Timeline
Mar 9, 2016:
- 11:13 PM Changeset in webkit [197927] by
-
- 2 edits in trunk/Source/WebKit2
[GTK] Artifacts when using web view background color
https://bugs.webkit.org/show_bug.cgi?id=155229
Reviewed by Mario Sanchez Prada.
This is because when using a web view color, we fill with the
color every rectangle updated by the web process, but we should
always fill the entire backing store before rendering the actual
contents on top.
- WebProcess/WebPage/DrawingAreaImpl.cpp:
(WebKit::DrawingAreaImpl::display): Ensure the web process always
renders the whole visible rectangle when background is rendered by
the UI process.
- 10:15 PM Changeset in webkit [197926] by
-
- 12 edits4 adds in trunk
Web Inspector: Get a RemoteObject or ObjectPreview from HeapSnapshot Object Identifier
https://bugs.webkit.org/show_bug.cgi?id=155264
<rdar://problem/25070716>
Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-09
Reviewed by Timothy Hatcher.
Source/JavaScriptCore:
- inspector/InjectedScript.h:
- inspector/InjectedScript.cpp:
(Inspector::InjectedScript::functionDetails):
(Inspector::InjectedScript::previewValue):
New InjectedScript methods for building Debugger.FunctionDetails
or Runtime.ObjectPreview protocol objects from a JSValue.
- inspector/InjectedScriptSource.js:
(InjectedScript.prototype.previewValue):
(InjectedScript.prototype.functionDetails):
(InjectedScript.prototype.getFunctionDetails):
(InjectedScript.RemoteObject.prototype._isPreviewableObjectInternal):
(InjectedScript.RemoteObject.prototype._createObjectPreviewForValue): Deleted.
(InjectedScript.RemoteObject.prototype._appendEntryPreviews): Deleted.
Share code around creating function details or object preview objects.
- inspector/agents/InspectorHeapAgent.cpp:
(Inspector::InspectorHeapAgent::InspectorHeapAgent):
(Inspector::InspectorHeapAgent::nodeForHeapObjectIdentifier):
(Inspector::InspectorHeapAgent::getPreview):
(Inspector::InspectorHeapAgent::getRemoteObject):
- inspector/agents/InspectorHeapAgent.h:
- inspector/protocol/Heap.json:
New protocol methods that go from heap object identifier to a
remote object or some kind of preview.
- inspector/scripts/codegen/generator.py:
Allow runtime casts for ObjectPreview.
LayoutTests:
- inspector/heap/getPreview-expected.txt: Added.
- inspector/heap/getPreview.html: Added.
- inspector/heap/getRemoteObject-expected.txt: Added.
- inspector/heap/getRemoteObject.html: Added.
Test the new protocol methods in different scenarios.
- inspector/heap/snapshot-expected.txt:
- inspector/heap/snapshot.html:
Fix typo.
- 9:28 PM Changeset in webkit [197925] by
-
- 11 edits in trunk
[INTL] Intl Constructors not web compatible with Object.create usage
https://bugs.webkit.org/show_bug.cgi?id=153679
Patch by Andy VanWagoner <thetalecrafter@gmail.com> on 2016-03-09
Reviewed by Darin Adler.
Source/JavaScriptCore:
Add workaround for initializing NumberFormat and DateTimeFormat objects
using Object.create followed by constructor.call. This is necessary for
backwards compatibility with libraries relying on v1 behavior of Intl
constructors.
Collator does not get the workaround, since polyfills do not include it,
and there are not any known instances of v2 incompatible libraries.
The workaround involves checking for an object that inherits from the
*Format constructor, but was not actually initialized with that type. A
substitute instance is created and attached to the object using a private
name. The prototype functions then check for the private property to use
in place of the original object.
Since this behavior is not part of the v2 spec, it should be removed as
soon as the incompatible behavior is no longer in common use.
- runtime/CommonIdentifiers.h:
- runtime/IntlDateTimeFormatConstructor.cpp:
(JSC::callIntlDateTimeFormat):
- runtime/IntlDateTimeFormatPrototype.cpp:
(JSC::IntlDateTimeFormatPrototypeGetterFormat):
(JSC::IntlDateTimeFormatPrototypeFuncResolvedOptions):
- runtime/IntlNumberFormatConstructor.cpp:
(JSC::callIntlNumberFormat):
- runtime/IntlNumberFormatPrototype.cpp:
(JSC::IntlNumberFormatPrototypeGetterFormat):
(JSC::IntlNumberFormatPrototypeFuncResolvedOptions):
LayoutTests:
Add tests for Object.create + contructor.call initialization of NumberFormat
and DateTimeFormat objects.
- js/intl-datetimeformat-expected.txt:
- js/intl-numberformat-expected.txt:
- js/script-tests/intl-datetimeformat.js:
- js/script-tests/intl-numberformat.js:
- 9:27 PM Changeset in webkit [197924] by
-
- 5 edits2 adds in trunk/Source/WebCore
Extract EventPath.h/cpp out of EventDispatcher.cpp
https://bugs.webkit.org/show_bug.cgi?id=155285
Reviewed by Chris Dumez.
Extracted EventPath.h/cpp out of EventDispatcher.cpp to add the support for Event.deepPath()
in webkit.org/b/153538. The new file defines member functions of EventPath and RelatedNodeRetargeter.
- CMakeLists.txt:
- WebCore.xcodeproj/project.pbxproj:
- dom/DOMAllInOne.cpp:
- dom/EventDispatcher.cpp:
(WebCore::EventDispatcher::dispatchScopedEvent):
(WebCore::EventDispatcher::dispatchEvent):
(WebCore::EventPath): Moved to EventPath.cpp.
(WebCore::eventTargetRespectingTargetRules): Moved to EventPath.h.
(WebCore::shouldEventCrossShadowBoundary): Moved to EventPath.cpp.
(WebCore::nodeOrHostIfPseudoElement): Ditto.
(WebCore::RelatedNodeRetargeter): Moved to EventPath.cpp.
- dom/EventPath.cpp: Added.
(WebCore::shouldEventCrossShadowBoundary): Moved from EventDispatcher.cpp.
(WebCore::nodeOrHostIfPseudoElement): Ditto.
(WebCore::EventPath::EventPath): Ditto.
(WebCore::RelatedNodeRetargeter): Ditto.
- dom/EventPath.h: Added.
(WebCore::EventPath::isEmpty):
(WebCore::EventPath::size):
(WebCore::EventPath::contextAt):
(WebCore::EventPath::lastContextIfExists):
(WebCore::EventPath::eventTargetRespectingTargetRules): Moved from EventDispatcher.cpp.
- 9:26 PM Changeset in webkit [197923] by
-
- 22 edits in trunk/Source
Font antialiasing (smoothing) changes when elements are rendered into compositing layers
https://bugs.webkit.org/show_bug.cgi?id=23364
rdar://problem/7288429
Reviewed by Tim Horton.
Source/WebCore:
Improve the appearance of subpixel-antialiased ("smoothed") text in non-opaque layers
by opting in to a new CALayer backing store format.
GraphicsLayer now has setSupportsSmoothedFonts(), which is called by RenderLayerBacking
when the platform has support for the new feature. Ideally this would only be set when
we know a layer has smoothed text drawn into it, but, for now, enable this for all
layers. The right thing happens with opaque layers under the hood.
setSupportsSmoothedFonts() is turned into a PlatformCALayer contentsFormat flag, which
is ultimately passed to setBackingStoreFormat().
We also need to propagate this flag to TileController tiles.
- platform/graphics/GraphicsLayer.cpp:
(WebCore::GraphicsLayer::supportsSmoothedFontsInNonOpaqueLayers):
(WebCore::GraphicsLayer::GraphicsLayer):
- platform/graphics/GraphicsLayer.h:
(WebCore::GraphicsLayer::supportsSmoothedFonts):
(WebCore::GraphicsLayer::setSupportsSmoothedFonts):
- platform/graphics/TiledBacking.h:
- platform/graphics/ca/GraphicsLayerCA.cpp:
(WebCore::GraphicsLayer::supportsSmoothedFontsInNonOpaqueLayers):
(WebCore::GraphicsLayerCA::setSupportsSmoothedFonts):
(WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers):
(WebCore::GraphicsLayerCA::updateContentsFormat):
- platform/graphics/ca/GraphicsLayerCA.h:
- platform/graphics/ca/PlatformCALayer.cpp:
(WebCore::PlatformCALayer::drawRepaintIndicator): Give the number a "shadow" when
the contents format says we support smoothed fonts.
- platform/graphics/ca/PlatformCALayer.h:
- platform/graphics/ca/TileController.cpp:
(WebCore::TileController::setTileContentsFormatFlags):
(WebCore::TileController::createTileLayer):
- platform/graphics/ca/TileController.h:
- platform/graphics/ca/TileGrid.cpp:
(WebCore::TileGrid::updateTileLayerProperties):
- platform/graphics/ca/cocoa/PlatformCALayerCocoa.h:
- platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:
(WebCore::setBackingStoreFormat):
(PlatformCALayerCocoa::commonInit):
(PlatformCALayerCocoa::setContentsFormat):
(PlatformCALayer::drawLayerContents): Previously, we turned off font smoothing in
non-opaque layers to improve text appearance. We no longer need to do that when
the contents format has "SmoothedFonts".
- platform/ios/LegacyTileGridTile.mm:
(WebCore::setBackingStoreFormat):
(WebCore::LegacyTileGridTile::LegacyTileGridTile):
- rendering/RenderLayerBacking.cpp:
(WebCore::RenderLayerBacking::createGraphicsLayer):
Source/WebKit2:
Send the ContentsFormat to the UI process (but nothing happens to it there yet).
- Shared/mac/RemoteLayerTreeTransaction.h:
- Shared/mac/RemoteLayerTreeTransaction.mm:
(WebKit::RemoteLayerTreeTransaction::LayerProperties::encode):
(WebKit::RemoteLayerTreeTransaction::LayerProperties::decode):
- WebProcess/WebPage/mac/PlatformCALayerRemote.cpp:
(WebKit::PlatformCALayerRemote::setContentsFormat):
(WebKit::PlatformCALayerRemote::contentsFormat):
- WebProcess/WebPage/mac/PlatformCALayerRemote.h:
- 9:17 PM Changeset in webkit [197922] by
-
- 3 edits in trunk/Source/WebCore
WebKit should adopt journal_mode=wal for all SQLite databases.
https://bugs.webkit.org/show_bug.cgi?id=133496
Reviewed by Brady Eidson & Darin Adler.
The statement intended to enable WAL mode is always failing because it is missing a
prepare(). Fix this. We were also previously permitting SQLITE_OK results - this
was in error (we were only getting these because stepping the unprepared statement
returned SQLITE_OK). Also set the SQLITE_OPEN_AUTOPROXY flag when opening the
database - this will improve perfomance when the database is accessed via an AFP
mount.
- platform/sql/SQLiteDatabase.cpp:
(WebCore::SQLiteDatabase::open):
- call prepareAndStep(), only check for SQLITE_ROW result.
- platform/sql/SQLiteFileSystem.cpp:
(WebCore::SQLiteFileSystem::openDatabase):
- should set SQLITE_OPEN_AUTOPROXY flag when opening database.
- 8:43 PM Changeset in webkit [197921] by
-
- 25 edits in trunk
Add runtime flags for shadow DOM and custom elements
https://bugs.webkit.org/show_bug.cgi?id=155213
Reviewed by Dean Jackson.
Source/WebCore:
Added new runtime flags for shadow DOM and custom elements.
- bindings/generic/RuntimeEnabledFeatures.h:
(WebCore::RuntimeEnabledFeatures::setShadowDOMEnabled): Added.
(WebCore::RuntimeEnabledFeatures::shadowDOMEnabled): Added.
(WebCore::RuntimeEnabledFeatures::setCustomElementsEnabled): Added.
(WebCore::RuntimeEnabledFeatures::customElementsEnabled): Added.
- dom/Document.idl:
- dom/Element.idl:
- dom/Node.idl:
- dom/NonDocumentTypeChildNode.idl:
- dom/ShadowRoot.idl:
- html/HTMLSlotElement.idl:
Source/WebKit/mac:
Set the runtime flag based on preferences. Enable shadow DOM and disable custom elements by default.
- WebView/WebPreferenceKeysPrivate.h:
- WebView/WebPreferences.mm:
(+[WebPreferences initialize]):
(-[WebPreferences shadowDOMEnabled]):
(-[WebPreferences setShadowDOMEnabled:]):
(-[WebPreferences customElementsEnabled]):
(-[WebPreferences setCustomElementsEnabled:]):
- WebView/WebPreferencesPrivate.h:
- WebView/WebView.mm:
(-[WebView _preferencesChanged:]):
Source/WebKit2:
Set the runtime flag based on preferences. Enable shadow DOM and disable custom elements by default.
- Shared/WebPreferencesDefinitions.h:
- UIProcess/API/C/WKPreferences.cpp:
(WKPreferencesSetShadowDOMEnabled):
(WKPreferencesGetShadowDOMEnabled):
(WKPreferencesSetCustomElementsEnabled):
(WKPreferencesGetCustomElementsEnabled):
- UIProcess/API/C/WKPreferencesRefPrivate.h:
- WebProcess/InjectedBundle/InjectedBundle.cpp:
(WebKit::InjectedBundle::overrideBoolPreferenceForTestRunner):
- WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::updatePreferences):
Source/WTF:
Removed the manual overrides of ENABLE_SHADOW_DOM and ENABLE_CUSTOM_ELEMENTS as they were
making --no-shadow-dom and --no-custom-elements flags on build-webkit useless.
- wtf/FeatureDefines.h:
Tools:
Always enable shadow DOM and custom elements during testing.
- DumpRenderTree/mac/DumpRenderTree.mm:
(resetWebPreferencesToConsistentValues):
- WebKitTestRunner/InjectedBundle/InjectedBundle.cpp:
(WTR::InjectedBundle::beginTesting):
- WebKitTestRunner/InjectedBundle/TestRunner.cpp:
(WTR::TestRunner::setShadowDOMEnabled): Added.
- WebKitTestRunner/InjectedBundle/TestRunner.h:
- 8:06 PM Changeset in webkit [197920] by
-
- 5 edits in trunk
Handling 'allowUniversalAccessFromFileURLs' on WKWebViewConfiguration causes test breakage
https://bugs.webkit.org/show_bug.cgi?id=155265
<rdar://problem/11101440>
Reviewed by Andy Estes.
Source/WebKit2:
We require "AllowUniversalAccessFromFileURLs" to permit file URLs from accessing
localStorage. However, this setting is not available on the Cocoa WKPreference (by design).
Instead, you need to set this value on the WKWebViewConfiguration.
Back out the work-around landed in r197889,
- UIProcess/API/Cocoa/WKWebViewConfiguration.mm:
(-[WKWebViewConfiguration init]): Remove test workaround.
- UIProcess/mac/WebInspectorProxyMac.mm:
(WebKit::WebInspectorProxy::platformCreateInspectorPage): Set the correct flag on
the WKWebViewConfiguration.
Tools:
WK2 localStorage tests need the 'AllowUniversalAccessFromFileURLs' preference set by default.
Tests that confirm blocking localStorage manually set the flag to "False" in the test.
- WebKitTestRunner/cocoa/TestControllerCocoa.mm:
(WTR::initializeWebViewConfiguration): Set the default state to the correct value.
- 7:16 PM Changeset in webkit [197919] by
-
- 2 edits in trunk/Source/WebInspectorUI
Web Inspector: LayoutTimelineView path components should reflect grid row nesting
https://bugs.webkit.org/show_bug.cgi?id=155279
<rdar://problem/25075355>
Reviewed by Timothy Hatcher.
- UserInterface/Views/LayoutTimelineView.js:
(WebInspector.LayoutTimelineView.prototype.get selectionPathComponents):
Walk grid nodes to build path component array.
- 6:41 PM Changeset in webkit [197918] by
-
- 5 edits1 add in trunk/Source/JavaScriptCore
Add proper JSON.stringify support for Proxy when the target is an array
https://bugs.webkit.org/show_bug.cgi?id=155180
Reviewed by Darin Adler.
This patch makes the following type of program true:
JSON.stringify(new Proxy([25], {})) === "[25]"
We need to change the JSON stringifier to use the IsArray test
in section 7.2.2 of ES6 spec instead of the JSC inherits(JSArray::info())
test.
This patch also adds tests for general JSON.stringify support
of Proxy.
- runtime/ArrayConstructor.cpp:
(JSC::arrayConstructorIsArray):
(JSC::arrayConstructorPrivateFuncIsArrayConstructor):
- runtime/ArrayConstructor.h:
(JSC::isArray):
- runtime/JSONObject.cpp:
(JSC::Stringifier::Holder::object):
(JSC::Stringifier::appendStringifiedValue):
(JSC::Stringifier::startNewLine):
(JSC::Stringifier::Holder::Holder):
- tests/es6.yaml:
- tests/stress/proxy-json.js: Added.
(assert):
(test):
- 6:33 PM Changeset in webkit [197917] by
-
- 12 edits2 adds in trunk
defineElement should upgrade existing unresolved custom elements
https://bugs.webkit.org/show_bug.cgi?id=155107
Reviewed by Darin Adler.
Source/WebCore:
Added the support for upgrading existing unresolved custom elements when defineElement is called.
The current implementation upgrades elements in the order they were created and has the issue that
it keeps accumulating all elements with a hyphen in its name until defineElement is called as
documented in https://github.com/w3c/webcomponents/issues/419
This patch re-purposes IsEditingTextFlag to indicate that the node is an unresolved custom element.
Since isEditingText() is only called in textRendererIsNeeded only on Text nodes, it's mutually
exclusive with isUnresolvedCustomElement().
The list of unresolved custom elements is kept in m_upgradeCandidatesMap, a hash map of element names
to the list of unresolved elements with that name.
In addition, added the logic to use HTMLElement as the interface for unresolved custom element instead
of HTMLUnknownElement.
Test: fast/custom-elements/upgrading/upgrading-parser-created-element.html
- bindings/js/JSCustomElementInterface.cpp:
(WebCore::JSCustomElementInterface::upgradeElement): Clear the flag.
- bindings/js/JSDocumentCustom.cpp:
(WebCore::JSDocument::defineElement): Set the unique private name to keep the interface alive before
calling addElementDefinition as the call can now invoke author scripts.
- dom/CustomElementDefinitions.cpp:
(WebCore::CustomElementDefinitions::addElementDefinition): Upgrade existing unresolved elements kept
in m_upgradeCandidatesMap.
(WebCore::CustomElementDefinitions::addUpgradeCandidate): Added.
- dom/CustomElementDefinitions.h:
- dom/Document.cpp:
(WebCore::createHTMLElementWithNameValidation): Added the code to add the unresolved custom elements
to the upgrade candidates map. Also instantiate it as HTMLElement instead of HTMLUnknownElement.
(WebCore::createFallbackHTMLElement): Ditto.
- dom/Node.h:
(WebCore::Node::setIsCustomElement):
(WebCore::Node::isUnresolvedCustomElement): Added.
(WebCore::Node::setIsUnresolvedCustomElement): Added.
(WebCore::Node::setCustomElementIsResolved): Added. Clears IsEditingTextOrUnresolvedCustomElementFlag
and sets IsCustomElement.
(WebCore::Node::isEditingText): Check both IsEditingTextOrUnresolvedCustomElementFlag and IsTextFlag
for safety even though it's currently only used in textRendererIsNeeded which takes Text&.
- dom/make_names.pl:
(defaultParametersHash): Added customElementInterfaceName as a parameter.
(printWrapperFactoryCppFile): Generate the code to use customElementInterfaceName when the element
for which the wrapper is created has isUnresolvedCustomElement flag set.
- html/HTMLTagNames.in: Use HTMLElement for unresolved custom elements.
- html/parser/HTMLConstructionSite.cpp:
(WebCore::HTMLConstructionSite::createHTMLElementOrFindCustomElementInterface): Added the code to add
the unresolved custom elements to the upgrade candidates map. Also instantiate it as HTMLElement instead
of HTMLUnknownElement.
LayoutTests:
Added W3C style testharness.js tests for asynchronously defining custom elements.
- fast/custom-elements/upgrading/Node-cloneNode.html:
- fast/custom-elements/upgrading/upgrading-parser-created-element-expected.txt: Added.
- fast/custom-elements/upgrading/upgrading-parser-created-element.html: Added.
- 6:05 PM Changeset in webkit [197916] by
-
- 12 edits in trunk/Source
Retrieve additional context for some data detector link for preview and action menu.
https://bugs.webkit.org/show_bug.cgi?id=155278
rdar://problem/24884951
Reviewed by Tim Horton.
Source/WebCore:
Adding helper function to compute a range by moving by a number of characters
from a given position and direction.
Adding function to check if the given data detector link element requires
an extended context.
- editing/VisibleUnits.cpp:
(WebCore::rangeExpandedByCharactersInDirectionAtWordBoundary):
- editing/VisibleUnits.h:
- editing/cocoa/DataDetection.h:
- editing/cocoa/DataDetection.mm:
(WebCore::DataDetection::requiresExtendedContext):
Source/WebKit2:
Data detector results for items like calendar events, can be augmented
retrieving the text surrounding the link.
- Platform/spi/ios/DataDetectorsUISPI.h:
- Shared/ios/InteractionInformationAtPosition.h:
- Shared/ios/InteractionInformationAtPosition.mm:
(WebKit::InteractionInformationAtPosition::encode):
(WebKit::InteractionInformationAtPosition::decode):
- UIProcess/ios/WKActionSheetAssistant.mm:
(-[WKActionSheetAssistant showDataDetectorsSheet]):
- UIProcess/ios/WKContentViewInteraction.mm:
(-[WKContentView _dataForPreviewItemController:atPosition:type:]):
- WebProcess/WebPage/ios/WebPageIOS.mm:
(WebKit::WebPage::getPositionInformation):
- 6:04 PM Changeset in webkit [197915] by
-
- 16 edits1 add in trunk
ES6: Implement lexical scoping for function definitions in strict mode
https://bugs.webkit.org/show_bug.cgi?id=152844
Reviewed by Geoffrey Garen.
Source/JavaScriptCore:
This patch implements block scoping for function definitions
in strict mode. The implementation works as follows:
- If we're in sloppy mode, function declarations work exactly as they did before this patch. I.e, function declarations are hoisted and declared like "var" variables.
- If you're in strict mode and at the top of a function scope or program scope, function declarations still work like they used to. They are defined like "var" variables. This is necessary for backwards compatibility because ES5 strict mode allowed duplicate function declarations at the top-most scope of a program/function.
- If you're in strict mode and inside a block statement or a switch statement,
function declarations are now block scoped. All function declarations within
a block are hoisted to the beginning of the block. They are not hoisted out of the
block like they are in sloppy mode. This allows for the following types of
programs:
` function foo() {
function bar() { return 20; }
{
function bar() { return 30; }
bar(); 30
}
bar(); 20
}
`
- bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::BytecodeGenerator):
(JSC::BytecodeGenerator::instantiateLexicalVariables):
(JSC::BytecodeGenerator::emitPrefillStackTDZVariables):
(JSC::BytecodeGenerator::pushLexicalScope):
(JSC::BytecodeGenerator::pushLexicalScopeInternal):
(JSC::BytecodeGenerator::initializeBlockScopedFunctions):
(JSC::BytecodeGenerator::popLexicalScope):
(JSC::BytecodeGenerator::liftTDZCheckIfPossible):
(JSC::BytecodeGenerator::pushTDZVariables):
(JSC::BytecodeGenerator::getVariablesUnderTDZ):
(JSC::BytecodeGenerator::emitNewRegExp):
(JSC::BytecodeGenerator::emitNewFunctionExpressionCommon):
(JSC::BytecodeGenerator::emitNewFunctionExpression):
(JSC::BytecodeGenerator::emitNewArrowFunctionExpression):
- bytecompiler/BytecodeGenerator.h:
- parser/ASTBuilder.h:
(JSC::ASTBuilder::createSourceElements):
(JSC::ASTBuilder::features):
(JSC::ASTBuilder::numConstants):
(JSC::ASTBuilder::createFuncDeclStatement):
(JSC::ASTBuilder::createClassDeclStatement):
(JSC::ASTBuilder::createBlockStatement):
(JSC::ASTBuilder::createTryStatement):
(JSC::ASTBuilder::createSwitchStatement):
(JSC::ASTBuilder::Scope::Scope):
(JSC::ASTBuilder::funcDeclarations): Deleted.
- parser/NodeConstructors.h:
(JSC::CaseBlockNode::CaseBlockNode):
(JSC::SwitchNode::SwitchNode):
(JSC::BlockNode::BlockNode):
- parser/Nodes.cpp:
(JSC::ScopeNode::ScopeNode):
(JSC::ScopeNode::singleStatement):
(JSC::ProgramNode::ProgramNode):
(JSC::ModuleProgramNode::ModuleProgramNode):
(JSC::EvalNode::EvalNode):
(JSC::FunctionNode::FunctionNode):
(JSC::VariableEnvironmentNode::VariableEnvironmentNode):
- parser/Nodes.h:
(JSC::VariableEnvironmentNode::VariableEnvironmentNode):
(JSC::VariableEnvironmentNode::lexicalVariables):
(JSC::VariableEnvironmentNode::functionStack):
(JSC::ScopeNode::captures):
(JSC::ScopeNode::varDeclarations):
(JSC::ScopeNode::neededConstants):
(JSC::ProgramNode::startColumn):
(JSC::ProgramNode::endColumn):
(JSC::EvalNode::startColumn):
(JSC::EvalNode::endColumn):
(JSC::ModuleProgramNode::startColumn):
(JSC::ModuleProgramNode::endColumn):
(JSC::ScopeNode::functionStack): Deleted.
- parser/Parser.cpp:
(JSC::Parser<LexerType>::parseInner):
(JSC::Parser<LexerType>::didFinishParsing):
(JSC::Parser<LexerType>::parseStatementListItem):
(JSC::Parser<LexerType>::parseSwitchStatement):
(JSC::Parser<LexerType>::parseBlockStatement):
(JSC::Parser<LexerType>::parseStatement):
(JSC::Parser<LexerType>::parseFunctionInfo):
(JSC::getMetadata):
(JSC::Parser<LexerType>::parseFunctionDeclaration):
(JSC::Parser<LexerType>::parseExportDeclaration):
- parser/Parser.h:
(JSC::Scope::declareVariable):
(JSC::Scope::declareFunction):
(JSC::Scope::appendFunction):
(JSC::Scope::takeFunctionDeclarations):
(JSC::Scope::declareLexicalVariable):
(JSC::Parser::currentVariableScope):
(JSC::Parser::currentLexicalDeclarationScope):
(JSC::Parser::currentFunctionScope):
(JSC::Parser::pushScope):
(JSC::Parser::popScopeInternal):
(JSC::Parser::declareVariable):
(JSC::Parser::declareFunction):
(JSC::Parser::hasDeclaredVariable):
(JSC::Parser::isFunctionMetadataNode):
(JSC::Parser<LexerType>::parse):
- parser/SyntaxChecker.h:
(JSC::SyntaxChecker::createFuncDeclStatement):
(JSC::SyntaxChecker::createClassDeclStatement):
(JSC::SyntaxChecker::createBlockStatement):
(JSC::SyntaxChecker::createExprStatement):
(JSC::SyntaxChecker::createIfStatement):
(JSC::SyntaxChecker::createContinueStatement):
(JSC::SyntaxChecker::createTryStatement):
(JSC::SyntaxChecker::createSwitchStatement):
(JSC::SyntaxChecker::createWhileStatement):
(JSC::SyntaxChecker::createWithStatement):
(JSC::SyntaxChecker::createDoWhileStatement):
- parser/VariableEnvironment.h:
(JSC::VariableEnvironmentEntry::isExported):
(JSC::VariableEnvironmentEntry::isImported):
(JSC::VariableEnvironmentEntry::isImportedNamespace):
(JSC::VariableEnvironmentEntry::isFunction):
(JSC::VariableEnvironmentEntry::setIsCaptured):
(JSC::VariableEnvironmentEntry::setIsConst):
(JSC::VariableEnvironmentEntry::setIsExported):
(JSC::VariableEnvironmentEntry::setIsImported):
(JSC::VariableEnvironmentEntry::setIsImportedNamespace):
(JSC::VariableEnvironmentEntry::setIsFunction):
(JSC::VariableEnvironmentEntry::clearIsVar):
(JSC::VariableEnvironment::VariableEnvironment):
(JSC::VariableEnvironment::begin):
(JSC::VariableEnvironment::end):
- tests/es6.yaml:
- tests/stress/block-scoped-function-declarations.js: Added.
(assert):
(test):
(f.foo.bar):
(f.foo.):
(f.foo):
(f):
(assert.foo.):
(assert.foo):
(assert.foo.foo):
(assert.foo.bar):
(assert.foo.switch.case.1):
(assert.foo.switch.case.2):
(assert.foo.switch.foo):
(assert.foo.switch.bar):
LayoutTests:
- js/let-syntax-expected.txt:
- js/parser-syntax-check-expected.txt:
- js/script-tests/parser-syntax-check.js:
(testFailed):
(runTest):
- 5:55 PM Changeset in webkit [197914] by
-
- 3 edits in trunk/Source/WebKit2
Last opened tab does not receive SetHiddenPageTimerThrottlingIncreaseLimit message
https://bugs.webkit.org/show_bug.cgi?id=155126
Reviewed by Anders Carlson.
WebPageProxy will increment the hidden page throttling counter from within its constructor,
which currently causes the WebProcessPool to try to synchronously message all processes.
The web page triggering the increment then fails to receive the message, since it was
still being constructed. Make the update of the limit async, such that the page is fully
constructed before the WebProcessPool processes the update.
- UIProcess/WebProcessPool.cpp:
(WebKit::m_hiddenPageThrottlingAutoIncreasesCounter):
- This now schedules a zero-delay timer to handle the update.
(WebKit::m_hiddenPageThrottlingTimer):
- This is now responsible for calling updateHiddenPageThrottlingAutoIncreaseLimit.
- UIProcess/WebProcessPool.h:
- Added m_hiddenPageThrottlingTimer.
- 5:54 PM Changeset in webkit [197913] by
-
- 5 edits in branches/safari-601-branch/Source
Versioning.
- 5:53 PM Changeset in webkit [197912] by
-
- 3 edits in trunk/Tools
check-webkit-style: fix false-positive warnings about @try/@catch blocks in Objective-C++ source files
<http://webkit.org/b/155273>
Reviewed by Andy Estes.
- Scripts/webkitpy/style/checkers/cpp.py:
(check_spacing_for_function_call): Ignore @catch lines.
(check_braces): Ditto.
- Scripts/webkitpy/style/checkers/cpp_unittest.py:
(CppStyleTest.test_brace_at_begin_of_line): Add test case.
- 5:46 PM Changeset in webkit [197911] by
-
- 2 edits in trunk/Source/WebCore
Fix the Windows build after <https://trac.webkit.org/changeset/197905>
(https://bugs.webkit.org/show_bug.cgi?id=155247)
We need to call the std::unique_ptr<CryptoDigest>() constructor directly
instead of using the convenience function std::make_unique<CryptoDigest>()
because std::make_unique<CryptoDigest>() cannot access the private constructor
CryptoDigest().
- platform/crypto/win/CryptoDigestWin.cpp:
(WebCore::CryptoDigest::create):
- 5:38 PM Changeset in webkit [197910] by
-
- 6 edits in trunk/PerformanceTests
Enhance existing Animometer tests
https://bugs.webkit.org/show_bug.cgi?id=155261
Reviewed by Simon Fraser.
- Animometer/tests/master/resources/canvas-tests.js: Add a gradient to
the filled circles. To expose more of the gradient, add another circle.
(SimpleCanvasStage.call.animate): For each frame, create a gradient with
undulating stop points and colors. Fill the circles twice; once with
the solid color, and once with the gradient.
- Animometer/tests/master/resources/dom-particles.js: Refactor the
emission variables into a separate stage for this test. Add a colorOffset
variable to make the colors of each particle slightly different, since
the ramp controller can add large numbers of particles all at once, which
would otherwise get all the same color.
- Animometer/tests/master/resources/particles.js:
(initialize): Remove the code specific to the SVG mask test.
- Animometer/tests/master/resources/image-data.js:
(initialize): Remove unused local variable.
- Animometer/tests/master/resources/multiply.js:
(initialize): Make the test harder by adding more total particles.
- 5:38 PM Changeset in webkit [197909] by
-
- 14 edits1 move in trunk/Source/WebInspectorUI
Web Inspector: Timelines UI redesign: use DataGridNode for TimelineView selection path components
https://bugs.webkit.org/show_bug.cgi?id=154954
<rdar://problem/24947939>
Reviewed by Timothy Hatcher.
This patch adds a new path component, TimelineDataGridNodePathComponent,
for creating a path component from the current grid selection. This is
needed since TimelineViews will no longer have an associated content tree
outline once the navigation sidebar is removed.
TimelineDataGridNode has new protected methods, "displayName" and
"iconClassNames", which are used to populate hierarchical path components,
create grid node data, and create cell content.
TimelineView subclasses share a certain amount of boilerplate code for
getting selection path components and handling path component selection.
In the future we may be able to reduce this code by introducing a new
DataGridTimelineView base class.
- UserInterface/Main.html:
Added/removed files.
- UserInterface/Views/LayoutTimelineDataGridNode.js:
(WebInspector.LayoutTimelineDataGridNode.prototype.get data):
(WebInspector.LayoutTimelineDataGridNode.prototype.createCellContent):
(WebInspector.LayoutTimelineDataGridNode):
(WebInspector.LayoutTimelineDataGridNode.prototype.get record): Deleted.
Moved to base class.
- UserInterface/Views/LayoutTimelineView.js:
(WebInspector.LayoutTimelineView.prototype.get selectionPathComponents):
(WebInspector.LayoutTimelineView.prototype.dataGridNodePathComponentSelected):
(WebInspector.LayoutTimelineView.prototype.treeElementPathComponentSelected): Deleted.
TimelineView tree outlines are going away.
- UserInterface/Views/MemoryTimelineView.js:
(WebInspector.MemoryTimelineView.prototype.treeElementPathComponentSelected): Deleted.
TimelineView tree outlines are going away.
- UserInterface/Views/NetworkTimelineView.js:
(WebInspector.NetworkTimelineView.prototype.get selectionPathComponents):
(WebInspector.NetworkTimelineView.prototype.dataGridNodePathComponentSelected):
(WebInspector.NetworkTimelineView.prototype.treeElementPathComponentSelected): Deleted.
TimelineView tree outlines are going away.
- UserInterface/Views/ProfileNodeDataGridNode.js:
(WebInspector.ProfileNodeDataGridNode.prototype.get data):
(WebInspector.ProfileNodeDataGridNode.prototype.createCellContent):
(WebInspector.ProfileNodeDataGridNode.prototype.displayName):
(WebInspector.ProfileNodeDataGridNode.prototype.iconClassNames):
(WebInspector.ProfileNodeDataGridNode):
(WebInspector.ProfileNodeDataGridNode.prototype._iconClassNameForProfileNode): Deleted.
(WebInspector.ProfileNodeDataGridNode.prototype._titleForProfileNode): Deleted.
Re-implemented as overrides of the base class methods "iconClassNames"
and "displayName".
- UserInterface/Views/RenderingFrameTimelineDataGridNode.js:
(WebInspector.RenderingFrameTimelineDataGridNode.prototype.createCellContent):
(WebInspector.RenderingFrameTimelineDataGridNode):
(WebInspector.RenderingFrameTimelineDataGridNode.prototype.get record): Deleted.
Moved to base class.
- UserInterface/Views/ResourceTimelineDataGridNode.js:
(WebInspector.ResourceTimelineDataGridNode.prototype.createCellContent):
(WebInspector.ResourceTimelineDataGridNode.prototype.displayName):
(WebInspector.ResourceTimelineDataGridNode.prototype.iconClassNames):
Override base class methods, making it possible to remove ResourceTimelineDataGridNodePathComponent,
and treat all TimelineDataGridNodes in a uniform manner.
(WebInspector.ResourceTimelineDataGridNode.prototype._createNameCellDocumentFragment):
Replace duplicated code with call to "displayName".
- UserInterface/Views/ResourceTimelineDataGridNodePathComponent.js: Removed.
Replaced by more generic solution, TimelineDataGridNodePathComponent.
- UserInterface/Views/ScriptDetailsTimelineView.js:
(WebInspector.ScriptDetailsTimelineView.prototype.get selectionPathComponents):
(WebInspector.ScriptDetailsTimelineView.prototype.dataGridNodePathComponentSelected):
(WebInspector.ScriptDetailsTimelineView.prototype.treeElementPathComponentSelected): Deleted.
TimelineView tree outlines are going away.
- UserInterface/Views/ScriptTimelineDataGridNode.js:
(WebInspector.ScriptTimelineDataGridNode.prototype.createCellContent):
(WebInspector.ScriptTimelineDataGridNode.prototype._createNameCellDocumentFragment):
Replace duplicated code with call to "displayName".
(WebInspector.ScriptTimelineDataGridNode):
(WebInspector.ScriptTimelineDataGridNode.prototype.get record): Deleted.
Moved to base class.
- UserInterface/Views/SourceCodeTimelineTimelineDataGridNode.js:
(WebInspector.SourceCodeTimelineTimelineDataGridNode.prototype.createCellContent):
(WebInspector.SourceCodeTimelineTimelineDataGridNode.prototype._createNameCellContent):
Replace duplicated code with call to "displayName".
- UserInterface/Views/TimelineDataGridNode.js:
(WebInspector.TimelineDataGridNode.prototype.get record):
Implemented in terms of the "records" getter, since all subclasses simply returned the
node's first (or only) record.
(WebInspector.TimelineDataGridNode.prototype.displayName):
(WebInspector.TimelineDataGridNode.prototype.iconClassNames):
Base class implementations, using utility methods in TimelineTabContentView
to get display data based on the node's timeline record. Can be overridden
by nodes that either don't have a timeline record (ProfileNodeDataGridNode)
- UserInterface/Views/TimelineDataGridNodePathComponent.js:
(WebInspector.TimelineDataGridNodePathComponent):
(WebInspector.TimelineDataGridNodePathComponent.prototype.get timelineDataGridNode):
(WebInspector.TimelineDataGridNodePathComponent.prototype.get previousSibling):
(WebInspector.TimelineDataGridNodePathComponent.prototype.get nextSibling):
- UserInterface/Views/TimelineView.js:
(WebInspector.TimelineView):
(WebInspector.TimelineView.prototype.get selectionPathComponents):
Must be implemented by subclasses since not all TimelineViews use a DataGrid.
- 5:37 PM Changeset in webkit [197908] by
-
- 4 edits3 adds1 delete in trunk/PerformanceTests
Add text tests
https://bugs.webkit.org/show_bug.cgi?id=155257
Reviewed by Simon Fraser.
- Animometer/resources/extensions.js:
(UnitBezier.Utilities.createClass): Add a class that computes Bezier points
assuming that two of the control points are at (0,0) and (1,1). Taken from
WebCore/platform/graphics/UnitBezier.h
- Animometer/resources/runner/tests.js: Add a test for English text and one
for international text.
- Animometer/tests/master/international.html: Added.
- Animometer/tests/master/resources/text.js: Added. The test assumes there is
#template div which it will copy. The copies are placed behind the template, and
are set with different colors each frame. They are moved around with CSS transform.
- Animometer/tests/master/text.html: Added.
Remove the other text tests, since these ones cover the same techniques.
- Animometer/tests/text/layering-text.html: Removed.
- Animometer/tests/text/resources/layering-text.js: Removed.
- Animometer/tests/text/resources/text-boxes.js: Removed.
- Animometer/tests/text/text-boxes.html: Removed.
- Animometer/resources/debug-runner/tests.js:
- 5:35 PM Changeset in webkit [197907] by
-
- 5 edits15 adds in trunk/PerformanceTests
Add a new image test
https://bugs.webkit.org/show_bug.cgi?id=155232
Reviewed by Dean Jackson.
Provisionally reviewed by Said Abou-Hallawa.
The image test renders PNGs and moves them with translate and rotate
transforms. Each particle has a lifetime, and when the lifetime ends or
the particle goes offscreen, it resets itself somewhere on the stage.
- Animometer/resources/debug-runner/tests.js: Remove the CSS bouncing PNG
images test, because this one tests the same technique.
- Animometer/resources/runner/tests.js: Added here as "Leaves".
- Animometer/tests/master/leaves.html: Added.
- Animometer/tests/master/resources/particles.js: Refactor out the parts
specific to the DOM particles test. Consequently make velocity a public
member.
(initialize): The options parameter is never used, so remove it.
(animate): Remove unused local variable.
- Animometer/tests/master/resources/leaves.js: Maintains a focal point that
moves back and forth across the canvas. That point affects the velocity
of the particles. When the focal point is on the leftmost side, it is
between [-6, -2], and set in reset(). When the focal point is on the rightmost
side, it will be from [2, 6].
- Animometer/tests/master/resources/dom-particles.js: Move JS specific to
this test here from particles.js.
New images.
- Animometer/tests/master/resources/compass100.png: Added.
- Animometer/tests/master/resources/console100.png: Added.
- Animometer/tests/master/resources/contribute100.png: Added.
- Animometer/tests/master/resources/debugger100.png: Added.
- Animometer/tests/master/resources/inspector100.png: Added.
- Animometer/tests/master/resources/layout100.png: Added.
- Animometer/tests/master/resources/performance100.png: Added.
- Animometer/tests/master/resources/script100.png: Added.
- Animometer/tests/master/resources/shortcuts100.png: Added.
- Animometer/tests/master/resources/standards100.png: Added.
- Animometer/tests/master/resources/storage100.png: Added.
- Animometer/tests/master/resources/styles100.png: Added.
- Animometer/tests/master/resources/timeline100.png: Added.
- 5:10 PM Changeset in webkit [197906] by
-
- 3 edits in trunk/Source/WebInspectorUI
Web Inspector: Nodes in Computed Styles > Container Regions formatted incorrectly.
https://bugs.webkit.org/show_bug.cgi?id=155277
<rdar://problem/25072711>
Reviewed by Timothy Hatcher.
- UserInterface/Views/DOMTreeDataGrid.js:
(WebInspector.DOMTreeDataGrid):
Enable icon column property.
- UserInterface/Views/DOMTreeDataGridNode.js:
(WebInspector.DOMTreeDataGridNode):
Removed calls to unused methods.
(WebInspector.DOMTreeDataGridNode.prototype.createCellContent):
(WebInspector.DOMTreeDataGridNode.prototype._createNameCellDocumentFragment):
Simplified cell content creation.
(WebInspector.DOMTreeDataGridNode.prototype._updateNodeName): Deleted.
(WebInspector.DOMTreeDataGridNode.prototype._makeNameCell): Deleted.
Renamed _createNameCellDocumentFragment to be consistent with similar
methods in other data grid node classes.
(WebInspector.DOMTreeDataGridNode.prototype._updateNameCellData): Deleted.
No longer needed.
- 5:09 PM Changeset in webkit [197905] by
-
- 3 edits2 adds in trunk/Source/WebCore
[Win] Implement CryptoDigest
https://bugs.webkit.org/show_bug.cgi?id=155247
<rdar://problem/25065843>
Reviewed by Brent Fulgham.
Implement the CryptoDigest abstraction for Windows so that we can compute cryptographically
secure hashes. This will allow us to support Content Security Policy inline script and inline
stylesheet hashes on Windows.
- PlatformWin.cmake: Add file CryptoDigestWin.cpp.
- PlatformWinCairo.cmake: Ditto.
- platform/crypto/win/CryptoDigestWin.cpp: Added.
(WebCore::CryptoDigest::CryptoDigest): Instantiate a CryptoDigestContext object.
(WebCore::CryptoDigest::~CryptoDigest): Destroy the cryptographic service provider and hash
object if non-null.
(WebCore::CryptoDigest::create): Acquire a handle to a cryptographic service provider (HCRYPTPROV)
and a handle to a hash object (HCRYPTHASH).
(WebCore::CryptoDigest::addBytes): Add the contents of the specified buffer to the hash object.
(WebCore::CryptoDigest::computeHash): Compute and return a Vector of bytes that represent the digest.
- 5:02 PM Changeset in webkit [197904] by
-
- 2 edits in trunk/Websites/perf.webkit.org
Build fix after r196870.
- public/include/report-processor.php:
- 5:00 PM Changeset in webkit [197903] by
-
- 3 edits in trunk/Websites/perf.webkit.org
Add Size metric to perf dashboard
https://bugs.webkit.org/show_bug.cgi?id=155266
Reviewed by Chris Dumez.
Added the "Size" metric and use bytes as its unit.
- public/js/helper-classes.js:
(PerfTestRuns):
- public/v2/data.js:
(RunsData.unitFromMetricName):
- 4:56 PM Changeset in webkit [197902] by
-
- 10 edits in trunk/Source
REGRESSION (r197149): Missing availability checks when soft-linking DataDetectors.framework
<http://webkit.org/b/155258>
Reviewed by Andy Estes.
Source/WebCore:
- page/mac/ServicesOverlayController.mm:
(WebCore::ServicesOverlayController::Highlight::setDDHighlight):
(WebCore::ServicesOverlayController::Highlight::paintContents):
(WebCore::ServicesOverlayController::mouseIsOverHighlight):
- Add check that returns early if DataDetectors.framework is not available.
- platform/spi/mac/DataDetectorsSPI.h:
- Mark Objective-C classses as optional.
Source/WebKit/mac:
- WebView/WebImmediateActionController.mm:
(-[WebImmediateActionController _clearImmediateActionState]):
(-[WebImmediateActionController immediateActionRecognizerWillBeginAnimation:]):
(-[WebImmediateActionController _animationControllerForDataDetectedText]):
(-[WebImmediateActionController _animationControllerForDataDetectedLink]):
- Add check that returns early if DataDetectors.framework is not available.
Source/WebKit2:
- Platform/mac/MenuUtilities.mm:
(WebKit::menuItemForTelephoneNumber):
(WebKit::menuForTelephoneNumber):
- Add check that returns early if DataDetectors.framework is not available.
- Shared/mac/WebHitTestResultData.mm:
(WebKit::WebHitTestResultData::platformDecode):
- Add Debug assertion. The soft-linked code should never be called if there was no actionContext passed in.
- UIProcess/Cocoa/WebViewImpl.mm:
(WebKit::WebViewImpl::dismissContentRelativeChildWindowsFromViewOnly):
- Protect calls to DDActionsManager with availability check.
- UIProcess/mac/WKImmediateActionController.mm:
(-[WKImmediateActionController _clearImmediateActionState]):
(-[WKImmediateActionController immediateActionRecognizerWillBeginAnimation:]):
- Protect calls to DDActionsManager with availability check.
(-[WKImmediateActionController _animationControllerForDataDetectedText]):
(-[WKImmediateActionController _animationControllerForDataDetectedLink]):
- Add check that returns early if DataDetectors.framework is not available.
- 4:45 PM Changeset in webkit [197901] by
-
- 7 edits in trunk/Source
Add state dumping facility
https://bugs.webkit.org/show_bug.cgi?id=154930
<rdar://problem/24939135>
Patch by Keith Rollin <Keith Rollin> on 2016-03-09
Reviewed by Anders Carlsson.
Source/WebKit2:
Collect the times at which pages are loaded. Dump them when an OS
state dump is triggered.
- WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::didCommitLoad):
- WebProcess/WebPage/WebPage.h:
(WebKit::WebPage::lastPageLoadTime):
- WebProcess/WebProcess.h:
- WebProcess/cocoa/WebProcessCocoa.mm:
(WebKit::WebProcess::registerWithStateDumper):
(WebKit::WebProcess::platformInitializeProcess):
Source/WTF:
Add an OS_STATE flag to control the inclusion of process state dumping
functionality.
- wtf/Platform.h:
- 4:40 PM Changeset in webkit [197900] by
-
- 2 edits in trunk/Tools
Removing reference to Dashboard.Repository.Internal.trac from open source unit tests.
https://bugs.webkit.org/show_bug.cgi?id=155274
Reviewed by Alexey Proskuryakov.
- BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/tests/tests.js:
(setup): Deleted. In bug 154180 we removed Dashboard.Repository.Internal which was causing an
error in the unit tests.
- 4:36 PM Changeset in webkit [197899] by
-
- 6 edits1 add in trunk/Source/JavaScriptCore
Array.isArray support for Proxy
https://bugs.webkit.org/show_bug.cgi?id=155179
Reviewed by Mark Lam.
This patch implements Array.isArray to be compliant
with the ES6 spec. Specifically, it needs to interface
properly with Proxy arguments.
https://tc39.github.io/ecma262/#sec-isarray
- runtime/ArrayConstructor.cpp:
(JSC::ArrayConstructor::getCallData):
(JSC::arrayConstructorIsArray):
(JSC::arrayConstructorPrivateFuncIsArrayConstructor):
- runtime/ArrayPrototype.cpp:
(JSC::speciesConstructArray):
- runtime/ProxyObject.cpp:
(JSC::ProxyObject::revoke):
(JSC::ProxyObject::isRevoked):
(JSC::ProxyObject::visitChildren):
- runtime/ProxyObject.h:
(JSC::ProxyObject::target):
(JSC::ProxyObject::handler):
- tests/es6.yaml:
- tests/stress/proxy-is-array.js: Added.
(assert):
(test):
- 4:22 PM Changeset in webkit [197898] by
-
- 7 edits14 adds in trunk
Add heuristic for "main content" videos which override user gesture requirements
https://bugs.webkit.org/show_bug.cgi?id=155224
Reviewed by Eric Carlson.
Source/WebCore:
Tests: media/video-main-content-allow-then-deny.html
media/video-main-content-allow.html
media/video-main-content-deny-display-none.html
media/video-main-content-deny-not-in-dom.html
media/video-main-content-deny-not-visible.html
media/video-main-content-deny-obscured.html
media/video-main-content-deny-too-small.html
Add a new behavior "restriction" to MediaElementSession that allows media elements
to optionally overriding their own user gesture requirements if the session determines
that the media element is the page's "main content".
- html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::didAttachRenderers):
(WebCore::HTMLMediaElement::updateShouldPlay):
- html/HTMLMediaElement.h:
- html/MediaElementSession.cpp:
(WebCore::restrictionName):
(WebCore::MediaElementSession::MediaElementSession):
(WebCore::MediaElementSession::addBehaviorRestriction):
(WebCore::MediaElementSession::playbackPermitted):
(WebCore::MediaElementSession::dataLoadingPermitted):
(WebCore::isMainContent):
(WebCore::MediaElementSession::mainContentCheckTimerFired):
(WebCore::MediaElementSession::updateIsMainContent):
- html/MediaElementSession.h:
- testing/Internals.cpp:
(WebCore::Internals::setMediaElementRestrictions):
LayoutTests:
- media/video-main-content-allow-expected.txt: Added.
- media/video-main-content-allow-then-deny-expected.txt: Added.
- media/video-main-content-allow-then-deny.html: Added.
- media/video-main-content-allow.html: Added.
- media/video-main-content-deny-display-none-expected.txt: Added.
- media/video-main-content-deny-display-none.html: Added.
- media/video-main-content-deny-not-in-dom-expected.txt: Added.
- media/video-main-content-deny-not-in-dom.html: Added.
- media/video-main-content-deny-not-visible-expected.txt: Added.
- media/video-main-content-deny-not-visible.html: Added.
- media/video-main-content-deny-obscured-expected.txt: Added.
- media/video-main-content-deny-obscured.html: Added.
- media/video-main-content-deny-too-small-expected.txt: Added.
- media/video-main-content-deny-too-small.html: Added.
- 4:14 PM Changeset in webkit [197897] by
-
- 2 edits in trunk/Source/WebCore
Added missing #if(SOUP) after r197591.
https://bugs.webkit.org/show_bug.cgi?id=155259
Patch by Konstantin Tokarev <Konstantin Tokarev> on 2016-03-09
Reviewed by Alex Christensen.
No new tests needed.
- platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
- 4:03 PM Changeset in webkit [197896] by
-
- 2 edits in trunk/Source/WebKit2
_WKWebsiteDataSize.h should be an SPI header.
Rubber-stamped by Tim Horton.
- WebKit2.xcodeproj/project.pbxproj:
- 3:57 PM Changeset in webkit [197895] by
-
- 2 edits in trunk/Source/JavaScriptCore
[JSC] Fix the ARM64 MacroAssembler after r197816
https://bugs.webkit.org/show_bug.cgi?id=155268
Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-03-09
Reviewed by Mark Lam.
The patch tries to generate instructions that do not exist,
causing quite fun stuff at runtime.
- assembler/MacroAssemblerARM64.h:
(JSC::MacroAssemblerARM64::load8):
(JSC::MacroAssemblerARM64::store16):
(JSC::MacroAssemblerARM64::store8):
- 3:47 PM Changeset in webkit [197894] by
-
- 2 edits in trunk/LayoutTests
Skipping js/regress/getter-richards-try-catch.html on ios-simulator debug
https://bugs.webkit.org/show_bug.cgi?id=155271
Unreviewed test gardening.
- platform/ios-simulator/TestExpectations:
- 3:36 PM Changeset in webkit [197893] by
-
- 3 edits in trunk/Source/WebCore
Add a getter for WebVideoFullscreenInterfaceObjC and update its rate property
https://bugs.webkit.org/show_bug.cgi?id=155239
Reviewed by Eric Carlson.
- platform/mac/WebVideoFullscreenInterfaceMac.h:
Move the stub implementation of setVideoDimensions() to the mm file.
Declare a getter to WebVideoFullscreenInterfaceMacObjC.
- platform/mac/WebVideoFullscreenInterfaceMac.mm:
(WebCore::WebVideoFullscreenInterfaceMac::setRate):
Also update the rate property of WebVideoFullscreenInterfaceMacObjC.
(WebCore::WebVideoFullscreenInterfaceMac::setVideoDimensions):
Stub implementation of setVideoDimensions() has been moved to here.
- 3:33 PM Changeset in webkit [197892] by
-
- 2 edits in trunk/Source/WebCore
Fix Mac build without video enabled after r197633.
- bindings/objc/DOM.mm:
- 3:07 PM Changeset in webkit [197891] by
-
- 2 edits in trunk/Tools
use ulimit command to check process limit in webkitpy
https://bugs.webkit.org/show_bug.cgi?id=155260
Reviewed by Alexey Proskuryakov.
- Scripts/webkitpy/port/ios.py:
(IOSSimulatorPort.default_child_processes): Use ulimit command output instead of
launchctl limit maxproc command.
- 3:02 PM Changeset in webkit [197890] by
-
- 2 edits in trunk/LayoutTests
Skip two flaky tests on mac-wk1
https://bugs.webkit.org/show_bug.cgi?id=155196
Unreviewed test gardening.
media/video-with-blob-url-allowed-by-csp-media-src-star.html and media/video-with-data-url-allowed-by-csp-media-src-star.html
are flaky on mac-wk1. Skipping to get bots to green during investigation.
- platform/mac-wk1/TestExpectations:
- 3:00 PM Changeset in webkit [197889] by
-
- 2 edits in trunk/Source/WebKit2
Handling 'allowUniversalAccessFromFileURLs' on WKWebViewConfiguration causes test breakage
https://bugs.webkit.org/show_bug.cgi?id=155265
Unreviewed work-around to allow testing to continue.
- UIProcess/API/Cocoa/WKWebViewConfiguration.mm:
(-[WKWebViewConfiguration init]): Workaround build break.
- 2:34 PM Changeset in webkit [197888] by
-
- 3 edits in trunk/Source/JavaScriptCore
Unreviewed, rolling out r197873.
https://bugs.webkit.org/show_bug.cgi?id=155262
"Crashes some JSC tests" (Requested by mlam on #webkit).
Reverted changeset:
"Add dumping of function expression names in CodeBlock
bytecode dump."
https://bugs.webkit.org/show_bug.cgi?id=155248
http://trac.webkit.org/changeset/197873
- 2:29 PM Changeset in webkit [197887] by
-
- 16 edits1 copy2 moves1 add in trunk
Rename Node.treeRoot to rootNode and turn it on by default
https://bugs.webkit.org/show_bug.cgi?id=155226
Reviewed by Antonio Gomes.
Source/WebCore:
Node.prototype.treeRoot has been merged into DOM spec from Shadow DOM spec and renamed to rootNode:
https://dom.spec.whatwg.org/#dom-node-rootnode
Rename the method and expose it unconditionally on Node.prototype.
Tests: fast/dom/Node/rootNode.html
fast/shadow-dom/Node-interface-rootNode.html
- dom/ContainerNode.h:
(WebCore::Node::highestAncestor): Deleted. There is no need for this function to be inlined.
- dom/Document.h: Now that both TreeScope and Node defines rootNode, we need to pick either.
Here, we pick TreeScope's definition since Document is by definition always in a document so there is
no need to even check inTreeScope().
- dom/Node.cpp:
(WebCore::Node::rootNode): Moved here. Also added a fast path for when "this" node is in a document
or a shadow root since TreeScope stores its root node as a member variable (m_rootNode).
- dom/Node.h:
- dom/Node.idl: Renamed the method and removed Conditional=SHADOW_DOM.
- dom/ShadowRoot.h: Similar to the change in Document.h. See above.
- editing/Editor.cpp:
(WebCore::correctSpellcheckingPreservingTextCheckingParagraph): Use rootNode instead of free function
defined in htmlediting.cpp, which was removed in this patch.
- editing/htmlediting.cpp:
(WebCore::highestAncestor): Deleted.
- editing/htmlediting.h:
- html/FormAssociatedElement.cpp:
(WebCore::computeRootNode): Added.
(WebCore::FormAssociatedElement::removedFrom): We can't use Node::rootNode here because this function
is called in the middle of removing a subtree, and some associated form element's inDocument flag may
not have been updated yet. So use computeRootNode to manually find the highest ancestor.
(WebCore::FormAssociatedElement::formRemovedFromTree): Ditto.
- xml/XPathPath.cpp:
(WebCore::XPath::LocationPath::evaluate):
LayoutTests:
Split Node-interface-treeRoot.html into two pieces, the one that doesn't invoke shadow DOM and the other that tests
shadow DOM related cases. I intend to upstream these tests to W3C at some point so keep them in testharness.js form.
- fast/dom/Node/rootNode-expected.txt: Added.
- fast/dom/Node/rootNode.html: Copied from LayoutTests/fast/shadow-dom/Node-interface-treeRoot.html.
- fast/shadow-dom/Node-interface-rootNode-expected.txt: Renamed from Node-interface-treeRoot-expected.txt.
- fast/shadow-dom/Node-interface-rootNode.html: Renamed from LayoutTests/fast/shadow-dom/Node-interface-treeRoot.html.
- js/dom/dom-static-property-for-in-iteration-expected.txt:
- platform/efl/js/dom/dom-static-property-for-in-iteration-expected.txt:
- platform/gtk/js/dom/dom-static-property-for-in-iteration-expected.txt:
- 1:50 PM Changeset in webkit [197886] by
-
- 4 edits in trunk
[cmake] Fixed All-in-One build.
https://bugs.webkit.org/show_bug.cgi?id=155241
Patch by Konstantin Tokarev <Konstantin Tokarev> on 2016-03-09
Reviewed by Csaba Osztrogonác.
.:
- Source/cmake/WebKitMacros.cmake: Last item of WebCore_SOURCES was
not removed in PROCESS_ALLINONE_FILE.
Source/WebCore:
No new tests needed.
- bindings/js/JSBindingsAllInOne.cpp: Should not include generated
file.
- 1:49 PM Changeset in webkit [197885] by
-
- 2 edits in trunk/Source/WebKit2
Fix use-after-free when cancelling synchronous XHR when using NetworkSession
https://bugs.webkit.org/show_bug.cgi?id=155253
Reviewed by Brady Eidson.
- NetworkProcess/NetworkLoad.cpp:
(WebKit::NetworkLoad::continueWillSendRequest):
Store the completion handler on the stack before calling didFail, which deletes the
NetworkLoad, so we don't access m_redirectCompletionHandler after deleting the NetworkLoad.
- 1:48 PM Changeset in webkit [197884] by
-
- 3 edits in trunk/Source/WebCore
Unreviewed, rebaseline bindings tests after r197874.
- bindings/scripts/test/JS/JSattribute.cpp:
(WebCore::JSattribute::getOwnPropertySlot):
- bindings/scripts/test/JS/JSattribute.h:
- 1:44 PM Changeset in webkit [197883] by
-
- 5 edits in trunk/Tools
Stop building armv7 on iOS device builders
https://bugs.webkit.org/show_bug.cgi?id=155246
Reviewed by David Kilzer.
- BuildSlaveSupport/build.webkit.org-config/config.json: Building both armv7 and
armv7s makes the bots unnecessarily slow. We can catch super rare v7-only regressions
elsewhere.
- Scripts/webkitpy/common/config/ews.json: Changed EWS to match, as we always want
EWS configuration to be verified by buildbot queues.
- Scripts/webkitdirs.pm:
- Scripts/webkitpy/port/ios.py:
Changed default to arm64. I think that the default is probably not used in any
practical scenarios, but it's nice to make it more sensible.
- 1:31 PM Changeset in webkit [197882] by
-
- 3 edits in trunk/Source/WebKit2
Unreviewed, rolling out r197698.
https://bugs.webkit.org/show_bug.cgi?id=155252
Caused assertions, and wasn't reviewed by a WK2 owner
(Requested by andersca on #webkit).
Reverted changeset:
"Last opened tab does not receive
SetHiddenPageTimerThrottlingIncreaseLimit message"
https://bugs.webkit.org/show_bug.cgi?id=155126
http://trac.webkit.org/changeset/197698
- 1:30 PM Changeset in webkit [197881] by
-
- 2 edits in trunk/Source/WebKit2
WebsiteDataStore::Configuration::legacyWebsiteDataStoreConfiguration() should respect the passed-in configuration
https://bugs.webkit.org/show_bug.cgi?id=155250
Reviewed by Anders Carlsson.
Note that the legacy directories are already set by default in ProcessPoolConfiguration::createWithLegacyOptions(),
which is also where the shouldHaveLegacyDataStore flag, which will cause this code path to be reached, is set.
- UIProcess/WebProcessPool.cpp:
(WebKit::legacyWebsiteDataStoreConfiguration):
Use the passed-in configuration to set the application cache, network cache, and media keys storage directories.
- 1:30 PM Changeset in webkit [197880] by
-
- 2 edits in trunk/Websites/webkit.org
For RSS feeds, convert image and link relative URIs to absolute URIs
https://bugs.webkit.org/show_bug.cgi?id=155237
Reviewed by Timothy Hatcher.
- wp-content/themes/webkit/functions.php:
- 1:22 PM Changeset in webkit [197879] by
-
- 8 edits in trunk/Source/WebKit2
Speculative disk cache resource revalidations are sometimes wasted
https://bugs.webkit.org/show_bug.cgi?id=155187
<rdar://problem/25032905>
Reviewed by Antti Koivisto.
Speculative disk cache resource revalidations were sometimes wasted.
We would sometimes correctly revalidate a resource but the
NetworkResourceLoader then either:
- Fail to reuse the speculatively validated entry
- Reuse the speculatively validated entry but then validate it again
Bug 1 was caused by the revalidated entry key sometimes being
different from the cached entry key. This could happen when
revalidation fails (the server did not send back a 304) in
which case we call NetworkCache::store() which creates a new
cache Entry, generating a cache key from our revalidation
request. If the original request has a cache partition or a
range, then the keys would not match because we did not set
the cache partition or the range on the revalidation request.
This has been addressed by setting the cache partition on the
revalidation request in constructRevalidationRequest() and by
not doing revalidation if the original request had a 'range'
header.
Bug 2 was caused by us marking a speculatively revalidated entry
as "not needing revalidating" only in Cache::update(). Cache::update()
is only called in the case the revalidation was successful (server
returned a 304). If revalidation was not successful, Cache::store()
would be called instead was we would fail to update the
needsRevalidation flag. NetworkResourceLoader would then validate
again the resource that was already speculatively revalidated.
To address the problem, we now update the 'needsRevalidation' flag
as soon as the speculative revalidation completes, in
SpeculativeLoad::didComplete().
- NetworkProcess/cache/NetworkCache.cpp:
(WebKit::NetworkCache::Cache::retrieve):
(WebKit::NetworkCache::makeCacheKey):
(WebKit::NetworkCache::Cache::update):
- NetworkProcess/cache/NetworkCacheEntry.cpp:
(WebKit::NetworkCache::Entry::setNeedsValidation):
- NetworkProcess/cache/NetworkCacheEntry.h:
- NetworkProcess/cache/NetworkCacheKey.cpp:
(WebKit::NetworkCache::noPartitionString):
(WebKit::NetworkCache::Key::Key):
(WebKit::NetworkCache::Key::hasPartition):
- NetworkProcess/cache/NetworkCacheKey.h:
- NetworkProcess/cache/NetworkCacheSpeculativeLoad.cpp:
(WebKit::NetworkCache::SpeculativeLoad::didComplete):
- NetworkProcess/cache/NetworkCacheSpeculativeLoadManager.cpp:
(WebKit::NetworkCache::constructRevalidationRequest):
(WebKit::NetworkCache::SpeculativeLoadManager::retrieveEntryFromStorage):
(WebKit::NetworkCache::SpeculativeLoadManager::revalidateEntry):
- 1:15 PM Changeset in webkit [197878] by
-
- 4 edits in trunk/Source
Fix old iOS
- 1:13 PM Changeset in webkit [197877] by
-
- 2 edits in trunk/Source/WebInspectorUI
Web Inspector: Remove unnecessary constructor
https://bugs.webkit.org/show_bug.cgi?id=155249
Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-09
Reviewed by Timothy Hatcher.
- UserInterface/Views/ScriptTimelineDataGrid.js:
(WebInspector.ScriptTimelineDataGrid):
- 1:09 PM Changeset in webkit [197876] by
-
- 3 edits in trunk/Source/JavaScriptCore
Wincairo buildfix
https://bugs.webkit.org/show_bug.cgi?id=155245
Reviewed by Mark Lam.
Fix up exports for a few symbols
- jit/ExecutableAllocator.h:
- jit/ExecutableAllocatorFixedVMPool.cpp:
- 12:55 PM Changeset in webkit [197875] by
-
- 7 edits in trunk
focus() / blur() should be on HTMLElement / SVGElement, not Element
https://bugs.webkit.org/show_bug.cgi?id=155216
Reviewed by Darin Adler.
LayoutTests/imported/w3c:
Rebaseline now that more checks are passing.
- web-platform-tests/html/dom/interfaces-expected.txt:
Source/WebCore:
focus() / blur() should be on HTMLElement / SVGElement, not Element:
- https://html.spec.whatwg.org/multipage/dom.html#htmlelement
- https://www.w3.org/TR/SVG2/types.html#InterfaceSVGElement
Chrome and Firefox match the specification.
Note that after this change, focus() / blur() is no longer exposed
on MathMLElement. This matches the MathML specification and is
consistent with Firefox and Chrome.
- dom/Element.idl:
- html/HTMLElement.idl:
- svg/SVGElement.idl:
- 12:37 PM Changeset in webkit [197874] by
-
- 5 edits in trunk
Move attributes to the instance for most interfaces that have "Error" in their name
https://bugs.webkit.org/show_bug.cgi?id=155231
Reviewed by Darin Adler.
LayoutTests/imported/w3c:
Rebaseline now that more checks are passing.
- web-platform-tests/html/dom/interfaces-expected.txt:
Source/WebCore:
Our bindings generator was keeping attributes on the instances for
interfaces having "Error" or "Exception" in their name. The reason is
that interfaces that have "Error" in their prototype would not behave
correctly otherwise because "Error" incorrectly has its attributes on
the instance at the moment. However, in our bindings generator, the
condition to decide if an interface's prototype should be "Error" is
if $interface->isException. Therefore, we should use the same condition
to decide if we should keep attributes on the instance until "Error"
is updated to have its attributes on the prototype. Doing this for any
interface having "Error" or "Exception" in their name is overkill.
No new tests, already covered by existing test.
- bindings/scripts/CodeGeneratorJS.pm:
(InterfaceRequiresAttributesOnInstance):
- 12:36 PM Changeset in webkit [197873] by
-
- 3 edits in trunk/Source/JavaScriptCore
Add dumping of function expression names in CodeBlock bytecode dump.
https://bugs.webkit.org/show_bug.cgi?id=155248
Reviewed by Filip Pizlo.
Because ...
[ 19] new_func_exp loc5, loc3, f0:foo
... is more informative than
[ 19] new_func_exp loc5, loc3, f0
Anonymous functions will be dumped as <anon>.
- bytecode/CodeBlock.cpp:
(JSC::CodeBlock::dumpFunctionExpr):
(JSC::CodeBlock::dumpBytecode):
- bytecode/CodeBlock.h:
- 12:36 PM Changeset in webkit [197872] by
-
- 2 edits in trunk/Tools
Add iOS Simulator EWS to bot watcher's dashboard
https://bugs.webkit.org/show_bug.cgi?id=155220
Reviewed by Lucas Forschler.
- BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/BubbleQueueServer.js:
- 12:25 PM Changeset in webkit [197871] by
-
- 3 edits1 copy1 add1 delete in trunk/Source/WebCore
Rename WebCore/platform/crypto/mac/CryptoDigestMac.cpp to WebCore/platform/crypto/commoncrypto/CryptoDigestCommonCrypto.cpp
https://bugs.webkit.org/show_bug.cgi?id=155244
Reviewed by Alexey Proskuryakov.
The file WebCore/platform/crypto/mac/CryptoDigestMac.cpp is applicable to both iOS and OS X.
We should move and rename this file to reflect that is applicable to both of these platforms.
- PlatformMac.cmake:
- WebCore.xcodeproj/project.pbxproj:
- platform/crypto/commoncrypto/CryptoDigestCommonCrypto.cpp: Renamed from Source/WebCore/platform/crypto/mac/CryptoDigestMac.cpp.
- 12:22 PM Changeset in webkit [197870] by
-
- 8 edits in trunk
Local HTML should be blocked from localStorage access unless "Disable Local File Restrictions" is checked
https://bugs.webkit.org/show_bug.cgi?id=155185
Source/WebKit2:
Reviewed by Anders Carlsson.
<rdar://problem/11101440>
Tested by TestWebKitAPI tests IndexedDB.IndexedDBMultiProcess and IndexedDB.IndexedDBPersistence.
Allow Cocoa WKWebViewConfiguration access to the 'allowUniversalAccessFromFileURLs' setting.
- UIProcess/API/Cocoa/WKWebView.mm:
(- [WKWebView _initializeWithConfiguration]): Set 'allowUniversalAccessFromFileURLsKey' in
page configuration.
- UIProcess/API/Cocoa/WKWebViewConfiguration.mm:
(-[WKWebViewConfiguration _allowUniversalAccessFromFileURLs]): Added,
(-[WKWebViewConfiguration _setAllowUniversalAccessFromFileURLs:]): Added.
- UIProcess/API/Cocoa/WKWebViewConfigurationPrivate.h:
Tools:
<rdar://problem/11101440>
Reviewed by Anders Carlsson.
- TestWebKitAPI/Tests/WebKit2/CloseFromWithinCreatePage.cpp:
(TestWebKitAPI::TEST): Allow local file accesss to run test.
- TestWebKitAPI/Tests/WebKit2Cocoa/IndexedDBMultiProcess.mm:
(TEST): Ditto.
- TestWebKitAPI/Tests/WebKit2Cocoa/IndexedDBPersistence.mm:
(TEST): Ditto.
- 12:11 PM Changeset in webkit [197869] by
-
- 23 edits3 adds in trunk
[ES6] Implement RegExp sticky flag and related functionality
https://bugs.webkit.org/show_bug.cgi?id=155177
Reviewed by Saam Barati.
Source/JavaScriptCore:
Implemented the ES6 RegExp sticky functionality.
There are two main behavior changes when the sticky flag is specified.
1) Matching starts at lastIndex and lastIndex is updated after the match.
2) The regular expression is only matched from the start position in the string.
See ES6 section 21.2.5.2.2 for details.
Changed both the Yarr interpreter and jit to not loop to the next character for sticky RegExp's.
Updated RegExp exec and match, and stringProtoFuncMatch to handle lastIndex changes.
Restructured the way flags are passed to and through YarrPatterns to use RegExpFlags instead of
individual bools.
Updated tests for 'y' flag and new behavior.
- bytecode/CodeBlock.cpp:
(JSC::regexpToSourceString):
- inspector/ContentSearchUtilities.cpp:
(Inspector::ContentSearchUtilities::findMagicComment):
- runtime/CommonIdentifiers.h:
- runtime/RegExp.cpp:
(JSC::regExpFlags):
(JSC::RegExpFunctionalTestCollector::outputOneTest):
(JSC::RegExp::finishCreation):
(JSC::RegExp::compile):
(JSC::RegExp::compileMatchOnly):
- runtime/RegExp.h:
- runtime/RegExpKey.h:
- runtime/RegExpObjectInlines.h:
(JSC::RegExpObject::execInline):
(JSC::RegExpObject::matchInline):
- runtime/RegExpPrototype.cpp:
(JSC::regExpProtoFuncCompile):
(JSC::flagsString):
(JSC::regExpProtoGetterMultiline):
(JSC::regExpProtoGetterSticky):
(JSC::regExpProtoGetterUnicode):
- runtime/StringPrototype.cpp:
(JSC::stringProtoFuncMatch):
- tests/es6.yaml:
- tests/stress/static-getter-in-names.js:
(shouldBe):
- yarr/RegularExpression.cpp:
(JSC::Yarr::RegularExpression::Private::compile):
- yarr/YarrInterpreter.cpp:
(JSC::Yarr::Interpreter::tryConsumeBackReference):
(JSC::Yarr::Interpreter::matchAssertionBOL):
(JSC::Yarr::Interpreter::matchAssertionEOL):
(JSC::Yarr::Interpreter::matchAssertionWordBoundary):
(JSC::Yarr::Interpreter::matchDotStarEnclosure):
(JSC::Yarr::Interpreter::matchDisjunction):
(JSC::Yarr::Interpreter::Interpreter):
(JSC::Yarr::ByteCompiler::atomPatternCharacter):
- yarr/YarrInterpreter.h:
(JSC::Yarr::BytecodePattern::BytecodePattern):
(JSC::Yarr::BytecodePattern::estimatedSizeInBytes):
(JSC::Yarr::BytecodePattern::ignoreCase):
(JSC::Yarr::BytecodePattern::multiline):
(JSC::Yarr::BytecodePattern::sticky):
(JSC::Yarr::BytecodePattern::unicode):
- yarr/YarrJIT.cpp:
(JSC::Yarr::YarrGenerator::matchCharacterClass):
(JSC::Yarr::YarrGenerator::jumpIfCharNotEquals):
(JSC::Yarr::YarrGenerator::generateAssertionBOL):
(JSC::Yarr::YarrGenerator::generateAssertionEOL):
(JSC::Yarr::YarrGenerator::generatePatternCharacterOnce):
(JSC::Yarr::YarrGenerator::generatePatternCharacterFixed):
(JSC::Yarr::YarrGenerator::generateDotStarEnclosure):
(JSC::Yarr::YarrGenerator::backtrack):
- yarr/YarrPattern.cpp:
(JSC::Yarr::YarrPatternConstructor::YarrPatternConstructor):
(JSC::Yarr::YarrPatternConstructor::atomPatternCharacter):
(JSC::Yarr::YarrPatternConstructor::setupAlternativeOffsets):
(JSC::Yarr::YarrPatternConstructor::optimizeBOL):
(JSC::Yarr::YarrPattern::compile):
(JSC::Yarr::YarrPattern::YarrPattern):
- yarr/YarrPattern.h:
(JSC::Yarr::YarrPattern::reset):
(JSC::Yarr::YarrPattern::nonwordcharCharacterClass):
(JSC::Yarr::YarrPattern::ignoreCase):
(JSC::Yarr::YarrPattern::multiline):
(JSC::Yarr::YarrPattern::sticky):
(JSC::Yarr::YarrPattern::unicode):
LayoutTests:
New and updated tests.
- js/Object-getOwnPropertyNames-expected.txt:
- js/regexp-flags-expected.txt:
- js/regexp-sticky-expected.txt: Added.
- js/regexp-sticky.html: Added.
- js/script-tests/Object-getOwnPropertyNames.js:
- js/script-tests/regexp-flags.js:
(RegExp.prototype.hasOwnProperty): Deleted check for sticky property.
- js/script-tests/regexp-sticky.js: New test.
(asString):
(testStickyExec):
(testStickyMatch):
- 11:56 AM Changeset in webkit [197868] by
-
- 5 edits in trunk
Removing and re-adding a script message handler with the same name results in an unusable message handler
https://bugs.webkit.org/show_bug.cgi?id=155223
Reviewed by Sam Weinig.
Source/WebCore:
New API test: WKUserContentController.ScriptMessageHandlerReplaceWithSameName.
- page/UserMessageHandler.h:
(WebCore::UserMessageHandler::descriptor):
- page/UserMessageHandlersNamespace.cpp:
(WebCore::UserMessageHandlersNamespace::handler):
This lazy removal mechanism combined with the fact that we only compare
handler name and world makes it such that m_messageHandlers could have
a stale UserMessageHandler with a UserMessageHandlerDescriptor that differed
only in client.
It is safe to compare the descriptors by pointer instead because m_messageHandler
holds a strong reference to its UserMessageHandlerDescriptors, and this will ensure
that the add-remove-add path (with identical name and world) causes a new
UserContentController to be created.
We also now clean up any stale UserMessageHandlers whenever we're about to
add a new one, by removing any which the UserContentController no longer knows about.
Tools:
- TestWebKitAPI/Tests/WebKit2Cocoa/UserContentController.mm:
(TEST):
Add a test ensuring that it is possible to remove and re-add a script message handler
with the same name and still dispatch messages to it.
- 11:36 AM Changeset in webkit [197867] by
-
- 11 edits in trunk
FunctionExecutable::ecmaName() should not be based on inferredName().
https://bugs.webkit.org/show_bug.cgi?id=155203
Reviewed by Michael Saboff.
Source/JavaScriptCore:
The ES6 rules for how a function name should be inferred closely matches JSC's
implementation with one exception:
var o = {}
o.foo = function() {}
JSC's inferredName for o.foo would be "foo".
ES6 specifies that o.foo.name is "".
The fix is to add a distinct FunctionExecutable::ecmaName() which applies the ES6
rules for inferring the initial value of Function.name.
- bytecode/UnlinkedFunctionExecutable.cpp:
(JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable):
- bytecode/UnlinkedFunctionExecutable.h:
- parser/ASTBuilder.h:
(JSC::ASTBuilder::createAssignResolve):
(JSC::ASTBuilder::createGetterOrSetterProperty):
(JSC::ASTBuilder::createProperty):
(JSC::ASTBuilder::makeAssignNode):
- parser/Nodes.h:
- runtime/Executable.h:
- runtime/JSFunction.cpp:
(JSC::JSFunction::reifyName):
- tests/es6.yaml:
LayoutTests:
- js/script-tests/function-toString-vs-name.js:
- Fixed up object property test section and added new test cases.
- platform/mac/http/tests/media/media-source/mediasource-sourcebuffer-mode-expected.txt:
- 11:29 AM Changeset in webkit [197866] by
-
- 10 edits in trunk/Source/WebKit2
Add two finger tap on links.
https://bugs.webkit.org/show_bug.cgi?id=155205
rdar://problem/22937516
Reviewed by Sam Weinig.
Adds two finger tap gesture recognizer. When performed
on a link, it calls the delegate.
- Platform/spi/ios/UIKitSPI.h:
- UIProcess/API/Cocoa/WKUIDelegatePrivate.h:
- UIProcess/WebPageProxy.h:
- UIProcess/ios/WKContentViewInteraction.h:
- UIProcess/ios/WKContentViewInteraction.mm:
(-[WKContentView setupInteraction]):
(-[WKContentView cleanupInteraction]):
(-[WKContentView _removeDefaultGestureRecognizers]):
(-[WKContentView _addDefaultGestureRecognizers]):
(-[WKContentView _twoFingerSingleTapGestureRecognized:]):
- UIProcess/ios/WebPageProxyIOS.mm:
(WebKit::WebPageProxy::handleTwoFingerTapAtPoint):
- WebProcess/WebPage/WebPage.h:
- WebProcess/WebPage/WebPage.messages.in:
- WebProcess/WebPage/ios/WebPageIOS.mm:
(WebKit::WebPage::handleTwoFingerTapAtPoint):
- 11:04 AM Changeset in webkit [197865] by
-
- 3 edits in trunk/Source/WebKit2
Always call NSURLSession completion handlers
https://bugs.webkit.org/show_bug.cgi?id=155137
Patch by Alex Christensen <achristensen@webkit.org> on 2016-03-09
Reviewed by Darin Adler.
There are some edge cases which should not be hit, but if they are they would cause the
network process to hang and network resources to be leaked. This can be avoided.
There are also a few release asserts that do not need to crash release builds.
- NetworkProcess/cocoa/NetworkDataTaskCocoa.mm:
(WebKit::NetworkDataTask::NetworkDataTask):
(WebKit::NetworkDataTask::didReceiveChallenge):
(WebKit::NetworkDataTask::didCompleteWithError):
(WebKit::NetworkDataTask::didReceiveResponse):
(WebKit::NetworkDataTask::didReceiveData):
(WebKit::NetworkDataTask::willPerformHTTPRedirection):
(WebKit::NetworkDataTask::scheduleFailure):
(WebKit::NetworkDataTask::tryPasswordBasedAuthentication):
- NetworkProcess/cocoa/NetworkSessionCocoa.mm:
(-[WKNetworkSessionDelegate URLSession:task:willPerformHTTPRedirection:newRequest:completionHandler:]):
(-[WKNetworkSessionDelegate URLSession:task:didReceiveChallenge:completionHandler:]):
(-[WKNetworkSessionDelegate URLSession:dataTask:didReceiveResponse:completionHandler:]):
- 10:45 AM Changeset in webkit [197864] by
-
- 8 edits2 adds in trunk
Align HTMLKeygenElement.keytype with the specification
https://bugs.webkit.org/show_bug.cgi?id=155214
Reviewed by Darin Adler.
LayoutTests/imported/w3c:
Rebaseline now that more checks are passing.
- web-platform-tests/html/dom/reflection-forms-expected.txt:
Source/WebCore:
Align HTMLKeygenElement.keytype with the specification:
- https://html.spec.whatwg.org/#dom-keygen-keytype
- https://html.spec.whatwg.org/#attr-keygen-keytype
In particular, the following changes were made:
- Return "rsa" by default (i.e. when the corresponding content attribute is missing)
- Only return known values
Test: fast/dom/HTMLKeygenElement/keygen-keytype.html
- html/HTMLKeygenElement.cpp:
(WebCore::HTMLKeygenElement::setKeytype):
(WebCore::HTMLKeygenElement::keytype):
(WebCore::HTMLKeygenElement::appendFormData):
- html/HTMLKeygenElement.h:
- html/HTMLKeygenElement.idl:
LayoutTests:
Add test coverage for HTMLKeygenElement.keytype.
- fast/dom/HTMLKeygenElement/keygen-keytype-expected.txt: Added.
- fast/dom/HTMLKeygenElement/keygen-keytype.html: Added.
- 10:26 AM Changeset in webkit [197863] by
-
- 5 edits in trunk/Source/WebCore
[GStreamer] Fix MediaPlayerPrivate conflicts
https://bugs.webkit.org/show_bug.cgi?id=155236
Reviewed by Martin Robinson.
In some cases the mediastream player would be used to play
non-mediastream videos or MSE streams. The OWR player should be
used only for mediastreams and the MediaPlayerPrivateGStreamer
player should be used only for normal <video> elements and
MediaSource support.
This patch intends to fix the massive tests timeouts currently
happening on the GTK bots after r197752.
- platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
(WebCore::MediaPlayerPrivateGStreamer::supportsType): Bail out if
the type checked represents a mediastream.
- platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
Prevent signal disconnection on possible NULL GObjects.
(WebCore::MediaPlayerPrivateGStreamerBase::~MediaPlayerPrivateGStreamerBase):
- platform/graphics/gstreamer/MediaPlayerPrivateGStreamerOwr.cpp:
(WebCore::MediaPlayerPrivateGStreamerOwr::MediaPlayerPrivateGStreamerOwr):
Simplify constructor to the bare minimum.
(WebCore::MediaPlayerPrivateGStreamerOwr::load): Create sinks only
if needed from the load method.
(WebCore::MediaPlayerPrivateGStreamerOwr::getSupportedTypes):
Initialize the type cache to an empty static hashset.
(WebCore::MediaPlayerPrivateGStreamerOwr::supportsType): This
player does support mediastreams and nothing else.
- platform/graphics/gstreamer/MediaPlayerPrivateGStreamerOwr.h:
- 10:10 AM Changeset in webkit [197862] by
-
- 2 edits in trunk/Source/JavaScriptCore
Harden JSC Root element functions from bad values
https://bugs.webkit.org/show_bug.cgi?id=155234
Reviewed by Saam Barati.
Changed jsCast() to jsDynamicCast() in Root related function to protect against being
called with non-Root arguments.
- jsc.cpp:
(functionCreateElement):
(functionGetElement):
(functionSetElementRoot):
- 9:51 AM Changeset in webkit [197861] by
-
- 18 edits in trunk/Source/JavaScriptCore
[JSC] Pick how to OSR Enter to FTL at runtime instead of compile time
https://bugs.webkit.org/show_bug.cgi?id=155217
Reviewed by Filip Pizlo.
This patch addresses 2 types of problems with tiering up to FTL
with OSR Entry in a loop:
-When there are nested loops, it is generally valuable to enter
an outer loop rather than an inner loop.
-When tiering up at a point that cannot OSR Enter, we are at
the mercy of the outer loop frequency to compile the right
entry point.
The first case is significant in the test "gaussian-blur".
That test has 4 nested loops. When we have an OSR Entry,
the analysis phases have to be pesimistic where we enter:
we do not really know what constraint can be proven from
the DFG code that was running.
In "gaussian-blur", integer-range analysis removes pretty
much all overflow checks in the inner loops of where we entered.
The more outside we enter, the better code we generate.
Since we spend the most iterations in the inner loop, we naturally
tend to OSR Enter into the 2 most inner loops, making the most
pessimistic assumptions.
To avoid such problems, I changed how we decide where to OSR Enter.
Previously, the last CheckTierUpAndOSREnter to cross the threshold
was where we take the entry point for FTL.
What happens now is that the entry point is not decied when
compiling the CheckTierUp variants. Instead, all the information
we need is gathered during compilation and keept on the JITCode
to be used at runtime.
When we try to tier up and decide to OSR Enter, we use the information
we have to pick a good outer loop for OSR Entry.
Now the problem is outer loop do not CheckTierUpAndOSREnter often,
wasting several miliseconds before entering the newly compiled FTL code.
To solve that, every CheckTierUpAndOSREnter has its own trigger that
bypass the counter. When the FTL Code is compiled, the trigger is set
and we enter through the right CheckTierUpAndOSREnter immediately.
---
This new mechanism also solves a problem of ai-astar.
When we try to tier up in ai-astar, we had nothing to compile until
the outer loop is reached.
To make sure we reached the CheckTierUpAndOSREnter in a reasonable time,
we had CheckTierUpWithNestedTriggerAndOSREnter with a special trigger.
With the new mechanism, we can do much better:
-When we keep hitting CheckTierUpInLoop, we now have all the information
we need to already start compiling the outer loop.
Instead of waiting for the outer loop to be reached a few times, we compile
it as soon as the inner loop is hammering CheckTierUpInLoop.
-With the new triggers, the very next time we hit the outer loop, we OSR Enter.
This allow us to compile what we need sooner and enter sooner.
- dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects): Deleted.
- dfg/DFGClobberize.h:
(JSC::DFG::clobberize): Deleted.
- dfg/DFGDoesGC.cpp:
(JSC::DFG::doesGC): Deleted.
- dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode): Deleted.
- dfg/DFGJITCode.h:
- dfg/DFGJITCompiler.cpp:
(JSC::DFG::JITCompiler::JITCompiler):
(JSC::DFG::JITCompiler::compileEntryExecutionFlag):
- dfg/DFGNodeType.h:
- dfg/DFGOperations.cpp:
- dfg/DFGOperations.h:
- dfg/DFGPlan.h:
(JSC::DFG::Plan::canTierUpAndOSREnter):
- dfg/DFGPredictionPropagationPhase.cpp:
(JSC::DFG::PredictionPropagationPhase::propagate): Deleted.
- dfg/DFGSafeToExecute.h:
(JSC::DFG::safeToExecute): Deleted.
- dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile): Deleted.
- dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
- dfg/DFGTierUpCheckInjectionPhase.cpp:
(JSC::DFG::TierUpCheckInjectionPhase::run):
(JSC::DFG::TierUpCheckInjectionPhase::buildNaturalLoopToLoopHintMap):
(JSC::DFG::TierUpCheckInjectionPhase::findLoopsContainingLoopHintWithoutOSREnter): Deleted.
- dfg/DFGToFTLForOSREntryDeferredCompilationCallback.cpp:
(JSC::DFG::ToFTLForOSREntryDeferredCompilationCallback::ToFTLForOSREntryDeferredCompilationCallback):
(JSC::DFG::Ref<ToFTLForOSREntryDeferredCompilationCallback>ToFTLForOSREntryDeferredCompilationCallback::create):
(JSC::DFG::ToFTLForOSREntryDeferredCompilationCallback::compilationDidBecomeReadyAsynchronously):
(JSC::DFG::ToFTLForOSREntryDeferredCompilationCallback::compilationDidComplete):
- dfg/DFGToFTLForOSREntryDeferredCompilationCallback.h:
- 9:44 AM Changeset in webkit [197860] by
-
- 3 edits in trunk/LayoutTests
Cleaning up TestExpectations files to remove deleted tests and duplicate entries for ios-simulator.
Unreviewed test gardening.
- TestExpectations:
- platform/ios-simulator/TestExpectations:
- 9:25 AM Changeset in webkit [197859] by
-
- 2 edits in trunk/LayoutTests
Skipping fast/events/max-tabindex-focus.html on ios-simulator
https://bugs.webkit.org/show_bug.cgi?id=155233
Unreviewed test gardening.
- platform/ios-simulator/TestExpectations:
- 9:06 AM Changeset in webkit [197858] by
-
- 3 edits3 adds in trunk
Local HTML should be blocked from localStorage access unless "Disable Local File Restrictions" is checked..
https://bugs.webkit.org/show_bug.cgi?id=155185
<rdar://problem/11101440>
Reviewed by Zalan Bujtas.
Source/WebCore:
Tested by storage/domstorage/localstorage/blocked-file-access.html.
- page/SecurityOrigin.cpp:
(WebCore::SecurityOrigin::canAccessStorage): If the origin is a local file, and we have not been granted
universal file access, prevent access to DOM localStorage.
LayoutTests:
- storage/domstorage/localstorage/blocked-file-access-expected.txt: Added.
- storage/domstorage/localstorage/blocked-file-access.html: Added.
- storage/domstorage/localstorage/resources/blocked-example.html: Added.
- 6:26 AM Changeset in webkit [197857] by
-
- 4 edits4 adds in trunk
[css-grid] Allow to place positioned grid items on the padding
https://bugs.webkit.org/show_bug.cgi?id=155199
Reviewed by Sergio Villar Senin.
Source/WebCore:
According to the following discussion on the CSS WG mailing list,
we should be able to place positioned grid items on the padding directly:
https://lists.w3.org/Archives/Public/www-style/2015Nov/0070.html
This means that a positioned grid item can be placed on the padding itself.
The "auto" value resolves to the padding edges (0th and -0th lines).
So if a positioned item is placed with: grid-column: auto / 1;
it'd be placed on the padding, from line 0th to 1st line.
On top of that, we've to detect properly the first and last explicit
grid lines during the layout of positioned grid items.
We have to consider that the grid can have implicit tracks created
previously by regular grid items.
Tests: fast/css-grid-layout/grid-positioned-items-padding.html
fast/css-grid-layout/grid-positioned-items-within-grid-implicit-track.html
- rendering/RenderGrid.cpp:
(WebCore::RenderGrid::offsetAndBreadthForPositionedChild):
LayoutTests:
Add new tests and updated results in a current one.
- fast/css-grid-layout/grid-positioned-items-implicit-grid.html:
- fast/css-grid-layout/grid-positioned-items-padding-expected.txt: Added.
- fast/css-grid-layout/grid-positioned-items-padding.html: Added.
- fast/css-grid-layout/grid-positioned-items-within-grid-implicit-track-expected.txt: Added.
- fast/css-grid-layout/grid-positioned-items-within-grid-implicit-track.html: Added.
- 4:00 AM Changeset in webkit [197856] by
-
- 3 edits2 adds in trunk
ImageDocuments leak their world.
<https://webkit.org/b/155167>
<rdar://problem/24987363>
Reviewed by Antti Koivisto.
Source/WebCore:
ImageDocument uses a special code path in ImageLoader in order to manually
control how the image is loaded. It has to do this because the ImageDocument
is really just a synthetic wrapper around a main resource that's an image.
This custom loading code had a bug where it would create a new CachedImage
and neglect to set its CachedResource::m_state flag to Pending (which is
normally set by CachedResource::load(), but we don't call that for these.)
This meant that when ImageDocument called CachedImage::finishLoading() to
trigger the notifyFinished() callback path, the image would look at its
loading state and see that it was Unknown (not Pending), and conclude that
it hadn't loaded yet. So we never got the notifyFinished() signal.
The world leaks here because ImageLoader slaps a ref on its <img> element
while it waits for the loading operation to complete. Once finished, whether
successfully or with an error, it derefs the <img>.
Since we never fired notifyFinished(), we ended up with an extra ref on
these <img> forever, and then the element kept its document alive too.
Test: fast/dom/ImageDocument-world-leak.html
- loader/ImageLoader.cpp:
(WebCore::ImageLoader::updateFromElement):
LayoutTests:
Made a little test that loads an image into an <iframe> 10 times and then
triggers a garbage collection and checks that all the documents got destroyed.
Prior to this change, all 10 ImageDocuments would remain alive at the end.
This got rolled out the first time because it failed on bots. It failed due
to expecting a specific number of documents to be live at the start of the
test, which was not reliable on bots since we appear to have more leaks(!)
Tweaked the test to check the delta in live document count instead.
- fast/dom/ImageDocument-world-leak-expected.txt: Added.
- fast/dom/ImageDocument-world-leak.html: Added.
- 3:24 AM Changeset in webkit [197855] by
-
- 4 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore
Merge r197654 - [JSC] Remove a superfluous Move in front of every double unboxing
https://bugs.webkit.org/show_bug.cgi?id=155064
Reviewed by Saam Barati.
Double unboxing was always doing:
Move source, scratch
Add64 tag, scratch
IntToDouble scratch, fp
We do not need to "Move" to copy the source.
Both x86 and ARM64 have an efficient 3 operands Add instruction.
- dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileValueToInt32):
(JSC::DFG::SpeculativeJIT::compileDoubleRep):
(JSC::DFG::SpeculativeJIT::speculateRealNumber):
- dfg/DFGSpeculativeJIT.h:
(JSC::DFG::SpeculativeJIT::unboxDouble):
- jit/AssemblyHelpers.h:
(JSC::AssemblyHelpers::unboxDoubleWithoutAssertions):
(JSC::AssemblyHelpers::unboxDouble):
(JSC::AssemblyHelpers::unboxDoubleNonDestructive):
- 3:02 AM Changeset in webkit [197854] by
-
- 7 edits in trunk
[css-grid] Fix auto-track sizing with min-size:auto and specific sizes
https://bugs.webkit.org/show_bug.cgi?id=155165
Reviewed by Darin Adler.
Source/WebCore:
Specs recently changed the way auto tracks are sized. In the
previous versions, when sizing auto minimums, only the
min-width|height of the items spanning through the auto tracks
were used to size them. The new text specifies that for items
with a specified minimum size of auto, the behavior is
equivalent to a min-content minimum.
This means that from now on, auto tracks with min-size:auto
will no longer be smaller than min-content tracks (which was
pretty weird from the user POV).
- rendering/RenderGrid.cpp:
(WebCore::RenderGrid::minSizeForChild): use grid items
min-content contributions whenever the specified size is not
auto or when min-size is auto.
LayoutTests:
- fast/css-grid-layout/grid-automatic-minimum-for-auto-columns-expected.txt:
- fast/css-grid-layout/grid-automatic-minimum-for-auto-columns.html:
- fast/css-grid-layout/grid-automatic-minimum-for-auto-rows-expected.txt:
- fast/css-grid-layout/grid-automatic-minimum-for-auto-rows.html:
- 2:56 AM Changeset in webkit [197853] by
-
- 2 edits in releases/WebKitGTK/webkit-2.12/Source/WebKit2
Merge r197733 - REGRESSION(r197062): [GTK] Transparent backgrounds no longer work after r197062
https://bugs.webkit.org/show_bug.cgi?id=155119
Reviewed by Martin Robinson.
This is because after r197062 we are now realizing the view too
early, even before the toplevel window has been realized, forcing
the toplevel window to be realized. If the RGBA visual is set on
the window after it has been realzied it doesn't have any
effect. We should wait until the toplevel window is realized to
realize the web view, giving time to the application to set RGBA
visual and background color. If the toplevel window is already
realized we realize the web view immediately, so that this doesn't
affect the tearing problems fixed in r197062.
- UIProcess/API/gtk/WebKitWebViewBase.cpp:
(toplevelWindowRealized):
(webkitWebViewBaseSetToplevelOnScreenWindow):
- 2:52 AM Changeset in webkit [197852] by
-
- 6 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore
Merge r197653 - [JSC] Use 3 operands Add in more places
https://bugs.webkit.org/show_bug.cgi?id=155082
Reviewed by Filip Pizlo.
- assembler/MacroAssembler.h:
(JSC::MacroAssembler::addPtr):
(JSC::MacroAssembler::add32):
- assembler/MacroAssemblerARMv7.h:
(JSC::MacroAssemblerARMv7::add32):
- dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileArithAdd):
The case with child1 constant is useless.
The canonical form will have the constant as child2.
Also add register reuse for the fast-add.
Registers are a scarce resource on x86.
- jit/CCallHelpers.h:
(JSC::CCallHelpers::prepareForTailCallSlow):
- yarr/YarrJIT.cpp:
(JSC::Yarr::YarrGenerator::generate):
- 2:28 AM Changeset in webkit [197851] by
-
- 14 edits in releases/WebKitGTK/webkit-2.12/Source
Merge r197652 - [JSC] Improve codegen of Compare and Test
https://bugs.webkit.org/show_bug.cgi?id=155055
Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-03-06
Reviewed by Filip Pizlo.
Source/JavaScriptCore:
This patch introduces a few improvements on how we lower
Compare and Test with immediates:
-Add certain Immediate forms of ARM64.
-Use CBZ/CBNZ when possible on ARM64.
-When possible, convert a CMP into a TST
On some hardware, we can issue more TST simultaneously.
On x86, any TST+Jump is candidate for macro-fusion.
They are also smaller.
(sections 3.4.2.2 and 3.5.1.9)
-Do not load the mask immediate of a TST
if it only contains ones (mostly useful for ARM64
since that would not have been a valid immediate).
- assembler/MacroAssembler.h:
(JSC::MacroAssembler::compare32):
- assembler/MacroAssemblerARM64.h:
(JSC::MacroAssemblerARM64::moveConditionallyAfterFloatingPointCompare):
(JSC::MacroAssemblerARM64::moveDoubleConditionallyAfterFloatingPointCompare):
This is somewhat unrelated but I found that out while working
on moveDoubleConditionallyTest32:
If "thenCase" and "dest" are assigned the same register
by the allocator, then the first (f)fcsel would override
the "thenCase" and the second fcsel would always be "elseCase".
This is covered by testb3 but was only uncovered
after recent "Move" removals in lowering.
(JSC::MacroAssemblerARM64::moveConditionally32):
(JSC::MacroAssemblerARM64::moveConditionally64):
(JSC::MacroAssemblerARM64::moveConditionallyTest32):
(JSC::MacroAssemblerARM64::moveDoubleConditionally32):
(JSC::MacroAssemblerARM64::moveDoubleConditionally64):
(JSC::MacroAssemblerARM64::moveDoubleConditionallyTest32):
(JSC::MacroAssemblerARM64::branch32):
(JSC::MacroAssemblerARM64::branch64):
(JSC::MacroAssemblerARM64::branchTest32):
(JSC::MacroAssemblerARM64::test32):
The version taking an immediate was guarded by
(cond == Zero) (cond == NonZero). That is overzealous, and only needed for CBZ/CBNZ.
(JSC::MacroAssemblerARM64::branchTest64):
(JSC::MacroAssemblerARM64::compare32):
(JSC::MacroAssemblerARM64::compare64):
(JSC::MacroAssemblerARM64::commuteCompareToZeroIntoTest):
- assembler/MacroAssemblerX86Common.h:
(JSC::MacroAssemblerX86Common::moveConditionally32):
(JSC::MacroAssemblerX86Common::moveConditionallyTest32):
(JSC::MacroAssemblerX86Common::branch32):
(JSC::MacroAssemblerX86Common::test32):
(JSC::MacroAssemblerX86Common::branchTest32):
(JSC::MacroAssemblerX86Common::compare32):
(JSC::MacroAssemblerX86Common::commuteCompareToZeroIntoTest):
- assembler/MacroAssemblerX86_64.h:
(JSC::MacroAssemblerX86_64::compare64):
(JSC::MacroAssemblerX86_64::branch64):
(JSC::MacroAssemblerX86_64::moveConditionally64):
- b3/B3LowerToAir.cpp:
(JSC::B3::Air::LowerToAir::createGenericCompare):
Unfortunately this cannot be abstracted by the MacroAssembler.
Those immediates are not valid, we have to pick the better
for right away.
- b3/air/AirOpcode.opcodes:
- b3/testb3.cpp:
(JSC::B3::int64Operands):
(JSC::B3::modelCompare):
(JSC::B3::testCompareImpl):
(JSC::B3::testCompare):
(JSC::B3::b3Pow):
(JSC::B3::testPowDoubleByIntegerLoop):
Some versions of pow(double, int) do not return
the exact same bits as our integer loop.
Added a new version to have the same behavior
as the B3 loop.
(JSC::B3::run):
- dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compilePeepHoleBooleanBranch):
- dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compileInt32Compare):
Comparing to an immediate is super common. Do not waste
a register for that!
Source/WebCore:
- cssjit/FunctionCall.h:
(WebCore::FunctionCall::callAndBranchOnCondition):
- 2:15 AM Changeset in webkit [197850] by
-
- 10 edits2 adds in trunk
[css-grid] Initial support for implicit grid before explicit grid
https://bugs.webkit.org/show_bug.cgi?id=155014
Reviewed by Darin Adler.
Source/WebCore:
Change GridSpan to store int instead of unsigned. This allows us to
resolve positions before the explicit grid with negative values.
This patch adds a new type of GridSpan called "Untranslated".
This type is only used in populateExplicitGridAndOrderIterator().
Where we store the smallest negative position in both axis.
Then the GridSpans are translated into positive values, using the offset
calculated before. This is done in placeItemsOnGrid() and from that
moment the rest of the code uses "Definite" GridSpans, which returns
only positive positions (unsigned instead of int).
This allows us to don't have to modify the rest of the code, as it keeps
using GridSpans as before.
Let's use an example to explain how it works. Imagine that we've a 2
columns grid and 2 items placed like:
- Item A: grid-column: -5;
- Item B: grid-column: 1;
Initially we'll use "Unstranslated" GridSpans with the following values:
- Item A: GridSpan(-2, -1)
- Item B: GridSpan(0, 1)
Then we'll translate them using the smallest position as offset (-2)
so we've "Definite" GridSpans:
- Item A: GridSpan(0, 1)
- Item B: GridSpan(2, 3)
Test: fast/css-grid-layout/implicit-tracks-before-explicit.html
- css/CSSParser.cpp:
(WebCore::CSSParser::parseGridTemplateAreasRow):
- rendering/RenderGrid.cpp:
(WebCore::RenderGrid::GridIterator::nextEmptyGridArea):
(WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
(WebCore::RenderGrid::gridTrackSize):
(WebCore::RenderGrid::insertItemIntoGrid):
(WebCore::RenderGrid::placeItemsOnGrid):
(WebCore::RenderGrid::populateExplicitGridAndOrderIterator):
(WebCore::RenderGrid::createEmptyGridAreaAtSpecifiedPositionsOutsideGrid):
(WebCore::RenderGrid::placeSpecifiedMajorAxisItemsOnGrid):
(WebCore::RenderGrid::placeAutoMajorAxisItemOnGrid):
(WebCore::RenderGrid::offsetAndBreadthForPositionedChild):
(WebCore::RenderGrid::placeAutoMajorAxisItemsOnGrid): Deleted.
(WebCore::RenderGrid::layoutPositionedObject): Deleted.
- rendering/RenderGrid.h:
- rendering/style/GridCoordinate.h:
(WebCore::GridSpan::untranslatedDefiniteGridSpan):
(WebCore::GridSpan::translatedDefiniteGridSpan):
(WebCore::GridSpan::integerSpan):
(WebCore::GridSpan::untranslatedResolvedInitialPosition):
(WebCore::GridSpan::untranslatedResolvedFinalPosition):
(WebCore::GridSpan::resolvedInitialPosition):
(WebCore::GridSpan::resolvedFinalPosition):
(WebCore::GridSpan::begin):
(WebCore::GridSpan::end):
(WebCore::GridSpan::isTranslatedDefinite):
(WebCore::GridSpan::isIndefinite):
(WebCore::GridSpan::translate):
(WebCore::GridSpan::GridSpan):
(WebCore::GridSpan::operator==): Deleted.
(WebCore::GridSpan::GridSpanIterator::GridSpanIterator): Deleted.
(WebCore::GridSpan::GridSpanIterator::operator unsigned&): Deleted.
- rendering/style/GridResolvedPosition.cpp:
(WebCore::resolveRowStartColumnStartNamedGridLinePositionAgainstOppositePosition):
(WebCore::resolveRowEndColumnEndNamedGridLinePositionAgainstOppositePosition):
(WebCore::resolveNamedGridLinePositionAgainstOppositePosition):
(WebCore::resolveGridPositionAgainstOppositePosition):
(WebCore::resolveGridPositionFromStyle):
(WebCore::GridResolvedPosition::resolveGridPositionsFromStyle):
(WebCore::GridResolvedPosition::spanSizeForAutoPlacedItem): Deleted.
LayoutTests:
Updated results in current tests and added specific test for this.
- fast/css-grid-layout/grid-auto-flow-resolution.html:
- fast/css-grid-layout/grid-item-negative-position-resolution.html:
- fast/css-grid-layout/grid-item-spanning-resolution.html:
- fast/css-grid-layout/implicit-tracks-before-explicit-expected.txt: Added.
- fast/css-grid-layout/implicit-tracks-before-explicit.html: Added.
- 2:05 AM Changeset in webkit [197849] by
-
- 15 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore
Merge r197649 - DFG should know how to speculate StringOrOther
https://bugs.webkit.org/show_bug.cgi?id=155094
Reviewed by Saam Barati.
Any code that processes the regexp matches array was previously doing a relatively expensive
Branch(Untyped:). This introduces a new use kind called StringOrOther, which is perfect for
code that loops over the matches array and branches on the entries being non-empty.
To do this, I needed to introduce code into the FTL that creates new blocks. We still had that
awful FTL_NEW_BLOCK idiom since the only way to debug LLVM IR was to ascribe names to basic
blocks. B3 IR is inherently more debuggable since unlike LLVM, B3 knows how to always respect
code origin, and it knows how to print the code origin nicely in the dumps. So, rather than
continue using FTL_NEW_BLOCK(m_out, ("things")), I replaced all of that stuff with
m_out.newBlock(). It's much nicer that way.
This is a tiny speed-up on Octane/regexp at best. I was hoping for more. Oh well.
- bytecode/SpeculatedType.h:
(JSC::isStringSpeculation):
(JSC::isStringOrOtherSpeculation):
(JSC::isSymbolSpeculation):
- dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
- dfg/DFGNode.h:
(JSC::DFG::Node::shouldSpeculateString):
(JSC::DFG::Node::shouldSpeculateStringOrOther):
(JSC::DFG::Node::shouldSpeculateStringObject):
- dfg/DFGSafeToExecute.h:
(JSC::DFG::SafeToExecuteEdge::operator()):
- dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileStringZeroLength):
(JSC::DFG::SpeculativeJIT::compileLogicalNotStringOrOther):
(JSC::DFG::SpeculativeJIT::emitStringBranch):
(JSC::DFG::SpeculativeJIT::emitStringOrOtherBranch):
(JSC::DFG::SpeculativeJIT::compileConstantStoragePointer):
(JSC::DFG::SpeculativeJIT::speculateObjectOrOther):
(JSC::DFG::SpeculativeJIT::speculateString):
(JSC::DFG::SpeculativeJIT::speculateStringOrOther):
(JSC::DFG::SpeculativeJIT::speculateStringIdentAndLoadStorage):
(JSC::DFG::SpeculativeJIT::speculate):
- dfg/DFGSpeculativeJIT.h:
- dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compileLogicalNot):
(JSC::DFG::SpeculativeJIT::emitBranch):
- dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compileLogicalNot):
(JSC::DFG::SpeculativeJIT::emitBranch):
- dfg/DFGUseKind.cpp:
(WTF::printInternal):
- dfg/DFGUseKind.h:
(JSC::DFG::typeFilterFor):
- ftl/FTLCapabilities.cpp:
(JSC::FTL::canCompile):
- ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::lower):
(JSC::FTL::DFG::LowerDFGToB3::compileDoubleRep):
(JSC::FTL::DFG::LowerDFGToB3::compileBooleanToNumber):
(JSC::FTL::DFG::LowerDFGToB3::compileToThis):
(JSC::FTL::DFG::LowerDFGToB3::compileArithMul):
(JSC::FTL::DFG::LowerDFGToB3::compileArithDiv):
(JSC::FTL::DFG::LowerDFGToB3::compileArithMod):
(JSC::FTL::DFG::LowerDFGToB3::compileArithMinOrMax):
(JSC::FTL::DFG::LowerDFGToB3::compileArithPow):
(JSC::FTL::DFG::LowerDFGToB3::compileArithRound):
(JSC::FTL::DFG::LowerDFGToB3::compileCheckStructure):
(JSC::FTL::DFG::LowerDFGToB3::compileArrayifyToStructure):
(JSC::FTL::DFG::LowerDFGToB3::compileGetById):
(JSC::FTL::DFG::LowerDFGToB3::compileGetIndexedPropertyStorage):
(JSC::FTL::DFG::LowerDFGToB3::compileGetTypedArrayByteOffset):
(JSC::FTL::DFG::LowerDFGToB3::compileGetByVal):
(JSC::FTL::DFG::LowerDFGToB3::compilePutByVal):
(JSC::FTL::DFG::LowerDFGToB3::compileArrayPush):
(JSC::FTL::DFG::LowerDFGToB3::compileArrayPop):
(JSC::FTL::DFG::LowerDFGToB3::compileCreateActivation):
(JSC::FTL::DFG::LowerDFGToB3::compileNewFunction):
(JSC::FTL::DFG::LowerDFGToB3::compileCreateDirectArguments):
(JSC::FTL::DFG::LowerDFGToB3::compileCopyRest):
(JSC::FTL::DFG::LowerDFGToB3::compileGetRestLength):
(JSC::FTL::DFG::LowerDFGToB3::compileNewArrayWithSize):
(JSC::FTL::DFG::LowerDFGToB3::compileNewTypedArray):
(JSC::FTL::DFG::LowerDFGToB3::compileToStringOrCallStringConstructor):
(JSC::FTL::DFG::LowerDFGToB3::compileToPrimitive):
(JSC::FTL::DFG::LowerDFGToB3::compileMakeRope):
(JSC::FTL::DFG::LowerDFGToB3::compileStringCharAt):
(JSC::FTL::DFG::LowerDFGToB3::compileStringCharCodeAt):
(JSC::FTL::DFG::LowerDFGToB3::compileStringFromCharCode):
(JSC::FTL::DFG::LowerDFGToB3::compileMultiGetByOffset):
(JSC::FTL::DFG::LowerDFGToB3::compileMultiPutByOffset):
(JSC::FTL::DFG::LowerDFGToB3::compileNotifyWrite):
(JSC::FTL::DFG::LowerDFGToB3::compileCompareStrictEq):
(JSC::FTL::DFG::LowerDFGToB3::compileForwardVarargs):
(JSC::FTL::DFG::LowerDFGToB3::compileSwitch):
(JSC::FTL::DFG::LowerDFGToB3::compileIsString):
(JSC::FTL::DFG::LowerDFGToB3::compileIsObject):
(JSC::FTL::DFG::LowerDFGToB3::compileIsObjectOrNull):
(JSC::FTL::DFG::LowerDFGToB3::compileIsFunction):
(JSC::FTL::DFG::LowerDFGToB3::compileTypeOf):
(JSC::FTL::DFG::LowerDFGToB3::compileOverridesHasInstance):
(JSC::FTL::DFG::LowerDFGToB3::compileInstanceOf):
(JSC::FTL::DFG::LowerDFGToB3::compileHasIndexedProperty):
(JSC::FTL::DFG::LowerDFGToB3::compileHasStructureProperty):
(JSC::FTL::DFG::LowerDFGToB3::compileGetDirectPname):
(JSC::FTL::DFG::LowerDFGToB3::compileGetEnumeratorStructurePname):
(JSC::FTL::DFG::LowerDFGToB3::compileGetEnumeratorGenericPname):
(JSC::FTL::DFG::LowerDFGToB3::compileMaterializeNewObject):
(JSC::FTL::DFG::LowerDFGToB3::compileMaterializeCreateActivation):
(JSC::FTL::DFG::LowerDFGToB3::compileCheckWatchdogTimer):
(JSC::FTL::DFG::LowerDFGToB3::checkStructure):
(JSC::FTL::DFG::LowerDFGToB3::numberOrNotCellToInt32):
(JSC::FTL::DFG::LowerDFGToB3::checkInferredType):
(JSC::FTL::DFG::LowerDFGToB3::allocatePropertyStorageWithSizeImpl):
(JSC::FTL::DFG::LowerDFGToB3::loadVectorWithBarrier):
(JSC::FTL::DFG::LowerDFGToB3::copyBarrier):
(JSC::FTL::DFG::LowerDFGToB3::loadVectorReadOnly):
(JSC::FTL::DFG::LowerDFGToB3::compareEqObjectOrOtherToObject):
(JSC::FTL::DFG::LowerDFGToB3::nonSpeculativeCompare):
(JSC::FTL::DFG::LowerDFGToB3::stringsEqual):
(JSC::FTL::DFG::LowerDFGToB3::allocateCell):
(JSC::FTL::DFG::LowerDFGToB3::allocateVariableSizedObject):
(JSC::FTL::DFG::LowerDFGToB3::allocateBasicStorageAndGetEnd):
(JSC::FTL::DFG::LowerDFGToB3::allocateObject):
(JSC::FTL::DFG::LowerDFGToB3::allocateJSArray):
(JSC::FTL::DFG::LowerDFGToB3::boolify):
(JSC::FTL::DFG::LowerDFGToB3::equalNullOrUndefined):
(JSC::FTL::DFG::LowerDFGToB3::contiguousPutByValOutOfBounds):
(JSC::FTL::DFG::LowerDFGToB3::switchString):
(JSC::FTL::DFG::LowerDFGToB3::switchStringRecurse):
(JSC::FTL::DFG::LowerDFGToB3::buildTypeOf):
(JSC::FTL::DFG::LowerDFGToB3::doubleToInt32):
(JSC::FTL::DFG::LowerDFGToB3::sensibleDoubleToInt32):
(JSC::FTL::DFG::LowerDFGToB3::strictInt52ToJSValue):
(JSC::FTL::DFG::LowerDFGToB3::jsValueToStrictInt52):
(JSC::FTL::DFG::LowerDFGToB3::convertDoubleToInt32):
(JSC::FTL::DFG::LowerDFGToB3::speculate):
(JSC::FTL::DFG::LowerDFGToB3::speculateCellOrOther):
(JSC::FTL::DFG::LowerDFGToB3::speculateObjectOrOther):
(JSC::FTL::DFG::LowerDFGToB3::speculateString):
(JSC::FTL::DFG::LowerDFGToB3::speculateStringOrOther):
(JSC::FTL::DFG::LowerDFGToB3::speculateStringIdent):
(JSC::FTL::DFG::LowerDFGToB3::speculateStringOrStringObject):
(JSC::FTL::DFG::LowerDFGToB3::speculateRealNumber):
(JSC::FTL::DFG::LowerDFGToB3::speculateNotStringVar):
(JSC::FTL::DFG::LowerDFGToB3::emitStoreBarrier):
(JSC::FTL::DFG::LowerDFGToB3::callCheck):
- ftl/FTLOutput.cpp:
(JSC::FTL::Output::initialize):
(JSC::FTL::Output::newBlock):
(JSC::FTL::Output::check):
- ftl/FTLOutput.h:
(JSC::FTL::Output::setFrequency):
(JSC::FTL::Output::insertNewBlocksBefore):
- 1:35 AM Changeset in webkit [197848] by
-
- 33 edits5 adds in releases/WebKitGTK/webkit-2.12
Merge r197641 - RegExpMatchesArray doesn't know how to have a bad time
https://bugs.webkit.org/show_bug.cgi?id=155069
Reviewed by Yusuke Suzuki.
Source/JavaScriptCore:
In trunk if we are having a bad time, the regexp matches array is still allocated with a
non-slow-put indexing shape, which makes it have the wrong behavior on indexed setters on
the prototype chain.
Getting this to work right requires introducing bad time code paths into the regexp matches
array. It also requires something more drastic: making this code not play games with the
global object. The code that creates the matches array needs to have the actual global
object of the regexp native function that it's logically created by.
This is totally different from how we've handled global objects in the past because it means
that the global object is not a constant. Normally we can make it a constant because a
script executable will know its global object. But with native functions, it's the function
instance that knows the global object - not the native executable. When we inline a native
intrinsic, we are guaranteed to know the native executable but we're not guaranteed to know
the functon instance. This means that the global object may be a variable that gets computed
by looking at the instance at run-time. So, the RegExpExec/RegExpTest nodes in DFG IR now
take a global object child. That also meant adding a new node type, GetGlobalObject, which
does the thing to the callee that CallFrame::lexicalGlobalObject() would have done.
Eventually, we'll probably have to make other native intrinsics also use GetGlobalObject. It
turns out that this really isn't so bad because usually it's constant-folded anyway, since
although the intrinsic code supports executable-based inlining (which leaves the callee
instance as an unknown), it happens rarely for intrinsics. So, conveying the global object
via a child isn't any worse than conveying it via meta-data, and it's probably better than
telling the inliner not to do executable-based inlining of native intrinsics. That would
have been a confusing special-case.
This is perf-neutral on my machines but it fixes a bug and it unlocks some interesting
possibilities. For example, RegExpExec can now make a firm promise about the type of array
it's creating.
This also contains some other changes:
- We are now using Structure::addPropertyTransition() in a lot of places even though it was meant to be an internal method with a quirky contract - for example if only works if you know that there is not existing transition. This relaxes this constraint.
- Restores the use of "*" for heap references in JSString.h. It's very unusual to have heap references pointed at with "&", since we don't currently do that anywhere. The fact that it was using the wrong reference type also meant that the code couldn't elegantly make use of some our GC pointer helpers like jsCast<>.
- dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
- dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::attemptToInlineCall):
(JSC::DFG::ByteCodeParser::handleMinMax):
(JSC::DFG::ByteCodeParser::handleIntrinsicCall):
- dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
- dfg/DFGDoesGC.cpp:
(JSC::DFG::doesGC):
- dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
- dfg/DFGNodeType.h:
- dfg/DFGOperations.cpp:
- dfg/DFGOperations.h:
- dfg/DFGPredictionPropagationPhase.cpp:
(JSC::DFG::PredictionPropagationPhase::propagate):
- dfg/DFGSafeToExecute.h:
(JSC::DFG::safeToExecute):
- dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileSkipScope):
(JSC::DFG::SpeculativeJIT::compileGetGlobalObject):
(JSC::DFG::SpeculativeJIT::compileGetArrayLength):
- dfg/DFGSpeculativeJIT.h:
(JSC::DFG::SpeculativeJIT::callOperation):
- dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
- dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
- ftl/FTLCapabilities.cpp:
(JSC::FTL::canCompile):
- ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileSkipScope):
(JSC::FTL::DFG::LowerDFGToB3::compileGetGlobalObject):
(JSC::FTL::DFG::LowerDFGToB3::compileGetClosureVar):
(JSC::FTL::DFG::LowerDFGToB3::compileRegExpExec):
(JSC::FTL::DFG::LowerDFGToB3::compileRegExpTest):
(JSC::FTL::DFG::LowerDFGToB3::compileNewRegexp):
- jit/JITOperations.h:
- runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::init):
(JSC::JSGlobalObject::haveABadTime):
(JSC::JSGlobalObject::visitChildren):
- runtime/JSGlobalObject.h:
- runtime/JSObject.h:
(JSC::JSObject::putDirectInternal):
- runtime/JSString.h:
(JSC::jsString):
(JSC::jsSubstring):
- runtime/RegExpCachedResult.cpp:
(JSC::RegExpCachedResult::lastResult):
- runtime/RegExpMatchesArray.cpp:
(JSC::tryCreateUninitializedRegExpMatchesArray):
(JSC::createRegExpMatchesArray):
(JSC::createStructureImpl):
(JSC::createRegExpMatchesArrayStructure):
(JSC::createRegExpMatchesArraySlowPutStructure):
- runtime/RegExpMatchesArray.h:
- runtime/RegExpObject.cpp:
(JSC::RegExpObject::put):
(JSC::RegExpObject::exec):
(JSC::RegExpObject::match):
- runtime/RegExpObject.h:
(JSC::RegExpObject::getLastIndex):
(JSC::RegExpObject::test):
- runtime/RegExpPrototype.cpp:
(JSC::regExpProtoFuncTest):
(JSC::regExpProtoFuncExec):
(JSC::regExpProtoFuncCompile):
- runtime/StringPrototype.cpp:
(JSC::stringProtoFuncMatch):
- runtime/Structure.cpp:
(JSC::Structure::suggestedArrayStorageTransition):
(JSC::Structure::addPropertyTransition):
(JSC::Structure::addNewPropertyTransition):
- runtime/Structure.h:
- tests/stress/regexp-matches-array-bad-time.js: Added.
- tests/stress/regexp-matches-array-slow-put.js: Added.
LayoutTests:
- js/regress/regexp-exec-expected.txt: Added.
- js/regress/regexp-exec.html: Added.
- js/regress/script-tests/regexp-exec.js: Added.
- 12:54 AM Changeset in webkit [197847] by
-
- 7 edits2 adds in trunk
[iOS] Arabic text on Wikipedia is shown as boxes
https://bugs.webkit.org/show_bug.cgi?id=155129
<rdar://problem/24919902>
Reviewed by Darin Adler.
Source/WebCore:
GeezaPro is the PostScript name, not the family name.
Test: fast/text/arabic-blacklisted.html
- platform/graphics/ios/FontCacheIOS.mm:
(WebCore::platformLookupFallbackFont):
LayoutTests:
This test is iOS-specific.
- platform/efl/TestExpectations:
- platform/gtk/TestExpectations:
- platform/mac/TestExpectations:
- platform/win/TestExpectations:
- fast/text/arabic-blacklisted-expected.html: Added.
- fast/text/arabic-blacklisted.html: Added.
- 12:46 AM Changeset in webkit [197846] by
-
- 3 edits1 add in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore
Merge r197640 - [JSC] RegExp#lastIndex should handle writable attribute when defining in defineOwnProperty path
https://bugs.webkit.org/show_bug.cgi?id=155093
Reviewed by Filip Pizlo.
Before this patch,
setLastIndex(ExecState* exec, size_t lastIndex)always overwrites the existing value
regardless of writable attribute.
And when defining RegExp#lastIndex in defineOwnProperty, we need to define the value first
before making the attribute readonly. After changing the writable attribute, we cannot define the value.
- runtime/RegExpObject.cpp:
(JSC::RegExpObject::defineOwnProperty):
- runtime/RegExpObject.h:
(JSC::RegExpObject::setLastIndex):
- tests/stress/regexp-last-index-writable.js: Added.
(shouldBe):
(shouldThrow):
(regExpLastIndex):
- 12:32 AM Changeset in webkit [197845] by
-
- 11 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore
Merge r197622 - The most aggressive form of RegExpTest/RegExpExec should speculate more aggressively than just cell
https://bugs.webkit.org/show_bug.cgi?id=154900
Reviewed by Saam Barati.
These old operations used to speculate cell. That's what they did when they were first
introduced. That was probably about as good as they could do back then because we didn't have
very powerful checks. Now we have powerful checks, so we can do this right.
The most profitable thing to check is that child1 is a RegExpObject and child2 is a JSString.
Sometimes though, we will not know what child2 is even though we know that child1 is a
RegExpObject. So, this patch means that RegExpExec/RegExpTest have the following overloads:
RegExpExec(RegExpObject:, String:)
RegExpExec(RegExpObject:, Untyped:)
RegExpExec(Untyped:, Untyped:)
This shaves off some type checks in Octane/regexp. It also cleans up some problems in our
modeling of the effectfulness of these operations.
- dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
- dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
- dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
- dfg/DFGOperations.cpp:
- dfg/DFGOperations.h:
- dfg/DFGSpeculativeJIT.h:
(JSC::DFG::SpeculativeJIT::callOperation):
- dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
- dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
- ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileRegExpExec):
(JSC::FTL::DFG::LowerDFGToB3::compileRegExpTest):
- jit/JITOperations.h:
- 12:05 AM Changeset in webkit [197844] by
-
- 3 edits in releases/WebKitGTK/webkit-2.12/Source/WebCore
Merge r197609 - [GTK] Scrollbars are broken again with GTK+ >= 3.19.11
https://bugs.webkit.org/show_bug.cgi?id=154890
Reviewed by Michael Catanzaro.
Scrollbar style properties have been deprecated in GTK+, and it
seems that now deprecating means keeping the properties but
ignoring them. So, this reworks the whole scrollbars theme code
again to not cache style properties anymore, but retrieve them
from the GtkStyleContext. Previous GTK+ versions still need to
query the style properties, so I've added helper functions to get
all the style properties with the ifdefs, trying to keep the
common render code free of GTK+ versions ifdefs.
- platform/gtk/ScrollbarThemeGtk.cpp:
(WebCore::ScrollbarThemeGtk::backButtonRect):
(WebCore::ScrollbarThemeGtk::forwardButtonRect):
(WebCore::ScrollbarThemeGtk::trackRect):
(WebCore::ScrollbarThemeGtk::thumbRect):
(WebCore::ScrollbarThemeGtk::paintTrackBackground):
(WebCore::ScrollbarThemeGtk::paintThumb):
(WebCore::ScrollbarThemeGtk::paint):
(WebCore::ScrollbarThemeGtk::scrollbarThickness):
(WebCore::ScrollbarThemeGtk::buttonSize):
(WebCore::ScrollbarThemeGtk::stepperSize):
(WebCore::ScrollbarThemeGtk::getStepperSpacing):
(WebCore::ScrollbarThemeGtk::troughUnderSteppers):
(WebCore::ScrollbarThemeGtk::minimumThumbLength):
(WebCore::ScrollbarThemeGtk::thumbFatness):
(WebCore::ScrollbarThemeGtk::getTroughBorder):
(WebCore::ScrollbarThemeGtk::getOrCreateStyleContext):
(WebCore::ScrollbarThemeGtk::updateThemeProperties):
(WebCore::ScrollbarThemeGtk::handleMousePressEvent):
- platform/gtk/ScrollbarThemeGtk.h:
Mar 8, 2016:
- 11:59 PM Changeset in webkit [197843] by
-
- 2 edits in releases/WebKitGTK/webkit-2.12/Source/WebCore
Merge r197577 - Remove use of deprecated sqlite3_expired
https://bugs.webkit.org/show_bug.cgi?id=155025
Reviewed by Tim Horton.
Since we exclusively use sqlite3_prepare_v2 and don't use sqlite3_prepare,
manually checking for expired statements is not necessary.
- platform/sql/SQLiteStatement.cpp:
(WebCore::SQLiteStatement::isExpired): Null check the statement, but don't bother
with sqlite3_expired.
- 11:59 PM Changeset in webkit [197842] by
-
- 3 edits2 adds in releases/WebKitGTK/webkit-2.12
Merge r197576 - Location.reload should not be writable
https://bugs.webkit.org/show_bug.cgi?id=154989
Reviewed by Gavin Barraclough.
Source/JavaScriptCore:
After r196770, operations marked as [Unforgeable] in the IDL (such as
Location.reload) are correctly reported as not writable by
Object.getOwnPropertyDescriptor(). Trying to set such property in JS
is correctly ignored (or throws in strict mode) if the object has
previously been reified. However, due to a bug in putEntry(), it was
still possible to override the property if the object was not reified
yet. This patch fixes the issue by checking in putEntry() that entries
that are functions are not ReadOnly before calling putDirect().
- runtime/Lookup.h:
(JSC::putEntry):
LayoutTests:
Add a layout test to verify that operations marked as [Unforgeable] in
IDL are indeed not writable.
- fast/html/unforgeable-operations-readonly-expected.txt: Added.
- fast/html/unforgeable-operations-readonly.html: Added.
- 11:45 PM Changeset in webkit [197841] by
-
- 8 edits in trunk/Source/WebCore
Unreviewed, rolling out r197825.
https://bugs.webkit.org/show_bug.cgi?id=155222
It broke the EFL build. It is not dead code. (Requested by
gyuyoung on #webkit).
Reverted changeset:
"Delete dead scrolling code"
https://bugs.webkit.org/show_bug.cgi?id=155210
http://trac.webkit.org/changeset/197825
- 11:44 PM Changeset in webkit [197840] by
-
- 3 edits4 adds in releases/WebKitGTK/webkit-2.12
Merge r197570 - [iOS] Crash during font loading when injected bundle cancels load
https://bugs.webkit.org/show_bug.cgi?id=155001
Reviewed by Tim Horton.
Source/WebCore:
If a injected bundle cancels the load, the fontLoaded() callback will be
called twice. We can simply detect this condition.
Test: CancelLoading.CancelFontSubresource API test
- css/CSSFontFaceSource.cpp:
(WebCore::CSSFontFaceSource::fontLoaded):
Tools:
- TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
- TestWebKitAPI/Tests/WebKit2/Ahem.ttf: Added.
- TestWebKitAPI/Tests/WebKit2/webfont.html: Added.
- TestWebKitAPI/Tests/WebKit2Cocoa/CancelFontSubresource.mm: Added.
(-[Myles webView:didFinishNavigation:]):
(TEST):
- TestWebKitAPI/Tests/WebKit2Cocoa/CancelFontSubresourcePlugIn.mm: Added.
(-[CancelFontSubresourcePlugIn webProcessPlugIn:didCreateBrowserContextController:]):
(-[CancelFontSubresourcePlugIn webProcessPlugInBrowserContextController:frame:willSendRequestForResource:request:redirectResponse:]):
- 11:42 PM Changeset in webkit [197839] by
-
- 3 edits in releases/WebKitGTK/webkit-2.12/Source/WebCore
Merge r197552 - Drop DocumentSharedObjectPool immediately when going into PageCache.
<https://webkit.org/b/154986>
Reviewed by Antti Koivisto.
The DocumentSharedObjectPool is a weirdly efficient little optimization
that deduplicates ElementData during the first 10s of a Document's lifetime.
While it's up, every ElementData created will persist so it can be used for
deduplication.
If a Document goes into the PageCache while its shared object pool is still
alive, we can just kill it right away. This will sometimes allow us to free
a bunch of ElementData sooner.
- dom/Document.cpp:
(WebCore::Document::Document):
(WebCore::Document::setInPageCache):
(WebCore::Document::clearSharedObjectPool):
(WebCore::Document::sharedObjectPoolClearTimerFired): Deleted.
- dom/Document.h:
- 11:29 PM Changeset in webkit [197838] by
-
- 2 edits in trunk/Source/WTF
Remove failing assertion. There are strings that claim to be atomic but that the
compiler thread can totally deal with, like the empty string.
Rubber stamped by Mark Lam.
- wtf/text/StringImpl.h:
(WTF::StringImpl::ref):
(WTF::StringImpl::deref):
- 11:28 PM Changeset in webkit [197837] by
-
- 22 edits6 adds in releases/WebKitGTK/webkit-2.12
Merge r197549 - DFG/FTL should inline accesses to RegExpObject::m_lastIndex
https://bugs.webkit.org/show_bug.cgi?id=155003
Reviewed by Benjamin Poulain.
Source/JavaScriptCore:
The Octane/regexp benchmark sets RegExps' lastIndex a lot. I could imagine this being
something that people want to do. Right now, I'm not convinced that making the RegExp object
be more plain-JS would be a good idea considering that pretty much all uses of it will
require some special compiler magic. Also, it's good that this patch teaches the compiler
how to reason about lastIndex since some of my other plans for regexp involve having the
compiler treat more regexp stuff as intrinsic.
This is a smaller Octane/regexp speed-up than I hoped - maybe around 1%. It's an enormous
speed-up on the microbenchmarks attached to this patch.
- dfg/DFGAbstractHeap.h:
- dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
- dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
- dfg/DFGDoesGC.cpp:
(JSC::DFG::doesGC):
- dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
- dfg/DFGHeapLocation.h:
- dfg/DFGNodeType.h:
- dfg/DFGPredictionPropagationPhase.cpp:
(JSC::DFG::PredictionPropagationPhase::propagate):
- dfg/DFGSafeToExecute.h:
(JSC::DFG::safeToExecute):
- dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compilePutAccessorByVal):
(JSC::DFG::SpeculativeJIT::compileGetRegExpObjectLastIndex):
(JSC::DFG::SpeculativeJIT::compileSetRegExpObjectLastIndex):
- dfg/DFGSpeculativeJIT.h:
- dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
- dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
- dfg/DFGStoreBarrierInsertionPhase.cpp:
- ftl/FTLAbstractHeapRepository.cpp:
- ftl/FTLAbstractHeapRepository.h:
- ftl/FTLCapabilities.cpp:
(JSC::FTL::canCompile):
- ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileStringReplace):
(JSC::FTL::DFG::LowerDFGToB3::compileGetRegExpObjectLastIndex):
(JSC::FTL::DFG::LowerDFGToB3::compileSetRegExpObjectLastIndex):
(JSC::FTL::DFG::LowerDFGToB3::didOverflowStack):
(JSC::FTL::DFG::LowerDFGToB3::lowObject):
(JSC::FTL::DFG::LowerDFGToB3::lowRegExpObject):
(JSC::FTL::DFG::LowerDFGToB3::lowString):
- runtime/RegExpObject.h:
(JSC::RegExpObject::createStructure):
(JSC::RegExpObject::offsetOfLastIndex):
LayoutTests:
- js/regress/regexp-last-index-expected.txt: Added.
- js/regress/regexp-last-index.html: Added.
- js/regress/regexp-set-last-index-expected.txt: Added.
- js/regress/regexp-set-last-index.html: Added.
- js/regress/script-tests/regexp-last-index.js: Added.
- js/regress/script-tests/regexp-set-last-index.js: Added.
- 11:28 PM Changeset in webkit [197836] by
-
- 1 edit3 deletes in releases/WebKitGTK/webkit-2.12/LayoutTests
Merge r197547 - Unreviewed, remove test with flaky timeout that doesn't test anything anymore. This test
was relevant back when arguments got torn off; something that we don't do anymore. It
uses a loop that waits for the top-tier compiler to compile it. We don't write tests
like that anymore.
- js/dfg-osr-exit-between-create-and-tearoff-arguments-expected.txt: Removed.
- js/dfg-osr-exit-between-create-and-tearoff-arguments.html: Removed.
- js/script-tests/dfg-osr-exit-between-create-and-tearoff-arguments.js: Removed.
- 10:27 PM Changeset in webkit [197835] by
-
- 3 edits2 adds in trunk
Element with maximum tabIndex cannot be returned by nextElementWithGreaterTabIndex()
https://bugs.webkit.org/show_bug.cgi?id=155215
Reviewed by Ryosuke Niwa.
Source/WebCore:
Element with maximum tabIndex cannot be returned by nextElementWithGreaterTabIndex()
due to a bug in r197726. This patch fixes the issue by only comparing
candidate.tabIndex to winningTabIndex if winner is non-null.
Test: fast/events/max-tabindex-focus.html
- page/FocusController.cpp:
(WebCore::nextElementWithGreaterTabIndex):
LayoutTests:
Add test to make sure that an Element with a tabIndex equal to
2147483647 (maximum tabIndex) can be focused.
- fast/events/max-tabindex-focus-expected.txt: Added.
- fast/events/max-tabindex-focus.html: Added.
- 9:53 PM Changeset in webkit [197834] by
-
- 2 edits in trunk/Tools
Fix iOS Simulator EWS.
Unreviewed build fix.
- Scripts/webkitpy/common/config/ports.py:
- 9:16 PM Changeset in webkit [197833] by
-
- 27 edits6 adds in trunk
DFG should be able to constant-fold strings
https://bugs.webkit.org/show_bug.cgi?id=155200
Reviewed by Geoffrey Garen.
Source/JavaScriptCore:
This adds constant-folding of string1 + string2 and string.length. The actual folding
rule is easy, but there are some gotchas.
The problem is that the DFG cannot allocate new JSString objects until we are on the
main thread. So, DFG IR must have a node for a JSValue string constant that hasn't been
created yet - i.e. it doesn't have any concrete JSValue bits yet.
We have the ability to speak of such things, using LazyJSValue. But that's a class, not
a node type. This patch now adds a node type, LazyJSConstant, which is a Node that holds
a LazyJSValue.
This puts us in a weird situation: AI uses JSValue to represent constants. It would take
a lot of work to change it to use LazyJSValue. So, this implements the constant folding
in StrengthReductionPhase. I created a bug and put a FIXME about moving these rules into
AI.
OTOH, our experience in B3 shows that constant folding in strength reduction is quite
nice. It would totally make sense to have strength reduction have constant folding rules
that mirror the rules in AI, or to factor out the AI constant folding rules, the same
way that B3 factors out those rules into Value methods.
Another issue is how to represent the cumulative result of possibly many foldings. I
initially considered adding LazyJSValue kinds that represented concatenation. Folding
the concatenation to a constant meand that this constant was actually a LazyJSValue that
represented the concatenation of two other things. But this would get super messy if we
wanted to fold an operation that uses the results of another folded operation.
So, the JIT thread folds string operations by creating a WTF::String that contains the
result. The DFG::Graph holds a +1 on the underlying StringImpl, so we can pass the
StringImpl* around without reference counting. The LazyJSValue now has a special kind
that means: we created this StringImpl* on the JIT thread, and once the JIT is done, we
will relinquish ownership of it. LazyJSValue has some magic to emit code for these
to-be-created-JSStrings while also transferring ownership of the StringImpl from the JIT
thread to the main thread and registering the JSString with the GC.
This just implements folding for concatenation and GetArrayLength. It's just a proof of
concept for evil things I want to do later.
This change is a 2.5x speed-up on the string concatenation microbenchmarks I added in
this patch.
- dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
- dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
- dfg/DFGDoesGC.cpp:
(JSC::DFG::doesGC):
- dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
- dfg/DFGFrozenValue.cpp:
(JSC::DFG::FrozenValue::emptySingleton):
(JSC::DFG::FrozenValue::tryGetString):
(JSC::DFG::FrozenValue::dumpInContext):
- dfg/DFGFrozenValue.h:
(JSC::DFG::FrozenValue::strength):
- dfg/DFGGraph.h:
- dfg/DFGLazyJSValue.cpp:
(JSC::DFG::LazyJSValue::newString):
(JSC::DFG::LazyJSValue::getValue):
(JSC::DFG::equalToStringImpl):
(JSC::DFG::LazyJSValue::tryGetStringImpl):
(JSC::DFG::LazyJSValue::tryGetString):
(JSC::DFG::LazyJSValue::strictEqual):
(JSC::DFG::LazyJSValue::switchLookupValue):
(JSC::DFG::LazyJSValue::emit):
(JSC::DFG::LazyJSValue::dumpInContext):
- dfg/DFGLazyJSValue.h:
(JSC::DFG::LazyJSValue::LazyJSValue):
(JSC::DFG::LazyJSValue::knownStringImpl):
(JSC::DFG::LazyJSValue::kind):
(JSC::DFG::LazyJSValue::tryGetValue):
(JSC::DFG::LazyJSValue::character):
(JSC::DFG::LazyJSValue::stringImpl):
- dfg/DFGMayExit.cpp:
(JSC::DFG::mayExit):
- dfg/DFGNode.cpp:
(JSC::DFG::Node::convertToIdentityOn):
(JSC::DFG::Node::convertToLazyJSConstant):
(JSC::DFG::Node::convertToPutHint):
(JSC::DFG::Node::convertToPutClosureVarHint):
(JSC::DFG::Node::tryGetString):
(JSC::DFG::Node::promotedLocationDescriptor):
- dfg/DFGNode.h:
(JSC::DFG::Node::convertToConstant):
(JSC::DFG::Node::convertToConstantStoragePointer):
(JSC::DFG::Node::castConstant):
(JSC::DFG::Node::hasLazyJSValue):
(JSC::DFG::Node::lazyJSValue):
(JSC::DFG::Node::initializationValueForActivation):
- dfg/DFGNodeType.h:
- dfg/DFGPredictionPropagationPhase.cpp:
(JSC::DFG::PredictionPropagationPhase::propagate):
- dfg/DFGSafeToExecute.h:
(JSC::DFG::safeToExecute):
- dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileSetRegExpObjectLastIndex):
(JSC::DFG::SpeculativeJIT::compileLazyJSConstant):
- dfg/DFGSpeculativeJIT.h:
- dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
- dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
- dfg/DFGStrengthReductionPhase.cpp:
(JSC::DFG::StrengthReductionPhase::handleNode):
- ftl/FTLCapabilities.cpp:
(JSC::FTL::canCompile):
- ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileInt52Constant):
(JSC::FTL::DFG::LowerDFGToB3::compileLazyJSConstant):
(JSC::FTL::DFG::LowerDFGToB3::compileDoubleRep):
Source/WTF:
Also disable assertions about reference counting strings on the JIT thread. We will do
that now and it's OK.
- wtf/text/StringImpl.h:
(WTF::StringImpl::ref):
(WTF::StringImpl::deref):
LayoutTests:
- js/regress/script-tests/strcat-const.js: Added.
(foo):
(bar):
- js/regress/script-tests/strcat-length-const.js: Added.
(foo):
(bar):
- js/regress/strcat-const-expected.txt: Added.
- js/regress/strcat-const.html: Added.
- js/regress/strcat-length-const-expected.txt: Added.
- js/regress/strcat-length-const.html: Added.
- 9:02 PM Changeset in webkit [197832] by
-
- 3 edits in trunk/Source/WebInspectorUI
Web Inspector: Timelines keeps switching to overview instead of keeping the selected timeline
https://bugs.webkit.org/show_bug.cgi?id=155212
<rdar://problem/25052504>
Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-08
Reviewed by Timothy Hatcher.
- UserInterface/Views/TimelineSidebarPanel.js:
(WebInspector.TimelineSidebarPanel.prototype.saveStateToCookie):
The sidebar was using out of date information in its tree outline causing it to
switch to the wrong sidebar. Use the up to date information from the recording view.
- UserInterface/Views/TimelineTabContentView.js:
(WebInspector.TimelineTabContentView.prototype._recordingSelected):
Fix typo not getting the right timeline type.
- 8:39 PM Changeset in webkit [197831] by
-
- 7 edits in trunk/Source/WebCore
Stop using the UserContentController for injecting the override style sheet from CaptionUserPreferences
https://bugs.webkit.org/show_bug.cgi?id=155211
Reviewed by Dan Bernstein.
The UserContentController is going to become read only from WebCore's perspective. The CaptionUserPreferences
was relying on being able to set a UserStyleSheet on it, but this was really unnecessary complexity. Simplify
things by storing the style sheet's source directly on the Page and teaching ExtensionStyleSheets about it
explicitly.
- dom/ExtensionStyleSheets.cpp:
(WebCore::ExtensionStyleSheets::updateInjectedStyleSheetCache):
If there is a captionUserPreferencesStyleSheet on the page, inject it.
- page/CaptionUserPreferences.cpp:
(WebCore::CaptionUserPreferences::updateCaptionStyleSheetOveride):
Greatly simplify the code. Now, all this does is set the style sheet on each page.
- page/Page.cpp:
(WebCore::Page::invalidateInjectedStyleSheetCacheInAllFrames):
Extract this out from UserContentController.
(WebCore::Page::setUserContentController):
Call the newly extracted invalidateInjectedStyleSheetCacheInAllFrames().
(WebCore::Page::captionUserPreferencesStyleSheet):
(WebCore::Page::setCaptionUserPreferencesStyleSheet):
Add getter/setter. When setting, invalidate the style sheet cache.
- page/Page.h:
Add new members and functions.
- page/UserContentController.cpp:
(WebCore::UserContentController::addUserStyleSheet):
(WebCore::UserContentController::removeUserStyleSheet):
(WebCore::UserContentController::removeUserStyleSheets):
(WebCore::UserContentController::removeAllUserContent):
Switch to calling invalidateInjectedStyleSheetCacheInAllFramesInAllPages().
(WebCore::UserContentController::invalidateInjectedStyleSheetCacheInAllFramesInAllPages):
Rename and implement in terms of Page::invalidateInjectedStyleSheetCacheInAllFrames().
- page/UserContentController.h:
Rename function.
- 6:50 PM Changeset in webkit [197830] by
-
- 2 edits in trunk/Tools
Booting multiple iOS simulator parallely fails sometimes
https://bugs.webkit.org/show_bug.cgi?id=155208
<rdar://problem/25019651>
Reviewed by Darin Adler.
- Scripts/webkitpy/port/ios.py:
(IOSSimulatorPort.setup_test_run): Increase the time delay between subsequent
simulator boot.
- 6:27 PM Changeset in webkit [197829] by
-
- 2 edits in trunk/Source/WebKit2
Roll r197632 back in now that the bots have caught up.
- UIProcess/ios/WKContentViewInteraction.mm:
(-[WKContentView textInputTraits]):
- 6:17 PM Changeset in webkit [197828] by
-
- 2 edits in trunk/Tools
Add iOS debug testers to flakiness dashboard
https://bugs.webkit.org/show_bug.cgi?id=155206
Reviewed by Darin Adler.
- TestResultServer/static-dashboards/builders.jsonp:
- 6:06 PM Changeset in webkit [197827] by
-
- 22 edits3 copies in trunk/Source
Web Inspector: Memory Timeline should show MemoryPressure events
https://bugs.webkit.org/show_bug.cgi?id=155158
<rdar://problem/25026610>
Reviewed by Brian Burg.
Source/JavaScriptCore:
- inspector/protocol/Memory.json:
Source/WebCore:
- platform/MemoryPressureHandler.cpp:
(WebCore::MemoryPressureHandler::releaseMemory):
When responding to memory pressure, notify page inspectors.
- platform/cocoa/MemoryPressureHandlerCocoa.mm:
Remove unused includes.
- inspector/InspectorInstrumentation.cpp:
(WebCore::InspectorInstrumentation::didHandleMemoryPressureImpl):
- inspector/InspectorInstrumentation.h:
(WebCore::InspectorInstrumentation::playbackStarted):
(WebCore::InspectorInstrumentation::playbackPaused):
(WebCore::InspectorInstrumentation::playbackFinished):
(WebCore::InspectorInstrumentation::playbackHitPosition):
(WebCore::InspectorInstrumentation::didHandleMemoryPressure):
- inspector/InspectorMemoryAgent.cpp:
(WebCore::InspectorMemoryAgent::didCreateFrontendAndBackend):
(WebCore::InspectorMemoryAgent::willDestroyFrontendAndBackend):
(WebCore::InspectorMemoryAgent::enable):
(WebCore::InspectorMemoryAgent::disable):
(WebCore::InspectorMemoryAgent::didHandleMemoryPressure):
- inspector/InspectorMemoryAgent.h:
- inspector/InstrumentingAgents.cpp:
(WebCore::InstrumentingAgents::reset):
- inspector/InstrumentingAgents.h:
(WebCore::InstrumentingAgents::inspectorMemoryAgent):
(WebCore::InstrumentingAgents::setInspectorMemoryAgent):
Plumbing to notify the right active inspector.
Source/WebInspectorUI:
- UserInterface/Main.html:
New resources.
- UserInterface/Base/Main.js:
(WebInspector.loaded):
- UserInterface/Controllers/MemoryManager.js:
(WebInspector.MemoryManager):
(WebInspector.MemoryManager.prototype.memoryPressure):
- UserInterface/Protocol/MemoryObserver.js:
(WebInspector.MemoryObserver.prototype.memoryPressure):
New manager for Memory domain events.
- UserInterface/Controllers/TimelineManager.js:
(WebInspector.TimelineManager):
(WebInspector.TimelineManager.defaultInstruments):
(WebInspector.TimelineManager.prototype._memoryPressure):
- UserInterface/Models/TimelineRecording.js:
(WebInspector.TimelineRecording.prototype.addMemoryPressureEvent):
Add events to the Memory Timeline of the active recording.
- UserInterface/Models/MemoryTimeline.js:
(WebInspector.MemoryTimeline.prototype.get memoryPressureEvents):
(WebInspector.MemoryTimeline.prototype.addMemoryPressureEvent):
(WebInspector.MemoryTimeline.prototype.reset):
(WebInspector.MemoryTimeline):
- UserInterface/Models/Timeline.js:
(WebInspector.Timeline.create):
Create a specific MemoryTimeline to hold records and memory pressure events.
- UserInterface/Models/MemoryPressureEvent.js:
(WebInspector.MemoryPressureEvent):
(WebInspector.MemoryPressureEvent.fromPayload):
(WebInspector.MemoryPressureEvent.prototype.get timestamp):
(WebInspector.MemoryPressureEvent.prototype.get severity):
Model object for a memory pressure event.
- UserInterface/Views/MemoryTimelineOverviewGraph.css:
(.timeline-overview-graph.memory .memory-pressure-event):
- UserInterface/Views/MemoryTimelineOverviewGraph.js:
(WebInspector.MemoryTimelineOverviewGraph):
(WebInspector.MemoryTimelineOverviewGraph.prototype.reset):
(WebInspector.MemoryTimelineOverviewGraph.prototype._visibleMemoryPressureEvents):
(WebInspector.MemoryTimelineOverviewGraph.prototype._memoryTimelineMemoryPressureEventAdded):
Include markers for memory pressure events.
- 6:06 PM Changeset in webkit [197826] by
-
- 7 edits2 adds in trunk
Web Inspector: Add Heap domain start/stop tracking commands
https://bugs.webkit.org/show_bug.cgi?id=155190
Reviewed by Brian Burg.
Source/JavaScriptCore:
- inspector/agents/InspectorHeapAgent.cpp:
(Inspector::InspectorHeapAgent::willDestroyFrontendAndBackend):
(Inspector::InspectorHeapAgent::startTracking):
(Inspector::InspectorHeapAgent::stopTracking):
- inspector/agents/InspectorHeapAgent.h:
- inspector/protocol/Heap.json:
Source/WebInspectorUI:
- UserInterface/Protocol/HeapObserver.js:
(WebInspector.HeapObserver.prototype.trackingStart):
(WebInspector.HeapObserver.prototype.trackingComplete):
To be used when we have a HeapAllocationsInstrument and timeline.
LayoutTests:
- inspector/heap/tracking-expected.txt: Added.
- inspector/heap/tracking.html: Added.
- 6:05 PM Changeset in webkit [197825] by
-
- 8 edits in trunk/Source/WebCore
Delete dead scrolling code
https://bugs.webkit.org/show_bug.cgi?id=155210
Reviewed by Simon Fraser.
No new tests because there is no behavior change.
- page/FrameView.cpp:
(WebCore::FrameView::layerForScrolling): Deleted.
- page/FrameView.h:
- page/scrolling/ScrollingCoordinator.cpp:
(WebCore::ScrollingCoordinator::scrollLayerForScrollableArea): Deleted.
- page/scrolling/ScrollingCoordinator.h:
- platform/ScrollableArea.h:
(WebCore::ScrollableArea::horizontalScrollbar):
(WebCore::ScrollableArea::verticalScrollbar):
(WebCore::ScrollableArea::tiledBacking):
(WebCore::ScrollableArea::layerForHorizontalScrollbar):
(WebCore::ScrollableArea::layerForVerticalScrollbar):
(WebCore::ScrollableArea::layerForScrollCorner):
(WebCore::ScrollableArea::layerForOverhangAreas):
(WebCore::ScrollableArea::layerForScrolling): Deleted.
- rendering/RenderLayer.cpp:
(WebCore::RenderLayer::calculateClipRects): Deleted.
- rendering/RenderLayer.h:
- 5:44 PM Changeset in webkit [197824] by
-
- 3 edits1 move in trunk/Source/WebInspectorUI
Web Inspector: Make debugging Test.html easier
https://bugs.webkit.org/show_bug.cgi?id=155207
Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-08
Reviewed by Brian Burg.
- UserInterface/Base/InspectorFrontendHostStub.js: Renamed from Source/WebInspectorUI/UserInterface/Protocol/InspectorFrontendHostStub.js.
(window.InspectorFrontendHost.WebInspector.InspectorFrontendHostStub.prototype.unbufferedLog):
Add new stub for test function.
- UserInterface/Main.html:
- UserInterface/Test.html:
Move the stub to the Base directory.
- 5:40 PM Changeset in webkit [197823] by
-
- 2 edits in trunk
[EFL] Enable the SVG -> OTF Font Converter
https://bugs.webkit.org/show_bug.cgi?id=155192
Reviewed by Gyuyoung Kim.
- Source/cmake/OptionsEfl.cmake:
- 5:38 PM Changeset in webkit [197822] by
-
- 10 edits5 adds in trunk
Web Inspector: Add a way to create a Heap Snapshot
https://bugs.webkit.org/show_bug.cgi?id=155188
Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-08
Reviewed by Brian Burg.
Source/JavaScriptCore:
- inspector/agents/InspectorHeapAgent.h:
- inspector/protocol/Heap.json:
- inspector/agents/InspectorHeapAgent.cpp:
(Inspector::InspectorHeapAgent::snapshot):
Take a heap snapshot and return the JSON string result.
- inspector/protocol/Debugger.json:
Remove unused optional inferredName. Our displayName would be inferred.
Source/WebInspectorUI:
- UserInterface/Main.html:
- UserInterface/Test.html:
Add new Model resources.
- UserInterface/Models/HeapSnapshot.js: Added.
(WebInspector.HeapSnapshotClassCategory):
(WebInspector.HeapSnapshot):
(WebInspector.HeapSnapshot.fromPayload):
(WebInspector.HeapSnapshot.prototype.get rootNode):
(WebInspector.HeapSnapshot.prototype.get nodes):
(WebInspector.HeapSnapshot.prototype.get identifier):
(WebInspector.HeapSnapshot.prototype.get instances):
(WebInspector.HeapSnapshot.prototype.get categories):
(WebInspector.HeapSnapshot.prototype.get totalSize):
(WebInspector.HeapSnapshot.prototype.get totalObjectCount):
(WebInspector.HeapSnapshot.prototype.instancesWithClassName):
(WebInspector.HeapSnapshot.prototype.nodeWithObjectIdentifier):
- UserInterface/Models/HeapSnapshotEdge.js: Added.
(WebInspector.HeapSnapshotEdge):
(WebInspector.HeapSnapshotEdge.prototype.stringify):
- UserInterface/Models/HeapSnapshotNode.js: Added.
(WebInspector.HeapSnapshotNode):
Data structures for a HeapSnapshot.
LayoutTests:
- inspector/heap/snapshot-expected.txt: Added.
- inspector/heap/snapshot.html: Added.
- 5:05 PM Changeset in webkit [197821] by
-
- 2 edits in trunk/Source/JavaScriptCore
Fix ios bot build.
- 5:00 PM Changeset in webkit [197820] by
-
- 3 edits in trunk/LayoutTests
Move two indexeddb test skips out of wk2/TestExpectations and in to TestExpectations.
Unreviewed test gardening.
- TestExpectations:
- platform/wk2/TestExpectations:
- 4:40 PM Changeset in webkit [197819] by
-
- 2 edits in trunk/Source/WTF
Fix AppKitCompatibilityDeclarations build.
- wtf/mac/AppKitCompatibilityDeclarations.h:
Remove duplicate declarations, conditionally define NSTextAlignment and
add a NSWindowStyleMask typedef.
- 4:25 PM Changeset in webkit [197818] by
-
- 1 edit in trunk/Source/JavaScriptCore/jit/ExecutableAllocatorFixedVMPool.cpp
Build fix
- 4:21 PM Changeset in webkit [197817] by
-
- 3 edits in trunk/Source/JavaScriptCore
Implement Function.name support for getters/setters and inferring name of function properties.
https://bugs.webkit.org/show_bug.cgi?id=154865
Rubber-stamped by Joseph Pecoraro.
Follow up to the fix for this bug: adding a few small clean-ups for issues Joe
pointed out in the bug.
- runtime/JSBoundSlotBaseFunction.cpp:
(JSC::JSBoundSlotBaseFunction::create):
- runtime/JSCJSValue.cpp:
(JSC::JSValue::putToPrimitiveByIndex):
- 4:08 PM Changeset in webkit [197816] by
-
- 21 edits in trunk
Start moving to separated writable and executable mappings in the JIT
https://bugs.webkit.org/show_bug.cgi?id=155178
Reviewed by Fil Pizlo.
Source/JavaScriptCore:
Start moving to a separate writable and executable heap for the various
JITs.
As part of our work to harden the JIT against various attacks, we're
moving away from our current RWX heap and on to using separate RW and X
mappings. This means that simply leaking the location of the executable
mapping is not sufficient to compromise JSC, so we can continue to
use direct executable pointers in our GC objects (which we need for
performance), but keep the writable pointer in only a single location
so that we are less likely to leak the address. To further obscure the
address of the writable region we place it in an execute only region
of memory so that it is not possible to read the location from
anywhere. That means an attacker must have at least partial control
of PC (to call jitMemCopy) before they can start to attack the JIT.
This work is initially ARM64 only, as we use as the jitMemCopy is
currently specific to that platform's calling conventions and layout.
We're just landing it in the current form so that we can at least
ensure it doesn't regress.
- Configurations/FeatureDefines.xcconfig:
- assembler/ARM64Assembler.h:
(JSC::ARM64Assembler::ldp):
(JSC::ARM64Assembler::ldnp):
(JSC::ARM64Assembler::fillNops):
(JSC::ARM64Assembler::stp):
(JSC::ARM64Assembler::stnp):
(JSC::ARM64Assembler::replaceWithJump):
(JSC::ARM64Assembler::replaceWithLoad):
(JSC::ARM64Assembler::replaceWithAddressComputation):
(JSC::ARM64Assembler::setPointer):
(JSC::ARM64Assembler::repatchInt32):
(JSC::ARM64Assembler::repatchCompact):
(JSC::ARM64Assembler::linkJumpOrCall):
(JSC::ARM64Assembler::linkCompareAndBranch):
(JSC::ARM64Assembler::linkConditionalBranch):
(JSC::ARM64Assembler::linkTestAndBranch):
(JSC::ARM64Assembler::loadStoreRegisterPairOffset):
(JSC::ARM64Assembler::loadStoreRegisterPairNonTemporal):
- assembler/LinkBuffer.cpp:
(JSC::LinkBuffer::copyCompactAndLinkCode):
(JSC::LinkBuffer::allocate):
- assembler/LinkBuffer.h:
(JSC::LinkBuffer::LinkBuffer):
- assembler/MacroAssemblerARM64.h:
(JSC::MacroAssemblerARM64::sub64):
(JSC::MacroAssemblerARM64::load64):
(JSC::MacroAssemblerARM64::loadPair64):
(JSC::MacroAssemblerARM64::loadPair64WithNonTemporalAccess):
(JSC::MacroAssemblerARM64::load8):
(JSC::MacroAssemblerARM64::store64):
(JSC::MacroAssemblerARM64::storePair64):
(JSC::MacroAssemblerARM64::storePair64WithNonTemporalAccess):
(JSC::MacroAssemblerARM64::store8):
(JSC::MacroAssemblerARM64::branchAdd64):
(JSC::MacroAssemblerARM64::branchSub64):
- jit/ExecutableAllocator.h:
(JSC::performJITMemcpy):
- jit/ExecutableAllocatorFixedVMPool.cpp:
(JSC::FixedVMPoolExecutableAllocator::FixedVMPoolExecutableAllocator):
(JSC::FixedVMPoolExecutableAllocator::initializeSeparatedWXHeaps):
(JSC::FixedVMPoolExecutableAllocator::jitWriteThunkGenerator):
- runtime/Options.cpp:
(JSC::recomputeDependentOptions):
- runtime/Options.h:
Source/WebCore:
Update feature defines.
- Configurations/FeatureDefines.xcconfig:
Source/WebKit/mac:
Update feature defines.
- Configurations/FeatureDefines.xcconfig:
Source/WebKit2:
Update feature defines.
- Configurations/FeatureDefines.xcconfig:
Source/WTF:
Update feature defines.
- wtf/FeatureDefines.h:
- wtf/Platform.h: ARM64 for now.
Tools:
Making run-jsc-benchmarks slightly happier on my machine.
- Scripts/run-jsc-benchmarks:
- 4:01 PM Changeset in webkit [197815] by
-
- 21 edits3 adds in trunk
Implement Function.name support for getters/setters and inferring name of function properties.
https://bugs.webkit.org/show_bug.cgi?id=154865
Reviewed by Geoffrey Garen.
Source/JavaScriptCore:
- toString() no longer uses the value of Function.name as the name of the function in the returned string, because ...
- Function.name is supposed to be configurable. Hence, it can be made writable and can be set to any JSValue, or deleted.
- Function.prototype.toString() is supposed to produce a string that can be
eval'ed. Hence, for JS functions, the function name in the produced
string must be a legal function name (and not some arbitrary value set in
Function.name). For example, while a number is a legal value for
Function.name, it is not legal as the function name in the toString()
string.
Instead, we'll always use the original name from the JS source that the
function was parsed from.
- JSFunction::name() now always return the original name, not the value of the Function.name property. As a result, it also no longer needs an ExecState* arg.
If the original name is an empty string, JSFunction::name() will use the
inferred name.
- For JS functions, the original name can be attained from their FunctionExecutable object.
For host/native functions (which do not have a FunctionExecutable), we get the
"original" name from its NativeExecutable.
- The m_hostFunctionStubMap now keys its NativeExecutable pointers using the original name, in addition to the native function and constructor pointers.
This is needed because we want a different NativeExecutable for functions with
a different name (to satisfy (3) above).
- Changed JSBoundFunction to store the name of its bound function in its NativeExecutable. This will later be used to generate the toString() string. It's Function.name value is eagerly initialized at construction time.
- Function.name for getters/setters are now prefixed with "get"/"set". This was done both for the JSBoundSlotBaseFunctions and JS definable get/set functions.
- Added InternalFunction::m_originalName so that we can use it to generate the toString() string. We're storing it as a JSString instead of a WTF::String only because we want InternalFunction to be continue to be trivially destructible.
- inspector/JSInjectedScriptHost.cpp:
(Inspector::JSInjectedScriptHost::functionDetails):
- jit/JITThunks.cpp:
(JSC::JITThunks::finalize):
(JSC::JITThunks::hostFunctionStub):
- jit/JITThunks.h:
- runtime/Executable.h:
- runtime/FunctionPrototype.cpp:
(JSC::functionProtoFuncToString):
- runtime/InternalFunction.cpp:
(JSC::InternalFunction::finishCreation):
(JSC::InternalFunction::visitChildren):
(JSC::InternalFunction::name):
(JSC::InternalFunction::displayName):
- runtime/InternalFunction.h:
- runtime/JSBoundFunction.cpp:
(JSC::JSBoundFunction::create):
(JSC::JSBoundFunction::visitChildren):
(JSC::JSBoundFunction::toStringName): Deleted.
- runtime/JSBoundFunction.h:
(JSC::JSBoundFunction::boundThis):
(JSC::JSBoundFunction::boundArgs):
(JSC::JSBoundFunction::createStructure):
- runtime/JSBoundSlotBaseFunction.cpp:
(JSC::boundSlotBaseFunctionCall):
(JSC::JSBoundSlotBaseFunction::create):
- runtime/JSFunction.cpp:
(JSC::JSFunction::initializeRareData):
(JSC::JSFunction::name):
(JSC::JSFunction::displayName):
(JSC::JSFunction::calculatedDisplayName):
(JSC::JSFunction::reifyName):
- runtime/JSFunction.h:
- tests/es6.yaml:
LayoutTests:
- js/function-toString-vs-name-expected.txt: Added.
- js/function-toString-vs-name.html: Added.
- js/script-tests/function-toString-vs-name.js: Added.
- 3:59 PM Changeset in webkit [197814] by
-
- 2 edits in trunk
[GTK] Enable the SVG -> OTF Font Converter
https://bugs.webkit.org/show_bug.cgi?id=155191
Reviewed by Martin Robinson.
- Source/cmake/OptionsGTK.cmake:
- 3:58 PM Changeset in webkit [197813] by
-
- 2 edits in trunk/Tools
Use NSUInteger instead of NSWindowStyleMask.
- MiniBrowser/mac/MiniBrowser_Prefix.pch:
- 3:56 PM Changeset in webkit [197812] by
-
- 4 edits in trunk/Tools
Fix build.
We intentionally don't use AppKitCompatibilityDeclarations.h here, since we want
MiniBrowser to build without WTF.
- MiniBrowser/mac/AppDelegate.m:
(-[BrowserAppDelegate _updateNewWindowKeyEquivalents]):
- MiniBrowser/mac/BrowserWindowController.m:
(-[BrowserWindowController windowDidLoad]):
- MiniBrowser/mac/MiniBrowser_Prefix.pch:
- 3:52 PM Changeset in webkit [197811] by
-
- 12 edits in trunk
Font size computed style is innaccurate
https://bugs.webkit.org/show_bug.cgi?id=154705
<rdar://problem/23474068>
Reviewed by Timothy Hatcher.
Source/WebCore:
Safari rounds the font size value reported to getComputedStyle(). Neither Firefox
nor Chrome do this.
Covered by existing tests.
- css/CSSComputedStyleDeclaration.cpp:
(WebCore::ComputedStyleExtractor::getFontSizeCSSValuePreferringKeyword):
(WebCore::fontSizeFromStyle):
LayoutTests:
Update expected results.
- css3/calc/font-size-fractional-expected.txt:
- css3/viewport-percentage-lengths/viewport-percentage-lengths-relative-font-size.html:
- css3/viewport-percentage-lengths/viewport-percentage-lengths-relative-font-size-expected.txt:
- editing/mac/attributed-string/font-size-expected.txt:
- editing/mac/attributed-string/vertical-align-expected.txt:
- platform/mac-mavericks/editing/mac/attributed-string/font-size-expected.txt:
- platform/mac-mavericks/editing/mac/attributed-string/vertical-align-expected.txt:
- platform/mac-yosemite/editing/mac/attributed-string/font-size-expected.txt:
- platform/mac-yosemite/editing/mac/attributed-string/vertical-align-expected.txt:
- 3:44 PM Changeset in webkit [197810] by
-
- 2 edits1 add in trunk/Source/WTF
Add AppKit compatibility header
https://bugs.webkit.org/show_bug.cgi?id=155202
Reviewed by Beth Dakin.
- WTF.xcodeproj/project.pbxproj:
- wtf/mac/AppKitCompatibilityDeclarations.h: Added.
- 3:31 PM Changeset in webkit [197809] by
-
- 2 edits in trunk/LayoutTests
Marking storage/domstorage/events/basic-body-attribute.html as flaky on ios-simulator-wk2
https://bugs.webkit.org/show_bug.cgi?id=155201
Unreviewed test gardening.
- platform/ios-simulator-wk2/TestExpectations:
- 3:30 PM Changeset in webkit [197808] by
-
- 2 edits in trunk/Source/WebKit2
[WK2][Mac] Allow processes to set "fast-dev-casheable" bit in Network Process
https://bugs.webkit.org/show_bug.cgi?id=155189
<rdar://problem/25042678>
Reviewed by Alexey Proskuryakov.
Update the NetworkProcess sandbox profiles with a declaration that using the
system-fctl to touch the "hot file" flag (to support caching operations)
is allowed. I should have done this in Bug 154503, but did not.
- NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in: Add sandbox permission.
- 3:16 PM Changeset in webkit [197807] by
-
- 3 edits in trunk/Source/WebCore
Enable API related to the video fullscreen layer in MediaPlayerPrivateMediaStreamAVFObjC for Mac.
https://bugs.webkit.org/show_bug.cgi?id=153239
Reviewed by Eric Carlson.
Reuse VideoFullscreenLayerManager to manage moving the video layer between the fullscreen
layer and the inline layer depending on the current presentation mode.
- platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
- platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::MediaPlayerPrivateMediaStreamAVFObjC):
Create m_videoFullscreenLayerManager.
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::platformLayer):
Return the video inline layer from the VideoFullscreenLayerManager.
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::createPreviewLayers):
Call VideoFullscreenLayerManager::setVideoLayer() with the m_videoBackgroundLayer. To make sure
the preview layer (a sublayer of m_videoBackgroundLayer) resize according to aspect ratio, set
its contents gravity to kCAGravityResizeAspect. Also, set its autoresizing mask so it'll resize
with its superlayer.
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setVideoFullscreenLayer):
Call VideoFullscreenLayerManager::setVideoFullscreenLayer().
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setVideoFullscreenFrame):
Call VideoFullscreenLayerManager::setVideoFullscreenFrame().
- 3:02 PM Changeset in webkit [197806] by
-
- 5 edits in trunk/Source/WebInspectorUI
Web Inspector: Miscellaneous inspector fixes for typos / stale code
https://bugs.webkit.org/show_bug.cgi?id=155193
Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-08
Reviewed by Timothy Hatcher.
- UserInterface/Models/SourceCodeLocation.js:
(WebInspector.SourceCodeLocation.prototype._locationString):
Fix whitespace.
- UserInterface/Views/ApplicationCacheFrameContentView.js:
(WebInspector.ApplicationCacheFrameContentView):
Remove unused class name.
- UserInterface/Views/SourceCodeTextEditor.js:
(WebInspector.SourceCodeTextEditor.prototype._showPopoverForFunction.didGetDetails):
Remove inferredName, as that was never sent by our backend and is getting removed.
- UserInterface/Views/TimelineRuler.js:
(WebInspector.TimelineRuler.prototype._handleMouseUp):
Fix variable name typo.
- 2:29 PM Changeset in webkit [197805] by
-
- 4 edits in trunk/Tools
Add iOS simulator EWS that runs tests
https://bugs.webkit.org/show_bug.cgi?id=155175
Reviewed by Lucas Forschler.
- QueueStatusServer/config/queues.py:
- Scripts/webkitpy/common/config/ews.json:
- Scripts/webkitpy/common/config/ports.py:
- 2:22 PM Changeset in webkit [197804] by
-
- 11 edits2 adds in trunk
[Font Loading] Crash when a single load request causes multiple fonts to fail loading
https://bugs.webkit.org/show_bug.cgi?id=155009
Reviewed by Simon Fraser.
Source/WebCore:
In JavaScript, the first promise fulfillment/failure wins. However, in C++, any
subsequent fulfillments/failures cause a crash.
Test: fast/text/font-face-set-document-multiple-failure.html
- css/CSSFontFace.cpp:
(WebCore::iterateClients): Notifying a client may cause some other client
to be destroyed, thereby modifying the clients set. This function allows
for notifying clients in a resilient manner.
(WebCore::CSSFontFace::setStyle): Update to use iterateClients().
(WebCore::CSSFontFace::setWeight): Ditto.
(WebCore::CSSFontFace::setUnicodeRange): Ditto.
(WebCore::CSSFontFace::setVariantLigatures): Ditto.
(WebCore::CSSFontFace::setVariantPosition): Ditto.
(WebCore::CSSFontFace::setVariantCaps): Ditto.
(WebCore::CSSFontFace::setVariantNumeric): Ditto.
(WebCore::CSSFontFace::setVariantAlternates): Ditto.
(WebCore::CSSFontFace::setVariantEastAsian): Ditto.
(WebCore::CSSFontFace::setFeatureSettings): Ditto.
(WebCore::CSSFontFace::setStatus): Ditto.
(WebCore::CSSFontFace::notifyClientsOfFontPropertyChange): Deleted.
- css/CSSFontFace.h: Adding a way for clients to make sure they don't register
or deregister another client.
- css/CSSFontFaceSet.cpp:
(WebCore::CSSFontFaceSet::guardAgainstClientRegistrationChanges): Simple
ref()/deref() pair.
(WebCore::CSSFontFaceSet::stopGuardingAgainstClientRegistrationChanges):
- css/CSSFontFaceSet.h:
- css/FontFace.cpp: Ditto.
(WebCore::FontFace::guardAgainstClientRegistrationChanges):
(WebCore::FontFace::stopGuardingAgainstClientRegistrationChanges):
- css/FontFace.h:
- css/FontFaceSet.cpp:
(WebCore::FontFaceSet::faceFinished): Make sure that we only fulfil or reject
a promise once.
- css/FontFaceSet.h:
- dom/Document.cpp:
(WebCore::Document::fonts): The CSSFontFaces inside the CSSFontSelector get
created during style recalc. We may be in a state where there is a style
recalc pending. In order to make sure the Javascript API sees the current
state of the world, force a style recalc here (but only if one is pending).
LayoutTests:
- fast/text/font-face-set-document-multiple-failure-expected.txt: Added.
- fast/text/font-face-set-document-multiple-failure.html: Added.
- 1:58 PM Changeset in webkit [197803] by
-
- 21 edits1 delete in trunk
Unreviewed, rolling out r197793 and r197799.
https://bugs.webkit.org/show_bug.cgi?id=155195
something weird happened while landing this and everything
broke (Requested by olliej on #webkit).
Reverted changesets:
"Start moving to separated writable and executable mappings in
the JIT"
https://bugs.webkit.org/show_bug.cgi?id=155178
http://trac.webkit.org/changeset/197793
"arm64 build fix after r197793."
http://trac.webkit.org/changeset/197799
- 1:56 PM Changeset in webkit [197802] by
-
- 2 edits in trunk/Source/WebInspectorUI
Web Inspector: Images being blocked by CSP 2.0
https://bugs.webkit.org/show_bug.cgi?id=155182
<rdar://problem/25040640>
Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-08
Reviewed by Daniel Bates.
- UserInterface/Main.html:
Allow Web Inspector to load file: and blob: image resources.
Also blob: media and font resources.
- 1:44 PM Changeset in webkit [197801] by
-
- 2 edits in trunk/Source/WebKit2
[WK2] Grant explicit read access to ManagedPreferences
https://bugs.webkit.org/show_bug.cgi?id=155173
<rdar://problem/24910550>
Reviewed by Alexey Proskuryakov.
- Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb: Add new
read permission.
- 1:42 PM Changeset in webkit [197800] by
-
- 2 edits in trunk/LayoutTests
Skip fast/events/prevent-default-prevents-interaction-with-scrollbars.html on ios-simulator
Unreviewed test gardening.
The test relies on mouse events, which are unsupported on ios-simulator.
- platform/ios-simulator/TestExpectations:
- 1:36 PM Changeset in webkit [197799] by
-
- 2 edits in trunk/Source/JavaScriptCore
arm64 build fix after r197793.
- jit/ExecutableAllocatorFixedVMPool.cpp:
(JSC::FixedVMPoolExecutableAllocator::FixedVMPoolExecutableAllocator):
(JSC::FixedVMPoolExecutableAllocator::initializeBulletproofJIT):
(JSC::FixedVMPoolExecutableAllocator::jitWriteThunkGenerator):
Use consistent ENABLE macro. It looks like it was partially renamed.
- 1:33 PM Changeset in webkit [197798] by
-
- 2 edits in trunk/LayoutTests
Skip css3/filters tests that seem to cause a crash on ios-simulator
https://bugs.webkit.org/show_bug.cgi?id=153933
Unreviewed test gardening.
- platform/ios-simulator/TestExpectations:
- 1:21 PM Changeset in webkit [197797] by
-
- 7 edits1 add in trunk/Source/bmalloc
Unreviewed, rolling in r197722.
https://bugs.webkit.org/show_bug.cgi?id=155171
The right calculation for our static_assert is actually:
sizeof(SmallChunk) % vmPageSize + 2 * smallMax <= vmPageSize
instead of:
sizeof(SmallChunk) % vmPageSize + smallMax <= vmPageSize
smallMax is not enough because line metadata might require us to begin
allocation at an offset as large as smallMax, so we need 2 * smallMax.
Once correct, this static_assert fires, and we fix it by increasing
the alignment of SmallChunk.
Restored changeset:
"bmalloc: Use List<T> instead of Vector<T> in some places"
https://bugs.webkit.org/show_bug.cgi?id=155150
http://trac.webkit.org/changeset/197722
- 1:15 PM Changeset in webkit [197796] by
-
- 9 edits2 adds in trunk/Source/JavaScriptCore
Regexp matching should incur less call overhead
https://bugs.webkit.org/show_bug.cgi?id=155181
Reviewed by Geoffrey Garen.
Previously we had DFG/FTL code call into the DFGOperation, which then called in to
RegExpObject, which then called into createRegExpMatchesArray, which then called into
RegExp, which then called the code generated by Yarr.
Now we have DFG/FTL code call into the DFGOperation, which does all of the things and calls
into code generated by Yarr.
This is another tiny Octane/regexp speed-up.
- JavaScriptCore.xcodeproj/project.pbxproj:
- dfg/DFGOperations.cpp:
- runtime/RegExp.cpp:
(JSC::regExpFlags):
(JSC::RegExp::compile):
(JSC::RegExp::match):
(JSC::RegExp::compileMatchOnly):
(JSC::RegExp::deleteCode):
(JSC::RegExpFunctionalTestCollector::clearRegExp): Deleted.
(JSC::RegExp::compileIfNecessary): Deleted.
(JSC::RegExp::compileIfNecessaryMatchOnly): Deleted.
- runtime/RegExp.h:
- runtime/RegExpInlines.h: Added.
(JSC::RegExpFunctionalTestCollector::clearRegExp):
(JSC::RegExp::compileIfNecessary):
(JSC::RegExp::matchInline):
(JSC::RegExp::compileIfNecessaryMatchOnly):
- runtime/RegExpMatchesArray.cpp:
(JSC::createEmptyRegExpMatchesArray):
(JSC::createStructureImpl):
(JSC::tryCreateUninitializedRegExpMatchesArray): Deleted.
(JSC::createRegExpMatchesArray): Deleted.
- runtime/RegExpMatchesArray.h:
(JSC::tryCreateUninitializedRegExpMatchesArray):
(JSC::createRegExpMatchesArray):
- runtime/RegExpObject.cpp:
(JSC::RegExpObject::put):
(JSC::RegExpObject::exec):
(JSC::RegExpObject::match):
(JSC::getLastIndexAsUnsigned): Deleted.
- runtime/RegExpObject.h:
(JSC::RegExpObject::getLastIndex):
(JSC::RegExpObject::test):
(JSC::RegExpObject::testInline):
- runtime/RegExpObjectInlines.h: Added.
(JSC::getRegExpObjectLastIndexAsUnsigned):
(JSC::RegExpObject::execInline):
(JSC::RegExpObject::matchInline):
- 1:02 PM Changeset in webkit [197795] by
-
- 12 edits in trunk/Source/WebKit2
Ignore deprecation warnings.
- Shared/mac/ChildProcessMac.mm:
(WebKit::ChildProcess::stopNSAppRunLoop):
- Shared/mac/WebEventFactory.mm:
(WebKit::mouseButtonForEvent):
(WebKit::mouseEventTypeForEvent):
(WebKit::clickCountForEvent):
(WebKit::globalPointForEvent):
(WebKit::pointForEvent):
(WebKit::textFromEvent):
(WebKit::unmodifiedTextFromEvent):
(WebKit::isKeypadEvent):
(WebKit::isKeyUpEvent):
(WebKit::modifiersForEvent):
(WebKit::WebEventFactory::createWebKeyboardEvent):
- UIProcess/API/Cocoa/WKNavigationAction.mm:
(toNSEventModifierFlags):
- UIProcess/Cocoa/WebViewImpl.mm:
(WebKit::WebViewImpl::becomeFirstResponder):
(WebKit::WebViewImpl::updateContentInsetsIfAutomatic):
(WebKit::WebViewImpl::viewDidMoveToWindow):
(WebKit::WebViewImpl::postFakeMouseMovedEventForFlagsChangedEvent):
(WebKit::WebViewImpl::createFullScreenWindow):
(WebKit::WebViewImpl::sendToolTipMouseExited):
(WebKit::WebViewImpl::sendToolTipMouseEntered):
(WebKit::applicationFlagsForDrag):
(WebKit::WebViewImpl::setLastMouseDownEvent):
(WebKit::WebViewImpl::doneWithKeyEvent):
(WebKit::WebViewImpl::collectKeyboardLayoutCommandsForEvent):
(WebKit::WebViewImpl::performKeyEquivalent):
- UIProcess/Plugins/mac/PluginProcessProxyMac.mm:
(WebKit::PluginProcessProxy::beginModal):
- UIProcess/mac/WebContextMenuProxyMac.mm:
(WebKit::WebContextMenuProxyMac::showContextMenu):
- UIProcess/mac/WebInspectorProxyMac.mm:
(WebKit::WebInspectorProxy::platformCanAttach):
- UIProcess/mac/WebPopupMenuProxyMac.mm:
(WebKit::WebPopupMenuProxyMac::populate):
(WebKit::WebPopupMenuProxyMac::showPopupMenu):
- WebProcess/Plugins/PDF/DeprecatedPDFPlugin.mm:
(WebKit::modifierFlagsFromWebEvent):
(WebKit::getEventTypeFromWebEvent):
- WebProcess/Plugins/PDF/PDFPluginTextAnnotation.mm:
(WebKit::cssAlignmentValueForNSTextAlignment):
- WebProcess/WebCoreSupport/mac/WebDragClientMac.mm:
(WebKit::convertImageToBitmap):
- 12:57 PM Changeset in webkit [197794] by
-
- 28 edits2 deletes in trunk/Source
synthesizePrototype() and friends need to be followed by exception checks (or equivalent).
https://bugs.webkit.org/show_bug.cgi?id=155169
Reviewed by Geoffrey Garen.
Source/JavaScriptCore:
With the exception checks, we may end up throwing new exceptions over an existing
one that has been thrown but not handled yet, thereby obscuring it. It may also
mean that the VM will continue running on potentially unstable state, which may
have undesirable consequences.
I first observed this in some failed assertion while running tests on a patch for
https://bugs.webkit.org/show_bug.cgi?id=154865.
Performance is neutral with this patch (tested on x86_64).
- Deleted JSNotAnObject, and removed all uses of it.
- Added exception checks, when needed, following calls to synthesizePrototype() and JSValue::toObject().
The cases that do not need an exception check are the ones that already ensures
that JSValue::toObject() is only called on a value that is convertible to an
object. In those cases, I added an assertion that no exception was thrown
after the call.
- CMakeLists.txt:
- JavaScriptCore.xcodeproj/project.pbxproj:
- inspector/ScriptCallStackFactory.cpp:
(Inspector::createScriptCallStackFromException):
- interpreter/Interpreter.cpp:
- jit/JITOperations.cpp:
- llint/LLIntSlowPaths.cpp:
(JSC::LLInt::LLINT_SLOW_PATH_DECL):
- runtime/ArrayPrototype.cpp:
(JSC::arrayProtoFuncJoin):
(JSC::arrayProtoFuncConcat):
(JSC::arrayProtoFuncPop):
(JSC::arrayProtoFuncPush):
(JSC::arrayProtoFuncReverse):
(JSC::arrayProtoFuncShift):
(JSC::arrayProtoFuncSlice):
(JSC::arrayProtoFuncSplice):
(JSC::arrayProtoFuncUnShift):
(JSC::arrayProtoFuncIndexOf):
(JSC::arrayProtoFuncLastIndexOf):
(JSC::arrayProtoFuncValues):
(JSC::arrayProtoFuncEntries):
(JSC::arrayProtoFuncKeys):
- runtime/CommonSlowPaths.cpp:
(JSC::SLOW_PATH_DECL):
- runtime/ExceptionHelpers.cpp:
- runtime/JSCJSValue.cpp:
(JSC::JSValue::toObjectSlowCase):
(JSC::JSValue::toThisSlowCase):
(JSC::JSValue::synthesizePrototype):
(JSC::JSValue::putToPrimitive):
(JSC::JSValue::putToPrimitiveByIndex):
- runtime/JSCJSValueInlines.h:
(JSC::JSValue::getPropertySlot):
(JSC::JSValue::get):
- runtime/JSFunction.cpp:
- runtime/JSGlobalObjectFunctions.cpp:
(JSC::globalFuncProtoGetter):
- runtime/JSNotAnObject.cpp: Removed.
- runtime/JSNotAnObject.h: Removed.
- runtime/ObjectConstructor.cpp:
(JSC::objectConstructorDefineProperties):
(JSC::objectConstructorCreate):
- runtime/ObjectPrototype.cpp:
(JSC::objectProtoFuncValueOf):
(JSC::objectProtoFuncHasOwnProperty):
(JSC::objectProtoFuncIsPrototypeOf):
(JSC::objectProtoFuncToString):
- runtime/VM.cpp:
(JSC::VM::VM):
- runtime/VM.h:
Source/WebCore:
No new tests because this issue is covered by existing tests when the fix for
https://bugs.webkit.org/show_bug.cgi?id=154865 lands. That patch is waiting for
this patch to land first so as to not introduce test failures.
- Modules/plugins/QuickTimePluginReplacement.mm:
(WebCore::QuickTimePluginReplacement::installReplacement):
- bindings/js/JSDeviceMotionEventCustom.cpp:
(WebCore::readAccelerationArgument):
(WebCore::readRotationRateArgument):
- bindings/js/JSGeolocationCustom.cpp:
(WebCore::createPositionOptions):
- bindings/js/JSHTMLCanvasElementCustom.cpp:
(WebCore::get3DContextAttributes):
- bindings/scripts/CodeGeneratorJS.pm:
(GenerateConstructorDefinition):
- bindings/scripts/test/JS/JSTestEventConstructor.cpp:
(WebCore::JSTestEventConstructorConstructor::construct):
- contentextensions/ContentExtensionParser.cpp:
(WebCore::ContentExtensions::getTypeFlags):
- html/HTMLMediaElement.cpp:
(WebCore::setPageScaleFactorProperty):
(WebCore::HTMLMediaElement::didAddUserAgentShadowRoot):
(WebCore::HTMLMediaElement::getCurrentMediaControlsStatus):
- html/HTMLPlugInImageElement.cpp:
(WebCore::HTMLPlugInImageElement::didAddUserAgentShadowRoot):
- 12:53 PM Changeset in webkit [197793] by
-
- 21 edits1 add in trunk
Start moving to separated writable and executable mappings in the JIT
https://bugs.webkit.org/show_bug.cgi?id=155178
Reviewed by Filip Pizlo.
Source/JavaScriptCore:
Start moving to a separate writable and executable heap for the various
JITs.
As part of our work to harden the JIT against various attacks, we're
moving away from our current RWX heap and on to using separate RW and X
mappings. This means that simply leaking the location of the executable
mapping is not sufficient to compromise JSC, so we can continue to
use direct executable pointers in our GC objects (which we need for
performance), but keep the writable pointer in only a single location
so that we are less likely to leak the address. To further obscure the
address of the writable region we place it in an execute only region
of memory so that it is not possible to read the location from
anywhere. That means an attacker must have at least partial control
of PC (to call jitMemCopy) before they can start to attack the JIT.
This work is initially ARM64 only, as we use as the jitMemCopy is
currently specific to that platform's calling conventions and layout.
We're just landing it in the current form so that we can at least
ensure it doesn't regress.
- Configurations/FeatureDefines.xcconfig:
- assembler/ARM64Assembler.h:
(JSC::ARM64Assembler::ldp):
(JSC::ARM64Assembler::ldnp):
(JSC::ARM64Assembler::fillNops):
(JSC::ARM64Assembler::stp):
(JSC::ARM64Assembler::stnp):
(JSC::ARM64Assembler::replaceWithJump):
(JSC::ARM64Assembler::replaceWithLoad):
(JSC::ARM64Assembler::replaceWithAddressComputation):
(JSC::ARM64Assembler::setPointer):
(JSC::ARM64Assembler::repatchInt32):
(JSC::ARM64Assembler::repatchCompact):
(JSC::ARM64Assembler::linkJumpOrCall):
(JSC::ARM64Assembler::linkCompareAndBranch):
(JSC::ARM64Assembler::linkConditionalBranch):
(JSC::ARM64Assembler::linkTestAndBranch):
(JSC::ARM64Assembler::loadStoreRegisterPairOffset):
(JSC::ARM64Assembler::loadStoreRegisterPairNonTemporal):
- assembler/LinkBuffer.cpp:
(JSC::LinkBuffer::copyCompactAndLinkCode):
(JSC::LinkBuffer::allocate):
- assembler/LinkBuffer.h:
(JSC::LinkBuffer::LinkBuffer):
- assembler/MacroAssemblerARM64.h:
(JSC::MacroAssemblerARM64::sub64):
(JSC::MacroAssemblerARM64::load64):
(JSC::MacroAssemblerARM64::loadPair64):
(JSC::MacroAssemblerARM64::loadPair64WithNonTemporalAccess):
(JSC::MacroAssemblerARM64::load8):
(JSC::MacroAssemblerARM64::store64):
(JSC::MacroAssemblerARM64::storePair64):
(JSC::MacroAssemblerARM64::storePair64WithNonTemporalAccess):
(JSC::MacroAssemblerARM64::store8):
(JSC::MacroAssemblerARM64::branchAdd64):
(JSC::MacroAssemblerARM64::branchSub64):
- jit/ExecutableAllocator.h:
(JSC::performJITMemcpy):
- jit/ExecutableAllocatorFixedVMPool.cpp:
(JSC::FixedVMPoolExecutableAllocator::FixedVMPoolExecutableAllocator):
(JSC::FixedVMPoolExecutableAllocator::initializeBulletproofJIT):
(JSC::FixedVMPoolExecutableAllocator::jitWriteThunkGenerator):
- runtime/Options.cpp:
(JSC::recomputeDependentOptions):
- runtime/Options.h:
Source/WebCore:
Update feature defines.
- Configurations/FeatureDefines.xcconfig:
Source/WebKit/mac:
Update feature defines.
- Configurations/FeatureDefines.xcconfig:
Source/WebKit2:
Update feature defines.
- Configurations/FeatureDefines.xcconfig:
Source/WTF:
Update feature defines.
- wtf/FeatureDefines.h:
- wtf/Platform.h: ARM64 for now.
Tools:
Making run-jsc-benchmarks slightly happier on my machine.
- Scripts/run-jsc-benchmarks:
- 12:35 PM Changeset in webkit [197792] by
-
- 9 edits2 deletes in trunk
Unreviewed, rolling out r197766.
https://bugs.webkit.org/show_bug.cgi?id=155183
Has platform-specific code in non-platform files (Requested by
smfr on #webkit).
Reverted changeset:
"AX: Force allow user zoom"
https://bugs.webkit.org/show_bug.cgi?id=155056
http://trac.webkit.org/changeset/197766
- 12:26 PM Changeset in webkit [197791] by
-
- 18 edits in trunk/Source/WebKit/mac
Ignore deprecation warnings.
- Misc/WebNSEventExtras.m:
(-[NSEvent _web_isKeyEvent:]):
(-[NSEvent _web_isOptionTabKeyEvent]):
- Misc/WebNSViewExtras.m:
(-[NSView _web_dragShouldBeginFromMouseDown:withExpiration:xHysteresis:yHysteresis:]):
- Plugins/Hosted/NetscapePluginHostProxy.mm:
(WebKit::NetscapePluginHostProxy::beginModal):
- Plugins/Hosted/NetscapePluginInstanceProxy.mm:
(WebKit::NetscapePluginInstanceProxy::syntheticKeyDownWithCommandModifier):
- Plugins/Hosted/WebHostedNetscapePluginView.mm:
(-[WebHostedNetscapePluginView drawRect:]):
- Plugins/WebNetscapePluginEventHandlerCocoa.mm:
(WebNetscapePluginEventHandlerCocoa::syntheticKeyDownWithCommandModifier):
- WebCoreSupport/PopupMenuMac.mm:
(PopupMenuMac::populate):
(PopupMenuMac::show):
- WebCoreSupport/WebContextMenuClient.mm:
(WebContextMenuClient::showContextMenu):
- WebCoreSupport/WebFrameLoaderClient.mm:
(WebFrameLoaderClient::actionDictionary):
- WebCoreSupport/WebInspectorClient.mm:
(WebInspectorFrontendClient::canAttach):
(-[WebInspectorWindowController window]):
- WebInspector/WebNodeHighlight.mm:
(-[WebNodeHighlight initWithTargetView:inspectorController:]):
- WebView/WebFrameView.mm:
(-[WebFrameView keyDown:keyDown:]):
- WebView/WebFullScreenController.mm:
(-[WebFullScreenController init]):
(createBackgroundFullscreenWindow):
- WebView/WebHTMLView.mm:
(-[WebHTMLView _postFakeMouseMovedEventForFlagsChangedEvent:]):
(-[WebHTMLView _setMouseDownEvent:_setMouseDownEvent:]):
(isQuickLookEvent):
(-[WebHTMLView hitTest:]):
(-[WebHTMLView _sendToolTipMouseExited]):
(-[WebHTMLView _sendToolTipMouseEntered]):
(mouseEventIsPartOfClickOrDrag):
(-[WebHTMLView _updateMouseoverWithEvent:]):
(-[WebHTMLView acceptsFirstResponder]):
(-[WebHTMLView viewDidMoveToWindow]):
(currentKeyboardEvent):
(-[WebHTMLView _handleStyleKeyEquivalent:]):
(-[WebHTMLView _interpretKeyEvent:savingCommands:]):
- WebView/WebPDFView.mm:
(-[WebPDFView hitTest:]):
(-[WebPDFView PDFViewWillClickOnLink:withURL:]):
(-[WebPDFView _fakeKeyEventWithFunctionKey:]):
- WebView/WebTextCompletionController.mm:
(-[WebTextCompletionController _buildUI]):
(-[WebTextCompletionController _placePopupWindow:]):
- WebView/WebView.mm:
(-[WebView applicationFlags:]):
- 12:18 PM Changeset in webkit [197790] by
-
- 6 edits in trunk/Source/WebCore
Add an event for when touch force changes
https://bugs.webkit.org/show_bug.cgi?id=155143
-and corresponding-
rdar://problem/24068726
Reviewed by Darin Adler.
We will be able to test this once we fix the iOS touch tests.
This patch adds touchforcechange which is a lot like the iOS equivalent of
webkitmouseforcechanged. We had originally hoped to use touchmove to dispatch
force changes, but that turned out to be a compatibility nightmare.
- dom/EventNames.h:
(WebCore::EventNames::isTouchEventType):
(WebCore::EventNames::isWheelEventType):
(WebCore::EventNames::touchEventNames):
- dom/GlobalEventHandlers.idl:
- html/HTMLAttributeNames.in:
- html/HTMLElement.cpp:
(WebCore::HTMLElement::createEventHandlerNameMap):
- platform/PlatformEvent.h:
- 12:11 PM Changeset in webkit [197789] by
-
- 15 edits in trunk/Source/WebCore
Ignore deprecation warnings.
- editing/cocoa/HTMLConverter.mm:
(HTMLConverter::computedAttributesForElement):
(HTMLConverter::_addMarkersToList):
- page/mac/EventHandlerMac.mm:
(WebCore::EventHandler::keyEvent):
(WebCore::lastEventIsMouseUp):
(WebCore::EventHandler::passSubframeEventToSubframe):
(WebCore::EventHandler::passWheelEventToWidget):
(WebCore::EventHandler::sendFakeEventsAfterWidgetTracking):
- page/mac/TextIndicatorWindow.mm:
(WebCore::TextIndicatorWindow::setTextIndicator):
- platform/graphics/mac/IconMac.mm:
(WebCore::Icon::paint):
- platform/mac/CursorMac.mm:
(WebCore::createCustomCursor):
- platform/mac/DragImageMac.mm:
(WebCore::dissolveDragImageToFraction):
(WebCore::createDragImageFromImage):
- platform/mac/EventLoopMac.mm:
(WebCore::EventLoop::cycle):
- platform/mac/PasteboardMac.mm:
(WebCore::Pasteboard::setDragImage):
- platform/mac/PlatformEventFactoryMac.mm:
(WebCore::globalPointForEvent):
(WebCore::pointForEvent):
(WebCore::mouseButtonForEvent):
(WebCore::mouseEventTypeForEvent):
(WebCore::clickCountForEvent):
(WebCore::textFromEvent):
(WebCore::unmodifiedTextFromEvent):
(WebCore::keyIdentifierForKeyEvent):
(WebCore::isKeypadEvent):
(WebCore::windowsKeyCodeForKeyEvent):
(WebCore::isKeyUpEvent):
(WebCore::modifiersForEvent):
(WebCore::PlatformKeyboardEventBuilder::PlatformKeyboardEventBuilder):
- platform/mac/ScrollbarThemeMac.mm:
(WebCore::scrollbarControlSizeToNSControlSize):
- platform/mac/ThemeMac.mm:
(-[WebCoreThemeView window]):
(WebCore::controlSizeForFont):
(WebCore::controlSizeFromPixelSize):
(WebCore::setUpButtonCell):
(WebCore::stepperControlSizeForFont):
(WebCore::paintStepper):
(WebCore::ThemeMac::minimumControlSize):
- platform/mac/WebVideoFullscreenHUDWindowController.mm:
(-[WebVideoFullscreenHUDWindow initWithContentRect:styleMask:backing:defer:]):
(-[WebVideoFullscreenHUDWindow performKeyEquivalent:]):
(-[WebVideoFullscreenHUDWindowController init]):
(-[WebVideoFullscreenHUDWindowController keyDown:]):
(-[WebVideoFullscreenHUDWindowController windowDidLoad]):
- platform/mac/WebWindowAnimation.mm:
(WebWindowAnimationDurationFromDuration):
- rendering/RenderThemeMac.mm:
(WebCore::RenderThemeMac::updateCachedSystemFontDescription):
(WebCore::RenderThemeMac::controlSizeForFont):
(WebCore::RenderThemeMac::controlSizeForCell):
(WebCore::RenderThemeMac::controlSizeForSystemFont):
(WebCore::RenderThemeMac::paintProgressBar):
(WebCore::RenderThemeMac::popupMenuSize):
(WebCore::RenderThemeMac::sliderThumbHorizontal):
(WebCore::RenderThemeMac::sliderThumbVertical):
- 11:33 AM Changeset in webkit [197788] by
-
- 5 edits in trunk
Support iterating over an OptionSet and checking if it is empty
https://bugs.webkit.org/show_bug.cgi?id=154941
<rdar://problem/24964187>
Reviewed by Darin Adler.
Source/WTF:
Implements support for iterating over the enumerators in an OptionSet as well as
determining if the set is empty.
Iterating over an OptionSet is in Big Theta(N) where N is the number of items in
the set. More precisely, it is in Big Theta(log M) where M is the bitmask represented
by the bitwise OR-ing of all enumerators in the set.
- wtf/OptionSet.h: Added comment to describe the purpose of this class and its invariant -
the enumerators must be positive powers of two.
(WTF::OptionSet::Iterator::operator*): Returns the enumerator pointed to by the iterator.
(WTF::OptionSet::Iterator::operator++): Advance to the next smallest enumerator in the set.
(WTF::OptionSet::Iterator::operator==): Returns whether the iterator is equal to the specified iterator.
(WTF::OptionSet::Iterator::operator!=): Returns whether the iterator is not equal to the specified iterator.
(WTF::OptionSet::Iterator::Iterator): Added.
(WTF::OptionSet::fromRaw): Instantiate using specialized private constructor to allow
instantiation with a raw value of 0.
(WTF::OptionSet::OptionSet): Specialized constructor that asserts that the specified value
is a positive power of two. This variant is only compiled when assertions are enabled (i.e. !ASSERT_DISABLED).
(WTF::OptionSet::isEmpty): Returns whether the set is empty.
(WTF::OptionSet::begin): Returns an iterator to the enumerator with the smallest value in the set.
(WTF::OptionSet::end): Returns an iterator that represents the end sentinel of the set.
Tools:
Add tests to ensure that we do not regression both iteration of an OptionSet and
determining whether an OptionSet is empty.
- TestWebKitAPI/Test.h:
(TestWebKitAPI::Util::assertStrongEnum): Helper function to assert two strong enum type for equality.
- TestWebKitAPI/Tests/WTF/OptionSet.cpp:
(TestWebKitAPI::TEST):
- 11:32 AM Changeset in webkit [197787] by
-
- 5 edits in trunk/Source/WebKit2
Fix lifetime issues regarding WebVideoFullscreenInterfaceMac
https://bugs.webkit.org/show_bug.cgi?id=155130
Reviewed by Beth Dakin.
Now that both fullscreen and video controls manager rely on WebVideoFullscreenInterface,
we now keep track of a "client count" for each context ID so we'll only remove it
from the context map after all the "clients" are done with it.
Before this change, every time WebVideoFullscreenManager::setUpVideoControlsManager()
is called, the existing interface is cleared and a new one is created even when there's
an existing interface for that. With this change, we reuse the existing interface for
the video element.
- UIProcess/Cocoa/WebVideoFullscreenManagerProxy.h:
- UIProcess/Cocoa/WebVideoFullscreenManagerProxy.mm:
(WebKit::WebVideoFullscreenManagerProxy::invalidate):
Also clear out m_clientCounts.
(WebKit::WebVideoFullscreenManagerProxy::addClientForContext):
If the context ID is not in m_clientCounts yet, add the count of 1 to
that table for that ID. Otherwise, increment the count by 1.
(WebKit::WebVideoFullscreenManagerProxy::removeClientForContext):
Assert that we have added this context id to m_clientCounts before.
Decrement the count. If it reaches 0, remove this context ID from both
m_clientCounts and m_contextMap.
(WebKit::WebVideoFullscreenManagerProxy::setupFullscreenWithID):
We have started a new fullscreen session using this interface. Call
addClientForContext() to update the client count.
(WebKit::WebVideoFullscreenManagerProxy::setUpVideoControlsManagerWithID):
If the current controls manager set up has the same context ID as the one
passed in, we don't have to do anything. Otherwise, if we have set up
the video controls manager with a different ID before, call removeClientForContext()
on the old ID to decrement its client count. Set m_controlsManagerContextId
to the new value and call addClientForContext() with it.
(WebKit::WebVideoFullscreenManagerProxy::didCleanupFullscreen):
Instead of removing the mapping from m_contextMap directly, reset the fullscreen
mode on the interface and call removeClientForContext(), which removes the mapping
only if there's no more client using the interface.
- WebProcess/cocoa/WebVideoFullscreenManager.h:
- WebProcess/cocoa/WebVideoFullscreenManager.mm:
(WebKit::WebVideoFullscreenManager::~WebVideoFullscreenManager):
Clear m_clientCounts.
(WebKit::WebVideoFullscreenManager::removeContext):
Add a helper method for removing the context.
(WebKit::WebVideoFullscreenManager::addClientForContext):
If the context ID is not in m_clientCounts yet, add the count of 1 to
that table for that ID. Otherwise, increment the count by 1.
(WebKit::WebVideoFullscreenManager::removeClientForContext):
Assert that we have added this context id to m_clientCounts before.
Decrement the count. If it reaches 0, remove this context ID from
m_clientCounts and call removeContext() to clean up this context.
(WebKit::WebVideoFullscreenManager::enterVideoFullscreenForVideoElement):
We have started a new fullscreen session using this interface. Call
addClientForContext() to update the client count. Create a layer hosting
context if it's not there.
(WebKit::WebVideoFullscreenManager::setUpVideoControlsManager):
If we have set up a context for this video element before, see if it's
the one we are currently managing video controls for. If it is, return early.
Otherwise, call removeClientForContext() on the previous m_controlsManagerContextId
and update m_controlsManagerContextId to the context ID of this video element.
If there's no context created for this video element yet, set one up.
Send a SetUpVideoControlsManagerWithID message to the proxy object in the UI process
so it'll update its controls manager context ID. Also, conditionalize all of this
under PLATFORM(MAC) to be consistent with WebVideoFullscreenManagerProxy.
(WebKit::WebVideoFullscreenManager::didCleanupFullscreen):
Just reset the fullscreen mode on the interface and call removeClientForContext() which
only cleans up the context if there's no more client using it.
- 11:02 AM Changeset in webkit [197786] by
-
- 2 edits in trunk/LayoutTests
Skip svg/animations/animate-marker-orient-from-angle-to-autostartreverse.html on ios-simulator
https://bugs.webkit.org/show_bug.cgi?id=155174
Unreviewed test gardening.
- platform/ios-simulator/TestExpectations:
- 10:58 AM Changeset in webkit [197785] by
-
- 2 edits in trunk/Source/WebCore
Unreviewed attempt to fix the 32bit build after r197782.
- platform/MemoryPressureHandler.cpp:
(WebCore::MemoryPressureHandler::ReliefLogger::logMemoryUsageChange):
- 10:57 AM Changeset in webkit [197784] by
-
- 3 edits2 adds in trunk
Scrolling does not work when the mouse down is handled by a node
https://bugs.webkit.org/show_bug.cgi?id=19033
Reviewed by Simon Fraser.
Source/WebCore:
Test: fast/events/prevent-default-prevents-interaction-with-scrollbars-.html
When a mouse press/down event happens on a scrollbar area, but event
is default prevented in the document level, for example, event does not get
properly passed to scrollbars, although it should.
Problem started long ago with r17770, and was improved with r19596.
However, years later, the way Scrollbar* is obtained is still currently different
weither event is default prevented or not.
Patch uniforms the logic for both cases, and fixes the bug.
Note: code before used to look like
if (swallowEvent) {
<code>
} else {
<bleh>
<foo>
}
.. and now looks like
if (!swallowEvent)
<bleh>
<code>
if (!swallowEvent)
<foo>
e.g. document.addEventListener('mousedown', function (e) { e.preventDefault(); });
- page/EventHandler.cpp:
(WebCore::scrollbarForMouseEvent):
(WebCore::EventHandler::handleMousePressEvent):
LayoutTests:
- fast/events/prevent-default-prevents-interaction-with-scrollbars-expected.txt: Added.
- fast/events/prevent-default-prevents-interaction-with-scrollbars.html: Added.
- 10:54 AM Changeset in webkit [197783] by
-
- 1 edit in trunk/Tools/Scripts/webkitpy/common/config/contributors.json
Unreviewed. Move myself to the reviewers list.
- Scripts/webkitpy/common/config/contributors.json:
- 10:51 AM Changeset in webkit [197782] by
-
- 2 edits in trunk/Source/WebCore
Unreviewed Windows build fix after r197728.
- platform/MemoryPressureHandler.cpp:
(WebCore::MemoryPressureHandler::ReliefLogger::logMemoryUsageChange):
- 10:35 AM Changeset in webkit [197781] by
-
- 10 edits3 moves3 adds in trunk
[ES6] Regular Expression canonicalization tables for Unicode need to be updated to use Unicode CaseFolding.txt
https://bugs.webkit.org/show_bug.cgi?id=155114
Reviewed by Darin Adler.
Source/JavaScriptCore:
Extracted out the Unicode canonicalization table creation from
YarrCanonicalizeUnicode.js into a new Python script, generateYarrCanonicalizeUnicode.
That script generates the Unicode tables as the file YarrCanonicalizeUnicode.cpp in
DerivedSources/JavaScriptCore.
Updated the processing of ignore case to make the ASCII short cuts dependent on whether
or not we are a Unicode pattern.
Renamed yarr/YarrCanonicalizeUnicode.{cpp,js} back to their prior names,
YarrCanonicalizeUCS2.{cpp,js}.
Renamed yarr/YarrCanonicalizeUnicode.h to YarrCanonicalize.h as it declares both the
legacy UCS2 and Unicode tables.
- CMakeLists.txt:
- DerivedSources.make:
- JavaScriptCore.xcodeproj/project.pbxproj:
- generateYarrCanonicalizeUnicode: Added.
- ucd: Added.
- ucd/CaseFolding.txt: Added. The current verion, 8.0, of the Unicode CaseFolding table.
- yarr/YarrCanonicalizeUCS2.cpp: Copied from Source/JavaScriptCore/yarr/YarrCanonicalizeUnicode.cpp.
- yarr/YarrCanonicalize.h: Copied from Source/JavaScriptCore/yarr/YarrCanonicalizeUnicode.h.
- yarr/YarrCanonicalizeUCS2.js: Copied from Source/JavaScriptCore/yarr/YarrCanonicalizeUnicode.js.
(printHeader):
- yarr/YarrCanonicalizeUnicode.cpp: Removed.
- yarr/YarrCanonicalizeUnicode.h: Removed.
- yarr/YarrCanonicalizeUnicode.js: Removed.
- yarr/YarrInterpreter.cpp:
(JSC::Yarr::Interpreter::tryConsumeBackReference):
- yarr/YarrJIT.cpp:
- yarr/YarrPattern.cpp:
(JSC::Yarr::CharacterClassConstructor::putChar):
LayoutTests:
Updated test cases.
- js/regexp-unicode-expected.txt:
- js/script-tests/regexp-unicode.js:
- 10:19 AM Changeset in webkit [197780] by
-
- 3 edits2 deletes in trunk
Unreviewed, rolling out r197765.
https://bugs.webkit.org/show_bug.cgi?id=155172
The test added with this change is failing on all platforms.
(Requested by ryanhaddad on #webkit).
Reverted changeset:
"ImageDocuments leak their world."
https://bugs.webkit.org/show_bug.cgi?id=155167
http://trac.webkit.org/changeset/197765
Patch by Commit Queue <commit-queue@webkit.org> on 2016-03-08
- 10:11 AM Changeset in webkit [197779] by
-
- 21 edits in trunk/Source/WebCore
Make Element const in ElementRuleCollector
https://bugs.webkit.org/show_bug.cgi?id=155170
Reviewed by Andreas Kling.
More const.
- css/ElementRuleCollector.cpp:
(WebCore::ElementRuleCollector::ElementRuleCollector):
(WebCore::ElementRuleCollector::matchAllRules):
- css/ElementRuleCollector.h:
- css/SelectorChecker.cpp:
(WebCore::SelectorChecker::checkOne):
(WebCore::SelectorChecker::matchesFocusPseudoClass):
- cssjit/SelectorCompiler.cpp:
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateAddStyleRelationIfResolvingStyle):
(WebCore::SelectorCompiler::addStyleRelationFunction):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateContextFunctionCallTest):
(WebCore::SelectorCompiler::elementIsActive):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsFirstChild):
(WebCore::SelectorCompiler::elementIsHovered):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsOnlyChild):
(WebCore::SelectorCompiler::makeContextStyleUniqueIfNecessaryAndTestIsPlaceholderShown):
(WebCore::SelectorCompiler::isPlaceholderShown):
- cssjit/SelectorCompiler.h:
- dom/StyledElement.h:
(WebCore::StyledElement::additionalPresentationAttributeStyle):
(WebCore::StyledElement::inlineStyle):
(WebCore::StyledElement::collectStyleForPresentationAttribute):
(WebCore::StyledElement::invalidateStyleAttribute):
(WebCore::StyledElement::presentationAttributeStyle):
- html/HTMLTableCellElement.cpp:
(WebCore::HTMLTableCellElement::parseAttribute):
(WebCore::HTMLTableCellElement::additionalPresentationAttributeStyle):
- html/HTMLTableCellElement.h:
- html/HTMLTableColElement.cpp:
(WebCore::HTMLTableColElement::parseAttribute):
(WebCore::HTMLTableColElement::additionalPresentationAttributeStyle):
- html/HTMLTableColElement.h:
- html/HTMLTableElement.cpp:
(WebCore::leakBorderStyle):
(WebCore::HTMLTableElement::additionalPresentationAttributeStyle):
- html/HTMLTableElement.h:
- html/HTMLTableSectionElement.cpp:
(WebCore::HTMLTableSectionElement::create):
(WebCore::HTMLTableSectionElement::additionalPresentationAttributeStyle):
- html/HTMLTableSectionElement.h:
- inspector/InspectorCSSAgent.cpp:
(WebCore::InspectorCSSAgent::didUnregisterNamedFlowContentElement):
(WebCore::InspectorCSSAgent::forcePseudoState):
- inspector/InspectorCSSAgent.h:
- inspector/InspectorDOMAgent.cpp:
(WebCore::InspectorDOMAgent::pushNodePathToFrontend):
(WebCore::InspectorDOMAgent::boundNodeId):
(WebCore::InspectorDOMAgent::backendNodeIdForNode):
- inspector/InspectorDOMAgent.h:
- inspector/InspectorInstrumentation.cpp:
(WebCore::InspectorInstrumentation::handleMousePressImpl):
(WebCore::InspectorInstrumentation::forcePseudoStateImpl):
- inspector/InspectorInstrumentation.h:
(WebCore::InspectorInstrumentation::handleMousePress):
(WebCore::InspectorInstrumentation::forcePseudoState):
- 10:09 AM Changeset in webkit [197778] by
-
- 5 edits1 copy in trunk/Source/WebCore
[Fetch API] Commonalize handling of FetchBody by FetchRequest and FetchResponse
https://bugs.webkit.org/show_bug.cgi?id=154959
Reviewed by Darin Adler.
Introducing FetchBodyOwner class as base class of FetchRequest and FetchResponse.
This class is an ActiveDOMObject and is responsible of handling the Body API implemented by Request and Response.
Covered by existing tests.
- Modules/fetch/FetchBodyOwner.h: Added.
(WebCore::FetchBodyOwner::isDisturbed):
(WebCore::FetchBodyOwner::arrayBuffer):
(WebCore::FetchBodyOwner::formData):
(WebCore::FetchBodyOwner::blob):
(WebCore::FetchBodyOwner::json):
(WebCore::FetchBodyOwner::text):
(WebCore::FetchBodyOwner::body):
(WebCore::FetchBodyOwner::FetchBodyOwner):
- Modules/fetch/FetchRequest.h:
(WebCore::FetchRequest::FetchRequest):
- Modules/fetch/FetchResponse.cpp:
(WebCore::FetchResponse::FetchResponse):
- Modules/fetch/FetchResponse.h:
- WebCore.xcodeproj/project.pbxproj:
- 10:06 AM Changeset in webkit [197777] by
-
- 2 edits in trunk/Source/WebCore
Unreviewed, fix 32-bit build after r197726.
Also, re-enable static_assert to check the ElementRareData size.
- dom/ElementRareData.cpp:
- 10:03 AM Changeset in webkit [197776] by
-
- 3 edits in trunk/LayoutTests
Rebaseline WPT reflection tests for ios-simulator after r197726
Unreviewed test gardening.
- platform/ios-simulator/imported/w3c/web-platform-tests/html/dom/reflection-embedded-expected.txt:
- platform/ios-simulator/imported/w3c/web-platform-tests/html/dom/reflection-forms-expected.txt:
- 9:59 AM Changeset in webkit [197775] by
-
- 2 edits in trunk/Tools
Add debug iOS Simulator bots to the dashboard
https://bugs.webkit.org/show_bug.cgi?id=155157
Reviewed by Darin Adler.
- BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/WebKitBuildbot.js:
- 9:57 AM Changeset in webkit [197774] by
-
- 2 edits in trunk/Source/JavaScriptCore
WeakBlock::visit() should check for a WeakHandleOwner before consulting mark bits.
<https://webkit.org/b/155154>
Reviewed by Darin Adler.
Reorder the checks in WeakBlock::visit() so we don't look at the mark bits in MarkedBlock
unless the current WeakImpl has a WeakHandleOwner we need to consult.
I was originally hoping to make an optimization that could skip over entire WeakBlocks
if they didn't have a single WeakHandleOwner, but it turns out that scenario is not as
common as I suspected.
- heap/WeakBlock.cpp:
(JSC::WeakBlock::visit):
- 9:55 AM Changeset in webkit [197773] by
-
- 4 edits in trunk/Source/WebKit2
Web Inspector: Add automation protocol methods for navigation
https://bugs.webkit.org/show_bug.cgi?id=155163
rdar://problem/25029054
Reviewed by Darin Adler.
- UIProcess/Automation/Automation.json:
- UIProcess/Automation/WebAutomationSession.cpp:
(WebKit::WebAutomationSession::getBrowsingContexts): Set url.
(WebKit::WebAutomationSession::getBrowsingContext): Added.
(WebKit::WebAutomationSession::navigateBrowsingContext): Added.
(WebKit::WebAutomationSession::goBackInBrowsingContext): Added.
(WebKit::WebAutomationSession::goForwardInBrowsingContext): Added.
(WebKit::WebAutomationSession::reloadBrowsingContext): Added.
- UIProcess/Automation/WebAutomationSession.h:
- 9:41 AM Changeset in webkit [197772] by
-
- 7 edits1 delete in trunk/Source/bmalloc
Unreviewed, rolling out r197722.
https://bugs.webkit.org/show_bug.cgi?id=155171
This change caused 800+ JSC test failures (Requested by
ryanhaddad on #webkit).
Reverted changeset:
"bmalloc: Use List<T> instead of Vector<T> in some places"
https://bugs.webkit.org/show_bug.cgi?id=155150
http://trac.webkit.org/changeset/197722
Patch by Commit Queue <commit-queue@webkit.org> on 2016-03-08
- 9:39 AM Changeset in webkit [197771] by
-
- 2 edits in trunk/Source/WebCore
Unreviewed test fix after r197721.
https://bugs.webkit.org/show_bug.cgi?id=155120
<rdar://problem/25010167>
If a WK1 client turns on the "Resource Load Statistics" debug flag, but
does not supply a data modification handler, we dereference a null function.
- loader/ResourceLoadStatisticsStore.cpp:
(WebCore::ResourceLoadStatisticsStore::fireDataModificationHandler): Check
for nullptr function before invoking it.
- 9:25 AM Changeset in webkit [197770] by
-
- 2 edits in trunk/Source/WebCore
Unreviewed, temporarily comment out static_assert while I investigate.
It still did not build on some platforms.
- dom/ElementRareData.cpp:
- 9:17 AM Changeset in webkit [197769] by
-
- 2 edits in trunk/Source/WebCore
Unreviewed, another build fix after r197726.
- dom/ElementRareData.cpp:
- 9:11 AM Changeset in webkit [197768] by
-
- 2 edits in trunk/Source/WebCore
Unreviewed Windows build fix after r197728.
- platform/MemoryPressureHandler.cpp:
- 9:06 AM Changeset in webkit [197767] by
-
- 2 edits in trunk/Source/WebCore
Unreviewed build fix after r197726.
- dom/ElementRareData.cpp:
- 8:13 AM Changeset in webkit [197766] by
-
- 9 edits2 adds in trunk
AX: Force allow user zoom
https://bugs.webkit.org/show_bug.cgi?id=155056
Reviewed by Chris Fleizach.
Source/WebCore:
Override the maximum scale factor when forceAlwaysUserScalable is true.
Test: accessibility/ios-simulator/force-user-scalable.html
- page/ViewportConfiguration.h:
(WebCore::ViewportConfiguration::maximumScale):
- testing/Internals.cpp:
(WebCore::Internals::composedTreeAsText):
(WebCore::Internals::setViewportForceAlwaysUserScalable):
(WebCore::Internals::viewportConfigurationMaximumScale):
- testing/Internals.h:
- testing/Internals.idl:
Source/WebKit2:
Soft linked libAccessibility library so that we can observe the accessibility
setting change for the force always user scalable feature.
- WebProcess/WebPage/WebPage.cpp:
(WebKit::forceAlwaysUserScalableChangedCallback):
(WebKit::WebPage::create):
(WebKit::m_shouldDispatchFakeMouseMoveEvents):
(WebKit::WebPage::~WebPage):
(WebKit::WebPage::preferencesDidChange):
(WebKit::WebPage::updateForceAlwaysUserScalable):
(WebKit::WebPage::updatePreferences):
- WebProcess/WebPage/WebPage.h:
LayoutTests:
- accessibility/ios-simulator/force-user-scalable-expected.txt: Added.
- accessibility/ios-simulator/force-user-scalable.html: Added.
- 7:14 AM Changeset in webkit [197765] by
-
- 3 edits2 adds in trunk
ImageDocuments leak their world.
<https://webkit.org/b/155167>
<rdar://problem/24987363>
Reviewed by Antti Koivisto.
Source/WebCore:
ImageDocument uses a special code path in ImageLoader in order to manually
control how the image is loaded. It has to do this because the ImageDocument
is really just a synthetic wrapper around a main resource that's an image.
This custom loading code had a bug where it would create a new CachedImage
and neglect to set its CachedResource::m_state flag to Pending (which is
normally set by CachedResource::load(), but we don't call that for these.)
This meant that when ImageDocument called CachedImage::finishLoading() to
trigger the notifyFinished() callback path, the image would look at its
loading state and see that it was Unknown (not Pending), and conclude that
it hadn't loaded yet. So we never got the notifyFinished() signal.
The world leaks here because ImageLoader slaps a ref on its <img> element
while it waits for the loading operation to complete. Once finished, whether
successfully or with an error, it derefs the <img>.
Since we never fired notifyFinished(), we ended up with an extra ref on
these <img> forever, and then the element kept its document alive too.
Test: fast/dom/ImageDocument-world-leak.html
- loader/ImageLoader.cpp:
(WebCore::ImageLoader::updateFromElement):
LayoutTests:
Made a little test that loads an image into an <iframe> 10 times and then
triggers a garbage collection and checks that all the documents got destroyed.
Prior to this change, all 10 ImageDocuments would remain alive at the end.
- fast/dom/ImageDocument-world-leak-expected.txt: Added.
- fast/dom/ImageDocument-world-leak.html: Added.
- 6:59 AM Changeset in webkit [197764] by
-
- 30 edits2 adds in trunk/Source/WebCore
ElementRuleCollector should not mutate document and style
https://bugs.webkit.org/show_bug.cgi?id=155113
Reviewed by Andreas Kling.
Move applying of style relations out of ElementRuleCollector and StyleResolver.
This gets us closer to making StyleResolver const for Element.
- CMakeLists.txt:
- WebCore.xcodeproj/project.pbxproj:
- css/ElementRuleCollector.cpp:
(WebCore::ElementRuleCollector::ElementRuleCollector):
No need for style parameter anymore.
(WebCore::ElementRuleCollector::collectMatchingRules):
(WebCore::ElementRuleCollector::sortAndTransferMatchedRules):
(WebCore::ElementRuleCollector::ruleMatches):
Client will now do the style and element mutations. Just collect the data here.
(WebCore::ElementRuleCollector::collectMatchingRulesForList):
(WebCore::ElementRuleCollector::commitStyleRelations): Deleted.
Moves to StyleRelations.cpp
- css/ElementRuleCollector.h:
(WebCore::ElementRuleCollector::hasMatchedRules):
(WebCore::ElementRuleCollector::matchedPseudoElementIds):
(WebCore::ElementRuleCollector::styleRelations):
(WebCore::ElementRuleCollector::didMatchUncommonAttributeSelector):
- css/MediaQueryMatcher.cpp:
(WebCore::MediaQueryMatcher::prepareEvaluator):
(WebCore::MediaQueryMatcher::evaluate):
- css/SelectorChecker.cpp:
(WebCore::addStyleRelation):
(WebCore::isFirstChildElement):
(WebCore::isFirstOfType):
(WebCore::countElementsBefore):
(WebCore::countElementsOfTypeBefore):
(WebCore::SelectorChecker::matchRecursively):
(WebCore::SelectorChecker::checkOne):
- css/SelectorChecker.h:
(WebCore::SelectorChecker::CheckingContext::CheckingContext):
- css/StyleMedia.cpp:
(WebCore::StyleMedia::matchMedium):
- css/StyleResolver.cpp:
(WebCore::StyleResolver::StyleResolver):
(WebCore::isAtShadowBoundary):
(WebCore::StyleResolver::styleForElement):
Apply the style relations affecting current style immediately.
Pass the rest to the client.
(WebCore::StyleResolver::styleForKeyframe):
(WebCore::StyleResolver::pseudoStyleForElement):
(WebCore::StyleResolver::pseudoStyleRulesForElement):
- css/StyleResolver.h:
(WebCore::ElementStyle::ElementStyle):
- cssjit/SelectorCompiler.cpp:
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateAddStyleRelationIfResolvingStyle):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateAddStyleRelation):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateSelectorCheckerExcludingPseudoElements):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateDirectAdjacentTreeWalker):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateIndirectAdjacentTreeWalker):
(WebCore::SelectorCompiler::addStyleRelationFunction):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsActive):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsEmpty):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsFirstChild):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsHovered):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsLastChild):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsOnlyChild):
(WebCore::SelectorCompiler::makeContextStyleUniqueIfNecessaryAndTestIsPlaceholderShown):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsNthChild):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsNthChildOf):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsNthLastChild):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsNthLastChildOf):
- dom/Document.cpp:
(WebCore::Document::styleForElementIgnoringPendingStylesheets):
Apply style relations.
(WebCore::Document::updateLayoutIfDimensionsOutOfDate):
- dom/Element.cpp:
(WebCore::Element::styleResolver):
(WebCore::Element::resolveStyle):
(WebCore::Element::didDetachRenderers):
(WebCore::Element::resolveCustomStyle):
Return ElementStyle (which contains style relations along with the render style).
Rename for consistency.
(WebCore::Element::cloneAttributesFromElement):
(WebCore::Element::customStyleForRenderer): Deleted.
- dom/Element.h:
(WebCore::Element::isVisibleInViewportChanged):
- dom/PseudoElement.cpp:
(WebCore::PseudoElement::clearHostElement):
(WebCore::PseudoElement::resolveCustomStyle):
(WebCore::PseudoElement::didAttachRenderers):
(WebCore::PseudoElement::customStyleForRenderer): Deleted.
- dom/PseudoElement.h:
- html/HTMLTitleElement.cpp:
(WebCore::HTMLTitleElement::computedTextWithDirection):
- html/shadow/SliderThumbElement.cpp:
(WebCore::SliderThumbElement::hostInput):
(WebCore::SliderThumbElement::resolveCustomStyle):
(WebCore::SliderThumbElement::shadowPseudoId):
(WebCore::SliderContainerElement::createElementRenderer):
(WebCore::SliderContainerElement::resolveCustomStyle):
(WebCore::SliderContainerElement::shadowPseudoId):
(WebCore::SliderThumbElement::customStyleForRenderer): Deleted.
(WebCore::SliderContainerElement::customStyleForRenderer): Deleted.
- html/shadow/SliderThumbElement.h:
- html/shadow/TextControlInnerElements.cpp:
(WebCore::TextControlInnerElement::create):
(WebCore::TextControlInnerElement::resolveCustomStyle):
(WebCore::TextControlInnerTextElement::renderer):
(WebCore::TextControlInnerTextElement::resolveCustomStyle):
(WebCore::TextControlPlaceholderElement::TextControlPlaceholderElement):
(WebCore::TextControlPlaceholderElement::resolveCustomStyle):
(WebCore::TextControlInnerElement::customStyleForRenderer): Deleted.
(WebCore::TextControlInnerTextElement::customStyleForRenderer): Deleted.
(WebCore::TextControlPlaceholderElement::customStyleForRenderer): Deleted.
- html/shadow/TextControlInnerElements.h:
- rendering/RenderElement.cpp:
(WebCore::RenderElement::getUncachedPseudoStyle):
- rendering/RenderNamedFlowFragment.cpp:
(WebCore::RenderNamedFlowFragment::computeStyleInRegion):
(WebCore::RenderNamedFlowFragment::computeChildrenStyleInRegion):
- style/StyleRelations.cpp: Added.
(WebCore::Style::commitRelationsToRenderStyle):
Commit relations affecting style that is being computed.
(WebCore::Style::commitRelationsToDocument):
Commit relations that mutate document.
- style/StyleRelations.h: Added.
Factor style relation data structures and functions to a file of their own.
(WebCore::Style::Relation::Relation):
- style/StyleSharingResolver.cpp:
(WebCore::Style::SharingResolver::styleSharingCandidateMatchesRuleSet):
- style/StyleTreeResolver.cpp:
(WebCore::Style::TreeResolver::styleForElement):
Apply style relations.
- style/StyleTreeResolver.h:
- svg/SVGElement.cpp:
(WebCore::SVGElement::synchronizeSystemLanguage):
(WebCore::SVGElement::resolveCustomStyle):
(WebCore::SVGElement::customStyleForRenderer): Deleted.
- svg/SVGElement.h:
- svg/SVGElementRareData.h:
(WebCore::SVGElementRareData::overrideComputedStyle):
- 6:50 AM Changeset in webkit [197763] by
-
- 5 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore
Merge r197546 - [JSC] Add support for MADD, MSUB and MNEG to Air
https://bugs.webkit.org/show_bug.cgi?id=154997
Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-03-03
Reviewed by Filip Pizlo.
ARM64 can do an Add/Sub in the Multiply units.
LLVM was doing so but we lost that when switching to B3.
This patch adds those instructions in Air.
There are more ALUs than multiply units, thus we are more
likely to successfully schedule a Multiply+Add than 2 Multiply.
I am conservative and only emit a multiply-add if the value
can be interned. As far as I can tell from what is generated
by LLVM, that backend had the same rule.
- assembler/MacroAssemblerARM64.h:
(JSC::MacroAssemblerARM64::multiplyAdd32):
(JSC::MacroAssemblerARM64::multiplySub32):
(JSC::MacroAssemblerARM64::multiplyNeg32):
(JSC::MacroAssemblerARM64::multiplyAdd64):
(JSC::MacroAssemblerARM64::multiplySub64):
(JSC::MacroAssemblerARM64::multiplyNeg64):
- b3/B3LowerToAir.cpp:
(JSC::B3::Air::LowerToAir::lower):
- b3/air/AirOpcode.opcodes:
- b3/testb3.cpp:
(JSC::B3::populateWithInterestingValues):
(JSC::B3::floatingPointOperands):
(JSC::B3::int64Operands):
(JSC::B3::int32Operands):
(JSC::B3::testMulAddArgsLeft):
(JSC::B3::testMulAddArgsRight):
(JSC::B3::testMulAddArgsLeft32):
(JSC::B3::testMulAddArgsRight32):
(JSC::B3::testMulSubArgsLeft):
(JSC::B3::testMulSubArgsRight):
(JSC::B3::testMulSubArgsLeft32):
(JSC::B3::testMulSubArgsRight32):
(JSC::B3::testMulNegArgs):
(JSC::B3::testMulNegArgs32):
(JSC::B3::run):
- 6:28 AM Changeset in webkit [197762] by
-
- 16 edits2 copies2 adds in releases/WebKitGTK/webkit-2.12/Source/bmalloc
Merge r197545 - Unreviewed, rolling in r197174.
https://bugs.webkit.org/show_bug.cgi?id=154762
The right calculation for alignment is actually:
vmAlignment - getpagesize() + vmSize
instead of:
vmAlignment - vmPageSize + vmSize
The vmPageSize might be larger than getpagesize().
Restored changeset:
"bmalloc: Added a fast XLarge allocator"
https://bugs.webkit.org/show_bug.cgi?id=154720
http://trac.webkit.org/changeset/197174
- 6:23 AM Changeset in webkit [197761] by
-
- 4 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore
Merge r197542 - Octane/regexp's Exec function should benefit from array length accessor inlining
https://bugs.webkit.org/show_bug.cgi?id=154994
Reviewed by Benjamin Poulain.
It does:
var thingy = blahbitty.blah;
if (thingy)
foo = thingy.length;
So, 'thingy' is SpecArray | SpecOther, which prevents the array length accessor inlining from
kicking in. Our strategy for this elsewhere in the DFG is to allow a one-time speculation that
we won't see SpecOther, since *usually* we see SpecOther mixed with other stuff in cases like
this where there is some null check guarding the code.
This gives another slight speed-up on Octane/regexp.
- bytecode/SpeculatedType.h:
(JSC::isCellSpeculation):
(JSC::isCellOrOtherSpeculation):
(JSC::isNotCellSpeculation):
- dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
- dfg/DFGNode.h:
(JSC::DFG::Node::shouldSpeculateCell):
(JSC::DFG::Node::shouldSpeculateCellOrOther):
(JSC::DFG::Node::shouldSpeculateNotCell):
- 5:57 AM Changeset in webkit [197760] by
-
- 8 edits3 adds in releases/WebKitGTK/webkit-2.12
Merge r197520 - DFG should be able to compile StringReplace
https://bugs.webkit.org/show_bug.cgi?id=154979
Reviewed by Benjamin Poulain.
Source/JavaScriptCore:
Adds support for StringReplace to the DFG tier. This is a 3% speed-up on Octane/regexp.
- dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::handleIntrinsicCall):
- dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::speculateFinalObject):
(JSC::DFG::SpeculativeJIT::speculateRegExpObject):
(JSC::DFG::SpeculativeJIT::speculateObjectOrOther):
- dfg/DFGSpeculativeJIT.h:
(JSC::DFG::SpeculativeJIT::callOperation):
- dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
- dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
- jit/JITOperations.h:
LayoutTests:
Add a microbenchmark for a case of StringReplace that we hadn't covered with a microbenchmark
yet: using something absurd for the replace value. This is interesting for implementing the
32_64 version of StringReplace, which gets really weird in the absurd case because of how it
consumes the entire register file while making the call on x86-32.
- js/regress/script-tests/string-replace-generic.js: Added.
- js/regress/string-replace-generic-expected.txt: Added.
- js/regress/string-replace-generic.html: Added.
- 5:35 AM Changeset in webkit [197759] by
-
- 8 edits in releases/WebKitGTK/webkit-2.12/Source/WebCore
Merge r197506 - [TextureMapper] Use RGBA format for textures attached to framebuffers
https://bugs.webkit.org/show_bug.cgi?id=154965
Patch by Miguel Gomez <magomez@igalia.com> on 2016-03-03
Reviewed by Žan Doberšek.
Use RGBA format when allocating textures that will be used as framebuffer
attachments. This means adding a new flag to BitmapTexture and modifying
BitmapTextureGL to use the appropriate format according to the flag. Also,
BitmapTexturePool needs to use two vectors to handle both types of textures
separately, as we want to avoid constantly switching the format of a reused
texture.
No new tests since the behavior change is covered by existing tests.
- platform/graphics/texmap/BitmapTexture.h: Add new flag.
- platform/graphics/texmap/BitmapTextureGL.cpp:
(WebCore::BitmapTextureGL::BitmapTextureGL): Receive flags on constructor and use RGBA
when the FBOAttachment flag is enabled.
(WebCore::BitmapTextureGL::applyFilters): Use FBOAttachemt flag to request a texture.
- platform/graphics/texmap/BitmapTextureGL.h: Add flags to the constructor.
- platform/graphics/texmap/BitmapTexturePool.cpp: Add a new vector of textures to hold
those in RGBA format.
(WebCore::BitmapTexturePool::acquireTexture): Return a texture for the usage specified
in the incoming flags.
(WebCore::BitmapTexturePool::releaseUnusedTexturesTimerFired): Release textures from
both vectors.
(WebCore::BitmapTexturePool::createTexture): Pass the usage flag when creating a new
texture.
- platform/graphics/texmap/BitmapTexturePool.h: Add new texture vector and add flags to
the needed headers.
- platform/graphics/texmap/TextureMapper.cpp:
(WebCore::TextureMapper::acquireTextureFromPool): Pass the received flags to the BitmapTexturePool.
- platform/graphics/texmap/TextureMapperLayer.cpp:
(WebCore::TextureMapperLayer::paintIntoSurface): Use FBOAttachemt flag to request a texture.
- 5:31 AM Changeset in webkit [197758] by
-
- 7 edits1 add in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore
Merge r197492 - RegExpExec/RegExpTest should not unconditionally speculate cell
https://bugs.webkit.org/show_bug.cgi?id=154901
Reviewed by Benjamin Poulain.
This is a three part change. It all started with a simple goal: end the rage-recompiles in
Octane/regexp by enabling the DFG and FTL to do untyped RegExpExec/RegExpTest. This keeps us
in the optimized code when you do a regexp match on a number, for example.
While implementing this, I realized that DFGOperations.cpp was bad at exception checking. When
it did check for exceptions, it used exec->hadException() instead of vm.exception(). So I
fixed that. I also made sure that the regexp operations checked for exception after doing
toString().
Unfortunately, the introduction of untyped RegExpExec/RegExpTest caused a regression on
Octane/regexp. This was because we were simultaneously scheduling replacement and OSR compiles
of some large functions with the FTL JIT. The OSR compiles were not useful. This was a
regression from the previous changes to make OSR compiles happen sooner. The problem is that
this change also removed the throttling of OSR compiles even in those cases where we suspect
that replacement is more likely. This patch reintroduces that throttling, but only in the
replacement path.
This change ends up being neutral overall.
- dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
- dfg/DFGOperations.cpp:
- dfg/DFGOperations.h:
- dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
- dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
- ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileRegExpExec):
(JSC::FTL::DFG::LowerDFGToB3::compileRegExpTest):
(JSC::FTL::DFG::LowerDFGToB3::compileNewRegexp):
- tests/stress/regexp-exec-effect-after-exception.js: Added.
- 5:23 AM Changeset in webkit [197757] by
-
- 3 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore
Merge r197491 - [JSC] JSCell_freeListNext and JSCell_structureID are considered not overlapping
https://bugs.webkit.org/show_bug.cgi?id=154947
Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-03-02
Reviewed by Filip Pizlo.
This bug was discovered while testing https://bugs.webkit.org/show_bug.cgi?id=154894.
The problem was that JSCell_freeListNext and JSCell_structureID were
considered as disjoint. When reordering instructions, the scheduler
could move the write of the StructureID first to reduce dependencies.
This would erase half of JSCell_freeListNext before we get a chance
to load the value.
This patch changes the hierarchy to make sure nothing is written
until JSCell_freeListNext is processed.
All credits for this patch go to Filip.
- ftl/FTLAbstractHeapRepository.cpp:
(JSC::FTL::AbstractHeapRepository::AbstractHeapRepository):
- ftl/FTLAbstractHeapRepository.h:
- 4:57 AM Changeset in webkit [197756] by
-
- 8 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore
Merge r197490 - [JSC] Improve Select of Doubles based on Double condition
https://bugs.webkit.org/show_bug.cgi?id=154572
Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-03-02
Reviewed by Filip Pizlo.
Octane has a bunch of Select on Double based on comparing Doubles.
A few nodes generate that: ValueRep, Min, Max, etc.
On ARM64, we can improve our code a lot. ARM can do a select
based on flags with the FCSEL instruction.
On x86, this patch adds aggressive aliasing for moveDoubleConditionallyXXX.
This has obviously a much more limited impact.
- assembler/MacroAssembler.h:
(JSC::MacroAssembler::moveDoubleConditionally32): Deleted.
(JSC::MacroAssembler::moveDoubleConditionally64): Deleted.
(JSC::MacroAssembler::moveDoubleConditionallyTest32): Deleted.
(JSC::MacroAssembler::moveDoubleConditionallyTest64): Deleted.
(JSC::MacroAssembler::moveDoubleConditionallyDouble): Deleted.
(JSC::MacroAssembler::moveDoubleConditionallyFloat): Deleted.
- assembler/MacroAssemblerARM64.h:
(JSC::MacroAssemblerARM64::moveDoubleConditionallyAfterFloatingPointCompare):
(JSC::MacroAssemblerARM64::moveDoubleConditionallyDouble):
(JSC::MacroAssemblerARM64::moveDoubleConditionallyFloat):
(JSC::MacroAssemblerARM64::moveConditionally32):
(JSC::MacroAssemblerARM64::moveDoubleConditionally32):
(JSC::MacroAssemblerARM64::moveDoubleConditionally64):
(JSC::MacroAssemblerARM64::moveDoubleConditionallyTest32):
(JSC::MacroAssemblerARM64::moveDoubleConditionallyTest64):
(JSC::MacroAssemblerARM64::branch64):
- assembler/MacroAssemblerX86Common.h:
(JSC::MacroAssemblerX86Common::moveConditionally32):
(JSC::MacroAssemblerX86Common::moveDoubleConditionally32):
(JSC::MacroAssemblerX86Common::moveDoubleConditionallyTest32):
(JSC::MacroAssemblerX86Common::moveDoubleConditionallyDouble):
(JSC::MacroAssemblerX86Common::moveDoubleConditionallyFloat):
- assembler/MacroAssemblerX86_64.h:
(JSC::MacroAssemblerX86_64::moveDoubleConditionally64):
(JSC::MacroAssemblerX86_64::moveDoubleConditionallyTest64):
- b3/air/AirInstInlines.h:
(JSC::B3::Air::Inst::shouldTryAliasingDef):
- b3/air/AirOpcode.opcodes:
- b3/testb3.cpp:
(JSC::B3::populateWithInterestingValues):
(JSC::B3::floatingPointOperands):
(JSC::B3::int64Operands):
(JSC::B3::int32Operands):
(JSC::B3::testSelectCompareFloat):
(JSC::B3::testSelectCompareFloatToDouble):
(JSC::B3::testSelectDoubleCompareDouble):
(JSC::B3::testSelectDoubleCompareDoubleWithAliasing):
(JSC::B3::testSelectFloatCompareFloat):
(JSC::B3::testSelectFloatCompareFloatWithAliasing):
(JSC::B3::run):
- 4:21 AM Changeset in webkit [197755] by
-
- 4 edits2 adds in releases/WebKitGTK/webkit-2.12
Merge r197486 - Paint table borders on empty cells even in quirks mode.
https://bugs.webkit.org/show_bug.cgi?id=154928
Reviewed by David Hyatt.
Enable border painting for empty cells unless 'empty-cells: hide' is set.
This is inline with FF and Chrome behaviour.
Source/WebCore:
Test: fast/table/border-on-empty-table-cells-quirks-mode.html
- rendering/RenderTableCell.cpp:
(WebCore::RenderTableCell::paintBoxDecorations):
LayoutTests:
- fast/table/border-on-empty-table-cells-quirks-mode-expected.html: Added.
- fast/table/border-on-empty-table-cells-quirks-mode.html: Added.
- 4:07 AM Changeset in webkit [197754] by
-
- 4 edits in trunk
Unreviewed EFL build fix after r197752.
Tools:
- Scripts/webkitperl/FeatureList.pm: Avoid MEDIA_STREAM
compilation by default until EFL bumps gstreamer to 1.6.
LayoutTests:
- platform/efl/TestExpectations: Avoid running the mediastream
tests until the support is implemented and compiled by default.
- 2:58 AM Changeset in webkit [197753] by
-
- 2 edits in trunk/Source/WebKit2
One more unreviewed speculative buildfix after r197728.
- NetworkProcess/NetworkResourceLoader.cpp:
(WebKit::NetworkResourceLoader::didFinishLoading):
(WebKit::NetworkResourceLoader::continueWillSendRequest):
- 2:36 AM Changeset in webkit [197752] by
-
- 7 edits1 delete in trunk
[GTK] [EFL] Avoid running mediastream tests by default until we compile by default
https://bugs.webkit.org/show_bug.cgi?id=153540
Reviewed by Philippe Normand.
After bumping gstreamer to 1.6.3 in r196804 we can enable again
Tools:
compilation of mediastream and running the tests.
- Scripts/run-gtk-tests:
(TestRunner): Enable again the UserMedia API test.
- Scripts/webkitperl/FeatureList.pm: Enable the compilation of the
mediastream by default.
- gtk/jhbuild-webrtc.modules: Removed the specific jhbuild modules
file.
- gtk/jhbuild.modules: Bumped the openwebrtc version to the one we
are currently using.
LayoutTests:
compilation of mediastream and running the tests. We have updated
the expectations accordingly.
- platform/efl/TestExpectations:
- platform/gtk/TestExpectations:
- 2:11 AM Changeset in webkit [197751] by
-
- 5 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore
Merge r197485 - RegExpPrototype should check for exceptions after calling toString and doing so should not be expensive
https://bugs.webkit.org/show_bug.cgi?id=154927
Reviewed by Saam Barati.
While working on regexp optimizations, I found that RegExpPrototype calls toString(), an
effectful operation that could do anything, without then checking for hadException().
So I added a call to hadException().
But that regressed Octane/regexp by 5%! That's a lot! It turns out that
exec->hadException() is soooper slow. So, I made it cheaper to check for exceptions from
toString(): there is now a variant called toStringFast() that returns null iff it throws an
exception.
This allowed me to add the exception check without regressing perf.
Note that toString() must retain its old behavior of returning an empty string on exception.
There is just too much code that relies on that behavior.
- runtime/JSCJSValue.cpp:
(JSC::JSValue::isValidCallee):
(JSC::JSValue::toStringSlowCase):
(JSC::JSValue::toWTFStringSlowCase):
- runtime/JSCJSValue.h:
(JSC::JSValue::asValue):
- runtime/JSString.h:
(JSC::JSValue::toString):
(JSC::JSValue::toStringFast):
(JSC::JSValue::toWTFString):
- runtime/RegExpPrototype.cpp:
(JSC::regExpProtoFuncTest):
(JSC::regExpProtoFuncExec):
(JSC::regExpProtoFuncCompile):
- 1:48 AM Changeset in webkit [197750] by
-
- 2 edits in trunk/Source/WebKit2
Unreviewed speculative buildfix after r197728.
- WebProcess/Network/WebLoaderStrategy.cpp:
(WebKit::WebLoaderStrategy::scheduleLoad):
- 1:47 AM Changeset in webkit [197749] by
-
- 14 edits6 adds in releases/WebKitGTK/webkit-2.12
Merge r197474 - Modern IDB: Close UniqueIDBDatabases once they become unused.
https://bugs.webkit.org/show_bug.cgi?id=154922
Reviewed by Alex Christensen.
Source/WebCore:
Tests: storage/indexeddb/modern/256-open-databases.html
storage/indexeddb/modern/exceed-open-file-limit.html
Without this change, attempts to open a 256th database in the DatabaseProcess will fail on Mac.
Due to SQLite journal files, this limit could come up as early as 128 databases if they are all
in active use.
This is because launchd - by default - limits xpc services to having 256 open file handles by default.
While we should explore raising the limit, we should also close databases we no longer need.
- Modules/indexeddb/server/IDBBackingStore.h:
- Modules/indexeddb/server/IDBServer.cpp:
(WebCore::IDBServer::IDBServer::closeUniqueIDBDatabase):
(WebCore::IDBServer::IDBServer::deleteUniqueIDBDatabase): Deleted.
- Modules/indexeddb/server/IDBServer.h:
- Modules/indexeddb/server/MemoryBackingStoreTransaction.cpp:
(WebCore::IDBServer::MemoryBackingStoreTransaction::MemoryBackingStoreTransaction):
- Modules/indexeddb/server/MemoryIDBBackingStore.cpp:
(WebCore::IDBServer::MemoryIDBBackingStore::getOrEstablishDatabaseInfo):
- Modules/indexeddb/server/MemoryIDBBackingStore.h:
- Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
(WebCore::IDBServer::SQLiteIDBBackingStore::getOrEstablishDatabaseInfo):
- Modules/indexeddb/server/SQLiteIDBBackingStore.h:
- Modules/indexeddb/server/UniqueIDBDatabase.cpp:
(WebCore::IDBServer::UniqueIDBDatabase::UniqueIDBDatabase):
(WebCore::IDBServer::UniqueIDBDatabase::~UniqueIDBDatabase):
(WebCore::IDBServer::UniqueIDBDatabase::performCurrentOpenOperation): Handle the case where opening
the backing store failed by firing an error event instead of pretending everything is okay.
(WebCore::IDBServer::UniqueIDBDatabase::deleteBackingStore):
(WebCore::IDBServer::UniqueIDBDatabase::didDeleteBackingStore):
(WebCore::IDBServer::UniqueIDBDatabase::openBackingStore):
(WebCore::IDBServer::UniqueIDBDatabase::didOpenBackingStore):
(WebCore::IDBServer::UniqueIDBDatabase::isCurrentlyInUse):
(WebCore::IDBServer::UniqueIDBDatabase::operationAndTransactionTimerFired): If the database is not
currently in use, close it.
(WebCore::IDBServer::UniqueIDBDatabase::inProgressTransactionCompleted):
- Modules/indexeddb/server/UniqueIDBDatabase.h:
(WebCore::IDBServer::UniqueIDBDatabase::deletePending): Deleted.
- Modules/indexeddb/shared/IDBObjectStoreInfo.cpp:
(WebCore::IDBObjectStoreInfo::isolatedCopy): Actually get this right.
LayoutTests:
- platform/mac-wk1/TestExpectations:
- storage/indexeddb/modern/256-open-databases-expected.txt: Added.
- storage/indexeddb/modern/256-open-databases.html: Added.
- storage/indexeddb/modern/exceed-open-file-limit-expected.txt: Added.
- storage/indexeddb/modern/exceed-open-file-limit.html: Added.
- storage/indexeddb/modern/resources/256-open-databases.js: Added.
- storage/indexeddb/modern/resources/exceed-open-file-limit.js: Added.
- 1:46 AM Changeset in webkit [197748] by
-
- 11 edits63 adds in trunk
[Fetch API] Implement fetch skeleton
https://bugs.webkit.org/show_bug.cgi?id=155111
Reviewed by Darin Adler.
LayoutTests/imported/w3c:
Importing basic fetch api tests.
- resources/ImportExpectations: Activating fetch/api/basic import.
- web-platform-tests/fetch/api/basic/accept-header-expected.txt: Added.
- web-platform-tests/fetch/api/basic/accept-header-worker-expected.txt: Added.
- web-platform-tests/fetch/api/basic/accept-header-worker.html: Added.
- web-platform-tests/fetch/api/basic/accept-header.html: Added.
- web-platform-tests/fetch/api/basic/accept-header.js: Added.
(promise_test):
- web-platform-tests/fetch/api/basic/integrity-expected.txt: Added.
- web-platform-tests/fetch/api/basic/integrity-worker-expected.txt: Added.
- web-platform-tests/fetch/api/basic/integrity-worker.html: Added.
- web-platform-tests/fetch/api/basic/integrity.html: Added.
- web-platform-tests/fetch/api/basic/integrity.js: Added.
(integrity):
- web-platform-tests/fetch/api/basic/mode-no-cors-expected.txt: Added.
- web-platform-tests/fetch/api/basic/mode-no-cors-worker-expected.txt: Added.
- web-platform-tests/fetch/api/basic/mode-no-cors-worker.html: Added.
- web-platform-tests/fetch/api/basic/mode-no-cors.html: Added.
- web-platform-tests/fetch/api/basic/mode-no-cors.js: Added.
(fetchNoCors):
- web-platform-tests/fetch/api/basic/mode-same-origin-expected.txt: Added.
- web-platform-tests/fetch/api/basic/mode-same-origin-worker-expected.txt: Added.
- web-platform-tests/fetch/api/basic/mode-same-origin-worker.html: Added.
- web-platform-tests/fetch/api/basic/mode-same-origin.html: Added.
- web-platform-tests/fetch/api/basic/mode-same-origin.js: Added.
(fetchSameOrigin):
- web-platform-tests/fetch/api/basic/request-forbidden-headers-expected.txt: Added.
- web-platform-tests/fetch/api/basic/request-forbidden-headers-worker-expected.txt: Added.
- web-platform-tests/fetch/api/basic/request-forbidden-headers-worker.html: Added.
- web-platform-tests/fetch/api/basic/request-forbidden-headers.html: Added.
- web-platform-tests/fetch/api/basic/request-forbidden-headers.js: Added.
(requestForbiddenHeaders):
- web-platform-tests/fetch/api/basic/request-headers-expected.txt: Added.
- web-platform-tests/fetch/api/basic/request-headers-worker-expected.txt: Added.
- web-platform-tests/fetch/api/basic/request-headers-worker.html: Added.
- web-platform-tests/fetch/api/basic/request-headers.html: Added.
- web-platform-tests/fetch/api/basic/request-headers.js: Added.
(requestHeaders):
- web-platform-tests/fetch/api/basic/scheme-about-expected.txt: Added.
- web-platform-tests/fetch/api/basic/scheme-about-worker-expected.txt: Added.
- web-platform-tests/fetch/api/basic/scheme-about-worker.html: Added.
- web-platform-tests/fetch/api/basic/scheme-about.html: Added.
- web-platform-tests/fetch/api/basic/scheme-about.js: Added.
(checkFetchResponse):
(checkKoUrl):
- web-platform-tests/fetch/api/basic/scheme-blob-expected.txt: Added.
- web-platform-tests/fetch/api/basic/scheme-blob-worker-expected.txt: Added.
- web-platform-tests/fetch/api/basic/scheme-blob-worker.html: Added.
- web-platform-tests/fetch/api/basic/scheme-blob.html: Added.
- web-platform-tests/fetch/api/basic/scheme-blob.js: Added.
(checkFetchResponse):
(checkKoUrl):
- web-platform-tests/fetch/api/basic/scheme-data-expected.txt: Added.
- web-platform-tests/fetch/api/basic/scheme-data-worker-expected.txt: Added.
- web-platform-tests/fetch/api/basic/scheme-data-worker.html: Added.
- web-platform-tests/fetch/api/basic/scheme-data.html: Added.
- web-platform-tests/fetch/api/basic/scheme-data.js: Added.
(checkFetchResponse):
(checkKoUrl):
- web-platform-tests/fetch/api/basic/scheme-others-expected.txt: Added.
- web-platform-tests/fetch/api/basic/scheme-others-worker-expected.txt: Added.
- web-platform-tests/fetch/api/basic/scheme-others-worker.html: Added.
- web-platform-tests/fetch/api/basic/scheme-others.html: Added.
- web-platform-tests/fetch/api/basic/scheme-others.js: Added.
(checkKoUrl):
- web-platform-tests/fetch/api/basic/stream-response-expected.txt: Added.
- web-platform-tests/fetch/api/basic/stream-response-worker-expected.txt: Added.
- web-platform-tests/fetch/api/basic/stream-response-worker.html: Added.
- web-platform-tests/fetch/api/basic/stream-response.html: Added.
- web-platform-tests/fetch/api/basic/stream-response.js: Added.
(streamBody):
(promise_test.):
(promise_test):
- web-platform-tests/fetch/api/basic/w3c-import.log: Added.
Source/WebCore:
Adding skeleton code to call fetch API from normal and worker scopes.
Fetch API implementation is limited to reject the promise.
Updating the binding generator to fix the case of overloaded promise-returning functions.
Made overloaded utility functions "static inline".
Tests: imported/w3c/web-platform-tests/fetch/api/basic/accept-header-worker.html
imported/w3c/web-platform-tests/fetch/api/basic/accept-header.html
imported/w3c/web-platform-tests/fetch/api/basic/integrity-worker.html
imported/w3c/web-platform-tests/fetch/api/basic/integrity.html
imported/w3c/web-platform-tests/fetch/api/basic/mode-no-cors-worker.html
imported/w3c/web-platform-tests/fetch/api/basic/mode-no-cors.html
imported/w3c/web-platform-tests/fetch/api/basic/mode-same-origin-worker.html
imported/w3c/web-platform-tests/fetch/api/basic/mode-same-origin.html
imported/w3c/web-platform-tests/fetch/api/basic/request-forbidden-headers-worker.html
imported/w3c/web-platform-tests/fetch/api/basic/request-forbidden-headers.html
imported/w3c/web-platform-tests/fetch/api/basic/request-headers-worker.html
imported/w3c/web-platform-tests/fetch/api/basic/request-headers.html
imported/w3c/web-platform-tests/fetch/api/basic/scheme-about-worker.html
imported/w3c/web-platform-tests/fetch/api/basic/scheme-about.html
imported/w3c/web-platform-tests/fetch/api/basic/scheme-blob-worker.html
imported/w3c/web-platform-tests/fetch/api/basic/scheme-blob.html
imported/w3c/web-platform-tests/fetch/api/basic/scheme-data-worker.html
imported/w3c/web-platform-tests/fetch/api/basic/scheme-data.html
imported/w3c/web-platform-tests/fetch/api/basic/scheme-others-worker.html
imported/w3c/web-platform-tests/fetch/api/basic/scheme-others.html
imported/w3c/web-platform-tests/fetch/api/basic/stream-response-worker.html
imported/w3c/web-platform-tests/fetch/api/basic/stream-response.html
- CMakeLists.txt:
- DerivedSources.make:
- Modules/fetch/DOMWindowFetch.cpp: Added.
(WebCore::DOMWindowFetch::fetch):
- Modules/fetch/DOMWindowFetch.h: Added.
- Modules/fetch/DOMWindowFetch.idl: Added.
- Modules/fetch/WorkerGlobalScopeFetch.cpp: Added.
(WebCore::WorkerGlobalScopeFetch::fetch):
- Modules/fetch/WorkerGlobalScopeFetch.h: Added.
- Modules/fetch/WorkerGlobalScopeFetch.idl: Added.
- WebCore.xcodeproj/project.pbxproj:
- bindings/scripts/CodeGeneratorJS.pm:
(GenerateImplementation): Fixing the case of overloaded promise-returning functions.
- bindings/scripts/test/JS/JSTestObj.cpp:
(WebCore::jsTestObjPrototypeFunctionOverloadedMethod1):
(WebCore::jsTestObjPrototypeFunctionOverloadedMethod2):
(WebCore::jsTestObjPrototypeFunctionOverloadedMethod3):
(WebCore::jsTestObjPrototypeFunctionOverloadedMethod4):
(WebCore::jsTestObjPrototypeFunctionOverloadedMethod5):
(WebCore::jsTestObjPrototypeFunctionOverloadedMethod6):
(WebCore::jsTestObjPrototypeFunctionOverloadedMethod7):
(WebCore::jsTestObjPrototypeFunctionOverloadedMethod8):
(WebCore::jsTestObjPrototypeFunctionOverloadedMethod9):
(WebCore::jsTestObjPrototypeFunctionOverloadedMethod10):
(WebCore::jsTestObjPrototypeFunctionOverloadedMethod11):
(WebCore::jsTestObjPrototypeFunctionOverloadedMethod12):
(WebCore::jsTestObjPrototypeFunctionOverloadedMethodWithOptionalParameter1):
(WebCore::jsTestObjPrototypeFunctionOverloadedMethodWithOptionalParameter2):
(WebCore::jsTestObjConstructorFunctionOverloadedMethod11):
(WebCore::jsTestObjConstructorFunctionOverloadedMethod12):
(WebCore::jsTestObjPrototypeFunctionTestPromiseOverloadedFunction1):
(WebCore::jsTestObjPrototypeFunctionTestPromiseOverloadedFunction1Promise):
(WebCore::jsTestObjPrototypeFunctionTestPromiseOverloadedFunction2):
(WebCore::jsTestObjPrototypeFunctionTestPromiseOverloadedFunction2Promise):
(WebCore::jsTestObjPrototypeFunctionTestPromiseOverloadedFunction):
(WebCore::jsTestObjPrototypeFunctionOverloadedMethod): Deleted.
(WebCore::jsTestObjConstructorFunctionClassMethod2): Deleted.
(WebCore::jsTestObjPrototypeFunctionAny): Deleted.
(WebCore::jsTestObjPrototypeFunctionTestPromiseFunctionPromise): Deleted.
(WebCore::jsTestObjPrototypeFunctionTestPromiseFunctionWithFloatArgumentPromise): Deleted.
(WebCore::jsTestObjPrototypeFunctionTestPromiseFunctionWithExceptionPromise): Deleted.
- bindings/scripts/test/TestObj.idl:
LayoutTests:
- TestExpectations: Marking some tests as flaky.
- 1:44 AM Changeset in webkit [197747] by
-
- 1 edit3 adds in releases/WebKitGTK/webkit-2.12/LayoutTests
Merge r197465 - Add a benchmark for string transcoding.
Rubber stamped by Saam Barati.
I wrote some code like this while working on
https://github.com/WebAssembly/design/pull/573. I thought I'd add it as a benchmark since
it stresses things that we may not have good bench coverage for.
- js/regress/script-tests/string-transcoding.js: Added.
(decodeUTF8):
(encodeUTF8):
(arraysEqual):
(arrayToString):
(setHeader):
(print):
(tryArray):
(doSteps):
- js/regress/string-transcoding-expected.txt: Added.
- js/regress/string-transcoding.html: Added.
- 1:36 AM Changeset in webkit [197746] by
-
- 13 edits in releases/WebKitGTK/webkit-2.12/Source/WebCore
Merge r197462 - Use IndentTextOrNot instead of passing isFirstLine/shouldIndentText as bool.
https://bugs.webkit.org/show_bug.cgi?id=154628
Reviewed by Simon Fraser.
No change in behaviour.
- rendering/RenderBlock.cpp:
(WebCore::RenderBlock::computeStartPositionDeltaForChildAvoidingFloats):
(WebCore::RenderBlock::logicalLeftSelectionOffset):
(WebCore::RenderBlock::logicalRightSelectionOffset):
- rendering/RenderBlock.h:
(WebCore::RenderBlock::availableLogicalWidthForLineInRegion):
(WebCore::RenderBlock::logicalRightOffsetForLineInRegion):
(WebCore::RenderBlock::logicalLeftOffsetForLineInRegion):
(WebCore::RenderBlock::startOffsetForLineInRegion):
(WebCore::RenderBlock::endOffsetForLineInRegion):
(WebCore::RenderBlock::availableLogicalWidthForLine):
(WebCore::RenderBlock::logicalRightOffsetForLine):
(WebCore::RenderBlock::logicalLeftOffsetForLine):
(WebCore::RenderBlock::startOffsetForLine):
(WebCore::RenderBlock::endOffsetForLine):
- rendering/RenderBlockFlow.cpp:
(WebCore::RenderBlockFlow::getClearDelta):
- rendering/RenderBlockLineLayout.cpp:
(WebCore::updateLogicalInlinePositions):
(WebCore::RenderBlockFlow::layoutRunsAndFloatsInRange):
(WebCore::RenderBlockFlow::deleteEllipsisLineBoxes):
(WebCore::RenderBlockFlow::checkLinesForTextOverflow):
(WebCore::RenderBlockFlow::startAlignedOffsetForLine):
- rendering/RenderBox.cpp:
(WebCore::RenderBox::shrinkLogicalWidthToAvoidFloats):
(WebCore::RenderBox::containingBlockAvailableLineWidthInRegion):
- rendering/RenderDeprecatedFlexibleBox.cpp:
(WebCore::RenderDeprecatedFlexibleBox::applyLineClamp):
- rendering/RenderListItem.cpp:
(WebCore::RenderListItem::positionListMarker):
- rendering/RootInlineBox.cpp:
(WebCore::RootInlineBox::selectionTop):
(WebCore::RootInlineBox::selectionBottom):
- rendering/SimpleLineLayout.cpp:
(WebCore::SimpleLineLayout::canUseForWithReason):
(WebCore::SimpleLineLayout::updateLineConstrains):
- rendering/line/LineBreaker.cpp:
(WebCore::LineBreaker::skipLeadingWhitespace):
- rendering/line/LineWidth.cpp:
(WebCore::LineWidth::shrinkAvailableWidthForNewFloatIfNeeded):
(WebCore::availableWidthAtOffset):
- rendering/line/LineWidth.h:
(WebCore::LineWidth::shouldIndentText):
- 1:31 AM Changeset in webkit [197745] by
-
- 2 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore
Merge r197446 - [JSC] Use a Move without REX byte when possible
https://bugs.webkit.org/show_bug.cgi?id=154801
Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-03-02
Reviewed by Alex Christensen.
Filip wrote an optimization in the register allocator
to use 32bit "Move" when we don't care about the top bytes.
When I moved the commutative ops to the fake 3 operands instruction
I largely destroyed this since all the "Moves" became full register.
In this patch, I switch back to 32bit "Moves" for 32bit operations.
- assembler/MacroAssemblerX86Common.h:
(JSC::MacroAssemblerX86Common::and32):
(JSC::MacroAssemblerX86Common::lshift32):
(JSC::MacroAssemblerX86Common::mul32):
(JSC::MacroAssemblerX86Common::or32):
(JSC::MacroAssemblerX86Common::rshift32):
(JSC::MacroAssemblerX86Common::urshift32):
(JSC::MacroAssemblerX86Common::xor32):
(JSC::MacroAssemblerX86Common::branchAdd32):
(JSC::MacroAssemblerX86Common::branchMul32):
(JSC::MacroAssemblerX86Common::branchSub32):
(JSC::MacroAssemblerX86Common::move32IfNeeded):
- 1:10 AM Changeset in webkit [197744] by
-
- 7 edits in trunk/Source/WebCore
[Fetch API] Make FetchRequest and FetchResponse ActiveDOMObject
https://bugs.webkit.org/show_bug.cgi?id=154729
Reviewed by Darin Adler.
Covered by existing tests.
Making FetchRequest and FetchResponse ActiveDOMObject.
Both objects can always be suspended now.
This might be updated when blob conversion is added or when fetching data to fill in FetchResponse.
- Modules/fetch/FetchRequest.cpp:
(WebCore::FetchRequest::create):
(WebCore::FetchRequest::clone):
(WebCore::FetchRequest::activeDOMObjectName):
(WebCore::FetchRequest::canSuspendForDocumentSuspension):
- Modules/fetch/FetchRequest.h:
(WebCore::FetchRequest::FetchRequest):
- Modules/fetch/FetchRequest.idl:
- Modules/fetch/FetchResponse.cpp:
(WebCore::FetchResponse::error):
(WebCore::FetchResponse::redirect):
(WebCore::FetchResponse::FetchResponse):
(WebCore::FetchResponse::clone):
(WebCore::FetchResponse::activeDOMObjectName):
(WebCore::FetchResponse::canSuspendForDocumentSuspension):
- Modules/fetch/FetchResponse.h:
(WebCore::FetchResponse::create):
- Modules/fetch/FetchResponse.idl:
- 1:08 AM Changeset in webkit [197743] by
-
- 2 edits1 add in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore
Merge r197445 - [JSC] Simplify ArithMod(ArithMod(x, const1), const2) if const2 >= const1
https://bugs.webkit.org/show_bug.cgi?id=154904
Reviewed by Saam Barati.
The ASM test "ubench" has a "x % 10 % 255".
The second modulo should be eliminated.
This is a 15% improvement on ASMJS' ubench.
- dfg/DFGStrengthReductionPhase.cpp:
(JSC::DFG::StrengthReductionPhase::handleNode):
- tests/stress/arith-modulo-twice.js: Added.
(opaqueModuloSmaller):
(opaqueModuloEqual):
(opaqueModuloLarger):
(opaqueModuloSmallerNeg):
(opaqueModuloEqualNeg):
(opaqueModuloLargerNeg):
(opaqueExpectedOther):
- 12:55 AM Changeset in webkit [197742] by
-
- 3 edits in trunk/Source/WebKit2
Web Inspector: Make WebAutomationSession::closeBrowsingContext work as expected
https://bugs.webkit.org/show_bug.cgi?id=155162
rdar://problem/25027191
Reviewed by Brian Burg.
- UIProcess/Automation/WebAutomationSession.cpp:
(WebKit::WebAutomationSession::closeBrowsingContext):
Call closePage, the same method ultimately used by window.close().
- UIProcess/WebPageProxy.h: Make closePage public.
- 12:49 AM Changeset in webkit [197741] by
-
- 3 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore
Merge r197438 - Simplify some StringBuilder appends
https://bugs.webkit.org/show_bug.cgi?id=154902
Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-01
Reviewed by Mark Lam.
- runtime/ExceptionHelpers.cpp:
(JSC::notAFunctionSourceAppender):
- runtime/SamplingProfiler.cpp:
(JSC::SamplingProfiler::stackTracesAsJSON):
Use StringBuilder::append(char) instead of append(char*) where possible.
- 12:46 AM Changeset in webkit [197740] by
-
- 1 edit3 adds in releases/WebKitGTK/webkit-2.12/LayoutTests
Merge r197417 - FTL should simplify StringReplace with an empty replacement string
https://bugs.webkit.org/show_bug.cgi?id=154871
Reviewed by Michael Saboff.
Really add this new test.
- js/regress/script-tests/string-replace-empty.js: Added.
- js/regress/string-replace-empty-expected.txt: Added.
- js/regress/string-replace-empty.html: Added.
- 12:38 AM Changeset in webkit [197739] by
-
- 5 edits in releases/WebKitGTK/webkit-2.12
Merge r197416 - FTL should simplify StringReplace with an empty replacement string
https://bugs.webkit.org/show_bug.cgi?id=154871
Reviewed by Michael Saboff.
This is a simple and hugely profitable change. If we do a string.replace(/things/, ""), then
this calls directly into StringPrototype's replace-with-empty-string logic instead of going
through stuff that does checks before reaching that same conclusion.
This speeds up Octane/regexp by about 6-10%. It also speeds up the attached microbenchmark by
about 7%.
- ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileStringReplace):
- runtime/StringPrototype.cpp:
(JSC::jsSpliceSubstringsWithSeparators):
(JSC::removeUsingRegExpSearch):
(JSC::replaceUsingRegExpSearch):
(JSC::operationStringProtoFuncReplaceRegExpEmptyStr):
(JSC::operationStringProtoFuncReplaceRegExpString):
- runtime/StringPrototype.h:
- 12:20 AM Changeset in webkit [197738] by
-
- 11 edits7 adds in trunk
[SVG2] Implement marker orient='auto-start-reverse'
https://bugs.webkit.org/show_bug.cgi?id=138456
Patch by Nikos Andronikos <nikos.andronikos-webkit@cisra.canon.com.au> on 2016-03-08
Reviewed by Darin Adler.
Source/WebCore:
https://www.w3.org/TR/SVG2/painting.html#OrientAttribute
marker-start markers must be oriented at 180 degrees to the direction of the path when
the orient attribute of the marker is set to 'auto-start-reverse'.
To acheive this the SVGMarkerData class which calculates the angles for each marker on
a path must know whether the orient type is set to reverse the start marker.
Tests: svg/animations/animate-marker-orient-from-angle-to-autostartreverse.html
svg/animations/animate-marker-orienttype-4.html
svg/custom/marker-auto-start-reverse.html
- rendering/svg/RenderSVGShape.cpp:
(WebCore::RenderSVGShape::processMarkerPositions):
Create marker data, using animated value of orient to determine
if first marker should be reversed.
- rendering/svg/SVGMarkerData.h:
(WebCore::SVGMarkerData::SVGMarkerData):
Constructor now requires boolean indicating if start marker is
reversed.
(WebCore::SVGMarkerData::currentAngle):
Take into account whether start marker should be reversed.
- rendering/svg/SVGResources.cpp:
(WebCore::SVGResources::markerReverseStart):
New function to query whether start marker should be reversed.
- rendering/svg/SVGResources.h: Add declaration for new function.
- svg/SVGAnimatedAngle.cpp:
(WebCore::SVGAnimatedAngleAnimator::calculateAnimatedValue):
Support animation including the value auto-start-reverse.
- svg/SVGMarkerElement.cpp:
(WebCore::SVGMarkerElement::setOrient):
Combine duplicated functionality into one private method
(WebCore::SVGMarkerElement::setOrientToAuto):
Set orient type and angle correctly for orient=auto. Uses setOrient.
(WebCore::SVGMarkerElement::setOrientToAngle):
Set orient type and angle correctly for orient=<angle>. Uses setOrient.
(WebCore::SVGMarkerElement::synchronizeOrientType):
Support auto-start-reverse as a possible case.
- svg/SVGMarkerElement.h:
(WebCore::SVGIDLEnumLimits<SVGMarkerOrientType>::highestExposedEnumValue):
Limit the orient DOM property so that the new enum value
required for auto-start-reverse is not exposed.
(WebCore::SVGPropertyTraits<SVGMarkerOrientType>::highestEnumValue):
Support auto-start-reverse.
(WebCore::SVGPropertyTraits<SVGMarkerOrientType>::fromString):
Support auto-start-reverse.
LayoutTests:
- svg/animations/animate-marker-orient-from-angle-to-autostartreverse-expected.txt: Added.
- svg/animations/animate-marker-orient-from-angle-to-autostartreverse.html: Added.
- svg/animations/animate-marker-orienttype-4-expected.html: Added.
- svg/animations/animate-marker-orienttype-4.html: Added. Verify output after animation has run - ensure animation reflected in visual result.
- svg/animations/script-tests/animate-marker-orient-from-angle-to-autostartreverse.js: Added. Test DOM values at various snap-shot times throughout the animation.
(sample1):
(sample2):
(sample3):
(executeTest):
- svg/custom/marker-auto-start-reverse-expected.html: Added.
- svg/custom/marker-auto-start-reverse.html: Added. Verify static result - start marker is oriented at 180 degrees to direction of path.
- svg/dom/SVGAnimatedEnumeration-SVGMarkerElement-expected.txt:
- svg/dom/script-tests/SVGAnimatedEnumeration-SVGMarkerElement.js: Check attributes are treated as case sensitive. Check UNKNOWN is returned for enum value when auto-start-reverse set.
- 12:16 AM Changeset in webkit [197737] by
-
- 2 edits in releases/WebKitGTK/webkit-2.12/Source/WebCore
Merge r197415 - Timer alignment in separate web processes should not all sync up to the same point.
https://bugs.webkit.org/show_bug.cgi?id=154878
Reviewed by Chris Dumez.
For any given WebContent process it is desirable that timers are synchronized to a single
alignment point, but if all WebContent processes align to the same point then there may
be a thundering herd of processes waking up.
- page/DOMTimer.cpp:
(WebCore::DOMTimer::alignedFireTime):
- align to a randomized point.
- 12:13 AM Changeset in webkit [197736] by
-
- 2 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore
Merge r197411 - Unreviewed, fix CLOOP build.
- jit/JITOperations.h:
Mar 7, 2016:
- 11:58 PM Changeset in webkit [197735] by
-
- 3 edits in releases/WebKitGTK/webkit-2.12/Source/WebKit2
Merge r197452 - REGRESSION(r197409): [GTK] Web process always crashes on WebPage construction after r197409
https://bugs.webkit.org/show_bug.cgi?id=154918
Reviewed by Žan Doberšek.
We have an incorrect check in DrawingAreaImpl constructor that has
never actually worked because it uses the page settings before
they were initialized. But that has been fixed in r197409 and now
we are always forcing accelerated compositing mode incorrectly,
because m_alwaysUseCompositing is set in the constructor and never
changed again.
- WebProcess/WebPage/DrawingAreaImpl.cpp:
(WebKit::DrawingAreaImpl::DrawingAreaImpl): Remove code to set
settings and m_alwaysUseCompositing, since that should be done in
updatePreferences().
(WebKit::DrawingAreaImpl::updatePreferences): Update the settings
accordingly and always update m_alwaysUseCompositing when AC is
enabled and forced in the settings.
- WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::WebPage): WebPage::updatePreferences() calls
DrawingArea::updatePreferences(), but since r197409 it happens
before the drawing area has been created. So, call
DrawingArea::updatePreferences() in the constructor right after
the main frame has been created, since
DrawingArea::updatePreferences() uses the main frame.
- 11:58 PM Changeset in webkit [197734] by
-
- 5 edits in releases/WebKitGTK/webkit-2.12/Source
Merge r197409 - REGRESSION (r154616): Accelerated drawing is off during the initial load
<https://webkit.org/b/123812>
Reviewed by Tim Horton.
Source/WebCore:
Robustify the hey-the-Settings-changed callbacks in Page to handle document-less frames.
This is needed because now Settings are changed even before the main Frame has a Document.
- page/Page.cpp:
(WebCore::networkStateChanged):
(WebCore::Page::updateStyleForAllPagesAfterGlobalChangeInEnvironment):
(WebCore::Page::takeAnyMediaCanStartListener):
(WebCore::Page::setMediaVolume):
(WebCore::Page::setPageScaleFactor):
(WebCore::Page::invalidateStylesForAllLinks):
(WebCore::Page::invalidateStylesForLink):
(WebCore::Page::dnsPrefetchingStateChanged):
(WebCore::Page::storageBlockingStateChanged):
(WebCore::Page::setMuted):
(WebCore::Page::captionPreferencesChanged):
(WebCore::Page::setSessionID):
(WebCore::Page::setPlaybackTarget):
(WebCore::Page::playbackTargetAvailabilityDidChange):
(WebCore::Page::setShouldPlayToPlaybackTarget):
- page/Settings.cpp:
(WebCore::setImageLoadingSettings):
Source/WebKit2:
Load preferences before instantiating the first DrawingArea. This ensures that we do the
initial paint using accelerated drawing, and avoids allocating persistent data structures
only needed by the software rendering path.
- WebProcess/WebPage/WebPage.cpp:
- 11:18 PM Changeset in webkit [197733] by
-
- 2 edits in trunk/Source/WebKit2
REGRESSION(r197062): [GTK] Transparent backgrounds no longer work after r197062
https://bugs.webkit.org/show_bug.cgi?id=155119
Reviewed by Martin Robinson.
This is because after r197062 we are now realizing the view too
early, even before the toplevel window has been realized, forcing
the toplevel window to be realized. If the RGBA visual is set on
the window after it has been realzied it doesn't have any
effect. We should wait until the toplevel window is realized to
realize the web view, giving time to the application to set RGBA
visual and background color. If the toplevel window is already
realized we realize the web view immediately, so that this doesn't
affect the tearing problems fixed in r197062.
- UIProcess/API/gtk/WebKitWebViewBase.cpp:
(toplevelWindowRealized):
(webkitWebViewBaseSetToplevelOnScreenWindow):
- 11:16 PM Changeset in webkit [197732] by
-
- 11 edits1 copy2 adds in trunk/Source/JavaScriptCore
[ES6] Implement revocable proxies
https://bugs.webkit.org/show_bug.cgi?id=154321
Reviewed by Mark Lam.
This patch is a straight forward implementation of Proxy.revocable
with respect to section 26.2.2.1 of the ECMAScript spec.
https://tc39.github.io/ecma262/#sec-proxy.revocable
This patch also fixes a bug in Proxy where we
were incorrectly caching "in", i.e,"x" in proxy.
We should never blatantly cache this because caching is observable
behavior by users of the language. We could come up with
a smarter caching scheme that caches only if the Proxy's
handler doesn't have a "has" property, i.e, we don't have
to call out to JS code. But for now, it's easiest to disable
caching.
- CMakeLists.txt:
- JavaScriptCore.xcodeproj/project.pbxproj:
- runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::init):
(JSC::JSGlobalObject::visitChildren):
- runtime/JSGlobalObject.h:
(JSC::JSGlobalObject::moduleRecordStructure):
(JSC::JSGlobalObject::moduleNamespaceObjectStructure):
(JSC::JSGlobalObject::proxyObjectStructure):
(JSC::JSGlobalObject::proxyRevokeStructure):
(JSC::JSGlobalObject::wasmModuleStructure):
- runtime/ProxyConstructor.cpp:
(JSC::ProxyConstructor::create):
(JSC::ProxyConstructor::ProxyConstructor):
(JSC::makeRevocableProxy):
(JSC::proxyRevocableConstructorThrowError):
(JSC::ProxyConstructor::finishCreation):
(JSC::constructProxyObject):
- runtime/ProxyConstructor.h:
(JSC::ProxyConstructor::createStructure):
- runtime/ProxyObject.cpp:
(JSC::ProxyObject::finishCreation):
(JSC::performProxyGet):
(JSC::ProxyObject::performInternalMethodGetOwnProperty):
(JSC::ProxyObject::performHasProperty):
(JSC::ProxyObject::performPut):
(JSC::performProxyCall):
(JSC::performProxyConstruct):
(JSC::ProxyObject::performDelete):
(JSC::ProxyObject::performPreventExtensions):
(JSC::ProxyObject::performIsExtensible):
(JSC::ProxyObject::performDefineOwnProperty):
(JSC::ProxyObject::performGetOwnPropertyNames):
(JSC::ProxyObject::performSetPrototype):
(JSC::ProxyObject::performGetPrototype):
(JSC::ProxyObject::getPrototype):
(JSC::ProxyObject::revoke):
(JSC::ProxyObject::visitChildren):
- runtime/ProxyObject.h:
(JSC::ProxyObject::create):
- runtime/ProxyRevoke.cpp: Added.
(JSC::ProxyRevoke::create):
(JSC::ProxyRevoke::ProxyRevoke):
(JSC::ProxyRevoke::finishCreation):
(JSC::performProxyRevoke):
(JSC::ProxyRevoke::getCallData):
(JSC::ProxyRevoke::visitChildren):
- runtime/ProxyRevoke.h: Added.
(JSC::ProxyRevoke::createStructure):
(JSC::ProxyRevoke::proxy):
(JSC::ProxyRevoke::setProxyToNull):
- tests/stress/proxy-has-property.js:
(assert):
(assert.let.handler.has):
(assert.let.foo):
- tests/stress/proxy-revoke.js: Added.
(assert):
(throw.new.Error.):
(throw.new.Error):
(callAllHandlers):
(shouldThrowNullHandler):
(allHandlersShouldThrow):
(i.let.trap.of.traps.trap.string_appeared_here.func):
(i.let.trap.of.traps.else.func):
(i.Proxy.revocable):
- 11:09 PM Changeset in webkit [197731] by
-
- 2 edits in trunk/Source/JavaScriptCore
Fix the ARM build after r197687
https://bugs.webkit.org/show_bug.cgi?id=155128
Reviewed by Saam Barati.
- assembler/MacroAssemblerARM.h:
(JSC::MacroAssemblerARM::moveZeroToDouble):
- 10:55 PM Changeset in webkit [197730] by
-
- 3 edits in trunk/Source/JavaScriptCore
Reduce the number of instructions needed to record the last regexp result
https://bugs.webkit.org/show_bug.cgi?id=155161
Reviewed by Sam Weinig.
This tightens up RegExpCachedResult::record(). My profiling shows that we spend just
over 1% of the time in Octane/regexp in this function. This function had two obvious
redundancies:
1) It executed the write barrier on owner twice. It only needs to execute it once. Since
the same RegExpConstructor is likely to be used many times, it makes sense to do the
barrier without looking at the 'to' objects at all. In steady state, this means that
the RegExpConstructor will simply be OldGrey so this one barrier will always skip the
slow path.
2) It cleared some fields that didn't need to be cleared, since we can just use
m_reified to indicate that the fields are not meaningful anymore.
This is meant to be a microscopic regexp speed-up.
- runtime/RegExpCachedResult.cpp:
(JSC::RegExpCachedResult::visitChildren):
(JSC::RegExpCachedResult::lastResult):
- runtime/RegExpCachedResult.h:
(JSC::RegExpCachedResult::record):
- 10:53 PM Changeset in webkit [197729] by
-
- 3 edits in trunk/Source/JavaScriptCore
createRegExpMatchesArray should allocate substrings more quickly
https://bugs.webkit.org/show_bug.cgi?id=155160
Reviewed by Sam Weinig.
This was calling a version of jsSubstring() that isn't inlineable because it was doing a lot
of checks in finishCreation(). In particular, it was checking that the base string is not
itself a substring and that it's been resolved. We don't need those checks here, since the
string must have been resolved prior to regexp processing.
This patch is also smart about whether to do checks for the empty and full substrings. In
the matches array loop, these checks are super unlikely to be profitable, so we just
unconditionally allocate the substring.
This removes those checks and makes the allocation inlineable. It looks like a 1% speed-up
on Octane/regexp.
- runtime/JSString.h:
(JSC::jsSubstring):
(JSC::jsSubstringOfResolved):
- runtime/RegExpMatchesArray.cpp:
(JSC::createRegExpMatchesArray):
- 10:44 PM Changeset in webkit [197728] by
-
- 25 edits in trunk/Source
Enhance logging: Use "always on" macros
https://bugs.webkit.org/show_bug.cgi?id=154499
<rdar://problem/24757730>
Patch by Keith Rollin <Keith Rollin> on 2016-03-07
Reviewed by Chris Dumez.
Source/WebCore:
Make use of new logging macros by reporting on frame and resource
load activity.
Add new logging to memory pressure handler to show when it's called
and its effectiveness. As part of this change, the various
platform-specific implementations have been unified.
No new tests. No new basic functionality has been added. Only new
logging has been added in release mode or has been enabled to execute
in release mode as well as debug mode.
- loader/FrameLoader.cpp:
(WebCore::FrameLoader::prepareForLoadStart):
(WebCore::FrameLoader::checkLoadCompleteForThisFrame):
(WebCore::FrameLoader::isAlwaysOnLoggingAllowed):
- loader/FrameLoader.h:
- loader/ResourceLoader.cpp:
(WebCore::ResourceLoader::isAlwaysOnLoggingAllowed):
- loader/ResourceLoader.h:
- page/Frame.cpp:
(WebCore::Frame::isAlwaysOnLoggingAllowed):
- page/Frame.h:
- page/Page.cpp:
(WebCore::Page::isAlwaysOnLoggingAllowed):
- page/Page.h:
- page/SessionID.h:
(WebCore::SessionID::isAlwaysOnLoggingAllowed):
- platform/MemoryPressureHandler.cpp:
(WebCore::MemoryPressureHandler::ReliefLogger::logMemoryUsageChange):
(WebCore::MemoryPressureHandler::ReliefLogger::platformLog): Deleted.
- platform/MemoryPressureHandler.h:
(WebCore::MemoryPressureHandler::ReliefLogger::ReliefLogger):
(WebCore::MemoryPressureHandler::ReliefLogger::~ReliefLogger):
- platform/cocoa/MemoryPressureHandlerCocoa.mm:
(WebCore::MemoryPressureHandler::ReliefLogger::platformLog): Deleted.
- platform/linux/MemoryPressureHandlerLinux.cpp:
(WebCore::MemoryPressureHandler::ReliefLogger::platformLog): Deleted.
- platform/win/MemoryPressureHandlerWin.cpp:
(WebCore::MemoryPressureHandler::ReliefLogger::platformLog): Deleted.
Source/WebKit2:
Make use of new logging macros by reporting on frame and resource
load activity.
Connection updated to report IPC errors, helping us identify when
messaging between processes breaks down.
ChildProcess updated to log if it is terminating early. Some
sysdiagnose logging from customers indicate that this is happening in
the wild.
- NetworkProcess/NetworkResourceLoader.cpp:
(WebKit::NetworkResourceLoader::startNetworkLoad):
(WebKit::NetworkResourceLoader::didFinishLoading):
(WebKit::NetworkResourceLoader::didFailLoading):
(WebKit::NetworkResourceLoader::continueWillSendRequest):
(WebKit::NetworkResourceLoader::isAlwaysOnLoggingAllowed):
- NetworkProcess/NetworkResourceLoader.h:
- Platform/IPC/Connection.cpp:
(IPC::Connection::waitForSyncReply):
- Shared/ChildProcess.cpp:
(WebKit::didCloseOnConnectionWorkQueue):
- WebProcess/Network/WebLoaderStrategy.cpp:
(WebKit::WebLoaderStrategy::scheduleLoad):
- WebProcess/Network/WebResourceLoader.cpp:
(WebKit::WebResourceLoader::willSendRequest):
(WebKit::WebResourceLoader::didReceiveResponse):
(WebKit::WebResourceLoader::didReceiveData):
(WebKit::WebResourceLoader::didFinishResourceLoad):
(WebKit::WebResourceLoader::didFailResourceLoad):
(WebKit::WebResourceLoader::didReceiveResource):
(WebKit::WebResourceLoader::isAlwaysOnLoggingAllowed):
- WebProcess/Network/WebResourceLoader.h:
Source/WTF:
Update LOG_ALWAYS and LOG_ALWAYS_ERROR macros to take an expression to
be evaluated. If the expression evaluates to True, the associated
message is logged. This facility is used to prevent logging from being
performed in private sessions, but it could be extended to prevent
logging under other circumstances as well.
- wtf/Assertions.h:
- 10:42 PM Changeset in webkit [197727] by
-
- 6 edits in trunk
Align HTMLCanvasElement.width / height with the specification
https://bugs.webkit.org/show_bug.cgi?id=155156
Reviewed by Ryosuke Niwa.
LayoutTests/imported/w3c:
Rebaseline now that more checks are passing.
- web-platform-tests/html/dom/reflection-embedded-expected.txt:
Source/WebCore:
Align HTMLCanvasElement.width / height with the specification:
- https://html.spec.whatwg.org/multipage/scripting.html#dom-canvas-width
- https://html.spec.whatwg.org/multipage/scripting.html#attr-canvas-width
In particular, the following changes were made:
- The attributes are now 'unsigned long' instead of 'long'
- The corresponding content attributes are parsed as per the HTML rules for passing non-negative integers.
- Upon setting, if the value is out-of-range, the content attributes is set to its default value.
No new tests, already covered by existing test.
- html/HTMLCanvasElement.cpp:
(WebCore::HTMLCanvasElement::setHeight):
(WebCore::HTMLCanvasElement::setWidth):
(WebCore::HTMLCanvasElement::reset):
- html/HTMLCanvasElement.h:
- html/HTMLCanvasElement.idl:
- 10:38 PM Changeset in webkit [197726] by
-
- 26 edits2 deletes in trunk
Stop clamping HTMLElement.tabIndex to the range of a short
https://bugs.webkit.org/show_bug.cgi?id=155159
Reviewed by Ryosuke Niwa.
LayoutTests/imported/w3c:
Rebaseline now that more checks are passing.
- web-platform-tests/html/dom/reflection-embedded-expected.txt:
- web-platform-tests/html/dom/reflection-forms-expected.txt:
- web-platform-tests/html/dom/reflection-grouping-expected.txt:
- web-platform-tests/html/dom/reflection-metadata-expected.txt:
- web-platform-tests/html/dom/reflection-misc-expected.txt:
- web-platform-tests/html/dom/reflection-obsolete-expected.txt:
- web-platform-tests/html/dom/reflection-sections-expected.txt:
- web-platform-tests/html/dom/reflection-tabular-expected.txt:
- web-platform-tests/html/dom/reflection-text-expected.txt:
Source/WebCore:
Stop clamping HTMLElement.tabIndex to the range of a short. We
apparently did this to match Firefox. However, this no longer matches
Firefox's behavior nor the HTML specification:
No new tests, already covered by existing test.
- dom/Element.cpp:
(WebCore::Element::setTabIndexExplicitly):
(WebCore::Element::tabIndex):
- dom/Element.h:
- dom/ElementRareData.h:
(WebCore::ElementRareData::tabIndex):
(WebCore::ElementRareData::setTabIndexExplicitly):
- html/HTMLAnchorElement.cpp:
(WebCore::HTMLAnchorElement::tabIndex):
- html/HTMLAnchorElement.h:
- html/HTMLElement.cpp:
(WebCore::HTMLElement::parseAttribute):
(WebCore::HTMLElement::tabIndex):
- html/HTMLElement.h:
- html/HTMLFormControlElement.cpp:
(WebCore::HTMLFormControlElement::tabIndex):
- html/HTMLFormControlElement.h:
- page/FocusController.cpp:
(WebCore::nextElementWithGreaterTabIndex):
(WebCore::FocusController::previousFocusableElement):
- svg/SVGAElement.cpp:
(WebCore::SVGAElement::tabIndex):
- svg/SVGAElement.h:
- svg/SVGElement.cpp:
(WebCore::SVGElement::tabIndex):
(WebCore::SVGElement::parseAttribute):
- svg/SVGElement.h:
LayoutTests:
Drop outdated test.
- fast/dom/tabindex-clamp-expected.txt: Removed.
- fast/dom/tabindex-clamp.html: Removed.
- 9:56 PM Changeset in webkit [197725] by
-
- 2 edits in trunk/Source/JavaScriptCore
[JSC] Small clean up of how we use SSA's valuesAtHead
https://bugs.webkit.org/show_bug.cgi?id=155152
Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-03-07
Reviewed by Filip Pizlo.
liveAtHead and valuesAtHead contain the same nodes,
we do not need the extra look up.
This also opens the way to use the same kind of liveness
analysis as Air (where live values at head do not use a set).
- dfg/DFGInPlaceAbstractState.cpp:
(JSC::DFG::InPlaceAbstractState::beginBasicBlock):
(JSC::DFG::InPlaceAbstractState::merge):
- 9:39 PM Changeset in webkit [197724] by
-
- 6 edits34 adds in trunk
CSP: Source '*' should not match URLs with schemes blob, data, or filesystem
https://bugs.webkit.org/show_bug.cgi?id=154122
<rdar://problem/24613336>
Reviewed by Brent Fulgham.
Source/WebCore:
Restrict matching of source expression * to HTTP or HTTPS URLs for all directives except
img-src and media-src. This policy is more restrictive than the policy described in section
Matching Source Expressions of the Content Security Policy 2.0 spec., <https://www.w3.org/TR/2015/CR-CSP2-20150721>,
which restricts matching * to schemes that are not blob, data, or filesystem.
For directive img-src we restrict matching of * to HTTP, HTTPS, and data URLs. For directive
media-src we restrict matching of * to HTTP, HTTPS, data URLs and blob URLs. We use a
more lenient interpretation of * for directives img-src and media-src than required by
the spec. to mitigate web compatibility issues.
Tests: fast/dom/HTMLImageElement/image-with-blob-url-blocked-by-csp-img-src-star.html
fast/dom/HTMLImageElement/image-with-data-url-allowed-by-csp-img-src-star.html
fast/dom/HTMLImageElement/image-with-file-url-blocked-by-csp-img-src-star.html
fast/dom/HTMLLinkElement/link-with-blob-url-blocked-by-csp-style-src-star.html
fast/dom/HTMLLinkElement/link-with-data-url-blocked-by-csp-style-src-star.html
fast/dom/HTMLLinkElement/link-with-file-url-blocked-by-csp-style-src-star.html
http/tests/security/contentSecurityPolicy/image-with-http-url-allowed-by-csp-img-src-star.html
http/tests/security/contentSecurityPolicy/image-with-https-url-allowed-by-csp-img-src-star.html
http/tests/security/contentSecurityPolicy/javascript-url-blocked-by-default-src-star.html
http/tests/security/contentSecurityPolicy/link-with-http-url-allowed-by-csp-style-src-star.html
http/tests/security/contentSecurityPolicy/link-with-https-url-allowed-by-csp-style-src-star.html
http/tests/security/contentSecurityPolicy/video-with-http-url-allowed-by-csp-media-src-star.html
http/tests/security/contentSecurityPolicy/video-with-https-url-allowed-by-csp-media-src-star.html
media/video-with-blob-url-allowed-by-csp-media-src-star.html
media/video-with-data-url-allowed-by-csp-media-src-star.html
media/video-with-file-url-blocked-by-csp-media-src-star.html
- page/csp/ContentSecurityPolicySourceList.cpp:
(WebCore::ContentSecurityPolicySourceList::isProtocolAllowedByStar): Added.
(WebCore::ContentSecurityPolicySourceList::matches): Modified to only match * if ContentSecurityPolicySourceList::isProtocolAllowedByStar().
evaluates to true.
- page/csp/ContentSecurityPolicySourceList.h:
LayoutTests:
Add tests to ensure that we do not regress our interpretation of * with respect to directives
img-src, media-src, style-src, and default-src.
When running in WebKitTestRunner, skip the tests fast/dom/HTMLImageElement/image-with-blob-url-blocked-by-csp-img-src-star.html
and media/video-with-blob-url-allowed-by-csp-media-src-star.html as they make use of eventSender.beginDragWithFiles(),
which is not implement. We will need to fix <https://bugs.webkit.org/show_bug.cgi?id=64285>
before we can run these tests in WebKitTestRunner.
- TestExpectations:
- fast/dom/HTMLImageElement/image-with-blob-url-blocked-by-csp-img-src-star-expected.html: Added.
- fast/dom/HTMLImageElement/image-with-blob-url-blocked-by-csp-img-src-star.html: Added.
- fast/dom/HTMLImageElement/image-with-data-url-allowed-by-csp-img-src-star-expected.html: Added.
- fast/dom/HTMLImageElement/image-with-data-url-allowed-by-csp-img-src-star.html: Added.
- fast/dom/HTMLImageElement/image-with-file-url-blocked-by-csp-img-src-star-expected.html: Added.
- fast/dom/HTMLImageElement/image-with-file-url-blocked-by-csp-img-src-star.html: Added.
- fast/dom/HTMLImageElement/resources/green.png: Added.
- fast/dom/HTMLLinkElement/link-with-blob-url-blocked-by-csp-style-src-star-expected.html: Added.
- fast/dom/HTMLLinkElement/link-with-blob-url-blocked-by-csp-style-src-star.html: Added.
- fast/dom/HTMLLinkElement/link-with-data-url-blocked-by-csp-style-src-star-expected.html: Added.
- fast/dom/HTMLLinkElement/link-with-data-url-blocked-by-csp-style-src-star.html: Added.
- fast/dom/HTMLLinkElement/link-with-file-url-blocked-by-csp-style-src-star-expected.html: Added.
- fast/dom/HTMLLinkElement/link-with-file-url-blocked-by-csp-style-src-star.html: Added.
- fast/dom/HTMLLinkElement/resources/red-background-color.css: Added.
(#test):
- http/tests/security/contentSecurityPolicy/image-with-http-url-allowed-by-csp-img-src-star-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/image-with-http-url-allowed-by-csp-img-src-star.html: Added.
- http/tests/security/contentSecurityPolicy/image-with-https-url-allowed-by-csp-img-src-star-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/image-with-https-url-allowed-by-csp-img-src-star.html: Added.
- http/tests/security/contentSecurityPolicy/javascript-url-blocked-by-default-src-star-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/javascript-url-blocked-by-default-src-star.html: Added.
- http/tests/security/contentSecurityPolicy/link-with-http-url-allowed-by-csp-style-src-star-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/link-with-http-url-allowed-by-csp-style-src-star.html: Added.
- http/tests/security/contentSecurityPolicy/link-with-https-url-allowed-by-csp-style-src-star-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/link-with-https-url-allowed-by-csp-style-src-star.html: Added.
- http/tests/security/contentSecurityPolicy/video-with-http-url-allowed-by-csp-media-src-star-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/video-with-http-url-allowed-by-csp-media-src-star.html: Added.
- http/tests/security/contentSecurityPolicy/video-with-https-url-allowed-by-csp-media-src-star-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/video-with-https-url-allowed-by-csp-media-src-star.html: Added.
- media/video-with-blob-url-allowed-by-csp-media-src-star-expected.html: Added.
- media/video-with-blob-url-allowed-by-csp-media-src-star.html: Added.
- media/video-with-data-url-allowed-by-csp-media-src-star-expected.html: Added.
- media/video-with-data-url-allowed-by-csp-media-src-star.html: Added.
- media/video-with-file-url-blocked-by-csp-media-src-star-expected.html: Added.
- media/video-with-file-url-blocked-by-csp-media-src-star.html: Added.
- platform/wk2/TestExpectations:
- 7:45 PM Changeset in webkit [197723] by
-
- 6 edits in trunk/PerformanceTests
Add ability to retrieve raw data from release harness
https://bugs.webkit.org/show_bug.cgi?id=155026
Reviewed by Simon Fraser.
- Animometer/developer.html: Remove the special UI in the debug
harness.
- Animometer/resources/runner/animometer.css: Add styles for the
overlay.
- Animometer/resources/runner/animometer.js: Let 'j' show the JSON
results, but only if the overlay doesn't exist. Add 'esc' key to dismiss
the overlay.
(window.benchmarkController.selectResults): Cycle the cases around
so that the first 's' press selects both the benchmark score and
the individual test scores.
- Animometer/resources/debug-runner/animometer.css: Remove
unneeded rules.
- Animometer/resources/debug-runner/animometer.js: Make the same
call to handleKeyPress.
- 7:01 PM Changeset in webkit [197722] by
-
- 7 edits1 add in trunk/Source/bmalloc
bmalloc: Use List<T> instead of Vector<T> in some places
https://bugs.webkit.org/show_bug.cgi?id=155150
Reviewed by Andreas Kling.
Vector<T> is expensive when you want a lot of them because our minimum
allocation size is the system page size.
- bmalloc.xcodeproj/project.pbxproj: Added a List<T> class.
- bmalloc/Heap.cpp:
(bmalloc::Heap::scavengeSmallPages):
(bmalloc::Heap::allocateSmallPage): Use the List<T> API. No need to check
for stale entries anymore because List<T> supports O(1) eager removal
and we remove eagerly now.
(bmalloc::Heap::deallocateSmallLine): Remove eagerly. This simplifies
the allocation code and it is also required for correctness since we
only have enough metadata to be in one list at a time.
- bmalloc/Heap.h: List!
- bmalloc/SmallChunk.h: Made this assert a little more precise since this
patch triggered the old version in a benign way.
(bmalloc::SmallChunk::SmallChunk): This code moved to the SmallPage
constructor.
- bmalloc/SmallPage.h:
(bmalloc::SmallPage::SmallPage): Accomodate the List<T> data structure.
This is a net memory savings on Mac for heaps smaller than ~128MB and on
iOS for heaps smaller than ~512MB. The maximum memory saved is 512kB on
Mac and 2MB on iOS. For larger heaps, there's a memory cost of 0.4% on
Mac and 0.1% on iOS.
- bmalloc/VMHeap.h:
(bmalloc::VMHeap::allocateSmallPage): Use List<T> API.
- 6:56 PM Changeset in webkit [197721] by
-
- 10 edits in trunk/Source
Reduce startup and shutdown cost of resource load statistics
https://bugs.webkit.org/show_bug.cgi?id=155120
<rdar://problem/25010167>
Reviewed by Andy Estes.
Source/WebCore:
Move all file-related code out of WebCore.
- loader/ResourceLoadStatisticsStore.cpp:
(WebCore::ResourceLoadStatisticsStore::create): Deleted path overload.
(WebCore::ResourceLoadStatisticsStore::createEncoderFromData): Added.
(WebCore::ResourceLoadStatisticsStore::readDataFromDecoder): Added.
(WebCore::ResourceLoadStatisticsStore::ResourceLoadStatisticsStore): Deleted.
(WebCore::ResourceLoadStatisticsStore::writeDataToDisk): Deleted.
(WebCore::ResourceLoadStatisticsStore::setStatisticsStorageDirectory): Deleted.
(WebCore::ResourceLoadStatisticsStore::persistentStoragePath): Deleted.
(WebCore::ResourceLoadStatisticsStore::readDataFromDiskIfNeeded): Deleted.
(WebCore::ResourceLoadStatisticsStore::createDecoderFromDisk): Deleted.
(WebCore::ResourceLoadStatisticsStore::writeEncoderToDisk): Deleted.
- loader/ResourceLoadStatisticsStore.h:
(WebCore::ResourceLoadStatisticsStore::clear): Added.
Source/WebKit/mac:
Remove the Resource Load Statistics stuff from WK1, now that it is up and
running in WK2.
- WebView/WebView.mm:
(-[WebView _preferencesChanged:]): Remove call to read resource load
statistics from disk.
(+[WebView _applicationWillTerminate]): Remove call to write resource load
statistics to disk.
Source/WebKit2:
Use a dedicated WorkQueue to process resource load statistics data. Allow
processing to load (and save) previously stored statistics asynchronously so
that it does not delay startup.
Now that we have a more rational storage situation, get rid of the 'writeToDisk'
method since it is no longer needed in the WK2 layer.
Move all of the Resource Load Statistics file handling code from WebCore to this
API layer.
- UIProcess/WebResourceLoadStatisticsStore.cpp:
(WebKit::WebResourceLoadStatisticsStore::WebResourceLoadStatisticsStore): Initialize
member variable with storage path, rather than passing to WebCore code.
(WebKit::WebResourceLoadStatisticsStore::resourceLoadStatisticsUpdated): Revised to
use the new WorkQueue code.
(WebKit::WebResourceLoadStatisticsStore::setResourceLoadStatisticsEnabled): When
activating the feature, purge any old statistics before loading from disk.
(WebKit::WebResourceLoadStatisticsStore::readDataFromDiskIfNeeded): Added.
(WebKit::WebResourceLoadStatisticsStore::processWillOpenConnection): Added.
(WebKit::WebResourceLoadStatisticsStore::processDidCloseConnection): Added.
(WebKit::WebResourceLoadStatisticsStore::applicationWillTerminate): Make sure all
of the WorkQueue tasks are done before terminating.
(WebKit::WebResourceLoadStatisticsStore::persistentStoragePath): Moved from WebCore.
(WebKit::WebResourceLoadStatisticsStore::writeEncoderToDisk): Ditto.
(WebKit::WebResourceLoadStatisticsStore::createDecoderFromDisk): Ditto.
(WebKit::WebResourceLoadStatisticsStore::writeToDisk): Deleted.
- UIProcess/WebResourceLoadStatisticsStore.h:
(WebKit::WebResourceLoadStatisticsStore::coreStore):
- UIProcess/WebsiteData/WebsiteDataStore.cpp:
(WebKit::WebsiteDataStore::webProcessWillOpenConnection): Call new WebResourceLoadStatisticsStore code.
(WebKit::WebsiteDataStore::webProcessDidCloseConnection): Ditto.
- 6:40 PM Changeset in webkit [197720] by
-
- 6 edits2 adds in trunk
Fix cookies with private browsing and NetworkSession
https://bugs.webkit.org/show_bug.cgi?id=155147
rdar://problem/25018279
Reviewed by Brady Eidson.
Source/WebKit2:
In the NetworkSession constructor, we look for a NetworkStorageSession in the SessionTracker
and use that NetworkStorageSession's CFHTTPCookieStorageRef in the NSURLSessionConfiguration.
NetworkStorageSessions were being set in SessionTracker's storageSessionMap after NetworkSessions
were created, causing the NSHTTPCookieStorage of the NSURLSession to be different from the
CFHTTPCookieStorageRef used by document.cookie in newly created private browsing sessions.
This fixes that problem by passing the NetworkStorageSession as a constructor parameter to the
NetworkSession so it can use the correct CFHTTPCookieStorageRef in its NSURLSessionConfiguration
before it is in the storageSessionMap.
- NetworkProcess/NetworkSession.h:
(WebKit::NetworkSession::sessionID):
- NetworkProcess/cocoa/NetworkSessionCocoa.mm:
(WebKit::NetworkSession::defaultSession):
(WebKit::NetworkSession::NetworkSession):
- NetworkProcess/mac/RemoteNetworkingContext.mm:
(WebKit::RemoteNetworkingContext::ensurePrivateBrowsingSession):
- WebProcess/WebCoreSupport/mac/WebFrameNetworkingContext.mm:
(WebKit::WebFrameNetworkingContext::ensurePrivateBrowsingSession):
LayoutTests:
- http/tests/cookies/private-cookie-storage-expected.txt: Added.
- http/tests/cookies/private-cookie-storage.html: Added.
- 5:51 PM Changeset in webkit [197719] by
-
- 3 edits in trunk/Tools
Update perf bot configuration for Animometer
https://bugs.webkit.org/show_bug.cgi?id=155134
Reviewed by Ryosuke Niwa.
- Scripts/webkitpy/benchmark_runner/data/patches/Animometer.patch: Refactor the patch
to work with the latest version of the harness.
- Scripts/webkitpy/benchmark_runner/data/plans/animometer.plan: Bump up the timeout,
and use the latest version of the harness.
- 5:27 PM WebKitGTK/2.12.x edited by
- (diff)
- 5:23 PM Changeset in webkit [197718] by
-
- 2 edits in trunk/LayoutTests
Marking media/track/track-cues-pause-on-exit.html as flaky on ElCapitan Debug WK2
https://bugs.webkit.org/show_bug.cgi?id=155151
Unreviewed test gardening.
- platform/mac-wk2/TestExpectations:
- 4:49 PM Changeset in webkit [197717] by
-
- 18 edits1 add in trunk/Source/JavaScriptCore
Web Inspector: the protocol generator should generate factory method stubs for protocol types
https://bugs.webkit.org/show_bug.cgi?id=155103
<rdar://problem/25002772>
Reviewed by Timothy Hatcher.
Generate stubs with unique names so that parsing methods can be used
reflectively at runtime, based on the protocol version that's loaded.
- JavaScriptCore.xcodeproj/project.pbxproj:
- inspector/scripts/codegen/init.py:
- inspector/scripts/codegen/generate_objc_protocol_type_conversions_header.py:
Added. For each type in a domain, add a method of the form
-[ProtocolTypeConversions _parseXXX:fromPayload]. This is in a category
method, and the selector is only ever looked up at runtime.
(ObjCProtocolTypeConversionsHeaderGenerator.generate_output):
- inspector/scripts/generate-inspector-protocol-bindings.py:
(generate_from_specification):
Rebaseline test results with new generator output.
- inspector/scripts/tests/expected/commands-with-async-attribute.json-result:
- inspector/scripts/tests/expected/commands-with-optional-call-return-parameters.json-result:
- inspector/scripts/tests/expected/domains-with-varying-command-sizes.json-result:
- inspector/scripts/tests/expected/enum-values.json-result:
- inspector/scripts/tests/expected/events-with-optional-parameters.json-result:
- inspector/scripts/tests/expected/generate-domains-with-feature-guards.json-result:
- inspector/scripts/tests/expected/same-type-id-different-domain.json-result:
- inspector/scripts/tests/expected/shadowed-optional-type-setters.json-result:
- inspector/scripts/tests/expected/type-declaration-aliased-primitive-type.json-result:
- inspector/scripts/tests/expected/type-declaration-array-type.json-result:
- inspector/scripts/tests/expected/type-declaration-enum-type.json-result:
- inspector/scripts/tests/expected/type-declaration-object-type.json-result:
- inspector/scripts/tests/expected/type-requiring-runtime-casts.json-result:
- 4:45 PM Changeset in webkit [197716] by
-
- 11 edits in trunk/Source/WebCore
Crash in WebCore::RenderElement::containingBlockForObjectInFlow
https://bugs.webkit.org/show_bug.cgi?id=155109
Reviewed by Simon Fraser.
It's unsafe to call containingBlock() on RenderView.
Unable to reproduce.
- rendering/RenderBlock.cpp:
(WebCore::RenderBlock::styleWillChange):
(WebCore::RenderBlock::isSelfCollapsingBlock):
(WebCore::RenderBlock::selectionGaps):
- rendering/RenderBox.cpp:
(WebCore::RenderBox::borderBoxRectInRegion):
(WebCore::RenderBox::computePercentageLogicalHeight):
(WebCore::RenderBox::computeReplacedLogicalHeightUsing):
(WebCore::logicalWidthIsResolvable):
(WebCore::RenderBox::percentageLogicalHeightIsResolvableFromBlock):
- rendering/RenderBoxModelObject.cpp:
(WebCore::RenderBoxModelObject::hasAutoHeightOrContainingBlockWithAutoHeight):
- rendering/RenderFlowThread.cpp:
(WebCore::RenderFlowThread::adjustedPositionRelativeToOffsetParent):
(WebCore::RenderFlowThread::offsetFromLogicalTopOfFirstRegion):
- rendering/RenderLayer.cpp:
(WebCore::RenderLayer::hasCompositedLayerInEnclosingPaginationChain):
(WebCore::RenderLayer::updatePagination):
(WebCore::inContainingBlockChain):
- rendering/RenderMultiColumnFlowThread.cpp:
(WebCore::isValidColumnSpanner):
- rendering/RenderNamedFlowThread.cpp:
(WebCore::RenderNamedFlowThread::decorationsClipRectForBoxInNamedFlowFragment):
- rendering/RenderObject.cpp:
(WebCore::hasFixedPosInNamedFlowContainingBlock):
- rendering/RenderReplaced.cpp:
(WebCore::firstContainingBlockWithLogicalWidth):
- rendering/RenderView.cpp:
(WebCore::RenderView::subtreeSelectionBounds):
(WebCore::RenderView::repaintSubtreeSelection):
(WebCore::RenderView::clearSubtreeSelection):
(WebCore::RenderView::applySubtreeSelection):
- 4:34 PM Changeset in webkit [197715] by
-
- 9 edits in trunk/Source/JavaScriptCore
RegExp.prototype.exec() should call into Yarr at most once
https://bugs.webkit.org/show_bug.cgi?id=155139
Reviewed by Saam Barati.
For apparently no good reason, RegExp.prototype.match() was calling into Yarr twice, almost
as if it was hoping that the non-matching case was so common that it was best to have the
matching case do the work all over again.
This is a 4% speed-up on Octane/regexp. It's also a matter of common sense: we should not be
in the business of presuming whether someone's match will succeed or fail. The increased
cost of running Yarr twice is so much larger than whatever savings we were getting from
running a match-only regexp that this is just not a good overall deal for the engine.
Also, it's interesting that we are seeing a 4% speed-up on regexp despite the fact that a
majority (almost a supermajority, I think) of calls into RegExp.prototype.match() are failed
matches. So, this change is a 4% speed-up despite being a slow down on the common case. That
tells you just how bad the old behavior was on the uncommon case.
- runtime/MatchResult.h:
(MatchResult::MatchResult):
(MatchResult::failed):
(MatchResult::operator bool):
- runtime/RegExpCachedResult.cpp:
(JSC::RegExpCachedResult::lastResult):
- runtime/RegExpConstructor.h:
(JSC::RegExpConstructor::setMultiline):
(JSC::RegExpConstructor::multiline):
(JSC::RegExpConstructor::performMatch):
(JSC::RegExpConstructor::recordMatch):
- runtime/RegExpMatchesArray.cpp:
(JSC::createRegExpMatchesArray):
(JSC::createEmptyRegExpMatchesArray):
(JSC::createStructureImpl):
- runtime/RegExpMatchesArray.h:
(JSC::createRegExpMatchesArray):
- runtime/RegExpObject.cpp:
(JSC::RegExpObject::put):
(JSC::getLastIndexAsUnsigned):
(JSC::RegExpObject::exec):
(JSC::RegExpObject::match):
- runtime/RegExpObject.h:
(JSC::RegExpObject::getLastIndex):
(JSC::RegExpObject::test):
- runtime/StringPrototype.cpp:
(JSC::stringProtoFuncMatch):
- 4:14 PM Changeset in webkit [197714] by
-
- 2 edits in trunk/Source/WebKit2
Correct bug in resource load statistics debug flag for legacy clients
https://bugs.webkit.org/show_bug.cgi?id=155118
<rdar://problem/25020088>
Reviewed by Andy Estes.
Some clients launch WebKit2 using the "legacy" configuration for the website data store.
The Resource Load Statistics code was not added to this type of configuration, which
prevents various WebKit2 clients from using this code.
- UIProcess/WebProcessPool.cpp:
(WebKit::legacyWebsiteDataStoreConfiguration): Tell the legacy initializer where to
find the resource load statistics data.
- 4:04 PM Changeset in webkit [197713] by
-
- 4 edits in trunk/Tools
[GTK][jhbuild] OpenWebRTC build fails with GCC 6.0
https://bugs.webkit.org/show_bug.cgi?id=154839
Reviewed by Michael Catanzaro.
Add '-Wno-error' to jhbuildrc; remove it from the module sets for macos.
- gtk/jhbuild-webrtc.modules:
- gtk/jhbuild.modules:
- gtk/jhbuildrc:
- 3:45 PM Changeset in webkit [197712] by
-
- 22 edits2 adds in trunk/Source/JavaScriptCore
Heap Snapshot should include different Edge types and data (Property, Index, Variable)
https://bugs.webkit.org/show_bug.cgi?id=154937
Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-07
Reviewed by Geoffrey Garen.
- heap/SlotVisitor.cpp:
(JSC::SlotVisitor::appendHidden):
- heap/SlotVisitor.h:
- heap/SlotVisitorInlines.h:
(JSC::SlotVisitor::appendHidden):
(JSC::SlotVisitor::appendValuesHidden):
Add new visit methods to visit a reference without snapshotting the edge.
- heap/Heap.cpp:
(JSC::AddExtraHeapSnapshotEdges::AddExtraHeapSnapshotEdges):
(JSC::AddExtraHeapSnapshotEdges::operator()):
(JSC::Heap::addHeapSnapshotEdges):
(JSC::Heap::removeDeadHeapSnapshotNodes):
(JSC::Heap::collectImpl):
- heap/Heap.h:
After marking, visit the live cells for a chance to record extra
heap snapshotting information about the cell.
- heap/HeapSnapshotBuilder.cpp:
(JSC::HeapSnapshotBuilder::appendNode):
(JSC::HeapSnapshotBuilder::appendEdge):
(JSC::HeapSnapshotBuilder::appendPropertyNameEdge):
(JSC::HeapSnapshotBuilder::appendVariableNameEdge):
(JSC::HeapSnapshotBuilder::appendIndexEdge):
(JSC::HeapSnapshotBuilder::json):
- heap/HeapSnapshotBuilder.h:
(JSC::HeapSnapshotEdge::HeapSnapshotEdge):
Construct edges with extra data.
- runtime/ClassInfo.h:
- runtime/JSCell.cpp:
(JSC::JSCell::heapSnapshot):
- runtime/JSCell.h:
Add a new method to provide cells with an opportunity to provide
extra heap snapshotting information.
- runtime/JSObject.cpp:
(JSC::JSObject::visitButterfly):
(JSC::JSObject::visitChildren):
(JSC::JSObject::heapSnapshot):
(JSC::JSFinalObject::visitChildren):
- runtime/JSObject.h:
Capture object property names and index names when heap snapshotting.
Do not include them as internal edges in normal visitChildren.
- runtime/JSEnvironmentRecord.cpp:
(JSC::JSEnvironmentRecord::visitChildren):
(JSC::JSEnvironmentRecord::heapSnapshot):
- runtime/JSEnvironmentRecord.h:
- runtime/JSSegmentedVariableObject.cpp:
(JSC::JSSegmentedVariableObject::visitChildren):
(JSC::JSSegmentedVariableObject::heapSnapshot):
- runtime/JSSegmentedVariableObject.h:
Capture scope variable names when heap snapshotting.
- runtime/Structure.cpp:
(JSC::Structure::visitChildren):
- runtime/Structure.h:
- runtime/StructureInlines.h:
(JSC::Structure::propertyTable):
When performing a heap snapshotting collection, don't clear the
property table so that accessing the table during this GC is okay.
- tests/heapProfiler/driver/driver.js:
- tests/heapProfiler/property-edge-types.js: Added.
- tests/heapProfiler/variable-edge-types.js: Added.
Tests covering the different edge types and data we capture.
- 3:27 PM Changeset in webkit [197711] by
-
- 4 edits1 add in trunk/Source/JavaScriptCore
[ES6] Implement Proxy.GetPrototypeOf?
https://bugs.webkit.org/show_bug.cgi?id=155099
Reviewed by Mark Lam.
This patch is a straight forward implementation of Proxy.GetPrototypeOf?
with respect to section 9.5.1 of the ECMAScript spec.
https://tc39.github.io/ecma262/#sec-proxy-object-internal-methods-and-internal-slots-getprototypeof
- runtime/ProxyObject.cpp:
(JSC::performProxyGet):
(JSC::ProxyObject::setPrototype):
(JSC::ProxyObject::performGetPrototype):
(JSC::ProxyObject::getPrototype):
(JSC::ProxyObject::visitChildren):
- runtime/ProxyObject.h:
- tests/es6.yaml:
- tests/stress/proxy-get-prototype-of.js: Added.
(assert):
(throw.new.Error.let.handler.get getPrototypeOf):
(throw.new.Error.get let):
(throw.new.Error.get catch):
(throw.new.Error):
(assert.let.handler.getPrototypeOf):
(assert.get let):
(assert.get catch):
(assert.):
(let.handler.getPrototypeOf):
(get let):
(let.handler.has):
- 3:24 PM Changeset in webkit [197710] by
-
- 2 edits in trunk/LayoutTests
Marking imported/w3c/indexeddb/idbcursor-advance-continue-async.htm as flaky on Yosemite Release WK2
https://bugs.webkit.org/show_bug.cgi?id=154606
Unreviewed test gardening.
- platform/mac-wk2/TestExpectations:
- 3:16 PM Changeset in webkit [197709] by
-
- 2 edits in trunk/LayoutTests
Marking js/promises-tests/promises-tests-2-3-3.html as flaky on mac
https://bugs.webkit.org/show_bug.cgi?id=155140
Unreviewed test gardening.
- platform/mac/TestExpectations:
- 2:58 PM Changeset in webkit [197708] by
-
- 2 edits in trunk/LayoutTests
Marking inspector/console/addInspectedNode.html as flaky on Yosemite WK2
https://bugs.webkit.org/show_bug.cgi?id=155138
Unreviewed test gardening.
- platform/mac-wk2/TestExpectations:
- 2:24 PM Changeset in webkit [197707] by
-
- 2 edits in trunk/LayoutTests
Skipping css3/filters/huge-region-composited.html on ios-simulator in an
attempt to eliminate a flaky crash.
https://bugs.webkit.org/show_bug.cgi?id=153933
Unreviewed test gardening.
- platform/ios-simulator/TestExpectations:
- 2:17 PM Changeset in webkit [197706] by
-
- 10 edits in trunk/Source
Cleanup: Add convenience function URL::procotolIsBlob()
https://bugs.webkit.org/show_bug.cgi?id=155127
<rdar://problem/25016829>
Reviewed by Brent Fulgham.
Source/WebCore:
Similar to the class member function URL::protocolIsData(), add a class member function to
class URL to determine if a URL is a blob URL.
No functionality was changed. So, no new tests.
- page/SecurityOrigin.cpp:
(WebCore::SecurityOrigin::shouldUseInnerURL): Modified to use URL::protocolIsBlob().
(WebCore::getCachedOrigin): Ditto.
- platform/URL.h:
(WebCore::URL::protocolIsBlob): Added.
- platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
(webKitWebSrcStart): Modified to use URL::protocolIsBlob().
(urlHasSupportedProtocol): Ditto.
- workers/Worker.cpp:
(WebCore::Worker::didReceiveResponse): Ditto.
- xml/XMLHttpRequest.cpp:
(WebCore::XMLHttpRequest::createRequest): Ditto.
Source/WebKit2:
- NetworkProcess/NetworkLoad.cpp:
(WebKit::NetworkLoad::NetworkLoad): Modified to use URL::protocolIsBlob().
- NetworkProcess/NetworkResourceLoader.cpp:
(WebKit::NetworkResourceLoader::NetworkResourceLoader): Ditto.
- WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::canHandleRequest): Ditto.
- 1:53 PM Changeset in webkit [197705] by
-
- 2 edits in trunk/LayoutTests
Skip unsupported plugin tests from r197697 on ios-simulator
Unreviewed test gardening.
- platform/ios-simulator/TestExpectations:
- 1:40 PM Changeset in webkit [197704] by
-
- 3 edits in trunk/Tools
webkitpy should verify timestamp from CrashLogs while collecting all crash logs
https://bugs.webkit.org/show_bug.cgi?id=155000
<rdar://problem/24860219>
Reviewed by Alexey Proskuryakov.
- Scripts/webkitpy/common/system/crashlogs.py:
(CrashLogs._find_all_logs_darwin): Make sure that crash log timestamp is within expected
time range, because file modification time is not always accurate.
(CrashLogs.get_timestamp_from_logs): Parse the timestamp from logs.
- Scripts/webkitpy/common/system/crashlogs_unittest.py:
(CrashLogsTest.test_get_timestamp_from_logs_darwin): Testcase for above function.
- 1:39 PM Changeset in webkit [197703] by
-
- 2 edits in trunk/LayoutTests
Skip storage/indexeddb/intversion-open-in-upgradeneeded.html on mac-wk2
https://bugs.webkit.org/show_bug.cgi?id=155050
Unreviewed test gardening.
- platform/mac-wk2/TestExpectations:
- 1:25 PM Changeset in webkit [197702] by
-
- 13 edits5 copies6 adds in trunk
WebRTC: Implement MediaEndpointPeerConnection::createOffer()
https://bugs.webkit.org/show_bug.cgi?id=154867
Reviewed by Eric Carlson and Jer Noble.
Source/WebCore:
- MediaEndpointPeerConnection: Initial implementation of createOffer()
added. createOffer() is split up into a synchronous part, and a
scheduled task. The task will be deferred until information, requiring
some amount of work, such as the DTLS fingerprint is available. Other
async API functions will also follow this pattern.
- SDPProcessor (added): The SDPProcessors parses SDP to a
MediaEndpointSessionConfiguration object and generates SDP in the
reverse direction. Any SDP string handling is confined to the
SDPProcessor and all configuration of the media session is done via the
MediaEndpointSessionConfiguration object.
The SDP parser and generator logic is implemented in JavaScript and
works with JSON (SDP->JSON, JSON->SDP). The SDPProcessor runs JS in an
isolated scope and converts JSON to a MediaEndpointSessionConfiguration
object and the reverse. Using JSON signaling (nonstandard) can be
helpful during debugging.
- MockMediaEndpoint (added): Mock MediaEndpoint implementation with
support for generating offers. DTLS information, such as fingerprint,
is hard coded to facilitate testing with expected values.
Test: fast/mediastream/RTCPeerConnection-inspect-offer.html
The test is currently skipped on the mac port until support to read the
SDPProcessor JavaScript resource is added.
- CMakeLists.txt:
- Modules/mediastream/MediaEndpointPeerConnection.cpp:
(WebCore::WrappedSessionDescriptionPromise::create):
(WebCore::WrappedSessionDescriptionPromise::promise):
(WebCore::WrappedSessionDescriptionPromise::WrappedSessionDescriptionPromise):
(WebCore::randomString):
(WebCore::MediaEndpointPeerConnection::MediaEndpointPeerConnection):
(WebCore::MediaEndpointPeerConnection::runTask):
(WebCore::MediaEndpointPeerConnection::startRunningTasks):
(WebCore::MediaEndpointPeerConnection::createOffer):
(WebCore::MediaEndpointPeerConnection::createOfferTask):
(WebCore::MediaEndpointPeerConnection::gotDtlsFingerprint):
- Modules/mediastream/MediaEndpointPeerConnection.h:
- Modules/mediastream/SDPProcessor.cpp: Added.
(WebCore::SDPProcessor::SDPProcessor):
(WebCore::createCandidateObject):
(WebCore::createCandidate):
(WebCore::configurationFromJSON):
(WebCore::iceCandidateFromJSON):
(WebCore::configurationToJSON):
(WebCore::iceCandidateToJSON):
(WebCore::SDPProcessor::generate):
(WebCore::SDPProcessor::parse):
(WebCore::SDPProcessor::generateCandidateLine):
(WebCore::SDPProcessor::parseCandidateLine):
(WebCore::SDPProcessor::callScript):
- Modules/mediastream/SDPProcessor.h: Added.
- Modules/mediastream/sdp.js: Added.
(match):
(addDefaults):
(fillTemplate):
(SDP.parse):
(SDP.generate):
(SDP.generateCandidateLine):
(hasAllProperties):
(SDP.verifyObject):
(generate):
(parse):
(generateCandidateLine):
(parseCandidateLine):
- PlatformGTK.cmake:
- WebCore.xcodeproj/project.pbxproj:
- platform/mediastream/MediaEndpoint.cpp:
(WebCore::createMediaEndpoint):
- platform/mediastream/MediaEndpoint.h:
- platform/mediastream/PeerMediaDescription.h:
- platform/mediastream/SDPProcessorScriptResource.cpp: Added.
(WebCore::SDPProcessorScriptResource::scriptString):
- platform/mediastream/SDPProcessorScriptResource.h: Added.
- platform/mediastream/gtk/SDPProcessorScriptResourceGtk.cpp: Added.
(WebCore::SDPProcessorScriptResource::scriptString):
- platform/mock/MockMediaEndpoint.cpp: Added.
(WebCore::MockMediaEndpoint::create):
(WebCore::MockMediaEndpoint::MockMediaEndpoint):
(WebCore::MockMediaEndpoint::~MockMediaEndpoint):
(WebCore::MockMediaEndpoint::setConfiguration):
(WebCore::MockMediaEndpoint::generateDtlsInfo):
(WebCore::MockMediaEndpoint::getDefaultAudioPayloads):
(WebCore::MockMediaEndpoint::getDefaultVideoPayloads):
(WebCore::MockMediaEndpoint::updateReceiveConfiguration):
(WebCore::MockMediaEndpoint::updateSendConfiguration):
(WebCore::MockMediaEndpoint::addRemoteCandidate):
(WebCore::MockMediaEndpoint::replaceSendSource):
(WebCore::MockMediaEndpoint::stop):
- platform/mock/MockMediaEndpoint.h: Added.
- testing/Internals.cpp:
(WebCore::Internals::Internals):
(WebCore::Internals::enableMockMediaEndpoint):
- testing/Internals.h:
LayoutTests:
The output SDP from createOffer() is processed by verifying all variable
identifiers, such as session and user id, and replacing them with
predefined values to make the SDP comparable with an expected result.
The test is currently skipped on the mac port until support to read the
SDPProcessor JavaScript resource is added.
- fast/mediastream/RTCPeerConnection-inspect-offer-expected.txt: Added.
- fast/mediastream/RTCPeerConnection-inspect-offer.html: Added.
- platform/mac/TestExpectations:
- 1:22 PM Changeset in webkit [197701] by
-
- 21 edits1 move in trunk/Source/JavaScriptCore
Web Inspector: rename generated *EnumConversionHelpers.h to *TypeConversions.h
https://bugs.webkit.org/show_bug.cgi?id=155121
<rdar://problem/25010391>
Reviewed by Timothy Hatcher.
Split out this renaming from the work to generate factory method stubs for types.
- JavaScriptCore.xcodeproj/project.pbxproj:
- inspector/scripts/codegen/init.py:
- inspector/scripts/codegen/generate_objc_backend_dispatcher_implementation.py:
(ObjCConfigurationImplementationGenerator.generate_output):
- inspector/scripts/codegen/generate_objc_frontend_dispatcher_implementation.py:
(ObjCFrontendDispatcherImplementationGenerator.generate_output):
- inspector/scripts/codegen/generate_objc_protocol_type_conversions_header.py: Renamed from Source/JavaScriptCore/inspector/scripts/codegen/generate_objc_conversion_helpers.py.
- inspector/scripts/codegen/generate_objc_protocol_types_implementation.py:
(ObjCProtocolTypesImplementationGenerator.generate_output):
- inspector/scripts/codegen/objc_generator_templates.py:
- inspector/scripts/generate-inspector-protocol-bindings.py:
(generate_from_specification):
Rebaseline tests after changing generator order.
- inspector/scripts/tests/expected/commands-with-async-attribute.json-result:
- inspector/scripts/tests/expected/commands-with-optional-call-return-parameters.json-result:
- inspector/scripts/tests/expected/domains-with-varying-command-sizes.json-result:
- inspector/scripts/tests/expected/enum-values.json-result:
- inspector/scripts/tests/expected/events-with-optional-parameters.json-result:
- inspector/scripts/tests/expected/generate-domains-with-feature-guards.json-result:
- inspector/scripts/tests/expected/same-type-id-different-domain.json-result:
- inspector/scripts/tests/expected/shadowed-optional-type-setters.json-result:
- inspector/scripts/tests/expected/type-declaration-aliased-primitive-type.json-result:
- inspector/scripts/tests/expected/type-declaration-array-type.json-result:
- inspector/scripts/tests/expected/type-declaration-enum-type.json-result:
- inspector/scripts/tests/expected/type-declaration-object-type.json-result:
- inspector/scripts/tests/expected/type-requiring-runtime-casts.json-result:
- 1:08 PM Changeset in webkit [197700] by
-
- 2 edits in trunk/LayoutTests
Skip storage/indexeddb/modern/exceed-open-file-limit.html
https://bugs.webkit.org/show_bug.cgi?id=155091
Unreviewed test gardening.
- platform/wk2/TestExpectations:
- 12:33 PM Changeset in webkit [197699] by
-
- 2 edits in trunk/Source/WebKit2
Use CGColorSpaceCopyICCData instead of CGColorSpaceCopyICCProfile
https://bugs.webkit.org/show_bug.cgi?id=155123
rdar://problem/24990256
Reviewed by Tim Horton.
On newer OSes, use CGColorSpaceCopyICCData().
- Shared/mac/ColorSpaceData.mm:
(WebKit::ColorSpaceData::encode):
- 12:28 PM Changeset in webkit [197698] by
-
- 3 edits in trunk/Source/WebKit2
Last opened tab does not receive SetHiddenPageTimerThrottlingIncreaseLimit message
https://bugs.webkit.org/show_bug.cgi?id=155126
Reviewed by Chris Dumez.
WebPageProxy will increment the hidden page throttling counter from within its constructor,
which currently causes the WebProcessPool to try to synchronously message all processes.
The web page triggering the increment then fails to receive the message, since it was
still being constructed. Make the update of the limit async, such that the page is fully
constructed before the WebProcessPool processes the update.
- UIProcess/WebProcessPool.cpp:
(WebKit::m_hiddenPageThrottlingAutoIncreasesCounter):
- This now schedules a zero-delay timer to handle the update.
(WebKit::m_hiddenPageThrottlingTimer):
- This is now responsible for calling updateHiddenPageThrottlingAutoIncreaseLimit.
- UIProcess/WebProcessPool.h:
- Added m_hiddenPageThrottlingTimer.
- 12:21 PM Changeset in webkit [197697] by
-
- 13 edits8 adds1 delete in trunk
CSP: object-src directive should prohibit creation of nested browsing context
https://bugs.webkit.org/show_bug.cgi?id=153153
<rdar://problem/24383209>
Reviewed by Brent Fulgham.
Source/WebCore:
Enforce the Content Security Policy object-src directive when fetching a URL for content
that will cause an HTML object or HTML embed element to act as a nested browsing context
(i.e. behave as if the content was loaded in an HTML iframe element). This makes our
enforcement of the object-src directive match the behavior of the object-src directive
in the Content Security Policy 2.0 spec., <http://www.w3.org/TR/2015/CR-CSP2-20150721/>.
Tests: http/tests/security/contentSecurityPolicy/embed-src-url-blocked.html
http/tests/security/contentSecurityPolicy/embed-src-url-blocked2.html
http/tests/security/contentSecurityPolicy/object-src-param-src-blocked2.html
http/tests/security/contentSecurityPolicy/object-src-url-blocked2.html
- loader/SubframeLoader.cpp:
(WebCore::SubframeLoader::isPluginContentAllowedByContentSecurityPolicy): Extracted from SubframeLoader::pluginIsLoadable().
Checks if the plugin element is allowed by the Content Security Policy to load the URL and MIME type.
(WebCore::SubframeLoader::pluginIsLoadable): Extract out the logic for determining if
the plugin content is allowed to load by the Content Security Policy into SubframeLoader::isPluginContentAllowedByContentSecurityPolicy()
and make use of this function.
(WebCore::SubframeLoader::requestObject): Modified to call SubframeLoader::isPluginContentAllowedByContentSecurityPolicy()
before loading plugin content into a sub frame. If the plugin content is not allowed to load then we
mark the plugin as unavailable with the reason being that it was blocked by the Content Security Policy.
- loader/SubframeLoader.h:
LayoutTests:
Add test to ensure that we enforce the Content Security Policy object-src directive
for HTML object and HTML embed elements that behave like an HTML iframe element.
- TestExpectations: Remove entries for tests that pass.
- http/tests/security/contentSecurityPolicy/embed-src-url-blocked-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/embed-src-url-blocked.html: Added.
- http/tests/security/contentSecurityPolicy/embed-src-url-blocked2-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/embed-src-url-blocked2.html: Added.
- http/tests/security/contentSecurityPolicy/object-src-param-code-blocked-expected.txt:
- http/tests/security/contentSecurityPolicy/object-src-param-movie-blocked-expected.txt:
- http/tests/security/contentSecurityPolicy/object-src-param-movie-blocked.html:
- http/tests/security/contentSecurityPolicy/object-src-param-src-blocked-expected.txt:
- http/tests/security/contentSecurityPolicy/object-src-param-src-blocked.html:
- http/tests/security/contentSecurityPolicy/object-src-param-src-blocked2-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/object-src-param-src-blocked2.html: Added.
- http/tests/security/contentSecurityPolicy/object-src-param-url-blocked-expected.txt:
- http/tests/security/contentSecurityPolicy/object-src-param-url-blocked.html:
Simplify the code used in the above tests and update incorrect expected results.
- http/tests/security/contentSecurityPolicy/object-src-url-blocked2-expected.txt: Added.
- http/tests/security/contentSecurityPolicy/object-src-url-blocked2.html: Added.
- http/tests/security/contentSecurityPolicy/resources/object-src-param.js: Removed.
- 11:39 AM Changeset in webkit [197696] by
-
- 2 edits in trunk/LayoutTests
Marking js/arraybuffer-wrappers.html as a flaky timeout on Mac
https://bugs.webkit.org/show_bug.cgi?id=155092
Unreviewed test gardening.
- platform/mac/TestExpectations:
- 10:57 AM Changeset in webkit [197695] by
-
- 2 edits in trunk/Source/JavaScriptCore
[JSC] Improve and64() and or64() with immediate on x86
https://bugs.webkit.org/show_bug.cgi?id=155104
Reviewed by Geoffrey Garen.
GetButterflyReadOnly was doing:
movq 0x8(%rbx), %r9
movq $0xfffffffffffffffc, %r11
andq %r11, %r9
There is no need for the move to load the immediate,
andq sign extend its immediate.
With this patch, we have:
- assembler/MacroAssemblerX86_64.h:
(JSC::MacroAssemblerX86_64::and64):
(JSC::MacroAssemblerX86_64::or64):
- 10:52 AM Changeset in webkit [197694] by
-
- 5 edits in tags/Safari-602.1.21.0.3/Source
Versioning.
- 10:51 AM Changeset in webkit [197693] by
-
- 2 edits in trunk/Source/WebKit/win
[WinCairo][AcceleratedCompositing] Rendering issues on www.bbc.com.
https://bugs.webkit.org/show_bug.cgi?id=154912
Reviewed by Michael Catanzaro.
If we have a scroll layer, we should not include the scroll position in the visible rectangle,
since the scroll position is already reflected in the position of the scroll layer.
- WebCoreSupport/AcceleratedCompositingContext.cpp:
(AcceleratedCompositingContext::flushPendingLayerChanges):
- 10:50 AM Changeset in webkit [197692] by
-
- 1 copy in tags/Safari-602.1.21.0.3
New tag.
- 10:44 AM Changeset in webkit [197691] by
-
- 2 edits in trunk/LayoutTests
Rebaseline inspector/model/remote-object.html for mac after r197626
https://bugs.webkit.org/show_bug.cgi?id=155115
Unreviewed test gardening.
- platform/mac/inspector/model/remote-object-expected.txt:
- 10:41 AM Changeset in webkit [197690] by
-
- 18 edits in trunk/Source
Convert DOMTimer to std::chrono::milliseconds
https://bugs.webkit.org/show_bug.cgi?id=155085
Reviewed by Andreas Kling.
DOMTimer currently uses a mix of millisecond (was int, now std::chrono) and second (as double)
time values. Constant conversion back and forth is a complete mess. Stop that.
Source/WebCore:
- dom/Document.cpp:
(WebCore::Document::minimumTimerInterval):
(WebCore::Document::timerAlignmentInterval):
- dom/Document.h:
- double -> std::chrono::milliseconds
- dom/ScriptExecutionContext.cpp:
(WebCore::ScriptExecutionContext::adjustMinimumTimerInterval):
(WebCore::ScriptExecutionContext::minimumTimerInterval):
(WebCore::ScriptExecutionContext::timerAlignmentInterval):
- dom/ScriptExecutionContext.h:
- double -> std::chrono::milliseconds
- page/DOMTimer.cpp:
(WebCore::DOMTimer::updateTimerIntervalIfNecessary):
(WebCore::DOMTimer::intervalClampedToMinimum):
(WebCore::DOMTimer::alignedFireTime):
- page/DOMTimer.h:
- double -> std::chrono::milliseconds
- page/Page.cpp:
(WebCore::Page::setTimerThrottlingState):
(WebCore::Page::setTimerAlignmentIntervalIncreaseLimit):
(WebCore::Page::updateDOMTimerAlignmentInterval):
- page/Page.h:
- double -> std::chrono::milliseconds
- page/Settings.cpp:
(WebCore::Settings::setNeedsAdobeFrameReloadingQuirk):
(WebCore::Settings::setMinimumDOMTimerInterval):
- page/Settings.h:
- double -> std::chrono::milliseconds
- page/SuspendableTimer.h:
(WebCore::SuspendableTimer::startRepeating):
(WebCore::SuspendableTimer::startOneShot):
(WebCore::SuspendableTimer::repeatIntervalMS):
(WebCore::SuspendableTimer::augmentFireInterval):
(WebCore::SuspendableTimer::augmentRepeatInterval):
- added std::chrono::milliseconds interface.
- platform/Timer.cpp:
(WebCore::TimerBase::setNextFireTime):
- restructured for new alignedFireTime signatured, moved zero-delay handling to here. This change made because inside alignedFireTime fireTime will have already been truncated.
- platform/Timer.h:
(WebCore::TimerBase::msToSeconds):
(WebCore::TimerBase::secondsToMS):
- internal helper functions to bridge std::chrono::milliseconds to internal double.
(WebCore::TimerBase::startRepeating):
(WebCore::TimerBase::startOneShot):
(WebCore::TimerBase::repeatIntervalMS):
(WebCore::TimerBase::augmentFireInterval):
(WebCore::TimerBase::augmentRepeatInterval):
- expanded std::chrono::milliseconds interface.
(WebCore::TimerBase::alignedFireTime):
- changed to std::chrono::milliseconds, made return value Optional (null means no alignment).
- testing/InternalSettings.cpp:
(WebCore::InternalSettings::setMinimumTimerInterval):
- testing/InternalSettings.h:
- double -> std::chrono::milliseconds
Source/WebKit/win:
- WebView.cpp:
(WebView::setMinimumTimerInterval):
- Convert double argument into std::chrono::milliseconds.
- 10:41 AM Changeset in webkit [197689] by
-
- 11 edits in trunk/Source/JavaScriptCore
Web Inspector: It should be possible to initialize generated ObjC protocol types from an NSDictionary payload
https://bugs.webkit.org/show_bug.cgi?id=155102
<rdar://problem/25002015>
Reviewed by Timothy Hatcher.
In Objective-C code, we sometimes prefer to parse JSON using Cocoa rather
than the InspectorValue classes. Support initializing protocol objects
directly from an NSDictionary payload. This delegates validation of values to
the setter methods that already exist on the protocol object classes.
- inspector/scripts/codegen/generate_objc_header.py:
(ObjCHeaderGenerator._generate_type_interface):
- inspector/scripts/codegen/generate_objc_protocol_types_implementation.py:
(ObjCProtocolTypesImplementationGenerator.generate_type_implementation):
(ObjCProtocolTypesImplementationGenerator._generate_init_method_for_payload):
- inspector/scripts/codegen/objc_generator.py:
(ObjCGenerator.payload_to_objc_expression_for_member):
Add a new helper method to generate an expression to unpack the value
from an NSDictionary. If it's not a primitive, the setter performs
validation of the value's kind using -[NSObject isKindOfClass:].
Rebaseline relevant tests.
- inspector/scripts/tests/expected/commands-with-async-attribute.json-result:
- inspector/scripts/tests/expected/commands-with-optional-call-return-parameters.json-result:
- inspector/scripts/tests/expected/events-with-optional-parameters.json-result:
- inspector/scripts/tests/expected/generate-domains-with-feature-guards.json-result:
- inspector/scripts/tests/expected/shadowed-optional-type-setters.json-result:
- inspector/scripts/tests/expected/type-declaration-object-type.json-result:
- inspector/scripts/tests/expected/type-requiring-runtime-casts.json-result:
- 10:30 AM Changeset in webkit [197688] by
-
- 5 edits1 add in trunk/Source/JavaScriptCore
[JSC] Simplify the overflow check of ArithAbs
https://bugs.webkit.org/show_bug.cgi?id=155063
Reviewed by Geoffrey Garen.
The only integer that overflow abs(int32) is INT_MIN.
For some reason, our code testing for that case
was checking the top bit of the result specifically.
The code required a large immediate on x86 and an extra
register on ARM64.
This patch turns the overflow check into a branch on
the sign of the result.
- dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
- dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
- ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileArithAbs):
- jit/ThunkGenerators.cpp:
(JSC::absThunkGenerator):
- tests/stress/arith-abs-overflow.js: Added.
(opaqueAbs):
- 10:25 AM Changeset in webkit [197687] by
-
- 4 edits in trunk/Source/JavaScriptCore
[JSC] Improve how DFG zero Floating Point registers
https://bugs.webkit.org/show_bug.cgi?id=155096
Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-03-07
Reviewed by Geoffrey Garen.
DFG had a weird way of zeroing a FPR:
-zero a GP.
-move that to a FP.
Filip added moveZeroToDouble() for B3. This patch
uses that in the lower tiers.
- assembler/MacroAssemblerARMv7.h:
(JSC::MacroAssemblerARMv7::moveZeroToDouble):
- dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::fillSpeculateDouble):
- jit/ThunkGenerators.cpp:
(JSC::floorThunkGenerator):
(JSC::roundThunkGenerator):
- 10:24 AM Changeset in webkit [197686] by
-
- 3 edits in trunk/Source/JavaScriptCore
REGRESSION (r197303): Web Inspector crashes web process when inspecting an element on TOT
<https://webkit.org/b/154812>
Reviewed by Geoffrey Garen.
Guard against null pointer dereference for UnlinkedCodeBlocks that don't have any control flow
profiling data.
- bytecode/CodeBlock.cpp:
(JSC::CodeBlock::insertBasicBlockBoundariesForControlFlowProfiler):
- bytecode/UnlinkedCodeBlock.h:
(JSC::UnlinkedCodeBlock::hasOpProfileControlFlowBytecodeOffsets):
- 10:23 AM Changeset in webkit [197685] by
-
- 3 edits in trunk/Source/JavaScriptCore
[JSC] Remove a useless "Move" from baseline-JIT op_mul's fast path
https://bugs.webkit.org/show_bug.cgi?id=155071
Reviewed by Geoffrey Garen.
We do not need to multiply to a scratch and then move the result
to the destination. We can just multiply to the destination.
- jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_mul):
- jit/JITMulGenerator.cpp:
(JSC::JITMulGenerator::generateFastPath):
- 10:21 AM Changeset in webkit [197684] by
-
- 2 edits2 adds in trunk/Source/JavaScriptCore
[JSC] StringObject.{put, defineOwnProperty} should realize indexed properties
https://bugs.webkit.org/show_bug.cgi?id=155089
Reviewed by Geoffrey Garen.
Through implementing Reflect.set[1], we found StringObject does not obey the spec.
StringObject::put should call putByIndex if the given propertyName is index.
And StringObject::defineOwnProperty should recognize indexed properties since
JSObject::defineOwnIndexedProperty is specialized to JSObject layout.
Before calling JSObject::defineOwnProperty,
StringObject should handle its special indexed own properties.
It is responsibility of StringObject::defineOwnProperty.
And the logic is cleaned up by using validateAndApplyPropertyDescriptor.
[1]: https://bugs.webkit.org/show_bug.cgi?id=155024
- runtime/StringObject.cpp:
(JSC::StringObject::put):
(JSC::StringObject::putByIndex):
(JSC::isStringOwnProperty):
(JSC::StringObject::defineOwnProperty):
(JSC::StringObject::deleteProperty):
- tests/stress/string-object-define-own-property.js: Added.
(shouldBe):
(shouldThrow):
- tests/stress/string-object-put-by-index.js: Added.
(shouldBe):
(shouldThrow):
(testSloppy):
(testStrict):
- 9:50 AM Changeset in webkit [197683] by
-
- 5 edits in tags/Safari-602.1.21.0.2/Source
Versioning.
- 9:49 AM Changeset in webkit [197682] by
-
- 1 copy in tags/Safari-602.1.21.0.2
New tag.
- 9:30 AM Changeset in webkit [197681] by
-
- 2 edits2 adds in trunk/LayoutTests
[iOS Simulator] Three object-position tests failing after r197618
https://bugs.webkit.org/show_bug.cgi?id=155116
Mark two tests as image failures, and add new results for a compositing test.
- platform/ios-simulator/TestExpectations:
- platform/ios-simulator/compositing/video/video-object-position-expected.txt: Added.
- 7:22 AM Changeset in webkit [197680] by
-
- 2 edits in trunk/Source/WebCore
Make RenderStyle copy-on-write a bit less.
<https://webkit.org/b/155106>
Reviewed by Antti Koivisto.
Add a cheesy SET_NESTED_VAR macro complement to SET_VAR so we can avoid copy-on-write
detachment of nested RenderStyle substructures when the leaf value doesn't change.
I spotted about 300kB of these mistakes being made during PLT on iOS, most of them
in the transformX setter.
- rendering/style/RenderStyle.h:
- 4:12 AM Changeset in webkit [197679] by
-
- 28 edits3 adds in releases/WebKitGTK/webkit-2.12
Merge r197408 - Turn String.prototype.replace into an intrinsic
https://bugs.webkit.org/show_bug.cgi?id=154835
Reviewed by Michael Saboff.
Source/JavaScriptCore:
Octane/regexp spends a lot of time in String.prototype.replace(). That function does a lot
of checks to see if the parameters are what they are likely to often be (a string, a
regexp, and a string). The intuition of this patch is that it's good to remove those checks
and it's good to call the native function as directly as possible.
This yields a 10% speed-up on a replace microbenchmark and a 3% speed-up on Octane/regexp.
It also improves Octane/jquery.
This is only the beginning of what I want to do with replace optimizations. The other
optimizations will rely on StringReplace being revealed as a construct in DFG IR.
- JavaScriptCore.xcodeproj/project.pbxproj:
- bytecode/SpeculatedType.cpp:
(JSC::dumpSpeculation):
(JSC::speculationToAbbreviatedString):
(JSC::speculationFromClassInfo):
- bytecode/SpeculatedType.h:
(JSC::isStringOrStringObjectSpeculation):
(JSC::isRegExpObjectSpeculation):
(JSC::isBoolInt32Speculation):
- dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
- dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::handleIntrinsicCall):
- dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
- dfg/DFGDoesGC.cpp:
(JSC::DFG::doesGC):
- dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
- dfg/DFGNode.h:
(JSC::DFG::Node::shouldSpeculateStringOrStringObject):
(JSC::DFG::Node::shouldSpeculateRegExpObject):
(JSC::DFG::Node::shouldSpeculateSymbol):
- dfg/DFGNodeType.h:
- dfg/DFGPredictionPropagationPhase.cpp:
(JSC::DFG::PredictionPropagationPhase::propagate):
- dfg/DFGSafeToExecute.h:
(JSC::DFG::SafeToExecuteEdge::operator()):
(JSC::DFG::safeToExecute):
- dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::speculateFinalObject):
(JSC::DFG::SpeculativeJIT::speculateRegExpObject):
(JSC::DFG::SpeculativeJIT::speculateObjectOrOther):
(JSC::DFG::SpeculativeJIT::speculate):
- dfg/DFGSpeculativeJIT.h:
- dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
- dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
- dfg/DFGUseKind.cpp:
(WTF::printInternal):
- dfg/DFGUseKind.h:
(JSC::DFG::typeFilterFor):
(JSC::DFG::isCell):
- ftl/FTLCapabilities.cpp:
(JSC::FTL::canCompile):
- ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileNewRegexp):
(JSC::FTL::DFG::LowerDFGToB3::compileStringReplace):
(JSC::FTL::DFG::LowerDFGToB3::didOverflowStack):
(JSC::FTL::DFG::LowerDFGToB3::speculate):
(JSC::FTL::DFG::LowerDFGToB3::speculateFinalObject):
(JSC::FTL::DFG::LowerDFGToB3::speculateRegExpObject):
(JSC::FTL::DFG::LowerDFGToB3::speculateString):
- jit/JITOperations.h:
- runtime/Intrinsic.h:
- runtime/JSType.h:
- runtime/RegExpObject.h:
(JSC::RegExpObject::createStructure):
- runtime/StringPrototype.cpp:
(JSC::StringPrototype::finishCreation):
(JSC::removeUsingRegExpSearch):
(JSC::replaceUsingRegExpSearch):
(JSC::operationStringProtoFuncReplaceRegExpString):
(JSC::replaceUsingStringSearch):
(JSC::stringProtoFuncRepeat):
(JSC::replace):
(JSC::stringProtoFuncReplace):
(JSC::operationStringProtoFuncReplaceGeneric):
(JSC::stringProtoFuncToString):
- runtime/StringPrototype.h:
LayoutTests:
- js/regress/script-tests/string-replace.js: Added.
- js/regress/string-replace-expected.txt: Added.
- js/regress/string-replace.html: Added.
- 4:07 AM Changeset in webkit [197678] by
-
- 2 edits in trunk/Source/WebCore
[TextureMapper] [BitmapTexturePool] Use appropriate list size when freeing textures
https://bugs.webkit.org/show_bug.cgi?id=155105
Patch by Miguel Gomez <magomez@igalia.com> on 2016-03-07
Reviewed by Žan Doberšek.
Use appropriate list size when releasing the textures used as attachment.
This is a fix for the patch to https://bugs.webkit.org/show_bug.cgi?id=154965.
No new tests because no new functionality was added.
- platform/graphics/texmap/BitmapTexturePool.cpp:
(WebCore::BitmapTexturePool::releaseUnusedTexturesTimerFired):
- 3:36 AM Changeset in webkit [197677] by
-
- 4 edits in releases/WebKitGTK/webkit-2.12/Source/WebCore
Merge r197405 - Modern IDB: Possible crash deallocating IDBDatabaseInfo/IDBObjectStoreInfo/IDBIndexInfo.
https://bugs.webkit.org/show_bug.cgi?id=154860
Reviewed by Alex Christensen.
Covered by existing tests.
- Modules/indexeddb/shared/IDBDatabaseInfo.cpp:
(WebCore::IDBDatabaseInfo::IDBDatabaseInfo):
(WebCore::IDBDatabaseInfo::isolatedCopy):
- Modules/indexeddb/shared/IDBDatabaseInfo.h:
- Modules/indexeddb/shared/IDBTransactionInfo.cpp:
(WebCore::IDBTransactionInfo::isolatedCopy): If there's an IDBDatabaseInfo to copy, that
copy needs to be isolated.
- 3:34 AM Changeset in webkit [197676] by
-
- 2 edits in releases/WebKitGTK/webkit-2.12/Source/WebKit2
Merge r197402 - NetworkCache: Web process leaks resource buffer when using shareable reasources
https://bugs.webkit.org/show_bug.cgi?id=154852
Reviewed by Darin Adler.
ResourceLoader::didReceiveBuffer() expects a PassRefPtr, but we
are passing a raw pointer making PassRefPtr to take another
reference instead of transfering the ownership as expected.
- WebProcess/Network/WebResourceLoader.cpp:
(WebKit::WebResourceLoader::didReceiveResource):
- 3:31 AM Changeset in webkit [197675] by
-
- 2 edits in releases/WebKitGTK/webkit-2.12/Source/WebCore
Merge r197387 - TextureMapperGL: simplify TransformationMatrix copies in draw(), beginClip()
https://bugs.webkit.org/show_bug.cgi?id=154791
Reviewed by Carlos Garcia Campos.
In both functions, the passed-in model-view matrix is first copied, multiplied
against a rect-to-rect TransformationMatrix, and then assigned into a local
TransformationMatrix variable, which causes another copy due to the multiply()
function returning a reference to the modified object.
To avoid the last copy, first copy the model-view matrix into a local variable,
and multiply the rect-to-rect TransformationMatrix into the new object afterwards.
- platform/graphics/texmap/TextureMapperGL.cpp:
(WebCore::TextureMapperGL::draw):
(WebCore::TextureMapperGL::beginClip):
- 3:30 AM Changeset in webkit [197674] by
-
- 2 edits in releases/WebKitGTK/webkit-2.12/Source/WebCore
Merge r197386 - ImageBufferCairo should support OpenGL ES 2 configurations
https://bugs.webkit.org/show_bug.cgi?id=154790
Reviewed by Carlos Garcia Campos.
When building with OpenGL ES 2 and with accelerated 2D canvas support,
the GLES2 header should be included instead of the OpenGLShims.h header.
The glTexParameterf() calls targeting GL_TEXTURE_WRAP_S and
GL_TEXTURE_WRAP_T parameters should use the GL_CLAMP_TO_EDGE value.
GL_CLAMP isn't available in OpenGL ES 2 and was dropped in OpenGL 3.
- platform/graphics/cairo/ImageBufferCairo.cpp:
(WebCore::ImageBufferData::createCairoGLSurface):
- 3:30 AM Changeset in webkit [197673] by
-
- 2 edits in releases/WebKitGTK/webkit-2.12/Source/WebCore
Merge r197385 - TextureMapperGL: beginPainting() should handle the PaintingMirrored value in PaintFlags
https://bugs.webkit.org/show_bug.cgi?id=154789
Reviewed by Carlos Garcia Campos.
- platform/graphics/texmap/TextureMapperGL.cpp:
(WebCore::TextureMapperGL::beginPainting): The ClipStack should be reset with
a Y-axis mode that corresponds to the presence of the PaintingMirrored value in
the passed-in PaintFlags argument. If present, the default Y-axis mode should be
used, and the inverted Y-axis otherwise.
- 3:28 AM Changeset in webkit [197672] by
-
- 3 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore
Merge r197381 - regress/script-tests/double-pollution-putbyoffset.js.ftl-eager timed out because of a lock ordering deadlock involving InferredType and CodeBlock
https://bugs.webkit.org/show_bug.cgi?id=154841
Reviewed by Benjamin Poulain.
Here's the deadlock:
Main thread:
1) Change an InferredType. This acquires InferredType::m_lock.
2) Fire watchpoint set. This triggers CodeBlock invalidation, which acquires
CodeBlock::m_lock.
DFG thread:
1) Iterate over the information in a CodeBlock. This acquires CodeBlock::m_lock.
2) Ask an InferredType for its descriptor(). This acquires InferredType::m_lock.
I think that the DFG thread's ordering should be legal, because the best logic for lock
hierarchies is that locks that protect the largest set of stuff should be acquired first.
This means that the main thread shouldn't be holding the InferredType::m_lock when firing
watchpoint sets. That's what this patch ensures.
At the time of writing, this test was deadlocking for me on trunk 100% of the time. With
this change I cannot get it to deadlock.
- runtime/InferredType.cpp:
(JSC::InferredType::willStoreValueSlow):
(JSC::InferredType::makeTopSlow):
(JSC::InferredType::set):
(JSC::InferredType::removeStructure):
(JSC::InferredType::InferredStructureWatchpoint::fireInternal):
- runtime/InferredType.h:
- 3:08 AM Changeset in webkit [197671] by
-
- 46 edits8 adds in releases/WebKitGTK/webkit-2.12
Merge r197380 - [DFG][FTL][B3] Support floor and ceil
https://bugs.webkit.org/show_bug.cgi?id=154683
Reviewed by Filip Pizlo.
Source/JavaScriptCore:
This patch implements and fixes the following things.
- Implement Ceil and Floor in DFG, FTL and B3
x86 SSE 4.2 and ARM64 have round instructions that can directly perform Ceil or Floor.
This patch leverages this functionality. We introduce ArithFloor and ArithCeil.
During DFG phase, these nodes attempt to convert itself to Identity (in Fixup phase).
As the same to ArithRound, it tracks arith rounding mode.
And if these nodes are required to emit machine codes, we emit rounding machine code
if it is supported in the current machine. For example, in x86, we emitround.
This
Floorfunctionality is nice for @toInteger in builtin.
That is used for Array.prototype.{forEach, map, every, some, reduce...}
And according to the benchmark results, Kraken audio-oscillator is slightly improved
due to its frequent Math.round and Math.floor calls.
- Implement Floor in B3 and Air
As the same to Ceil in B3, we add a new B3 IR and Air opcode, Floor.
This Floor is leveraged to implement ArithFloor in DFG.
- Fix ArithRound operation
Currently, we used cvtsd2si (in x86) to convert double value to int32.
And we also used this to implement Math.round, like, cvtsd2si(value + 0.5).
However, this implementation is not correct. Because cvtsd2si is not floor operation.
It is trucate operation. This is OK for positive numbers. But NG for negative numbers.
For example, the current implementation accidentally rounds-0.6to-0.0. This should be-1.0.
Using Ceil and Floor instructions, we implement correct ArithRound.
- assembler/MacroAssemblerARM.h:
(JSC::MacroAssemblerARM::supportsFloatingPointRounding):
(JSC::MacroAssemblerARM::ceilDouble):
(JSC::MacroAssemblerARM::floorDouble):
(JSC::MacroAssemblerARM::supportsFloatingPointCeil): Deleted.
- assembler/MacroAssemblerARM64.h:
(JSC::MacroAssemblerARM64::supportsFloatingPointRounding):
(JSC::MacroAssemblerARM64::floorFloat):
(JSC::MacroAssemblerARM64::supportsFloatingPointCeil): Deleted.
- assembler/MacroAssemblerARMv7.h:
(JSC::MacroAssemblerARMv7::supportsFloatingPointRounding):
(JSC::MacroAssemblerARMv7::ceilDouble):
(JSC::MacroAssemblerARMv7::floorDouble):
(JSC::MacroAssemblerARMv7::supportsFloatingPointCeil): Deleted.
- assembler/MacroAssemblerMIPS.h:
(JSC::MacroAssemblerMIPS::ceilDouble):
(JSC::MacroAssemblerMIPS::floorDouble):
(JSC::MacroAssemblerMIPS::supportsFloatingPointRounding):
(JSC::MacroAssemblerMIPS::supportsFloatingPointCeil): Deleted.
- assembler/MacroAssemblerSH4.h:
(JSC::MacroAssemblerSH4::supportsFloatingPointRounding):
(JSC::MacroAssemblerSH4::ceilDouble):
(JSC::MacroAssemblerSH4::floorDouble):
(JSC::MacroAssemblerSH4::supportsFloatingPointCeil): Deleted.
- assembler/MacroAssemblerX86Common.h:
(JSC::MacroAssemblerX86Common::floorDouble):
(JSC::MacroAssemblerX86Common::floorFloat):
(JSC::MacroAssemblerX86Common::supportsFloatingPointRounding):
(JSC::MacroAssemblerX86Common::supportsFloatingPointCeil): Deleted.
- b3/B3ConstDoubleValue.cpp:
(JSC::B3::ConstDoubleValue::floorConstant):
- b3/B3ConstDoubleValue.h:
- b3/B3ConstFloatValue.cpp:
(JSC::B3::ConstFloatValue::floorConstant):
- b3/B3ConstFloatValue.h:
- b3/B3LowerMacrosAfterOptimizations.cpp:
- b3/B3LowerToAir.cpp:
(JSC::B3::Air::LowerToAir::lower):
- b3/B3Opcode.cpp:
(WTF::printInternal):
- b3/B3Opcode.h:
- b3/B3ReduceDoubleToFloat.cpp:
- b3/B3ReduceStrength.cpp:
- b3/B3Validate.cpp:
- b3/B3Value.cpp:
(JSC::B3::Value::floorConstant):
(JSC::B3::Value::isRounded):
(JSC::B3::Value::effects):
(JSC::B3::Value::key):
(JSC::B3::Value::typeFor):
- b3/B3Value.h:
- b3/air/AirFixPartialRegisterStalls.cpp:
- b3/air/AirOpcode.opcodes:
- b3/testb3.cpp:
(JSC::B3::testFloorCeilArg):
(JSC::B3::testFloorArg):
(JSC::B3::testFloorImm):
(JSC::B3::testFloorMem):
(JSC::B3::testFloorFloorArg):
(JSC::B3::testCeilFloorArg):
(JSC::B3::testFloorIToD64):
(JSC::B3::testFloorIToD32):
(JSC::B3::testFloorArgWithUselessDoubleConversion):
(JSC::B3::testFloorArgWithEffectfulDoubleConversion):
(JSC::B3::run):
- dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
- dfg/DFGArithMode.cpp:
(WTF::printInternal):
- dfg/DFGArithMode.h:
- dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::handleIntrinsicCall):
- dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
- dfg/DFGDoesGC.cpp:
(JSC::DFG::doesGC):
- dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
- dfg/DFGGraph.cpp:
(JSC::DFG::Graph::dump):
- dfg/DFGGraph.h:
(JSC::DFG::Graph::roundShouldSpeculateInt32):
- dfg/DFGNode.h:
(JSC::DFG::Node::arithNodeFlags):
(JSC::DFG::Node::hasHeapPrediction):
(JSC::DFG::Node::hasArithRoundingMode):
- dfg/DFGNodeType.h:
- dfg/DFGPredictionPropagationPhase.cpp:
(JSC::DFG::PredictionPropagationPhase::propagate):
- dfg/DFGSafeToExecute.h:
(JSC::DFG::safeToExecute):
- dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileArithRounding):
(JSC::DFG::SpeculativeJIT::compileArithRound): Deleted.
- dfg/DFGSpeculativeJIT.h:
- dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
- dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
- ftl/FTLCapabilities.cpp:
(JSC::FTL::canCompile):
- ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileArithRound):
(JSC::FTL::DFG::LowerDFGToB3::compileArithFloor):
(JSC::FTL::DFG::LowerDFGToB3::compileArithCeil):
- ftl/FTLOutput.h:
(JSC::FTL::Output::doubleFloor):
- jit/ThunkGenerators.cpp:
(JSC::ceilThunkGenerator):
- tests/stress/math-ceil-arith-rounding-mode.js: Added.
(firstCareAboutZeroSecondDoesNot):
(firstDoNotCareAboutZeroSecondDoes):
(warmup):
(verifyNegativeZeroIsPreserved):
- tests/stress/math-ceil-basics.js: Added.
(mathCeilOnIntegers):
(mathCeilOnDoubles):
(mathCeilOnBooleans):
(uselessMathCeil):
(mathCeilWithOverflow):
(mathCeilConsumedAsDouble):
(mathCeilDoesNotCareAboutMinusZero):
(mathCeilNoArguments):
(mathCeilTooManyArguments):
(testMathCeilOnConstants):
(mathCeilStructTransition):
(Math.ceil):
- tests/stress/math-floor-arith-rounding-mode.js: Added.
(firstCareAboutZeroSecondDoesNot):
(firstDoNotCareAboutZeroSecondDoes):
(warmup):
(verifyNegativeZeroIsPreserved):
- tests/stress/math-floor-basics.js: Added.
(mathFloorOnIntegers):
(mathFloorOnDoubles):
(mathFloorOnBooleans):
(uselessMathFloor):
(mathFloorWithOverflow):
(mathFloorConsumedAsDouble):
(mathFloorDoesNotCareAboutMinusZero):
(mathFloorNoArguments):
(mathFloorTooManyArguments):
(testMathFloorOnConstants):
(mathFloorStructTransition):
(Math.floor):
- tests/stress/math-round-should-not-use-truncate.js: Added.
(mathRoundDoesNotCareAboutMinusZero):
- tests/stress/math-rounding-infinity.js: Added.
(shouldBe):
(testRound):
(testFloor):
(testCeil):
- tests/stress/math-rounding-nan.js: Added.
(shouldBe):
(testRound):
(testFloor):
(testCeil):
- tests/stress/math-rounding-negative-zero.js: Added.
(shouldBe):
(testRound):
(testFloor):
(testCeil):
(testRoundNonNegativeZero):
(testRoundNonNegativeZero2):
Websites/webkit.org:
- docs/b3/intermediate-representation.html:
- 2:45 AM Changeset in webkit [197670] by
-
- 29 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore
Merge r197379 - Add new MethodTable method to get an estimated size for a cell
https://bugs.webkit.org/show_bug.cgi?id=154838
Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-02-29
Reviewed by Filip Pizlo.
The new class method estimatedSize(JSCell*) estimates the size for a single cell.
As the name implies, this is meant to be an approximation. It is more important
that big objects report a large size, then to get perfect size information for
all objects in the heap.
Base implementation (JSCell):
- returns the MarkedBlock bucket size for this cell.
- This gets us the object size include inline storage. Basically a better sizeof.
Subclasses with "Extra Memory Cost":
- Any class that reports extra memory (reportExtraMemoryVisited) should include that in the estimated size.
- E.g. CodeBlock, JSGenericTypedArrayView, WeakMapData, etc.
Subclasses with "Copied Space" storage:
- Any class with data in copied space (copyBackingStore) should include that in the estimated size.
- E.g. JSObject, JSGenericTypedArrayView, JSMap, JSSet, DirectArguments, etc.
Add reportExtraMemoryVisited for UnlinkedCodeBlock's compressed unlinked
instructions because this can be larger than 1kb, which is significant.
This has one special case for RegExp generated bytecode / JIT code, which
does not currently fall into the extra memory cost or copied space storage.
In practice I haven't seen this grow to a significant cost.
- runtime/ClassInfo.h:
Add the new estimatedSize method to the table.
- bytecode/UnlinkedCodeBlock.cpp:
(JSC::UnlinkedCodeBlock::visitChildren):
(JSC::UnlinkedCodeBlock::estimatedSize):
(JSC::UnlinkedCodeBlock::setInstructions):
- bytecode/UnlinkedCodeBlock.h:
Report an extra memory cost for unlinked code blocks like
we do for linked code blocks.
- bytecode/CodeBlock.cpp:
(JSC::CodeBlock::estimatedSize):
- bytecode/CodeBlock.h:
- bytecode/UnlinkedInstructionStream.cpp:
(JSC::UnlinkedInstructionStream::sizeInBytes):
- bytecode/UnlinkedInstructionStream.h:
- runtime/DirectArguments.cpp:
(JSC::DirectArguments::estimatedSize):
- runtime/DirectArguments.h:
- runtime/JSCell.cpp:
(JSC::JSCell::estimatedSizeInBytes):
(JSC::JSCell::estimatedSize):
- runtime/JSCell.h:
- runtime/JSGenericTypedArrayView.h:
- runtime/JSGenericTypedArrayViewInlines.h:
(JSC::JSGenericTypedArrayView<Adaptor>::estimatedSize):
- runtime/JSMap.cpp:
(JSC::JSMap::estimatedSize):
- runtime/JSMap.h:
- runtime/JSObject.cpp:
(JSC::JSObject::visitButterfly):
- runtime/JSObject.h:
- runtime/JSSet.cpp:
(JSC::JSSet::estimatedSize):
- runtime/JSSet.h:
- runtime/JSString.cpp:
(JSC::JSString::estimatedSize):
- runtime/JSString.h:
- runtime/MapData.h:
(JSC::MapDataImpl::capacityInBytes):
- runtime/WeakMapData.cpp:
(JSC::WeakMapData::estimatedSize):
(JSC::WeakMapData::visitChildren):
- runtime/WeakMapData.h:
Implement estimated size following the pattern of reporting
extra visited size, or copy space memory.
- runtime/RegExp.cpp:
(JSC::RegExp::estimatedSize):
- runtime/RegExp.h:
- yarr/YarrInterpreter.h:
(JSC::Yarr::ByteDisjunction::estimatedSizeInBytes):
(JSC::Yarr::BytecodePattern::estimatedSizeInBytes):
- yarr/YarrJIT.h:
(JSC::Yarr::YarrCodeBlock::size):
Include generated bytecode / JITCode to a RegExp's size.
- 2:43 AM Changeset in webkit [197669] by
-
- 3 edits in trunk/LayoutTests
[css-grid] Add missing test for grid-template shorthand
https://bugs.webkit.org/show_bug.cgi?id=155013
Reviewed by Sergio Villar Senin.
We support the following syntax in grid-template shorthand:
-webkit-grid-template: [foo1] 'a' 50px [foo2]
[bar1] 'b' 50px [bar2] / 100px;
But we don't have a test to check that grid-template-rows value
has the names of the same lines grouped. So it's:
[foo1] 50px [foo2 bar1] 50px [bar2];
This means that if we remove the third argument in
CSSParser::parseGridLineNames(), all the current tests are passing.
Without that argument, the value for grid-template-rows would be:
[foo1] 50px [foo2] [bar1] 50px [bar2];
Which is wrong.
This patch adds a specific test case for this which would fail
in that case.
- fast/css-grid-layout/grid-template-shorthand-get-set-expected.txt:
- fast/css-grid-layout/grid-template-shorthand-get-set.html:
- 2:19 AM Changeset in webkit [197668] by
-
- 2 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore
Merge r197374 - SpeculatedType should be easier to edit
https://bugs.webkit.org/show_bug.cgi?id=154840
Reviewed by Mark Lam.
We used to specify the bitmasks in SpeculatedType.h using hex codes. This used to work
great because we didn't have so many masks and you could use the mask to visually see
which ones overlapped. It also made it easy to visualize subset relationships.
But now we have a lot of masks with a lot of confusing overlaps, and it's no longer
possible to just see their relationship by looking at hex codes. Worse, the use of hex
codes makes it super annoying to move the bits around. For example, right now we have two
bits free, but if we wanted to reclaim them by editing the old hex masks, it would be a
nightmare.
So this patch replaces the hex masks with shift expressions (1u << 15 for example) and it
makes any derived masks (i.e. masks that are the bit-or of other masks) be expressed using
an or expression (SpecFoo | SpecBar | SpecBaz for example).
This makes it easier to see the relationships and it makes it easier to take bits for new
types.
- bytecode/SpeculatedType.h:
- 2:12 AM WebKitGTK/2.4.x edited by
- (diff)
- 1:58 AM Changeset in webkit [197667] by
-
- 8 edits3 adds in releases/WebKitGTK/webkit-2.12
Merge r197372 - Modern IDB: WebKit 2 IPC layer easily confused about multiple web processes being connected.
https://bugs.webkit.org/show_bug.cgi?id=154837
Reviewed by Alex Christensen.
Source/WebKit2:
The crux of the bug is that WebProcesses cannot assign themselves server-unique identifiers...
The server must do that for them.
A once-per-session-per-WebProcess sync message and a few updates to connection management fix this.
- DatabaseProcess/DatabaseToWebProcessConnection.cpp:
(WebKit::DatabaseToWebProcessConnection::didReceiveSyncMessage):
(WebKit::generateConnectionToServerIdentifier):
(WebKit::DatabaseToWebProcessConnection::establishIDBConnectionToServer):
- DatabaseProcess/DatabaseToWebProcessConnection.h:
- DatabaseProcess/DatabaseToWebProcessConnection.messages.in:
- WebProcess/Databases/IndexedDB/WebIDBConnectionToServer.cpp:
(WebKit::WebIDBConnectionToServer::WebIDBConnectionToServer):
(WebKit::generateConnectionToServerIdentifier): Deleted.
- WebProcess/Databases/WebToDatabaseProcessConnection.cpp:
(WebKit::WebToDatabaseProcessConnection::didReceiveMessage):
(WebKit::WebToDatabaseProcessConnection::idbConnectionToServerForSession):
- WebProcess/Databases/WebToDatabaseProcessConnection.h:
Tools:
- TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
- TestWebKitAPI/Tests/WebKit2Cocoa/IndexedDBMultiProcess-1.html: Added.
- TestWebKitAPI/Tests/WebKit2Cocoa/IndexedDBMultiProcess-2.html: Added.
- TestWebKitAPI/Tests/WebKit2Cocoa/IndexedDBMultiProcess.mm: Added.
- 1:56 AM Changeset in webkit [197666] by
-
- 3 edits in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore
Merge r197370 - OverridesHasInstance constant folding is wrong
https://bugs.webkit.org/show_bug.cgi?id=154833
Reviewed by Filip Pizlo.
The current implementation of OverridesHasInstance constant folding
is incorrect. Since it relies on OSR exit information it has been
moved to the StrengthReductionPhase. Normally, such an optimazation would be
put in FixupPhase, however, there are a number of cases where we don't
determine an edge of OverridesHasInstance is a constant until after fixup.
Performing the optimization during StrengthReductionPhase means we can defer
our decision until later.
In the future we should consider creating a version of this optimization
that does not depend on OSR exit information and move the optimization back
to ConstantFoldingPhase.
- dfg/DFGConstantFoldingPhase.cpp:
(JSC::DFG::ConstantFoldingPhase::foldConstants): Deleted.
- dfg/DFGStrengthReductionPhase.cpp:
(JSC::DFG::StrengthReductionPhase::handleNode):
- 1:48 AM Changeset in webkit [197665] by
-
- 5 edits6 adds in releases/WebKitGTK/webkit-2.12
Merge r197366 - B3 should have global store elimination
https://bugs.webkit.org/show_bug.cgi?id=154658
Reviewed by Benjamin Poulain.
Source/JavaScriptCore:
Implements fairly comprehensive global store elimination:
1) If you store the result of a load with no interference in between, remove the store.
2) If you store the same thing you stored previously, remove the store.
3) If you store something that you either loaded previously or stored previously along
arbitrarily many paths, remove the store.
4) If you store to something that is stored to again in the future with no interference in
between, remove the store.
Rule (4) is super relevant to FTL since the DFG does not eliminate redundant PutStructures.
A constructor that produces a large object will have many redundant stores to the same base
pointer, offset, and heap range, with no code to observe that heap raneg in between.
This doesn't have a decisive effect on major benchmarks, but it's an enormous win for
microbenchmarks:
- 30% faster to construct an object with many fields.
- 5x faster to do many stores to a global variable.
The compile time cost should be very small. Although the optimization is global, it aborts as
soon as it sees anything that would confound store elimination. For rules (1)-(3), we
piggy-back the existing load elimination, which gives up on interfering stores. For rule (4),
we search forward through the current block and then globally a block at a time (skipping
block contents thanks to summary data), which could be expensive. But rule (4) aborts as soon
as it sees a read, write, or end block (Return or Oops). Any Check will claim to read TOP. Any
Patchpoint that results from an InvalidationPoint will claim to read TOP, as will any
Patchpoints for ICs. Those are usually sprinkled all over the program.
In other words, this optimization rarely kicks in. When it does kick in, it makes programs run
faster. When it doesn't kick in, it's usually O(1) because there are reasons for aborting all
over a "normal" program so the search will halt almost immediately. This of course raises the
question: how much more in compile time do we pay when the optimization does kick in? The
optimization kicks in the most for the microbenchmarks I wrote for this patch. Amazingly, the
effect of the optimization a wash for compile time: whatever cost we pay doing the O(n2)
searches is balanced by the massive reduction in work in the backend. On one of the two
microbenchmarks, overall compile time actually shrank with this optimization even though CSE
itself cost more. That's not too surprising - the backend costs much more per instruction, so
things that remove instructions before we get to the backend tend to be a good idea.
We could consider adding a more aggressive version of this in the future, which could sink
stores into checks. That could be crazy fun: https://bugs.webkit.org/show_bug.cgi?id=152162#c3
But mainly, I'm adding this optimization because it was super fun to implement during the
WebAssembly CG summit.
- b3/B3EliminateCommonSubexpressions.cpp:
- b3/B3MemoryValue.h:
- b3/B3SuccessorCollection.h:
(JSC::B3::SuccessorCollection::begin):
(JSC::B3::SuccessorCollection::end):
(JSC::B3::SuccessorCollection::const_iterator::const_iterator):
(JSC::B3::SuccessorCollection::const_iterator::operator*):
(JSC::B3::SuccessorCollection::const_iterator::operator++):
(JSC::B3::SuccessorCollection::const_iterator::operator==):
(JSC::B3::SuccessorCollection::const_iterator::operator!=):
LayoutTests:
These two benchmarks both speed up significantly with this change.
- js/regress/build-large-object-expected.txt: Added.
- js/regress/build-large-object.html: Added.
- js/regress/many-repeat-stores-expected.txt: Added.
- js/regress/many-repeat-stores.html: Added.
- js/regress/script-tests/build-large-object.js: Added.
- js/regress/script-tests/many-repeat-stores.js: Added.
- 1:47 AM WebKitGTK/2.4.x edited by
- (diff)
- 1:46 AM WebKitGTK/2.4.x edited by
- (diff)
- 1:39 AM Changeset in webkit [197664] by
-
- 9 edits1 add in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore
Merge r197365 - Make it cheap to #include "JITOperations.h"
https://bugs.webkit.org/show_bug.cgi?id=154836
Reviewed by Mark Lam.
Prior to this change, this header included the whole world even though it did't have any
definitions. This patch turns almost all of the includes into forward declarations. Right
now this header is very cheap to include.
- JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
- JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
- JavaScriptCore.xcodeproj/project.pbxproj:
- dfg/DFGSpeculativeJIT.h:
- jit/JITOperations.cpp:
- jit/JITOperations.h:
- jit/Repatch.h:
- runtime/CommonSlowPaths.h:
(JSC::encodeResult): Deleted.
(JSC::decodeResult): Deleted.
- runtime/SlowPathReturnType.h: Added.
(JSC::encodeResult):
(JSC::decodeResult):
- 1:37 AM WebKitGTK/2.4.x edited by
- (diff)
- 1:36 AM Changeset in webkit [197663] by
-
- 8 edits2 adds in releases/WebKitGTK/webkit-2.12/Source/JavaScriptCore
Merge r197357 - FTL should be able to run everything in Octane/regexp
https://bugs.webkit.org/show_bug.cgi?id=154266
Reviewed by Saam Barati.
Adds FTL support for NewRegexp, RegExpTest, and RegExpExec. I couldn't figure out how to
make the RegExpExec peephole optimization work in FTL. This optimizations shouldn't be a
DFG backend optimization anyway - if we need this optimization then it should be a
strength reduction rule over IR. That way, it can be shared by all backends.
I measured whether removing that optimization had any effect on performance separately
from measuring the performance of this patch. Removing that optimization did not change
our score on any benchmarks.
This patch does have an overall negative effect on the Octane/regexp score. This is
presumably because tiering up to the FTL has no value to the code in the regexp test. Or
maybe it's something else. No matter - the overall effect on the Octane score is not
statistically significant and we don't want this kind of coverage blocked by the fact
that adding coverage hurts a benchmark.
- dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::parseBlock):
- dfg/DFGNode.h:
(JSC::DFG::Node::setIndexingType):
(JSC::DFG::Node::hasRegexpIndex):
- dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileNotifyWrite):
(JSC::DFG::SpeculativeJIT::compileIsObjectOrNull):
(JSC::DFG::SpeculativeJIT::compileRegExpExec): Deleted.
- dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
- dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
- ftl/FTLCapabilities.cpp:
(JSC::FTL::canCompile):
- ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileCheckWatchdogTimer):
(JSC::FTL::DFG::LowerDFGToB3::compileRegExpExec):
(JSC::FTL::DFG::LowerDFGToB3::compileRegExpTest):
(JSC::FTL::DFG::LowerDFGToB3::compileNewRegexp):
(JSC::FTL::DFG::LowerDFGToB3::didOverflowStack):
- tests/stress/ftl-regexp-exec.js: Added.
- tests/stress/ftl-regexp-test.js: Added.
- 1:25 AM Changeset in webkit [197662] by
-
- 2 edits in releases/WebKitGTK/webkit-2.12/Source/WebKit2
Merge r197352 - Fixed compilation with !ENABLE(DATABASE_PROCESS).
https://bugs.webkit.org/show_bug.cgi?id=154813
Patch by Konstantin Tokarev <Konstantin Tokarev> on 2016-02-29
Reviewed by Michael Catanzaro.
- UIProcess/WebProcessPool.cpp:
(WebKit::WebProcessPool::terminateDatabaseProcess): Added missing #if
guard.
- 1:24 AM Changeset in webkit [197661] by
-
- 4 edits in releases/WebKitGTK/webkit-2.12
Merge r197351 - [GTK] Touch slider test fails due to assertion in webkitWebViewBaseTouchEvent()
https://bugs.webkit.org/show_bug.cgi?id=153829
Patch by Adrien Plazas <aplazas@igalia.com> on 2016-02-29
Reviewed by Carlos Garcia Campos.
Source/WebKit2:
Once a touch event sequence is identified as a gesture, remove it
from the list of handled touch events.
- UIProcess/API/gtk/WebKitWebViewBase.cpp:
(webkitWebViewBaseTouchEvent):
LayoutTests:
- platform/gtk/TestExpectations:
Remove now passing tests from the expected failures.
Mar 6, 2016:
- 11:54 PM Changeset in webkit [197660] by
-
- 5 edits in releases/WebKitGTK/webkit-2.4/Source/JavaScriptCore
Merge r173886 - [CLoop] - Fix CLoop on the 32-bit Big-Endians
https://bugs.webkit.org/show_bug.cgi?id=137020
Patch by Tomas Popela <tpopela@redhat.com> on 2014-09-23
Reviewed by Mark Lam.
- llint/LowLevelInterpreter.asm:
- llint/LowLevelInterpreter32_64.asm:
- 10:41 PM Changeset in webkit [197659] by
-
- 3 edits in trunk/Source/WebInspectorUI
Web Inspector: Use half-pixel borders for data grids
https://bugs.webkit.org/show_bug.cgi?id=154437
<rdar://problem/24736365>
Reviewed by Timothy Hatcher.
- UserInterface/Views/DataGrid.css:
(.data-grid.inline):
(.data-grid th):
(.data-grid :matches(th, td):not(:last-child)):
Half-pixel borders round to 1px on 1x (non-retina) screens since r192444.
- UserInterface/Views/DataGrid.js:
(WebInspector.DataGrid.prototype._positionResizerElements):
Use getBoundingClientRect for better precision since it provides subpixel values.
- 7:52 PM Changeset in webkit [197658] by
-
- 12 edits in trunk/Source/JavaScriptCore
Web Inspector: the protocol generator should have separate prefix options for Objective-C classes and filenames
https://bugs.webkit.org/show_bug.cgi?id=155101
<rdar://problem/25000053>
Reviewed by Timothy Hatcher.
It should be possible to generate Objective-C protocol types without prefixing all class names.
The prefixes are only necessary when the generated files are part of a framework, but this isn't
how the generated Objective-C frontend files are used.
Add a separate framework setting and switch over code to use the 'protocol_group' in filenames,
and the 'objc_prefix' for Objective-C enum and class prefixes.
No tests need to be rebaselined because tests always set the protocol_group and objc_prefix
to the same value.
- inspector/scripts/codegen/generate_objc_backend_dispatcher_header.py:
(ObjCBackendDispatcherHeaderGenerator.output_filename):
- inspector/scripts/codegen/generate_objc_backend_dispatcher_implementation.py:
(ObjCConfigurationImplementationGenerator.output_filename):
(ObjCConfigurationImplementationGenerator.generate_output):
- inspector/scripts/codegen/generate_objc_configuration_header.py:
(ObjCConfigurationHeaderGenerator.output_filename):
(ObjCConfigurationHeaderGenerator.generate_output):
(ObjCConfigurationHeaderGenerator._generate_configuration_interface_for_domains):
- inspector/scripts/codegen/generate_objc_configuration_implementation.py:
(ObjCBackendDispatcherImplementationGenerator.output_filename):
(ObjCBackendDispatcherImplementationGenerator.generate_output):
(ObjCBackendDispatcherImplementationGenerator._generate_configuration_implementation_for_domains):
- inspector/scripts/codegen/generate_objc_conversion_helpers.py:
(ObjCConversionHelpersGenerator.output_filename):
- inspector/scripts/codegen/generate_objc_frontend_dispatcher_implementation.py:
(ObjCFrontendDispatcherImplementationGenerator.output_filename):
(ObjCFrontendDispatcherImplementationGenerator.generate_output):
- inspector/scripts/codegen/generate_objc_header.py:
(ObjCHeaderGenerator.output_filename):
- inspector/scripts/codegen/generate_objc_internal_header.py:
(ObjCInternalHeaderGenerator.output_filename):
(ObjCInternalHeaderGenerator.generate_output):
- inspector/scripts/codegen/generate_objc_protocol_types_implementation.py:
(ObjCProtocolTypesImplementationGenerator.output_filename):
(ObjCProtocolTypesImplementationGenerator.generate_output):
- inspector/scripts/codegen/models.py:
- inspector/scripts/codegen/objc_generator.py:
(ObjCGenerator):
(ObjCGenerator.protocol_name):
(ObjCGenerator.objc_prefix):
- 7:37 PM Changeset in webkit [197657] by
-
- 6 edits in trunk/Source/JavaScriptCore
Unreviewed, rebaseline inspector protocol generator tests after r197563.
- inspector/scripts/tests/expected/commands-with-async-attribute.json-result:
- inspector/scripts/tests/expected/commands-with-optional-call-return-parameters.json-result:
- inspector/scripts/tests/expected/domains-with-varying-command-sizes.json-result:
- inspector/scripts/tests/expected/enum-values.json-result:
- inspector/scripts/tests/expected/generate-domains-with-feature-guards.json-result:
- 7:36 PM Changeset in webkit [197656] by
-
- 3 edits in trunk/Source/WebKit2
Support preview on attachment elements.
https://bugs.webkit.org/show_bug.cgi?id=155074
rdar://problem/24806079
Reviewed by Sam Weinig.
Allowing preview to start on attachment elements.
Adding a private UIDelegate method to provide the data for the preview.
- UIProcess/API/Cocoa/WKUIDelegatePrivate.h:
- UIProcess/ios/WKContentViewInteraction.mm:
(-[WKContentView _interactionShouldBeginFromPreviewItemController:forPosition:]):
(-[WKContentView _dataForPreviewItemController:atPosition:type:]):
- 7:21 PM Changeset in webkit [197655] by
-
- 3 edits in trunk/Source/JavaScriptCore
[JSC] Improve DFG's Int32 ArithMul if one operand is a constant
https://bugs.webkit.org/show_bug.cgi?id=155066
Reviewed by Filip Pizlo.
When multiplying an integer by a constant, DFG was doing quite
a bit worse than baseline JIT.
We were loading the constant into a register, doing the multiply,
the checking the result and both operands for negative zero.
This patch changes:
-Use the multiply-by-immediate form on x86.
-Do as few checks as possible to detect negative-zero.
In most cases, this reduce the negative-zero checks
to zero or one TEST+JUMP.
- assembler/MacroAssembler.h:
(JSC::MacroAssembler::mul32):
- dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileArithMul):
- 6:43 PM Changeset in webkit [197654] by
-
- 4 edits in trunk/Source/JavaScriptCore
[JSC] Remove a superfluous Move in front of every double unboxing
https://bugs.webkit.org/show_bug.cgi?id=155064
Reviewed by Saam Barati.
Double unboxing was always doing:
Move source, scratch
Add64 tag, scratch
IntToDouble scratch, fp
We do not need to "Move" to copy the source.
Both x86 and ARM64 have an efficient 3 operands Add instruction.
- dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileValueToInt32):
(JSC::DFG::SpeculativeJIT::compileDoubleRep):
(JSC::DFG::SpeculativeJIT::speculateRealNumber):
- dfg/DFGSpeculativeJIT.h:
(JSC::DFG::SpeculativeJIT::unboxDouble):
- jit/AssemblyHelpers.h:
(JSC::AssemblyHelpers::unboxDoubleWithoutAssertions):
(JSC::AssemblyHelpers::unboxDouble):
(JSC::AssemblyHelpers::unboxDoubleNonDestructive):
- 6:42 PM Changeset in webkit [197653] by
-
- 6 edits in trunk/Source/JavaScriptCore
[JSC] Use 3 operands Add in more places
https://bugs.webkit.org/show_bug.cgi?id=155082
Reviewed by Filip Pizlo.
- assembler/MacroAssembler.h:
(JSC::MacroAssembler::addPtr):
(JSC::MacroAssembler::add32):
- assembler/MacroAssemblerARMv7.h:
(JSC::MacroAssemblerARMv7::add32):
- dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileArithAdd):
The case with child1 constant is useless.
The canonical form will have the constant as child2.
Also add register reuse for the fast-add.
Registers are a scarce resource on x86.
- jit/CCallHelpers.h:
(JSC::CCallHelpers::prepareForTailCallSlow):
- yarr/YarrJIT.cpp:
(JSC::Yarr::YarrGenerator::generate):
- 6:40 PM Changeset in webkit [197652] by
-
- 14 edits in trunk/Source
[JSC] Improve codegen of Compare and Test
https://bugs.webkit.org/show_bug.cgi?id=155055
Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-03-06
Reviewed by Filip Pizlo.
Source/JavaScriptCore:
This patch introduces a few improvements on how we lower
Compare and Test with immediates:
-Add certain Immediate forms of ARM64.
-Use CBZ/CBNZ when possible on ARM64.
-When possible, convert a CMP into a TST
On some hardware, we can issue more TST simultaneously.
On x86, any TST+Jump is candidate for macro-fusion.
They are also smaller.
(sections 3.4.2.2 and 3.5.1.9)
-Do not load the mask immediate of a TST
if it only contains ones (mostly useful for ARM64
since that would not have been a valid immediate).
- assembler/MacroAssembler.h:
(JSC::MacroAssembler::compare32):
- assembler/MacroAssemblerARM64.h:
(JSC::MacroAssemblerARM64::moveConditionallyAfterFloatingPointCompare):
(JSC::MacroAssemblerARM64::moveDoubleConditionallyAfterFloatingPointCompare):
This is somewhat unrelated but I found that out while working
on moveDoubleConditionallyTest32:
If "thenCase" and "dest" are assigned the same register
by the allocator, then the first (f)fcsel would override
the "thenCase" and the second fcsel would always be "elseCase".
This is covered by testb3 but was only uncovered
after recent "Move" removals in lowering.
(JSC::MacroAssemblerARM64::moveConditionally32):
(JSC::MacroAssemblerARM64::moveConditionally64):
(JSC::MacroAssemblerARM64::moveConditionallyTest32):
(JSC::MacroAssemblerARM64::moveDoubleConditionally32):
(JSC::MacroAssemblerARM64::moveDoubleConditionally64):
(JSC::MacroAssemblerARM64::moveDoubleConditionallyTest32):
(JSC::MacroAssemblerARM64::branch32):
(JSC::MacroAssemblerARM64::branch64):
(JSC::MacroAssemblerARM64::branchTest32):
(JSC::MacroAssemblerARM64::test32):
The version taking an immediate was guarded by
(cond == Zero) (cond == NonZero). That is overzealous, and only needed for CBZ/CBNZ.
(JSC::MacroAssemblerARM64::branchTest64):
(JSC::MacroAssemblerARM64::compare32):
(JSC::MacroAssemblerARM64::compare64):
(JSC::MacroAssemblerARM64::commuteCompareToZeroIntoTest):
- assembler/MacroAssemblerX86Common.h:
(JSC::MacroAssemblerX86Common::moveConditionally32):
(JSC::MacroAssemblerX86Common::moveConditionallyTest32):
(JSC::MacroAssemblerX86Common::branch32):
(JSC::MacroAssemblerX86Common::test32):
(JSC::MacroAssemblerX86Common::branchTest32):
(JSC::MacroAssemblerX86Common::compare32):
(JSC::MacroAssemblerX86Common::commuteCompareToZeroIntoTest):
- assembler/MacroAssemblerX86_64.h:
(JSC::MacroAssemblerX86_64::compare64):
(JSC::MacroAssemblerX86_64::branch64):
(JSC::MacroAssemblerX86_64::moveConditionally64):
- b3/B3LowerToAir.cpp:
(JSC::B3::Air::LowerToAir::createGenericCompare):
Unfortunately this cannot be abstracted by the MacroAssembler.
Those immediates are not valid, we have to pick the better
for right away.
- b3/air/AirOpcode.opcodes:
- b3/testb3.cpp:
(JSC::B3::int64Operands):
(JSC::B3::modelCompare):
(JSC::B3::testCompareImpl):
(JSC::B3::testCompare):
(JSC::B3::b3Pow):
(JSC::B3::testPowDoubleByIntegerLoop):
Some versions of pow(double, int) do not return
the exact same bits as our integer loop.
Added a new version to have the same behavior
as the B3 loop.
(JSC::B3::run):
- dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compilePeepHoleBooleanBranch):
- dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compileInt32Compare):
Comparing to an immediate is super common. Do not waste
a register for that!
Source/WebCore:
- cssjit/FunctionCall.h:
(WebCore::FunctionCall::callAndBranchOnCondition):
- 6:40 PM Changeset in webkit [197651] by
-
- 2 edits in trunk/PerformanceTests
Make sure multiply test particles have at least some opacity
https://bugs.webkit.org/show_bug.cgi?id=155027
Reviewed by Simon Fraser.
- Animometer/tests/master/resources/multiply.js:
(initialize): Have the elements spin a little faster to make it
more obvious when the system is being stressed.
(_addTile):
(animate): Make sure each element being animated has at least 1%
opacity.
- 6:22 PM Changeset in webkit [197650] by
-
- 2 edits in trunk/Source/JavaScriptCore
Unreviewed, fix build. This was a messed up merge.
- ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileInstanceOf):
- 6:07 PM Changeset in webkit [197649] by
-
- 15 edits in trunk/Source/JavaScriptCore
DFG should know how to speculate StringOrOther
https://bugs.webkit.org/show_bug.cgi?id=155094
Reviewed by Saam Barati.
Any code that processes the regexp matches array was previously doing a relatively expensive
Branch(Untyped:). This introduces a new use kind called StringOrOther, which is perfect for
code that loops over the matches array and branches on the entries being non-empty.
To do this, I needed to introduce code into the FTL that creates new blocks. We still had that
awful FTL_NEW_BLOCK idiom since the only way to debug LLVM IR was to ascribe names to basic
blocks. B3 IR is inherently more debuggable since unlike LLVM, B3 knows how to always respect
code origin, and it knows how to print the code origin nicely in the dumps. So, rather than
continue using FTL_NEW_BLOCK(m_out, ("things")), I replaced all of that stuff with
m_out.newBlock(). It's much nicer that way.
This is a tiny speed-up on Octane/regexp at best. I was hoping for more. Oh well.
- bytecode/SpeculatedType.h:
(JSC::isStringSpeculation):
(JSC::isStringOrOtherSpeculation):
(JSC::isSymbolSpeculation):
- dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
- dfg/DFGNode.h:
(JSC::DFG::Node::shouldSpeculateString):
(JSC::DFG::Node::shouldSpeculateStringOrOther):
(JSC::DFG::Node::shouldSpeculateStringObject):
- dfg/DFGSafeToExecute.h:
(JSC::DFG::SafeToExecuteEdge::operator()):
- dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileStringZeroLength):
(JSC::DFG::SpeculativeJIT::compileLogicalNotStringOrOther):
(JSC::DFG::SpeculativeJIT::emitStringBranch):
(JSC::DFG::SpeculativeJIT::emitStringOrOtherBranch):
(JSC::DFG::SpeculativeJIT::compileConstantStoragePointer):
(JSC::DFG::SpeculativeJIT::speculateObjectOrOther):
(JSC::DFG::SpeculativeJIT::speculateString):
(JSC::DFG::SpeculativeJIT::speculateStringOrOther):
(JSC::DFG::SpeculativeJIT::speculateStringIdentAndLoadStorage):
(JSC::DFG::SpeculativeJIT::speculate):
- dfg/DFGSpeculativeJIT.h:
- dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compileLogicalNot):
(JSC::DFG::SpeculativeJIT::emitBranch):
- dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compileLogicalNot):
(JSC::DFG::SpeculativeJIT::emitBranch):
- dfg/DFGUseKind.cpp:
(WTF::printInternal):
- dfg/DFGUseKind.h:
(JSC::DFG::typeFilterFor):
- ftl/FTLCapabilities.cpp:
(JSC::FTL::canCompile):
- ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::lower):
(JSC::FTL::DFG::LowerDFGToB3::compileDoubleRep):
(JSC::FTL::DFG::LowerDFGToB3::compileBooleanToNumber):
(JSC::FTL::DFG::LowerDFGToB3::compileToThis):
(JSC::FTL::DFG::LowerDFGToB3::compileArithMul):
(JSC::FTL::DFG::LowerDFGToB3::compileArithDiv):
(JSC::FTL::DFG::LowerDFGToB3::compileArithMod):
(JSC::FTL::DFG::LowerDFGToB3::compileArithMinOrMax):
(JSC::FTL::DFG::LowerDFGToB3::compileArithPow):
(JSC::FTL::DFG::LowerDFGToB3::compileArithRound):
(JSC::FTL::DFG::LowerDFGToB3::compileCheckStructure):
(JSC::FTL::DFG::LowerDFGToB3::compileArrayifyToStructure):
(JSC::FTL::DFG::LowerDFGToB3::compileGetById):
(JSC::FTL::DFG::LowerDFGToB3::compileGetIndexedPropertyStorage):
(JSC::FTL::DFG::LowerDFGToB3::compileGetTypedArrayByteOffset):
(JSC::FTL::DFG::LowerDFGToB3::compileGetByVal):
(JSC::FTL::DFG::LowerDFGToB3::compilePutByVal):
(JSC::FTL::DFG::LowerDFGToB3::compileArrayPush):
(JSC::FTL::DFG::LowerDFGToB3::compileArrayPop):
(JSC::FTL::DFG::LowerDFGToB3::compileCreateActivation):
(JSC::FTL::DFG::LowerDFGToB3::compileNewFunction):
(JSC::FTL::DFG::LowerDFGToB3::compileCreateDirectArguments):
(JSC::FTL::DFG::LowerDFGToB3::compileCopyRest):
(JSC::FTL::DFG::LowerDFGToB3::compileGetRestLength):
(JSC::FTL::DFG::LowerDFGToB3::compileNewArrayWithSize):
(JSC::FTL::DFG::LowerDFGToB3::compileNewTypedArray):
(JSC::FTL::DFG::LowerDFGToB3::compileToStringOrCallStringConstructor):
(JSC::FTL::DFG::LowerDFGToB3::compileToPrimitive):
(JSC::FTL::DFG::LowerDFGToB3::compileMakeRope):
(JSC::FTL::DFG::LowerDFGToB3::compileStringCharAt):
(JSC::FTL::DFG::LowerDFGToB3::compileStringCharCodeAt):
(JSC::FTL::DFG::LowerDFGToB3::compileStringFromCharCode):
(JSC::FTL::DFG::LowerDFGToB3::compileMultiGetByOffset):
(JSC::FTL::DFG::LowerDFGToB3::compileMultiPutByOffset):
(JSC::FTL::DFG::LowerDFGToB3::compileNotifyWrite):
(JSC::FTL::DFG::LowerDFGToB3::compileCompareStrictEq):
(JSC::FTL::DFG::LowerDFGToB3::compileForwardVarargs):
(JSC::FTL::DFG::LowerDFGToB3::compileSwitch):
(JSC::FTL::DFG::LowerDFGToB3::compileIsString):
(JSC::FTL::DFG::LowerDFGToB3::compileIsObject):
(JSC::FTL::DFG::LowerDFGToB3::compileIsObjectOrNull):
(JSC::FTL::DFG::LowerDFGToB3::compileIsFunction):
(JSC::FTL::DFG::LowerDFGToB3::compileTypeOf):
(JSC::FTL::DFG::LowerDFGToB3::compileOverridesHasInstance):
(JSC::FTL::DFG::LowerDFGToB3::compileInstanceOf):
(JSC::FTL::DFG::LowerDFGToB3::compileHasIndexedProperty):
(JSC::FTL::DFG::LowerDFGToB3::compileHasStructureProperty):
(JSC::FTL::DFG::LowerDFGToB3::compileGetDirectPname):
(JSC::FTL::DFG::LowerDFGToB3::compileGetEnumeratorStructurePname):
(JSC::FTL::DFG::LowerDFGToB3::compileGetEnumeratorGenericPname):
(JSC::FTL::DFG::LowerDFGToB3::compileMaterializeNewObject):
(JSC::FTL::DFG::LowerDFGToB3::compileMaterializeCreateActivation):
(JSC::FTL::DFG::LowerDFGToB3::compileCheckWatchdogTimer):
(JSC::FTL::DFG::LowerDFGToB3::checkStructure):
(JSC::FTL::DFG::LowerDFGToB3::numberOrNotCellToInt32):
(JSC::FTL::DFG::LowerDFGToB3::checkInferredType):
(JSC::FTL::DFG::LowerDFGToB3::allocatePropertyStorageWithSizeImpl):
(JSC::FTL::DFG::LowerDFGToB3::loadVectorWithBarrier):
(JSC::FTL::DFG::LowerDFGToB3::copyBarrier):
(JSC::FTL::DFG::LowerDFGToB3::loadVectorReadOnly):
(JSC::FTL::DFG::LowerDFGToB3::compareEqObjectOrOtherToObject):
(JSC::FTL::DFG::LowerDFGToB3::nonSpeculativeCompare):
(JSC::FTL::DFG::LowerDFGToB3::stringsEqual):
(JSC::FTL::DFG::LowerDFGToB3::allocateCell):
(JSC::FTL::DFG::LowerDFGToB3::allocateVariableSizedObject):
(JSC::FTL::DFG::LowerDFGToB3::allocateBasicStorageAndGetEnd):
(JSC::FTL::DFG::LowerDFGToB3::allocateObject):
(JSC::FTL::DFG::LowerDFGToB3::allocateJSArray):
(JSC::FTL::DFG::LowerDFGToB3::boolify):
(JSC::FTL::DFG::LowerDFGToB3::equalNullOrUndefined):
(JSC::FTL::DFG::LowerDFGToB3::contiguousPutByValOutOfBounds):
(JSC::FTL::DFG::LowerDFGToB3::switchString):
(JSC::FTL::DFG::LowerDFGToB3::switchStringRecurse):
(JSC::FTL::DFG::LowerDFGToB3::buildTypeOf):
(JSC::FTL::DFG::LowerDFGToB3::doubleToInt32):
(JSC::FTL::DFG::LowerDFGToB3::sensibleDoubleToInt32):
(JSC::FTL::DFG::LowerDFGToB3::strictInt52ToJSValue):
(JSC::FTL::DFG::LowerDFGToB3::jsValueToStrictInt52):
(JSC::FTL::DFG::LowerDFGToB3::convertDoubleToInt32):
(JSC::FTL::DFG::LowerDFGToB3::speculate):
(JSC::FTL::DFG::LowerDFGToB3::speculateCellOrOther):
(JSC::FTL::DFG::LowerDFGToB3::speculateObjectOrOther):
(JSC::FTL::DFG::LowerDFGToB3::speculateString):
(JSC::FTL::DFG::LowerDFGToB3::speculateStringOrOther):
(JSC::FTL::DFG::LowerDFGToB3::speculateStringIdent):
(JSC::FTL::DFG::LowerDFGToB3::speculateStringOrStringObject):
(JSC::FTL::DFG::LowerDFGToB3::speculateRealNumber):
(JSC::FTL::DFG::LowerDFGToB3::speculateNotStringVar):
(JSC::FTL::DFG::LowerDFGToB3::emitStoreBarrier):
(JSC::FTL::DFG::LowerDFGToB3::callCheck):
- ftl/FTLOutput.cpp:
(JSC::FTL::Output::initialize):
(JSC::FTL::Output::newBlock):
(JSC::FTL::Output::check):
- ftl/FTLOutput.h:
(JSC::FTL::Output::setFrequency):
(JSC::FTL::Output::insertNewBlocksBefore):
- 5:00 PM Changeset in webkit [197648] by
-
- 90 edits in trunk/Source
GetPrototypeOf? should be a fully virtual method in the method table
https://bugs.webkit.org/show_bug.cgi?id=155002
Reviewed by Filip Pizlo.
Source/JavaScriptCore:
This patch makes us more consistent with how the ES6 specification models the
GetPrototypeOf? trap. Moving this method into ClassInfo::methodTable
is a prerequisite for implementing Proxy.GetPrototypeOf?. This patch
still allows directly accessing the prototype for situations where this
is the desired behavior. This is equivalent to getting the internal
Prototype? field as described in the specification.
- API/JSObjectRef.cpp:
(JSObjectGetPrototype):
(JSObjectSetPrototype):
- dfg/DFGOperations.cpp:
- dfg/DFGOperations.h:
- dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileInstanceOfForObject):
(JSC::DFG::SpeculativeJIT::compileCheckTypeInfoFlags):
- ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileInstanceOf):
(JSC::FTL::DFG::LowerDFGToB3::compileInstanceOfCustom):
- jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_instanceof):
(JSC::JIT::emitSlow_op_instanceof):
- jit/JITOpcodes32_64.cpp:
(JSC::JIT::emit_op_instanceof):
(JSC::JIT::emitSlow_op_instanceof):
- jit/JITOperations.cpp:
- jit/JITOperations.h:
- jsc.cpp:
(functionCreateProxy):
- llint/LLIntSlowPaths.cpp:
(JSC::LLInt::LLINT_SLOW_PATH_DECL):
- llint/LowLevelInterpreter.asm:
- llint/LowLevelInterpreter32_64.asm:
- llint/LowLevelInterpreter64.asm:
- runtime/ArrayPrototype.cpp:
(JSC::speciesConstructArray):
- runtime/ClassInfo.h:
- runtime/FunctionPrototype.cpp:
(JSC::functionProtoFuncBind):
- runtime/IntlCollatorPrototype.cpp:
(JSC::IntlCollatorPrototypeGetterCompare):
- runtime/IntlDateTimeFormatPrototype.cpp:
(JSC::IntlDateTimeFormatPrototypeGetterFormat):
- runtime/IntlNumberFormatPrototype.cpp:
(JSC::IntlNumberFormatPrototypeGetterFormat):
- runtime/JSBoundFunction.cpp:
(JSC::hasInstanceBoundFunction):
(JSC::getBoundFunctionStructure):
(JSC::JSBoundFunction::create):
- runtime/JSBoundFunction.h:
- runtime/JSCJSValue.cpp:
(JSC::JSValue::putToPrimitive):
- runtime/JSCell.cpp:
(JSC::JSCell::setPrototype):
(JSC::JSCell::getPrototype):
- runtime/JSCell.h:
- runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::init):
(JSC::JSGlobalObject::hasLegacyProfiler):
(JSC::lastInPrototypeChain):
(JSC::JSGlobalObject::objectPrototypeIsSane):
(JSC::JSGlobalObject::arrayPrototypeChainIsSane):
(JSC::JSGlobalObject::stringPrototypeChainIsSane):
- runtime/JSGlobalObject.h:
(JSC::JSGlobalObject::finishCreation):
- runtime/JSGlobalObjectFunctions.cpp:
(JSC::GlobalFuncProtoGetterFunctor::GlobalFuncProtoGetterFunctor):
(JSC::GlobalFuncProtoGetterFunctor::operator()):
(JSC::globalFuncProtoGetter):
- runtime/JSLexicalEnvironment.cpp:
(JSC::JSLexicalEnvironment::getOwnPropertySlot):
- runtime/JSObject.cpp:
(JSC::JSObject::calculatedClassName):
(JSC::JSObject::putInlineSlow):
(JSC::JSObject::setPrototypeWithCycleCheck):
(JSC::JSObject::setPrototype):
(JSC::JSObject::getPrototype):
(JSC::JSObject::defaultHasInstance):
(JSC::objectPrivateFuncInstanceOf):
(JSC::JSObject::getPropertyNames):
(JSC::JSObject::attemptToInterceptPutByIndexOnHoleForPrototype):
(JSC::JSObject::attemptToInterceptPutByIndexOnHole):
(JSC::JSObject::getGenericPropertyNames):
- runtime/JSObject.h:
(JSC::JSObject::finishCreation):
(JSC::JSObject::JSObject):
(JSC::JSObject::getPrototypeDirect):
(JSC::JSObject::getPrototype):
(JSC::JSObject::getOwnNonIndexPropertySlot):
(JSC::JSObject::getPropertySlot):
(JSC::JSObject::getNonIndexPropertySlot):
(JSC::JSObject::prototype): Deleted.
- runtime/JSObjectInlines.h:
(JSC::JSObject::canPerformFastPutInline):
- runtime/JSProxy.cpp:
(JSC::JSProxy::setTarget):
- runtime/JSTypedArrayViewConstructor.cpp:
(JSC::constructTypedArrayView):
- runtime/ObjectConstructor.cpp:
(JSC::ObjectConstructorGetPrototypeOfFunctor::ObjectConstructorGetPrototypeOfFunctor):
(JSC::ObjectConstructorGetPrototypeOfFunctor::operator()):
(JSC::objectConstructorGetPrototypeOf):
- runtime/ObjectPrototype.cpp:
(JSC::objectProtoFuncIsPrototypeOf):
- runtime/ProxyObject.cpp:
(JSC::performProxyGet):
(JSC::ProxyObject::performSetPrototype):
- runtime/StructureInlines.h:
(JSC::Structure::isValid):
- tests/stress/proxy-has-property.js:
(assert.let.h1.has):
(assert.let.h2.has):
(assert):
Source/WebCore:
Change ::getPrototype(.) to ::prototype(.) in various places to prevent
a naming conflict with JSC.
No new tests because no new functionality was added.
- bindings/js/JSDOMWindowShell.cpp:
(WebCore::JSDOMWindowShell::setWindow):
- bindings/js/JSImageConstructor.cpp:
(WebCore::JSImageConstructor::initializeProperties):
(WebCore::JSImageConstructor::prototypeForStructure):
- bindings/js/WorkerScriptController.cpp:
(WebCore::WorkerScriptController::initScript):
- bindings/scripts/CodeGeneratorJS.pm:
(GenerateHeader):
(GenerateImplementation):
(GenerateConstructorHelperMethods):
- bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
(WebCore::JSTestActiveDOMObjectConstructor::initializeProperties):
(WebCore::JSTestActiveDOMObject::createPrototype):
(WebCore::JSTestActiveDOMObject::prototype):
(WebCore::JSTestActiveDOMObject::getPrototype): Deleted.
- bindings/scripts/test/JS/JSTestActiveDOMObject.h:
- bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
(WebCore::JSTestClassWithJSBuiltinConstructorConstructor::initializeProperties):
(WebCore::JSTestClassWithJSBuiltinConstructor::createPrototype):
(WebCore::JSTestClassWithJSBuiltinConstructor::prototype):
(WebCore::JSTestClassWithJSBuiltinConstructor::getPrototype): Deleted.
- bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.h:
- bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:
(WebCore::JSTestCustomConstructorWithNoInterfaceObjectConstructor::initializeProperties):
(WebCore::JSTestCustomConstructorWithNoInterfaceObject::createPrototype):
(WebCore::JSTestCustomConstructorWithNoInterfaceObject::prototype):
(WebCore::JSTestCustomConstructorWithNoInterfaceObject::getPrototype): Deleted.
- bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.h:
- bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
(WebCore::JSTestCustomNamedGetterConstructor::initializeProperties):
(WebCore::JSTestCustomNamedGetter::createPrototype):
(WebCore::JSTestCustomNamedGetter::prototype):
(WebCore::JSTestCustomNamedGetter::getPrototype): Deleted.
- bindings/scripts/test/JS/JSTestCustomNamedGetter.h:
- bindings/scripts/test/JS/JSTestEventConstructor.cpp:
(WebCore::JSTestEventConstructorConstructor::initializeProperties):
(WebCore::JSTestEventConstructor::createPrototype):
(WebCore::JSTestEventConstructor::prototype):
(WebCore::JSTestEventConstructor::getPrototype): Deleted.
- bindings/scripts/test/JS/JSTestEventConstructor.h:
- bindings/scripts/test/JS/JSTestEventTarget.cpp:
(WebCore::JSTestEventTargetConstructor::initializeProperties):
(WebCore::JSTestEventTarget::createPrototype):
(WebCore::JSTestEventTarget::prototype):
(WebCore::JSTestEventTarget::getPrototype): Deleted.
- bindings/scripts/test/JS/JSTestEventTarget.h:
- bindings/scripts/test/JS/JSTestException.cpp:
(WebCore::JSTestExceptionConstructor::initializeProperties):
(WebCore::JSTestException::createPrototype):
(WebCore::JSTestException::prototype):
(WebCore::JSTestException::getPrototype): Deleted.
- bindings/scripts/test/JS/JSTestException.h:
- bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
(WebCore::JSTestGenerateIsReachableConstructor::initializeProperties):
(WebCore::JSTestGenerateIsReachable::createPrototype):
(WebCore::JSTestGenerateIsReachable::prototype):
(WebCore::JSTestGenerateIsReachable::getPrototype): Deleted.
- bindings/scripts/test/JS/JSTestGenerateIsReachable.h:
- bindings/scripts/test/JS/JSTestInterface.cpp:
(WebCore::JSTestInterfaceConstructor::initializeProperties):
(WebCore::JSTestInterface::createPrototype):
(WebCore::JSTestInterface::prototype):
(WebCore::JSTestInterface::getPrototype): Deleted.
- bindings/scripts/test/JS/JSTestInterface.h:
- bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
(WebCore::JSTestJSBuiltinConstructorConstructor::initializeProperties):
(WebCore::JSTestJSBuiltinConstructor::createPrototype):
(WebCore::JSTestJSBuiltinConstructor::prototype):
(WebCore::JSTestJSBuiltinConstructor::getPrototype): Deleted.
- bindings/scripts/test/JS/JSTestJSBuiltinConstructor.h:
- bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
(WebCore::JSTestMediaQueryListListenerConstructor::initializeProperties):
(WebCore::JSTestMediaQueryListListener::createPrototype):
(WebCore::JSTestMediaQueryListListener::prototype):
(WebCore::JSTestMediaQueryListListener::getPrototype): Deleted.
- bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
- bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
(WebCore::JSTestNamedConstructorConstructor::initializeProperties):
(WebCore::JSTestNamedConstructorNamedConstructor::initializeProperties):
(WebCore::JSTestNamedConstructor::createPrototype):
(WebCore::JSTestNamedConstructor::prototype):
(WebCore::JSTestNamedConstructor::getPrototype): Deleted.
- bindings/scripts/test/JS/JSTestNamedConstructor.h:
- bindings/scripts/test/JS/JSTestNode.cpp:
(WebCore::JSTestNodeConstructor::initializeProperties):
(WebCore::JSTestNode::createPrototype):
(WebCore::JSTestNode::prototype):
(WebCore::JSTestNode::getPrototype): Deleted.
- bindings/scripts/test/JS/JSTestNode.h:
- bindings/scripts/test/JS/JSTestNondeterministic.cpp:
(WebCore::JSTestNondeterministicConstructor::initializeProperties):
(WebCore::JSTestNondeterministic::createPrototype):
(WebCore::JSTestNondeterministic::prototype):
(WebCore::JSTestNondeterministic::getPrototype): Deleted.
- bindings/scripts/test/JS/JSTestNondeterministic.h:
- bindings/scripts/test/JS/JSTestObj.cpp:
(WebCore::JSTestObjConstructor::initializeProperties):
(WebCore::JSTestObj::createPrototype):
(WebCore::JSTestObj::prototype):
(WebCore::JSTestObj::getPrototype): Deleted.
- bindings/scripts/test/JS/JSTestObj.h:
- bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
(WebCore::JSTestOverloadedConstructorsConstructor::initializeProperties):
(WebCore::JSTestOverloadedConstructors::createPrototype):
(WebCore::JSTestOverloadedConstructors::prototype):
(WebCore::JSTestOverloadedConstructors::getPrototype): Deleted.
- bindings/scripts/test/JS/JSTestOverloadedConstructors.h:
- bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
(WebCore::JSTestOverrideBuiltinsConstructor::initializeProperties):
(WebCore::JSTestOverrideBuiltins::createPrototype):
(WebCore::JSTestOverrideBuiltins::prototype):
(WebCore::JSTestOverrideBuiltins::getPrototype): Deleted.
- bindings/scripts/test/JS/JSTestOverrideBuiltins.h:
- bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
(WebCore::JSTestSerializedScriptValueInterfaceConstructor::initializeProperties):
(WebCore::JSTestSerializedScriptValueInterface::createPrototype):
(WebCore::JSTestSerializedScriptValueInterface::prototype):
(WebCore::JSTestSerializedScriptValueInterface::getPrototype): Deleted.
- bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
- bindings/scripts/test/JS/JSTestTypedefs.cpp:
(WebCore::JSTestTypedefsConstructor::initializeProperties):
(WebCore::JSTestTypedefs::createPrototype):
(WebCore::JSTestTypedefs::prototype):
(WebCore::JSTestTypedefs::getPrototype): Deleted.
- bindings/scripts/test/JS/JSTestTypedefs.h:
- bindings/scripts/test/JS/JSattribute.cpp:
(WebCore::JSattributeConstructor::initializeProperties):
(WebCore::JSattribute::createPrototype):
(WebCore::JSattribute::prototype):
(WebCore::JSattribute::getPrototype): Deleted.
- bindings/scripts/test/JS/JSattribute.h:
- bindings/scripts/test/JS/JSreadonly.cpp:
(WebCore::JSreadonlyConstructor::initializeProperties):
(WebCore::JSreadonly::createPrototype):
(WebCore::JSreadonly::prototype):
(WebCore::JSreadonly::getPrototype): Deleted.
- bindings/scripts/test/JS/JSreadonly.h:
- 3:40 PM Changeset in webkit [197647] by
-
- 2 edits in trunk/LayoutTests
[iOS] Some more gardening after r197627.
Unreviewed.
- platform/ios-simulator/TestExpectations: skip a test.
- 3:12 PM Changeset in webkit [197646] by
-
- 40 edits in trunk/Source/JavaScriptCore
Unreviewed, rolling out r197645.
https://bugs.webkit.org/show_bug.cgi?id=155097
"Doesn't build properly when building entire webkit"
(Requested by saamyjoon on #webkit).
Reverted changeset:
"GetPrototypeOf? should be a fully virtual method in the
method table"
https://bugs.webkit.org/show_bug.cgi?id=155002
http://trac.webkit.org/changeset/197645
- 3:05 PM Changeset in webkit [197645] by
-
- 40 edits in trunk/Source/JavaScriptCore
GetPrototypeOf? should be a fully virtual method in the method table
https://bugs.webkit.org/show_bug.cgi?id=155002
Reviewed by Filip Pizlo.
This patch makes us more consistent with how the ES6 specification models the
GetPrototypeOf? trap. Moving this method into ClassInfo::methodTable
is a prerequisite for implementing Proxy.GetPrototypeOf?. This patch
still allows directly accessing the prototype for situations where this
is the desired behavior. This is equivalent to getting the internal
Prototype? field as described in the specification.
- API/JSObjectRef.cpp:
(JSObjectGetPrototype):
(JSObjectSetPrototype):
- dfg/DFGOperations.cpp:
- dfg/DFGOperations.h:
- dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileInstanceOfForObject):
(JSC::DFG::SpeculativeJIT::compileCheckTypeInfoFlags):
- ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileInstanceOf):
(JSC::FTL::DFG::LowerDFGToB3::compileInstanceOfCustom):
- jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_instanceof):
(JSC::JIT::emitSlow_op_instanceof):
- jit/JITOpcodes32_64.cpp:
(JSC::JIT::emit_op_instanceof):
(JSC::JIT::emitSlow_op_instanceof):
- jit/JITOperations.cpp:
- jit/JITOperations.h:
- jsc.cpp:
(functionCreateProxy):
- llint/LLIntSlowPaths.cpp:
(JSC::LLInt::LLINT_SLOW_PATH_DECL):
- llint/LowLevelInterpreter.asm:
- llint/LowLevelInterpreter32_64.asm:
- llint/LowLevelInterpreter64.asm:
- runtime/ArrayPrototype.cpp:
(JSC::speciesConstructArray):
- runtime/ClassInfo.h:
- runtime/FunctionPrototype.cpp:
(JSC::functionProtoFuncBind):
- runtime/IntlCollatorPrototype.cpp:
(JSC::IntlCollatorPrototypeGetterCompare):
- runtime/IntlDateTimeFormatPrototype.cpp:
(JSC::IntlDateTimeFormatPrototypeGetterFormat):
- runtime/IntlNumberFormatPrototype.cpp:
(JSC::IntlNumberFormatPrototypeGetterFormat):
- runtime/JSBoundFunction.cpp:
(JSC::hasInstanceBoundFunction):
(JSC::getBoundFunctionStructure):
(JSC::JSBoundFunction::create):
- runtime/JSBoundFunction.h:
- runtime/JSCJSValue.cpp:
(JSC::JSValue::putToPrimitive):
- runtime/JSCell.cpp:
(JSC::JSCell::setPrototype):
(JSC::JSCell::getPrototype):
- runtime/JSCell.h:
- runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::init):
(JSC::JSGlobalObject::hasLegacyProfiler):
(JSC::lastInPrototypeChain):
(JSC::JSGlobalObject::objectPrototypeIsSane):
(JSC::JSGlobalObject::arrayPrototypeChainIsSane):
(JSC::JSGlobalObject::stringPrototypeChainIsSane):
- runtime/JSGlobalObject.h:
(JSC::JSGlobalObject::finishCreation):
- runtime/JSGlobalObjectFunctions.cpp:
(JSC::GlobalFuncProtoGetterFunctor::GlobalFuncProtoGetterFunctor):
(JSC::GlobalFuncProtoGetterFunctor::operator()):
(JSC::globalFuncProtoGetter):
- runtime/JSLexicalEnvironment.cpp:
(JSC::JSLexicalEnvironment::getOwnPropertySlot):
- runtime/JSObject.cpp:
(JSC::JSObject::calculatedClassName):
(JSC::JSObject::putInlineSlow):
(JSC::JSObject::setPrototypeWithCycleCheck):
(JSC::JSObject::setPrototype):
(JSC::JSObject::getPrototype):
(JSC::JSObject::defaultHasInstance):
(JSC::objectPrivateFuncInstanceOf):
(JSC::JSObject::getPropertyNames):
(JSC::JSObject::attemptToInterceptPutByIndexOnHoleForPrototype):
(JSC::JSObject::attemptToInterceptPutByIndexOnHole):
(JSC::JSObject::getGenericPropertyNames):
- runtime/JSObject.h:
(JSC::JSObject::finishCreation):
(JSC::JSObject::JSObject):
(JSC::JSObject::getPrototypeDirect):
(JSC::JSObject::getPrototype):
(JSC::JSObject::getOwnNonIndexPropertySlot):
(JSC::JSObject::getPropertySlot):
(JSC::JSObject::getNonIndexPropertySlot):
(JSC::JSObject::prototype): Deleted.
- runtime/JSObjectInlines.h:
(JSC::JSObject::canPerformFastPutInline):
- runtime/JSProxy.cpp:
(JSC::JSProxy::setTarget):
- runtime/JSTypedArrayViewConstructor.cpp:
(JSC::constructTypedArrayView):
- runtime/ObjectConstructor.cpp:
(JSC::ObjectConstructorGetPrototypeOfFunctor::ObjectConstructorGetPrototypeOfFunctor):
(JSC::ObjectConstructorGetPrototypeOfFunctor::operator()):
(JSC::objectConstructorGetPrototypeOf):
- runtime/ObjectPrototype.cpp:
(JSC::objectProtoFuncIsPrototypeOf):
- runtime/ProxyObject.cpp:
(JSC::performProxyGet):
(JSC::ProxyObject::performSetPrototype):
- runtime/StructureInlines.h:
(JSC::Structure::isValid):
- tests/stress/proxy-has-property.js:
(assert.let.h1.has):
(assert.let.h2.has):
(assert):
- 2:57 PM Changeset in webkit [197644] by
-
- 2 edits in trunk/LayoutTests
[iOS] Gardening after r197627.
Unreviewed.
- platform/ios-simulator/TestExpectations:
- 2:30 PM Changeset in webkit [197643] by
-
- 2 edits in trunk/Websites/webkit.org
Update style guide to reflect our style of only using "override" or "final" when overriding virtual methods
https://bugs.webkit.org/show_bug.cgi?id=154978
Reviewed by Darin Adler.
- code-style.md:
- 12:44 PM Changeset in webkit [197642] by
-
- 7 edits in trunk/Source/WebCore
Enable DOM class create functions to take parameters in case of JSBuiltinConstructor
https://bugs.webkit.org/show_bug.cgi?id=155022
Reviewed by Darin Adler.
Introducing JSDOMObjectInspector to check whether a given JS class is built-in (no DOM class).
If that is not the case, the JS class wraps a DOM class.
The inspector detects whether the DOM class create static method takes no parameter or some parameters.
This is used in JSDOMConstructor.h to generate correctly the createJSObject functions needed by JSBuiltinConstructor.
Updated binding generator to not generate anymore createJSObject as it is handled directly in JSDOMConstructor.h.
Covered by existing tests.
- bindings/js/JSDOMConstructor.h:
(WebCore::JSBuiltinConstructor<JSClass>::callConstructor):
(WebCore::createJSObject):
(WebCore::JSBuiltinConstructor<JSClass>::construct):
- bindings/js/JSDOMWrapper.h:
- bindings/js/JSKeyValueIterator.h: Taking benefit of JSClass::DOMWrapper type declaration.
- bindings/js/JSReadableStreamPrivateConstructors.cpp:
(WebCore::JSBuiltinReadableStreamReaderPrivateConstructor::initializeExecutable): Deleted.
(WebCore::JSBuiltinReadableStreamControllerPrivateConstructor::initializeExecutable): Deleted.
- bindings/scripts/CodeGeneratorJS.pm:
(GenerateConstructorDefinition): Deleted.
- bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
(WebCore::JSTestClassWithJSBuiltinConstructorConstructor::prototypeForStructure): Deleted.
- 12:11 PM Changeset in webkit [197641] by
-
- 33 edits5 adds in trunk
RegExpMatchesArray doesn't know how to have a bad time
https://bugs.webkit.org/show_bug.cgi?id=155069
Reviewed by Yusuke Suzuki.
Source/JavaScriptCore:
In trunk if we are having a bad time, the regexp matches array is still allocated with a
non-slow-put indexing shape, which makes it have the wrong behavior on indexed setters on
the prototype chain.
Getting this to work right requires introducing bad time code paths into the regexp matches
array. It also requires something more drastic: making this code not play games with the
global object. The code that creates the matches array needs to have the actual global
object of the regexp native function that it's logically created by.
This is totally different from how we've handled global objects in the past because it means
that the global object is not a constant. Normally we can make it a constant because a
script executable will know its global object. But with native functions, it's the function
instance that knows the global object - not the native executable. When we inline a native
intrinsic, we are guaranteed to know the native executable but we're not guaranteed to know
the functon instance. This means that the global object may be a variable that gets computed
by looking at the instance at run-time. So, the RegExpExec/RegExpTest nodes in DFG IR now
take a global object child. That also meant adding a new node type, GetGlobalObject, which
does the thing to the callee that CallFrame::lexicalGlobalObject() would have done.
Eventually, we'll probably have to make other native intrinsics also use GetGlobalObject. It
turns out that this really isn't so bad because usually it's constant-folded anyway, since
although the intrinsic code supports executable-based inlining (which leaves the callee
instance as an unknown), it happens rarely for intrinsics. So, conveying the global object
via a child isn't any worse than conveying it via meta-data, and it's probably better than
telling the inliner not to do executable-based inlining of native intrinsics. That would
have been a confusing special-case.
This is perf-neutral on my machines but it fixes a bug and it unlocks some interesting
possibilities. For example, RegExpExec can now make a firm promise about the type of array
it's creating.
This also contains some other changes:
- We are now using Structure::addPropertyTransition() in a lot of places even though it was meant to be an internal method with a quirky contract - for example if only works if you know that there is not existing transition. This relaxes this constraint.
- Restores the use of "*" for heap references in JSString.h. It's very unusual to have heap references pointed at with "&", since we don't currently do that anywhere. The fact that it was using the wrong reference type also meant that the code couldn't elegantly make use of some our GC pointer helpers like jsCast<>.
- dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
- dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::attemptToInlineCall):
(JSC::DFG::ByteCodeParser::handleMinMax):
(JSC::DFG::ByteCodeParser::handleIntrinsicCall):
- dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
- dfg/DFGDoesGC.cpp:
(JSC::DFG::doesGC):
- dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
- dfg/DFGNodeType.h:
- dfg/DFGOperations.cpp:
- dfg/DFGOperations.h:
- dfg/DFGPredictionPropagationPhase.cpp:
(JSC::DFG::PredictionPropagationPhase::propagate):
- dfg/DFGSafeToExecute.h:
(JSC::DFG::safeToExecute):
- dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileSkipScope):
(JSC::DFG::SpeculativeJIT::compileGetGlobalObject):
(JSC::DFG::SpeculativeJIT::compileGetArrayLength):
- dfg/DFGSpeculativeJIT.h:
(JSC::DFG::SpeculativeJIT::callOperation):
- dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
- dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
- ftl/FTLCapabilities.cpp:
(JSC::FTL::canCompile):
- ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileSkipScope):
(JSC::FTL::DFG::LowerDFGToB3::compileGetGlobalObject):
(JSC::FTL::DFG::LowerDFGToB3::compileGetClosureVar):
(JSC::FTL::DFG::LowerDFGToB3::compileRegExpExec):
(JSC::FTL::DFG::LowerDFGToB3::compileRegExpTest):
(JSC::FTL::DFG::LowerDFGToB3::compileNewRegexp):
- jit/JITOperations.h:
- runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::init):
(JSC::JSGlobalObject::haveABadTime):
(JSC::JSGlobalObject::visitChildren):
- runtime/JSGlobalObject.h:
- runtime/JSObject.h:
(JSC::JSObject::putDirectInternal):
- runtime/JSString.h:
(JSC::jsString):
(JSC::jsSubstring):
- runtime/RegExpCachedResult.cpp:
(JSC::RegExpCachedResult::lastResult):
- runtime/RegExpMatchesArray.cpp:
(JSC::tryCreateUninitializedRegExpMatchesArray):
(JSC::createRegExpMatchesArray):
(JSC::createStructureImpl):
(JSC::createRegExpMatchesArrayStructure):
(JSC::createRegExpMatchesArraySlowPutStructure):
- runtime/RegExpMatchesArray.h:
- runtime/RegExpObject.cpp:
(JSC::RegExpObject::put):
(JSC::RegExpObject::exec):
(JSC::RegExpObject::match):
- runtime/RegExpObject.h:
(JSC::RegExpObject::getLastIndex):
(JSC::RegExpObject::test):
- runtime/RegExpPrototype.cpp:
(JSC::regExpProtoFuncTest):
(JSC::regExpProtoFuncExec):
(JSC::regExpProtoFuncCompile):
- runtime/StringPrototype.cpp:
(JSC::stringProtoFuncMatch):
- runtime/Structure.cpp:
(JSC::Structure::suggestedArrayStorageTransition):
(JSC::Structure::addPropertyTransition):
(JSC::Structure::addNewPropertyTransition):
- runtime/Structure.h:
- tests/stress/regexp-matches-array-bad-time.js: Added.
- tests/stress/regexp-matches-array-slow-put.js: Added.
LayoutTests:
- js/regress/regexp-exec-expected.txt: Added.
- js/regress/regexp-exec.html: Added.
- js/regress/script-tests/regexp-exec.js: Added.
- 12:08 PM Changeset in webkit [197640] by
-
- 3 edits1 add in trunk/Source/JavaScriptCore
[JSC] RegExp#lastIndex should handle writable attribute when defining in defineOwnProperty path
https://bugs.webkit.org/show_bug.cgi?id=155093
Reviewed by Filip Pizlo.
Before this patch,
setLastIndex(ExecState* exec, size_t lastIndex)always overwrites the existing value
regardless of writable attribute.
And when defining RegExp#lastIndex in defineOwnProperty, we need to define the value first
before making the attribute readonly. After changing the writable attribute, we cannot define the value.
- runtime/RegExpObject.cpp:
(JSC::RegExpObject::defineOwnProperty):
- runtime/RegExpObject.h:
(JSC::RegExpObject::setLastIndex):
- tests/stress/regexp-last-index-writable.js: Added.
(shouldBe):
(shouldThrow):
(regExpLastIndex):
- 7:00 AM Changeset in webkit [197639] by
-
- 2 edits in trunk/LayoutTests
[iOS] Gardening after r197627.
Unreviewed.
- platform/ios-simulator/css2.1/20110323/border-conflict-style-088-expected.txt:
- 4:04 AM Changeset in webkit [197638] by
-
- 4 edits in trunk/Source
Reduce page cache capacity from 3 to 2.
<https://webkit.org/b/155087>
Reviewed by Antti Koivisto.
Source/WebKit/mac:
Trim WebKit1 page cache capacities consistently with WebKit2.
- WebView/WebView.mm:
(+[WebView _setCacheModel:]):
Source/WebKit2:
It's extremely rare that users go back more than 2 pages in the page cache,
and nowadays the network cache makes even un-cached pages fast to reload.
Trimming the page cache from 3 to 2 entries has a very nice effect on heap
fragmentation. I'm seeing a ~5% progression on the iPad PLUM test locally;
average memory usage across 300 loads goes from ~121MB to ~114MB.
- Shared/CacheModel.cpp:
(WebKit::calculateCacheSizes):
- 2:17 AM Changeset in webkit [197637] by
-
- 11 edits in trunk/Source/WebCore
RenderTextControlSingleLine shouldn't mutate placeholder element inline style
https://bugs.webkit.org/show_bug.cgi?id=155086
Reviewed by Andreas Kling.
Text field placeholder element is currently managed by changing its inline style
from the host renderer based on the host style and state. Rendering poking
into DOM is wrong.
- html/HTMLInputElement.cpp:
(WebCore::HTMLInputElement::setRangeText):
(WebCore::HTMLInputElement::shouldTruncateText):
Add a helper.
(WebCore::HTMLInputElement::createInnerTextStyle):
- html/HTMLInputElement.h:
- html/HTMLTextAreaElement.cpp:
(WebCore::HTMLTextAreaElement::HTMLTextAreaElement):
(WebCore::HTMLTextAreaElement::placeholderElement):
(WebCore::HTMLTextAreaElement::matchesReadWritePseudoClass):
(WebCore::HTMLTextAreaElement::updatePlaceholderText):
Use the new shadow element.
- html/HTMLTextAreaElement.h:
- html/HTMLTextFormControlElement.cpp:
(WebCore::HTMLTextFormControlElement::updatePlaceholderVisibility):
No more poking to inline style.
(WebCore::HTMLTextFormControlElement::setSelectionStart):
- html/TextFieldInputType.cpp:
(WebCore::TextFieldInputType::updatePlaceholderText):
Use the new shadow element.
- html/shadow/TextControlInnerElements.cpp:
(WebCore::TextControlPlaceholderElement::TextControlPlaceholderElement):
Add a subclass for the placeholder element instead of just using div.
(WebCore::TextControlPlaceholderElement::customStyleForRenderer):
Compute style base on the host state and style.
(WebCore::SearchFieldResultsButtonElement::SearchFieldResultsButtonElement):
- html/shadow/TextControlInnerElements.h:
- rendering/RenderTextControlSingleLine.cpp:
(WebCore::RenderTextControlSingleLine::styleDidChange):
No more setInlineStyleProperty.
This now needs to trigger layout like it does with other inner elements.
(WebCore::RenderTextControlSingleLine::computeControlLogicalHeight):
(WebCore::RenderTextControlSingleLine::autoscroll):
(WebCore::RenderTextControlSingleLine::textShouldBeTruncated): Deleted.
- rendering/RenderTextControlSingleLine.h:
- 12:33 AM Changeset in webkit [197636] by
-
- 3 edits in trunk/Tools
build-webkit prints an error on iOS simulator bots
https://bugs.webkit.org/show_bug.cgi?id=155078
Reviewed by Dan Bernstein.
This happens when build-layouttestrelay sets $xcodeSDK to undefined, to use host SDK.
- Scripts/webkitdirs.pm: (buildXCodeProject): There is no need to pass -sdk, because
XcodeOptions() already passes SDKROOT as appropriate.
- Scripts/build-layouttestrelay: Added a FIXME. Resetting $xcodeSDK doesn't reset
any other configuration variables that were derived from its initial value, like $portName.
Mar 5, 2016:
- 11:46 PM Changeset in webkit [197635] by
-
- 148 edits1 add in trunk/LayoutTests
[iOS] Gardening after r197627.
Unreviewed.
- platform/ios-simulator/css2.1/20110323/border-conflict-style-079-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-01-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-02-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-03-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-04-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-05-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-06-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-07-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-08-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-11-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-12-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-13-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-14-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-15-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-16-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-17-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-18-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-21-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-22-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-23-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-24-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-25-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-26-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-27-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-28-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-31-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-32-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-33-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-34-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-35-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-36-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-37-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-38-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-41-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-42-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-43-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-44-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-45-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-46-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-47-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-48-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-51-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-52-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-53-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-54-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-55-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-56-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-57-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-58-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-61-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-62-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-63-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-64-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-65-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-66-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-67-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-68-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-71-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-72-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-73-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-74-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-75-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-76-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-77-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-78-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-81-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-82-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-83-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-84-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-85-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-86-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-87-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-88-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-91-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-92-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-93-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-94-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-95-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-96-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-97-d-expected.txt:
- platform/ios-simulator/css2.1/t170602-bdr-conflct-w-98-d-expected.txt:
- platform/ios-simulator/fast/borders/border-antialiasing-expected.txt:
- platform/ios-simulator/fast/dynamic/create-renderer-for-whitespace-only-text-expected.txt:
- platform/ios-simulator/fast/table/border-collapsing/002-expected.txt:
- platform/ios-simulator/fast/table/border-collapsing/002-vertical-expected.txt:
- platform/ios-simulator/fast/table/border-collapsing/border-collapsing-head-foot-expected.txt:
- platform/ios-simulator/fast/table/border-collapsing/border-collapsing-head-foot-vertical-expected.txt:
- platform/ios-simulator/fast/table/border-collapsing/cached-69296-expected.txt:
- platform/ios-simulator/fast/table/border-collapsing/cached-change-row-border-width-expected.txt:
- platform/ios-simulator/fast/table/border-collapsing/cached-change-tbody-border-width-expected.txt:
- platform/ios-simulator/fast/table/border-collapsing/equal-precedence-resolution-expected.txt:
- platform/ios-simulator/fast/table/border-collapsing/rtl-border-collapsing-expected.txt:
- platform/ios-simulator/fast/table/border-collapsing/rtl-border-collapsing-vertical-expected.txt:
- platform/ios-simulator/fast/table/colgroup-spanning-groups-rules-expected.txt:
- platform/ios-simulator/fast/table/frame-and-rules-expected.txt:
- platform/ios-simulator/fast/table/overflowHidden-expected.txt:
- platform/ios-simulator/fast/table/rules-attr-dynchange1-expected.txt:
- platform/ios-simulator/fast/table/rules-attr-dynchange2-expected.txt:
- platform/ios-simulator/fast/text/international/bidi-override-expected.txt:
- platform/ios-simulator/ietestcenter/css3/bordersbackgrounds/border-radius-applies-to-009-expected.txt:
- platform/ios-simulator/ietestcenter/css3/bordersbackgrounds/border-radius-applies-to-012-expected.txt:
- platform/ios-simulator/ietestcenter/css3/bordersbackgrounds/border-radius-applies-to-013-expected.txt:
- platform/ios-simulator/ietestcenter/css3/bordersbackgrounds/border-radius-applies-to-014-expected.txt:
- platform/ios-simulator/ietestcenter/css3/bordersbackgrounds/border-radius-applies-to-015-expected.txt:
- platform/ios-simulator/ietestcenter/css3/bordersbackgrounds/border-radius-applies-to-016-expected.txt:
- platform/ios-simulator/tables/mozilla/bugs/bug24200-expected.txt:
- platform/ios-simulator/tables/mozilla/bugs/bug43854-2-expected.txt:
- platform/ios-simulator/tables/mozilla/bugs/bug9024-expected.txt: Added.
- platform/ios-simulator/tables/mozilla/collapsing_borders/bug41262-3-expected.txt:
- platform/ios-simulator/tables/mozilla/collapsing_borders/bug41262-4-expected.txt:
- platform/ios-simulator/tables/mozilla/core/table_rules-expected.txt:
- platform/ios-simulator/tables/mozilla/marvin/backgr_layers-opacity-expected.txt:
- platform/ios-simulator/tables/mozilla/marvin/backgr_position-table-expected.txt:
- platform/ios-simulator/tables/mozilla/marvin/backgr_simple-table-cell-expected.txt:
- platform/ios-simulator/tables/mozilla/marvin/backgr_simple-table-column-expected.txt:
- platform/ios-simulator/tables/mozilla/marvin/backgr_simple-table-column-group-expected.txt:
- platform/ios-simulator/tables/mozilla/marvin/backgr_simple-table-expected.txt:
- platform/ios-simulator/tables/mozilla/marvin/backgr_simple-table-row-expected.txt:
- platform/ios-simulator/tables/mozilla/marvin/backgr_simple-table-row-group-expected.txt:
- platform/ios-simulator/tables/mozilla/marvin/table_rules_all-expected.txt:
- platform/ios-simulator/tables/mozilla/marvin/table_rules_none-expected.txt:
- platform/ios-simulator/tables/mozilla/marvin/x_table_rules_groups-expected.txt:
- platform/ios-simulator/tables/mozilla/marvin/x_table_rules_none-expected.txt:
- platform/ios-simulator/tables/mozilla_expected_failures/bugs/bug1055-2-expected.txt:
- platform/ios-simulator/tables/mozilla_expected_failures/bugs/bug89315-expected.txt:
- platform/ios-simulator/tables/mozilla_expected_failures/collapsing_borders/bug41262-1-expected.txt:
- platform/ios-simulator/tables/mozilla_expected_failures/collapsing_borders/bug41262-5-expected.txt:
- platform/ios-simulator/tables/mozilla_expected_failures/collapsing_borders/bug41262-6-expected.txt:
- platform/ios-simulator/tables/mozilla_expected_failures/marvin/backgr_border-table-cell-expected.txt:
- platform/ios-simulator/tables/mozilla_expected_failures/marvin/backgr_border-table-column-expected.txt:
- platform/ios-simulator/tables/mozilla_expected_failures/marvin/backgr_border-table-column-group-expected.txt:
- platform/ios-simulator/tables/mozilla_expected_failures/marvin/backgr_border-table-expected.txt:
- platform/ios-simulator/tables/mozilla_expected_failures/marvin/backgr_border-table-quirks-expected.txt:
- platform/ios-simulator/tables/mozilla_expected_failures/marvin/backgr_border-table-row-expected.txt:
- platform/ios-simulator/tables/mozilla_expected_failures/marvin/backgr_border-table-row-group-expected.txt:
- platform/ios-simulator/tables/mozilla_expected_failures/marvin/backgr_fixed-bg-expected.txt:
- platform/ios-simulator/tables/mozilla_expected_failures/marvin/backgr_layers-hide-expected.txt:
- platform/ios-simulator/tables/mozilla_expected_failures/marvin/backgr_layers-show-expected.txt:
- platform/ios-simulator/tables/mozilla_expected_failures/marvin/backgr_position-table-cell-expected.txt:
- platform/ios-simulator/tables/mozilla_expected_failures/marvin/backgr_position-table-column-expected.txt:
- platform/ios-simulator/tables/mozilla_expected_failures/marvin/backgr_position-table-column-group-expected.txt:
- platform/ios-simulator/tables/mozilla_expected_failures/marvin/backgr_position-table-row-expected.txt:
- platform/ios-simulator/tables/mozilla_expected_failures/marvin/backgr_position-table-row-group-expected.txt:
- platform/ios-simulator/tables/mozilla_expected_failures/marvin/table_rules_cols-expected.txt:
- platform/ios-simulator/tables/mozilla_expected_failures/marvin/table_rules_rows-expected.txt:
- platform/ios-simulator/tables/mozilla_expected_failures/marvin/x_table_rules_all-expected.txt:
- platform/ios-simulator/tables/mozilla_expected_failures/marvin/x_table_rules_cols-expected.txt:
- platform/ios-simulator/tables/mozilla_expected_failures/marvin/x_table_rules_rows-expected.txt:
- 9:07 PM Changeset in webkit [197634] by
-
- 14 edits3 adds in trunk
Add the support for upgrading custom elements in cloneNode
https://bugs.webkit.org/show_bug.cgi?id=155062
Reviewed by Antti Koivisto.
Source/WebCore:
Implement https://w3c.github.io/webcomponents/spec/custom/#upgrading and steps 6 through 11 in
https://w3c.github.io/webcomponents/spec/custom/#htmlelement-constructor to support upgrading elements
created by Node.prototype.cloneNode.
Tests: fast/custom-elements/lifecycle-callback-timing.html
fast/custom-elements/upgrading/Node-cloneNode.html
- bindings/js/JSCustomElementInterface.cpp:
(WebCore::JSCustomElementInterface::upgradeElement): Added. Implements
https://w3c.github.io/webcomponents/spec/custom/#dfn-upgrade-a-custom-element
(WebCore::JSCustomElementInterface::didUpgradeLastElementInConstructionStack): Added. Implements step 10
"Replace the last entry in definition's construction stacka with an already constructed marker."
in https://w3c.github.io/webcomponents/spec/custom/#dom-htmlelement-constructor
- bindings/js/JSCustomElementInterface.h:
(WebCore::JSCustomElementInterface::isUpgradingElement):
(WebCore::JSCustomElementInterface::lastElementInConstructionStack):
(WebCore::JSCustomElementInterface): Added m_constructionStack. This is the construction stack:
https://w3c.github.io/webcomponents/spec/custom/#dfn-element-definition-construction-stack
- bindings/js/JSDOMBinding.cpp:
(WebCore::throwInvalidStateError): Added.
- bindings/js/JSDOMBinding.h:
- bindings/js/JSHTMLElementCustom.cpp:
(WebCore::constructJSHTMLElement): Implement the upgrading case in:
https://w3c.github.io/webcomponents/spec/custom/#htmlelement-constructor
- dom/Document.cpp:
(WebCore::createFallbackHTMLElement): Added. Enqueues upgrades of custom elements (enqueueElementUpgrade
currently does nothing if there is no InvokesCustomElementLifecycleCallbacks; e.g. in other DOM APIs).
This function implements https://w3c.github.io/webcomponents/spec/custom/#dfn-element-upgrade-algorithm
(WebCore::Document::createElement):
- dom/LifecycleCallbackQueue.cpp:
(WebCore::LifecycleQueueItem::LifecycleQueueItem): Added a generic constructor.
(WebCore::LifecycleQueueItem::invoke): Call upgradeElement when m_type is Type::ElementUpgrade.
(WebCore::LifecycleCallbackQueue::enqueueElementUpgrade): Added.
- dom/LifecycleCallbackQueue.h:
- dom/Node.idl: Added InvokesCustomElementLifecycleCallbacks on cloneNode.
- dom/make_names.pl:
(printFactoryCppFile): Added a variant of createKnownElement which takes QualifiedName. Also directly call
find(HTML|SVG|MathML)ElementConstructorFunction in createElement that takes AtomicString to avoid an extra
function call.
(printFactoryHeaderFile): Added a function declaration for createKnownElement that takes QualifiedName and
outdented class and function declarations to match the modern code style guideline.
LayoutTests:
Added test cases for upgrading elements with Node.prototype.cloneNode.
- fast/custom-elements/lifecycle-callback-timing-expected.txt:
- fast/custom-elements/lifecycle-callback-timing.html:
- 9:02 PM Changeset in webkit [197633] by
-
- 4 edits1 add in trunk
Create a DOMHTMLVideoElement when wrapping <video> elements
https://bugs.webkit.org/show_bug.cgi?id=155084
<rdar://problem/24997193>
Reviewed by Dan Bernstein.
- bindings/objc/DOM.mm:
(WebCore::createElementClassMap):
Add <video> to the mapping.
- TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
- TestWebKitAPI/Tests/mac/DOMHTMLVideoElementWrapper.mm: Added.
(-[VideoWrapperFrameLoadDelegate webView:didFinishLoadForFrame:]):
(TestWebKitAPI::TEST):
Add an API test for this behavior.
- 8:34 PM Changeset in webkit [197632] by
-
- 2 edits in trunk/Source/WebKit2
Revert usage of autofill field name for use with UITextInputTraits
until our bots can catch up.
- UIProcess/ios/WKContentViewInteraction.mm:
(-[WKContentView textInputTraits]):
- 8:25 PM Changeset in webkit [197631] by
-
- 5 edits in trunk/LayoutTests
Update tests to match the latest version of the HTML5 spec.
LayoutTests/imported/w3c:
- web-platform-tests/html/semantics/forms/the-form-element/form-autocomplete.html:
Fields that don't have any value set for their autocomplete attribute should return the the empty string.
LayoutTests:
- fast/forms/autocomplete-expected.txt:
- fast/forms/autocomplete.html:
Fields that don't have any value set for their autocomplete attribute should return the the empty string.
- 8:25 PM Changeset in webkit [197630] by
-
- 3 edits in trunk/Source/WebCore
Minor cleans up in custom elements' code per Darin's comments
https://bugs.webkit.org/show_bug.cgi?id=155081
Reviewed by Darin Adler.
Cleanup per Darin's comments.
- dom/CustomElementDefinitions.cpp:
(WebCore::CustomElementDefinitions::findInterface): Use get instead of explicitly checking against end().
- dom/LifecycleCallbackQueue.h: Remove unecessary header includes.
- 8:18 PM Changeset in webkit [197629] by
-
- 2 edits in trunk/Source/WebCore
Fix two minor typos from http://trac.webkit.org/changeset/197626 that were causing some test failures.
- html/Autofill.cpp:
(WebCore::fieldNameMap):
(WebCore::AutofillData::createFromHTMLFormControlElement):
- 7:28 PM Changeset in webkit [197628] by
-
- 40 edits1 add3 deletes in trunk/Source
Consolidate RuntimeApplicationChecks and RuntimeApplicationChecksIOS
https://bugs.webkit.org/show_bug.cgi?id=155035
Reviewed by Darin Adler.
Source/WebCore:
Consolidate RuntimeApplicationChecks and RuntimeApplicationChecksIOS into
one file. The following changes were made:
- The checks now all rely on applicationBundleIdentifier(), which has the benefit of working in WK1 and WK2 UI/WebContent/Networking processes.
- Use namespaces to distinguish Mac and iOS applications instead of relying on the method name. So, applicationIsIBooksForIOS() becomes IOSApplication::isIBooks().
- Use NSBundle API on both iOS and Mac instead of using the CF API on Mac and the NS API on iOS.
- CMakeLists.txt:
- WebCore.xcodeproj/project.pbxproj:
- accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
(-[WebAccessibilityObjectWrapper _accessibilityWebDocumentView]):
- bindings/js/JSDOMWindowBase.cpp:
(WebCore::JSDOMWindowBase::commonVM):
- bindings/js/JSLocationCustom.cpp:
(WebCore::JSLocation::putDelegate):
- html/HTMLMediaElement.cpp:
- html/HTMLObjectElement.cpp:
(WebCore::shouldNotPerformURLAdjustment):
- html/MediaElementSession.cpp:
- inspector/InspectorTimelineAgent.cpp:
(WebCore::currentRunLoop):
- loader/FrameLoader.cpp:
(WebCore::FrameLoader::willLoadMediaElementURL):
- loader/SubresourceLoader.cpp:
(WebCore::SubresourceLoader::create):
(WebCore::SubresourceLoader::startLoading):
- loader/cache/CachedScript.cpp:
(WebCore::CachedScript::shouldIgnoreHTTPStatusCodeErrors):
- platform/RuntimeApplicationChecks.cpp: Removed.
- platform/RuntimeApplicationChecks.h:
- platform/RuntimeApplicationChecks.mm: Added.
(WebCore::applicationBundleIdentifier):
(WebCore::applicationBundleIsEqualTo):
(WebCore::MacApplication::isSafari):
(WebCore::MacApplication::isAppleMail):
(WebCore::MacApplication::isIBooks):
(WebCore::MacApplication::isITunes):
(WebCore::MacApplication::isMicrosoftMessenger):
(WebCore::MacApplication::isAdobeInstaller):
(WebCore::MacApplication::isAOLInstantMessenger):
(WebCore::MacApplication::isMicrosoftMyDay):
(WebCore::MacApplication::isMicrosoftOutlook):
(WebCore::MacApplication::isQuickenEssentials):
(WebCore::MacApplication::isAperture):
(WebCore::MacApplication::isVersions):
(WebCore::MacApplication::isHRBlock):
(WebCore::MacApplication::isSolidStateNetworksDownloader):
(WebCore::MacApplication::isHipChat):
(WebCore::IOSApplication::isMobileMail):
(WebCore::IOSApplication::isMobileSafari):
(WebCore::IOSApplication::isDumpRenderTree):
(WebCore::IOSApplication::isMobileStore):
(WebCore::IOSApplication::isWebApp):
(WebCore::IOSApplication::isOkCupid):
(WebCore::IOSApplication::isFacebook):
(WebCore::IOSApplication::isDaijisenDictionary):
(WebCore::IOSApplication::isNASAHD):
(WebCore::IOSApplication::isTheEconomistOnIphone):
(WebCore::IOSApplication::isWebProcess):
(WebCore::IOSApplication::isIBooks):
(WebCore::setApplicationBundleIdentifier):
- platform/RuntimeApplicationChecksIOS.h: Removed.
- platform/RuntimeApplicationChecksIOS.mm: Removed.
- platform/audio/ios/AudioDestinationIOS.cpp:
- platform/cf/URLCF.cpp:
- platform/graphics/ca/cocoa/LayerFlushSchedulerMac.cpp:
(WebCore::currentRunLoop):
- platform/ios/PasteboardIOS.mm:
- platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
- platform/ios/wak/WebCoreThread.mm:
(WebThreadEnable):
- platform/mac/WidgetMac.mm:
(WebCore::Widget::paint):
- platform/network/ios/QuickLook.mm:
- platform/network/mac/ResourceHandleMac.mm:
- rendering/RenderLayerBacking.cpp:
(WebCore::RenderLayerBacking::needsIOSDumpRenderTreeMainFrameRenderViewLayerIsAlwaysOpaqueHack):
Source/WebKit:
Update runtime application checks.
- WebCoreSupport/WebResourceLoadScheduler.cpp:
(WebResourceLoadScheduler::servePendingRequests):
Source/WebKit/ios:
Update runtime application checks.
- WebCoreSupport/WebChromeClientIOS.mm:
Source/WebKit/mac:
Update runtime application checks.
- Plugins/WebPluginController.mm:
(initializeAudioSession):
- WebCoreSupport/WebFrameLoaderClient.mm:
- WebView/WebFrame.mm:
(needsMicrosoftMessengerDOMDocumentWorkaround):
- WebView/WebImmediateActionController.mm:
(-[WebImmediateActionController _updateImmediateActionItem]):
- WebView/WebView.mm:
(WebKitInitializeApplicationCachePathIfNecessary):
(shouldEnableLoadDeferring):
(shouldRestrictWindowFocus):
(needsOutlookQuirksScript):
(shouldTransformsAffectOverflow):
(shouldDispatchJavaScriptWindowOnErrorEvents):
(shouldUseLegacyBackgroundSizeShorthandBehavior):
(-[WebView _commonInitializationWithFrameName:groupName:]):
(+[WebView enableWebThread]):
(+[WebView registerForMemoryNotifications]):
(-[WebView _needsKeyboardEventDisambiguationQuirks]):
(needsSelfRetainWhileLoadingQuirk):
(-[WebView _needsPreHTML5ParserQuirks]):
Source/WebKit2:
Update runtime application checks.
- UIProcess/API/Cocoa/APIWebsiteDataStoreCocoa.mm:
(API::WebsiteDataStore::defaultApplicationCacheDirectory):
- UIProcess/Cocoa/VersionChecks.mm:
(WebKit::linkedOnOrAfter):
- UIProcess/Cocoa/WebProcessPoolCocoa.mm:
(WebKit::WebProcessPool::platformInitializeWebProcess):
(WebKit::WebProcessPool::legacyPlatformDefaultApplicationCacheDirectory):
- UIProcess/ios/WKContentViewInteraction.mm:
- UIProcess/mac/WebPageProxyMac.mm:
(WebKit::expectsLegacyImplicitRubberBandControl):
(WebKit::WebPageProxy::appleMailPaginationQuirkEnabled):
- 7:10 PM Changeset in webkit [197627] by
-
- 8 edits2 adds in trunk
Make table collapsed borders subpixel aware.
https://bugs.webkit.org/show_bug.cgi?id=150383
Reviewed by Simon Fraser.
This patch enables authors to
- set subpixel width on collapsed borders
- and push those borders to subpixel positions.
Source/WebCore:
Test: fast/table/collapsed-border-with-odd-pixel-width.html
- rendering/RenderTable.cpp:
(WebCore::RenderTable::calcBorderStart):
(WebCore::RenderTable::calcBorderEnd):
(WebCore::RenderTable::outerBorderBefore):
(WebCore::RenderTable::outerBorderAfter):
(WebCore::RenderTable::outerBorderStart):
(WebCore::RenderTable::outerBorderEnd):
- rendering/RenderTableCell.cpp:
(WebCore::RenderTableCell::borderHalfStart):
(WebCore::RenderTableCell::borderHalfEnd):
(WebCore::RenderTableCell::borderHalfBefore):
(WebCore::RenderTableCell::borderHalfAfter):
(WebCore::RenderTableCell::paintCollapsedBorders):
- rendering/RenderTableSection.cpp:
(WebCore::RenderTableSection::calcOuterBorderBefore):
(WebCore::RenderTableSection::calcOuterBorderAfter):
(WebCore::RenderTableSection::calcOuterBorderStart):
(WebCore::RenderTableSection::calcOuterBorderEnd):
- rendering/style/CollapsedBorderValue.h:
(WebCore::CollapsedBorderValue::adjustedCollapsedBorderWidth):
LayoutTests:
- fast/table/collapsed-border-with-odd-pixel-width-expected.html: Added.
- fast/table/collapsed-border-with-odd-pixel-width.html: Added.
- fast/table/hidpi-collapsed-border-with-odd-pixel-width-expected.html:
- 6:17 PM Changeset in webkit [197626] by
-
- 18 edits2 adds in trunk
Add support for processing the autofill field name out of form control elements ultimately to aid input methods
<rdar://problem/23041180>
https://bugs.webkit.org/show_bug.cgi?id=155079
Reviewed by Enrica Casucci.
Source/WebCore:
Added additional cases to fast/forms/autocomplete-tokens.html.
- WebCore.xcodeproj/project.pbxproj:
Add Autofill.h/cpp
- html/Autofill.cpp: Added.
(WebCore::fieldNameMap):
(WebCore::toAutofillFieldName):
(WebCore::isContactToken):
(WebCore::maxTokensForAutofillFieldCategory):
(WebCore::AutofillData::createFromHTMLFormControlElement):
- html/Autofill.h: Added.
(WebCore::AutofillData::AutofillData):
Refactored the autofill data processing algorithm into it's own file and added support
returning not just the IDL-exposed autofill value but also the autofill field name. The
code is structured simply enough that if we find a need for the hint set or scope information
we could return it as well.
- html/HTMLFormControlElement.cpp:
(WebCore::HTMLFormControlElement::autocomplete):
(WebCore::HTMLFormControlElement::setAutocomplete):
(WebCore::HTMLFormControlElement::autofillMantle):
(WebCore::HTMLFormControlElement::autofillData):
Use AutofillData to implement these.
- html/HTMLFormControlElement.h:
Expose accessor for mantle and AutofillData.
- html/HTMLFormElement.cpp:
(WebCore::HTMLFormElement::autocomplete):
- html/HTMLFormElement.h:
Switch to return an AtomicString as it will always
return one of two known values.
- testing/Internals.cpp:
(WebCore::Internals::autofillFieldName):
- testing/Internals.h:
- testing/Internals.idl:
Add accessor of the field name for testing purposes.
Source/WebKit2:
- Shared/AssistedNodeInformation.cpp:
(WebKit::AssistedNodeInformation::encode):
(WebKit::AssistedNodeInformation::decode):
- Shared/AssistedNodeInformation.h:
Add AutofillFieldName. Convert some coders to use encodeEnum/decodeEnum instead of casting.
- UIProcess/ios/WKContentViewInteraction.mm:
(-[WKContentView textInputTraits]):
Map AutofillFieldNames to the associated UITextContentTypes.
- WebProcess/WebPage/ios/WebPageIOS.mm:
(WebKit::WebPage::getAssistedNodeInformation):
Extract the AutofillFieldNames onto the AssistedNodeInformation for <input> elements
and <textarea> elements.
LayoutTests:
- fast/forms/autocomplete-tokens-expected.txt:
- fast/forms/autocomplete-tokens.html:
Update test to also test field names, as they are now exposed via internals.
- 5:52 PM Changeset in webkit [197625] by
-
- 4 edits2 adds in trunk/Source/WebInspectorUI
Web Inspector: Have separate path component for Script Timeline content views
https://bugs.webkit.org/show_bug.cgi?id=155075
<rdar://problem/24996564>
Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-03-05
Reviewed by Timothy Hatcher.
- UserInterface/Images/CallTrees.svg: Added.
- UserInterface/Images/Events.svg: Added.
New icons based off of ResultLine.svg.
- UserInterface/Views/PathComponentIcons.css:
(.events-icon .icon):
(.call-trees-icon .icon):
(body:not(.mac-platform, .windows-platform) .call-trees-icon .icon):
Use the new icons and fallback to ResultLine.svg for other ports.
- UserInterface/Views/ScriptClusterTimelineView.js:
(WebInspector.ScriptClusterTimelineView):
(WebInspector.ScriptClusterTimelineView.prototype.get eventsContentView):
(WebInspector.ScriptClusterTimelineView.prototype.showEvents):
(WebInspector.ScriptClusterTimelineView.prototype.showProfile):
(WebInspector.ScriptClusterTimelineView.prototype._pathComponentForContentView):
(WebInspector.ScriptClusterTimelineView.prototype._identifierForContentView):
(WebInspector.ScriptClusterTimelineView.prototype._showContentViewForIdentifier):
(WebInspector.ScriptClusterTimelineView.prototype._scriptClusterViewCurrentContentViewDidChange):
(WebInspector.ScriptClusterTimelineView.prototype.get detailsContentView): Deleted.
(WebInspector.ScriptClusterTimelineView.prototype.showDetails): Deleted.
Rename "Details" to "Events".
- UserInterface/Views/TimelineRecordingContentView.js:
(WebInspector.TimelineRecordingContentView.prototype.contentBrowserTreeElementForRepresentedObject): Deleted.
Always include the top level "Details" component.
- 5:23 PM Changeset in webkit [197624] by
-
- 2 edits in trunk/Source/WebCore
Build fix after r197612 (under ASAN/GuardMalloc).
- dom/CustomElementDefinitions.cpp:
(WebCore::CustomElementDefinitions::findInterface):
- 5:20 PM Changeset in webkit [197623] by
-
- 6 edits in trunk
Unreviewed, fix GTK/EFL build after r197575 and add mandatory GnuTLS dependency
.:
- Source/cmake/OptionsEfl.cmake:
- Source/cmake/OptionsGTK.cmake:
Source/WebCore:
- PlatformEfl.cmake:
- PlatformGTK.cmake:
- 4:48 PM Changeset in webkit [197622] by
-
- 11 edits in trunk/Source/JavaScriptCore
The most aggressive form of RegExpTest/RegExpExec should speculate more aggressively than just cell
https://bugs.webkit.org/show_bug.cgi?id=154900
Reviewed by Saam Barati.
These old operations used to speculate cell. That's what they did when they were first
introduced. That was probably about as good as they could do back then because we didn't have
very powerful checks. Now we have powerful checks, so we can do this right.
The most profitable thing to check is that child1 is a RegExpObject and child2 is a JSString.
Sometimes though, we will not know what child2 is even though we know that child1 is a
RegExpObject. So, this patch means that RegExpExec/RegExpTest have the following overloads:
RegExpExec(RegExpObject:, String:)
RegExpExec(RegExpObject:, Untyped:)
RegExpExec(Untyped:, Untyped:)
This shaves off some type checks in Octane/regexp. It also cleans up some problems in our
modeling of the effectfulness of these operations.
- dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
- dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
- dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
- dfg/DFGOperations.cpp:
- dfg/DFGOperations.h:
- dfg/DFGSpeculativeJIT.h:
(JSC::DFG::SpeculativeJIT::callOperation):
- dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
- dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
- ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileRegExpExec):
(JSC::FTL::DFG::LowerDFGToB3::compileRegExpTest):
- jit/JITOperations.h:
- 4:40 PM Changeset in webkit [197621] by
-
- 9 edits in trunk/Source/WebKit2
Implement the Automation protocol commands by tracking WebPageProxy objects
that are controlled by automation and assigning them a UUID handle.
https://bugs.webkit.org/show_bug.cgi?id=154953
rdar://problem/24947489
Reviewed by Brian Burg.
- UIProcess/API/APIAutomationSessionClient.h:
(API::AutomationSessionClient::didRequestNewWindow):
Return a WebPageProxy instead of void so it can be assigned a UUID handle.
- UIProcess/API/Cocoa/_WKAutomationSessionDelegate.h:
Return a WKPageRef from _automationSessionDidRequestNewWindow:.
- UIProcess/Automation/WebAutomationSession.cpp:
(WebKit::WebAutomationSession::webPageProxyForHandle):
(WebKit::WebAutomationSession::handleForWebPageProxy):
(WebKit::WebAutomationSession::getBrowsingContexts):
(WebKit::WebAutomationSession::createBrowsingContext):
(WebKit::WebAutomationSession::closeBrowsingContext):
(WebKit::WebAutomationSession::switchToBrowsingContext):
- UIProcess/Automation/WebAutomationSession.h:
Added new methods and maps to track pages and handles.
- UIProcess/Cocoa/AutomationSessionClient.h:
- UIProcess/Cocoa/AutomationSessionClient.mm:
(WebKit::AutomationSessionClient::didRequestNewWindow):
Return a WebPageProxy from the WKPageRef.
- UIProcess/WebPageProxy.h: Make setFocus public.
- UIProcess/WebProcessPool.cpp:
(WebKit::WebProcessPool::setAutomationSession):
Set the WebProcessPool on the WebAutomationSession so it can be used to find
WebPageProxy objects controlled by automation.
- 4:40 PM Changeset in webkit [197620] by
-
- 4 edits in trunk/Source/WebKit2
Rename Automation protocol methods to use "BrowsingContext" instead of "Window".
Also flesh out the protocol commands more by adding switchToBrowsingContext
and return a BrowsingContextHandle for createBrowsingContext.
https://bugs.webkit.org/show_bug.cgi?id=154953
rdar://problem/24947489
Reviewed by Brian Burg.
- UIProcess/Automation/Automation.json:
- UIProcess/Automation/WebAutomationSession.cpp:
(WebKit::WebAutomationSession::getBrowsingContexts):
(WebKit::WebAutomationSession::createBrowsingContext):
(WebKit::WebAutomationSession::closeBrowsingContext):
(WebKit::WebAutomationSession::switchToBrowsingContext):
(WebKit::WebAutomationSession::getWindows): Deleted.
(WebKit::WebAutomationSession::openWindow): Deleted.
(WebKit::WebAutomationSession::closeWindow): Deleted.
- UIProcess/Automation/WebAutomationSession.h:
- 4:28 PM Changeset in webkit [197619] by
-
- 15 edits2 moves6 adds in trunk/Source/WebInspectorUI
Web Inspector: Add back support for a heavy / bottom up profile view
https://bugs.webkit.org/show_bug.cgi?id=140578
<rdar://problem/19506794>
Reviewed by Timothy Hatcher.
- Localizations/en.lproj/localizedStrings.js:
- UserInterface/Main.html:
New strings and resources.
- UserInterface/Base/Utilities.js:
(Number.secondsToMillisecondsString):
Helper for providing a consistent milliseconds string used in profiles.
- UserInterface/Controllers/TimelineManager.js:
(WebInspector.TimelineManager.prototype.scriptProfilerTrackingCompleted):
The calling context tree should be stored on a Recording, not on the global
TimelineManager. Also create two trees, one top down and one bottom up.
- UserInterface/Models/CallingContextTree.js:
(WebInspector.CallingContextTree):
(WebInspector.CallingContextTree.prototype.get type):
(WebInspector.CallingContextTree.prototype.get totalExecutionTime):
(WebInspector.CallingContextTree.prototype.reset):
(WebInspector.CallingContextTree.prototype.numberOfSamplesInTimeRange):
(WebInspector.CallingContextTree.prototype.increaseExecutionTime):
Give a CallingContextTree a type (TopDown / BottomUp) and some getters.
(WebInspector.CallingContextTree.prototype.updateTreeWithStackTrace):
Build a bottom up or top down tree from samples.
(WebInspector.CallingContextTree.prototype.forEachChild):
Allow iterating from the root.
(WebInspector.CCTNode):
(WebInspector.CCTNode.prototype.hasChildrenInTimeRange):
(WebInspector.CCTNode.prototype.numberOfLeafTimestamps):
(WebInspector.CCTNode.prototype.addTimestampAndExpressionLocation):
(WebInspector.CCTNode.prototype.equals):
(WebInspector.CCTNode.prototype.hasChildren): Deleted.
Give a CCTNode a list of leaf timestamps alongside the list of all timestamps.
Leaf timestamps will count as "self time" in a profile view.
- UserInterface/Models/SourceCodeLocation.js:
(WebInspector.SourceCodeLocation.prototype._locationString):
Nobody was using "ColumnStyle.Hidden" so repurpose it to be even simpler.
- UserInterface/Models/TimelineRecording.js:
(WebInspector.TimelineRecording):
(WebInspector.TimelineRecording.prototype.get topDownCallingContextTree):
(WebInspector.TimelineRecording.prototype.get bottomUpCallingContextTree):
(WebInspector.TimelineRecording.prototype.reset):
Store the two types of calling context trees and allow reseting them.
- UserInterface/Protocol/InspectorFrontendAPI.js:
(InspectorFrontendAPI.contextMenuItemSelected):
Helper for debugging uncaught exceptions in context menus.
- UserInterface/Views/ContentView.js:
(WebInspector.ContentView.createFromRepresentedObject):
(WebInspector.ContentView.isViewable):
A ScriptTimeline now has a cluster view.
A CallingContextTree now has a ProfileView.
- UserInterface/Views/DataGrid.js:
(WebInspector.DataGrid.prototype.insertChild):
(WebInspector.DataGrid.prototype._contextMenuInDataTable):
(WebInspector.DataGridNode.prototype.refreshRecursively):
(WebInspector.DataGridNode.prototype.elementWithColumnIdentifier):
(WebInspector.DataGridNode.prototype.forEachImmediateChild):
(WebInspector.DataGridNode.prototype.forEachChildInSubtree):
(WebInspector.DataGridNode.prototype.isInSubtreeOfNode):
Provide some helpers for iterating DataGridNodes, useful when the
actual DataGrid comes from a DataGridTree.
(WebInspector.DataGridNode.prototype.select):
(WebInspector.DataGridNode.prototype.deselect):
The indent width of DataGridNodes was not getting reset when a
node was removed and re-added to a tree due to a cached padding.
(WebInspector.DataGridNode.prototype.appendContextMenuItems):
Allow DataGridNodes to provide context menu items by overriding this method.
- UserInterface/Views/PathComponentIcons.css:
(.function-icon .icon):
(.native-icon .icon):
(.program-icon .icon):
Icons for profile nodes in path components.
- UserInterface/Views/ProfileDataGridNode.js: Added.
(WebInspector.ProfileDataGridNode):
(WebInspector.ProfileDataGridNode.prototype.get node):
(WebInspector.ProfileDataGridNode.prototype.displayName):
(WebInspector.ProfileDataGridNode.prototype.iconClassName):
(WebInspector.ProfileDataGridNode.prototype.get data):
(WebInspector.ProfileDataGridNode.prototype.createCellContent):
(WebInspector.ProfileDataGridNode.prototype.sort):
(WebInspector.ProfileDataGridNode.prototype.refresh):
(WebInspector.ProfileDataGridNode.prototype.appendContextMenuItems):
(WebInspector.ProfileDataGridNode.prototype._updateChildrenForModifiers):
(WebInspector.ProfileDataGridNode.prototype._recalculateData):
(WebInspector.ProfileDataGridNode.prototype._totalTimeContent):
(WebInspector.ProfileDataGridNode.prototype._displayContent):
(WebInspector.ProfileDataGridNode.prototype._populate):
CCTNode DataGridNode. A row in the ProfileDataGridTree. Handles
tree modifiers like charge to caller.
- UserInterface/Views/ProfileDataGridTree.js: Added.
(WebInspector.ProfileDataGridTree):
(WebInspector.ProfileDataGridTree.buildSortComparator):
(WebInspector.ProfileDataGridTree.prototype.get callingContextTree):
(WebInspector.ProfileDataGridTree.prototype.get sampleInterval):
(WebInspector.ProfileDataGridTree.prototype.get focusNodes):
(WebInspector.ProfileDataGridTree.prototype.get currentFocusNode):
(WebInspector.ProfileDataGridTree.prototype.get modifiers):
(WebInspector.ProfileDataGridTree.prototype.get startTime):
(WebInspector.ProfileDataGridTree.prototype.get endTime):
(WebInspector.ProfileDataGridTree.prototype.get numberOfSamples):
(WebInspector.ProfileDataGridTree.prototype.get children):
(WebInspector.ProfileDataGridTree.prototype.appendChild):
(WebInspector.ProfileDataGridTree.prototype.insertChild):
(WebInspector.ProfileDataGridTree.prototype.removeChildren):
(WebInspector.ProfileDataGridTree.prototype.set sortComparator):
(WebInspector.ProfileDataGridTree.prototype.sort):
(WebInspector.ProfileDataGridTree.prototype.refresh):
(WebInspector.ProfileDataGridTree.prototype.addFocusNode):
(WebInspector.ProfileDataGridTree.prototype.rollbackFocusNode):
(WebInspector.ProfileDataGridTree.prototype.clearFocusNodes):
(WebInspector.ProfileDataGridTree.prototype.hasModifiers):
(WebInspector.ProfileDataGridTree.prototype.addModifier):
(WebInspector.ProfileDataGridTree.prototype.clearModifiers):
(WebInspector.ProfileDataGridTree.prototype._repopulate):
(WebInspector.ProfileDataGridTree.prototype._focusChanged):
(WebInspector.ProfileDataGridTree.prototype._updateCurrentFocusDetails):
(WebInspector.ProfileDataGridTree.prototype._restoreFocusedNodeToOriginalParent):
(WebInspector.ProfileDataGridTree.prototype._modifiersChanged):
Start of a DataGridTree for a CallingContextTree.
Contains special logic for focused nodes and modifiers.
- UserInterface/Views/ProfileView.css: Added.
(.profile > .data-grid):
(.profile > .data-grid th):
(.profile > .data-grid td .icon):
(.profile > .data-grid td .percentage):
(.profile > .data-grid td .location):
(.profile > .data-grid:matches(:focus, .force-focus) tr.selected td .location):
(.profile > .data-grid td .icon.function-icon):
(.profile > .data-grid td .icon.native-icon):
(.profile > .data-grid td .icon.program-icon):
(.profile > .data-grid tr:matches(.selected, :hover) .go-to-arrow):
(.profile > .data-grid td.function-column):
(.profile > .data-grid td .guidance):
(.profile > .data-grid td .guidance.hover):
(.profile > .data-grid td .guidance.base):
(.profile > .data-grid tr:not(.expanded) td .guidance.base):
(.profile > .data-grid tr.expanded td .guidance.base):
- UserInterface/Views/ProfileView.js: Added.
(WebInspector.ProfileView):
(WebInspector.ProfileView.prototype.get callingContextTree):
(WebInspector.ProfileView.prototype.get startTime):
(WebInspector.ProfileView.prototype.get endTime):
(WebInspector.ProfileView.prototype.setStartAndEndTime):
(WebInspector.ProfileView.prototype.hasFocusNodes):
(WebInspector.ProfileView.prototype.clearFocusNodes):
(WebInspector.ProfileView.prototype.get selectionPathComponents):
(WebInspector.ProfileView.prototype._recreate):
(WebInspector.ProfileView.prototype._repopulateDataGridFromTree):
(WebInspector.ProfileView.prototype._pathComponentClicked):
(WebInspector.ProfileView.prototype._dataGridTreeFocusChanged):
(WebInspector.ProfileView.prototype._dataGridTreeModifiersChanged):
(WebInspector.ProfileView.prototype._dataGridSortChanged):
(WebInspector.ProfileView.prototype._dataGridNodeSelected):
(WebInspector.ProfileView.prototype._dataGridNodeExpanded):
(WebInspector.ProfileView.prototype._mouseOverDataGrid):
(WebInspector.ProfileView.prototype._mouseLeaveDataGrid):
(WebInspector.ProfileView.prototype._guidanceElementKey):
(WebInspector.ProfileView.prototype._removeGuidanceElement):
(WebInspector.ProfileView.prototype._appendGuidanceElement):
ProfileView holds a data grid which is populated from the data grid tree.
Special handing for guidance markers when hovering / selecting parts of the tree.
- UserInterface/Views/ScriptClusterTimelineView.js: Added.
(WebInspector.ScriptClusterTimelineView.createPathComponent):
(WebInspector.ScriptClusterTimelineView):
(WebInspector.ScriptClusterTimelineView.prototype.get zeroTime):
(WebInspector.ScriptClusterTimelineView.prototype.set zeroTime):
(WebInspector.ScriptClusterTimelineView.prototype.get startTime):
(WebInspector.ScriptClusterTimelineView.prototype.set startTime):
(WebInspector.ScriptClusterTimelineView.prototype.get endTime):
(WebInspector.ScriptClusterTimelineView.prototype.set endTime):
(WebInspector.ScriptClusterTimelineView.prototype.get currentTime):
(WebInspector.ScriptClusterTimelineView.prototype.set currentTime):
(WebInspector.ScriptClusterTimelineView.prototype.get navigationSidebarTreeOutline):
(WebInspector.ScriptClusterTimelineView.prototype.reset):
(WebInspector.ScriptClusterTimelineView.prototype.filterDidChange):
(WebInspector.ScriptClusterTimelineView.prototype.matchTreeElementAgainstCustomFilters):
(WebInspector.ScriptClusterTimelineView.prototype.get detailsContentView):
(WebInspector.ScriptClusterTimelineView.prototype.get profileContentView):
(WebInspector.ScriptClusterTimelineView.prototype.get selectionPathComponents):
(WebInspector.ScriptClusterTimelineView.prototype.saveToCookie):
(WebInspector.ScriptClusterTimelineView.prototype.restoreFromCookie):
(WebInspector.ScriptClusterTimelineView.prototype.showDetails):
(WebInspector.ScriptClusterTimelineView.prototype.showProfile):
(WebInspector.ScriptClusterTimelineView.prototype._pathComponentForContentView):
(WebInspector.ScriptClusterTimelineView.prototype._identifierForContentView):
(WebInspector.ScriptClusterTimelineView.prototype._showContentViewForIdentifier):
(WebInspector.ScriptClusterTimelineView.prototype._pathComponentSelected):
(WebInspector.ScriptClusterTimelineView.prototype._scriptClusterViewCurrentContentViewDidChange):
Script Timeline ClusterContentView. Toggle between the normal "Details" data grid
and the new "Call Tree" profile view. Currently the recording expects child content
views to be TimelineViews, this ClusterContentView forwards TimelineView relevant
methods to the real TimelineView children.
- UserInterface/Views/ScriptDetailsTimelineView.js: Renamed from Source/WebInspectorUI/UserInterface/Views/ScriptTimelineView.js.
(WebInspector.ScriptDetailsTimelineView):
(WebInspector.ScriptDetailsTimelineView.prototype.get navigationSidebarTreeOutlineLabel):
(WebInspector.ScriptDetailsTimelineView.prototype.shown):
(WebInspector.ScriptDetailsTimelineView.prototype.hidden):
(WebInspector.ScriptDetailsTimelineView.prototype.closed):
(WebInspector.ScriptDetailsTimelineView.prototype.get selectionPathComponents):
(WebInspector.ScriptDetailsTimelineView.prototype.reset):
(WebInspector.ScriptDetailsTimelineView.prototype.canShowContentViewForTreeElement):
(WebInspector.ScriptDetailsTimelineView.prototype.showContentViewForTreeElement):
(WebInspector.ScriptDetailsTimelineView.prototype.treeElementPathComponentSelected):
(WebInspector.ScriptDetailsTimelineView.prototype.treeElementSelected):
(WebInspector.ScriptDetailsTimelineView.prototype.dataGridNodeForTreeElement):
(WebInspector.ScriptDetailsTimelineView.prototype.populateProfileNodeTreeElement):
(WebInspector.ScriptDetailsTimelineView.prototype.layout):
(WebInspector.ScriptDetailsTimelineView.prototype._processPendingRecords):
(WebInspector.ScriptDetailsTimelineView.prototype._scriptTimelineRecordAdded):
(WebInspector.ScriptDetailsTimelineView.prototype._scriptTimelineRecordRefreshed):
(WebInspector.ScriptDetailsTimelineView.prototype._dataGridFiltersDidChange):
(WebInspector.ScriptDetailsTimelineView.prototype._dataGridNodeSelected):
- UserInterface/Views/ScriptProfileTimelineView.js: Added.
(WebInspector.ScriptProfileTimelineView):
(WebInspector.ScriptProfileTimelineView.prototype.closed):
(WebInspector.ScriptProfileTimelineView.prototype.get navigationItems):
(WebInspector.ScriptProfileTimelineView.prototype.get selectionPathComponents):
(WebInspector.ScriptProfileTimelineView.prototype.layout):
(WebInspector.ScriptProfileTimelineView.prototype._callingContextTreeForOrientation):
(WebInspector.ScriptProfileTimelineView.prototype._profileViewSelectionPathComponentsDidChange):
(WebInspector.ScriptProfileTimelineView.prototype._scriptTimelineRecordRefreshed):
(WebInspector.ScriptProfileTimelineView.prototype._updateProfileOrientationButtonItem):
(WebInspector.ScriptProfileTimelineView.prototype._toggleProfileOrientation):
(WebInspector.ScriptProfileTimelineView.prototype._updateClearFocusNodesButtonItem):
(WebInspector.ScriptProfileTimelineView.prototype._clearFocusNodes):
The two TimelineViews.
- UserInterface/Views/TimelineRecordingContentView.js:
(WebInspector.TimelineRecordingContentView.prototype.get currentTimelineView):
(WebInspector.TimelineRecordingContentView.prototype.contentBrowserTreeElementForRepresentedObject):
The timeline content browser may now hold a ClusterContentView. It is not exactly a TimelineView,
but it holds TimelineViews, so treat it like one. Assume the ClusterContentView will add its own
path components.
(WebInspector.TimelineRecordingContentView.prototype._instrumentAdded):
Add extra information other than the sidebar to TimelineViews. The ProfileView looks
at the recording for the calling context trees.
- 4:01 PM Changeset in webkit [197618] by
-
- 4 edits17 adds in trunk
Add support for the object-position CSS property
https://bugs.webkit.org/show_bug.cgi?id=122811
rdar://problem/15836338
Reviewed by Sam Weinig.
Source/WebCore:
Take object-position into account when rendering replaced elements.
RenderReplaced::replacedContentRect() is the one place where we compute
the content rect for replaced elements.
Also return false from foregroundIsKnownToBeOpaqueInRect() if we have
any non-default object-position, as the foreground may no longer fill the box.
Tests: compositing/video/video-object-position.html
fast/css/object-position/object-position-canvas.html
fast/css/object-position/object-position-embed.html
fast/css/object-position/object-position-img-svg.html
fast/css/object-position/object-position-img.html
fast/css/object-position/object-position-input-image.html
fast/css/object-position/object-position-object.html
fast/css/object-position/object-position-video-poster.html
- rendering/RenderImage.cpp:
(WebCore::RenderImage::foregroundIsKnownToBeOpaqueInRect):
- rendering/RenderReplaced.cpp:
(WebCore::RenderReplaced::replacedContentRect):
LayoutTests:
Various object-position tests.
- compositing/video/video-object-position-expected.txt: Added.
- compositing/video/video-object-position.html: Added.
- fast/css/object-position/object-position-embed-expected.html: Added.
- fast/css/object-position/object-position-embed.html: Added.
- fast/css/object-position/object-position-img-expected.html: Added.
- fast/css/object-position/object-position-img-svg-expected.html: Added.
- fast/css/object-position/object-position-img-svg.html: Added.
- fast/css/object-position/object-position-img.html: Added.
- fast/css/object-position/object-position-input-image-expected.html: Added.
- fast/css/object-position/object-position-input-image.html: Added.
- fast/css/object-position/object-position-object-expected.html: Added.
- fast/css/object-position/object-position-object.html: Added.
- fast/css/object-position/object-position-video-poster-expected.html: Added.
- fast/css/object-position/object-position-video-poster.html: Added.
- fast/css/object-position/resources/expected.css: Added.
- fast/css/object-position/resources/test.css: Added.
- 3:23 PM Changeset in webkit [197617] by
-
- 13 edits5 adds in trunk
Add parsing support for object-position
https://bugs.webkit.org/show_bug.cgi?id=155065
Reviewed by Sam Weinig.
Source/WebCore:
Add parsing support for object-position. This is the first property with
CSS <position> values which does not have equivalent -x and -y shorthands,
so we can store it as a new LengthPoint type.
Per the CSS Values spec, bottom- and right-relative values are translated
into calc() expressions, which are exposed via computed style. For example,
"right 10px bottom" becomes "calc(100% - 10px) 100%". This also allows transitions
between, say, "left 10px bottom" and "right 10px bottom".
Test: fast/css/object-position/parsing-object-position.html
- CMakeLists.txt:
- WebCore.xcodeproj/project.pbxproj:
- css/CSSComputedStyleDeclaration.cpp:
(WebCore::ComputedStyleExtractor::propertyValue):
- css/CSSParser.cpp:
(WebCore::CSSParser::parseValue):
- css/CSSPrimitiveValue.h:
(WebCore::CSSPrimitiveValue::isPair):
- css/CSSPropertyNames.in:
- css/CSSValue.h:
- css/StyleBuilderConverter.h:
(WebCore::StyleBuilderConverter::convertLength):
(WebCore::StyleBuilderConverter::convertTo100PercentMinusLength):
(WebCore::StyleBuilderConverter::convertPositionComponent):
(WebCore::StyleBuilderConverter::convertObjectPosition):
- platform/LengthPoint.cpp: Added.
(WebCore::operator<<):
- platform/LengthPoint.h: Added.
(WebCore::LengthPoint::LengthPoint):
(WebCore::LengthPoint::operator==):
(WebCore::LengthPoint::setX):
(WebCore::LengthPoint::x):
(WebCore::LengthPoint::setY):
(WebCore::LengthPoint::y):
(WebCore::LengthPoint::blend):
- rendering/style/RenderStyle.cpp:
(WebCore::RenderStyle::changeRequiresRepaint):
- rendering/style/RenderStyle.h:
- rendering/style/StyleRareNonInheritedData.cpp:
(WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData):
(WebCore::StyleRareNonInheritedData::operator==):
- rendering/style/StyleRareNonInheritedData.h:
LayoutTests:
object-position parsing test.
- fast/css/object-position/parsing-object-position-expected.txt: Added.
- fast/css/object-position/parsing-object-position.html: Added.
- 1:35 PM Changeset in webkit [197616] by
-
- 18 edits21 adds in trunk
AX: Implement missing/different accessibility API mappings for SVG
https://bugs.webkit.org/show_bug.cgi?id=155034
Reviewed by Chris Fleizach.
Source/WebCore:
Create an AccessibilitySVGElement class for the SVG-specific mappings;
fix name and description mappings for ATK; add new AccessibilityRole
types (SVGTextRole, SVGTSpanRole, SVGTextPathRole) and map them for
ATK and AX API.
Tests: accessibility/w3c-svg-description-calculation.html
accessibility/w3c-svg-elements-not-exposed.html
accessibility/w3c-svg-name-calculation.html
accessibility/w3c-svg-presentational-role.html
accessibility/w3c-svg-roles.html
- CMakeLists.txt:
- WebCore.xcodeproj/project.pbxproj:
- accessibility/AXObjectCache.cpp:
(WebCore::createFromRenderer):
- accessibility/AccessibilityAllInOne.cpp:
- accessibility/AccessibilityNodeObject.cpp:
(WebCore::AccessibilityNodeObject::alternativeText): Deleted.
(WebCore::AccessibilityNodeObject::accessibilityDescription): Deleted.
- accessibility/AccessibilityObject.h:
(WebCore::AccessibilityObject::isAccessibilitySVGElement):
- accessibility/AccessibilityRenderObject.cpp:
(WebCore::AccessibilityRenderObject::determineAccessibilityRole): Deleted.
- accessibility/AccessibilitySVGElement.cpp: Added.
(WebCore::AccessibilitySVGElement::AccessibilitySVGElement):
(WebCore::AccessibilitySVGElement::~AccessibilitySVGElement):
(WebCore::AccessibilitySVGElement::create):
(WebCore::AccessibilitySVGElement::targetForUseElement):
(WebCore::AccessibilitySVGElement::accessibilityText):
(WebCore::AccessibilitySVGElement::accessibilityDescription):
(WebCore::AccessibilitySVGElement::helpText):
(WebCore::AccessibilitySVGElement::computeAccessibilityIsIgnored):
(WebCore::AccessibilitySVGElement::inheritsPresentationalRole):
(WebCore::AccessibilitySVGElement::determineAriaRoleAttribute):
(WebCore::AccessibilitySVGElement::determineAccessibilityRole):
- accessibility/AccessibilitySVGElement.h: Added.
- accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
(webkitAccessibleGetName):
(webkitAccessibleGetDescription):
(atkRole):
- accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
(-[WebAccessibilityObjectWrapper determineIsAccessibilityElement]):
- accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
(createAccessibilityRoleMap):
- rendering/RenderObject.h:
(WebCore::RenderObject::isSVGTSpan):
- rendering/svg/RenderSVGTSpan.h:
LayoutTests:
- accessibility/svg-group-element-with-title.html: Modified to reflect correct ATK results.
- accessibility/svg-image.html: Modified to reflect correct ATK results.
- accessibility/svg-labelledby.html: Modified to reflect correct ATK results.
- accessibility/svg-remote-element.html: Modified to reflect correct ATK results.
- accessibility/w3c-svg-description-calculation.html: Added.
- accessibility/w3c-svg-elements-not-exposed.html: Added.
- accessibility/w3c-svg-name-calculation.html: Added.
- accessibility/w3c-svg-presentational-role.html: Added.
- accessibility/w3c-svg-roles.html: Added.
- platform/gtk/accessibility/svg-group-element-with-title-expected.txt: Added.
- platform/gtk/accessibility/svg-image-expected.txt: Added.
- platform/gtk/accessibility/svg-labelledby-expected.txt: Added.
- platform/gtk/accessibility/svg-remote-element-expected.txt: Added.
- platform/gtk/accessibility/w3c-svg-description-calculation-expected.txt: Added.
- platform/gtk/accessibility/w3c-svg-elements-not-exposed-expected.txt: Added.
- platform/gtk/accessibility/w3c-svg-name-calculation-expected.txt: Added.
- platform/gtk/accessibility/w3c-svg-presentational-role-expected.txt: Added.
- platform/gtk/accessibility/w3c-svg-roles-expected.txt: Added.
- platform/mac/accessibility/w3c-svg-description-calculation-expected.txt: Added.
- platform/mac/accessibility/w3c-svg-elements-not-exposed-expected.txt: Added.
- platform/mac/accessibility/w3c-svg-name-calculation-expected.txt: Added.
- platform/mac/accessibility/w3c-svg-presentational-role-expected.txt: Added.
- platform/mac/accessibility/w3c-svg-roles-expected.txt: Added.
- 11:44 AM Changeset in webkit [197615] by
-
- 2 edits in trunk/Tools
[GTK] Fix logging details after r197505 (Run the run-benchmark script on the performance bot.)
https://bugs.webkit.org/show_bug.cgi?id=154595
Unreviewed.
- Scripts/webkitpy/benchmark_runner/run_benchmark.py:
(start): Use logging.exception when a test fails in order to get the details about the error.
- 9:01 AM Changeset in webkit [197614] by
-
- 114 edits1 add in trunk/Source
[ES6] Support Reflect.construct
https://bugs.webkit.org/show_bug.cgi?id=147330
Reviewed by Saam Barati.
Source/JavaScriptCore:
Based on Saam's r196868, this patch adds support for Reflect.construct.
This patch implements OrdinaryCreateFromConstructor[1] for fallback cases.
This path is rarely taken. For example,
Reflect.construct(function () { }, [], Map);
In this case, the
new.targetbecomesMap.
So we should create an object that__proto__isMap.prototype.
And to allow forward declaration (and encouraging strong type checking), we change
ConstructType, CallType to C++11 enum class.
[1]: http://ecma-international.org/ecma-262/6.0/#sec-ordinarycreatefromconstructor
- API/JSCallbackConstructor.cpp:
(JSC::JSCallbackConstructor::getConstructData):
- API/JSCallbackFunction.cpp:
(JSC::JSCallbackFunction::getCallData):
- API/JSCallbackObjectFunctions.h:
(JSC::JSCallbackObject<Parent>::getConstructData):
(JSC::JSCallbackObject<Parent>::getCallData):
- API/JSObjectRef.cpp:
(JSObjectIsFunction):
(JSObjectCallAsFunction):
(JSObjectIsConstructor):
(JSObjectCallAsConstructor):
- API/ObjCCallbackFunction.mm:
(JSC::ObjCCallbackFunction::getCallData):
(JSC::ObjCCallbackFunction::getConstructData):
- bindings/ScriptFunctionCall.cpp:
(Deprecated::ScriptFunctionCall::call):
- bindings/ScriptValue.cpp:
(Deprecated::ScriptValue::isFunction):
- builtins/ReflectObject.js:
- dfg/DFGOperations.cpp:
- inspector/InjectedScriptManager.cpp:
(Inspector::InjectedScriptManager::createInjectedScript):
- interpreter/Interpreter.cpp:
(JSC::sizeOfVarargs):
(JSC::Interpreter::execute):
(JSC::Interpreter::executeCall):
(JSC::Interpreter::executeConstruct):
- jit/JITOperations.cpp:
- llint/LLIntSlowPaths.cpp:
(JSC::LLInt::handleHostCall):
- runtime/ArrayConstructor.cpp:
(JSC::ArrayConstructor::getConstructData):
(JSC::ArrayConstructor::getCallData):
- runtime/ArrayPrototype.cpp:
(JSC::arrayProtoFuncToString):
(JSC::arrayProtoFuncToLocaleString):
(JSC::getLength): Deleted.
- runtime/BooleanConstructor.cpp:
(JSC::BooleanConstructor::getConstructData):
(JSC::BooleanConstructor::getCallData):
- runtime/CallData.cpp:
(JSC::call):
- runtime/CallData.h:
- runtime/CommonSlowPaths.cpp:
(JSC::SLOW_PATH_DECL):
- runtime/ConstructData.cpp:
(JSC::construct):
- runtime/ConstructData.h:
- runtime/DateConstructor.cpp:
(JSC::DateConstructor::getConstructData):
(JSC::DateConstructor::getCallData):
- runtime/DatePrototype.cpp:
(JSC::dateProtoFuncToJSON):
- runtime/Error.h:
(JSC::StrictModeTypeErrorFunction::getConstructData):
(JSC::StrictModeTypeErrorFunction::getCallData):
- runtime/ErrorConstructor.cpp:
(JSC::ErrorConstructor::getConstructData):
(JSC::ErrorConstructor::getCallData):
- runtime/ExceptionHelpers.cpp:
(JSC::errorDescriptionForValue):
- runtime/FunctionConstructor.cpp:
(JSC::FunctionConstructor::getConstructData):
(JSC::FunctionConstructor::getCallData):
- runtime/FunctionPrototype.cpp:
(JSC::FunctionPrototype::getCallData):
(JSC::functionProtoFuncToString):
(JSC::functionProtoFuncBind):
- runtime/GeneratorFunctionConstructor.cpp:
(JSC::GeneratorFunctionConstructor::getCallData):
(JSC::GeneratorFunctionConstructor::getConstructData):
- runtime/InternalFunction.cpp:
(JSC::InternalFunction::getCallData):
- runtime/IntlCollatorConstructor.cpp:
(JSC::IntlCollatorConstructor::getConstructData):
(JSC::IntlCollatorConstructor::getCallData):
- runtime/IntlDateTimeFormatConstructor.cpp:
(JSC::IntlDateTimeFormatConstructor::getConstructData):
(JSC::IntlDateTimeFormatConstructor::getCallData):
- runtime/IntlNumberFormatConstructor.cpp:
(JSC::IntlNumberFormatConstructor::getConstructData):
(JSC::IntlNumberFormatConstructor::getCallData):
- runtime/IteratorOperations.cpp:
(JSC::iteratorNext):
(JSC::iteratorClose):
- runtime/JSArray.h:
(JSC::getLength):
- runtime/JSArrayBufferConstructor.cpp:
(JSC::JSArrayBufferConstructor::getConstructData):
(JSC::JSArrayBufferConstructor::getCallData):
- runtime/JSBoundFunction.cpp:
(JSC::boundFunctionCall):
(JSC::boundFunctionConstruct):
(JSC::JSBoundFunction::create):
- runtime/JSCJSValue.h:
- runtime/JSCJSValueInlines.h:
(JSC::JSValue::isFunction):
(JSC::JSValue::isConstructor):
- runtime/JSCell.cpp:
(JSC::JSCell::getCallData):
(JSC::JSCell::getConstructData):
- runtime/JSFunction.cpp:
(JSC::JSFunction::getCallData):
(JSC::JSFunction::getConstructData):
- runtime/JSGenericTypedArrayViewConstructorInlines.h:
(JSC::constructGenericTypedArrayViewWithArguments):
(JSC::JSGenericTypedArrayViewConstructor<ViewClass>::getConstructData):
(JSC::JSGenericTypedArrayViewConstructor<ViewClass>::getCallData):
- runtime/JSInternalPromise.cpp:
(JSC::JSInternalPromise::then):
- runtime/JSInternalPromiseConstructor.cpp:
(JSC::JSInternalPromiseConstructor::getConstructData):
(JSC::JSInternalPromiseConstructor::getCallData):
- runtime/JSJob.cpp:
(JSC::JSJobMicrotask::run):
- runtime/JSONObject.cpp:
(JSC::Stringifier::Stringifier):
(JSC::Stringifier::toJSONImpl):
(JSC::Stringifier::appendStringifiedValue):
(JSC::JSONProtoFuncParse):
- runtime/JSObject.cpp:
(JSC::callToPrimitiveFunction):
(JSC::JSObject::hasInstance):
(JSC::JSObject::getMethod):
- runtime/JSObject.h:
(JSC::getCallData):
(JSC::getConstructData):
- runtime/JSPromise.cpp:
(JSC::JSPromise::initialize):
- runtime/JSPromiseConstructor.cpp:
(JSC::JSPromiseConstructor::getConstructData):
(JSC::JSPromiseConstructor::getCallData):
- runtime/JSPromiseDeferred.cpp:
(JSC::newPromiseCapability):
(JSC::callFunction):
- runtime/JSTypedArrayViewConstructor.cpp:
(JSC::constructTypedArrayView):
(JSC::JSTypedArrayViewConstructor::getConstructData):
(JSC::JSTypedArrayViewConstructor::getCallData):
- runtime/MapConstructor.cpp:
(JSC::constructMap):
(JSC::MapConstructor::getConstructData):
(JSC::MapConstructor::getCallData):
- runtime/ModuleLoaderObject.cpp:
(JSC::ModuleLoaderObject::provide):
(JSC::ModuleLoaderObject::loadAndEvaluateModule):
(JSC::ModuleLoaderObject::loadModule):
(JSC::ModuleLoaderObject::linkAndEvaluateModule):
- runtime/NativeErrorConstructor.cpp:
(JSC::NativeErrorConstructor::getConstructData):
(JSC::NativeErrorConstructor::getCallData):
- runtime/NullGetterFunction.cpp:
(JSC::NullGetterFunction::getCallData):
(JSC::NullGetterFunction::getConstructData):
- runtime/NullSetterFunction.cpp:
(JSC::NullSetterFunction::getCallData):
(JSC::NullSetterFunction::getConstructData):
- runtime/NumberConstructor.cpp:
(JSC::NumberConstructor::getConstructData):
(JSC::NumberConstructor::getCallData):
- runtime/ObjectConstructor.cpp:
(JSC::ObjectConstructor::getConstructData):
(JSC::ObjectConstructor::getCallData):
(JSC::toPropertyDescriptor):
- runtime/ObjectPrototype.cpp:
(JSC::objectProtoFuncDefineGetter):
(JSC::objectProtoFuncDefineSetter):
(JSC::objectProtoFuncToLocaleString):
- runtime/Operations.cpp:
(JSC::jsTypeStringForValue):
(JSC::jsIsObjectTypeOrNull):
(JSC::jsIsFunctionType):
- runtime/ProxyConstructor.cpp:
(JSC::ProxyConstructor::getConstructData):
(JSC::ProxyConstructor::getCallData):
- runtime/ProxyObject.cpp:
(JSC::ProxyObject::finishCreation):
(JSC::performProxyCall):
(JSC::ProxyObject::getCallData):
(JSC::performProxyConstruct):
(JSC::ProxyObject::getConstructData):
- runtime/ReflectObject.cpp:
(JSC::reflectObjectConstruct):
- runtime/RegExpConstructor.cpp:
(JSC::RegExpConstructor::getConstructData):
(JSC::RegExpConstructor::getCallData):
- runtime/RuntimeType.h:
- runtime/SamplingProfiler.cpp:
(JSC::SamplingProfiler::processUnverifiedStackTraces):
- runtime/SetConstructor.cpp:
(JSC::constructSet):
(JSC::SetConstructor::getConstructData):
(JSC::SetConstructor::getCallData):
- runtime/StringConstructor.cpp:
(JSC::StringConstructor::getConstructData):
(JSC::StringConstructor::getCallData):
- runtime/StringPrototype.cpp:
(JSC::replaceUsingRegExpSearch):
(JSC::operationStringProtoFuncReplaceRegExpEmptyStr):
(JSC::operationStringProtoFuncReplaceRegExpString):
(JSC::replaceUsingStringSearch):
- runtime/SymbolConstructor.cpp:
(JSC::SymbolConstructor::getConstructData):
(JSC::SymbolConstructor::getCallData):
- runtime/WeakMapConstructor.cpp:
(JSC::constructWeakMap):
(JSC::WeakMapConstructor::getConstructData):
(JSC::WeakMapConstructor::getCallData):
- runtime/WeakSetConstructor.cpp:
(JSC::constructWeakSet):
(JSC::WeakSetConstructor::getConstructData):
(JSC::WeakSetConstructor::getCallData):
- tests/es6.yaml:
- tests/stress/reflect-construct.js: Added.
(shouldBe):
(shouldThrow):
(shouldThrow.array.get length):
(shouldThrow.array.get 0):
(array.get length):
(array.get 0):
(shouldBe.Reflect.construct):
(shouldBe.Reflect.construct.Hello):
(3.shouldBe.Reflect.construct.Hello):
(3.newTarget):
(0.shouldBe.Reflect.construct):
(shouldBe.A):
(shouldBe.B):
(nativeConstructorTest.DerivedMap):
(nativeConstructorTest.FailedMap):
(set noInline):
Source/WebCore:
- Modules/plugins/QuickTimePluginReplacement.mm:
(WebCore::QuickTimePluginReplacement::installReplacement):
- bindings/js/CallbackFunction.cpp:
(WebCore::checkFunctionOnlyCallback):
- bindings/js/JSCallbackData.cpp:
(WebCore::JSCallbackData::invokeCallback):
- bindings/js/JSCustomElementInterface.cpp:
(WebCore::JSCustomElementInterface::constructElement):
(WebCore::JSCustomElementInterface::attributeChanged):
- bindings/js/JSCustomXPathNSResolver.cpp:
(WebCore::JSCustomXPathNSResolver::lookupNamespaceURI):
- bindings/js/JSDOMBinding.cpp:
(WebCore::callFunctionWithCurrentArguments):
(WebCore::DOMConstructorObject::getCallData):
- bindings/js/JSDOMConstructor.h:
(WebCore::JSDOMConstructorNotConstructable::getCallData):
(WebCore::JSDOMConstructor<JSClass>::getConstructData):
(WebCore::JSDOMNamedConstructor<JSClass>::getConstructData):
(WebCore::JSBuiltinConstructor<JSClass>::getConstructData):
- bindings/js/JSDOMPromise.cpp:
(WebCore::DeferredWrapper::callFunction):
- bindings/js/JSDocumentCustom.cpp:
(WebCore::JSDocument::defineElement):
- bindings/js/JSErrorHandler.cpp:
(WebCore::JSErrorHandler::handleEvent):
- bindings/js/JSEventListener.cpp:
(WebCore::JSEventListener::handleEvent):
- bindings/js/JSHTMLAllCollectionCustom.cpp:
(WebCore::JSHTMLAllCollection::getCallData):
- bindings/js/JSHTMLDocumentCustom.cpp:
(WebCore::JSHTMLDocument::open):
- bindings/js/JSKeyValueIterator.h:
(WebCore::keyValueIteratorForEach):
- bindings/js/JSMainThreadExecStateInstrumentation.h:
(WebCore::JSMainThreadExecState::instrumentFunctionCall):
(WebCore::JSMainThreadExecState::instrumentFunctionConstruct):
- bindings/js/JSMutationCallback.cpp:
(WebCore::JSMutationCallback::call):
- bindings/js/JSMutationObserverCustom.cpp:
(WebCore::constructJSMutationObserver):
- bindings/js/JSPluginElementFunctions.cpp:
(WebCore::callPlugin):
(WebCore::pluginElementGetCallData):
- bindings/js/ScheduledAction.cpp:
(WebCore::ScheduledAction::create):
(WebCore::ScheduledAction::executeFunctionInContext):
- bindings/objc/WebScriptObject.mm:
(-[WebScriptObject callWebScriptMethod:withArguments:]):
- bindings/scripts/CodeGeneratorJS.pm:
(GenerateConstructorHelperMethods):
- bindings/scripts/test/JS/JSFloat64Array.cpp:
(WebCore::JSFloat64ArrayConstructor::getConstructData):
- bindings/scripts/test/JS/JSTestInterface.cpp:
(WebCore::JSTestInterfaceConstructor::getConstructData):
- bridge/NP_jsobject.cpp:
(_NPN_InvokeDefault):
(_NPN_Invoke):
(_NPN_Construct):
- bridge/objc/objc_runtime.mm:
(JSC::Bindings::ObjcFallbackObjectImp::getCallData):
- bridge/runtime_method.cpp:
(JSC::RuntimeMethod::getCallData):
- bridge/runtime_object.cpp:
(JSC::Bindings::RuntimeObject::getCallData):
(JSC::Bindings::RuntimeObject::getConstructData):
- html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::updateCaptionContainer):
(WebCore::HTMLMediaElement::didAddUserAgentShadowRoot):
(WebCore::HTMLMediaElement::getCurrentMediaControlsStatus):
- html/HTMLPlugInImageElement.cpp:
(WebCore::HTMLPlugInImageElement::didAddUserAgentShadowRoot):
- testing/Internals.cpp:
(WebCore::Internals::isReadableStreamDisturbed):
Source/WebKit/mac:
- Plugins/Hosted/NetscapePluginInstanceProxy.mm:
(WebKit::NetscapePluginInstanceProxy::invoke):
(WebKit::NetscapePluginInstanceProxy::invokeDefault):
(WebKit::NetscapePluginInstanceProxy::construct):
Source/WebKit/win:
- Plugins/PluginPackage.cpp:
(WebCore::NPN_Invoke):
Source/WebKit2:
- WebProcess/Plugins/Netscape/JSNPMethod.cpp:
(WebKit::JSNPMethod::getCallData):
- WebProcess/Plugins/Netscape/JSNPObject.cpp:
(WebKit::JSNPObject::getCallData):
(WebKit::JSNPObject::getConstructData):
- WebProcess/Plugins/Netscape/NPJSObject.cpp:
(WebKit::NPJSObject::hasMethod):
(WebKit::NPJSObject::construct):
(WebKit::NPJSObject::invoke):
- 12:50 AM Changeset in webkit [197613] by
-
- 2 edits in trunk/Source/WebCore
Fix the bindings test after r197611.
- bindings/scripts/test/TestObj.idl:
- 12:31 AM Changeset in webkit [197612] by
-
- 7 edits in trunk/Source/WebCore
Move QualifiedName from CustomElementInfo to JSCustomElementInterface
https://bugs.webkit.org/show_bug.cgi?id=155061
Reviewed by Antti Koivisto.
Store QualifiedName of custom elements in JSCustomElementInterface instead of CustomElementInfo
now that each interface is associated with exactly one custom element as of r197602.
No new tests since this is a refactoring.
- bindings/js/JSCustomElementInterface.cpp:
(WebCore::JSCustomElementInterface::JSCustomElementInterface): Now takes QualifiedName as the
first argument.
- bindings/js/JSCustomElementInterface.h:
(WebCore::JSCustomElementInterface::create):
(WebCore::JSCustomElementInterface::name): Added.
- bindings/js/JSDocumentCustom.cpp:
(WebCore::JSDocument::defineElement):
- bindings/js/JSHTMLElementCustom.cpp:
(WebCore::constructJSHTMLElement): Use findInterface instead of the deleted findName.
- dom/CustomElementDefinitions.cpp:
(WebCore::CustomElementDefinitions::checkName):
(WebCore::CustomElementDefinitions::addElementDefinition): Renamed from defineElement.
(WebCore::CustomElementDefinitions::findInterface): Add a variant that finds the interface object
by a JS constructor.
(WebCore::CustomElementDefinitions::containsConstructor):
(WebCore::CustomElementDefinitions::findName): Deleted.
- dom/CustomElementDefinitions.h:
(WebCore::CustomElementDefinitions::CustomElementInfo::CustomElementInfo): Deleted.
