIndex):
      * runtime/JSByteArray.h:
      (JSByteArray):
      * runtime/JSCell.cpp:
      (JSC::JSCell::putByIndex):
      * runtime/JSCell.h:
      (JSCell):
      * runtime/JSNotAnObject.cpp:
      (JSC::JSNotAnObject::putByIndex):
      * runtime/JSNotAnObject.h:
      (JSNotAnObject):
      * runtime/JSONObject.cpp:
      (JSC::Walker::walk):
      * runtime/JSObject.cpp:
      (JSC::JSObject::putByIndex):
      * runtime/JSObject.h:
      (JSC::JSValue::putByIndex):
      * runtime/RegExpConstructor.cpp:
      (JSC::RegExpMatchesArray::fillArrayInstance):
      * runtime/RegExpMatchesArray.h:
      (JSC::RegExpMatchesArray::putByIndex):
      * runtime/StringPrototype.cpp:
      (JSC::stringProtoFuncSplit):
      
      Source/WebCore: 
      
      * bindings/js/SerializedScriptValue.cpp:
      (WebCore::CloneDeserializer::putProperty):
      * bindings/objc/WebScriptObject.mm:
      (-[WebScriptObject setWebScriptValueAtIndex:value:]):
      * bindings/scripts/CodeGeneratorJS.pm:
      (GenerateHeader):
      (GenerateImplementation):
      * bridge/NP_jsobject.cpp:
      (_NPN_SetProperty):
      * bridge/jni/jni_jsobject.mm:
      (JavaJSObject::setSlot):
      * bridge/runtime_array.cpp:
      (JSC::RuntimeArray::putByIndex):
      * bridge/runtime_array.h:
      (RuntimeArray):
      
      Source/WebKit/mac: 
      
      * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
      (WebKit::NetscapePluginInstanceProxy::setProperty):
      
      Source/WebKit2: 
      
      * WebProcess/Plugins/Netscape/NPJSObject.cpp:
      (WebKit::NPJSObject::setProperty):
      
      LayoutTests: 
      
      * fast/js/Object-defineProperty-expected.txt:
      * fast/js/mozilla/strict/15.4.4.12-expected.txt:
      * fast/js/mozilla/strict/15.4.4.13-expected.txt:
      * fast/js/mozilla/strict/15.4.4.8-expected.txt:
      * fast/js/mozilla/strict/15.4.4.9-expected.txt:
      * fast/js/mozilla/strict/15.5.5.2-expected.txt:
      * fast/js/mozilla/strict/8.12.5-expected.txt:
      * fast/js/preventExtensions-expected.txt:
      * fast/js/primitive-property-access-edge-cases-expected.txt:
          - Checking in passing test results.
      * fast/js/script-tests/Object-defineProperty.js:
          - Added test cases for putting to numeric properties where property is read-only,
            length is read-only, or property is accessor with missing set function.
      * fast/js/script-tests/preventExtensions.js:
          - Added test case, putting numeric property to non-extensible array.
      * fast/js/script-tests/primitive-property-access-edge-cases.js:
          - Enabled test cases for putting numeric properties to primitive strings.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109866 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      b1db28d8
    • yuqiang.xian@intel.com's avatar
      PredictNone is incorrectly treated as isDoublePrediction · ca4ea14f
      yuqiang.xian@intel.com authored
      https://bugs.webkit.org/show_bug.cgi?id=80365
      
      Reviewed by Filip Pizlo.
      
      Also it is incorrectly treated as isFixedIndexedStorageObjectPrediction.
      
      * bytecode/PredictedType.h:
      (JSC::isFixedIndexedStorageObjectPrediction):
      (JSC::isDoublePrediction):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109865 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      ca4ea14f
  2. 05 Mar, 2012 38 commits
    • shinyak@chromium.org's avatar
      InsertionPoint::attach should be consistent with Element. · 61359f38
      shinyak@chromium.org authored
      https://bugs.webkit.org/show_bug.cgi?id=80373
      
      Reviewed by Hajime Morita.
      
      This patch is preparation for coming <shadow> patches.
      
      InsertionPoint used to attach fallback elements before attaching distributed elements.
      To be consistent with Element::attach behavior, attaching distributed elements first is
      natural, because Element attaches a shadow tree first.
      
      Also, this patch extracts a few methods form InsretionPoint::attach() and detach()
      to keep code clean. They will become messy without this refactoring when adding
      <shadow> patch.
      
      No new tests. Should be covered by existing tests.
      
      * html/shadow/InsertionPoint.cpp:
      (WebCore::InsertionPoint::attach):
      (WebCore::InsertionPoint::detach):
      (WebCore::InsertionPoint::distributeHostChildren):
      (WebCore):
      (WebCore::InsertionPoint::clearDistribution):
      (WebCore::InsertionPoint::attachDistributedNode):
      * html/shadow/InsertionPoint.h:
      (InsertionPoint):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109864 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      61359f38
    • fpizlo@apple.com's avatar
      The LLInt should work even when the JIT is disabled · e6e29a6f
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=80340
      <rdar://problem/10922235>
      
      Reviewed by Gavin Barraclough.
      
      * assembler/MacroAssemblerCodeRef.h:
      (JSC::MacroAssemblerCodePtr::createLLIntCodePtr):
      (MacroAssemblerCodeRef):
      (JSC::MacroAssemblerCodeRef::createLLIntCodeRef):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::initialize):
      (JSC::Interpreter::execute):
      (JSC::Interpreter::executeCall):
      (JSC::Interpreter::executeConstruct):
      * jit/JIT.h:
      (JSC::JIT::compileCTINativeCall):
      * jit/JITStubs.h:
      (JSC::JITThunks::ctiNativeCall):
      (JSC::JITThunks::ctiNativeConstruct):
      * llint/LLIntEntrypoints.cpp:
      (JSC::LLInt::getFunctionEntrypoint):
      (JSC::LLInt::getEvalEntrypoint):
      (JSC::LLInt::getProgramEntrypoint):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      (LLInt):
      * llint/LLIntSlowPaths.h:
      (LLInt):
      * llint/LowLevelInterpreter.h:
      * llint/LowLevelInterpreter32_64.asm:
      * runtime/Executable.h:
      (NativeExecutable):
      (JSC::NativeExecutable::create):
      (JSC::NativeExecutable::finishCreation):
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData):
      * runtime/JSGlobalData.h:
      (JSGlobalData):
      * runtime/Options.cpp:
      (Options):
      (JSC::Options::parse):
      (JSC::Options::initializeOptions):
      * runtime/Options.h:
      (Options):
      * wtf/Platform.h:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109863 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      e6e29a6f
    • ossy@webkit.org's avatar
      Unreviewed, rolling out r109733. · c2fa8a9b
      ossy@webkit.org authored
      http://trac.webkit.org/changeset/109733
      https://bugs.webkit.org/show_bug.cgi?id=80378
      
      It broke Qt5 build system (Requested by Ossy on #webkit).
      
      Patch by Sheriff Bot <webkit.review.bot@gmail.com> on 2012-03-05
      
      * Tools.pro:
      * qmake/config.tests/gccdepends/empty.cpp: Removed.
      * qmake/config.tests/gccdepends/gccdepends.pro: Removed.
      * qmake/mkspecs/features/default_pre.prf:
      * qmake/mkspecs/features/features.prf:
      * qmake/mkspecs/features/unix/default_pre.prf:
      * qmake/sync.profile:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109862 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      c2fa8a9b
    • abarth@webkit.org's avatar
      Attempt to fix a number of GTK tests. · 9ddb9a80
      abarth@webkit.org authored
      * GNUmakefile.list.am:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109861 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      9ddb9a80
    • joepeck@webkit.org's avatar
      Unreviewed rollout of r109858 for restructuring. · bfb9f5a5
      joepeck@webkit.org authored
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109860 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      bfb9f5a5
    • yuqiang.xian@intel.com's avatar
      Checks for dead variables are not sufficient when fixing the expected · d7f59e20
      yuqiang.xian@intel.com authored
      values in DFG OSR entry
      https://bugs.webkit.org/show_bug.cgi?id=80371
      
      Reviewed by Filip Pizlo.
      
      A dead variable should be identified when there's no node referencing it.
      But we currently failed to catch the case where there are some nodes
      referencing a variable but those nodes are actually not referenced by
      others so will be ignored in code generation. In such case we should
      also consider that variable to be a dead variable in the block and fix
      the expected values.
      This is performance neutral on SunSpider, V8 and Kraken.
      
      * dfg/DFGJITCompiler.h:
      (JSC::DFG::JITCompiler::noticeOSREntry):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109859 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d7f59e20
    • joepeck@webkit.org's avatar
      <http://webkit.org/b/78575> Web Inspector: Hide dock button when not allowed to dock · 8a541ea1
      joepeck@webkit.org authored
      Source/WebCore:
      
      There are times when an undocked inspector frontend is not allowed to
      attach to the main window. We can remove the dock button in those cases.
      
      Reviewed by Timothy Hatcher.
      
      No new tests. This functionality is port specific right now.
      
      * page/FrameView.cpp:
      (WebCore::FrameView::performPostLayoutTasks):
      When the main frame is resized we let the inspector frontend client
      update its docked availability.
      
      * WebCore.exp.in:
      * inspector/InspectorInstrumentation.h:
      * inspector/InspectorInstrumentation.cpp:
      (WebCore::InspectorInstrumentation::didResizeMainFrameImpl):
      (WebCore::InspectorInstrumentation::didResizeMainFrame):
      * inspector/InspectorClient.h:
      (WebCore::InspectorClient::updateDockingAvailability):
      * inspector/InspectorController.h:
      * inspector/InspectorController.cpp:
      (WebCore::InspectorController::resume):
      (WebCore::InspectorController::updateDockingAvailability):
      When the main frame is resized call up to the InspectorClient to let
      it update docking availability of the inspector frontend.
      
      * inspector/InspectorFrontendClient.h:
      * inspector/InspectorFrontendClientLocal.h:
      * inspector/InspectorFrontendClientLocal.cpp:
      (WebCore::InspectorFrontendClientLocal::frontendLoaded):
      (WebCore::InspectorFrontendClientLocal::setDockingUnavailable):
      On ports where the inspector frontend client is local, provide a
      setDockingUnavailable InspectorFrontendAPI to update the docking state.
      Automatically update availablity when the frontend completes loading.
      
      * inspector/front-end/InspectorFrontendAPI.js:
      (InspectorFrontendAPI.setDockingUnavailable):
      * inspector/front-end/inspector.js:
      (WebInspector._createGlobalStatusBarItems):
      (WebInspector.setAttachedWindow):
      (WebInspector.setDockingUnavailable):
      (WebInspector.updateDockToggleButtonVisibility):
      Update the dock button's visibility when its created, when the attached
      state changes, when get a frontend API notification that we cannot attach.
      
      Source/WebKit/mac:
      
      * WebCoreSupport/WebInspectorClient.h:
      (WebInspectorClient):
      * WebCoreSupport/WebInspectorClient.mm:
      (WebInspectorClient::updateDockingAvailability):
      
      Source/WebKit2:
      
      * WebProcess/WebCoreSupport/WebInspectorClient.cpp:
      (WebKit::WebInspectorClient::updateDockingAvailability):
      * WebProcess/WebCoreSupport/WebInspectorClient.h:
      * WebProcess/WebPage/WebInspector.cpp:
      (WebKit::WebInspector::updateDockingAvailability):
      * WebProcess/WebPage/WebInspector.h:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109858 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      8a541ea1
    • enne@google.com's avatar
      Compositing overlap testing can throw layers into compositing when they should not be. · d77b4334
      enne@google.com authored
      https://bugs.webkit.org/show_bug.cgi?id=50192
      
      Reviewed by Simon Fraser.
      
      Source/WebCore:
      
      The previous overlap map behavior was that a non-composited query
      layer would become composited due to overlap if and only if the query
      layer's absolute bounds overlapped the absolute bounds of some other
      layer which:
          - draws before the query layer
          - is or has a compositing ancestor
      
      This behavior, while correct, was too permissive in throwing layers
      into compositing, causing many layers to get their own backing when
      they could have just gone into their compositing ancestor's backing.
      
      The correct logic is that non-composited query layer needs to be
      composited due to overlap if and only if the query layer's absolute
      bounds overlap the absolute bounds of some other layer which:
          - draws before the query layer
          - has a different compositing ancestor than the query layer
          - is or has a compositing ancestor that is a descendent of the
            query layer's compositing ancestor
      
      This patch changes the semantics of the overlap map to enable this
      behavior.
      
      Rather than having one global overlap map, there is now a stack of
      overlap maps. New (empty) overlap maps are pushed onto the stack
      whenever a layer becomes a compositing ancestor and popped after all
      of the compositing requirements for that layer's children have been
      computed.
      
      The compositing ancestor and all of its non-composited children of a
      compositing ancestor do not get considered for overlap until their
      composited ancestor has been popped off the stack. If a compositing
      ancestor has a compositing subtree, then any descendents of that
      compositing ancestor that draw after that subtree will consider
      everything in the compositing subtree for overlap.
      
      Test: compositing/layer-creation/stacking-context-overlap.html
      
      * platform/graphics/Region.cpp:
      (WebCore::Region::intersects):
      (WebCore):
      * platform/graphics/Region.h:
      (Region):
      * rendering/RenderLayerCompositor.cpp:
      (RenderLayerCompositor::OverlapMap):
      (WebCore::RenderLayerCompositor::OverlapMap::OverlapMap):
      (WebCore::RenderLayerCompositor::OverlapMap::add):
      (WebCore::RenderLayerCompositor::OverlapMap::contains):
      (WebCore::RenderLayerCompositor::OverlapMap::overlapsLayers):
      (WebCore::RenderLayerCompositor::OverlapMap::isEmpty):
      (WebCore::RenderLayerCompositor::OverlapMap::popCompositingContainer):
      (WebCore::RenderLayerCompositor::OverlapMap::pushCompositingContainer):
      (WebCore::RenderLayerCompositor::addToOverlapMapRecursive):
      (WebCore::RenderLayerCompositor::computeCompositingRequirements):
      * rendering/RenderLayerCompositor.h:
      (RenderLayerCompositor):
      
      LayoutTests:
      
      * compositing/layer-creation/stacking-context-overlap-expected.txt: Added.
      * compositing/layer-creation/stacking-context-overlap.html: Added.
      * compositing/layer-creation/stacking-context-overlap-nested-expected.txt: Added.
      * compositing/layer-creation/stacking-context-overlap-nested.html: Added.
      * platform/chromium/test_expectations.txt:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109851 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d77b4334
    • andersca@apple.com's avatar
      Address review comments from https://bugs.webkit.org/show_bug.cgi?id=80368 · db0f27bc
      andersca@apple.com authored
      * platform/graphics/ca/mac/TileCache.mm:
      (WebCore::TileCache::setNeedsDisplayInRect):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109847 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      db0f27bc
    • commit-queue@webkit.org's avatar
      [Forms] HTMLFieldSetForms.idl doesn't have type attribute. · 67dfa9b6
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=80109
      
      Patch by Yoshifumi Inoue <yosin@chromium.org> on 2012-03-05
      Reviewed by Hajime Morita.
      
      Source/WebCore:
      
      Test: fast/forms/fieldset/fieldset-type.html
      
      * html/HTMLFieldSetElement.idl: Add attribute "type"
      
      LayoutTests:
      
      * fast/forms/fieldset/fieldset-type-expected.txt: Added.
      * fast/forms/fieldset/fieldset-type.html: Added.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109846 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      67dfa9b6
    • oliver@apple.com's avatar
      Fix Qt build. · 378963fd
      oliver@apple.com authored
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109845 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      378963fd
    • andersca@apple.com's avatar
      Fix build. · b171d3a2
      andersca@apple.com authored
      * platform/graphics/ca/mac/TileCache.mm:
      (WebCore::TileCache::setScale):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109844 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      b171d3a2
    • andersca@apple.com's avatar
      pinch-to-zoom and double-tap flicker when using the new scrolling model · 4bfd0702
      andersca@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=80368
      <rdar://problem/10866221>
      
      Reviewed by Sam Weinig.
      
      Source/WebCore:
      
      In order to work better with zooming, make the tile cache undo the scale transformation
      and handle the scaling manually. This avoids creating huge tile backing stores when zoomed in.
      
      * platform/graphics/ca/mac/TileCache.mm:
      (WebCore::TileCache::TileCache):
      Initialize m_scale to 1.
      
      (WebCore::TileCache::setNeedsDisplayInRect):
      Scale the given rect appropriately.
      
      (WebCore::TileCache::drawLayer):
      Apply a scale context transform.
      
      (WebCore::TileCache::setScale):
      No longer set the contents scale. Instead, update the scale and revalidate the tiles.
      
      (WebCore::TileCache::revalidateTiles):
      Return early if the bounds are empty. This avoids showing a single tile if that happens due to a race condition.
      
      (WebCore::TileCache::getTileIndexRangeForRect):
      Apply the scale to the bounds.
      
      (WebCore::TileCache::createTileLayer):
      Don't set the contents scale.
      
      * platform/graphics/ca/mac/WebTileCacheLayer.mm:
      (-[WebTileCacheLayer setContentsScale:]):
      Call TileCache::setScale.
      
      * rendering/RenderLayerBacking.cpp:
      (WebCore::RenderLayerBacking::updateCompositedBounds):
      Make sure to give the tile cache layer sane composited bounds, even if the page has absolutely positioned
      elements that are outside of the page.
      
      Source/WebKit2:
      
      Add a way for drawing areas to respond to callback based force repaint requests asynchronously.
      This is currently needed for the tiled drawing area when there might be outstanding scroll updates
      that are sent from the scrolling thread to the main thread and we need to ensure that they're processed
      before sending a message back.
      
      * WebProcess/WebPage/DrawingArea.h:
      (WebKit::DrawingArea::forceRepaintAsync):
      Add new member function.
      
      * WebProcess/WebPage/WebPage.cpp:
      (WebKit::WebPage::forceRepaint):
      Try forceRepaintAsync first.
      
      * WebProcess/WebPage/mac/TiledCoreAnimationDrawingArea.mm:
      (WebKit::forceRepaintAndSendMessage):
      Force the repaint and send the message.
      
      (WebKit::dispatchBackToMainThread):
      Dispatch a call to forceRepaintAndSendMessage to the main thread.
      
      (WebKit::TiledCoreAnimationDrawingArea::forceRepaintAsync):
      Dispatch a function on the scrolling thread. Its sole purpose is to dispatch a function back to the
      main thread, ensuring that all previously dispatched functions have been executed.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109843 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      4bfd0702
    • leo.yang@torchmobile.com.cn's avatar
      GraphicsContext3D.h should include RefCounted.h explicitly · 5b3e2fa3
      leo.yang@torchmobile.com.cn authored
      https://bugs.webkit.org/show_bug.cgi?id=80251
      
      Reviewed by Rob Buis.
      
      GraphicsContext3D.h was using RefCounted but including RefCounted.h indirectly
      through GraphicsLayer.h through Animation.h. However Animation.h is included
      by GraphicsLayer.h only when ACCELERATED_COMPOSITING is on. For some configurations
      that don't use ACCELERATED_COMPOSITING but use GraphicsContext3D, like the
      BlackBerry x86 configuration, the indirect inclusion will fail.
      
      This patch is adding explicit inclusion of RefCounted.h to avoid that kind of
      problem.
      
      * platform/graphics/GraphicsContext3D.h:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109841 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      5b3e2fa3
    • bashi@chromium.org's avatar
      [WebSocket] Should raise SYNTAX_ERR when message contains unpaired surrogates · 781b810d
      bashi@chromium.org authored
      https://bugs.webkit.org/show_bug.cgi?id=80103
      
      Reviewed by Kent Tamura.
      
      Source/WebCore:
      
      Add UTF8 validation checks for WebSocket message and close reason.
      
      Tests: http/tests/websocket/tests/hybi/unpaired-surrogates-in-close-reason.html
             http/tests/websocket/tests/hybi/unpaired-surrogates-in-message.html
      
      * Modules/websockets/WebSocket.cpp:
      (WebCore::WebSocket::send): Raise SYNTAX_ERR if the message is invalid.
      (WebCore::WebSocket::close):Raise SYNTAX_ERR if the reason is invalid.
      * Modules/websockets/WebSocketChannel.cpp:
      (WebCore::WebSocketChannel::send): Check whether message is a valid UTF8 string.
      
      LayoutTests:
      
      Added tests for unpaired surrogates check for WebSocket message and close reason.
      Updated two expectations for close() tests because further error message is added.
      
      * http/tests/websocket/tests/hybi/close-expected.txt: Updated.
      * http/tests/websocket/tests/hybi/unpaired-surrogates-in-close-reason-expected.txt: Added.
      * http/tests/websocket/tests/hybi/unpaired-surrogates-in-close-reason.html: Added.
      * http/tests/websocket/tests/hybi/unpaired-surrogates-in-message-expected.txt: Added.
      * http/tests/websocket/tests/hybi/unpaired-surrogates-in-message.html: Added.
      * http/tests/websocket/tests/hybi/workers/close-expected.txt: Updated.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109840 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      781b810d
    • kbr@google.com's avatar
      [chromium] Notify CCLayerImpl tree of context loss and restoration · 9d93396e
      kbr@google.com authored
      https://bugs.webkit.org/show_bug.cgi?id=80339
      
      Reviewed by James Robinson.
      
      Source/WebCore:
      
      Tested by manually killing GPU process while playing Flash video.
      Video continues to play after compositor restores its context.
      
      * platform/graphics/chromium/cc/CCLayerImpl.cpp:
      (WebCore::CCLayerImpl::didLoseAndRecreateGraphicsContext):
      (WebCore):
      * platform/graphics/chromium/cc/CCLayerImpl.h:
      (CCLayerImpl):
      * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
      (WebCore::CCLayerTreeHostImpl::sendContextLostAndRestoredNotification):
      (WebCore):
      (WebCore::CCLayerTreeHostImpl::sendContextLostAndRestoredNotificationRecursive):
      * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
      (CCLayerTreeHostImpl):
      * platform/graphics/chromium/cc/CCPluginLayerImpl.cpp:
      (WebCore::CCPluginLayerImpl::didLoseAndRecreateGraphicsContext):
      (WebCore):
      * platform/graphics/chromium/cc/CCPluginLayerImpl.h:
      (CCPluginLayerImpl):
      * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
      (WebCore::CCSingleThreadProxy::recreateContext):
      
      Source/WebKit/chromium:
      
      Unit test for notification of context loss and restoration.
      
      * tests/CCLayerTreeHostImplTest.cpp:
      (WebKit):
      (ContextLostNotificationCheckLayer):
      (WebKit::ContextLostNotificationCheckLayer::create):
      (WebKit::ContextLostNotificationCheckLayer::didLoseAndRecreateGraphicsContext):
      (WebKit::ContextLostNotificationCheckLayer::didLoseAndRecreateGraphicsContextCalled):
      (WebKit::ContextLostNotificationCheckLayer::ContextLostNotificationCheckLayer):
      (WebKit::TEST_F):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109839 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      9d93396e
    • commit-queue@webkit.org's avatar
      Change the argument orders to match OpenGL's in GraphicsContext3D functions · 625ffca5
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=80120
      
      Patch by Changhun Kang <temoochin@company100.net> on 2012-03-05
      Reviewed by Kenneth Russell.
      
      No new tests because this patch just change the order of arguments.
      
      Source/WebCore:
      
      * html/canvas/WebGLRenderingContext.cpp:
      (WebCore):
      (WebCore::WebGLRenderingContext::uniform1fv):
      (WebCore::WebGLRenderingContext::uniform1iv):
      (WebCore::WebGLRenderingContext::uniform2fv):
      (WebCore::WebGLRenderingContext::uniform2iv):
      (WebCore::WebGLRenderingContext::uniform3fv):
      (WebCore::WebGLRenderingContext::uniform3iv):
      (WebCore::WebGLRenderingContext::uniform4fv):
      (WebCore::WebGLRenderingContext::uniform4iv):
      (WebCore::WebGLRenderingContext::uniformMatrix2fv):
      (WebCore::WebGLRenderingContext::uniformMatrix3fv):
      (WebCore::WebGLRenderingContext::uniformMatrix4fv):
      * platform/graphics/GraphicsContext3D.h:
      * platform/graphics/chromium/LayerRendererChromium.cpp:
      (WebCore::LayerRendererChromium::drawDebugBorderQuad):
      (WebCore::LayerRendererChromium::drawTileQuad):
      (WebCore::LayerRendererChromium::drawYUV):
      (WebCore::LayerRendererChromium::drawStreamTexture):
      (WebCore::LayerRendererChromium::drawTexturedQuad):
      * platform/graphics/chromium/cc/CCRenderSurface.cpp:
      (WebCore::CCRenderSurface::drawSurface):
      * platform/graphics/efl/GraphicsContext3DEfl.cpp:
      (WebCore::GraphicsContext3D::uniform1fv):
      (WebCore::GraphicsContext3D::uniform1iv):
      (WebCore::GraphicsContext3D::uniform2fv):
      (WebCore::GraphicsContext3D::uniform2iv):
      (WebCore::GraphicsContext3D::uniform3fv):
      (WebCore::GraphicsContext3D::uniform3iv):
      (WebCore::GraphicsContext3D::uniform4fv):
      (WebCore::GraphicsContext3D::uniform4iv):
      (WebCore::GraphicsContext3D::uniformMatrix2fv):
      (WebCore::GraphicsContext3D::uniformMatrix3fv):
      (WebCore::GraphicsContext3D::uniformMatrix4fv):
      * platform/graphics/filters/FECustomFilter.cpp:
      (WebCore::FECustomFilter::bindProgramAndBuffers):
      * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
      (WebCore::GraphicsContext3D::uniform1fv):
      (WebCore::GraphicsContext3D::uniform2fv):
      (WebCore::GraphicsContext3D::uniform3fv):
      (WebCore::GraphicsContext3D::uniform4fv):
      (WebCore::GraphicsContext3D::uniform1iv):
      (WebCore::GraphicsContext3D::uniform2iv):
      (WebCore::GraphicsContext3D::uniform3iv):
      (WebCore::GraphicsContext3D::uniform4iv):
      (WebCore::GraphicsContext3D::uniformMatrix2fv):
      (WebCore::GraphicsContext3D::uniformMatrix3fv):
      (WebCore::GraphicsContext3D::uniformMatrix4fv):
      * platform/graphics/qt/GraphicsContext3DQt.cpp:
      (WebCore::GraphicsContext3D::uniform1fv):
      (WebCore::GraphicsContext3D::uniform2fv):
      (WebCore::GraphicsContext3D::uniform3fv):
      (WebCore::GraphicsContext3D::uniform4fv):
      (WebCore::GraphicsContext3D::uniform1iv):
      (WebCore::GraphicsContext3D::uniform2iv):
      (WebCore::GraphicsContext3D::uniform3iv):
      (WebCore::GraphicsContext3D::uniform4iv):
      (WebCore::GraphicsContext3D::uniformMatrix2fv):
      (WebCore::GraphicsContext3D::uniformMatrix3fv):
      (WebCore::GraphicsContext3D::uniformMatrix4fv):
      
      Source/WebKit/chromium:
      
      * src/GraphicsContext3DChromium.cpp:
      (WebCore::GraphicsContext3DPrivate::uniform1fv):
      (WebCore::GraphicsContext3DPrivate::uniform1iv):
      (WebCore::GraphicsContext3DPrivate::uniform2fv):
      (WebCore::GraphicsContext3DPrivate::uniform2iv):
      (WebCore::GraphicsContext3DPrivate::uniform3fv):
      (WebCore::GraphicsContext3DPrivate::uniform3iv):
      (WebCore::GraphicsContext3DPrivate::uniform4fv):
      (WebCore::GraphicsContext3DPrivate::uniform4iv):
      (WebCore::GraphicsContext3DPrivate::uniformMatrix2fv):
      (WebCore::GraphicsContext3DPrivate::uniformMatrix3fv):
      (WebCore::GraphicsContext3DPrivate::uniformMatrix4fv):
      (WebCore):
      * src/GraphicsContext3DPrivate.h:
      (GraphicsContext3DPrivate):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109838 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      625ffca5
    • eric@webkit.org's avatar
      Source/JavaScriptCore: Update JavaScriptCore files to use fully-qualified WTF include paths · 37ac49ee
      eric@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=79960
      
      Reviewed by Adam Barth.
      
      This change does 5 small/related things:
       1. Updates JavaScriptCore.xcodeproj to install WTF headers into $BUILD/usr/local/include
          (WebCore, WebKit were already setup to look there, but JavaScriptCore.xcodeproj
          was not installing headers there.)
       2. Makes JavaScriptCore targets include $BUILD/usr/local/include in their
          header search path, as that's where the WTF headers will be installed.
       3. Similarly updates JavaScriptCore.vcproj/copy-files.cmd to copy WTF headers to PrivateHeaders/wtf/*
          in addition to the current behavior of flattening all headers to PrivateHeaders/*.h.
       4. Updates a bunch of JSC files to use #include <wtf/Foo.h> instead of #include "Foo.h"
          since soon the WTF headers will not be part of the JavaScriptCore Xcode project.
       5. Makes build-webkit build the WTF XCode project by default.
      
      * API/tests/JSNode.c:
      * API/tests/JSNodeList.c:
      * Configurations/Base.xcconfig:
      * assembler/MacroAssemblerCodeRef.h:
      * bytecompiler/BytecodeGenerator.h:
      * dfg/DFGOperations.cpp:
      * heap/GCAssertions.h:
      * heap/HandleHeap.h:
      * heap/HandleStack.h:
      * heap/MarkedSpace.h:
      * heap/PassWeak.h:
      * heap/Strong.h:
      * heap/Weak.h:
      * jit/HostCallReturnValue.cpp:
      * jit/JIT.cpp:
      * jit/JITStubs.cpp:
      * jit/ThunkGenerators.cpp:
      * parser/Lexer.cpp:
      * runtime/Completion.cpp:
      * runtime/Executable.cpp:
      * runtime/Identifier.h:
      * runtime/InitializeThreading.cpp:
      * runtime/JSDateMath.cpp:
      * runtime/JSGlobalObjectFunctions.cpp:
      * runtime/JSStringBuilder.h:
      * runtime/JSVariableObject.h:
      * runtime/NumberPrototype.cpp:
      * runtime/WriteBarrier.h:
      * tools/CodeProfile.cpp:
      * tools/TieredMMapArray.h:
      * yarr/YarrJIT.cpp:
      
      Tools: Update JavaScriptCore files to use fully-qualified WTF include path
      https://bugs.webkit.org/show_bug.cgi?id=79960
      
      Reviewed by Adam Barth.
      
      Build WTF/WTF.xcodeproj by default on Mac.
      
      * Scripts/build-webkit:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109837 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      37ac49ee
    • commit-queue@webkit.org's avatar
      Source/WebCore: [Forms] HTMLFieldSetForms.idl doesn't have name attribute. · fb538653
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=80108
      
      Patch by Yoshifumi Inoue <yosin@chromium.org> on 2012-03-05
      Reviewed by Hajime Morita.
      
      Test: fast/forms/fieldset/fieldset-name.html
      
      * html/HTMLFieldSetElement.idl: Add "name" attribute.
      
      LayoutTests: [Forms] HTMLFieldSetForms.idl doesn't have name attribute.
      https://bugs.webkit.org/show_bug.cgi?id=81008
      
      Test read/write attribute "name" of fieldset element.
      
      Patch by Yoshifumi Inoue <yosin@chromium.org> on 2012-03-05
      Reviewed by Hajime Morita.
      
      * fast/forms/fieldset/fieldset-name-expected.txt: Added.
      * fast/forms/fieldset/fieldset-name.html: Added.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109836 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      fb538653
    • leviw@chromium.org's avatar
      Update usage of LayoutUnits in RenderBox · a1c254dc
      leviw@chromium.org authored
      https://bugs.webkit.org/show_bug.cgi?id=80039
      
      Reviewed by Julien Chaffraix.
      
      Updating the usage of integers versus LayoutUnits in RenderBox to mirror the
      subpixellayout branch. This reverts absoluteRects, intrinsicSize, and focusRingRects
      methods to use integers, and flipForWritingMode functions to LayoutUnits.
      
      No new tests. No change in behavior.
      
      * platform/graphics/FractionalLayoutRect.h:
      (WebCore::FractionalLayoutRect::pixelSnappedX): Convenience methods that only calculate
      the needed values. This requires less computation than pixelSnappedIntRect(r).x().
      (WebCore::FractionalLayoutRect::pixelSnappedY): Ditto.
      (WebCore::FractionalLayoutRect::pixelSnappedWidth): Ditto.
      (WebCore::FractionalLayoutRect::pixelSnappedHeight): Ditto.
      (WebCore::FractionalLayoutRect::pixelSnappedMaxX): Ditto.
      (WebCore::FractionalLayoutRect::pixelSnappedMaxY): Ditto.
      (FractionalLayoutRect):
      * platform/graphics/IntRect.h:
      (IntRect):
      (WebCore::IntRect::pixelSnappedX): Stub methods to allow us to use IntRects like we do
      FractionalLayoutRects.
      (WebCore::IntRect::pixelSnappedY): Ditto.
      (WebCore::IntRect::pixelSnappedMaxX): Ditto.
      (WebCore::IntRect::pixelSnappedMaxY): Ditto.
      (WebCore::IntRect::pixelSnappedWidth): Ditto.
      (WebCore::IntRect::pixelSnappedHeight): Ditto.
      * rendering/LayoutTypes.h:
      (WebCore::pixelSnappedIntRect): Convenience method for building a pixelSnappedIntRect from
      a LayoutPoint and LayoutSize without constructing an intermediate LayoutRect.
      (WebCore):
      (WebCore::snapSizeToPixel): Stub method for snapping a LayoutUnit representing a size to
      its pixel value using its location.
      * rendering/RenderBox.cpp:
      (WebCore::RenderBox::pixelSnappedClientWidth): Changing to actually call snapSizeToPixel.
      (WebCore::RenderBox::pixelSnappedClientHeight): Ditto.
      (WebCore::RenderBox::absoluteRects): Switching to return IntRects that represent the actual
      rendered location on screen.
      (WebCore::RenderBox::addFocusRingRects): Ditto.
      (WebCore::RenderBox::paintFillLayer): One-liner switching an IntSize() to LayoutSize() to
      avoid unnecessary conversion.
      (WebCore::RenderBox::shrinkLogicalWidthToAvoidFloats): Preparing for the conversion by
      replacing 0 with zeroLayoutUnit.
      (WebCore::RenderBox::positionLineBox): Preparing for conversion by replacing lroundf
      with roundedLayoutUnit.
      (WebCore::RenderBox::flipForWritingMode): Switching to use LayoutUnits.
      * rendering/RenderBox.h:
      (RenderBox):
      (WebCore::RenderBox::pixelSnappedBorderBoxRect): Convenience method.
      (WebCore::RenderBox::borderBoundingBox): Converting to a pixelSnappedIntRect.
      (WebCore::RenderBox::intrinsicSize): Intrinsic sizes should always be integers.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109835 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      a1c254dc
    • oliver@apple.com's avatar
      Add basic support for constant blinding to the JIT · d5c48685
      oliver@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=80354
      
      Reviewed by Filip Pizlo.
      
      This patch adds basic constant blinding support to the JIT, at the
      MacroAssembler level.  This means all JITs in JSC (Yarr, baseline, and DFG)
      get constant blinding.  Woo!
      
      This patch only introduces blinding for Imm32, a later patch will do similar
      for ImmPtr.  In order to make misuse of Imm32 as a trusted type essentially
      impossible, we make TrustedImm32 a private parent of Imm32 and add an explicit
      accessor that's needed to access the actual value.  This also means you cannot
      accidentally pass an untrusted value to a function that does not perform
      blinding.
      
      To make everything work sensibly, this patch also corrects some code that was using
      Imm32 when TrustedImm32 could be used, and refactors a few callers that use
      untrusted immediates, so that they call slightly different varaints of the functions
      that they used previously.  This is largely necessary to deal with x86-32 not having
      sufficient registers to handle the additional work required when we choose to blind
      a constant.
      
      * assembler/AbstractMacroAssembler.h:
      (JSC::AbstractMacroAssembler::Imm32::asTrustedImm32):
      (Imm32):
      (JSC::AbstractMacroAssembler::beginUninterruptedSequence):
      (JSC::AbstractMacroAssembler::endUninterruptedSequence):
      (JSC::AbstractMacroAssembler::AbstractMacroAssembler):
      (AbstractMacroAssembler):
      (JSC::AbstractMacroAssembler::inUninterruptedSequence):
      (JSC::AbstractMacroAssembler::random):
      (JSC::AbstractMacroAssembler::scratchRegisterForBlinding):
      (JSC::AbstractMacroAssembler::shouldBlindForSpecificArch):
      * assembler/MacroAssembler.h:
      (JSC::MacroAssembler::addressForPoke):
      (MacroAssembler):
      (JSC::MacroAssembler::poke):
      (JSC::MacroAssembler::branchPtr):
      (JSC::MacroAssembler::branch32):
      (JSC::MacroAssembler::convertInt32ToDouble):
      (JSC::MacroAssembler::shouldBlind):
      (JSC::MacroAssembler::BlindedImm32::BlindedImm32):
      (BlindedImm32):
      (JSC::MacroAssembler::keyForConstant):
      (JSC::MacroAssembler::xorBlindConstant):
      (JSC::MacroAssembler::additionBlindedConstant):
      (JSC::MacroAssembler::andBlindedConstant):
      (JSC::MacroAssembler::orBlindedConstant):
      (JSC::MacroAssembler::loadXorBlindedConstant):
      (JSC::MacroAssembler::add32):
      (JSC::MacroAssembler::addPtr):
      (JSC::MacroAssembler::and32):
      (JSC::MacroAssembler::andPtr):
      (JSC::MacroAssembler::move):
      (JSC::MacroAssembler::or32):
      (JSC::MacroAssembler::store32):
      (JSC::MacroAssembler::sub32):
      (JSC::MacroAssembler::subPtr):
      (JSC::MacroAssembler::xor32):
      (JSC::MacroAssembler::branchAdd32):
      (JSC::MacroAssembler::branchMul32):
      (JSC::MacroAssembler::branchSub32):
      (JSC::MacroAssembler::trustedImm32ForShift):
      (JSC::MacroAssembler::lshift32):
      (JSC::MacroAssembler::rshift32):
      (JSC::MacroAssembler::urshift32):
      * assembler/MacroAssemblerARMv7.h:
      (MacroAssemblerARMv7):
      (JSC::MacroAssemblerARMv7::scratchRegisterForBlinding):
      (JSC::MacroAssemblerARMv7::shouldBlindForSpecificArch):
      * assembler/MacroAssemblerX86_64.h:
      (JSC::MacroAssemblerX86_64::branchSubPtr):
      (MacroAssemblerX86_64):
      (JSC::MacroAssemblerX86_64::scratchRegisterForBlinding):
      * dfg/DFGJITCompiler.cpp:
      (JSC::DFG::JITCompiler::linkOSRExits):
      (JSC::DFG::JITCompiler::compileBody):
      (JSC::DFG::JITCompiler::compileFunction):
      * dfg/DFGOSRExitCompiler32_64.cpp:
      (JSC::DFG::OSRExitCompiler::compileExit):
      * dfg/DFGOSRExitCompiler64.cpp:
      (JSC::DFG::OSRExitCompiler::compileExit):
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      (JSC::DFG::SpeculativeJIT::compileArithSub):
      (JSC::DFG::SpeculativeJIT::compileStrictEqForConstant):
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::callOperation):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::emitCall):
      (JSC::DFG::SpeculativeJIT::compileObjectEquality):
      (JSC::DFG::SpeculativeJIT::compileDoubleCompare):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::emitCall):
      (JSC::DFG::SpeculativeJIT::compileDoubleCompare):
      (JSC::DFG::SpeculativeJIT::compile):
      * jit/JIT.cpp:
      (JSC::JIT::privateCompileSlowCases):
      (JSC::JIT::privateCompile):
      * jit/JITArithmetic.cpp:
      (JSC::JIT::compileBinaryArithOp):
      (JSC::JIT::emit_op_add):
      (JSC::JIT::emit_op_mul):
      (JSC::JIT::emit_op_div):
      * jit/JITArithmetic32_64.cpp:
      (JSC::JIT::emitAdd32Constant):
      (JSC::JIT::emitSub32Constant):
      (JSC::JIT::emitBinaryDoubleOp):
      (JSC::JIT::emitSlow_op_mul):
      (JSC::JIT::emit_op_div):
      * jit/JITCall.cpp:
      (JSC::JIT::compileLoadVarargs):
      * jit/JITCall32_64.cpp:
      (JSC::JIT::compileLoadVarargs):
      * jit/JITInlineMethods.h:
      (JSC::JIT::updateTopCallFrame):
      (JSC::JIT::emitValueProfilingSite):
      * jit/JITOpcodes32_64.cpp:
      (JSC::JIT::emitSlow_op_jfalse):
      (JSC::JIT::emitSlow_op_jtrue):
      * jit/JITStubCall.h:
      (JITStubCall):
      (JSC::JITStubCall::addArgument):
      * yarr/YarrJIT.cpp:
      (JSC::Yarr::YarrGenerator::backtrack):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109834 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d5c48685
    • abarth@webkit.org's avatar
      WorkerContext shouldn't need to know about SQLDatabase · 7285fd23
      abarth@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=80352
      
      Reviewed by Eric Seidel.
      
      This patch removes the SQLDatabase functions from WorkerContext in
      preparation for moving the SQLDatabase code into a module.  These
      functions don't interact with the rest of WorkerContext.
      
      * CMakeLists.txt:
      * DerivedSources.make:
      * DerivedSources.pri:
      * GNUmakefile.list.am:
      * Target.pri:
      * WebCore.gypi:
      * WebCore.vcproj/WebCore.vcproj:
      * WebCore.xcodeproj/project.pbxproj:
      * storage/DOMWindowSQLDatabase.cpp:
      * storage/WorkerContextSQLDatabase.cpp: Added.
      (WebCore):
      (WebCore::WorkerContextSQLDatabase::openDatabase):
      (WebCore::WorkerContextSQLDatabase::openDatabaseSync):
      * storage/WorkerContextSQLDatabase.h: Added.
      (WebCore):
      (WorkerContextSQLDatabase):
      (WebCore::WorkerContextSQLDatabase::WorkerContextSQLDatabase):
      (WebCore::WorkerContextSQLDatabase::~WorkerContextSQLDatabase):
      * storage/WorkerContextSQLDatabase.idl: Added.
      * workers/WorkerContext.cpp:
      (WebCore):
      * workers/WorkerContext.h:
      (WebCore):
      (WorkerContext):
      * workers/WorkerContext.idl:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109833 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      7285fd23
    • bashi@chromium.org's avatar
      [WebSocket] Introduce ThreadableWebSocketChannel::SendResult · 936d8bf9
      bashi@chromium.org authored
      https://bugs.webkit.org/show_bug.cgi?id=80356
      
      Reviewed by Kent Tamura.
      
      Introduced ThreadableWebSocketChannel::SendResult type so that
      WebSocketChannel can pass the validation result.
      
      No new test. No changes in behavior.
      
      * Modules/websockets/ThreadableWebSocketChannel.h: Added SendResult.
      * Modules/websockets/ThreadableWebSocketChannelClientWrapper.cpp:
      (WebCore::ThreadableWebSocketChannelClientWrapper::ThreadableWebSocketChannelClientWrapper):
      (WebCore::ThreadableWebSocketChannelClientWrapper::sendRequestResult): Use ThreadableWebSocketChannel::SendResult instead of bool.
      (WebCore::ThreadableWebSocketChannelClientWrapper::setSendRequestResult): Ditto.
      * Modules/websockets/ThreadableWebSocketChannelClientWrapper.h:
      (ThreadableWebSocketChannelClientWrapper):
      * Modules/websockets/WebSocketChannel.cpp:
      (WebCore::WebSocketChannel::send): Use ThreadableWebSocketChannel::SendResult instead of bool. Pass Cstring to enqueTextFrame instead of String.
      (WebCore::WebSocketChannel::enqueueTextFrame): Ditto.
      (WebCore::WebSocketChannel::processOutgoingFrameQueue): Ditto.
      * Modules/websockets/WebSocketChannel.h:
      (WebSocketChannel):
      (QueuedFrame): Changed the type of stringData from String to CString.
      * Modules/websockets/WorkerThreadableWebSocketChannel.cpp:
      (WebCore::WorkerThreadableWebSocketChannel::send): Use ThreadableWebSocketChannel::SendResult instead of bool.
      (WebCore::workerContextDidSend): Ditto.
      (WebCore::WorkerThreadableWebSocketChannel::Peer::send): Ditto.
      (WebCore::WorkerThreadableWebSocketChannel::Bridge::send): Ditto.
      * Modules/websockets/WorkerThreadableWebSocketChannel.h:
      (WorkerThreadableWebSocketChannel): ditto.
      (Bridge): Ditto.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109832 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      936d8bf9
    • dpranke@chromium.org's avatar
      There should be a way to disable optimizer in webkit-patch rebaseline-expectations · 05df421b
      dpranke@chromium.org authored
      https://bugs.webkit.org/show_bug.cgi?id=69590
      
      Reviewed by Ryosuke Niwa.
      
      Adds a --no-optimize flag to webkit-patch rebaseline-expectations
      to skip the 'optimize-expectations' step.
      
      * Scripts/webkitpy/tool/commands/rebaseline.py:
      (RebaselineExpectations.__init__):
      (RebaselineExpectations.execute):
      * Scripts/webkitpy/tool/commands/rebaseline_unittest.py:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109831 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      05df421b
    • tony@chromium.org's avatar
      add tests for multiline flexbox and flex-pack · 236abde4
      tony@chromium.org authored
      https://bugs.webkit.org/show_bug.cgi?id=80342
      
      Reviewed by Ojan Vafai.
      
      * css3/flexbox/multiline-pack-expected.txt: Added.
      * css3/flexbox/multiline-pack.html: Added.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109830 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      236abde4
    • haraken@chromium.org's avatar
      [JSC] Cache the CSSPropertyID in JSCSSStyleDeclaration · 65b6df3e
      haraken@chromium.org authored
      https://bugs.webkit.org/show_bug.cgi?id=80250
      
      Reviewed by Benjamin Poulain.
      
      V8CSSStyleDeclaration caches the calculated CSSPropertyID.
      Similarly, we can implement the cache in JSCSSStyleDeclaration.
      
      In my local Mac environment, this optimization improves the performance
      of CSS property getters by 35%, and the performance of CSS property setters
      by 8%.
      
      CSS property getter: for (var i = 0; i < 1000000; i++) span.style.fontWeight;
      CSS property setter: for (var i = 0; i < 1000000; i++) span.style.fontWeight = "bold";
      
      Tests: fast/dom/CSSStyleDeclaration/* (No change in test results)
      
      * bindings/js/JSCSSStyleDeclarationCustom.cpp:
      (CSSPropertyInfo):
      (WebCore):
      (WebCore::cssPropertyIDForJSCSSPropertyName):
      (WebCore::JSCSSStyleDeclaration::nameGetter):
      (WebCore::JSCSSStyleDeclaration::putDelegate):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109829 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      65b6df3e
    • dgrogan@chromium.org's avatar
      Basic IndexedDB shared worker test · 0f1a8260
      dgrogan@chromium.org authored
      https://bugs.webkit.org/show_bug.cgi?id=80189
      
      Reviewed by Tony Chang.
      
      * fast/js/resources/js-test-pre.js:
      (startWorker.worker.port.onmessage):
      * platform/chromium/test_expectations.txt:
      * storage/indexeddb/basics-shared-workers-expected.txt: Added.
      * storage/indexeddb/basics-shared-workers.html: Added.
      * storage/indexeddb/resources/shared.js:
      (.self.postMessage):
      (.self.onconnect.self.postMessage):
      (.self.onconnect):
      (done):
      (unexpectedErrorCallback):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109828 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      0f1a8260
    • commit-queue@webkit.org's avatar
      [Chromium] WebOptionElement should inherit WebElement instead of WebFormControlElement · f2a23ed4
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=80089
      
      Change class hierarchy of WebOptionElement to match with specification.
      
      Patch by Yoshifumi Inoue <yosin@chromium.org> on 2012-03-05
      Reviewed by Darin Fisher.
      
      * public/WebOptionElement.h: Replace to WebElement from WebFormControlElement
      (WebKit::WebOptionElement::WebOptionElement):
      (WebKit::WebOptionElement::operator=):
      (WebKit::WebOptionElement::assign):
      * src/WebOptionElement.cpp:
      (WebKit::WebOptionElement::WebOptionElement):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109827 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      f2a23ed4
    • enrica@apple.com's avatar
      Can't type on some websites (plug-ins steal key events). · 9260aefc
      enrica@apple.com authored
      <rdar://problem/10892291>
      
      When the plugin is disabled, it is necessary to reset _pluginComplexTextInputIdentifier
      in order to return the correct input context. Failure to do so results in the inputContext
      method to return the plugin input context instead of the context of the browser view.
              
      Reviewed by Sam Weinig.
      
      * UIProcess/API/mac/WKView.mm:
      (-[WKView _setPluginComplexTextInputState:]):
      (-[WKView _handlePluginComplexTextInputKeyDown:]):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109826 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      9260aefc
    • jsbell@chromium.org's avatar
      IndexedDB: Handle LevelDB database corruption · c73e76fd
      jsbell@chromium.org authored
      https://bugs.webkit.org/show_bug.cgi?id=79413
      
      Source/WebCore:
      
      Add LevelDBDatabase::destroy() method so that clients can retry if open() fails.
      
      Reviewed by Tony Chang.
      
      Test: webkit_unit_tests --gtest_filter='LevelDBDatabaseTest.CorruptionTest'
      
      * Modules/indexeddb/IDBLevelDBBackingStore.cpp: Implement open/destroy/open strategy.
      (WebCore::IDBLevelDBBackingStore::open):
      * platform/leveldb/LevelDBDatabase.cpp:
      (WebCore::LevelDBDatabase::destroy):
      (WebCore):
      * platform/leveldb/LevelDBDatabase.h:
      (LevelDBDatabase):
      
      Source/WebKit/chromium:
      
      Reviewed by Tony Chang.
      
      * WebKit.gypi:
      * tests/LevelDBTest.cpp: Added.
      (WebCore):
      (SimpleComparator):
      (WebCore::SimpleComparator::compare):
      (WebCore::SimpleComparator::name):
      (WebCore::encodeString):
      (WebCore::TEST):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109825 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      c73e76fd
    • barraclough@apple.com's avatar
      putByIndex should throw in strict mode · a4d51f2a
      barraclough@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=80335
      
      Reviewed by Filip Pizlo.
      
      Source/JavaScriptCore: 
      
      We'll need to pass an additional parameter.
      
      Part 1 - rename JSValue::put() for integer indices to JSValue::putByIndex()
      to match the method in the MethodTable, make this take a parameter indicating
      whether the put should throw. This fixes the cases where the base of the put
      is a primitive.
      
      * dfg/DFGOperations.cpp:
      (DFG):
      (JSC::DFG::putByVal):
      (JSC::DFG::operationPutByValInternal):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::execute):
      (JSC::Interpreter::privateExecute):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      * runtime/JSObject.h:
      (JSC::JSValue::putByIndex):
      * runtime/JSValue.cpp:
      (JSC):
      * runtime/JSValue.h:
      (JSValue):
      
      LayoutTests: 
      
      * fast/js/primitive-property-access-edge-cases-expected.txt:
      * fast/js/script-tests/primitive-property-access-edge-cases.js:
      (checkNumericGet.Object.defineProperty):
      (checkNumericSet.Object.defineProperty):
      (checkNumericGetStrict.Object.defineProperty):
      (checkNumericSetStrict.Object.defineProperty):
      (checkNumericRead):
      (checkNumericWrite):
      (checkNumericReadStrict):
      (checkNumericWriteStrict):
          - Added test cases.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109824 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      a4d51f2a
    • commit-queue@webkit.org's avatar
      Enable context menu on android · 71958374
      commit-queue@webkit.org authored
      For android, long press is converted into a right mouse down event
      So we will use that to invoke the context menu
      https://bugs.webkit.org/show_bug.cgi?id=80332
      
      Patch by Min Qin <qinmin@google.com> on 2012-03-05
      Reviewed by Adam Barth.
      
      * src/WebViewImpl.cpp:
      (WebKit::WebViewImpl::mouseDown):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109823 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      71958374
    • rniwa@webkit.org's avatar
      Perf-o-matic should memcache dashboard images · 34678179
      rniwa@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=80349
      
      Reviewed by Eric Seidel.
      
      Added DashboardImage.create and DashboardImage.get_image to encapsulate memcache.
      Also replaced transaction in DashboardImage.set_cache by a single put since it duplicates
      what put does by default.
      
      Also removed redundant cache_* functions and merged them into handler code.
      
      * Websites/webkit-perf.appspot.com/controller.py:
      (ManifestUpdateHandler.post):
      (CachedManifestHandler.get):
      (DashboardUpdateHandler.post):
      (CachedDashboardHandler.get):
      (RunsUpdateHandler):
      (RunsUpdateHandler.post):
      (RunsChartHandler):
      (RunsChartHandler.post):
      (DashboardImageHandler.get):
      * Websites/webkit-perf.appspot.com/models.py:
      (PersistentCache.set_cache):
      (DashboardImage):
      (DashboardImage.create):
      (DashboardImage.get_image):
      * Websites/webkit-perf.appspot.com/models_unittest.py:
      (PersistentCacheTests.setUp):
      (PersistentCacheTests.test_set_cache):
      (PersistentCacheTests.test_get_cache):
      (DashboardImageTests.setUp):
      (DashboardImageTests):
      (DashboardImageTests.test_create):
      (DashboardImageTests.test_get):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109821 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      34678179
    • schenney@chromium.org's avatar
      [Chromium] SVG Composite of Offset crashes · 76af02a5
      schenney@chromium.org authored
      https://bugs.webkit.org/show_bug.cgi?id=77245
      
      Reviewed by Stephen White.
      
      The feComposite arithmetic mode filter could readily be made to
      generate invalid pre-multiplied pixel values which would then go on to
      pollute other filters and cause invalid final output pixels. This
      patch checks for filters that require valid inputs, and checks that a
      result is valid, and corrects the result if necessary. This matches
      the behavior of FF and Opera while preventing crashes or other
      undesirable behavior.
      
      Source/WebCore:
      
      Test: svg/filters/feComposite-arithmetic-invalid-rgba.svg
      
      * platform/graphics/filters/FEComposite.h: Override the default validity checks and image cleanup methods.
      * platform/graphics/filters/FEComposite.cpp:
      (WebCore::FEComposite::correctFilterResultIfNeeded): Force valid pixels if this is an arithmetic filter
      * platform/graphics/filters/FilterEffect.cpp:
      (WebCore::FilterEffect::apply): Check for validity status and correct
      (WebCore::FilterEffect::forceValidPremultipliedPixels): Make an image valid
      (WebCore):
      * platform/graphics/filters/FilterEffect.h: New virtual methods for image validity.
      (FilterEffect):
      (WebCore::FilterEffect::requiresValidPreMulultipliedPixels):
      (WebCore::FilterEffect::forceValidPremultipliedPixels):
      (WebCore::FilterEffect::correctFilterResultIfNeeded):
      * rendering/svg/RenderSVGResourceFilter.cpp:
      (WebCore::RenderSVGResourceFilter::postApplyResource): Check that the final filter result is valid
      
      LayoutTests:
      
      * svg/filters/feComposite-arithmetic-invalid-rgba-expected.svg: Added.
      * svg/filters/feComposite-arithmetic-invalid-rgba.svg: Added.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109820 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      76af02a5
    • timothy@apple.com's avatar
      Fix 32-bit builds. · daaf63db
      timothy@apple.com authored
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109819 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      daaf63db
    • alexis.menard@openbossa.org's avatar
      getComputedStyle gives incorrect information for 'height' property · 349836c6
      alexis.menard@openbossa.org authored
      https://bugs.webkit.org/show_bug.cgi?id=33593
      
      Reviewed by David Hyatt.
      
      Source/WebCore:
      
      Make sure that the contentBoxRect doesn't take into account the
      intrinsic padding when querying it. As stated by http://www.w3.org/TR/css3-box/#the-lsquo0
      the height is the content area which doesn't include the intrinsic padding, the border, and
      the padding.
      
      Test: fast/css/getComputedStyle/getComputedStyle-height.html
      
      * css/CSSComputedStyleDeclaration.cpp:
      (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
      * editing/DeleteSelectionCommand.cpp:
      (WebCore::DeleteSelectionCommand::removeNode):
      * rendering/RenderBox.h:
      (WebCore::RenderBox::contentBoxRect):
      (WebCore::RenderBox::contentWidth):
      (WebCore::RenderBox::contentHeight):
      (WebCore::RenderBox::contentLogicalWidth):
      (WebCore::RenderBox::contentLogicalHeight):
      * rendering/RenderBoxModelObject.cpp:
      (WebCore::RenderBoxModelObject::paddingTop):
      (WebCore::RenderBoxModelObject::paddingBottom):
      (WebCore::RenderBoxModelObject::paddingLeft):
      (WebCore::RenderBoxModelObject::paddingRight):
      (WebCore::RenderBoxModelObject::paddingBefore):
      (WebCore::RenderBoxModelObject::paddingAfter):
      (WebCore::RenderBoxModelObject::paddingStart):
      (WebCore::RenderBoxModelObject::paddingEnd):
      * rendering/RenderBoxModelObject.h:
      (RenderBoxModelObject):
      * rendering/RenderTableCell.cpp:
      (WebCore::RenderTableCell::paddingTop):
      (WebCore::RenderTableCell::paddingBottom):
      (WebCore::RenderTableCell::paddingLeft):
      (WebCore::RenderTableCell::paddingRight):
      (WebCore::RenderTableCell::paddingBefore):
      (WebCore::RenderTableCell::paddingAfter):
      (WebCore::RenderTableCell::cellBaselinePosition):
      * rendering/RenderTableCell.h:
      (RenderTableCell):
      * rendering/RenderTableSection.cpp:
      (WebCore::RenderTableSection::firstLineBoxBaseline):
      
      LayoutTests:
      
      Make sure that the contentBoxRect doesn't take into account the
      intrinsic padding.
      
      * fast/css/getComputedStyle/getComputedStyle-height-expected.txt: Added.
      * fast/css/getComputedStyle/getComputedStyle-height.html: Added.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109818 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      349836c6
    • morrita@google.com's avatar
      https://bugs.webkit.org/show_bug.cgi?id=80257 · 91b453dc
      morrita@google.com authored
      Lifecycle of InternalSettings should be simplified.
      
      Reviewed by Ryosuke Niwa.
      
      - Moved settings update code to separate restoreTo() method.
      - Eliminated flags which indidate the changed field.
        Now these modifiable parameters are backed up at the initialization.
      
      No new tests. Refactoring.
      
      * testing/InternalSettings.cpp:
      (WebCore::InternalSettings::create):
      (WebCore::InternalSettings::InternalSettings):
      (WebCore):
      (WebCore::InternalSettings::restoreTo):
      * testing/InternalSettings.h:
      (InternalSettings):
      * testing/Internals.cpp:
      (WebCore::Internals::reset):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109817 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      91b453dc
    • tkent@chromium.org's avatar
      [Chromium] Add new popup type: PagePopup · cfe8248d
      tkent@chromium.org authored
      https://bugs.webkit.org/show_bug.cgi?id=80106
      
      Reviewed by Darin Fisher.
      
      Source/WebKit/chromium:
      
      This is a preparation of implementing ChromeClient::openPagePopup and
      closePagePopup.
      
      * WebKit.gyp: Add WebPagePopup.h and WebPagePopupImpl.cpp.
      * public/WebPagePopup.h:
      (WebPagePopup): Add WebPagePopup interface.
      * public/WebPopupType.h: Add WebPopupTypePage.
      * src/WebPagePopupImpl.cpp:
      (WebKit::WebPagePopup::create): Temprary implementation which just returns 0.
      
      Tools:
      
      * DumpRenderTree/chromium/WebViewHost.cpp:
      (WebViewHost::createPopupMenu):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109816 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      cfe8248d