Timeline



Apr 9, 2016:

8:38 PM Changeset in webkit [199279] by keith_miller@apple.com
  • 21 edits in trunk/Source/JavaScriptCore

tryGetById should be supported by the DFG/FTL
https://bugs.webkit.org/show_bug.cgi?id=156378

Reviewed by Filip Pizlo.

This patch adds support for tryGetById in the DFG/FTL. It adds a new DFG node
TryGetById, which acts similarly to the normal GetById DFG node. One key
difference between GetById and TryGetById is that in the LLInt and Baseline
we do not profile the result type. This profiling is unnessary for the current
use case of tryGetById, which is expected to be a strict equality comparision
against a specific object or undefined. In either case other DFG optimizations
will make this equally fast with or without the profiling information.

Additionally, this patch adds new reuse modes for JSValueRegsTemporary that take
an operand and attempt to reuse the registers for that operand if they are free
after the current DFG node.

  • bytecode/GetByIdStatus.cpp:

(JSC::GetByIdStatus::computeFromLLInt):
(JSC::GetByIdStatus::computeForStubInfoWithoutExitSiteFeedback):

  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::handleGetById):
(JSC::DFG::ByteCodeParser::parseBlock):

  • dfg/DFGCapabilities.cpp:

(JSC::DFG::capabilityLevel):

  • dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

  • dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

  • dfg/DFGNode.h:

(JSC::DFG::Node::hasIdentifier):

  • dfg/DFGNodeType.h:
  • dfg/DFGPredictionPropagationPhase.cpp:

(JSC::DFG::PredictionPropagationPhase::propagate):

  • dfg/DFGSafeToExecute.h:

(JSC::DFG::safeToExecute):

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileTryGetById):
(JSC::DFG::JSValueRegsTemporary::JSValueRegsTemporary):

  • dfg/DFGSpeculativeJIT.h:

(JSC::DFG::GPRTemporary::operator=):

  • dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::cachedGetById):
(JSC::DFG::SpeculativeJIT::compile):

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::cachedGetById):
(JSC::DFG::SpeculativeJIT::compile):

  • ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileGetById):
(JSC::FTL::DFG::LowerDFGToB3::getById):

  • jit/JITOperations.cpp:
  • jit/JITOperations.h:
  • tests/stress/try-get-by-id.js:

(tryGetByIdTextStrict):
(get let):
(let.get createBuiltin):
(get throw):
(getCaller.obj.1.throw.new.Error): Deleted.

6:46 PM Changeset in webkit [199278] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

Fixed compilation of JPEGImageDecoder with libjpeg v9.
https://bugs.webkit.org/show_bug.cgi?id=156445

Patch by Konstantin Tokarev <Konstantin Tokarev> on 2016-04-09
Reviewed by Michael Catanzaro.

ICU defines TRUE and FALSE macros, breaking libjpeg v9 headers.

No new tests needed.

  • platform/image-decoders/jpeg/JPEGImageDecoder.h:
5:26 PM Changeset in webkit [199277] by sbarati@apple.com
  • 2 edits
    1 add in trunk/Source/JavaScriptCore

Allocation sinking SSA Defs are allowed to have replacements
https://bugs.webkit.org/show_bug.cgi?id=156444

Reviewed by Filip Pizlo.

Consider the following program and the annotations that explain why
the SSA defs we create in allocation sinking can have replacements.

function foo(a1) {

let o1 = {x: 20, y: 50};
let o2 = {y: 40, o1: o1};
let o3 = {};


We're Defing a new variable here, call it o3_field.
o3_field is defing the value that is the result of
a GetByOffset that gets eliminated through allocation sinking.
o3.field = o1.y;


dontCSE();


This control flow is here to not allow the phase to consult
its local SSA mapping (which properly handles replacements)
for the value of o3_field.
if (a1) {

a1 = true;

} else {

a1 = false;

}


Here, we ask for the reaching def of o3_field, and assert
it doesn't have a replacement. It does have a replacement
though. The original Def was the GetByOffset. We replaced
that GetByOffset with the value of the o1_y variable.
let value = o3.field;
assert(value === 50);

}

  • dfg/DFGObjectAllocationSinkingPhase.cpp:
  • tests/stress/allocation-sinking-defs-may-have-replacements.js: Added.

(dontCSE):
(assert):
(foo):

1:54 PM Changeset in webkit [199276] by commit-queue@webkit.org
  • 9 edits in trunk/Source

Unreviewed, rolling out r199242.
https://bugs.webkit.org/show_bug.cgi?id=156442

Caused many many leaks (Requested by ap on #webkit).

Reverted changeset:

"Web Inspector: get rid of InspectorBasicValue and
InspectorString subclasses"
https://bugs.webkit.org/show_bug.cgi?id=156407
http://trac.webkit.org/changeset/199242

1:41 PM Changeset in webkit [199275] by fpizlo@apple.com
  • 5 edits in trunk/Source/JavaScriptCore

Debug JSC test failure: stress/multi-put-by-offset-reallocation-butterfly-cse.js.ftl-no-cjit-small-pool
https://bugs.webkit.org/show_bug.cgi?id=156406

Reviewed by Saam Barati.

The failure was because the GC ran from within the butterfly allocation call in a put_by_id
transition AccessCase that had to deal with indexing storage. When the GC runs in a call from a stub,
then we need to be extra careful:

1) The GC may reset the IC and delete the stub. So, the stub needs to tell the GC that it might be on

the stack during GC, so that the GC keeps it alive if it's currently running.


2) If the stub uses (dereferences or stores) some object after the call, then we need to ensure that

the stub routine knows about that object independently of the IC.


In the case of put_by_id transitions that use a helper to allocate the butterfly, we have both
issues. A long time ago, we had to deal with (2), and we still had code to handle that case, although
it appears to be dead. This change revives that code and glues it together with PolymorphicAccess.

  • bytecode/PolymorphicAccess.cpp:

(JSC::AccessCase::alternateBase):
(JSC::AccessCase::doesCalls):
(JSC::AccessCase::couldStillSucceed):
(JSC::AccessCase::generate):
(JSC::PolymorphicAccess::regenerate):

  • bytecode/PolymorphicAccess.h:

(JSC::AccessCase::customSlotBase):
(JSC::AccessCase::isGetter):
(JSC::AccessCase::doesCalls): Deleted.

  • jit/GCAwareJITStubRoutine.cpp:

(JSC::GCAwareJITStubRoutine::markRequiredObjectsInternal):
(JSC::MarkingGCAwareJITStubRoutine::MarkingGCAwareJITStubRoutine):
(JSC::MarkingGCAwareJITStubRoutine::~MarkingGCAwareJITStubRoutine):
(JSC::MarkingGCAwareJITStubRoutine::markRequiredObjectsInternal):
(JSC::GCAwareJITStubRoutineWithExceptionHandler::GCAwareJITStubRoutineWithExceptionHandler):
(JSC::createJITStubRoutine):
(JSC::MarkingGCAwareJITStubRoutineWithOneObject::MarkingGCAwareJITStubRoutineWithOneObject): Deleted.
(JSC::MarkingGCAwareJITStubRoutineWithOneObject::~MarkingGCAwareJITStubRoutineWithOneObject): Deleted.
(JSC::MarkingGCAwareJITStubRoutineWithOneObject::markRequiredObjectsInternal): Deleted.

  • jit/GCAwareJITStubRoutine.h:

(JSC::createJITStubRoutine):

1:13 PM Changeset in webkit [199274] by commit-queue@webkit.org
  • 13 edits in trunk

Unreviewed, rolling out r199268.
https://bugs.webkit.org/show_bug.cgi?id=156440

Broke Windows build (Requested by ap on #webkit).

Reverted changeset:

"Implement functional :host() pseudo class"
https://bugs.webkit.org/show_bug.cgi?id=156397
http://trac.webkit.org/changeset/199268

11:16 AM WebKitGTK/Gardening/Calendar edited by Michael Catanzaro
(diff)
11:16 AM Changeset in webkit [199273] by Michael Catanzaro
  • 2 edits in trunk/LayoutTests

[GTK] Update another GStreamer test expectation

Unreviewed.

  • platform/gtk/TestExpectations:
11:11 AM Changeset in webkit [199272] by Michael Catanzaro
  • 2 edits in trunk/LayoutTests

[GTK] Update some more IndexedDB test expectations.

Unreviewed.

  • platform/gtk/TestExpectations:
10:59 AM WebKitGTK/Gardening/Calendar edited by Michael Catanzaro
(diff)
10:58 AM Changeset in webkit [199271] by Michael Catanzaro
  • 2 edits in trunk/LayoutTests

[GTK] Remove failure expectation from storage/indexeddb/connection-leak.html

It's skipped in the global TestExpectations, see bug #152643.

  • platform/gtk/TestExpectations:
10:45 AM WebKitGTK/Gardening/Calendar edited by Michael Catanzaro
(diff)
10:38 AM WebKitGTK/Gardening/Calendar edited by Michael Catanzaro
(diff)
10:37 AM WebKitGTK/Gardening/Calendar edited by Michael Catanzaro
(diff)
10:29 AM Changeset in webkit [199270] by Michael Catanzaro
  • 2 edits in trunk/LayoutTests

[GTK] Gardening unexpected passes and IndexedDB tests.

Unreviewed gardening.

  • platform/gtk/TestExpectations:
12:40 AM Changeset in webkit [199269] by rniwa@webkit.org
  • 2 edits in trunk/Websites/perf.webkit.org

Build fix. Don't treat a build number 0 as a pending build.

  • tools/js/buildbot-syncer.js:

(BuildbotBuildEntry.prototype.isPending):

12:38 AM Changeset in webkit [199268] by Antti Koivisto
  • 13 edits in trunk

Implement functional :host() pseudo class
https://bugs.webkit.org/show_bug.cgi?id=156397
<rdar://problem/25621445>

Reviewed by Darin Adler.

Source/WebCore:

We already support :host. Add functional syntax too.

  • css/CSSGrammar.y.in:

Parse functional :host().

  • css/CSSParser.cpp:

(WebCore::CSSParser::detectFunctionTypeToken):

  • css/CSSParserValues.cpp:

(WebCore::CSSParserSelector::parsePseudoClassHostFunctionSelector):

  • css/CSSParserValues.h:
  • css/ElementRuleCollector.cpp:

(WebCore::ElementRuleCollector::matchedRuleList):
(WebCore::ElementRuleCollector::addMatchedRule):

Factor some shared code here.

(WebCore::ElementRuleCollector::matchHostPseudoClassRules):

Instead of using the generic paths use a :host specific code path for matching.
This makes it easier to avoid :host matching when it shouldn't.

(WebCore::ElementRuleCollector::collectMatchingRulesForList):

  • css/ElementRuleCollector.h:
  • css/RuleSet.cpp:

(WebCore::computeMatchBasedOnRuleHash):

:host is always handled by the special matching path.

  • css/SelectorChecker.cpp:

(WebCore::SelectorChecker::match):
(WebCore::SelectorChecker::matchHostPseudoClass):

Add a function specifically for checking :host. In always fails on the normal code paths.
Check the argument selector if provided.

(WebCore::hasScrollbarPseudoElement):

  • css/SelectorChecker.h:

LayoutTests:

Enable, fix and expand the test.

  • fast/shadow-dom/css-scoping-shadow-host-functional-rule.html:
  • platform/mac/TestExpectations:

Apr 8, 2016:

10:16 PM Changeset in webkit [199267] by jonlee@apple.com
  • 2 edits in trunk/PerformanceTests

Have Animometer benchmark always start with complexity of 1
https://bugs.webkit.org/show_bug.cgi?id=156432

Reviewed by Ryosuke Niwa.

  • Animometer/tests/resources/main.js: Update the default Controller and RampController to

set its minimum complexities to 1 instead of 0.

9:56 PM Changeset in webkit [199266] by rniwa@webkit.org
  • 7 edits in trunk/Websites/perf.webkit.org

Escape builder names in url* and pathFor* methods of BuildbotSyncer
https://bugs.webkit.org/show_bug.cgi?id=156427

Reviewed by Darin Adler.

The build fix in r199251 breaks other usage of RemoteAPI. Fix it properly by escaping builder names in
various methods of BuildbotSyncer.

Also fixed a typo in the logging and a bug that the new syncing script never updated "scheduled" to "running".

  • server-tests/resources/mock-data.js:

(MockData.mockTestSyncConfigWithTwoBuilders): Renamed "some-builder-2" to "some builder 2" to test the
new escaping behavior in tools-buildbot-triggerable-tests.js and buildbot-syncer-tests.js.

  • server-tests/tools-buildbot-triggerable-tests.js: Added tests for status url, and added a new test case

for updating "scheduled" to "running".

  • tools/js/buildbot-syncer.js:

(BuildbotBuildEntry.buildRequestStatusIfUpdateIsNeeded): Update the status to "running" when the request's
status is "scheduled" and the buildbot's build is currently in progress.
(BuildbotSyncer.prototype.pathForPendingBuildsJSON): Escape the builder name.
(BuildbotSyncer.prototype.pathForBuildJSON): Ditto.
(BuildbotSyncer.prototype.pathForForceBuild): Ditto.
(BuildbotSyncer.prototype.url): Ditto.
(BuildbotSyncer.prototype.urlForBuildNumber): Ditto.

  • tools/js/buildbot-triggerable.js:

(BuildbotTriggerable.prototype._pullBuildbotOnAllSyncers):
(BuildbotTriggerable.prototype._scheduleNextRequestInGroupIfSlaveIsAvailable): Fixed a typo. We are
scheduling new build requests, not syncing them.

  • tools/js/remote.js:

(RemoteAPI.sendHttpRequest): Reverted r199251.

  • unit-tests/buildbot-syncer-tests.js:
8:46 PM Changeset in webkit [199265] by Darin Adler
  • 28 edits in trunk

Improve IDL support for object arguments that are neither optional nor nullable
https://bugs.webkit.org/show_bug.cgi?id=156149

Reviewed by Chris Dumez.

Source/WebCore:

After this patch, we are almost ready to change some more DOM functions to
use references instead of pointers. Remaining blocking issue is lack of support
for ShouldPassWrapperByReference in the gobject bindings.

  • bindings/objc/ExceptionHandlers.h: Add NO_RETURN to raiseDOMException.

Added a new raiseTypeErrorException. Re-indented header and removed unneeded
include and forward declarations.

  • bindings/objc/ExceptionHandlers.mm:

(WebCore::raiseDOMException): Added RELEASE_ASSERT_NOT_REACHED so the compiler
will understand this is NO_RETURN. Also updated FIXME comment.
(WebCore::raiseTypeErrorException): Added.

  • bindings/scripts/CodeGenerator.pm: Removed unneeded code that allows the type

"AtomicString" in IDL files.
(ShouldPassWrapperByReference): Added. Contains the logic from the function in
the JavaScript code generator that was named IsPointerParameterPassedByReference,
minus a couple checks that are unneeded. For use in other code generators so they
are all consistent about how they call the DOM implementation.

  • bindings/scripts/CodeGeneratorGObject.pm:

(SkipFunction): Removed support for unused CustomBinding extended attribute.

  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateHeader): Removed support for unused CustomBinding extended attribute.
(GenerateImplementation): Ditto. Also changed type checking code to throw a
type error in a more efficient way, using throwVMTypeError directly.
(GenerateParametersCheck): Rearranged code a bit so that arguments that need to
be passed in unusual ways are handled all in one place. Use WTFMove for newly
created NodeFilter objects. Simplified the reference logic so it doesn't need
to do an additional check to see if a type is a callback. Also changed type
checking code to throw a type error in a more efficient way, using throwVMTypeError
directly. Also corrected mistake where null checking code was throwing
TYPE_MISMATCH_ERR instead of a type error.
(GetNativeType): Coding style tweak.
(ShouldPassWrapperByReference): Renamed from IsPointerParameterPassedByReference.
Changed to call underlying ShouldPassWrapperByReference function in the language-
independent code generator.
(GenerateConstructorDefinition): Updated for name change.

  • bindings/scripts/CodeGeneratorObjC.pm:

(SkipFunction): Removed support for unused CustomBinding extended attribute.
(GenerateImplementation): Added code to null check and pass a reference when
ShouldPassWrapperByReference returns true.

  • bindings/scripts/IDLAttributes.txt: Sorted in the AppleCopyright and

UsePointersEvenForNonNullableObjectArguments arguments. Removed the unused
CPPPureInterface and CustomBinding attributes.

  • bindings/scripts/test/JS/JSTestActiveDOMObject.cpp: Regenerated test results.
  • bindings/scripts/test/JS/JSTestInterface.cpp: Ditto.
  • bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp: Ditto.
  • bindings/scripts/test/JS/JSTestObj.cpp: Ditto.
  • bindings/scripts/test/JS/JSTestObj.h: Ditto.
  • bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp: Ditto.
  • bindings/scripts/test/JS/JSTestTypedefs.cpp: Ditto.
  • bindings/scripts/test/ObjC/DOMTestActiveDOMObject.mm: Ditto.
  • bindings/scripts/test/ObjC/DOMTestCallback.mm: Ditto.
  • bindings/scripts/test/ObjC/DOMTestCallbackFunction.mm: Ditto.
  • bindings/scripts/test/ObjC/DOMTestInterface.mm: Ditto.
  • bindings/scripts/test/ObjC/DOMTestMediaQueryListListener.mm: Ditto.
  • bindings/scripts/test/ObjC/DOMTestObj.mm: Ditto.
  • bindings/scripts/test/TestObj.idl: Removed test for CustomBinding.
  • dom/DOMImplementation.idl: Fixed #if so that only the return type is different

between JavaScript and the other bindings. Without this change, the different
bindings got different results for ShouldPassWrapperByReference. Also formatted
functions all on a single line.

  • dom/EventListener.idl: Removed CPPPureInterface, since it had no effect.
  • dom/EventTarget.idl: Ditto.

LayoutTests:

  • fast/canvas/canvas-path-addPath-expected.txt: Updated expected result to expect

TypeError rather than TYPE_MISMATCH_ERR. A progression.

  • fast/text/font-face-set-javascript-expected.txt: Ditto.
8:07 PM Changeset in webkit [199264] by Chris Dumez
  • 32 edits in trunk/Source/WebCore

[WebIDL] Add support for [ExportMacro=XXX] IDL extended attribute
https://bugs.webkit.org/show_bug.cgi?id=156428

Reviewed by Ryosuke Niwa.

Add support for [ExportMacro=XXX] IDL extended attribute (e.g. [ExportMacro=WEBCORE_EXPORT])
so developers can indicate in the IDL which macro to use to export the generated JS bindings
class.

We previously supported this by hard-coding JS class names in the bindings generator which
was ugly.

  • Modules/mediasession/MediaSession.idl:
  • Modules/mediasource/SourceBuffer.idl:
  • Modules/notifications/Notification.idl:
  • Modules/webaudio/AudioContext.idl:
  • bindings/scripts/CodeGeneratorJS.pm:

(GetExportMacroForJSClass):
(GenerateHeader):
(AddIncludesForType): Deleted.
(AddToImplIncludes): Deleted.

  • bindings/scripts/IDLAttributes.txt:
  • bindings/scripts/test/TestInterface.idl:
  • bindings/scripts/test/TestNode.idl:
  • css/CSSStyleDeclaration.idl:
  • dom/ClientRect.idl:
  • dom/ClientRectList.idl:
  • dom/Document.idl:
  • dom/Element.idl:
  • dom/Node.idl:
  • dom/Range.idl:
  • fileapi/File.idl:
  • html/DOMURL.idl:
  • html/HTMLElement.idl:
  • html/HTMLMediaElement.idl:
  • html/TimeRanges.idl:
  • html/canvas/DOMPath.idl:
  • inspector/ScriptProfile.idl:
  • inspector/ScriptProfileNode.idl:
  • page/DOMWindow.idl:
  • page/make_settings.pl:

(generateInternalSettingsIdlFile):

  • testing/InternalSettings.idl:
  • testing/Internals.idl:
  • testing/MallocStatistics.idl:
  • testing/MemoryInfo.idl:
  • testing/TypeConversions.idl:
  • xml/XMLHttpRequest.idl:
7:37 PM Changeset in webkit [199263] by commit-queue@webkit.org
  • 12 edits
    6 adds in trunk

Web Inspector: XHRs and Web Worker scripts are not searchable
https://bugs.webkit.org/show_bug.cgi?id=154214
<rdar://problem/24643587>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-04-08
Reviewed by Timothy Hatcher.

Source/JavaScriptCore:

  • inspector/protocol/Page.json:

Add optional requestId to search results properties and search
parameters for when the frameId and url are not enough. XHR
resources, and "Other" resources will use this.

Source/WebCore:

Test: inspector/page/searchInResources.html

  • inspector/InspectorPageAgent.h:
  • inspector/InspectorPageAgent.cpp:

(WebCore::InspectorPageAgent::searchInResource):
(WebCore::InspectorPageAgent::searchInResources):
Let the NetworkAgent handle individual search requests
with a requestId. And provide global search results for
"other" resources and will include requestId properties.

  • inspector/InspectorNetworkAgent.h:
  • inspector/InspectorNetworkAgent.cpp:

(WebCore::InspectorNetworkAgent::didFinishXHRLoading):
(WebCore::buildObjectForSearchResult):
(WebCore::InspectorNetworkAgent::searchOtherRequests):
(WebCore::InspectorNetworkAgent::searchInRequest):
Search saved "other" resource data content.

  • inspector/NetworkResourcesData.h:
  • inspector/NetworkResourcesData.cpp:

(WebCore::NetworkResourcesData::resources):
Expose the resources for iteration by the NetworkAgent.

Source/WebInspectorUI:

  • UserInterface/Views/SearchSidebarPanel.js:

(WebInspector.SearchSidebarPanel.prototype.performSearch.resourceCallback):
(WebInspector.SearchSidebarPanel.prototype.performSearch.resourcesCallback):
Carry forward the requestId property if it is available.

LayoutTests:

  • inspector/page/resources/search-script.js: Added.
  • inspector/page/resources/search-stylesheet.css: Added.
  • inspector/page/resources/search-worker.js: Added.
  • inspector/page/resources/search-xhr.txt: Added.
  • inspector/page/searchInResources-expected.txt: Added.
  • inspector/page/searchInResources.html: Added.

Test for the Page domain's search commands.

7:32 PM Changeset in webkit [199262] by commit-queue@webkit.org
  • 5 edits in trunk/Source/WebInspectorUI

Web Inspector: Allocation snapshot hover persists after switching tabs
https://bugs.webkit.org/show_bug.cgi?id=156430
<rdar://problem/25633800>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-04-08
Reviewed by Timothy Hatcher.

  • UserInterface/Views/HeapSnapshotInstanceDataGridNode.js:

(WebInspector.HeapSnapshotInstanceDataGridNode.prototype._mouseoverHandler):
Don't show the popover if the tree is no longer visible.

  • UserInterface/Views/HeapSnapshotInstancesContentView.js:

(WebInspector.HeapSnapshotInstancesContentView.prototype.shown):

  • UserInterface/Views/HeapSnapshotInstancesDataGridTree.js:

(WebInspector.HeapSnapshotInstancesDataGridTree):
(WebInspector.HeapSnapshotInstancesDataGridTree.prototype.get visible):
(WebInspector.HeapSnapshotInstancesDataGridTree.prototype.shown):
(WebInspector.HeapSnapshotInstancesDataGridTree.prototype.hidden):
Give the tree a visible state and have its containing ContentView
update it with normal ContentView shown/hidden.

  • UserInterface/Views/Popover.js:

We are presenting while we were dismissing, so completely clear the
dismissing state.

6:20 PM Changeset in webkit [199261] by commit-queue@webkit.org
  • 2 edits in trunk/Source/JavaScriptCore

MIPS: support Signed cond in branchTest32()
https://bugs.webkit.org/show_bug.cgi?id=156260

This is needed since r197688 makes use of it.

Patch by Guillaume Emont <guijemont@igalia.com> on 2016-04-08
Reviewed by Mark Lam.

  • assembler/MacroAssemblerMIPS.h:

(JSC::MacroAssemblerMIPS::branchTest32):

6:19 PM Changeset in webkit [199260] by jdiggs@igalia.com
  • 15 edits in trunk

AX: "AXLandmarkApplication" is an inappropriate subrole for ARIA "application" since it's no longer a landmark
https://bugs.webkit.org/show_bug.cgi?id=155403

Reviewed by Chris Fleizach.

The new subrole is AXWebApplication and the new role description is "web application".
As part of the fix, the WebCore AccessibilityRole for ARIA's "application" role was
renamed from LandmarkApplicationRole to WebApplicationRole.

The roles-exposed.html and aria-grouping-roles.html test expectations were also updated.

Source/WebCore:

  • English.lproj/Localizable.strings:
  • accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::accessibleNameDerivesFromContent):
(WebCore::AccessibilityObject::isLandmark):
(WebCore::initializeRoleMap):

  • accessibility/AccessibilityObject.h:
  • accessibility/atk/WebKitAccessibleWrapperAtk.cpp:

(atkRole):

  • accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:

(-[WebAccessibilityObjectWrapper determineIsAccessibilityElement]):
(-[WebAccessibilityObjectWrapper _accessibilityIsLandmarkRole:]):

  • accessibility/mac/WebAccessibilityObjectWrapperBase.mm:

(-[WebAccessibilityObjectWrapperBase ariaLandmarkRoleDescription]):

  • accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(createAccessibilityRoleMap):
(-[WebAccessibilityObjectWrapper subrole]):

  • platform/LocalizedStrings.cpp:

(WebCore::AXARIAContentGroupText):

Source/WebKit/win:

  • AccessibleBase.cpp: Update the rolename

(MSAARole):

LayoutTests:

  • accessibility/mac/aria-grouping-roles-expected.txt:
  • accessibility/mac/aria-grouping-roles.html:
  • platform/mac/accessibility/roles-exposed-expected.txt:
6:18 PM Changeset in webkit [199259] by Simon Fraser
  • 16 edits in trunk/Source

[iOS WK2] WKWebViews should consult ancestor UIScrollViews to determine tiling area
https://bugs.webkit.org/show_bug.cgi?id=156429
rdar://problem/25455111

Reviewed by Tim Horton.

When a WKWebView is expanded to full size, then embedded in UIScrollView, it would
create huge tiles that cover the entire view area (since it considered itself non-scrollable).

Fix to always use 512x512 tiles in this configuration, and to adjust the tile coverage
for the area exposed through the enclosing UIScrollView.

Source/WebCore:

  • loader/HistoryController.cpp:

(WebCore::HistoryController::saveScrollPositionAndViewStateToItem): setObscuredInset()
moved from FrameView to Page.

  • page/FrameView.cpp:

(WebCore::FrameView::adjustTiledBackingScrollability): If we're clipped by an ancestor scrollView,
just assume we're scrollable on both axes.

  • page/Page.h:

(WebCore::Page::obscuredInset):
(WebCore::Page::setObscuredInset):
(WebCore::Page::enclosedInScrollView):
(WebCore::Page::setEnclosedInScrollView):

  • platform/ScrollView.h:

(WebCore::ScrollView::platformObscuredInset): Deleted.
(WebCore::ScrollView::platformSetObscuredInset): Deleted.

Source/WebKit2:

  • Shared/VisibleContentRectUpdateInfo.cpp: Add enclosedInScrollView(), which is used to

trigger normal-sized tiles.
(WebKit::VisibleContentRectUpdateInfo::encode):
(WebKit::VisibleContentRectUpdateInfo::decode):

  • Shared/VisibleContentRectUpdateInfo.h:

(WebKit::VisibleContentRectUpdateInfo::VisibleContentRectUpdateInfo):
(WebKit::VisibleContentRectUpdateInfo::enclosedInScrollView):
(WebKit::operator==):

  • UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _didInvokeUIScrollViewDelegateCallback]): Pass our scrollView.
(-[WKWebView _didFinishScrolling]):
(-[WKWebView scrollViewDidScroll:]):
(-[WKWebView scrollViewDidZoom:]):
(-[WKWebView scrollViewDidEndZooming:withView:atScale:]):
(-[WKWebView _scrollViewDidInterruptDecelerating:]):
(-[WKWebView _visibleRectInEnclosingScrollView:]):
(-[WKWebView _visibleContentRect]): Compute the exposed part of the content relative
to the WKWebView, then intersect with the exposed part via any ancestor UIScrollView.
(-[WKWebView _didScroll]): This is called by UIKit when some ancestor UIScrollView scrolls.
However, we don't get all the UIScrollView delegate callbacks, so have to use a timer to
trigger a call to -_updateVisibleContentRects when we're in a stable state.
(-[WKWebView _enclosingScrollerScrollingEnded:]):
(-[WKWebView _frameOrBoundsChanged]):
(-[WKWebView _updateVisibleContentRects]):
(-[WKWebView _updateVisibleContentRectAfterScrollInView:]): Get the stable state from the
scroll view that the user is interacting with.
(-[WKWebView _updateContentRectsWithState:]):

  • UIProcess/API/Cocoa/WKWebViewInternal.h:
  • UIProcess/WebPageProxy.h: Rather than pass a bazillion arguments through updateVisibleContentRects(), just

pass the VisibleContentRectUpdateInfo struct.

  • UIProcess/ios/WKContentView.h:
  • UIProcess/ios/WKContentView.mm:

(-[WKContentView didUpdateVisibleRect:unobscuredRect:unobscuredRectInScrollViewCoordinates:obscuredInset:scale:minimumScale:inStableState:isChangingObscuredInsetsInteractively:enclosedInScrollView:]):
(-[WKContentView didUpdateVisibleRect:unobscuredRect:unobscuredRectInScrollViewCoordinates:obscuredInset:scale:minimumScale:inStableState:isChangingObscuredInsetsInteractively:]): Deleted.

  • UIProcess/ios/WebPageProxyIOS.mm:

(WebKit::WebPageProxy::updateVisibleContentRects):

  • UIProcess/mac/RemoteLayerTreeDrawingAreaProxy.mm:

(WebKit::RemoteLayerTreeDrawingAreaProxy::RemoteLayerTreeDrawingAreaProxy):
(WebKit::RemoteLayerTreeDrawingAreaProxy::indicatorLocation):

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::updatePreferences):

  • WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::WebPage::updateVisibleContentRects):

5:42 PM Changeset in webkit [199258] by commit-queue@webkit.org
  • 4 edits in trunk/Source

[iOS Simulator] Build failure (property 'contentsFormat' not found on object of type 'LegacyTileLayer *')
https://bugs.webkit.org/show_bug.cgi?id=156415

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-04-08
Reviewed by Simon Fraser.

Source/WebCore:

  • platform/spi/cocoa/QuartzCoreSPI.h:

Provide SPI forward declaration of the CALayer contentsFormat property.

Source/WebKit2:

  • UIProcess/API/Cocoa/_WKElementAction.mm:

(-[_WKElementAction runActionWithElementInfo:]):
Use WeakObjCPtr instead of weak to avoid build errors when not under ARC.

5:36 PM Changeset in webkit [199257] by achristensen@apple.com
  • 19 edits in trunk

Progress towards running CMake WebKit2 on Mac
https://bugs.webkit.org/show_bug.cgi?id=156426

Reviewed by Tim Horton.

.:

  • Source/cmake/OptionsMac.cmake:

FTL works on Mac, so let's use it.

  • Source/cmake/WebKitMacros.cmake:

Source/JavaScriptCore:

  • PlatformMac.cmake:

Source/WebCore:

  • CMakeLists.txt:
  • PlatformGTK.cmake:
  • PlatformMac.cmake:
  • PlatformWin.cmake:

On Mac, WTF is a static library that is linked only with JavaScriptCore.

Source/WebKit:

  • CMakeLists.txt:
  • PlatformMac.cmake:
  • PlatformWin.cmake:

Source/WebKit2:

  • CMakeLists.txt:
  • PlatformMac.cmake:

Put the xpc service binaries in the right place.

Source/WTF:

  • wtf/PlatformMac.cmake:
5:33 PM Changeset in webkit [199256] by achristensen@apple.com
  • 3 edits in trunk/Source/WebKit2

Build fix with IndexedDB disabled but DatabaseProcess enabled after r199230
https://bugs.webkit.org/show_bug.cgi?id=156321

Rubber-stamped by Brady Eidson.

  • DatabaseProcess/DatabaseProcess.cpp:

(WebKit::DatabaseProcess::deleteWebsiteDataForOrigins):
(WebKit::DatabaseProcess::grantSandboxExtensionsForBlobs):
(WebKit::DatabaseProcess::accessToTemporaryFileComplete):
(WebKit::DatabaseProcess::indexedDatabaseOrigins):

  • DatabaseProcess/DatabaseProcess.h:

Add some more guards.

4:01 PM Changeset in webkit [199255] by bshafiei@apple.com
  • 2 edits in branches/safari-601.1.46-branch/Source/WebCore

Merged r199253. rdar://problem/25533763

3:59 PM Changeset in webkit [199254] by bshafiei@apple.com
  • 2 edits in branches/safari-601.1.46-branch/Source/WebCore

Merged r199252. rdar://problem/25533763

3:54 PM Changeset in webkit [199253] by jer.noble@apple.com
  • 2 edits in trunk/Source/WebCore

Unreviewed 32-bit build fix; make type of std::min<> explicit.

  • platform/audio/ios/AudioDestinationIOS.cpp:

(WebCore::AudioDestinationIOS::render):

3:41 PM Changeset in webkit [199252] by jer.noble@apple.com
  • 2 edits in trunk/Source/WebCore

CRASH in AudioDestinationNode::render()
https://bugs.webkit.org/show_bug.cgi?id=156308

Reviewed by Eric Carlson.

Yet another math error in AudioDestinationIOS::render(). It is possible for the difference between
m_startSpareFrame and m_endSpareFrame to be greater than the numberOfFrames to be rendered. Protect
against this case by taking the min() of those two values and only advancing m_startSpareFrame by
that amount. This guarantees that framesThisTime will never underflow, and that data will not be
written past the end of the ioData parameter.

  • platform/audio/ios/AudioDestinationIOS.cpp:

(WebCore::AudioDestinationIOS::render):

3:37 PM Changeset in webkit [199251] by rniwa@webkit.org
  • 2 edits in trunk/Websites/perf.webkit.org

Build fix. We need to escape the path or http.request would fail.

  • tools/js/remote.js:
3:01 PM Changeset in webkit [199250] by beidson@apple.com
  • 12 edits in trunk/Source/WebCore

Modern IDB: Use more IDBValue and IDBGetResult in IDBBackingStore.
https://bugs.webkit.org/show_bug.cgi?id=156418

Reviewed by Alex Christensen.

No new tests (Refactor, no change in behavior).

  • Modules/indexeddb/IDBValue.cpp:

(WebCore::IDBValue::IDBValue):

  • Modules/indexeddb/IDBValue.h:
  • Modules/indexeddb/server/IDBBackingStore.h:
  • Modules/indexeddb/server/MemoryBackingStoreTransaction.cpp:

(WebCore::IDBServer::MemoryBackingStoreTransaction::abort):

  • Modules/indexeddb/server/MemoryIDBBackingStore.cpp:

(WebCore::IDBServer::MemoryIDBBackingStore::addRecord):
(WebCore::IDBServer::MemoryIDBBackingStore::getRecord):

  • Modules/indexeddb/server/MemoryIDBBackingStore.h:
  • Modules/indexeddb/server/MemoryObjectStore.cpp:

(WebCore::IDBServer::MemoryObjectStore::addRecord):

  • Modules/indexeddb/server/MemoryObjectStore.h:
  • Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:

(WebCore::IDBServer::SQLiteIDBBackingStore::addRecord):
(WebCore::IDBServer::SQLiteIDBBackingStore::getRecord):

  • Modules/indexeddb/server/SQLiteIDBBackingStore.h:
  • Modules/indexeddb/server/UniqueIDBDatabase.cpp:

(WebCore::IDBServer::UniqueIDBDatabase::performPutOrAdd):
(WebCore::IDBServer::UniqueIDBDatabase::performGetRecord):

2:21 PM Changeset in webkit [199249] by sbarati@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Debugger may dereference m_currentCallFrame even after the VM has gone idle
https://bugs.webkit.org/show_bug.cgi?id=156413

Reviewed by Mark Lam.

There is a bug where the debugger may dereference its m_currentCallFrame
pointer after that pointer becomes invalid to read from. This happens like so:

We may step over an instruction which causes the end of execution for the
current program. This causes the VM to exit. Then, we perform a GC which
causes us to collect the global object. The global object being collected
causes us to detach the debugger. In detaching, we think we still have a
valid m_currentCallFrame, we dereference it, and crash. The solution is to
make sure we're paused when dereferencing this pointer inside ::detach().

  • debugger/Debugger.cpp:

(JSC::Debugger::detach):

2:11 PM Changeset in webkit [199248] by beidson@apple.com
  • 8 edits in trunk/Source/WebCore

Modern IDB: Make IDBGetResult contain an IDBValue instead of a buffer, and remove unused methods.
https://bugs.webkit.org/show_bug.cgi?id=156416

Reviewed by Alex Christensen.

No new tests (Refactor, no change in behavior).

  • Modules/indexeddb/IDBCursor.cpp:

(WebCore::IDBCursor::setGetResult):

  • Modules/indexeddb/IDBGetResult.cpp:

(WebCore::IDBGetResult::dataFromBuffer):
(WebCore::IDBGetResult::isolatedCopy):

  • Modules/indexeddb/IDBGetResult.h:

(WebCore::IDBGetResult::IDBGetResult):
(WebCore::IDBGetResult::value):
(WebCore::IDBGetResult::encode):
(WebCore::IDBGetResult::decode):
(WebCore::IDBGetResult::valueBuffer): Deleted.
(WebCore::IDBGetResult::setValueBuffer): Deleted.
(WebCore::IDBGetResult::setKeyData): Deleted.
(WebCore::IDBGetResult::setPrimaryKeyData): Deleted.
(WebCore::IDBGetResult::setKeyPath): Deleted.

  • Modules/indexeddb/IDBTransaction.cpp:

(WebCore::IDBTransaction::didGetRecordOnServer):

  • Modules/indexeddb/IDBValue.cpp:

(WebCore::IDBValue::IDBValue):

  • Modules/indexeddb/IDBValue.h:
  • Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:

(WebCore::IDBServer::SQLiteIDBBackingStore::getIndexRecord):

2:01 PM Changeset in webkit [199247] by Alan Bujtas
  • 10 edits
    6 adds in trunk

Focus ring drawn at incorrect location on image map with CSS transform.
https://bugs.webkit.org/show_bug.cgi?id=143527
<rdar://problem/21908735>

Reviewed by Simon Fraser.

Source/WebCore:

Implement pathForFocusRing for HTMLAreaElement. It follows the logic of RenderObject::addFocusRingRects().

Tests: fast/images/image-map-outline-in-positioned-container.html

fast/images/image-map-outline-with-paint-root-offset.html
fast/images/image-map-outline-with-scale-transform.html
fast/images/image-map-outline.html

  • html/HTMLAreaElement.cpp:

(WebCore::HTMLAreaElement::pathForFocusRing):

  • html/HTMLAreaElement.h:
  • rendering/RenderElement.cpp:

(WebCore::RenderElement::paintFocusRing): Move addFocusRingRects() out of focus ring painting.
(WebCore::RenderElement::paintOutline):

  • rendering/RenderElement.h:
  • rendering/RenderImage.cpp:

(WebCore::RenderImage::paint):
(WebCore::RenderImage::paintAreaElementFocusRing):

  • rendering/RenderImage.h:
  • rendering/RenderInline.cpp:

(WebCore::RenderInline::paintOutline):

LayoutTests:

Implement pathForFocusRing for HTMLAreaElement.

  • fast/images/image-map-outline-in-positioned-container-expected.html: Added.
  • fast/images/image-map-outline-in-positioned-container.html: Added.
  • fast/images/image-map-outline-with-paint-root-offset-expected.html: Added.
  • fast/images/image-map-outline-with-paint-root-offset.html: Added.
  • fast/images/image-map-outline-with-scale-transform-expected.html: Added.
  • fast/images/image-map-outline-with-scale-transform.html: Added.
1:59 PM Changeset in webkit [199246] by ggaren@apple.com
  • 3 edits in trunk/Source/bmalloc

bmalloc: stress_aligned test fails if you increase smallMax
https://bugs.webkit.org/show_bug.cgi?id=156414

Reviewed by Oliver Hunt.

When size exceeds alignment and is a multiple of alignment and is not
a power of two, such as 24kB with 8kB alignment, the small allocator
did not always guarantee alignment. Let's fix that.

  • bmalloc/Algorithm.h:

(bmalloc::divideRoundingUp): Math is hard.

  • bmalloc/Allocator.cpp:

(bmalloc::Allocator::allocate): Align to the page size unconditionally.
Even if the page size is not a power of two, it might be a multiple of
a power of two, and we want alignment to that smaller power of two to
be guaranteed.

1:46 PM Changeset in webkit [199245] by Brent Fulgham
  • 2 edits in trunk/Source/WebCore

[WK1] Wheel event callback removing the window causes crash in WebCore
https://bugs.webkit.org/show_bug.cgi?id=156409
<rdar://problem/25631267>

Reviewed by Simon Fraser.

Null check the Widget before using it, since the iframe may have been removed
from its parent document inside the event handler.

This is the WK1 fix for https://bugs.webkit.org/show_bug.cgi?id=150871.

Tested by fast/events/wheel-event-destroys-frame.html

  • page/EventHandler.cpp:

(WebCore::widgetForElement): Added.
(WebCore::EventHandler::handleWheelEvent): Use new helper function to
clean up the code, and allow us to check that the Widget has not been
destroyed during the event handler.

1:19 PM Changeset in webkit [199244] by jonlee@apple.com
  • 5 edits in trunk/PerformanceTests

Fix SVG benchmark test
https://bugs.webkit.org/show_bug.cgi?id=156410

Reviewed by Dean Jackson.

  • Animometer/resources/extensions.js: Update Point.zero to be a static Point.
  • Animometer/tests/simple/resources/tiled-canvas-image.js:

(Stage.call._setupTiles): Refactor.

  • Animometer/tests/master/resources/particles.js:

(Particle.prototype.reset): Use Point.center.
(complexity): We are not using a gradient background anymore, so remove the +1.

  • Animometer/tests/master/resources/svg-particles.js: Update to use SVG transform

instead of CSS transform.

1:07 PM Changeset in webkit [199243] by Said Abou-Hallawa
  • 2 edits in trunk/Source/WebCore

Timing attack on SVG feComposite filter circumvents same-origin policy
https://bugs.webkit.org/show_bug.cgi?id=154338

Patch by Said Abou-Hallawa <sabouhallawa@apple,com> on 2016-04-08
Reviewed by Oliver Hunt.

Ensure the FEComposite arithmetic filter is clamping the resulted color
components in a constant time.

  • platform/graphics/filters/FEComposite.cpp:

(WebCore::clampByte):
(WebCore::computeArithmeticPixels):

12:59 PM Changeset in webkit [199242] by Brian Burg
  • 9 edits in trunk/Source

Web Inspector: get rid of InspectorBasicValue and InspectorString subclasses
https://bugs.webkit.org/show_bug.cgi?id=156407
<rdar://problem/25627659>

Reviewed by Timothy Hatcher.

Source/JavaScriptCore:

There's no point having these subclasses as they don't save any space.
Add m_stringValue to the union and merge some implementations of writeJSON.
Move uses of the subclass to InspectorValue and delete redundant methods.
Now, most InspectorValue methods are non-virtual so they can be templated.

  • bindings/ScriptValue.cpp:

(Deprecated::jsToInspectorValue):

  • inspector/InjectedScriptBase.cpp:

(Inspector::InjectedScriptBase::makeCall):
Don't used deleted subclasses.

  • inspector/InspectorValues.cpp:

(Inspector::InspectorValue::null):
(Inspector::InspectorValue::create):
(Inspector::InspectorValue::asValue):
(Inspector::InspectorValue::asBoolean):
(Inspector::InspectorValue::asDouble):
(Inspector::InspectorValue::asInteger):
(Inspector::InspectorValue::asString):
These only need one implementation now.

(Inspector::InspectorValue::writeJSON):
Still a virtual method since Object and Array need their members.

(Inspector::InspectorObjectBase::InspectorObjectBase):
(Inspector::InspectorBasicValue::asBoolean): Deleted.
(Inspector::InspectorBasicValue::asDouble): Deleted.
(Inspector::InspectorBasicValue::asInteger): Deleted.
(Inspector::InspectorBasicValue::writeJSON): Deleted.
(Inspector::InspectorString::asString): Deleted.
(Inspector::InspectorString::writeJSON): Deleted.
(Inspector::InspectorString::create): Deleted.
(Inspector::InspectorBasicValue::create): Deleted.

  • inspector/InspectorValues.h:

(Inspector::InspectorObjectBase::setBoolean):
(Inspector::InspectorObjectBase::setInteger):
(Inspector::InspectorObjectBase::setDouble):
(Inspector::InspectorObjectBase::setString):
(Inspector::InspectorArrayBase::pushBoolean):
(Inspector::InspectorArrayBase::pushInteger):
(Inspector::InspectorArrayBase::pushDouble):
(Inspector::InspectorArrayBase::pushString):
Use new factory methods.

  • replay/EncodedValue.cpp:

(JSC::ScalarEncodingTraits<bool>::encodeValue):
(JSC::ScalarEncodingTraits<double>::encodeValue):
(JSC::ScalarEncodingTraits<float>::encodeValue):
(JSC::ScalarEncodingTraits<int32_t>::encodeValue):
(JSC::ScalarEncodingTraits<int64_t>::encodeValue):
(JSC::ScalarEncodingTraits<uint32_t>::encodeValue):
(JSC::ScalarEncodingTraits<uint64_t>::encodeValue):

  • replay/EncodedValue.h:

Use new factory methods.

Source/WebCore:

  • inspector/InspectorDatabaseAgent.cpp: Don't use deleted subclasses.
12:40 PM Changeset in webkit [199241] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebInspectorUI

JSContext Inspector: Fix asserts and uncaught exception showing Timeline Tab
https://bugs.webkit.org/show_bug.cgi?id=156411

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-04-08
Reviewed by Timothy Hatcher.

  • UserInterface/Views/OverviewTimelineView.js:

(WebInspector.OverviewTimelineView):
(WebInspector.OverviewTimelineView.prototype.closed):
Gracefully handle if we do not have a Network Timeline.

  • UserInterface/Views/TimelineTabContentView.js:

(WebInspector.TimelineTabContentView.prototype._changeViewMode):
This function is always called by the constructor, so the assert
is not useful since it can be called when FPS is not supported.

12:37 PM Changeset in webkit [199240] by fpizlo@apple.com
  • 8 edits
    19 adds in trunk

Add IC support for arguments.length
https://bugs.webkit.org/show_bug.cgi?id=156389

Reviewed by Geoffrey Garen.
Source/JavaScriptCore:


This adds support for caching accesses to arguments.length for both DirectArguments and
ScopedArguments. In strict mode, we already cached these accesses since they were just
normal properties.

Amazingly, we also already supported caching of overridden arguments.length in both
DirectArguments and ScopedArguments. This is because when you override, the property gets
materialized as a normal JS property and the structure is changed.

This patch painstakingly preserves our previous caching of overridden length while
introducing caching of non-overridden length (i.e. the common case). In fact, we even cache
the case where it could either be overridden or not, since we just end up with an AccessCase
for each and they cascade to each other.

This is a >3x speed-up on microbenchmarks that do arguments.length in a polymorphic context.
Entirely monomorphic accesses were already handled by the DFG.

  • bytecode/PolymorphicAccess.cpp:

(JSC::AccessGenerationState::calculateLiveRegistersForCallAndExceptionHandling):
(JSC::AccessCase::guardedByStructureCheck):
(JSC::AccessCase::generateWithGuard):
(JSC::AccessCase::generate):
(WTF::printInternal):

  • bytecode/PolymorphicAccess.h:
  • jit/ICStats.h:
  • jit/JITOperations.cpp:
  • jit/Repatch.cpp:

(JSC::tryCacheGetByID):
(JSC::tryCachePutByID):
(JSC::tryRepatchIn):

  • tests/stress/direct-arguments-override-length-then-access-normal-length.js: Added.

(args):
(foo):
(result.foo):

LayoutTests:

  • js/regress/direct-arguments-length-expected.txt: Added.
  • js/regress/direct-arguments-length.html: Added.
  • js/regress/direct-arguments-overridden-length-expected.txt: Added.
  • js/regress/direct-arguments-overridden-length.html: Added.
  • js/regress/direct-arguments-possibly-overridden-length-expected.txt: Added.
  • js/regress/direct-arguments-possibly-overridden-length.html: Added.
  • js/regress/scoped-arguments-length-expected.txt: Added.
  • js/regress/scoped-arguments-length.html: Added.
  • js/regress/scoped-arguments-overridden-length-expected.txt: Added.
  • js/regress/scoped-arguments-overridden-length.html: Added.
  • js/regress/scoped-arguments-possibly-overridden-length-expected.txt: Added.
  • js/regress/scoped-arguments-possibly-overridden-length.html: Added.
  • js/regress/script-tests/direct-arguments-length.js: Added.

(args):

  • js/regress/script-tests/direct-arguments-overridden-length.js: Added.

(args):

  • js/regress/script-tests/direct-arguments-possibly-overridden-length.js: Added.

(args1):
(args2):

  • js/regress/script-tests/scoped-arguments-length.js: Added.

(args):

  • js/regress/script-tests/scoped-arguments-overridden-length.js: Added.

(args):

  • js/regress/script-tests/scoped-arguments-possibly-overridden-length.js: Added.

(args1):
(args2):

11:55 AM Changeset in webkit [199239] by bshafiei@apple.com
  • 5 edits in branches/safari-601-branch/Source

Versioning.

11:32 AM Changeset in webkit [199238] by Beth Dakin
  • 2 edits in trunk/Source/WebCore

Fix leaks in WebAVMediaSelectionOptionMac and WebPlaybackControlsManager
https://bugs.webkit.org/show_bug.cgi?id=156379

Reviewed by Tim Horton.

These classes should use RetainPtrs.

  • platform/mac/WebVideoFullscreenInterfaceMac.mm:

(-[WebAVMediaSelectionOptionMac localizedDisplayName]):
(-[WebAVMediaSelectionOptionMac setLocalizedDisplayName:]):
(-[WebPlaybackControlsManager timing]):
(-[WebPlaybackControlsManager setTiming:]):
(-[WebPlaybackControlsManager seekableTimeRanges]):
(-[WebPlaybackControlsManager setSeekableTimeRanges:]):
(-[WebPlaybackControlsManager audioMediaSelectionOptions]):
(-[WebPlaybackControlsManager setAudioMediaSelectionOptions:]):
(-[WebPlaybackControlsManager currentAudioMediaSelectionOption]):
(-[WebPlaybackControlsManager setCurrentAudioMediaSelectionOption:]):
(-[WebPlaybackControlsManager legibleMediaSelectionOptions]):
(-[WebPlaybackControlsManager setLegibleMediaSelectionOptions:]):
(-[WebPlaybackControlsManager currentLegibleMediaSelectionOption]):
(-[WebPlaybackControlsManager setCurrentLegibleMediaSelectionOption:]):

11:28 AM Changeset in webkit [199237] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

Touching any IDL files rebuilds all bindings in CMake Ninja build
https://bugs.webkit.org/show_bug.cgi?id=156400

Patch by Fujii Hironori <Hironori.Fujii@jp.sony.com> on 2016-04-08
Reviewed by Brent Fulgham.

  • bindings/scripts/preprocess-idls.pl:

(GenerateConstructorAttribute):
WriteFileIfChanged does not work due to flaky results of 'keys'.
Sort results of 'keys'.

11:18 AM Changeset in webkit [199236] by Joseph Pecoraro
  • 3 edits in trunk/LayoutTests

Redefining a method of the same name hits an assertion
https://bugs.webkit.org/show_bug.cgi?id=144258

Reviewed by Ryosuke Niwa.

This test no longer asserts.

11:07 AM Changeset in webkit [199235] by commit-queue@webkit.org
  • 6 edits
    1 add in trunk/Source/JavaScriptCore

UInt32ToNumber should have an Int52 path
https://bugs.webkit.org/show_bug.cgi?id=125704

Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-04-08
Reviewed by Filip Pizlo.

When dealing with big numbers, fall back to Int52 instead
of double when possible.

  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

  • dfg/DFGPredictionPropagationPhase.cpp:

(JSC::DFG::PredictionPropagationPhase::propagate):

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileUInt32ToNumber):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileUInt32ToNumber):

10:50 AM Changeset in webkit [199234] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebKit

[cmake] Use ICU include dirs in WebKit.
https://bugs.webkit.org/show_bug.cgi?id=156402

Patch by Konstantin Tokarev <Konstantin Tokarev> on 2016-04-08
Reviewed by Brent Fulgham.

  • CMakeLists.txt:
10:22 AM Changeset in webkit [199233] by Simon Fraser
  • 19 edits in trunk/Source

[iOS WK2] Stop using exposedContentRect for history scroll state restoration
https://bugs.webkit.org/show_bug.cgi?id=156392

Reviewed by Tim Horton.

A future commit will alter the meaning of exposedContentRect on iOS to take into
account clipped out parts of the WKWebView. To achieve this, wean history restoration
off of using exposedContentRect for scroll state restoration. It did this to restore
the page to the same position relative to the view's top-left (to avoid jiggles caused
by changing obscured insets).

Do this by pushing the left/top obscured insets down with visible content rects updates,
storing them on ScrollView, and adding them to HistoryItem. Those insets are then used
for scroll state restoration in WKWebView.

Source/WebCore:

  • history/HistoryItem.cpp:

(WebCore::HistoryItem::HistoryItem):

  • history/HistoryItem.h:

(WebCore::HistoryItem::obscuredInset):
(WebCore::HistoryItem::setObscuredInset):

  • loader/HistoryController.cpp:

(WebCore::HistoryController::saveScrollPositionAndViewStateToItem):

  • platform/ScrollView.h:

(WebCore::ScrollView::platformObscuredInset):
(WebCore::ScrollView::platformSetObscuredInset):

Source/WebKit2:

  • Shared/VisibleContentRectUpdateInfo.cpp: Add FloatSize for obscuredInset.

(WebKit::VisibleContentRectUpdateInfo::encode):
(WebKit::VisibleContentRectUpdateInfo::decode):

  • Shared/VisibleContentRectUpdateInfo.h:

(WebKit::VisibleContentRectUpdateInfo::VisibleContentRectUpdateInfo):
(WebKit::VisibleContentRectUpdateInfo::obscuredInset):
(WebKit::operator==):

  • UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _processDidExit]): Rename _needsToRestoreExposedRect to _needsToRestoreScrollPosition
(-[WKWebView _didCommitLayerTree:]): Restore the scroll position using the scaled scrollOffset minus
the old obscuredInset.
(-[WKWebView _layerTreeCommitComplete]):
(-[WKWebView _restorePageScrollPosition:scrollOrigin:previousObscuredInset:scale:]):
(-[WKWebView _restorePageStateToUnobscuredCenter:scale:]):
(-[WKWebView _scrollToContentScrollPosition:scrollOrigin:]):
(-[WKWebView _updateVisibleContentRects]):
(-[WKWebView _restorePageStateToExposedRect:scrollOrigin:scale:]): Deleted.

  • UIProcess/API/Cocoa/WKWebViewInternal.h:
  • UIProcess/PageClient.h:
  • UIProcess/WebPageProxy.h:
  • UIProcess/WebPageProxy.messages.in:
  • UIProcess/ios/PageClientImplIOS.h:
  • UIProcess/ios/PageClientImplIOS.mm:

(WebKit::PageClientImpl::restorePageState):

  • UIProcess/ios/WKContentView.h:
  • UIProcess/ios/WKContentView.mm:

(-[WKContentView didUpdateVisibleRect:unobscuredRect:unobscuredRectInScrollViewCoordinates:obscuredInset:scale:minimumScale:inStableState:isChangingObscuredInsetsInteractively:]):
(-[WKContentView didUpdateVisibleRect:unobscuredRect:unobscuredRectInScrollViewCoordinates:scale:minimumScale:inStableState:isChangingObscuredInsetsInteractively:]): Deleted.

  • UIProcess/ios/WebPageProxyIOS.mm:

(WebKit::WebPageProxy::updateVisibleContentRects):
(WebKit::WebPageProxy::restorePageState):

  • WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::WebPage::restorePageState):
(WebKit::WebPage::updateVisibleContentRects):

10:21 AM Changeset in webkit [199232] by beidson@apple.com
  • 2 edits in trunk/Source/WebCore

Build fix followup to http://trac.webkit.org/changeset/199230

Unreviewed.

  • platform/posix/FileSystemPOSIX.cpp:

(WebCore::hardLinkOrCopyFile): Stricter POSIX systems require a umask for O_CREAT opens,

so let's provide one.

9:59 AM Changeset in webkit [199231] by Darin Adler
  • 16 edits in trunk/Source/WebCore

Remove 14 more unnecessary uses of UsePointersEvenForNonNullableObjectArguments
https://bugs.webkit.org/show_bug.cgi?id=156405

Reviewed by Chris Dumez.

  • Modules/encryptedmedia/MediaKeySession.idl:
  • Modules/encryptedmedia/MediaKeys.idl:
  • dom/Element.idl:
  • dom/NamedNodeMap.idl:
  • html/HTMLElement.idl:
  • html/canvas/OESVertexArrayObject.idl:
  • html/canvas/WebGLRenderingContext.idl:
  • page/DOMSelection.idl:
  • storage/StorageEvent.idl:
  • svg/SVGSVGElement.idl:
  • xml/XMLSerializer.idl:
  • xml/XPathEvaluator.idl:
  • xml/XPathExpression.idl:
  • xml/XSLTProcessor.idl:

Removed UsePointersEvenForNonNullableObjectArguments, which was having no effect
in any of these classes. Also tweaked formatting of some of the IDL, merging things
onto single lines, changing paragraphing and indenting a bit, and fixing some typos.

9:57 AM Changeset in webkit [199230] by beidson@apple.com
  • 27 edits in trunk/Source

Modern IDB (Blob support): Write blobs to temporary files and move them to the correct location when storing them.
https://bugs.webkit.org/show_bug.cgi?id=156321

Reviewed by Alex Christensen, Andy Estes, and Darin Adler.

Source/WebCore:

No new tests (No testable change in behavior yet, current tests pass).

When asked to store a Blob (including Files) in IndexedDB, the Blob is written out to a temporary file.

Then when the putOrAdd request is received by IDBServer it includes a list of blobURLs and their mappings
to temporary files.

Finally, as part of storing the Blob value in the database, those temporary files are moved in to place
under the IndexedDB directory for storage and later retrieval.

  • Modules/indexeddb/IDBValue.cpp:

(WebCore::IDBValue::IDBValue):

  • Modules/indexeddb/server/IDBBackingStore.h:

(WebCore::IDBServer::IDBBackingStoreTemporaryFileHandler::~IDBBackingStoreTemporaryFileHandler):

  • Modules/indexeddb/server/IDBServer.cpp:

(WebCore::IDBServer::IDBServer::create):
(WebCore::IDBServer::IDBServer::IDBServer):
(WebCore::IDBServer::IDBServer::createBackingStore):

  • Modules/indexeddb/server/IDBServer.h:
  • Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:

(WebCore::IDBServer::blobRecordsTableSchema):
(WebCore::IDBServer::blobRecordsTableSchemaAlternate):
(WebCore::IDBServer::blobFilesTableSchema):
(WebCore::IDBServer::blobFilesTableSchemaAlternate):
(WebCore::IDBServer::SQLiteIDBBackingStore::SQLiteIDBBackingStore):
(WebCore::IDBServer::SQLiteIDBBackingStore::ensureValidBlobTables):
(WebCore::IDBServer::SQLiteIDBBackingStore::getOrEstablishDatabaseInfo):
(WebCore::IDBServer::SQLiteIDBBackingStore::addRecord):

  • Modules/indexeddb/server/SQLiteIDBBackingStore.h:

(WebCore::IDBServer::SQLiteIDBBackingStore::temporaryFileHandler):

  • Modules/indexeddb/server/SQLiteIDBTransaction.cpp:

(WebCore::IDBServer::SQLiteIDBTransaction::commit):
(WebCore::IDBServer::SQLiteIDBTransaction::moveBlobFilesIfNecessary):
(WebCore::IDBServer::SQLiteIDBTransaction::abort):
(WebCore::IDBServer::SQLiteIDBTransaction::reset):
(WebCore::IDBServer::SQLiteIDBTransaction::addBlobFile):

  • Modules/indexeddb/server/SQLiteIDBTransaction.h:
  • Modules/indexeddb/shared/InProcessIDBServer.cpp:

(WebCore::InProcessIDBServer::InProcessIDBServer):
(WebCore::InProcessIDBServer::accessToTemporaryFileComplete):

  • Modules/indexeddb/shared/InProcessIDBServer.h:
  • bindings/js/SerializedScriptValue.cpp:

(WebCore::SerializedScriptValue::blobURLsIsolatedCopy):

  • bindings/js/SerializedScriptValue.h:
  • platform/FileSystem.h:
  • platform/gtk/FileSystemGtk.cpp:

(WebCore::hardLinkOrCopyFile):

  • platform/posix/FileSystemPOSIX.cpp:

(WebCore::hardLinkOrCopyFile):

Source/WebKit2:

The NetworkProcess writes a blob to a temporary file, then tells the UIProcess to grant the DatabaseProcess
a Sandbox Extension to that path.

It then tells the WebProcess the paths for the temporary files, which then tells the DatabaseProcess to store
the contents of those files as blob references in the database.

Since the UIProcess had already granted it a Sandbox Extension, it is able to do so.

  • DatabaseProcess/DatabaseProcess.cpp:

(WebKit::DatabaseProcess::idbServer):
(WebKit::DatabaseProcess::grantSandboxExtensionsForBlobs):
(WebKit::DatabaseProcess::prepareForAccessToTemporaryFile):
(WebKit::DatabaseProcess::accessToTemporaryFileComplete):

  • DatabaseProcess/DatabaseProcess.h:
  • DatabaseProcess/DatabaseProcess.messages.in:
  • NetworkProcess/NetworkConnectionToWebProcess.cpp:

(WebKit::NetworkConnectionToWebProcess::writeBlobsToTemporaryFiles):

  • NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::grantSandboxExtensionsToDatabaseProcessForBlobs):
(WebKit::NetworkProcess::didGrantSandboxExtensionsToDatabaseProcessForBlobs):

  • NetworkProcess/NetworkProcess.h:
  • NetworkProcess/NetworkProcess.messages.in:
  • UIProcess/Network/NetworkProcessProxy.cpp:

(WebKit::NetworkProcessProxy::grantSandboxExtensionsToDatabaseProcessForBlobs):

  • UIProcess/Network/NetworkProcessProxy.h:
  • UIProcess/Network/NetworkProcessProxy.messages.in:
9:40 AM WebKitGTK/2.12.x edited by jdiggs@igalia.com
Replace bug link with changeset link now that patch has landed (diff)
9:39 AM WebKitGTK/2.10.x edited by jdiggs@igalia.com
Replace bug link with changeset link now that patch has landed (diff)
9:36 AM Changeset in webkit [199229] by jdiggs@igalia.com
  • 4 edits
    3 adds in trunk

AX: [ATK] Crash getting text under element in CSS table
https://bugs.webkit.org/show_bug.cgi?id=156328

Reviewed by Chris Fleizach.

Source/WebCore:

AccessibilityRenderObject::textUnderElement() assumes (and asserts) that
the first and last child of an anonymous block will each have nodes with
which to define positions. This is not the case for CSS Tables and their
anonymous descendants. AccessibilityNodeObject:textUnderElement() is our
fallback for the instances where a text range cannot be created based on
positions, so let it handle anonymous RenderTable parts.

Test: accessibility/generated-content-with-display-table-crash.html

  • accessibility/AccessibilityRenderObject.cpp:

(WebCore::AccessibilityRenderObject::textUnderElement):
(WebCore::AccessibilityRenderObject::shouldGetTextFromNode):

  • accessibility/AccessibilityRenderObject.h:

LayoutTests:

While this crash is currently seen only for ATK, there is nothing to
prevent another port from attempting to get all the text under a CSS
RenderTable. Hence the shared test.

  • accessibility/generated-content-with-display-table-crash.html: Added.
  • platform/gtk/accessibility/generated-content-with-display-table-crash-expected.txt: Added.
  • platform/mac/accessibility/generated-content-with-display-table-crash-expected.txt: Added.
9:11 AM Changeset in webkit [199228] by youenn.fablet@crf.canon.fr
  • 2 edits in trunk/LayoutTests

Unreviewed.
Rebasing LayoutTests/imported/w3c/web-platform-tests/dom/nodes/MutationObserver-childList.html expectation after https://trac.webkit.org/changeset/199225.
Removing its Timeout expectation.

9:05 AM Changeset in webkit [199227] by Matt Baker
  • 3 edits in trunk/Source/WebInspectorUI

Web Inspector: Attempting to dismiss a popover that is already being dismissed causes an error
https://bugs.webkit.org/show_bug.cgi?id=156385
<rdar://problem/25617962>

Reviewed by Timothy Hatcher.

The Popover element is removed from the DOM once it's fade-out transition
completes. Since Popover.dismiss proceeds as long as it's element has a
parent, successive calls to dismiss can run before the popover is removed.

Rather than rely on the presence of the popover in the DOM, set a "dismissing"
flag the first time dismiss is called, before the fade-out animation begins.

  • UserInterface/Controllers/BreakpointPopoverController.js:

(WebInspector.BreakpointPopoverController.prototype._conditionCodeMirrorEscapeOrEnterKey):
Check for null popover.

  • UserInterface/Views/Popover.js:

(WebInspector.Popover):
(WebInspector.Popover.prototype.dismiss):
Do nothing if already dismissing.

(WebInspector.Popover.prototype.handleEvent):
Reset dismissing flag after style transition completes.

9:04 AM Changeset in webkit [199226] by Matt Baker
  • 5 edits in trunk

Web Inspector: Quick Open fails to match pattern "bB" in file "abBc"
https://bugs.webkit.org/show_bug.cgi?id=156398

Reviewed by Timothy Hatcher.

Source/WebInspectorUI:

Correct an off-by-one error in the backtrack routine that set the dead
branch index to the character just before the match that was popped.
The dead branch index should equal the index of the popped match.

  • UserInterface/Controllers/ResourceQueryController.js:

(WebInspector.ResourceQueryController.prototype._findQueryMatches.backtrack):
(WebInspector.ResourceQueryController.prototype._findQueryMatches):

LayoutTests:

  • inspector/unit-tests/resource-query-controller-expected.txt:
  • inspector/unit-tests/resource-query-controller.html:

Test that two repeated characters in the search string are correctly
matched when the first character is lowercase and the second is uppercase.

7:45 AM Changeset in webkit [199225] by youenn.fablet@crf.canon.fr
  • 13 edits
    2 adds in trunk

LayoutTests/imported/w3c:
Testharness-based tests that time out should be able to produce detailed output
https://bugs.webkit.org/show_bug.cgi?id=145313

Reviewed by Xabier Rodriguez-Calvar.

Rebasing tests that produce output after testharness timeout() is called.

  • web-platform-tests/fetch/api/request/request-cache-expected.txt:
  • web-platform-tests/html/semantics/document-metadata/the-link-element/link-style-error-01-expected.txt:
  • web-platform-tests/html/semantics/document-metadata/the-style-element/style-error-01-expected.txt:
  • web-platform-tests/html/semantics/embedded-content/the-img-element/environment-changes/viewport-change-expected.txt:

Tools:
Testharness-based tests that time out should be able to produce a detailed output
https://bugs.webkit.org/show_bug.cgi?id=145313

Reviewed by Xabier Rodriguez-Calvar.

Adding timeout readonly accessor to TestRunner for both WK1 and WK2.

  • DumpRenderTree/TestRunner.cpp:

(getTimeoutCallback): The js "timeout" property getter.
(TestRunner::staticValues): Adding "timeout" property to DumpRenderTree so that testRunner.timeout called from JS returns the timeout value.

  • DumpRenderTree/TestRunner.h:

(TestRunner::timeout): Adding access to DRT m_timeout private value.

  • WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl: Adding timeout readonly attribute so that testRunner.timeout can be called from JS.
  • WebKitTestRunner/InjectedBundle/TestRunner.h: Adding DOM timeout getter to implement timeout IDL definition.

(WTR::TestRunner::timeout):

LayoutTests:
Testharness-based tests that time out should be able to produce a detailled output
https://bugs.webkit.org/show_bug.cgi?id=145313

Reviewed by Xabier Rodriguez-Calvar.

  • TestExpectations: Removed TIMEOUT for some tests for which testharness.timeout will be called just before WTR times out.
  • platform/gtk/imported/w3c/web-platform-tests/fetch/api/request/request-cache-expected.txt: GTK specific baseline.
  • resources/testharnessreport.js:

(add_completion_callback): Improving error logging message. Dumping of the tests status in error case.

2:04 AM Changeset in webkit [199224] by Darin Adler
  • 9 edits in trunk/Source/WebCore

Remove unneeded UsePointersEvenForNonNullableObjectArguments from event classes
https://bugs.webkit.org/show_bug.cgi?id=156396

Reviewed by Youenn Fablet.

  • dom/CompositionEvent.idl:
  • dom/KeyboardEvent.idl:
  • dom/MouseEvent.idl:
  • dom/MutationEvent.idl:
  • dom/TextEvent.idl:
  • dom/TouchEvent.idl:
  • dom/UIEvent.idl:
  • dom/WheelEvent.idl:

Removed UsePointersEvenForNonNullableObjectArguments, which was having no effect.

1:52 AM Changeset in webkit [199223] by Manuel Rego Casasnovas
  • 3 edits
    4 adds in trunk

[css-grid] Fix positioned items with grid gaps
https://bugs.webkit.org/show_bug.cgi?id=156288

Reviewed by Darin Adler.

Source/WebCore:

When we place a positioned items in a grid with gaps,
we were not taking into accounts the gutter size.
We've to use that size to properly place and size the item.

Tests: fast/css-grid-layout/grid-positioned-items-gaps-rtl.html

fast/css-grid-layout/grid-positioned-items-gaps.html

  • rendering/RenderGrid.cpp:

(WebCore::RenderGrid::offsetAndBreadthForPositionedChild):

LayoutTests:

Added new tests checking the right behavior.

  • fast/css-grid-layout/grid-positioned-items-gaps-expected.txt: Added.
  • fast/css-grid-layout/grid-positioned-items-gaps-rtl-expected.txt: Added.
  • fast/css-grid-layout/grid-positioned-items-gaps-rtl.html: Added.
  • fast/css-grid-layout/grid-positioned-items-gaps.html: Added.
1:01 AM Changeset in webkit [199222] by jfernandez@igalia.com
  • 2 edits in trunk/Source/WebCore

[css-grid] Remove unnecessary iteration in populateGridPositions loop
https://bugs.webkit.org/show_bug.cgi?id=156376

Reviewed by Darin Adler.

The populateGridPositions loop limit was set to 'lastLine'. However, the
the position of last track's start line is updated after the loop, since
it does not follow the same pattern; it does not have a content
distribution offset.

So, since we are essentially overwriting the value stored in the last
iteration, we can just lower the loop limit.

No new tests added, because there is no change in the functionality.

  • rendering/RenderGrid.cpp:

(WebCore::RenderGrid::populateGridPositions):

12:17 AM Changeset in webkit [199221] by commit-queue@webkit.org
  • 11 edits in trunk

CSP: Block XHR when calling XMLHttpRequest.send() and throw network error.
https://bugs.webkit.org/show_bug.cgi?id=153598
<rdar://problem/24391483>

Patch by John Wilander <wilander@apple.com> on 2016-04-08
Reviewed by Darin Adler.

Source/WebCore:

No new tests. Changes to existing tests are sufficient.

  • xml/XMLHttpRequest.cpp:

(WebCore::XMLHttpRequest::open):
(WebCore::XMLHttpRequest::initSend):

Moved the CSP check from XMLHttpRequest::open() to XMLHttpRequest::initSend().
Changed the thrown error type from Security to Network for synchronous requests.
Changed from throwing an error to firing an error event for asynchronous requests.
These changes are in conformance with connect-src of Content Security Policy Level 2.
https://www.w3.org/TR/CSP2/#directive-connect-src (W3C Candidate Recommendation, 21 July 2015)

LayoutTests:

  • fast/workers/resources/worker-inherits-csp-blocks-xhr.js:

(catch):

  • fast/workers/worker-inherits-csp-blocks-xhr-expected.txt:

Changed expected error from DOMException.SECURITY_ERR to DOMException.NETWORK_ERR.

  • http/tests/security/contentSecurityPolicy/connect-src-xmlhttprequest-blocked-expected.txt:
  • http/tests/security/contentSecurityPolicy/connect-src-xmlhttprequest-blocked.html:

Now tests that XMLHttpRequest.send() is blocked if the URL voilates the connect-src directive in CSP.

  • http/tests/security/contentSecurityPolicy/resources/worker.php:

Added two additional calls to XMLHttpRequest.send() and switched to receiving an error event to make
existing tests work with code changes.

  • http/tests/security/contentSecurityPolicy/source-list-parsing-malformed-meta.html:

Added an additional call to XMLHttpRequest.send() and switched to receiving an error event to make
existing test work with code changes.

  • http/tests/security/isolatedWorld/bypass-main-world-csp-for-xhr-expected.txt:
  • http/tests/security/isolatedWorld/bypass-main-world-csp-for-xhr.html:

Added an additional call to XMLHttpRequest.send() and switched to receiving an error event to make
existing tests work with code changes.
Refactored test mechnism with additional parameters to cover synchronous/asynchronous as well as
same-origin/cross-origin in isolated worlds.

12:15 AM Changeset in webkit [199220] by rniwa@webkit.org
  • 5 edits
    2 adds in trunk/Websites/perf.webkit.org

Fix various bugs in the new syncing script
https://bugs.webkit.org/show_bug.cgi?id=156393

Reviewed by Darin Adler.

  • server-tests/resources/common-operations.js: Added. This file was supposed to be added in r199191.

(addBuilderForReport):
(addSlaveForReport):
(connectToDatabaseInEveryTest):
(submitReport):

  • tools/js/buildbot-triggerable.js:

(BuildbotTriggerable.prototype._pullBuildbotOnAllSyncers): Don't log every time we pull from buildbot
builder as this dramatically increases the amount of log we generate.

  • tools/js/parse-arguments.js:

(parseArguments): Fixed a typo. This should be parseArgument*s*, not parseArgument.

  • tools/js/remote.js:

(RemoteAPI.prototype.url): Fixed a bug that portSuffix wasn't being expanded in the template literal.
(RemoteAPI.prototype.configure): Added more validations with nice error messages.
(RemoteAPI.prototype.sendHttpRequest): Falling back to port 80 isn't right when scheme is https. Compute
the right port in configure instead based on the scheme.

  • tools/sync-buildbot.js:

(syncLoop): Fixed the bug that syncing multiple times fail because Manifest.fetch() create new Platform
and Test objects. This results in various references in BuildRequest objects to get outdated. Fixing this
properly in Manifest.fetch() because we do need to "forget" about some tests and platforms in some cases.
For now, delete all v3 model objects and start over in each syncing cycle.

  • unit-tests/tools-js-remote-tests.js: Added. Unit tests for the aforementioned changes to RemoteAPI.
12:13 AM Changeset in webkit [199219] by Brian Burg
  • 4 edits
    2 adds in trunk/Source/JavaScriptCore

Web Inspector: protocol generator should emit an error when 'type' is used instead of '$ref'
https://bugs.webkit.org/show_bug.cgi?id=156275
<rdar://problem/25569331>

Reviewed by Darin Adler.

  • inspector/protocol/Heap.json: Fix a mistake that's now caught by the protocol generator.
  • inspector/scripts/codegen/models.py:

(TypeReference.init): Check here if type_kind is on a whitelist of primitive types.
(TypeReference.referenced_name): Update comment.

Add a new test specifically for the case when the type would otherwise be resolved. Rebaseline.

  • inspector/scripts/tests/expected/fail-on-type-reference-as-primitive-type.json-error: Added.
  • inspector/scripts/tests/expected/fail-on-unknown-type-reference-in-type-declaration.json-error:
  • inspector/scripts/tests/fail-on-type-reference-as-primitive-type.json: Added.
12:08 AM Changeset in webkit [199218] by Yusuke Suzuki
  • 2 edits in trunk/Source/WTF

[JSC] Enable Concurrent JIT by default
https://bugs.webkit.org/show_bug.cgi?id=156341

Reviewed by Filip Pizlo.

We enable Concurrent JIT by default when DFG JIT and JSVALUE64 are enabled.
This change offers Concurrent JIT to the JSCOnly port.

  • wtf/Platform.h:

Apr 7, 2016:

10:04 PM Changeset in webkit [199217] by commit-queue@webkit.org
  • 2 edits in trunk/Tools

stylebot should know about TestWebKitAPI FeatureDefines.xcconfig
https://bugs.webkit.org/show_bug.cgi?id=156387

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-04-07
Rubber-stamped by Dan Bernstein.

  • Scripts/webkitpy/style/checkers/featuredefines.py:

(FeatureDefinesChecker.check):

9:26 PM Changeset in webkit [199216] by Darin Adler
  • 7 edits in trunk

FontFaceSet binding does not handle null correctly
https://bugs.webkit.org/show_bug.cgi?id=156141

Reviewed by Youenn Fablet.

Source/WebCore:

  • css/FontFaceSet.cpp:

(WebCore::FontFaceSet::FontFaceSet): Pass a reference to add rather than a pointer.
(WebCore::FontFaceSet::has): Take a reference rather than a pointer.
(WebCore::FontFaceSet::add): Ditto.
(WebCore::FontFaceSet::remove): Ditto.
(WebCore::FontFaceSet::load): Initialize ec since we check it. Caller is not required
to do this, nor is the matchingFaces function. Rearranged function to avoid needless
creation/destruction of PendingPromise for the immediate failure case. Removed some
unneeded type casts and local variables.
(WebCore::FontFaceSet::status): Use ASCIILiteral instead of ConstructFromLiteral.
No reason to use the more aggressive optimization.
(WebCore::FontFaceSet::faceFinished): Factored out a common hasReachedTerminalState
check to streamline the logic a bit.
(WebCore::FontFaceSet::load): Moved overload without a string in here; not critical
to inline it.
(WebCore::FontFaceSet::check): Ditto.

  • css/FontFaceSet.h: Removed many unneeded includes and forward declarations.

Changed functions to take FontFace& instead of RefPtr<FontFace>. Removed unneeded
WebCore namespace prefixes. Use final instead of override for virtual functions.

  • css/FontFaceSet.idl: Removed UsePointersEvenForNonNullableObjectArguments, which

was preserving incorrect behavior for null as demonstrated by the test cases.

LayoutTests:

  • fast/text/font-face-set-javascript-expected.txt: Added expected results for new tests.
  • fast/text/font-face-set-javascript.html: Added tests for handling of null, also added tests for

the has function.

9:21 PM Changeset in webkit [199215] by rniwa@webkit.org
  • 3 edits in trunk/Websites/perf.webkit.org

sync-buildbot.js doesn't mark disappeared builds as failed
https://bugs.webkit.org/show_bug.cgi?id=156386

Reviewed by Chris Dumez.

Fix a bug that new syncing script doesn't mark builds that it scheduled but doesn't appear when queried
by buildbot's JSON API. These are builds that got canceled by humans (e.g. buildbot was restarted, data
loss, pending build was canceled, etc...)

  • server-tests/tools-buildbot-triggerable-tests.js: Added a test case.
  • tools/js/buildbot-triggerable.js:

(BuildbotTriggerable.prototype._pullBuildbotOnAllSyncers): Added a set of build requests we've matched
against BuildbotBuildEntry's. Mark build requests that didn't have any entry but supposed to be in either
'scheduled' or 'running' status as failed.

9:17 PM Changeset in webkit [199214] by commit-queue@webkit.org
  • 17 edits in trunk

Remove ENABLE(ENABLE_ES6_CLASS_SYNTAX) guards
https://bugs.webkit.org/show_bug.cgi?id=156384

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-04-07
Reviewed by Ryosuke Niwa.

.:

  • Source/cmake/WebKitFeatures.cmake:

Source/JavaScriptCore:

  • Configurations/FeatureDefines.xcconfig:
  • features.json: Mark as Done.
  • parser/Parser.cpp:

(JSC::Parser<LexerType>::parseExportDeclaration):
(JSC::Parser<LexerType>::parseStatementListItem):
(JSC::Parser<LexerType>::parsePrimaryExpression):
(JSC::Parser<LexerType>::parseMemberExpression):

Source/WebCore:

  • Configurations/FeatureDefines.xcconfig:

Source/WebKit/mac:

  • Configurations/FeatureDefines.xcconfig:

Source/WebKit2:

  • Configurations/FeatureDefines.xcconfig:

Source/WTF:

  • wtf/FeatureDefines.h:

Tools:

  • Scripts/webkitperl/FeatureList.pm:
  • TestWebKitAPI/Configurations/FeatureDefines.xcconfig:
8:59 PM Changeset in webkit [199213] by dino@apple.com
  • 3 edits in trunk/Source/WebCore

[iOS] Media playback button should use appearance
https://bugs.webkit.org/show_bug.cgi?id=156388

Reviewed by Simon Fraser.

With the recent change in backdrop appearance, we can
now use the system style directly for the play button.

While I was here I also updated the artwork to the
latest style (slightly rounded corners on the triangle).

Covered by the test in ManualTests/ios/start-playback-button-appearance.html.

  • Modules/mediacontrols/mediaControlsiOS.css: Move the clip onto the backdrop

element. Use an appearance insted.

  • Modules/mediacontrols/mediaControlsiOS.js: Remove the tint element, and

set the highlight on the glyph instead.

8:59 PM Changeset in webkit [199212] by dino@apple.com
  • 3 edits
    2 adds in trunk

[iOS] Play button on video is too dark
https://bugs.webkit.org/show_bug.cgi?id=156383
<rdar://problem/23540816>

Reviewed by Simon Fraser.

.:

Add a manual test for iOS that shows the expected appearance
of a video element. Unfortunately, due to the way we take
snapshots on iOS within our test runner, we don't get the
platform blurring effect, which means an automated test
won't work.

  • ManualTests/ios/start-playback-button-appearance-expected.html: Added.
  • ManualTests/ios/start-playback-button-appearance.html: Added.

Source/WebKit2:

Elements that are backed by a layer with either LightBackdropAppearance
or DarkBackdropAppearance are actually a combination of a
few layers (inside a special view). If we apply a mask to one
of those layers, it needs to be attached to the correct
child layer.

  • Shared/mac/RemoteLayerTreePropertyApplier.mm:

(WebKit::RemoteLayerTreePropertyApplier::applyProperties): If we have
one of the special appearance flags, apply the mask layer to
a particular child, rather than the layer itself.

8:58 PM Changeset in webkit [199211] by dino@apple.com
  • 2 edits in trunk/Tools

Watchlist modifications:

  • remove roger_fong
  • add myself to a few areas
  • remove graouts from WebInspectorAPI
  • Scripts/webkitpy/common/config/watchlist:
8:19 PM Changeset in webkit [199210] by rniwa@webkit.org
  • 7 edits in trunk/Websites/perf.webkit.org

A/B testing bots should prioritize user created test groups
https://bugs.webkit.org/show_bug.cgi?id=156375

Reviewed by Chris Dumez.

Order build requests preferring user created ones over ones automatically created by detect-changes.js.

Also fixed a bug in BuildbotSyncer.scheduleFirstRequestInGroupIfAvailable that it was scheduling a new
build request on a builder/slave even when we had previously scheduled another build request.

  • public/include/build-requests-fetcher.php:

(BuildRequestsFetcher::fetch_incomplete_requests_for_triggerable): Order build requested based on
author_order which is 0 when it's created by an user and 1 when it's created by detect-changes.js.
Since we're using ascending order, this would put user created test groups first.

  • server-tests/api-build-requests-tests.js: Updated an existing test case and added a new test case

for testing that build requests for an user created test group shows up first.

  • server-tests/resources/mock-data.js:

(MockData.addAnotherMockTestGroup): Takes an extra argument to specify the author name.

  • server-tests/tools-buildbot-triggerable-tests.js: Added a test case for testing that build requests

for an user created test group shows up first.

  • tools/js/buildbot-syncer.js:

(BuildbotSyncer): Added _slavesWithNewRequests to keep track of build slaves on which we have already
scheduled new build requests. Don't schedule more requests on these slaves.
(BuildbotSyncer.prototype.scheduleRequest):
(BuildbotSyncer.prototype.scheduleFirstRequestInGroupIfAvailable): Add the specified slave name (or null
when slaveList is not specified) to _slavesWithNewRequests.
(BuildbotSyncer.prototype.pullBuildbot): Clear the set after pulling buildbot since any build request
we have previously scheduled should be included in one of the entires now.

  • unit-tests/buildbot-syncer-tests.js: Added test cases for the aforementioned bug.

(sampleiOSConfig): Added a second slave for new test cases.

7:11 PM Changeset in webkit [199209] by fpizlo@apple.com
  • 8 edits
    3 adds in trunk

Implementing caching transition puts that need to reallocate with indexing storage
https://bugs.webkit.org/show_bug.cgi?id=130914

Reviewed by Saam Barati.

Source/JavaScriptCore:

This enables the IC's put_by_id path to handle reallocating the out-of-line storage even if
the butterfly has indexing storage. Like the DFG, we do this by calling operations that
reallocate the butterfly. Those use JSObject API and do all of the nasty work for us, like
triggering a barrier.

This does a bunch of refactoring to how PolymorphicAccess makes calls. It's a lot easier to
do it now because the hard work is hidden under AccessGenerationState methods. This means
that custom accessors now share logic with put_by_id transitions.

  • bytecode/PolymorphicAccess.cpp:

(JSC::AccessGenerationState::succeed):
(JSC::AccessGenerationState::calculateLiveRegistersForCallAndExceptionHandling):
(JSC::AccessGenerationState::preserveLiveRegistersToStackForCall):
(JSC::AccessGenerationState::originalCallSiteIndex):
(JSC::AccessGenerationState::emitExplicitExceptionHandler):
(JSC::AccessCase::AccessCase):
(JSC::AccessCase::transition):
(JSC::AccessCase::generate):
(JSC::PolymorphicAccess::regenerate):

  • bytecode/PolymorphicAccess.h:

(JSC::AccessGenerationState::needsToRestoreRegistersIfException):
(JSC::AccessGenerationState::liveRegistersToPreserveAtExceptionHandlingCallSite):

  • dfg/DFGOperations.cpp:
  • dfg/DFGOperations.h:
  • jit/JITOperations.cpp:
  • jit/JITOperations.h:

LayoutTests:

  • js/regress/put-by-id-transition-with-indexing-header-expected.txt: Added.
  • js/regress/put-by-id-transition-with-indexing-header.html: Added.
  • js/regress/script-tests/put-by-id-transition-with-indexing-header.js: Added.

(allocate):

6:27 PM Changeset in webkit [199208] by commit-queue@webkit.org
  • 2 edits in trunk/Source/JavaScriptCore

Remote Inspector: When disallowing remote inspection on a debuggable, a listing is still sent to debuggers
https://bugs.webkit.org/show_bug.cgi?id=156380
<rdar://problem/25323727>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-04-07
Reviewed by Timothy Hatcher.

  • inspector/remote/RemoteInspector.mm:

(Inspector::RemoteInspector::updateTarget):
(Inspector::RemoteInspector::updateAutomaticInspectionCandidate):
When a target has been updated and it no longer generates a listing,
we should remove the old listing as that is now stale and should
not be sent. Not generating a listing means this target is no
longer allowed to be debugged.

6:24 PM Changeset in webkit [199207] by Matt Baker
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: OpenResourceDialog should keep its resources list up-to-date
https://bugs.webkit.org/show_bug.cgi?id=155321
<rdar://problem/25093890>

Reviewed by Timothy Hatcher.

The Quick Open dialog should listen for resource change events, refreshing
the resource list and current query results as needed.

  • UserInterface/Views/OpenResourceDialog.js:

(WebInspector.OpenResourceDialog):
(WebInspector.OpenResourceDialog.prototype.didDismissDialog):
Unregister resource event handlers.

(WebInspector.OpenResourceDialog.prototype.didPresentDialog):
Register resource event handlers and add main frame resources.

(WebInspector.OpenResourceDialog.prototype._addResource):
Add resource to the query controller, if valid. Optionally suppress
the potentially expensive filter update, which is useful when adding
multiple resources at once.

(WebInspector.OpenResourceDialog.prototype._addResourcesForFrame):
Add the entire frame resource tree and update dialog filter.

(WebInspector.OpenResourceDialog.prototype._mainResourceDidChange):
(WebInspector.OpenResourceDialog.prototype._resourceWasAdded):

6:22 PM Changeset in webkit [199206] by adachan@apple.com
  • 6 edits in trunk

Roll out the css change in mediaControlsApple.css that has been causing assertions in layout for multiple tests
https://bugs.webkit.org/show_bug.cgi?id=156381

Rubber-stamped by Alexey Proskuryakov.

Source/WebCore:

  • Modules/mediacontrols/mediaControlsApple.css:

(::-webkit-media-controls):
Remove overflow: hidden.

LayoutTests:

  • platform/mac/TestExpectations:
  • platform/mac/media/media-document-audio-repaint-expected.txt:
  • platform/mac/media/video-zoom-controls-expected.txt:
5:40 PM Changeset in webkit [199205] by commit-queue@webkit.org
  • 3 edits in trunk/Source/JavaScriptCore

Web Inspector: Not necessary to validate webinspectord connection on iOS
https://bugs.webkit.org/show_bug.cgi?id=156377
<rdar://problem/25612460>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-04-07
Reviewed by Simon Fraser.

  • inspector/remote/RemoteInspectorXPCConnection.h:
  • inspector/remote/RemoteInspectorXPCConnection.mm:

(Inspector::RemoteInspectorXPCConnection::handleEvent):

5:19 PM Changeset in webkit [199204] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebKit2

Clearing the application cache doesn't work.
https://bugs.webkit.org/show_bug.cgi?id=156354
rdar://problem/22369239

Patch by Jeremy Jones <jeremyj@apple.com> on 2016-04-07
Reviewed by Brady Eidson.

Use the correct "ApplicationCache" directory.
Delete the caches, not just the entries.

  • UIProcess/WebsiteData/WebsiteDataStore.cpp:

(WebKit::WebsiteDataStore::fetchData):
(WebKit::WebsiteDataStore::removeData):

5:10 PM Changeset in webkit [199203] by keith_miller@apple.com
  • 3 edits in trunk/Source/JavaScriptCore

Rename ArrayMode::supportsLength to supportsSelfLength
https://bugs.webkit.org/show_bug.cgi?id=156374

Reviewed by Filip Pizlo.

The name supportsLength is confusing because TypedArray have a
length function however it is on the prototype and not on the
instance. supportsSelfLength makes more sense since we use the
function during fixup to tell if we can intrinsic the length
property lookup on self accesses.

  • dfg/DFGArrayMode.h:

(JSC::DFG::ArrayMode::supportsSelfLength):
(JSC::DFG::ArrayMode::supportsLength): Deleted.

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::attemptToMakeGetArrayLength):

4:38 PM Changeset in webkit [199202] by jiewen_tan@apple.com
  • 5 edits
    2 deletes in trunk

Unreviewed, rolling out r199199.

Revision breaks layout tests

Reverted changeset:

"fast/loader/opaque-base-url.html crashing during mac and ios
debug tests"
https://bugs.webkit.org/show_bug.cgi?id=156179
http://trac.webkit.org/changeset/199199

4:28 PM Changeset in webkit [199201] by commit-queue@webkit.org
  • 4 edits in trunk/Source

Web Inspector: ProfileView source links are off by 1 line, worse in pretty printed code
https://bugs.webkit.org/show_bug.cgi?id=156371

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-04-07
Reviewed by Timothy Hatcher.

Source/JavaScriptCore:

  • inspector/protocol/ScriptProfiler.json:

Clarify that these locations are 1-based.

Source/WebInspectorUI:

  • UserInterface/Views/ProfileDataGridNode.js:

(WebInspector.ProfileDataGridNode.prototype._displayContent):
Switch the 1-based locations in the CCT data structure to 0-based for SourceCodeLocation.

4:14 PM Changeset in webkit [199200] by Simon Fraser
  • 17 edits
    4 adds in trunk

Make it possible to test effect of view exposed rect on tiled backing
https://bugs.webkit.org/show_bug.cgi?id=156365

Reviewed by Tim Horton.

Source/WebCore:

Implement Internals::setViewExposedRect().

When the viewExposedRect is non-null, assume that we're scrollable on both axes
to avoid creation of huge tiles in this scenario.

We also need to call adjustTiledBackingScrollability() when setViewExposedRect()
has been called.

Tests: tiled-drawing/tile-coverage-view-exposed-rect.html

tiled-drawing/tile-size-view-exposed-rect.html

  • page/FrameView.cpp:

(WebCore::FrameView::adjustTiledBackingScrollability):
(WebCore::FrameView::setViewExposedRect):

  • testing/Internals.cpp:

(WebCore::Internals::setViewExposedRect):

  • testing/Internals.h:
  • testing/Internals.idl:

Tools:

Expose testRunner.setViewSize() and internals.setViewExposedRect() to enable
testing of tile coverage when setViewExposedRect() is passed a non-null rectangle.

testRunner.setViewSize() is used instead of using window.resizeTo(), since we
can't easily resize a window to larger than the screen being tested on.

  • DumpRenderTree/TestRunner.cpp:

(setViewSizeCallback):
(TestRunner::staticFunctions):

  • DumpRenderTree/TestRunner.h:
  • DumpRenderTree/mac/TestRunnerMac.mm:

(TestRunner::setViewSize):

  • WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl:
  • WebKitTestRunner/InjectedBundle/InjectedBundle.cpp:

(WTR::InjectedBundle::postSetViewSize):

  • WebKitTestRunner/InjectedBundle/InjectedBundle.h:
  • WebKitTestRunner/InjectedBundle/TestRunner.cpp:

(WTR::TestRunner::setViewSize):

  • WebKitTestRunner/InjectedBundle/TestRunner.h:
  • WebKitTestRunner/TestInvocation.cpp:

(WTR::TestInvocation::didReceiveSynchronousMessageFromInjectedBundle):

LayoutTests:

Tests for tile size and tile coverage when we have an exposed view rect.

  • tiled-drawing/tile-coverage-view-exposed-rect-expected.txt: Added.
  • tiled-drawing/tile-coverage-view-exposed-rect.html: Added.
  • tiled-drawing/tile-size-view-exposed-rect-expected.txt: Added.
  • tiled-drawing/tile-size-view-exposed-rect.html: Added.
3:44 PM Changeset in webkit [199199] by jiewen_tan@apple.com
  • 5 edits
    2 adds in trunk

fast/loader/opaque-base-url.html crashing during mac and ios debug tests
https://bugs.webkit.org/show_bug.cgi?id=156179
<rdar://problem/25507719>

Reviewed by Andy Estes.

Source/WebCore:

A relative URL other than "#" with a non-hierarchical base is invalid, but prior to this
change the URL's string would still contain the invalid relative URL. To avoid mistakes
where we might later treat this URL string as a parsed URL string, set the string to
"about:blank" instead.

Test: fast/url/data-uri-based-urls.html

  • platform/URL.cpp:

(WebCore::URL::init):

LayoutTests:

  • TestExpectations:
  • fast/url/data-uri-based-urls-expected.txt: Added.
  • fast/url/data-uri-based-urls.html: Added.
  • fast/url/relative-expected.txt:
3:35 PM Changeset in webkit [199198] by adachan@apple.com
  • 2 edits in trunk/LayoutTests

Skip a couple more tests that are asserting in FrameView::scheduleRelayoutOfSubtree().

Unreviewed test gardening.

  • platform/mac/TestExpectations:
3:34 PM Changeset in webkit [199197] by Brian Burg
  • 10 edits in trunk/Source

Web Automation: implement Automation.addSingleCookie
https://bugs.webkit.org/show_bug.cgi?id=156319
<rdar://problem/25589605>

Reviewed by Timothy Hatcher.

Source/WebCore:

  • platform/Cookie.h: Document the units used by the 'expires' field.

Source/WebKit2:

Implement this command by converting the protocol cookie to
WebCore::Cookie, then sending the cookie to NetworkProcess to
be added to the storage session using CookieJar::addCookie.

  • UIProcess/Automation/Automation.json:

Clarify the units used in the 'expires' field and how the default value
for the domain field should be computed.

  • UIProcess/Automation/WebAutomationSession.cpp:

(WebKit::WebAutomationSession::addSingleCookie):
Parse the cookie and send it out via WebCookieManagerProxy.

  • UIProcess/WebCookieManagerProxy.cpp:

(WebKit::WebCookieManagerProxy::addCookie): Added.

  • UIProcess/WebCookieManagerProxy.h:
  • WebProcess/Cookies/WebCookieManager.cpp:

(WebKit::WebCookieManager::addCookie):

  • WebProcess/Cookies/WebCookieManager.h:
  • WebProcess/Cookies/WebCookieManager.messages.in:

Forward the message to WebCore::addCookie.

3:31 PM Changeset in webkit [199196] by Jon Davis
  • 2 edits in trunk/Source/WebCore

Add ImageBitmap as under consideration on Feature Status page
https://bugs.webkit.org/show_bug.cgi?id=156362

Reviewed by Timothy Hatcher.

  • features.json:
3:31 PM Changeset in webkit [199195] by Jon Davis
  • 2 edits in trunk/Source/WebCore

Include Conical Gradients on the Feature Status page.
https://bugs.webkit.org/show_bug.cgi?id=156363

Reviewed by Timothy Hatcher.

  • features.json:
3:28 PM Changeset in webkit [199194] by Beth Dakin
  • 2 edits in trunk/Source/WebCore

Build fix.

  • platform/mac/WebVideoFullscreenInterfaceMac.mm:
3:26 PM Changeset in webkit [199193] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebCore

In WK1 WebVideoFullscreen interface may be accessed from WK1 main thread instead of UI thread.
https://bugs.webkit.org/show_bug.cgi?id=154252
rdar://problem/22460539

Patch by Jeremy Jones <jeremyj@apple.com> on 2016-04-07
Reviewed by Eric Carlson.

In WebKit1, Javascript can cause enter fullscreen to happen on the main thead, which is not
necessarily the UI thread. This can cause autolayout errors. Move this code to the UI thread.

  • platform/ios/WebVideoFullscreenControllerAVKit.mm:

(WebVideoFullscreenControllerContext::setUpFullscreen): Move setup to the UI thread.

  • platform/ios/WebVideoFullscreenInterfaceAVKit.mm:

(-[WebAVPlayerLayer layoutSublayers]): Move call to resolveBounds to the UI thread.

3:25 PM Changeset in webkit [199192] by jiewen_tan@apple.com
  • 2 edits in trunk/LayoutTests

Mark http/tests/cache/disk-cache/disk-cache-validation-back-navigation-policy.html as timeout in ios-simulator-wk2
https://bugs.webkit.org/show_bug.cgi?id=149087

Unreviewed, test gardening.

  • platform/ios-simulator-wk2/TestExpectations:
3:10 PM Changeset in webkit [199191] by rniwa@webkit.org
  • 7 edits
    5 moves in trunk/Websites/perf.webkit.org

Migrate legacy perf dashboard tests to mocha.js based tests
https://bugs.webkit.org/show_bug.cgi?id=156335

Reviewed by Chris Dumez.

Migrated all legacy run-tests.js tests to mocha.js based tests. Since the new harness uses Promise
for most of asynchronous operations, refactored the tests to use Promises as well, and added more
assertions where appropriate.

Also consolidated common helper functions into server-tests/resources/common-operations.js.
Unfortunately there were multiple inconsistent implementations of addBuilder/addSlave. Some were
taking an array of reports while others were taking a single report. New shared implementation in
common-operations.js now takes a single report.

Also decreased the timeout in most tests from 10s to 1s so that tests fail early when they timeout.
Most of tests are passing under 100ms on my computer so 1s should be plenty still.

  • run-tests.js: Removed.
  • server-tests/admin-platforms-tests.js: Moved from tests/admin-platforms.js.

(reportsForDifferentPlatforms):

  • server-tests/admin-reprocess-report-tests.js: Moved from tests/admin-reprocess-report.js.

(.addBuilder): Moved to common-operations.js.

  • server-tests/api-build-requests-tests.js:
  • server-tests/api-manifest.js: Use MockData.resetV3Models() instead of manually clearing maps.
  • server-tests/api-measurement-set-tests.js: Moved from tests/api-measurement-set.js.

(.queryPlatformAndMetric):
(.format):

  • server-tests/api-report-commits-tests.js: Moved from tests/api-report-commits.js.
  • server-tests/api-report-tests.js: Moved from tests/api-report.js.

(.emptyReport):
(.emptySlaveReport):
(.reportWithSameSubtestName):

  • server-tests/resources/common-operations.js: Added.

(addBuilderForReport): Extracted from tests.
(addSlaveForReport): Ditto.
(connectToDatabaseInEveryTest): Added.
(submitReport): Extracted from admin-platforms-tests.js.

  • server-tests/resources/test-server.js:

(TestServer): Make TestServer a singleton since it doesn't make any sense for each module to start
its own Apache instance (that would certainly will fail).

  • server-tests/tools-buildbot-triggerable-tests.js:
  • tests: Removed.
  • tools/js/database.js:

(Database.prototype.selectAll): Added.
(Database.prototype.selectFirstRow): Added.
(Database.prototype.selectRows): Added. Dynamically construct a query string based on arguments.

3:02 PM Changeset in webkit [199190] by Beth Dakin
  • 2 edits in trunk/Source/WebCore

Build fix.

  • platform/mac/WebVideoFullscreenInterfaceMac.mm:
3:01 PM Changeset in webkit [199189] by Jon Davis
  • 2 edits in trunk/Source/JavaScriptCore

Add Web Animations API to Feature Status Page
https://bugs.webkit.org/show_bug.cgi?id=156360

Reviewed by Timothy Hatcher.

  • features.json:
2:56 PM Changeset in webkit [199188] by Chris Dumez
  • 8 edits in trunk/Source/WebCore

[WebIDL] Add support for [EnabledAtRuntime] attributes on non-global objects
https://bugs.webkit.org/show_bug.cgi?id=156346

Reviewed by Ryosuke Niwa.

Add support for [EnabledAtRuntime] attributes on non-global objects by
using the same approach as for [EnabledAtRuntime] operations. This means
we add these attributes to the static property table but they get removed
at runtime in JS*Prototype::finishCreation(), if the feature is disabled,
after the eager reification of the prototype.

  • bindings/scripts/CodeGeneratorJS.pm:

(GeneratePropertiesHashTable):
(GenerateImplementation):

  • bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:

(webkit_dom_test_obj_set_property):
(webkit_dom_test_obj_get_property):
(webkit_dom_test_obj_class_init):
(webkit_dom_test_obj_enabled_at_runtime_operation):
(webkit_dom_test_obj_get_enabled_at_runtime_attribute):
(webkit_dom_test_obj_set_enabled_at_runtime_attribute):

  • bindings/scripts/test/GObject/WebKitDOMTestObj.h:
  • bindings/scripts/test/JS/JSTestObj.cpp:

(WebCore::JSTestObjPrototype::finishCreation):
(WebCore::jsTestObjEnabledAtRuntimeAttribute):
(WebCore::setJSTestObjEnabledAtRuntimeAttribute):
(WebCore::jsTestObjPrototypeFunctionEnabledAtRuntimeOperation1):
(WebCore::jsTestObjPrototypeFunctionEnabledAtRuntimeOperation2):
(WebCore::jsTestObjPrototypeFunctionEnabledAtRuntimeOperation):

  • bindings/scripts/test/ObjC/DOMTestObj.h:
  • bindings/scripts/test/ObjC/DOMTestObj.mm:

(-[DOMTestObj enabledAtRuntimeAttribute]):
(-[DOMTestObj setEnabledAtRuntimeAttribute:]):
(-[DOMTestObj enabledAtRuntimeOperation:]):

  • bindings/scripts/test/TestObj.idl:
2:55 PM Changeset in webkit [199187] by Beth Dakin
  • 2 edits in trunk/Source/WebCore

Attempted build fix.

  • platform/mac/WebVideoFullscreenInterfaceMac.mm:

(-[WebPlaybackControlsManager seekToTime:toleranceBefore:toleranceAfter:]):
(-[WebPlaybackControlsManager setCurrentAudioMediaSelectionOption:]):
(-[WebPlaybackControlsManager setCurrentLegibleMediaSelectionOption:]):
(-[WebPlaybackControlsManager currentAudioMediaSelectionOption]): Deleted.
(-[WebPlaybackControlsManager currentLegibleMediaSelectionOption]): Deleted.

2:51 PM Changeset in webkit [199186] by adachan@apple.com
  • 2 edits in trunk/Source/WebCore

Add WebKitAdditions extension point in HTMLVideoElement::supportsFullscreen()
https://bugs.webkit.org/show_bug.cgi?id=156366

Reviewed by Alex Christensen.

  • html/HTMLVideoElement.cpp:

(WebCore::HTMLVideoElement::supportsFullscreen):

2:39 PM Changeset in webkit [199185] by Jon Davis
  • 2 edits in trunk/Source/WebCore

Add WOFF2 to the Feature Status page
https://bugs.webkit.org/show_bug.cgi?id=156361

Reviewed by Timothy Hatcher.

  • features.json:
2:31 PM Changeset in webkit [199184] by Beth Dakin
  • 3 edits in trunk/Source/WebCore

WebPlaybackControlsManager should support mediaSelectionOptions
https://bugs.webkit.org/show_bug.cgi?id=156358
-and corresponding-
rdar://problem/25048743

Reviewed by Jer Noble.

This patch just implements
WebVideoFullscreenInterfaceMac::setAudioMediaSelectionOptions and
WebVideoFullscreenInterfaceMac::setLegibleMediaSelectionOptions and passes that
information on to WebPlaybackControlsManager. If selection options are set via
the WebPlaybackControlsManager, then it gets the webVideoFullscreenModel() to
set the new value.

  • platform/mac/WebVideoFullscreenInterfaceMac.h:
  • platform/mac/WebVideoFullscreenInterfaceMac.mm:

(-[WebPlaybackControlsManager currentAudioMediaSelectionOption]):
(-[WebPlaybackControlsManager setCurrentAudioMediaSelectionOption:]):
(-[WebPlaybackControlsManager currentLegibleMediaSelectionOption]):
(-[WebPlaybackControlsManager setCurrentLegibleMediaSelectionOption:]):
(WebCore::mediaSelectionOptions):
(WebCore::WebVideoFullscreenInterfaceMac::setAudioMediaSelectionOptions):
(WebCore::WebVideoFullscreenInterfaceMac::setLegibleMediaSelectionOptions):
(-[WebPlaybackControlsManager audioMediaSelectionOptions]): Deleted.
(-[WebPlaybackControlsManager legibleMediaSelectionOptions]): Deleted.

2:26 PM Changeset in webkit [199183] by ap@apple.com
  • 4 edits in trunk/LayoutTests

Test expectation gardening for
Assertion failure in MessagePort::contextDestroyed in http/tests/security/MessagePort/event-listener-context.html,
usually attributed to later tests
https://bugs.webkit.org/show_bug.cgi?id=94458

http/tests/security/MessagePort/event-listener-context.html is the only culprit,
so it should be skipped everywhere, and subsequent tests shouldn't be marked.

  • TestExpectations:
  • platform/ios-simulator/TestExpectations:
  • platform/mac/TestExpectations:
2:25 PM Changeset in webkit [199182] by sbarati@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Invalid assertion inside DebuggerScope::getOwnPropertySlot
https://bugs.webkit.org/show_bug.cgi?id=156357

Reviewed by Keith Miller.

The Type Profiler might profile JS code that uses DebuggerScope and accesses properties
on it. Therefore, it may have a DebuggerScope object in its log. Objects in the log
are subject to having their getOwnPropertySlot method called. Therefore, the DebuggerScope
might not always be in a valid state when its getOwnPropertySlot method is called.
Therefore, the assertion invalid.

  • debugger/DebuggerScope.cpp:

(JSC::DebuggerScope::getOwnPropertySlot):

2:15 PM Changeset in webkit [199181] by Brent Fulgham
  • 11 edits
    2 adds in trunk

Wheel event callback removing the window causes crash in WebCore.
https://bugs.webkit.org/show_bug.cgi?id=150871
<rdar://problem/23418283>

Reviewed by Simon Fraser.

Source/WebCore:

Null check the FrameView before using it, since the iframe may have been removed
from its parent document inside the event handler.

The new test triggered a cross-load side-effect, where wheel event filtering wasn't
reset between page loads. Fix by calling clearLatchedState() in EventHandler::clear(),
which resets the filtering.

Since the Frame destructor invokes EventHandler::clear, which invokes MainFrame methods,
we run the risk of attempting to dereference destroyed MainFrame elements of the current
Frame object. Instead, clear the EventHandler in the MainFrame destructor.

Finally, confirm that the mainFrame member is not being destroyed in the handful of
places that might attempt to access the mainFrame during object destruction (essentially
cleanup methods).

Test: fast/events/wheel-event-destroys-frame.html

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::clear): Protect against accessing mainFrame content during destruction.

  • page/EventHandler.cpp:

(WebCore::EventHandler::clear): Call 'clearLatchedState' instead of endFilteringDeltas.
(WebCore::EventHandler::clearLatchedState): Null-check the filter before calling it.

  • page/Frame.cpp:

(WebCore::Frame::~Frame): Do not call 'setView' in the destructor for a MainFrame.
(WebCore::Frame::setView): Check for a null event handler before invoking it.
(WebCore::Frame::setMainFrameWasDestroyed): Added. Mark that the MainFrame
member of the Frame is being destroyed (if the current Frame is a MainFrame) and clear
the EventHandler member so that it doesn't attempt to access mainFrame content.
(WebCore::Frame::mainFrame): When accessing the mainFrame member, assert that the
mainFrame is not being destroyed.

  • page/MainFrame.cpp:

(WebCore::MainFrame::~MainFrame): Set the m_recentWheelEventDeltaFilter to nullptr to
prevent attempts to access it during object destruction. Call the new 'setMainFrameWasDestroyed'
method to reset eventHandler and mark the MainFrame as being in the process of destruction.

  • page/WheelEventDeltaFilter.cpp:

(WebCore::WheelEventDeltaFilter::filteredDelta): Add logging.

  • page/mac/EventHandlerMac.mm:

(WebCore::EventHandler::platformCompleteWheelEvent): Add null check.

  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::scrollTo): Add logging.

LayoutTests:

  • fast/events/wheel-event-destroys-frame-expected.txt: Added.
  • fast/events/wheel-event-destroys-frame.html: Added.
  • platform/ios-simulator/TestExpectations: Skip wheel-event test on iOS.
2:08 PM Changeset in webkit [199180] by jmarcell@apple.com
  • 2 edits
    6 moves
    3 adds in trunk/Tools

Adding layout tests for the bot watcher's dashboard QUnit tests. https://bugs.webkit.org/show_bug.cgi?id=155272

Reviewed by Daniel Bates.

Moved supporting resources into a resources folder and updated index.html accordingly
to point to the new locations. Added code to tests.js to dumpAsText when QUnit is done.

  • BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/tests/index-expected.txt: Added.
  • BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/tests/index.html: Updated to point to tests.js and Mock files in resources directory.
  • BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/tests/resources/MockBuildbotQueue.js: Renamed from

Tools/BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/tests/MockBuildbotQueue.js.
(MockBuildbotQueue):

  • BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/tests/resources/MockBuildbotQueueView.js: Renamed from

Tools/BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/tests/MockBuildbotQueueView.js.
(MockBuildbotQueueView):
(MockBuildbotQueueView.prototype._latestProductiveIteration):

  • BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/tests/resources/MockTrac.js: Renamed from

Tools/BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/tests/MockTrac.js.
(MockTrac):
(MockTrac.prototype.get oldestRecordedRevisionNumber):
(MockTrac.prototype.get latestRecordedRevisionNumber):
(MockTrac.prototype.loadMoreHistoricalData):

  • BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/tests/resources/test-fixture-git-trac-rss.xml: Renamed from

Tools/BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/tests/test-fixture-git-trac-rss.xml.

  • BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/tests/resources/test-fixture-trac-rss.xml: Renamed from

Tools/BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/tests/test-fixture-trac-rss.xml.

  • BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/tests/resources/tests.js: Renamed from

Tools/BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/tests/tests.js.
Updated the unit tests for Trac._loaded() to point to the XML files that are now located in the 'resources' directory.
(QUnit.done): Added. Removes machine-specific output from test results and calls testRunner.notifyDone to let the layout test harness know that all testing is done.

  • Scripts/run-dashboard-tests: Added.
2:01 PM Changeset in webkit [199179] by sbarati@apple.com
  • 8 edits in trunk

Initial implementation of annex b.3.3 behavior was incorrect
https://bugs.webkit.org/show_bug.cgi?id=156276

Reviewed by Keith Miller.

Source/JavaScriptCore:

I almost got annex B.3.3 correct in my first implementation.
There is a subtlety here I got wrong. We always create a local binding for
a function at the very beginning of execution of a block scope. So we
hoist function declarations to their local binding within a given
block scope. When we actually evaluate the function declaration statement
itself, we must lookup the binding in the current scope, and bind the
value to the binding in the "var" scope. We perform the following
abstract operations when executing a function declaration statement.

f = lookupBindingInCurrentScope("func")
store(varScope, "func", f)

I got this wrong by performing the store to the var binding at the beginning
of the block scope instead of when we evaluate the function declaration statement.
This behavior is observable. For example, a program could change the value
of "func" before the actual function declaration statement executes.
Consider the following two functions:
`
function foo1() {

func === undefined
{

typeof func === "function"
function func() { }
Executing this statement binds the local "func" binding to the implicit "func" var binding.
func = 20 This sets the local "func" binding to 20.

}
typeof func === "function"

}

function foo2() {

func === undefined
{

typeof func === "function"
func = 20
This sets the local "func" binding to 20.
function func() { } Executing this statement binds the local "func" binding to the implicit "func" var binding.

}
func === 20

}
`

  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::initializeBlockScopedFunctions):
(JSC::BytecodeGenerator::hoistSloppyModeFunctionIfNecessary):

  • bytecompiler/BytecodeGenerator.h:

(JSC::BytecodeGenerator::emitNodeForLeftHandSide):

  • bytecompiler/NodesCodegen.cpp:

(JSC::FuncDeclNode::emitBytecode):

  • tests/stress/sloppy-mode-function-hoisting.js:

(test.foo):
(test):
(test.):
(test.bar):
(test.switch.case.0):
(test.capFoo1):
(test.switch.capFoo2):
(test.outer):
(foo):

LayoutTests:

  • js/function-declarations-in-switch-statement-expected.txt:
  • js/script-tests/function-declarations-in-switch-statement.js:
2:00 PM Changeset in webkit [199178] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Uncaught Exception: No resource with given URL found
https://bugs.webkit.org/show_bug.cgi?id=156259
<rdar://problem/25564749>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-04-07
Reviewed by Timothy Hatcher.

  • UserInterface/Views/SourceCodeTextEditor.js:

(WebInspector.SourceCodeTextEditor):
SourceCode.prototype.requestContent will reject if it cannot load
content for the given resource. In that case, we already have an
earlier catch handler that displays an error message in the
ContentView, so we shouldn't show an Uncaught Exception page.
Really, we should not reject the original promise here, and
instead resolve it with an object describing the error, but
short term we should remove the uncaught exception handler for
this case.

1:59 PM Changeset in webkit [199177] by commit-queue@webkit.org
  • 2 edits
    1 add in trunk/Source/WebInspectorUI

Web Inspector: Take snapshot navigation button should match navigation button styles
https://bugs.webkit.org/show_bug.cgi?id=156355
<rdar://problem/25325172>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-04-07
Reviewed by Timothy Hatcher.

  • UserInterface/Images/Camera.svg: Added.
  • UserInterface/Views/HeapAllocationsTimelineView.js:

(WebInspector.HeapAllocationsTimelineView):
Use the new image for the navigation bar button.

1:38 PM Changeset in webkit [199176] by achristensen@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Build fix after r199170

  • CMakeLists.txt:
1:21 PM Changeset in webkit [199175] by adachan@apple.com
  • 3 edits in trunk/Source/WebKit2

Add WebKitAdditions extension points around preferences
https://bugs.webkit.org/show_bug.cgi?id=156303

Reviewed by Beth Dakin.

  • Shared/WebPreferencesStore.cpp:

(WebKit::defaults):

  • UIProcess/API/C/WKPreferences.cpp:
1:04 PM Changeset in webkit [199174] by adachan@apple.com
  • 8 edits
    2 moves in trunk

Rename TextTrackRepresentationiOS to TextTrackRepresentationCocoa and enable on Mac
https://bugs.webkit.org/show_bug.cgi?id=156245

Reviewed by Eric Carlson.

Source/WebCore:

  • Modules/mediacontrols/mediaControlsApple.css:

(::-webkit-media-controls):
Match iOS and specify overflow: hidden on the -webkit-media-controls container.
(video::-webkit-media-text-track-container):
Match iOS and specify z-index: 0 on the text track container.

  • WebCore.xcodeproj/project.pbxproj:

TextTrackRepresentationiOS.h/mm have been renamed to TextTrackRepresentationCocoa.h/mm.

  • platform/graphics/TextTrackRepresentation.cpp:
  • platform/graphics/cocoa/TextTrackRepresentationCocoa.h: Renamed from Source/WebCore/platform/graphics/ios/TextTrackRepresentationIOS.h.
  • platform/graphics/cocoa/TextTrackRepresentationCocoa.mm: Renamed from Source/WebCore/platform/graphics/ios/TextTrackRepresentationIOS.mm.

(-[WebCoreTextTrackRepresentationCocoaHelper initWithParent:]):
(-[WebCoreTextTrackRepresentationCocoaHelper dealloc]):
(-[WebCoreTextTrackRepresentationCocoaHelper setParent:]):
(-[WebCoreTextTrackRepresentationCocoaHelper parent]):
(-[WebCoreTextTrackRepresentationCocoaHelper observeValueForKeyPath:ofObject:change:context:]):
(-[WebCoreTextTrackRepresentationCocoaHelper actionForLayer:forKey:]):
(TextTrackRepresentation::create):
(TextTrackRepresentationCocoa::TextTrackRepresentationCocoa):
(TextTrackRepresentationCocoa::~TextTrackRepresentationCocoa):
(TextTrackRepresentationCocoa::update):
(TextTrackRepresentationCocoa::setContentScale):
(TextTrackRepresentationCocoa::bounds):

LayoutTests:

  • platform/mac/TestExpectations:

Skip some tests with assertions after changes in MediaControlsApple.css.

  • platform/mac/media/media-document-audio-repaint-expected.txt:
  • platform/mac/media/video-zoom-controls-expected.txt:

Rebaseline some tests after changes in MediaControlsApple.css.

12:57 PM Changeset in webkit [199173] by Jon Davis
  • 2 edits in trunk/Websites/webkit.org

Improved drop down menu with translate; cleaned up unnecessary whitespace.
https://bugs.webkit.org/show_bug.cgi?id=156342

Reviewed by Timothy Hatcher.

  • wp-content/themes/webkit/style.css:

(p > a[name]::before):
(.has-post-thumbnail .background-image):
(.table-of-contents):
(header .menu-item-has-children .label-toggle::after):
(.sub-menu-layer):
(.sub-menu-layer:after, .sub-menu-layer:before):
(.sub-menu-layer .menu-item):
(.menu > .menu-item > .menu-toggle:checked + .sub-menu):
(@media only screen and (max-width: 920px)):
(header .sub-menu-layer):
(@media only screen and (max-width: 415px)):
(@media only screen and (max-width: 1180px)): Deleted.
(@media only screen and (max-width: 1000px)): Deleted.
(@media only screen and (max-width: 690px)): Deleted.
(@media only screen and (max-width: 600px)): Deleted.
(@media only screen and (max-height: 415px)): Deleted.
(@media only screen and (max-width: 320px)): Deleted.

12:52 PM Changeset in webkit [199172] by dbates@webkit.org
  • 1 edit
    51 deletes in trunk/LayoutTests

CSP: Remove tests for unimplemented directive referrer
https://bugs.webkit.org/show_bug.cgi?id=156353

Reviewed by Andy Estes.

The Content Security Policy directive referrer was removed from the Content Security Policy Level 2 spec.,
<https://w3c.github.io/webappsec-csp/2/> (Editor's Draft, 29 August 2015). It was never implemented.
The functionality provided by this directive has been incorporated into its own meta tag and is covered
by the Referrer Policy spec., <https://w3c.github.io/webappsec-referrer-policy/>.

  • http/tests/security/contentSecurityPolicy/1.1/referrer-always-http-http-expected.txt: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-always-http-http.html: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-always-http-https-expected.txt: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-always-http-https.html: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-always-https-http-expected.txt: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-always-https-http.html: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-always-https-https-expected.txt: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-always-https-https.html: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-default-http-http-expected.txt: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-default-http-http.html: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-default-http-https-expected.txt: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-default-http-https.html: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-default-https-http-expected.txt: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-default-https-http.html: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-default-https-https-expected.txt: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-default-https-https.html: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-empty-http-http-expected.txt: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-empty-http-http.html: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-empty-http-https-expected.txt: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-empty-http-https.html: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-empty-https-http-expected.txt: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-empty-https-http.html: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-empty-https-https-expected.txt: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-empty-https-https.html: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-invalid-http-http-expected.txt: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-invalid-http-http.html: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-invalid-http-https-expected.txt: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-invalid-http-https.html: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-invalid-https-http-expected.txt: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-invalid-https-http.html: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-invalid-https-https-expected.txt: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-invalid-https-https.html: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-never-http-http-expected.txt: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-never-http-http.html: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-never-http-https-expected.txt: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-never-http-https.html: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-never-https-http-expected.txt: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-never-https-http.html: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-never-https-https-expected.txt: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-never-https-https.html: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-origin-http-http-expected.txt: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-origin-http-http.html: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-origin-http-https-expected.txt: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-origin-http-https.html: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-origin-https-http-expected.txt: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-origin-https-http.html: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-origin-https-https-expected.txt: Removed.
  • http/tests/security/contentSecurityPolicy/1.1/referrer-origin-https-https.html: Removed.
  • http/tests/security/contentSecurityPolicy/resources/referrer-test-endpoint.php: Removed.
  • http/tests/security/contentSecurityPolicy/resources/referrer-test.js: Removed.
  • http/tests/security/contentSecurityPolicy/resources/referrer-test.php: Removed.
12:47 PM Changeset in webkit [199171] by Joseph Pecoraro
  • 2 edits in trunk/LayoutTests

Unreviewed follow-up fix to r199168. Add missing newline in expected output.

  • inspector/codemirror/resources/prettyprinting/javascript-tests/single-statement-blocks-expected.js:
12:38 PM Changeset in webkit [199170] by keith_miller@apple.com
  • 40 edits
    2 copies
    1 add in trunk/Source/JavaScriptCore

We should support the ability to do a non-effectful getById
https://bugs.webkit.org/show_bug.cgi?id=156116

Reviewed by Benjamin Poulain.

Currently, there is no way in JS to do a non-effectful getById. A non-effectful getById is
useful because it enables us to take different code paths based on values that we would
otherwise not be able to have knowledge of. This patch adds this new feature called
try_get_by_id that will attempt to do as much of a get_by_id as possible without performing
an effectful behavior. Thus, try_get_by_id will return the value if the slot is a value, the
GetterSetter object if the slot is a normal accessor (not a CustomGetterSetter) and
undefined if the slot is unset. If the slot is proxied or any other cases then the result
is null. In theory, if we ever wanted to check for null we could add a sentinal object to
the global object that indicates we could not get the result.

In order to implement this feature we add a new enum GetByIdKind that indicates what to do
for accessor properties in PolymorphicAccess. If the GetByIdKind is pure then we treat the
get_by_id the same way we would for load and return the value at the appropriate offset.
Additionally, in order to make sure the we can properly compare the GetterSetter object
with === GetterSetters are now JSObjects. This comes at the cost of eight extra bytes on the
GetterSetter object but it vastly simplifies the patch. Additionally, the extra bytes are
likely to have little to no impact on memory usage as normal accessors are generally rare.

  • JavaScriptCore.xcodeproj/project.pbxproj:
  • builtins/BuiltinExecutableCreator.cpp: Added.

(JSC::createBuiltinExecutable):

  • builtins/BuiltinExecutableCreator.h: Copied from Source/JavaScriptCore/builtins/BuiltinExecutables.h.
  • builtins/BuiltinExecutables.cpp:

(JSC::BuiltinExecutables::createDefaultConstructor):
(JSC::BuiltinExecutables::createBuiltinExecutable):
(JSC::createBuiltinExecutable):
(JSC::BuiltinExecutables::createExecutable):
(JSC::createExecutableInternal): Deleted.

  • builtins/BuiltinExecutables.h:
  • bytecode/BytecodeIntrinsicRegistry.h:
  • bytecode/BytecodeList.json:
  • bytecode/BytecodeUseDef.h:

(JSC::computeUsesForBytecodeOffset):
(JSC::computeDefsForBytecodeOffset):

  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::dumpBytecode):

  • bytecode/PolymorphicAccess.cpp:

(JSC::AccessCase::tryGet):
(JSC::AccessCase::generate):
(WTF::printInternal):

  • bytecode/PolymorphicAccess.h:

(JSC::AccessCase::isGet): Deleted.
(JSC::AccessCase::isPut): Deleted.
(JSC::AccessCase::isIn): Deleted.

  • bytecode/StructureStubInfo.cpp:

(JSC::StructureStubInfo::reset):

  • bytecode/StructureStubInfo.h:
  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::emitTryGetById):

  • bytecompiler/BytecodeGenerator.h:
  • bytecompiler/NodesCodegen.cpp:

(JSC::BytecodeIntrinsicNode::emit_intrinsic_tryGetById):

  • dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::cachedGetById):

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::cachedGetById):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::getById):

  • jit/JIT.cpp:

(JSC::JIT::privateCompileMainPass):
(JSC::JIT::privateCompileSlowCases):

  • jit/JIT.h:
  • jit/JITInlineCacheGenerator.cpp:

(JSC::JITGetByIdGenerator::JITGetByIdGenerator):

  • jit/JITInlineCacheGenerator.h:
  • jit/JITInlines.h:

(JSC::JIT::callOperation):

  • jit/JITOperations.cpp:
  • jit/JITOperations.h:
  • jit/JITPropertyAccess.cpp:

(JSC::JIT::emitGetByValWithCachedId):
(JSC::JIT::emit_op_try_get_by_id):
(JSC::JIT::emitSlow_op_try_get_by_id):
(JSC::JIT::emit_op_get_by_id):

  • jit/JITPropertyAccess32_64.cpp:

(JSC::JIT::emitGetByValWithCachedId):
(JSC::JIT::emit_op_try_get_by_id):
(JSC::JIT::emitSlow_op_try_get_by_id):
(JSC::JIT::emit_op_get_by_id):

  • jit/Repatch.cpp:

(JSC::repatchByIdSelfAccess):
(JSC::appropriateOptimizingGetByIdFunction):
(JSC::appropriateGenericGetByIdFunction):
(JSC::tryCacheGetByID):
(JSC::repatchGetByID):
(JSC::resetGetByID):

  • jit/Repatch.h:
  • jsc.cpp:

(GlobalObject::finishCreation):
(functionGetGetterSetter):
(functionCreateBuiltin):

  • llint/LLIntData.cpp:

(JSC::LLInt::Data::performAssertions):

  • llint/LLIntSlowPaths.cpp:

(JSC::LLInt::LLINT_SLOW_PATH_DECL):

  • llint/LLIntSlowPaths.h:
  • llint/LowLevelInterpreter.asm:
  • runtime/GetterSetter.cpp:
  • runtime/GetterSetter.h:
  • runtime/JSType.h:
  • runtime/PropertySlot.cpp:

(JSC::PropertySlot::getPureResult):

  • runtime/PropertySlot.h:
  • runtime/ProxyObject.cpp:

(JSC::ProxyObject::getOwnPropertySlotCommon):

  • tests/stress/try-get-by-id.js: Added.

(tryGetByIdText):
(getCaller.obj.1.throw.new.Error.let.func):
(getCaller.obj.1.throw.new.Error):
(throw.new.Error.get let):
(throw.new.Error.):
(throw.new.Error.let.get createBuiltin):
(get let):
(let.get createBuiltin):
(let.func):
(get let.func):
(get throw):

12:29 PM Changeset in webkit [199169] by Joseph Pecoraro
  • 8 edits in trunk/Source/WebInspectorUI

Web Inspector: Inspector hangs when trying to view a large XHR resource
https://bugs.webkit.org/show_bug.cgi?id=144107
<rdar://problem/20669463>

Reviewed by NOBODY (OOPS!).

Previously auto formatting (initially pretty print source code) in TextEditor
was done synchronously in this order:

(1) revealing the Editor as soon as we have content
(2) set the CodeMirror value
(3) pretty print with the CodeMirror editor
(4) set the CodeMirror value

=> Layout

At the end, CodeMirror would layout once with the new content. This approach
performs very poorly when step (3) is an asynchronous action, because it would
mean CodeMirror would layout for both (2) and at the end (4) and the layout
itself can be very costly if the content is minified and so has very long
lines at the top of the file that need to be syntax highlighted and visible
since we do not wrap.

This patch changes the order of operations to benefit asynchronous formatting.
When SourceCodeTextEditor determines that it can autoformat it:

(1) set the CodeMirror value
(2) pretty print to source text
(3) reveal the Editor when pretty printing is done
(4) set the CodeMirror value

=> Layout

This maintains the fact that to undo pretty printing we can just "undo" the
editor to get the original text. This also means we only do a single
CodeMirror layout, with the pretty printed and therefore more manageable
source text for highlighting. It also means we continue to show a loading
indicator in the editor while we are pretty printing. If this is truely
done asynchronously, which is the case for JavaScript with FormatterWorker,
then the loading indicator will animate smoothly.

This sequence also works with the traditional synchronous formatters,
which we still have for CSS.

  • UserInterface/Views/ContentView.js:

(WebInspector.ContentView.contentViewForRepresentedObject):

  • UserInterface/Views/NavigationSidebarPanel.js:

(WebInspector.NavigationSidebarPanel.prototype.showDefaultContentViewForTreeElement):
(WebInspector.NavigationSidebarPanel.prototype._checkElementsForPendingViewStateCookie):
BreakpointTreeElements can now be restored and reselected when its
source code is null. Avoid deleting the pending cookie data if a
ContentView was not shown for the resource. When the Breakpoint
and SourceCode get hooked up, this code will run again and work.

  • UserInterface/Views/ScriptContentView.js:

(WebInspector.ScriptContentView.prototype._togglePrettyPrint):

  • UserInterface/Views/TextResourceContentView.js:

(WebInspector.TextResourceContentView.prototype._togglePrettyPrint):

  • UserInterface/Views/TextContentView.js:

(WebInspector.TextContentView.prototype._togglePrettyPrint):
New API for toggling formatting, now that it is an async operation.

  • UserInterface/Views/SourceCodeTextEditor.js:

(WebInspector.SourceCodeTextEditor):
(WebInspector.SourceCodeTextEditor.prototype.toggleTypeAnnotations):
(WebInspector.SourceCodeTextEditor.prototype.prettyPrint):
(WebInspector.SourceCodeTextEditor.prototype._populateWithContent):
(WebInspector.SourceCodeTextEditor.prototype._proceedPopulateWithContent):
(WebInspector.SourceCodeTextEditor.prototype._prepareEditorForInitialContent):
(WebInspector.SourceCodeTextEditor.prototype._populateWithInlineScriptContent.scriptContentAvailable):
(WebInspector.SourceCodeTextEditor.prototype._populateWithInlineScriptContent):
(WebInspector.SourceCodeTextEditor.prototype._populateWithScriptContent):
(WebInspector.SourceCodeTextEditor.prototype.textEditorUpdatedFormatting):
(WebInspector.SourceCodeTextEditor.prototype._contentWillPopulate): Deleted.
Move auto formatting logic into SourceCodeTextEditor, because it
determines if content should be auto formatted, and it loads the
initial content so it can determine when to show the editor for
the first time.

When we get the initial content and determine we have to autoformat,
setup the TextEditor, but don't proceed with WillPopulate/DidPopulate
until after we have formatted text.

  • UserInterface/Views/TextEditor.js:

(WebInspector.TextEditor):
(WebInspector.TextEditor.set string.update):
(WebInspector.TextEditor.prototype.set string):
(WebInspector.TextEditor.prototype.setFormatted):
(WebInspector.TextEditor.prototype.hasFormatter):
(WebInspector.TextEditor.prototype._format):
(WebInspector.TextEditor.prototype.prettyPrint):
(WebInspector.TextEditor.prototype._canUseFormatterWorker):
(WebInspector.TextEditor.prototype._startWorkerPrettyPrint):
(WebInspector.TextEditor.prototype._startCodeMirrorPrettyPrint):
(WebInspector.TextEditor.prototype._finishPrettyPrint):
(WebInspector.TextEditor.prototype._undoFormatting):
(WebInspector.TextEditor.prototype._updateAfterFormatting):
Break up the synchronous pretty printing code into multiple steps.
One path can be asynchronous formatting via FormatterWorker, another
path may be synchronous formatting using the CodeMirror formatters.

(WebInspector.TextEditor.prototype.set formatted): Deleted.
Remove the synchronous set formatted setter. Replace with setFormatted().

(WebInspector.TextEditor.prototype.set autoFormat): Deleted.
Remove the TextEditor's autoformat. Since formatting can be async, having
the TextEditor showing and asynchronously format its initial contents is
a recipe for poor performance causing multiple layouts of different content.
Instead, autoformatting is handled by SourceCodeTextEditor, and TextEditor
can then be shown when it has the right data.

12:29 PM Changeset in webkit [199168] by Joseph Pecoraro
  • 12 edits
    1 copy
    2 moves
    64 adds in trunk

Web Inspector: Improve JavaScript pretty printing
https://bugs.webkit.org/show_bug.cgi?id=156178
<rdar://problem/25535719>

Reviewed by Timothy Hatcher.

Source/WebInspectorUI:

Add a new EsprimaFormatter which pretty prints JavaScript source text
using the Esprima AST and Tokens. Currently we use CodeMirror's
tokenizer for pretty printing. By moving to Esprima for pretty
printing we get a few advantages: (1) can be used within a Worker
as there are no dependencies on DOM objects, (2) a full featured AST
gives more context to handling individual tokens. One disadvantage
is that Esprima requires valid input, so scripts with syntax errors
will not work.

EsprimaFormatter works by:

  • Getting the Esprima AST and token stream.
  • Walk all AST nodes:
    • when entering an AST node, handle any tokens before the start of this node
    • when leaving an AST node, handle any tokens that were inside the node
  • Whenever we handle a new node or token check if we should preserve any newlines or comments that do not show up in the AST or token stream.

This allows us to handle any token based on its context. Currently the
formatter prefers to operate on tokens based on their context. So the
formatter has a case for each AST node type and handles the tokens
within that AST node. A small exception is made to special case the
handling of semicolons.

  • Scripts/copy-user-interface-resources-dryrun.rb:

Add a generic check for -h, -help, --help to print usage.

  • Tools/Formatting/EsprimaFormatterDebug.js: Added.

(EsprimaFormatterDebug):
(EsprimaFormatterDebug.prototype.get debugText):
(EsprimaFormatterDebug.prototype._pad):
(EsprimaFormatterDebug.prototype._debugHeader):
(EsprimaFormatterDebug.prototype._debugFooter):
(EsprimaFormatterDebug.prototype._debug):
(EsprimaFormatterDebug.prototype._debugComments):
(EsprimaFormatterDebug.prototype._debugAfterProgramNode):
(EsprimaFormatterDebug.prototype._before):
(EsprimaFormatterDebug.prototype._after):

  • Tools/Formatting/codemirror-additions.css: Copied from Source/WebInspectorUI/Tools/PrettyPrinting/codemirror-additions.css.
  • Tools/Formatting/index.html: Added.
  • Tools/PrettyPrinting/codemirror-additions.css:

(pre): Deleted.
(a.download): Deleted.

  • Tools/PrettyPrinting/index.html:
  • Tools/PrettyPrinting/populate/jquery.min.js: Removed.

Add a Formatter tool that is similiar to the PrettyPrinting tool but
outputs debug information for Esprima tokens. This is useful for
iterating on tests, performance measurements, and general debugging
of token stream for any input.

  • UserInterface/Controllers/FormatterSourceMap.js:

(WebInspector.FormatterSourceMap.fromSourceMapData):
(WebInspector.FormatterSourceMap.fromBuilder): Deleted.
Switch to constructing with a common data objects, instead of a Builder.

  • UserInterface/Main.html:
  • UserInterface/Test.html:

New files and moved files.

  • UserInterface/Proxies/FormatterWorkerProxy.js: Added.

(WebInspector.FormatterWorkerProxy):
(WebInspector.FormatterWorkerProxy.singleton):
(WebInspector.FormatterWorkerProxy.canFormat):
(WebInspector.FormatterWorkerProxy.prototype.formatJavaScript):
(WebInspector.FormatterWorkerProxy.prototype.performAction):
(WebInspector.FormatterWorkerProxy.prototype._postMessage):
(WebInspector.FormatterWorkerProxy.prototype._handleMessage):
Main world object which provides a static formatJavaScript action.

  • UserInterface/Views/CSSStyleDeclarationTextEditor.js:

(WebInspector.CSSStyleDeclarationTextEditor.prototype._formattedContentFromEditor):

  • UserInterface/Views/TextEditor.js:

(WebInspector.TextEditor.prototype.prettyPrint.prettyPrintAndUpdateEditor):
(WebInspector.TextEditor.prototype.prettyPrint):

  • UserInterface/Workers/Formatter/FormatterContentBuilder.js: Renamed from Source/WebInspectorUI/UserInterface/Controllers/FormatterContentBuilder.js.

(FormatterContentBuilder):
Simplify construction of a Builder. The constructor objects were always
the same and often unnecessary. Also move out of the WebInspector
namespace signifying it can be used within a Worker.

(FormatterContentBuilder.prototype.get originalContent): Deleted.
(FormatterContentBuilder.prototype.get formattedContent): Deleted.
(FormatterContentBuilder.prototype.get sourceMapData): Added.
Simplify getting all the data needed for SourceMaps.

(FormatterContentBuilder.prototype.setOriginalLineEndings):
A client may wish to pre-fill line endings instead of filling
while building.

(FormatterContentBuilder.prototype.appendNewline):
Auto-clear trailing whitespace on the previous line.

  • UserInterface/Workers/Formatter/ESTreeWalker.js: Added.

(ESTreeWalker):
(ESTreeWalker.prototype.walk):
(ESTreeWalker.prototype._walk):
(ESTreeWalker.prototype._walkArray):
(ESTreeWalker.prototype._walkChildren):
Walk AST nodes in an ESTree format. Due to the spec's incompleteness
this is essentially Esprima's ESTree.

  • UserInterface/Workers/Formatter/EsprimaFormatter.js: Added.

(EsprimaFormatter):
(EsprimaFormatter.isWhitespace):
(EsprimaFormatter.prototype.get formattedText):
(EsprimaFormatter.prototype.get sourceMapData):
(EsprimaFormatter.prototype._insertNewlinesBeforeToken):
(EsprimaFormatter.prototype._insertComment):
(EsprimaFormatter.prototype._insertSameLineTrailingComments):
(EsprimaFormatter.prototype._insertCommentsAndNewlines):
(EsprimaFormatter.prototype._before):
(EsprimaFormatter.prototype._after):
(EsprimaFormatter.prototype._isInForHeader):
(EsprimaFormatter.prototype._isRangeWhitespace):
(EsprimaFormatter.prototype._handleTokenAtNode):
(EsprimaFormatter.prototype._exitNode):
(EsprimaFormatter.prototype._afterProgram):
Pretty print source text.

  • UserInterface/Workers/Formatter/FormatterUtilities.js: Added.

(Array.prototype.lastValue):
(String.prototype.lineEndings):
(isECMAScriptWhitespace):
(isECMAScriptLineTerminator):
Helpers used by the classes in the Worker code.

  • UserInterface/Workers/Formatter/FormatterWorker.js: Added.

(FormatterWorker):
(FormatterWorker.prototype.formatJavaScript):
(FormatterWorker.prototype._handleMessage):
Handle the formatJavaScript action.

LayoutTests:

Expand the JavaScript formatting tests.

  • inspector/codemirror/resources/prettyprinting/javascript-tests/single-statement-blocks-expected.js:

Update output now that the builder removes extra trailing whitespace automatically.

  • inspector/codemirror/resources/prettyprinting/utilities.js:

Update due to simplified construction.

  • inspector/formatting/formatting-javascript-expected.txt: Added.
  • inspector/formatting/formatting-javascript.html: Added.
  • inspector/formatting/resources/javascript-tests/arrow-functions-expected.js: Added.
  • inspector/formatting/resources/javascript-tests/arrow-functions.js: Added.
  • inspector/formatting/resources/javascript-tests/classes-expected.js: Added.
  • inspector/formatting/resources/javascript-tests/classes.js: Added.
  • inspector/formatting/resources/javascript-tests/comments-and-preserve-newlines-expected.js: Added.
  • inspector/formatting/resources/javascript-tests/comments-and-preserve-newlines.js: Added.
  • inspector/formatting/resources/javascript-tests/comments-only-expected.js: Added.
  • inspector/formatting/resources/javascript-tests/comments-only.js: Added.
  • inspector/formatting/resources/javascript-tests/do-while-statement-expected.js: Added.
  • inspector/formatting/resources/javascript-tests/do-while-statement.js: Added.
  • inspector/formatting/resources/javascript-tests/for-statements-expected.js: Added.
  • inspector/formatting/resources/javascript-tests/for-statements.js: Added.
  • inspector/formatting/resources/javascript-tests/functions-expected.js: Added.
  • inspector/formatting/resources/javascript-tests/functions.js: Added.
  • inspector/formatting/resources/javascript-tests/generators-expected.js: Added.
  • inspector/formatting/resources/javascript-tests/generators.js: Added.
  • inspector/formatting/resources/javascript-tests/if-statement-expected.js: Added.
  • inspector/formatting/resources/javascript-tests/if-statement.js: Added.
  • inspector/formatting/resources/javascript-tests/label-break-continue-block-expected.js: Added.
  • inspector/formatting/resources/javascript-tests/label-break-continue-block.js: Added.
  • inspector/formatting/resources/javascript-tests/logic-expressions-expected.js: Added.
  • inspector/formatting/resources/javascript-tests/logic-expressions.js: Added.
  • inspector/formatting/resources/javascript-tests/new-expression-expected.js: Added.
  • inspector/formatting/resources/javascript-tests/new-expression.js: Added.
  • inspector/formatting/resources/javascript-tests/object-array-literal-expected.js: Added.
  • inspector/formatting/resources/javascript-tests/object-array-literal.js: Added.
  • inspector/formatting/resources/javascript-tests/return-statement-expected.js: Added.
  • inspector/formatting/resources/javascript-tests/return-statement.js: Added.
  • inspector/formatting/resources/javascript-tests/sample-jquery-expected.js: Added.
  • inspector/formatting/resources/javascript-tests/sample-jquery.js: Added.
  • inspector/formatting/resources/javascript-tests/sample-normal-utilities-expected.js: Added.
  • inspector/formatting/resources/javascript-tests/sample-normal-utilities.js: Added.
  • inspector/formatting/resources/javascript-tests/sample-webinspector-object-expected.js: Added.
  • inspector/formatting/resources/javascript-tests/sample-webinspector-object.js: Added.
  • inspector/formatting/resources/javascript-tests/switch-case-default-expected.js: Added.
  • inspector/formatting/resources/javascript-tests/switch-case-default.js: Added.
  • inspector/formatting/resources/javascript-tests/ternary-expressions-expected.js: Added.
  • inspector/formatting/resources/javascript-tests/ternary-expressions.js: Added.
  • inspector/formatting/resources/javascript-tests/throw-statement-expected.js: Added.
  • inspector/formatting/resources/javascript-tests/throw-statement.js: Added.
  • inspector/formatting/resources/javascript-tests/try-catch-finally-statements-expected.js: Added.
  • inspector/formatting/resources/javascript-tests/try-catch-finally-statements.js: Added.
  • inspector/formatting/resources/javascript-tests/unary-binary-expressions-expected.js: Added.
  • inspector/formatting/resources/javascript-tests/unary-binary-expressions.js: Added.
  • inspector/formatting/resources/javascript-tests/variable-declaration-expected.js: Added.
  • inspector/formatting/resources/javascript-tests/variable-declaration.js: Added.
  • inspector/formatting/resources/javascript-tests/while-statement-expected.js: Added.
  • inspector/formatting/resources/javascript-tests/while-statement.js: Added.
  • inspector/formatting/resources/javascript-tests/with-statement-expected.js: Added.
  • inspector/formatting/resources/javascript-tests/with-statement.js: Added.
  • inspector/formatting/resources/utilities.js: Added.

Expanded test coverage for the new formatter.

12:00 PM Changeset in webkit [199167] by Brian Burg
  • 23 edits in trunk/Source

CookieJar should support adding synthetic cookies for developer tools
https://bugs.webkit.org/show_bug.cgi?id=156091
<rdar://problem/25581340>

Reviewed by Timothy Hatcher.

Source/WebCore:

This patch adds an API that can set an arbitrary cookie in cookie storage
in order to support developer tools and automated testing. It delegates storing
the cookie to a platform implementation.

No new tests because the code isn't used by any clients yet.

  • loader/CookieJar.cpp:

(WebCore::addCookie): Added.

  • loader/CookieJar.h:
  • platform/Cookie.h:

Remove an outdated comment. This struct is used in many places.

  • platform/CookiesStrategy.h: Add new method.
  • platform/network/PlatformCookieJar.h: Add new method.
  • platform/network/cf/CookieJarCFNet.cpp:

(WebCore::addCookie): Add a stub.

  • platform/network/curl/CookieJarCurl.cpp:

(WebCore::addCookie): Add a stub.

  • platform/network/mac/CookieJarMac.mm:

(WebCore::addCookie): Add an implementation that turns the WebCore::Cookie into
an NSHTTPCookie and converts it again to CFHTTPCookie if necessary.

  • platform/network/soup/CookieJarSoup.cpp:

(WebCore::addCookie): Add a stub.

  • platform/spi/cf/CFNetworkSPI.h:

Add -[NSHTTPCookie _CFHTTPCookie] SPI.

Source/WebKit/mac:

  • WebCoreSupport/WebPlatformStrategies.h:
  • WebCoreSupport/WebPlatformStrategies.mm:

(WebPlatformStrategies::addCookie):
Add new method override.

Source/WebKit/win:

  • WebCoreSupport/WebPlatformStrategies.h:
  • WebCoreSupport/WebPlatformStrategies.cpp:

Add new method override.

Source/WebKit2:

Plumb the new method through the strategy and out to the network process.

  • NetworkProcess/NetworkConnectionToWebProcess.cpp:

(WebKit::NetworkConnectionToWebProcess::addCookie):

  • NetworkProcess/NetworkConnectionToWebProcess.h:
  • NetworkProcess/NetworkConnectionToWebProcess.messages.in:
  • WebProcess/WebCoreSupport/WebPlatformStrategies.cpp:

(WebKit::WebPlatformStrategies::addCookie):

  • WebProcess/WebCoreSupport/WebPlatformStrategies.h:
11:38 AM Changeset in webkit [199166] by fpizlo@apple.com
  • 4 edits in trunk/Source/JavaScriptCore

Rationalize the makeSpaceForCCall stuff
https://bugs.webkit.org/show_bug.cgi?id=156352

Reviewed by Mark Lam.

I want to add more code to PolymorphicAccess that makes C calls, so that I can finally fix
https://bugs.webkit.org/show_bug.cgi?id=130914 (allow transition caches to handle indexing
headers).

When trying to understand what it takes to make a C call, I came across code that was making
room on the stack for spilled arguments. This logic was guarded with some complicated
condition. At first, I tried to just refactor the code so that the same ugly condition
wouldn't have to be copy-pasted everywhere that we made C calls. But then I started thinking
about the condition, and realized that it was probably wrong: if the outer PolymorphicAccess
harness decides to reuse a register for the scratchGPR then the top of the stack will store
the old value of scratchGPR, but the condition wouldn't necessarily trigger. So if the call
then overwrote something on the stack, we'd have a bad time.

Making room on the stack for a call is a cheap operation. It's orders of magnitude cheaper
than the rest of the call. Therefore, I think that it's best to just unconditionally make
room on the stack.

This patch makes us do just that. I also made the relevant helpers not inline, because I
think that we have too many inline methods in our assemblers. Now it's much easier to make
C calls from PolymorphicAccess because you just call the AssemblyHelper methods for making
space. There are no special conditions or anything like that.

  • bytecode/PolymorphicAccess.cpp:

(JSC::AccessCase::generate):

  • jit/AssemblyHelpers.cpp:

(JSC::AssemblyHelpers::emitLoadStructure):
(JSC::AssemblyHelpers::makeSpaceOnStackForCCall):
(JSC::AssemblyHelpers::reclaimSpaceOnStackForCCall):
(JSC::emitRandomThunkImpl):

  • jit/AssemblyHelpers.h:

(JSC::AssemblyHelpers::makeSpaceOnStackForCCall): Deleted.
(JSC::AssemblyHelpers::reclaimSpaceOnStackForCCall): Deleted.

11:22 AM Changeset in webkit [199165] by jiewen_tan@apple.com
  • 2 edits in trunk/LayoutTests

Marking storage/indexeddb/modern/autoincrement-abort-private.html as flaky on Macs
https://bugs.webkit.org/show_bug.cgi?id=156351

Unreviewed test gardening.

  • platform/mac/TestExpectations:
11:06 AM Changeset in webkit [199164] by commit-queue@webkit.org
  • 42 edits
    5 deletes in trunk

Unreviewed, rolling out r199128 and r199141.
https://bugs.webkit.org/show_bug.cgi?id=156348

Causes crashes on multiple webpages (Requested by keith_mi_ on
#webkit).

Reverted changesets:

"[ES6] Add support for Symbol.isConcatSpreadable."
https://bugs.webkit.org/show_bug.cgi?id=155351
http://trac.webkit.org/changeset/199128

"Unreviewed, uncomment accidentally commented line in test."
http://trac.webkit.org/changeset/199141

11:03 AM Changeset in webkit [199163] by dbates@webkit.org
  • 5 edits
    8 adds in trunk

CSP: Should only honor CSP policy delivered in meta tag that is a descendent of <head>
https://bugs.webkit.org/show_bug.cgi?id=59858
<rdar://problem/25603538>

Reviewed by Brent Fulgham.

Source/WebCore:

Ignore the Content Security Policy meta tag if it is not a descendent of <head> as per
section HTML meta Element of the Content Security Policy Level 2 spec., <https://w3c.github.io/webappsec-csp/2/>
(Editor's Draft, 29 August 2015).

Tests: http/tests/security/contentSecurityPolicy/meta-tag-ignored-if-not-in-head.html

http/tests/security/contentSecurityPolicy/meta-tag-ignored-if-not-in-head2.html
http/tests/security/contentSecurityPolicy/report-only-meta-tag-ignored-if-not-in-head.html
http/tests/security/contentSecurityPolicy/report-only-meta-tag-ignored-if-not-in-head2.html

  • dom/Document.cpp:

(WebCore::Document::processHttpEquiv): Modified to take a boolean argument whether the http-equiv
meta tag is a descendent of <head> and to parse the value of a Content Security Policy http-equiv
only if the http-equiv meta tag is a descendent of <head>.

  • dom/Document.h: Add parameter isInDocument to processHttpEquiv(). Remove javadoc-style parameters

from processHttpEquiv() comment as we do not document parameters for non-API functions using such style.
Also write the comment for processHttpEquiv() using C++ style comments instead of a C-style comment.

  • html/HTMLMetaElement.cpp:

(WebCore::HTMLMetaElement::process): Pass whether this element is a descendent of <head>. Additionally
update stale comment and move it closer to the code it refers to.

LayoutTests:

Add tests to ensure that we ignore the meta tags for Content-Security-Policy, Content-Security-Policy-Report-Only,
X-WebKit-CSP, and X-WebKit-CSP-Report-Only if it is not a descendent of <head>.

  • http/tests/security/contentSecurityPolicy/meta-tag-ignored-if-not-in-head-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/meta-tag-ignored-if-not-in-head.html: Added.
  • http/tests/security/contentSecurityPolicy/meta-tag-ignored-if-not-in-head2-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/meta-tag-ignored-if-not-in-head2.html: Added.
  • http/tests/security/contentSecurityPolicy/report-only-meta-tag-ignored-if-not-in-head-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/report-only-meta-tag-ignored-if-not-in-head.html: Added.
  • http/tests/security/contentSecurityPolicy/report-only-meta-tag-ignored-if-not-in-head2-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/report-only-meta-tag-ignored-if-not-in-head2.html: Added.
10:59 AM Changeset in webkit [199162] by fpizlo@apple.com
  • 3 edits in trunk/Source/JavaScriptCore

Rationalize the handling of PutById transitions a bit
https://bugs.webkit.org/show_bug.cgi?id=156330

Reviewed by Mark Lam.

  • bytecode/PolymorphicAccess.cpp:

(JSC::AccessCase::generate): Get rid of the specialized slow calls. We can just use the failAndIgnore jump target. We just need to make sure that we don't make observable effects until we're done with all of the fast path checks.

  • bytecode/StructureStubInfo.cpp:

(JSC::StructureStubInfo::addAccessCase): MadeNoChanges indicates that we should keep trying to repatch. Currently PutById transitions might trigger the case that addAccessCase() sees null, if the transition involves an indexing header. Doing repatching in that case is probably not good. But, we should just fix this the right way eventually.

10:40 AM Changeset in webkit [199161] by Brent Fulgham
  • 2 edits in trunk/Source/WebCore

[Win] Output WebCore.pdb to the same location as WebCore.lib
https://bugs.webkit.org/show_bug.cgi?id=156256
<rdar://problem/19416363>

Reviewed by Alex Christensen.

Add a rule to WebCore's CMake generator to tell Visual Studio to output
the PDB file for the WebCore.lib in the same location as the resulting
library, rather than in the build intermediary location).

  • CMakeLists.txt:
10:31 AM Changeset in webkit [199160] by peavo@outlook.com
  • 2 edits in trunk/Source/JavaScriptCore

[Win] Fix for JSC stress test failures.
https://bugs.webkit.org/show_bug.cgi?id=156343

Reviewed by Filip Pizlo.

We need to make it clear to MSVC that the method loadPtr(ImplicitAddress address, RegisterID dest)
should be used, and not loadPtr(const void* address, RegisterID dest).

  • jit/CCallHelpers.cpp:

(JSC::CCallHelpers::setupShadowChickenPacket):

10:12 AM Changeset in webkit [199159] by weinig@apple.com
  • 9 edits in trunk

window.Crypto is missing
<rdar://problem/25584034>
https://bugs.webkit.org/show_bug.cgi?id=156307

Reviewed by Joseph Pecoraro.

Source/WebCore:

Expose the Crypto constructor on the window object.

  • page/Crypto.idl:

LayoutTests:

  • js/dom/global-constructors-attributes-expected.txt:
  • platform/efl/js/dom/global-constructors-attributes-expected.txt:
  • platform/gtk/js/dom/global-constructors-attributes-expected.txt:
  • platform/mac-yosemite/js/dom/global-constructors-attributes-expected.txt:
  • platform/mac/js/dom/global-constructors-attributes-expected.txt:
  • platform/win/js/dom/global-constructors-attributes-expected.txt:

Update for the new Crypto constructor.

9:37 AM Changeset in webkit [199158] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebKit

[CMake][Win] Generating autoversion.h of WebKitGUID is triggered again and again
https://bugs.webkit.org/show_bug.cgi?id=156332

Patch by Fujii Hironori <Hironori.Fujii@jp.sony.com> on 2016-04-07
Reviewed by Brent Fulgham.

  • PlatformWin.cmake:

Correct the output path of autoversion.h.

9:27 AM Changeset in webkit [199157] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

[CMake][Win] WEBKIT_WRAP_SOURCELIST is not applied in WebCore project
https://bugs.webkit.org/show_bug.cgi?id=156336

Patch by Fujii Hironori <Hironori.Fujii@jp.sony.com> on 2016-04-07
Reviewed by Csaba Osztrogonác.

  • CMakeLists.txt: Do WEBKIT_WRAP_SOURCELIST for WebCore_SOURCES.
7:55 AM Changeset in webkit [199156] by Alan Bujtas
  • 3 edits
    2 adds in trunk

REGRESSION (197987): Ingredient lists on smittenkitchen.com are full justified instead of left justified.
https://bugs.webkit.org/show_bug.cgi?id=156326
<rdar://problem/25519393>

Reviewed by Antti Koivisto.

According to the spec (https://drafts.csswg.org/css-text-3/#text-align-property)
unless otherwise specified by text-align-last, the last line before
a forced break or the end of the block is start-aligned.

In this patch we check if a forced break is present and we apply text alignment accordingly.

Test: fast/css3-text/css3-text-justify/text-justify-last-line-simple-line-layout.html

Source/WebCore:

  • rendering/SimpleLineLayout.cpp:

(WebCore::SimpleLineLayout::LineState::lastFragment): Make it optional so that we don't just check against a default fragment.
(WebCore::SimpleLineLayout::createLineRuns):
(WebCore::SimpleLineLayout::justifyRuns): Do not compute first run index on the current line twice.
(WebCore::SimpleLineLayout::textAlignForLine):
(WebCore::SimpleLineLayout::closeLineEndingAndAdjustRuns):

LayoutTests:

  • fast/css3-text/css3-text-justify/text-justify-last-line-simple-line-layout-expected.html: Added.
  • fast/css3-text/css3-text-justify/text-justify-last-line-simple-line-layout.html: Added.
7:22 AM Changeset in webkit [199155] by Antti Koivisto
  • 2 edits in trunk/Source/WebCore

FrameView::qualifiesAsVisuallyNonEmpty() returns false when loading a Google search results page before search results are loaded, even though the header is visible
https://bugs.webkit.org/show_bug.cgi?id=156339
<rdar://problem/24491381>

Reviewed by Andreas Kling.

Jeff's testing indicates lowering the document height threshold improves things visually during page loading.

  • page/FrameView.cpp:

(WebCore::FrameView::qualifiesAsVisuallyNonEmpty):

Lower document height threshold to from 200 to 48 pixels.

3:29 AM Changeset in webkit [199154] by Antti Koivisto
  • 18 edits in trunk

Shadow DOM: Implement display: contents for slots
https://bugs.webkit.org/show_bug.cgi?id=149439
<rdar://problem/22731922>

Reviewed by Ryosuke Niwa.

Source/WebCore:

This patch adds support for value 'contents' of the 'display' property for <slot> elements only. The value is ignored
for other elements for now. With this display value the element does not generate a box for itself but its descendants
generate them normally.

Slots already have implicit "display: contents". With this patch the value comes from the user agent stylesheet and can
be overriden by the author.

  • css/CSSParser.cpp:

(WebCore::isValidKeywordPropertyAndValue):

  • css/CSSPrimitiveValueMappings.h:

(WebCore::CSSPrimitiveValue::CSSPrimitiveValue):

  • css/CSSValueKeywords.in:

Suport parsing display: contents.

  • css/StyleResolver.cpp:

(WebCore::equivalentBlockDisplay):
(WebCore::StyleResolver::adjustRenderStyle):

Disallow for non-slots for now.

  • css/html.css:

(slot):

Add "slot { display: contents }" to the UA sheet.

  • dom/Element.cpp:

(WebCore::Element::resolveStyle):
(WebCore::Element::hasDisplayContents):
(WebCore::Element::setHasDisplayContents):

Add a rare data bit for elements with display:contents (as we don't save the RenderStyle for them).

(WebCore::Element::rendererIsNeeded):

Don't need renderer for display:contents.

(WebCore::Element::createElementRenderer):

  • dom/Element.h:

(WebCore::Element::isVisibleInViewportChanged):

  • dom/ElementAndTextDescendantIterator.h:

(WebCore::ElementAndTextDescendantIterator::operator!):
(WebCore::ElementAndTextDescendantIterator::operator bool):
(WebCore::ElementAndTextDescendantIterator::ElementAndTextDescendantIterator):
(WebCore::ElementAndTextDescendantIterator::operator==):
(WebCore::ElementAndTextDescendantIterator::operator!=):

Support initializing ElementAndTextDescendantIterator with root==current so that m_current is not nulled.
This is needed for ComposedTreeIterator to be initialized correctly when root is a slot and the current node
is a slotted node. The case happens in RenderTreePosition::previousSiblingRenderer when slot display is overriden
to something else than 'contents'.

  • dom/ElementRareData.h:

(WebCore::ElementRareData::hasDisplayContents):
(WebCore::ElementRareData::setHasDisplayContents):
(WebCore::ElementRareData::ElementRareData):

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::createFor):

  • rendering/style/RenderStyleConstants.h:
  • style/RenderTreePosition.cpp:

(WebCore::RenderTreePosition::nextSiblingRenderer):

Test for dynamic display:contents.

  • style/RenderTreeUpdater.cpp:

(WebCore::findRenderingRoot):
(WebCore::RenderTreeUpdater::updateRenderTree):
(WebCore::RenderTreeUpdater::updateElementRenderer):

Test for dynamic display:contents.

  • style/StyleTreeResolver.cpp:

(WebCore::Style::affectsRenderedSubtree):

No need for special case.

(WebCore::Style::TreeResolver::resolveComposedTree):

Test for dynamic display:contents.

LayoutTests:

  • platform/mac/TestExpectations:

Enable fast/shadow-dom/css-scoping-shadow-slot-display-override.html, the test for overriding slot display value.

3:23 AM Changeset in webkit [199153] by svillar@igalia.com
  • 3 edits
    2 adds in trunk

[css-grid] Content box incorrectly used as non-auto min-height
https://bugs.webkit.org/show_bug.cgi?id=155946

Reviewed by Antti Koivisto.

Source/WebCore:

When computing the minimum height value of grid items with
non-auto min-height we used to return the size of the content
box meaning that borders and paddings were incorrectly
ignored.

Note that we're also ignoring margins, but as that is a
problem also for widths it'll be fixed in a follow up patch.

Test: fast/css-grid-layout/min-height-border-box.html

  • rendering/RenderGrid.cpp:

(WebCore::RenderGrid::minSizeForChild):

LayoutTests:

  • fast/css-grid-layout/min-height-border-box-expected.txt: Added.
  • fast/css-grid-layout/min-height-border-box.html: Added.
3:21 AM Changeset in webkit [199152] by Antti Koivisto
  • 18 edits in trunk

Reverting previous due to bad LayoutTest ChangeLog.
LayoutTests:

  • platform/mac/TestExpectations:
3:11 AM Changeset in webkit [199151] by Antti Koivisto
  • 18 edits in trunk

Source/WebCore:
Shadow DOM: Implement display: contents for slots
https://bugs.webkit.org/show_bug.cgi?id=149439
<rdar://problem/22731922>

Reviewed by Ryosuke Niwa.

This patch adds support for value 'contents' of the 'display' property for <slot> elements only. The value is ignored
for other elements for now. With this display value the element does not generate a box for itself but its descendants
generate them normally.

Slots already have implicit "display: contents". With this patch the value comes from the user agent stylesheet and can
be overriden by the author.

  • css/CSSParser.cpp:

(WebCore::isValidKeywordPropertyAndValue):

  • css/CSSPrimitiveValueMappings.h:

(WebCore::CSSPrimitiveValue::CSSPrimitiveValue):

  • css/CSSValueKeywords.in:

Suport parsing display: contents.

  • css/StyleResolver.cpp:

(WebCore::equivalentBlockDisplay):
(WebCore::StyleResolver::adjustRenderStyle):

Disallow for non-slots for now.

  • css/html.css:

(slot):

Add "slot { display: contents }" to the UA sheet.

  • dom/Element.cpp:

(WebCore::Element::resolveStyle):
(WebCore::Element::hasDisplayContents):
(WebCore::Element::setHasDisplayContents):

Add a rare data bit for elements with display:contents (as we don't save the RenderStyle for them).

(WebCore::Element::rendererIsNeeded):

Don't need renderer for display:contents.

(WebCore::Element::createElementRenderer):

  • dom/Element.h:

(WebCore::Element::isVisibleInViewportChanged):

  • dom/ElementAndTextDescendantIterator.h:

(WebCore::ElementAndTextDescendantIterator::operator!):
(WebCore::ElementAndTextDescendantIterator::operator bool):
(WebCore::ElementAndTextDescendantIterator::ElementAndTextDescendantIterator):
(WebCore::ElementAndTextDescendantIterator::operator==):
(WebCore::ElementAndTextDescendantIterator::operator!=):

Support initializing ElementAndTextDescendantIterator with root==current so that m_current is not nulled.
This is needed for ComposedTreeIterator to be initialized correctly when root is a slot and the current node
is a slotted node. The case happens in RenderTreePosition::previousSiblingRenderer when slot display is overriden
to something else than 'contents'.

  • dom/ElementRareData.h:

(WebCore::ElementRareData::hasDisplayContents):
(WebCore::ElementRareData::setHasDisplayContents):
(WebCore::ElementRareData::ElementRareData):

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::createFor):

  • rendering/style/RenderStyleConstants.h:
  • style/RenderTreePosition.cpp:

(WebCore::RenderTreePosition::nextSiblingRenderer):

Test for dynamic display:contents.

  • style/RenderTreeUpdater.cpp:

(WebCore::findRenderingRoot):
(WebCore::RenderTreeUpdater::updateRenderTree):
(WebCore::RenderTreeUpdater::updateElementRenderer):

Test for dynamic display:contents.

  • style/StyleTreeResolver.cpp:

(WebCore::Style::affectsRenderedSubtree):

No need for special case.

(WebCore::Style::TreeResolver::resolveComposedTree):

Test for dynamic display:contents.

LayoutTests:
REGRESSION (r188591): thingiverse.com direct messaging UI is not rendered properly
https://bugs.webkit.org/show_bug.cgi?id=156241
<rdar://problem/25262213>

Patch by Myles C. Maxfield <mmaxfield@apple.com> on 2016-04-06
Reviewed by Simon Fraser.

  • fast/text/zero-sized-fonts-expected.txt: Added.
  • fast/text/zero-sized-fonts.html: Added.
12:45 AM MathML/Early_2016_Refactoring edited by fred.wang@free.fr
(diff)

Apr 6, 2016:

10:19 PM Changeset in webkit [199150] by mmaxfield@apple.com
  • 3 edits
    2 adds in trunk

REGRESSION (r188591): thingiverse.com direct messaging UI is not rendered properly
https://bugs.webkit.org/show_bug.cgi?id=156241
<rdar://problem/25262213>

Reviewed by Simon Fraser.

Source/WebCore:

When creating a CoreText font with a size of 0, the CoreText docs say that it will
interpret this as a missing argument, and create a font of size 12 instead. However,
this doesn't cause a problem (at least on this particular website) because we will
use CGFontGetGlyphAdvancesForStyle(), which gets scaled by the supplied font
size (which is 0). However, if you turn on text-rendering: optimizeLegibility, we
will use CTFontGetAdvancesForGlyphs() instead, which does not scale by the font size.
The solution is to detect this case, and force the advance to 0.

Test: fast/text/zero-sized-fonts.html

  • platform/graphics/cocoa/FontCocoa.mm:

(WebCore::Font::platformWidthForGlyph):

LayoutTests:

  • fast/text/zero-sized-fonts-expected.txt: Added.
  • fast/text/zero-sized-fonts.html: Added.
9:59 PM Changeset in webkit [199149] by mmaxfield@apple.com
  • 7 edits in trunk/Source/WebCore

Rename MidpointState to WhitespaceCollapsingState
https://bugs.webkit.org/show_bug.cgi?id=156304

Reviewed by David Hyatt.

MidpointState has nothing to do with midpoints.

An individual midpoint is now known as a "whitespace collapsing transition."

No new tests because there is no behavior change.

  • platform/text/BidiResolver.h:

(WebCore::WhitespaceCollapsingState::reset): (See addMidpoint() below.)
Previously, we were using operator= to destroy old Iterators when their
storage inside the Vector was reused. Now that we are elliminating
m_numMidpoints, we can push destruction earlier to this reset() function.
Because the same amount of destruction happens in both cases, this doesn't
add additional work. (Vector can destroy its contents without shrinking
its storage overcommitment.)
(WebCore::WhitespaceCollapsingState::startIgnoringSpaces):
(WebCore::WhitespaceCollapsingState::stopIgnoringSpaces):
(WebCore::WhitespaceCollapsingState::ensureLineBoxInsideIgnoredSpaces):
(WebCore::WhitespaceCollapsingState::decrementTransitionAt):
(WebCore::WhitespaceCollapsingState::thresholds): Make the return value
const. The only clients of this function which needed mutation were
migrated to using decrementTransitionAt().
(WebCore::WhitespaceCollapsingState::numTransitions):
(WebCore::WhitespaceCollapsingState::currentTransition):
(WebCore::WhitespaceCollapsingState::setCurrentTransition):
(WebCore::WhitespaceCollapsingState::incrementCurrentTransition):
(WebCore::WhitespaceCollapsingState::decrementNumTransitions):
(WebCore::WhitespaceCollapsingState::betweenTransitions):
(WebCore::BidiResolverBase::whitespaceCollapsingState):
(WebCore::Subclass>::setWhitespaceCollapsingTransitionForIsolatedRun):
(WebCore::Subclass>::whitespaceCollapsingTransitionForIsolatedRun):
(WebCore::MidpointState::MidpointState): Deleted.
(WebCore::MidpointState::reset): Deleted.
(WebCore::MidpointState::startIgnoringSpaces): Deleted.
(WebCore::MidpointState::stopIgnoringSpaces): Deleted.
(WebCore::MidpointState::ensureLineBoxInsideIgnoredSpaces): Deleted.
(WebCore::MidpointState::midpoints): Deleted.
(WebCore::MidpointState::numMidpoints): Deleted.
(WebCore::MidpointState::currentMidpoint): Deleted.
(WebCore::MidpointState::setCurrentMidpoint): Deleted.
(WebCore::MidpointState::incrementCurrentMidpoint): Deleted.
(WebCore::MidpointState::decrementNumMidpoints): Deleted.
(WebCore::MidpointState::betweenMidpoints): Deleted.
(WebCore::MidpointState::addMidpoint): Deleted. This code has been around for 13
years (since r3672) where it was using QMemArray. That class doesn't have an
append() class, so it was implemented inside this function. Luckily, Vector
already overcommits its allocation, so we can elliminate m_numMidpoints entirely.
(WebCore::BidiResolverBase::midpointState): Deleted.
(WebCore::Subclass>::setMidpointForIsolatedRun): Deleted.
(WebCore::Subclass>::midpointForIsolatedRun): Deleted.

  • rendering/InlineIterator.h:

(WebCore::addPlaceholderRunForIsolatedInline):

  • rendering/RenderBlockLineLayout.cpp:

(WebCore::RenderBlockFlow::appendRunsForObject):
(WebCore::setUpResolverToResumeInIsolate):
(WebCore::constructBidiRunsForSegment):
(WebCore::RenderBlockFlow::layoutRunsAndFloatsInRange):

  • rendering/line/BreakingContext.h:

(WebCore::BreakingContext::BreakingContext):
(WebCore::BreakingContext::handleBR):
(WebCore::BreakingContext::handleOutOfFlowPositioned):
(WebCore::shouldSkipWhitespaceAfterStartObject):
(WebCore::BreakingContext::handleEmptyInline):
(WebCore::BreakingContext::handleReplaced):
(WebCore::ensureCharacterGetsLineBox):
(WebCore::BreakingContext::handleText):
(WebCore::checkWhitespaceCollapsingTransitions):
(WebCore::BreakingContext::handleEndOfLine):
(WebCore::checkMidpoints): Deleted.

  • rendering/line/TrailingObjects.cpp:

(WebCore::TrailingObjects::updateWhitespaceCollapsingTransitionsForTrailingBoxes):
(WebCore::TrailingObjects::updateMidpointsForTrailingBoxes): Deleted.

  • rendering/line/TrailingObjects.h:

(WebCore::TrailingObjects::appendBoxIfNeeded):

9:33 PM Changeset in webkit [199148] by commit-queue@webkit.org
  • 3 edits in trunk/Source/JavaScriptCore

[JSC] UInt32ToNumber should be NodeMustGenerate
https://bugs.webkit.org/show_bug.cgi?id=156329

Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-04-06
Reviewed by Filip Pizlo.

It exits on negative numbers on the integer path.

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

  • dfg/DFGNodeType.h:
9:11 PM Changeset in webkit [199147] by ChangSeok Oh
  • 2 edits in trunk/Tools

Unreviewed, Update my primary email address and expertise.

  • Scripts/webkitpy/common/config/contributors.json:
8:57 PM Changeset in webkit [199146] by jonlee@apple.com
  • 3 edits in trunk/Tools

Update the Animometer patch and plan files
https://bugs.webkit.org/show_bug.cgi?id=156263

Reviewed by Ryosuke Niwa.

Measure the latest set of tests by updating the plan revision to r199134.

  • Scripts/webkitpy/benchmark_runner/data/patches/Animometer.patch: Update to run the master suite only.
  • Scripts/webkitpy/benchmark_runner/data/plans/animometer.plan: Update to use the release page instead

of the developer page.

8:33 PM Changeset in webkit [199145] by ggaren@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

2016-04-04 Geoffrey Garen <ggaren@apple.com>

Unreviewed, rolling out r199016.
https://bugs.webkit.org/show_bug.cgi?id=156140

"Perf bots are down, so I can't re-land this right now."

Reverted changeset:

CopiedBlock should be 16kB
https://bugs.webkit.org/show_bug.cgi?id=156168
http://trac.webkit.org/changeset/199016

8:17 PM Changeset in webkit [199144] by mark.lam@apple.com
  • 6 edits in trunk/Source/JavaScriptCore

String.prototype.match() should be calling internal function RegExpCreate.
https://bugs.webkit.org/show_bug.cgi?id=156318

Reviewed by Filip Pizlo.

RegExpCreate is not the same as the RegExp constructor. The current implementation
invokes new @RegExp which calls the constructor. This results in failures in
es6/Proxy_internal_get_calls_String.prototype.match.js, and
es6/Proxy_internal_get_calls_String.prototype.search.js due to observable side
effects.

This patch fixes this by factoring out the part of the RegExp constructor that
makes the RegExpCreate function, and changing String's match and search to call
RegExpCreate instead in accordance with the ES6 spec.

  • builtins/StringPrototype.js:

(match):
(search):

  • runtime/CommonIdentifiers.h:
  • runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::init):

  • runtime/RegExpConstructor.cpp:

(JSC::toFlags):
(JSC::regExpCreate):
(JSC::constructRegExp):
(JSC::esSpecRegExpCreate):
(JSC::constructWithRegExpConstructor):

  • runtime/RegExpConstructor.h:

(JSC::isRegExp):

8:06 PM WebKitGTK/2.10.x edited by jdiggs@igalia.com
Create 2.10.10 section and add accessibility crasher bug (diff)
8:03 PM WebKitGTK/2.12.x edited by jdiggs@igalia.com
(diff)
7:09 PM Changeset in webkit [199143] by Matt Baker
  • 8 edits
    5 adds in trunk

Web Inspector: Improve filtering in OpenResourceDialog
https://bugs.webkit.org/show_bug.cgi?id=155324
<rdar://problem/25094504>

Source/WebInspectorUI:

Reviewed by Joseph Pecoraro and Timothy Hatcher.

  • UserInterface/Base/Utilities.js:

(value):
Added String methods isLowerCase, isUpperCase, removeWhitespace.

  • UserInterface/Controllers/ResourceQueryController.js: Added.

(WebInspector.ResourceQueryController):
(WebInspector.ResourceQueryController.prototype.addResource):
(WebInspector.ResourceQueryController.prototype.removeResource):
Add and remove the resources to be queried.

(WebInspector.ResourceQueryController.prototype.reset):
Reset controller state. Current just clears resources.

(WebInspector.ResourceQueryController.prototype.executeQuery):
Executes a query against the list of resources and returns a list of
QueryResult objects, with at most one result per resource, ordered by
descending rank.

The query string is stripped of whitespace characters and lowercased
before use. Prior to running the query, resources undergo a one-time
pre-processing step to locate special characters.

(WebInspector.ResourceQueryController.prototype._findQueryMatches.pushMatch):
(WebInspector.ResourceQueryController.prototype._findQueryMatches.matchNextSpecialCharacter):
(WebInspector.ResourceQueryController.prototype._findQueryMatches.backtrack):
(WebInspector.ResourceQueryController.prototype._findQueryMatches):
Returns a list of query matches for a single resource, along with metadata
which is used to rank the matches. The algorithm attempts to match the
entire query, first comparing each query character against "special" characters
in the resource (commonly used filename separators, the first character,
and camel-case word boundaries).

If there are remaining query characters after exhausting special characters,
regular characters are matched starting from the last matched special
character. Failing that, the algorithm attempts to find a match by backtracking.
To backtrack, the last match is discarded and the query position decremented.
If a special match is now the last match, matching starts again from the
next character in the filename after the match. If a normal match is now
the last match, keep discarding until a special match is found or no matches
remain. The query fails if no matches remain. For example, consider:

Query: "abcd"
Filename: "AxBcdCx"

The capital A, B, and C are all special characters, and are successfully
matched with the first three query characters. Having exhausted the special
characters the "d" at the end of the query is compared with the "x" at
the end of the filename, and fails to match. Backtracking then kicks in.
The last match, "C", is discarded and the search position in the query
decremented. The search resumes after the next to last match, "B", and now
matches the non-special characters "cd", yielding the following: "A Bcd ".

(WebInspector.ResourceQueryController.prototype._findSpecialCharacterIndices):
Pre-processing step for resources. Locates the positions of special
characters in the resource filename. Special characters are defined as:

  1. The first character
  2. Common filename separators, and the character immediately following.
  3. A capital letter that follows a lowercase character.
  • UserInterface/Models/ResourceQueryMatch.js: Added.

Helper class used internally by the controller and QueryResult classes.
(WebInspector.ResourceQueryMatch):
(WebInspector.ResourceQueryMatch.prototype.get type):
(WebInspector.ResourceQueryMatch.prototype.get index):
(WebInspector.ResourceQueryMatch.prototype.get queryIndex):

  • UserInterface/Models/ResourceQueryResult.js: Added.

Holds a resource that matched the executed query.
(WebInspector.ResourceQueryResult):
(WebInspector.ResourceQueryResult.prototype.get resource):
(WebInspector.ResourceQueryResult.prototype.get rank):
Ranking relative to other results returned by the query. Used by
the ResourceQueryController to sort results.

(WebInspector.ResourceQueryResult.prototype.get matchingTextRanges):
Get TextRanges for matching substrings in the resource display name.

(WebInspector.ResourceQueryResult.prototype._calculateRank):
Calculate the rank of the result. Matches are scored based on the type
of match (Special vs. Normal), the location of the match within the filename
(matches closer to the beginning are scored higher), and whether the match
is adjacent to the previous match.

Values assigned to each ranking criteria are somewhat arbitrary, and may
be fine-tuned over time to produce better results.

(WebInspector.ResourceQueryResult.prototype._createMatchingTextRanges):
(WebInspector.ResourceQueryResult.prototype.test_createMatchesMask):
Test API for visualizing matches. For a result returned from the query
"abce", run against a filename "abcde", the mask is "a c e".

  • UserInterface/Main.html:
  • UserInterface/Test.html:

New files.

  • UserInterface/Views/Dialog.js:

(WebInspector.Dialog.prototype.dismiss):
(WebInspector.Dialog.prototype.didDismissDialog):
Add hook for subclasses to perform actions after on dialog dismissal.

  • UserInterface/Views/OpenResourceDialog.js:

(WebInspector.OpenResourceDialog):
(WebInspector.OpenResourceDialog.prototype._populateResourceTreeOutline.createHighlightedTitleFragment):
(WebInspector.OpenResourceDialog.prototype._populateResourceTreeOutline):
Add tree elements for each QueryResult returned by the last query, creating
titles with contiguous matching query characters wrapped in highlight spans.

(WebInspector.OpenResourceDialog.prototype.didDismissDialog):
Clear resources from the ResourceQueryController.
(WebInspector.OpenResourceDialog.prototype.didPresentDialog):
Add resources to the ResourceQueryController.
(WebInspector.OpenResourceDialog.prototype._updateFilter):
Execute the filter text as a resource query.

  • UserInterface/Views/TreeOutline.css:

(.tree-outline.large .item .titles): Deleted.
Line height too small, hid the bottom border of highlighted matches in
tree element title spans. Removing the style had no negative visual impact
on the Quick Open or Timelines tree outlines (the only "large" trees).

LayoutTests:

Reviewed by Joseph Pecoraro.

Add test coverage for ResourceQueryController.

  • inspector/unit-tests/resource-query-controller-expected.txt: Added.
  • inspector/unit-tests/resource-query-controller.html: Added.
7:07 PM Changeset in webkit [199142] by Gyuyoung Kim
  • 2 edits in trunk/Source/WebCore

Remove duplicated parsePortFromStringPosition()
https://bugs.webkit.org/show_bug.cgi?id=156289

Reviewed by Simon Fraser.

Same parsePortFromStringPosition() functions have been defined in both URLUtils.h and HTMLAnchorElement.cpp.
Remove duplicated one in HTMLAnchorElement.cpp.

No new tests, no behavior change.

  • html/HTMLAnchorElement.cpp:

(WebCore::parsePortFromStringPosition): Deleted.

7:05 PM Changeset in webkit [199141] by keith_miller@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Unreviewed, uncomment accidentally commented line in test.

  • tests/stress/array-concat-spread-object.js:
7:02 PM Changeset in webkit [199140] by fpizlo@apple.com
  • 9 edits
    2 adds in trunk/Source

JSC should have a simple way of gathering IC statistics
https://bugs.webkit.org/show_bug.cgi?id=156317

Reviewed by Benjamin Poulain.
Source/JavaScriptCore:

This adds a cheap, runtime-enabled way of gathering statistics about why we take the slow
paths for inline caches. This is complementary to our existing bytecode profiler. Eventually
we may want to combine the two things.

This is not a slow-down on anything because we only do extra work on IC slow paths and if
it's disabled it's just a load-and-branch to skip the stats gathering code.

  • CMakeLists.txt:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • jit/ICStats.cpp: Added.
  • jit/ICStats.h: Added.
  • jit/JITOperations.cpp:
  • runtime/JSCJSValue.h:
  • runtime/JSCJSValueInlines.h:

(JSC::JSValue::inherits):
(JSC::JSValue::classInfoOrNull):
(JSC::JSValue::toThis):

  • runtime/Options.h:

Source/WTF:


Make it easier to do relative sleeping on a condition. Previously you could do this using
std::chrono. I now believe that std::chrono is just a bad decision, and I always want to
use doubles instead. This makes it easier to do the right thing and use doubles.

  • wtf/Condition.h:

(WTF::ConditionBase::waitUntilMonotonicClockSeconds):
(WTF::ConditionBase::waitForSeconds):

6:59 PM Changeset in webkit [199139] by bshafiei@apple.com
  • 2 edits in tags/Safari-602.1.27/Source/WTF

Merged r199133. rdar://problem/25587476

6:58 PM Changeset in webkit [199138] by bshafiei@apple.com
  • 6 edits in tags/Safari-602.1.27/Source

Merged r199130. rdar://problem/25587476

6:56 PM Changeset in webkit [199137] by bshafiei@apple.com
  • 5 edits in trunk/Source

Versioning.

6:54 PM Changeset in webkit [199136] by bshafiei@apple.com
  • 1 copy in tags/Safari-602.1.27

New tag.

6:50 PM Changeset in webkit [199135] by sbarati@apple.com
  • 4 edits in trunk

jsc-layout-tests.yaml/js/script-tests/regress-141098.js failing on Yosemite Debug after r198989
https://bugs.webkit.org/show_bug.cgi?id=156187

Reviewed by Keith Miller.

Tools:

  • Scripts/run-jsc-stress-tests:

LayoutTests:

  • js/script-tests/regress-141098.js:
6:47 PM Changeset in webkit [199134] by jonlee@apple.com
  • 4 edits
    2 moves
    2 adds in trunk/PerformanceTests

Update master benchmark with SVG test
https://bugs.webkit.org/show_bug.cgi?id=156273

Reviewed by Dean Jackson.
Provisionally reviewed by Said Abou-Hallawa.

Switch masks tests for SVG path test.

  • Animometer/resources/debug-runner/tests.js: Move mask test here.
  • Animometer/resources/runner/tests.js: Add SVG test here.
  • Animometer/tests/dom/particles.html: Renamed from PerformanceTests/Animometer/tests/master/particles.html.
  • Animometer/tests/dom/resources/dom-particles.js: Renamed from PerformanceTests/Animometer/tests/master/resources/dom-particles.js.
  • Animometer/tests/master/resources/particles.js: Add minPosition for bounds checking. Prevents particle from being

partially obscured.

  • Animometer/tests/master/resources/svg-particles.js: Added.

(Particle): The particle is either a path object or a rect using a path as a clip. The
same path is used either way. For each particle create a linear gradient with a random
rotation.
(SVGParticlesStage): Look in #shapes to see how many different kinds of paths are available.
This makes the test more generic in case other shapes need to be tested.

  • Animometer/tests/master/svg-particles.html: Added. Have two defs, one that houses each

particle's gradient, and one that holds the shape templates.

6:46 PM Changeset in webkit [199133] by Simon Fraser
  • 2 edits in trunk/Source/WTF

Fix Windows build by converting clampToInteger() into a template that only
takes integral types.

  • wtf/MathExtras.h:

(clampToInteger):

6:45 PM WebKitGTK/Gardening/Calendar edited by Michael Catanzaro
(diff)
6:44 PM Changeset in webkit [199132] by fpizlo@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

32-bit JSC stress/multi-put-by-offset-multiple-transitions.js failing
https://bugs.webkit.org/show_bug.cgi?id=156292

Reviewed by Benjamin Poulain.

Make sure that we stash the callsite index before calling operationReallocateStorageAndFinishPut.

  • bytecode/PolymorphicAccess.cpp:

(JSC::AccessCase::generate):

6:42 PM Changeset in webkit [199131] by Michael Catanzaro
  • 91 edits
    2 adds in trunk/LayoutTests

[GTK] Belatedly rebaseline several test expectations after r196244

Unreviewed

  • platform/gtk/css3/unicode-bidi-isolate-basic-expected.txt:
  • platform/gtk/fast/block/positioning/auto/vertical-rl/007-expected.txt:
  • platform/gtk/fast/block/positioning/vertical-rl/fixed-positioning-expected.txt:
  • platform/gtk/fast/borders/border-antialiasing-expected.txt:
  • platform/gtk/fast/clip/001-expected.txt:
  • platform/gtk/fast/clip/013-expected.txt:
  • platform/gtk/fast/clip/014-expected.txt:
  • platform/gtk/fast/clip/016-expected.txt:
  • platform/gtk/fast/clip/outline-overflowClip-expected.txt:
  • platform/gtk/fast/css/clip-zooming-expected.txt:
  • platform/gtk/fast/forms/validation-message-appearance-expected.txt:
  • platform/gtk/fast/line-grid/line-grid-inside-columns-expected.txt:
  • platform/gtk/fast/line-grid/line-grid-into-columns-expected.txt:
  • platform/gtk/fast/lists/scrolled-marker-paint-expected.txt:
  • platform/gtk/fast/multicol/client-rects-expected.txt:
  • platform/gtk/fast/multicol/column-break-with-balancing-expected.txt:
  • platform/gtk/fast/multicol/column-rules-expected.txt:
  • platform/gtk/fast/multicol/column-rules-stacking-expected.txt:
  • platform/gtk/fast/multicol/columns-shorthand-parsing-expected.txt:
  • platform/gtk/fast/multicol/float-paginate-complex-expected.txt:
  • platform/gtk/fast/multicol/float-paginate-empty-lines-expected.txt:
  • platform/gtk/fast/multicol/float-paginate-expected.txt:
  • platform/gtk/fast/multicol/layers-in-multicol-expected.txt:
  • platform/gtk/fast/multicol/layers-split-across-columns-expected.txt:
  • platform/gtk/fast/multicol/max-height-columns-block-expected.txt:
  • platform/gtk/fast/multicol/nested-columns-expected.txt:
  • platform/gtk/fast/multicol/newmulticol/client-rects-expected.txt:
  • platform/gtk/fast/multicol/overflow-across-columns-expected.txt:
  • platform/gtk/fast/multicol/overflow-across-columns-percent-height-expected.txt:
  • platform/gtk/fast/multicol/overflow-unsplittable-expected.txt:
  • platform/gtk/fast/multicol/paginate-block-replaced-expected.txt:
  • platform/gtk/fast/multicol/pagination/BottomToTop-bt-expected.txt:
  • platform/gtk/fast/multicol/pagination/BottomToTop-lr-expected.txt:
  • platform/gtk/fast/multicol/pagination/BottomToTop-rl-expected.txt:
  • platform/gtk/fast/multicol/pagination/BottomToTop-tb-expected.txt:
  • platform/gtk/fast/multicol/pagination/LeftToRight-bt-expected.txt:
  • platform/gtk/fast/multicol/pagination/LeftToRight-rl-expected.txt:
  • platform/gtk/fast/multicol/pagination/LeftToRight-tb-expected.txt:
  • platform/gtk/fast/multicol/pagination/RightToLeft-bt-expected.txt:
  • platform/gtk/fast/multicol/pagination/RightToLeft-lr-expected.txt:
  • platform/gtk/fast/multicol/pagination/RightToLeft-rl-dynamic-expected.txt:
  • platform/gtk/fast/multicol/pagination/RightToLeft-rl-expected.txt:
  • platform/gtk/fast/multicol/pagination/RightToLeft-tb-expected.txt:
  • platform/gtk/fast/multicol/pagination/TopToBottom-bt-expected.txt:
  • platform/gtk/fast/multicol/pagination/TopToBottom-lr-expected.txt:
  • platform/gtk/fast/multicol/pagination/TopToBottom-rl-expected.txt:
  • platform/gtk/fast/multicol/positive-leading-expected.txt:
  • platform/gtk/fast/multicol/scrolling-column-rules-expected.txt:
  • platform/gtk/fast/multicol/span/anonymous-style-inheritance-expected.txt:
  • platform/gtk/fast/multicol/span/span-as-immediate-child-complex-splitting-expected.txt:
  • platform/gtk/fast/multicol/span/span-as-immediate-child-property-removal-expected.txt:
  • platform/gtk/fast/multicol/span/span-as-immediate-columns-child-removal-expected.txt:
  • platform/gtk/fast/multicol/span/span-as-nested-columns-child-dynamic-expected.txt:
  • platform/gtk/fast/multicol/span/span-as-nested-columns-child-expected.txt:
  • platform/gtk/fast/multicol/span/span-margin-collapsing-expected.txt:
  • platform/gtk/fast/multicol/table-vertical-align-expected.txt:
  • platform/gtk/fast/multicol/tall-image-behavior-expected.txt:
  • platform/gtk/fast/multicol/vertical-lr/column-break-with-balancing-expected.txt:
  • platform/gtk/fast/multicol/vertical-lr/column-rules-expected.txt:
  • platform/gtk/fast/multicol/vertical-lr/float-multicol-expected.txt:
  • platform/gtk/fast/multicol/vertical-lr/float-paginate-complex-expected.txt:
  • platform/gtk/fast/multicol/vertical-lr/float-paginate-expected.txt:
  • platform/gtk/fast/multicol/vertical-lr/nested-columns-expected.txt:
  • platform/gtk/fast/multicol/vertical-rl/column-break-with-balancing-expected.txt:
  • platform/gtk/fast/multicol/vertical-rl/column-rules-expected.txt:
  • platform/gtk/fast/multicol/vertical-rl/float-multicol-expected.txt:
  • platform/gtk/fast/multicol/vertical-rl/float-paginate-complex-expected.txt:
  • platform/gtk/fast/multicol/vertical-rl/float-paginate-expected.txt:
  • platform/gtk/fast/multicol/vertical-rl/nested-columns-expected.txt:
  • platform/gtk/fast/overflow/clip-rects-fixed-ancestor-expected.txt:
  • platform/gtk/fast/overflow/float-in-relpositioned-expected.txt:
  • platform/gtk/fast/overflow/overflow-auto-position-absolute-expected.txt:
  • platform/gtk/fast/overflow/overflow-rtl-expected.txt:
  • platform/gtk/fast/overflow/paged-x-div-expected.txt:
  • platform/gtk/fast/overflow/paged-x-div-with-column-gap-expected.txt:
  • platform/gtk/fast/overflow/paged-x-on-root-expected.txt:
  • platform/gtk/fast/overflow/paged-x-with-column-gap-expected.txt:
  • platform/gtk/fast/overflow/paged-y-div-expected.txt:
  • platform/gtk/fast/overflow/scroll-nested-positioned-layer-in-overflow-expected.txt:
  • platform/gtk/fast/regions/repaint/region-painting-via-layout-expected.txt:
  • platform/gtk/fast/repaint/box-shadow-h-expected.txt:
  • platform/gtk/fast/repaint/box-shadow-v-expected.txt:
  • platform/gtk/fast/repaint/layer-outline-expected.txt:
  • platform/gtk/fast/repaint/layer-outline-horizontal-expected.txt:
  • platform/gtk/fast/table/edge-offsets-expected.txt:
  • platform/gtk/fast/transforms/overflow-with-transform-expected.txt:
  • platform/gtk/fast/transforms/rotated-transform-affects-scrolling-1-expected.txt: Added.
  • platform/gtk/fast/transforms/rotated-transform-affects-scrolling-2-expected.txt: Added.
  • platform/gtk/printing/single-line-must-not-be-split-into-two-pages-expected.txt:
  • platform/gtk/scrollbars/scrollbars-on-positioned-content-expected.txt:
  • platform/gtk/svg/custom/getscreenctm-in-scrollable-div-area-nested-expected.txt:
  • platform/gtk/svg/custom/image-rescale-clip-expected.txt:
6:20 PM Changeset in webkit [199130] by Simon Fraser
  • 6 edits in trunk/Source

Page tiles are missing when graphics acceleration is unavailable
https://bugs.webkit.org/show_bug.cgi?id=156325
Source/WebCore:

rdar://problem/25587476

Reviewed by Tim Horton.

When graphics acceleration is unavailable on Mac (e.g. in a VM or when running from
the recovery partition), page contents were missing. This is because
IOSurfaceGetPropertyMaximum(kIOSurfaceWidth) and IOSurfaceGetPropertyMaximum(kIOSurfaceHeight)
returned INT_MAX, causing us to compute a tile size of 0x0.

Fix by changing IOSurface::maximumSize() to report a value between 1K x 1K and 32K x 32K.

Rename kGiantTileSize to better describe its purpose.

Add correct clamping in IOSurface::maximumSize().

  • platform/graphics/ca/TileController.cpp:

(WebCore::TileController::tileSize):

  • platform/graphics/ca/TileController.h:
  • platform/graphics/cocoa/IOSurface.mm:

(IOSurface::maximumSize):

Source/WTF:

Reviewed by Tim Horton.

Add clampToInteger(size_t).

  • wtf/MathExtras.h:

(clampToInteger):

6:11 PM Changeset in webkit [199129] by fpizlo@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

JSC test stress/arrowfunction-lexical-bind-superproperty.js failing
https://bugs.webkit.org/show_bug.cgi?id=156309

Reviewed by Saam Barati.

Just be honest about the fact that the ArgumentCount and Callee parts of inline callframe runtime
meta-data can be read at any time.

We only have to say this for the inline callframe forms of ArgumentCount and Callee because we don't
sink any part of the machine prologue. This change just prevents us from sinking the pseudoprologue
of inlined varargs or closure calls.

Shockingly, this is not a regression on anything.

  • dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

5:50 PM Changeset in webkit [199128] by keith_miller@apple.com
  • 42 edits
    5 adds in trunk

[ES6] Add support for Symbol.isConcatSpreadable.
https://bugs.webkit.org/show_bug.cgi?id=155351

Reviewed by Saam Barati.

Source/JavaScriptCore:

This patch adds support for Symbol.isConcatSpreadable. In order to do so it was necessary to move the
Array.prototype.concat function to JS. A number of different optimizations were needed to make such the move to
a builtin performant. First, four new DFG intrinsics were added.

1) IsArrayObject (I would have called it IsArray but we use the same name for an IndexingType): an intrinsic of

the Array.isArray function.

2) IsJSArray: checks the first child is a JSArray object.
3) IsArrayConstructor: checks the first child is an instance of ArrayConstructor.
4) CallObjectConstructor: an intrinsic of the Object constructor.

IsActualObject, IsJSArray, and CallObjectConstructor can all be converted into constants in the abstract interpreter if
we are able to prove that the first child is an Array or for ToObject an Object.

In order to further improve the perfomance we also now cover more indexing types in our fast path memcpy
code. Before we would only memcpy Arrays if they had the same indexing type and did not have Array storage and
were not undecided. Now the memcpy code covers the following additional two cases: One array is undecided and
the other is a non-array storage and the case where one array is Int32 and the other is contiguous (we map this
into a contiguous array).

This patch also adds a new fast path for concat with more than one array argument by using memcpy to append
values onto the result array. This works roughly the same as the two array fast path using the same methodology
to decide if we can memcpy the other butterfly into the result butterfly.

Two new debugging tools are also added to the jsc cli. One is a version of the print function with a private
name so it can be used for debugging builtins. The other is dumpDataLog, which takes a JSValue and runs our
dataLog function on it.

Finally, this patch add a new constructor to JSValueRegsTemporary that allows it to reuse the the registers of a
JSValueOperand if the operand's use count is one.

  • JavaScriptCore.xcodeproj/project.pbxproj:
  • builtins/ArrayPrototype.js:

(concatSlowPath):
(concat):

  • bytecode/BytecodeIntrinsicRegistry.cpp:

(JSC::BytecodeIntrinsicRegistry::BytecodeIntrinsicRegistry):

  • bytecode/BytecodeIntrinsicRegistry.h:
  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::handleIntrinsicCall):
(JSC::DFG::ByteCodeParser::handleConstantInternalFunction):

  • dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

  • dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

  • dfg/DFGNodeType.h:
  • dfg/DFGOperations.cpp:
  • dfg/DFGOperations.h:
  • dfg/DFGPredictionPropagationPhase.cpp:

(JSC::DFG::PredictionPropagationPhase::propagate):

  • dfg/DFGSafeToExecute.h:

(JSC::DFG::safeToExecute):

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileCurrentBlock):
(JSC::DFG::SpeculativeJIT::compileIsJSArray):
(JSC::DFG::SpeculativeJIT::compileIsArrayObject):
(JSC::DFG::SpeculativeJIT::compileIsArrayConstructor):
(JSC::DFG::SpeculativeJIT::compileCallObjectConstructor):

  • dfg/DFGSpeculativeJIT.h:

(JSC::DFG::SpeculativeJIT::callOperation):

  • dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileCallObjectConstructor):
(JSC::FTL::DFG::LowerDFGToB3::compileIsArrayObject):
(JSC::FTL::DFG::LowerDFGToB3::compileIsJSArray):
(JSC::FTL::DFG::LowerDFGToB3::compileIsArrayConstructor):
(JSC::FTL::DFG::LowerDFGToB3::isArray):

  • jit/JITOperations.h:
  • jsc.cpp:

(WTF::RuntimeArray::createStructure):
(GlobalObject::finishCreation):
(functionDebug):
(functionDataLogValue):

  • runtime/ArrayConstructor.cpp:

(JSC::ArrayConstructor::finishCreation):
(JSC::arrayConstructorPrivateFuncIsArrayConstructor):

  • runtime/ArrayConstructor.h:

(JSC::isArrayConstructor):

  • runtime/ArrayPrototype.cpp:

(JSC::ArrayPrototype::finishCreation):
(JSC::arrayProtoPrivateFuncIsJSArray):
(JSC::moveElements):
(JSC::arrayProtoPrivateFuncConcatMemcpy):
(JSC::arrayProtoPrivateFuncAppendMemcpy):
(JSC::arrayProtoFuncConcat): Deleted.

  • runtime/ArrayPrototype.h:

(JSC::ArrayPrototype::createStructure):

  • runtime/CommonIdentifiers.h:
  • runtime/Intrinsic.h:
  • runtime/JSArray.cpp:

(JSC::JSArray::appendMemcpy):
(JSC::JSArray::fastConcatWith): Deleted.

  • runtime/JSArray.h:

(JSC::JSArray::createStructure):
(JSC::JSArray::fastConcatType): Deleted.

  • runtime/JSArrayInlines.h: Added.

(JSC::JSArray::memCopyWithIndexingType):
(JSC::JSArray::canFastCopy):

  • runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::init):

  • runtime/JSType.h:
  • runtime/ObjectConstructor.h:

(JSC::constructObject):

  • tests/es6.yaml:
  • tests/stress/array-concat-spread-object.js: Added.

(arrayEq):

  • tests/stress/array-concat-spread-proxy-exception-check.js: Added.

(arrayEq):

  • tests/stress/array-concat-spread-proxy.js: Added.

(arrayEq):

  • tests/stress/array-concat-with-slow-indexingtypes.js: Added.

(arrayEq):

  • tests/stress/array-species-config-array-constructor.js:

Source/WebCore:

Makes runtime arrays have the new ArrayType

  • bridge/runtime_array.h:

(JSC::RuntimeArray::createStructure):

LayoutTests:

Fix tests for Symbol.isConcatSpreadable on the Symbol object.

  • js/Object-getOwnPropertyNames-expected.txt:
  • js/dom/array-prototype-properties-expected.txt:
  • js/script-tests/Object-getOwnPropertyNames.js:
5:40 PM Changeset in webkit [199127] by commit-queue@webkit.org
  • 2 edits in trunk/Source/JavaScriptCore

Unreviewed, rolling out r199070.
https://bugs.webkit.org/show_bug.cgi?id=156324

"It didn't fix the timeout" (Requested by saamyjoon on
#webkit).

Reverted changeset:

"jsc-layout-tests.yaml/js/script-tests/regress-141098.js
failing on Yosemite Debug after r198989"
https://bugs.webkit.org/show_bug.cgi?id=156187
http://trac.webkit.org/changeset/199070

5:14 PM Changeset in webkit [199126] by eric.carlson@apple.com
  • 6 edits in trunk/Source/WebCore

[iOS Simulator WK1] Crash in MediaPlayer::setPrivateBrowsingMode()
https://bugs.webkit.org/show_bug.cgi?id=155721
<rdar://problem/18590481>

Speculative fix for a crash that appears to happen when the media engine is destroyed
during a callback.

Reviewed by Dean Jackson.

No new tests, this prevents existing tests from crashing.

  • html/HTMLMediaElement.cpp:

(WebCore::actionName): Log MediaEngineUpdated.
(WebCore::HTMLMediaElement::scheduleDelayedAction): Support MediaEngineUpdated.
(WebCore::HTMLMediaElement::pendingActionTimerFired): Ditto. Clear m_pendingActionFlags.
(WebCore::HTMLMediaElement::mediaEngineWasUpdated): New.
(WebCore::HTMLMediaElement::mediaPlayerEngineUpdated): Move guts to mediaEngineWasUpdated and

call it on a timer so we can't change the media engine in the middle of a callback from
MediaPlayer or the media engine.

  • html/HTMLMediaElement.h:
  • html/HTMLMediaElementEnums.h:
  • platform/graphics/MediaPlayer.cpp:

(WebCore::MediaPlayer::~MediaPlayer): Assert if new flag m_initializingMediaEngine is set to

catch HTMLMediaElement destroying the media engine during a callback.

(WebCore::MediaPlayer::loadWithNextMediaEngine): Set/clear m_initializingMediaEngine.

  • platform/graphics/MediaPlayer.h:
5:13 PM Changeset in webkit [199125] by ggaren@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Unreviewed, rolling in r199016.
https://bugs.webkit.org/show_bug.cgi?id=156140

It might work this time without regression because 16kB aligned requests
now take the allocation fast path.

Restored changeset:

CopiedBlock should be 16kB
https://bugs.webkit.org/show_bug.cgi?id=156168
http://trac.webkit.org/changeset/199016

4:22 PM Changeset in webkit [199124] by rniwa@webkit.org
  • 1 edit in trunk/Websites/perf.webkit.org/tools/sync-buildbot.js

Add the executable bit on tools/sync-buildbot.js as supposed to be done in the previous commit

4:19 PM Changeset in webkit [199123] by rniwa@webkit.org
  • 15 edits
    5 adds in trunk/Websites/perf.webkit.org

New buildbot syncing scripts that supports multiple builders and slaves
https://bugs.webkit.org/show_bug.cgi?id=156269

Reviewed by Chris Dumez.

Add sync-buildbot.js that supports scheduling A/B testing jobs on multiple builders and slaves.
The old python script (sync-with-buildbot.py) could only support a single builder and slave
for each platform, test pair.

The main logic is implemented in BuildbotTriggerable.syncOnce. Various helper methods are added
throughout the codebase and tests have been refactored.

BuildbotSyncer has been updated to support multiple platform, test pairs. It's now responsible
for syncing everything on each builder (on a buildbot).

Added more unit tests for BuildbotSyncer and server tests for BuildbotTriggerable, and refactored
test helpers and mocks as needed.

  • public/v3/models/build-request.js:

(BuildRequest.prototype.status): Added.
(BuildRequest.prototype.isScheduled): Added.

  • public/v3/models/metric.js:

(Metric.prototype.fullName): Added.

  • public/v3/models/platform.js:

(Platform): Added the map based on platform name.
(Platform.findByName): Added.

  • public/v3/models/test.js:

(Test.topLevelTests):
(Test.findByPath): Added. Finds a test based on an array of test names; e.g. ['A', 'B'] would
find the test whose name is "B" which has a parent test named "A".
(Test.prototype.fullName): Added.

  • server-tests/api-build-requests-tests.js:

(addMockData): Moved to resources/mock-data.js.
(addAnotherMockTestGroup): Ditto.

  • server-tests/resources/mock-data.js: Added.

(MockData.resetV3Models): Added.
(MockData.addMockData): Moved from api-build-requests-tests.js.
(MockData.addAnotherMockTestGroup): Ditto.
(MockData.mockTestSyncConfigWithSingleBuilder): Added.
(MockData.mockTestSyncConfigWithTwoBuilders): Added.
(MockData.pendingBuild): Added.
(MockData.runningBuild): Added.
(MockData.finishedBuild): Added.

  • server-tests/resources/test-server.js:

(TestServer):
(TestServer.prototype.remoteAPI):
(TestServer.prototype._ensureTestDatabase): Don't fail even if the test database doesn't exit.
(TestServer.prototype._startApache): Create a RemoteAPI instance to access the test sever.
(TestServer.prototype._waitForPid): Increase the timeout.
(TestServer.prototype.inject): Replace global.RemoteAPI during the test and restore it afterwards.

  • server-tests/tools-buildbot-triggerable-tests.js: Added. Tests BuildbotTriggerable.syncOnce.

(MockLogger): Added.
(MockLogger.prototype.log): Added.
(MockLogger.prototype.error): Added.

  • tools/detect-changes.js:

(parseArgument): Moved to js/parse-arguments.js.

  • tools/js/buildbot-syncer.js:

(BuildbotBuildEntry):
(BuildbotBuildEntry.prototype.syncer): Added.
(BuildbotBuildEntry.prototype.buildRequestStatusIfUpdateIsNeeded): Added. Returns a new status
for a build request (of the matching build request ID) if it needs to be updated in the server.
(BuildbotSyncer): This class
(BuildbotSyncer.prototype.addTestConfiguration): Added.
(BuildbotSyncer.prototype.testConfigurations): Returns the list of test configurations.
(BuildbotSyncer.prototype.matchesConfiguration): Returns true iff the request can be scheduled on
this builder.
(BuildbotSyncer.prototype.scheduleRequest): Added. Schedules a new job on buildbot for a request.
(BuildbotSyncer.prototype.scheduleFirstRequestInGroupIfAvailable): Added. Schedules a new job for
the specified build request on the first slave that's available.
(BuildbotSyncer.prototype.pullBuildbot): Return a list of BuildbotBuildEntry instead of an object.
Also store it on an instance variable so that scheduleFirstRequestInGroupIfAvailable could use it.
(BuildbotSyncer.prototype._pullRecentBuilds):
(BuildbotSyncer.prototype.pathForPendingBuildsJSON): Renamed from urlForPendingBuildsJSON and now
only returns the path instead of the full URL since RemoteAPI takes a path, not full URL.
(BuildbotSyncer.prototype.pathForBuildJSON): Ditto from pathForBuildJSON.
(BuildbotSyncer.prototype.pathForForceBuild): Added.
(BuildbotSyncer.prototype.url): Use RemoteAPI's url method instead of manually constructing URL.
(BuildbotSyncer.prototype.urlForBuildNumber): Ditto.
(BuildbotSyncer.prototype._propertiesForBuildRequest): Now that each syncer can have multiple test
configurations associated with it, find the one matching for this request.
(BuildbotSyncer._loadConfig): Create a syncer per builder and add all test configurations to it.
(BuildbotSyncer._validateAndMergeConfig): Added the support for 'SlaveList', which is a list of
slave names present on this builder.

  • tools/js/buildbot-triggerable.js: Added.

(BuildbotTriggerable): Added.
(BuildbotTriggerable.prototype.name): Added.
(BuildbotTriggerable.prototype.syncOnce): Added. The main logic for the syncing script. It pulls
existing build requests from the perf dashboard, pulls buildbot for pending and running/completed
builds on each builder (represented by each syncer), schedules build requests on buildbot if there
is any builder/slave available, and updates the status of build requests in the database.
(BuildbotTriggerable.prototype._validateRequests): Added.
(BuildbotTriggerable.prototype._pullBuildbotOnAllSyncers): Added.
(BuildbotTriggerable.prototype._scheduleNextRequestInGroupIfSlaveIsAvailable): Added.
(BuildbotTriggerable._testGroupMapForBuildRequests): Added.

  • tools/js/database.js:
  • tools/js/parse-arguments.js: Added. Extracted out of tools/detect-changes.js.

(parseArguments):

  • tools/js/remote.js:

(RemoteAPI): Now optionally takes the server configuration.
(RemoteAPI.prototype.url): Added.
(RemoteAPI.prototype.getJSON): Removed the code for specifying request content.
(RemoteAPI.prototype.getJSONWithStatus): Ditto.
(RemoteAPI.prototype.postJSON): Added.
(RemoteAPI.prototype.postFormUrlencodedData): Added.
(RemoteAPI.prototype.sendHttpRequest): Fixed the code to specify auth.

  • tools/js/v3-models.js: Don't include RemoteAPI here as they require a configuration for each host.
  • tools/sync-buildbot.js: Added.

(main): Added. Parse the arguments and start the loop.
(syncLoop): Added.

  • unit-tests/buildbot-syncer-tests.js: Added tests for pullBuildbot, scheduleRequest, as well as

scheduleFirstRequestInGroupIfAvailable. Refactored helper functions as needed.
(sampleiOSConfig):
(smallConfiguration): Added.
(smallPendingBuild): Added.
(smallInProgressBuild): Added.
(smallFinishedBuild): Added.
(createSampleBuildRequest): Create a unique build request for each platform.
(samplePendingBuild): Optionally specify build time and slave name.
(sampleInProgressBuild): Optionally specify slave name.
(sampleFinishedBuild): Ditto.

  • unit-tests/resources/mock-remote-api.js:

(assert.notReached.assert.notReached):
(MockRemoteAPI.url): Added.
(MockRemoteAPI.postFormUrlencodedData): Added.
(MockRemoteAPI._addRequest): Extracted from getJSONWithStatus.
(MockRemoteAPI.waitForRequest): Extracted from inject. For tools-buildbot-triggerable-tests.js, we
need to instantiate a RemoteAPI for buildbot without replacing global.RemoteAPI.
(MockRemoteAPI.inject):
(MockRemoteAPI.reset): Added.

3:51 PM Changeset in webkit [199122] by mark.lam@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Update es6.yaml to expect es6/Proxy_internal_get_calls_RegExp_constructor.js to pass.
https://bugs.webkit.org/show_bug.cgi?id=156314

Reviewed by Saam Barati.

  • tests/es6.yaml:
3:44 PM Changeset in webkit [199121] by matthew_hanson@apple.com
  • 3 edits in branches/safari-601.1.46-branch/Source/WebCore

Merge r199116. rdar://problem/25468815

3:25 PM Changeset in webkit [199120] by beidson@apple.com
  • 3 edits in trunk/Source/WebCore

Modern IDB: Make sure SQLite backing store records have a INTEGER PRIMARY KEY column.
https://bugs.webkit.org/show_bug.cgi?id=156264

Reviewed by Alex Christensen.

No new tests (No testable change in behavior yet, current tests pass).

  • Modules/indexeddb/IDBKeyData.cpp:

(WebCore::IDBKeyData::encode): Fix the key name for backwards compatibility.
(WebCore::IDBKeyData::decode): Ditto.

  • Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:

(WebCore::IDBServer::v3RecordsTableSchema): Added v3 Records schema that includes a primary key column.
(WebCore::IDBServer::v3RecordsTableSchemaAlternate):
(WebCore::IDBServer::createOrMigrateRecordsTableIfNecessary): Upgrade to v3 instead of v2.
(WebCore::IDBServer::SQLiteIDBBackingStore::addRecord):

3:22 PM Changeset in webkit [199119] by Simon Fraser
  • 2 edits in trunk/Source/WebCore

Avoid using an unengaged Optional<FloatRect> when positioning the tiled scrolling indicator
https://bugs.webkit.org/show_bug.cgi?id=156313

Reviewed by Tim Horton.

Fixes an assertion seen when running the WebKit2.AutoLayoutIntegration API test.

  • page/FrameView.cpp:

(WebCore::FrameView::setViewExposedRect):

2:51 PM Changeset in webkit [199118] by achristensen@apple.com
  • 8 edits
    1 add in trunk

Compile WebKitTestRunner with CMake on Mac
https://bugs.webkit.org/show_bug.cgi?id=156310

Reviewed by Daniel Bates.

Source/WebKit2:

  • PlatformMac.cmake:

Tools:

  • CMakeLists.txt:
  • WebKitTestRunner/CMakeLists.txt:
  • WebKitTestRunner/InjectedBundle/mac/InjectedBundleMac.mm:
  • WebKitTestRunner/PlatformEfl.cmake:
  • WebKitTestRunner/PlatformGTK.cmake:
  • WebKitTestRunner/PlatformMac.cmake: Added.
2:48 PM Changeset in webkit [199117] by weinig@apple.com
  • 3 edits in trunk/Source/WebCore

Fix windows build.

  • DerivedSources.cpp:
  • css/CSSAllInOne.cpp:
2:21 PM Changeset in webkit [199116] by jer.noble@apple.com
  • 3 edits in trunk/Source/WebCore

CRASH in AudioDestinationNode::render()
https://bugs.webkit.org/show_bug.cgi?id=156308
<rdar://problem/25468815>

Reviewed by Eric Carlson.

AudioDestinationNode::render() will crash when passed in a zero-length frame count. Rather than get into
this bad state, ASSERT() and bail out early in this case.

Also, address the situation in AudioDestinationIOS::render which can cause this 0-frame count to occur.

  • Modules/webaudio/AudioDestinationNode.cpp:

(WebCore::AudioDestinationNode::render):

  • platform/audio/ios/AudioDestinationIOS.cpp:

(WebCore::AudioDestinationIOS::render):

1:52 PM Changeset in webkit [199115] by ggaren@apple.com
  • 4 edits in trunk/Source/bmalloc

bmalloc: handle aligned allocations on the fast path
https://bugs.webkit.org/show_bug.cgi?id=156302

Reviewed by Michael Saboff.

This helps keep the JavaScriptCore GC on the fast path, and it also
helps avoid fragmentation on our website stress test:

nimlang 209,584kB 198,076kB 1.06x smaller

  • bmalloc/Allocator.cpp:

(bmalloc::Allocator::allocate): Because we arrange for power-of-two size
classes to allocate at power-of-two alignments, we can allocate any
small aligned request on the small path.

  • bmalloc/Chunk.h:

(bmalloc::Chunk::bytes):
(bmalloc::Chunk::lines):
(bmalloc::Chunk::pages):
(bmalloc::Chunk::boundaryTags):
(bmalloc::Chunk::objectType): Moved some code around to provide better
API.

(bmalloc::Chunk::Chunk): Moved this code to VMHeap.

(bmalloc::Chunk::offset):
(bmalloc::Chunk::object): Use our new bytes() helper function.

  • bmalloc/VMHeap.cpp:

(bmalloc::VMHeap::allocateChunk): Moved code here from Chunk.

(bmalloc::VMHeap::allocateSmallChunk): Ensure that power-of-two page
sizes always begin allocation at the same alignment. Power-of-two object
sizes always request power-of-two page sizes (since that's the least
wasteful option), so if we also ensure that power-of-two page sizes get
power-of-two alignment, then everything is aligned for all small objects.

1:41 PM Changeset in webkit [199114] by peavo@outlook.com
  • 3 edits in trunk/Source/WebCore

[WinCairo][MediaFoundation] Videos are always autoplaying.
https://bugs.webkit.org/show_bug.cgi?id=156284

Reviewed by Alex Christensen.

Videos are autoplaying because the MediaFoundation implementation always starts playback
after the load method has been called. When the load method has been called, we should
only start buffering data, not automatically start the playback. This has been fixed by
implementing the prepareToPlay method, and calling this instead of the play method.

  • platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:

(WebCore::MediaPlayerPrivateMediaFoundation::MediaPlayerPrivateMediaFoundation):
(WebCore::MediaPlayerPrivateMediaFoundation::load):
(WebCore::MediaPlayerPrivateMediaFoundation::prepareToPlay):
(WebCore::MediaPlayerPrivateMediaFoundation::play):
(WebCore::MediaPlayerPrivateMediaFoundation::networkState):
(WebCore::MediaPlayerPrivateMediaFoundation::startSession):
(WebCore::MediaPlayerPrivateMediaFoundation::endGetEvent):
(WebCore::MediaPlayerPrivateMediaFoundation::updateReadyState):
(WebCore::MediaPlayerPrivateMediaFoundation::onTopologySet):
(WebCore::MediaPlayerPrivateMediaFoundation::onBufferingStarted):
(WebCore::MediaPlayerPrivateMediaFoundation::onBufferingStopped):
(WebCore::MediaPlayerPrivateMediaFoundation::onSessionEnded):
(WebCore::MediaPlayerPrivateMediaFoundation::Direct3DPresenter::updateDestRect):

  • platform/graphics/win/MediaPlayerPrivateMediaFoundation.h:
1:03 PM Changeset in webkit [199113] by Alan Bujtas
  • 2 edits in trunk/Source/WebCore

Add ASSERT_WITH_SECURITY_IMPLICATION when a float box is referenced by multiple RootInlineBoxes.
https://bugs.webkit.org/show_bug.cgi?id=156297
<rdar://problem/25580844>

Reviewed by Brent Fulgham.

See http://trac.webkit.org/changeset/199101

No change in functionality.

  • rendering/RenderBlockLineLayout.cpp:

(WebCore::RenderBlockFlow::appendFloatingObjectToLastLine):
(WebCore::RenderBlockFlow::reattachCleanLineFloats):
(WebCore::RenderBlockFlow::determineStartPosition):

12:54 PM Changeset in webkit [199112] by weinig@apple.com
  • 15 edits
    3 moves in trunk

window.CSS should be a constructor with static functions
<rdar://problem/25580516>
https://bugs.webkit.org/show_bug.cgi?id=156294

Reviewed by Chris Dumez.

Source/WebCore:

Rename DOMWindowCSS to DOMCSSNamespace to avoid name collisions, DOMWindow prefixed
classes cause collisions in JSDOMWindow.

  • CMakeLists.txt:
  • DerivedSources.make:
  • WebCore.xcodeproj/project.pbxproj:

Update for renames.

  • css/DOMCSSNamespace.cpp: Copied from Source/WebCore/css/DOMWindowCSS.cpp.

(WebCore::valueWithoutImportant):
(WebCore::DOMCSSNamespace::supports):
(WebCore::DOMWindowCSS::create): Deleted.
(WebCore::DOMWindowCSS::supports): Deleted.

  • css/DOMCSSNamespace.h: Copied from Source/WebCore/css/DOMWindowCSS.h.

(WebCore::DOMWindowCSS::DOMWindowCSS): Deleted.
Rename DOMWindowCSS to DOMCSSNamespace and turn functions into static functions.

  • css/DOMCSSNamespace.idl: Copied from Source/WebCore/css/DOMWindowCSS.idl.

Remove NoInterfaceObject, to inject a constructor, and turn functions into
static functions matching spec.

  • page/DOMWindow.cpp:

(WebCore::DOMWindow::css): Deleted.

  • page/DOMWindow.h:
  • page/DOMWindow.idl:

Remove CSS property. Constructor will be implicitly added.

LayoutTests:

  • platform/efl/js/dom/global-constructors-attributes-expected.txt:
  • platform/gtk/js/dom/global-constructors-attributes-expected.txt:
  • platform/mac-yosemite/js/dom/global-constructors-attributes-expected.txt:
  • platform/mac/js/dom/global-constructors-attributes-expected.txt:
  • platform/win/js/dom/global-constructors-attributes-expected.txt:

Update for new CSS constructor property.

12:22 PM Changeset in webkit [199111] by Simon Fraser
  • 24 edits in trunk/Source

Rename exposedRect to viewExposedRect and propagate it as Optional<> through WK2
https://bugs.webkit.org/show_bug.cgi?id=156274

Reviewed by NOBODY (OOPS!).

DrawingArea and FrameView have an "exposedRect" property that is used by applications
on Mac, like Mail, that embed web views inside scroll views. However, this name is very
similar to the "exposedContentRect" that is used on iOS to denote the part of the view
whose pixels are visible, including through blurring overlaid UI.

To disambiguate these two, rename the Mac "exposedRect" to "viewExposedRect" to
emphasize that it's a rect that takes into account clipping in the native view
hierarchy.

Also make this rect Optional<> through the DrawingArea, removing comparisons against
FloatRect::infiniteRect().

Do some other minor renaming in VisibleContentRectUpdateInfo.

Source/WebCore:

  • page/FrameView.cpp:

(WebCore::FrameView::setViewExposedRect): This now takes an Optional<> because WebViewImpl::updateViewExposedRect()
can clear it.

  • page/FrameView.h:
  • page/PageOverlayController.cpp:

(WebCore::PageOverlayController::didChangeViewExposedRect):
(WebCore::PageOverlayController::didChangeExposedRect): Deleted.

  • page/PageOverlayController.h:
  • rendering/RenderLayerBacking.cpp:

(WebCore::computeTileCoverage):

  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::flushPendingLayerChanges):

Source/WebKit2:

  • Shared/VisibleContentRectUpdateInfo.cpp: Rename "exposedRect" and "unobscuredRect" to

have "Content" in the names.
(WebKit::VisibleContentRectUpdateInfo::encode):
(WebKit::VisibleContentRectUpdateInfo::decode):

  • Shared/VisibleContentRectUpdateInfo.h:

(WebKit::VisibleContentRectUpdateInfo::VisibleContentRectUpdateInfo):
(WebKit::VisibleContentRectUpdateInfo::exposedContentRect):
(WebKit::VisibleContentRectUpdateInfo::unobscuredContentRect):
(WebKit::operator==):
(WebKit::VisibleContentRectUpdateInfo::exposedRect): Deleted.
(WebKit::VisibleContentRectUpdateInfo::unobscuredRect): Deleted.

  • UIProcess/Cocoa/WebViewImpl.mm:

(WebKit::WebViewImpl::updateViewExposedRect):

  • UIProcess/DrawingAreaProxy.cpp:

(WebKit::DrawingAreaProxy::DrawingAreaProxy):
(WebKit::DrawingAreaProxy::setViewExposedRect):
(WebKit::DrawingAreaProxy::viewExposedRectChangedTimerFired):
(WebKit::DrawingAreaProxy::setExposedRect): Deleted.
(WebKit::DrawingAreaProxy::exposedRectChangedTimerFired): Deleted.

  • UIProcess/DrawingAreaProxy.h:

(WebKit::DrawingAreaProxy::viewExposedRect):
(WebKit::DrawingAreaProxy::exposedRect): Deleted.

  • UIProcess/WebPageProxy.h:

(WebKit::WebPageProxy::exposedContentRect):
(WebKit::WebPageProxy::unobscuredContentRect):

  • UIProcess/mac/RemoteLayerTreeDrawingAreaProxy.h:
  • UIProcess/mac/RemoteLayerTreeDrawingAreaProxy.mm:

(WebKit::RemoteLayerTreeDrawingAreaProxy::setViewExposedRect):
(WebKit::RemoteLayerTreeDrawingAreaProxy::indicatorLocation):
(WebKit::RemoteLayerTreeDrawingAreaProxy::updateDebugIndicator):
(WebKit::RemoteLayerTreeDrawingAreaProxy::scaledExposedRect): Deleted.
(WebKit::RemoteLayerTreeDrawingAreaProxy::setExposedRect): Deleted. This was only used
to position the indicator, and confusingly used either exposedContentRect() or viewExposedRect()
depending on platform.

  • WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:

(WebKit::WebFrameLoaderClient::transitionToCommittedForNewPage):

  • WebProcess/WebPage/DrawingArea.h:
  • WebProcess/WebPage/DrawingArea.messages.in:
  • WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::WebPage::updateVisibleContentRects):

  • WebProcess/WebPage/mac/RemoteLayerTreeDrawingArea.h:
  • WebProcess/WebPage/mac/RemoteLayerTreeDrawingArea.mm:

(WebKit::RemoteLayerTreeDrawingArea::setViewExposedRect):
(WebKit::RemoteLayerTreeDrawingArea::updateScrolledExposedRect):
(WebKit::RemoteLayerTreeDrawingArea::flushLayers):
(WebKit::RemoteLayerTreeDrawingArea::RemoteLayerTreeDrawingArea): Deleted.
(WebKit::RemoteLayerTreeDrawingArea::setExposedRect): Deleted.

  • WebProcess/WebPage/mac/TiledCoreAnimationDrawingArea.h:
  • WebProcess/WebPage/mac/TiledCoreAnimationDrawingArea.mm:

(WebKit::TiledCoreAnimationDrawingArea::flushLayers):
(WebKit::TiledCoreAnimationDrawingArea::setViewExposedRect):
(WebKit::TiledCoreAnimationDrawingArea::updateScrolledExposedRect):
(WebKit::TiledCoreAnimationDrawingArea::TiledCoreAnimationDrawingArea): Deleted.
(WebKit::TiledCoreAnimationDrawingArea::setExposedRect): Deleted.

12:13 PM Changeset in webkit [199110] by jdiggs@igalia.com
  • 11 edits in trunk

REGRESSION(r195463): [GTK] accessibility/roles-computedRoleString.html and accessibility/roles-exposed.html failing
https://bugs.webkit.org/show_bug.cgi?id=153696

Reviewed by Chris Fleizach.

Source/WebCore:

The failures were due to always mapping style format groups to GroupRole, even for
RenderInline objects. The fix is to expose inline style format groups as InlineRole,
add handling of GroupRole style groups to the ATK code, and InlineRole style groups
to the Mac code.

No new tests because we have sufficient coverage. Updated roles-computedRoleString.html
to reflect new exposure.

  • accessibility/AccessibilityRenderObject.cpp:

(WebCore::AccessibilityRenderObject::determineAccessibilityRole):

  • accessibility/atk/WebKitAccessibleWrapperAtk.cpp:

(atkRole):

  • accessibility/mac/AccessibilityObjectMac.mm:

(WebCore::AccessibilityObject::accessibilityPlatformIncludesObject):

  • accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(createAccessibilityRoleMap):
(-[WebAccessibilityObjectWrapper subrole]):

LayoutTests:

Now that RenderInline style format groups are exposed as InlineRole, there is
no longer a corresponding computed role for ins, samp, and var elements. Updated
the roles-computedRoleString.html test and expectations accordingly. Also added
the now-correct results for Gtk for both of the previously-failing tests.

  • accessibility/roles-computedRoleString-expected.txt: Updated.
  • accessibility/roles-computedRoleString.html: Updated.
  • platform/gtk/TestExpectations: Unskip the two tests which are now passing.
  • platform/gtk/accessibility/roles-computedRoleString-expected.txt: Updated.
  • platform/gtk/accessibility/roles-exposed-expected.txt: Updated.
12:07 PM Changeset in webkit [199109] by achristensen@apple.com
  • 6 edits in trunk

Fix CMake DumpRenderTree
https://bugs.webkit.org/show_bug.cgi?id=156305

Reviewed by Daniel Bates.

.:

  • Source/cmake/OptionsMac.cmake:

Source/WebKit:

  • PlatformMac.cmake:

Source/WebKit/mac:

  • WebKitPrefix.h:
11:49 AM Changeset in webkit [199108] by commit-queue@webkit.org
  • 39 edits
    1 delete in trunk/Source/JavaScriptCore

Unreviewed, rolling out r199104.
https://bugs.webkit.org/show_bug.cgi?id=156301

Still breaks internal builds (Requested by keith_miller on
#webkit).

Reverted changeset:

"We should support the ability to do a non-effectful getById"
https://bugs.webkit.org/show_bug.cgi?id=156116
http://trac.webkit.org/changeset/199104

11:39 AM Changeset in webkit [199107] by Simon Fraser
  • 4 edits in trunk

Implement operator== and operator!= for Optional<>
https://bugs.webkit.org/show_bug.cgi?id=156266

Reviewed by Anders Carlsson.
Source/WTF:

Implement non-member operator== and operator!= variants for Optional<>.

  • wtf/Optional.h:

(WTF::operator==):
(WTF::operator!=):

Tools:

  • TestWebKitAPI/Tests/WTF/Optional.cpp:

(TestWebKitAPI::TEST):

11:26 AM Changeset in webkit [199106] by keith_miller@apple.com
  • 6 edits in trunk

RegExp constructor should use Symbol.match and other properties
https://bugs.webkit.org/show_bug.cgi?id=155873

Reviewed by Michael Saboff.

Source/JavaScriptCore:

This patch updates the behavior of the RegExp constructor. Now the constructor
should get the Symbol.match property and check if it exists to decide if something
should be constructed like a regexp object.

  • runtime/RegExpConstructor.cpp:

(JSC::toFlags):
(JSC::constructRegExp):
(JSC::constructWithRegExpConstructor):
(JSC::callRegExpConstructor):

  • runtime/RegExpConstructor.h:
  • tests/stress/regexp-constructor.js: Added.

(assert):
(throw.new.Error.get let):
(throw.new.Error.):
(throw.new.Error.get re):

LayoutTests:

Fix test for new behavior.

  • fast/regex/constructor-expected.txt:
  • fast/regex/script-tests/constructor.js:
10:44 AM Changeset in webkit [199105] by jer.noble@apple.com
  • 2 edits in trunk/Source/WebCore

CRASH in -[WebCoreNSURLSession taskCompleted:]
https://bugs.webkit.org/show_bug.cgi?id=156290

Reviewed by Eric Carlson.

Fixes currently flakily crashing http/tests/media tests.

Protect against -taskCompleted: being called multiple times by only calling
-taskCompleted: if the task's state is not yet NSURLSessionTaskStateCompleted.
Additionally, make sure to clear the task's session pointer when removing it
from _dataTasks, as this ensures a task that outlives its session does not
keep a pointer to a dealloc'd object.

  • platform/network/cocoa/WebCoreNSURLSession.mm:

(-[WebCoreNSURLSession taskCompleted:]):
(-[WebCoreNSURLSessionDataTask _resource:loadFinishedWithError:]):

10:36 AM Changeset in webkit [199104] by keith_miller@apple.com
  • 39 edits
    1 add in trunk/Source/JavaScriptCore

We should support the ability to do a non-effectful getById
https://bugs.webkit.org/show_bug.cgi?id=156116

Reviewed by Benjamin Poulain.

Currently, there is no way in JS to do a non-effectful getById. A non-effectful getById is
useful because it enables us to take different code paths based on values that we would
otherwise not be able to have knowledge of. This patch adds this new feature called
try_get_by_id that will attempt to do as much of a get_by_id as possible without performing
an effectful behavior. Thus, try_get_by_id will return the value if the slot is a value, the
GetterSetter object if the slot is a normal accessor (not a CustomGetterSetter) and
undefined if the slot is unset. If the slot is proxied or any other cases then the result
is null. In theory, if we ever wanted to check for null we could add a sentinal object to
the global object that indicates we could not get the result.

In order to implement this feature we add a new enum GetByIdKind that indicates what to do
for accessor properties in PolymorphicAccess. If the GetByIdKind is pure then we treat the
get_by_id the same way we would for load and return the value at the appropriate offset.
Additionally, in order to make sure the we can properly compare the GetterSetter object
with === GetterSetters are now JSObjects. This comes at the cost of eight extra bytes on the
GetterSetter object but it vastly simplifies the patch. Additionally, the extra bytes are
likely to have little to no impact on memory usage as normal accessors are generally rare.

  • builtins/BuiltinExecutables.cpp:

(JSC::BuiltinExecutables::createDefaultConstructor):
(JSC::BuiltinExecutables::createBuiltinExecutable):
(JSC::createBuiltinExecutable):
(JSC::BuiltinExecutables::createExecutable):
(JSC::createExecutableInternal): Deleted.

  • builtins/BuiltinExecutables.h:
  • bytecode/BytecodeIntrinsicRegistry.h:
  • bytecode/BytecodeList.json:
  • bytecode/BytecodeUseDef.h:

(JSC::computeUsesForBytecodeOffset):
(JSC::computeDefsForBytecodeOffset):

  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::dumpBytecode):

  • bytecode/PolymorphicAccess.cpp:

(JSC::AccessCase::tryGet):
(JSC::AccessCase::generate):
(WTF::printInternal):

  • bytecode/PolymorphicAccess.h:

(JSC::AccessCase::isGet): Deleted.
(JSC::AccessCase::isPut): Deleted.
(JSC::AccessCase::isIn): Deleted.

  • bytecode/StructureStubInfo.cpp:

(JSC::StructureStubInfo::reset):

  • bytecode/StructureStubInfo.h:
  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::emitTryGetById):

  • bytecompiler/BytecodeGenerator.h:
  • bytecompiler/NodesCodegen.cpp:

(JSC::BytecodeIntrinsicNode::emit_intrinsic_tryGetById):

  • dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::cachedGetById):

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::cachedGetById):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::getById):

  • jit/JIT.cpp:

(JSC::JIT::privateCompileMainPass):
(JSC::JIT::privateCompileSlowCases):

  • jit/JIT.h:
  • jit/JITInlineCacheGenerator.cpp:

(JSC::JITGetByIdGenerator::JITGetByIdGenerator):

  • jit/JITInlineCacheGenerator.h:
  • jit/JITInlines.h:

(JSC::JIT::callOperation):

  • jit/JITOperations.cpp:
  • jit/JITOperations.h:
  • jit/JITPropertyAccess.cpp:

(JSC::JIT::emitGetByValWithCachedId):
(JSC::JIT::emit_op_try_get_by_id):
(JSC::JIT::emitSlow_op_try_get_by_id):
(JSC::JIT::emit_op_get_by_id):

  • jit/JITPropertyAccess32_64.cpp:

(JSC::JIT::emitGetByValWithCachedId):
(JSC::JIT::emit_op_try_get_by_id):
(JSC::JIT::emitSlow_op_try_get_by_id):
(JSC::JIT::emit_op_get_by_id):

  • jit/Repatch.cpp:

(JSC::repatchByIdSelfAccess):
(JSC::appropriateOptimizingGetByIdFunction):
(JSC::appropriateGenericGetByIdFunction):
(JSC::tryCacheGetByID):
(JSC::repatchGetByID):
(JSC::resetGetByID):

  • jit/Repatch.h:
  • jsc.cpp:

(GlobalObject::finishCreation):
(functionGetGetterSetter):
(functionCreateBuiltin):

  • llint/LLIntData.cpp:

(JSC::LLInt::Data::performAssertions):

  • llint/LLIntSlowPaths.cpp:

(JSC::LLInt::LLINT_SLOW_PATH_DECL):

  • llint/LLIntSlowPaths.h:
  • llint/LowLevelInterpreter.asm:
  • runtime/GetterSetter.cpp:
  • runtime/GetterSetter.h:
  • runtime/JSType.h:
  • runtime/PropertySlot.cpp:

(JSC::PropertySlot::getPureResult):

  • runtime/PropertySlot.h:
  • runtime/ProxyObject.cpp:

(JSC::ProxyObject::getOwnPropertySlotCommon):

  • tests/stress/try-get-by-id.js: Added.

(tryGetByIdText):
(getCaller.obj.1.throw.new.Error.let.func):
(getCaller.obj.1.throw.new.Error):
(throw.new.Error.get let):
(throw.new.Error.):
(throw.new.Error.let.get createBuiltin):
(get let):
(let.get createBuiltin):
(let.func):
(get let.func):
(get throw):

10:33 AM Changeset in webkit [199103] by Chris Dumez
  • 2 edits
    9 adds in trunk/Source/WebCore

[IDL] Extend support for [EnabledAtRuntime] attributes / operations to all global objects, not just Window
https://bugs.webkit.org/show_bug.cgi?id=156291

Reviewed by Alex Christensen.

Extend support for [EnabledAtRuntime] attributes / operations to all
global objects, not just Window. This is needed by the Fetch API which
is enabled at runtime and exposed on both Window and WorkerGlobalScope.

  • bindings/scripts/CodeGeneratorJS.pm:

(IsDOMGlobalObject):
(OperationShouldBeOnInstance):
(GenerateHeader):
(GeneratePropertiesHashTable):
(GenerateImplementation):

  • bindings/scripts/test/GObject/WebKitDOMTestGlobalObject.cpp: Added.

(WebKit::kit):
(WebKit::core):
(WebKit::wrapTestGlobalObject):
(webkit_dom_test_global_object_finalize):
(webkit_dom_test_global_object_set_property):
(webkit_dom_test_global_object_get_property):
(webkit_dom_test_global_object_constructor):
(webkit_dom_test_global_object_class_init):
(webkit_dom_test_global_object_init):
(webkit_dom_test_global_object_regular_operation):
(webkit_dom_test_global_object_enabled_at_runtime_operation):
(webkit_dom_test_global_object_get_regular_attribute):
(webkit_dom_test_global_object_set_regular_attribute):
(webkit_dom_test_global_object_get_enabled_at_runtime_attribute):
(webkit_dom_test_global_object_set_enabled_at_runtime_attribute):

  • bindings/scripts/test/GObject/WebKitDOMTestGlobalObject.h: Added.
  • bindings/scripts/test/GObject/WebKitDOMTestGlobalObjectPrivate.h: Added.
  • bindings/scripts/test/JS/JSTestGlobalObject.cpp: Added.

(WebCore::JSTestGlobalObjectConstructor::prototypeForStructure):
(WebCore::JSTestGlobalObjectConstructor::initializeProperties):
(WebCore::JSTestGlobalObjectPrototype::getOwnPropertySlot):
(WebCore::JSTestGlobalObject::JSTestGlobalObject):
(WebCore::JSTestGlobalObject::finishCreation):
(WebCore::JSTestGlobalObject::destroy):
(WebCore::JSTestGlobalObject::getOwnPropertySlot):
(WebCore::jsTestGlobalObjectRegularAttribute):
(WebCore::jsTestGlobalObjectEnabledAtRuntimeAttribute):
(WebCore::jsTestGlobalObjectConstructor):
(WebCore::setJSTestGlobalObjectConstructor):
(WebCore::setJSTestGlobalObjectRegularAttribute):
(WebCore::setJSTestGlobalObjectEnabledAtRuntimeAttribute):
(WebCore::JSTestGlobalObject::getConstructor):
(WebCore::jsTestGlobalObjectInstanceFunctionRegularOperation):
(WebCore::jsTestGlobalObjectInstanceFunctionEnabledAtRuntimeOperation1):
(WebCore::jsTestGlobalObjectInstanceFunctionEnabledAtRuntimeOperation2):
(WebCore::jsTestGlobalObjectInstanceFunctionEnabledAtRuntimeOperation):
(WebCore::JSTestGlobalObjectOwner::isReachableFromOpaqueRoots):
(WebCore::JSTestGlobalObjectOwner::finalize):
(WebCore::toJSNewlyCreated):
(WebCore::toJS):
(WebCore::JSTestGlobalObject::toWrapped):

  • bindings/scripts/test/JS/JSTestGlobalObject.h: Added.

(WebCore::JSTestGlobalObject::create):
(WebCore::JSTestGlobalObject::createStructure):
(WebCore::JSTestGlobalObject::finishCreation):
(WebCore::wrapperOwner):
(WebCore::wrapperKey):
(WebCore::toJS):
(WebCore::JSTestGlobalObjectPrototype::create):
(WebCore::JSTestGlobalObjectPrototype::createStructure):
(WebCore::JSTestGlobalObjectPrototype::JSTestGlobalObjectPrototype):

  • bindings/scripts/test/ObjC/DOMTestGlobalObject.h: Added.
  • bindings/scripts/test/ObjC/DOMTestGlobalObject.mm: Added.

(-[DOMTestGlobalObject dealloc]):
(-[DOMTestGlobalObject regularAttribute]):
(-[DOMTestGlobalObject setRegularAttribute:]):
(-[DOMTestGlobalObject enabledAtRuntimeAttribute]):
(-[DOMTestGlobalObject setEnabledAtRuntimeAttribute:]):
(-[DOMTestGlobalObject regularOperation:]):
(-[DOMTestGlobalObject enabledAtRuntimeOperation:]):
(core):
(kit):

  • bindings/scripts/test/ObjC/DOMTestGlobalObjectInternal.h: Added.
  • bindings/scripts/test/TestGlobalObject.idl: Added.
9:38 AM Changeset in webkit [199102] by beidson@apple.com
  • 2 edits in trunk/Source/WebCore

Update IndexedDB feature status to the much more correct "In Development"

Reviewed by Tim Hatcher.

  • features.json:
8:56 AM Changeset in webkit [199101] by Alan Bujtas
  • 4 edits
    2 adds in trunk

ASSERTION FAILED: !floatingObject->originatingLine() in WebCore::RenderBlockFlow::linkToEndLineIfNeeded
https://bugs.webkit.org/show_bug.cgi?id=153001

Reviewed by Dan Bernstein.

  1. Float boxes are always attached to the line where we see them first.
  2. Float box can only be attached to one line.
  3. RenderBlockFlow can perform partial layout on dirty lines only.

In certain cases, the last dirty line can "pull up" float boxes from the first clean line.
It simply means that due to some layout changes on previous lines now we see those floats on this last dirty line first.
If after placing the float we still find it on the same position, the line below is still considered clean.
Source/WebCore:

Remove the float box from its original line if the line above already placed it.

Test: fast/block/float/float-moves-between-lines.html

  • rendering/RenderBlockFlow.h:
  • rendering/RenderBlockLineLayout.cpp:

(WebCore::RenderBlockFlow::reattachCleanLineFloats):
(WebCore::RenderBlockFlow::linkToEndLineIfNeeded):
(WebCore::RenderBlockFlow::layoutRunsAndFloatsInRange): Deleted.

LayoutTests:

Remove the float box from its original line if the line above already placed it.

  • fast/block/float/float-moves-between-lines-expected.txt: Added.
  • fast/block/float/float-moves-between-lines.html: Added.
8:44 AM Changeset in webkit [199100] by Michael Catanzaro
  • 2 edits in trunk/Source/WebCore/platform/gtk/po

[GTK] [l10n] Updated Italian translation of WebKitGTK+
https://bugs.webkit.org/show_bug.cgi?id=156283

Patch by Milo Casagrande <milo@milo.name> on 2016-04-06
Rubber-stamped by Michael Catanzaro.

  • it.po:
5:26 AM Changeset in webkit [199099] by Antti Koivisto
  • 6 edits in trunk

REGRESSION(r196629): Messages text size only changes for sending text, conversation text size does not change
https://bugs.webkit.org/show_bug.cgi?id=156287
<rdar://problem/24264756>

Reviewed by Andreas Kling.

Source/WebCore:

  • css/RuleFeature.cpp:

(WebCore::RuleFeatureSet::recursivelyCollectFeaturesFromSelector):
(WebCore::makeAttributeSelectorKey):

Include attribute value to the key. Otherwise we may deduplicate selectors that are not indentical.

(WebCore::RuleFeatureSet::collectFeatures):
(WebCore::RuleFeatureSet::add):

Use HashMap::ensure().

  • css/RuleFeature.h:

LayoutTests:

  • fast/css/style-invalidation-attribute-change-descendants-expected.txt:
  • fast/css/style-invalidation-attribute-change-descendants.html:
3:21 AM Changeset in webkit [199098] by Manuel Rego Casasnovas
  • 11 edits
    2 adds in trunk

[css-grid] Fix positioned children in RTL
https://bugs.webkit.org/show_bug.cgi?id=156162

Reviewed by Sergio Villar Senin.

Source/WebCore:

This patch fixes a problem affecting the items without
a static inline position (i.e. "left" and/or "right" properties
are not "auto"). In this particular case we need to compute
the "offset" from the left, so we need a specific condition
and computation.

Let's use an example to understand what it's fixing:
<div style="display: grid; grid-template-columns: 100px 50px; width: 300px;

position: relative; direction: rtl;">

<div style="position: absolute; left: 0; grid-column: 1 / 2;">item</div>

</div>

In this case the item has to be placed in the first column
(the one on the right as we're in RTL).
For this we need to calculate the offset from the left, which is 200px:
150px (alignment offset) + 50px (offset from line 3 to 2).

Test: fast/css-grid-layout/grid-positioned-items-background-rtl.html

  • rendering/RenderGrid.cpp:

(WebCore::RenderGrid::offsetAndBreadthForPositionedChild):

LayoutTests:

Added more RTL cases for the positioned tests.

  • fast/css-grid-layout/absolute-positioning-grid-container-containing-block-expected.txt:
  • fast/css-grid-layout/absolute-positioning-grid-container-containing-block.html:
  • fast/css-grid-layout/grid-positioned-items-background-rtl-expected.html: Added.
  • fast/css-grid-layout/grid-positioned-items-background-rtl.html: Added.
  • fast/css-grid-layout/grid-positioned-items-padding-expected.txt:
  • fast/css-grid-layout/grid-positioned-items-padding.html:
  • fast/css-grid-layout/grid-positioned-items-within-grid-implicit-track-expected.txt:
  • fast/css-grid-layout/grid-positioned-items-within-grid-implicit-track.html:
  • fast/css-grid-layout/grid-sizing-positioned-items-expected.txt:
  • fast/css-grid-layout/grid-sizing-positioned-items.html:
2:27 AM Changeset in webkit [199097] by Antti Koivisto
  • 7 edits in trunk

ComposedTreeIterator may crash when first child of shadow root is a comment node
https://bugs.webkit.org/show_bug.cgi?id=156281

Reviewed by Andreas Kling.

Source/WebCore:

It should not use plain firstChild() and assume it is Element or Text.

  • dom/ComposedTreeIterator.cpp:

(WebCore::ComposedTreeIterator::Context::Context):

Add FirstChildTag to various iterator constructors to make clear that they search for the first child.

(WebCore::ComposedTreeIterator::ComposedTreeIterator):
(WebCore::ComposedTreeIterator::traverseShadowRoot):

Fix by using ElementAndTextDescendantIterator to find the first child.

  • dom/ComposedTreeIterator.h:

(WebCore::ComposedTreeIterator::operator*):
(WebCore::ComposedTreeDescendantAdapter::ComposedTreeDescendantAdapter):
(WebCore::ComposedTreeDescendantAdapter::begin):
(WebCore::ComposedTreeDescendantAdapter::end):
(WebCore::ComposedTreeDescendantAdapter::at):
(WebCore::ComposedTreeChildAdapter::Iterator::Iterator):

  • dom/ElementAndTextDescendantIterator.h:

(WebCore::ElementAndTextDescendantIterator::operator++):
(WebCore::ElementAndTextDescendantIterator::ElementAndTextDescendantIterator):
(WebCore::ElementAndTextDescendantIteratorAdapter::begin):
(WebCore::ElementAndTextDescendantIteratorAdapter::end):

LayoutTests:

  • fast/shadow-dom/composed-tree-shadow-subtree-expected.txt:
  • fast/shadow-dom/composed-tree-shadow-subtree.html:

Apr 5, 2016:

11:10 PM Changeset in webkit [199096] by Chris Dumez
  • 5 edits in trunk/Source

Add support for [EnabledAtRuntime] operations on DOMWindow
https://bugs.webkit.org/show_bug.cgi?id=156272

Reviewed by Alex Christensen.

Source/JavaScriptCore:

Add identifier for 'fetch' so it can be used from the generated
bindings.

  • runtime/CommonIdentifiers.h:

Source/WebCore:

Add support for [EnabledAtRuntime] operations on DOMWindow by omitting
such operations from the static table and add them at run-time in
JSDOMWindow::finishCreation() if the corresponding feature is enabled.

This was needed for window.fetch() for which a hack was temporarily
landed in r199081. This patch drops this hack now that the generated
bindings do the right thing.

  • bindings/js/JSDOMGlobalObject.cpp:

(WebCore::JSDOMGlobalObject::scriptExecutionContext):
Drop hack landed in r199081.

  • bindings/scripts/CodeGeneratorJS.pm:

(OperationShouldBeOnInstance):
(GeneratePropertiesHashTable):
(GenerateImplementation):
Add support for [EnabledAtRuntime] operations on DOMWindow.

10:45 PM Changeset in webkit [199095] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Do not create CodeMirror color/gradient markers in JavaScript resources
https://bugs.webkit.org/show_bug.cgi?id=156278
<rdar://problem/25570404>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-04-05
Reviewed by Timothy Hatcher.

  • UserInterface/Views/SourceCodeTextEditor.js:

(WebInspector.SourceCodeTextEditor.prototype._hasStyleSheetContents):
(WebInspector.SourceCodeTextEditor.prototype._updateEditableMarkers):
Only spend the time to create style markers for style sheet contents.

10:31 PM Changeset in webkit [199094] by achristensen@apple.com
  • 17 edits in trunk

Make CMake-generated binaries on Mac able to run
https://bugs.webkit.org/show_bug.cgi?id=156268

Reviewed by Daniel Bates.

.:

  • Source/cmake/OptionsMac.cmake:

Source/JavaScriptCore:

  • CMakeLists.txt:

Source/WebCore:

  • CMakeLists.txt:
  • PlatformMac.cmake:

Source/WebKit:

  • CMakeLists.txt:

Source/WebKit2:

  • CMakeLists.txt:
  • PlatformMac.cmake:

Tools:

  • DumpRenderTree/CMakeLists.txt:
  • DumpRenderTree/PlatformMac.cmake:
  • DumpRenderTree/PlatformWin.cmake:
  • TestWebKitAPI/PlatformMac.cmake:
9:46 PM Changeset in webkit [199093] by fpizlo@apple.com
  • 7 edits in trunk/Source/JavaScriptCore

Improve some other cases of context-sensitive inlining
https://bugs.webkit.org/show_bug.cgi?id=156277

Reviewed by Benjamin Poulain.

This implements some improvements for inlining:

  • We no longer do guarded inlining when the profiling doesn't come from a stub. Doing so would have been risky, and according to benchmarks, it wasn't common enough to matter. I think it's better to err on the side of not inlining.


  • The jneq_ptr pattern for variadic calls no longer breaks the basic block. Not breaking the block increases the chances of the parser seeing the callee constant. While inlining doesn't require a callee constant, sometimes it makes a difference. Note that we were previously breaking the block for no reason at all: if the boundary after jneq_ptr is a jump target from some other jump, then the parser will automatically break the block for us. There is no reason to add any block breaking ourselves since we implement jneq_ptr by ignoring the affirmative jump destination and inserting a check and falling through.


  • get_by_id handling now tries to apply some common sense to its status object. In particular, if the source is a NewObject and there was no interfering operation that could clobber the structure, then we know which case of a polymorphic GetByIdStatus we would take. This arises in some constructor patterns.


Long term, we should address all of these cases comprehensively by having a late inliner. The inliner
being part of the bytecode parser means that there is a lot of complexity in the parser and it
prevents us from inlining upon learning new information from static analysis. But for now, I think
it's fine to experiment with one-off hacks, if only to learn what the possibilities are.

This is a 14% speed-up on Octane/raytrace.

  • bytecode/CallLinkStatus.cpp:

(JSC::CallLinkStatus::dump):

  • bytecode/CallLinkStatus.h:

(JSC::CallLinkStatus::couldTakeSlowPath):
(JSC::CallLinkStatus::setCouldTakeSlowPath):
(JSC::CallLinkStatus::variants):
(JSC::CallLinkStatus::size):
(JSC::CallLinkStatus::at):

  • bytecode/GetByIdStatus.cpp:

(JSC::GetByIdStatus::makesCalls):
(JSC::GetByIdStatus::filter):
(JSC::GetByIdStatus::dump):

  • bytecode/GetByIdStatus.h:

(JSC::GetByIdStatus::wasSeenInJIT):

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::handleCall):
(JSC::DFG::ByteCodeParser::refineStatically):
(JSC::DFG::ByteCodeParser::handleVarargsCall):
(JSC::DFG::ByteCodeParser::handleInlining):
(JSC::DFG::ByteCodeParser::handleGetById):
(JSC::DFG::ByteCodeParser::parseBlock):

  • runtime/Options.h:
8:55 PM Changeset in webkit [199092] by sbarati@apple.com
  • 5 edits in trunk/Source/JavaScriptCore

JSC SamplingProfiler: Use a thread + sleep loop instead of WTF::WorkQueue for taking samples
https://bugs.webkit.org/show_bug.cgi?id=154017

Reviewed by Geoffrey Garen.

By moving to an explicitly created seperate thread + sample-then-sleep
loop, we can remove a lot of the crufty code around WorkQueue.
We're also getting sample rates that are much closer to what we're
asking the OS for. When the sampling handler was built off of WorkQueue,
we'd often get sample rates much higher than the 1ms we asked for. On Kraken,
we would average about 1.7ms sample rates, even though we'd ask for a 1ms rate.
Now, on Kraken, we're getting about 1.2ms rates. Because we're getting
higher rates, this patch is a performance regression. It's slower because
we're sampling more frequently.

Before this patch, the sampling profiler had the following overhead:

  • 10% on Kraken
  • 12% on octane
  • 15% on AsmBench

With this patch, the sampling profiler has the following overhead:

  • 16% on Kraken
  • 17% on Octane
  • 30% on AsmBench

Comparatively, this new patch has the following overhead over the old sampling profiler:

  • 5% on Kraken
  • 3.5% on Octane
  • 13% slower on AsmBench
  • inspector/agents/InspectorScriptProfilerAgent.cpp:

(Inspector::InspectorScriptProfilerAgent::trackingComplete):

  • runtime/SamplingProfiler.cpp:

(JSC::SamplingProfiler::SamplingProfiler):
(JSC::SamplingProfiler::~SamplingProfiler):
(JSC::SamplingProfiler::createThreadIfNecessary):
(JSC::SamplingProfiler::timerLoop):
(JSC::SamplingProfiler::takeSample):
(JSC::tryGetBytecodeIndex):
(JSC::SamplingProfiler::shutdown):
(JSC::SamplingProfiler::start):
(JSC::SamplingProfiler::pause):
(JSC::SamplingProfiler::noticeCurrentThreadAsJSCExecutionThread):
(JSC::SamplingProfiler::noticeJSLockAcquisition):
(JSC::SamplingProfiler::noticeVMEntry):
(JSC::SamplingProfiler::clearData):
(JSC::SamplingProfiler::stop): Deleted.
(JSC::SamplingProfiler::dispatchIfNecessary): Deleted.
(JSC::SamplingProfiler::dispatchFunction): Deleted.

  • runtime/SamplingProfiler.h:

(JSC::SamplingProfiler::setTimingInterval):
(JSC::SamplingProfiler::setStopWatch):

  • runtime/VM.cpp:

(JSC::VM::VM):

8:23 PM Changeset in webkit [199091] by Brian Burg
  • 8 edits in trunk/Source/WebKit2

Web Automation: add support for getting, deleting, and adding cookies
https://bugs.webkit.org/show_bug.cgi?id=156090
<rdar://problem/25477678>

Reviewed by Timothy Hatcher.

Add protocol commands for manipulating cookies with respect to a given page.
Implement all but the addSingleCookie command, which needs a new WebCore API.

  • UIProcess/Automation/Automation.json:

Copy the Page domain Cookie object. Add new commands.

  • UIProcess/Automation/WebAutomationSession.cpp:

(WebKit::WebAutomationSession::getAllCookies):
(WebKit::buildObjectForCookie): Copied from InspectorPageAgent.
(WebKit::buildArrayForCookies): Copied from InspectorPageAgent.
(WebKit::WebAutomationSession::didGetCookiesForFrame):
(WebKit::WebAutomationSession::deleteSingleCookie):
(WebKit::WebAutomationSession::didDeleteCookie):
(WebKit::WebAutomationSession::addSingleCookie): Added a stub for now.
(WebKit::WebAutomationSession::deleteAllCookies):
This command can use the WebCookieManager supplement directly instead of
proxying through AutomationSession. It doesn't block until the delete is
performed like the other methods do, but this shouldn't be a problem.

  • UIProcess/Automation/WebAutomationSession.h:
  • UIProcess/Automation/WebAutomationSession.messages.in:
  • WebProcess/Automation/WebAutomationSessionProxy.cpp:

(WebKit::WebAutomationSessionProxy::getCookiesForFrame):
(WebKit::WebAutomationSessionProxy::deleteCookie):

  • WebProcess/Automation/WebAutomationSessionProxy.h:
  • WebProcess/Automation/WebAutomationSessionProxy.messages.in:
6:37 PM Changeset in webkit [199090] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebKit2

Fix Range requests when not using the NetworkCache with NetworkSession
https://bugs.webkit.org/show_bug.cgi?id=156036
rdar://problem/25334939

Patch by Alex Christensen <achristensen@webkit.org> on 2016-04-05
Reviewed by Sam Weinig.

  • NetworkProcess/cocoa/NetworkSessionCocoa.mm:

(-[WKNetworkSessionDelegate URLSession:dataTask:willCacheResponse:completionHandler:]):
Don't cache any responses with Content-Range headers to work around rdar://problem/20001985.
This is similar to the workaround in shouldCacheResponse in WebCoreNSURLSession.mm
(WebKit::NetworkSession::NetworkSession):
If we are using the NetworkCache, then don't use CFNetwork's cache.

6:36 PM Changeset in webkit [199089] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

Fixed CSS Shapes entry on the WebKit Feature Status page.
https://bugs.webkit.org/show_bug.cgi?id=156262

Patch by Jon Davis <jond@ingenesis.net> on 2016-04-05
Reviewed by Timothy Hatcher.

  • features.json:
6:31 PM Changeset in webkit [199088] by Brent Fulgham
  • 2 edits in trunk/Source/WebKit2

Correct applicationWillTerminate logic for ResourceLoadStatistics
https://bugs.webkit.org/show_bug.cgi?id=156249
<rdar://problem/25179611>

Reviewed by Andy Estes.

The applicationWillTerminate handling for ResourceLoadStatistics incorrectly
assumes that a ResourceLoadStatistics object will always be present.

  1. The termination handling for 'dataStoresWithStorageManagers' should be calling 'applicationWillTerminate' on any ResourceLoadStatistics objects attached to the dataStore.
  2. platformInitialize should null-check before attempting to dispatch.
  3. platformDestroy should null check before attempting to dispatch.
  • UIProcess/WebsiteData/Cocoa/WebsiteDataStoreCocoa.mm:

(WebKit::WebsiteDataStore::platformInitialize):
(WebKit::WebsiteDataStore::platformDestroy): Invoke 'applicationWillTerminate' on
m_resourceLoadStatistics if present.

6:18 PM Changeset in webkit [199087] by Chris Dumez
  • 5 edits
    11 adds in trunk

MessageEvent.source window is incorrect once window has been reified
https://bugs.webkit.org/show_bug.cgi?id=156227
<rdar://problem/25545831>

Reviewed by Mark Lam.

Source/WebCore:

MessageEvent.source window was incorrect once window had been reified.

If the Window had not been reified, we kept constructing new
postMessage() functions when calling window.postMessage(). We used to
pass activeDOMWindow(execState) as source Window to
DOMWindow::postMessage(). activeDOMWindow() uses
exec->lexicalGlobalObject() which did the right thing because we
used to construct a new postMessage() function in the caller's context.

However, after reification, due to the way JSDOMWindow::getOwnPropertySlot()
was implemented, we would stop constructing new postMessage() functions
when calling window.postMessage(). As a result, the source window would
become incorrect because exec->lexicalGlobalObject() would return the
target Window instead.

In this patch, the following is done:

  1. Stop constructing a new function every time in the same origin case for postMessage, blur, focus and close. This was inefficient and lead to incorrect behavior:
    • The behavior would differ depending if the Window is reified or not
    • It would be impossible to delete those operations, which is incompatible with the specification and other browsers (tested Firefox and Chrome).
  2. Use callerDOMWindow(execState) instead of activeDOMWindow(execState) as source Window in JSDOMWindow::handlePostMessage(). callerDOMWindow() is a new utility function that returns the caller's Window object.

Tests: fast/dom/Window/delete-operations.html

fast/dom/Window/messageevent-source-postmessage-reified.html
fast/dom/Window/messageevent-source-postmessage.html
fast/dom/Window/messageevent-source-postmessage2.html
fast/dom/Window/window-postmessage-clone-frames.html
fast/dom/Window/post-message-crash2.html

  • bindings/js/JSDOMBinding.cpp:

(WebCore::GetCallerCodeBlockFunctor::operator()):
(WebCore::GetCallerCodeBlockFunctor::codeBlock):
(WebCore::callerDOMWindow):

  • bindings/js/JSDOMBinding.h:
  • bindings/js/JSDOMWindowCustom.cpp:

(WebCore::handlePostMessage):

LayoutTests:

Add tests that cover using MessageEvent.source Window for messaging
using postMessage(). There are 2 versions of the test, one where the
main window is reified and one where it is not. The test that has a
reified main window was failing because this fix.

  • fast/dom/Window/delete-operations-expected.txt: Added.
  • fast/dom/Window/delete-operations.html: Added.

Make sure that operations on Window are indeed deletable. Previously,
it would be impossible to delete postMessage, blur, focus and close.

  • fast/dom/Window/messageevent-source-postmessage-expected.txt: Added.
  • fast/dom/Window/messageevent-source-postmessage-reified-expected.txt: Added.
  • fast/dom/Window/messageevent-source-postmessage-reified.html: Added.
  • fast/dom/Window/messageevent-source-postmessage.html: Added.
  • fast/dom/Window/messageevent-source-postmessage2.html: Added.
  • fast/dom/Window/resources/messageevent-source-postmessage-frame.html: Added.
  • fast/dom/Window/post-message-crash2-expected.txt: Added.
  • fast/dom/Window/post-message-crash2.html: Added.
6:17 PM Changeset in webkit [199086] by mmaxfield@apple.com
  • 2 edits
    4 adds in trunk/LayoutTests

Test listbox clipping to contents rect
https://bugs.webkit.org/show_bug.cgi?id=156265

Reviewed by Simon Fraser.

These tests create some <select><option></option></select>s with padding.
These list boxes use the zapfino "f" character (because it draws wildly
far outside of its layout box) to create a case where text inside the list
box would naturally intersect with the padding. This overflow should be
clipped so that the padding is undisturbed.

  • fast/forms/listbox-padding-clip-expected.html: Added.
  • fast/forms/listbox-padding-clip-overlay-expected.html: Added.
  • fast/forms/listbox-padding-clip-overlay.html: Added.
  • fast/forms/listbox-padding-clip.html: Added.
  • platform/ios-simulator/TestExpectations: Skip on iOS
4:56 PM Changeset in webkit [199085] by timothy@apple.com
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Make the Timelines sidebar wider

https://bugs.webkit.org/show_bug.cgi?id=156257
rdar://problem/25564218

Reviewed by Joseph Pecoraro.

  • UserInterface/Views/TimelineOverview.css:

(.timeline-overview): Added. Set define --timeline-sidebar-width.
(.timeline-overview > .navigation-bar.timelines): Use --timeline-sidebar-width.
(.timeline-overview > .tree-outline.timelines): Ditto.
(.timeline-overview > .scroll-container): Ditto.
(.timeline-overview > .timeline-ruler): Ditto.
(.timeline-overview > .graphs-container): Ditto.

4:50 PM Changeset in webkit [199084] by Ryan Haddad
  • 40 edits
    1 delete in trunk/Source/JavaScriptCore

Unreviewed, rolling out r199073.
https://bugs.webkit.org/show_bug.cgi?id=156261

This change broke internal Mac builds (Requested by ryanhaddad
on #webkit).

Reverted changeset:

"We should support the ability to do a non-effectful getById"
https://bugs.webkit.org/show_bug.cgi?id=156116
http://trac.webkit.org/changeset/199073

Patch by Commit Queue <commit-queue@webkit.org> on 2016-04-05

4:33 PM Changeset in webkit [199083] by Beth Dakin
  • 5 edits in trunk/Source

Make requestCandidatesForSelection available on any EditorClient
https://bugs.webkit.org/show_bug.cgi?id=156253
-and corresponding-
rdar://problem/24661147

Reviewed by Dean Jackson.

Source/WebCore:

  • loader/EmptyClients.h:
  • page/EditorClient.h:

(WebCore::EditorClient::requestCandidatesForSelection):

Source/WebKit/mac:

  • WebCoreSupport/WebEditorClient.h:
4:20 PM Changeset in webkit [199082] by timothy@apple.com
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Command-Option-R opens Inspector details sidebar or Responsive Design Mode, should only do one

https://bugs.webkit.org/show_bug.cgi?id=156258
rdar://problem/25483871

Reviewed by Joseph Pecoraro.

  • UserInterface/Base/Main.js:

(WebInspector.contentLoaded): Change shortcuts to Command-Option-0 and Command-Shift-0.

4:20 PM Changeset in webkit [199081] by achristensen@apple.com
  • 28 edits in trunk

[Fetch API] Add a runtime flag to fetch API and related constructs
https://bugs.webkit.org/show_bug.cgi?id=156113

Patch by Youenn Fablet <youenn.fablet@crf.canon.fr> on 2016-04-05
Reviewed by Alex Christensen.

Source/JavaScriptCore:

Add a fetch API runtime flag based on preferences.
Disable fetch API by default.

  • runtime/CommonIdentifiers.h:

Source/WebCore:

Marking all Fetch interfaces EnabledAtRuntime=FetchAPI.
Adding FetchAPI runtime flag setter and getter.
In case, fetch API is disabled, ensure Window.prototype.fetch returns undefined.

  • Modules/fetch/DOMWindowFetch.idl:
  • Modules/fetch/FetchBody.idl:
  • Modules/fetch/FetchHeaders.idl:
  • Modules/fetch/FetchRequest.idl:
  • Modules/fetch/FetchResponse.idl:
  • Modules/fetch/WorkerGlobalScopeFetch.idl:
  • bindings/generic/RuntimeEnabledFeatures.h:

(WebCore::RuntimeEnabledFeatures::webGL2Enabled):
(WebCore::RuntimeEnabledFeatures::setFetchAPIEnabled):
(WebCore::RuntimeEnabledFeatures::fetchAPIEnabled):

  • bindings/js/JSDOMGlobalObject.cpp:

(WebCore::JSDOMGlobalObject::finishCreation):

Source/WebKit/mac:

Add a fetch API runtime flag based on preferences.
Disable fetch API by default.

  • WebView/WebPreferenceKeysPrivate.h:
  • WebView/WebPreferences.mm:

(+[WebPreferences initialize]):
(-[WebPreferences setCustomElementsEnabled:]):
(-[WebPreferences fetchAPIEnabled]):
(-[WebPreferences setFetchAPIEnabled:]):

  • WebView/WebPreferencesPrivate.h:
  • WebView/WebView.mm:

(-[WebView _preferencesChanged:]):
(-[WebView preferencesIdentifier]):
(-[WebView setUIDelegate:]):

Source/WebKit2:

Add a fetch API runtime flag based on preferences.
Disable fetch API by default.

  • Shared/WebPreferencesDefinitions.h:
  • UIProcess/API/C/WKPreferences.cpp:

(WKPreferencesGetCustomElementsEnabled):
(WKPreferencesSetFetchAPIEnabled):
(WKPreferencesGetFetchAPIEnabled):

  • UIProcess/API/C/WKPreferencesRefPrivate.h:
  • WebProcess/InjectedBundle/InjectedBundle.cpp:

(WebKit::InjectedBundle::overrideBoolPreferenceForTestRunner):

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::updatePreferences):

Tools:

  • DumpRenderTree/TestRunner.h:
  • DumpRenderTree/mac/DumpRenderTree.mm:

(resetWebPreferencesToConsistentValues):

  • WebKitTestRunner/InjectedBundle/InjectedBundle.cpp:

(WTR::InjectedBundle::beginTesting):

  • WebKitTestRunner/InjectedBundle/TestRunner.cpp:

(WTR::TestRunner::setWebGL2Enabled):
(WTR::TestRunner::setFetchAPIEnabled):
(WTR::TestRunner::setAllowUniversalAccessFromFileURLs):

  • WebKitTestRunner/InjectedBundle/TestRunner.h:
3:57 PM Changeset in webkit [199080] by fpizlo@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Unreviewed, fix cloop some more.

  • runtime/RegExpInlines.h:

(JSC::RegExp::hasCodeFor):
(JSC::RegExp::hasMatchOnlyCodeFor):

3:55 PM Changeset in webkit [199079] by fpizlo@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Unreviewed, fix cloop.

  • jit/CCallHelpers.cpp:
3:55 PM Changeset in webkit [199078] by beidson@apple.com
  • 11 edits in trunk/Source/WebCore

Modern IDB: Get blob URLs/files all the way to the IDB backing store.
https://bugs.webkit.org/show_bug.cgi?id=156248

Reviewed by Alex Christensen.

No new tests (No change in behavior).

  • Modules/indexeddb/IDBTransaction.cpp:

(WebCore::IDBTransaction::putOrAddOnServer):

  • Modules/indexeddb/IDBValue.cpp:

(WebCore::IDBValue::IDBValue):
(WebCore::IDBValue::isolatedCopy):

  • Modules/indexeddb/IDBValue.h:

(WebCore::IDBValue::blobURLs):
(WebCore::IDBValue::blobFilePaths):
(WebCore::IDBValue::encode):
(WebCore::IDBValue::decode):

  • Modules/indexeddb/server/IDBBackingStore.h:
  • Modules/indexeddb/server/MemoryIDBBackingStore.cpp:

(WebCore::IDBServer::MemoryIDBBackingStore::addRecord):

  • Modules/indexeddb/server/MemoryIDBBackingStore.h:
  • Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:

(WebCore::IDBServer::SQLiteIDBBackingStore::addRecord):

  • Modules/indexeddb/server/SQLiteIDBBackingStore.h:
  • Modules/indexeddb/server/UniqueIDBDatabase.cpp:

(WebCore::IDBServer::UniqueIDBDatabase::performPutOrAdd):

  • bindings/js/SerializedScriptValue.cpp:

(WebCore::SerializedScriptValue::writeBlobsToDiskForIndexedDB):

3:32 PM Changeset in webkit [199077] by Matt Baker
  • 3 edits in trunk/Source/WebInspectorUI

Web Inspector: Should not allow selecting no Timelines when editing in Timeline tab
https://bugs.webkit.org/show_bug.cgi?id=156223
<rdar://problem/25552221>

Reviewed by Joseph Pecoraro.

  • UserInterface/Views/TimelineOverview.js:

(WebInspector.TimelineOverview):
(WebInspector.TimelineOverview.prototype._startEditingInstruments):
Register EnabledDidChange event handler for all tree elements.

(WebInspector.TimelineOverview.prototype._stopEditingInstruments):
Unregister event handler for enabled tree elements. The rest are removed
from the tree outline once editing has completed.

(WebInspector.TimelineOverview.prototype._timelineTreeElementEnabledDidChange):
Enable "Done" button if at least one timeline is enabled.

  • UserInterface/Views/TimelineTreeElement.js:

Dispatch a new event, EnabledDidChange, when the checkbox state changes.

(WebInspector.TimelineTreeElement.prototype._showCheckbox):
(WebInspector.TimelineTreeElement.prototype._clickHandler):
(WebInspector.TimelineTreeElement.prototype._dispatchEnabledDidChangeEvent):
(WebInspector.TimelineTreeElement):

3:17 PM Changeset in webkit [199076] by fpizlo@apple.com
  • 64 edits
    8 adds in trunk

JSC should use a shadow stack version of CHICKEN so that debuggers have the option of retrieving tail-deleted frames
https://bugs.webkit.org/show_bug.cgi?id=155598

Reviewed by Saam Barati.
PerformanceTests/SunSpider:

  • shadow-chicken.yaml: Added.

Source/JavaScriptCore:


JSC is the first JSVM to have proper tail calls. This means that error.stack and the
debugger will appear to "delete" strict mode stack frames, if the call that this frame made
was in tail position. This is exactly what functional programmers expect - they don't want
the VM to waste resources on tail-deleted frames to ensure that it's legal to loop forever
using tail calls. It's also something that non-functional programmers fear. It's not clear
that tail-deleted frames would actually degrade the debugging experience, but the fear is
real, so it's worthwhile to do something about it.

It turns out that there is at least one tail call implementation that doesn't suffer from
this problem. It implements proper tail calls in the sense that you won't run out of memory
by tail-looping. It also has the power to show you tail-deleted frames in a backtrace, so
long as you haven't yet run out of memory. It's called CHICKEN Scheme, and it's one of my
favorite hacks:

http://www.more-magic.net/posts/internals-gc.html

CHICKEN does many awesome things. The intuition from CHICKEN that we use here is a simple
one: what if a tail call still kept the tail-deleted frame, and the GC actually deleted that
frame only once we proved that there was insufficient memory to keep it around.

CHICKEN does this by reshaping the C stack with longjmp/setjmp. We can't do that because we
can have arbitrary native code, and that native code does not have relocatable stack frames.

But we can do something almost like CHICKEN on a shadow stack. It's a common trick to have a
VM maintain two stacks - the actual execution stack plus a shadow stack that has some extra
information. The shadow stack can be reshaped, moved, etc, since the VM tightly controls its
layout. The main stack can then continue to obey ABI rules.

This patch implements a mechanism for being able to display stack traces that include
tail-deleted frames. It uses a shadow stack that behaves like a CHICKEN stack: it has all
frames all the time, though we will collect the tail-deleted ones if the stack gets too big.
This new mechanism is called ShadowChicken, obviously: it's CHICKEN on a shadow stack.

ShadowChicken is always on, but individual CodeBlocks may make their own choices about
whether to opt into it. They will do that at bytecompile time based on the debugger mode on
their global object.

When no CodeBlock opts in, there is no overhead, since ShadowChicken ends up doing nothing
in that case. Well, except when exceptions are thrown. Then it might do some work, but it's
minor.

When all CodeBlocks opt in, there is about 6% overhead. That's too much overhead to enable
this all the time, but it's low enough to justify enabling in the Inspector. It's currently
enabled on all CodeBlocks only when you use an Option. Otherwise it will auto-enable if the
debugger is on.

Note that ShadowChicken attempts to gracefully handle the presence of stack frames that have
no logging. This is essential since we *can* have debugging enabled in one GlobalObject and
disabled in another. Also, some frames don't do ShadowChicken because they just haven't been
hacked to do it yet. Native frames fall into this category, as do the VM entry frames.

This doesn't yet wire ShadowChicken into DebuggerCallFrame. That will take more work. It
just makes a ShadowChicken stack walk function available to jsc. It's used from the
shadow-chicken tests.

  • API/JSContextRef.cpp:

(BacktraceFunctor::BacktraceFunctor):
(BacktraceFunctor::operator()):
(JSContextCreateBacktrace):

  • CMakeLists.txt:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • bytecode/BytecodeList.json:
  • bytecode/BytecodeUseDef.h:

(JSC::computeUsesForBytecodeOffset):
(JSC::computeDefsForBytecodeOffset):

  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::dumpBytecode):
(JSC::RecursionCheckFunctor::RecursionCheckFunctor):
(JSC::RecursionCheckFunctor::operator()):
(JSC::CodeBlock::noticeIncomingCall):

  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::emitEnter):
(JSC::BytecodeGenerator::emitCallInTailPosition):
(JSC::BytecodeGenerator::emitCallVarargsInTailPosition):
(JSC::BytecodeGenerator::emitCallVarargs):
(JSC::BytecodeGenerator::emitLogShadowChickenPrologueIfNecessary):
(JSC::BytecodeGenerator::emitLogShadowChickenTailIfNecessary):
(JSC::BytecodeGenerator::emitCallDefineProperty):

  • bytecompiler/BytecodeGenerator.h:
  • debugger/DebuggerCallFrame.cpp:

(JSC::LineAndColumnFunctor::operator()):
(JSC::LineAndColumnFunctor::column):
(JSC::FindCallerMidStackFunctor::FindCallerMidStackFunctor):
(JSC::FindCallerMidStackFunctor::operator()):
(JSC::DebuggerCallFrame::DebuggerCallFrame):

  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::parseBlock):

  • dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

  • dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

  • dfg/DFGNodeType.h:
  • dfg/DFGPredictionPropagationPhase.cpp:

(JSC::DFG::PredictionPropagationPhase::propagate):

  • dfg/DFGSafeToExecute.h:

(JSC::DFG::safeToExecute):

  • dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • ftl/FTLAbstractHeapRepository.cpp:
  • ftl/FTLAbstractHeapRepository.h:
  • ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileSetRegExpObjectLastIndex):
(JSC::FTL::DFG::LowerDFGToB3::compileLogShadowChickenPrologue):
(JSC::FTL::DFG::LowerDFGToB3::compileLogShadowChickenTail):
(JSC::FTL::DFG::LowerDFGToB3::didOverflowStack):
(JSC::FTL::DFG::LowerDFGToB3::allocateJSArray):
(JSC::FTL::DFG::LowerDFGToB3::setupShadowChickenPacket):
(JSC::FTL::DFG::LowerDFGToB3::boolify):

  • heap/Heap.cpp:

(JSC::Heap::markRoots):
(JSC::Heap::visitSamplingProfiler):
(JSC::Heap::visitShadowChicken):
(JSC::Heap::traceCodeBlocksAndJITStubRoutines):
(JSC::Heap::collectImpl):

  • heap/Heap.h:
  • inspector/ScriptCallStackFactory.cpp:

(Inspector::CreateScriptCallStackFunctor::CreateScriptCallStackFunctor):
(Inspector::CreateScriptCallStackFunctor::operator()):
(Inspector::createScriptCallStack):

  • interpreter/CallFrame.h:

(JSC::ExecState::iterate):

  • interpreter/Interpreter.cpp:

(JSC::DumpRegisterFunctor::DumpRegisterFunctor):
(JSC::DumpRegisterFunctor::operator()):
(JSC::GetStackTraceFunctor::GetStackTraceFunctor):
(JSC::GetStackTraceFunctor::operator()):
(JSC::Interpreter::getStackTrace):
(JSC::GetCatchHandlerFunctor::handler):
(JSC::GetCatchHandlerFunctor::operator()):
(JSC::notifyDebuggerOfUnwinding):
(JSC::UnwindFunctor::UnwindFunctor):
(JSC::UnwindFunctor::operator()):
(JSC::UnwindFunctor::copyCalleeSavesToVMCalleeSavesBuffer):

  • interpreter/ShadowChicken.cpp: Added.

(JSC::ShadowChicken::Packet::dump):
(JSC::ShadowChicken::Frame::dump):
(JSC::ShadowChicken::ShadowChicken):
(JSC::ShadowChicken::~ShadowChicken):
(JSC::ShadowChicken::log):
(JSC::ShadowChicken::update):
(JSC::ShadowChicken::visitChildren):
(JSC::ShadowChicken::reset):
(JSC::ShadowChicken::dump):
(JSC::ShadowChicken::functionsOnStack):

  • interpreter/ShadowChicken.h: Added.

(JSC::ShadowChicken::Packet::Packet):
(JSC::ShadowChicken::Packet::tailMarker):
(JSC::ShadowChicken::Packet::throwMarker):
(JSC::ShadowChicken::Packet::prologue):
(JSC::ShadowChicken::Packet::tail):
(JSC::ShadowChicken::Packet::throwPacket):
(JSC::ShadowChicken::Packet::operator bool):
(JSC::ShadowChicken::Packet::isPrologue):
(JSC::ShadowChicken::Packet::isTail):
(JSC::ShadowChicken::Packet::isThrow):
(JSC::ShadowChicken::Frame::Frame):
(JSC::ShadowChicken::Frame::operator==):
(JSC::ShadowChicken::Frame::operator!=):
(JSC::ShadowChicken::log):
(JSC::ShadowChicken::logSize):
(JSC::ShadowChicken::addressOfLogCursor):
(JSC::ShadowChicken::logEnd):

  • interpreter/ShadowChickenInlines.h: Added.

(JSC::ShadowChicken::iterate):

  • interpreter/StackVisitor.h:

(JSC::StackVisitor::Frame::callee):
(JSC::StackVisitor::Frame::codeBlock):
(JSC::StackVisitor::Frame::bytecodeOffset):
(JSC::StackVisitor::Frame::inlineCallFrame):
(JSC::StackVisitor::Frame::isJSFrame):
(JSC::StackVisitor::Frame::isInlinedFrame):
(JSC::StackVisitor::visit):

  • jit/CCallHelpers.cpp: Added.

(JSC::CCallHelpers::logShadowChickenProloguePacket):
(JSC::CCallHelpers::logShadowChickenTailPacket):
(JSC::CCallHelpers::setupShadowChickenPacket):

  • jit/CCallHelpers.h:

(JSC::CCallHelpers::prepareForTailCallSlow):

  • jit/JIT.cpp:

(JSC::JIT::privateCompileMainPass):

  • jit/JIT.h:
  • jit/JITExceptions.cpp:

(JSC::genericUnwind):

  • jit/JITOpcodes.cpp:

(JSC::JIT::emit_op_resume):
(JSC::JIT::emit_op_log_shadow_chicken_prologue):
(JSC::JIT::emit_op_log_shadow_chicken_tail):

  • jit/JITOperations.cpp:
  • jit/JITOperations.h:
  • jsc.cpp:

(GlobalObject::finishCreation):
(FunctionJSCStackFunctor::FunctionJSCStackFunctor):
(FunctionJSCStackFunctor::operator()):
(functionClearSamplingFlags):
(functionShadowChickenFunctionsOnStack):
(functionReadline):

  • llint/LLIntOffsetsExtractor.cpp:
  • llint/LLIntSlowPaths.cpp:

(JSC::LLInt::LLINT_SLOW_PATH_DECL):
(JSC::LLInt::llint_throw_stack_overflow_error):

  • llint/LLIntSlowPaths.h:
  • llint/LowLevelInterpreter.asm:
  • profiler/ProfileGenerator.cpp:

(JSC::AddParentForConsoleStartFunctor::foundParent):
(JSC::AddParentForConsoleStartFunctor::operator()):

  • runtime/Error.cpp:

(JSC::FindFirstCallerFrameWithCodeblockFunctor::FindFirstCallerFrameWithCodeblockFunctor):
(JSC::FindFirstCallerFrameWithCodeblockFunctor::operator()):
(JSC::addErrorInfoAndGetBytecodeOffset):

  • runtime/JSFunction.cpp:

(JSC::RetrieveArgumentsFunctor::result):
(JSC::RetrieveArgumentsFunctor::operator()):
(JSC::retrieveArguments):
(JSC::RetrieveCallerFunctionFunctor::result):
(JSC::RetrieveCallerFunctionFunctor::operator()):
(JSC::retrieveCallerFunction):

  • runtime/JSGlobalObjectFunctions.cpp:

(JSC::GlobalFuncProtoGetterFunctor::result):
(JSC::GlobalFuncProtoGetterFunctor::operator()):
(JSC::globalFuncProtoGetter):
(JSC::GlobalFuncProtoSetterFunctor::allowsAccess):
(JSC::GlobalFuncProtoSetterFunctor::operator()):

  • runtime/NullSetterFunction.cpp:

(JSC::GetCallerStrictnessFunctor::GetCallerStrictnessFunctor):
(JSC::GetCallerStrictnessFunctor::operator()):
(JSC::GetCallerStrictnessFunctor::callerIsStrict):
(JSC::callerIsStrict):

  • runtime/ObjectConstructor.cpp:

(JSC::ObjectConstructorGetPrototypeOfFunctor::result):
(JSC::ObjectConstructorGetPrototypeOfFunctor::operator()):
(JSC::objectConstructorGetPrototypeOf):

  • runtime/Options.h:
  • runtime/VM.cpp:

(JSC::VM::VM):
(JSC::SetEnabledProfilerFunctor::operator()):

  • runtime/VM.h:

(JSC::VM::shouldBuilderPCToCodeOriginMapping):
(JSC::VM::bytecodeIntrinsicRegistry):
(JSC::VM::shadowChicken):

  • tests/stress/resources/shadow-chicken-support.js: Added.

(describeFunction):
(describeArray):
(expectStack):
(initialize):

  • tests/stress/shadow-chicken-disabled.js: Added.

(test1.foo):
(test1.bar):
(test1.baz):
(test1):
(test2.foo):
(test2.bar):
(test2.baz):
(test2):
(test3.foo):
(test3.bar):
(test3.baz):
(test3):

  • tests/stress/shadow-chicken-enabled.js: Added.

(test1.foo):
(test1.bar):
(test1.baz):
(test1):
(test2.foo):
(test2.bar):
(test2.baz):
(test2):
(test3.bob):
(test3.thingy):
(test3.foo):
(test3.bar):
(test3.baz):
(test3):
(test4.bob):
(test4.thingy):
(test4.foo):
(test4.bar):
(test4.baz):
(test4):
(test5.foo):
(test5):

  • tools/JSDollarVMPrototype.cpp:

(JSC::CallerFrameJITTypeFunctor::CallerFrameJITTypeFunctor):
(JSC::CallerFrameJITTypeFunctor::operator()):
(JSC::CallerFrameJITTypeFunctor::jitType):
(JSC::functionLLintTrue):
(JSC::CellAddressCheckFunctor::CellAddressCheckFunctor):
(JSC::CellAddressCheckFunctor::operator()):
(JSC::JSDollarVMPrototype::isValidCell):
(JSC::JSDollarVMPrototype::isValidCodeBlock):
(JSC::JSDollarVMPrototype::codeBlockForFrame):
(JSC::PrintFrameFunctor::PrintFrameFunctor):
(JSC::PrintFrameFunctor::operator()):
(JSC::printCallFrame):

Source/WebCore:

Fixed some uses of the stack walking functor to obey the new lambda-friendly API, which
requires that operator() is const.

No new tests because no change in behavior.

  • bindings/js/JSXMLHttpRequestCustom.cpp:

(WebCore::SendFunctor::column):
(WebCore::SendFunctor::url):
(WebCore::SendFunctor::operator()):
(WebCore::JSXMLHttpRequest::send):

  • testing/Internals.cpp:

(WebCore::GetCallerCodeBlockFunctor::GetCallerCodeBlockFunctor):
(WebCore::GetCallerCodeBlockFunctor::operator()):
(WebCore::GetCallerCodeBlockFunctor::codeBlock):
(WebCore::Internals::parserMetaData):

3:13 PM Changeset in webkit [199075] by fpizlo@apple.com
  • 52 edits
    17 adds in trunk

Source/JavaScriptCore:
DFG and FTL should constant-fold RegExpExec, RegExpTest, and StringReplace
https://bugs.webkit.org/show_bug.cgi?id=155270

Reviewed by Saam Barati.

This enables constant-folding of RegExpExec, RegExpTest, and StringReplace.

It's now possible to run Yarr on the JIT threads. Since previous work on constant-folding
strings gave the DFG an API for reasoning about JSString constants in terms of
JIT-thread-local WTF::Strings, it's now super easy to just pass strings to Yarr and build IR
based on the results.

But RegExpExec is hard: the folded version still must allocate a RegExpMatchesArray. We must
use the same Structure that the code would have used or else we'll pollute the program's
inline caches. Also, RegExpMatchesArray.h|cpp will allocate the array and its named
properties in one go - we don't want to lose that optimization. So, this patch enables
MaterializeNewObject to allocate objects or arrays with any number of indexed or named
properties. Previously it could only handle objects (but not arrays) and named properties
(but not indexed ones).

This also adds a few minor things for setting the RegExpConstructor cached result.

This is about a 2x speed-up on microbenchmarks when we fold a match success and about a
8x speed-up when we fold a match failure. It's a 10% speed-up on Octane/regexp.

  • JavaScriptCore.xcodeproj/project.pbxproj:
  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

  • dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

  • dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

  • dfg/DFGGraph.cpp:

(JSC::DFG::Graph::dump):

  • dfg/DFGInsertionSet.cpp:

(JSC::DFG::InsertionSet::insertSlow):
(JSC::DFG::InsertionSet::execute):

  • dfg/DFGInsertionSet.h:

(JSC::DFG::InsertionSet::insertCheck):

  • dfg/DFGLazyJSValue.cpp:

(JSC::DFG::LazyJSValue::tryGetString):

  • dfg/DFGMayExit.cpp:

(JSC::DFG::mayExit):

  • dfg/DFGNode.h:

(JSC::DFG::StackAccessData::flushedAt):
(JSC::DFG::OpInfo::OpInfo): Deleted.

  • dfg/DFGNodeType.h:
  • dfg/DFGObjectAllocationSinkingPhase.cpp:
  • dfg/DFGObjectMaterializationData.cpp:

(JSC::DFG::ObjectMaterializationData::dump):
(JSC::DFG::PhantomPropertyValue::dump): Deleted.
(JSC::DFG::ObjectMaterializationData::oneWaySimilarityScore): Deleted.
(JSC::DFG::ObjectMaterializationData::similarityScore): Deleted.

  • dfg/DFGObjectMaterializationData.h:

(JSC::DFG::PhantomPropertyValue::PhantomPropertyValue): Deleted.
(JSC::DFG::PhantomPropertyValue::operator==): Deleted.

  • dfg/DFGOpInfo.h: Added.

(JSC::DFG::OpInfo::OpInfo):

  • dfg/DFGOperations.cpp:
  • dfg/DFGOperations.h:
  • dfg/DFGPredictionPropagationPhase.cpp:

(JSC::DFG::PredictionPropagationPhase::propagate):

  • dfg/DFGPromotedHeapLocation.cpp:

(WTF::printInternal):

  • dfg/DFGPromotedHeapLocation.h:
  • dfg/DFGSafeToExecute.h:

(JSC::DFG::safeToExecute):

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::~SpeculativeJIT):
(JSC::DFG::SpeculativeJIT::emitAllocateRawObject):
(JSC::DFG::SpeculativeJIT::emitGetLength):
(JSC::DFG::SpeculativeJIT::compileLazyJSConstant):
(JSC::DFG::SpeculativeJIT::compileMaterializeNewObject):
(JSC::DFG::SpeculativeJIT::compileRecordRegExpCachedResult):
(JSC::DFG::SpeculativeJIT::emitAllocateJSArray): Deleted.

  • dfg/DFGSpeculativeJIT.h:

(JSC::DFG::SpeculativeJIT::emitAllocateDestructibleObject):

  • dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • dfg/DFGStoreBarrierInsertionPhase.cpp:
  • dfg/DFGStrengthReductionPhase.cpp:

(JSC::DFG::StrengthReductionPhase::StrengthReductionPhase):
(JSC::DFG::StrengthReductionPhase::handleNode):
(JSC::DFG::StrengthReductionPhase::handleCommutativity):
(JSC::DFG::StrengthReductionPhase::executeInsertionSet):

  • dfg/DFGValidate.cpp:

(JSC::DFG::Validate::validate):
(JSC::DFG::Validate::validateCPS):

  • ftl/FTLAbstractHeapRepository.cpp:
  • ftl/FTLAbstractHeapRepository.h:
  • ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileNewArrayWithSize):
(JSC::FTL::DFG::LowerDFGToB3::compileMaterializeNewObject):
(JSC::FTL::DFG::LowerDFGToB3::compileMaterializeCreateActivation):
(JSC::FTL::DFG::LowerDFGToB3::compileSetRegExpObjectLastIndex):
(JSC::FTL::DFG::LowerDFGToB3::compileRecordRegExpCachedResult):
(JSC::FTL::DFG::LowerDFGToB3::didOverflowStack):
(JSC::FTL::DFG::LowerDFGToB3::storageForTransition):
(JSC::FTL::DFG::LowerDFGToB3::initializeArrayElements):
(JSC::FTL::DFG::LowerDFGToB3::allocatePropertyStorage):
(JSC::FTL::DFG::LowerDFGToB3::isNotCellOrMisc):
(JSC::FTL::DFG::LowerDFGToB3::unboxDouble):

  • ftl/FTLOperations.cpp:

(JSC::FTL::operationPopulateObjectInOSR):
(JSC::FTL::operationNewObjectWithButterfly): Deleted.

  • ftl/FTLOperations.h:
  • inspector/ContentSearchUtilities.cpp:
  • runtime/JSObject.h:

(JSC::JSObject::createRawObject):
(JSC::JSFinalObject::create):

  • runtime/RegExp.cpp:

(JSC::RegExp::compile):
(JSC::RegExp::match):
(JSC::RegExp::matchConcurrently):
(JSC::RegExp::compileMatchOnly):
(JSC::RegExp::deleteCode):

  • runtime/RegExp.h:
  • runtime/RegExpCachedResult.h:

(JSC::RegExpCachedResult::offsetOfLastRegExp):
(JSC::RegExpCachedResult::offsetOfLastInput):
(JSC::RegExpCachedResult::offsetOfResult):
(JSC::RegExpCachedResult::offsetOfReified):

  • runtime/RegExpConstructor.h:

(JSC::RegExpConstructor::offsetOfCachedResult):

  • runtime/RegExpInlines.h:

(JSC::RegExp::hasCodeFor):
(JSC::RegExp::compileIfNecessary):
(JSC::RegExp::matchInline):
(JSC::RegExp::hasMatchOnlyCodeFor):
(JSC::RegExp::compileIfNecessaryMatchOnly):

  • runtime/RegExpObjectInlines.h:

(JSC::RegExpObject::execInline):

  • runtime/StringPrototype.cpp:

(JSC::substituteBackreferencesSlow):
(JSC::substituteBackreferencesInline):
(JSC::substituteBackreferences):
(JSC::StringRange::StringRange):

  • runtime/StringPrototype.h:
  • runtime/VM.h:
  • tests/stress/simple-regexp-exec-folding-fail.js: Added.

(foo):

  • tests/stress/simple-regexp-exec-folding.js: Added.

(foo):

  • tests/stress/simple-regexp-test-folding-fail.js: Added.

(foo):

  • tests/stress/simple-regexp-test-folding.js: Added.

(foo):

  • yarr/RegularExpression.cpp:
  • yarr/Yarr.h:
  • yarr/YarrInterpreter.cpp:

(JSC::Yarr::Interpreter::interpret):
(JSC::Yarr::ByteCompiler::ByteCompiler):
(JSC::Yarr::ByteCompiler::compile):
(JSC::Yarr::ByteCompiler::checkInput):
(JSC::Yarr::byteCompile):
(JSC::Yarr::interpret):

  • yarr/YarrInterpreter.h:

(JSC::Yarr::BytecodePattern::BytecodePattern):

Source/WTF:
DFG and FTL should constant-fold RegExpExec
https://bugs.webkit.org/show_bug.cgi?id=155270

Reviewed by Saam Barati.

Make executeInsertions() return the amount by which the vector increased in size. This is a
convenient feature that I use in DFG::InsertionSet.

  • wtf/Insertion.h:

(WTF::executeInsertions):

LayoutTests:
DFG and FTL should constant-fold RegExpExec
https://bugs.webkit.org/show_bug.cgi?id=155270

Reviewed by Saam Barati.

  • js/regress/script-tests/simple-regexp-exec-folding-fail.js: Added.
  • js/regress/script-tests/simple-regexp-exec-folding.js: Added.
  • js/regress/script-tests/simple-regexp-test-folding-fail.js: Added.
  • js/regress/script-tests/simple-regexp-test-folding.js: Added.
  • js/regress/simple-regexp-exec-folding-expected.txt: Added.
  • js/regress/simple-regexp-exec-folding-fail-expected.txt: Added.
  • js/regress/simple-regexp-exec-folding-fail.html: Added.
  • js/regress/simple-regexp-exec-folding.html: Added.
  • js/regress/simple-regexp-test-folding-expected.txt: Added.
  • js/regress/simple-regexp-test-folding-fail-expected.txt: Added.
  • js/regress/simple-regexp-test-folding-fail.html: Added.
  • js/regress/simple-regexp-test-folding.html: Added.
3:12 PM Changeset in webkit [199074] by Jon Davis
  • 2 edits in trunk/Websites/webkit.org

Make the @webkit link on the front page link to the feed
https://bugs.webkit.org/show_bug.cgi?id=156244

Reviewed by Timothy Hatcher.

  • wp-content/themes/webkit/widgets/twitter.php:
2:36 PM Changeset in webkit [199073] by keith_miller@apple.com
  • 40 edits
    1 add in trunk/Source/JavaScriptCore

We should support the ability to do a non-effectful getById
https://bugs.webkit.org/show_bug.cgi?id=156116

Reviewed by Benjamin Poulain.

Currently, there is no way in JS to do a non-effectful getById. A non-effectful getById is
useful because it enables us to take different code paths based on values that we would
otherwise not be able to have knowledge of. This patch adds this new feature called
try_get_by_id that will attempt to do as much of a get_by_id as possible without performing
an effectful behavior. Thus, try_get_by_id will return the value if the slot is a value, the
GetterSetter object if the slot is a normal accessor (not a CustomGetterSetter) and
undefined if the slot is unset. If the slot is proxied or any other cases then the result
is null. In theory, if we ever wanted to check for null we could add a sentinal object to
the global object that indicates we could not get the result.

In order to implement this feature we add a new enum GetByIdKind that indicates what to do
for accessor properties in PolymorphicAccess. If the GetByIdKind is pure then we treat the
get_by_id the same way we would for load and return the value at the appropriate offset.
Additionally, in order to make sure the we can properly compare the GetterSetter object
with === GetterSetters are now JSObjects. This comes at the cost of eight extra bytes on the
GetterSetter object but it vastly simplifies the patch. Additionally, the extra bytes are
likely to have little to no impact on memory usage as normal accessors are generally rare.

  • JavaScriptCore.xcodeproj/project.pbxproj:
  • builtins/BuiltinExecutables.cpp:

(JSC::BuiltinExecutables::createDefaultConstructor):
(JSC::BuiltinExecutables::createBuiltinExecutable):
(JSC::createBuiltinExecutable):
(JSC::BuiltinExecutables::createExecutable):
(JSC::createExecutableInternal): Deleted.

  • builtins/BuiltinExecutables.h:
  • bytecode/BytecodeIntrinsicRegistry.h:
  • bytecode/BytecodeList.json:
  • bytecode/BytecodeUseDef.h:

(JSC::computeUsesForBytecodeOffset):
(JSC::computeDefsForBytecodeOffset):

  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::dumpBytecode):

  • bytecode/PolymorphicAccess.cpp:

(JSC::AccessCase::tryGet):
(JSC::AccessCase::generate):
(WTF::printInternal):

  • bytecode/PolymorphicAccess.h:

(JSC::AccessCase::isGet): Deleted.
(JSC::AccessCase::isPut): Deleted.
(JSC::AccessCase::isIn): Deleted.

  • bytecode/StructureStubInfo.cpp:

(JSC::StructureStubInfo::reset):

  • bytecode/StructureStubInfo.h:
  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::emitTryGetById):

  • bytecompiler/BytecodeGenerator.h:
  • bytecompiler/NodesCodegen.cpp:

(JSC::BytecodeIntrinsicNode::emit_intrinsic_tryGetById):

  • dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::cachedGetById):

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::cachedGetById):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::getById):

  • jit/JIT.cpp:

(JSC::JIT::privateCompileMainPass):
(JSC::JIT::privateCompileSlowCases):

  • jit/JIT.h:
  • jit/JITInlineCacheGenerator.cpp:

(JSC::JITGetByIdGenerator::JITGetByIdGenerator):

  • jit/JITInlineCacheGenerator.h:
  • jit/JITInlines.h:

(JSC::JIT::callOperation):

  • jit/JITOperations.cpp:
  • jit/JITOperations.h:
  • jit/JITPropertyAccess.cpp:

(JSC::JIT::emitGetByValWithCachedId):
(JSC::JIT::emit_op_try_get_by_id):
(JSC::JIT::emitSlow_op_try_get_by_id):
(JSC::JIT::emit_op_get_by_id):

  • jit/JITPropertyAccess32_64.cpp:

(JSC::JIT::emitGetByValWithCachedId):
(JSC::JIT::emit_op_try_get_by_id):
(JSC::JIT::emitSlow_op_try_get_by_id):
(JSC::JIT::emit_op_get_by_id):

  • jit/Repatch.cpp:

(JSC::repatchByIdSelfAccess):
(JSC::appropriateOptimizingGetByIdFunction):
(JSC::appropriateGenericGetByIdFunction):
(JSC::tryCacheGetByID):
(JSC::repatchGetByID):
(JSC::resetGetByID):

  • jit/Repatch.h:
  • jsc.cpp:

(GlobalObject::finishCreation):
(functionGetGetterSetter):
(functionCreateBuiltin):

  • llint/LLIntData.cpp:

(JSC::LLInt::Data::performAssertions):

  • llint/LLIntSlowPaths.cpp:

(JSC::LLInt::LLINT_SLOW_PATH_DECL):

  • llint/LLIntSlowPaths.h:
  • llint/LowLevelInterpreter.asm:
  • runtime/GetterSetter.cpp:
  • runtime/GetterSetter.h:
  • runtime/JSType.h:
  • runtime/PropertySlot.cpp:

(JSC::PropertySlot::getPureResult):

  • runtime/PropertySlot.h:
  • runtime/ProxyObject.cpp:

(JSC::ProxyObject::getOwnPropertySlotCommon):

  • tests/stress/try-get-by-id.js: Added.

(tryGetByIdText):
(getCaller.obj.1.throw.new.Error.let.func):
(getCaller.obj.1.throw.new.Error):
(throw.new.Error.get let):
(throw.new.Error.):
(throw.new.Error.let.get createBuiltin):
(get let):
(let.get createBuiltin):
(let.func):
(get let.func):
(get throw):

2:27 PM Changeset in webkit [199072] by beidson@apple.com
  • 25 edits in trunk/Source

Modern IDB: Replace use of SerializedScriptValue with IDBValue.
https://bugs.webkit.org/show_bug.cgi?id=156242

Reviewed by Alex Christensen.

Source/WebCore:

No new tests (No change in behavior).

  • Modules/indexeddb/IDBTransaction.cpp:

(WebCore::IDBTransaction::putOrAddOnServer):

  • Modules/indexeddb/IDBValue.cpp:

(WebCore::IDBValue::IDBValue):
(WebCore::IDBValue::isolatedCopy):

  • Modules/indexeddb/IDBValue.h:

(WebCore::IDBValue::data):
(WebCore::IDBValue::encode):
(WebCore::IDBValue::decode):

  • Modules/indexeddb/client/IDBConnectionToServer.cpp:

(WebCore::IDBClient::IDBConnectionToServer::putOrAdd):

  • Modules/indexeddb/client/IDBConnectionToServer.h:
  • Modules/indexeddb/client/IDBConnectionToServerDelegate.h:
  • Modules/indexeddb/server/IDBServer.cpp:

(WebCore::IDBServer::IDBServer::putOrAdd):

  • Modules/indexeddb/server/IDBServer.h:
  • Modules/indexeddb/server/UniqueIDBDatabase.cpp:

(WebCore::IDBServer::UniqueIDBDatabase::putOrAdd):
(WebCore::IDBServer::UniqueIDBDatabase::performPutOrAdd):

  • Modules/indexeddb/server/UniqueIDBDatabase.h:
  • Modules/indexeddb/server/UniqueIDBDatabaseTransaction.cpp:

(WebCore::IDBServer::UniqueIDBDatabaseTransaction::putOrAdd):

  • Modules/indexeddb/server/UniqueIDBDatabaseTransaction.h:
  • Modules/indexeddb/shared/InProcessIDBServer.cpp:

(WebCore::InProcessIDBServer::putOrAdd):

  • Modules/indexeddb/shared/InProcessIDBServer.h:
  • WebCore.xcodeproj/project.pbxproj:
  • platform/CrossThreadCopier.cpp:

(WebCore::IDBValue>::copy):

  • platform/CrossThreadCopier.h:
  • platform/ThreadSafeDataBuffer.h:

(WebCore::ThreadSafeDataBuffer::encode):
(WebCore::ThreadSafeDataBuffer::decode):

Source/WebKit2:

  • DatabaseProcess/IndexedDB/WebIDBConnectionToClient.cpp:

(WebKit::WebIDBConnectionToClient::putOrAdd):

  • DatabaseProcess/IndexedDB/WebIDBConnectionToClient.h:
  • DatabaseProcess/IndexedDB/WebIDBConnectionToClient.messages.in:
  • WebProcess/Databases/IndexedDB/WebIDBConnectionToServer.cpp:

(WebKit::WebIDBConnectionToServer::putOrAdd):

  • WebProcess/Databases/IndexedDB/WebIDBConnectionToServer.h:
1:24 PM Changeset in webkit [199071] by commit-queue@webkit.org
  • 4 edits in trunk/Source/WebCore

Avoid context save/restore in GraphicsContext::drawNativeImage
https://bugs.webkit.org/show_bug.cgi?id=156173

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2016-04-05
Reviewed by Simon Fraser.

CG save/restore is a costly operation. Try to avoid it, if possible, in
GraphicsContext::drawNativeImage. If no clipping is involved, don't save/
save/restore the GraphicsContext.

  • platform/graphics/cg/GraphicsContextCG.cpp:

(WebCore::GraphicsContext::drawNativeImage):

  • platform/graphics/cg/GraphicsContextCG.h:

(WebCore::CGContextStateSaver::didSave):

  • platform/spi/cg/CoreGraphicsSPI.h:
1:05 PM Changeset in webkit [199070] by sbarati@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

jsc-layout-tests.yaml/js/script-tests/regress-141098.js failing on Yosemite Debug after r198989
https://bugs.webkit.org/show_bug.cgi?id=156187

Reviewed by Filip Pizlo.

This is a speculative fix. Lets see if the prevents the timeout.

  • parser/Parser.cpp:

(JSC::Parser<LexerType>::parseStatementListItem):

12:58 PM Changeset in webkit [199069] by fpizlo@apple.com
  • 15 edits
    5 adds in trunk

PolymorphicAccess should have a MegamorphicLoad case
https://bugs.webkit.org/show_bug.cgi?id=156182

Reviewed by Geoffrey Garen and Keith Miller.

Source/JavaScriptCore:

This introduces a new case to PolymorphicAccess called MegamorphicLoad. This inlines the lookup in
the PropertyTable. It's cheaper than switching on a huge number of cases and it's cheaper than
calling into C++ to do the same job - particularly since inlining the lookup into an access means
that we can precompute the hash code.

When writing the inline code for the hashtable lookup, I found that our hashing algorithm was not
optimal. It used a double-hashing method for reducing collision pathologies. This is great for
improving the performance of some worst-case scenarios. But this misses the point of a hashtable: we
want to optimize the average-case performance. When optimizing for average-case, we can choose to
either focus on maximizing the likelihood of the fast case happening, or to minimize the cost of the
worst-case, or to minimize the cost of the fast case. Even a very basic hashtable will achieve a high
probability of hitting the fast case. So, doing work to reduce the likelihood of a worst-case
pathology only makes sense if it also preserves the good performance of the fast case, or reduces the
likelihood of the worst-case by so much that it's a win for the average case even with a slow-down in
the fast case.

I don't believe, based on looking at how the double-hashing is implemented, that it's possible that
this preserves the good performance of the fast case. It requires at least one more value to be live
around the loop, and dramatically increases the register pressure at key points inside the loop. The
biggest offender is the doubleHash() method itself. There is no getting around how bad this is: if
the compiler live-range-splits that method to death to avoid degrading register pressure elsewhere
then we will pay a steep price anytime we take the second iteration around the loop; but if the
compiler doesn't split around the call then the hashtable lookup fast path will be full of spills on
some architectures (I performed biological register allocation and found that I needed 9 registers
for complete lookup, while x86-64 has only 6 callee-saves; OTOH ARM64 has 10 callee-saves so it might
be better off).

Hence, this patch changes the hashtable lookup to use simple linear probing. This was not a slow-down
on anything, and it made MegamorphicLoad much more sensible since it is less likely to have to spill.

There are some other small changes in this patch, like rationalizing the IC's choice between giving
up after a repatch (i.e. never trying again) and just pretending that nothing happened (so we can
try to repatch again in the future). It looked like the code in Repatch.cpp was set up to be able to
choose between those options, but we weren't fully taking advantage of it because the
regenerateWithCase() method just returned null for any failure, and didn't say whether it was the
sort of failure that renders the inline cache unrepatchable (like memory allocation failure). Now
this is all made explicit. I wanted to make sure this change happened in this patch since the
MegamorphicLoad code automagically generates a MegamorphicLoad case by coalescing other cases. Since
this is intended to avoid blowing out the cache and making it unrepatchable, I wanted to make sure
that the rules for giving up were something that made sense to me.

This is a big win on microbenchmarks. It's neutral on traditional JS benchmarks. It's a slight
speed-up for page loading, because many real websites like to have megamorphic property accesses.

  • bytecode/PolymorphicAccess.cpp:

(JSC::AccessGenerationResult::dump):
(JSC::AccessGenerationState::addWatchpoint):
(JSC::AccessCase::get):
(JSC::AccessCase::megamorphicLoad):
(JSC::AccessCase::replace):
(JSC::AccessCase::guardedByStructureCheck):
(JSC::AccessCase::couldStillSucceed):
(JSC::AccessCase::canBeReplacedByMegamorphicLoad):
(JSC::AccessCase::canReplace):
(JSC::AccessCase::generateWithGuard):
(JSC::AccessCase::generate):
(JSC::PolymorphicAccess::PolymorphicAccess):
(JSC::PolymorphicAccess::~PolymorphicAccess):
(JSC::PolymorphicAccess::regenerateWithCases):
(JSC::PolymorphicAccess::regenerateWithCase):
(WTF::printInternal):

  • bytecode/PolymorphicAccess.h:

(JSC::AccessCase::isGet):
(JSC::AccessCase::isPut):
(JSC::AccessCase::isIn):
(JSC::AccessGenerationResult::AccessGenerationResult):
(JSC::AccessGenerationResult::operator==):
(JSC::AccessGenerationResult::operator!=):
(JSC::AccessGenerationResult::operator bool):
(JSC::AccessGenerationResult::kind):
(JSC::AccessGenerationResult::code):
(JSC::AccessGenerationResult::madeNoChanges):
(JSC::AccessGenerationResult::gaveUp):
(JSC::AccessGenerationResult::generatedNewCode):
(JSC::PolymorphicAccess::isEmpty):
(JSC::AccessGenerationState::AccessGenerationState):

  • bytecode/StructureStubInfo.cpp:

(JSC::StructureStubInfo::aboutToDie):
(JSC::StructureStubInfo::addAccessCase):

  • bytecode/StructureStubInfo.h:
  • jit/AssemblyHelpers.cpp:

(JSC::AssemblyHelpers::emitStoreStructureWithTypeInfo):
(JSC::AssemblyHelpers::loadProperty):
(JSC::emitRandomThunkImpl):
(JSC::AssemblyHelpers::emitRandomThunk):
(JSC::AssemblyHelpers::emitLoadStructure):

  • jit/AssemblyHelpers.h:

(JSC::AssemblyHelpers::loadValue):
(JSC::AssemblyHelpers::moveValueRegs):
(JSC::AssemblyHelpers::argumentsStart):
(JSC::AssemblyHelpers::emitStoreStructureWithTypeInfo):
(JSC::AssemblyHelpers::emitLoadStructure): Deleted.

  • jit/GPRInfo.cpp:

(JSC::JSValueRegs::dump):

  • jit/GPRInfo.h:

(JSC::JSValueRegs::uses):

  • jit/Repatch.cpp:

(JSC::replaceWithJump):
(JSC::tryCacheGetByID):
(JSC::tryCachePutByID):
(JSC::tryRepatchIn):

  • jit/ThunkGenerators.cpp:

(JSC::virtualThunkFor):

  • runtime/Options.h:
  • runtime/PropertyMapHashTable.h:

(JSC::PropertyTable::begin):
(JSC::PropertyTable::find):
(JSC::PropertyTable::get):

  • runtime/Structure.h:

LayoutTests:

  • js/regress/megamorphic-load-expected.txt: Added.
  • js/regress/megamorphic-load.html: Added.
  • js/regress/script-tests/megamorphic-load.js: Added.
  • js/regress/string-repeat-not-resolving-no-inline-expected.txt: Added.
  • js/regress/string-repeat-not-resolving-no-inline.html: Added.
12:40 PM Changeset in webkit [199068] by Simon Fraser
  • 4 edits in trunk/Source/WebCore

Add a "notifyutil" callback for dumping the RenderLayer tree, and move the registration to Page code
https://bugs.webkit.org/show_bug.cgi?id=156224

Reviewed by Zalan Bujtas.

Make it possible to run:

notifyutil -p com.apple.WebKit.showLayerTree

on the command line and have it dump out layer trees for all live documents, in
debug builds.

Move callback registration from RenderObject's constructor to Page.

  • page/mac/PageMac.mm:

(WebCore::Page::platformInitialize):

  • rendering/RenderObject.cpp:

(WebCore::printLayerTreeForLiveDocuments):
(WebCore::RenderObject::RenderObject): Deleted.

  • rendering/RenderObject.h:
12:38 PM Changeset in webkit [199067] by matthew_hanson@apple.com
  • 3 edits in branches/safari-601.1.46-branch/Source/WebCore

Merge r199042. rdar://problem/25533763

12:38 PM Changeset in webkit [199066] by matthew_hanson@apple.com
  • 5 edits in branches/safari-601.1.46-branch/Source/WebCore

Merge r198035. rdar://problem/25467558

12:29 PM Changeset in webkit [199065] by keith_miller@apple.com
  • 2 edits in trunk/Tools

Make Keith a reviewer!
https://bugs.webkit.org/show_bug.cgi?id=156246

Reviewed by Mark Lam.

  • Scripts/webkitpy/common/config/contributors.json:
10:53 AM Changeset in webkit [199064] by Antti Koivisto
  • 2 edits in trunk/LayoutTests

Un-marking plugins/focus.html as flaky on mac

It hasn't flaked after https://trac.webkit.org/r199054

  • platform/mac/TestExpectations:
10:51 AM Changeset in webkit [199063] by Michael Catanzaro
  • 2 edits in trunk/Source/WebCore/platform/gtk/po

Updated Brazilian Portuguese translation
https://bugs.webkit.org/show_bug.cgi?id=156236

Patch by Rafael Fontenelle <rafaelff@gnome.org> on 2016-04-05
Rubber-stamped by Michael Catanzaro.

  • pt_BR.po:
9:54 AM Changeset in webkit [199062] by commit-queue@webkit.org
  • 18 edits
    6 adds in trunk

[WebGL2] Turn the ENABLE_WEBGL2 flag on
https://bugs.webkit.org/show_bug.cgi?id=156061
<rdar://problem/25463193>

Patch by Antoine Quint <Antoine Quint> on 2016-04-05
Reviewed by Alex Christensen.

Source/JavaScriptCore:

  • Configurations/FeatureDefines.xcconfig:
  • runtime/CommonIdentifiers.h:

Define the conditionalized classes WebGL2RenderingContext and WebGLVertexArrayObject.

Source/WebCore:

Conditionalize the definition of the WebGL2RenderingContext and WebGLVertexArrayObject globals
based on the new WebGL2 runtime flag we introduced in https://webkit.org/b/156166.

Turning the ENABLE_WEBGL2 flag on caused a host of build errors which we fix here. A non-obvious
error was in code generated from the html/canvas/WebGL2RenderingContext.idl file which was solved
by updating the getBufferSubData() method to the current signature as of the March 29 Editor's
Draft of the WebGL 2 Specification (https://www.khronos.org/registry/webgl/specs/latest/2.0/).
Missing JSC headers in WebGL2RenderingContext.cpp also caused some linking errors in Release builds.

Tests: webgl/webgl-vertex-array-object-defined.html

webgl/webgl2-rendering-context-defined.html
webgl/webgl2-rendering-context-obtain.html

  • Configurations/FeatureDefines.xcconfig:
  • bindings/js/JSWebGL2RenderingContextCustom.cpp:

(WebCore::JSWebGL2RenderingContext::getInternalformatParameter):
(WebCore::JSWebGL2RenderingContext::getQueryParameter):
(WebCore::JSWebGL2RenderingContext::getSamplerParameter):
(WebCore::JSWebGL2RenderingContext::getSyncParameter):
(WebCore::JSWebGL2RenderingContext::getIndexedParameter):
(WebCore::JSWebGL2RenderingContext::getActiveUniformBlockParameter):
(WebCore::JSWebGL2RenderingContext::getActiveUniformBlockName):

  • html/HTMLCanvasElement.cpp:

(WebCore::HTMLCanvasElement::is3dType):

  • html/canvas/WebGL2RenderingContext.cpp:

(WebCore::WebGL2RenderingContext::getBufferSubData): Deleted.

  • html/canvas/WebGL2RenderingContext.idl:
  • html/canvas/WebGLRenderingContextBase.cpp:

(WebCore::WebGLRenderingContextBase::create):

  • html/canvas/WebGLVertexArrayObject.idl:

Source/WebKit/mac:

  • Configurations/FeatureDefines.xcconfig:

Source/WebKit2:

  • Configurations/FeatureDefines.xcconfig:

LayoutTests:

  • platform/mac-yosemite/js/dom/global-constructors-attributes-expected.txt:
  • platform/mac/js/dom/global-constructors-attributes-expected.txt:

The WebGL2RenderingContext and WebGLVertexArrayObject classes are now defined
so expectations for this test which lists the configuration of global constructors
needed to be updated.

  • webgl/webgl-vertex-array-object-defined-expected.txt: Added.
  • webgl/webgl-vertex-array-object-defined.html: Added.

Test checking that WebGLVertexArrayObject is defined.

  • webgl/webgl2-rendering-context-defined-expected.txt: Added.
  • webgl/webgl2-rendering-context-defined.html: Added.

Test checking that WebGL2RenderingContext is defined.

  • webgl/webgl2-rendering-context-obtain-expected.txt: Added.
  • webgl/webgl2-rendering-context-obtain.html: Added.

Test checking that asking for a "webgl2" context returns a WebGL2RenderingContext.

9:50 AM Changeset in webkit [199061] by Chris Dumez
  • 4 edits
    3 adds in trunk

We sometimes fail to remove outdated entry from the disk cache after revalidation and when the resource is no longer cacheable
https://bugs.webkit.org/show_bug.cgi?id=156048
<rdar://problem/25514480>

Reviewed by Antti Koivisto.

Source/WebKit2:

We would sometimes fail to remove outdated entry from the disk cache
after revalidation and when the resource is no longer cacheable. This
was due to Storage::removeFromPendingWriteOperations() only removing
the first pending write operation with a given key instead of actually
removing all of the operations with this key.

  • NetworkProcess/cache/NetworkCacheStorage.cpp:

(WebKit::NetworkCache::Storage::removeFromPendingWriteOperations):

  • NetworkProcess/cache/NetworkCacheStorage.h:

LayoutTests:

Add test coverage for the bug.

  • http/tests/cache/disk-cache/disk-cache-remove-several-pending-writes-expected.txt: Added.
  • http/tests/cache/disk-cache/disk-cache-remove-several-pending-writes.html: Added.
  • http/tests/cache/disk-cache/resources/json.php: Added.
9:45 AM Changeset in webkit [199060] by Antti Koivisto
  • 3 edits
    2 adds in trunk

Shadow DOM: :host() From The First Shadow Context Should Not Style All Shadow Context
https://bugs.webkit.org/show_bug.cgi?id=156235
<rdar://problem/24668206>

Reviewed by Andreas Kling.

Source/WebCore:

Test: fast/shadow-dom/host-style-sharing.html

  • style/StyleSharingResolver.cpp:

(WebCore::Style::SharingResolver::resolve):
(WebCore::Style::SharingResolver::canShareStyleWithElement):

Disallow style sharing for shadow hosts affected by :host pseudo class rules.

LayoutTests:

  • fast/shadow-dom/host-style-sharing-expected.html: Added.
  • fast/shadow-dom/host-style-sharing.html: Added.
9:22 AM Changeset in webkit [199059] by achristensen@apple.com
  • 3 edits in trunk/Source/WebCore

Speculative build fix after r199043

  • bindings/js/SerializedScriptValue.cpp:

(WebCore::SerializedScriptValue::wireFormatVersion):
(WebCore::SerializedScriptValue::writeBlobsToDiskForIndexedDB):

  • bindings/js/SerializedScriptValue.h:

(WebCore::SerializedScriptValue::data):
(WebCore::SerializedScriptValue::hasBlobURLs):
(WebCore::SerializedScriptValue::createFromWireBytes):
Initializer lists weren't the problem. Missing precompiler macros was.

9:15 AM Changeset in webkit [199058] by achristensen@apple.com
  • 2 edits in trunk/Source/WebCore

Speculative build fix after r199043

  • bindings/js/SerializedScriptValue.cpp:

(WebCore::SerializedScriptValue::writeBlobsToDiskForIndexedDB):
Explicitly call constructor instead of using an initializer list.

8:48 AM Changeset in webkit [199057] by calvaris@igalia.com
  • 3 edits in trunk/Source/WebCore

Unreviewed build fix with GSTREAMER_GL active.

Caused by r198655.

(WebCore::MediaPlayerPrivateGStreamerBase::nativeImageForCurrentTime):

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp: Changed return type.
8:04 AM Changeset in webkit [199056] by Antti Koivisto
  • 10 edits in trunk/Source/WebCore

Render tree teardown should be iterative
https://bugs.webkit.org/show_bug.cgi?id=156233

Reviewed by Andreas Kling.

  • dom/ContainerNode.cpp:

(WebCore::destroyRenderTreeIfNeeded):
(WebCore::ContainerNode::takeAllChildrenFrom):

  • dom/Document.cpp:

(WebCore::Document::destroyRenderTree):

  • dom/Element.cpp:

(WebCore::disconnectPseudoElement):

  • html/HTMLPlugInImageElement.cpp:

(WebCore::HTMLPlugInImageElement::prepareForDocumentSuspension):

  • mathml/MathMLSelectElement.cpp:

(WebCore::MathMLSelectElement::updateSelectedChild):

  • style/RenderTreeUpdater.cpp:

(WebCore::RenderTreeUpdater::updateElementRenderer):
(WebCore::RenderTreeUpdater::updateTextRenderer):
(WebCore::RenderTreeUpdater::updateBeforeOrAfterPseudoElement):
(WebCore::RenderTreeUpdater::tearDownRenderers):

Tear down render tree using ComposedTreeIterator for traversal.

(WebCore::RenderTreeUpdater::tearDownRenderer):

  • style/RenderTreeUpdater.h:
  • style/StyleTreeResolver.cpp:

(WebCore::Style::ensurePlaceholderStyle):
(WebCore::Style::TreeResolver::styleForElement):
(WebCore::Style::resetStyleForNonRenderedDescendants):
(WebCore::Style::affectsRenderedSubtree):
(WebCore::Style::SelectorFilterPusher::SelectorFilterPusher): Deleted.
(WebCore::Style::SelectorFilterPusher::push): Deleted.
(WebCore::Style::SelectorFilterPusher::~SelectorFilterPusher): Deleted.

Unused class.

(WebCore::Style::detachTextRenderer): Deleted.
(WebCore::Style::detachChildren): Deleted.
(WebCore::Style::detachShadowRoot): Deleted.
(WebCore::Style::detachSlotAssignees): Deleted.
(WebCore::Style::detachRenderTree): Deleted.

Remove the old recursive code.

  • style/StyleTreeResolver.h:
5:54 AM WebKitGTK/2.4.x edited by tpopela@redhat.com
(diff)
4:36 AM WebKitGTK/2.4.x edited by tpopela@redhat.com
(diff)
4:22 AM Changeset in webkit [199055] by commit-queue@webkit.org
  • 20 edits in trunk

[WebGL2] Allow enabling WebGL2 with a runtime flag
https://bugs.webkit.org/show_bug.cgi?id=156166
<rdar://problem/25526929>

Source/WebCore:

Added new runtime flags for WebGL2.

Patch by Antoine Quint <Antoine Quint> on 2016-04-05
Reviewed by Dean Jackson.

  • bindings/generic/RuntimeEnabledFeatures.h:

(WebCore::RuntimeEnabledFeatures::setWebGL2Enabled):
(WebCore::RuntimeEnabledFeatures::webGL2Enabled):

Source/WebKit/mac:

Set the WebGL2 runtime flag based on preferences, disabled by default.

Patch by Antoine Quint <Antoine Quint> on 2016-04-05
Reviewed by Dean Jackson.

  • WebView/WebPreferenceKeysPrivate.h:
  • WebView/WebPreferences.mm:

(+[WebPreferences initialize]):
(-[WebPreferences webGL2Enabled]):
(-[WebPreferences setWebGL2Enabled:]):

  • WebView/WebPreferencesPrivate.h:
  • WebView/WebView.mm:

(-[WebView _preferencesChanged:]):

Source/WebKit2:

Set the WebGL2 runtime flag based on preferences, disabled by default.

Patch by Antoine Quint <Antoine Quint> on 2016-04-05
Reviewed by Dean Jackson.

  • Shared/WebPreferencesDefinitions.h:
  • UIProcess/API/C/WKPreferences.cpp:

(WKPreferencesSetWebGL2Enabled):
(WKPreferencesGetWebGL2Enabled):

  • UIProcess/API/C/WKPreferencesRefPrivate.h:
  • WebProcess/InjectedBundle/InjectedBundle.cpp:

(WebKit::InjectedBundle::overrideBoolPreferenceForTestRunner):

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::updatePreferences):

Source/WTF:

Removed the manual overrides of ENABLE_WEBGL2.

Patch by Antoine Quint <Antoine Quint> on 2016-04-05
Reviewed by Dean Jackson.

  • wtf/FeatureDefines.h:

Tools:

Always enable WebGL2 during testing.

Patch by Antoine Quint <Antoine Quint> on 2016-04-05
Reviewed by Dean Jackson.

  • DumpRenderTree/mac/DumpRenderTree.mm:

(resetWebPreferencesToConsistentValues):

  • WebKitTestRunner/InjectedBundle/InjectedBundle.cpp:

(WTR::InjectedBundle::beginTesting):

  • WebKitTestRunner/InjectedBundle/TestRunner.cpp:

(WTR::TestRunner::setWebGL2Enabled):

  • WebKitTestRunner/InjectedBundle/TestRunner.h:
3:29 AM Changeset in webkit [199054] by Antti Koivisto
  • 25 edits
    1 delete in trunk

Use RenderTreeUpdater for text node mutations
https://bugs.webkit.org/show_bug.cgi?id=156107

Reviewed by Andreas Kling.

Source/WebCore:

Use the new mechanism for updating render tree after text node content changes.

  • dom/CharacterData.cpp:

(WebCore::CharacterData::parserAppendData):
(WebCore::CharacterData::setDataAndUpdate):

  • dom/Text.cpp:

(WebCore::Text::createWithLengthLimit):
(WebCore::Text::updateRendererAfterContentChange):

Update using RenderTreeUpdater.

(WebCore::Text::formatForDebugger):

  • dom/Text.h:

(WebCore::Text::Text):

  • style/StyleTreeResolver.cpp:

(WebCore::Style::TreeResolver::styleForElement):
(WebCore::Style::resetStyleForNonRenderedDescendants):
(WebCore::Style::TreeResolver::resolveElement):
(WebCore::Style::elementImplicitVisibility):
(WebCore::Style::invalidateWhitespaceOnlyTextSiblingsAfterAttachIfNeeded): Deleted.
(WebCore::Style::textRendererIsNeeded): Deleted.
(WebCore::Style::createTextRendererIfNeeded): Deleted.
(WebCore::Style::attachTextRenderer): Deleted.
(WebCore::Style::detachTextRenderer): Deleted.
(WebCore::Style::updateTextRendererAfterContentChange): Deleted.
(WebCore::Style::resolveTextNode): Deleted.

Kill the old code paths.

  • style/StyleTreeResolver.h:

LayoutTests:

Mostly just revert non-rendered whitespace related changes from the earlier patches.

  • editing/style/remove-underline-from-stylesheet-expected.txt:
  • editing/style/typing-style-003-expected.txt:
  • platform/ios-simulator/editing/style/typing-style-003-expected.txt: Removed.
  • platform/mac-wk2/editing/mac/spelling/autocorrection-contraction-expected.txt:
  • platform/mac/editing/inserting/editable-html-element-expected.txt:
  • platform/mac/editing/inserting/editing-empty-divs-expected.txt:
  • platform/mac/editing/inserting/insert-at-end-02-expected.txt:
  • platform/mac/editing/pasteboard/4989774-expected.txt:
  • platform/mac/editing/selection/4983858-expected.txt:
12:04 AM Changeset in webkit [199053] by Hunseop Jeong
  • 3 edits in trunk/Source/WebCore

[Curl][Soup] Fix the build after r199039
https://bugs.webkit.org/show_bug.cgi?id=156229

Reviewed by Žan Doberšek.

  • platform/network/curl/SocketStreamHandle.h:

(WebCore::SocketStreamHandle::create):

  • platform/network/soup/SocketStreamHandle.h:

(WebCore::SocketStreamHandle::create):

Note: See TracTimeline for information about the timeline view.