WebKit-https.git
7 years agoIndexedDB: Protect against key prefix overflows
alecflett@chromium.org [Mon, 11 Mar 2013 17:37:53 +0000 (17:37 +0000)]
IndexedDB: Protect against key prefix overflows
https://bugs.webkit.org/show_bug.cgi?id=111138

Reviewed by Tony Chang.

Source/WebCore:

This reworks the boundary checking for all databaseId,
objectStoreId, and indexId, including negative and
zero-based ids. All entrypoints into IDBLevelDBCoding
are protected with explicit checks and all internal
uses of KeyPrefix are protected with ASSERTs in the
various constructors.

Tests: WebKit unit tests IDBBackingStoreTest.cpp in WebKit/chromium

* Modules/indexeddb/IDBBackingStore.h: Make all public methods boolean-based for errors.
* Modules/indexeddb/IDBLevelDBCoding.h: Add methods for checking databaseId, objectStoreId, and indexId.

Source/WebKit/chromium:

Add tests for invalid indexIds in basic get/put operations.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145375 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[BlackBerry] Disable MathML support
commit-queue@webkit.org [Mon, 11 Mar 2013 17:17:34 +0000 (17:17 +0000)]
[BlackBerry] Disable MathML support
https://bugs.webkit.org/show_bug.cgi?id=111929

Patch by Jeff Rogers <jrogers@rim.com> on 2013-03-11
Reviewed by Rob Buis.

.:

* Source/cmake/OptionsBlackBerry.cmake:

Tools:

* Scripts/webkitperl/FeatureList.pm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145373 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[BlackBerry] PlatformBlackBerry.cmake: create thin AR archives
commit-queue@webkit.org [Mon, 11 Mar 2013 17:07:51 +0000 (17:07 +0000)]
[BlackBerry] PlatformBlackBerry.cmake: create thin AR archives
https://bugs.webkit.org/show_bug.cgi?id=110580

Patch by Xan Lopez <xlopez@igalia.com> on 2013-03-11
Reviewed by Rob Buis.

Otherwise libwebcore.a goes beyond the 4Gb file size limit and the
link phase fails.

* PlatformBlackBerry.cmake:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145372 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoWeb Inspector: fix styles toolbar in the vertical mode.
pfeldman@chromium.org [Mon, 11 Mar 2013 16:07:41 +0000 (16:07 +0000)]
Web Inspector: fix styles toolbar in the vertical mode.
Not reviewed: swapped two lines.

* inspector/front-end/ElementsPanel.js:
(WebInspector.ElementsPanel.prototype._splitVertically):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145371 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoWeb Inspector: [CodeMirror] add token highlight feature
commit-queue@webkit.org [Mon, 11 Mar 2013 15:59:24 +0000 (15:59 +0000)]
Web Inspector: [CodeMirror] add token highlight feature
https://bugs.webkit.org/show_bug.cgi?id=112009

Patch by Andrey Lushnikov <lushnikov@chromium.org> on 2013-03-11
Reviewed by Pavel Feldman.

Handle CodeMirror's "cursorActivity" event, check selection for being
a word and highlight all its occurrences via CodeMirror.addOverlay method.

No new tests.

* inspector/front-end/CodeMirrorTextEditor.js:
(WebInspector.CodeMirrorTextEditor):
(WebInspector.CodeMirrorTextEditor.TokenHighlighter):
(WebInspector.CodeMirrorTextEditor.TokenHighlighter.prototype._cursorChange):
(WebInspector.CodeMirrorTextEditor.TokenHighlighter.prototype._isWord):
(WebInspector.CodeMirrorTextEditor.TokenHighlighter.prototype._removeHighlight):
(WebInspector.CodeMirrorTextEditor.TokenHighlighter.prototype._addHighlight.nextToken):
(WebInspector.CodeMirrorTextEditor.TokenHighlighter.prototype._addHighlight):
* inspector/front-end/cm/cmdevtools.css:
(.cm-token-highlight):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145370 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoMake it possible to reuse sandbox extensions
ap@apple.com [Mon, 11 Mar 2013 15:51:56 +0000 (15:51 +0000)]
Make it possible to reuse sandbox extensions
https://bugs.webkit.org/show_bug.cgi?id=111883

Reviewed by Anders Carlsson.

This allows for properly keeping extensions in NetworkBlobRegistry for as long as
they are needed.

The patch also fixes a bug where extensions would leak when navigating between
file:// pages.

* NetworkProcess/SchedulableLoader.cpp:
Revoke the extensions, but don't invalidate - we may need them later.

* Shared/Downloads/Download.cpp:
(WebKit::Download::didFinish):
(WebKit::Download::didFail):
(WebKit::Download::didCancel):
Replaced invalidate() with revoke() and clearing out. SandboxExtension destructor
now requires revocations wto be balanced, as otherwise understanding dual reference
counting in SandboxExtension would be too difficult.

* Shared/SandboxExtension.h: We now keep track of how many times the extension
was consumed. Eventually, we should refactor the class to not have such duplicate
reference counting.
* Shared/mac/SandboxExtensionMac.mm:
(WebKit::SandboxExtension::SandboxExtension): Initialize use count.
(WebKit::SandboxExtension::~SandboxExtension): We now require consume/revoke calls
to be balanced. This is not hard to do in existing usage, and makes the design much
more reliable.
(WebKit::SandboxExtension::revoke): Don't permanently destroy the extension when
invalidatid, we may need it in the future.
(WebKit::SandboxExtension::consume): Added use counting.

* Shared/WebMemorySampler.cpp: (WebKit::WebMemorySampler::stop): This extension
is not going to be reused.

* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::performDragControllerAction): Pending extensions are not consumed,
so there is no need to revoke.
(WebKit::WebPage::SandboxExtensionTracker::invalidate): Pending extension is not
consumed, and the other two always are.
(WebKit::WebPage::SandboxExtensionTracker::setPendingProvisionalSandboxExtension):
Pending extension is never consumed in place, no need to revoke.
(WebKit::WebPage::SandboxExtensionTracker::didStartProvisionalLoad): Do not unset
reused committed extension yet - we may need it later if provisional load fails.
Thanks to use counting, we can now consume the same extension as both committed
and provisional.
(WebKit::WebPage::SandboxExtensionTracker::didCommitProvisionalLoad): Now the
committed extension can be revoked and replaced.
(WebKit::WebPage::SandboxExtensionTracker::didFailProvisionalLoad): Just revoke
provisional extension, committed one is still in place.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145369 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoWeb Inspector: [CodeMirror] set indentation size according to devtools settings
commit-queue@webkit.org [Mon, 11 Mar 2013 15:49:30 +0000 (15:49 +0000)]
Web Inspector: [CodeMirror] set indentation size according to devtools settings
https://bugs.webkit.org/show_bug.cgi?id=111717

Patch by Andrey Lushnikov <lushnikov@chromium.org> on 2013-03-11
Reviewed by Pavel Feldman.

Set up codemirror indent size according to devtools settings.

No new tests.

* inspector/front-end/CodeMirrorTextEditor.js:
(.get if):
(WebInspector.CodeMirrorTextEditor):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145368 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoWeb Inspector: add per image statistics to the native memory snapshot
yurys@chromium.org [Mon, 11 Mar 2013 15:47:44 +0000 (15:47 +0000)]
Web Inspector: add per image statistics to the native memory snapshot
https://bugs.webkit.org/show_bug.cgi?id=112011

Reviewed by Pavel Feldman.

Added per-image statistics to the native memory distribution table.

* inspector/front-end/HeapSnapshotProxy.js:
(WebInspector.HeapSnapshotWorker):
(WebInspector.HeapSnapshotWorker.prototype.createLoader):
(WebInspector.HeapSnapshotWorker.prototype.wrapCallback):
(WebInspector.HeapSnapshotWorker.prototype.callFactoryMethod):
(WebInspector.HeapSnapshotProxyObject.prototype.callFactoryMethod): the method now accepts
proxy constructor function instead of its name. This eliminates unnecessary function lookup.
(WebInspector.HeapSnapshotLoaderProxy):
(WebInspector.HeapSnapshotLoaderProxy.prototype.close):
(WebInspector.HeapSnapshotProxy.prototype.createEdgesProvider):
(WebInspector.HeapSnapshotProxy.prototype.createRetainingEdgesProvider):
(WebInspector.HeapSnapshotProxy.prototype.createAddedNodesProvider):
(WebInspector.HeapSnapshotProxy.prototype.createDeletedNodesProvider):
(WebInspector.HeapSnapshotProxy.prototype.createNodesProvider):
(WebInspector.HeapSnapshotProxy.prototype.createNodesProviderForClass):
(WebInspector.HeapSnapshotProxy.prototype.createNodesProviderForDominator):
(WebInspector.NativeHeapSnapshotProxy):
(WebInspector.NativeHeapSnapshotProxy.prototype.images):
* inspector/front-end/HeapSnapshotView.js:
(WebInspector.HeapProfileHeader.prototype.snapshotProxyConstructor):
(WebInspector.HeapProfileHeader.prototype._setupWorker):
* inspector/front-end/NativeHeapSnapshot.js:
(WebInspector.NativeHeapSnapshot.prototype.images):
* inspector/front-end/NativeMemorySnapshotView.js:
(WebInspector.NativeSnapshotNode):
(WebInspector.NativeSnapshotNode.prototype._createSizeCell):
(WebInspector.NativeSnapshotNode.prototype._populate):
(WebInspector.NativeSnapshotNode.prototype._addChildrenFromGraph):
(WebInspector.NativeSnapshotNode.prototype._addImageDetails.didLoad.didReceiveImages):
(WebInspector.NativeSnapshotNode.prototype._addImageDetails):
(WebInspector.NativeSnapshotProfileHeader.prototype.snapshotProxyConstructor):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145367 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[Qt] Enable tiled shadow blur for inset box shadows
allan.jensen@digia.com [Mon, 11 Mar 2013 15:43:06 +0000 (15:43 +0000)]
[Qt] Enable tiled shadow blur for inset box shadows
https://bugs.webkit.org/show_bug.cgi?id=111736

Reviewed by Noam Rosenthal.

Paint inset box-shadows using the optimized tiled shadow blur, instead of
applying shadow blur to the entire painted rect.

This optimizes the default CSS on common pastebin sites.

Tested by existing tests.

* platform/graphics/GraphicsContext.cpp:
* platform/graphics/ShadowBlur.cpp:
(WebCore::ShadowBlur::drawInsetShadowWithTiling):
    Must set fill color before calling clearShadow, as that might clear m_color.
(WebCore::ShadowBlur::drawLayerPieces):
    Ditto.
* platform/graphics/qt/GraphicsContextQt.cpp:
(WebCore::GraphicsContext::fillPath):
(WebCore::GraphicsContext::fillRectWithRoundedHole):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145366 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[BlackBerry] SelectionHandler: bring back m_lastSelection attribute
commit-queue@webkit.org [Mon, 11 Mar 2013 15:33:35 +0000 (15:33 +0000)]
[BlackBerry] SelectionHandler: bring back m_lastSelection attribute
https://bugs.webkit.org/show_bug.cgi?id=111972

Patch by Alberto Garcia <agarcia@igalia.com> on 2013-03-11
Reviewed by Rob Buis.

This was removed in r144515 but is still needed by
SelectionHandler::selectionPositionChanged().

* WebKitSupport/SelectionHandler.h:
(SelectionHandler):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145365 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago(tests) make nodesFromRect.js print a list of nodes that were found
commit-queue@webkit.org [Mon, 11 Mar 2013 15:31:36 +0000 (15:31 +0000)]
(tests) make nodesFromRect.js print a list of nodes that were found
https://bugs.webkit.org/show_bug.cgi?id=111793

Patch by Christian Biesinger <cbiesinger@chromium.org> on 2013-03-11
Reviewed by Allan Sandfeld Jensen.

* fast/dom/nodesFromRect/resources/nodesFromRect.js:
(nodeToString):
(nodeListToString):
(check):
(nodesFromRectAsString):
Move node prettyprinting code from nodesFromRectAsString to new
functions nodeToString and nodeListToString, and make use of it in
check().
I've also converted the nodeType checks to use the constants on Node
instead of using magic numbers.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145364 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[BlackBerry] GraphicsLayer: rename notifySyncRequired to notifyFlushRequired
commit-queue@webkit.org [Mon, 11 Mar 2013 15:26:17 +0000 (15:26 +0000)]
[BlackBerry] GraphicsLayer: rename notifySyncRequired to notifyFlushRequired
https://bugs.webkit.org/show_bug.cgi?id=111997

Patch by Alberto Garcia <agarcia@igalia.com> on 2013-03-11
Reviewed by Rob Buis.

This changed in r130439 but the old name was introduced again by
mistake in r144465.

* platform/graphics/blackberry/GraphicsLayerBlackBerry.h:
(WebCore::GraphicsLayerBlackBerry::notifyFlushRequired):
* platform/graphics/blackberry/LayerWebKitThread.cpp:
(WebCore::LayerWebKitThread::setNeedsCommit):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145363 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoInappropriate validation message for required number/date input elements
tkent@chromium.org [Mon, 11 Mar 2013 14:43:40 +0000 (14:43 +0000)]
Inappropriate validation message for required number/date input elements
https://bugs.webkit.org/show_bug.cgi?id=111982

Reviewed by Kentaro Hara.

Source/WebCore:

For validation message, badInput messages should take precedence
over valueMissing messages because users already filled out the
field with a bad value.

Tests: Update fast/forms/validationMessage.html

* html/InputType.cpp:
(WebCore::InputType::validationMessage):
Check badInput first.

LayoutTests:

* fast/forms/validationMessage-expected.txt:
* fast/forms/validationMessage.html:
* platform/chromium/fast/forms/validationMessage-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145362 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[EFL][GTK][WKTR] Regression(r145231): Undefined symbol in libTestRunnerInjectedBundle.so
ch.dumez@sisa.samsung.com [Mon, 11 Mar 2013 14:19:29 +0000 (14:19 +0000)]
[EFL][GTK][WKTR] Regression(r145231): Undefined symbol in libTestRunnerInjectedBundle.so
https://bugs.webkit.org/show_bug.cgi?id=111970

Reviewed by Chris Fleizach.

Provide dummy implementation for AccessibilityUIElement::supportedActions() in ATK
or libTestRunnerInjectedBundle.so cannot be loaded in EFL / GTK otherwise, due to
undefined symbol.

* WebKitTestRunner/InjectedBundle/atk/AccessibilityUIElementAtk.cpp:
(WTR::AccessibilityUIElement::supportedActions):
(WTR):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145361 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[EFL] Build fix after r143192 when SPELLCHECK is off
g.czajkowski@samsung.com [Mon, 11 Mar 2013 13:54:11 +0000 (13:54 +0000)]
[EFL] Build fix after r143192 when SPELLCHECK is off

Unreviewed build fix when SPELLCHECK macro is off.

* UIProcess/efl/TextCheckerEfl.cpp:
(WebKit):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145360 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoWeb Inspector: extract common parts of native profiles
yurys@chromium.org [Mon, 11 Mar 2013 12:43:10 +0000 (12:43 +0000)]
Web Inspector: extract common parts of native profiles
https://bugs.webkit.org/show_bug.cgi?id=111965

Reviewed by Alexander Pavlov.

Extracted common parts of native profiles into NativeProfileTypeBase. Memory
domain dispatcher is now a separate class as it is shared by two native memory
profile types.

Both native memory profile types now capture native heap graph.

* inspector/front-end/NativeMemorySnapshotView.js:
(WebInspector.MemoryAgentDispatcher.instance):
(WebInspector.NativeProfileTypeBase.prototype.buttonClicked.didReceiveMemorySnapshot):
(WebInspector.NativeProfileTypeBase.prototype.buttonClicked):
(WebInspector.NativeSnapshotProfileType):
(WebInspector.NativeSnapshotProfileHeader.prototype._didReceiveMemorySnapshot):
(WebInspector.NativeMemoryProfileType):
(WebInspector.NativeMemoryProfileHeader.prototype._updateSnapshotStatus):
(WebInspector.NativeMemoryProfileHeader.prototype._didReceiveMemorySnapshot):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145357 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoUnreviewed EFL gardening.
ch.dumez@sisa.samsung.com [Mon, 11 Mar 2013 12:06:37 +0000 (12:06 +0000)]
Unreviewed EFL gardening.

Unskip most of the websocket hybi test cases on EFL port as they
are passing nowadays.

* platform/efl-wk1/TestExpectations:
* platform/efl-wk2/TestExpectations:
* platform/efl/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145356 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[chromium] Android apk targets should depend directly on Java library targets
commit-queue@webkit.org [Mon, 11 Mar 2013 11:11:49 +0000 (11:11 +0000)]
[chromium] Android apk targets should depend directly on Java library targets
https://bugs.webkit.org/show_bug.cgi?id=111746

Patch by Chris Hopman <cjhopman@chromium.org> on 2013-03-11
Reviewed by Eric Seidel.

Source/WebKit/chromium:

* WebKitUnitTests.gyp:
Make webkit_unit_tests_apk depend directly on base_java and net_java.

Tools:

* DumpRenderTree/DumpRenderTree.gyp/DumpRenderTree.gyp:
Make DumpRenderTree_apk depend directly on base_java and net_java.
* TestWebKitAPI/TestWebKitAPI.gyp/TestWebKitAPI.gyp:
Make TestWebKitAPI_apk depend directly on base_java.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145355 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoUnreviewed, rolling out r145349.
commit-queue@webkit.org [Mon, 11 Mar 2013 10:56:27 +0000 (10:56 +0000)]
Unreviewed, rolling out r145349.
http://trac.webkit.org/changeset/145349
https://bugs.webkit.org/show_bug.cgi?id=111966

Missing code history of Element,PageRuleCollector. (Requested
by tasak on #webkit).

Patch by Sheriff Bot <webkit.review.bot@gmail.com> on 2013-03-11

* CMakeLists.txt:
* GNUmakefile.list.am:
* Target.pri:
* WebCore.gypi:
* WebCore.xcodeproj/project.pbxproj:
* css/CSSAllInOne.cpp:
* css/DocumentRuleSets.cpp:
(WebCore::ShadowDistributedRules::collectMatchRequests):
* css/DocumentRuleSets.h:
* css/ElementRuleCollector.cpp: Removed.
* css/ElementRuleCollector.h: Removed.
* css/PageRuleCollector.cpp: Removed.
* css/PageRuleCollector.h: Removed.
* css/StyleResolver.cpp:
(WebCore::leftToRightDeclaration):
(WebCore):
(WebCore::rightToLeftDeclaration):
(WebCore::StyleResolver::State::ensureRuleList):
(WebCore::StyleResolver::State::clear):
(WebCore::StyleResolver::addMatchedProperties):
(WebCore::StyleResolver::addElementStyleProperties):
(MatchingUARulesScope):
(WebCore::MatchingUARulesScope::MatchingUARulesScope):
(WebCore::MatchingUARulesScope::~MatchingUARulesScope):
(WebCore::MatchingUARulesScope::isMatchingUARules):
(WebCore::StyleResolver::collectMatchingRules):
(WebCore::StyleResolver::collectMatchingRulesForRegion):
(WebCore::StyleResolver::sortAndTransferMatchedRules):
(WebCore::StyleResolver::matchScopedAuthorRules):
(WebCore::StyleResolver::matchHostRules):
(WebCore::StyleResolver::matchAuthorRules):
(WebCore::StyleResolver::matchUserRules):
(WebCore::StyleResolver::matchUARules):
(WebCore::StyleResolver::collectMatchingRulesForList):
(WebCore::compareRules):
(WebCore::StyleResolver::sortMatchedRules):
(WebCore::StyleResolver::matchAllRules):
(WebCore::StyleResolver::State::initForStyleResolve):
(WebCore::StyleResolver::styleSharingCandidateMatchesRuleSet):
(WebCore::StyleResolver::styleForElement):
(WebCore::StyleResolver::styleForKeyframe):
(WebCore::StyleResolver::pseudoStyleForElement):
(WebCore::StyleResolver::styleForPage):
(WebCore::StyleResolver::pseudoStyleRulesForElement):
(WebCore::StyleResolver::ruleMatches):
(WebCore::StyleResolver::checkRegionSelector):
(WebCore::comparePageRules):
(WebCore::StyleResolver::matchPageRules):
(WebCore::checkPageSelectorComponents):
(WebCore::StyleResolver::matchPageRulesForList):
(WebCore::StyleResolver::isLeftPage):
(WebCore::StyleResolver::isFirstPage):
(WebCore::StyleResolver::pageName):
* css/StyleResolver.h:
(WebCore::MatchRequest::MatchRequest):
(MatchRequest):
(StyleResolver):
(MatchResult):
(WebCore::StyleResolver::State::State):
(State):
(WebCore::StyleResolver::State::takeRuleList):
(WebCore::StyleResolver::State::setSameOriginOnly):
(WebCore::StyleResolver::State::isSameOriginOnly):
(WebCore::StyleResolver::State::pseudoStyleRequest):
(WebCore::StyleResolver::State::setMode):
(WebCore::StyleResolver::State::mode):
(WebCore::StyleResolver::State::matchedRules):
(WebCore::StyleResolver::State::addMatchedRule):
* inspector/InspectorCSSAgent.cpp:
(WebCore::InspectorCSSAgent::willMatchRule):
* inspector/InspectorCSSAgent.h:
(WebCore):
(InspectorCSSAgent):
* inspector/InspectorInstrumentation.cpp:
(WebCore):
(WebCore::InspectorInstrumentation::willMatchRuleImpl):
* inspector/InspectorInstrumentation.h:
(WebCore):
(InspectorInstrumentation):
(WebCore::InspectorInstrumentation::willMatchRule):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145354 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[V8] Fix V8InjectedScriptManager
commit-queue@webkit.org [Mon, 11 Mar 2013 10:44:33 +0000 (10:44 +0000)]
[V8] Fix V8InjectedScriptManager
https://bugs.webkit.org/show_bug.cgi?id=111968

Patch by Marja Hölttä <marja@chromium.org> on 2013-03-11
Reviewed by Kentaro Hara.

This is needed to make the inspector work after templates for main world
and non-main worlds are separated (bug 111724).

No new tests (no changes in functionality).

* bindings/v8/custom/V8InjectedScriptManager.cpp:
(WebCore::InjectedScriptManager::canAccessInspectedWindow):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145353 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoMake sure that CSSSelector::setValue() is never called after parsing its pseudoType.
hayato@chromium.org [Mon, 11 Mar 2013 10:36:21 +0000 (10:36 +0000)]
Make sure that CSSSelector::setValue() is never called after parsing its pseudoType.
https://bugs.webkit.org/show_bug.cgi?id=111957

Reviewed by Hajime Morrita.

It'd be nice to have an assertion here since
CSSSelector::pseudoType() will never parse a new value after it
parses a value and m_pseudoType is set to non-PseudoNotParsed.

No new tests (no change in behaviour).

* css/CSSSelector.h:
(WebCore::CSSSelector::setValue):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145352 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[Chromium] Mark LayoutTests/html5lib/generated/run-tests16-data.html as slow
commit-queue@webkit.org [Mon, 11 Mar 2013 09:55:50 +0000 (09:55 +0000)]
[Chromium] Mark LayoutTests/html5lib/generated/run-tests16-data.html as slow
https://bugs.webkit.org/show_bug.cgi?id=111960

Patch by Alan Cutter <alancutter@chromium.org> on 2013-03-11
Reviewed by Eric Seidel.

Related to V8 performance issue: https://code.google.com/p/v8/issues/detail?id=2567

* platform/chromium/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145351 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[Qt] Unrewieved gardening. Cleaning up some skip.
zarvai@inf.u-szeged.hu [Mon, 11 Mar 2013 09:53:23 +0000 (09:53 +0000)]
[Qt] Unrewieved gardening. Cleaning up some skip.

* platform/qt-5.0-wk1/TestExpectations:
* platform/qt-5.0-wk2/TestExpectations:
* platform/qt/TestExpectations:
* platform/qt/editing/pasteboard/paste-text-016-expected.txt: Rebaselining after r145296.
* platform/qt/fast/dynamic/002-expected.txt: Rebaselining after r145296.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145350 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[Refactoring] Implement RuleCollector
tasak@google.com [Mon, 11 Mar 2013 09:50:30 +0000 (09:50 +0000)]
[Refactoring] Implement RuleCollector
https://bugs.webkit.org/show_bug.cgi?id=109916

Reviewed by Antti Koivisto.

Implemented rule collector for an element and collector for a page.
Not all members in class State are required entire while resolving
a style.

No new tests, because just refactoring.

* CMakeLists.txt:
* GNUmakefile.list.am:
* Target.pri:
* WebCore.gypi:
* WebCore.xcodeproj/project.pbxproj:
* css/CSSAllInOne.cpp:
Added ElementRuleCollector and PageRuleCollector.
* css/DocumentRuleSets.cpp:
(WebCore::ShadowDistributedRules::collectMatchRequests):
Since behaviorAtBoundary is a state owned by ElementRuleCollector,
removed from here.
* css/DocumentRuleSets.h:
(WebCore::ShadowDistributedRules::isEmpty):
Added to quickly check whether there exist any ShadowDistributedRules
or not.
* css/ElementRuleCollector.cpp: Copied from Source/WebCore/css/StyleResolver.cpp.
(WebCore):
(WebCore::ElementRuleCollector::matchedResult):
(WebCore::ElementRuleCollector::matchedRuleList):
(WebCore::ElementRuleCollector::addMatchedRule):
(WebCore::ElementRuleCollector::clearMatchedRules):
(WebCore::ElementRuleCollector::ensureRuleList):
(WebCore::ElementRuleCollector::addElementStyleProperties):
(WebCore::ElementRuleCollector::collectMatchingRules):
(WebCore::ElementRuleCollector::collectMatchingRulesForRegion):
(WebCore::ElementRuleCollector::sortAndTransferMatchedRules):
(WebCore::ElementRuleCollector::matchScopedAuthorRules):
(WebCore::ElementRuleCollector::matchHostRules):
(WebCore::ElementRuleCollector::matchShadowDistributedRules):
(WebCore::ElementRuleCollector::matchAuthorRules):
(WebCore::ElementRuleCollector::matchUserRules):
(WebCore::ElementRuleCollector::matchUARules):
(WebCore::ElementRuleCollector::ruleMatches):
(WebCore::ElementRuleCollector::collectMatchingRulesForList):
(WebCore::ElementRuleCollector::sortMatchedRules):
(WebCore::ElementRuleCollector::matchAllRules):
Moved these methods from StyleResolver to this class.
(WebCore::ElementRuleCollector::hasAnyMatchingRules):
This method is used for checking whether a given element can share
a cache.
* css/ElementRuleCollector.h: Copied from Source/WebCore/css/StyleResolver.h.
(WebCore):
(WebCore::ElementRuleCollector::ElementRuleCollector):
Use styleResolver instance to initialize its member variables, i.e.
SelectorFilter, RuleSets, InspectorCSSOMWrappers, and
StyleScopedResolver.
(ElementRuleCollector):
(WebCore::ElementRuleCollector::setMode):
(WebCore::ElementRuleCollector::setPseudoStyleRequest):
(WebCore::ElementRuleCollector::setSameOriginOnly):
(WebCore::ElementRuleCollector::setRegionForStyling):
Mode, SameOriginOnly, RegionForStyling are only used while collecting
matched rules.
(WebCore::ElementRuleCollector::setMedium):
Need to know which default stylesheet should be looked up.
(WebCore::ElementRuleCollector::document):
* css/PageRuleCollector.cpp: Copied from Source/WebCore/css/StyleResolver.cpp.
(WebCore::comparePageRules):
(WebCore::PageRuleCollector::isLeftPage):
(WebCore::PageRuleCollector::isFirstPage):
(WebCore::PageRuleCollector::pageName):
(WebCore::PageRuleCollector::matchAllPageRules):
(WebCore::PageRuleCollector::matchPageRules):
(WebCore::checkPageSelectorComponents):
(WebCore::PageRuleCollector::matchPageRulesForList):
Moved from StyleResolver.
* css/PageRuleCollector.h: Copied from Source/WebCore/css/StyleResolver.h.
(WebCore):
(WebCore::PageRuleCollector::PageRuleCollector):
(PageRuleCollector):
(WebCore::PageRuleCollector::matchedResult):
* css/StyleResolver.cpp:
(WebCore):
(WebCore::StyleResolver::State::clear):
(WebCore::StyleResolver::MatchResult::addMatchedProperties):
(WebCore::StyleResolver::State::initForStyleResolve):
(WebCore::StyleResolver::styleSharingCandidateMatchesRuleSet):
(WebCore::StyleResolver::styleForElement):
(WebCore::StyleResolver::styleForKeyframe):
(WebCore::StyleResolver::pseudoStyleForElement):
(WebCore::StyleResolver::styleForPage):
(WebCore::StyleResolver::pseudoStyleRulesForElement):
(WebCore::StyleResolver::applyMatchedProperties):
* css/StyleResolver.h:
(WebCore::MatchRequest::MatchRequest):
Removed behaviorAtBoundary. Instead, ElementRuleCollector have the
state.
(MatchRequest):
(WebCore::StyleResolver::selectorFilter):
Added to obtain SelectorFilter in ElementRuleCollector's constructor.
(StyleResolver):
(MatchResult):
(WebCore::StyleResolver::State::State):
To pass ASSERT in StyleResolver::applyProperties, need to keep
m_regionForStyling.
(State):
(WebCore::StyleResolver::State::regionForStyling):
(WebCore::StyleResolver::State::useSVGZoomRules):
(WebCore::StyleResolver::hasSelectorForId):
(WebCore):
(WebCore::checkRegionSelector):
* inspector/InspectorCSSAgent.cpp:
(WebCore::InspectorCSSAgent::willMatchRule):
Removed StyleResolver from its parameter list. Instead, added
InspectorCSSOMWrappers and DocumentStyleSheetCollection.
* inspector/InspectorCSSAgent.h:
(WebCore):
(InspectorCSSAgent):
* inspector/InspectorInstrumentation.cpp:
(WebCore):
(WebCore::InspectorInstrumentation::willMatchRuleImpl):
* inspector/InspectorInstrumentation.h:
(WebCore):
(InspectorInstrumentation):
(WebCore::InspectorInstrumentation::willMatchRule):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145349 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoXSSAuditor doesn't need a copy of the original document's body.
mkwst@chromium.org [Mon, 11 Mar 2013 09:48:14 +0000 (09:48 +0000)]
XSSAuditor doesn't need a copy of the original document's body.
https://bugs.webkit.org/show_bug.cgi?id=111946

Reviewed by Darin Adler.

The XSSAuditor currently copies the original HTTP body of the document
that's being audited in order to include it into a violation report if
reflected XSS is detected. We don't actually need to do this, as we
have access to the original request information from inside the
XSSAuditorDelegate where the report is generated.
XSSAuditorDelegate::didBlockScript ASSERTs that it's running on the
main thread, so it should be safe to reach through the document's
loader to get that information directly, rather than passing it from
thread to thread via XSSInfo object properties.

* html/parser/XSSAuditor.h:
* html/parser/XSSAuditor.cpp:
(WebCore::XSSAuditor::init):
(WebCore::XSSAuditor::filterToken):
(WebCore::XSSAuditor::isSafeToSendToAnotherThread):
* html/parser/XSSAuditorDelegate.h:
(WebCore::XSSInfo::create):
(WebCore::XSSInfo::XSSInfo):
* html/parser/XSSAuditorDelegate.cpp:
(WebCore::XSSInfo::isSafeToSendToAnotherThread):
    Drop the XSSInfo and XSSAuditor properties that held an
    isolatedCopy of the the original HTTP body. Depending on the
    document's size, this could be a significant savings.
(WebCore::XSSAuditorDelegate::didBlockScript):
    Reach into the document's loader's original request in order to
    grab the body as a String, and feed that into the violation report
    object.

    As a drive-by, this patch creates a FrameLoader* temporary
    variable to minimize repetition in this area of the code. We use
    the loader a few times, but should only have to grab it once.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145348 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[Chromium] REGRESSION: Closed Captions button not showing properly
silviapf@chromium.org [Mon, 11 Mar 2013 09:40:08 +0000 (09:40 +0000)]
[Chromium] REGRESSION: Closed Captions button not showing properly
https://bugs.webkit.org/show_bug.cgi?id=109871

Reviewed by Jer Noble.

No new tests - covered by existing tests.

Most of the patch was in the meantime covered by a patch to
https://bugs.webkit.org/show_bug.cgi?id=111109 .
This changes a static Chromium-only function name to be consistent with
parent class function names.

* rendering/RenderMediaControlsChromium.cpp:
(WebCore::paintMediaToggleClosedCaptionsButton):
(WebCore::RenderMediaControlsChromium::paintMediaControlsPart):
Rename paintMediaClosedCaptionsButton to paintMediaToggleClosedCaptionsButton.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145347 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoRenderSnapshottedPlugIn paints in PaintPhaseBlockBackground instead of PaintPhaseFore...
timothy_horton@apple.com [Mon, 11 Mar 2013 08:43:22 +0000 (08:43 +0000)]
RenderSnapshottedPlugIn paints in PaintPhaseBlockBackground instead of PaintPhaseForeground
https://bugs.webkit.org/show_bug.cgi?id=111962
<rdar://problem/13289335>

Reviewed by Dean Jackson.

RenderSnapshottedPlugIn should paint its snapshot during the foreground
painting phase, instead of BlockBackground, to match normal plugin painting.

* rendering/RenderSnapshottedPlugIn.cpp:
(WebCore::RenderSnapshottedPlugIn::paint):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145346 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[chromium] remove obsolete user gesture methods from WebFrame
jochen@chromium.org [Mon, 11 Mar 2013 08:32:10 +0000 (08:32 +0000)]
[chromium] remove obsolete user gesture methods from WebFrame
https://bugs.webkit.org/show_bug.cgi?id=111696

Reviewed by Adam Barth.

Source/WebKit/chromium:

* public/WebFrame.h:
(WebFrame):
* src/FrameLoaderClientImpl.cpp:
(WebKit::FrameLoaderClientImpl::dispatchDidNavigateWithinPage):
* src/WebFrameImpl.cpp:
* src/WebFrameImpl.h:
(WebFrameImpl):

Tools:

* DumpRenderTree/chromium/TestRunner/src/TestPlugin.cpp:
(WebTestRunner::TestPlugin::handleInputEvent):
* DumpRenderTree/chromium/TestRunner/src/WebTestProxy.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145345 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoUnreviewed GTK gardening.
zandobersek@gmail.com [Mon, 11 Mar 2013 07:49:31 +0000 (07:49 +0000)]
Unreviewed GTK gardening.

* platform/gtk/TestExpectations: Removing a few expectations for tests that were rolled out in r145296.
* platform/gtk/editing/pasteboard/paste-text-016-expected.txt: Rebaselining after r145296.
* platform/gtk/fast/dynamic/002-expected.txt: Ditto.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145343 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoWeb Inspector: [Elements] XSLT transformation result from the xml-stylesheet PI not...
apavlov@chromium.org [Mon, 11 Mar 2013 07:16:56 +0000 (07:16 +0000)]
Web Inspector: [Elements] XSLT transformation result from the xml-stylesheet PI not rendered
https://bugs.webkit.org/show_bug.cgi?id=111313

Reviewed by Vsevolod Vlasov.

Source/WebCore:

Frame document update upon XSL transformation was never instrumented.
This change instruments the Document::applyXSLTransform() method to that end.

Test: http/tests/inspector/styles/xsl-transformed.xml

* dom/Document.cpp:
(WebCore::Document::applyXSLTransform): Instrumented.
* inspector/InspectorDOMAgent.cpp:
(WebCore::InspectorDOMAgent::frameDocumentUpdated): Invoked upon applyXSLTransform().
* inspector/InspectorDOMAgent.h:
* inspector/InspectorInstrumentation.cpp:
(WebCore::InspectorInstrumentation::frameDocumentUpdatedImpl): Added.
* inspector/InspectorInstrumentation.h:
(WebCore::InspectorInstrumentation::didCommitLoad): Drive-by: simplified.
(WebCore::InspectorInstrumentation::frameDocumentUpdated): Added.

LayoutTests:

* http/tests/inspector/styles/resources/xsl-transformed.xsl: Added.
* http/tests/inspector/styles/xsl-transformed-expected.txt: Added.
* http/tests/inspector/styles/xsl-transformed.xml: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145342 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoWebPage::scaledSnapshotWithOptions returns a corrupt snapshot if you request a rect...
timothy_horton@apple.com [Mon, 11 Mar 2013 06:29:59 +0000 (06:29 +0000)]
WebPage::scaledSnapshotWithOptions returns a corrupt snapshot if you request a rect larger than the FrameView’s size
https://bugs.webkit.org/show_bug.cgi?id=111820
<rdar://problem/13375785>

Reviewed by Simon Fraser.

We have to clear the image - there could be area that won’t be painted by the FrameView,
or the FrameView could have a transparent background.

* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::scaledSnapshotWithOptions):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145341 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoImplement inert subtrees needed for modal <dialog>
falken@chromium.org [Mon, 11 Mar 2013 06:13:05 +0000 (06:13 +0000)]
Implement inert subtrees needed for modal <dialog>
https://bugs.webkit.org/show_bug.cgi?id=110952

Reviewed by Hajime Morrita.

Source/WebCore:

This changes Node::disabled() to return true when a modal dialog is
open and the node is not in the dialog.

Reusing disabled for inertness is useful because then event
targeting and focus control automatically have the desired behavior:
inert nodes are skipped over.

Tests: fast/dom/HTMLDialogElement/closed-dialog-does-not-block-mouse-events.html
       fast/dom/HTMLDialogElement/modal-dialog-blocks-mouse-events.html
       fast/dom/HTMLDialogElement/non-modal-dialog-does-not-block-mouse-events.html

* dom/Document.h:
(WebCore::Document::activeModalDialog): Returns the topmost element in the top layer.
Since now the only elements in the top layer are modal dialogs, it is the active modal dialog.
* dom/Node.cpp:
(WebCore):
(WebCore::Node::isInert): As per the spec, a node that is not an ancestor or descendant of the modal dialog is inert.
(WebCore::Node::disabled): Return false when inert.
* dom/Node.h:
* html/HTMLFormControlElement.cpp:
(WebCore::HTMLFormControlElement::disabled): Fall back to the superclass so inert is taken into account.

LayoutTests:

* fast/dom/HTMLDialogElement/closed-dialog-does-not-block-mouse-events-expected.txt: Added.
* fast/dom/HTMLDialogElement/closed-dialog-does-not-block-mouse-events.html: Added.
* fast/dom/HTMLDialogElement/modal-dialog-blocks-mouse-events-expected.txt: Added.
* fast/dom/HTMLDialogElement/modal-dialog-blocks-mouse-events.html: Added.
* fast/dom/HTMLDialogElement/non-modal-dialog-does-not-block-mouse-events-expected.txt: Added.
* fast/dom/HTMLDialogElement/non-modal-dialog-does-not-block-mouse-events.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145340 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoAdd myself to committers.py
silviapf@chromium.org [Mon, 11 Mar 2013 05:42:02 +0000 (05:42 +0000)]
Add myself to committers.py

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145339 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoLine breaking opportunities at the end of a text node are missed
glenn@skynav.com [Mon, 11 Mar 2013 03:30:57 +0000 (03:30 +0000)]
Line breaking opportunities at the end of a text node are missed
https://bugs.webkit.org/show_bug.cgi?id=17427

Reviewed by Darin Adler.

Source/WebCore:

When initializing context for determining next break position,
reuse last two characters from previous text node(s) within block.
This additional state is stored in the current LazyLineBreakIterator
as an optimization to prevent having to add two new parameters to
isBreakable().

At present, this fixes only the ASCII shortcut code path, but
does not yet handle the non-ASCII path. Since the ASCII path is
the most performant critical, the handling of this latter path
will be addressed by webkit.org/b/105692.

Additionally test for case where last two characters context
is derived from distinct nodes, possibly with intervening empty
inline node(s).

Test: fast/text/line-break-between-text-nodes.html

* platform/text/TextBreakIterator.h:
(WebCore::LazyLineBreakIterator::LazyLineBreakIterator):
(WebCore::LazyLineBreakIterator::lastCharacter):
(WebCore::LazyLineBreakIterator::secondToLastCharacter):
(WebCore::LazyLineBreakIterator::setLastTwoCharacters):
(WebCore::LazyLineBreakIterator::resetLastTwoCharacters):
(WebCore::LazyLineBreakIterator::updateLastTwoCharacters):
(LazyLineBreakIterator):
Add state variables to retain last two characters of previous text node(s)
for reuse when initializing nextBreakPosition<>() context.
* rendering/RenderBlockLineLayout.cpp:
(WebCore::RenderBlock::layoutRunsAndFloatsInRange):
(WebCore::RenderBlock::LineBreaker::nextSegmentBreak):
Record and reset retained last two characters of previous text node(s) as
appropriate.
* rendering/break_lines.cpp:
(WebCore::nextBreakablePosition):
Use state variables holding retained last two characters of previous text node(s)
for when initializing nextBreakPosition<>() context.

LayoutTests:

* fast/text/line-break-between-text-nodes-expected.html: Added.
* fast/text/line-break-between-text-nodes.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145338 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoFix a typo in http://trac.webkit.org/changeset/145332.
timothy_horton@apple.com [Mon, 11 Mar 2013 01:21:36 +0000 (01:21 +0000)]
Fix a typo in trac.webkit.org/changeset/145332.

Unreviewed.

ENABLE() doesn't use the WTF_ prefix.

* WebProcess/WebPage/WebPage.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145337 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoNetworkStorageSession leaks its CFURLStorageSessionRef
darin@apple.com [Mon, 11 Mar 2013 01:19:10 +0000 (01:19 +0000)]
NetworkStorageSession leaks its CFURLStorageSessionRef
https://bugs.webkit.org/show_bug.cgi?id=111950
<rdar://problem/13384134>

Reviewed by Sam Weinig.

* platform/network/NetworkStorageSession.h:
Change the argument type of the constructor to a RetainPtr.
* platform/network/cf/NetworkStorageSessionCFNet.cpp:
(WebCore::NetworkStorageSession::NetworkStorageSession): Changed
the argument type to a RetainPtr.
(WebCore::NetworkStorageSession::switchToNewTestingSession): Added
calls to adoptCF to adopt the value returned by wkCreatePrivateStorageSession.
(WebCore::NetworkStorageSession::createPrivateBrowsingSession): Ditto.
(WebCore::NetworkStorageSession::cookieStorage): Changed to use adoptCF
instead of the RetainPtr constructor with AdoptCF since the former is
far easier to read.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145336 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoAdd bundle API to get the current selection as a WKDOMRange
weinig@apple.com [Sun, 10 Mar 2013 23:12:02 +0000 (23:12 +0000)]
Add bundle API to get the current selection as a WKDOMRange
https://bugs.webkit.org/show_bug.cgi?id=111947
<rdar://problem/13205460>

Reviewed by Gavin Barraclough.

* WebProcess/InjectedBundle/API/mac/WKWebProcessPlugInBrowserContextController.h:
* WebProcess/InjectedBundle/API/mac/WKWebProcessPlugInBrowserContextController.mm:
(-[WKWebProcessPlugInBrowserContextController selectedRange]):
Add new selectedRange property.

* WebProcess/WebPage/WebPage.cpp:
(WebKit::frameWithSelection):
(WebKit::WebPage::currentSelectionAsRange):
* WebProcess/WebPage/WebPage.h:
Get the range by finding the frame that has a selection, and then normalizing it.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145335 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoConformance Test 1.0.3 (Beta) function: bufferData undefined value failed.
commit-queue@webkit.org [Sun, 10 Mar 2013 22:37:37 +0000 (22:37 +0000)]
Conformance Test 1.0.3 (Beta) function: bufferData undefined value failed.
https://bugs.webkit.org/show_bug.cgi?id=111641

Patch by Jason Anderssen <janderssen@gmail.com> on 2013-03-10
Reviewed by Dean Jackson.

The WebGL specification requires that a size of 0 is not valid. In javascript, passing in undefined
as a parameter to a long long is the same as passing in 0, so we must check for this incorrect
value and fail.
The test suite in Kronos 1.0.3 failed, test to verify conformance is as follows:
https://www.khronos.org/registry/webgl/sdk/tests/conformance/more/functions/bufferDataBadArgs.html.

* html/canvas/WebGLRenderingContext.cpp:
(WebCore::WebGLRenderingContext::bufferData):
Synthesize error and returned if size is 0.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145334 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoSVGDocumentExtensions should use OwnPtr for pending resource maps.
akling@apple.com [Sun, 10 Mar 2013 21:00:46 +0000 (21:00 +0000)]
SVGDocumentExtensions should use OwnPtr for pending resource maps.
<http://webkit.org/b/111943>

Reviewed by Anders Carlsson.

* svg/SVGDocumentExtensions.cpp:
(WebCore::SVGDocumentExtensions::~SVGDocumentExtensions):
(WebCore::SVGDocumentExtensions::addPendingResource):
(WebCore::SVGDocumentExtensions::isElementPendingResources):
(WebCore::SVGDocumentExtensions::removeElementFromPendingResources):
(WebCore::SVGDocumentExtensions::removePendingResource):
(WebCore::SVGDocumentExtensions::removePendingResourceForRemoval):
(WebCore::SVGDocumentExtensions::markPendingResourcesForRemoval):
* svg/SVGDocumentExtensions.h:
(SVGDocumentExtensions):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145333 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoAdd a heuristic to determine the “primary” snapshotted plugin
timothy_horton@apple.com [Sun, 10 Mar 2013 20:40:47 +0000 (20:40 +0000)]
Add a heuristic to determine the “primary” snapshotted plugin
https://bugs.webkit.org/show_bug.cgi?id=111932
<rdar://problem/13270208>

Reviewed by Dean Jackson.

* WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
(WebKit::WebFrameLoaderClient::dispatchDidCommitLoad):
Forward didCommitLoad to WebPage. Move existing code that manipulated WebPage
itself during didCommitLoad into WebPage, where it belongs.
(WebKit::WebFrameLoaderClient::dispatchDidFinishLoad): Forward didFinishLoad to WebPage.
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::WebPage): Initialize m_didFindPrimarySnapshottedPlugin to false.
(WebKit::WebPage::didCommitLoad): Move code from WebPageFrameLoaderClient.
Reset the flag that says we've already found a snapshotted plugin.
(WebKit::WebPage::didFinishLoad):
Call determinePrimarySnapshottedPlugIn when any frame finishes loading. We call this for subframes,
not just the main frame, in case the main frame loads with no "primary" plugins, but a subframe later loads with one.
(WebKit::WebPage::determinePrimarySnapshottedPlugIn):
Attempt to find the primary snapshotted plugin on the page, by hit-testing a grid of points spaced 200px apart.
A plugin is considered if it is snapshotted and > 450x300. We scan vertically and left-to-right, only discarding
a previous candidate if another candidate is at least 110% the size of the previous candidate.
This tends to select plugins near the top left of the page, unless there is a significantly larger plugin elsewhere.
(WebKit::WebPage::resetPrimarySnapshottedPlugIn):
* WebProcess/WebPage/WebPage.h:
(WebPage):

* WebCore.exp.in: Export a few things.
* html/HTMLPlugInImageElement.cpp:
(WebCore::HTMLPlugInImageElement::HTMLPlugInImageElement):
(WebCore::classNameForShadowRoot): If we've been informed that we are the primary snapshotted plugin, add the 'primary' class.
(WebCore::HTMLPlugInImageElement::setIsPrimarySnapshottedPlugIn): Added
(WebCore::HTMLPlugInImageElement::updateSnapshotInfo): Hand classNameForShadowRoot our primary-ness.
* html/HTMLPlugInImageElement.h:
(HTMLPlugInImageElement): Add storage for m_isPrimarySnapshottedPlugIn.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145332 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoXSSAuditor doesn't need a copy of the original document URL.
mkwst@chromium.org [Sun, 10 Mar 2013 19:57:08 +0000 (19:57 +0000)]
XSSAuditor doesn't need a copy of the original document URL.
https://bugs.webkit.org/show_bug.cgi?id=111944

Reviewed by Adam Barth.

When creating an XSSInfo object in response to detecting reflected XSS
on a page, the Auditor was passing in a copy of the document's
original URL for reporting. It doesn't look like we need this, as
XSSInfo's only consumer, XSSAuditorDelegate, runs on the main thread
with access to the document. We can obtain access to the same
information by reading the URL directly from the delegate's Document
object if and when we need it.

* html/parser/XSSAuditorDelegate.cpp:
(WebCore::XSSAuditorDelegate::didBlockScript):
    Read the document's URL directly in order to create a violation
    report.
(WebCore::XSSInfo::isSafeToSendToAnotherThread):
* html/parser/XSSAuditorDelegate.h:
(WebCore::XSSInfo::create):
(WebCore::XSSInfo::XSSInfo):
* html/parser/XSSAuditor.cpp:
(WebCore::XSSAuditor::init):
(WebCore::XSSAuditor::filterToken):
(WebCore::XSSAuditor::isSafeToSendToAnotherThread):
* html/parser/XSSAuditor.h:
    Remove the copied original URL from both XSSInfo objects and the
    XSSAuditor.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145331 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoUnreviewed, rolling out r145039 and r145096.
commit-queue@webkit.org [Sun, 10 Mar 2013 19:30:14 +0000 (19:30 +0000)]
Unreviewed, rolling out r145039 and r145096.
http://trac.webkit.org/changeset/145039
http://trac.webkit.org/changeset/145096
https://bugs.webkit.org/show_bug.cgi?id=111945

broke find indicator updates with scrolling subframes
(Requested by thorton on #webkit).

Patch by Sheriff Bot <webkit.review.bot@gmail.com> on 2013-03-10

* WebProcess/WebPage/mac/TiledCoreAnimationDrawingArea.mm:
(WebKit::TiledCoreAnimationDrawingArea::scroll):
(WebKit::TiledCoreAnimationDrawingArea::flushLayers):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145330 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoSpeculativeJIT should use OwnPtr<SlowPathGenerator>.
akling@apple.com [Sun, 10 Mar 2013 19:16:38 +0000 (19:16 +0000)]
SpeculativeJIT should use OwnPtr<SlowPathGenerator>.
<http://webkit.org/b/111942>

Reviewed by Anders Carlsson.

There's no need to include DFGSlowPathGenerator.h from the header as long as the destructor is out-of-line,
so let's use OwnPtr instead of raw pointers + deleteAllValues().

* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::~SpeculativeJIT):
(JSC::DFG::SpeculativeJIT::addSlowPathGenerator):
* dfg/DFGSpeculativeJIT.h:
(SpeculativeJIT):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145329 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoWebPluginSiteDataManager should use OwnPtr.
akling@apple.com [Sun, 10 Mar 2013 17:41:13 +0000 (17:41 +0000)]
WebPluginSiteDataManager should use OwnPtr.
<http://webkit.org/b/111940>

Reviewed by Anders Carlsson.

* UIProcess/Plugins/WebPluginSiteDataManager.cpp:
(WebKit::WebPluginSiteDataManager::invalidate):
(WebKit::WebPluginSiteDataManager::getSitesWithData):
(WebKit::WebPluginSiteDataManager::clearSiteData):
(WebKit::WebPluginSiteDataManager::didGetSitesWithDataForAllPlugins):
(WebKit::WebPluginSiteDataManager::didClearSiteDataForAllPlugins):
* UIProcess/Plugins/WebPluginSiteDataManager.h:
(WebPluginSiteDataManager):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145328 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoGlyphMetricsMap should use OwnPtr.
akling@apple.com [Sun, 10 Mar 2013 16:46:16 +0000 (16:46 +0000)]
GlyphMetricsMap should use OwnPtr.
<http://webkit.org/b/111937>

Reviewed by Anders Carlsson.

Use OwnPtr instead of raw pointer + deleteAllValues().

* platform/graphics/GlyphMetricsMap.h:
(GlyphMetricsMap):
(WebCore::::locatePageSlowCase):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145327 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoAllow iOS port to use InbandTextTrackPrivateAVF
eric.carlson@apple.com [Sun, 10 Mar 2013 16:09:00 +0000 (16:09 +0000)]
Allow iOS port to use InbandTextTrackPrivateAVF
https://bugs.webkit.org/show_bug.cgi?id=111933

Reviewed by Dean Jackson.

* platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
(WebCore::InbandTextTrackPrivateAVF::processCue): Drive-by cleanup.
* platform/graphics/avfoundation/InbandTextTrackPrivateAVF.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145326 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoUnreviewed, rolling out r145299.
commit-queue@webkit.org [Sat, 9 Mar 2013 22:48:09 +0000 (22:48 +0000)]
Unreviewed, rolling out r145299.
http://trac.webkit.org/changeset/145299
https://bugs.webkit.org/show_bug.cgi?id=111928

compilation failure with recent clang
(DFGBackwardsPropagationPhase.cpp:132:35: error: comparison of
constant 10 with expression of type 'bool' is always false)
(Requested by thorton on #webkit).

Patch by Sheriff Bot <webkit.review.bot@gmail.com> on 2013-03-09

Source/JavaScriptCore:

* CMakeLists.txt:
* GNUmakefile.list.am:
* JavaScriptCore.xcodeproj/project.pbxproj:
* Target.pri:
* dfg/DFGArrayMode.cpp:
(JSC::DFG::ArrayMode::refine):
* dfg/DFGBackwardsPropagationPhase.cpp: Removed.
* dfg/DFGBackwardsPropagationPhase.h: Removed.
* dfg/DFGCPSRethreadingPhase.cpp:
(JSC::DFG::CPSRethreadingPhase::run):
(CPSRethreadingPhase):
(JSC::DFG::CPSRethreadingPhase::canonicalizeGetLocalFor):
(JSC::DFG::CPSRethreadingPhase::canonicalizeFlushOrPhantomLocalFor):
* dfg/DFGDriver.cpp:
(JSC::DFG::compile):
* dfg/DFGGraph.cpp:
(JSC::DFG::Graph::dump):
* dfg/DFGNodeFlags.cpp:
(JSC::DFG::nodeFlagsAsString):
(DFG):
* dfg/DFGNodeFlags.h:
(DFG):
* dfg/DFGPredictionPropagationPhase.cpp:
(JSC::DFG::PredictionPropagationPhase::isNotNegZero):
(PredictionPropagationPhase):
(JSC::DFG::PredictionPropagationPhase::isNotZero):
(JSC::DFG::PredictionPropagationPhase::isWithinPowerOfTwoForConstant):
(JSC::DFG::PredictionPropagationPhase::isWithinPowerOfTwoNonRecursive):
(JSC::DFG::PredictionPropagationPhase::isWithinPowerOfTwo):
(JSC::DFG::PredictionPropagationPhase::propagate):
(JSC::DFG::PredictionPropagationPhase::mergeDefaultFlags):
* dfg/DFGUnificationPhase.cpp:
(JSC::DFG::UnificationPhase::run):
* dfg/DFGVariableAccessData.h:
(JSC::DFG::VariableAccessData::VariableAccessData):
(VariableAccessData):

LayoutTests:

* fast/js/dfg-arith-add-overflow-check-elimination-predicted-but-not-proven-int-expected.txt: Removed.
* fast/js/dfg-arith-add-overflow-check-elimination-predicted-but-not-proven-int.html: Removed.
* fast/js/dfg-arith-add-overflow-check-elimination-tower-of-large-numbers-expected.txt: Removed.
* fast/js/dfg-arith-add-overflow-check-elimination-tower-of-large-numbers.html: Removed.
* fast/js/jsc-test-list:
* fast/js/script-tests/dfg-arith-add-overflow-check-elimination-predicted-but-not-proven-int.js: Removed.
* fast/js/script-tests/dfg-arith-add-overflow-check-elimination-tower-of-large-numbers.js: Removed.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145323 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoEnable platform code to implement text track menu
eric.carlson@apple.com [Sat, 9 Mar 2013 21:29:13 +0000 (21:29 +0000)]
Enable platform code to implement text track menu
https://bugs.webkit.org/show_bug.cgi?id=111924

Reviewed by Dean Jackson.

No new tests, the new code isn't enabled in any ports yet.

* WebCore.xcodeproj/project.pbxproj: Add PlatformTextTrack.h and PlatformTextTrackMenu.h.

* html/HTMLAudioElement.cpp:
(WebCore::HTMLAudioElement::createForJSConstructor): scheduleLoad -> scheduleDelayedAction.

* html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::HTMLMediaElement): Deal with scheduleLoad to scheduleDelayedAction rename.
(WebCore::HTMLMediaElement::parseAttribute): Ditto.
(WebCore::HTMLMediaElement::finishParsingChildren): Ditto.
(WebCore::HTMLMediaElement::insertedInto): Ditto.
(WebCore::HTMLMediaElement::scheduleDelayedAction): Ditto.
(WebCore::HTMLMediaElement::scheduleNextSourceChild): Ditto.
(WebCore::HTMLMediaElement::loadTimerFired): Ditto.
(WebCore::HTMLMediaElement::textTrackModeChanged): Notify platform menu of track change.
(WebCore::HTMLMediaElement::playInternal): Deal with scheduleLoad to scheduleDelayedAction rename.
(WebCore::HTMLMediaElement::pauseInternal): Ditto.
(WebCore::HTMLMediaElement::mediaPlayerDidAddTrack): Ditto. Call addTrack() instead of appending
    the track directly.
(WebCore::HTMLMediaElement::setSelectedTextTrack): Deal with platform menu changing the
    selected track.
(WebCore::HTMLMediaElement::platformTextTracks): Return an array of PlatformTracks representing
    the current text tracks.
(WebCore::HTMLMediaElement::notifyMediaPlayerOfTextTrackChanges): Notify the platform menu
    that the list of text tracks has changed.
(WebCore::HTMLMediaElement::platformTextTrackMenu): Return the platform track menu, if any.
(WebCore::HTMLMediaElement::closeCaptionTracksChanged):
(WebCore::HTMLMediaElement::addTrack): Call addTrack() instead of appending the track directly.
(WebCore::HTMLMediaElement::removeTrack): Call closeCaptionTracksChanged.
(WebCore::HTMLMediaElement::addTextTrack): Call addTrack() instead of appending the track directly.
(WebCore::HTMLMediaElement::didAddTrack): Ditto.
(WebCore::HTMLMediaElement::didRemoveTrack): Deal with scheduleLoad to scheduleDelayedAction rename.
(WebCore::HTMLMediaElement::sourceWasAdded): Ditto.
(WebCore::HTMLMediaElement::clearMediaPlayer): Forget the platform track menu.
(WebCore::HTMLMediaElement::resume): Deal with scheduleLoad to scheduleDelayedAction rename.
* html/HTMLMediaElement.h:

* html/track/InbandTextTrack.h: scheduleLoad -> scheduleDelayedAction.

* html/track/TextTrack.cpp:
(WebCore::TextTrack::platformTextTrack): Create a PlatformTextTrack.
* html/track/TextTrack.h:

* platform/graphics/MediaPlayer.cpp:
(WebCore::MediaPlayer::implementsTextTrackControls): New, player private passthrough.
(WebCore::MediaPlayer::textTrackMenu): Ditto.
* platform/graphics/MediaPlayer.h:
* platform/graphics/MediaPlayerPrivate.h:

* platform/graphics/PlatformTextTrack.h: Added.

* platform/graphics/PlatformTextTrackMenu.h: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145322 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[chromium] Remove deprecated flingStart.sourceDevice from WebGestureEvent
sadrul@chromium.org [Sat, 9 Mar 2013 21:27:34 +0000 (21:27 +0000)]
[chromium] Remove deprecated flingStart.sourceDevice from WebGestureEvent
https://bugs.webkit.org/show_bug.cgi?id=111866

Reviewed by James Robinson.

* public/WebInputEvent.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145321 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoVideo size calculated incorrectly when PLUGIN_PROXY_FOR_VIDEO
eric.carlson@apple.com [Sat, 9 Mar 2013 19:43:46 +0000 (19:43 +0000)]
Video size calculated incorrectly when PLUGIN_PROXY_FOR_VIDEO
https://bugs.webkit.org/show_bug.cgi?id=111912

Reviewed by Dean Jackson.

* html/shadow/MediaControlElements.cpp:
(WebCore::MediaControlTextTrackContainerElement::updateSizes): We use RenderPart when
    PLUGIN_PROXY_FOR_VIDEO is defined, not RenderVideo.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145320 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[chromium] Set the Helper Plugin's URL to that of the host document.
commit-queue@webkit.org [Sat, 9 Mar 2013 16:54:44 +0000 (16:54 +0000)]
[chromium] Set the Helper Plugin's URL to that of the host document.
https://bugs.webkit.org/show_bug.cgi?id=111913

This allows content settings, etc. to be based on the document hosting
the element that requested the Helper Plugin.

Patch by David Dorwin <ddorwin@chromium.org> on 2013-03-09
Reviewed by Adam Barth.

* src/WebHelperPluginImpl.cpp:
(WebKit::writeDocument):
(WebKit::WebHelperPluginImpl::initialize):
(WebKit::WebHelperPluginImpl::initializePage):
* src/WebHelperPluginImpl.h:
(WebKit):
(WebHelperPluginImpl):
* src/WebMediaPlayerClientImpl.cpp:
(WebKit::WebMediaPlayerClientImpl::createHelperPlugin):
* src/WebViewImpl.cpp:
(WebKit::WebViewImpl::createHelperPlugin):
* src/WebViewImpl.h:
(WebViewImpl):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145319 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoFix offset handling in GStreamer WebKitWebSource.
commit-queue@webkit.org [Sat, 9 Mar 2013 16:34:13 +0000 (16:34 +0000)]
Fix offset handling in GStreamer WebKitWebSource.
https://bugs.webkit.org/show_bug.cgi?id=111888

Patch by Sebastian Dröge <sebastian.droege@collabora.co.uk> on 2013-03-09
Reviewed by Philippe Normand.

* platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
(webKitWebSrcSeekDataCb):
(StreamingClient::didReceiveData):
The offset handling in WebKitWebSource was completely wrong
before and caused wrong offsets to be set on the GStreamer buffers
after a seek.

Apart from that there was also a race condition that happens
when a downstream element causes seeks in very short succession
and is switching between two different parts of the stream.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145318 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoAdd tests for opening the picker with the f4 key
keishi@webkit.org [Sat, 9 Mar 2013 12:45:28 +0000 (12:45 +0000)]
Add tests for opening the picker with the f4 key
https://bugs.webkit.org/show_bug.cgi?id=111811

Reviewed by Kent Tamura.

* platform/chromium-win/fast/forms/calendar-picker/date-open-picker-with-f4-key-expected.txt: Added.
* platform/chromium-win/fast/forms/calendar-picker/date-open-picker-with-f4-key.html: Added.
* platform/chromium-win/fast/forms/calendar-picker/datetimelocal-open-picker-with-f4-key-expected.txt: Added.
* platform/chromium-win/fast/forms/calendar-picker/datetimelocal-open-picker-with-f4-key.html: Added.
* platform/chromium-win/fast/forms/calendar-picker/month-open-picker-with-f4-key-expected.txt: Added.
* platform/chromium-win/fast/forms/calendar-picker/month-open-picker-with-f4-key.html: Added.
* platform/chromium-win/fast/forms/calendar-picker/week-open-picker-with-f4-key-expected.txt: Added.
* platform/chromium-win/fast/forms/calendar-picker/week-open-picker-with-f4-key.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145317 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoMonth transition animation is missing in some places
keishi@webkit.org [Sat, 9 Mar 2013 12:43:22 +0000 (12:43 +0000)]
Month transition animation is missing in some places
https://bugs.webkit.org/show_bug.cgi?id=111908

Reviewed by Kent Tamura.

Source/WebCore:

Month transition animation was missing when navigating using keyboard
shortcuts and when navigation was trigger by selecting.

Added tests to calendar-picker/*-picker-key-operations.html.

* Resources/pagepopups/calendarPicker.js:
(Animator): Added annotations.
(Animator.prototype.isRunning): Returns true of the animation is running. Used by test.
(ScrollView.prototype.scrollAnimator): Returns the scroll animator. Used by test.
(CalendarPicker):
(CalendarPicker.prototype.onYearListViewDidSelectMonth): Use CalendarPicker.NavigationBehavior enum instead of bool.
(CalendarPicker.prototype.setSelection): Ditto.
(CalendarPicker.prototype._moveHighlight): Ditto.
(CalendarPicker.prototype.onCalendarTableKeyDown): Ditto.
(CalendarPicker.prototype.onBodyKeyDown): Ditto.

LayoutTests:

* platform/chromium/fast/forms/calendar-picker/calendar-picker-key-operations-expected.txt:
* platform/chromium/fast/forms/calendar-picker/calendar-picker-key-operations.html:
* platform/chromium/fast/forms/calendar-picker/month-picker-key-operations-expected.txt:
* platform/chromium/fast/forms/calendar-picker/month-picker-key-operations.html:
* platform/chromium/fast/forms/calendar-picker/resources/calendar-picker-common.js:
(isCalendarTableScrollingWithAnimation):
* platform/chromium/fast/forms/calendar-picker/week-picker-key-operations-expected.txt:
* platform/chromium/fast/forms/calendar-picker/week-picker-key-operations.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145316 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoCan't build w/o accelerated compositing
dino@apple.com [Sat, 9 Mar 2013 11:08:48 +0000 (11:08 +0000)]
Can't build w/o accelerated compositing
https://bugs.webkit.org/show_bug.cgi?id=111891

Patch originally came from Tobias Mueller <tobiasmue@gnome.org>

Unreviewed build fix for platforms without ACCELERATED_COMPOSITING enabled, which
broke in r145057.

* dom/PseudoElement.cpp:
(WebCore::PseudoElement::~PseudoElement): Wrap the call to pseudoElementDestroyed in
    USE(ACCELERATED_COMPOSITING)

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145312 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[GTK][WK2] Fix compilation warning missing-field-initializers in webkit-2.0 stable...
commit-queue@webkit.org [Sat, 9 Mar 2013 09:50:49 +0000 (09:50 +0000)]
[GTK][WK2] Fix compilation warning missing-field-initializers in webkit-2.0 stable branch
https://bugs.webkit.org/show_bug.cgi?id=111863

Patch by Manuel Rego Casasnovas <rego@igalia.com> on 2013-03-09
Reviewed by Benjamin Poulain.

* UIProcess/API/gtk/WebKitUIClient.cpp:
(attachUIClientToView): Include missing initializer for pluginLoadPolicy.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145308 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[GTK] Versions.m4 is missing some key dependencies version definitions
commit-queue@webkit.org [Sat, 9 Mar 2013 09:30:53 +0000 (09:30 +0000)]
[GTK] Versions.m4 is missing some key dependencies version definitions
https://bugs.webkit.org/show_bug.cgi?id=111903

Patch by Martin Robinson <mrobinson@igalia.com> on 2013-03-09
Reviewed by Carlos Garcia Campos.

* Source/autotools/Versions.m4: Add missing required version
definitions.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145307 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoREGRESSION(r140907): Incorrect baseline for cells with media content during load
robert@webkit.org [Sat, 9 Mar 2013 06:40:13 +0000 (06:40 +0000)]
REGRESSION(r140907): Incorrect baseline for cells with media content during load
https://bugs.webkit.org/show_bug.cgi?id=108357

Reviewed by Julien Chaffraix.

Source/WebCore:

If a cell has replaced content, the intrinsic height of its content can change between layouts. If that's the case then the intrinsic padding we used
for layout (the padding required to push the contents of the cell down to the row's baseline) is included in the new height and baseline and makes both
of them wrong. So if a cell's content's intrinsic height has changed push the new content up into the intrinsic padding and relayout so that the rest of
table and row layout can use the correct baseline and height for this cell.

Tests: fast/css/vertical-align-baseline-rowspan-012.html
       http/tests/css/vertical-align-baseline-after-image-load-2.html
       http/tests/css/vertical-align-baseline-after-image-load-3.html
       http/tests/css/vertical-align-baseline-after-image-load.html

* rendering/RenderTableCell.cpp:
(WebCore::RenderTableCell::layout):
* rendering/RenderTableCell.h:
(WebCore::RenderTableCell::isBaselineAligned):
* rendering/RenderTableSection.cpp:
(WebCore::RenderTableSection::calcRowLogicalHeight):
(WebCore::RenderTableSection::layoutRows):

LayoutTests:

* fast/css/vertical-align-baseline-rowspan-012-expected.html: Added.
* fast/css/vertical-align-baseline-rowspan-012.html: Added.
* http/tests/css/vertical-align-baseline-after-image-load-2-expected.html: Added.
* http/tests/css/vertical-align-baseline-after-image-load-2.html: Added.
* http/tests/css/vertical-align-baseline-after-image-load-3-expected.html: Added.
* http/tests/css/vertical-align-baseline-after-image-load-3.html: Added.
* http/tests/css/vertical-align-baseline-after-image-load-expected.html: Added.
* http/tests/css/vertical-align-baseline-after-image-load.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145305 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoREGRESSION: Intermittent crash in SpeechSynthesis::didFinishSpeaking
cfleizach@apple.com [Sat, 9 Mar 2013 06:37:03 +0000 (06:37 +0000)]
REGRESSION: Intermittent crash in SpeechSynthesis::didFinishSpeaking
https://bugs.webkit.org/show_bug.cgi?id=111613

Reviewed by Ryosuke Niwa.

This crash happens when the mock synthesizer utterance variable gets cleared
before the speakingFinished timer happens. I don't see how that could happen
but I was able to make a similar problem happen when cancel is called twice.

This adds in a few more asserts and common sense checks. I'm hoping it will
illuminate the problem further.

* platform/mock/PlatformSpeechSynthesizerMock.cpp:
(WebCore::PlatformSpeechSynthesizerMock::speakingFinished):
(WebCore::PlatformSpeechSynthesizerMock::speak):
(WebCore::PlatformSpeechSynthesizerMock::cancel):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145304 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoBUILD FIX: Make WebCore link for iOS
ddkilzer@apple.com [Sat, 9 Mar 2013 05:54:12 +0000 (05:54 +0000)]
BUILD FIX: Make WebCore link for iOS

* WebCore.exp.in:
- Add ENABLE(RUBBER_BAND) for FrameView::setWantsLayerForTopOverHangArea(bool)
  and FrameView::setWantsLayerForBottomOverHangArea(bool).
- Move FloatPoint::FloatPoint(_NSPoint const&) to !PLATFORM(IOS)
  section.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145303 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago(CVE-2013-0786) [SECURITY] build_subselect() leaks the existence of products and...
ddkilzer@apple.com [Sat, 9 Mar 2013 05:54:10 +0000 (05:54 +0000)]
(CVE-2013-0786) [SECURITY] build_subselect() leaks the existence of products and components you cannot access
<https://bugzilla.mozilla.org/show_bug.cgi?id=824399>
<exp2://Ticket/14465628>

Applied "v5 patch, 3.6" to bugs.webkit.org.

* Bugzilla/Config/GroupSecurity.pm:
(get_param_list):
* buglist.cgi:
* report.cgi:
* template/en/default/admin/params/groupsecurity.html.tmpl:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145302 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago(CVE-2013-0785) [SECURITY] XSS in show_bug.cgi when using an invalid page format
ddkilzer@apple.com [Sat, 9 Mar 2013 05:54:07 +0000 (05:54 +0000)]
(CVE-2013-0785) [SECURITY] XSS in show_bug.cgi when using an invalid page format
<https://bugzilla.mozilla.org/show_bug.cgi?id=842038>
<exp2://Ticket/14465628>

Applied "patch for 3.6 and 4.0, v1" to bugs.webkit.org.

* Bugzilla/Template.pm:
(get_format):
* show_bug.cgi:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145301 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoUnreviewed, rolling out r145254, r145264, and r145288.
commit-queue@webkit.org [Sat, 9 Mar 2013 04:31:04 +0000 (04:31 +0000)]
Unreviewed, rolling out r145254, r145264, and r145288.
http://trac.webkit.org/changeset/145254
http://trac.webkit.org/changeset/145264
http://trac.webkit.org/changeset/145288
https://bugs.webkit.org/show_bug.cgi?id=111917

Test breakage hints at conceptual unsoundness (Requested by ap
on #webkit).

Patch by Sheriff Bot <webkit.review.bot@gmail.com> on 2013-03-08

Source/WebKit2:

* NetworkProcess/SchedulableLoader.cpp:
(WebKit::SchedulableLoader::invalidateSandboxExtensions):
* Shared/Downloads/Download.cpp:
(WebKit::Download::didFinish):
(WebKit::Download::didFail):
(WebKit::Download::didCancel):
* Shared/SandboxExtension.h:
(SandboxExtension):
(WebKit::SandboxExtension::invalidate):
* Shared/WebMemorySampler.cpp:
(WebKit::WebMemorySampler::stop):
* Shared/mac/SandboxExtensionMac.mm:
(WebKit::SandboxExtension::SandboxExtension):
(WebKit::SandboxExtension::invalidate):
(WebKit::SandboxExtension::consume):
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::performDragControllerAction):
(WebKit::WebPage::SandboxExtensionTracker::invalidate):
(WebKit::WebPage::SandboxExtensionTracker::setPendingProvisionalSandboxExtension):
(WebKit::WebPage::SandboxExtensionTracker::didCommitProvisionalLoad):
(WebKit::WebPage::SandboxExtensionTracker::didFailProvisionalLoad):

LayoutTests:

* platform/mac-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145300 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoDFG overflow check elimination is too smart for its own good
fpizlo@apple.com [Sat, 9 Mar 2013 02:51:06 +0000 (02:51 +0000)]
DFG overflow check elimination is too smart for its own good
https://bugs.webkit.org/show_bug.cgi?id=111832

Source/JavaScriptCore:

Reviewed by Oliver Hunt and Gavin Barraclough.

This improves overflow check elimination in three ways:

1) It reduces the amount of time the compiler will spend doing it.

2) It fixes bugs where overflow check elimination was overzealous. Precisely, for a binary operation
   over @a and @b where both @a and @b will type check that their inputs (@a->children, @b->children)
   are int32's and then perform a possibly-overflowing operation, we must be careful not to assume
   that @a's non-int32 parts don't matter if at the point that @a runs we have as yet not proved that
   @b->children are int32's and that hence @b might produce a large enough result that doubles would
   start chopping low bits. The specific implication of this is that for a binary operation to not
   propagate that it cares about non-int32 parts (NodeUsedAsNumber), we must prove that at least one
   of the inputs is guaranteed to produce a result within 2^32 and that there won't be a tower of such
   operations large enough to ultimately produce a double greater than 2^52 (roughly). We achieve the
   latter by disabling this optimization for very large basic blocks. It's noteworthy that blocks that
   large won't even make it into the DFG currently.

3) It makes the overflow check elimination more precise for cases where the inputs to an Add or Sub
   are the outputs of a bit-op. For example in (@a + (@b | 0)) | 0, we don't need to propagate
   NodeUsedAsNumber to either @a or @b.

This is neutral on V8v7 and a slight speed-up on compile time benchmarks.

* CMakeLists.txt:
* GNUmakefile.list.am:
* JavaScriptCore.xcodeproj/project.pbxproj:
* Target.pri:
* dfg/DFGArrayMode.cpp:
(JSC::DFG::ArrayMode::refine):
* dfg/DFGBackwardsPropagationPhase.cpp: Added.
(DFG):
(BackwardsPropagationPhase):
(JSC::DFG::BackwardsPropagationPhase::BackwardsPropagationPhase):
(JSC::DFG::BackwardsPropagationPhase::run):
(JSC::DFG::BackwardsPropagationPhase::isNotNegZero):
(JSC::DFG::BackwardsPropagationPhase::isNotZero):
(JSC::DFG::BackwardsPropagationPhase::isWithinPowerOfTwoForConstant):
(JSC::DFG::BackwardsPropagationPhase::isWithinPowerOfTwoNonRecursive):
(JSC::DFG::BackwardsPropagationPhase::isWithinPowerOfTwo):
(JSC::DFG::BackwardsPropagationPhase::mergeDefaultFlags):
(JSC::DFG::BackwardsPropagationPhase::propagate):
(JSC::DFG::performBackwardsPropagation):
* dfg/DFGBackwardsPropagationPhase.h: Added.
(DFG):
* dfg/DFGCPSRethreadingPhase.cpp:
(JSC::DFG::CPSRethreadingPhase::run):
(JSC::DFG::CPSRethreadingPhase::clearIsLoadedFrom):
(CPSRethreadingPhase):
(JSC::DFG::CPSRethreadingPhase::canonicalizeGetLocalFor):
(JSC::DFG::CPSRethreadingPhase::canonicalizeFlushOrPhantomLocalFor):
* dfg/DFGDriver.cpp:
(JSC::DFG::compile):
* dfg/DFGGraph.cpp:
(JSC::DFG::Graph::dump):
* dfg/DFGNodeFlags.cpp:
(JSC::DFG::dumpNodeFlags):
(DFG):
* dfg/DFGNodeFlags.h:
(DFG):
* dfg/DFGPredictionPropagationPhase.cpp:
(PredictionPropagationPhase):
(JSC::DFG::PredictionPropagationPhase::propagate):
* dfg/DFGUnificationPhase.cpp:
(JSC::DFG::UnificationPhase::run):
* dfg/DFGVariableAccessData.h:
(JSC::DFG::VariableAccessData::VariableAccessData):
(JSC::DFG::VariableAccessData::mergeIsLoadedFrom):
(VariableAccessData):
(JSC::DFG::VariableAccessData::setIsLoadedFrom):
(JSC::DFG::VariableAccessData::isLoadedFrom):

LayoutTests:

Reviewed by Oliver Hunt and Gavin Barraclough.

* fast/js/dfg-arith-add-overflow-check-elimination-predicted-but-not-proven-int-expected.txt: Added.
* fast/js/dfg-arith-add-overflow-check-elimination-predicted-but-not-proven-int.html: Added.
* fast/js/dfg-arith-add-overflow-check-elimination-tower-of-large-numbers-expected.txt: Added.
* fast/js/dfg-arith-add-overflow-check-elimination-tower-of-large-numbers.html: Added.
* fast/js/jsc-test-list:
* fast/js/script-tests/dfg-arith-add-overflow-check-elimination-predicted-but-not-proven-int.js: Added.
(foo):
(bar):
* fast/js/script-tests/dfg-arith-add-overflow-check-elimination-tower-of-large-numbers.js: Added.
(foo):
(bar):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145299 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoUpdate chromium baselines for transforms/3d/point-mapping
jamesr@google.com [Sat, 9 Mar 2013 02:29:31 +0000 (02:29 +0000)]
Update chromium baselines for transforms/3d/point-mapping

* platform/chromium-linux-x86/transforms/3d/point-mapping/3d-point-mapping-coplanar-expected.txt: Added.
* platform/chromium-linux/transforms/3d/point-mapping/3d-point-mapping-3-expected.png:
* platform/chromium-linux/transforms/3d/point-mapping/3d-point-mapping-coplanar-expected.png: Added.
* platform/chromium-linux/transforms/3d/point-mapping/3d-point-mapping-coplanar-expected.txt: Added.
* platform/chromium-linux/transforms/3d/point-mapping/3d-point-mapping-deep-expected.png: Added.
* platform/chromium-linux/transforms/3d/point-mapping/3d-point-mapping-expected.png:
* platform/chromium-linux/transforms/3d/point-mapping/3d-point-mapping-origins-expected.png:
* platform/chromium-linux/transforms/3d/point-mapping/3d-point-mapping-overlapping-expected.png:
* platform/chromium-linux/transforms/3d/point-mapping/3d-point-mapping-preserve-3d-expected.png:
* platform/chromium-mac-lion/transforms/3d/point-mapping/3d-point-mapping-coplanar-expected.png: Added.
* platform/chromium-mac-lion/transforms/3d/point-mapping/3d-point-mapping-deep-expected.png: Added.
* platform/chromium-mac-lion/transforms/3d/point-mapping/3d-point-mapping-origins-expected.png:
* platform/chromium-mac-snowleopard/transforms/3d/point-mapping/3d-point-mapping-coplanar-expected.png: Added.
* platform/chromium-mac-snowleopard/transforms/3d/point-mapping/3d-point-mapping-deep-expected.png:
* platform/chromium-mac-snowleopard/transforms/3d/point-mapping/3d-point-mapping-origins-expected.png:
* platform/chromium-mac/transforms/3d/point-mapping/3d-point-mapping-coplanar-expected.png: Added.
* platform/chromium-mac/transforms/3d/point-mapping/3d-point-mapping-deep-expected.png: Added.
* platform/chromium-mac/transforms/3d/point-mapping/3d-point-mapping-origins-expected.png:
* platform/chromium-win-xp/transforms/3d/point-mapping/3d-point-mapping-coplanar-expected.txt: Added.
* platform/chromium-win/transforms/3d/point-mapping/3d-point-mapping-coplanar-expected.png: Added.
* platform/chromium-win/transforms/3d/point-mapping/3d-point-mapping-coplanar-expected.txt: Added.
* platform/chromium-win/transforms/3d/point-mapping/3d-point-mapping-deep-expected.png:
* platform/chromium-win/transforms/3d/point-mapping/3d-point-mapping-origins-expected.png:
* platform/chromium/TestExpectations:
* platform/chromium/transforms/3d/point-mapping/3d-point-mapping-coplanar-expected.png: Removed.
* platform/chromium/transforms/3d/point-mapping/3d-point-mapping-deep-expected.png: Removed.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145298 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[CSS Grid Layout] Resolve grid-{end|after} integer against the end|after edge
jchaffraix@webkit.org [Sat, 9 Mar 2013 01:48:17 +0000 (01:48 +0000)]
[CSS Grid Layout] Resolve grid-{end|after} integer against the end|after edge
https://bugs.webkit.org/show_bug.cgi?id=111885

Reviewed by Tony Chang.

Source/WebCore:

The current code resolves grid-end (resp. grid-after) <integer>'s format against the start
(resp. before) axis. The specification changed so that they are resolved against their matching
axis.

Test: fast/css-grid-layout/grid-auto-flow-resolution.html

* rendering/RenderGrid.cpp:
(WebCore::RenderGrid::maximumIndexInDirection):
Updated the code to do the grid sizing measurement without resolveGridPositionsFromStyle. That's required
as resolveGridPositionsFromStyle requires the grid to be sized.

(WebCore::RenderGrid::placeItemsOnGrid):
Added a comment about not recomputing after grid growth. This issue was raised to www-style
(http://lists.w3.org/Archives/Public/www-style/2013Mar/0182.html).

(WebCore::RenderGrid::resolveGridPositionsFromStyle):
Added an ASSERT now that we don't call it during grid construction. Also added some code to pass
the side of the GridPosition we give to resolveGridPositionFromStyle.

(WebCore::RenderGrid::resolveGridPositionFromStyle):
Updated the code to resolve the grid position against the right side.

* rendering/RenderGrid.h:
Added GridPositionSide and updated resolveGridPositionFromStyle's signature.

LayoutTests:

* fast/css-grid-layout/grid-auto-flow-resolution-expected.txt:
Moar passing tests!

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145297 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoUnreviewed, rolling out r142015.
commit-queue@webkit.org [Sat, 9 Mar 2013 01:37:10 +0000 (01:37 +0000)]
Unreviewed, rolling out r142015.
http://trac.webkit.org/changeset/142015
https://bugs.webkit.org/show_bug.cgi?id=111904

The change caused 2 major regressions (bug 111091 and bug
111595) and Pravin doesn't have time to investigate them
(Requested by jchaffraix on #webkit).

Patch by Sheriff Bot <webkit.review.bot@gmail.com> on 2013-03-08

Source/WebCore:

* dom/Node.cpp:
(WebCore::Node::diff):
* rendering/RenderBlock.cpp:
(WebCore::RenderBlock::childBecameNonInline):
(WebCore):
* rendering/RenderBlock.h:
(RenderBlock):
* rendering/RenderBoxModelObject.h:
(WebCore::RenderBoxModelObject::childBecameNonInline):
(RenderBoxModelObject):
* rendering/RenderInline.cpp:
(WebCore::RenderInline::childBecameNonInline):
(WebCore):
* rendering/RenderInline.h:
(RenderInline):
* rendering/RenderObject.cpp:
(WebCore):
(WebCore::RenderObject::handleDynamicFloatPositionChange):
(WebCore::RenderObject::styleWillChange):
(WebCore::RenderObject::styleDidChange):
* rendering/RenderObject.h:
(RenderObject):

LayoutTests:

* fast/css/first-letter-removed-added-expected.txt:
* fast/dynamic/absolute-positioned-to-static-positioned-expected.txt: Removed.
* fast/dynamic/absolute-positioned-to-static-positioned.html: Removed.
* fast/dynamic/floating-to-non-floating-expected.txt: Removed.
* fast/dynamic/floating-to-non-floating.html: Removed.
* fast/dynamic/non-floating-to-floating-expected.txt: Removed.
* fast/dynamic/non-floating-to-floating.html: Removed.
* fast/dynamic/resources/helper-bug91665.js: Removed.
* fast/dynamic/resources/style-bug91665.css: Removed.
* fast/dynamic/static-positioned-to-absolute-positioned-expected.txt: Removed.
* fast/dynamic/static-positioned-to-absolute-positioned.html: Removed.
* fullscreen/full-screen-fixed-pos-parent-expected.txt:
* platform/chromium-mac/fast/repaint/absolute-position-change-containing-block-expected.png:
* platform/chromium-mac/fast/repaint/fixed-to-relative-position-with-absolute-child-expected.png:
* platform/chromium-win/fast/dynamic/002-expected.txt:
* platform/chromium/fast/dynamic/002-expected.txt:
* platform/chromium/fast/repaint/absolute-position-change-containing-block-expected.png: Removed.
* platform/chromium/fast/repaint/fixed-to-relative-position-with-absolute-child-expected.png: Removed.
* platform/mac/fast/dynamic/002-expected.txt:
* platform/mac/fast/repaint/absolute-position-change-containing-block-expected.png: Removed.
* platform/mac/fast/repaint/fixed-to-relative-position-with-absolute-child-expected.png: Removed.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145296 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoDon't snapshot Java plugins
dino@apple.com [Sat, 9 Mar 2013 01:31:22 +0000 (01:31 +0000)]
Don't snapshot Java plugins
https://bugs.webkit.org/show_bug.cgi?id=111899

Reviewed by Tim Horton.

Top-level:

Export MIMETypeRegistry::isJavaAppletMIMEType symbol.

* Source/autotools/symbols.filter:

Source/WebCore:

Export MIMETypeRegistry::isJavaAppletMIMEType symbol.

* WebCore.exp.in:

Source/WebKit2:

If the plugin is Java, return true from shouldAlwaysAutoStart.

* WebProcess/Plugins/PluginView.cpp:
(WebKit::PluginView::shouldAlwaysAutoStart): Check the mimetype for Java.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145295 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoCleanup: Remove dead code.
jparent@chromium.org [Sat, 9 Mar 2013 01:31:15 +0000 (01:31 +0000)]
Cleanup: Remove dead code.
https://bugs.webkit.org/show_bug.cgi?id=111900

Reviewed by Dirk Pranke.

Treemap overrides a global function that used to be in
dashboard_base, but was removed months ago in
https://bugs.webkit.org/show_bug.cgi?id=99246, so this code has
no caller.

* TestResultServer/static-dashboards/treemap.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145294 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[HTMLTemplateElement] processTemplateEndTag() needs to check for template in html...
rafaelw@chromium.org [Sat, 9 Mar 2013 01:29:38 +0000 (01:29 +0000)]
[HTMLTemplateElement] processTemplateEndTag() needs to check for template in html scope
https://bugs.webkit.org/show_bug.cgi?id=111880

Reviewed by Eric Seidel.

Source/WebCore:

Currently, </template> handling exits with an error if there is not a template tag "in scope"
which will be true if there is a table (for instance) below a template. This makes it so that
the search (correctly) examines the entire element stack.

Tests added to html5lib testing library.

* html/parser/HTMLTreeBuilder.cpp:
(WebCore::HTMLTreeBuilder::processTemplateEndTag):

LayoutTests:

* html5lib/resources/template.dat:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145293 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoBackgroundHTMLParser should be able to atomize well-known strings
eric@webkit.org [Sat, 9 Mar 2013 01:06:36 +0000 (01:06 +0000)]
BackgroundHTMLParser should be able to atomize well-known strings
https://bugs.webkit.org/show_bug.cgi?id=107337

Reviewed by Adam Barth.

Testing this patch easily requires applying bug 107236 locally
to remove all the rendering noise from Parser/html-threaded-parser.html.

This patch adds a new class HTMLIdentifier which allows us to avoid
allocating strings for known tag/attribute names from HTMLNames.

There is still a lot of meat on this bone, but I think it's important to
land something "smallish" to start and iterate from there.

This took Parser/html-threaded-parser.html from:
median= 443.726500002 ms, stdev= 7.25002679952 ms, min= 430.244000047 ms, max= 455.511000007 ms
to:
median= 427.849500004 ms, stdev= 9.96967058292 ms, min= 417.914000049 ms, max= 461.528000014 ms
on my MBP.

* CMakeLists.txt:
* GNUmakefile.list.am:
* Target.pri:
* WebCore.gypi:
* WebCore.vcproj/WebCore.vcproj:
* WebCore.vcxproj/WebCore.vcxproj:
* html/parser/AtomicHTMLToken.h:
(WebCore::AtomicHTMLToken::AtomicHTMLToken):
* html/parser/BackgroundHTMLParser.cpp:
(WebCore::tokenExitsForeignContent):
(WebCore::tokenExitsSVG):
(WebCore::tokenExitsMath):
(WebCore::BackgroundHTMLParser::simulateTreeBuilder):
* html/parser/CSSPreloadScanner.cpp:
(WebCore::CSSPreloadScanner::scan):
* html/parser/CSSPreloadScanner.h:
(WebCore):
(CSSPreloadScanner):
* html/parser/CompactHTMLToken.cpp:
(SameSizeAsCompactHTMLToken):
(WebCore::CompactHTMLToken::CompactHTMLToken):
* html/parser/CompactHTMLToken.h:
(WebCore::CompactHTMLToken::Attribute::Attribute):
(Attribute):
(WebCore::CompactHTMLToken::data):
(WebCore::CompactHTMLToken::publicIdentifier):
(CompactHTMLToken):
* html/parser/HTMLDocumentParser.cpp:
(WebCore::HTMLDocumentParser::startBackgroundParser):
* html/parser/HTMLIdentifier.cpp: Added.
(WebCore):
(WebCore::identifierTable):
(WebCore::HTMLIdentifier::hasIndex):
(WebCore::HTMLIdentifier::findIndex):
(WebCore::nameForIndex):
(WebCore::HTMLIdentifier::asString):
(WebCore::HTMLIdentifier::asStringImpl):
(WebCore::HTMLIdentifier::addNames):
(WebCore::HTMLIdentifier::init):
* html/parser/HTMLIdentifier.h: Added.
(WebCore):
(HTMLIdentifier):
(WebCore::HTMLIdentifier::HTMLIdentifier):
(WebCore::HTMLIdentifier::isSafeToSendToAnotherThread):
* html/parser/HTMLParserIdioms.cpp:
(WebCore::threadSafeEqual):
(WebCore::threadSafeMatch):
* html/parser/HTMLParserIdioms.h:
(WebCore):
(WebCore::threadSafeHTMLNamesMatch):
* html/parser/HTMLPreloadScanner.cpp:
(WebCore::TokenPreloadScanner::tagIdFor):
(WebCore::TokenPreloadScanner::StartTagScanner::match):
(TokenPreloadScanner::StartTagScanner):
(WebCore::TokenPreloadScanner::StartTagScanner::processAttribute):
* html/parser/HTMLPreloadScanner.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145292 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoAdd a failing test expectation per bug 111901.
rniwa@webkit.org [Sat, 9 Mar 2013 00:42:12 +0000 (00:42 +0000)]
Add a failing test expectation per bug 111901.

* platform/mac-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145288 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoUpdate a few more chromium baselines.
jamesr@google.com [Sat, 9 Mar 2013 00:29:45 +0000 (00:29 +0000)]
Update a few more chromium baselines.

* platform/chromium-mac-lion/editing/pasteboard/paste-text-016-expected.txt: Copied from LayoutTests/platform/chromium-win/editing/pasteboard/paste-text-016-expected.txt.
* platform/chromium-mac/editing/pasteboard/paste-text-016-expected.txt: Copied from LayoutTests/platform/chromium-win/editing/pasteboard/paste-text-016-expected.txt.
* platform/chromium-win-xp/editing/pasteboard/paste-text-016-expected.txt: Copied from LayoutTests/platform/chromium-win/editing/pasteboard/paste-text-016-expected.txt.
* platform/chromium-win-xp/svg/custom/scrolling-embedded-svg-file-image-repaint-problem-expected.txt:
* platform/chromium-win/editing/pasteboard/paste-text-016-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145287 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoCheck to ensure MultisampleRenderbuffer creation succeeds
commit-queue@webkit.org [Fri, 8 Mar 2013 23:47:16 +0000 (23:47 +0000)]
Check to ensure MultisampleRenderbuffer creation succeeds
https://bugs.webkit.org/show_bug.cgi?id=111780

Patch by Brandon Jones <bajones@google.com> on 2013-03-08
Reviewed by Dean Jackson.

On OSX systems using AMD graphics chips the allocation of large
Multisample Renderbuffers in Chromium would fail without any indication
of failure. Attempting to draw to the buffer resulted in garbage being
rendered onscreen. This could be reproduced by opening a full-page
WebGL app and pressing (Command + "-") several times. This patch adds an
additional check during DrawingBuffer resize to verify that the resized
buffer is valid.

* platform/graphics/gpu/DrawingBuffer.cpp:
(WebCore):
(WebCore::DrawingBuffer::checkBufferIntegrity):
(WebCore::DrawingBuffer::reset):
* platform/graphics/gpu/DrawingBuffer.h:
(DrawingBuffer):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145280 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoImplemented new API for RTCStatsReport object.
commit-queue@webkit.org [Fri, 8 Mar 2013 23:45:57 +0000 (23:45 +0000)]
Implemented new API for RTCStatsReport object.
https://bugs.webkit.org/show_bug.cgi?id=110333

Source/Platform:

Patch by Harald Alvestrand <hta@chromium.org> on 2013-03-08
Reviewed by Adam Barth.

* chromium/public/WebRTCStatsResponse.h:
(WebKit::WebRTCStatsResponse::WebRTCStatsResponse):
(WebRTCStatsResponse):

Source/WebCore:

Removed RTCStatsElement object, moved its interface to
RTCStatsReport. Preserved some interfaces for
backwards compatibility; will be removed in a later patch.

Patch by Harald Alvestrand <hta@chromium.org> on 2013-03-08
Reviewed by Adam Barth.

Tested by extensions to RTCPeerConnection-stats test.

* Modules/mediastream/RTCStatsElement.cpp: Removed.
* Modules/mediastream/RTCStatsElement.h: Removed.
* Modules/mediastream/RTCStatsElement.idl: Removed.
* Modules/mediastream/RTCStatsReport.cpp:
(WebCore::RTCStatsReport::create):
(WebCore::RTCStatsReport::RTCStatsReport):
(WebCore):
(WebCore::RTCStatsReport::names):
(WebCore::RTCStatsReport::local):
(WebCore::RTCStatsReport::remote):
(WebCore::RTCStatsReport::addStatistic):
(WebCore::RTCStatsReport::addElement):
* Modules/mediastream/RTCStatsReport.h:
(RTCStatsReport):
(WebCore::RTCStatsReport::timestamp):
(WebCore::RTCStatsReport::id):
(WebCore::RTCStatsReport::stat):
* Modules/mediastream/RTCStatsReport.idl:
* Modules/mediastream/RTCStatsResponse.cpp:
(WebCore::RTCStatsResponse::namedItem):
(WebCore):
(WebCore::RTCStatsResponse::addReport):
(WebCore::RTCStatsResponse::addStatistic):
* Modules/mediastream/RTCStatsResponse.h:
(RTCStatsResponse):
* Modules/mediastream/RTCStatsResponse.idl:
* WebCore.gypi:
* platform/chromium/support/WebRTCStatsResponse.cpp:
(WebKit::WebRTCStatsResponse::addReport):
(WebKit):
(WebKit::WebRTCStatsResponse::addStatistic):
(WebKit::WebRTCStatsResponse::addElement):
* platform/mediastream/RTCStatsResponseBase.h:
(RTCStatsResponseBase):

Tools:

Patch by Harald Alvestrand <hta@chromium.org> on 2013-03-08
Reviewed by Adam Barth.

* DumpRenderTree/chromium/TestRunner/src/MockWebRTCPeerConnectionHandler.cpp:
(WebTestRunner::MockWebRTCPeerConnectionHandler::getStats):

LayoutTests:

Patch by Harald Alvestrand <hta@chromium.org> on 2013-03-08
Reviewed by Adam Barth.

* fast/mediastream/RTCPeerConnection-stats-expected.txt:
* fast/mediastream/RTCPeerConnection-stats.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145279 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoChromium rebaselines and expectations updates.
jamesr@google.com [Fri, 8 Mar 2013 23:40:40 +0000 (23:40 +0000)]
Chromium rebaselines and expectations updates.

* platform/chromium-linux-x86/platform/chromium/virtual/softwarecompositing/overflow/composited-scrolling-creates-a-stacking-container-expected.txt: Copied from LayoutTests/platform/chromium-linux/platform/chromium/virtual/gpu/compositedscrolling/overflow/composited-scrolling-creates-a-stacking-container-expected.txt.
* platform/chromium-linux/compositing/tiling/rotated-tiled-clamped-expected.png: Added.
* platform/chromium-linux/compositing/tiling/rotated-tiled-preserve3d-clamped-expected.png: Added.
* platform/chromium-linux/platform/chromium/virtual/gpu/compositedscrolling/overflow/composited-scrolling-creates-a-stacking-container-expected.txt:
* platform/chromium-linux/platform/chromium/virtual/gpu/compositedscrolling/overflow/do-not-paint-outline-into-composited-scrolling-contents-expected.png: Added.
* platform/chromium-linux/platform/chromium/virtual/gpu/compositedscrolling/overflow/paint-neg-z-order-descendants-into-scrolling-contents-layer-expected.png: Added.
* platform/chromium-linux/platform/chromium/virtual/softwarecompositing/overflow/composited-scrolling-creates-a-stacking-container-expected.txt:
* platform/chromium-linux/platform/chromium/virtual/softwarecompositing/overflow/do-not-paint-outline-into-composited-scrolling-contents-expected.png: Added.
* platform/chromium-mac-lion/platform/chromium/virtual/gpu/compositedscrolling/overflow/do-not-paint-outline-into-composited-scrolling-contents-expected.png: Added.
* platform/chromium-mac-lion/platform/chromium/virtual/gpu/compositedscrolling/overflow/paint-neg-z-order-descendants-into-scrolling-contents-layer-expected.png: Added.
* platform/chromium-mac-lion/platform/chromium/virtual/softwarecompositing/overflow/composited-scrolling-creates-a-stacking-container-expected.txt: Copied from LayoutTests/platform/chromium-linux/platform/chromium/virtual/gpu/compositedscrolling/overflow/composited-scrolling-creates-a-stacking-container-expected.txt.
* platform/chromium-mac-lion/platform/chromium/virtual/softwarecompositing/overflow/do-not-paint-outline-into-composited-scrolling-contents-expected.png: Added.
* platform/chromium-mac-snowleopard/platform/chromium/virtual/gpu/compositedscrolling/overflow/do-not-paint-outline-into-composited-scrolling-contents-expected.png: Added.
* platform/chromium-mac-snowleopard/platform/chromium/virtual/gpu/compositedscrolling/overflow/paint-neg-z-order-descendants-into-scrolling-contents-layer-expected.png: Added.
* platform/chromium-mac-snowleopard/platform/chromium/virtual/softwarecompositing/overflow/composited-scrolling-creates-a-stacking-container-expected.txt: Copied from LayoutTests/platform/chromium-linux/platform/chromium/virtual/gpu/compositedscrolling/overflow/composited-scrolling-creates-a-stacking-container-expected.txt.
* platform/chromium-mac-snowleopard/platform/chromium/virtual/softwarecompositing/overflow/do-not-paint-outline-into-composited-scrolling-contents-expected.png: Added.
* platform/chromium-mac/compositing/tiling/rotated-tiled-clamped-expected.png: Added.
* platform/chromium-mac/compositing/tiling/rotated-tiled-preserve3d-clamped-expected.png: Added.
* platform/chromium-mac/platform/chromium/compositing/rubberbanding/transform-overhang-ne-expected.png: Added.
* platform/chromium-mac/platform/chromium/compositing/rubberbanding/transform-overhang-nw-expected.png: Added.
* platform/chromium-mac/platform/chromium/compositing/rubberbanding/transform-overhang-se-expected.png: Added.
* platform/chromium-mac/platform/chromium/compositing/rubberbanding/transform-overhang-size-change-expected.png: Added.
* platform/chromium-mac/platform/chromium/compositing/rubberbanding/transform-overhang-sw-expected.png: Added.
* platform/chromium-mac/platform/chromium/virtual/gpu/compositedscrolling/overflow/do-not-paint-outline-into-composited-scrolling-contents-expected.png: Added.
* platform/chromium-mac/platform/chromium/virtual/gpu/compositedscrolling/overflow/overflow-scroll-expected.txt: Added.
* platform/chromium-mac/platform/chromium/virtual/gpu/compositedscrolling/overflow/paint-neg-z-order-descendants-into-scrolling-contents-layer-expected.png: Added.
* platform/chromium-mac/platform/chromium/virtual/softwarecompositing/overflow/composited-scrolling-creates-a-stacking-container-expected.txt: Copied from LayoutTests/platform/chromium-linux/platform/chromium/virtual/gpu/compositedscrolling/overflow/composited-scrolling-creates-a-stacking-container-expected.txt.
* platform/chromium-mac/platform/chromium/virtual/softwarecompositing/overflow/do-not-paint-outline-into-composited-scrolling-contents-expected.png: Added.
* platform/chromium-win-xp/platform/chromium/virtual/softwarecompositing/overflow/composited-scrolling-creates-a-stacking-container-expected.txt: Copied from LayoutTests/platform/chromium-linux/platform/chromium/virtual/gpu/compositedscrolling/overflow/composited-scrolling-creates-a-stacking-container-expected.txt.
* platform/chromium-win/compositing/tiling/rotated-tiled-clamped-expected.png: Added.
* platform/chromium-win/compositing/tiling/rotated-tiled-preserve3d-clamped-expected.png: Added.
* platform/chromium-win/platform/chromium/virtual/gpu/compositedscrolling/overflow/do-not-paint-outline-into-composited-scrolling-contents-expected.png: Added.
* platform/chromium-win/platform/chromium/virtual/gpu/compositedscrolling/overflow/overflow-scroll-expected.txt: Added.
* platform/chromium-win/platform/chromium/virtual/gpu/compositedscrolling/overflow/paint-neg-z-order-descendants-into-scrolling-contents-layer-expected.png: Added.
* platform/chromium-win/platform/chromium/virtual/softwarecompositing/overflow/composited-scrolling-creates-a-stacking-container-expected.txt: Copied from LayoutTests/platform/chromium-linux/platform/chromium/virtual/gpu/compositedscrolling/overflow/composited-scrolling-creates-a-stacking-container-expected.txt.
* platform/chromium-win/platform/chromium/virtual/softwarecompositing/overflow/do-not-paint-outline-into-composited-scrolling-contents-expected.png: Added.
* platform/chromium/TestExpectations:
* platform/chromium/platform/chromium/virtual/gpu/compositedscrolling/overflow/composited-scrolling-creates-a-stacking-container-expected.txt: Copied from LayoutTests/platform/chromium-linux/platform/chromium/virtual/gpu/compositedscrolling/overflow/composited-scrolling-creates-a-stacking-container-expected.txt.
* platform/chromium/platform/chromium/virtual/gpu/compositedscrolling/overflow/do-not-paint-outline-into-composited-scrolling-contents-expected.txt: Added.
* platform/chromium/platform/chromium/virtual/gpu/compositedscrolling/overflow/paint-neg-z-order-descendants-into-scrolling-contents-layer-expected.txt: Added.
* platform/chromium/platform/chromium/virtual/softwarecompositing/overflow/do-not-paint-outline-into-composited-scrolling-contents-expected.txt: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145278 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoFree up background parser's checkpoints when speculation succeeds
eric@webkit.org [Fri, 8 Mar 2013 23:39:25 +0000 (23:39 +0000)]
Free up background parser's checkpoints when speculation succeeds
https://bugs.webkit.org/show_bug.cgi?id=110547

Reviewed by Adam Barth.

This should be a memory (and possible perf) win while parsing
pages, as we will no longer hold multiple copies of every
source byte during the whole parse.

Many LayoutTests exercise this code path, and I've manually (debugger and printf)
that we're hitting this code, but we'll have to wait for the memory/perf bots
to tell us if this shows up as a win.

We only bother to message the parser at the end of a speculation chain, so as not
to send too many messages to the background parser.

* html/parser/BackgroundHTMLInputStream.cpp:
(WebCore::BackgroundHTMLInputStream::BackgroundHTMLInputStream):
(WebCore::BackgroundHTMLInputStream::invalidateCheckpointsUpThrough):
(WebCore):
(WebCore::BackgroundHTMLInputStream::rewindTo):
* html/parser/BackgroundHTMLInputStream.h:
(BackgroundHTMLInputStream):
(Checkpoint):
(WebCore::BackgroundHTMLInputStream::Checkpoint::isNull):
(WebCore::BackgroundHTMLInputStream::Checkpoint::clear):
* html/parser/BackgroundHTMLParser.cpp:
(WebCore::BackgroundHTMLParser::passedCheckpoint):
(WebCore):
* html/parser/BackgroundHTMLParser.h:
(BackgroundHTMLParser):
* html/parser/HTMLDocumentParser.cpp:
(WebCore::HTMLDocumentParser::pumpPendingSpeculations):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145277 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[chromium] Keydown event for 'shift+alt' returns win keycode instead of 'alt'
commit-queue@webkit.org [Fri, 8 Mar 2013 23:27:11 +0000 (23:27 +0000)]
[chromium] Keydown event for 'shift+alt' returns win keycode instead of 'alt'
https://bugs.webkit.org/show_bug.cgi?id=111112

Patch by Chandra Shekar Vallala <brk376@motorola.com> on 2013-03-08
Reviewed by Tony Chang.

.:

Return windows keycode of Alt incase of GDK_META_L, GDK_META_R.

Try press Shift then alt key. The test passes if the shiftKey, altKey values
of JSKeyEvent are true and keycode/which is 18.

* ManualTests/shift-alt-key-event.html: Added.

Source/WebCore:

Return windows keycode of Alt incase of GDK_META_L, GDK_META_R. This matches
the firefox behaviour in linux platform.

Added Manual Test : ManualTests/shift-alt-key-event.html
Try press Shift then alt key. The test passes if the shiftKey, altKey values
of JSKeyEvent are true and keycode/which is 18.

* platform/chromium/KeyCodeConversionGtk.cpp:
(WebCore::windowsKeyCodeForKeyEvent):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145276 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoUpdate some more chromium compositor pixel baselines.
jamesr@google.com [Fri, 8 Mar 2013 22:57:54 +0000 (22:57 +0000)]
Update some more chromium compositor pixel baselines.

* platform/chromium-linux/compositing/masks/simple-composited-mask-expected.png:
* platform/chromium-linux/compositing/overflow/composited-scrolling-creates-a-stacking-container-expected.txt:
* platform/chromium-linux/compositing/overflow/do-not-paint-outline-into-composited-scrolling-contents-expected.png: Added.
* platform/chromium-linux/compositing/overflow/paint-neg-z-order-descendants-into-scrolling-contents-layer-expected.png: Added.
* platform/chromium-linux/compositing/reflections/load-video-in-reflection-expected.png:
* platform/chromium-linux/compositing/reflections/nested-reflection-anchor-point-expected.png:
* platform/chromium-mac-lion/compositing/masks/simple-composited-mask-expected.png:
* platform/chromium-mac-lion/compositing/overflow/do-not-paint-outline-into-composited-scrolling-contents-expected.png: Added.
* platform/chromium-mac-lion/compositing/overflow/paint-neg-z-order-descendants-into-scrolling-contents-layer-expected.png: Added.
* platform/chromium-mac-lion/compositing/reflections/load-video-in-reflection-expected.png:
* platform/chromium-mac-lion/compositing/reflections/nested-reflection-anchor-point-expected.png:
* platform/chromium-mac-snowleopard/compositing/masks/simple-composited-mask-expected.png:
* platform/chromium-mac-snowleopard/compositing/overflow/do-not-paint-outline-into-composited-scrolling-contents-expected.png: Added.
* platform/chromium-mac-snowleopard/compositing/overflow/paint-neg-z-order-descendants-into-scrolling-contents-layer-expected.png: Added.
* platform/chromium-mac-snowleopard/compositing/reflections/load-video-in-reflection-expected.png:
* platform/chromium-mac-snowleopard/compositing/reflections/nested-reflection-anchor-point-expected.png:
* platform/chromium-mac/compositing/masks/simple-composited-mask-expected.png:
* platform/chromium-mac/compositing/overflow/do-not-paint-outline-into-composited-scrolling-contents-expected.png: Added.
* platform/chromium-mac/compositing/overflow/paint-neg-z-order-descendants-into-scrolling-contents-layer-expected.png: Added.
* platform/chromium-mac/compositing/reflections/load-video-in-reflection-expected.png:
* platform/chromium-mac/compositing/reflections/nested-reflection-anchor-point-expected.png:
* platform/chromium-win/compositing/masks/simple-composited-mask-expected.png:
* platform/chromium-win/compositing/overflow/do-not-paint-outline-into-composited-scrolling-contents-expected.png: Added.
* platform/chromium-win/compositing/overflow/paint-neg-z-order-descendants-into-scrolling-contents-layer-expected.png: Added.
* platform/chromium-win/compositing/reflections/load-video-in-reflection-expected.png:
* platform/chromium-win/compositing/reflections/nested-reflection-anchor-point-expected.png:
* platform/chromium/TestExpectations:
* platform/chromium/compositing/overflow/composited-scrolling-creates-a-stacking-container-expected.txt: Copied from LayoutTests/platform/chromium-linux/compositing/overflow/composited-scrolling-creates-a-stacking-container-expected.txt.
* platform/chromium/compositing/overflow/do-not-paint-outline-into-composited-scrolling-contents-expected.txt: Added.
* platform/chromium/compositing/overflow/paint-neg-z-order-descendants-into-scrolling-contents-layer-expected.txt: Added.
* platform/efl-wk2/compositing/reflections/nested-reflection-anchor-point-expected.png: Renamed from LayoutTests/platform/efl/compositing/reflections/nested-reflection-anchor-point-expected.png.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145274 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoUnreviewed. Rolled Chromium DEPS to r187037. Requested by
commit-queue@webkit.org [Fri, 8 Mar 2013 22:45:34 +0000 (22:45 +0000)]
Unreviewed.  Rolled Chromium DEPS to r187037.  Requested by
"James Robinson" <jamesr@chromium.org> via sheriffbot.

Patch by Sheriff Bot <webkit.review.bot@gmail.com> on 2013-03-08

* DEPS:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145273 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[chromium] use custom freetype on linux asan builds again
dpranke@chromium.org [Fri, 8 Mar 2013 22:41:10 +0000 (22:41 +0000)]
[chromium] use custom freetype on linux asan builds again
https://bugs.webkit.org/show_bug.cgi?id=111884

Reviewed by Tony Chang.

We no longer need the workaround after chromium r186540.

* DumpRenderTree/DumpRenderTree.gyp/DumpRenderTree.gyp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145272 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoUnreviewed gardening. AppleWin port.
roger_fong@apple.com [Fri, 8 Mar 2013 22:38:55 +0000 (22:38 +0000)]
Unreviewed gardening. AppleWin port.

* platform/win/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145271 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoWarning about the user not having edit rights on Bugzilla is confusing new contributors
rniwa@webkit.org [Fri, 8 Mar 2013 22:36:47 +0000 (22:36 +0000)]
Warning about the user not having edit rights on Bugzilla is confusing new contributors
https://bugs.webkit.org/show_bug.cgi?id=111798

Reviewed by Dirk Pranke.

Don't scare people by the warning. Instead, tell them to ignore it if they don't have EditBugs privileges.

* Scripts/webkitpy/common/net/bugzilla/bugzilla.py:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145270 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoUpdate baselines for a few chromium compositor tests.
jamesr@google.com [Fri, 8 Mar 2013 22:26:57 +0000 (22:26 +0000)]
Update baselines for a few chromium compositor tests.

* platform/chromium-linux/compositing/checkerboard-expected.png: Removed.
* platform/chromium-linux/compositing/geometry/vertical-scroll-composited-expected.png:
* platform/chromium-mac-lion/compositing/checkerboard-expected.png: Removed.
* platform/chromium-mac/compositing/checkerboard-expected.png:
* platform/chromium-mac/compositing/geometry/vertical-scroll-composited-expected.png:
* platform/chromium-win/compositing/checkerboard-expected.png: Removed.
* platform/chromium-win/compositing/geometry/vertical-scroll-composited-expected.png:
* platform/chromium/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145269 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoCSP: 'eval()' is blocked in report-only mode.
mkwst@chromium.org [Fri, 8 Mar 2013 22:19:51 +0000 (22:19 +0000)]
CSP: 'eval()' is blocked in report-only mode.
https://bugs.webkit.org/show_bug.cgi?id=111867

Reviewed by Adam Barth.

Source/WebCore:

Setting a 'Content-Security-Policy-Report-Only' header should not have
any effect on what a page actually executes. Currently, however, setting
a 'script-src' directive that doesn't whitelist 'unsafe-eval' actually
blocks 'eval()' on the page. This patch fixes that by checking whether
we're in report-only mode before turning 'eval()' off inside the script
engine.

This leaves us in a weird state, however. We don't currently have any
mechanism of explaining to the VM that we just want to be notified of
'eval()' usage. I've filed http://wkbug.com/111869 to cover this
aspect.

Test: http/tests/security/contentSecurityPolicy/eval-allowed-in-report-only-mode.html

* page/ContentSecurityPolicy.cpp:
(WebCore::ContentSecurityPolicy::didReceiveHeader):
    For each policy we parse, check that we're only turning off eval in
    the VM when we're in enforce mode. If we're in report-only mode,
    skip it.

LayoutTests:

* http/tests/security/contentSecurityPolicy/eval-allowed-in-report-only-mode-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/eval-allowed-in-report-only-mode.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145268 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago <rdar://problem/13338743> Fix sandbox profile preprocessor flags for compatib...
ap@apple.com [Fri, 8 Mar 2013 22:09:09 +0000 (22:09 +0000)]
    <rdar://problem/13338743> Fix sandbox profile preprocessor flags for compatibility with new clang.

        Reviewed by Alexey Proskuryakov.
        Patch by Bob Wilson.

        * DerivedSources.make: Only use -traditional when we have to work around old
        behavior of -std=c89.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145267 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoUpdate baselines for string prototypes fixed by v8-i18n roll 164:171
jamesr@google.com [Fri, 8 Mar 2013 21:47:42 +0000 (21:47 +0000)]
Update baselines for string prototypes fixed by v8-i18n roll 164:171

* platform/chromium/fast/js/kde/function_length-expected.txt: Removed.
* platform/chromium/fast/js/kde/inbuilt_function_tostring-expected.txt:
* platform/chromium/fast/js/string-prototype-properties-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145266 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoREGRESSION (r143643): <button> should support ::first-line and ::first-letter
commit-queue@webkit.org [Fri, 8 Mar 2013 21:45:29 +0000 (21:45 +0000)]
REGRESSION (r143643): <button> should support ::first-line and ::first-letter
https://bugs.webkit.org/show_bug.cgi?id=111782

Patch by Christian Biesinger <cbiesinger@chromium.org> on 2013-03-08
Reviewed by Ojan Vafai.

Source/WebCore:

Test: fast/forms/button-first-line-first-letter.html

* rendering/RenderBlock.cpp:
(WebCore::RenderBlock::firstLineBlock):
(WebCore::findFirstLetterBlock):
Add isRenderButton to the first-line and first-letter checks that
don't allow ::first-* styles for flexbox.

LayoutTests:

* fast/forms/button-first-line-first-letter-expected.html: Added.
* fast/forms/button-first-line-first-letter.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145265 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoUnreviewed build fix for EFL, GTK and Qt after r145254.
joone.hur@intel.com [Fri, 8 Mar 2013 21:25:18 +0000 (21:25 +0000)]
Unreviewed build fix for EFL, GTK and Qt after r145254.

* Shared/SandboxExtension.h:
(WebKit::SandboxExtension::revoke):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145264 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoLayout Test fast/dom/HTMLMeterElement/meter-element-crash.html is failing
jamesr@google.com [Fri, 8 Mar 2013 21:20:24 +0000 (21:20 +0000)]
Layout Test fast/dom/HTMLMeterElement/meter-element-crash.html is failing
https://bugs.webkit.org/show_bug.cgi?id=88131

Reviewed by Tony Chang.

This test was calling setTimeout(..., 0) in a <script> block before the end of the document.
The timeout sometimes fired before parsing the rest of the document and sometimes after,
depending on when the parser yielded. This moves the <script> block to the end of the document
so it always runs after parsing the rest of the test, which is the more common and expected
behavior.

* fast/dom/HTMLMeterElement/meter-element-crash.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145263 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoBuild fix for AppleWin VS2010.
roger_fong@apple.com [Fri, 8 Mar 2013 21:14:48 +0000 (21:14 +0000)]
Build fix for AppleWin VS2010.

* WebKit.vcxproj/FeatureDefines.props:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145262 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoAdded a regression test for raw parsing speed
ggaren@apple.com [Fri, 8 Mar 2013 21:11:53 +0000 (21:11 +0000)]
Added a regression test for raw parsing speed
https://bugs.webkit.org/show_bug.cgi?id=111808

Reviewed by Oliver Hunt.

* fast/js/regress/nested-function-parsing-random.html: Added.
* fast/js/regress/script-tests/nested-function-parsing-random.js: Added.
(randomIdent): Use randomness to defeat caching.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145261 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoRemoved an out-of-date comment from SharedTimer
ggaren@apple.com [Fri, 8 Mar 2013 21:11:05 +0000 (21:11 +0000)]
Removed an out-of-date comment from SharedTimer
https://bugs.webkit.org/show_bug.cgi?id=111875

Reviewed by Mark Hahnenberg.

Even if we surround each call to an ObjC interface with an autorelease
pool, it's still nice to have one at top-level entry points like
timers, to avoid turning a single mistake into a long-term leak.

* platform/ios/SharedTimerIOS.mm:
(WebCore::timerFired):
* platform/mac/SharedTimerMac.mm:
(WebCore::timerFired):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145260 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoChromium gardening.
jamesr@google.com [Fri, 8 Mar 2013 21:04:27 +0000 (21:04 +0000)]
Chromium gardening.

* platform/chromium-linux-x86/platform/chromium/fast/forms/calendar-picker/calendar-picker-appearance-month-popup-expected.png: Added.
* platform/chromium-linux/editing/pasteboard/paste-text-016-expected.txt: Added.
* platform/chromium-linux/platform/chromium/fast/forms/calendar-picker/calendar-picker-appearance-month-popup-expected.png: Added.
* platform/chromium-mac-snowleopard/editing/pasteboard/paste-text-016-expected.txt: Added.
* platform/chromium-win-xp/platform/chromium/fast/forms/calendar-picker/calendar-picker-appearance-month-popup-expected.png: Added.
* platform/chromium-win/platform/chromium/fast/forms/calendar-picker/calendar-picker-appearance-month-popup-expected.png: Added.
* platform/chromium/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145259 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[chromium] Remove WebLayerTreeViewClient and WebLayerTreeView::Settings
commit-queue@webkit.org [Fri, 8 Mar 2013 21:02:00 +0000 (21:02 +0000)]
[chromium] Remove WebLayerTreeViewClient and WebLayerTreeView::Settings
https://bugs.webkit.org/show_bug.cgi?id=111632

Patch by James Robinson <jamesr@chromium.org> on 2013-03-08
Reviewed by Adrienne Walker.

Source/Platform:

Neither of these are used any more. All callbacks from the compositor are handled by
the embedder and plumbed (where appropriate) through the WebWidget/WebView APIs. All
settings are handled by the embedder.

* Platform.gypi:
* chromium/public/WebLayerTreeView.h:
(WebKit):
* chromium/public/WebLayerTreeViewClient.h: Removed.
* chromium/public/WebUnitTestSupport.h:
(WebKit):

Source/WebKit/chromium:

* public/WebWidgetClient.h:
(WebWidgetClient):
(WebKit::WebWidgetClient::initializeLayerTreeView):
* src/WebViewImpl.cpp:
(WebKit::WebViewImpl::setIsAcceleratedCompositingActive):
* src/WebViewImpl.h:
* tests/ScrollingCoordinatorChromiumTest.cpp:
(WebKit::FakeWebViewClient::initializeLayerTreeView):

Tools:

* DumpRenderTree/chromium/WebViewHost.cpp:
(WebViewHost::initializeLayerTreeView):
* DumpRenderTree/chromium/WebViewHost.h:
(WebViewHost):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145258 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoMac rebaseline after r145242. I'm really hoping that the optimization didn't mess...
rniwa@webkit.org [Fri, 8 Mar 2013 20:56:39 +0000 (20:56 +0000)]
Mac rebaseline after r145242. I'm really hoping that the optimization didn't mess this up.

* css1/box_properties/margin_bottom-expected.txt: Replaced.
* css1/box_properties/margin_top-expected.txt: Replaced.
* css1/box_properties/padding_bottom-expected.txt: Replaced.
* css1/box_properties/padding_top-expected.txt: Replaced.
* css1/color_and_background/background_attachment-expected.txt: Replaced.
* platform/mac/css1/formatting_model/vertical_formatting-expected.txt:
* platform/mac/css2.1/t080301-c411-vt-mrgn-00-b-expected.txt:
* platform/mac/css3/flexbox/flexbox-baseline-expected.txt:
* platform/mac/svg/custom/scrolling-embedded-svg-file-image-repaint-problem-expected.txt:
* platform/mac/svg/zoom/page/zoom-svg-through-object-with-absolute-size-2-expected.txt:
* platform/mac/svg/zoom/page/zoom-svg-through-object-with-percentage-size-expected.txt:
* platform/mac/tables/mozilla/bugs/bug126742-expected.txt:
* platform/mac/tables/mozilla/bugs/bug69187-expected.txt:
* platform/win-future/css1: Added.
* platform/win-future/css1/box_properties: Added.
* platform/win-future/css1/box_properties/margin_bottom-expected.txt: Added.
* platform/win-future/css1/box_properties/margin_top-expected.txt: Added.
* platform/win-future/css1/box_properties/padding_bottom-expected.txt: Added.
* platform/win-future/css1/box_properties/padding_top-expected.txt: Added.
* platform/win-future/css1/color_and_background: Added.
* platform/win-future/css1/color_and_background/background_attachment-expected.txt: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145257 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agonon-Mac ports build fix after r145235.
rniwa@webkit.org [Fri, 8 Mar 2013 20:47:53 +0000 (20:47 +0000)]
non-Mac ports build fix after r145235.

* UIProcess/WebInspectorProxy.cpp:
(WebKit::createInspectorPageGroup):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145256 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago[Mac] Add a feature flag for 'view-mode' Media Feature, disable it on Mac
benjamin@webkit.org [Fri, 8 Mar 2013 20:40:09 +0000 (20:40 +0000)]
[Mac] Add a feature flag for 'view-mode' Media Feature, disable it on Mac
https://bugs.webkit.org/show_bug.cgi?id=111297

Reviewed by Kenneth Rohde Christiansen.

Source/WebCore:

The 'view-mode' Media Feature spec is implemented in WebCore but
there is no WebKit support for it on Mac.
Because of this, we always lie and report a windowed view mode.

This patch add a feature flag for the feature and disable it on
Mac so that we stop reporting incorrect default values.

* WebCore.exp.in:
* css/CSSValueKeywords.in:
* css/MediaFeatureNames.h:
(MediaFeatureNames):
* css/MediaQueryEvaluator.cpp:
* css/MediaQueryExp.cpp:
(WebCore::featureWithCSSValueID):
(WebCore::featureWithoutValue):
* page/Page.cpp:
(WebCore::Page::Page):
* page/Page.h:
(Page):

Source/WebKit2:

* WebProcess/InjectedBundle/API/c/WKBundlePage.cpp:
* WebProcess/InjectedBundle/API/c/WKBundlePagePrivate.h:
* WebProcess/WebPage/WebPage.cpp:
* WebProcess/WebPage/WebPage.h:

Source/WTF:

* wtf/FeatureDefines.h: Add a new feature flag for the view-mode
CSS media: ENABLE_VIEW_MODE_CSS_MEDIA.

Tools:

* WebKitTestRunner/InjectedBundle/TestRunner.cpp:
(WTR::TestRunner::setViewModeMediaFeature):

LayoutTests:

* platform/mac/TestExpectations:
Mark the view-mode tests as failing to track any regression
or crash in this area.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145255 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years ago Make it possible to reuse sandbox extensions
ap@apple.com [Fri, 8 Mar 2013 20:25:58 +0000 (20:25 +0000)]
    Make it possible to reuse sandbox extensions
        https://bugs.webkit.org/show_bug.cgi?id=111883

        Reviewed by Anders Carlsson.

        Replaced invalidate() with revoke().

        We now count how many times consume() was called, and keep the extension active
        for as long as revoke() hasn't been called as many times. Also, we only permanently
        destroy the extension in destructor.

        This allows for properly keeping extensions in NetworkBlobRegistry for as long as
        they are needed.

        * NetworkProcess/SchedulableLoader.cpp:
        (WebKit::SchedulableLoader::invalidateSandboxExtensions):
        * Shared/Downloads/Download.cpp:
        (WebKit::Download::didFinish):
        (WebKit::Download::didFail):
        (WebKit::Download::didCancel):
        * Shared/SandboxExtension.h:
        (SandboxExtension):
        * Shared/WebMemorySampler.cpp:
        (WebKit::WebMemorySampler::stop):
        * Shared/mac/SandboxExtensionMac.mm:
        (WebKit::SandboxExtension::SandboxExtension):
        (WebKit::SandboxExtension::revoke):
        (WebKit::SandboxExtension::consume):
        * WebProcess/WebPage/WebPage.cpp:
        (WebKit::WebPage::performDragControllerAction):
        (WebKit::WebPage::SandboxExtensionTracker::invalidate):
        (WebKit::WebPage::SandboxExtensionTracker::setPendingProvisionalSandboxExtension):
        (WebKit::WebPage::SandboxExtensionTracker::didCommitProvisionalLoad):
        (WebKit::WebPage::SandboxExtensionTracker::didFailProvisionalLoad):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145254 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 years agoAfter sending message, Mail changes formatting
rniwa@webkit.org [Fri, 8 Mar 2013 20:11:02 +0000 (20:11 +0000)]
After sending message, Mail changes formatting
https://bugs.webkit.org/show_bug.cgi?id=111360

Reviewed by Enrica Casucci.

Source/WebCore:

Added makeInsertedContentRoundTrippableWithHTMLTreeBuilder to move prohibited children (e.g. p, h1, etc...)
out of paragraph elements to run immediately after the fragment insertion. This function splits trees and
moves prohibited children out of paragraph elements to keep the tree isomorphic under HTML serialization and
parsing. Unfortunately, there are many other DOM tree constructs we need to fix to make the subtree truly
isomorphic but this is a step forward.

Test: editing/pasteboard/pasting-into-p-should-not-nest-p.html

* editing/ReplaceSelectionCommand.cpp:
(WebCore::isProhibitedParagraphChild): Added. Matches the list at
https://dvcs.w3.org/hg/editing/raw-file/57abe6d3cb60/editing.html#prohibited-paragraph-child
except main element, which is currently missing in the specification.
(WebCore::ReplaceSelectionCommand::makeInsertedContentRoundTrippableWithHTMLTreeBuilder): Added.
(WebCore::ReplaceSelectionCommand::moveNodeOutOfAncestor): Added.
(WebCore::ReplaceSelectionCommand::doApply): Call moveProhibitedChildrenOutOfParagraphElements.

* editing/ReplaceSelectionCommand.h:
(ReplaceSelectionCommand):

LayoutTests:

Added a regression test, demonstrating that a paragraph element is not nested after a paste.
Also rebaselined multiple tests that had been exhibiting this bug in their expected results.

* editing/pasteboard/block-wrappers-necessary-expected.txt:
* editing/pasteboard/paste-table-001-expected.txt:
* editing/pasteboard/paste-text-011-expected.txt:
* editing/pasteboard/paste-text-015-expected.txt:
* editing/pasteboard/pasting-into-p-should-not-nest-p-expected.txt: Added.
* editing/pasteboard/pasting-into-p-should-not-nest-p.html: Added.
* editing/pasteboard/pasting-into-h6-should-not-nest-h6-expected.txt: Added.
* editing/pasteboard/pasting-into-h6-should-not-nest-h6.html: Added.
* platform/mac/editing/pasteboard/paste-text-016-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145253 268f45cc-cd09-0410-ab3c-d52691b4dbfc