1. 23 Sep, 2012 4 commits
    • ggaren@apple.com's avatar
      CSE for access to closure variables (get_/put_scoped_var) · ce086ca0
      ggaren@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=97414
      
      Reviewed by Oliver Hunt.
      
      I separated loading a scope from loading its storage pointer, so we can
      CSE the storage pointer load. Then, I copied the global var CSE and adjusted
      it for closure vars.
      
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::execute): Renamed GetScopeChain => GetScope to
      reflect renames from a few weeks ago.
      
      Added a case for the storage pointer load, similar to object storage pointer load.
      
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::parseBlock): Added an independent node for
      the storage pointer.
      
      * dfg/DFGCSEPhase.cpp:
      (JSC::DFG::CSEPhase::scopedVarLoadElimination):
      (CSEPhase):
      (JSC::DFG::CSEPhase::scopedVarStoreElimination):
      (JSC::DFG::CSEPhase::getScopeLoadElimination):
      (JSC::DFG::CSEPhase::getScopeRegistersLoadElimination):
      (JSC::DFG::CSEPhase::setLocalStoreElimination):
      (JSC::DFG::CSEPhase::performNodeCSE): Copied globalVarLoad/StoreElimination
      and adapted the same logic to closure vars.
      
      * dfg/DFGNode.h:
      (JSC::DFG::Node::hasScopeChainDepth):
      (JSC::DFG::Node::scope):
      (Node):
      * dfg/DFGNodeType.h:
      (DFG): GetScopedVar and GetGlobalVar are no longer MustGenerate. I'm not
      sure why they ever were. But these are simple load operations so, if they're
      unused, they're truly dead.
      
      * dfg/DFGPredictionPropagationPhase.cpp:
      (JSC::DFG::PredictionPropagationPhase::propagate):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::compile): Updated for renames and split-out
      node for getting the storage pointer.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129316 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      ce086ca0
    • commit-queue@webkit.org's avatar
      Measure the usage of the "X-WebKit-CSP" header in the hopes of dropping the prefix completely. · ef8bdaf1
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=97408
      
      Patch by Mike West <mkwst@chromium.org> on 2012-09-23
      Reviewed by Adam Barth.
      
      We plan on landing the unprefixed header in webkit.org/b/96765 once the
      spec moves to CR. Though we plan to use it for experimentation in the
      near future, we'll want to drop the prefixed header completely at some
      point in the future. Starting to measure its usage now will give us a
      good baseline when we start contemplating that decision.
      
      No new functionality, so no new tests.
      
      * page/ContentSecurityPolicy.cpp:
      (WebCore::ContentSecurityPolicy::didReceiveHeader):
      * page/FeatureObserver.h:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129315 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      ef8bdaf1
    • weinig@apple.com's avatar
      Add explicit conversion operator to RetainPtr for easier use in C++11 environments · fe01ba09
      weinig@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=97403
      
      Reviewed by Dan Bernstein.
      
      * wtf/Compiler.h:
      Add support for COMPILER_SUPPORTS(CXX_EXPLICIT_CONVERSIONS)
      
      * wtf/RetainPtr.h:
      (RetainPtr):
      (WTF::RetainPtr::get):
      (WTF::RetainPtr::operator PtrType):
      Add the explicit conversion operator and group all the underlying
      pointer accessors together.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129314 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      fe01ba09
    • zandobersek@gmail.com's avatar
      Unreviewed GTK gardening. · fe932338
      zandobersek@gmail.com authored
      Adding a failure expectation for http/tests/loading/redirect-with-no-location-crash.html,
      the test started failing on the WebKit2 builder after it was unskipped in r129213.
      
      * platform/gtk-wk2/TestExpectations:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129313 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      fe932338
  2. 22 Sep, 2012 14 commits
    • weinig@apple.com's avatar
      Install WebProcess XPC services into the right places · de9bcd80
      weinig@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=97385
      
      Reviewed by Anders Carlsson.
      
      * Configurations/WebProcessService.xcconfig:
      Update INSTALL_PATH to go into WebKit2.framework/Versions/A/XPCServices.
      
      * Configurations/WebProcessServiceForWebKitDevelopment.xcconfig:
      Since this config file is almost identical to WebProcessService.xcconfig,
      just #include it and change the one thing that is different, the INFOPLIST_FILE
              
      * WebKit2.xcodeproj/project.pbxproj:
      Follow XPC procedure and copy the services into the right place, WebKit2.framework/Versions/A/XPCServices
      in all builds except production builds where it is not necessary. Also add a symlink like everyone else
      does.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129312 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      de9bcd80
    • weinig@apple.com's avatar
      Allow setting a custom path to where the plug-in sandbox profiles are being kept · cf418240
      weinig@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=97399
      
      Reviewed by Anders Carlsson.
      
      Add a new default to allow controlling where to look for plug-in sandbox profiles
      called "PlugInSandboxProfileDirectoryPath".
      
      * PluginProcess/mac/PluginProcessMac.mm:
      (WebKit::initializeSandbox):
      Use the passed in sandboxProfileDirectoryPath instead of hard coding /usr/share/sandbox/.
      
      (WebKit::PluginProcess::platformInitialize):
      * Shared/Plugins/PluginProcessCreationParameters.cpp:
      (WebKit::PluginProcessCreationParameters::encode):
      (WebKit::PluginProcessCreationParameters::decode):
      * Shared/Plugins/PluginProcessCreationParameters.h:
      (PluginProcessCreationParameters):
      * UIProcess/Plugins/mac/PluginProcessProxyMac.mm:
      (WebKit::PluginProcessProxy::platformInitializePluginProcess):
      Grab the sandboxProfileDirectoryPath from standardUserDefaults and pass it to
      the plug-in.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129309 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      cf418240
    • dmazzoni@google.com's avatar
      AX: Layout tests would be easier to write if AccessibilityController could find an element by id · 8dea0ad0
      dmazzoni@google.com authored
      https://bugs.webkit.org/show_bug.cgi?id=97301
      
      Reviewed by Chris Fleizach.
      
      Source/WebCore:
      
      Add a method to get the DOM "id" attribute from an accessible object, only for layout tests.
      
      Makes existing test more cross-platform:
      Tests: accessibility/aria-hidden-with-elements.html
      
      * accessibility/mac/WebAccessibilityObjectWrapper.mm:
      (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):
      
      Tools:
      
      Adds a new accessibleElementById method to AccessibilityController, to make it
      easier to write cross-platform layout tests.
      
      Implemented for Chromium and for Mac (DRT and WKTR).
      
      * DumpRenderTree/AccessibilityController.cpp:
      (getAccessibleElementByIdCallback):
      (AccessibilityController::getJSClass):
      * DumpRenderTree/AccessibilityController.h:
      (AccessibilityController):
      * DumpRenderTree/DumpRenderTree.xcodeproj/project.pbxproj:
      * DumpRenderTree/chromium/TestRunner/AccessibilityControllerChromium.cpp:
      (AccessibilityController::AccessibilityController):
      (AccessibilityController::findAccessibleElementByIdRecursive):
      (AccessibilityController::getAccessibleElementById):
      (AccessibilityController::accessibleElementByIdGetterCallback):
      * DumpRenderTree/chromium/TestRunner/AccessibilityControllerChromium.h:
      (AccessibilityController):
      * DumpRenderTree/gtk/AccessibilityControllerGtk.cpp:
      (AccessibilityController::accessibleElementById):
      * DumpRenderTree/mac/AccessibilityCommonMac.h: added
      * DumpRenderTree/mac/AccessibilityCommonMac.mm: added
      (+[NSString stringWithJSStringRef:]):
      (-[NSString createJSStringRef]):
      * DumpRenderTree/mac/AccessibilityControllerMac.mm:
      (findAccessibleObjectById):
      (AccessibilityController::accessibleElementById):
      * DumpRenderTree/mac/AccessibilityUIElementMac.mm:
      * DumpRenderTree/win/AccessibilityControllerWin.cpp:
      (AccessibilityController::accessibleElementById):
      * WebKitTestRunner/InjectedBundle/AccessibilityController.cpp:
      (WTR::AccessibilityController::accessibleElementById):
      * WebKitTestRunner/InjectedBundle/AccessibilityController.h:
      (AccessibilityController):
      * WebKitTestRunner/InjectedBundle/Bindings/AccessibilityController.idl:
      * WebKitTestRunner/InjectedBundle/mac/AccessibilityCommonMac.h: added
      * WebKitTestRunner/InjectedBundle/mac/AccessibilityCommonMac.mm: added
      (+[NSString stringWithJSStringRef:]):
      (-[NSString createJSStringRef]):
      * WebKitTestRunner/InjectedBundle/mac/AccessibilityControllerMac.mm:
      (WTR::findAccessibleObjectById):
      (WTR):
      (WTR::AccessibilityController::accessibleElementById):
      * WebKitTestRunner/InjectedBundle/mac/AccessibilityUIElementMac.mm:
      * WebKitTestRunner/WebKitTestRunner.xcodeproj/project.pbxproj:
      
      LayoutTests:
      
      Modifies an existing test to use the new accessibleElementById
      method of AccessibilityController, enabling the test to pass on
      both Mac and Chromium.
      
      * accessibility/aria-hidden-with-elements.html:
      * platform/chromium/TestExpectations:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129308 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      8dea0ad0
    • ossy@webkit.org's avatar
      [Qt] Unreviewed weekend gardening, unskip now passing tests. · 3d96f0b0
      ossy@webkit.org authored
      * platform/qt/TestExpectations:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129307 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      3d96f0b0
    • dominik.rottsches@intel.com's avatar
      [EFL] Garden IETestCenter Bugs · 3848047b
      dominik.rottsches@intel.com authored
      https://bugs.webkit.org/show_bug.cgi?id=97392
      
      Unreviewed EFL gardening.
      
      Unskip a couple of IETestCenter bugs now that they pass.
      
      
      * platform/efl/TestExpectations:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129306 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      3848047b
    • commit-queue@webkit.org's avatar
      [GTK] Build is broken with GLib Unicode backend · 70d472b6
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=97308.
      
      Patch by Thierry Reding <thierry.reding@avionic-design.de> on 2012-09-22
      Reviewed by Carlos Garcia Campos.
      
      The TextBreakIteratorGtk implementation uses ubrk_close() to delete
      the iterator. However that function is ICU specific and not declared
      when using the GLib backend. Instead the iterator can simply be freed
      using the delete operator.
      
      This commit is based on work by Martin Schlemmer who posted a fix for
      this here:
      
          http://permalink.gmane.org/gmane.os.opendarwin.webkit.gtk/1210
      
      No new tests.
      
      * platform/text/gtk/TextBreakIteratorGtk.cpp:
      (WebCore::NonSharedCharacterBreakIterator::~NonSharedCharacterBreakIterator):
      Free iterator using delete instead of ubrk_close().
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129305 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      70d472b6
    • mihnea@adobe.com's avatar
      [CSSRegions]Add test for accelerating compositing of elements in RenderFlowThread · f9a20b04
      mihnea@adobe.com authored
      https://bugs.webkit.org/show_bug.cgi?id=97387
      
      Reviewed by Dirk Schulze.
      
      At this moment, accelerated compositing is disabled for elements inside a RenderFlowThread. This patch adds
      a specific test in compositing/regions that is expected to fail until https://bugs.webkit.org/show_bug.cgi?id=84900
      is fixed. The code for the new test is taken out of the existing fast/regions/webkit-flow-renderer-layer.html.
      
      * compositing/regions/webkit-flow-renderer-layer-compositing-expected.html: Added.
      * compositing/regions/webkit-flow-renderer-layer-compositing.html: Added.
      * fast/regions/webkit-flow-renderer-layer-expected.html:
      * fast/regions/webkit-flow-renderer-layer.html:
      * platform/chromium/TestExpectations:
      * platform/efl/TestExpectations:
      * platform/gtk/TestExpectations:
      * platform/mac/TestExpectations:
      * platform/qt/Skipped:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129304 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      f9a20b04
    • zandobersek@gmail.com's avatar
      Unexpected reftest passes are only reported when pixel testing is enabled · 7bfba514
      zandobersek@gmail.com authored
      https://bugs.webkit.org/show_bug.cgi?id=97242
      
      Reviewed by Dirk Pranke.
      
      LayoutTestRunner should know whether the finished test it's handling is
      a reftest. This is necessary when updating result summary for reftests
      when pixel testing is not enabled - in these circumstances an unexpectedly
      passing reftest was not reported as such due to pixel testing then being
      determined by searching for reftest failures in failures list, which were
      not found in an empty failure list of a passing test. Now the TestResult
      objects have a member variable indicating the test is a reftest whenever
      that's the case.
      
      * Scripts/webkitpy/layout_tests/controllers/layout_test_runner.py:
      (LayoutTestRunner._update_summary_with_result):
      * Scripts/webkitpy/layout_tests/controllers/layout_test_runner_unittest.py:
      (LayoutTestRunnerTests.test_update_summary_with_result):
      * Scripts/webkitpy/layout_tests/controllers/single_test_runner.py:
      (SingleTestRunner.run):
      (SingleTestRunner._run_reftest):
      * Scripts/webkitpy/layout_tests/models/test_results.py:
      (TestResult.__init__):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129303 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      7bfba514
    • zandobersek@gmail.com's avatar
      Unreviewed GTK gardening. · a9e0fe8d
      zandobersek@gmail.com authored
      Marking mathml/presentation/subsup.xhtml as flaky, the flakiness
      being observable after r128837.
      
      Adding image failure expectation for fast/text/word-space-with-kerning-2.html,
      introduced in r129233.
      
      * platform/gtk/TestExpectations:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129302 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      a9e0fe8d
    • ossy@webkit.org's avatar
      [Qt] Unreviewed weekend gardening, unskip now passing tests. · 2bc7a1c6
      ossy@webkit.org authored
      * platform/qt-5.0-wk1/Skipped:
      * platform/qt/Skipped:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129301 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      2bc7a1c6
    • mitz@apple.com's avatar
      [Qt] New fast/text/kerning-with-TextLayout.html fails · 2f68b188
      mitz@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=97388
      
      Moved this test into platform/mac, as it is not platform-independent, and TextLayout is currently
      used only on OS X.
      
      * fast/text/kerning-with-TextLayout-expected.html: Removed.
      * fast/text/kerning-with-TextLayout.html: Removed.
      * platform/mac/fast/text/kerning-with-TextLayout-expected.html: Copied from LayoutTests/fast/text/kerning-with-TextLayout-expected.html.
      * platform/mac/fast/text/kerning-with-TextLayout.html: Copied from LayoutTests/fast/text/kerning-with-TextLayout.html.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129300 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      2f68b188
    • ossy@webkit.org's avatar
      [Qt] Unreviewed weekend gardening, skip new failing tests. · b2f75e8f
      ossy@webkit.org authored
      * platform/qt-5.0-wk2/Skipped:
      * platform/qt/Skipped:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129299 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      b2f75e8f
    • ggaren@apple.com's avatar
      Unreviewed, rolled out a line I committed by accident. · 4916468b
      ggaren@apple.com authored
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::execute):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129298 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      4916468b
    • ggaren@apple.com's avatar
      Optimized closures that capture arguments · be8ad1fd
      ggaren@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=97358
      
      Reviewed by Oliver Hunt.
      
      Source/JavaScriptCore: 
      
      Previously, the activation object was responsible for capturing all
      arguments in a way that was convenient for the arguments object. Now,
      we move all captured variables into a contiguous region in the stack,
      allocate an activation for exactly that size, and make the arguments
      object responsible for knowing all the places to which arguments could
      have moved.
      
      This seems like the right tradeoff because
      
          (a) Closures are common and long-lived, so we want them to be small.
      
          (b) Our primary strategy for optimizing the arguments object is to make
          it go away. If you're allocating arguments objects, you're already having
          a bad time.
      
          (c) It's common to use either the arguments object or named argument
          closure, but not both.
      
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::dump):
      (JSC::CodeBlock::CodeBlock):
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::argumentsRegister):
      (JSC::CodeBlock::activationRegister):
      (JSC::CodeBlock::isCaptured):
      (JSC::CodeBlock::argumentIndexAfterCapture): m_numCapturedVars is gone
      now -- we have an explicit range instead.
      
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::BytecodeGenerator): Move captured arguments
      into the captured region of local variables for space efficiency. Record
      precise data about where they moved for the sake of the arguments object.
      
      Some of this data was previously wrong, but it didn't cause any problems
      because the arguments weren't actually moving.
      
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::flushArgumentsAndCapturedVariables): Don't
      assume that captured vars are in any particular location -- always ask
      the CodeBlock. This is better encapsulation.
      
      (JSC::DFG::ByteCodeParser::parseCodeBlock):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::compile): I rename things sometimes.
      
      * runtime/Arguments.cpp:
      (JSC::Arguments::tearOff): Account for a particularly nasty edge case.
      
      (JSC::Arguments::didTearOffActivation): Don't allocate our slow arguments
      data on tear-off. We need to allocate it eagerly instead, since we need
      to know about displaced, captured arguments during access before tear-off.
      
      * runtime/Arguments.h:
      (JSC::Arguments::allocateSlowArguments):
      (JSC::Arguments::argument): Tell our slow arguments array where all arguments
      are, even if they are not captured. This simplifies some things, so we don't
      have to account explicitly for the full matrix of (not torn off, torn off)
      * (captured, not captured).
      
      (JSC::Arguments::finishCreation): Allocate our slow arguments array eagerly
      because we need to know about displaced, captured arguments during access
      before tear-off.
      
      * runtime/Executable.cpp:
      (JSC::FunctionExecutable::FunctionExecutable):
      (JSC::FunctionExecutable::compileForCallInternal):
      (JSC::FunctionExecutable::compileForConstructInternal):
      * runtime/Executable.h:
      (JSC::FunctionExecutable::parameterCount):
      (FunctionExecutable):
      * runtime/JSActivation.cpp:
      (JSC::JSActivation::visitChildren):
      * runtime/JSActivation.h:
      (JSActivation):
      (JSC::JSActivation::create):
      (JSC::JSActivation::JSActivation):
      (JSC::JSActivation::registerOffset):
      (JSC::JSActivation::tearOff):
      (JSC::JSActivation::allocationSize):
      (JSC::JSActivation::isValid): This is really the point of the patch. All
      the pointer math in Activations basically boils away, since we always
      copy a contiguous region of captured variables now.
      
      * runtime/SymbolTable.h:
      (JSC::SlowArgument::SlowArgument):
      (SlowArgument):
      (SharedSymbolTable):
      (JSC::SharedSymbolTable::captureCount):
      (JSC::SharedSymbolTable::SharedSymbolTable): AllOfTheThings capture mode
      is gone now -- that's the point of the patch. indexIfCaptured gets renamed
      to index because we always have an index, even if not captured. (The only
      time when the index is meaningless is when we're Deleted.)
      
      LayoutTests: 
      
      * fast/js/dfg-arguments-alias-activation-expected.txt:
      * fast/js/dfg-arguments-alias-activation.html:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129297 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      be8ad1fd
  3. 21 Sep, 2012 22 commits
    • fischman@chromium.org's avatar
      HTMLMediaElement isn't garbage collected between document reloads · 9de834a3
      fischman@chromium.org authored
      https://bugs.webkit.org/show_bug.cgi?id=97020
      
      Reviewed by Eric Carlson.
      
      .:
      
      Manual test added: ManualTests/audio-freed-during-reload.html
      
      * ManualTests/audio-freed-during-reload.html:
      
      Source/WebCore:
      
      JS-created (as opposed to DOM-created) Audio nodes never got collected, because they
      appear to always hasPendingActivity(), because m_playing is never set to false.
      
      Manual test added: ManualTests/audio-freed-during-reload.html
      
      * html/HTMLMediaElement.cpp:
      (WebCore::HTMLMediaElement::stop): set m_playing = false; explicitly.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129296 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      9de834a3
    • weinig@apple.com's avatar
      Fix the Lion and Snow Leopard builds. · 5aa2e3ef
      weinig@apple.com authored
      * UIProcess/Launcher/mac/ProcessLauncherMac.mm:
      (WebKit::connectToWebProcessServiceForWebKitDevelopment):
      (WebKit::createWebProcessServiceForWebKitDevelopment):
      (WebKit::createWebProcessService):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129295 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      5aa2e3ef
    • simon.fraser@apple.com's avatar
      RenderMarquee causes ASSERTION FAILED: enclosingIntRect(rendererMappedResult)... · badbafc2
      simon.fraser@apple.com authored
      RenderMarquee causes ASSERTION FAILED: enclosingIntRect(rendererMappedResult) == enclosingIntRect(FloatQuad(result).boundingBox()) : WebCore::FloatRect WebCore::RenderGeometryMap::absoluteRect(const WebCore::FloatRect &) const
      https://bugs.webkit.org/show_bug.cgi?id=92464
      
      Reviewed by Sam Weinig.
      
      Marquees could cause an updateCompositingLayersAfterScroll() to be called when
      we're in the middle of updating layer positions. updateCompositingLayersAfterScroll()
      does a full RenderLayer tree walk, but its use of RenderGeomeryMap reveals that
      it's using layers whose positions haven't been updated yet.
      
      Fix by avoiding the updateCompositingLayersAfterScroll() if we're in the process
      of updating a marquee when updating layer positions. We'll do a compositing update
      soon anyway.
      
      Tested by fast/events/tabindex-focus-blur-all.html
      
      * rendering/RenderLayer.cpp:
      (WebCore::RenderLayer::RenderLayer):
      (WebCore::RenderLayer::updateLayerPositions):
      (WebCore::RenderLayer::updateLayerPositionsAfterScroll):
      (WebCore::RenderLayer::scrollTo):
      * rendering/RenderLayer.h:
      (RenderLayer):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129294 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      badbafc2
    • weinig@apple.com's avatar
      WebProcess XPC services need have their environment set without disrupting all other XPC services · 537f7345
      weinig@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=95161
      
      Reviewed by Anders Carlsson.
      
      Source/WebKit2:
      
      Replace the WebKit2Service with two new XPC services, the WebProcessService, which is only used
      when installed on the system, and the WebProcessServiceForWebKitDevelopment which is used at all
      other times. We need both services because XPC can't in general be configured to have a custom
      environment at runtime, and thus WebProcessServiceForWebKitDevelopment has the ability to re-exec
      itself into a desired state. That capability is rather undesirable for installed usage, where we
      don't want to allow arbitrary changes to the environment of the service, which would allow breaking
      the App Sandbox.
      
      * Configurations/WebProcessService.xcconfig: Copied from Source/WebKit2/Configurations/WebKit2Service.xcconfig.
      * Configurations/WebProcessServiceForWebKitDevelopment.xcconfig: Renamed from Source/WebKit2/Configurations/WebKit2Service.xcconfig.
      Add new configuration files.
      
      * Platform/mac/WorkQueueMac.cpp:
      (WorkQueue::registerMachPortEventHandler):
      (WorkQueue::unregisterMachPortEventHandler):
      Add helpful assertions. Without them, we confusingly crash a bit later in HashTable code.
      
      * UIProcess/Launcher/mac/ProcessLauncherMac.mm:
      (WebKit::addDYLDEnvironmentAdditions):
      Factor out environment additions to this helper function.
      
      (WebKit::connectToWebProcessServiceForWebKitDevelopment):
      (WebKit::createWebProcessServiceForWebKitDevelopment):
      Add functionality to setup the webkit development service via re-exec.
      
      (WebKit::createWebProcessService):
      Add functionality to connect to the installed WebProcess service.
      
      (WebKit::createProcess):
      Factor out posix_spawn based launching into this helper function.
      
      (WebKit::ProcessLauncher::launchProcess):
      Call the correct process creation function based on launch data and install state.
      
      * WebKit2.xcodeproj/project.pbxproj:
      Add new files to the project.
      
      * WebProcess/mac/WebProcessServiceEntryPoints.h: Renamed from Source/WebKit2/WebProcess/mac/WebProcessXPCServiceMain.h.
      * WebProcess/mac/WebProcessServiceEntryPoints.mm: Renamed from Source/WebKit2/WebProcess/mac/WebProcessXPCServiceMain.mm.
      (WebKit::WebProcessServiceEventHandler):
      (WebProcessServiceMain):
      (InitializeWebProcessForWebProcessServiceForWebKitDevelopment):
      Rename to WebProcessServiceEntryPoints since this is now used for both the WebProcessService and the
      WebProcessServiceForWebKitDevelopment.
      
      * WebProcessService/Info.plist: Copied from Source/WebKit2/WebKit2Service/Info.plist.
      * WebProcessService/WebProcessServiceMain.mm: Renamed from Source/WebKit2/WebKit2Service/MainMacService.mm.
      Add main for the WebProcessService which just calls into the WebProcessServiceEntryPoints in WebKit2.framework.
      
      * WebProcessServiceForWebKitDevelopment/Info.plist: Renamed from Source/WebKit2/WebKit2Service/Info.plist.
      * WebProcessServiceForWebKitDevelopment/WebProcessServiceForWebKitDevelopmentMain.mm: Added.
      Add main for the WebProcessServiceForWebKitDevelopment, which can't just call directly into WebProcessServiceEntryPoints
      as the framework path might not be set up correctly. This is also where we re-exec ourselves when required.
      
      Tools:
      
      Remove setting the __XPC_* environment variables.
      
      * Scripts/webkitdirs.pm:
      (setUpGuardMallocIfNeeded):
      (runMacWebKitApp):
      (execMacWebKitAppForDebugging):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129293 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      537f7345
    • barraclough@apple.com's avatar
      Eeeep - broke early boyer in bug#97382 · c1b7f46b
      barraclough@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=97383
      
      Rubber stamped by Sam Weinig.
      
      missed a child3 -> child2!
      
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::compileInstanceOf):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129292 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      c1b7f46b
    • dpranke@chromium.org's avatar
      Fix typo in additional-platform-directory patch just landed · b29b074d
      dpranke@chromium.org authored
      https://bugs.webkit.org/show_bug.cgi?id=97380
      
      Unreviewed, build fix.
      
      * Scripts/webkitpy/layout_tests/port/base.py:
      (Port.relative_test_filename):
      (Port.relative_perf_test_filename):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129291 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      b29b074d
    • barraclough@apple.com's avatar
      Unreviewed windows build fix. · 9d94ff7c
      barraclough@apple.com authored
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129290 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      9d94ff7c
    • barraclough@apple.com's avatar
      Pedantic test in Mozilla's JavaScript test suite fails. function-001.js function-001-n.js · 0d681454
      barraclough@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=27219
      
      Reviewed by Sam Weinig.
      
      These tests are just wrong.
      See ECMA 262 A.5, FunctionDelcaration does not require a semicolon.
      
      * tests/mozilla/expected.html:
      * tests/mozilla/js1_2/function/function-001-n.js:
      * tests/mozilla/js1_3/Script/function-001-n.js:
      * tests/mozilla/js1_3/regress/function-001-n.js:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129289 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      0d681454
    • adamk@chromium.org's avatar
      Remove bogus assertions from ChildListMutationScope · c2896149
      adamk@chromium.org authored
      https://bugs.webkit.org/show_bug.cgi?id=97372
      
      Reviewed by Ryosuke Niwa.
      
      Source/WebCore:
      
      Some asserts (and their accompanying comment) were trying to enforce
      proper usage of ChildListMutationScope from WebCore, but in the
      presence of MutationEvents they could fail due to arbitrary script
      execution.
      
      This change gets rid of those asserts and adds tests exercising
      the (pre-existing) codepaths for handling these out-of-order cases.
      Without this patch, these tests ASSERT in debug builds.
      
      Tests: fast/mutation/added-out-of-order.html
             fast/mutation/removed-out-of-order.html
      
      * dom/ChildListMutationScope.cpp:
      (WebCore::ChildListMutationAccumulator::childAdded):
      (WebCore::ChildListMutationAccumulator::willRemoveChild):
      * dom/ChildListMutationScope.h:
      (WebCore):
      
      LayoutTests:
      
      * fast/mutation/added-out-of-order-expected.txt: Added.
      * fast/mutation/added-out-of-order.html: Added.
      * fast/mutation/removed-out-of-order-expected.txt: Added.
      * fast/mutation/removed-out-of-order.html: Added.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129288 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      c2896149
    • barraclough@apple.com's avatar
      Remove redundant argument to op_instanceof · 094dbd98
      barraclough@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=97382
      
      Reviewed by Geoff Garen.
      
      No longer needed after my last change.
      
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::dump):
      * bytecode/Opcode.h:
      (JSC):
      (JSC::padOpcodeName):
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::emitInstanceOf):
      * bytecompiler/BytecodeGenerator.h:
      (BytecodeGenerator):
      * bytecompiler/NodesCodegen.cpp:
      (JSC::InstanceOfNode::emitBytecode):
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::execute):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::parseBlock):
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::compileInstanceOf):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::privateExecute):
      * jit/JITOpcodes.cpp:
      (JSC::JIT::emit_op_instanceof):
      (JSC::JIT::emitSlow_op_instanceof):
      * jit/JITOpcodes32_64.cpp:
      (JSC::JIT::emit_op_instanceof):
      (JSC::JIT::emitSlow_op_instanceof):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129287 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      094dbd98
    • andersca@apple.com's avatar
      Fix WebKit2 sandbox profile. · 8b669c9d
      andersca@apple.com authored
      Instead of using #pragmas, just disable all warnings in DerivedSources.make. I suspect
      that passing -traditional to the preprocessor disables support for #pragmas but I'm afraid
      to change it to something else.
      
      * DerivedSources.make:
      * WebProcess/com.apple.WebProcess.sb.in:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129286 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      8b669c9d
    • dpranke@chromium.org's avatar
      nrwt: don't require additional-platform-directory to be an abspath or live under LayoutTests · b63bce6e
      dpranke@chromium.org authored
      https://bugs.webkit.org/show_bug.cgi?id=97380
      
      Reviewed by Ojan Vafai.
      
      There doesn't seem to be a good reason for this restriction and
      it's useful to be able to point to directories outside the
      checkout for results (e.g., for local failures due to a 10.7.4
      install ;).
      
      * Scripts/webkitpy/layout_tests/port/base.py:
      (Port.relative_test_filename):
      (Port.relative_perf_test_filename):
      * Scripts/webkitpy/layout_tests/port/chromium_android.py:
      (ChromiumAndroidDriver._command_from_driver_input):
      * Scripts/webkitpy/layout_tests/run_webkit_tests.py:
      (_set_up_derived_options):
      * Scripts/webkitpy/layout_tests/run_webkit_tests_integrationtest.py:
      (MainTest.test_additional_platform_directory):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129285 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      b63bce6e
    • mitz@apple.com's avatar
      REGRESSION (r129176): Incorrect line breaking when kerning occurs between a... · 8520cd8c
      mitz@apple.com authored
      REGRESSION (r129176): Incorrect line breaking when kerning occurs between a space and the following character
      https://bugs.webkit.org/show_bug.cgi?id=97377
      
      Reviewed by Enrica Casucci.
      
      Source/WebCore: 
      
      Test: fast/text/kerning-with-TextLayout.html
      
      When kerning is enabled, the last character in a word may have its advance shortened because
      of its trailing space. To account for that, words are measured along with the trailing space,
      then the width of a space is subtracted from the result. This doesn’t work when the trailing
      space itself has its advance shortened due to the character following it, which can happen
      when using the TextLayout optimization. However, when the optimization is used, the advance
      of the last character of the word is already adjusted for the trailing space, so there is no
      need to measure with that space and subtract its advance.
      
      * rendering/RenderBlockLineLayout.cpp:
      (WebCore::RenderBlock::LineBreaker::nextLineBreak): Changed to not use the trailingSpaceWidth
      mechanism when TextLayout is being used.
      
      LayoutTests: 
      
      * fast/text/kerning-with-TextLayout-expected.html: Added.
      * fast/text/kerning-with-TextLayout.html: Added.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129284 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      8520cd8c
    • aelias@chromium.org's avatar
      [chromium] Forward-declare WebSize as a struct · 6bf757dd
      aelias@chromium.org authored
      https://bugs.webkit.org/show_bug.cgi?id=97381
      
      Reviewed by James Robinson.
      
      The mismatched "class" forward-declaration for WebSize in this file
      will cause a Clang error when it's included in Chromium.
      
      * chromium/public/WebCompositorSoftwareOutputDevice.h:
      (WebKit):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129283 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      6bf757dd
    • barraclough@apple.com's avatar
      Unreviewed windows build fix. · ac6e1891
      barraclough@apple.com authored
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129282 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      ac6e1891
    • barraclough@apple.com's avatar
      instanceof should not get the prototype for non-default HasInstance · b46d57b4
      barraclough@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=68656
      
      Reviewed by Oliver Hunt.
      
      Source/JavaScriptCore: 
      
      Instanceof is currently implemented as a sequance of three opcodes:
          check_has_instance
          get_by_id(prototype)
          op_instanceof
      There are three interesting types of base value that instanceof can be applied to:
          (A) Objects supporting default instanceof behaviour (functions, other than those created with bind)
          (B) Objects overriding the default instancecof behaviour with a custom one (API objects, bound functions)
          (C) Values that do not respond to the [[HasInstance]] trap.
      Currently check_has_instance handles case (C), leaving the op_instanceof opcode to handle (A) & (B). There are
      two problems with this apporach. Firstly, this is suboptimal for case (A), since we have to check for
      hasInstance support twice (once in check_has_instance, then for default behaviour in op_instanceof). Secondly,
      this means that in cases (B) we also perform the get_by_id, which is both suboptimal and an observable spec
      violation.
      
      The fix here is to move handing of non-default instanceof (cases (B)) to the check_has_instance op, leaving
      op_instanceof to handle only cases (A).
      
      * API/JSCallbackObject.h:
      (JSCallbackObject):
      * API/JSCallbackObjectFunctions.h:
      (JSC::::customHasInstance):
      * API/JSValueRef.cpp:
      (JSValueIsInstanceOfConstructor):
          - renamed hasInstance to customHasInstance
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::dump):
          - added additional parameters to check_has_instance opcode
      * bytecode/Opcode.h:
      (JSC):
      (JSC::padOpcodeName):
          - added additional parameters to check_has_instance opcode
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::emitCheckHasInstance):
          - added additional parameters to check_has_instance opcode
      * bytecompiler/BytecodeGenerator.h:
      (BytecodeGenerator):
          - added additional parameters to check_has_instance opcode
      * bytecompiler/NodesCodegen.cpp:
      (JSC::InstanceOfNode::emitBytecode):
          - added additional parameters to check_has_instance opcode
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::parseBlock):
          - added additional parameters to check_has_instance opcode
      * interpreter/Interpreter.cpp:
      (JSC::isInvalidParamForIn):
      (JSC::Interpreter::privateExecute):
          - Add handling for non-default instanceof to op_check_has_instance
      * jit/JITInlineMethods.h:
      (JSC::JIT::emitArrayProfilingSiteForBytecodeIndex):
          - Fixed no-LLInt no_DFG build
      * jit/JITOpcodes.cpp:
      (JSC::JIT::emit_op_check_has_instance):
      (JSC::JIT::emitSlow_op_check_has_instance):
          - check for ImplementsDefaultHasInstance, handle additional arguments to op_check_has_instance.
      (JSC::JIT::emit_op_instanceof):
      (JSC::JIT::emitSlow_op_instanceof):
          - no need to check for ImplementsDefaultHasInstance.
      * jit/JITOpcodes32_64.cpp:
      (JSC::JIT::emit_op_check_has_instance):
      (JSC::JIT::emitSlow_op_check_has_instance):
          - check for ImplementsDefaultHasInstance, handle additional arguments to op_check_has_instance.
      (JSC::JIT::emit_op_instanceof):
      (JSC::JIT::emitSlow_op_instanceof):
          - no need to check for ImplementsDefaultHasInstance.
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * jit/JITStubs.h:
          - Add handling for non-default instanceof to op_check_has_instance
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm:
          - move check for ImplementsDefaultHasInstance, handle additional arguments to op_check_has_instance.
      * runtime/ClassInfo.h:
      (MethodTable):
      (JSC):
          - renamed hasInstance to customHasInstance
      * runtime/CommonSlowPaths.h:
      (CommonSlowPaths):
          - removed opInstanceOfSlow (this was whittled down to one function call!)
      * runtime/JSBoundFunction.cpp:
      (JSC::JSBoundFunction::customHasInstance):
      * runtime/JSBoundFunction.h:
      (JSBoundFunction):
          - renamed hasInstance to customHasInstance, reimplemented.
      * runtime/JSCell.cpp:
      (JSC::JSCell::customHasInstance):
      * runtime/JSCell.h:
      (JSCell):
      * runtime/JSObject.cpp:
      (JSC::JSObject::hasInstance):
      (JSC):
      (JSC::JSObject::defaultHasInstance):
      * runtime/JSObject.h:
      (JSObject):
      
      LayoutTests: 
      
      * fast/js/function-bind-expected.txt:
          - check in passing result.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129281 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      b46d57b4
    • adamk@chromium.org's avatar
      Simplify and optimize ChildListMutationScope · b49e0c6a
      adamk@chromium.org authored
      https://bugs.webkit.org/show_bug.cgi?id=97352
      
      Reviewed by Ryosuke Niwa.
      
      ChildListMutationScope is one of the most complicated bits of
      MutationObserver implementation. This patch aims to simplify it for
      clarity and improve its performance (mostly by just doing less).
      
      The big change is to remove the MutationAccumulatorRouter class,
      replacing it with lifetime-management logic in ChildListMutationAccumulator
      ChildListMutationScope is expected to call getOrCreate() in
      its constructor, and each scope holds a RefPtr to the accumulator.
      When the last scope holding such a RefPtr is destroyed,
      ChildListMutationAccumulator's destructor enqueues the accumulated record.
      
      This greatly reduces the number of lines of code, and condenses
      two HashMaps into one. It also reduces hash lookups, which now
      occur only on scope creation and when the refcount for a given
      accumulator reaches 0 (previously, each childAdded and willRemoveChild
      call could result in two hash lookups each).
      
      There are some minor changes as well: the ChildListMutationAccumulator::clear()
      method is gone, as it was doing more work than necessary;
      DEFINE_STATIC_LOCAL is now used instead of hand-rolled static-management
      code; ChildListMutationAccumulator::m_lastAdded is no longer a RefPtr, since it
      always points at a Node that's already being ref'd by the accumulator.
      Also various minor syntactic cleanups.
      
      No new tests, no change in behavior.
      
      * dom/ChildListMutationScope.cpp:
      (WebCore::accumulatorMap): Reduced two maps to one, and manage its lifetime with DEFINE_STATIC_LOCAL.
      (WebCore::ChildListMutationAccumulator::ChildListMutationAccumulator): Remove unnecessary call to clear() (which itself has been removed).
      (WebCore::ChildListMutationAccumulator::~ChildListMutationAccumulator): Enqueue record if not empty at destruction, and have the accumulator
      remove itself from the map.
      (WebCore::ChildListMutationAccumulator::getOrCreate): Replaces half of MutationAccumulatorRouter's job.
      (WebCore::ChildListMutationAccumulator::childAdded): Minor RefPtr usage improvements.
      (WebCore::ChildListMutationAccumulator::isRemovedNodeInOrder): Simplify RefPtr syntax.
      (WebCore::ChildListMutationAccumulator::willRemoveChild): Minor RefPtr usage improvements.
      (WebCore::ChildListMutationAccumulator::enqueueMutationRecord): Replace call to clear() with clearing m_lastAdded,
      since it's the only bit not cleared by the MutationRecord creation call. Also remove
      isEmpty check and replace with asserts now that it's a private method.
      (WebCore::ChildListMutationAccumulator::isEmpty): Added more assertions about emptiness.
      * dom/ChildListMutationScope.h:
      (WebCore):
      (ChildListMutationAccumulator): Extract the inner class to make everything easier to read.
      (WebCore::ChildListMutationScope::ChildListMutationScope): Store m_accumulator rather than m_target.
      (WebCore::ChildListMutationScope::~ChildListMutationScope): ditto
      (WebCore::ChildListMutationScope::childAdded): ditto
      (WebCore::ChildListMutationScope::willRemoveChild): ditto
      (ChildListMutationScope):
      * html/HTMLElement.cpp: Remove unused ChildListMutationScope.h #include.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129280 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      b49e0c6a
    • roger_fong@apple.com's avatar
      Unreviewed. Skip this test because it relies on... · ca2554ec
      roger_fong@apple.com authored
      Unreviewed. Skip this test because it relies on sandboxed-iframe-origin-add.html which was removed in http://trac.webkit.org/changeset/129262.
      
      * platform/win/Skipped:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129279 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      ca2554ec
    • benjamin@webkit.org's avatar
      fast/dom/Geolocation/disconnected-frame.html test asserts · a25d6520
      benjamin@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=97376
      
      Patch by Benjamin Poulain <bpoulain@apple.com> on 2012-09-21
      Reviewed by Alexey Proskuryakov.
      
      Source/WebKit2: 
      
      In GeolocationPermissionRequestManager::cancelRequestForGeolocation, we access an iterator
      after its value has been removed from the table.
      There are two problems with that:
      -The iterator is no longer valid after the container has been modified.
      -If it was the last element, the table has been freed and the iterator points to deleted memory.
      
      We solve the issue by keeping a copy of the ID. We could have inverted the order of the calls
      but that would make the issue less visible for future change.
      
      Testing covered by fast/dom/Geolocation/disconnected-frame.html.
      
      * WebProcess/Geolocation/GeolocationPermissionRequestManager.cpp:
      (WebKit::GeolocationPermissionRequestManager::cancelRequestForGeolocation):
      
      LayoutTests: 
      
      * platform/wk2/Skipped:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129278 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      a25d6520
    • crogers@google.com's avatar
      BiquadFilterNode must take audio-rate parameter changes into account · 04bd8fcc
      crogers@google.com authored
      https://bugs.webkit.org/show_bug.cgi?id=97369
      
      Reviewed by Kenneth Russell.
      
      BiquadFilterNode is currently ignoring any timeline or audio-rate changes to its parameters.
      We now check if any of its parameters have timeline or audio-rate changes and, if so, take
      them into account.  Otherwise, we use ordinary parameter smoothing/de-zippering which is
      the case when the parameters are adjusted, for example, from a knob or slider in the UI.
      
      * Modules/webaudio/BiquadDSPKernel.cpp:
      (WebCore::BiquadDSPKernel::updateCoefficientsIfNecessary):
      * Modules/webaudio/BiquadProcessor.cpp:
      (WebCore::BiquadProcessor::checkForDirtyCoefficients):
      * Modules/webaudio/BiquadProcessor.h:
      (WebCore::BiquadProcessor::hasSampleAccurateValues):
      (BiquadProcessor):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129277 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      04bd8fcc
    • roger_fong@apple.com's avatar
      Unreviewed. Fix Windows specific accessibility test results. · 599dc6c5
      roger_fong@apple.com authored
      Missed some new lines in http://trac.webkit.org/changeset/129255.
      
      * platform/win/accessibility/aria-toggle-button-with-title-expected.txt:
      * platform/win/accessibility/canvas-fallback-content-2-expected.txt:
      * platform/win/accessibility/img-fallsback-to-title-expected.txt:
      * platform/win/accessibility/svg-image-expected.txt:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129276 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      599dc6c5
    • commit-queue@webkit.org's avatar
      Add support for OES_vertex_array_object in chromium · a2ae8b36
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=96578
      
      Patch by Brandon Jones <bajones@google.com> on 2012-09-21
      Reviewed by Kenneth Russell.
      
      Source/Platform:
      
      Added code to allow calls to the OES_vertex_array_object extension to interface
      properly with the chromium WebGL implementation.
      
      * chromium/public/WebGraphicsContext3D.h:
      (WebGraphicsContext3D):
      (WebKit::WebGraphicsContext3D::createVertexArrayOES):
      (WebKit::WebGraphicsContext3D::deleteVertexArrayOES):
      (WebKit::WebGraphicsContext3D::isVertexArrayOES):
      (WebKit::WebGraphicsContext3D::bindVertexArrayOES):
      
      Source/WebCore:
      
      Adding basic reference counting to WebGLBuffer objects to satisfy spec requirements
      for the OES_vertex_array_object extension. Added code to allow calls to the
      OES_vertex_array_object extension to interface properly with the chromium WebGL
      implementation.
      
      Test: fast/canvas/webgl/oes-vertex-array-object.html
      
      * html/canvas/WebGLRenderingContext.cpp:
      (WebCore):
      (WebCore::WebGLRenderingContext::deleteBuffer):
      (WebCore::WebGLRenderingContext::vertexAttribPointer):
      * html/canvas/WebGLVertexArrayObjectOES.cpp:
      (WebCore::WebGLVertexArrayObjectOES::setElementArrayBuffer):
      (WebCore):
      * html/canvas/WebGLVertexArrayObjectOES.h:
      (WebGLVertexArrayObjectOES):
      (WebCore::WebGLVertexArrayObjectOES::getVertexAttribStateSize):
      * platform/chromium/support/Extensions3DChromium.cpp:
      (WebCore::Extensions3DChromium::createVertexArrayOES):
      (WebCore::Extensions3DChromium::deleteVertexArrayOES):
      (WebCore::Extensions3DChromium::isVertexArrayOES):
      (WebCore::Extensions3DChromium::bindVertexArrayOES):
      
      LayoutTests:
      
      Brought over KHRONOS conformance test for OES_vertex_array_object
      
      * fast/canvas/webgl/oes-vertex-array-object-expected.txt: Added.
      * fast/canvas/webgl/oes-vertex-array-object.html: Added.
      * platform/efl/Skipped:
      * platform/gtk-wk2/Skipped:
      * platform/mac/Skipped:
      * platform/wk2/Skipped:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129275 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      a2ae8b36