Timeline


and

07/25/14: Today

13:26 Changeset [171611] by mhahnenberg@apple.com

Fix 32-bit build breakage for type profiling
https://bugs.webkit.org/process_bug.cgi

Patch by Saam Barati <sbarati@apple.com> on 2014-07-25
Reviewed by Mark Hahnenberg.

32-bit builds currently break because global variable IDs for high
fidelity type profiling are int64_t. Change this to intptr_t so that
it's 32 bits on 32-bit platforms and 64 bits on 64-bit platforms.

  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::CodeBlock):
(JSC::CodeBlock::scopeDependentProfile):

  • bytecode/TypeLocation.h:
  • runtime/SymbolTable.cpp:

(JSC::SymbolTable::uniqueIDForVariable):
(JSC::SymbolTable::uniqueIDForRegister):

  • runtime/SymbolTable.h:
  • runtime/TypeLocationCache.cpp:

(JSC::TypeLocationCache::getTypeLocation):

  • runtime/TypeLocationCache.h:
  • runtime/VM.h:

(JSC::VM::getNextUniqueVariableID):

13:07 Changeset [171610] by commit-queue@webkit.org

[Win][ANGLE] Enable D3D11.
https://bugs.webkit.org/show_bug.cgi?id=135296

Patch by peavo@outlook.com <peavo@outlook.com> on 2014-07-25
Reviewed by Alex Christensen.

Direct3D 11 is not enabled on Windows.

  • ANGLE.vcxproj/libGLESv2.vcxproj: Added files.
  • ANGLE.vcxproj/libGLESv2.vcxproj.filters: Ditto.
  • ANGLE.vcxproj/libGLESv2Common.props: Enable D3D11.
  • src/libGLESv2/precompiled.h: Header file does not exist, avoid include.
  • changes.diff: Updated diff.
12:39 Changeset [171609] by hyatt@apple.com

[New Multicolumn] RenderViews paginated as RL or LR don't handle percentage widths correctly.
REGRESSION: Images don’t scale to fit in page in vertical text books

https://bugs.webkit.org/show_bug.cgi?id=135204

Source/WebCore:
<rdar://problem/17043792>

Reviewed by Simon Fraser.

Added fast/multicol/pagination/RightToLeft-max-width.html

  • rendering/RenderView.cpp:

(WebCore::RenderView::availableLogicalHeight):
Put back in the same code that used to exist for the old columns (but ported to the new
columns).

LayoutTests:
<rdar://problem/17043792>

Reviewed by Simon Fraser.

  • fast/multicol/newmulticol/compare-with-old-impl/overflow-content-expected.html: Removed.
  • fast/multicol/newmulticol/compare-with-old-impl/overflow-content.html: Removed.
  • fast/multicol/pagination/RightToLeft-max-width.html: Added.
  • platform/mac/fast/multicol/pagination/RightToLeft-max-width-expected.png: Added.
  • platform/mac/fast/multicol/pagination/RightToLeft-max-width-expected.txt: Added.
12:08 Changeset [171608] by mitz@apple.com

[Mac] Unneeded MobileMe workaround in ResourceHandle::receivedCredential
https://bugs.webkit.org/show_bug.cgi?id=135297

Reviewed by Alexey Proskuryakov.

  • platform/network/mac/ResourceHandleMac.mm:

(WebCore::ResourceHandle::receivedCredential): Removed the site-specific behavior for
gallery.me.com.

12:07 Changeset [171607] by commit-queue@webkit.org

Unreviewed, rolling out r171480.
https://bugs.webkit.org/show_bug.cgi?id=135300

it broke replaced elements in pagination (Requested by dhyatt_
on #webkit).

Reverted changeset:

"Ensure we compute the min and max height of replaced elements
to 'none' or 0 when appropriate."
https://bugs.webkit.org/show_bug.cgi?id=135181
http://trac.webkit.org/changeset/171480

12:04 Changeset [171606] by mhahnenberg@apple.com

Reindent PropertyNameArray.h
https://bugs.webkit.org/show_bug.cgi?id=135067

Reviewed by Geoffrey Garen.

  • runtime/PropertyNameArray.h:

(JSC::RefCountedIdentifierSet::contains):
(JSC::RefCountedIdentifierSet::size):
(JSC::RefCountedIdentifierSet::add):
(JSC::PropertyNameArrayData::create):
(JSC::PropertyNameArrayData::propertyNameVector):
(JSC::PropertyNameArrayData::PropertyNameArrayData):
(JSC::PropertyNameArray::PropertyNameArray):
(JSC::PropertyNameArray::vm):
(JSC::PropertyNameArray::add):
(JSC::PropertyNameArray::addKnownUnique):
(JSC::PropertyNameArray::operator[]):
(JSC::PropertyNameArray::setData):
(JSC::PropertyNameArray::data):
(JSC::PropertyNameArray::releaseData):
(JSC::PropertyNameArray::identifierSet):
(JSC::PropertyNameArray::canAddKnownUniqueForStructure):
(JSC::PropertyNameArray::size):
(JSC::PropertyNameArray::begin):
(JSC::PropertyNameArray::end):
(JSC::PropertyNameArray::numCacheableSlots):
(JSC::PropertyNameArray::setNumCacheableSlotsForObject):
(JSC::PropertyNameArray::setBaseObject):
(JSC::PropertyNameArray::setPreviouslyEnumeratedLength):

11:46 Changeset [171605] by mhahnenberg@apple.com

Refactor our current implementation of for-in
https://bugs.webkit.org/show_bug.cgi?id=134142

Reviewed by Filip Pizlo.

Source/JavaScriptCore:
This patch splits for-in loops into three distinct parts:

  • Iterating over the indexed properties in the base object.
  • Iterating over the Structure properties in the base object.
  • Iterating over any other enumerable properties for that object and any objects in the prototype chain.


It does this by emitting these explicit loops in bytecode, using a new set of bytecodes to
support the various operations required for each loop.

  • API/JSCallbackObjectFunctions.h:

(JSC::JSCallbackObject<Parent>::getOwnNonIndexPropertyNames):

  • JavaScriptCore.xcodeproj/project.pbxproj:
  • bytecode/BytecodeList.json:
  • bytecode/BytecodeUseDef.h:

(JSC::computeUsesForBytecodeOffset):
(JSC::computeDefsForBytecodeOffset):

  • bytecode/CallLinkStatus.h:

(JSC::CallLinkStatus::CallLinkStatus):

  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::dumpBytecode):
(JSC::CodeBlock::CodeBlock):

  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::emitGetByVal):
(JSC::BytecodeGenerator::emitComplexPopScopes):
(JSC::BytecodeGenerator::emitGetEnumerableLength):
(JSC::BytecodeGenerator::emitHasGenericProperty):
(JSC::BytecodeGenerator::emitHasIndexedProperty):
(JSC::BytecodeGenerator::emitHasStructureProperty):
(JSC::BytecodeGenerator::emitGetStructurePropertyEnumerator):
(JSC::BytecodeGenerator::emitGetGenericPropertyEnumerator):
(JSC::BytecodeGenerator::emitNextEnumeratorPropertyName):
(JSC::BytecodeGenerator::emitToIndexString):
(JSC::BytecodeGenerator::pushIndexedForInScope):
(JSC::BytecodeGenerator::popIndexedForInScope):
(JSC::BytecodeGenerator::pushStructureForInScope):
(JSC::BytecodeGenerator::popStructureForInScope):
(JSC::BytecodeGenerator::invalidateForInContextForLocal):

  • bytecompiler/BytecodeGenerator.h:

(JSC::ForInContext::ForInContext):
(JSC::ForInContext::~ForInContext):
(JSC::ForInContext::isValid):
(JSC::ForInContext::invalidate):
(JSC::ForInContext::local):
(JSC::StructureForInContext::StructureForInContext):
(JSC::StructureForInContext::type):
(JSC::StructureForInContext::index):
(JSC::StructureForInContext::property):
(JSC::StructureForInContext::enumerator):
(JSC::IndexedForInContext::IndexedForInContext):
(JSC::IndexedForInContext::type):
(JSC::IndexedForInContext::index):
(JSC::BytecodeGenerator::pushOptimisedForIn): Deleted.
(JSC::BytecodeGenerator::popOptimisedForIn): Deleted.

  • bytecompiler/NodesCodegen.cpp:

(JSC::ReadModifyResolveNode::emitBytecode):
(JSC::AssignResolveNode::emitBytecode):
(JSC::ForInNode::tryGetBoundLocal):
(JSC::ForInNode::emitLoopHeader):
(JSC::ForInNode::emitMultiLoopBytecode):
(JSC::ForInNode::emitBytecode):

  • debugger/DebuggerScope.h:
  • dfg/DFGAbstractHeap.h:
  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::parseBlock):

  • dfg/DFGCapabilities.cpp:

(JSC::DFG::capabilityLevel):

  • dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

  • dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

  • dfg/DFGHeapLocation.cpp:

(WTF::printInternal):

  • dfg/DFGHeapLocation.h:
  • dfg/DFGNode.h:

(JSC::DFG::Node::hasHeapPrediction):
(JSC::DFG::Node::hasArrayMode):

  • dfg/DFGNodeType.h:
  • dfg/DFGPredictionPropagationPhase.cpp:

(JSC::DFG::PredictionPropagationPhase::propagate):

  • dfg/DFGSafeToExecute.h:

(JSC::DFG::safeToExecute):

  • dfg/DFGSpeculativeJIT.h:

(JSC::DFG::SpeculativeJIT::callOperation):

  • dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • jit/JIT.cpp:

(JSC::JIT::privateCompileMainPass):
(JSC::JIT::privateCompileSlowCases):

  • jit/JIT.h:

(JSC::JIT::compileHasIndexedProperty):
(JSC::JIT::emitInt32Load):

  • jit/JITInlines.h:

(JSC::JIT::emitDoubleGetByVal):
(JSC::JIT::emitLoadForArrayMode):
(JSC::JIT::emitContiguousGetByVal):
(JSC::JIT::emitArrayStorageGetByVal):

  • jit/JITOpcodes.cpp:

(JSC::JIT::emit_op_get_enumerable_length):
(JSC::JIT::emit_op_has_structure_property):
(JSC::JIT::emitSlow_op_has_structure_property):
(JSC::JIT::emit_op_has_generic_property):
(JSC::JIT::privateCompileHasIndexedProperty):
(JSC::JIT::emit_op_has_indexed_property):
(JSC::JIT::emitSlow_op_has_indexed_property):
(JSC::JIT::emit_op_get_direct_pname):
(JSC::JIT::emitSlow_op_get_direct_pname):
(JSC::JIT::emit_op_get_structure_property_enumerator):
(JSC::JIT::emit_op_get_generic_property_enumerator):
(JSC::JIT::emit_op_next_enumerator_pname):
(JSC::JIT::emit_op_to_index_string):

  • jit/JITOpcodes32_64.cpp:

(JSC::JIT::emit_op_get_enumerable_length):
(JSC::JIT::emit_op_has_structure_property):
(JSC::JIT::emitSlow_op_has_structure_property):
(JSC::JIT::emit_op_has_generic_property):
(JSC::JIT::privateCompileHasIndexedProperty):
(JSC::JIT::emit_op_has_indexed_property):
(JSC::JIT::emitSlow_op_has_indexed_property):
(JSC::JIT::emit_op_get_direct_pname):
(JSC::JIT::emitSlow_op_get_direct_pname):
(JSC::JIT::emit_op_get_structure_property_enumerator):
(JSC::JIT::emit_op_get_generic_property_enumerator):
(JSC::JIT::emit_op_next_enumerator_pname):
(JSC::JIT::emit_op_to_index_string):

  • jit/JITOperations.cpp:
  • jit/JITOperations.h:
  • jit/JITPropertyAccess.cpp:

(JSC::JIT::emitDoubleLoad):
(JSC::JIT::emitContiguousLoad):
(JSC::JIT::emitArrayStorageLoad):
(JSC::JIT::emitDoubleGetByVal): Deleted.
(JSC::JIT::emitContiguousGetByVal): Deleted.
(JSC::JIT::emitArrayStorageGetByVal): Deleted.

  • jit/JITPropertyAccess32_64.cpp:

(JSC::JIT::emitContiguousLoad):
(JSC::JIT::emitDoubleLoad):
(JSC::JIT::emitArrayStorageLoad):
(JSC::JIT::emitContiguousGetByVal): Deleted.
(JSC::JIT::emitDoubleGetByVal): Deleted.
(JSC::JIT::emitArrayStorageGetByVal): Deleted.

  • llint/LowLevelInterpreter.asm:
  • parser/Nodes.h:
  • runtime/Arguments.cpp:

(JSC::Arguments::getOwnPropertyNames):

  • runtime/ClassInfo.h:
  • runtime/CommonSlowPaths.cpp:

(JSC::SLOW_PATH_DECL):

  • runtime/CommonSlowPaths.h:
  • runtime/EnumerationMode.h: Added.

(JSC::shouldIncludeDontEnumProperties):
(JSC::shouldExcludeDontEnumProperties):
(JSC::shouldIncludeJSObjectPropertyNames):
(JSC::modeThatSkipsJSObject):

  • runtime/JSActivation.cpp:

(JSC::JSActivation::getOwnNonIndexPropertyNames):

  • runtime/JSArray.cpp:

(JSC::JSArray::getOwnNonIndexPropertyNames):

  • runtime/JSArrayBuffer.cpp:

(JSC::JSArrayBuffer::getOwnNonIndexPropertyNames):

  • runtime/JSArrayBufferView.cpp:

(JSC::JSArrayBufferView::getOwnNonIndexPropertyNames):

  • runtime/JSCell.cpp:

(JSC::JSCell::getEnumerableLength):
(JSC::JSCell::getStructurePropertyNames):
(JSC::JSCell::getGenericPropertyNames):

  • runtime/JSCell.h:
  • runtime/JSFunction.cpp:

(JSC::JSFunction::getOwnNonIndexPropertyNames):

  • runtime/JSGenericTypedArrayViewInlines.h:

(JSC::JSGenericTypedArrayView<Adaptor>::getOwnNonIndexPropertyNames):

  • runtime/JSObject.cpp:

(JSC::getClassPropertyNames):
(JSC::JSObject::hasOwnProperty):
(JSC::JSObject::getOwnPropertyNames):
(JSC::JSObject::getOwnNonIndexPropertyNames):
(JSC::JSObject::getEnumerableLength):
(JSC::JSObject::getStructurePropertyNames):
(JSC::JSObject::getGenericPropertyNames):

  • runtime/JSObject.h:
  • runtime/JSPropertyNameEnumerator.cpp: Added.

(JSC::JSPropertyNameEnumerator::create):
(JSC::JSPropertyNameEnumerator::JSPropertyNameEnumerator):
(JSC::JSPropertyNameEnumerator::finishCreation):
(JSC::JSPropertyNameEnumerator::destroy):
(JSC::JSPropertyNameEnumerator::visitChildren):

  • runtime/JSPropertyNameEnumerator.h: Added.

(JSC::JSPropertyNameEnumerator::createStructure):
(JSC::JSPropertyNameEnumerator::propertyNameAtIndex):
(JSC::JSPropertyNameEnumerator::identifierSet):
(JSC::JSPropertyNameEnumerator::cachedPrototypeChain):
(JSC::JSPropertyNameEnumerator::setCachedPrototypeChain):
(JSC::JSPropertyNameEnumerator::cachedStructure):
(JSC::JSPropertyNameEnumerator::cachedStructureID):
(JSC::JSPropertyNameEnumerator::cachedInlineCapacity):
(JSC::JSPropertyNameEnumerator::cachedStructureIDOffset):
(JSC::JSPropertyNameEnumerator::cachedInlineCapacityOffset):
(JSC::JSPropertyNameEnumerator::cachedPropertyNamesLengthOffset):
(JSC::JSPropertyNameEnumerator::cachedPropertyNamesVectorOffset):
(JSC::structurePropertyNameEnumerator):
(JSC::genericPropertyNameEnumerator):

  • runtime/JSProxy.cpp:

(JSC::JSProxy::getEnumerableLength):
(JSC::JSProxy::getStructurePropertyNames):
(JSC::JSProxy::getGenericPropertyNames):

  • runtime/JSProxy.h:
  • runtime/JSSymbolTableObject.cpp:

(JSC::JSSymbolTableObject::getOwnNonIndexPropertyNames):

  • runtime/PropertyNameArray.cpp:

(JSC::PropertyNameArray::add):
(JSC::PropertyNameArray::setPreviouslyEnumeratedProperties):

  • runtime/PropertyNameArray.h:

(JSC::RefCountedIdentifierSet::contains):
(JSC::RefCountedIdentifierSet::size):
(JSC::RefCountedIdentifierSet::add):
(JSC::PropertyNameArray::PropertyNameArray):
(JSC::PropertyNameArray::add):
(JSC::PropertyNameArray::addKnownUnique):
(JSC::PropertyNameArray::identifierSet):
(JSC::PropertyNameArray::canAddKnownUniqueForStructure):
(JSC::PropertyNameArray::setPreviouslyEnumeratedLength):

  • runtime/RegExpObject.cpp:

(JSC::RegExpObject::getOwnNonIndexPropertyNames):
(JSC::RegExpObject::getPropertyNames):
(JSC::RegExpObject::getGenericPropertyNames):

  • runtime/RegExpObject.h:
  • runtime/StringObject.cpp:

(JSC::StringObject::getOwnPropertyNames):

  • runtime/Structure.cpp:

(JSC::Structure::getPropertyNamesFromStructure):
(JSC::Structure::setCachedStructurePropertyNameEnumerator):
(JSC::Structure::cachedStructurePropertyNameEnumerator):
(JSC::Structure::setCachedGenericPropertyNameEnumerator):
(JSC::Structure::cachedGenericPropertyNameEnumerator):
(JSC::Structure::canCacheStructurePropertyNameEnumerator):
(JSC::Structure::canCacheGenericPropertyNameEnumerator):
(JSC::Structure::canAccessPropertiesQuickly):

  • runtime/Structure.h:
  • runtime/StructureRareData.cpp:

(JSC::StructureRareData::visitChildren):
(JSC::StructureRareData::cachedStructurePropertyNameEnumerator):
(JSC::StructureRareData::setCachedStructurePropertyNameEnumerator):
(JSC::StructureRareData::cachedGenericPropertyNameEnumerator):
(JSC::StructureRareData::setCachedGenericPropertyNameEnumerator):

  • runtime/StructureRareData.h:
  • runtime/VM.cpp:

(JSC::VM::VM):

  • runtime/VM.h:

Source/WebCore:
No new tests.

This patch splits for-in loops into three distinct parts:

  • Iterating over the indexed properties in the base object.
  • Iterating over the Structure properties in the base object.
  • Iterating over any other enumerable properties for that object and any objects in the prototype chain.


It does this by emitting these explicit loops in bytecode, using a new set of bytecodes to
support the various operations required for each loop.

  • bindings/js/JSDOMWindowCustom.cpp:

(WebCore::JSDOMWindow::getEnumerableLength):
(WebCore::JSDOMWindow::getStructurePropertyNames):
(WebCore::JSDOMWindow::getGenericPropertyNames):

  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateHeader):

  • bridge/runtime_array.cpp:

(JSC::RuntimeArray::getOwnPropertyNames):

Source/WebKit2:

  • WebProcess/Plugins/Netscape/JSNPObject.cpp:

(WebKit::JSNPObject::invalidate): Fixed an invalid ASSERT that was crashing in debug builds.

10:53 Changeset [171604] by lforschler@apple.com

Merged r171578. <rdar://problem/17811466>

10:52 Changeset [171603] by lforschler@apple.com

Merged r171578. <rdar://problem/17811466>

10:50 Changeset [171602] by lforschler@apple.com

Merged r171578. <rdar://problem/17805592>

10:39 Changeset [171601] by commit-queue@webkit.org

Unreviewed, rolling out r171587.
https://bugs.webkit.org/show_bug.cgi?id=135294

Made fast/dom/HTMLObjectElement/beforeload-set-text-
crash.xhtml crash again (Requested by ap on #webkit).

Reverted changeset:

"REGRESSION (r169105): Crash in selection"
https://bugs.webkit.org/show_bug.cgi?id=134303
http://trac.webkit.org/changeset/171587

09:41 Changeset [171600] by mitz@apple.com

ResourceErrorBase::compare doesn’t call the right platformCompare override
https://bugs.webkit.org/show_bug.cgi?id=135240

Reviewed by Alexey Proskuryakov.

  • platform/network/ResourceErrorBase.cpp:

(WebCore::ResourceErrorBase::compare): Changed to call ResourceError::platformCompare.

  • platform/network/cf/ResourceError.h: Made platformCompare public.
  • platform/network/soup/ResourceError.h: Ditto.
09:39 Changeset [171599] by mitz@apple.com

[Cocoa] WebProtectionSpace::receivesCredentialSecurely incorrectly returns false in some cases
https://bugs.webkit.org/show_bug.cgi?id=135241

Reviewed by Alexey Proskuryakov.

  • WebCore.exp.in: Export ProtectionSpace::receivesCredentialSecurely.
  • platform/network/cocoa/ProtectionSpaceCocoa.h: Declare override of receivesCredentialSecurely.
  • platform/network/cocoa/ProtectionSpaceCocoa.mm:

(WebCore::ProtectionSpace::receivesCredentialSecurely): Use -[NSURLProtectionSpace receivesCredentialSecurely].

09:18 Changeset [171598] by commit-queue@webkit.org

[GTK] CMake tries to install JavaScriptCore-3.0.gir outside of install prefix
https://bugs.webkit.org/show_bug.cgi?id=135288

Patch by Michael Catanzaro <mcatanzaro@igalia.com> on 2014-07-25
Reviewed by Martin Robinson.

  • Source/cmake/FindGObjectIntrospection.cmake: pass correct libdir and

datadir to pkgconfig

  • Source/cmake/OptionsGTK.cmake: define install directories early

enough to be used in FindGObjectIntrospection.cmake

08:33 Changeset [171597] by lforschler@apple.com

Merged r171593. <rdar://problem/16878037>

08:32 Changeset [171596] by lforschler@apple.com

Merged r171593. <rdar://problem/16878037>

08:21 Changeset [171595] by zalan@apple.com

Unreviewed media test gardening after r171593.

  • platform/mac/http/tests/media/hls/video-controls-live-stream-expected.txt:
08:08 Changeset [171594] by commit-queue@webkit.org

Add --dry-run option to sort-export-file
https://bugs.webkit.org/show_bug.cgi?id=135048

Patch by Renato Nagy <nagy.renato@stud.u-szeged.hu> on 2014-07-25
Reviewed by Csaba Osztrogonác.

Added --dry-run option to sort-export-file. Running the script with --dry-run
option does not sort the export files but creates a list of the files that
need to be sorted.

  • Scripts/sort-export-file:

(sawError):

07:47 Changeset [171593] by zalan@apple.com

Subpixel rendering: iOS video playback controls look blurry.
https://bugs.webkit.org/show_bug.cgi?id=135245
<rdar://problem/16878037>

Reviewed by Simon Fraser.

This patch introduces a compositing parent of the overlay control panel so that
the transformed overlay panel becomes sharp. This is a workaround for webkit.org/b/135246.

Can't find a way to test it yet.

Source/WebCore:

  • Modules/mediacontrols/mediaControlsApple.css:

(video::-webkit-media-controls-panel-composited-parent):

  • Modules/mediacontrols/mediaControlsApple.js:

(Controller.prototype.createControls):
(Controller.prototype.addControls):

  • Modules/mediacontrols/mediaControlsiOS.css:

(video::-webkit-media-controls-panel-composited-parent):

  • Modules/mediacontrols/mediaControlsiOS.js: This is a workaround for webkit.org/b/135248

It pushes the overlay panel down to close the gap with the video element. Since the
panel's size in css pixels is scale dependent, the gap needs to be scale dependent too.
(ControllerIOS.prototype.set pageScaleFactor):

LayoutTests:

  • platform/mac/fast/hidpi/video-controls-in-hidpi-expected.txt:
  • platform/mac/fast/layers/video-layer-expected.txt:
  • platform/mac/media/audio-controls-rendering-expected.txt:
  • platform/mac/media/controls-after-reload-expected.txt:
  • platform/mac/media/controls-strict-expected.txt:
  • platform/mac/media/controls-without-preload-expected.txt:
  • platform/mac/media/media-controls-clone-expected.txt:
  • platform/mac/media/video-no-audio-expected.txt:
04:01 Changeset [171592] by krit@webkit.org

Unreviewed rebaseline of test. Uploaded wrong result.

Patch by Dirk Schulze <krit@webkit.org> on 2014-07-25

  • svg/css/parse-length-expected.txt:
02:52 Changeset [171591] by krit@webkit.org

Turn x/y to presentation attributes
https://bugs.webkit.org/show_bug.cgi?id=135215

Source/WebCore:
Patch by Dirk Schulze <krit@webkit.org> on 2014-07-24
Reviewed by Dean Jackson.

This follows the patch for width and height presentation attributes and
turns x and y to presentation attributes as well:

http://trac.webkit.org/changeset/171341

Tests: svg/css/parse-length.html

transitions/svg-layout-transition.html

Added copyright where I forgot it in previous patch.

  • css/CSSComputedStyleDeclaration.cpp: Computed style of x and y.

(WebCore::ComputedStyleExtractor::propertyValue):

  • css/CSSParser.cpp:

(WebCore::isSimpleLengthPropertyID): Add x and y to list.

  • css/DeprecatedStyleBuilder.cpp:

(WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder): Resolve x and y.

  • css/SVGCSSParser.cpp:

(WebCore::CSSParser::parseSVGValue): Parse x and y property.

  • css/SVGCSSPropertyNames.in: Add x and y to list of names.
  • css/StyleResolver.h:
  • page/animation/CSSPropertyAnimation.cpp: Animate x and y as Length.

(WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap):

  • rendering/style/RenderStyle.h: Add x and y setters and getters.
  • rendering/style/SVGRenderStyle.cpp: Add x and y setters for StyleLayoutData.

(WebCore::SVGRenderStyle::SVGRenderStyle):
(WebCore::SVGRenderStyle::operator==):
(WebCore::SVGRenderStyle::copyNonInheritedFrom):
(WebCore::SVGRenderStyle::diff):

  • rendering/style/SVGRenderStyle.h:

(WebCore::SVGRenderStyle::setX):
(WebCore::SVGRenderStyle::setY):
(WebCore::SVGRenderStyle::x):
(WebCore::SVGRenderStyle::y):

  • rendering/style/SVGRenderStyleDefs.cpp: Add StyleLayoutData for style storing.

(WebCore::StyleLayoutData::StyleLayoutData):
(WebCore::StyleLayoutData::copy):
(WebCore::StyleLayoutData::operator==):

  • rendering/style/SVGRenderStyleDefs.h:

(WebCore::StyleLayoutData::create):
(WebCore::StyleLayoutData::operator!=):

  • rendering/svg/RenderSVGRect.cpp:

(WebCore::RenderSVGRect::updateShapeFromElement):

  • rendering/svg/SVGPathData.cpp: Use RenderStyle values rather than attribute values.

(WebCore::updatePathFromRectElement):

  • svg/SVGAnimationElement.cpp:

(WebCore::SVGAnimationElement::isTargetAttributeCSSProperty): Fix text detection.

  • svg/SVGElement.cpp: Add x and y to the relevant property lists.

(WebCore::populateAttributeNameToCSSPropertyIDMap):
(WebCore::populateCSSPropertyWithSVGDOMNameToAnimatedPropertyTypeMap):

  • svg/SVGFilterElement.cpp: Style update on change of x and y.

(WebCore::SVGFilterElement::svgAttributeChanged):

  • svg/SVGMaskElement.cpp: Ditto.

(WebCore::SVGMaskElement::svgAttributeChanged):

  • svg/SVGPatternElement.cpp: Ditto.

(WebCore::SVGPatternElement::svgAttributeChanged):

  • svg/SVGRectElement.cpp: Ditto.

(WebCore::SVGRectElement::svgAttributeChanged):

  • svg/SVGTextPositioningElement.cpp: Exclude x and y of text elements since they

are lists instead of individual values. Solution about to be discussed
in the WG. Keep current behavior for now.

(WebCore::SVGTextPositioningElement::collectStyleForPresentationAttribute):
(WebCore::SVGTextPositioningElement::isPresentationAttribute):

  • svg/SVGTextPositioningElement.h:

LayoutTests:
Test parsing of x and y attributes. Rendering and SVG animation
covered by existing tests.
CSS Transition test, test transition from specified attribute value
to new property value.

Patch by Dirk Schulze <krit@webkit.org> on 2014-07-24
Reviewed by Dean Jackson.

  • svg/css/parse-length-expected.txt: Added.
  • svg/css/parse-length.html: Renamed from LayoutTests/svg/css/parse-width.html.
  • svg/css/parse-width-expected.txt: Removed.
  • transitions/svg-layout-transition-expected.txt: Added.
  • transitions/svg-layout-transition.html: Added.
00:17 Changeset [171590] by lforschler@apple.com

Versioning.

00:12 Changeset [171589] by lforschler@apple.com

New Tag.

07/24/14: Yesterday

23:58 Changeset [171588] by utatane.tea@gmail.com

CSS JIT: Implement Pseudo Element
https://bugs.webkit.org/show_bug.cgi?id=134835

Reviewed by Benjamin Poulain.

Implement Pseudo Element handling for CSS JIT SelectorCompiler.
At first, we start with the simple implementation. We handle limited number of pseudo element,
before, after, first-line, first-letter.

Source/WebCore:
Tests: fast/selectors/pseudo-element-inside-any.html

fast/selectors/querySelector-pseudo-element-inside-functional-pseudo-class-any.html
fast/selectors/querySelector-pseudo-element-inside-functional-pseudo-class-not.html
fast/selectors/querySelector-pseudo-element.html

  • css/ElementRuleCollector.cpp:

(WebCore::ElementRuleCollector::ruleMatches):

  • css/SelectorChecker.cpp:

(WebCore::SelectorChecker::matchRecursively):

  • cssjit/SelectorCompiler.cpp:

(WebCore::SelectorCompiler::SelectorFragment::SelectorFragment):
(WebCore::SelectorCompiler::constructFragments):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateSelectorChecker):
(WebCore::SelectorCompiler::SelectorCodeGenerator::loadCheckingContext):
(WebCore::SelectorCompiler::SelectorCodeGenerator::branchOnResolvingModeWithCheckingContext):
(WebCore::SelectorCompiler::SelectorCodeGenerator::branchOnResolvingMode):
(WebCore::SelectorCompiler::SelectorCodeGenerator::jumpIfNotResolvingStyle):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementMatching):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsActive):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsHovered):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementHasPseudoElement):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateRequestedPseudoElementEqualsToSelectorPseudoElement):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateMarkPseudoStyleForPseudoElement):

  • cssjit/SelectorCompiler.h:
  • rendering/style/RenderStyle.h:
  • rendering/style/RenderStyleConstants.h:

LayoutTests:

  • fast/selectors/pseudo-element-inside-any-expected.html: Added.
  • fast/selectors/pseudo-element-inside-any.html: Added.

Inside functional pseudo classes such as ":-webkit-any", when pseudo element comes (e.g. ":-webkit-any(::first-letter)"),
it produces a local failure. So if the other selectors are matched against the element, whole ":-webkit-any" succeeds.
For example, a selector ":-webkit-any(::first-letter, p)" matches against p elements.

  • fast/selectors/querySelector-pseudo-element-expected.txt: Added.
  • fast/selectors/querySelector-pseudo-element-inside-functional-pseudo-class-any-expected.txt: Added.
  • fast/selectors/querySelector-pseudo-element-inside-functional-pseudo-class-any.html: Added.
  • fast/selectors/querySelector-pseudo-element-inside-functional-pseudo-class-not-expected.txt: Added.
  • fast/selectors/querySelector-pseudo-element-inside-functional-pseudo-class-not.html: Added.
  • fast/selectors/querySelector-pseudo-element.html: Added.
23:24 Changeset [171587] by abucur@adobe.com

REGRESSION (r169105): Crash in selection
https://bugs.webkit.org/show_bug.cgi?id=134303

Patch by Radu Stavila <stavila@adobe.com> on 2014-07-24
Reviewed by David Hyatt.

Source/WebCore:

When splitting the selection between different subtrees, all subtrees must have their selection cleared before
starting to apply the new selection. Otherwise, when selecting objects in a named flow thread and going up
its containing block chain, we can end up in the view's selection root, which has not yet been updated and so
we get inconsistent data.

To achieve this goal, the selection update was split into a "clear" and an "apply" method. The updateSelectionForSubtrees
method first iterates through all subtrees and performs the "clear" method and then starts all over again
and performs the "apply" method.

Test: fast/regions/selection/crash-deselect.html

  • WebCore.xcodeproj/project.pbxproj:
  • rendering/RenderSelectionInfo.h:
  • rendering/RenderView.cpp:

(WebCore::RenderView::setSelection):
(WebCore::RenderView::splitSelectionBetweenSubtrees):
(WebCore::RenderView::updateSelectionForSubtrees): Added, clears and re-applies selection for all selection subtrees.
(WebCore::RenderView::clearSubtreeSelection): Added, clears selection and returns previously selected information.
(WebCore::RenderView::applySubtreeSelection): Added, updates the selection status of all objects inside the selection tree, compares old and new data and repaints accordingly.
(WebCore::RenderView::setSubtreeSelection): Deleted.

  • rendering/RenderView.h:
  • rendering/SelectionSubtreeRoot.cpp:

(WebCore::SelectionSubtreeRoot::SelectionSubtreeRoot):

  • rendering/SelectionSubtreeRoot.h:

(WebCore::SelectionSubtreeRoot::OldSelectionData::OldSelectionData):

LayoutTests:

Added test for the crash that occurred in some cases when selecting.

  • fast/regions/selection/crash-deselect-expected.txt: Added.
  • fast/regions/selection/crash-deselect.html: Added.
23:13 Changeset [171586] by lforschler@apple.com

Merged r171471. <rdar://problem/17764847>

23:10 Changeset [171585] by lforschler@apple.com

Merged r171203. <rdar://problem/17617282>

23:06 Changeset [171584] by lforschler@apple.com

Merged r171580. <rdar://problem/17748416>

23:04 Changeset [171583] by lforschler@apple.com

Merged r171577. <rdar://problem/17803347>

23:02 Changeset [171582] by lforschler@apple.com

Merged r171576. <rdar://problem/17804891>

23:00 Changeset [171581] by lforschler@apple.com

Merged r171575. <rdar://problem/17784826>

21:51 Changeset [171580] by rniwa@webkit.org

REGRESSION(r164401): Placing a caret doesn't bring up autocorrection panel
https://bugs.webkit.org/show_bug.cgi?id=135278

Reviewed by Tim Horton.

The bug was caused by editorUIUpdateTimerFired calling respondToChangedSelection only if the selection was
triggered by dictation instead of only if it was NOT triggered by dictation.

Prior to r164401, AlternativeTextController::respondToMarkerAtEndOfWord exited early when SetSelectionOptions
had DictationTriggered set. r164401 intended to move this check to editorUIUpdateTimerFired to avoid passing
options around but the boolean condition was erroneously flipped.

Fixed the bug by negating the condition in editorUIUpdateTimerFired.

No new tests for now since autocorrection panel cannot be tested automatically. (We should really automate this!)

  • editing/Editor.cpp:

(WebCore::Editor::editorUIUpdateTimerFired):

21:27 Changeset [171579] by psolanki@apple.com

REGRESSION(r171526): [GTK] Massive crashes.
https://bugs.webkit.org/show_bug.cgi?id=135283

Unreviewed. GTK build fix after r171526. Initialize m_buffer in SharedBuffer constructor.

  • platform/soup/SharedBufferSoup.cpp:

(WebCore::SharedBuffer::SharedBuffer):

20:12 Changeset [171578] by bfulgham@apple.com

[Win] Correct build order in JavaScriptCore.submit.sln
https://bugs.webkit.org/show_bug.cgi?id=135282
<rdar://problem/17805592>

Unreviewed build fix.

  • JavaScriptCore.vcxproj/JavaScriptCore.submit.sln: Correct build order

such that LLIntDesiredOffset is built prior to the rest of JSC.

20:12 Changeset [171577] by timothy_horton@apple.com

Crashes under scanSelectionForTelephoneNumbers in Range::text() on some sites
https://bugs.webkit.org/show_bug.cgi?id=135281
<rdar://problem/17803347>

Reviewed by Ryosuke Niwa.

  • editing/Editor.cpp:

(WebCore::Editor::scanSelectionForTelephoneNumbers):
toNormalizedRange is not guaranteed to return a non-null range.
If it returns null, pass the empty markedRanges down to the client as our new set.

20:00 Changeset [171576] by benjamin@webkit.org

[iOS][WK2] Do not try to hit test a null mainFrameRenderView on dynamicViewportSizeUpdate()
https://bugs.webkit.org/show_bug.cgi?id=135277
<rdar://problem/17804891>

Patch by Benjamin Poulain <bpoulain@apple.com> on 2014-07-24
Reviewed by Tim Horton.

  • WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::WebPage::dynamicViewportSizeUpdate):
There is no guarantee that the main frame have its root view when performing a dynamicViewportSizeUpdate(),
we should not attempt to use the layer without null checking it first.

The odd part for me is <rdar://problem/17804891> is a little too frequent. In the vast majority of cases,
there is a RenderView, it seems actually pretty hard not to have one on dynamicViewportSizeUpdate().

Skipping hit testing is safe because it is a completely optional part of this algorithm.
When the hit test is not done, the new position is computed based on the relative position prior to
the size change.

19:26 Changeset [171575] by psolanki@apple.com

[iOS] Remove prefs to tweak cache values
https://bugs.webkit.org/show_bug.cgi?id=135274
<rdar://problem/17784826>

Reviewed by Alexey Proskuryakov.

Remove iOS specific code that used to look up user defaults to see if any cache values were
overridden. This was added for testing, is not used any more and is actually harmful now. It
can cause unnecessary memory churn when under memory pressure since we call [WebView _setCacheModel]
as a means to clear out memory cache.

  • WebView/WebPreferenceKeysPrivate.h:
  • WebView/WebPreferences.mm:

(+[WebPreferences initialize]):
(-[WebPreferences _setNSURLMemoryCacheSize:]): Deleted.
(-[WebPreferences _NSURLMemoryCacheSize]): Deleted.
(-[WebPreferences _setNSURLDiskCacheSize:]): Deleted.
(-[WebPreferences _NSURLDiskCacheSize]): Deleted.

  • WebView/WebPreferencesPrivate.h:
  • WebView/WebView.mm:

(+[WebView _setCacheModel:]):

18:31 Changeset [171574] by mitz@apple.com

Source/WebCore: WebCore part of <rdar://problem/17593701> Assertion failure in WebPage::reload (!m_pendingNavigationID) when reloading after a same-document back navigation
https://bugs.webkit.org/show_bug.cgi?id=135129

Reviewed by Darin Adler.

  • WebCore.exp.in: Exported equalIgnoringFragmentIdentifier(const URL&, const URL&).

Source/WebKit2: WebKit2 part of <rdar://problem/17593701> Assertion failure in WebPage::reload (!m_pendingNavigationID) when reloading after a same-document back navigation
https://bugs.webkit.org/show_bug.cgi?id=135129

Reviewed by Darin Adler.

  • Shared/WebBackForwardListItem.cpp:

(WebKit::childItemWithDocumentSequenceNumber): New helper function based on
WebCore::HistoryItem::childItemWithDocumentSequenceNumber.
(WebKit::documentTreesAreEqual): New helper function based on
WebCore::HistoryItem::hasSameDocumentTree.
(WebKit::WebBackForwardListItem::itemIsInSameDocument): Added. Based on
WebCore::HistoryItem::shouldDoSameDocumentNavigationTo.

  • Shared/WebBackForwardListItem.h:
  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::goForward): Don’t assign a new navigation ID if the back-forward
navigation is a same-document navigation.
(WebKit::WebPageProxy::goBack): Ditto.
(WebKit::WebPageProxy::goToBackForwardItem): Ditto.

18:18 Changeset [171573] by lforschler@apple.com

Merged r171567. <rdar://problem/17781423>

18:16 Changeset [171572] by lforschler@apple.com

Merged r171570. <rdar://problem/17803170>

18:12 Changeset [171571] by lforschler@apple.com

Merged r171564. <rdar://problem/17757800>

18:11 Changeset [171570] by timothy_horton@apple.com

Sometimes WKWebView is blank after resuming the app, until you scroll
https://bugs.webkit.org/show_bug.cgi?id=135275
<rdar://problem/17803170>

Reviewed by Benjamin Poulain.

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::dispatchViewStateChange):
If the UI process is waiting for a didUpdateViewState, we need to *always*
get a reply from the Web Process, so dispatchViewStateChange should *always*
send SetViewState even if nothing changed (so that we get the reply).

18:08 Changeset [171569] by lforschler@apple.com

Merged r171561. <rdar://problem/16591706>

18:05 Changeset [171568] by lforschler@apple.com

Merged r171560. <rdar://problem/17542454>

18:05 Changeset [171567] by simon.fraser@apple.com

[iOS WK1] CSS viewport units use the wrong viewport size in WebKit1
https://bugs.webkit.org/show_bug.cgi?id=135254
<rdar://problem/17781423>

Reviewed by Tim Horton.

Source/WebCore:

Test: fast/css/viewport-units-dynamic.html

In WebKit1 on iOS, we want to resolve viewport units against the visible
viewport, not the legacy WK1 notion of the "viewport" which is the entire document.

Fixes rendering of medium.com articles in WK1 views on iPad.

  • page/FrameView.cpp:

(WebCore::FrameView::viewportSizeForCSSViewportUnits):

LayoutTests:

New test that ensures that viewport units are resolved against the correct
viewport size after the first style recalc.

  • fast/css/viewport-units-dynamic.html: Added.
  • platform/mac/fast/css/viewport-units-dynamic-expected.txt: Added.
18:03 Changeset [171566] by lforschler@apple.com

Merged r171559. <rdar://problem/17598815>

17:59 Changeset [171565] by lforschler@apple.com

Merged r171558. <rdar://problem/17041912>

17:59 Changeset [171564] by mark.lam@apple.com

JSWrapperMap's jsWrapperForObject() needs to keep weak prototype and constructors from being GCed.
<https://webkit.org/b/135258>

Reviewed by Mark Hahnenberg.

Where needed, we cache the prototype object pointer in a stack local var.
This allows it to be scanned by the GC, and hence be kept alive until
we use it. The constructor object will in turn be kept alive by the
prototype object.

Also added some comments to warn against future code additions that could
regress this issue.

  • API/JSWrapperMap.mm:

(-[JSObjCClassInfo allocateConstructorAndPrototypeWithSuperClassInfo:]):
(-[JSObjCClassInfo reallocateConstructorAndOrPrototype]):
(-[JSObjCClassInfo wrapperForObject:]):
(-[JSObjCClassInfo constructor]):

17:57 Changeset [171563] by lforschler@apple.com

Merged r171505. <rdar://problem/17713033>

17:53 Changeset [171562] by lforschler@apple.com

Merged r171543. <rdar://problem/17706699>

17:27 Changeset [171561] by mmaxfield@apple.com

Crash when measuring a glyphs from a fallback SVG font
https://bugs.webkit.org/show_bug.cgi?id=135264

Reviewed by Simon Fraser.

Source/WebCore:
We can't realize font data for all fallback fonts ahead
of time, but we don't have all the necessary context to
realize SVG fallback data when it's needed. For now, we
can just bail; however, a larger, more invasive fix is
in order.

Test: svg/text/svg-fallback-font-crash.html

  • platform/graphics/WidthIterator.cpp:

(WebCore::applyFontTransforms):

LayoutTests:
Render some text with a fallback SVG Font including a glyph which
only exists in that fallback font. Make sure there is no crash.

  • svg/text/resources/Litherum.svg:
  • svg/text/svg-fallback-font-crash-expected.txt: Added.
  • svg/text/svg-fallback-font-crash.html: Added.
17:24 Changeset [171560] by simon.fraser@apple.com

[iOS WK2] Header bar on nytimes articles lands in the wrong place after rubberbanding
https://bugs.webkit.org/show_bug.cgi?id=135221
<rdar://problem/17542454>

Reviewed by Benjamin Poulain.

The call to didCommitLayerTree() can cause one or two visible rect updates,
via changes to the UIScrollView contentSize and contentOffset. As a result, we
would notify the scrolling tree about a viewport change, but using the old
scrolling tree rather than the new one, so we could move layers around for
nodes which are about to be removed from the tree.

However, we also have to ensure that programmatic scrolls are applied after
didCommitLayerTree() has updated the view size, so have RemoteScrollingCoordinatorProxy
store data about programmatic scrolls and return them to the caller, which
can apply them after didCommitLayerTree().

  • UIProcess/Scrolling/RemoteScrollingCoordinatorProxy.cpp: Store a pointer to a RequestedScrollInfo

for the duration of the tree update, so that we can store requested scroll info in it.
(WebKit::RemoteScrollingCoordinatorProxy::RemoteScrollingCoordinatorProxy):
(WebKit::RemoteScrollingCoordinatorProxy::updateScrollingTree):
(WebKit::RemoteScrollingCoordinatorProxy::scrollingTreeNodeRequestsScroll):

  • UIProcess/Scrolling/RemoteScrollingCoordinatorProxy.h:
  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::didCommitLayerTree): Give Mac a stub implementation.

  • UIProcess/WebPageProxy.h: Group some editing-related functions together.

(WebKit::WebPageProxy::editorState):
(WebKit::WebPageProxy::canDelete):
(WebKit::WebPageProxy::hasSelectedRange):
(WebKit::WebPageProxy::isContentEditable):
(WebKit::WebPageProxy::maintainsInactiveSelection):

  • UIProcess/mac/RemoteLayerTreeDrawingAreaProxy.mm:

(WebKit::RemoteLayerTreeDrawingAreaProxy::commitLayerTree): Ordering change: update
the layer tree, then call didCommitLayerTree(), then do the viewport update, followed
by any programmatic scroll.

17:15 Changeset [171559] by dbates@webkit.org

And Alexey Proskuryakov <ap@apple.com>

[iOS] REGRESSION (WebKit2): Can't login to Wordpress.com, facebook.com when always allowing cookies
https://bugs.webkit.org/show_bug.cgi?id=135273
<rdar://problem/17598815>

Reviewed by Alexey Proskuryakov.

Fixes an issue where cookies may be created in the wrong cookie store.

Currently, when we update the CFURLRequest object associated with a ResourceRequest object
we explicitly set a cookie storage, cookie accept policy, and SSL properties based on the
corresponding values in the old CFURLRequest object (if we have one). This ultimately leads
to CFNetwork associating the cookies for the request with a different cookie store when we
handle the request in the NetworkProcess. Instead, we shouldn't set these properties
explicitly as we already copy them implicitly earlier (via CFURLRequestCreateMutableCopy()).

  • platform/network/cf/ResourceRequestCFNet.cpp:

(WebCore::ResourceRequest::doUpdatePlatformRequest):

16:56 Changeset [171558] by joepeck@webkit.org

JSLock release should only modify the AtomicStringTable if it modified in acquire
https://bugs.webkit.org/show_bug.cgi?id=135143

Reviewed by Darin Adler.

  • runtime/JSLock.cpp:

(JSC::JSLock::JSLock):
Initialize the member variable to nullptr.

(JSC::JSLock::willDestroyVM):
Update style to use nullptr instead of 0.

(JSC::JSLock::willReleaseLock):
We should only reset the thread data's atomic string table if
didAcquireLock changed it. m_entryAtomicStringTable will have
been set by didAcquireLock if it changed, or nullptr if it didn't.
This way we are sure we are balanced, regardless of m_vm changes.

16:50 Changeset [171557] by commit-queue@webkit.org

Rename feature flag for long-press gesture on Mac.

Source/JavaScriptCore:
https://bugs.webkit.org/show_bug.cgi?id=135259

Patch by Peyton Randolph <prandolph@apple.com> on 2014-07-24
Reviewed by Beth Dakin.

  • Configurations/FeatureDefines.xcconfig:

Rename LINK_LONG_PRESS to MAC_LONG_PRESS.

Source/WebCore:
https://bugs.webkit.org/show_bug.cgi?id=135259

Patch by Peyton Randolph <prandolph@apple.com> on 2014-07-24
Reviewed by Beth Dakin.

  • Configurations/FeatureDefines.xcconfig:

Rename LINK_LONG_PRESS to MAC_LONG_PRESS.

Source/WebKit/mac:
https://bugs.webkit.org/show_bug.cgi?id=135259

Patch by Peyton Randolph <prandolph@apple.com> on 2014-07-24
Reviewed by Beth Dakin.

  • Configurations/FeatureDefines.xcconfig:

Rename LINK_LONG_PRESS to MAC_LONG_PRESS.

Source/WebKit2:
https://bugs.webkit.org/show_bug.cgi?id=135259

Patch by Peyton Randolph <prandolph@apple.com> on 2014-07-24
Reviewed by Beth Dakin.

  • Configurations/FeatureDefines.xcconfig:

Rename LINK_LONG_PRESS to MAC_LONG_PRESS.

16:38 Changeset [171556] by lforschler@apple.com

Merged r171554. <rdar://problem/17766348>

16:35 Changeset [171555] by commit-queue@webkit.org

GTK jhbuild modules needs to build xserver with --disable-local-transport
https://bugs.webkit.org/show_bug.cgi?id=135262

Patch by Michael Catanzaro <mcatanzaro@igalia.com> on 2014-07-24
Reviewed by Martin Robinson.

  • gtk/jhbuild.modules:

Build X server with --disable-local-transport, since local transport
is only supported on Solaris, SCO, and System V. Fixes build on
Fedora.

16:34 Changeset [171554] by mitz@apple.com

Fixed Windows build fix.

  • platform/network/cf/AuthenticationCF.cpp:
16:30 Changeset [171553] by commit-queue@webkit.org

Unreviewed, rolling out r171527.
https://bugs.webkit.org/show_bug.cgi?id=135265

Breaks JSC API tests (Requested by mlam on #webkit).

Reverted changeset:

"JSWrapperMap's jsWrapperForObject() needs to defer GC."
https://bugs.webkit.org/show_bug.cgi?id=135258
http://trac.webkit.org/changeset/171527

16:29 Changeset [171552] by commit-queue@webkit.org

[GTK] build-webkit script fails under jhbuild if ACLOCAL_FLAGS is unset
https://bugs.webkit.org/show_bug.cgi?id=135065

Patch by Michael Catanzaro <mcatanzaro@igalia.com> on 2014-07-24
Reviewed by Martin Robinson.

  • jhbuild/jhbuild-wrapper:

(ensure_jhbuild): do not assume jhbuild sets ACLOCAL_FLAGS

16:28 Changeset [171551] by lforschler@apple.com

Merged r171545. <rdar://problem/17766348>

16:27 Changeset [171550] by lforschler@apple.com

Merged r171540. <rdar://problem/17766348>

16:21 Changeset [171549] by lforschler@apple.com

Merged r171532. <rdar://problem/17279500>

16:17 Changeset [171548] by lforschler@apple.com

Merged r171519. <rdar://problem/17798346>

16:16 Changeset [171547] by lforschler@apple.com

Merged r171518. <rdar://problem/17797103>

16:11 Changeset [171546] by lforschler@apple.com

Merged r171526. <rdar://problem/17470655>

16:01 Changeset [171545] by mitz@apple.com

Attempted Windows build fix.

  • platform/network/cf/AuthenticationCF.cpp:

(WebCore::AuthenticationChallenge::AuthenticationChallenge):

  • platform/network/cf/CredentialStorageCFNet.cpp:

(WebCore::CredentialStorage::getFromPersistentStorage):

  • platform/network/cf/ProtectionSpaceCFNet.cpp:

(WebCore::ProtectionSpace::receivesCredentialSecurely):
(WebCore::ProtectionSpaceBase::receivesCredentialSecurely): Deleted.

16:01 Changeset [171544] by lforschler@apple.com

Merged r171497. <rdar://problem/17470655>

15:56 Changeset [171543] by mhahnenberg@apple.com

Creating a JSGlobalObject with a custom JSClassRef results in a JSProxy with the wrong prototype
https://bugs.webkit.org/show_bug.cgi?id=135250

Reviewed by Geoffrey Garen.

JSGlobalObject::resetPrototype (which is called from JSGlobalContextCreateInGroup) doesn't change its
JSProxy's prototype as well. This results in a JSProxy where no properties in the original prototype
chain (as created from the JSClassRef hierarchy) are accessible. Changing resetPrototype to also change
the JSProxy's prototype fixes the issue.

  • API/JSValueRef.cpp:

(JSValueIsObjectOfClass): Also fixed a bug where a JSProxy for a JSGlobalObject with a custom JSClassRef
would claim it wasn't of the specified class, even if the target was of the specified class.

  • API/tests/CustomGlobalObjectClassTest.c: Added.

(jsDoSomething):
(customGlobalObjectClassTest):

  • API/tests/CustomGlobalObjectClassTest.h: Added.
  • API/tests/testapi.c:

(assertTrue):
(main):

(JSC::JSGlobalObject::resetPrototype):

15:55 Changeset [171542] by lforschler@apple.com

Merged r171485. <rdar://problem/17782623>

15:54 Changeset [171541] by lforschler@apple.com

Merged r171201. <rdar://problem/17082607>

15:51 Changeset [171540] by mitz@apple.com

Source/WebCore: <rdar://problem/17766348> [Cocoa] WebCore::ProtectionSpace doesn’t preserve all NSURLProtectionSpace properties, such as the distinguishedNames array
https://bugs.webkit.org/show_bug.cgi?id=135229

Reviewed by Alexey Proskuryakov.

  • CMakeLists.txt: Updated for rename of a source file.
  • WebCore.exp.in: Updated.
  • WebCore.vcxproj/WebCore.vcxproj: Updated for rename of source files, added

ProtectionSpaceCFNet.{cpp,h}.

  • WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
  • WebCore.xcodeproj/project.pbxproj: Updated for rename of source files, added

ProtectionSpaceCococa.{h.mm}.

  • platform/network/ProtectionSpace.cpp: Renamed to ProtectionSpaceBase.cpp.
  • platform/network/ProtectionSpace.h: This file was renamed to ProtectionSpaceBase.h, and

in its place added a generic ProtectionSpace class that just derives from
ProtectionSpaceBase. For Cocoa and CFNetwork, ProtectionSpace{Cocoa,CFNet}.h is included
instead of the generic class.

  • platform/network/ProtectionSpaceBase.cpp: Renamed ProtectionSpace.cpp to this.

(WebCore::ProtectionSpaceBase::ProtectionSpaceBase): Updated for rename.
(WebCore::ProtectionSpaceBase::host): Ditto.
(WebCore::ProtectionSpaceBase::port): Ditto.
(WebCore::ProtectionSpaceBase::serverType): Ditto.
(WebCore::ProtectionSpaceBase::isProxy): Ditto.
(WebCore::ProtectionSpaceBase::realm): Ditto.
(WebCore::ProtectionSpaceBase::authenticationScheme): Ditto.
(WebCore::ProtectionSpaceBase::receivesCredentialSecurely): Removed CFNetwork-specific part,
which is now implemented in ProtectionSpaceCFNet.cpp.
(WebCore::ProtectionSpaceBase::compare): Replaced operator== with this, and made it call
ProtectionSpace::platformCompare at the end if needed.

  • platform/network/ProtectionSpaceBase.h: Renamed ProtectionSpace.h to this.

(WebCore::ProtectionSpaceBase::encodingRequiresPlatformData): Added with a default
implementation that returns false, for ProtectionSpace implementations to override.
(WebCore::ProtectionSpaceBase::platformCompare): Added with a default implementation that
returns true, for ProtectionSpace implementations to override.
(WebCore::operator==): Changed to call compare.

  • platform/network/cf/AuthenticationCF.cpp:

(WebCore::AuthenticationChallenge::AuthenticationChallenge): Changed to use the
ProtectionSpace constructor that takes a CFURLProtectionSpaceRef.
(WebCore::createCF): Changed to use ProtectionSpace::cfSpace.

  • platform/network/cf/AuthenticationCF.h: Guarded a couple of functiosn that aren’t used in

Cocoa with #if PLATFORM(WIN).

  • platform/network/cf/CredentialStorageCFNet.cpp:

(WebCore::CredentialStorage::getFromPersistentStorage): Changed to use
ProtectionSpace::cfSpace.
(WebCore::CredentialStorage::saveToPersistentStorage): Ditto.

  • platform/network/cf/ProtectionSpaceCFNet.cpp: Added.

(WebCore::ProtectionSpaceBase::receivesCredentialSecurely): Override with the
CFNetwork-specific test that was previously in ProtectionSpace.cpp.

  • platform/network/cf/ProtectionSpaceCFNet.h: Copied from Source/WebCore/platform/network/ProtectionSpace.h.

Declare ProtectionSpace and override receivesCredentialSecurely.

  • platform/network/mac/AuthenticationMac.h: Deleted the ProtectionSpace core() and mac().
  • platform/network/mac/AuthenticationMac.mm:

(WebCore::AuthenticationChallenge::AuthenticationChallenge): Changed to use the
ProtectionSpace constructor that takes an NSURLProtectionSpace.
(WebCore::mac): Changed to use ProtectionSpace::nsSpace.

  • platform/network/mac/CredentialStorageMac.mm:

(WebCore::CredentialStorage::getFromPersistentStorage): Ditto.

  • platform/network/mac/ResourceHandleMac.mm:

(WebCore::ResourceHandle::receivedCredential): Changed to use the ProtectionSpace
constructor that takes an NSURLProtectionSpace.

  • platform/network/mac/WebCoreResourceHandleAsDelegate.mm:

(-[WebCoreResourceHandleAsDelegate connection:canAuthenticateAgainstProtectionSpace:]):
Ditto.

  • platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:

(-[WebCoreResourceHandleAsOperationQueueDelegate connection:canAuthenticateAgainstProtectionSpace:]):
Ditto.

Source/WebKit/mac: WebKit part of <rdar://problem/17766348> [Cocoa] WebCore::ProtectionSpace doesn’t preserve all NSURLProtectionSpace properties, such as the distinguishedNames array
https://bugs.webkit.org/show_bug.cgi?id=135229

Reviewed by Alexey Proskuryakov.

  • Misc/WebDownload.mm:

(-[WebDownloadInternal download:didReceiveAuthenticationChallenge:]): Chanegd to use the
ProtectionSpace constructor that takes an NSURLProtectionSpace.

  • Plugins/WebBaseNetscapePluginView.mm:

(WebKit::getAuthenticationInfo): Ditto.

  • WebCoreSupport/WebFrameLoaderClient.mm:

(WebFrameLoaderClient::canAuthenticateAgainstProtectionSpace): Changed to use
ProtectionSpace::nsSpace.

Source/WebKit2: WebKit2 part of <rdar://problem/17766348> [Cocoa] WebCore::ProtectionSpace doesn’t preserve all NSURLProtectionSpace properties, such as the distinguishedNames array
https://bugs.webkit.org/show_bug.cgi?id=135229

Reviewed by Alexey Proskuryakov.

  • Shared/Cocoa/WKNSURLProtectionSpace.mm: Changed to use ProtectionSpace::nsSpace.
  • Shared/WebCoreArgumentCoders.cpp:

(IPC::ArgumentCoder<ProtectionSpace>::encode): If encoding the space requires encoding the
platform data, do that.
(IPC::ArgumentCoder<ProtectionSpace>::decode): If platform data was encoded, decode it.

  • Shared/WebCoreArgumentCoders.h:
  • Shared/mac/WebCoreArgumentCodersMac.mm:

(IPC::ArgumentCoder<ProtectionSpace>::encodePlatformData): Archive the NSURLProtectionSpace.
(IPC::ArgumentCoder<ProtectionSpace>::decodePlatformData): Unarchive it.

  • Shared/soup/WebCoreArgumentCodersSoup.cpp:

(IPC::ArgumentCoder<ProtectionSpace>::encodePlatformData): Added.
(IPC::ArgumentCoder<ProtectionSpace>::decodePlatformData): Added.

15:42 Changeset [171539] by lforschler@apple.com

Merged r171509. <rdar://problem/17790792>

15:40 Changeset [171538] by lforschler@apple.com

Merged r171507. <rdar://problem/17738186>

15:39 Changeset [171537] by lforschler@apple.com

Merged r171506. <rdar://problem/17796052>

15:37 Changeset [171536] by lforschler@apple.com

Merged r171493. <rdar://problem/17785560>

15:34 Changeset [171535] by lforschler@apple.com

Merged r171487. <rdar://problem/17735912>

15:29 Changeset [171534] by lforschler@apple.com

Merged r171481. <rdar://problem/17713033>

15:27 Changeset [171533] by lforschler@apple.com

Merged r171478. <rdar://problem/17736503>

15:25 Changeset [171532] by benjamin@webkit.org

[WK2] Fixed/Sticky layers can get mispositioned when the layer tree commit change their position or size
https://bugs.webkit.org/show_bug.cgi?id=135227
<rdar://problem/17279500>

Reviewed by Simon Fraser.

Source/WebCore:
Keep track of the creation/destruction of Fixed and Sticky nodes in the ScrollingTree.

  • page/scrolling/ScrollingTree.cpp:

(WebCore::ScrollingTree::ScrollingTree):

  • page/scrolling/ScrollingTree.h:

(WebCore::ScrollingTree::hasFixedOrSticky):
(WebCore::ScrollingTree::fixedOrStickyNodeAdded):
(WebCore::ScrollingTree::fixedOrStickyNodeRemoved):

  • page/scrolling/mac/ScrollingTreeFixedNode.mm:

(WebCore::ScrollingTreeFixedNode::ScrollingTreeFixedNode):
(WebCore::ScrollingTreeFixedNode::~ScrollingTreeFixedNode):

  • page/scrolling/mac/ScrollingTreeStickyNode.mm:

(WebCore::ScrollingTreeStickyNode::ScrollingTreeStickyNode):
(WebCore::ScrollingTreeStickyNode::~ScrollingTreeStickyNode):

Source/WebKit2:
In some cases, a fixed or sticky positioned layer would end up at its position corresponding to the WebProcess
instead of sticking the to real viewport in the UIProcess.

The sequence of event is:
1) A layer becomes fixed in some ScrollingTree transaction.
2) Later, some change in the WebProcess causes a LayerTree update for that exact same layer, but no corresponding

ScrollingTree update is made.

3) In the UIProcess, the position of the fixed layer is changed due to the LayerTree update.

But! There is no ScrollingTree change, updateScrollingTree() never sets fixedOrStickyLayerChanged to true,
and the position is not corrected.

-> The layer is now at the wrong position until the next VisibleContentRectUpdate.

Ideally, we should have fixedOrStickyLayerChanged track if either the position or size of a fixed layer changed
in the layer tree. This is tricky since the layer tree does not keep track of the fixed nodes of the scrolling tree.

Since this complexity seems risky at this point, I went for something simpler but with more overhead:
any time the scrolling tree contains either a fixed or sticky layer, viewportChangedViaDelegatedScrolling()
is called to "fix" the position.

  • UIProcess/Scrolling/RemoteScrollingCoordinatorProxy.cpp:

(WebKit::RemoteScrollingCoordinatorProxy::updateScrollingTree):
(WebKit::RemoteScrollingCoordinatorProxy::connectStateNodeLayers):

  • UIProcess/Scrolling/RemoteScrollingCoordinatorProxy.h:

(WebKit::RemoteScrollingCoordinatorProxy::hasFixedOrSticky):

  • UIProcess/ios/RemoteScrollingCoordinatorProxyIOS.mm:

(WebKit::RemoteScrollingCoordinatorProxy::connectStateNodeLayers):

  • UIProcess/mac/RemoteLayerTreeDrawingAreaProxy.mm:

(WebKit::RemoteLayerTreeDrawingAreaProxy::commitLayerTree):

15:17 Changeset [171531] by commit-queue@webkit.org

Let WheelEvent wrap a PlatformWheelEvent
https://bugs.webkit.org/show_bug.cgi?id=135244

When WheelEvent is initialized with a PlatformWheelEvent, store that PlatformWheelEvent for future use.

Patch by Wenson Hsieh <wenson_hsieh@apple.com> on 2014-07-24
Reviewed by Beth Dakin.

No new tests because behavior should not have changed.

  • dom/WheelEvent.cpp: Added method to access the PlatformWheelEvent.

(WebCore::WheelEvent::WheelEvent):

  • dom/WheelEvent.h: Added field to store PlatformWheelEvent, if initialized via PlatformWheelEvent.

(WebCore::WheelEvent::wheelEvent):

15:15 Changeset [171530] by matthew_hanson@apple.com

New Tag.

15:11 Changeset [171529] by bshafiei@apple.com

Merged r171201. <rdar://problem/17082607>

15:11 Changeset [171528] by burg@cs.washington.edu

Web Replay: don't encode/decode primitive types that lack explicit sizes
https://bugs.webkit.org/show_bug.cgi?id=133430

Reviewed by Anders Carlsson.

Source/JavaScriptCore:
Don't support encode/decode of unsigned long, since its size is compiler-dependent.

  • replay/EncodedValue.cpp:

(JSC::EncodedValue::convertTo<unsigned long>):
(JSC::unsigned long>::encodeValue): Deleted.

  • replay/EncodedValue.h:

Source/WebCore:
Remove uses of unsigned long in encode/decode methods because the type lacks an
explicit size. Move frame index serialization away from using unsigned long.

  • replay/ReplayController.cpp:

(WebCore::logDispatchedDOMEvent): Fix the format string.

  • replay/SerializationMethods.cpp:

(WebCore::frameIndexFromDocument):
(WebCore::frameIndexFromFrame):
(WebCore::documentFromFrameIndex):
(WebCore::frameFromFrameIndex):
(JSC::EncodingTraits<PluginData>::encodeValue):
(JSC::EncodingTraits<PluginData>::decodeValue):

  • replay/SerializationMethods.h:
  • replay/WebInputs.json: Remove primitive types without explicit sizes.
15:01 Changeset [171527] by mark.lam@apple.com

JSWrapperMap's jsWrapperForObject() needs to defer GC.
<https://webkit.org/b/135258>

Reviewed by Oliver Hunt.

In the process of creating a JS wrapper, jsWrapperForObject() will create
the prototype and constructor of the corresponding ObjC class, as well as
for classes in its inheritance chain. These prototypes and constructors
are stored in Weak references in the JSObjCClassInfo objects. During all
the allocation that is being done to create all the prototypes and
constructors as well as the wrapper objects, a GC may occur thereby
collecting one or more of these newly created prototype and constructor
objects.

One example of where this problem can manifest is in wrapperForObject()
which is called from jsWrapperForObject(). In wrapperFoObject(), we do
the following steps:

  1. reallocateConstructorAndOrPrototype() which creates the prototype object and store it in JSObjCClassInfo's m_prototype which is a Weak ref.
  2. makeWrapper() to create the wrapper object, which may trigger a GC. GC will collect the prototype object and nullify the corresponding JSObjCClassInfo's m_prototype Weak ref.
  3. call JSObjectSetPrototype() to set the JSObjCClassInfo's m_prototype in the newly created wrapper. This results in the wrapper getting a jsNull as a prototype instead of the expected prototype object.

To ensure that the prototype and constructor objects are retained until
they can be referenced properly from the wrapper object,
jsWrapperForObject() should defer GC until it's done with its work.

  • API/JSWrapperMap.mm:

(-[JSWrapperMap jsWrapperForObject:]):

14:37 Changeset [171526] by psolanki@apple.com

Sharing SharedBuffer between WebCore and ImageIO is racy and crash prone
https://bugs.webkit.org/show_bug.cgi?id=135069
<rdar://problem/17470655>

Reviewed by Simon Fraser.

When passing image data to ImageIO for decoding, we pass an NSData subclass that is a wraper
around SharedBuffer. This can be a problem when ImageIO tries to access the data on the CA
thread. End result is data corruption on large image loads and potential crashes. The fix is
to have SharedBuffer create a copy of its data if the data has been passed to ImageIO and
might be accessed concurrently.

Since Vector is not refcounted, we do this by having a new refcounted object in SharedBuffer
that contains the buffer and we pass that in our NSData subclass WebCoreSharedBufferData.
Code that would result in the Vector memory moving e.g. append(), resize(), now checks to
see if the buffer was shared and if so, will create a new copy of the vector. This ensures
that the main thread does not end up invalidating the vector memory that we have passed it
to ImageIO.

No new tests because no functional changes.

  • loader/cache/CachedResource.cpp:

(WebCore::CachedResource::makePurgeable):

Remove early return - createPurgeableMemory() has the correct check now.

  • platform/SharedBuffer.cpp:

(WebCore::SharedBuffer::SharedBuffer):
(WebCore::SharedBuffer::adoptVector):
(WebCore::SharedBuffer::createPurgeableBuffer):

Don't create purgeable buffer if we are sharing the buffer.

(WebCore::SharedBuffer::append):
(WebCore::SharedBuffer::clear):
(WebCore::SharedBuffer::copy):
(WebCore::SharedBuffer::duplicateDataBufferIfNecessary): Added.

Create a new copy of the data if we have shared the buffer and if appending to it would
exceed the capacity of the vector resulting in memmove.

(WebCore::SharedBuffer::appendToInternalBuffer): Added.
(WebCore::SharedBuffer::clearInternalBuffer): Added.
(WebCore::SharedBuffer::buffer):

Create a new copy of the buffer if we have shared it.

(WebCore::SharedBuffer::getSomeData):

  • platform/SharedBuffer.h:
  • platform/cf/SharedBufferCF.cpp:

(WebCore::SharedBuffer::SharedBuffer):
(WebCore::SharedBuffer::singleDataArrayBuffer):
(WebCore::SharedBuffer::maybeAppendDataArray):

  • platform/mac/SharedBufferMac.mm:

Pass the InternalBuffer object to WebCoreSharedBufferData

(-[WebCoreSharedBufferData dealloc]):
(-[WebCoreSharedBufferData initWithSharedBufferInternalBuffer:]):
(-[WebCoreSharedBufferData length]):
(-[WebCoreSharedBufferData bytes]):
(WebCore::SharedBuffer::createNSData):

Call createCFData() instead of duplicating code.

(WebCore::SharedBuffer::createCFData):

If the data is in purgeable memory, make a copy of it since m_buffer was cleared when
creating the purgeable buffer.

(-[WebCoreSharedBufferData initWithSharedBuffer:]): Deleted.

14:12 Changeset [171525] by bjonesbe@adobe.com

Committers should mail webkit-committers not webkit-reviewers for reactivation
https://bugs.webkit.org/show_bug.cgi?id=135203

Reviewed by Ryosuke Niwa.

Only reviewers can send mail to webkit-reviewers. Amend the policy so that committers should
send mail to webkit-committers instead of webkit-reviewers.

  • coding/commit-review-policy.html:
14:00 Changeset [171524] by lforschler@apple.com

Merged r171395. <rdar://problem/17544620>

13:58 Changeset [171523] by lforschler@apple.com

Merged r171393. <rdar://problem/17544620>

13:56 Changeset [171522] by lforschler@apple.com

Merged r171390. <rdar://problem/17544620>

13:53 Changeset [171521] by lforschler@apple.com

Merged r171328. <rdar://problem/17544620>

13:47 Changeset [171520] by bshafiei@apple.com

Merged r171518. <rdar://problem/17797103>

13:18 Changeset [171519] by oliver@apple.com

Need to explicitly support location services in webcontent profile
https://bugs.webkit.org/show_bug.cgi?id=135251
<rdar://17798346>

Reviewed by Dan Bernstein.

Switching to uikit-app means that we remove the implicit support
for location services. This makes us explicitly opt-in.

  • Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
13:13 Changeset [171518] by timothy_horton@apple.com

Crash at [WKContentView _applicationWillEnterForeground:] + 28
<rdar://problem/17797103>

Reviewed by Sam Weinig.

  • UIProcess/ios/WKContentView.mm:

(-[WKContentView _applicationWillEnterForeground:]):
Drawing area can be null; null check it!
It's ok if we don't hide the content in this case, because if the drawing area is null,
it doesn't have any layers in the tree anyway.

13:00 Changeset [171517] by bshafiei@apple.com

Merged r171509. <rdar://problem/17790792>

12:57 Changeset [171516] by bshafiei@apple.com

Merged r171487. <rdar://problem/17735912>

12:52 Changeset [171515] by bshafiei@apple.com

Versioning.

12:49 Changeset [171514] by bshafiei@apple.com

New tag.

12:23 Changeset [171513] by commit-queue@webkit.org

[Curl] Enable file logging.
https://bugs.webkit.org/show_bug.cgi?id=135202

Patch by peavo@outlook.com <peavo@outlook.com> on 2014-07-24
Reviewed by Alex Christensen.

The Curl api offers the possibility to write log messages to file. Enable this for debugging purposes.

  • platform/network/curl/ResourceHandleManager.cpp:

(WebCore::ResourceHandleManager::ResourceHandleManager):
(WebCore::ResourceHandleManager::~ResourceHandleManager):
(WebCore::ResourceHandleManager::initializeHandle):

  • platform/network/curl/ResourceHandleManager.h:
09:20 Changeset [171512] by commit-queue@webkit.org

Sort WebCore.exp.in after r171252
https://bugs.webkit.org/show_bug.cgi?id=135239

Patch by Tibor Meszaros <tmeszaros.u-szeged@partner.samsung.com> on 2014-07-24
Reviewed by Csaba Osztrogonác.

  • WebCore.exp.in:
05:23 Changeset [171511] by mihnea@adobe.com

[New Multicolumn] Assertion failure when an input element has multicolumn style
https://bugs.webkit.org/show_bug.cgi?id=135234

Reviewed by Andrei Bucur.

Source/WebCore:
Restrict the assertion in RenderBlock::canComputeRegionRangeForBox
only to RenderNamedFlowThread objects since for RenderMultiColumnFlowThread
objects we can compute a range of regions during their parent block layout.

Test: fast/multicol/newmulticol/input-as-multicol.html

  • rendering/RenderBlock.cpp:

(WebCore::canComputeRegionRangeForBox):

LayoutTests:

  • fast/multicol/newmulticol/input-as-multicol-expected.txt: Added.
  • fast/multicol/newmulticol/input-as-multicol.html: Added.

07/23/14:

22:30 Changeset [171510] by fpizlo@apple.com

Make improvements to Type Profiling
https://bugs.webkit.org/show_bug.cgi?id=134860

Patch by Saam Barati <sbarati@apple.com> on 2014-07-23
Reviewed by Filip Pizlo.

I improved the API between the inspector and JSC. We no longer send one huge
string to the inspector. We now send structured data that represents the type
information that JSC has collected. I've also created a beginning implementation
of a type lattice that allows us to resolve a display name for a type that
consists of a single word.

I created a data structure that knows which functions have executed. This
solves the bug where types inside an un-executed function will resolve
to the type of the enclosing expression of that function. This data
structure may also be useful later if the inspector chooses to create a UI
around showing which functions have executed.

Better type information is gathered for objects. StructureShape now
represents an object's prototype chain. StructureShape also collects
the constructor name for an object.

Expression ranges are now zero indexed.

Removed some extraneous methods.

(JSC::CodeBlock::CodeBlock):
(JSC::CodeBlock::scopeDependentProfile):

  • bytecode/CodeBlock.h:
  • bytecode/TypeLocation.h:

(JSC::TypeLocation::TypeLocation):

  • bytecode/UnlinkedCodeBlock.cpp:

(JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable):

  • bytecode/UnlinkedCodeBlock.h:

(JSC::UnlinkedFunctionExecutable::highFidelityTypeProfilingStartOffset):
(JSC::UnlinkedFunctionExecutable::highFidelityTypeProfilingEndOffset):

  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::BytecodeGenerator):
(JSC::BytecodeGenerator::emitHighFidelityTypeProfilingExpressionInfo):

  • bytecompiler/BytecodeGenerator.h:

(JSC::BytecodeGenerator::emitHighFidelityTypeProfilingExpressionInfo): Deleted.

  • heap/Heap.cpp:

(JSC::Heap::collect):

  • inspector/agents/InspectorRuntimeAgent.cpp:

(Inspector::InspectorRuntimeAgent::getRuntimeTypesForVariablesAtOffsets):
(Inspector::InspectorRuntimeAgent::getRuntimeTypeForVariableAtOffset): Deleted.

  • inspector/agents/InspectorRuntimeAgent.h:
  • inspector/protocol/Runtime.json:
  • runtime/Executable.cpp:

(JSC::ScriptExecutable::ScriptExecutable):
(JSC::ProgramExecutable::ProgramExecutable):
(JSC::FunctionExecutable::FunctionExecutable):
(JSC::ProgramExecutable::initializeGlobalProperties):

  • runtime/Executable.h:

(JSC::ScriptExecutable::highFidelityTypeProfilingStartOffset):
(JSC::ScriptExecutable::highFidelityTypeProfilingEndOffset):

  • runtime/FunctionHasExecutedCache.cpp: Added.

(JSC::FunctionHasExecutedCache::hasExecutedAtOffset):
(JSC::FunctionHasExecutedCache::insertUnexecutedRange):
(JSC::FunctionHasExecutedCache::removeUnexecutedRange):

  • runtime/FunctionHasExecutedCache.h: Added.

(JSC::FunctionHasExecutedCache::FunctionRange::FunctionRange):
(JSC::FunctionHasExecutedCache::FunctionRange::operator==):
(JSC::FunctionHasExecutedCache::FunctionRange::hash):

  • runtime/HighFidelityLog.cpp:

(JSC::HighFidelityLog::processHighFidelityLog):
(JSC::HighFidelityLog::actuallyProcessLogThreadFunction): Deleted.

  • runtime/HighFidelityLog.h:

(JSC::HighFidelityLog::recordTypeInformationForLocation):

  • runtime/HighFidelityTypeProfiler.cpp:

(JSC::HighFidelityTypeProfiler::logTypesForTypeLocation):
(JSC::HighFidelityTypeProfiler::insertNewLocation):
(JSC::HighFidelityTypeProfiler::getTypesForVariableAtOffsetForInspector):
(JSC::descriptorMatchesTypeLocation):
(JSC::HighFidelityTypeProfiler::findLocation):
(JSC::HighFidelityTypeProfiler::getTypesForVariableInAtOffset): Deleted.
(JSC::HighFidelityTypeProfiler::getGlobalTypesForVariableAtOffset): Deleted.
(JSC::HighFidelityTypeProfiler::getLocalTypesForVariableAtOffset): Deleted.

  • runtime/HighFidelityTypeProfiler.h:

(JSC::QueryKey::QueryKey):
(JSC::QueryKey::isHashTableDeletedValue):
(JSC::QueryKey::operator==):
(JSC::QueryKey::hash):
(JSC::QueryKeyHash::hash):
(JSC::QueryKeyHash::equal):
(JSC::HighFidelityTypeProfiler::functionHasExecutedCache):
(JSC::HighFidelityTypeProfiler::typeLocationCache):

  • runtime/Structure.cpp:

(JSC::Structure::toStructureShape):

  • runtime/Structure.h:
  • runtime/TypeLocationCache.cpp: Added.

(JSC::TypeLocationCache::getTypeLocation):

  • runtime/TypeLocationCache.h: Added.

(JSC::TypeLocationCache::LocationKey::LocationKey):
(JSC::TypeLocationCache::LocationKey::operator==):
(JSC::TypeLocationCache::LocationKey::hash):

  • runtime/TypeSet.cpp:

(JSC::TypeSet::getRuntimeTypeForValue):
(JSC::TypeSet::addTypeForValue):
(JSC::TypeSet::seenTypes):
(JSC::TypeSet::doesTypeConformTo):
(JSC::TypeSet::displayName):
(JSC::TypeSet::allPrimitiveTypeNames):
(JSC::TypeSet::allStructureRepresentations):
(JSC::TypeSet::leastCommonAncestor):
(JSC::StructureShape::StructureShape):
(JSC::StructureShape::addProperty):
(JSC::StructureShape::propertyHash):
(JSC::StructureShape::leastCommonAncestor):
(JSC::StructureShape::stringRepresentation):
(JSC::StructureShape::inspectorRepresentation):
(JSC::StructureShape::leastUpperBound): Deleted.

  • runtime/TypeSet.h:

(JSC::StructureShape::setConstructorName):
(JSC::StructureShape::constructorName):
(JSC::StructureShape::setProto):

  • runtime/VM.cpp:

(JSC::VM::dumpHighFidelityProfilingTypes):
(JSC::VM::getTypesForVariableAtOffset): Deleted.
(JSC::VM::updateHighFidelityTypeProfileState): Deleted.

  • runtime/VM.h:

(JSC::VM::isProfilingTypesWithHighFidelity):
(JSC::VM::highFidelityTypeProfiler):

22:17 Changeset [171509] by simon.fraser@apple.com

[iOS WK2] Some help.apple.com pages not scrollable
https://bugs.webkit.org/show_bug.cgi?id=135228
<rdar://problem/17790792>

Reviewed by Benjamin Poulain.

On pages which size their document to the device size, the WKContentView size
never changes after it's created. In this situation, we never set a bounds
on the _rootContentView, so it remains zero-sized which breaks hit testing
on all enclosed UIScrollViews for overflow:scroll.

Fix by making the _rootContentView and the _inspectorIndicationView use autosizing
so they are always the size of their parent view, and remove the explicit setting
of their bounds.

  • UIProcess/ios/WKContentView.mm:

(-[WKContentView initWithFrame:context:configuration:webView:]):
(-[WKContentView setShowingInspectorIndication:]):
(-[WKContentView _didCommitLayerTree:]):

22:16 Changeset [171508] by fpizlo@apple.com

Fix debug build.

  • bytecode/CallLinkStatus.h:

(JSC::CallLinkStatus::CallLinkStatus):

22:02 Changeset [171507] by benjamin@webkit.org

[iOS][WK2] r171124 is incorrect when the virtual keyboard is up
https://bugs.webkit.org/show_bug.cgi?id=135187

Patch by Benjamin Poulain <bpoulain@apple.com> on 2014-07-23
Reviewed by Simon Fraser.

Unfortunately, restricting the input into the document rect does not work.
When the keyboard is up, the keyboard bounds can overlap the WKWebView, and
the valid range should account for that.

Instead of playing with the keyboard rect, we can limit the scroll position
inside the valid range of UIScrollView. The keyboard always adjusts the UIScrollView
range as needed to give access to the content. Using that range is a bit more permissive
because the page could scroll to reveal content in the content inset defined by the client
of the API (this could actually be quite useful for hybrid apps).

There was already a function to change the content offset in the valid scrollview
range: changeContentOffsetBoundedInValidRange(), I extracted the range check
to contentOffsetBoundedInValidRange() for the needs of -[WKWebView _scrollToContentOffset:].

So...contentOffsetBoundedInValidRange() is cool, but it is not in the right coordinate
system. The scroll position we get from the WebProcess is in document coordinates, while
contentOffsetBoundedInValidRange() works with the UIScrollView coordinates.
To fix that, we scale the input position to get to the same scale as UIScrollView, then
apply the insets with the weirdly named [WKWebView _adjustedContentOffset:].

  • UIProcess/API/Cocoa/WKWebView.mm:

(contentOffsetBoundedInValidRange):
(changeContentOffsetBoundedInValidRange):
(-[WKWebView _scrollToContentOffset:]):

21:38 Changeset [171506] by commit-queue@webkit.org

Transparent fullscreen background when video is not present.
https://bugs.webkit.org/show_bug.cgi?id=135226

Patch by Jeremy Jones <jeremyj@apple.com> on 2014-07-23
Reviewed by Simon Fraser.

Set background to black just before beginning the animation to fullscreen.

  • platform/ios/WebVideoFullscreenInterfaceAVKit.mm:

(WebVideoFullscreenInterfaceAVKit::enterFullscreen): set background color black.

19:39 Changeset [171505] by commit-queue@webkit.org

ScriptController::updateDocument ASSERT mutating map while iterating map
https://bugs.webkit.org/show_bug.cgi?id=135211

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2014-07-23
Reviewed by Oliver Hunt.

Avoid iterating over m_windowShells in more places. This prevents
the possibility of a collection during JSC allocation which might
cause a mutation to m_windowShells (HTMLMediaElement destruction).

Have ScriptController defriend ScriptCachedFrameData by providing
a getter for the list of window shells.

  • bindings/js/ScriptCachedFrameData.cpp:

(WebCore::ScriptCachedFrameData::ScriptCachedFrameData):
(WebCore::ScriptCachedFrameData::restore):

  • bindings/js/ScriptController.cpp:

(WebCore::ScriptController::windowShells):
(WebCore::ScriptController::clearWindowShell):
(WebCore::ScriptController::attachDebugger):
(WebCore::ScriptController::updateDocument):

  • bindings/js/ScriptController.h:
18:13 Changeset [171504] by commit-queue@webkit.org

Unreviewed, rolling out r171498.
https://bugs.webkit.org/show_bug.cgi?id=135223

It will regress some scroll position restoration on navigation
(r167916). (Requested by smfr on #webkit).

Reverted changeset:

"[iOS WK2] Header bar on nytimes articles lands in the wrong
place after rubberbanding"
https://bugs.webkit.org/show_bug.cgi?id=135221
http://trac.webkit.org/changeset/171498

18:00 Changeset [171503] by matthew_hanson@apple.com

Merged r171474. <rdar://problem/17041912>

17:57 Changeset [171502] by matthew_hanson@apple.com

Merged r171490. <rdar://problem/17739108>

17:54 Changeset [171501] by matthew_hanson@apple.com

Merge r171499. <rdar://problem/17783423>

17:52 Changeset [171500] by matthew_hanson@apple.com

Merge r171499. <rdar://problem/17783423>

17:24 Changeset [171499] by timothy_horton@apple.com

REGRESSION (r171376): Sometimes we detect less than the whole phone number
https://bugs.webkit.org/show_bug.cgi?id=135220
<rdar://problem/17783423>

Reviewed by Brady Eidson.

  • editing/Editor.cpp:

(WebCore::Editor::scanSelectionForTelephoneNumbers):
Use the visible selection's start and end instead of base and extent, because they'll
always be in the right order in the case of a directional selection (base can be *after* extent
if you select from right to left). This fixes the code that expands the selection.

Pass the *entire* expanded selection to DataDetectors, instead of using TextIterator.
This way, we will find each number only once, and will never get part of a phone number once
and then the whole phone number later.

17:23 Changeset [171498] by simon.fraser@apple.com

[iOS WK2] Header bar on nytimes articles lands in the wrong place after rubberbanding
https://bugs.webkit.org/show_bug.cgi?id=135221

Reviewed by Tim Horton.

Source/WebCore:

Add a function on GraphicsLayer to force a flush of the layer position
to the underlying graphics system, so that when layers cease being
scroll-coordinated, we can ensure that their layers are repositioned
in the correct location.

  • WebCore.exp.in:
  • platform/graphics/GraphicsLayer.h:

(WebCore::GraphicsLayer::forcePositionUpdate):

  • platform/graphics/ca/GraphicsLayerCA.cpp:

(WebCore::GraphicsLayerCA::forcePositionUpdate):

  • platform/graphics/ca/GraphicsLayerCA.h:
  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::detachScrollCoordinatedLayer):

Source/WebKit2:

The call to didCommitLayerTree() can cause one or two visible rect updates,
via changes to the UIScrollView contentSize and contentOffset. As a result, we
would notify the scrolling tree about a viewport change, but using the old
scrolling tree rather than the new one, so we could move layers around for
nodes which are about to be removed from the tree.

Fix by m_webPageProxy->didCommitLayerTree() after the scrolling tree has been
committed.

  • UIProcess/mac/RemoteLayerTreeDrawingAreaProxy.mm:

(WebKit::RemoteLayerTreeDrawingAreaProxy::commitLayerTree):

17:08 Changeset [171497] by psolanki@apple.com

Get rid of SharedBuffer::NSDataRetainPtrWithoutImplicitConversionOperator
https://bugs.webkit.org/show_bug.cgi?id=135219

Reviewed by Anders Carlsson.

No new tests because no functional changes.

  • loader/ResourceBuffer.h:
  • loader/mac/ResourceBuffer.mm:

(WebCore::ResourceBuffer::createNSData):

  • platform/SharedBuffer.h:

(WebCore::SharedBuffer::NSDataRetainPtrWithoutImplicitConversionOperator::NSDataRetainPtrWithoutImplicitConversionOperator): Deleted.

  • platform/mac/SharedBufferMac.mm:

(WebCore::SharedBuffer::createNSData):

16:20 Changeset [171496] by rniwa@webkit.org

Build fix after r171361.

  • public/js/helper-classes.js:

(.this.formattedBuildTime):

16:06 Changeset [171495] by fpizlo@apple.com

[ftlopt] Phantoms in SSA form should be aggressively hoisted
https://bugs.webkit.org/show_bug.cgi?id=135111

Reviewed by Oliver Hunt.

In CPS form, Phantom means three things: (1) that the children should be kept alive so long
as they are relevant to OSR (due to a MovHint), (2) that the children are live-in-bytecode
at the point of the Phantom, and (3) that some checks should be performed. In SSA, the
second meaning is not used but the other two stay.

The fact that a Phantom that is used to keep a node alive could be anywhere in the graph,
even in a totally different basic block, complicates some SSA transformations. It's not
possible to just jettison some successor, since tha successor could have a Phantom that we
care about.

This change rationalizes how Phantoms work so that:

1) Phantoms keep children alive so long as those children are relevant to OSR. This is true

in both CPS and SSA. This was true before and it's true now.


2) Phantoms are used for live-in-bytecode only in CPS. This was true before and it's true

now, except that now we also don't bother preserving the live-in-bytecode information
that Phantoms convey, when we are in SSA.


3) Phantoms may incidentally have checks, but in cases where we only want checks, we now

use Check instead of Phantom. Notably, DCE phase has dead nodes decay to Check, not
Phantom.


The biggest part of this change is that in SSA, we canonicalize Phantoms:

  • All Phantoms are replaced with Check nodes that include only those edges that have checks.


  • Nodes that were the children of any Phantoms have a Phantom right after them.


For example, the following code:

5: ArithAdd(@1, @2)
6: ArithSub(@5, @3)
7: Phantom(Int32:@5)


would be turned into the following:

5: ArithAdd(@1, @2)
8: Phantom(@5) @5 was the child of a Phantom, so we create a new Phantom right after

@5. This is the only Phantom we will have for @5.

6: ArithSub(@5, @3)
7: Check(Int32:@5) We replace the Phantom with a Check; in this case since Int32: is

a checking edge, we leave it.


This is a slight speed-up across the board, presumably because we now do a better job of
reducing the size of the graph during compilation. It could also be a fluke, though. The
main purpose of this is to unlock some other work (like CFG simplification in SSA). It will
become a requirement to run phantom canonicalization prior to some SSA phases. None of the
current phases need it, but future phases probably will.

  • CMakeLists.txt:
  • JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

  • dfg/DFGConstantFoldingPhase.cpp:

(JSC::DFG::ConstantFoldingPhase::foldConstants):

  • dfg/DFGDCEPhase.cpp:

(JSC::DFG::DCEPhase::run):
(JSC::DFG::DCEPhase::findTypeCheckRoot):
(JSC::DFG::DCEPhase::countEdge):
(JSC::DFG::DCEPhase::fixupBlock):
(JSC::DFG::DCEPhase::eliminateIrrelevantPhantomChildren):

  • dfg/DFGEdge.cpp:

(JSC::DFG::Edge::dump):

  • dfg/DFGEdge.h:

(JSC::DFG::Edge::isProved):
(JSC::DFG::Edge::needsCheck): Deleted.

  • dfg/DFGNodeFlags.h:
  • dfg/DFGPhantomCanonicalizationPhase.cpp: Added.

(JSC::DFG::PhantomCanonicalizationPhase::PhantomCanonicalizationPhase):
(JSC::DFG::PhantomCanonicalizationPhase::run):
(JSC::DFG::performPhantomCanonicalization):

  • dfg/DFGPhantomCanonicalizationPhase.h: Added.
  • dfg/DFGPhantomRemovalPhase.cpp:

(JSC::DFG::PhantomRemovalPhase::run):

  • dfg/DFGPhantomRemovalPhase.h:
  • dfg/DFGPlan.cpp:

(JSC::DFG::Plan::compileInThreadImpl):

  • ftl/FTLLowerDFGToLLVM.cpp:

(JSC::FTL::LowerDFGToLLVM::lowJSValue):
(JSC::FTL::LowerDFGToLLVM::speculateObjectOrOther):

15:55 Changeset [171494] by zalan@apple.com

Subpixel rendering: Cleanup RenderLayerCompositor::deviceScaleFactor()
https://bugs.webkit.org/show_bug.cgi?id=135208

Reviewed by Simon Fraser.

Use m_renderView.document() to retrieve device scale factor value. m_renderView.document()
is always available while this->page() is not.

No change in behavior.

  • rendering/RenderLayerBacking.cpp:

(WebCore::RenderLayerBacking::updateTransform):
(WebCore::RenderLayerBacking::computeTransformOriginForPainting):

  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::deviceScaleFactor):

15:03 Changeset [171493] by oliver@apple.com

Add a pseudo target to create sandbox override roots
https://bugs.webkit.org/show_bug.cgi?id=135216
<rdar://17785560>

Reviewed by Alexey Proskuryakov.

Just a duplicate of the standard ios sandbox target, targetting
the profile overrides directory. This means we can make roots
that "Just Work".

  • WebKit2.xcodeproj/project.pbxproj:
14:56 Changeset [171492] by commit-queue@webkit.org

[WinCairo] Gstreamer rendering is not working.
https://bugs.webkit.org/show_bug.cgi?id=135201

Patch by peavo@outlook.com <peavo@outlook.com> on 2014-07-23
Reviewed by Alex Christensen.

WinCairo does not support accelerated rendering yet.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:

(WebCore::MediaPlayerPrivateGStreamerBase::supportsAcceleratedRendering):

14:51 Changeset [171491] by lforschler@apple.com

Merged r171490. <rdar://problem/17739108>

14:43 Changeset [171490] by oliver@apple.com

Incorrect commit for sandbox profile
https://bugs.webkit.org/show_bug.cgi?id=135214
<rdar://17739108>

Reviewed by Anders Carlsson.

  • Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
14:16 Changeset [171489] by burg@cs.washington.edu

Web Inspector: InspectorBackend's promise-based agent API does not support multiple return values
https://bugs.webkit.org/show_bug.cgi?id=135207

Reviewed by Joseph Pecoraro.

Source/WebInspectorUI:
The promise wrapper implementation assumed that the protocol callback supplies a single 'payload'
return value, but InspectorBackend will actually unpack multiple return values as multiple
callback arguments. Set a special flag so it will not try to apply multiple return values.

It would read better if multiple return values could be spread to the resolve callback, but
multiple argument support are not required by the Promises specification, so we won't use them.

  • UserInterface/Controllers/ReplayManager.js: Fix uses of promise return values.

(WebInspector.ReplayManager):

  • UserInterface/Models/ReplaySession.js:
  • UserInterface/Models/ReplaySessionSegment.js:

(WebInspector.ReplaySessionSegment):

  • UserInterface/Protocol/InspectorBackend.js:

(InspectorBackend.Command.prototype.promise):

LayoutTests:

  • http/tests/inspector/replay/replay-test.js: fix uses of promise API return values.
13:59 Changeset [171488] by commit-queue@webkit.org

Unreviewed, rolling out r171455.
https://bugs.webkit.org/show_bug.cgi?id=135209

completely broke selection highlight invalidation (Requested
by thorton on #webkit).

Reverted changeset:

"REGRESSION (r169105): Crash in selection"
https://bugs.webkit.org/show_bug.cgi?id=134303
http://trac.webkit.org/changeset/171455

13:34 Changeset [171487] by joepeck@webkit.org

Unreviewed iOS build fix after r171355.

  • TestWebKitAPI/Configurations/Base.xcconfig:

Since all the Tests/WebKit2Cocoa tests are already explicitly skipped on iOS,
simplify to skipping all the tests in the directory. PlatformUtilities are not
building on iOS, which means we are missing necessary Util functions.

13:19 Changeset [171486] by achristensen@apple.com

Compile window-inactive and fullscreen pseudoclasses in css selectors.
https://bugs.webkit.org/show_bug.cgi?id=135200

Reviewed by Benjamin Poulain.

  • css/SelectorChecker.cpp:

(WebCore::SelectorChecker::checkOne):
Removed the check of context.hasSelectionPseudo for a window-inactive pseudoclass.
Moved logic to SelectorCheckerTestFunctions.h to share with the selector compiler.

  • css/SelectorCheckerTestFunctions.h:

(WebCore::isWindowInactive):
(WebCore::matchesFullScreenAnimatingFullScreenTransitionPseudoClass):
(WebCore::matchesFullScreenAncestorPseudoClass):
(WebCore::matchesFullScreenDocumentPseudoClass):
Added from SelectorChecker.cpp.

  • cssjit/SelectorCompiler.cpp:

(WebCore::SelectorCompiler::addPseudoClassType):
Added unoptimized pseudoclass cases for window-inactive and fullscreen pseudoclasses.
Explicitly listed uncompiled pseudoclasses for future work instead of using a default.

13:18 Changeset [171485] by mitz@apple.com

<rdar://problem/17782623> [iOS] Client-certificate authentication isn’t working with some certificates
https://bugs.webkit.org/show_bug.cgi?id=135206

Reviewed by Anders Carlsson.

  • Shared/cf/ArgumentCodersCF.cpp:

(IPC::copyPersistentRef): Added this helper function. It differs from
SecKeyCopyPersistentRef in that if multiple copies of the key exist in the keychain, it
ensures that we get a reference to the copy that is in the keychain access group that the
Networking process can use.
(IPC::encode): Use copyPersistentRef.

12:49 Changeset [171484] by lforschler@apple.com

Merged r171474. <rdar://problem/17041912>

11:39 Changeset [171483] by bfulgham@apple.com

Build fix after r171482.

Rubberstamped by Joe Pecoraro.

  • runtime/Identifier.h: Make header declarations match

implementation file.

11:18 Changeset [171482] by bfulgham@apple.com

../JavaScriptCore: [Win] Use NO_RETURN_DUE_TO_CRASH on Windows
https://bugs.webkit.org/show_bug.cgi?id=135199

Reviewed by Mark Lam.

  • jsc.cpp:

(WTF::RuntimeArray::deleteProperty): Stop using ugly
compiler work-around on Windows; use NO_RETURN_DUE_TO_CRASH
codepath instead.

  • runtime/Identifier.h: Add NO_RETURN_DUE_TO_CRASH

to header so function declaration matches implementation.

../WebCore: [Win] Use NO_RETURN_DUE_TO_CRASH on Windows.
https://bugs.webkit.org/show_bug.cgi?id=13519

Reviewed by Mark Lam.

  • svg/SVGZoomAndPan.h: Add NO_RETURN_DUE_TO_CRASH to

header so function declarations match implementation.

../WTF: [Win] Use NO_RETURN_DUE_TO_CRASH on Windows.
https://bugs.webkit.org/show_bug.cgi?id=13519

Reviewed by Mark Lam.

  • wtf/Assertions.h: Add MSVC to list of compilers supporting this macro.
  • wtf/FastMalloc.cpp: Correct function declaration for NO_RETURN_DUE_TO_CRASH.
10:57 Changeset [171481] by commit-queue@webkit.org

JSDOMWindowShell leaks on pages with media elements
https://bugs.webkit.org/show_bug.cgi?id=135178

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2014-07-23
Reviewed by Oliver Hunt.

The DOMWindowWorld for HTMLMediaElements with MEDIA_CONTROLS_SCRIPT
was not getting cleared and removed.

  • bindings/js/ScriptController.cpp:

(WebCore::ScriptController::clearWindowShell):
Iterate over a copy of the values. A sweep / garbage collection caused by
any JSC allocation during iteration could trigger a mutation of the m_windowShells
table that was being iterating. So instead iterate a list that won't mutate.

  • html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::~HTMLMediaElement):
If we had an isolated world, release as much memory as possible.

10:56 Changeset [171480] by bjonesbe@adobe.com

Ensure we compute the min and max height of replaced elements to 'none' or 0 when appropriate.
https://bugs.webkit.org/show_bug.cgi?id=135181

Reviewed by David Hyatt.

Source/WebCore:
If a replaced element has a percentage min or max height specified then that height value should
compute to 'none' for max-height and 0 for min-height when its containing block
does not have a height 'specified explicitly'.

This is based on a Blink patch by Robert Hogan.

Tests: css2.1/20110323/max-height-percentage-003.html

fast/replaced/max-height-percentage-quirks.html
fast/replaced/min-height-percentage-quirks.html
fast/replaced/min-height-percentage.html

  • rendering/RenderBox.cpp:

(WebCore::RenderBox::logicalHeightComputesAsNone):
(WebCore::RenderBox::computeReplacedLogicalHeightRespectingMinMaxHeight):

  • rendering/RenderBox.h:

LayoutTests:

  • css2.1/20110323/max-height-percentage-003-expected.html: Added.
  • css2.1/20110323/max-height-percentage-003.html: Added.
  • fast/replaced/max-height-percentage-quirks-expected.html: Added.
  • fast/replaced/max-height-percentage-quirks.html: Added.
  • fast/replaced/min-height-percentage-expected.html: Added.
  • fast/replaced/min-height-percentage-quirks-expected.html: Added.
  • fast/replaced/min-height-percentage-quirks.html: Added.
  • fast/replaced/min-height-percentage.html: Added.
10:35 Changeset [171479] by bjonesbe@adobe.com

Remove CSS_EXCLUSIONS compile flag and leftover code
https://bugs.webkit.org/show_bug.cgi?id=135175

Reviewed by Zoltan Horvath.

At this point, the CSS_EXCLUSIONS flag guards nothing but some useless
stubs. This removes the flag and the useless code.

.:

  • Source/cmake/WebKitFeatures.cmake:
  • Source/cmakeconfig.h.cmake:

Source/JavaScriptCore:

  • Configurations/FeatureDefines.xcconfig:

Source/WebCore:
No new tests, just removing code.

  • Configurations/FeatureDefines.xcconfig:
  • bindings/generic/RuntimeEnabledFeatures.cpp:

(WebCore::RuntimeEnabledFeatures::RuntimeEnabledFeatures):

  • bindings/generic/RuntimeEnabledFeatures.h:

(WebCore::RuntimeEnabledFeatures::setCSSExclusionsEnabled): Deleted.
(WebCore::RuntimeEnabledFeatures::cssExclusionsEnabled): Deleted.

  • testing/InternalSettings.cpp:

(WebCore::InternalSettings::Backup::Backup):
(WebCore::InternalSettings::Backup::restoreTo):
(WebCore::InternalSettings::setCSSExclusionsEnabled): Deleted.

  • testing/InternalSettings.h:
  • testing/InternalSettings.idl:

Source/WebKit/mac:

  • Configurations/FeatureDefines.xcconfig:

Source/WebKit2:

  • Configurations/FeatureDefines.xcconfig:

WebKitLibraries:

  • win/tools/vsprops/FeatureDefines.props:
  • win/tools/vsprops/FeatureDefinesCairo.props:
09:20 Changeset [171478] by jer.noble@apple.com

[MSE][Mac] Support abort() in SourceBufferPrivateAVFObjC.
https://bugs.webkit.org/show_bug.cgi?id=135163

Reviewed by Brent Fulgham.

Recreate the parser when asked to abort().

  • platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:

(WebCore::SourceBufferPrivateAVFObjC::abort):

07:57 Changeset [171477] by mmaxfield@apple.com

Migrate accessibility/ to using nullptr instead of 0
https://bugs.webkit.org/show_bug.cgi?id=135185

Reviewed by Simon Fraser.

No new tests because there is no behavior change.

  • accessibility/AXObjectCache.cpp:

(WebCore::AXObjectCache::focusedImageMapUIElement):
(WebCore::AXObjectCache::focusedUIElementForPage):
(WebCore::AXObjectCache::get):
(WebCore::AXObjectCache::getOrCreate):
(WebCore::AXObjectCache::rootObject):
(WebCore::AXObjectCache::rootObjectForFrame):

  • accessibility/AXObjectCache.h:

(WebCore::AXObjectCache::focusedUIElementForPage):
(WebCore::AXObjectCache::get):
(WebCore::AXObjectCache::getOrCreate):
(WebCore::AXObjectCache::rootObject):
(WebCore::AXObjectCache::rootObjectForFrame):
(WebCore::AXObjectCache::rootAXEditableElement):

  • accessibility/AccessibilityARIAGridRow.cpp:

(WebCore::AccessibilityARIAGridRow::disclosedByRow):

  • accessibility/AccessibilityImageMapLink.cpp:

(WebCore::AccessibilityImageMapLink::AccessibilityImageMapLink):
(WebCore::AccessibilityImageMapLink::parentObject):

  • accessibility/AccessibilityListBox.cpp:

(WebCore::AccessibilityListBox::listBoxOptionAccessibilityObject):
(WebCore::AccessibilityListBox::elementAccessibilityHitTest):

  • accessibility/AccessibilityListBoxOption.cpp:

(WebCore::AccessibilityListBoxOption::AccessibilityListBoxOption):
(WebCore::AccessibilityListBoxOption::parentObject):
(WebCore::AccessibilityListBoxOption::listBoxOptionParentNode):

  • accessibility/AccessibilityMenuListPopup.cpp:

(WebCore::AccessibilityMenuListPopup::menuListOptionAccessibilityObject):

  • accessibility/AccessibilityMockObject.cpp:

(WebCore::AccessibilityMockObject::AccessibilityMockObject):

  • accessibility/AccessibilityMockObject.h:
  • accessibility/AccessibilityNodeObject.cpp:

(WebCore::AccessibilityNodeObject::detach):
(WebCore::AccessibilityNodeObject::firstChild):
(WebCore::AccessibilityNodeObject::lastChild):
(WebCore::AccessibilityNodeObject::previousSibling):
(WebCore::AccessibilityNodeObject::nextSibling):
(WebCore::AccessibilityNodeObject::parentObject):
(WebCore::AccessibilityNodeObject::document):
(WebCore::AccessibilityNodeObject::anchorElement):
(WebCore::nativeActionElement):
(WebCore::AccessibilityNodeObject::actionElement):
(WebCore::AccessibilityNodeObject::mouseButtonListener):
(WebCore::AccessibilityNodeObject::labelForElement):
(WebCore::AccessibilityNodeObject::menuItemElementForMenu):
(WebCore::AccessibilityNodeObject::menuButtonForMenu):

  • accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::AccessibilityObject):
(WebCore::AccessibilityObject::detach):
(WebCore::AccessibilityObject::firstAccessibleObjectFromNode):
(WebCore::AccessibilityObject::findMatchingObjects):
(WebCore::renderListItemContainerForNode):
(WebCore::AccessibilityObject::accessibilityObjectForPosition):
(WebCore::AccessibilityObject::document):
(WebCore::AccessibilityObject::page):
(WebCore::AccessibilityObject::documentFrameView):
(WebCore::AccessibilityObject::anchorElementForNode):
(WebCore::AccessibilityObject::headingElementForNode):
(WebCore::AccessibilityObject::firstAnonymousBlockChild):
(WebCore::AccessibilityObject::element):
(WebCore::AccessibilityObject::focusedUIElement):
(WebCore::AccessibilityObject::scrollToMakeVisibleWithSubFocus):

  • accessibility/AccessibilityObject.h:

(WebCore::AccessibilityObject::node):
(WebCore::AccessibilityObject::renderer):
(WebCore::AccessibilityObject::selectedRadioButton):
(WebCore::AccessibilityObject::selectedTabItem):
(WebCore::AccessibilityObject::accessibilityHitTest):
(WebCore::AccessibilityObject::firstChild):
(WebCore::AccessibilityObject::lastChild):
(WebCore::AccessibilityObject::previousSibling):
(WebCore::AccessibilityObject::nextSibling):
(WebCore::AccessibilityObject::parentObjectIfExists):
(WebCore::AccessibilityObject::observableObject):
(WebCore::AccessibilityObject::titleUIElement):
(WebCore::AccessibilityObject::correspondingLabelForControlElement):
(WebCore::AccessibilityObject::correspondingControlForLabelElement):
(WebCore::AccessibilityObject::scrollBar):
(WebCore::AccessibilityObject::anchorElement):
(WebCore::AccessibilityObject::actionElement):
(WebCore::AccessibilityObject::widget):
(WebCore::AccessibilityObject::widgetForAttachmentView):
(WebCore::AccessibilityObject::activeDescendant):
(WebCore::AccessibilityObject::mathRadicandObject):
(WebCore::AccessibilityObject::mathRootIndexObject):
(WebCore::AccessibilityObject::mathUnderObject):
(WebCore::AccessibilityObject::mathOverObject):
(WebCore::AccessibilityObject::mathNumeratorObject):
(WebCore::AccessibilityObject::mathDenominatorObject):
(WebCore::AccessibilityObject::mathBaseObject):
(WebCore::AccessibilityObject::mathSubscriptObject):
(WebCore::AccessibilityObject::mathSuperscriptObject):
(WebCore::AccessibilityObject::getScrollableAreaIfScrollable):

  • accessibility/AccessibilityProgressIndicator.cpp:

(WebCore::AccessibilityProgressIndicator::progressElement):
(WebCore::AccessibilityProgressIndicator::meterElement):

  • accessibility/AccessibilityRenderObject.cpp:

(WebCore::AccessibilityRenderObject::detach):
(WebCore::AccessibilityRenderObject::renderBoxModelObject):
(WebCore::AccessibilityRenderObject::firstChild):
(WebCore::AccessibilityRenderObject::lastChild):
(WebCore::startOfContinuations):
(WebCore::childBeforeConsideringContinuations):
(WebCore::AccessibilityRenderObject::previousSibling):
(WebCore::AccessibilityRenderObject::nextSibling):
(WebCore::nextContinuation):
(WebCore::AccessibilityRenderObject::renderParentObject):
(WebCore::AccessibilityRenderObject::parentObject):
(WebCore::AccessibilityRenderObject::anchorElement):
(WebCore::AccessibilityRenderObject::textUnderElement):
(WebCore::AccessibilityRenderObject::node):
(WebCore::AccessibilityRenderObject::labelElementContainer):
(WebCore::AccessibilityRenderObject::internalLinkElement):
(WebCore::AccessibilityRenderObject::titleUIElement):
(WebCore::AccessibilityRenderObject::setFocused):
(WebCore::AccessibilityRenderObject::topRenderer):
(WebCore::AccessibilityRenderObject::document):
(WebCore::AccessibilityRenderObject::widget):
(WebCore::AccessibilityRenderObject::accessibilityParentForImageMap):
(WebCore::AccessibilityRenderObject::documentFrameView):
(WebCore::AccessibilityRenderObject::widgetForAttachmentView):
(WebCore::AccessibilityRenderObject::rootEditableElementForPosition):
(WebCore::AccessibilityRenderObject::visiblePositionForPoint):
(WebCore::AccessibilityRenderObject::accessibilityImageMapHitTest):
(WebCore::AccessibilityRenderObject::remoteSVGElementHitTest):
(WebCore::AccessibilityRenderObject::accessibilityHitTest):
(WebCore::AccessibilityRenderObject::correspondingControlForLabelElement):
(WebCore::AccessibilityRenderObject::correspondingLabelForControlElement):
(WebCore::AccessibilityRenderObject::observableObject):
(WebCore::AccessibilityRenderObject::inheritsPresentationalRole):
(WebCore::AccessibilityRenderObject::detachRemoteSVGRoot):
(WebCore::AccessibilityRenderObject::addHiddenChildren):
(WebCore::AccessibilityRenderObject::setAccessibleName):
(WebCore::AccessibilityRenderObject::getScrollableAreaIfScrollable):
(WebCore::AccessibilityRenderObject::mathRadicandObject):
(WebCore::AccessibilityRenderObject::mathRootIndexObject):
(WebCore::AccessibilityRenderObject::mathNumeratorObject):
(WebCore::AccessibilityRenderObject::mathDenominatorObject):
(WebCore::AccessibilityRenderObject::mathUnderObject):
(WebCore::AccessibilityRenderObject::mathOverObject):
(WebCore::AccessibilityRenderObject::mathBaseObject):
(WebCore::AccessibilityRenderObject::mathSubscriptObject):
(WebCore::AccessibilityRenderObject::mathSuperscriptObject):

  • accessibility/AccessibilitySVGRoot.cpp:

(WebCore::AccessibilitySVGRoot::AccessibilitySVGRoot):

  • accessibility/AccessibilityScrollView.cpp:

(WebCore::AccessibilityScrollView::detach):
(WebCore::AccessibilityScrollView::scrollBar):
(WebCore::AccessibilityScrollView::updateScrollbars):
(WebCore::AccessibilityScrollView::addChildScrollbar):
(WebCore::AccessibilityScrollView::clearChildren):
(WebCore::AccessibilityScrollView::webAreaObject):
(WebCore::AccessibilityScrollView::accessibilityHitTest):
(WebCore::AccessibilityScrollView::documentFrameView):
(WebCore::AccessibilityScrollView::parentObject):
(WebCore::AccessibilityScrollView::parentObjectIfExists):

  • accessibility/AccessibilityScrollbar.cpp:

(WebCore::AccessibilityScrollbar::document):

  • accessibility/AccessibilitySpinButton.cpp:

(WebCore::AccessibilitySpinButton::AccessibilitySpinButton):

  • accessibility/AccessibilityTable.cpp:

(WebCore::AccessibilityTable::AccessibilityTable):
(WebCore::AccessibilityTable::clearChildren):
(WebCore::AccessibilityTable::cellForColumnAndRow):

  • accessibility/AccessibilityTableCell.cpp:

(WebCore::AccessibilityTableCell::parentTable):
(WebCore::AccessibilityTableCell::titleUIElement):

  • accessibility/AccessibilityTableColumn.cpp:

(WebCore::AccessibilityTableColumn::headerObject):
(WebCore::AccessibilityTableColumn::headerObjectForSection):

  • accessibility/AccessibilityTableRow.cpp:

(WebCore::AccessibilityTableRow::parentTable):
(WebCore::AccessibilityTableRow::headerObject):

  • accessibility/ios/AXObjectCacheIOS.mm:

(WebCore::AXObjectCache::detachWrapper):

  • accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:

(-[WebAccessibilityObjectWrapper detach]):
(-[WebAccessibilityObjectWrapper tableCellParent]):
(-[WebAccessibilityObjectWrapper tableParent]):
(-[WebAccessibilityObjectWrapper convertPointToScreenSpace:]):
(-[WebAccessibilityObjectWrapper convertRectToScreenSpace:]):
(rendererForView):
(-[WebAccessibilityObjectWrapper _convertToDOMRange:]):

  • accessibility/mac/AXObjectCacheMac.mm:

(WebCore::AXObjectCache::detachWrapper):

  • accessibility/mac/AccessibilityObjectMac.mm:

(WebCore::AccessibilityObject::detachFromParent):
(WebCore::AccessibilityObject::accessibilityIgnoreAttachment):

  • accessibility/mac/WebAccessibilityObjectWrapperBase.mm:

(-[WebAccessibilityObjectWrapperBase detach]):

  • accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(CreateCGColorIfDifferent):
(-[WebAccessibilityObjectWrapper convertPointToScreenSpace:]):
(rendererForView):
(-[WebAccessibilityObjectWrapper accessibilityAttributeValue:forParameter:]):

  • accessibility/win/AccessibilityObjectWrapperWin.h:

(WebCore::AccessibilityObjectWrapper::AccessibilityObjectWrapper):

05:12 Changeset [171476] by mihnea@adobe.com

ASSERTION FAILED: generatingElement() in WebCore::RenderNamedFlowFragment::regionOversetState
https://bugs.webkit.org/show_bug.cgi?id=135153

Reviewed by David Hyatt.

Source/WebCore:
Even though the CSSRegions spec defines the behaviour of a multicolumn region,
we currently do not support this functionality. This patch ensures that a multicolumn
element does not become a region. In the future, when we will implement the multicolumn
as region functionality, http://dev.w3.org/csswg/css-regions/#multi-column-regions, we
will remove this restriction.

Test: fast/regions/multicol-as-region-prevented.html

  • rendering/RenderBlockFlow.cpp:

(WebCore::RenderBlockFlow::createRenderNamedFlowFragmentIfNeeded):

LayoutTests:

  • fast/regions/multicol-as-region-prevented-expected.html: Added.
  • fast/regions/multicol-as-region-prevented.html: Added.
04:30 Changeset [171475] by zandobersek@gmail.com

[CMake] Avoid building WebCore with ANGLE's OpenGL/EGL headers
https://bugs.webkit.org/show_bug.cgi?id=135167

Reviewed by Martin Robinson.

  • CMakeLists.txt: Don't add ANGLE/include to the WebCore_INCLUDE_DIRECTORIES list

as this results in ANGLE's OpenGL and EGL headers being included, instead of the
headers that are provided by the system. Only the ANGLESupport library should be built
with that specific header inclusion path.

03:31 Changeset [171474] by commit-queue@webkit.org

Unreviewed, rolling out r171367.
https://bugs.webkit.org/show_bug.cgi?id=135192

broke three API tests (Requested by thorton on #webkit).

Reverted changeset:

"JSLock release should only modify the AtomicStringTable if it
modified in acquire"
https://bugs.webkit.org/show_bug.cgi?id=135143
http://trac.webkit.org/changeset/171367

03:27 Changeset [171473] by lforschler@apple.com

Versioning.

03:25 Changeset [171472] by lforschler@apple.com

New Tag.

03:24 Changeset [171471] by timothy_horton@apple.com

REGRESSION (r171239): Much more time spent taking snapshots during the PLT
https://bugs.webkit.org/show_bug.cgi?id=135177
<rdar://problem/17764847>

Reviewed by Dan Bernstein.

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::willChangeCurrentHistoryItemForMainFrame):
(WebKit::WebPageProxy::willChangeCurrentHistoryItem): Deleted.

  • UIProcess/WebPageProxy.h:
  • UIProcess/WebPageProxy.messages.in:
  • WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:

(WebKit::WebFrameLoaderClient::willChangeCurrentHistoryItem):

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::willChangeCurrentHistoryItemForMainFrame):
(WebKit::WebPage::willChangeCurrentHistoryItem): Deleted.

  • WebProcess/WebPage/WebPage.h:

Rename WillChangeCurrentHistoryItem to WillChangeCurrentHistoryItemForMainFrame.
Only send it when the current history item for the main frame changes.

02:59 Changeset [171470] by m.pakula@samsung.com

[EFL] Fix build after r171454
https://bugs.webkit.org/show_bug.cgi?id=135191

Reviewed by Csaba Osztrogonác.

  • MiniBrowser/efl/CMakeLists.txt: Add path to new EWebKit2.h location .
01:47 Changeset [171469] by lforschler@apple.com

Merged r171384. <rdar://problem/17739108>

01:44 Changeset [171468] by lforschler@apple.com

Merged r171403. <rdar://problem/16721055>

01:42 Changeset [171467] by lforschler@apple.com

Merged r171370. <rdar://problem/16721055>

01:36 Changeset [171466] by lforschler@apple.com

Merged r171368. <rdar://problem/17740149>

01:32 Changeset [171465] by lforschler@apple.com

Merged r171367. <rdar://problem/17041912>

01:29 Changeset [171464] by lforschler@apple.com

Merged r171363. <rdar://problem/17755931>

01:26 Changeset [171463] by lforschler@apple.com

Merged r171373. <rdar://problem/17654369>

01:23 Changeset [171462] by lforschler@apple.com

Merged r171356. <rdar://problem/17654369>

01:20 Changeset [171461] by lforschler@apple.com

Merged r171355. <rdar://problem/17735912>

01:10 Changeset [171460] by lforschler@apple.com

Merged r171354. <rdar://problem/17763909>

01:07 Changeset [171459] by lforschler@apple.com

Merged r171353. <rdar://problem/17770227>

01:03 Changeset [171458] by lforschler@apple.com

Merged r171352. <rdar://problem/17754921>

00:58 Changeset [171457] by lforschler@apple.com

Merged r171347. <rdar://problem/16826229>

00:54 Changeset [171456] by lforschler@apple.com

Merged r171345. <rdar://problem/17001716>

00:52 Changeset [171455] by abucur@adobe.com

REGRESSION (r169105): Crash in selection
https://bugs.webkit.org/show_bug.cgi?id=134303

Reviewed by David Hyatt.

Source/WebCore:

When splitting the selection between different subtrees, all subtrees must have their selection cleared before
starting to apply the new selection. Otherwise, when selecting objects in a named flow thread and going up
its containing block chain, we can end up in the view's selection root, which has not yet been updated and so
we get inconsistent data.

To achieve this goal, the selection update was split into a "clear" and an "apply" method. The updateSelectionForSubtrees
method first iterates through all subtrees and performs the "clear" method and then starts all over again
and performs the "apply" method.

Also, the selectionStart/End members in RenderView have been renamed to fix problems caused by the fact that
RenderView inherits SelectionSubtreeRoot, which also has the same selectionStart/End members.

Test: fast/regions/selection/crash-deselect.html

  • WebCore.xcodeproj/project.pbxproj:
  • rendering/RenderBlock.cpp:

(WebCore::RenderBlock::isSelectionRoot):

  • rendering/RenderSelectionInfo.h:
  • rendering/RenderView.cpp:

(WebCore::RenderView::RenderView):
(WebCore::RenderView::setSelection): Renamed m_selectionStart/End to m_unsplitSelectionStart/End
(WebCore::RenderView::splitSelectionBetweenSubtrees):
(WebCore::RenderView::updateSelectionForSubtrees): Added, clears and re-applies selection for all selection subtrees.
(WebCore::RenderView::clearSubtreeSelection): Added, clears selection and returns previously selected information.
(WebCore::RenderView::applySubtreeSelection): Added, updates the selection status of all objects inside the selection tree, compares old and new data and repaints accordingly.
(WebCore::RenderView::getSelection): Renamed m_selectionStart/End to m_unsplitSelectionStart/End
(WebCore::RenderView::setSubtreeSelection): Deleted.

  • rendering/RenderView.h:
  • rendering/SelectionSubtreeRoot.cpp:

(WebCore::SelectionSubtreeRoot::SelectionSubtreeRoot):

  • rendering/SelectionSubtreeRoot.h:

(WebCore::SelectionSubtreeRoot::OldSelectionData::OldSelectionData):

LayoutTests:

Added test for the crash that occurred in some cases when selecting.

  • fast/regions/selection/crash-deselect-expected.txt: Added.
  • fast/regions/selection/crash-deselect.html: Added.
00:21 Changeset [171454] by ryuan.choi@samsung.com

[EFL] EWebKit2.h should contain version information
https://bugs.webkit.org/show_bug.cgi?id=135189

Reviewed by Gyuyoung Kim.

Generate EWebKit2.h to contain the version information.

  • PlatformEfl.cmake:
  • UIProcess/API/efl/EWebKit2.h.in: Renamed from Source/WebKit2/UIProcess/API/efl/EWebKit2.h.
00:19 Changeset [171453] by ryuan.choi@samsung.com

[EFL] Do not generate forwarding header for ewk headers
https://bugs.webkit.org/show_bug.cgi?id=135147

Reviewed by Gyuyoung Kim.

Source/WebKit2:
Only EWebKit2.h and ewk_text_checker.h are generated as forwarding header.
This is unnecessary.

  • UIProcess/API/efl/tests/UnitTestUtils/EWK2UnitTestBase.h:
  • UIProcess/API/efl/tests/test_ewk2_application_cache_manager.cpp:
  • UIProcess/API/efl/tests/test_ewk2_context_menu.cpp:
  • UIProcess/API/efl/tests/test_ewk2_window_features.cpp:
  • UIProcess/efl/TextCheckerClientEfl.h:

Tools:

  • WebKitTestRunner/EventSenderProxy.h:
00:16 Changeset [171452] by dburkart@apple.com

Merge r171338

00:14 Changeset [171451] by dburkart@apple.com

Merge r171336

00:12 Changeset [171450] by dburkart@apple.com

Merge r171332

00:10 Changeset [171449] by dburkart@apple.com

Merge r171329

00:08 Changeset [171448] by dburkart@apple.com

Merge r171326

00:08 Changeset [171447] by llango.u-szeged@partner.samsung.com

[EFL] Build fix after the [ftlopt] branch merge.

Reviewed by Csaba Osztrogonác.

  • dfg/DFGBranchDirection.h:

(JSC::DFG::branchDirectionToString):

  • dfg/DFGStructureClobberState.h:

(JSC::DFG::merge):

00:06 Changeset [171446] by dburkart@apple.com

Merge r171322

00:03 Changeset [171445] by dburkart@apple.com

Merge r171321

07/22/14:

23:59 Changeset [171444] by dburkart@apple.com

Merge r171320

23:56 Changeset [171443] by dburkart@apple.com

Merge r171317

23:54 Changeset [171442] by dburkart@apple.com

Merge r171316

23:51 Changeset [171441] by dburkart@apple.com

Merge r171314

23:49 Changeset [171440] by dburkart@apple.com

Merge r171312

23:46 Changeset [171439] by dburkart@apple.com

Merge r171308

23:43 Changeset [171438] by dburkart@apple.com

Merge r171306

23:39 Changeset [171437] by dburkart@apple.com

Merge r171305

23:37 Changeset [171436] by dburkart@apple.com

Merge r171303

23:35 Changeset [171435] by dburkart@apple.com

Merge r171299

23:33 Changeset [171434] by dburkart@apple.com

Merge r171289

23:31 Changeset [171433] by dburkart@apple.com

Merge r171288

23:29 Changeset [171432] by dburkart@apple.com

Merge r171287

23:27 Changeset [171431] by dburkart@apple.com

Merge r171286

23:24 Changeset [171430] by dburkart@apple.com

Merge r171284

23:24 Changeset [171429] by fpizlo@apple.com

This test is slow so we shouldn't run it in the slower variants (like ftl-eager/dfg-eager).

  • js/regress/script-tests/getter-richards.js:
23:22 Changeset [171428] by dburkart@apple.com

Merge r171283

23:20 Changeset [171427] by dburkart@apple.com

Merge r171280

23:18 Changeset [171426] by dburkart@apple.com

Merge r171257

23:16 Changeset [171425] by dburkart@apple.com

Merge r171256

23:14 Changeset [171424] by dburkart@apple.com

Merge r171253

23:12 Changeset [171423] by dburkart@apple.com

Merge r171252

23:09 Changeset [171422] by dburkart@apple.com

Merge r171250

23:05 Changeset [171421] by dburkart@apple.com

Merged r171246

23:02 Changeset [171420] by commit-queue@webkit.org

Unreviewed, rolling out r171366.
https://bugs.webkit.org/show_bug.cgi?id=135190

Broke three API tests (Requested by ap on #webkit).

Reverted changeset:

"REGRESSION (r171239): Much more time spent taking snapshots
during the PLT"
https://bugs.webkit.org/show_bug.cgi?id=135177
http://trac.webkit.org/changeset/171366

23:02 Changeset [171419] by dburkart@apple.com

Merge r171239

22:59 Changeset [171418] by dburkart@apple.com

Merge r171228

22:56 Changeset [171417] by dburkart@apple.com

Merge r171227

22:53 Changeset [171416] by dburkart@apple.com

Merge r171225

22:52 Changeset [171415] by dburkart@apple.com

Merge r171219

22:50 Changeset [171414] by dburkart@apple.com

Merge r171217

22:48 Changeset [171413] by dburkart@apple.com

Merge r171216

22:46 Changeset [171412] by dburkart@apple.com

Merge r171215

22:44 Changeset [171411] by dburkart@apple.com

Merge r171213

22:41 Changeset [171410] by dburkart@apple.com

Merge r171211

22:39 Changeset [171409] by dburkart@apple.com

Merge r171167

22:33 Changeset [171408] by dburkart@apple.com

Merge r171210

22:31 Changeset [171407] by dburkart@apple.com

Merge r171197

22:28 Changeset [171406] by dburkart@apple.com

Merge r171204

22:27 Changeset [171405] by dburkart@apple.com

Merge r171195

22:18 Changeset [171404] by bfulgham@apple.com

[Win] Build fix for bot.

  • platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:

(WebCore::createLegibleOutputSubtypes): Declare 'wvtt' locally, rather
than relying on potentially unavailable declaration.

22:16 Changeset [171403] by bfulgham@apple.com

[Win] Build fix after r171370.

  • WebCoreSupport/WebEditorClient.h: Add override

for new 'overflowScrollPositionChanged'.

22:15 Changeset [171402] by dburkart@apple.com

Merge r171194

22:13 Changeset [171401] by dburkart@apple.com

Merge r171191

22:11 Changeset [171400] by dburkart@apple.com

Merge r171190

22:09 Changeset [171399] by dburkart@apple.com

Merge r171199

22:07 Changeset [171398] by dburkart@apple.com

Merge r171188

22:05 Changeset [171397] by dburkart@apple.com

Merge r171184

21:58 Changeset [171396] by dburkart@apple.com

Merge r171365

21:58 Changeset [171395] by bfulgham@apple.com

Build fix for non-clang compile.

  • jsc.cpp:

(WTF::RuntimeArray::put): Remove incorrect return statement
I added.

21:54 Changeset [171394] by dburkart@apple.com

Merge r171376

21:53 Changeset [171393] by bfulgham@apple.com

Build fix for non-clang compile.

  • jsc.cpp:

(WTF::RuntimeArray::deleteProperty): Need (fake) return
value when NO_RETURN_DUE_TO_CRASH is not defined.

21:40 Changeset [171392] by bfulgham@apple.com

[Win] Build fix for Windows bots

  • platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp: Provide missing

structure definition when needed by bot.

21:33 Changeset [171391] by fpizlo@apple.com

Merge r169628 from ftlopt.

2014-06-04 Matthew Mirman <mmirman@apple.com>


Added system for inlining native functions via the FTL.
https://bugs.webkit.org/show_bug.cgi?id=131515


Reviewed by Filip Pizlo.


Also fixed the build to not compress the bitcode and to
include all of the relevant runtime. With GCC_GENERATE_DEBUGGING_SYMBOLS = NO,
the produced bitcode files are a 100th the size they were before.
Now we can include all of the relevant runtime files with only a 3mb overhead.
This is the same overhead as for two compressed files before,
but done more efficiently (on both ends) and with less code.


Deciding whether to inline native functions is left up to LLVM.
The entire module containing the function is linked into the current
compiled JS so that inlining the native functions shouldn't make them smaller.


Rather than loading Runtime.symtbl at runtime FTLState.cpp now generates a file
InlineRuntimeSymbolTable.h which statically builds the symbol table hash table.


  • JavaScriptCore.xcodeproj/project.pbxproj: Added back runtime files to compile.
  • build-symbol-table-index.py: Changed bitcode suffix. Added inclusion of only tested symbols. Added output to InlineRuntimeSymbolTable.h.
  • build-symbol-table-index.sh: Changed bitcode suffix.
  • copy-llvm-ir-to-derived-sources.sh: Removed gzip compression.
  • tested-symbols.symlst: Added.
  • dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::handleCall): Now sets the knownFunction of the call node if such a function exists and emits a check that during runtime the callee is in fact known.
  • dfg/DFGNode.h: Added functions to set the known function of a call node. (JSC::DFG::Node::canBeKnownFunction): Added. (JSC::DFG::Node::hasKnownFunction): Added. (JSC::DFG::Node::knownFunction): Added. (JSC::DFG::Node::giveKnownFunction): Added.
  • ftl/FTLAbbreviatedTypes.h: Added a typedef for LLVMMemoryBufferRef
  • ftl/FTLAbbreviations.h: Added some abbreviations.
  • ftl/FTLLowerDFGToLLVM.cpp: (JSC::FTL::LowerDFGToLLVM::isInlinableSize): Added. Hardcoded threshold to 275. (JSC::FTL::LowerDFGToLLVM::getModuleByPathForSymbol): Added. (JSC::FTL::LowerDFGToLLVM::getFunctionBySymbol): Added. (JSC::FTL::LowerDFGToLLVM::possiblyCompileInlineableNativeCall): Added. (JSC::FTL::LowerDFGToLLVM::compileCallOrConstruct): Added call to possiblyCompileInlineableNativeCall
  • ftl/FTLOutput.h: (JSC::FTL::Output::allocaName): Added. Useful for debugging.
  • ftl/FTLState.cpp: (JSC::FTL::State::State): Added an include for InlineRuntimeSymbolTable.h
  • ftl/FTLState.h: Added symbol table hash table.
  • ftl/FTLCompile.cpp: (JSC::FTL::compile): Added inlining and dead function elimination passes.
  • heap/HandleStack.h: Added JS_EXPORT_PRIVATE to a few functions to get inlining to compile.
  • llvm/InitializeLLVMMac.mm: Deleted.
  • llvm/InitializeLLVMMac.cpp: Added.
  • llvm/LLVMAPIFunctions.h: Added macros to include Bitcode parsing and linking functions.
  • llvm/LLVMHeaders.h: Added includes for Bitcode parsing and linking.
  • runtime/BundlePath.h: Added.
  • runtime/BundlePath.mm: Added.
  • runtime/DateInstance.h: Added JS_EXPORT_PRIVATE to a few functions to get inlining to compile.
  • runtime/DateInstance.h: ditto.
  • runtime/DateConversion.h: ditto.
  • runtime/ExceptionHelpers.h: ditto.
  • runtime/JSCJSValue.h: ditto.
  • runtime/JSArray.h: ditto.
  • runtime/JSDateMath.h: ditto.
  • runtime/JSObject.h: ditto.
  • runtime/JSObject.h: ditto.
  • runtime/RegExp.h: ditto.
  • runtime/Structure.h: ditto.
  • runtime/Options.h: Added maximumLLVMInstructionCountForNativeInlining.
21:18 Changeset [171390] by mark.lam@apple.com

Array.concat() should work on runtime arrays too.
<https://webkit.org/b/135179>

Reviewed by Geoffrey Garen.

  • jsc.cpp:

(WTF::RuntimeArray::create):
(WTF::RuntimeArray::~RuntimeArray):
(WTF::RuntimeArray::destroy):
(WTF::RuntimeArray::getOwnPropertySlot):
(WTF::RuntimeArray::getOwnPropertySlotByIndex):
(WTF::RuntimeArray::put):
(WTF::RuntimeArray::deleteProperty):
(WTF::RuntimeArray::getLength):
(WTF::RuntimeArray::createPrototype):
(WTF::RuntimeArray::createStructure):
(WTF::RuntimeArray::finishCreation):
(WTF::RuntimeArray::RuntimeArray):
(WTF::RuntimeArray::lengthGetter):
(GlobalObject::finishCreation):
(functionCreateRuntimeArray):

  • Added support to create a runtime array for testing purpose.
  • runtime/ArrayPrototype.cpp:

(JSC::getLength):

  • Added fast case for when the array object is a JSArray.

(JSC::arrayProtoFuncJoin):

  • Added a needed but missing exception check.

(JSC::arrayProtoFuncConcat):

  • Use getLength() to compute the array length instead of assuming that the array is a JSArray instance.
  • tests/stress/regexp-matches-array.js: Added.

(testArrayConcat):

  • tests/stress/runtime-array.js: Added.

(testArrayConcat):

21:04 Changeset [171389] by fpizlo@apple.com

[ftlopt] Get rid of structure checks as a way of checking if a function is in fact a function
https://bugs.webkit.org/show_bug.cgi?id=135146

Reviewed by Oliver Hunt.

This greatly simplifies our closure call optimizations by taking advantage of the type
bits available in the cell header.

  • bytecode/CallLinkInfo.cpp:

(JSC::CallLinkInfo::visitWeak):

  • bytecode/CallLinkStatus.cpp:

(JSC::CallLinkStatus::CallLinkStatus):
(JSC::CallLinkStatus::computeFor):
(JSC::CallLinkStatus::dump):

  • bytecode/CallLinkStatus.h:

(JSC::CallLinkStatus::CallLinkStatus):
(JSC::CallLinkStatus::executable):
(JSC::CallLinkStatus::structure): Deleted.

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::emitFunctionChecks):

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):
(JSC::DFG::FixupPhase::observeUseKindOnNode):

  • dfg/DFGSafeToExecute.h:

(JSC::DFG::SafeToExecuteEdge::operator()):

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::checkArray):
(JSC::DFG::SpeculativeJIT::speculateCellTypeWithoutTypeFiltering):
(JSC::DFG::SpeculativeJIT::speculateCellType):
(JSC::DFG::SpeculativeJIT::speculateFunction):
(JSC::DFG::SpeculativeJIT::speculateFinalObject):
(JSC::DFG::SpeculativeJIT::speculate):

  • dfg/DFGSpeculativeJIT.h:
  • dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • dfg/DFGUseKind.cpp:

(WTF::printInternal):

  • dfg/DFGUseKind.h:

(JSC::DFG::typeFilterFor):
(JSC::DFG::isCell):

  • ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

  • ftl/FTLLowerDFGToLLVM.cpp:

(JSC::FTL::LowerDFGToLLVM::compileCheckExecutable):
(JSC::FTL::LowerDFGToLLVM::speculate):
(JSC::FTL::LowerDFGToLLVM::isFunction):
(JSC::FTL::LowerDFGToLLVM::isNotFunction):
(JSC::FTL::LowerDFGToLLVM::speculateFunction):

  • jit/ClosureCallStubRoutine.cpp:

(JSC::ClosureCallStubRoutine::ClosureCallStubRoutine):
(JSC::ClosureCallStubRoutine::markRequiredObjectsInternal):

  • jit/ClosureCallStubRoutine.h:

(JSC::ClosureCallStubRoutine::structure): Deleted.

  • jit/JIT.h:

(JSC::JIT::compileClosureCall): Deleted.

  • jit/JITCall.cpp:

(JSC::JIT::privateCompileClosureCall): Deleted.

  • jit/JITCall32_64.cpp:

(JSC::JIT::privateCompileClosureCall): Deleted.

  • jit/JITOperations.cpp:
  • jit/Repatch.cpp:

(JSC::linkClosureCall):

  • jit/Repatch.h:
20:52 Changeset [171388] by bfulgham@apple.com

[Win] Build fix for EWS bots.

  • platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp: Forward declare

structure definition.

20:39 Changeset [171387] by bfulgham@apple.com

Fix Windows (return a value!)

  • jsc.cpp:

(functionQuit): Satisfy compiler's need for
a return value.

20:29 Changeset [171386] by bfulgham@apple.com

Fix Windows (sleep -> Sleep)

  • jsc.cpp:

(WTF::jscExit):

20:19 Changeset [171385] by bfulgham@apple.com

[Win] Fix Crash when handling Legible Output callbacks
https://bugs.webkit.org/show_bug.cgi?id=134946

Reviewed by Dean Jackson.

Relanding after adding fixes to support build bots.

  • platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:

(WebCore::InbandTextTrackPrivateAVF::processNativeSamples): Remove
Windows-specific 'ASSERT_NOT_REACHED' code path.

  • platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:

(WebCore::createLegibleOutputSubtypes): Added.
(WebCore::AVFWrapper::createPlayerItem): Updated to request native
samples from AVFoundationCF.

19:37 Changeset [171384] by oliver@apple.com

Reduce the size of the root WebContent sandbox profile
https://bugs.webkit.org/show_bug.cgi?id=135182
<rdar://problem/17739108>

Reviewed by Alexey Proskuryakov.

Switch from apple-ui-app to uikit-app as the root of the webcontent
profile.

  • Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
19:19 Changeset [171383] by mmaxfield@apple.com

Copying and pasting trivial H2 content causes a crash in firstPositionInNode
https://bugs.webkit.org/show_bug.cgi?id=134897

Reviewed by Ryosuke Niwa.

Source/WebCore:
ReplaceSelectionCommand::makeInsertedContentRoundTrippableWithHTMLTreeBuilder() attempts
to move pasted headings out of existed headings, with out regard to if the existing
heading is the contenteditable root.

Test: editing/pasteboard/heading-crash.html

  • editing/ReplaceSelectionCommand.cpp:

(WebCore::ReplaceSelectionCommand::makeInsertedContentRoundTrippableWithHTMLTreeBuilder):

LayoutTests:
Copy and paste text from one heading to another. Make sure there is no crash.

  • editing/pasteboard/heading-crash-expected.txt: Added.
  • editing/pasteboard/heading-crash.html: Added.
19:19 Changeset [171382] by fpizlo@apple.com

Fix Windows.

  • jsc.cpp:

(WTF::jscExit):

18:43 Changeset [171381] by fpizlo@apple.com

Fix 32-bit.

  • dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

18:19 Changeset [171380] by fpizlo@apple.com

Merge r169148, r169185, r169188, r169578, r169582, r169584, r169588, r169753 from ftlopt.

Source/JavaScriptCore:

Note that r169753 is merged out of order because it fixes a bug in r169588.

2014-06-10 Filip Pizlo <fpizlo@apple.com>


[ftlopt] Structure::dfgShouldWatchIfPossible() is unsound
https://bugs.webkit.org/show_bug.cgi?id=133624


Reviewed by Mark Hahnenberg.


  • runtime/Structure.h: (JSC::Structure::dfgShouldWatchIfPossible): Make it sound and add some verbiage.


2014-06-04 Filip Pizlo <fpizlo@apple.com>


[ftlopt] AI should be able track structure sets larger than 1
https://bugs.webkit.org/show_bug.cgi?id=128073


Reviewed by Oliver Hunt.


This makes two major changes to how AI (abstract interpreter) proves that a value has
some structure:


  • StructureAbstractValue can now track an arbitrary number of structures. A set whose size is greater than one means that the value may have any of the structures, and we don't know which - but we do know that it cannot be any structure not in the set. The structure abstract value can still be TOP, which means the set of all structures. We artificially limit the set size to StructureAbstractValue::polymorphismLimit to guard memory explosion on pathological programs. This limit is big enough that it wouldn't kick in for normal code, since we have other heuristics that limit the number of structures that we would allow an inline cache to know about.


  • We eagerly set watchpoints on all watchable structures and then we assume that watchable structures are being watched, and that the watchpoint will jettison the code. This allows tracking of watchable structures to be far simpler than before. Previously, a structure being tracked as "future possible" was predicated on it being watchable but we might not actually watch it. This makes algebra over sets of future possible structures quite weird. But watching all watchable structures means that we simple say that a structure set can be in the following states: unclobbered, which means it's just a set of structures and it doesn't matter what is watchable or what isn't because we've proven that the value must have one of these structures right now; and clobbered, which means that we have a set of structures, plus all possible structures temporarily, with invalidation removing the "plus all possible structures". Clobbering a set means that if any of its structures are unwatchable, the set just becomes TOP; but if all structures in the set are watchable then we just set the clobbered bit to add the "plus all possible structures temporarily" thing. This precisely tracks the exact meaning of watchability and invalidation points.


Slight SunSpider slow-down, neutral on Octane, slight AsmBench speed-up. I believe that
we will ultimately undo the SunSpider slow-down by making further improvements to the set
representation. I believe that Octane perfromance will ultimately improve once we remove
remaining singleton special-cases. The ultimate goal of this is to remove the need to
try quite so desperately hard to make everything monomorphic as we do currently.


  • CMakeLists.txt:
  • JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • bytecode/StructureSet.cpp: (JSC::StructureSet::clear): (JSC::StructureSet::remove): (JSC::StructureSet::filter): (JSC::StructureSet::copyFromOutOfLine): (JSC::StructureSet::StructureSet): Deleted. (JSC::StructureSet::operator=): Deleted. (JSC::StructureSet::copyFrom): Deleted.
  • bytecode/StructureSet.h: (JSC::StructureSet::StructureSet): (JSC::StructureSet::operator=): (JSC::StructureSet::isEmpty): (JSC::StructureSet::genericFilter): (JSC::StructureSet::ContainsOutOfLine::ContainsOutOfLine): (JSC::StructureSet::ContainsOutOfLine::operator()): (JSC::StructureSet::copyFrom): (JSC::StructureSet::deleteStructureListIfNecessary): (JSC::StructureSet::setEmpty): (JSC::StructureSet::getReservedFlag): (JSC::StructureSet::setReservedFlag):
  • dfg/DFGAbstractInterpreter.h: (JSC::DFG::AbstractInterpreter::setBuiltInConstant):
  • dfg/DFGAbstractInterpreterInlines.h: (JSC::DFG::AbstractInterpreter<AbstractStateType>::booleanResult): (JSC::DFG::AbstractInterpreter<AbstractStateType>::verifyEdge): (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects): (JSC::DFG::AbstractInterpreter<AbstractStateType>::clobberCapturedVars): (JSC::DFG::AbstractInterpreter<AbstractStateType>::forAllValues): (JSC::DFG::AbstractInterpreter<AbstractStateType>::clobberStructures): (JSC::DFG::AbstractInterpreter<AbstractStateType>::observeTransition): (JSC::DFG::AbstractInterpreter<AbstractStateType>::observeTransitions): (JSC::DFG::AbstractInterpreter<AbstractStateType>::setDidClobber): (JSC::DFG::AbstractInterpreter<AbstractStateType>::dump):
  • dfg/DFGAbstractValue.cpp: (JSC::DFG::AbstractValue::observeTransitions): (JSC::DFG::AbstractValue::setMostSpecific): (JSC::DFG::AbstractValue::set): (JSC::DFG::AbstractValue::filter): (JSC::DFG::AbstractValue::shouldBeClear): (JSC::DFG::AbstractValue::normalizeClarity): (JSC::DFG::AbstractValue::checkConsistency): (JSC::DFG::AbstractValue::assertIsWatched): (JSC::DFG::AbstractValue::dumpInContext): (JSC::DFG::AbstractValue::setFuturePossibleStructure): Deleted.
  • dfg/DFGAbstractValue.h: (JSC::DFG::AbstractValue::clear): (JSC::DFG::AbstractValue::clobberStructures): (JSC::DFG::AbstractValue::clobberStructuresFor): (JSC::DFG::AbstractValue::observeInvalidationPoint): (JSC::DFG::AbstractValue::observeInvalidationPointFor): (JSC::DFG::AbstractValue::observeTransition): (JSC::DFG::AbstractValue::TransitionObserver::TransitionObserver): (JSC::DFG::AbstractValue::TransitionObserver::operator()): (JSC::DFG::AbstractValue::TransitionsObserver::TransitionsObserver): (JSC::DFG::AbstractValue::TransitionsObserver::operator()): (JSC::DFG::AbstractValue::isHeapTop): (JSC::DFG::AbstractValue::setType): (JSC::DFG::AbstractValue::operator==): (JSC::DFG::AbstractValue::merge): (JSC::DFG::AbstractValue::validate): (JSC::DFG::AbstractValue::hasClobberableState): (JSC::DFG::AbstractValue::assertIsWatched): (JSC::DFG::AbstractValue::observeIndexingTypeTransition): (JSC::DFG::AbstractValue::makeTop): (JSC::DFG::AbstractValue::bestProvenStructure): Deleted.
  • dfg/DFGAllocator.h:
  • dfg/DFGArgumentsSimplificationPhase.cpp: (JSC::DFG::ArgumentsSimplificationPhase::run):
  • dfg/DFGArrayMode.cpp: (JSC::DFG::ArrayMode::alreadyChecked):
  • dfg/DFGAtTailAbstractState.h: (JSC::DFG::AtTailAbstractState::structureClobberState): (JSC::DFG::AtTailAbstractState::setStructureClobberState): (JSC::DFG::AtTailAbstractState::setFoundConstants): (JSC::DFG::AtTailAbstractState::haveStructures): Deleted. (JSC::DFG::AtTailAbstractState::setHaveStructures): Deleted.
  • dfg/DFGBasicBlock.cpp: (JSC::DFG::BasicBlock::BasicBlock):
  • dfg/DFGBasicBlock.h:
  • dfg/DFGBranchDirection.h: (JSC::DFG::branchDirectionToString): (WTF::printInternal):
  • dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::handlePutById):
  • dfg/DFGCFAPhase.cpp: (JSC::DFG::CFAPhase::performBlockCFA):
  • dfg/DFGCSEPhase.cpp: (JSC::DFG::CSEPhase::checkStructureElimination): (JSC::DFG::CSEPhase::structureTransitionWatchpointElimination): (JSC::DFG::CSEPhase::performNodeCSE):
  • dfg/DFGClobberize.h: (JSC::DFG::clobberize):
  • dfg/DFGCommon.cpp: (JSC::DFG::startCrashing): (JSC::DFG::isCrashing):
  • dfg/DFGCommon.h:
  • dfg/DFGCommonData.cpp: (JSC::DFG::CommonData::notifyCompilingStructureTransition):
  • dfg/DFGConstantFoldingPhase.cpp: (JSC::DFG::ConstantFoldingPhase::foldConstants): (JSC::DFG::ConstantFoldingPhase::emitGetByOffset): (JSC::DFG::ConstantFoldingPhase::emitPutByOffset): (JSC::DFG::ConstantFoldingPhase::addStructureTransitionCheck):
  • dfg/DFGDesiredWatchpoints.cpp: (JSC::DFG::DesiredWatchpoints::consider): (JSC::DFG::DesiredWatchpoints::addLazily): Deleted.
  • dfg/DFGDesiredWatchpoints.h: (JSC::DFG::GenericDesiredWatchpoints::reallyAdd): (JSC::DFG::GenericDesiredWatchpoints::areStillValid): (JSC::DFG::GenericDesiredWatchpoints::isWatched): (JSC::DFG::DesiredWatchpoints::isWatched): (JSC::DFG::WatchpointForGenericWatchpointSet::WatchpointForGenericWatchpointSet): Deleted. (JSC::DFG::GenericDesiredWatchpoints::addLazily): Deleted. (JSC::DFG::GenericDesiredWatchpoints::isStillValid): Deleted. (JSC::DFG::GenericDesiredWatchpoints::shouldAssumeMixedState): Deleted. (JSC::DFG::GenericDesiredWatchpoints::isValidOrMixed): Deleted. (JSC::DFG::DesiredWatchpoints::isStillValid): Deleted. (JSC::DFG::DesiredWatchpoints::shouldAssumeMixedState): Deleted. (JSC::DFG::DesiredWatchpoints::isValidOrMixed): Deleted.
  • dfg/DFGDoesGC.cpp: (JSC::DFG::doesGC):
  • dfg/DFGFixupPhase.cpp: (JSC::DFG::FixupPhase::fixupNode): (JSC::DFG::FixupPhase::canOptimizeStringObjectAccess): (JSC::DFG::FixupPhase::injectTypeConversionsForEdge):
  • dfg/DFGGraph.cpp: (JSC::DFG::Graph::~Graph): (JSC::DFG::Graph::dump): (JSC::DFG::Graph::dumpBlockHeader): (JSC::DFG::Graph::tryGetFoldableView): (JSC::DFG::Graph::visitChildren): (JSC::DFG::Graph::assertIsWatched): (JSC::DFG::Graph::handleAssertionFailure):
  • dfg/DFGGraph.h: (JSC::DFG::Graph::convertToConstant): (JSC::DFG::Graph::masqueradesAsUndefinedWatchpointIsStillValid): (JSC::DFG::Graph::addStructureTransitionData): Deleted.
  • dfg/DFGInPlaceAbstractState.cpp: (JSC::DFG::InPlaceAbstractState::beginBasicBlock): (JSC::DFG::InPlaceAbstractState::initialize): (JSC::DFG::InPlaceAbstractState::endBasicBlock): (JSC::DFG::InPlaceAbstractState::reset): (JSC::DFG::InPlaceAbstractState::merge):
  • dfg/DFGInPlaceAbstractState.h: (JSC::DFG::InPlaceAbstractState::structureClobberState): (JSC::DFG::InPlaceAbstractState::setStructureClobberState): (JSC::DFG::InPlaceAbstractState::setFoundConstants): (JSC::DFG::InPlaceAbstractState::haveStructures): Deleted. (JSC::DFG::InPlaceAbstractState::setHaveStructures): Deleted.
  • dfg/DFGLivenessAnalysisPhase.cpp: (JSC::DFG::LivenessAnalysisPhase::run):
  • dfg/DFGNode.h: (JSC::DFG::Node::hasTransition): (JSC::DFG::Node::transition): (JSC::DFG::Node::hasStructure): (JSC::DFG::StructureTransitionData::StructureTransitionData): Deleted. (JSC::DFG::Node::convertToStructureTransitionWatchpoint): Deleted. (JSC::DFG::Node::hasStructureTransitionData): Deleted. (JSC::DFG::Node::structureTransitionData): Deleted.
  • dfg/DFGNodeType.h:
  • dfg/DFGPlan.cpp: (JSC::DFG::Plan::compileInThreadImpl):
  • dfg/DFGPredictionPropagationPhase.cpp: (JSC::DFG::PredictionPropagationPhase::propagate):
  • dfg/DFGSafeToExecute.h: (JSC::DFG::safeToExecute):
  • dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::compileAllocatePropertyStorage): (JSC::DFG::SpeculativeJIT::compileReallocatePropertyStorage):
  • dfg/DFGSpeculativeJIT.h: (JSC::DFG::SpeculativeJIT::speculateStringObjectForStructure):
  • dfg/DFGSpeculativeJIT32_64.cpp: (JSC::DFG::SpeculativeJIT::compile):
  • dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::compile):
  • dfg/DFGStructureAbstractValue.cpp: Added. (JSC::DFG::StructureAbstractValue::assertIsWatched): (JSC::DFG::StructureAbstractValue::clobber): (JSC::DFG::StructureAbstractValue::observeTransition): (JSC::DFG::StructureAbstractValue::observeTransitions): (JSC::DFG::StructureAbstractValue::add): (JSC::DFG::StructureAbstractValue::merge): (JSC::DFG::StructureAbstractValue::mergeSlow): (JSC::DFG::StructureAbstractValue::mergeNotTop): (JSC::DFG::StructureAbstractValue::filter): (JSC::DFG::StructureAbstractValue::filterSlow): (JSC::DFG::StructureAbstractValue::contains): (JSC::DFG::StructureAbstractValue::isSubsetOf): (JSC::DFG::StructureAbstractValue::isSupersetOf): (JSC::DFG::StructureAbstractValue::overlaps): (JSC::DFG::StructureAbstractValue::equalsSlow): (JSC::DFG::StructureAbstractValue::dumpInContext): (JSC::DFG::StructureAbstractValue::dump):
  • dfg/DFGStructureAbstractValue.h: (JSC::DFG::StructureAbstractValue::StructureAbstractValue): (JSC::DFG::StructureAbstractValue::operator=): (JSC::DFG::StructureAbstractValue::clear): (JSC::DFG::StructureAbstractValue::makeTop): (JSC::DFG::StructureAbstractValue::assertIsWatched): (JSC::DFG::StructureAbstractValue::observeInvalidationPoint): (JSC::DFG::StructureAbstractValue::top): (JSC::DFG::StructureAbstractValue::isClear): (JSC::DFG::StructureAbstractValue::isTop): (JSC::DFG::StructureAbstractValue::isNeitherClearNorTop): (JSC::DFG::StructureAbstractValue::isClobbered): (JSC::DFG::StructureAbstractValue::merge): (JSC::DFG::StructureAbstractValue::filter): (JSC::DFG::StructureAbstractValue::operator==): (JSC::DFG::StructureAbstractValue::size): (JSC::DFG::StructureAbstractValue::at): (JSC::DFG::StructureAbstractValue::operator[]): (JSC::DFG::StructureAbstractValue::onlyStructure): (JSC::DFG::StructureAbstractValue::isSupersetOf): (JSC::DFG::StructureAbstractValue::makeTopWhenThin): (JSC::DFG::StructureAbstractValue::setClobbered): (JSC::DFG::StructureAbstractValue::add): Deleted. (JSC::DFG::StructureAbstractValue::addAll): Deleted. (JSC::DFG::StructureAbstractValue::contains): Deleted. (JSC::DFG::StructureAbstractValue::isSubsetOf): Deleted. (JSC::DFG::StructureAbstractValue::doesNotContainAnyOtherThan): Deleted. (JSC::DFG::StructureAbstractValue::isClearOrTop): Deleted. (JSC::DFG::StructureAbstractValue::last): Deleted. (JSC::DFG::StructureAbstractValue::speculationFromStructures): Deleted. (JSC::DFG::StructureAbstractValue::isValidOffset): Deleted. (JSC::DFG::StructureAbstractValue::hasSingleton): Deleted. (JSC::DFG::StructureAbstractValue::singleton): Deleted. (JSC::DFG::StructureAbstractValue::dumpInContext): Deleted. (JSC::DFG::StructureAbstractValue::dump): Deleted. (JSC::DFG::StructureAbstractValue::topValue): Deleted.
  • dfg/DFGStructureClobberState.h: Added. (JSC::DFG::merge): (WTF::printInternal):
  • dfg/DFGTransition.cpp: Added. (JSC::DFG::Transition::dumpInContext): (JSC::DFG::Transition::dump):
  • dfg/DFGTransition.h: Added. (JSC::DFG::Transition::Transition):
  • dfg/DFGTypeCheckHoistingPhase.cpp: (JSC::DFG::TypeCheckHoistingPhase::identifyRedundantStructureChecks): (JSC::DFG::TypeCheckHoistingPhase::identifyRedundantArrayChecks):
  • dfg/DFGWatchableStructureWatchingPhase.cpp: Added. (JSC::DFG::WatchableStructureWatchingPhase::WatchableStructureWatchingPhase): (JSC::DFG::WatchableStructureWatchingPhase::run): (JSC::DFG::WatchableStructureWatchingPhase::tryWatch): (JSC::DFG::performWatchableStructureWatching):
  • dfg/DFGWatchableStructureWatchingPhase.h: Added.
  • dfg/DFGWatchpointCollectionPhase.cpp: (JSC::DFG::WatchpointCollectionPhase::handle): (JSC::DFG::WatchpointCollectionPhase::handleEdge): Deleted.
  • ftl/FTLCapabilities.cpp: (JSC::FTL::canCompile):
  • ftl/FTLIntrinsicRepository.h:
  • ftl/FTLLowerDFGToLLVM.cpp: (JSC::FTL::ftlUnreachable): (JSC::FTL::LowerDFGToLLVM::createPhiVariables): (JSC::FTL::LowerDFGToLLVM::compileBlock): (JSC::FTL::LowerDFGToLLVM::compileNode): (JSC::FTL::LowerDFGToLLVM::compileUpsilon): (JSC::FTL::LowerDFGToLLVM::compilePhi): (JSC::FTL::LowerDFGToLLVM::compileDoubleRep): (JSC::FTL::LowerDFGToLLVM::compileValueRep): (JSC::FTL::LowerDFGToLLVM::compileValueToInt32): (JSC::FTL::LowerDFGToLLVM::compileGetArgument): (JSC::FTL::LowerDFGToLLVM::compileGetLocal): (JSC::FTL::LowerDFGToLLVM::compileSetLocal): (JSC::FTL::LowerDFGToLLVM::compileArithAddOrSub): (JSC::FTL::LowerDFGToLLVM::compileArithMul): (JSC::FTL::LowerDFGToLLVM::compileArithDiv): (JSC::FTL::LowerDFGToLLVM::compileArithMod): (JSC::FTL::LowerDFGToLLVM::compileArithMinOrMax): (JSC::FTL::LowerDFGToLLVM::compileArithAbs): (JSC::FTL::LowerDFGToLLVM::compileArithNegate): (JSC::FTL::LowerDFGToLLVM::compileArrayifyToStructure): (JSC::FTL::LowerDFGToLLVM::compilePutStructure): (JSC::FTL::LowerDFGToLLVM::compileGetById): (JSC::FTL::LowerDFGToLLVM::compileGetMyArgumentsLength): (JSC::FTL::LowerDFGToLLVM::compileGetMyArgumentByVal): (JSC::FTL::LowerDFGToLLVM::compileGetArrayLength): (JSC::FTL::LowerDFGToLLVM::compileGetByVal): (JSC::FTL::LowerDFGToLLVM::compilePutByVal): (JSC::FTL::LowerDFGToLLVM::compileArrayPush): (JSC::FTL::LowerDFGToLLVM::compileArrayPop): (JSC::FTL::LowerDFGToLLVM::compileNewArray): (JSC::FTL::LowerDFGToLLVM::compileNewArrayBuffer): (JSC::FTL::LowerDFGToLLVM::compileAllocatePropertyStorage): (JSC::FTL::LowerDFGToLLVM::compileReallocatePropertyStorage): (JSC::FTL::LowerDFGToLLVM::compileToString): (JSC::FTL::LowerDFGToLLVM::compileMakeRope): (JSC::FTL::LowerDFGToLLVM::compileMultiGetByOffset): (JSC::FTL::LowerDFGToLLVM::compileMultiPutByOffset): (JSC::FTL::LowerDFGToLLVM::compileCompareEq): (JSC::FTL::LowerDFGToLLVM::compileCompareStrictEq): (JSC::FTL::LowerDFGToLLVM::compileSwitch): (JSC::FTL::LowerDFGToLLVM::compare): (JSC::FTL::LowerDFGToLLVM::boolify): (JSC::FTL::LowerDFGToLLVM::terminate): (JSC::FTL::LowerDFGToLLVM::lowInt32): (JSC::FTL::LowerDFGToLLVM::lowInt52): (JSC::FTL::LowerDFGToLLVM::opposite): (JSC::FTL::LowerDFGToLLVM::lowCell): (JSC::FTL::LowerDFGToLLVM::lowBoolean): (JSC::FTL::LowerDFGToLLVM::lowDouble): (JSC::FTL::LowerDFGToLLVM::lowJSValue): (JSC::FTL::LowerDFGToLLVM::speculate): (JSC::FTL::LowerDFGToLLVM::isArrayType): (JSC::FTL::LowerDFGToLLVM::speculateStringObjectForStructureID): (JSC::FTL::LowerDFGToLLVM::callCheck): (JSC::FTL::LowerDFGToLLVM::buildExitArguments): (JSC::FTL::LowerDFGToLLVM::addExitArgumentForNode): (JSC::FTL::LowerDFGToLLVM::setInt52): (JSC::FTL::LowerDFGToLLVM::crash): (JSC::FTL::LowerDFGToLLVM::compileStructureTransitionWatchpoint): Deleted.
  • ftl/FTLOutput.cpp: (JSC::FTL::Output::crashNonTerminal): Deleted.
  • ftl/FTLOutput.h: (JSC::FTL::Output::crash): Deleted.
  • jit/JITOperations.h:
  • jsc.cpp: (WTF::jscExit): (functionQuit): (main): (printUsageStatement): (CommandLine::parseArguments):
  • runtime/Structure.h: (JSC::Structure::dfgShouldWatchIfPossible): (JSC::Structure::dfgShouldWatch):
  • tests/stress/arrayify-to-structure-contradiction.js: Added. (foo):
  • tests/stress/ftl-getmyargumentslength-inline.js: Added. (foo):
  • tests/stress/multi-put-by-offset-multiple-transitions.js: Added. (foo): (Foo):
  • tests/stress/throw-from-ftl-in-loop.js: Added.
  • tests/stress/throw-from-ftl.js: Added. (foo):


2014-06-03 Filip Pizlo <fpizlo@apple.com>


[ftlopt] Unreviewed, roll out r169578. The build system needs some more love.


  • InlineRuntimeSymbolTable.h: Removed.
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • build-symbol-table-index.py:
  • build-symbol-table-index.sh:
  • copy-llvm-ir-to-derived-sources.sh:
  • dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::handleCall):
  • dfg/DFGNode.h: (JSC::DFG::Node::canBeKnownFunction): Deleted. (JSC::DFG::Node::hasKnownFunction): Deleted. (JSC::DFG::Node::knownFunction): Deleted. (JSC::DFG::Node::giveKnownFunction): Deleted.
  • ftl/FTLAbbreviatedTypes.h:
  • ftl/FTLCompile.cpp: (JSC::FTL::compile):
  • ftl/FTLLowerDFGToLLVM.cpp: (JSC::FTL::LowerDFGToLLVM::LowerDFGToLLVM): (JSC::FTL::LowerDFGToLLVM::lower): (JSC::FTL::LowerDFGToLLVM::compileCallOrConstruct): (JSC::FTL::LowerDFGToLLVM::possiblyCompileInlineableNativeCall): Deleted. (JSC::FTL::LowerDFGToLLVM::getFunctionBySymbol): Deleted. (JSC::FTL::LowerDFGToLLVM::getModuleByPathForSymbol): Deleted. (JSC::FTL::LowerDFGToLLVM::isInlinableSize): Deleted.
  • ftl/FTLState.cpp: (JSC::FTL::State::State):
  • ftl/FTLState.h:
  • heap/HandleStack.h:
  • llvm/InitializeLLVM.h:
  • llvm/InitializeLLVMMac.cpp: Removed.
  • llvm/InitializeLLVMMac.mm: Added. (JSC::initializeLLVMImpl):
  • llvm/LLVMAPIFunctions.h:
  • llvm/LLVMHeaders.h:
  • runtime/BundlePath.h: Removed.
  • runtime/BundlePath.mm: Removed.
  • runtime/DateConversion.h:
  • runtime/DateInstance.h:
  • runtime/ExceptionHelpers.h:
  • runtime/JSArray.h:
  • runtime/JSCJSValue.h: (JSC::JSValue::toFloat):
  • runtime/JSDateMath.h:
  • runtime/JSObject.h:
  • runtime/JSWrapperObject.h:
  • runtime/Options.h:
  • runtime/RegExp.h:
  • runtime/StringObject.h:
  • runtime/Structure.h:
  • tested-symbols.symlst: Removed.


2014-06-03 Filip Pizlo <fpizlo@apple.com>


[ftlopt] FTL native inlining tests take far too long
https://bugs.webkit.org/show_bug.cgi?id=133498


Unreviewed test gardening.


Added a new exceptions test since the other one appears to not work.


  • tests/stress/ftl-library-exception.js:
  • tests/stress/ftl-library-inline-gettimezoneoffset.js: Added. (foo):
  • tests/stress/ftl-library-inlining-exceptions-dataview.js: Added. (foo):
  • tests/stress/ftl-library-inlining-exceptions.js: Copied from LayoutTests/js/regress/script-tests/ftl-library-inlining-exceptions.js.
  • tests/stress/ftl-library-inlining-loops.js: Copied from LayoutTests/js/regress/script-tests/ftl-library-inlining-loops.js.
  • tests/stress/ftl-library-inlining-random.js:
  • tests/stress/ftl-library-substring.js:


2014-06-03 Matthew Mirman <mmirman@apple.com>


[ftlopt] Added system for inlining native functions via the FTL.
https://bugs.webkit.org/show_bug.cgi?id=131515


Reviewed by Filip Pizlo.


Also fixed the build to not compress the bitcode and to
include all of the relevant runtime. With GCC_GENERATE_DEBUGGING_SYMBOLS = NO,
the produced bitcode files are a 100th the size they were before.
Now we can include all of the relevant runtime files with only a 3mb overhead.
This is the same overhead as for two compressed files before,
but done more efficiently (on both ends) and with less code.


Deciding whether to inline native functions is left up to LLVM.
The entire module containing the function is linked into the current
compiled JS so that inlining the native functions shouldn't make them smaller.


Rather than loading Runtime.symtbl at runtime FTLState.cpp now includes a file
InlineRuntimeSymbolTable.h which statically builds the symbol table hash table.
Currently build-symbol-table-index.py updates this file from the
contents of tested-symbols.symlst when done building as a matter of convenience.
However, in order to include the new contents of the file in the build
you'd need to build twice. This will be fixed in future versions.


  • JavaScriptCore.xcodeproj/project.pbxproj: Added back runtime files to compile.
  • build-symbol-table-index.py: Changed bitcode suffix. Added inclusion of only tested symbols. Added output to InlineRuntimeSymbolTable.h.
  • build-symbol-table-index.sh: Changed bitcode suffix.
  • copy-llvm-ir-to-derived-sources.sh: Removed gzip compression.
  • tested-symbols.symlst: Added.
  • dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::handleCall): Now sets the knownFunction of the call node if such a function exists and emits a check that during runtime the callee is in fact known.
  • dfg/DFGNode.h: Added functions to set the known function of a call node. (JSC::DFG::Node::canBeKnownFunction): Added. (JSC::DFG::Node::hasKnownFunction): Added. (JSC::DFG::Node::knownFunction): Added. (JSC::DFG::Node::giveKnownFunction): Added.
  • ftl/FTLAbbreviatedTypes.h: Added a typedef for LLVMMemoryBufferRef
  • ftl/FTLLowerDFGToLLVM.cpp: (JSC::FTL::LowerDFGToLLVM::isInlinableSize): Added. Hardcoded threshold to 275. (JSC::FTL::LowerDFGToLLVM::getModuleByPathForSymbol): Added. (JSC::FTL::LowerDFGToLLVM::getFunctionBySymbol): Added. (JSC::FTL::LowerDFGToLLVM::possiblyCompileInlineableNativeCall): Added. (JSC::FTL::LowerDFGToLLVM::compileCallOrConstruct): Added call to possiblyCompileInlineableNativeCall
  • ftl/FTLOutput.h: (JSC::FTL::Output::allocaName): Added. Useful for debugging.
  • ftl/FTLState.cpp: (JSC::FTL::State::State): Added an include for InlineRuntimeSymbolTable.h
  • ftl/FTLState.h: Added symbol table hash table.
  • ftl/FTLCompile.cpp: (JSC::FTL::compile): Added inlining and dead function elimination passes.
  • heap/HandleStack.h: Added JS_EXPORT_PRIVATE to a few functions to get inlining to compile.
  • InlineRuntimeSymbolTable.h: Added.
  • llvm/InitializeLLVMMac.mm: Deleted.
  • llvm/InitializeLLVMMac.cpp: Added.
  • llvm/LLVMAPIFunctions.h: Added macros to include Bitcode parsing and linking functions.
  • llvm/LLVMHeaders.h: Added includes for Bitcode parsing and linking.
  • runtime/BundlePath.h: Added.
  • runtime/BundlePath.mm: Added.
  • runtime/DateInstance.h: Added JS_EXPORT_PRIVATE to a few functions to get inlining to compile.
  • runtime/DateInstance.h: ditto.
  • runtime/DateConversion.h: ditto.
  • runtime/ExceptionHelpers.h: ditto.
  • runtime/JSCJSValue.h: ditto.
  • runtime/JSArray.h: ditto.
  • runtime/JSDateMath.h: ditto.
  • runtime/JSObject.h: ditto.
  • runtime/JSObject.h: ditto.
  • runtime/RegExp.h: ditto.
  • runtime/Structure.h: ditto.
  • runtime/Options.h: Added maximumLLVMInstructionCountForNativeInlining.
  • tests/stress/ftl-library-inlining-random.js: Added.
  • tests/stress/ftl-library-substring.js: Added.


2014-05-21 Filip Pizlo <fpizlo@apple.com>


[ftlopt] DFG::clobberize should be blind to the effects of GC
https://bugs.webkit.org/show_bug.cgi?id=133166


Reviewed by Goeffrey Garen.


Move the computation of where GCs happen to DFG::doesGC().


Large (>5x) speed-up on programs that do loop-invariant string concatenations.


  • CMakeLists.txt:
  • JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • dfg/DFGAbstractHeap.h:
  • dfg/DFGClobberize.h: (JSC::DFG::clobberize): (JSC::DFG::clobberizeForAllocation): Deleted.
  • dfg/DFGDoesGC.cpp: Added. (JSC::DFG::doesGC):
  • dfg/DFGDoesGC.h: Added.
  • dfg/DFGStoreBarrierElisionPhase.cpp: (JSC::DFG::StoreBarrierElisionPhase::handleNode): (JSC::DFG::StoreBarrierElisionPhase::couldCauseGC): Deleted.


2014-05-16 Filip Pizlo <fpizlo@apple.com>


[ftlopt] A StructureSet with one element should only require one word and no allocation
https://bugs.webkit.org/show_bug.cgi?id=133014


Reviewed by Oliver Hunt.


This makes it more efficient to use StructureSet in situations where the common case is
just one structure.


I also took the opportunity to use the same set terminology we use in BitVector: merge,
filter, exclude, contains, etc.


Eventually, this will be used to implement StructureAbstractValue as well.


  • CMakeLists.txt:
  • JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • bytecode/StructureSet.cpp: Added. (JSC::StructureSet::StructureSet): (JSC::StructureSet::operator=): (JSC::StructureSet::clear): (JSC::StructureSet::add): (JSC::StructureSet::remove): (JSC::StructureSet::contains): (JSC::StructureSet::merge): (JSC::StructureSet::filter): (JSC::StructureSet::exclude): (JSC::StructureSet::isSubsetOf): (JSC::StructureSet::overlaps): (JSC::StructureSet::operator==): (JSC::StructureSet::speculationFromStructures): (JSC::StructureSet::arrayModesFromStructures): (JSC::StructureSet::dumpInContext): (JSC::StructureSet::dump): (JSC::StructureSet::addOutOfLine): (JSC::StructureSet::containsOutOfLine): (JSC::StructureSet::copyFrom): (JSC::StructureSet::OutOfLineList::create): (JSC::StructureSet::OutOfLineList::destroy):
  • bytecode/StructureSet.h: (JSC::StructureSet::StructureSet): (JSC::StructureSet::~StructureSet): (JSC::StructureSet::onlyStructure): (JSC::StructureSet::isEmpty): (JSC::StructureSet::size): (JSC::StructureSet::at): (JSC::StructureSet::operator[]): (JSC::StructureSet::last): (JSC::StructureSet::OutOfLineList::list): (JSC::StructureSet::OutOfLineList::OutOfLineList): (JSC::StructureSet::deleteStructureListIfNecessary): (JSC::StructureSet::isThin): (JSC::StructureSet::pointer): (JSC::StructureSet::singleStructure): (JSC::StructureSet::structureList): (JSC::StructureSet::set): (JSC::StructureSet::clear): Deleted. (JSC::StructureSet::add): Deleted. (JSC::StructureSet::addAll): Deleted. (JSC::StructureSet::remove): Deleted. (JSC::StructureSet::contains): Deleted. (JSC::StructureSet::containsOnly): Deleted. (JSC::StructureSet::isSubsetOf): Deleted. (JSC::StructureSet::overlaps): Deleted. (JSC::StructureSet::singletonStructure): Deleted. (JSC::StructureSet::speculationFromStructures): Deleted. (JSC::StructureSet::arrayModesFromStructures): Deleted. (JSC::StructureSet::operator==): Deleted. (JSC::StructureSet::dumpInContext): Deleted. (JSC::StructureSet::dump): Deleted.
  • dfg/DFGAbstractInterpreterInlines.h: (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
  • dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::emitPrototypeChecks): (JSC::DFG::ByteCodeParser::handleGetById): (JSC::DFG::ByteCodeParser::parseBlock):
  • dfg/DFGCSEPhase.cpp: (JSC::DFG::CSEPhase::structureTransitionWatchpointElimination):
  • dfg/DFGNode.h: (JSC::DFG::Node::convertToStructureTransitionWatchpoint):
  • dfg/DFGTypeCheckHoistingPhase.cpp: (JSC::DFG::TypeCheckHoistingPhase::noticeStructureCheck):

Source/WTF:

2014-06-04 Filip Pizlo <fpizlo@apple.com>


[ftlopt] AI should be able track structure sets larger than 1
https://bugs.webkit.org/show_bug.cgi?id=128073


Reviewed by Oliver Hunt.


  • wtf/Bag.h: (WTF::Bag::Node::Node): (WTF::Bag::add):

LayoutTests:

2014-06-04 Filip Pizlo <fpizlo@apple.com>


[ftlopt] AI should be able track structure sets larger than 1
https://bugs.webkit.org/show_bug.cgi?id=128073


Reviewed by Oliver Hunt.


  • js/regress/get-by-id-bimorphic-check-structure-elimination-expected.txt: Added.
  • js/regress/get-by-id-bimorphic-check-structure-elimination-simple-expected.txt: Added.
  • js/regress/get-by-id-bimorphic-check-structure-elimination-simple.html: Added.
  • js/regress/get-by-id-bimorphic-check-structure-elimination.html: Added.
  • js/regress/get-by-id-check-structure-elimination-expected.txt: Added.
  • js/regress/get-by-id-check-structure-elimination.html: Added.
  • js/regress/get-by-id-quadmorphic-check-structure-elimination-simple-expected.txt: Added.
  • js/regress/get-by-id-quadmorphic-check-structure-elimination-simple.html: Added.
  • js/regress/script-tests/get-by-id-bimorphic-check-structure-elimination-simple.js: Added.
  • js/regress/script-tests/get-by-id-bimorphic-check-structure-elimination.js: Added.
  • js/regress/script-tests/get-by-id-check-structure-elimination.js: Added.
  • js/regress/script-tests/get-by-id-quadmorphic-check-structure-elimination-simple.js: Added.


2014-06-03 Filip Pizlo <fpizlo@apple.com>


[ftlopt] FTL native inlining tests take far too long
https://bugs.webkit.org/show_bug.cgi?id=133498


Unreviewed test gardening.


Move long-running tests that focus on correctness into JSC/tests/stress.
Speed up the performance tests by reducing allocation and call overhead.


  • js/regress/ftl-library-inlining-exceptions-expected.txt: Removed.
  • js/regress/ftl-library-inlining-exceptions.html: Removed.
  • js/regress/ftl-library-inlining-folding-expected.txt: Removed.
  • js/regress/ftl-library-inlining-folding.html: Removed.
  • js/regress/ftl-library-inlining-loops-expected.txt: Removed.
  • js/regress/ftl-library-inlining-loops.html: Removed.
  • js/regress/script-tests/ftl-library-inlining-dataview.js: (foo): Deleted.
  • js/regress/script-tests/ftl-library-inlining-exceptions.js: Removed.
  • js/regress/script-tests/ftl-library-inlining-folding.js: Removed.
  • js/regress/script-tests/ftl-library-inlining-loops.js: Removed.
  • js/regress/script-tests/ftl-library-inlining.js: (foo): Deleted.


2014-06-03 Matthew Mirman <mmirman@apple.com>


[ftlopt] Added system for inlining native functions via the FTL.
https://bugs.webkit.org/show_bug.cgi?id=131515


Reviewed by Filip Pizlo.


Adds microbenchmarks.


  • js/regress/script-tests/ftl-library-inlining.js: Added.
  • js/regress/ftl-library-inlining-expected.txt: Added.
  • js/regress/ftl-library-inlining.html: Added.
  • js/regress/script-tests/ftl-library-inlining-dataview.js: Added.
  • js/regress/ftl-library-inlining-dataview-expected.txt: Added.
  • js/regress/ftl-library-inlining-dataview.html: Added.
  • js/regress/script-tests/ftl-library-inlining-exceptions.js: Added.
  • js/regress/ftl-library-inlining-exceptions-expected.txt: Added.
  • js/regress/ftl-library-inlining-exceptions.html: Added.
  • js/regress/script-tests/ftl-library-inlining-folding.js: Added.
  • js/regress/ftl-library-inlining-folding-expected.txt: Added.
  • js/regress/ftl-library-inlining-folding-expected.html: Added.
  • js/regress/script-tests/ftl-library-inlining-loops.js: Added.
  • js/regress/ftl-library-inlining-loops-expected.txt: Added.
  • js/regress/ftl-library-inlining-loops.html: Added.


2014-05-21 Filip Pizlo <fpizlo@apple.com>


[ftlopt] DFG::clobberize should be blind to the effects of GC
https://bugs.webkit.org/show_bug.cgi?id=133166


Reviewed by Geoffrey Garen.


  • js/regress/hoist-make-rope-expected.txt: Added.
  • js/regress/hoist-make-rope.html: Added.
  • js/regress/script-tests/hoist-make-rope.js: Added. (foo):
18:12 Changeset [171379] by ryuan.choi@samsung.com

Remove dead APIs from TiledBackingStore
https://bugs.webkit.org/show_bug.cgi?id=135158

Reviewed by Gyuyoung Kim.

setContentsFrozen and related code of TiledBackingStore are not used since Qt port is removed.

  • platform/graphics/TiledBackingStore.cpp:

(WebCore::TiledBackingStore::TiledBackingStore):
(WebCore::TiledBackingStore::updateTileBuffers):
(WebCore::TiledBackingStore::setContentsScale):
(WebCore::TiledBackingStore::createTiles):
(WebCore::TiledBackingStore::startTileBufferUpdateTimer):
(WebCore::TiledBackingStore::startBackingStoreUpdateTimer):
(WebCore::TiledBackingStore::commitScaleChange): Deleted.
(WebCore::TiledBackingStore::isBackingStoreUpdatesSuspended): Deleted.
(WebCore::TiledBackingStore::isTileBufferUpdatesSuspended): Deleted.
(WebCore::TiledBackingStore::setContentsFrozen): Deleted.

  • platform/graphics/TiledBackingStore.h:

(WebCore::TiledBackingStore::contentsFrozen): Deleted.

18:01 Changeset [171378] by commit-queue@webkit.org

Fix window-inactive css selectors when using querySelector.
https://bugs.webkit.org/show_bug.cgi?id=135149

Patch by Alex Christensen <achristensen@webkit.org> on 2014-07-22
Reviewed by Tim Horton.

Source/WebCore:
Test: fast/selectors/querySelector-window-inactive.html

  • css/SelectorChecker.cpp:

(WebCore::SelectorChecker::checkOne):
Removed default and implemented case PseudoClassWindowInactive.

LayoutTests:

  • fast/selectors/querySelector-window-inactive-expected.txt: Added.
  • fast/selectors/querySelector-window-inactive.html: Added.
  • platform/wk2/TestExpectations:

Added querySelector-window-inactive.html to list of tests that do not work in WK2 because of setWindowIsKey.

17:41 Changeset [171377] by dburkart@apple.com

Merge r169475

17:36 Changeset [171376] by timothy_horton@apple.com

REGRESSION (r171016): Reproducible infinite spin selecting phone number
https://bugs.webkit.org/show_bug.cgi?id=135183
<rdar://problem/17727342>

Reviewed by Ryosuke Niwa.

  • editing/Editor.cpp:

(WebCore::Editor::scanRangeForTelephoneNumbers):
Make use of TextIterator::subrange, which knows how to make a subrange from character positions,
instead of assuming that our character positions translate directly to positions in the incoming range.
Make use of DocumentMarkerController::addMarker, which takes a range and applies the marker to
all text nodes inside the range as appropriate.
Fix naming of the shadowed 'length' local.
Fix a typo in the comment.

17:35 Changeset [171375] by mmaxfield@apple.com

[iOS] [OSX] Don't transcode WOFF on platforms that support it natively
https://bugs.webkit.org/show_bug.cgi?id=134904

Reviewed by Andreas Kling.

No new tests because there is no behavior change.

  • loader/cache/CachedFont.cpp:

(WebCore::CachedFont::ensureCustomFontData):

17:27 Changeset [171374] by dburkart@apple.com

Merge r152704

17:14 Changeset [171373] by jinwoo7.song@samsung.com

Unreviewed build fix on EFL port after r171356.

Implement a dummy platformMediaCacheDirectory() to avoid undefined reference error.

  • UIProcess/efl/WebContextEfl.cpp:

(WebKit::WebContext::platformMediaCacheDirectory):

16:52 Changeset [171372] by ryuan.choi@samsung.com

Unreviewed build fix attempt on the EFL port after r171362.

Build break because of -Werror=return-type

  • bytecode/GetByIdStatus.cpp:

(JSC::GetByIdStatus::makesCalls):

16:33 Changeset [171371] by commit-queue@webkit.org

[Win] Crash after plugin is unloaded.
https://bugs.webkit.org/show_bug.cgi?id=119044

Patch by peavo@outlook.com <peavo@outlook.com> on 2014-07-22
Reviewed by Darin Adler.

We need to invalidate all runtime objects when a plugin view is destroyed, in case the plugin is unloaded,
and one of these runtime objects accesses the plugin function table upon destruction afterwards, which will cause a crash.
If we use the weak pointer to the runtime object when invalidating, it will be null if it's in the WeakImpl::Dead state.
This means the runtime object will not be invalidated, possibly causing a crash if the plugin is unloaded.
It should be safe to use the raw pointer to the runtime object when invalidating, since finalized runtime objects
will be removed from the set of runtime objects in the method RootObject::finalize().

  • bridge/runtime_root.cpp:

(JSC::Bindings::RootObject::invalidate): Make sure all runtime objects are invalidated by getting the raw runtime object pointer from the hash key.

16:28 Changeset [171370] by enrica@apple.com

REGRESSION (WebKit2): Selection inside accelerated overflow:scroll doesn't track scrolling.
https://bugs.webkit.org/show_bug.cgi?id=135180
<rdar://problem/16721055>

Reviewed by Simon Fraser.

Source/WebCore:
AsyncScrollingCoordinator will force a selection update on iOS
when scrolling terminates in an overflow scroll.

  • loader/EmptyClients.h:
  • page/EditorClient.h:
  • page/scrolling/AsyncScrollingCoordinator.cpp:

(WebCore::AsyncScrollingCoordinator::updateScrollPositionAfterAsyncScroll):

  • page/scrolling/ScrollingTree.h:

(WebCore::ScrollingTree::scrollingTreeNodeWillStartScroll):
(WebCore::ScrollingTree::scrollingTreeNodeDidEndScroll):

Source/WebKit/mac:

  • WebCoreSupport/WebEditorClient.h:

Source/WebKit2:
Adds notifications to the WKContentView to know when scrolling starts and ends
in an overflow scroll. When scrolling starts, we hide the selection and we restore
it when scrolling ends, though not before the selection information in the editor
state has been updated.
It also adds a new method to the EditorClient class to force the
selection update when scrolling is completed.

  • UIProcess/PageClient.h:
  • UIProcess/Scrolling/RemoteScrollingCoordinatorProxy.h:
  • UIProcess/Scrolling/RemoteScrollingTree.cpp:

(WebKit::RemoteScrollingTree::scrollingTreeNodeWillStartScroll):
(WebKit::RemoteScrollingTree::scrollingTreeNodeDidEndScroll):

  • UIProcess/Scrolling/RemoteScrollingTree.h:
  • UIProcess/Scrolling/ios/ScrollingTreeOverflowScrollingNodeIOS.h:
  • UIProcess/Scrolling/ios/ScrollingTreeOverflowScrollingNodeIOS.mm:

(-[WKOverflowScrollViewDelegate scrollViewWillBeginDragging:]):
(-[WKOverflowScrollViewDelegate scrollViewDidEndDragging:willDecelerate:]):
(-[WKOverflowScrollViewDelegate scrollViewDidEndDecelerating:]):
(WebKit::ScrollingTreeOverflowScrollingNodeIOS::overflowScrollWillStart):
(WebKit::ScrollingTreeOverflowScrollingNodeIOS::overflowScrollDidEnd):

  • UIProcess/WebPageProxy.h:
  • UIProcess/ios/PageClientImplIOS.h:
  • UIProcess/ios/PageClientImplIOS.mm:

(WebKit::PageClientImpl::overflowScrollWillStartScroll):
(WebKit::PageClientImpl::overflowScrollDidEndScroll):

  • UIProcess/ios/RemoteScrollingCoordinatorProxyIOS.mm:

(WebKit::RemoteScrollingCoordinatorProxy::scrollingTreeNodeWillStartScroll):
(WebKit::RemoteScrollingCoordinatorProxy::scrollingTreeNodeDidEndScroll):

  • UIProcess/ios/WKContentViewInteraction.h:
  • UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _overflowScrollingWillBegin]):
(-[WKContentView _overflowScrollingDidEnd]):
(-[WKContentView _updateChangedSelection]):

  • UIProcess/ios/WebPageProxyIOS.mm:

(WebKit::WebPageProxy::overflowScrollWillStartScroll):
(WebKit::WebPageProxy::overflowScrollDidEndScroll):

  • WebProcess/WebCoreSupport/WebEditorClient.h:
  • WebProcess/WebCoreSupport/WebEditorClient.cpp:
  • WebProcess/WebCoreSupport/ios/WebEditorClientIOS.mm:

(WebKit::WebEditorClient::updateSelection):

16:25 Changeset [171369] by dburkart@apple.com

Merge r169457

15:32 Changeset [171368] by benjamin@webkit.org

[iOS][WK2] WebPageProxy should not do anything when responding to an animated resize is the page is not in a valid state
https://bugs.webkit.org/show_bug.cgi?id=135169
<rdar://problem/17740149>

Patch by Benjamin Poulain <bpoulain@apple.com> on 2014-07-22
Reviewed by Tim Horton.

  • UIProcess/ios/WebPageProxyIOS.mm:

(WebKit::WebPageProxy::dynamicViewportSizeUpdate):
Neither m_dynamicViewportSizeUpdateWaitingForTarget nor m_dynamicViewportSizeUpdateWaitingForLayerTreeCommit should
be modified if there is not WebProcess to respond to DynamicViewportSizeUpdate.

(WebKit::WebPageProxy::synchronizeDynamicViewportUpdate):
We should not attempt to synchronize anything if the page was closed before the end of the dynamic viewport
update.

15:09 Changeset [171367] by joepeck@webkit.org

JSLock release should only modify the AtomicStringTable if it modified in acquire
https://bugs.webkit.org/show_bug.cgi?id=135143

Reviewed by Pratik Solanki.

  • runtime/JSLock.cpp:

(JSC::JSLock::willDestroyVM):
(JSC::JSLock::willReleaseLock):
Only set the AtomicStringTable when there was a VM, to balance JSLock::didAcquireLock.

14:46 Changeset [171366] by timothy_horton@apple.com

REGRESSION (r171239): Much more time spent taking snapshots during the PLT
https://bugs.webkit.org/show_bug.cgi?id=135177
<rdar://problem/17764847>

Reviewed by Dan Bernstein.

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::willChangeCurrentHistoryItemForMainFrame):
(WebKit::WebPageProxy::willChangeCurrentHistoryItem): Deleted.

  • UIProcess/WebPageProxy.h:
  • UIProcess/WebPageProxy.messages.in:
  • WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:

(WebKit::WebFrameLoaderClient::willChangeCurrentHistoryItem):

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::willChangeCurrentHistoryItemForMainFrame):
(WebKit::WebPage::willChangeCurrentHistoryItem): Deleted.

  • WebProcess/WebPage/WebPage.h:

Rename WillChangeCurrentHistoryItem to WillChangeCurrentHistoryItemForMainFrame.
Only send it when the current history item for the main frame changes.

14:32 Changeset [171365] by oliver@apple.com

Add accountsd access to network sandbox profile
https://bugs.webkit.org/show_bug.cgi?id=135176
<rdar://17656487>

Reviewed by Anders Carlsson.

This is available to the webcontent process already, but is also
needed for the networking process.

  • Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb:
14:30 Changeset [171364] by fpizlo@apple.com

Fix cloop build.

  • bytecode/CallLinkStatus.cpp:

(JSC::CallLinkStatus::computeExitSiteData):

14:25 Changeset [171363] by oliver@apple.com

Remove unused com.apple.webkit.* rules from profiles
https://bugs.webkit.org/show_bug.cgi?id=135174
<rdar://17755931>

Reviewed by Anders Carlsson.

We never send these rules so we should just remove use of them
from the profiles.

  • Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb:
  • Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
14:08 Changeset [171362] by fpizlo@apple.com

Merge r168635, r168780, r169005, r169014, and r169143 from ftlopt.

2014-05-20 Filip Pizlo <fpizlo@apple.com>


[ftlopt] DFG bytecode parser should turn GetById with nothing but a Getter stub as stuff+handleCall, and handleCall should be allowed to inline if it wants to
https://bugs.webkit.org/show_bug.cgi?id=133105


Reviewed by Michael Saboff.

Source/JavaScriptCore:

  • GetByIdStatus now knows about getters and can report intelligent things about them. As is usually the case with how we do these things, GetByIdStatus knows more about getters than the DFG can actually handle: it'll report details about polymorphic getter calls even though the DFG won't be able to handle those. This is fine; the DFG will see those statuses and bail to a generic slow path.


  • The DFG::ByteCodeParser now knows how to set up and do handleCall() for a getter call. This can, and usually does, result in inlining of getters!


  • CodeOrigin and OSR exit know about inlined getter calls. When you OSR out of an inlined getter, we set the return PC to a getter return thunk that fixes up the stack. We use the usual offset-true-return-PC trick, where OSR exit places the true return PC of the getter's caller as a phony argument that only the thunk knows how to find.


  • Removed a bunch of dead monomorphic chain support from StructureStubInfo.


  • A large chunk of this change is dragging GetGetterSetterByOffset, GetGetter, and GetSetter through the DFG and FTL. GetGetterSetterByOffset is like GetByOffset except that we know that we're returning a GetterSetter cell. GetGetter and GetSetter extract the getter, or setter, from the GetterSetter.


This is a ~2.5x speed-up on the getter microbenchmarks that we already had. So far none
of the "real" benchmarks exercise getters enough for this to matter. But I noticed that
some of the variants of the Richards benchmark in other languages - for example
Wolczko's Java translation of a C++ translation of Deutsch's Smalltalk version - use
getters and setters extensively. So, I created a getter/setter JavaScript version of
Richards and put it in regress/script-tests/getter-richards.js. That sees about a 2.4x
speed-up from this patch, which is very reassuring.


  • bytecode/CodeBlock.cpp: (JSC::CodeBlock::printGetByIdCacheStatus): (JSC::CodeBlock::findStubInfo):
  • bytecode/CodeBlock.h:
  • bytecode/CodeOrigin.cpp: (WTF::printInternal):
  • bytecode/CodeOrigin.h: (JSC::InlineCallFrame::specializationKindFor):
  • bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeFor): (JSC::GetByIdStatus::computeForStubInfo): (JSC::GetByIdStatus::makesCalls): (JSC::GetByIdStatus::computeForChain): Deleted.
  • bytecode/GetByIdStatus.h: (JSC::GetByIdStatus::makesCalls): Deleted.
  • bytecode/GetByIdVariant.cpp: (JSC::GetByIdVariant::~GetByIdVariant): (JSC::GetByIdVariant::GetByIdVariant): (JSC::GetByIdVariant::operator=): (JSC::GetByIdVariant::dumpInContext):
  • bytecode/GetByIdVariant.h: (JSC::GetByIdVariant::GetByIdVariant): (JSC::GetByIdVariant::callLinkStatus):
  • bytecode/PolymorphicGetByIdList.cpp: (JSC::GetByIdAccess::fromStructureStubInfo): (JSC::PolymorphicGetByIdList::from):
  • bytecode/SpeculatedType.h:
  • bytecode/StructureStubInfo.cpp: (JSC::StructureStubInfo::deref): (JSC::StructureStubInfo::visitWeakReferences):
  • bytecode/StructureStubInfo.h: (JSC::isGetByIdAccess): (JSC::StructureStubInfo::initGetByIdChain): Deleted.
  • dfg/DFGAbstractHeap.h:
  • dfg/DFGAbstractInterpreterInlines.h: (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
  • dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::addCall): (JSC::DFG::ByteCodeParser::handleCall): (JSC::DFG::ByteCodeParser::handleInlining): (JSC::DFG::ByteCodeParser::handleGetByOffset): (JSC::DFG::ByteCodeParser::handleGetById): (JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry): (JSC::DFG::ByteCodeParser::parse):
  • dfg/DFGCSEPhase.cpp: (JSC::DFG::CSEPhase::getGetterSetterByOffsetLoadElimination): (JSC::DFG::CSEPhase::getInternalFieldLoadElimination): (JSC::DFG::CSEPhase::performNodeCSE): (JSC::DFG::CSEPhase::getTypedArrayByteOffsetLoadElimination): Deleted.
  • dfg/DFGClobberize.h: (JSC::DFG::clobberize):
  • dfg/DFGFixupPhase.cpp: (JSC::DFG::FixupPhase::fixupNode):
  • dfg/DFGJITCompiler.cpp: (JSC::DFG::JITCompiler::linkFunction):
  • dfg/DFGNode.h: (JSC::DFG::Node::hasStorageAccessData):
  • dfg/DFGNodeType.h:
  • dfg/DFGOSRExitCompilerCommon.cpp: (JSC::DFG::reifyInlinedCallFrames):
  • dfg/DFGPredictionPropagationPhase.cpp: (JSC::DFG::PredictionPropagationPhase::propagate):
  • dfg/DFGSafeToExecute.h: (JSC::DFG::safeToExecute):
  • dfg/DFGSpeculativeJIT32_64.cpp: (JSC::DFG::SpeculativeJIT::compile):
  • dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::compile):
  • ftl/FTLAbstractHeapRepository.cpp:
  • ftl/FTLAbstractHeapRepository.h:
  • ftl/FTLCapabilities.cpp: (JSC::FTL::canCompile):
  • ftl/FTLLink.cpp: (JSC::FTL::link):
  • ftl/FTLLowerDFGToLLVM.cpp: (JSC::FTL::LowerDFGToLLVM::compileNode): (JSC::FTL::LowerDFGToLLVM::compileGetGetter): (JSC::FTL::LowerDFGToLLVM::compileGetSetter):
  • jit/AccessorCallJITStubRoutine.h:
  • jit/JIT.cpp: (JSC::JIT::assertStackPointerOffset): (JSC::JIT::privateCompile):
  • jit/JIT.h:
  • jit/JITPropertyAccess.cpp: (JSC::JIT::emit_op_get_by_id):
  • jit/ThunkGenerators.cpp: (JSC::arityFixupGenerator): (JSC::baselineGetterReturnThunkGenerator): (JSC::baselineSetterReturnThunkGenerator): (JSC::arityFixup): Deleted.
  • jit/ThunkGenerators.h:
  • runtime/CommonSlowPaths.cpp: (JSC::setupArityCheckData):
  • tests/stress/exit-from-getter.js: Added.
  • tests/stress/poly-chain-getter.js: Added. (Cons): (foo): (test):
  • tests/stress/poly-chain-then-getter.js: Added. (Cons1): (Cons2): (foo): (test):
  • tests/stress/poly-getter-combo.js: Added. (Cons1): (Cons2): (foo): (test): (.test):
  • tests/stress/poly-getter-then-chain.js: Added. (Cons1): (Cons2): (foo): (test):
  • tests/stress/poly-getter-then-self.js: Added. (foo): (test): (.test):
  • tests/stress/poly-self-getter.js: Added. (foo): (test): (getter):
  • tests/stress/poly-self-then-getter.js: Added. (foo): (test):
  • tests/stress/weird-getter-counter.js: Added. (foo): (test):


2014-05-17 Filip Pizlo <fpizlo@apple.com>


[ftlopt] Factor out how CallLinkStatus uses exit site data
https://bugs.webkit.org/show_bug.cgi?id=133042


Reviewed by Anders Carlsson.


This makes it easier to use CallLinkStatus from clients that are calling into after
already holding some of the relevant locks. This is necessary because we use a "one lock
at a time" policy for CodeBlock locks: if you hold one then you're not allowed to acquire
any of the others. So, any code that needs to lock multiple CodeBlock locks needs to sort
of lock one, do some stuff, release it, then lock another, and then do more stuff. The
exit site data corresponds to the stuff you do while holding the baseline lock, while the
CallLinkInfo method corresponds to the stuff you do while holding the CallLinkInfo owner's
lock.


  • bytecode/CallLinkStatus.cpp: (JSC::CallLinkStatus::computeFor): (JSC::CallLinkStatus::computeExitSiteData): (JSC::CallLinkStatus::computeDFGStatuses):
  • bytecode/CallLinkStatus.h: (JSC::CallLinkStatus::ExitSiteData::ExitSiteData):


2014-05-17 Filip Pizlo <fpizlo@apple.com>


[ftlopt] InlineCallFrame::isCall should be an enumeration
https://bugs.webkit.org/show_bug.cgi?id=133034


Reviewed by Sam Weinig.


Once we start inlining getters and setters, we'll want InlineCallFrame to be able to tell
us that the inlined call was a getter call or a setter call. Initially I thought I would
have a new field called "kind" that would have components NormalCall, GetterCall, and
SetterCall. But that doesn't make sense, because for GetterCall and SetterCall, isCall
would have to be true. Hence, It makes more sense to have one enumeration that is Call,
Construct, GetterCall, or SetterCall. This patch is a first step towards this.


It's interesting that isClosureCall should probably still be separate, since getter and
setter inlining could inline closure calls.


  • bytecode/CodeBlock.h: (JSC::baselineCodeBlockForInlineCallFrame):
  • bytecode/CodeOrigin.cpp: (JSC::InlineCallFrame::dumpInContext): (WTF::printInternal):
  • bytecode/CodeOrigin.h: (JSC::InlineCallFrame::kindFor): (JSC::InlineCallFrame::specializationKindFor): (JSC::InlineCallFrame::InlineCallFrame): (JSC::InlineCallFrame::specializationKind):
  • dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry):
  • dfg/DFGOSRExitPreparation.cpp: (JSC::DFG::prepareCodeOriginForOSRExit):
  • runtime/Arguments.h: (JSC::Arguments::finishCreation):


2014-05-13 Filip Pizlo <fpizlo@apple.com>


[ftlopt] DFG should not exit due to inadequate profiling coverage when it can trivially fill in the profiling coverage due to variable constant inference and the better prediction modeling of typed array GetByVals
https://bugs.webkit.org/show_bug.cgi?id=132896


Reviewed by Geoffrey Garen.


This is a slight win on SunSpider, but it's meant to ultimately help us on
embenchen/lua. We already do well on that benchmark but our convergence is slower than
I'd like.


  • dfg/DFGArrayMode.cpp: (JSC::DFG::ArrayMode::refine):
  • dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::parseBlock):
  • dfg/DFGFixupPhase.cpp: (JSC::DFG::FixupPhase::fixupNode):
  • dfg/DFGPredictionPropagationPhase.cpp: (JSC::DFG::PredictionPropagationPhase::propagate):


2014-05-08 Filip Pizlo <fpizlo@apple.com>


jsSubstring() should be lazy
https://bugs.webkit.org/show_bug.cgi?id=132556


Reviewed by Andreas Kling.


jsSubstring() is now lazy by using a special rope that is a substring instead of a
concatenation. To make this patch super simple, we require that a substring's base is
never a rope. Hence, when resolving a rope, we either go down a non-recursive substring
path, or we go down a concatenation path which may see exactly one level of substrings in
its fibers.


This is up to a 50% speed-up on microbenchmarks and a 10% speed-up on Octane/regexp.


Relanding this with assertion fixes.


  • heap/MarkedBlock.cpp: (JSC::MarkedBlock::specializedSweep):
  • runtime/JSString.cpp: (JSC::JSRopeString::visitFibers): (JSC::JSRopeString::resolveRopeInternal8): (JSC::JSRopeString::resolveRopeInternal16): (JSC::JSRopeString::clearFibers): (JSC::JSRopeString::resolveRope): (JSC::JSRopeString::resolveRopeSlowCase8): (JSC::JSRopeString::resolveRopeSlowCase):
  • runtime/JSString.h: (JSC::JSRopeString::finishCreation): (JSC::JSRopeString::append): (JSC::JSRopeString::create): (JSC::JSRopeString::offsetOfFibers): (JSC::JSRopeString::fiber): (JSC::JSRopeString::substringBase): (JSC::JSRopeString::substringOffset): (JSC::JSRopeString::notSubstringSentinel): (JSC::JSRopeString::substringSentinel): (JSC::JSRopeString::isSubstring): (JSC::JSRopeString::setIsSubstring): (JSC::jsSubstring):
  • runtime/RegExpMatchesArray.cpp: (JSC::RegExpMatchesArray::reifyAllProperties):
  • runtime/StringPrototype.cpp: (JSC::stringProtoFuncSubstring):

Source/WTF:

  • wtf/Bag.h: (WTF::Bag::iterator::operator!=):

LayoutTests:

  • js/regress/getter-no-activation-expected.txt: Added.
  • js/regress/getter-no-activation.html: Added.
  • js/regress/script-tests/getter-no-activation.js: Added.
  • js/regress/getter-richards-expected.txt: Added.
  • js/regress/getter-richards.html: Added.
  • js/regress/script-tests/getter-richards.js: Added.


2014-05-08 Filip Pizlo <fpizlo@apple.com>


jsSubstring() should be lazy
https://bugs.webkit.org/show_bug.cgi?id=132556


Reviewed by Andreas Kling.


These tests get 35-50% faster.


  • js/regress/script-tests/substring-concat-weird.js: Added. (foo):
  • js/regress/script-tests/substring-concat.js: Added. (foo):
  • js/regress/script-tests/substring.js: Added. (foo):
  • js/regress/substring-concat-expected.txt: Added.
  • js/regress/substring-concat-weird-expected.txt: Added.
  • js/regress/substring-concat-weird.html: Added.
  • js/regress/substring-concat.html: Added.
  • js/regress/substring-expected.txt: Added.
  • js/regress/substring.html: Added.
13:57 Changeset [171361] by rniwa@webkit.org

Perf dashboard spends 2s processing JSON data during the page loads
https://bugs.webkit.org/show_bug.cgi?id=135152

Reviewed by Andreas Kling.

In the Apple internal dashboard, we were spending as much as 2 seconds
converting raw JSON data into proper JS objects while loading the dashboard.

This caused the apparent unresponsiveness of the dashboard despite of the fact
charts themselves updated almost instantaneously.

  • public/index.html:
  • public/js/helper-classes.js:

(TestBuild): Compute the return values of formattedTime and formattedBuildTime
lazily as creating new Date objects and running string replace is expensive.
(TestBuild.formattedTime):
(TestBuild.formattedBuildTime):
(PerfTestRuns.setResults): Added. Pushing each result was the biggest bottle neck.
(PerfTestRuns.addResult): Deleted.

13:51 Changeset [171360] by mmaxfield@apple.com

[Mac] Cocoa throws exception when the return type of NSAccessibilityLinkedUIElementsAttribute is not an array
https://bugs.webkit.org/show_bug.cgi?id=135165

Reviewed by Simon Fraser.

Source/WebCore:
Return an empty array instead of nil.

Updated tests.

  • accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):

LayoutTests:
Updating tests.

  • accessibility/parent-delete-expected.txt:
  • accessibility/transformed-element-expected.txt:
  • platform/mac/accessibility/aria-columnrowheaders-expected.txt:
  • platform/mac/accessibility/bounds-for-range-expected.txt:
  • platform/mac/accessibility/document-attributes-expected.txt:
  • platform/mac/accessibility/document-links-expected.txt:
  • platform/mac/accessibility/image-link-expected.txt:
  • platform/mac/accessibility/image-map2-expected.txt:
  • platform/mac/accessibility/internal-link-anchors-expected.txt:
  • platform/mac/accessibility/internal-link-anchors2-expected.txt:
  • platform/mac/accessibility/lists-expected.txt:
  • platform/mac/accessibility/plugin-expected.txt:
  • platform/mac/accessibility/table-attributes-expected.txt:
  • platform/mac/accessibility/table-cell-spans-expected.txt:
  • platform/mac/accessibility/table-cells-expected.txt:
  • platform/mac/accessibility/table-detection-expected.txt:
  • platform/mac/accessibility/table-one-cell-expected.txt:
  • platform/mac/accessibility/table-sections-expected.txt:
  • platform/mac/accessibility/table-with-rules-expected.txt:
  • platform/mac-mountainlion/accessibility/lists-expected.txt:
13:28 Changeset [171359] by commit-queue@webkit.org

Unreviewed, rolling out r171357.
https://bugs.webkit.org/show_bug.cgi?id=135173

broke Windows build. (Requested by bfulgham on #webkit).

Reverted changeset:

"[Win] Fix Crash when handling Legible Output callbacks"
https://bugs.webkit.org/show_bug.cgi?id=134946
http://trac.webkit.org/changeset/171357

13:22 Changeset [171358] by mmaxfield@apple.com

[Mac] accessibility/aria-columnrowheaders.html doesn't test lengths of arrays
https://bugs.webkit.org/show_bug.cgi?id=135166

Reviewed by Chris Fleizach.

Using debug() interprets strings like "<array of size 0>" as markup, thereby not
showing it in the expected output. Instead, we should use innerText (which is
what all the other accessibility tests use).

  • platform/mac/accessibility/aria-columnrowheaders-expected.txt:
  • platform/mac/accessibility/aria-columnrowheaders.html:
13:00 Changeset [171357] by bfulgham@apple.com

[Win] Fix Crash when handling Legible Output callbacks
https://bugs.webkit.org/show_bug.cgi?id=134946

Reviewed by Dean Jackson.

  • platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:

(WebCore::InbandTextTrackPrivateAVF::processNativeSamples): Remove
Windows-specific 'ASSERT_NOT_REACHED' code path.

  • platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:

(WebCore::createLegibleOutputSubtypes): Added.
(WebCore::AVFWrapper::createPlayerItem): Updated to request native
samples from AVFoundationCF.

12:58 Changeset [171356] by oliver@apple.com

Provide networking process with access to its HSTS db
https://bugs.webkit.org/show_bug.cgi?id=135121
<rdar://17654369>

Reviewed by Alexey Proskuryakov.

Add an extension parameter to pass the hsts database file.
This requires us to create the Caches/com.apple.WebKit.Networking
directory in the UI process, as the network sandbox
does not allow it to create the containing directory.

  • NetworkProcess/cocoa/NetworkProcessCocoa.mm:

(WebKit::NetworkProcess::platformInitializeNetworkProcessCocoa):

  • Shared/Network/NetworkProcessCreationParameters.cpp:

(WebKit::NetworkProcessCreationParameters::encode):
(WebKit::NetworkProcessCreationParameters::decode):

  • Shared/Network/NetworkProcessCreationParameters.h:
  • UIProcess/WebContext.cpp:

(WebKit::WebContext::ensureNetworkProcess):
(WebKit::WebContext::networkingHSTSDatabasePath):

  • UIProcess/WebContext.h:
  • UIProcess/mac/WebContextMac.mm:

(WebKit::WebContext::platformDefaultNetworkingHSTSDatabasePath):

12:48 Changeset [171355] by weinig@apple.com

[Cocoa] WKScriptMessageHandlers don't seem to function properly after navigating
https://bugs.webkit.org/show_bug.cgi?id=135148

Reviewed by Geoffrey Garen.

Source/JavaScriptCore:

  • runtime/CommonIdentifiers.h:

Add a common identifier for the string "webkit".

Source/WebCore:
The "webkit" property on the window was not getting installed for subsequent
loads due to intricate dance playing setting the JSDOMWindow where the DOMWindow
object is not yet in a Frame when the JSDOMWindow is created. Since we were
adding the "webkit" property on construction, the property was returning null
thinking it had no Frame and was in a bad state. We can fix this by making the
"webkit" property behave like all the other window properties moving its getting
to JSDOMWindow::getOwnPropertySlot.

Added API test (WebKit2Cocoa/UserContentController).

  • bindings/js/JSDOMWindowBase.cpp:

(WebCore::JSDOMWindowBase::finishCreation):

  • bindings/js/JSDOMWindowCustom.cpp:

(WebCore::jsDOMWindowWebKit):
(WebCore::JSDOMWindow::getOwnPropertySlot):

Tools:

  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
  • TestWebKitAPI/Tests/WebKit2Cocoa/UserContentController.mm: Added.

(-[SimpleNavigationDelegate webView:didFinishNavigation:]):
(-[ScriptMessageHandler userContentController:didReceiveScriptMessage:]):

12:46 Changeset [171354] by fpizlo@apple.com

ASSERTION FAILED: info.spillFormat() & DataFormatJS in JSC::DFG::SpeculativeJIT::fillSpeculateCell
https://bugs.webkit.org/show_bug.cgi?id=135155
<rdar://problem/17763909>

Reviewed by Oliver Hunt.

The DFG fillSpeculate code paths all need to be mindful of the fact that they may be stumbling upon a
contradiction, and that this is OK. In this case, we were speculating cell on an int.

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::fillSpeculateCell):

  • tests/stress/regress-135155.js: Added.

(run.t.length):
(run):

12:36 Changeset [171353] by bfulgham@apple.com

[Win] Fix Leak in WebCore::createGlobalImageFileDescriptor
https://bugs.webkit.org/show_bug.cgi?id=134423
<rdar://problem/17492758>

Reviewed by Geoffrey Garen.

  • platform/win/PasteboardWin.cpp:

(WebCore::createGlobalImageFileDescriptor): Unlock and release the
HGLOBAL when exiting early.

12:25 Changeset [171352] by benjamin@webkit.org

[iOS][WK2] UI helpers that zoom on an element ignore the viewport's allowsUserScaling
https://bugs.webkit.org/show_bug.cgi?id=135140
<rdar://problem/17754921>

Patch by Benjamin Poulain <bpoulain@apple.com> on 2014-07-22
Reviewed by Tim Horton.

UIScrollView makes a difference between min/max zoom and allowUserScaling. To express that,
everything is set up on the LayerTransaction.

For zooming related helpers (find on page, double tap to zoom, etc), the min and max zoom
should be the actual min/max for the current page state.

This patch split the two explicitely.
For layer transactions, the values are taken from the viewport configuration directly.
For everything else, we should use minimumPageScaleFactor/maximumPageScaleFactor. Those two methods
have been updated to take into account allowsUserScaling.

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::willCommitLayerTree):

  • WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::WebPage::minimumPageScaleFactor):
(WebKit::WebPage::maximumPageScaleFactor):
(WebKit::WebPage::getAssistedNodeInformation):

11:35 Changeset [171351] by bfulgham@apple.com

Correct handling of VERSION_TEXT for 4+-tuple versions
https://bugs.webkit.org/show_bug.cgi?id=135161
<rdar://problem/17763546>

Reviewed by David Kilzer.

Tools:

  • Scripts/webkitperl/auto-version_unittest/autoVersionTests.pl:

Add additional test cases to catch errors in multiple-tuple
version string handling.

WebKitLibraries:
Revise the auto-version.pl script to properly handle version
strings with 4 (or more) version tuples. Previously these were
being truncated from the version.

  • win/tools/scripts/auto-version.pl:

(splitVersion): Return truncated version of
overall version string.

11:27 Changeset [171350] by fpizlo@apple.com

Extend exception fuzzing to the LLInt
https://bugs.webkit.org/show_bug.cgi?id=135076

Reviewed by Oliver Hunt.

Source/JavaScriptCore:

(JSC::numberOfExceptionFuzzChecks): Deleted.

  • llint/LLIntSlowPaths.cpp:

(JSC::LLInt::setUpCall):

  • runtime/CommonSlowPaths.cpp:
  • runtime/ExceptionFuzz.cpp: Added.

(JSC::numberOfExceptionFuzzChecks):
(JSC::doExceptionFuzzing):

  • runtime/ExceptionFuzz.h: Added.

(JSC::doExceptionFuzzingIfEnabled):

Tools:

  • Scripts/jsc-stress-test-helpers/js-exception-fuzz:
11:13 Changeset [171349] by commit-queue@webkit.org

Web Inspector: Fix unused parameter build warning
https://bugs.webkit.org/show_bug.cgi?id=135151

Patch by Shivakumar JM <shiva.jm@samsung.com> on 2014-07-22
Reviewed by Joseph Pecoraro.

Fix unused parameter build warning by removing the parameter name

  • WebProcess/WebPage/WebInspector.cpp:

(WebKit::WebInspector::setJavaScriptProfilingEnabled):

11:03 FeatureFlags edited by bjonesbe@adobe.com
(diff)
11:01 Changeset [171348] by ap@apple.com

[Mac] [WK2] selection-gap-fixed-child.html and selection-gap-flipped-fixed-child.html
have been failing since they were added in r148258
https://bugs.webkit.org/show_bug.cgi?id=114573

Landing actual results as expected for WK2. This test isn't meaningful for WK2, because of layers.

  • platform/mac-wk2/TestExpectations:
  • platform/mac-wk2/fast/repaint/selection-gap-fixed-child-expected.txt: Added.
  • platform/mac-wk2/fast/repaint/selection-gap-flipped-fixed-child-expected.txt: Added.
11:00 FeatureFlags edited by bjonesbe@adobe.com
(diff)
10:50 Changeset [171347] by mmaxfield@apple.com

Source/WebCore: Clicking on links while accessibility is enabled sometimes crashes
https://bugs.webkit.org/show_bug.cgi?id=135074

Reviewed by Chris Fleizach.

When an accessibility request comes in from the system, we call updateBackingStore() on the
relevant AccessibilityObject, which triggers a relayout of the entire document. This relayout
might delete that accessibility node and its parent, which would cause the node to be deleted.
After the stack unwinds, we then call a member function on the node without checking for this
condition.

Test: accessibility/parent-delete.html

  • accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::updateBackingStore): Retain the node for the duration of the
function.

LayoutTests: Clicking on links while accessibility is enabled does not render as expected
https://bugs.webkit.org/show_bug.cgi?id=135074

Reviewed by Chris Fleizach.

Delete a node and its parent, then call allAttributes() on the accessibility representation of
the deleted child and make sure there is no crash.

  • accessibility/parent-delete-expected.txt: Added
  • accessibility/parent-delete.html: Added
10:32 Changeset [171346] by commit-queue@webkit.org

Fix unused parameter build warning in UIProcess module
https://bugs.webkit.org/show_bug.cgi?id=135154

Patch by Shivakumar JM <shiva.jm@samsung.com> on 2014-07-22
Reviewed by Alexey Proskuryakov.

Fix unused parameter build warning in UIProcess module by using UNUSED_PARAM macro.

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::viewStateDidChange):

10:19 Changeset [171345] by commit-queue@webkit.org

Don't create new UIWindow for video fullscreen.
https://bugs.webkit.org/show_bug.cgi?id=135038

Patch by Jeremy Jones <jeremyj@apple.com> on 2014-07-22
Reviewed by Darin Adler.

Source/WebCore:

  • WebCore.exp.in:
  • platform/ios/WebVideoFullscreenControllerAVKit.h: use UIView instead of UIScreen.
  • platform/ios/WebVideoFullscreenControllerAVKit.mm:

(-[WebVideoFullscreenController enterFullscreen:]): provide parent UIView.

  • platform/ios/WebVideoFullscreenInterfaceAVKit.h: remove UIWindow.
  • platform/ios/WebVideoFullscreenInterfaceAVKit.mm:

(WebVideoFullscreenInterfaceAVKit::setupFullscreen): ditto
(WebVideoFullscreenInterfaceAVKit::cleanupFullscreen): ditto
(WebVideoFullscreenInterfaceAVKit::invalidate): ditto
(WebVideoFullscreenInterfaceAVKit::requestHideAndExitFullscreen): ditto

Source/WebKit/mac:
Provide UIView to WebVideoFullscreenController

  • WebView/WebView.mm:

(-[WebView _enterFullscreenForNode:]): pass UIView instead of nil

Source/WebKit2:
Use root UIView to parent fullscreen interface.

  • UIProcess/ios/WebVideoFullscreenManagerProxy.mm:

(WebKit::WebVideoFullscreenManagerProxy::setupFullscreenWithID): pass parent UIView

  • WebProcess/ios/WebVideoFullscreenManager.mm:

(WebKit::screenRectForNode): Use client rect instead of screen rect.

09:38 Changeset [171344] by ap@apple.com

media/track/track-in-band-subtitles-too-large.html and
media/track/track-long-word-container-sizing.html fail on Mac (dependent on other tests?)
https://bugs.webkit.org/show_bug.cgi?id=135160

Correcting test expectations - the failures are not WK1 only.

  • platform/mac-wk1/TestExpectations:
  • platform/mac/TestExpectations:
08:02 Changeset [171343] by clopez@igalia.com

[GTK] Rollout r170529 due to ~10% performance regression on the
perf test Animation/balls.
https://bugs.webkit.org/show_bug.cgi?id=134972

Reviewed by Martin Robinson.

Reverted changeset:
"Increase priority on SharedTimer source."
https://trac.webkit.org/r170529

06:47 Changeset [171342] by m.pakula@samsung.com

Unreviewed EFL gardening

  • platform/efl/TestExpectations: Update incorrect test expectations for passing and crashing tests.
06:27 Changeset [171341] by krit@webkit.org

Turn width/height to presentation attributes
https://bugs.webkit.org/show_bug.cgi?id=135046

Patch by Dirk Schulze <krit@webkit.org> on 2014-07-18
Reviewed by Dean Jackson.

Source/WebCore:
The elements <svg>, <image>, <pattern>, <mask> and <foreignObject> have the
'width' and 'height' attributes. So far they can just be set by SVG DOM or
setAttribute. Furthermore, animations just work with SVG Animation - No support
for CSS Animations and CSS Transitions. We started to turn the width and height
attributes on SVG roots to presentation attributes already. A presentation
attribute is a CSS property that can also be set by DOM (or now by SVG DOM).

This patch turns all width and height attributes to presentation attributes. It
basically allows authors to style width and height with CSS as well. Width and
height can now be set with CSS style sheets and can be animated with CSS.

To some degree it made it possible to remove code duplication. However, since
SVG DOM requires us to use SVGLength types and since we did not turn all
SVG attributes to the CSS length values (and our internal Length struct) yet,
we still need a hybrid - a bridge between SVGLength (for SVG DOM) and Length (for
RenderStyle). Once we move all attributes to use the Length struct, we can make SVGLength
a wrapper for Length and can move more code to the render tree.

The current challenge is to synchronize SVG DOM, normal DOM and RenderStyle.
With this patch we handle most part in RenderStyle. SVG DOM changes are
synchronized to DOM and RenderStyle will call needsStyleRecalc. Furthermore,
SVG Animations will continue to animate the SVG DOM (and synchronize the changes
back to RenderStyle) if the element has a JS property for the currently animated
attribute.

Short example:

<rect>

<animate attributeName="width">

</rect>

The <rect> element has the SVG DOM property 'width'. Therefore, we animate the SVG DOM
property and synchronize RenderStyle.

<ellipse>

<animate attributeName="width">

</ellipse>

The <ellipse> element does NOT have the SVG DOM property 'width'. Therefore, we
animate the CSS property directly. With synchronizing RenderStyle in all cases, we
make sure that the CSS cascade works even on animating on multiple SVG hierarchy
levels (animation of 'width' on <g> and inheriting the property value on a child
<rect>).

With using presentation attributes, we also inherit the CSS property parsing for
SVG attributes. <rect width=" 100px "> is possible now. (Note the trailing whitespaces.)
This follows a recent resolution of the SVG WG.

Since we turned width and height to presentation attributes, the layout optimization
selfHasRelativeLengths() in the DOM can't be used anymore. selfHasRelativeLengths() was
intended to solve a problem where we did not layout relatively position/sized elements
when the parent changes its size. However, as a side effect it did not call layout
for absolutely positioned/sized elements since the layout does not change. I run
all performance tests that we have and even wrote a test with hundreds of elements
that would be affected by this optimization. The differences were inside the sigma
of a normal test run. (Means I couldn't measure a performance difference.)
Therefore, it is not worth it to keep the "optimization" around and I will probably
remove it entirely for all basic shapes but <path> and <polygon> in future patches.

Tests: svg/css/parse-height.html

svg/css/parse-width.html
svg/css/width-height-presentation-attribute-expected.svg
svg/css/width-height-presentation-attribute.svg

  • css/CSSComputedStyleDeclaration.cpp:

(WebCore::ComputedStyleExtractor::propertyValue): We never calculated the computed

value of width/height for SVG elements and returned auto instead. This is based
on a rule of CSS 2 and needs to be fixed in CSS3.

  • css/DeprecatedStyleBuilder.cpp:

(WebCore::ApplyPropertyLength::applyValue): Length always incorporates the zoom level.

In SVG we still apply the zoom after all operations by scaling the context. We need
to take this in account for Length and don't apply zoom on SVG inline elements.

  • css/StyleResolver.cpp:

(WebCore::StyleResolver::useSVGZoomRulesForLength):

See above.

  • css/StyleResolver.h:
  • rendering/svg/RenderSVGRect.cpp:

(WebCore::RenderSVGRect::updateShapeFromElement): Do not call width() and height() on

SVG DOM but use the values of RenderStyle instead.

  • rendering/svg/SVGPathData.cpp:

(WebCore::updatePathFromRectElement): Ditto.

  • svg/SVGAnimateElement.cpp:

(WebCore::SVGAnimateElement::resetAnimatedType): We need to differ between CSS properties

with and without SVG DOM on the current element. In the later case we animate the
SVG DOM and need to synch RenderStyle.

(WebCore::SVGAnimateElement::clearAnimatedType): Ditto.
(WebCore::SVGAnimateElement::applyResultsToTarget): Ditto.

  • svg/SVGAnimationElement.cpp:

(WebCore::SVGAnimationElement::isTargetAttributeCSSProperty): This checks if the CSS property

has to be synched with SVG DOM.

(WebCore::SVGAnimationElement::shouldApplyAnimation): Ditto.

  • svg/SVGAnimationElement.h:
  • svg/SVGElement.cpp:

(WebCore::populateAttributeNameToCSSPropertyIDMap): Add width and heigth to the CSS property

list for presentation attributes.

(WebCore::populateCSSPropertyWithSVGDOMNameToAnimatedPropertyTypeMap): CSS properties with

SVG DOM synchronization need to be treated differently. Collect them in a separate map.

(WebCore::cssPropertyWithSVGDOMNameToAnimatedPropertyTypeMap): Caller for the map.
(WebCore::SVGElement::animatedPropertyTypeForAttribute): We need to check both maps here:

CSS properties and CSS properties with SVG DOM synch.

(WebCore::SVGElement::isAnimatableCSSProperty): Ditto.
(WebCore::SVGElement::isPresentationAttributeWithSVGDOM): Just return true if the property name

is in the map of properties with SVG DOM for the current element.

  • svg/SVGElement.h:

(WebCore::SVGElement::invalidateSVGPresentationAttributeStyle): Call needsStyleRecalc.

  • svg/SVGFilterElement.cpp: Make width/height presentation attribute.

(WebCore::SVGFilterElement::svgAttributeChanged):
(WebCore::SVGFilterElement::selfHasRelativeLengths): Deleted.

  • svg/SVGFilterElement.h: Ditto.
  • svg/SVGForeignObjectElement.cpp:

(WebCore::SVGForeignObjectElement::svgAttributeChanged):
(WebCore::SVGForeignObjectElement::selfHasRelativeLengths): Deleted.

  • svg/SVGForeignObjectElement.h:
  • svg/SVGImageElement.cpp: Ditto.

(WebCore::SVGImageElement::svgAttributeChanged):
(WebCore::SVGImageElement::isPresentationAttribute): Deleted.
(WebCore::SVGImageElement::collectStyleForPresentationAttribute): Deleted.
(WebCore::SVGImageElement::selfHasRelativeLengths): Deleted.

  • svg/SVGImageElement.h:
  • svg/SVGLength.h: Transform an Length value to an absolute value by taking the SVG viewport

into account. (An SVG viewport is not the same as the CSS viewport.)

  • svg/SVGLengthContext.cpp: Ditto.

(WebCore::SVGLengthContext::valueForLength):

  • svg/SVGLengthContext.h:
  • svg/SVGMaskElement.cpp: Make width/height presentation attribute.

(WebCore::SVGMaskElement::svgAttributeChanged):
(WebCore::SVGMaskElement::selfHasRelativeLengths): Deleted.

  • svg/SVGMaskElement.h:
  • svg/SVGPatternElement.cpp: Ditto.

(WebCore::SVGPatternElement::svgAttributeChanged):
(WebCore::SVGPatternElement::selfHasRelativeLengths): Deleted.

  • svg/SVGPatternElement.h:
  • svg/SVGRectElement.cpp: Ditto.

(WebCore::SVGRectElement::svgAttributeChanged):
(WebCore::SVGRectElement::selfHasRelativeLengths): Deleted.

  • svg/SVGRectElement.h:
  • svg/SVGSVGElement.cpp: Ditto.

(WebCore::SVGSVGElement::svgAttributeChanged): Clean up redundant layout calls.
(WebCore::SVGSVGElement::isPresentationAttribute): Deleted.
(WebCore::SVGSVGElement::collectStyleForPresentationAttribute): Deleted.

  • svg/SVGSVGElement.h:
  • svg/properties/SVGAnimatedProperty.cpp: Synchronize SVG DOM with DOM.

(WebCore::SVGAnimatedProperty::commitChange):

LayoutTests:
We already had a lot of tests for animating width/height as property.
So far they assumed that this is not possible. They simply needed to
be updated.

Furthermore, I added reference tests to test different inheritance
scenarios of CSS properties and setting them to elements.

A parsing test makes sure that the global property values inherit is
supported as well as CSS parsing rules for SVG attributes.
Negative tests test not-allowed behavior.

  • platform/mac/svg/W3C-SVG-1.1/coords-units-03-b-expected.txt:
  • svg/animations/attributeTypes-expected.txt:
  • svg/animations/resources/attributeTypes.svg:
  • svg/animations/script-tests/attributeTypes.js:

(sample1):
(sample2):
(sample3):

  • svg/css/getComputedStyle-basic-expected.txt:
  • svg/css/parse-height-expected.txt: Added.
  • svg/css/parse-height.html: Added.
  • svg/css/parse-width-expected.txt: Added.
  • svg/css/parse-width.html: Added.
  • svg/css/width-height-presentation-attribute-expected.svg: Added.
  • svg/css/width-height-presentation-attribute.svg: Added.
  • svg/custom/mask-excessive-malloc-expected.txt:
  • svg/hixie/error/015-expected.txt:
02:48 Changeset [171340] by jochen@chromium.org

Fix my email address in contributors.json
https://bugs.webkit.org/show_bug.cgi?id=135156

Reviewed by Gyuyoung Kim.

  • Scripts/webkitpy/common/config/contributors.json:
01:50 Changeset [171339] by commit-queue@webkit.org

[GStreamer] [GTK] WebKit does not build with GStreamer 1.4
https://bugs.webkit.org/show_bug.cgi?id=135114

.:
Fix build with GStreamer 1.4

Patch by Adrian Perez de Castro <aperez@igalia.com> on 2014-07-22
Reviewed by Philippe Normand.

  • Source/cmake/FindGStreamer.cmake: Check version 1.4.0 for the

gst-mpegts component instead of the unstable 1.3.x verstions.

Source/WebCore:
Patch by Adrian Perez de Castro <aperez@igalia.com> on 2014-07-22
Reviewed by Philippe Normand.

Fix build with GStreamer 1.4

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

Change GstMpegTs-prefixed types to use the GstMpegts prefix.
(WebCore::MediaPlayerPrivateGStreamer::handleMessage):
(WebCore::MediaPlayerPrivateGStreamer::processMpegTsSection):

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:

Ditto.

07/21/14:

23:12 Changeset [171338] by psolanki@apple.com

Unreviewed iOS build fix after r171321.

  • WebView/WebView.mm:

(-[WebView _preferencesChanged:]):

21:35 Changeset [171337] by ryuan.choi@samsung.com

[EFL] Add Ewk prefix to enums of ewk_navigation_policy
https://bugs.webkit.org/show_bug.cgi?id=135144

Reviewed by Gyuyoung Kim.

All public enums of ewebkit should start with Ewk prefix.
This patch added Ewk prefix to Ewk_Event_Mouse_Button and Ewk_Event_Modifiers.
In addition, added missing description and default value for Ewk_Event_Modifier.

  • UIProcess/API/efl/ewk_navigation_policy_decision.cpp:

(toEwkEventMouseButton):
(toEwkEventModifiers):
(EwkNavigationPolicyDecision::mouseButton):
(EwkNavigationPolicyDecision::modifiers):
(ewk_navigation_policy_mouse_button_get):
(ewk_navigation_policy_modifiers_get):
(toEventMouseButton): Deleted.
(toEventModifierKeys): Deleted.

  • UIProcess/API/efl/ewk_navigation_policy_decision.h:
  • UIProcess/API/efl/ewk_navigation_policy_decision_private.h:
20:59 Changeset [171336] by benjamin@webkit.org

[iOS][WK2] Improve event throttling for Scroll Events
https://bugs.webkit.org/show_bug.cgi?id=135082
<rdar://problem/17445266>

Patch by Benjamin Poulain <bpoulain@apple.com> on 2014-07-21
Reviewed by Simon Fraser.

Source/WebCore:
This patch is composed of two parts. The first part in the WebKit layer
track an approximate measurement of the main thread responsiveness.
The second part in WebCore use that information to avoid sending events
if a page is unresponsive.

In WebCore, this patch only consider scroll events so far. Hopefully the concept
should be easy to generalize.

  • loader/EmptyClients.h:
  • page/ChromeClient.h:

Chrome client provides us with one information: how long an incoming event should be delayed.
Every port is free to implement whatever logic is suitable for them.

  • page/FrameView.cpp:

(WebCore::FrameView::FrameView):
(WebCore::FrameView::reset):
(WebCore::FrameView::delayedScrollEventTimerFired):
(WebCore::FrameView::scrollPositionChanged):
(WebCore::FrameView::sendScrollEvent):

  • page/FrameView.h:

Scroll events do not have any associated information so they can be coalesced by just skipping
all input hapenning during the throttling delay.

The implementation is done by using a timer to delay the events.

Source/WebKit2:
In the WebKit layer, we want a measure that is representative of the responsiveness.

In this patch, I use the total delay between a VisibleContentRectUpdate being dispatched
by the UIProcess, and the time RemoteLayerTreeDrawingArea flushes the layer tree.

The value used for eventThrottlingDelay() is computed by averaging the new value with
the old values with a 80/20 split, favoring the old data. Favoring historical data
over the last timing avoid excessively throttling for a single slow frame.

The computation of m_estimatedMainThreadLatency can be improved in the future, this is
a first cut keeping things simple.

With m_estimatedMainThreadLatency in our hands, we can compute our eventThrottlingDelay().
If m_estimatedMainThreadLatency is smaller than a single frame timespan, we have a fast page
and nothing is throttled.

If is it more than a frame, we throttle such that we can at least render two frames
per event dispatch based on the historical data.

The exact values will need some tweaking, but this set ensures well written pages get
60 events per seconds, while slow pages do not waste too much time on events.

  • WebProcess/WebCoreSupport/WebChromeClient.h:
  • WebProcess/WebCoreSupport/ios/WebChromeClientIOS.mm:

(WebKit::WebChromeClient::eventThrottlingDelay):

  • WebProcess/WebPage/ViewUpdateDispatcher.cpp:

(WebKit::ViewUpdateDispatcher::visibleContentRectUpdate):
(WebKit::ViewUpdateDispatcher::dispatchVisibleContentRectUpdate):

  • WebProcess/WebPage/ViewUpdateDispatcher.h:
  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::WebPage):
(WebKit::WebPage::didFlushLayerTreeAtTime):
(WebKit::WebPage::didCommitLoad):

  • WebProcess/WebPage/WebPage.h:
  • WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::WebPage::eventThrottlingDelay):
(WebKit::WebPage::updateVisibleContentRects):

  • WebProcess/WebPage/mac/RemoteLayerTreeDrawingArea.mm:

(WebKit::RemoteLayerTreeDrawingArea::flushLayers):

20:32 Changeset [171335] by bfulgham@apple.com

Unreviewed test fix.

  • Scripts/webkitperl/auto-version_unittest/autoVersionTests.pl: Revert

to older Perl 5.8 syntax for iterating over hashes to allow tests to
run on Mountain Lion bots.

19:36 Changeset [171334] by commit-queue@webkit.org

Web Inspector: Add esprima to the WebInspector.
https://bugs.webkit.org/show_bug.cgi?id=135098

Patch by Saam Barati <sbarati@apple.com> on 2014-07-21
Reviewed by Joseph Pecoraro.

This patch includes Esprima into the WebInspector and attaches its
exported function onto the WebInspector namespace object.

  • UserInterface/External/Esprima: Added.
  • UserInterface/External/Esprima/esprima.js: Added.

(.):

  • UserInterface/Main.html:
19:15 Changeset [171333] by ap@apple.com

https://bugs.webkit.org/show_bug.cgi?id=135137
build.webkit.org/dashboard: webkitperl failures show up as yellow, not red

Reviewed by Darin Adler.

webkitperl results are binary, handle them the same way we handle bindings test results.

  • BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/BuildbotTesterQueueView.js:

(BuildbotTesterQueueView.prototype.update.appendBuilderQueueStatus):
(BuildbotTesterQueueView.prototype._presentPopoverForMultipleFailureKinds):

18:26 Changeset [171332] by timothy_horton@apple.com

Avoid putting empty-sized surfaces into IOSurfacePool
https://bugs.webkit.org/show_bug.cgi?id=135136
<rdar://problem/17478407>

Reviewed by Simon Fraser.

  • platform/graphics/cg/IOSurfacePool.cpp:

(WebCore::IOSurfacePool::addSurface):
Avoid adding 0x0 surfaces to the pool, because they will wreak havoc
when their size is used as the key in the CachedSurfaceMap.
Additionally, avoid any empty sizes, because they're just pointless.

18:14 Changeset [171331] by bshafiei@apple.com

Merged r171324. <rdar://problem/17750334>

18:05 Changeset [171330] by bshafiei@apple.com

Merged r171319. <rdar://problem/17750334>

17:58 Changeset [171329] by simon.fraser@apple.com

REGRESSION (r170361): In landscape with UI hidden, fixed position elements at top of screen are too low
https://bugs.webkit.org/show_bug.cgi?id=135141
<rdar://problem/17627525>

Reviewed by Benjamin Poulain.

We can't use the WKWebView's UIScrollView contentInsets to determine the unobscured rect
in MobileSafari, because contentInsets can't be changed dynamically while scrolling.
To get around this, MobileSafari sets obscured insets instead (but also sets a fixed
contentInset).

So if the client calls _setObscuredInsets:, always use _obscuredInsets to compute the
content insets.

  • UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _computedContentInset]):
(-[WKWebView _setObscuredInsets:]):

17:58 Changeset [171328] by mark.lam@apple.com

Refactor ArrayPrototype to use getLength() and putLength() utility functions.
https://bugs.webkit.org/show_bug.cgi?id=135139.

Reviewed by Oliver Hunt.

  • Specialize putProperty() to putLength() because it is only used for setting the length property.
  • Added a getLength() utility function to get the value of the length property.
  • Use these getLength() and putLength() functions instead of the existing code to get and put the length property. Less code to read, easier to understand.
  • runtime/ArrayPrototype.cpp:

(JSC::getLength):
(JSC::putLength):
(JSC::arrayProtoFuncToString):
(JSC::arrayProtoFuncToLocaleString):
(JSC::arrayProtoFuncJoin):
(JSC::arrayProtoFuncPop):
(JSC::arrayProtoFuncPush):
(JSC::arrayProtoFuncReverse):
(JSC::arrayProtoFuncShift):
(JSC::arrayProtoFuncSlice):
(JSC::arrayProtoFuncSort):
(JSC::arrayProtoFuncSplice):
(JSC::arrayProtoFuncUnShift):
(JSC::arrayProtoFuncReduce):
(JSC::arrayProtoFuncReduceRight):
(JSC::arrayProtoFuncIndexOf):
(JSC::arrayProtoFuncLastIndexOf):
(JSC::putProperty): Deleted.

17:56 Changeset [171327] by bshafiei@apple.com

Merged r171305. <rdar://problem/17743959>

17:38 Changeset [171326] by oliver@apple.com

Remove global cookie workaround from sandbox profiles
https://bugs.webkit.org/show_bug.cgi?id=135138
<rdar://17513375>

Reviewed by Alexey Proskuryakov.

Remove the workaround needed for global cookie access, and silencing
of the associated sandbox violation.

  • Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb:
  • Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
  • UIProcess/mac/WebContextMac.mm:

(WebKit::WebContext::platformDefaultCookieStorageDirectory):

17:37 Changeset [171325] by bfulgham@apple.com

[Win] Follow-up for r171324.

  • Scripts/webkitperl/auto-version_unittest/autoVersionTests.pl: Cygwin

perl reports itself as 'cygwin'; native Windows Perl reports as
'MSWin32'. We need to handle both cases.

17:29 Changeset [171324] by bfulgham@apple.com

Unreviewed build fix after r171319.

  • Scripts/webkitperl/auto-version_unittest/autoVersionTests.pl: This test should

only execute on Windows. It will fail on other platforms, so give it a way to
successfully exit.

17:26 Changeset [171323] by commit-queue@webkit.org

new Int32Array(new ArrayBuffer(100), 1, 1) shouldn't throw an error that says "RangeError: Byte offset and length out of range of buffer"
https://bugs.webkit.org/show_bug.cgi?id=125391

Patch by Diego Pino Garcia <dpino@igalia.com> on 2014-07-21
Reviewed by Darin Adler.

Source/JavaScriptCore:
Create own method for verifying byte offset alignment.

  • runtime/ArrayBufferView.h:

(JSC::ArrayBufferView::verifyByteOffsetAlignment):
(JSC::ArrayBufferView::verifySubRangeLength):
(JSC::ArrayBufferView::verifySubRange): Deleted.

  • runtime/GenericTypedArrayViewInlines.h:

(JSC::GenericTypedArrayView<Adaptor>::create):

  • runtime/JSDataView.cpp:

(JSC::JSDataView::create):

  • runtime/JSGenericTypedArrayViewInlines.h:

(JSC::JSGenericTypedArrayView<Adaptor>::create):

LayoutTests:

  • fast/canvas/webgl/data-view-crash-expected.txt:
  • fast/canvas/webgl/data-view-test-expected.txt:
  • fast/canvas/webgl/data-view-test.html:
17:10 Changeset [171322] by oliver@apple.com

Correct sandbox profiles to fix some excess privileges
https://bugs.webkit.org/show_bug.cgi?id=135134
<rdar://problem/17741886>
<rdar://problem/17739080>

Reviewed by Alexey Proskuryakov.

This cleans up our sandbox profiles to fix a few issues - the profiles
no longer allow us to issue file extension we have the ability to consume,
and tightens some of the other file access rules.

This means we have to addd some rules to allow us to access things
that we previously had access to due to lax file system restrictions.

Some of the features were fixable simply by using entitlements on the
process rather than custom rules.

  • Configurations/WebContent-iOS.entitlements:
  • Resources/SandboxProfiles/ios/com.apple.WebKit.Databases.sb:
  • Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb:
  • Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
17:09 Changeset [171321] by bdakin@apple.com

WK1 should always setAcceleratedCompositingForFixedPositionEnabled(true) on
Yosemite
https://bugs.webkit.org/show_bug.cgi?id=135135

Reviewed by Darin Adler.

Source/WebCore:
This patch gets rid of the ChromeClient function that was introduced with
http://trac.webkit.org/changeset/171308 We’ll just enable the Setting instead.

  • css/StyleResolver.cpp:

(WebCore::StyleResolver::adjustRenderStyle):
(WebCore::fixedPositionCreatesStackingContext): Deleted.

  • page/ChromeClient.h:

(WebCore::ChromeClient::requiresAcceleratedCompositingForViewportConstrainedPosition): Deleted.

  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::requiresCompositingForPosition):

Source/WebKit/mac:
Get rid of the ChromeClient function, and enable the Setting instead.

  • WebCoreSupport/WebChromeClient.h:
  • WebCoreSupport/WebChromeClient.mm:

(WebChromeClient::requiresAcceleratedCompositingForViewportConstrainedPosition): Deleted.

  • WebView/WebView.mm:

(-[WebView _preferencesChanged:]):

16:44 Changeset [171320] by simon.fraser@apple.com

[iOS WK2] Turn off position:fixed behavior when the keyboard is up
https://bugs.webkit.org/show_bug.cgi?id=132537

Reviewed by Benjamin Poulain.

Source/WebCore:

Export RenderObject::localToContainerPoint().

  • WebCore.exp.in:

Source/WebKit2:

Make interaction with form elements inside position:fixed less terrible by re-laying out
fixed elements relative to the document while we have an assisted node. This ensures
that all parts of a position:fixed are accessible (e.g. inputs on the right side
of a fixed-width top bar).

  • Shared/AssistedNodeInformation.cpp: Add a flag for being inside postion:fixed,

and encode/decode it.
(WebKit::AssistedNodeInformation::encode):
(WebKit::AssistedNodeInformation::decode):

  • Shared/AssistedNodeInformation.h:

(WebKit::AssistedNodeInformation::AssistedNodeInformation):

  • UIProcess/PageClient.h: Add isAssistingNode().
  • UIProcess/ios/PageClientImplIOS.h:
  • UIProcess/ios/PageClientImplIOS.mm:

(WebKit::PageClientImpl::isAssistingNode):

  • UIProcess/ios/WebPageProxyIOS.mm:

(WebKit::WebPageProxy::computeCustomFixedPositionRect): If we have an assisted
node, just use the document rect as the custom fixed position rect.

  • WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::WebPage::getAssistedNodeInformation): Get the selection rect first,
since we have to fix it up for position:fixed. If the element is inside fixed
position in the main frame, re-set the fixed position rect to the document rect
(which forces a layout), re-fetch elementRect, then set it back. This ensures
that the UI process gets an elementRect which it can zoom to correctly.

16:10 Changeset [171319] by bfulgham@apple.com

Tools: [Win] Extend auto-version.pl to support 5-tuple versions
https://bugs.webkit.org/show_bug.cgi?id=135124
<rdar://problem/17750334>

Reviewed by David Kilzer.

Add test cases for auto-version.pl.

  • Scripts/webkitperl/auto-version_unittest: Added.
  • Scripts/webkitperl/auto-version_unittest/autoVersionTests.pl: Added.

WebKitLibraries: [Win] Extend auto-version.pl to handle 5-tuple versions
https://bugs.webkit.org/show_bug.cgi?id=135124
<rdar://problem/17750334>

Reviewed by David Kilzer.

Extend tuple parsing to handle up to five tuples, and as
few as a single tuple. On Windows, the two additional
tuples are unused.

Also corrected regular expression capture logic to use local
blocks, preventing later capture expressions from reusing
previous capture results when the current expression failed
to find a match (GRRR, Perl!).

Clean up code by putting logic into a couple of subroutines.

  • win/tools/scripts/auto-version.pl:
16:07 Changeset [171318] by ap@apple.com

REGRESSION: fast/layers/no-clipping-overflow-hidden-added-after-transform.html is flaky
https://bugs.webkit.org/show_bug.cgi?id=135133

  • platform/mac/TestExpectations: Marked it as such.
15:17 Changeset [171317] by timothy_horton@apple.com

Random crashes on the Web Thread due to Timers firing on the wrong thread in the UI process
https://bugs.webkit.org/show_bug.cgi?id=135132
<rdar://problem/17719832>

Reviewed by Simon Fraser.

  • UIProcess/ProcessThrottler.cpp:

(WebKit::ProcessThrottler::ProcessThrottler):
(WebKit::ProcessThrottler::suspendTimerFired):

  • UIProcess/ProcessThrottler.h:
  • UIProcess/ios/ViewGestureControllerIOS.mm:

(WebKit::ViewGestureController::ViewGestureController):
(WebKit::ViewGestureController::swipeSnapshotWatchdogTimerFired):

  • UIProcess/mac/ViewGestureController.h:
  • UIProcess/mac/ViewGestureControllerMac.mm:

(WebKit::ViewGestureController::ViewGestureController):
(WebKit::ViewGestureController::swipeSnapshotWatchdogTimerFired):
We can't use WebCore timers in the UI process because of coexistence concerns
(they fire on the Web Thread if there is one!), so use RunLoop::Timer instead.

13:47 Changeset [171316] by jer.noble@apple.com

[MSE] YouTube video decode error when variant-switching
https://bugs.webkit.org/show_bug.cgi?id=135128

Reviewed by Brent Fulgham.

Source/WebCore:
Test: media/media-source/media-source-overlapping-decodetime.html

When variant-switching, the situation can arise where an existing sample with a presentation
timestamp of N and a decode timestamp of M, and a new sample with a presentation timestamp > N
and the same decode timestamp of M, will keep the new sample from being added to the SampleMap.
This can result in a decode error when samples depending on that new, missing sample are enqueued.

The MSE spec is silent on the issue of overlapping decode timestamps. However, it guarantees that
presentation timestamps are non-overlapping. So instead of using just the decode timestamp as a key
for storing the samples in decode order, use both the decode timestamp and the presentation timestamp.
That ensures that samples with different presentation times but equal decode times are both inserted
into the decode queue, and in the correct order.

  • Modules/mediasource/SampleMap.cpp:

(WebCore::SampleIsRandomAccess::operator()): Update the parameter type to match the new KeyType.
(WebCore::SampleMap::addSample): Pass both decodeTime and presentationTime as the key to decodeOrder.
(WebCore::SampleMap::removeSample): Ditto.
(WebCore::DecodeOrderSampleMap::findSampleWithDecodeKey): Renamed from findSampleWithDecodeTime.
(WebCore::DecodeOrderSampleMap::reverseFindSampleWithDecodeKey): renamed from reverseFindSampleWithDecodeTime.
(WebCore::DecodeOrderSampleMap::findSyncSamplePriorToPresentationTime): Use renamed version of above.
(WebCore::DecodeOrderSampleMap::findSyncSampleAfterPresentationTime): Ditto.
(WebCore::DecodeOrderSampleMap::findDependentSamples): Ditto.
(WebCore::DecodeOrderSampleMap::findSampleWithDecodeTime): Deleted.
(WebCore::DecodeOrderSampleMap::reverseFindSampleWithDecodeTime): Deleted.

  • Modules/mediasource/SampleMap.h:
  • Modules/mediasource/SourceBuffer.cpp:

(WebCore::SourceBuffer::removeCodedFrames): Ditto.
(WebCore::SourceBuffer::sourceBufferPrivateDidReceiveSample): Ditto.
(WebCore::SourceBuffer::reenqueueMediaForTime): Ditto.

LayoutTests:

  • media/media-source/media-source-overlapping-decodetime-expected.txt: Added.
  • media/media-source/media-source-overlapping-decodetime.html: Added.
12:26 Changeset [171315] by dino@apple.com

Allow MiniBrowser WK1 to do element fullscreen
https://bugs.webkit.org/show_bug.cgi?id=135125

Reviewed by Simon Fraser.

Allow WK1 windows to go fullscreen using the DOM API.

  • MiniBrowser/mac/WK1BrowserWindowController.m:

(-[WK1BrowserWindowController awakeFromNib]): Enable the preference for
fullscreen.

12:20 Changeset [171314] by aestes@apple.com

[iOS] Handle QuickLook ResourceLoaders in the web process
https://bugs.webkit.org/show_bug.cgi?id=135113

Reviewed by David Kilzer.

Source/WebCore:
No new tests. QuickLook is not testable from WebKit.

  • WebCore.exp.in:
  • loader/ResourceLoadScheduler.cpp:

(WebCore::ResourceLoadScheduler::maybeLoadQuickLookResource): Start loading the ResourceLoader if it is for a QuickLook resource.

  • loader/ResourceLoadScheduler.h:

Source/WebKit2:
The QuickLook framework registers a NSURLProtocol to handle loading subresources of the HTML documents it
generates. In order for these loads to succeed, we need to start them in the same process in which QuickLook
generated the main resource.

  • WebProcess/Network/WebResourceLoadScheduler.cpp:

(WebKit::WebResourceLoadScheduler::scheduleLoad):

12:20 Changeset [171313] by ap@apple.com

fast/canvas/canvas-putImageData-zero-alpha.html is flaky
https://bugs.webkit.org/show_bug.cgi?id=131787

  • platform/mac/TestExpectations: Mark it as such.
12:16 Changeset [171312] by jonowells@apple.com

Back/Forward arrows (modern) are too large.
https://bugs.webkit.org/show_bug.cgi?id=135073

Reviewed by Joseph Pecoraro.

Changes to adjust new forward and back arrow sizes to be more consistent with the
universal design language. Moved WebInspector.Platform definition to its own file.
Refactored handling of image versions inside ImageUtilities.js.

  • UserInterface/Base/ImageUtilities.js:

(.restoreImage):
(.generateImage):
(generateColoredImagesForCSS):
Make the default image versioning smarter.

  • UserInterface/Base/Main.js:

(WebInspector.contentLoaded):
(WebInspector.contentLoaded.WebInspector.Platform.version.toString): Deleted.
(WebInspector.contentLoaded.WebInspector.Platform.toString): Deleted.

  • UserInterface/Base/Platform.js: Added.

Move platform information definition into Platform.js.

  • UserInterface/Main.html: Include Platform.js.
  • UserInterface/Views/ContentBrowser.js:

(WebInspector.ContentBrowser):

  • UserInterface/Views/FindBanner.css:

(.find-banner > button > .glyph):
(body.mac-platform.legacy .find-banner > button > .glyph):
(.find-banner > button.segmented.left > .glyph):
(body.mac-platform.legacy .find-banner > button.segmented.left > .glyph):
(.find-banner > button.segmented.right > .glyph):
(body.mac-platform.legacy .find-banner > button.segmented.right > .glyph):
(.find-banner > button.segmented):
(body.mac-platform.legacy .find-banner > button.segmented):

  • UserInterface/Views/FindBanner.js:

(WebInspector.FindBanner.prototype._generateButtonsGlyphsIfNeeded):
Size of forward and back arrows adjusted.

12:15 Changeset [171311] by ap@apple.com

Case sensitive file system build fix.

  • page/scrolling/ScrollingStateTree.cpp:
12:04 Changeset [171310] by bdakin@apple.com

Build fix.

  • WebCoreSupport/WebChromeClient.mm:

(WebChromeClient::requiresAcceleratedCompositingForViewportConstrainedPosition):

11:34 Changeset [171309] by zalan@apple.com

Unreviewed hidpi test gardening.

Use Ahem font to ensure font size predictability.

  • fast/forms/hidpi-fieldset-on-subpixel-position-when-legend-is-present-expected.html:
  • fast/forms/hidpi-fieldset-on-subpixel-position-when-legend-is-present.html:
11:31 Changeset [171308] by bdakin@apple.com

Put position:fixed elements into layers when a WK1 view is layer-backed
https://bugs.webkit.org/show_bug.cgi?id=135075

Reviewed by Darin Adler.

Source/WebCore:
This patch adds a new ChromeClient function called
requiresAcceleratedCompositingForViewportConstrainedPosition(). Since a view can
go in and out of layer backing, we need a ChromeClient method that can be
dynamically re-evaluated rather than using the existing settings for enabling
accelerated fixed and fixed that creates a stacking context.

Ensure that fixed elements create a stacking context when
requiresAcceleratedCompositingForViewportConstrainedPosition is true.

  • css/StyleResolver.cpp:

(WebCore::StyleResolver::adjustRenderStyle):

New ChromeClient function.

  • page/ChromeClient.h:

Source/WebKit/mac:
Returns true when the WebHTMLView has a layer.

  • WebCoreSupport/WebChromeClient.h:
  • WebCoreSupport/WebChromeClient.mm:

(WebChromeClient::requiresAcceleratedCompositingForViewportConstrainedPosition):

11:26 Changeset [171307] by simon.fraser@apple.com

Add helper functions to dump the scrolling state tree from the debugger
https://bugs.webkit.org/show_bug.cgi?id=135101

Reviewed by Darin Adler.

Add debug-only showScrollingStateTree() functions that take a ScrollingStateTree* and ScrollingStateNode*
for use while debugging.

  • page/scrolling/ScrollingStateTree.cpp:

(showScrollingStateTree):

  • page/scrolling/ScrollingStateTree.h:
11:26 Changeset [171306] by simon.fraser@apple.com

[iOS WK1] Single touch div scrolling doesn't work in framesets (breaks Word previews)
https://bugs.webkit.org/show_bug.cgi?id=135103
<rdar://problem/11830219>

Reviewed by Darin Adler.

After r166117 all layer flushing starts on the root frame; we no longer flush layers
for each frame during painting. However, flushing GraphicsLayers can set some state
on a subframe RenderLayerCompositor that is now never processed, which breaks scroll
layer registration.

Fix by doing a walk of the Frame tree, and calling didFlushLayers() on subframe RenderLayerCompositors
before calling didFlushLayers() on self.

  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::flushPendingLayerChanges):
(WebCore::RenderLayerCompositor::didFlushLayers):
(WebCore::RenderLayerCompositor::notifySubframesAfterLayerFlush):
(WebCore::RenderLayerCompositor::enclosingCompositorFlushingLayers): Drive-by nullptr.

  • rendering/RenderLayerCompositor.h:
10:44 Changeset [171305] by bfulgham@apple.com

[Win] Correct auto-version.pl script for two-digit version numbers
https://bugs.webkit.org/show_bug.cgi?id=135119
<rdar://problem/17743959>

Reviewed by David Kilzer.

The $MAJOR_VERSION must be the first digit of $BUILD_MAJOR_VERSION,
and $MINOR_VERSION must be the remaining digits.

Also correct regexp (line 90) that was allowing version numbers
larger than three digits to be processed.

  • win/tools/scripts/auto-version.pl: Correct regular expression.
10:30 Changeset [171304] by zalan@apple.com

Unreviewed hidpi test gardening.

  • fast/inline/hidpi-selection-gap-on-subpixel-position-expected.html:
  • fast/inline/hidpi-selection-gap-on-subpixel-position.html: Speculative fix.
  • fast/inline/hidpi-selection-gap-overlaps-inline-selection-expected.html:
  • fast/inline/hidpi-selection-gap-overlaps-inline-selection.html: Use Ahem.
10:14 Changeset [171303] by beidson@apple.com

DatabaseProcess doesn't relaunch after crashing.
<rdar://problem/17717343> and https://bugs.webkit.org/show_bug.cgi?id=135117

Reviewed by Alexey Proskuryakov.

  • UIProcess/Databases/DatabaseProcessProxy.cpp:

(WebKit::DatabaseProcessProxy::didClose): Tell the WebContext.

  • UIProcess/WebContext.cpp:

(WebKit::WebContext::databaseProcessCrashed): Notify supplements, then clear the DatabaseProcessProxy pointer.

  • UIProcess/WebContext.h:
  • UIProcess/WebContextSupplement.h:

(WebKit::WebContextSupplement::processDidClose): Added. No users right now, but the patch in bug 135035 will need this.

09:50 Changeset [171302] by ap@apple.com

REGRESSION(r150169): http/tests/cache/willsendrequest-returns-null-for-memory-cache-load.html fails
https://bugs.webkit.org/show_bug.cgi?id=116259

Updating expectations to acknowledge that the test is flaky on WK1 too (it depends
on preceding tests).

  • platform/mac-wk2/TestExpectations:
  • platform/mac/TestExpectations:
09:41 Changeset [171301] by zalan@apple.com

Unreviewed hidpi test gardening.

Use Ahem font to ensure font size predictability.

  • fast/inline/hidpi-selection-gap-and-inline-selection-have-gap-rtl-expected.html:
  • fast/inline/hidpi-selection-gap-and-inline-selection-have-gap-rtl.html:
08:14 Changeset [171300] by m.pakula@samsung.com

Unreviewed EFL gardening

Remove passing tests from TestExpectations file.

  • platform/efl/TestExpectations:
08:03 Changeset [171299] by eric.carlson@apple.com

[iOS] a Paused media session is not active
https://bugs.webkit.org/show_bug.cgi?id=135108

Reviewed by Darin Adler.

Activating the shared AudioSession will pause audio playing in another application,
so only report a Playing media sessions as active.

  • platform/audio/MediaSessionManager.cpp:
  • platform/audio/MediaSessionManager.h:

(WebCore::MediaSessionManager::activeAudioSessionRequired): Renamed from hasActive to make
clear what it does. Only return true for a session that is Playing.

  • platform/audio/mac/MediaSessionManagerMac.cpp:

(MediaSessionManager::updateSessionState): hasActive renamed to activeAudioSessionRequired.

07:46 EFLWebKit edited by ryuan.choi@samsung.com
Update few information as the latest (diff)
02:38 Changeset [171298] by carlosgc@webkit.org

[GTK] Documentation files are added twice to the tarball
https://bugs.webkit.org/show_bug.cgi?id=135115

Reviewed by Sergio Villar Senin.

  • gtk/manifest.txt: Remove duplicated rules.
02:04 Changeset [171297] by carlosgc@webkit.org

[GTK] Simplify make-dist command line arguments
https://bugs.webkit.org/show_bug.cgi?id=134832

Reviewed by Martin Robinson.

.:

  • Source/PlatformGTK.cmake: Use --version instead of

--tarball-root when running make-dist.py.

Tools:
Remove --tarball-root and -o command line options and add
--version, since the version can be used to build both, the
tarball root and the output filename. When the version it's not
provided, the pkg-config file is used to get the version. Also
change the default value of build-dir to the current directory,
since it's very common to call make-dist.py from the build dir.

  • gtk/make-dist.py:

(get_tarball_root_and_output_filename_from_arguments):

01:30 Changeset [171296] by carlosgc@webkit.org

[GTK] Reduce the size of the tarball generated by distcheck
https://bugs.webkit.org/show_bug.cgi?id=134802

Reviewed by Martin Robinson.

Add more rules to the manifest to decide what files to add:

  • Do not include platform specific directories of other ports.
  • Do not include port specific cmake files.
  • Do not include Objective-C sources.
  • Do not include .orig and .rej files.
  • Do not include mac specific sandbox files.
  • Only include the resources we actually build.
  • gtk/manifest.txt:
01:26 Changeset [171295] by rosca@adobe.com

[CSS Blending] Cleanup tests in css3/blending
https://bugs.webkit.org/show_bug.cgi?id=132600

Reviewed by Mihnea Ovidenie.

Summary of changes:

  • move common stylesheet classes to blending-style.css.
  • remove trailing white spaces.
  • replace tabs with spaces.
  • remove the 'html' tags for consistency with the most of blending tests.

This patch does not change the txt and png test expectations.

  • css3/blending/background-blend-mode-background-attachement-fixed-expected.html:
  • css3/blending/background-blend-mode-background-attachement-fixed.html:
  • css3/blending/background-blend-mode-background-clip-content-box-expected.html:
  • css3/blending/background-blend-mode-background-clip-content-box.html:
  • css3/blending/background-blend-mode-background-clip-padding-box-expected.html:
  • css3/blending/background-blend-mode-background-clip-padding-box.html:
  • css3/blending/background-blend-mode-background-origin-border-box-expected.html:
  • css3/blending/background-blend-mode-background-origin-border-box.html:
  • css3/blending/background-blend-mode-background-position-percentage-expected.html:
  • css3/blending/background-blend-mode-background-position-percentage.html:
  • css3/blending/background-blend-mode-background-repeat-no-repeat-expected.html:
  • css3/blending/background-blend-mode-background-repeat-no-repeat.html:
  • css3/blending/background-blend-mode-background-size-contain-expected.html:
  • css3/blending/background-blend-mode-background-size-contain.html:
  • css3/blending/background-blend-mode-background-size-cover-expected.html:
  • css3/blending/background-blend-mode-background-size-cover.html:
  • css3/blending/background-blend-mode-body-image-expected.html:
  • css3/blending/background-blend-mode-body-image.html:
  • css3/blending/background-blend-mode-body-transparent-color-and-image-expected.html:
  • css3/blending/background-blend-mode-body-transparent-color-and-image.html:
  • css3/blending/background-blend-mode-body-transparent-image-expected.html:
  • css3/blending/background-blend-mode-body-transparent-image.html:
  • css3/blending/background-blend-mode-crossfade-image-expected.html:
  • css3/blending/background-blend-mode-crossfade-image.html:
  • css3/blending/background-blend-mode-data-uri-svg-image-expected.html:
  • css3/blending/background-blend-mode-data-uri-svg-image.html:
  • css3/blending/background-blend-mode-default-value.html:
  • css3/blending/background-blend-mode-different-image-formats.html:
  • css3/blending/background-blend-mode-gif-color-2.html:
  • css3/blending/background-blend-mode-gif-color.html:
  • css3/blending/background-blend-mode-gradient-color.html:
  • css3/blending/background-blend-mode-gradient-gradient.html:
  • css3/blending/background-blend-mode-gradient-image.html:
  • css3/blending/background-blend-mode-image-color-dynamic-expected.html:
  • css3/blending/background-blend-mode-image-color-dynamic.html:
  • css3/blending/background-blend-mode-image-color.html:
  • css3/blending/background-blend-mode-image-image.html:
  • css3/blending/background-blend-mode-image-svg.html:
  • css3/blending/background-blend-mode-multiple-background-layers.html:
  • css3/blending/background-blend-mode-separate-layer-declaration-expected.html:
  • css3/blending/background-blend-mode-separate-layer-declaration.html:
  • css3/blending/background-blend-mode-single-layer-no-blending.html:
  • css3/blending/background-blend-mode-svg-color.html:
  • css3/blending/background-blend-mode-svg-expected.html:
  • css3/blending/background-blend-mode-svg.html:
  • css3/blending/background-blend-mode-tiled-layers.html:
  • css3/blending/blend-mode-accelerated-parent-overflow-hidden-expected.html:
  • css3/blending/blend-mode-accelerated-parent-overflow-hidden.html:
  • css3/blending/blend-mode-accelerated-with-multiple-stacking-contexts.html:
  • css3/blending/blend-mode-ancestor-clipping-layer.html:
  • css3/blending/blend-mode-background.html:
  • css3/blending/blend-mode-blended-element-overlapping-composited-sibling-should-have-compositing-layer.html:
  • css3/blending/blend-mode-body-child-background-color-expected.html:
  • css3/blending/blend-mode-body-child-background-color.html:
  • css3/blending/blend-mode-body-child-isolate-background-color-expected.html:
  • css3/blending/blend-mode-body-child-isolate-background-color.html:
  • css3/blending/blend-mode-body-child-isolate-html-background-color-expected.html:
  • css3/blending/blend-mode-body-child-isolate-html-background-color.html:
  • css3/blending/blend-mode-body-child.html:
  • css3/blending/blend-mode-body-element-expected.html:
  • css3/blending/blend-mode-body-element.html:
  • css3/blending/blend-mode-clip-accelerated-blending-canvas.html:
  • css3/blending/blend-mode-clip-accelerated-blending-child-expected.html:
  • css3/blending/blend-mode-clip-accelerated-blending-child.html:
  • css3/blending/blend-mode-clip-accelerated-blending-double-expected.html:
  • css3/blending/blend-mode-clip-accelerated-blending-double.html:
  • css3/blending/blend-mode-clip-accelerated-blending-with-siblings-expected.html:
  • css3/blending/blend-mode-clip-accelerated-blending-with-siblings.html:
  • css3/blending/blend-mode-clip-accelerated-transformed-blending-expected.html:
  • css3/blending/blend-mode-clip-accelerated-transformed-blending.html:
  • css3/blending/blend-mode-clip-rect-accelerated-blending-expected.html:
  • css3/blending/blend-mode-clip-rect-accelerated-blending.html:
  • css3/blending/blend-mode-html-element-screen.html:
  • css3/blending/blend-mode-isolated-group-1.html:
  • css3/blending/blend-mode-isolated-group-2.html:
  • css3/blending/blend-mode-isolated-group-3.html:
  • css3/blending/blend-mode-isolation-accelerated-overflow-hidden.html:
  • css3/blending/blend-mode-isolation-flags-append-non-stacking-context-blending.html:
  • css3/blending/blend-mode-isolation-flags-append-stacking-context-blending.html:
  • css3/blending/blend-mode-isolation-flags-remove-non-stacking-context-blending.html:
  • css3/blending/blend-mode-isolation-flags-remove-stacking-context-blending.html:
  • css3/blending/blend-mode-isolation-flags-turn-off-blending-no-isolation.html:
  • css3/blending/blend-mode-isolation-flags-turn-off-blending.html:
  • css3/blending/blend-mode-isolation-flags-turn-off-stacking-context.html:
  • css3/blending/blend-mode-isolation-flags-turn-on-blending.html:
  • css3/blending/blend-mode-isolation-flags-turn-on-stacking-context.html:
  • css3/blending/blend-mode-isolation-overflow-hidden-expected.html:
  • css3/blending/blend-mode-isolation-overflow-hidden.html:
  • css3/blending/blend-mode-isolation-turn-off-self-painting-layer.html:
  • css3/blending/blend-mode-isolation-turn-off-self-painting-layer1.html:
  • css3/blending/blend-mode-isolation-turn-off-self-painting-layer2.html:
  • css3/blending/blend-mode-isolation-turn-on-self-painting-layer.html:
  • css3/blending/blend-mode-layers.html:
  • css3/blending/blend-mode-overflow.html:
  • css3/blending/blend-mode-parent-of-composited-blended-has-layer.html:
  • css3/blending/blend-mode-reflection.html:
  • css3/blending/blend-mode-simple-composited.html:
  • css3/blending/blend-mode-transform-style.html:
  • css3/blending/blend-mode-with-accelerated-sibling.html:
  • css3/blending/blend-mode-with-body-expected.html:
  • css3/blending/blend-mode-with-body.html:
  • css3/blending/blend-mode-with-composited-descendant-should-have-layer.html:
  • css3/blending/effect-background-blend-mode-stacking.html:
  • css3/blending/isolation-isolate-blended-child-expected.html:
  • css3/blending/isolation-isolate-blended-child.html:
  • css3/blending/repaint/blend-mode-isolate-stacking-context.html:
  • css3/blending/repaint/blend-mode-turn-off-isolation-no-effect.html:
  • css3/blending/repaint/blend-mode-turn-off-isolation.html:
  • css3/blending/resources/blending-style.css: Added.

This file contains classes shared by multiple blending tests.

  • css3/blending/resources/dump-layer-tree.js: Added.
  • css3/blending/script-tests/background-blend-mode-property-parsing.js:
  • css3/blending/script-tests/blend-mode-property-parsing-invalid.js:
  • css3/blending/script-tests/blend-mode-property-parsing.js:
01:18 Changeset [171294] by carlosgc@webkit.org

Unreviewed. Update GObject DOM bindings test results after r171285.

  • bindings/scripts/test/GObject/WebKitDOMTestActiveDOMObject.cpp:
  • bindings/scripts/test/GObject/WebKitDOMTestCallback.cpp:
  • bindings/scripts/test/GObject/WebKitDOMTestCustomNamedGetter.cpp:
  • bindings/scripts/test/GObject/WebKitDOMTestEventConstructor.cpp:
  • bindings/scripts/test/GObject/WebKitDOMTestEventTarget.cpp:
  • bindings/scripts/test/GObject/WebKitDOMTestException.cpp:
  • bindings/scripts/test/GObject/WebKitDOMTestGenerateIsReachable.cpp:
  • bindings/scripts/test/GObject/WebKitDOMTestInterface.cpp:
  • bindings/scripts/test/GObject/WebKitDOMTestMediaQueryListListener.cpp:
  • bindings/scripts/test/GObject/WebKitDOMTestNamedConstructor.cpp:
  • bindings/scripts/test/GObject/WebKitDOMTestNode.cpp:
  • bindings/scripts/test/GObject/WebKitDOMTestNondeterministic.cpp:
  • bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
  • bindings/scripts/test/GObject/WebKitDOMTestOverloadedConstructors.cpp:
  • bindings/scripts/test/GObject/WebKitDOMTestSerializedScriptValueInterface.cpp:
  • bindings/scripts/test/GObject/WebKitDOMTestTypedefs.cpp:
  • bindings/scripts/test/GObject/WebKitDOMattribute.cpp:
  • bindings/scripts/test/GObject/WebKitDOMreadonly.cpp:
00:46 Changeset [171293] by rego@igalia.com

[CSS Grid Layout] Rename gridAutoFlow[Row|Column] to gridAutoFlow[Row|Column]Sparse
https://bugs.webkit.org/show_bug.cgi?id=135013

Rename CSS styles in grid layout tests to make the name more explicit.
As the default mode for auto-placement algorithm is "sparse".

Reviewed by Darin Adler.

  • fast/css-grid-layout/grid-auto-columns-rows-auto-flow-resolution.html:
  • fast/css-grid-layout/grid-auto-flow-get-set-expected.txt:
  • fast/css-grid-layout/grid-auto-flow-get-set.html:
  • fast/css-grid-layout/grid-auto-flow-resolution.html:
  • fast/css-grid-layout/grid-auto-flow-sparse.html:
  • fast/css-grid-layout/grid-item-addition-auto-placement-update.html:
  • fast/css-grid-layout/grid-item-auto-placement-automatic-span.html:
  • fast/css-grid-layout/grid-item-auto-placement-definite-span.html:
  • fast/css-grid-layout/grid-item-order-auto-flow-resolution.html:
  • fast/css-grid-layout/grid-item-removal-auto-placement-update.html:
  • fast/css-grid-layout/resources/grid.css:

(.gridAutoFlowColumnSparse):
(.gridAutoFlowRowSparse):
(.gridAutoFlowColumn): Deleted.
(.gridAutoFlowRow): Deleted.

Note: See TracTimeline for information about the timeline view.