Timeline



Jun 7, 2016:

11:54 PM Changeset in webkit [201797] by Carlos Garcia Campos
  • 2 edits in trunk

[GTK] Enable IndexedDB in workers
https://bugs.webkit.org/show_bug.cgi?id=158475

Reviewed by Antonio Gomes.

This is working now and many tests are failing only because we don't enable it.

  • Source/cmake/OptionsGTK.cmake:
11:51 PM Changeset in webkit [201796] by Carlos Garcia Campos
  • 2 edits in trunk/Source/WebCore

[GLIB] Implement hardLinkOrCopyFile() in FileSystemGlib
https://bugs.webkit.org/show_bug.cgi?id=158473

Reviewed by Michael Catanzaro.

It was added in r199230 to be used by IndexedDB blob support, but never implemented for GLib.

  • platform/glib/FileSystemGlib.cpp:

(WebCore::hardLinkOrCopyFile):

11:49 PM Changeset in webkit [201795] by Carlos Garcia Campos
  • 2 edits in trunk/Tools

[GTK] Use a longer timeout for glib unit tests
https://bugs.webkit.org/show_bug.cgi?id=158476

Reviewed by Darin Adler.

The timeout is supposed to be per test case, but in the case of GLib tests it affects all the tests cases of the
same test program. Some test programs like TestLoaderClient, that have a lot of test cases, often time out in
the bots because the timeout is not enough to run all the tests cases. So, we should use a longer timeout for
GLib tests.

  • Scripts/run-gtk-tests:

(TestRunner._run_test_glib):

11:30 PM Changeset in webkit [201794] by adam.bergkvist@ericsson.com
  • 2 edits in trunk/Source/WebCore

WebRTC: Refactor: Use captures with initializers in MediaEndpointPeerConnection::createOffer()
https://bugs.webkit.org/show_bug.cgi?id=158486

Reviewed by Eric Carlson.

Use initializers for the capture list when scheduling the "create offer task".

No change in behavior.

  • Modules/mediastream/MediaEndpointPeerConnection.cpp:

(WebCore::MediaEndpointPeerConnection::createOffer):
(WebCore::WrappedSessionDescriptionPromise::create): Deleted.
(WebCore::WrappedSessionDescriptionPromise::promise): Deleted.
(WebCore::WrappedSessionDescriptionPromise::WrappedSessionDescriptionPromise): Deleted.
Not needed anymore.

11:11 PM Changeset in webkit [201793] by nael.ouedraogo@crf.canon.fr
  • 4 edits in trunk/Source/WebCore

TouchList::append() should take a Ref instead of RefPtr
https://bugs.webkit.org/show_bug.cgi?id=158469

Reviewed by Chris Dumez.

RefPtr<Touch> items handled in TouchList cannot be null. Thus
RefPtr<Touch> is replaced by Ref<Touch> objects.

  • bindings/js/JSDocumentCustom.cpp:

(WebCore::JSDocument::createTouchList):

  • dom/TouchList.cpp:

(WebCore::TouchList::item):

  • dom/TouchList.h:

(WebCore::TouchList::append):

10:42 PM Changeset in webkit [201792] by Gyuyoung Kim
  • 2 edits in trunk/Source/WebCore

EFL build has been broken since r201761
https://bugs.webkit.org/show_bug.cgi?id=158512

Unreviewed build fix.

  • platform/posix/SharedBufferPOSIX.cpp:

(WebCore::SharedBuffer::createFromReadingFile):
Do not use ? operand in return line. Additionally return nullptr instead of 0.

10:28 PM Changeset in webkit [201791] by Chris Dumez
  • 5 edits in trunk

Expose Event / EventTarget properties on WorkerGlobalScope
https://bugs.webkit.org/show_bug.cgi?id=158511

Reviewed by Sam Weinig.

Source/WebCore:

Expose Event / EventTarget properties on WorkerGlobalScope, as per the
latest DOM specification:

No new tests, rebaselined existing test.

  • dom/Event.idl:
  • dom/EventTarget.idl:

LayoutTests:

Rebaseline existing test.

  • js/dom/global-constructors-attributes-dedicated-worker-expected.txt:
9:27 PM Changeset in webkit [201790] by jh718.park@samsung.com
  • 2 edits in trunk/Source/WebCore

[EFL] Build fix related with SharedBuffer::createFromReadingFile in SharedBufferPosix.cpp
https://bugs.webkit.org/show_bug.cgi?id=158515

  • platform/posix/SharedBufferPOSIX.cpp:

(WebCore::SharedBuffer::createFromReadingFile):

8:39 PM Changeset in webkit [201789] by bshafiei@apple.com
  • 2 edits in tags/Safari-602.1.35.0.1/Source/WebCore

Merged r201687. rdar://problem/26628125

8:38 PM Changeset in webkit [201788] by bshafiei@apple.com
  • 5 edits in tags/Safari-602.1.35.0.1/Source

Versioning.

7:53 PM Changeset in webkit [201787] by mark.lam@apple.com
  • 22 edits
    1 add in trunk/Source

Need an exception check after constructEmptyArray().
https://bugs.webkit.org/show_bug.cgi?id=158411

Reviewed by Saam Barati.

Source/JavaScriptCore:

Added an exception check after each call to constructEmptyArray().

  • inspector/JSInjectedScriptHost.cpp:

(Inspector::JSInjectedScriptHost::getInternalProperties):
(Inspector::JSInjectedScriptHost::weakMapEntries):
(Inspector::JSInjectedScriptHost::weakSetEntries):
(Inspector::JSInjectedScriptHost::iteratorEntries):

  • interpreter/ShadowChicken.cpp:

(JSC::ShadowChicken::functionsOnStack):

  • profiler/ProfilerBytecodeSequence.cpp:

(JSC::Profiler::BytecodeSequence::addSequenceProperties):

  • profiler/ProfilerCompilation.cpp:

(JSC::Profiler::Compilation::toJS):

  • profiler/ProfilerDatabase.cpp:

(JSC::Profiler::Database::toJS):

  • profiler/ProfilerOSRExitSite.cpp:

(JSC::Profiler::OSRExitSite::toJS):

  • profiler/ProfilerOriginStack.cpp:

(JSC::Profiler::OriginStack::toJS):

  • runtime/ArrayPrototype.cpp:

(JSC::arrayProtoFuncConcat):
(JSC::arrayProtoFuncSlice):
(JSC::arrayProtoFuncSplice):

  • runtime/LiteralParser.cpp:

(JSC::LiteralParser<CharType>::parse):

  • runtime/ModuleLoaderObject.cpp:

(JSC::moduleLoaderObjectRequestedModules):

  • runtime/ObjectConstructor.cpp:

(JSC::ownPropertyKeys):

  • runtime/RegExpObject.cpp:

(JSC::collectMatches):

  • runtime/RegExpPrototype.cpp:

(JSC::regExpProtoFuncSplitFast):

  • runtime/StringPrototype.cpp:

(JSC::stringProtoFuncSplitFast):

  • runtime/TemplateRegistry.cpp:

(JSC::TemplateRegistry::getTemplateObject):

  • tests/stress/regress-158411.js: Added.

Source/WebCore:

A stress test for this was added in JavaScriptCore.

  • bindings/js/IDBBindingUtilities.cpp:

(WebCore::toJS):

  • bindings/js/JSCommandLineAPIHostCustom.cpp:

(WebCore::getJSListenerFunctions):

  • bindings/js/JSCryptoKeySerializationJWK.cpp:

(WebCore::buildJSONForRSAComponents):
(WebCore::addBoolToJSON):
(WebCore::addUsagesToJSON):
(WebCore::JSCryptoKeySerializationJWK::serialize):

  • bindings/js/JSDOMBinding.h:

(WebCore::toJS):

  • bindings/js/SerializedScriptValue.cpp:

(WebCore::CloneDeserializer::deserialize):

7:47 PM Changeset in webkit [201786] by bshafiei@apple.com
  • 1 copy in tags/Safari-602.1.35.0.1

New tag.

7:07 PM Changeset in webkit [201785] by commit-queue@webkit.org
  • 6 edits
    12 adds in trunk

The backdrop-filter property does not respect border-radius
https://bugs.webkit.org/show_bug.cgi?id=158483
<rdar://problem/24210257>

Patch by Antoine Quint <Antoine Quint> on 2016-06-07
Reviewed by Simon Fraser.

Source/WebCore:

In order to correctly support border-radius and backdrop-filter together, we change
the value set as the m_backdropFiltersRect from a FloatRect to FloatRoundedRect so
that it accounts for values set by the border-radius property. Then we add a new
m_backdropClippingLayer PlatformCALayer member to clip the backdrop layer in the
event that the border-radius is non-zero in updateBackdropFiltersRect(). Finally,
we follow the same pattern used for other PlatformCALayers owned by a GraphicsLayerCA
to support cloning of the new m_backdropClippingLayer.

Tests: css3/filters/backdrop/backdrop-filter-with-border-radius-and-reflection-add.html

css3/filters/backdrop/backdrop-filter-with-border-radius-and-reflection-remove.html
css3/filters/backdrop/backdrop-filter-with-border-radius-and-reflection.html
css3/filters/backdrop/backdrop-filter-with-border-radius-value-change.html
css3/filters/backdrop/backdrop-filter-with-border-radius-value-remove.html
css3/filters/backdrop/backdrop-filter-with-border-radius.html

  • platform/graphics/GraphicsLayer.h:

(WebCore::GraphicsLayer::setBackdropFiltersRect):
(WebCore::GraphicsLayer::backdropFiltersRect):

  • platform/graphics/ca/GraphicsLayerCA.cpp:

(WebCore::GraphicsLayerCA::willBeDestroyed):
(WebCore::GraphicsLayerCA::setBackdropFiltersRect):
(WebCore::GraphicsLayerCA::updateBackdropFiltersRect):
(WebCore::GraphicsLayerCA::dumpAdditionalProperties):

  • platform/graphics/ca/GraphicsLayerCA.h:
  • rendering/RenderLayerBacking.cpp:

(WebCore::RenderLayerBacking::updateBackdropFiltersGeometry):
Use a rounded rect if there is no clip and we have non-zero border-radius set on the renderer.

LayoutTests:

Adding new tests checking that border-radius correctly affects clipping of the backdrop layer
in a basic scenario, when we change border-radius to a different value, when we set border-radius
back to 0 and when we add a reflection.

  • css3/filters/backdrop/backdrop-filter-with-border-radius-and-reflection-add-expected.html: Added.
  • css3/filters/backdrop/backdrop-filter-with-border-radius-and-reflection-add.html: Added.
  • css3/filters/backdrop/backdrop-filter-with-border-radius-and-reflection-expected.html: Added.
  • css3/filters/backdrop/backdrop-filter-with-border-radius-and-reflection-remove-expected.html: Added.
  • css3/filters/backdrop/backdrop-filter-with-border-radius-and-reflection-remove.html: Added.
  • css3/filters/backdrop/backdrop-filter-with-border-radius-and-reflection.html: Added.
  • css3/filters/backdrop/backdrop-filter-with-border-radius-expected.html: Added.
  • css3/filters/backdrop/backdrop-filter-with-border-radius-value-change-expected.html: Added.
  • css3/filters/backdrop/backdrop-filter-with-border-radius-value-change.html: Added.
  • css3/filters/backdrop/backdrop-filter-with-border-radius-value-remove-expected.html: Added.
  • css3/filters/backdrop/backdrop-filter-with-border-radius-value-remove.html: Added.
  • css3/filters/backdrop/backdrop-filter-with-border-radius.html: Added.
6:53 PM Changeset in webkit [201784] by akling@apple.com
  • 2 edits in trunk/Source/WebCore

CachedScript should avoid recomputing its hash multiple times.
<https://webkit.org/b/158506>

Reviewed by Saam Barati.

JSBench was hitting CachedScript::script() hard and spending lots of time hashing scripts.
Since we're already caching the hash in a member variable, don't bother rehashing if we've
already done it before.

This takes total time spent in StringImpl::hashSlowCase() from 1600ms to 77ms on my MBP.

  • loader/cache/CachedScript.cpp:

(WebCore::CachedScript::script):

6:43 PM Changeset in webkit [201783] by fpizlo@apple.com
  • 23 edits
    27 adds in trunk

Implement Air::allocateStack() in ES6 to see how much of a bad idea that is
https://bugs.webkit.org/show_bug.cgi?id=158318

Reviewed by Saam Barati.
PerformanceTests:


This adds a new benchmark for us to play with called JSAir. It's a complete ES6
implementation of Air's allocateStack() phase along with all of Air needed to run that
phase. This includes things like stack slots, registers, temporaries, basic blocks,
instructions, and all of the code for iterating over, inspecting, and modifying those
things.

To make this work, JSC can now dump Air just before allocateStack() in the form of JS code
that creates a Code object that matches exactly what C++ Air saw. This benchmark comprises
four Air IRs:

  • Octane/gbemu's largest function, executeIteration.
  • Kraken/imaging-gaussian-blur's largest function in OSR entry mode, gaussuanBlur.
  • Octane/typescript's largest function that is actually hot, scanIdentifier.
  • JSAir's largest hot function, which is anonymous, so we call it by its hash (ACLj8C).


This runs in about 2 seconds on my machine in JSC trunk. It includes both a commandline
harness and a web harness. JSAir is almost exactly 100x slower in ES6 in WebKit than the
C++ Air::allocateStack() phase on which it is based.

JSAir uses the following ES6 features:

  • Symbol.
  • for-of.
  • arrow functions.
  • Map/Set.
  • let/const.
  • classes.


All of these things are used in anger and should end up on the hot path. There is also code
that uses Proxies, but it ends up being dead.

We can improve this even more:
I still need to add result validation: https://bugs.webkit.org/show_bug.cgi?id=158493
I want to make it use more ES6 features: https://bugs.webkit.org/show_bug.cgi?id=158497

  • JSAir: Added.
  • JSAir/all.js: Added.
  • JSAir/allocate_stack.js: Added.

(allocateStack.attemptAssignment):
(allocateStack.assign):
(allocateStack.interfere):
(allocateStack.):
(allocateStack):

  • JSAir/arg.js: Added.

(Arg):
(Arg.isAnyUse):
(Arg.isColdUse):
(Arg.isWarmUse):
(Arg.cooled):
(Arg.isEarlyUse):
(Arg.isLateUse):
(Arg.isAnyDef):
(Arg.isEarlyDef):
(Arg.isLateDef):
(Arg.isZDef):
(Arg.typeForB3Type):
(Arg.widthForB3Type):
(Arg.conservativeWidth):
(Arg.minimumWidth):
(Arg.bytes):
(Arg.widthForBytes):
(Arg.createTmp):
(Arg.fromReg):
(Arg.createImm):
(Arg.createBigImm):
(Arg.createBitImm):
(Arg.createBitImm64):
(Arg.createAddr):
(Arg.createStack):
(Arg.createCallArg):
(Arg.createStackAddr):
(Arg.isValidScale):
(Arg.logScale):
(Arg.createIndex):
(Arg.createRelCond):
(Arg.createResCond):
(Arg.createDoubleCond):
(Arg.createWidth):
(Arg.prototype.get kind):
(Arg.prototype.get isTmp):
(Arg.prototype.get isImm):
(Arg.prototype.get isBigImm):
(Arg.prototype.get isBitImm):
(Arg.prototype.get isBitImm64):
(Arg.prototype.get isSomeImm):
(Arg.prototype.get isAddr):
(Arg.prototype.get isStack):
(Arg.prototype.get isCallArg):
(Arg.prototype.get isIndex):
(Arg.prototype.get isMemory):
(Arg.prototype.get isStackMemory):
(Arg.prototype.get isRelCond):
(Arg.prototype.get isResCond):
(Arg.prototype.get isDoubleCond):
(Arg.prototype.get isCondition):
(Arg.prototype.get isWidth):
(Arg.prototype.get isAlive):
(Arg.prototype.get tmp):
(Arg.prototype.get value):
(Arg.prototype.get base):
(Arg.prototype.get hasOffset):
(Arg.prototype.get offset):
(Arg.prototype.get stackSlot):
(Arg.prototype.get index):
(Arg.prototype.get scale):
(Arg.prototype.get logScale):
(Arg.prototype.get width):
(Arg.prototype.get isGPTmp):
(Arg.prototype.get isFPTmp):
(Arg.prototype.get isGP):
(Arg.prototype.get isFP):
(Arg.prototype.get hasType):
(Arg.prototype.get type):
(Arg.prototype.isType):
(Arg.prototype.isCompatibleType):
(Arg.prototype.get isGPR):
(Arg.prototype.get gpr):
(Arg.prototype.get isFPR):
(Arg.prototype.get fpr):
(Arg.prototype.get isReg):
(Arg.prototype.get reg):
(Arg.isValidImmForm):
(Arg.isValidBitImmForm):
(Arg.isValidBitImm64Form):
(Arg.isValidAddrForm):
(Arg.isValidIndexForm):
(Arg.prototype.isValidForm):
(Arg.prototype.forEachTmpFast):
(Arg.prototype.usesTmp):
(Arg.prototype.forEachTmp):
(Arg.prototype.is):
(Arg.prototype.as):
(Arg.prototype.forEachFast):
(Arg.prototype.forEach):
(Arg.extract):
(Arg.forEachFast):
(Arg.forEach):
(Arg.prototype.get condition):
(Arg.prototype.get isInvertible):
(Arg.prototype.toString):

  • JSAir/basic_block.js: Added.

(BasicBlock):
(BasicBlock.prototype.get index):
(BasicBlock.prototype.get size):
(BasicBlock.prototype.Symbol.iterator):
(BasicBlock.prototype.at):
(BasicBlock.get last):
(BasicBlock.get insts):
(BasicBlock.get numSuccessors):
(BasicBlock.get successors):
(BasicBlock.get successorBlocks.):
(BasicBlock.get successorBlocks):
(BasicBlock.set get numPredecessors):
(BasicBlock.get predecessors):
(BasicBlock.get frequency):
(BasicBlock.get headerString):
(BasicBlock.get footerString):

  • JSAir/benchmark.js: Added.

(benchmark):

  • JSAir/code.js: Added.

(Code):
(Code.prototype.addBlock):
(Code.prototype.addStackSlot):
(Code.prototype.newTmp):
(Code.prototype.get size):
(Code.prototype.at):
(Code.prototype.Symbol.iterator):
(Code.prototype.get blocks):
(Code.prototype.get stackSlots):
(Code.prototype.tmps):
(Code.prototype.get callArgAreaSize):
(Code.prototype.requestCallArgAreaSize):
(Code.prototype.get frameSize):
(Code.prototype.setFrameSize):
(Code.prototype.toString):

  • JSAir/custom.js: Added.

(const.ShuffleCustom.forEachArg):
(const.ShuffleCustom.hasNonArgNonControlEffects):
(const.PatchCustom.forEachArg):
(const.PatchCustom.hasNonArgNonControlEffects):
(const.CCallCustom.forEachArg):
(const.CCallCustom.hasNonArgNonControlEffects):
(const.ColdCCallCustom.forEachArg):
(const.ColdCCallCustom.hasNonArgNonControlEffects):

  • JSAir/frequented_block.js: Added.

(FrequentedBlock):
(FrequentedBlock.prototype.toString):

  • JSAir/insertion_set.js: Added.

(Insertion):
(Insertion.prototype.get index):
(Insertion.prototype.get element):
(Insertion.prototype.lessThan):
(InsertionSet):
(InsertionSet.prototype.appendInsertion):
(InsertionSet.prototype.append):
(InsertionSet.prototype.execute):

  • JSAir/inst.js: Added.

(Inst):
(Inst.prototype.append):
(Inst.prototype.clear):
(Inst.prototype.get opcode):
(Inst.prototype.get args):
(Inst.prototype.visitArg):
(Inst.prototype.forEachTmpFast):
(Inst.prototype.forEachArg):
(Inst.prototype.forEachTmp):
(Inst.prototype.forEach):
(Inst.forEachDef):
(Inst.forEachDefWithExtraClobberedRegs):
(Inst.prototype.get hasNonArgEffects):
(Inst.prototype.toString):

  • JSAir/liveness.js: Added.

(Liveness):
(Liveness.prototype.get thing):
(Liveness.prototype.get code):
(Liveness.prototype.get liveAtHead):
(Liveness.prototype.get liveAtTail):
(Liveness.prototype.localCalc.LocalCalc):
(Liveness.prototype.localCalc.LocalCalc.prototype.get liveSet):
(Liveness.prototype.localCalc.LocalCalc.prototype.execute):
(Liveness.prototype.localCalc):

  • JSAir/opcode.js: Added.

(Inst_forEachArg):
(Inst_hasNonArgEffects):

  • JSAir/payload-gbemu-executeIteration.js: Added.

(createPayloadGbemuExecuteIteration):

  • JSAir/payload-imaging-gaussian-blur-gaussianBlur.js: Added.

(createPayloadImagingGaussianBlurGaussianBlur):

  • JSAir/payload-jsair-ACLj8C.js: Added.

(createPayloadJSAirACLj8C):

  • JSAir/payload-typescript-scanIdentifier.js: Added.

(createPayloadTypescriptScanIdentifier):

  • JSAir/reg.js: Added.

(Reg):
(Reg.fromReg):
(Reg.prototype.get index):
(Reg.prototype.get type):
(Reg.prototype.get name):
(Reg.prototype.get isCalleeSave):
(Reg.prototype.get isReg):
(Reg.prototype.toString):
(Reg.extract):
(Reg.forEachFast):
(Reg.forEach):
(newGPR):
(Reg.gprs.Reg.fprs.Reg.calleeSaveGPRs.Reg.calleeSaveFPRs.Reg.calleeSaves):

  • JSAir/stack_slot.js: Added.

(StackSlot):
(StackSlot.prototype.get byteSize):
(StackSlot.prototype.get kind):
(StackSlot.prototype.get isLocked):
(StackSlot.prototype.get isSpill):
(StackSlot.prototype.get index):
(StackSlot.prototype.ensureSize):
(StackSlot.prototype.get alignment):
(StackSlot.prototype.get offsetFromFP):
(StackSlot.prototype.setOffsetFromFP):
(StackSlot.prototype.toString):
(StackSlot.extract):
(StackSlot.forEachFast):
(StackSlot.forEach):

  • JSAir/symbols.js: Added.
  • JSAir/test.html: Added.
  • JSAir/test.js: Added.
  • JSAir/tmp.js: Added.

(Tmp):
(Tmp.fromReg):
(Tmp.prototype.get index):
(Tmp.prototype.get type):
(Tmp.prototype.get isReg):
(Tmp.prototype.toString):
(Tmp.extract):
(Tmp.forEachFast):
(Tmp.forEach):

  • JSAir/tmp_base.js: Added.

(TmpBase.prototype.get isGP):
(TmpBase.prototype.get isFP):
(TmpBase.prototype.get isGPR):
(TmpBase.prototype.get isFPR):
(TmpBase.prototype.get reg):
(TmpBase.prototype.get gpr):
(TmpBase.prototype.get fpr):
(TmpBase):

  • JSAir/util.js: Added.

(isRepresentableAsInt32):
(addIndexed):
(roundUpToMultipleOf):
(symbolName):
(mergeIntoSet):
(nonEmptyRangesOverlap):
(rangesOverlap):
(removeAllMatching):
(swap):
(bubble):
(bubbleSort):
(currentTime):
(else.currentTime):

Source/JavaScriptCore:


Most of these changes are to support dumpAsJS(). But I also found some duplicate and dead
code while rewriting it to JS.

  • CMakeLists.txt:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • b3/air/AirAllocateStack.cpp:
  • b3/air/AirArg.h:

(JSC::B3::Air::Arg::isSomeImm):
(JSC::B3::Air::Arg::isAddr):
(JSC::B3::Air::Arg::tmpIndex):
(JSC::B3::Air::Arg::isValidImmForm):
(JSC::B3::Air::Arg::withOffset): Deleted. This was dead code.

  • b3/air/AirArgInlines.h: It turns out that Inst has a ForEach thing that duplicated some of the logic of ArgThingHelper, so I just made ArgThingHelper more powerful.

(JSC::B3::Air::ArgThingHelper<Arg>::forEach):
(JSC::B3::Air::ArgThingHelper<Reg>::is):
(JSC::B3::Air::ArgThingHelper<Reg>::as):
(JSC::B3::Air::ArgThingHelper<Reg>::forEachFast):
(JSC::B3::Air::ArgThingHelper<Reg>::forEach):
(JSC::B3::Air::Arg::is):

  • b3/air/AirDumpAsJS.cpp: Added.

(JSC::B3::Air::dumpAsJS):

  • b3/air/AirDumpAsJS.h: Added.
  • b3/air/AirFixObviousSpills.cpp:
  • b3/air/AirGenerate.cpp:

(JSC::B3::Air::prepareForGeneration):

  • b3/air/AirInstInlines.h:

(JSC::B3::Air::Inst::forEach):
(JSC::B3::Air::Inst::extraClobberedRegs):
(JSC::B3::Air::ForEach<Tmp>::forEach): Deleted. This was doing what ArgThingHelper would have done but not as well.
(JSC::B3::Air::ForEach<Arg>::forEach): Deleted.
(JSC::B3::Air::ForEach<Reg>::forEach): Deleted.

  • b3/air/AirLogRegisterPressure.cpp:
  • b3/air/AirReportUsedRegisters.cpp:
  • b3/air/AirSpillEverything.cpp:
  • b3/air/opcode_generator.rb: Make this dump opcode.js, which is like what it dumps for C++.
  • jit/Reg.cpp:

(JSC::Reg::debugName):
(JSC::Reg::dump):

  • jit/Reg.h:

(JSC::Reg::hash):

  • jsc.cpp: Fix jsc so that it reports the filename and line number of parser errors.

(dumpException):

  • parser/ParserError.h: Make it easier to debug this code.

(WTF::printInternal):

  • runtime/Options.h:

Source/WTF:

  • wtf/Insertion.h:

(WTF::executeInsertions): I found a bug while rewriting this code in JS.

  • wtf/PrintStream.h:

(WTF::PrintStream::print):
(WTF::PrintStream::println): This is useful to have.

6:31 PM Changeset in webkit [201782] by krollin@apple.com
  • 34 edits in trunk

Remove all uses of PassRefPtr in WTF
https://bugs.webkit.org/show_bug.cgi?id=157596
<rdar://problem/26234391>

Reviewed by Chris Dumez.

Source/JavaScriptCore:

Update calls to interfaces that no longer take or return PassRefPtrs.

  • runtime/JSString.cpp:

(JSC::JSRopeString::resolveRope):

  • runtime/JSString.h:

(JSC::JSString::JSString):
(JSC::jsSubstring):

  • runtime/PrivateName.h:

(JSC::PrivateName::PrivateName):

  • runtime/SmallStrings.cpp:

(JSC::SmallStringsStorage::SmallStringsStorage):

  • runtime/StringConstructor.cpp:

(JSC::stringFromCharCodeSlowCase):

  • runtime/StringPrototype.cpp:

(JSC::jsSpliceSubstrings):
(JSC::jsSpliceSubstringsWithSeparators):
(JSC::replaceUsingStringSearch):
(JSC::repeatCharacter):
(JSC::stringProtoFuncFontsize):
(JSC::stringProtoFuncLink):
(JSC::normalize):

Source/WebCore:

Update calls to interfaces that no longer take or return PassRefPtrs.

No new tests: no new functionality so changes are covered by existing
tests.

  • css/CSSPrimitiveValue.cpp:

(WebCore::CSSPrimitiveValue::formatNumberValue):

  • dom/Document.cpp:

(WebCore::Document::displayStringModifiedByEncoding):

  • xml/XPathGrammar.y:

Source/WTF:

Remove/update most interfaces that take or return PassRefPtrs.
Remaining references include those in non-Cocoa implementations and
those required for continued compatibility with modules that still use
PassRefPtrs (specifically: Forward.h, RefPtr interoperability,
SizeLimits.h, WorkQueue (Windows) DispatchQueueEfl,
DispatchWorkItemEfl, and PassRefPtr itself).

Update calls to interfaces that no longer take or return PassRefPtrs.

Update adoptRef(T*) to return a RefPtr instead of a PassRefPtr and
move it to RefPtr.h from PassRefPtr.h.

  • wtf/MetaAllocator.cpp:

(WTF::MetaAllocator::allocate):

  • wtf/MetaAllocator.h:
  • wtf/ParallelJobsGeneric.h:

(WTF::ParallelEnvironment::ThreadPrivate::create):

  • wtf/text/AtomicStringImpl.cpp:

(WTF::HashAndUTF8CharactersTranslator::translate):
(WTF::SubstringTranslator::translate):

  • wtf/text/CString.cpp:

(WTF::CStringBuffer::createUninitialized):

  • wtf/text/CString.h:
  • wtf/text/StringBuilder.cpp:

(WTF::StringBuilder::reifyString):
(WTF::StringBuilder::resize):
(WTF::StringBuilder::reallocateBuffer<LChar>):
(WTF::StringBuilder::reallocateBuffer<UChar>):

  • wtf/text/StringImpl.cpp:

(WTF::StringImpl::reallocateInternal):
(WTF::StringImpl::reallocate):
(WTF::StringImpl::create8BitIfPossible):
(WTF::StringImpl::createSymbol):
(WTF::StringImpl::createNullSymbol):
(WTF::StringImpl::convertToLowercaseWithoutLocale):
(WTF::StringImpl::convertToUppercaseWithoutLocale):
(WTF::StringImpl::convertToLowercaseWithLocale):
(WTF::StringImpl::convertToUppercaseWithLocale):
(WTF::StringImpl::convertASCIICase):

  • wtf/text/StringImpl.h:

(WTF::StringImpl::StringImpl):
(WTF::StringImpl::createSubstringSharingImpl):
(WTF::StringImpl::tryCreateUninitialized):
(WTF::StringImpl::extractFoldedStringInSymbol):

  • wtf/text/SymbolRegistry.cpp:

(WTF::SymbolRegistry::symbolForKey):

  • wtf/text/WTFString.cpp:

(WTF::String::substringSharingImpl):

  • wtf/text/WTFString.h:

(WTF::String::String): Deleted.

  • wtf/text/cf/StringImplCF.cpp:

Tools:

Update calls to interfaces that no longer take or return PassRefPtrs.

  • TestWebKitAPI/Tests/WTF/StringImpl.cpp:

(TestWebKitAPI::stringFromUTF8):
(TestWebKitAPI::TEST):

6:30 PM Changeset in webkit [201781] by weinig@apple.com
  • 4 edits in trunk/LayoutTests

Update tests to work around https://bugs.webkit.org/show_bug.cgi?id=158507.

Re-enable now passing test.

  • animations/script-tests/spring-computed-style.js:
  • animations/script-tests/spring-parsing.js:

Use a non-body element to do the testing.

5:44 PM Changeset in webkit [201780] by weinig@apple.com
  • 2 edits in trunk/LayoutTests

Mark animations/spring-computed-style.html as failing temporarily.

5:36 PM Changeset in webkit [201779] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Rebaseline fast/events/touch/document-create-touch-list-ios.html

Unreviewed test gardening.

  • fast/events/touch/document-create-touch-list-ios-expected.txt:
5:32 PM Changeset in webkit [201778] by Brian Burg
  • 4 edits in trunk/Source/WebInspectorUI

Web Inspector: reduce timer churn when processing many DOM.attributeModified messages
https://bugs.webkit.org/show_bug.cgi?id=158491
<rdar://problem/25561452>

Reviewed by Timothy Hatcher.

When the backend sends thousands of DOM.attributeModified events to the frontend, it
slows to a crawl. This is partly because redundant messages are being sent, and
because the frontend is taking too long to render attribute updates in the elements tab.

This patch is a first step to improve performance by reducing unnecessary work. It
coalesces all attribute state updates to only happen once per animation frame. This
reduces timer churn because we previously used a debouncing timer with interval of 0ms,
and that had to be cleared and restarted on every call. This change also eliminates
forced layouts when updating the selection highlights, since the DOM tree outline has
been reflowed by the time we start updating selections in a requestAnimationFrame callback.

There is still a lot of optimization to be done here, but this reduces the problem
considerably by keeping the event loop clear and making it obvious which selection
update operations are still too expensive.

  • UserInterface/Base/Utilities.js:

Add a 'onNextFrame' proxy to Object. It works like debounce, except it coalesces calls
up until the next animation frame rather than a fixed timeout. It also does not extend
the timeout interval for each call.

  • UserInterface/Views/DOMTreeUpdater.js:

(WebInspector.DOMTreeUpdater.prototype._attributesUpdated):
(WebInspector.DOMTreeUpdater.prototype._characterDataModified):
(WebInspector.DOMTreeUpdater.prototype._nodeInserted):
(WebInspector.DOMTreeUpdater.prototype._nodeRemoved):
(WebInspector.DOMTreeUpdater.prototype._updateModifiedNodes):
Update on the next frame rather than on a zero delay timeout.

  • UserInterface/Views/TreeOutline.js:

(WebInspector.TreeOutline.WebInspector.TreeElement.prototype.didChange):
(WebInspector.TreeOutline.WebInspector.TreeElement.prototype._fireDidChange):
Update on the next frame rather than on a zero delay timeout.

5:06 PM Changeset in webkit [201777] by mmaxfield@apple.com
  • 6 edits
    6 adds in trunk

Text-decoration-style: dashed / dotted rendered as solid
https://bugs.webkit.org/show_bug.cgi?id=134336

Reviewed by Dean Jackson.

Source/WebCore:

We already had most of the infrastructure for dotted / dashed underlines.
Previously, we were setting the stroke style for the underlines, but then
filling the underlines (which means the stroke styles is irrelevant).
Instead, we should just compute the individual dots / dashes to fill.

The implementation of this is done inside GraphicsContext because
GraphicsContext is already responsible for handling the single / double
underline distinction. Extending it to be responsible for dotted / dashed
is the natural thing to do.

Tests: fast/css3-text/css3-text-decoration/text-decoration-dashed.html

fast/css3-text/css3-text-decoration/text-decoration-dotted-dashed.html
fast/css3-text/css3-text-decoration/text-decoration-dotted.html

  • platform/graphics/GraphicsContext.h:
  • platform/graphics/cairo/GraphicsContextCairo.cpp:

(WebCore::GraphicsContext::drawLineForText):
(WebCore::GraphicsContext::drawLinesForText):

  • platform/graphics/cg/GraphicsContextCG.cpp:

(WebCore::GraphicsContext::drawLineForText):
(WebCore::GraphicsContext::drawLinesForText):

  • rendering/TextDecorationPainter.cpp:

(WebCore::drawSkipInkUnderline):
(WebCore::TextDecorationPainter::paintTextDecoration):

LayoutTests:

Make sure that the dotted / dashed / solid renderings are all distinct.

  • fast/css3-text/css3-text-decoration/text-decoration-dashed-expected-mismatch.html: Added.
  • fast/css3-text/css3-text-decoration/text-decoration-dashed.html: Added.
  • fast/css3-text/css3-text-decoration/text-decoration-dotted-dashed-expected-mismatch.html: Added.
  • fast/css3-text/css3-text-decoration/text-decoration-dotted-dashed.html: Added.
  • fast/css3-text/css3-text-decoration/text-decoration-dotted-expected-mismatch.html: Added.
  • fast/css3-text/css3-text-decoration/text-decoration-dotted.html: Added.
4:45 PM Changeset in webkit [201776] by sbarati@apple.com
  • 2 edits
    1 add in trunk/Source/JavaScriptCore

InvalidationPointInjectionPhase creates bogus InvalidationPoints that may even be inserted when it's not OK to exit
https://bugs.webkit.org/show_bug.cgi?id=158499
<rdar://problem/26647473>

Reviewed by Mark Lam and Benjamin Poulain.

InvalidationPointInjectionPhase forgot to clear m_originThatHadFire
before analyzing the current block it's analyzing. This meant that
the phase allowed a residual m_originThatHadFire that was set from the
previous block to effect a completely unrelated block. This is usually
harmless, but sometimes we would insert an InvalidationPoint at a point
in the graph when exiting is invalid. This would cause a crash.

  • dfg/DFGInvalidationPointInjectionPhase.cpp:

(JSC::DFG::InvalidationPointInjectionPhase::run):

  • tests/stress/dont-crash-on-bad-invalidation-point.js: Added.

(dontCrash):

4:40 PM Changeset in webkit [201775] by rniwa@webkit.org
  • 2 edits in trunk/Websites/perf.webkit.org

Build fix after r201739. attachShadow was throwing an exception on this component.

  • public/v3/pages/analysis-category-toolbar.js:

(AnalysisCategoryToolbar):

3:45 PM Changeset in webkit [201774] by cfleizach@apple.com
  • 2 edits in trunk/Source/WebCore

AX: iOS: Need to expose whether object is a dialog element
https://bugs.webkit.org/show_bug.cgi?id=158487
<rdar://problem/26678218>

Reviewed by Joanmarie Diggs.

Expose whether an object is a dialog type. This will allow decisions higher up the stack to be made in regards to where to move VoiceOver focus.

  • accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:

(-[WebAccessibilityObjectWrapper accessibilityIsDialog]):

3:32 PM Changeset in webkit [201773] by nvasilyev@apple.com
  • 2 edits in trunk/Source/WebInspectorUI

REGRESSION (r158219): Web Inspector: Border under Memory content view is too thick
https://bugs.webkit.org/show_bug.cgi?id=158495
<rdar://problem/26683428>

Reviewed by Timothy Hatcher.

  • UserInterface/Views/MemoryTimelineView.css:

(.timeline-view.memory): Deleted.

2:09 PM Changeset in webkit [201772] by bfulgham@apple.com
  • 2 edits in trunk/Source/bmalloc

Prevents integer overflow in Vector.h
https://bugs.webkit.org/show_bug.cgi?id=158455
<rdar://problem/20235469>

Patch by Pranjal Jumde <pjumde@apple.com> on 2016-06-07
Reviewed by Mark Lam.

  • bmalloc/Vector.h:

(bmalloc::Vector<T>::reallocateBuffer):

1:46 PM Changeset in webkit [201771] by achristensen@apple.com
  • 2 edits in trunk/Source/WebCore

Fix Yosemite build.
https://bugs.webkit.org/show_bug.cgi?id=158403

  • platform/spi/cocoa/QuartzCoreSPI.h:
1:32 PM Changeset in webkit [201770] by weinig@apple.com
  • 2 edits in trunk/Source/WebKit2

Fix 10.10 build.

  • WebProcess/WebPage/mac/PlatformCAAnimationRemote.mm:

(WebKit::addAnimationToLayer):

1:24 PM Changeset in webkit [201769] by achristensen@apple.com
  • 2 edits in trunk/Source/WebCore

Fix WinCairo build.

  • platform/network/curl/MultipartHandle.cpp:

(WebCore::MultipartHandle::didReceiveResponse):

1:07 PM Changeset in webkit [201768] by sbarati@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

operationProcessTypeProfilerLogDFG doesn't update topCallFrame
https://bugs.webkit.org/show_bug.cgi?id=158428
<rdar://problem/26571493>

Reviewed by Mark Lam.

  • dfg/DFGOperations.cpp:
1:05 PM Changeset in webkit [201767] by achristensen@apple.com
  • 5 edits in trunk/Source/WebCore

Build fix non-cocoa platforms.
https://bugs.webkit.org/show_bug.cgi?id=158332

  • loader/cache/CachedFont.cpp:

(WebCore::CachedFont::createCustomFontData):

  • platform/network/ResourceHandle.cpp:

(WebCore::ResourceHandle::continueWillSendRequest):

  • platform/network/curl/MultipartHandle.cpp:

(WebCore::MultipartHandle::didReceiveResponse):

  • platform/network/curl/ResourceHandleManager.cpp:

(WebCore::headerCallback):

12:51 PM Changeset in webkit [201766] by mark.lam@apple.com
  • 13 edits in trunk/Source/JavaScriptCore

calculatedDisplayName() and friends actually need a VM& and not a ExecState/CallFrame.
https://bugs.webkit.org/show_bug.cgi?id=158488

Reviewed by Geoffrey Garen.

calculatedDisplayName() (and some of its friends) actually just need a VM&.
Their work has nothing to do with an ExecState at all. This patch will make that
clear by changing these functions to take a VM& arg instead of an ExecState* or
CallFrame*.

Also removed the JS_EXPORT_PRIVATE attribute from Interpreter::StackFrame::toString().
The JS_EXPORT_PRIVATE attribute was a holdover from the days when WebInspector
was entirely in WebCore. It is no longer needed.

  • debugger/DebuggerCallFrame.cpp:

(JSC::DebuggerCallFrame::functionName):

  • inspector/JSInjectedScriptHost.cpp:

(Inspector::JSInjectedScriptHost::functionDetails):

  • inspector/ScriptCallStackFactory.cpp:

(Inspector::createScriptCallStackFromException):

  • interpreter/CallFrame.cpp:

(JSC::CallFrame::friendlyFunctionName):

  • interpreter/Interpreter.cpp:

(JSC::StackFrame::friendlySourceURL):
(JSC::StackFrame::friendlyFunctionName):
(JSC::StackFrame::expressionInfo):
(JSC::StackFrame::toString):
(JSC::Interpreter::stackTraceAsString):

  • interpreter/Interpreter.h:
  • interpreter/StackVisitor.cpp:

(JSC::StackVisitor::Frame::functionName):

  • runtime/InternalFunction.cpp:

(JSC::InternalFunction::name):
(JSC::InternalFunction::displayName):
(JSC::InternalFunction::getCallData):
(JSC::InternalFunction::calculatedDisplayName):

  • runtime/InternalFunction.h:

(JSC::InternalFunction::createStructure):

  • runtime/JSFunction.cpp:

(JSC::JSFunction::name):
(JSC::JSFunction::displayName):
(JSC::JSFunction::calculatedDisplayName):
(JSC::JSFunction::getConstructData):
(JSC::getCalculatedDisplayName):

  • runtime/JSFunction.h:

(JSC::JSFunction::executable):

  • runtime/JSObject.cpp:

(JSC::JSObject::calculatedClassName):

12:31 PM Changeset in webkit [201765] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Skipping http/tests/websocket/tests/hybi/upgrade-simple-ws.html
https://bugs.webkit.org/show_bug.cgi?id=158480

Unreviewed test gardening.

12:22 PM Changeset in webkit [201764] by weinig@apple.com
  • 2 edits in trunk/Source/WebCore

Try to fix the 10.10 build.

  • platform/spi/cocoa/QuartzCoreSPI.h:
11:56 AM Changeset in webkit [201763] by ddkilzer@apple.com
  • 3 edits in trunk/Source/WebKit/mac

[iOS WK1] Remove unused -_webkit_unescapedQueryValue and -_webkit_queryKeysAndValues NSString category methods
<https://webkit.org/b/158485>
<rdar://problem/16960445>

Reviewed by Dan Bernstein.

  • Misc/WebNSURLExtras.h:

(-[NSString _webkit_unescapedQueryValue]): Deleted declaration.
(-[NSString _webkit_queryKeysAndValues]): Deleted declaration.

  • Misc/WebNSURLExtras.mm:

(-[NSString _webkit_unescapedQueryValue]): Deleted.
(-[NSString _webkit_queryKeysAndValues]): Deleted.

11:55 AM Changeset in webkit [201762] by Brian Burg
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: add a keyboard shortcut to open the new tab tab
https://bugs.webkit.org/show_bug.cgi?id=158365
<rdar://problem/26631897>

Unreviewed, fix a typo introduced in r201692.
This caused the new tab button to stop working.

  • UserInterface/Base/Main.js:

(WebInspector._updateNewTabButtonState):

11:52 AM Changeset in webkit [201761] by achristensen@apple.com
  • 46 edits in trunk/Source

Modernize loading code
https://bugs.webkit.org/show_bug.cgi?id=158332

Reviewed by Darin Adler.

Source/WebCore:

No new tests, no change in behavior.

  • inspector/InspectorPageAgent.cpp:

(WebCore::InspectorPageAgent::cachedResourceContent):

  • loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::continueAfterContentPolicy):

  • loader/FrameLoader.h:
  • loader/NetscapePlugInStreamLoader.cpp:

(WebCore::NetscapePlugInStreamLoader::didReceiveData):
(WebCore::NetscapePlugInStreamLoader::didReceiveBuffer):
(WebCore::NetscapePlugInStreamLoader::didReceiveDataOrBuffer):
(WebCore::NetscapePlugInStreamLoader::didFinishLoading):

  • loader/NetscapePlugInStreamLoader.h:
  • loader/ResourceLoader.cpp:

(WebCore::ResourceLoader::deliverResponseAndData):
(WebCore::ResourceLoader::loadDataURL):
(WebCore::ResourceLoader::addDataOrBuffer):
(WebCore::ResourceLoader::clearResourceData):
(WebCore::ResourceLoader::didReceiveData):
(WebCore::ResourceLoader::didReceiveBuffer):
(WebCore::ResourceLoader::didReceiveDataOrBuffer):
(WebCore::ResourceLoader::didFinishLoading):

  • loader/ResourceLoader.h:

(WebCore::ResourceLoader::wasCancelled):
(WebCore::ResourceLoader::options):

  • loader/SubresourceLoader.cpp:

(WebCore::SubresourceLoader::didReceiveData):
(WebCore::SubresourceLoader::didReceiveBuffer):
(WebCore::SubresourceLoader::didReceiveDataOrBuffer):

  • loader/SubresourceLoader.h:
  • loader/appcache/ApplicationCacheGroup.cpp:

(WebCore::ApplicationCacheGroup::abort):
(WebCore::ApplicationCacheGroup::createResourceHandle):

  • loader/appcache/ApplicationCacheGroup.h:
  • loader/cache/CachedImage.cpp:

(WebCore::CachedImage::addData):

  • loader/cache/CachedRawResourceClient.h:
  • platform/SharedBuffer.cpp:

(WebCore::SharedBuffer::SharedBuffer):
(WebCore::SharedBuffer::createWithContentsOfFile):
(WebCore::SharedBuffer::adoptVector):
(WebCore::SharedBuffer::duplicateDataBufferIfNecessary):
(WebCore::SharedBuffer::appendToDataBuffer):
(WebCore::SharedBuffer::clearDataBuffer):

  • platform/SharedBuffer.h:

(WebCore::SharedBuffer::create):

  • platform/cf/SharedBufferCF.cpp:

(WebCore::SharedBuffer::SharedBuffer):
(WebCore::SharedBuffer::maybeAppendPlatformData):
(WebCore::SharedBuffer::wrapCFDataArray):

  • platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:

(ResourceHandleStreamingClient::didReceiveData):
(ResourceHandleStreamingClient::didReceiveBuffer):

  • platform/mac/SharedBufferMac.mm:

(WebCore::SharedBuffer::createCFData):
(WebCore::SharedBuffer::createFromReadingFile):

  • platform/network/BlobRegistryImpl.cpp:

(WebCore::BlobRegistryImpl::~BlobRegistryImpl):
(WebCore::createBlobResourceHandle):
(WebCore::loadBlobResourceSynchronously):
(WebCore::registerBlobResourceHandleConstructor):
(WebCore::BlobRegistryImpl::createResourceHandle):
(WebCore::BlobRegistryImpl::appendStorageItems):
(WebCore::createResourceHandle): Deleted.
(WebCore::loadResourceSynchronously): Deleted.

  • platform/network/BlobRegistryImpl.h:
  • platform/network/BlobResourceHandle.cpp:

(WebCore::BlobResourceHandle::createAsync):
(WebCore::BlobResourceHandle::loadResourceSynchronously):
Removed the overridden didReceiveData and didFinishLoading,
which did nothing and were identical to the function they overwrote.

  • platform/network/BlobResourceHandle.h:
  • platform/network/PingHandle.h:
  • platform/network/ResourceHandle.cpp:

(WebCore::ResourceHandle::ResourceHandle):
(WebCore::ResourceHandle::create):
(WebCore::ResourceHandle::scheduleFailure):

  • platform/network/ResourceHandle.h:
  • platform/network/ResourceHandleClient.cpp:

(WebCore::ResourceHandleClient::willCacheResponseAsync):
(WebCore::ResourceHandleClient::didReceiveBuffer):

  • platform/network/ResourceHandleClient.h:

(WebCore::ResourceHandleClient::didReceiveResponse):
(WebCore::ResourceHandleClient::didReceiveData):
(WebCore::ResourceHandleClient::didFinishLoading):
(WebCore::ResourceHandleClient::didFail):

  • platform/network/cocoa/WebCoreNSURLSession.mm:

(-[WebCoreNSURLSessionDataTask resource:receivedData:length:]):
This data must be copied in order to put it in a refcounted NSData because it comes
from IPC from the Network Process and is an IPC::DataReference which will be deallocated
when the message handling is done.

  • platform/soup/SharedBufferSoup.cpp:

(WebCore::SharedBuffer::SharedBuffer):

  • testing/MockContentFilter.cpp:

(WebCore::MockContentFilter::replacementData):
(WebCore::MockContentFilter::unblockHandler):

Source/WebKit2:

  • NetworkProcess/Downloads/PendingDownload.h:
  • NetworkProcess/NetworkDataTask.h:

(WebKit::NetworkDataTask::client):

  • NetworkProcess/NetworkLoad.cpp:

(WebKit::NetworkLoad::didReceiveResponseNetworkSession):
(WebKit::NetworkLoad::didReceiveData):
(WebKit::NetworkLoad::didReceiveBuffer):

  • NetworkProcess/NetworkLoad.h:
  • NetworkProcess/NetworkLoadClient.h:
  • NetworkProcess/NetworkResourceLoader.cpp:

(WebKit::NetworkResourceLoader::didReceiveBuffer):
(WebKit::NetworkResourceLoader::didFinishLoading):

  • NetworkProcess/NetworkResourceLoader.h:
  • NetworkProcess/PingLoad.h:
  • NetworkProcess/cache/NetworkCacheSpeculativeLoad.cpp:

(WebKit::NetworkCache::SpeculativeLoad::didReceiveBuffer):

  • NetworkProcess/cache/NetworkCacheSpeculativeLoad.h:
  • NetworkProcess/cocoa/NetworkDataTaskCocoa.mm:

(WebKit::NetworkDataTask::didReceiveResponse):
(WebKit::NetworkDataTask::didReceiveData):

  • Shared/WebHitTestResultData.cpp:
  • WebProcess/Network/WebResourceLoader.cpp:

(WebKit::WebResourceLoader::didReceiveResource):

11:22 AM WebInspector edited by clopez@igalia.com
(diff)
11:21 AM WebInspector edited by clopez@igalia.com
(diff)
11:20 AM Changeset in webkit [201760] by peavo@outlook.com
  • 2 edits in trunk/Tools

[Win] Imported markup insertion test is failing.
https://bugs.webkit.org/show_bug.cgi?id=158477

Reviewed by Darin Adler.

Make sure the empty synchronous request is loaded after each test.

  • DumpRenderTree/win/DumpRenderTree.cpp:

(runTest):

11:15 AM Changeset in webkit [201759] by weinig@apple.com
  • 29 edits
    9 adds in trunk

Add experimental support for spring based CSS animations
https://bugs.webkit.org/show_bug.cgi?id=158403

Reviewed by Dean Jackson.

Source/WebCore:

Adds experimental support for a new CSS animation timing function that uses
spring to model the time function. To use it you replace your normal timing
function, be it cubic-bezier or steps, with a new function called spring().
For instance, for a transition you would write:

transition-timing-function: spring(1 100 10 0);


The parameters are, in order:

  • Mass
  • Stiffness
  • Damping
  • Initial Velocity

Tests: animations/spring-computed-style.html

animations/spring-function.html
animations/spring-parsing.html

  • WebCore.xcodeproj/project.pbxproj:

Add new file.

  • css/CSSComputedStyleDeclaration.cpp:

(WebCore::createTimingFunctionValue):
Modernize and add support for the spring function.

  • css/CSSParser.cpp:

(WebCore::CSSParserContext::CSSParserContext):
(WebCore::operator==):
(WebCore::CSSParser::CSSParser):
(WebCore::CSSParser::parseTransformOriginShorthand):
(WebCore::CSSParser::isSpringTimingFunctionEnabled):
(WebCore::CSSParser::parseCubicBezierTimingFunctionValue):
(WebCore::CSSParser::parseSpringTimingFunctionValue):
(WebCore::CSSParser::parseAnimationTimingFunction):

  • css/CSSParser.h:
  • css/CSSParserMode.h:

Add parsing support for the spring() function.

  • css/CSSTimingFunctionValue.cpp:

(WebCore::CSSCubicBezierTimingFunctionValue::customCSSText):
(WebCore::CSSCubicBezierTimingFunctionValue::equals):
(WebCore::CSSStepsTimingFunctionValue::customCSSText):
(WebCore::CSSStepsTimingFunctionValue::equals):
(WebCore::CSSSpringTimingFunctionValue::customCSSText):
(WebCore::CSSSpringTimingFunctionValue::equals):

  • css/CSSTimingFunctionValue.h:

(WebCore::CSSSpringTimingFunctionValue::create):
(WebCore::CSSSpringTimingFunctionValue::mass):
(WebCore::CSSSpringTimingFunctionValue::stiffness):
(WebCore::CSSSpringTimingFunctionValue::damping):
(WebCore::CSSSpringTimingFunctionValue::initialVelocity):
(WebCore::CSSSpringTimingFunctionValue::CSSSpringTimingFunctionValue):
Modernize and add support for the spring function.

  • css/CSSToStyleMap.cpp:

(WebCore::CSSToStyleMap::mapAnimationTimingFunction):
Pipe the spring function into the animation.

  • css/CSSValue.cpp:

(WebCore::CSSValue::equals):
(WebCore::CSSValue::cssText):
(WebCore::CSSValue::destroy):

  • css/CSSValue.h:

(WebCore::CSSValue::isSpringTimingFunctionValue):
Add support for the spring function.

  • page/Settings.in:

Add a setting to control if the spring function is enabled.

  • page/animation/AnimationBase.cpp:

(WebCore::solveSpringFunction):
(WebCore::AnimationBase::progress):
Add support for solving the spring function. Since the spring requires time to be absolute,
get the real time by multiplying the ratio t, to the total duration.

  • platform/animation/TimingFunction.cpp:

(WebCore::operator<<):

  • platform/animation/TimingFunction.h:

(WebCore::TimingFunction::~TimingFunction):
(WebCore::TimingFunction::isSpringTimingFunction):
Add support for the spring timing function.

  • platform/graphics/SpringSolver.h: Added.

(WebCore::SpringSolver::SpringSolver):
(WebCore::SpringSolver::solve):
Add a Spring solver that matches the one in CoreAnimation.

  • platform/graphics/ca/GraphicsLayerCA.cpp:

(WebCore::GraphicsLayerCA::createAnimationFromKeyframes):
(WebCore::GraphicsLayerCA::appendToUncommittedAnimations):
(WebCore::GraphicsLayerCA::createBasicAnimation):
(WebCore::GraphicsLayerCA::createSpringAnimation):
(WebCore::GraphicsLayerCA::setupAnimation):

  • platform/graphics/ca/GraphicsLayerCA.h:

Map animations with spring timing functions to CASpringAnimations.

  • platform/graphics/ca/PlatformCAAnimation.cpp:

(WebCore::operator<<):
(WebCore::PlatformCAAnimation::isBasicAnimation):

  • platform/graphics/ca/PlatformCAAnimation.h:

(WebCore::PlatformCAAnimation::setActualStartTimeIfNeeded):
(WebCore::PlatformCAAnimation::PlatformCAAnimation):

  • platform/graphics/ca/cocoa/PlatformCAAnimationCocoa.mm:

(WebCore::toCAMediaTimingFunction):
(PlatformCAAnimationCocoa::PlatformCAAnimationCocoa):
(PlatformCAAnimationCocoa::setTimingFunction):
(PlatformCAAnimationCocoa::copyTimingFunctionFrom):
(PlatformCAAnimationCocoa::setFromValue):
(PlatformCAAnimationCocoa::copyFromValueFrom):
(PlatformCAAnimationCocoa::setToValue):
(PlatformCAAnimationCocoa::copyToValueFrom):
Add a new type of PlatformCAAnimation, Spring, which is a sub-type of Basic.

Source/WebKit2:

  • Shared/WebCoreArgumentCoders.cpp:

(IPC::ArgumentCoder<StepsTimingFunction>::decode):
(IPC::ArgumentCoder<SpringTimingFunction>::encode):
(IPC::ArgumentCoder<SpringTimingFunction>::decode):
(IPC::ArgumentCoder<FloatPoint>::encode):

  • Shared/WebCoreArgumentCoders.h:
  • Shared/WebPreferencesDefinitions.h:
  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::updatePreferences):

  • WebProcess/WebPage/mac/PlatformCAAnimationRemote.mm:

(WebKit::PlatformCAAnimationRemote::Properties::encode):
(WebKit::PlatformCAAnimationRemote::Properties::decode):
(WebKit::addAnimationToLayer):
Pipe through support for the Spring animation.

LayoutTests:

  • animations/script-tests/spring-computed-style.js: Added.
  • animations/script-tests/spring-parsing.js: Added.
  • animations/spring-computed-style-expected.txt: Added.
  • animations/spring-computed-style.html: Added.
  • animations/spring-function-expected.txt: Added.
  • animations/spring-function.html: Added.
  • animations/spring-parsing-expected.txt: Added.
  • animations/spring-parsing.html: Added.

Add tests for the spring timing function.

11:13 AM Changeset in webkit [201758] by achristensen@apple.com
  • 2 edits
    1 add in trunk/Source/WebKit/mac

Adopt [PDFView documentScrollView]
https://bugs.webkit.org/show_bug.cgi?id=158454
rdar://problem/25875390

Reviewed by Tim Horton.

  • WebView/PDFViewSPI.h: Added.
  • WebView/WebPDFView.mm:

(-[WebPDFView _clipViewForPDFDocumentView]):

11:12 AM WebInspector edited by clopez@igalia.com
(diff)
11:10 AM EnvironmentVariables edited by clopez@igalia.com
(diff)
11:01 AM EnvironmentVariables edited by clopez@igalia.com
(diff)
10:53 AM Changeset in webkit [201757] by Chris Dumez
  • 25 edits
    23 adds in trunk

Implement EventListenerOptions argument to addEventListener
https://bugs.webkit.org/show_bug.cgi?id=149466
<rdar://problem/22802031>

Reviewed by Dean Jackson.

LayoutTests/imported/w3c:

Import new test from W3C that covers EventListenerOptions.

  • web-platform-tests/dom/events/EventListenerOptions-capture-expected.txt: Added.
  • web-platform-tests/dom/events/EventListenerOptions-capture.html: Added.

Source/WebCore:

Implement AddEventListenerOptions dictionary argument to addEventListener()
and EventListenerOptions dictionary argument to removeEventListener(), as
per the latest DOM specification:

Firefox and Chrome already support this.

Support for AddEventListenerOptions in this patch is as follows:

  • 'capture': fully supported.
  • 'once': fully supported.
  • 'passive': supported in the sense that preventDefault() will be ignored

for passive event listeners. There are however currently no
performance benefits from passing this flag. Those optimizations
will be implemented in follow-up patches (in particular for
Touch and Scroll events).

Tests: fast/events/AddEventListenerOptions-once-recursive.html

fast/events/AddEventListenerOptions-once.html
fast/events/AddEventListenerOptions-passive.html
fast/events/removeEventListener-EventListenerOptions-capture.html
imported/w3c/web-platform-tests/dom/events/EventListenerOptions-capture.html

  • Modules/webaudio/AudioScheduledSourceNode.cpp:

(WebCore::AudioScheduledSourceNode::addEventListener):
(WebCore::AudioScheduledSourceNode::removeEventListener):

  • Modules/webaudio/AudioScheduledSourceNode.h:
  • Modules/webaudio/ScriptProcessorNode.cpp:

(WebCore::ScriptProcessorNode::addEventListener):
(WebCore::ScriptProcessorNode::removeEventListener):

  • Modules/webaudio/ScriptProcessorNode.h:
  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateParametersCheckExpression):

  • dom/Event.h:

(WebCore::Event::preventDefault):
(WebCore::Event::setInPassiveListener):

  • dom/EventListenerMap.cpp:

(WebCore::addListenerToVector):
(WebCore::EventListenerMap::add):

  • dom/EventListenerMap.h:
  • dom/EventTarget.cpp:

(WebCore::EventTarget::addEventListener):
(WebCore::EventTarget::addEventListenerForBindings):
(WebCore::EventTarget::removeEventListenerForBindings):
(WebCore::EventTarget::removeEventListener):
(WebCore::EventTarget::setAttributeEventListener):
(WebCore::EventTarget::fireEventListeners):

  • dom/EventTarget.h:

(WebCore::EventTarget::ListenerOptions::ListenerOptions):
(WebCore::EventTarget::AddEventListenerOptions::AddEventListenerOptions):
(WebCore::EventTarget::addEventListener):
(WebCore::EventTarget::addEventListenerForBindings):
(WebCore::EventTarget::removeEventListenerForBindings):

  • dom/EventTarget.idl:
  • dom/MessagePort.cpp:

(WebCore::MessagePort::addEventListener):

  • dom/MessagePort.h:
  • dom/Node.cpp:

(WebCore::tryAddEventListener):
(WebCore::Node::addEventListener):
(WebCore::tryRemoveEventListener):
(WebCore::Node::removeEventListener):

  • dom/Node.h:
  • dom/RegisteredEventListener.h:

(WebCore::RegisteredEventListener::Options::Options):
(WebCore::RegisteredEventListener::RegisteredEventListener):
(WebCore::operator==):

  • html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::addEventListener):
(WebCore::HTMLMediaElement::removeEventListener):

  • html/HTMLMediaElement.h:
  • page/DOMWindow.cpp:

(WebCore::DOMWindow::addEventListener):
(WebCore::DOMWindow::removeEventListener):

  • page/DOMWindow.h:
  • svg/SVGElement.cpp:

(WebCore::SVGElement::addEventListener):
(WebCore::SVGElement::removeEventListener):

  • svg/SVGElement.h:

LayoutTests:

  • fast/events/AddEventListenerOptions-once-expected.txt: Added.
  • fast/events/AddEventListenerOptions-once-recursive-expected.txt: Added.
  • fast/events/AddEventListenerOptions-once-recursive.html: Added.
  • fast/events/AddEventListenerOptions-once.html: Added.
  • fast/events/AddEventListenerOptions-passive-expected.txt: Added.
  • fast/events/AddEventListenerOptions-passive.html: Added.
  • fast/events/removeEventListener-EventListenerOptions-capture-expected.txt: Added.
  • fast/events/removeEventListener-EventListenerOptions-capture.html: Added.

Add layout testing coverage for various aspects of the functionality.

  • imported/blink/fast/events/eventlisteneroptions/capture_default-expected.txt: Added.
  • imported/blink/fast/events/eventlisteneroptions/capture_default.html: Added.
  • imported/blink/fast/events/eventlisteneroptions/capture_equality-expected.txt: Added.
  • imported/blink/fast/events/eventlisteneroptions/capture_equality.html: Added.
  • imported/blink/fast/events/eventlisteneroptions/capture_query-expected.txt: Added.
  • imported/blink/fast/events/eventlisteneroptions/capture_query.html: Added.
  • imported/blink/fast/events/eventlisteneroptions/passive_dispatch-expected.txt: Added.
  • imported/blink/fast/events/eventlisteneroptions/passive_dispatch.html: Added.
  • imported/blink/fast/events/eventlisteneroptions/passive_inequality-expected.txt: Added.
  • imported/blink/fast/events/eventlisteneroptions/passive_inequality.html: Added.
  • imported/blink/fast/events/eventlisteneroptions/passive_query-expected.txt: Added.
  • imported/blink/fast/events/eventlisteneroptions/passive_query.html: Added.

Import blink tests for this functionality.

10:23 AM Changeset in webkit [201756] by Yusuke Suzuki
  • 4 edits
    6 adds in trunk/Source

[JSC] Do not allocate unnecessary UTF-8 string for encodeXXX functions
https://bugs.webkit.org/show_bug.cgi?id=158416

Reviewed by Darin Adler and Geoffrey Garen.

Source/JavaScriptCore:

Previously, encodeXXX functions first allocate new UTF-8 string, and generate (& allocate) the results from this UTF-8 string.
It is costly since this UTF-8 string is always wasted. In this patch, we generate the results without this UTF-8 string.
We precisely implement ECMA262's Encode abstract operation[1].

This optimized encodeXXX functions provide great improvement in kraken stanford-crypto-sha256-iterative since it frequently calls
these functions. We can see 6 - 7% improvements.

baseline patched

stanford-crypto-sha256-iterative 37.952+-0.155 35.484+-0.265 definitely 1.0695x faster

[1]: https://tc39.github.io/ecma262/#sec-encode

  • runtime/JSGlobalObjectFunctions.cpp:

(JSC::toSafeView):
Use this helper function to retrieve JSString::SafeView.

(JSC::makeCharacterBitmap):
(JSC::encode):
In encode, we reserve N length buffer at first. This is important when the length of the given string is long enough,
preventing frequent unnecessary buffer reallocations. This reserving contributes to 1% kraken stanford-crypto-sha256-iterative progression.

(JSC::decode):
Previously, Bitmap accidentally includes \0. And instead of removing this \0, we checked character != 0.
This patch fixes it for the Bitmap not to include \0.

(JSC::globalFuncParseInt):
(JSC::globalFuncEscape):
(JSC::globalFuncUnescape):

  • tests/stress/encode-decode-ascii.js: Added.

(shouldBe):

  • tests/stress/encode-decode-unicode.js: Added.

(shouldBe):
(isLowSurrogate):
(isHighSurrogate):
(isSurrogate):

  • tests/stress/encode-decode-uri-component-surrogates.js: Added.

(shouldBe):
(toHighSurrogate):
(toLowSurrogate):

  • tests/stress/encode-decode-uri-surrogates.js: Added.

(shouldBe):
(toHighSurrogate):
(toLowSurrogate):

  • tests/stress/encode-decode-zero.js: Added.

(shouldBe):

  • tests/stress/escape-unescape-surrogates.js: Added.

(shouldBe):
(toHighSurrogate):
(toLowSurrogate):

Source/WTF:

  • wtf/Bitmap.h:

(WTF::Bitmap::size):
(WTF::WordType>::Bitmap):
(WTF::WordType>::get):
(WTF::WordType>::set):
(WTF::WordType>::testAndSet):
(WTF::WordType>::testAndClear):
(WTF::WordType>::concurrentTestAndSet):
(WTF::WordType>::concurrentTestAndClear):
(WTF::WordType>::clear):
(WTF::WordType>::clearAll):
(WTF::WordType>::nextPossiblyUnset):
(WTF::WordType>::findRunOfZeros):
(WTF::WordType>::count):
(WTF::WordType>::isEmpty):
(WTF::WordType>::isFull):

9:37 AM Changeset in webkit [201755] by commit-queue@webkit.org
  • 2 edits in trunk/Source/JavaScriptCore

[GTK] Include locale.h before using LC_ALL
https://bugs.webkit.org/show_bug.cgi?id=158470

Patch by Ting-Wei Lan <Ting-Wei Lan> on 2016-06-07
Reviewed by Darin Adler.

  • jsc.cpp:
9:19 AM Changeset in webkit [201754] by commit-queue@webkit.org
  • 8 edits in trunk/Source/JavaScriptCore

Unskip generator related stress tests
https://bugs.webkit.org/show_bug.cgi?id=158461

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2016-06-07
Reviewed by Darin Adler.

  • tests/stress/generator-methods.js:
  • tests/stress/generator-syntax.js:
  • tests/stress/yield-and-line-terminator.js:
  • tests/stress/yield-label-generator.js:
  • tests/stress/yield-named-accessors-generator.js:
  • tests/stress/yield-named-variable-generator.js:
  • tests/stress/yield-out-of-generator.js:
8:47 AM Changeset in webkit [201753] by bfulgham@apple.com
  • 23 edits
    64 adds in trunk

CSP: Content Security Policy directive, upgrade-insecure-requests (UIR)
https://bugs.webkit.org/show_bug.cgi?id=143653
<rdar://problem/23032067>

Reviewed by Andy Estes.

Source/WebCore:

Modify our loading logic so that we recognize and upgrade insecure requests to secure
requests if the Content Security Policy directive 'upgrade-insecure-requests' is
present.

Add a static helper function to ContentSecurityPolicy to upgrade insecure URLs so
that we don't have to sprinkle the same code all over the loader system.

Tests: http/tests/security/contentSecurityPolicy/report-only-upgrade-insecure.php

http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/basic-upgrade-cors.https.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/basic-upgrade.https.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/form-upgrade.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/https-header-auxiliary.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/https-header-nested.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/https-header-subresource.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/https-header-top-level.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/iframe-upgrade.https.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/proper-nested-upgrades.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/proper-open-window-upgrades.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-insecure-audio-video-in-main-frame.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-insecure-css-in-iframe.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-insecure-image-in-main-frame.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-simple-ws.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-insecure-xhr-in-main-frame.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-redirect-http-to-https-script-in-iframe.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-redirect-https-to-http-script-in-iframe.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrades-mixed-content.html
http/tests/ssl/iframe-upgrade.https.html
http/tests/ssl/upgrade-origin-usage.html
http/tests/websocket/tests/hybi/upgrade-simple-ws.html

  • Modules/websockets/WebSocket.cpp:

(WebCore::WebSocket::connect): Upgrade insecure requests if the CSP
indicates we should.

  • dom/Document.cpp:

(WebCore::Document::initSecurityContext): Populate new document CSP with sets of upgrade host and port combinations.

  • dom/ScriptElement.cpp:

(WebCore::ScriptElement::requestScript): Upgrade insecure requests if
the CSP indicates we should.

  • html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::loadResource): Ditto.

  • loader/DocumentWriter.cpp:

(WebCore::DocumentWriter::begin): Ditto.

  • loader/FormSubmission.cpp:

(WebCore::FormSubmission::create): Ditto.
(WebCore::FormSubmission::populateFrameLoadRequest): Add "Upgrade-Insecure-Requests"
header to frame load requests.

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::addExtraFieldsToMainResourceRequest): Add the
'Update-Insecure-Requests' header field if necessary.
(WebCore::FrameLoader::addHTTPUpgradeInsecureRequestsIfNeeded): Added helper function.
(WebCore::FrameLoader::loadPostRequest): Upgrade insecure requests if the CSP
indicates we should.
(WebCore::FrameLoader::loadResourceSynchronously): Ditto.
(WebCore::FrameLoader::loadDifferentDocumentItem): If loading a form, add the
'Update-Insecure-Requests' header field if necessary.
(WebCore::createWindow): Upgrade insecure requests if the CSP
indicates we should.

  • loader/FrameLoader.h:
  • loader/PingLoader.cpp:

(WebCore::PingLoader::loadImage): Upgrade insecure requests if the CSP
indicates we should.
(WebCore::PingLoader::sendPing): Ditto.
(WebCore::PingLoader::sendViolationReport): Ditto.

  • loader/ResourceLoader.cpp:

(WebCore::ResourceLoader::willSendRequestInternal): Ditto.

  • loader/SubframeLoader.cpp:

(WebCore::SubframeLoader::requestFrame): Ditto.
(WebCore::SubframeLoader::requestObject): Ditto.

  • loader/appcache/ApplicationCacheHost.cpp:

(WebCore::ApplicationCacheHost::shouldLoadResourceFromApplicationCache): Ditto.

  • loader/cache/CachedResourceLoader.cpp:

(WebCore::CachedResourceLoader::requestImage): Ditto.
(WebCore::CachedResourceLoader::requestResource): Ditto.

  • page/DOMWindow.cpp:

(WebCore::DOMWindow::createWindow): Add the 'Update-Insecure-Requests' header
field if necessary.

  • page/csp/ContentSecurityPolicy.cpp:

(WebCore::ContentSecurityPolicy::copyStateFrom): Populate upgraded resource set
from other context.
(WebCore::ContentSecurityPolicy::upgradeInsecureRequestIfNeeded): Added helper function
to upgrade requests when the upgrade-insecure-requests CSP policy is present, or if
the host and port combination have previously been upgraded.
(WebCore::ContentSecurityPolicy::upgradeInsecureNavigationRequestIfNeeded): Added
helper function to upgrade requests that have been previously upgraded. Cross-site
navigations only get upgraded when they have been previously upgraded.
(WebCore::ContentSecurityPolicy::addInsecureNavigationRequestsToUpgrade): Added.
(WebCore::ContentSecurityPolicy::populateInsecureNavigationRequestsToUpgradeFromOther): Added.

  • page/csp/ContentSecurityPolicy.h:

(WebCore::ContentSecurityPolicy::setUpgradeInsecureRequests): Added.
(WebCore::ContentSecurityPolicy::upgradeInsecureRequests): Added.

  • page/csp/ContentSecurityPolicyDirectiveList.cpp:

(WebCore::ContentSecurityPolicyDirectiveList::ContentSecurityPolicyDirectiveList): Use
more C++11 initializations.
(WebCore::ContentSecurityPolicyDirectiveList::setUpgradeInsecureRequests): Added.
(WebCore::ContentSecurityPolicyDirectiveList::addDirective): Teach this function to
recognize the new directive.

  • page/csp/ContentSecurityPolicyDirectiveList.h:
  • page/csp/ContentSecurityPolicyDirectiveNames.cpp:
  • page/csp/ContentSecurityPolicyDirectiveNames.h:
  • platform/network/HTTPHeaderNames.in: Add new 'Upgrade-Insecure-Requests' header field.
  • xml/XMLHttpRequest.cpp:

(WebCore::XMLHttpRequest::open): Upgrade insecure requests if the CSP if needed.

LayoutTests:

Some of these tests are based on a set of Blink patches by Mike West <mkwst@chromium.org>.
<https://src.chromium.org/viewvc/blink?revision=192607&view=revision>,
<https://codereview.chromium.org/1178093002>, <https://codereview.chromium.org/1964303003>

The rest of them are based on our own mixedContent tests, revised for upgraded requests.

Note that WebSockets are not part of this testing at present due to https://bugs.webkit.org/show_bug.cgi?id=157884.

  • http/tests/security/contentSecurityPolicy/report-only-upgrade-insecure.php: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/basic-upgrade-cors.https-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/basic-upgrade-cors.https.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/basic-upgrade.https-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/basic-upgrade.https.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/form-upgrade-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/form-upgrade.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/https-header-auxiliary-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/https-header-auxiliary.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/https-header-nested-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/https-header-nested.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/https-header-subresource-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/https-header-subresource.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/https-header-top-level-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/https-header-top-level.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/iframe-upgrade.https-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/iframe-upgrade.https.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/proper-nested-upgrades-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/proper-nested-upgrades.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/proper-open-window-upgrades-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/proper-open-window-upgrades.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/resources: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/resources/basic-upgrade-cors.https.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/resources/check-https-header.pl: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/resources/echo-https-header.pl: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/resources/frame-with-insecure-audio-video.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/resources/frame-with-insecure-css.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/resources/frame-with-insecure-image.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/resources/frame-with-redirect-http-to-https-script.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/resources/frame-with-redirect-https-to-http-script.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/resources/insecure-xhr-in-main-frame-window.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/resources/mixed-content-with-upgrade.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/resources/post-https-header.pl: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-insecure-audio-video-in-main-frame-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-insecure-audio-video-in-main-frame.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-insecure-css-in-iframe-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-insecure-css-in-iframe.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-insecure-image-in-main-frame-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-insecure-image-in-main-frame.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-insecure-xhr-in-main-frame-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-insecure-xhr-in-main-frame.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-redirect-http-to-https-script-in-iframe-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-redirect-http-to-https-script-in-iframe.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-redirect-https-to-http-script-in-iframe-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-redirect-https-to-http-script-in-iframe.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrades-mixed-content-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrades-mixed-content.html: Added.
  • http/tests/security/resources/post-origin-to-parent.html: Added.
  • http/tests/ssl/iframe-upgrade.https-expected.txt: Added.
  • http/tests/ssl/iframe-upgrade.https.html: Added.
  • http/tests/ssl/upgrade-origin-usage-expected.txt: Added.
  • http/tests/ssl/upgrade-origin-usage.html: Added.
  • http/tests/ssl/resources/origin-usage-iframe-1.html: Added.
  • http/tests/ssl/resources/origin-usage-iframe-1.manifest: Added.
  • http/tests/ssl/resources/origin-usage-iframe-2.html: Added.
  • http/tests/ssl/resources/origin-usage-iframe-2.manifest: Added.
  • http/tests/websocket/tests/hybi/upgrade-simple-ws-expected.txt: Added.
  • http/tests/websocket/tests/hybi/upgrade-simple-ws.html: Added.
  • TestExpectations: Skip http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-simple-ws.html since the

WebSocket server does not currently support wss sockets.

8:03 AM Changeset in webkit [201752] by commit-queue@webkit.org
  • 3 edits
    2 adds in trunk

Video elements are painted twice, in PaintPhaseForeground and PaintPhaseSelfOutline
https://bugs.webkit.org/show_bug.cgi?id=158247

Patch by Fujii Hironori <Fujii Hironori> on 2016-06-07
Reviewed by Simon Fraser.

Source/WebCore:

Test: fast/replaced/outline-replaced-elements-offset.html

In <http://trac.webkit.org/changeset/105247>,
RenderReplaced::paint was changed to call
RenderReplaced::paintReplaced in PaintPhaseOutline and
PaintPhaseSelfOutline to paint outline of SVG.

As the result, RenderVideo::paintReplaced paints twice,
in forground and outline phase.

It was changed to paint outline of SVG in PaintPhaseForeground
since <http://trac.webkit.org/changeset/168645>. No need to call
RenderReplaced::paintReplaced in outline phases anymore.

  • rendering/RenderReplaced.cpp:

(WebCore::RenderReplaced::paint): Return early if
PaintPhaseOutline or PaintPhaseSelfOutline.
Return early unless PaintPhaseForeground nor PaintPhaseSelection,
even if canHaveChildren().

LayoutTests:

  • fast/replaced/outline-replaced-elements-offset-expected.html: Added.
  • fast/replaced/outline-replaced-elements-offset.html: Added.
7:32 AM Changeset in webkit [201751] by mcatanzaro@igalia.com
  • 2 edits in trunk/LayoutTests

[GTK] Mark fast/text/international/system-language/han-quotes.html as flaky

Unreviewed gardening

  • platform/gtk/TestExpectations:
7:22 AM Changeset in webkit [201750] by Csaba Osztrogonác
  • 2 edits in trunk/Source/WebKit

[Mac][cmake] Unreviewed trivial buildfix after r201689. Just for fun.

  • PlatformMac.cmake:
7:12 AM Changeset in webkit [201749] by mcatanzaro@igalia.com
  • 3 edits in trunk/Source/WebKit2

[GTK] Hide GTK+ 2 plugins if GTK+ 2 plugin process was built but is not installed
https://bugs.webkit.org/show_bug.cgi?id=158419

Reviewed by Carlos Garcia Campos.

  • UIProcess/Plugins/unix/PluginInfoStoreUnix.cpp:

(WebKit::PluginInfoStore::getPluginInfo):

  • UIProcess/Plugins/unix/PluginProcessProxyUnix.cpp:

(WebKit::PluginProcessProxy::scanPlugin):

5:43 AM Changeset in webkit [201748] by peavo@outlook.com
  • 2 edits in trunk/Source/WebKit/win

[Win][IndexedDB] Crash when running worker test.
https://bugs.webkit.org/show_bug.cgi?id=158434

Reviewed by Alex Christensen.

Initialize main runloop, otherwise RunLoop::main() will return nullptr.

  • WebView.cpp:

(WebView::WebView):

3:06 AM Changeset in webkit [201747] by nael.ouedraogo@crf.canon.fr
  • 8 edits in trunk

Creating a TouchList with non Touch items should throw an exception
https://bugs.webkit.org/show_bug.cgi?id=158302

Reviewed by Youenn Fablet.

Source/WebCore:

Only Touch items should be passed to CreateTouchList function as per specification
(https://w3c.github.io/touch-events/#extensions-to-the-document-interface).
CreateTouchList function behavior is modified. An exception is thrown when non Touch items
are passed as parameters instead of adding null items in the TouchList.

Tests have been modified to check whether behavior of CreateTouchList is correct.

  • bindings/js/JSDocumentCustom.cpp:

(WebCore::JSDocument::createTouchList):

  • dom/Document.idl:

LayoutTests:

Only Touch items should be passed to CreateTouchList function as
per specification (https://w3c.github.io/touch-events/#extensions-to-the-document-interface).

Tests have been modified to check whether behavior of CreateTouchList is correct.

  • fast/events/touch/document-create-touch-list-crash-expected.txt:
  • fast/events/touch/document-create-touch-list-expected.txt:
  • fast/events/touch/script-tests/document-create-touch-list-crash.js:
  • fast/events/touch/script-tests/document-create-touch-list.js:
1:33 AM Changeset in webkit [201746] by commit-queue@webkit.org
  • 2 edits in trunk/LayoutTests

Unskip js/script-tests/class-syntax-scoping.js
https://bugs.webkit.org/show_bug.cgi?id=158458

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2016-06-07
Reviewed by Ryosuke Niwa.

  • js/script-tests/class-syntax-scoping.js:

Jun 6, 2016:

11:33 PM Changeset in webkit [201745] by commit-queue@webkit.org
  • 1 edit
    1 move in trunk/Source/JavaScriptCore

Fix typo in test name trailing-comma-in-function-paramters.js
https://bugs.webkit.org/show_bug.cgi?id=158462

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2016-06-06
Reviewed by Mark Lam.

  • tests/stress/trailing-comma-in-function-parameters.js: Renamed from Source/JavaScriptCore/tests/stress/trailing-comma-in-function-paramters.js.
11:32 PM Changeset in webkit [201744] by commit-queue@webkit.org
  • 2 edits in trunk/LayoutTests

ASSERTION failed in get-by-pname.js when run with JSC_useLLINT=false and 2 other configurations
https://bugs.webkit.org/show_bug.cgi?id=138497
<rdar://problem/18909792>

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2016-06-06
Reviewed by Mark Lam.

  • js/script-tests/get-by-pname.js:

Test is no longer failing. Lets unskip.

11:06 PM Changeset in webkit [201743] by commit-queue@webkit.org
  • 25 edits
    11 deletes in trunk

Unreviewed, rolling out r201735.
https://bugs.webkit.org/show_bug.cgi?id=158465

fast/events/AddEventListenerOptions-once-recursive.html fails
on all bots (Requested by ap on #webkit).

Reverted changeset:

"Implement EventListenerOptions argument to addEventListener"
https://bugs.webkit.org/show_bug.cgi?id=149466
http://trac.webkit.org/changeset/201735

11:05 PM Changeset in webkit [201742] by commit-queue@webkit.org
  • 22 edits
    14 deletes in trunk

Unreviewed, rolling out r201679.
https://bugs.webkit.org/show_bug.cgi?id=158464

http/tests/websocket/tests/hybi/upgrade-simple-ws.html is
flaky (Requested by ap on #webkit).

Reverted changeset:

"CSP: Content Security Policy directive, upgrade-insecure-
requests (UIR)"
https://bugs.webkit.org/show_bug.cgi?id=143653
http://trac.webkit.org/changeset/201679

10:54 PM Changeset in webkit [201741] by akling@apple.com
  • 6 edits in trunk/Source

REGRESSION(r197595): 2% JSBench regression on iPhone 5.
<https://webkit.org/b/158459>

Unreviewed rollout.

  • runtime/VM.cpp:

(JSC::VM::deleteAllRegExpCode): Deleted.

  • runtime/VM.h:
10:46 PM Changeset in webkit [201740] by jiewen_tan@apple.com
  • 25 edits
    2 adds in trunk

URLs containing tabs or newlines are parsed incorrectly
https://bugs.webkit.org/show_bug.cgi?id=143381
<rdar://problem/26567214>

Reviewed by Brent Fulgham.

Source/WebCore:

  1. Strip any tabs and newlines in the URL input.
  2. Replace the original stripping URL leading and trailing white spaces logic with WTFString's

builtin, and move this logic to the very begining of the URL parser.

  1. Enhance the protocolIs method to ignore any leading whitespace/control characters, and

tabs/newlines of the examining url.

Test: fast/url/tab-and-newline-stripping.html

  • platform/URL.cpp:

(WebCore::isTabNewline):
(WebCore::shouldTrimFromURL):
(WebCore::URL::init):
(WebCore::protocolIs):

LayoutTests:

  • fast/dom/DOMURL/set-href-attribute-host-expected.txt:
  • fast/dom/DOMURL/set-href-attribute-host.html:
  • fast/dom/HTMLAnchorElement/script-tests/set-href-attribute-host.js:
  • fast/dom/HTMLAnchorElement/set-href-attribute-host-expected.txt:
  • fast/url/segments-expected.txt:
  • fast/url/segments-from-data-url-expected.txt:
  • fast/url/segments-from-data-url.html:
  • fast/url/segments.html:
  • fast/url/tab-and-newline-stripping-expected.txt: Added.
  • fast/url/tab-and-newline-stripping.html: Added.
  • http/tests/security/javascriptURL/javascriptURL-execution-context-frame-location-htmldom-expected.txt:
  • http/tests/security/javascriptURL/javascriptURL-execution-context-frame-src-getAttribute-value-expected.txt:
  • http/tests/security/javascriptURL/javascriptURL-execution-context-frame-src-htmldom-expected.txt:
  • http/tests/security/javascriptURL/javascriptURL-execution-context-frame-src-setAttribute-expected.txt:
  • http/tests/security/javascriptURL/javascriptURL-execution-context-frame-src-setAttributeNS-expected.txt:
  • http/tests/security/javascriptURL/javascriptURL-execution-context-frame-src-setAttributeNode-expected.txt:
  • http/tests/security/javascriptURL/javascriptURL-execution-context-frame-src-setAttributeNodeNS-expected.txt:
  • http/tests/security/javascriptURL/javascriptURL-execution-context-iframe-src-getAttribute-value-expected.txt:
  • http/tests/security/javascriptURL/javascriptURL-execution-context-iframe-src-htmldom-expected.txt:
  • http/tests/security/javascriptURL/javascriptURL-execution-context-iframe-src-setAttribute-expected.txt:
  • http/tests/security/javascriptURL/javascriptURL-execution-context-iframe-src-setAttributeNS-expected.txt:
  • http/tests/security/javascriptURL/javascriptURL-execution-context-iframe-src-setAttributeNode-expected.txt:
  • http/tests/security/javascriptURL/javascriptURL-execution-context-iframe-src-setAttributeNodeNS-expected.txt:
  • http/tests/security/xssAuditor/javascript-link-control-char2-expected.txt:
9:02 PM Changeset in webkit [201739] by rniwa@webkit.org
  • 27 edits in trunk

Update the list of elements attachShadow is allowed
https://bugs.webkit.org/show_bug.cgi?id=157706

Reviewed by Darin Adler.

Source/WebCore:

Update the list of elements on which attachShadow is allowed per the latest shadow DOM spec:
http://www.w3.org/TR/shadow-dom/#widl-Element-attachShadow-ShadowRoot-ShadowRootInit-shadowRootInitDict
which now only allows attachShadow on the following elements and custom elements:
button, details, input, marquee, meter, progress, select, textarea, keygen

In order to check that a given HTML element's local name is a valid custom element name,
this patch moves CustomElementDefinitions::checkName to Document::validateCustomElementName so that
it could be used when either SHADOW_DOM or CUSTOM_ELEMENTS build flag is turned on.

Also removed Element::canHaveUserAgentShadowRoot since it was only used in Element::attachShadow.

Test: fast/shadow-dom/Element-interface-attachShadow.html

  • bindings/js/JSDocumentCustom.cpp:

(WebCore::JSDocument::defineElement):

  • dom/CustomElementDefinitions.cpp:

(WebCore::CustomElementDefinitions::checkName): Moved to Document::validateCustomElementName.

  • dom/CustomElementDefinitions.h:
  • dom/Document.cpp:

(WebCore::createHTMLElementWithNameValidation):
(WebCore::createFallbackHTMLElement):
(WebCore::Document::validateCustomElementName): Moved from CustomElementDefinitions::checkName.

  • dom/Document.h:
  • dom/Element.cpp:

(WebCore::canAttachAuthorShadowRoot): Added.
(WebCore::Element::attachShadow):

  • dom/Element.h:
  • html/HTMLButtonElement.h:
  • html/HTMLDetailsElement.h:
  • html/HTMLInputElement.h:
  • html/HTMLKeygenElement.h:
  • html/HTMLMarqueeElement.h:
  • html/HTMLMediaElement.h:
  • html/HTMLMeterElement.h:
  • html/HTMLPlugInElement.h:
  • html/HTMLProgressElement.h:
  • html/HTMLQuoteElement.h:
  • html/HTMLSelectElement.h:
  • html/HTMLSummaryElement.h:
  • html/HTMLTagNames.in:
  • html/HTMLTextAreaElement.h:
  • html/HTMLUnknownElement.h:
  • html/parser/HTMLConstructionSite.cpp:

(WebCore::HTMLConstructionSite::createHTMLElementOrFindCustomElementInterface):

LayoutTests:

Added more test cases for validating elements on which attachShadow is allowed and disallowed.

  • fast/shadow-dom/Element-interface-attachShadow-expected.txt:
  • fast/shadow-dom/Element-interface-attachShadow.html:
8:24 PM Changeset in webkit [201738] by sbarati@apple.com
  • 2 edits in trunk/Source/WTF

equal(StringView, StringView) for strings should have a fast path for pointer equality
https://bugs.webkit.org/show_bug.cgi?id=158452

Reviewed by Andreas Kling.

JSBench does a lot of StringView::operator== on StringViews that have
the same underlying characters pointer. This becomes hot inside JSBench
because JSBench heavily stresses JSC's UnlinkedCodeCache with a high
hit rate. This means that when we get a hit in the cache, we used to
do the long form of string compare. However, we were often comparing
two StringViews that had the same underlying buffer and length.
This patch speeds this case up to run in constant time instead of
linear time.

  • wtf/text/StringCommon.h:

(WTF::equalCommon):

  • wtf/text/StringImpl.h:

(WTF::StringImpl::StringImpl):
(WTF::StringImpl::data):

  • wtf/text/StringView.h:

(WTF::StringView::data):

8:02 PM Changeset in webkit [201737] by msaboff@apple.com
  • 2 edits
    1 add in trunk/Source/JavaScriptCore

octal and binary parsing is wrong for some programs
https://bugs.webkit.org/show_bug.cgi?id=158437

Reviewed by Saam Barati.

When there is an error parsing an binary or octal literal, we need to clear the returnValue
of any residual value. This is because the processing of returnValue happens before the
syntax check for the extra character. Without clearing returnValue, we end trying to
categorize the value as an INTEGER or DOUBLE token. If the value happens to be an
impure NaN, we ASSERT.

  • parser/Lexer.cpp:

(JSC::Lexer<T>::parseBinary):
(JSC::Lexer<T>::parseOctal):

  • tests/stress/regress-158437.js: New test.
7:40 PM Changeset in webkit [201736] by rniwa@webkit.org
  • 5 edits
    2 adds in trunk

Crash inside moveOutOfAllShadowRoots
https://bugs.webkit.org/show_bug.cgi?id=158378

Reviewed by Antti Koivisto.

Source/WebCore:

The bug was caused by InShadowTreeFlag not being cleared when a shadow host or its ancestor was removed
due to addChildNodesToDeletionQueue not invoking notifyChildNodeRemoved when a node was in a shadow tree
but not in a document.

Fixed the bug by invoking notifyChildNodeRemoved when the removed node is either in a shadow tree
or it's in a shadow tree. Also fixed a bug in VTTCue::~VTTCue that it was trying to remove the display
tree even when the owner document was being destroyed. This results in various assertions to be hit.

Test: fast/shadow-dom/shadow-host-removal-crash.html

  • dom/ContainerNodeAlgorithms.cpp:

(WebCore::addChildNodesToDeletionQueue):

  • html/track/VTTCue.cpp:

(WebCore::VTTCue::~VTTCue):

LayoutTests:

Added a regression test that reproduced the crash reliably at least on my machine.

  • fast/shadow-dom/shadow-host-removal-crash-expected.txt: Added.
  • fast/shadow-dom/shadow-host-removal-crash.html: Added.
  • platform/ios-simulator/TestExpectations:
7:35 PM Changeset in webkit [201735] by Chris Dumez
  • 25 edits
    23 adds in trunk

Implement EventListenerOptions argument to addEventListener
https://bugs.webkit.org/show_bug.cgi?id=149466
<rdar://problem/22802031>

Reviewed by Dean Jackson.

LayoutTests/imported/w3c:

Import new test from W3C that covers EventListenerOptions.

  • web-platform-tests/dom/events/EventListenerOptions-capture-expected.txt: Added.
  • web-platform-tests/dom/events/EventListenerOptions-capture.html: Added.

Source/WebCore:

Implement AddEventListenerOptions dictionary argument to addEventListener()
and EventListenerOptions dictionary argument to removeEventListener(), as
per the latest DOM specification:

Firefox and Chrome already support this.

Support for AddEventListenerOptions in this patch is as follows:

  • 'capture': fully supported.
  • 'once': fully supported.
  • 'passive': supported in the sense that preventDefault() will be ignored

for passive event listeners. There are however currently no
performance benefits from passing this flag. Those optimizations
will be implemented in follow-up patches (in particular for
Touch and Scroll events).

Tests: fast/events/AddEventListenerOptions-once-recursive.html

fast/events/AddEventListenerOptions-once.html
fast/events/AddEventListenerOptions-passive.html
fast/events/removeEventListener-EventListenerOptions-capture.html
imported/w3c/web-platform-tests/dom/events/EventListenerOptions-capture.html

  • Modules/webaudio/AudioScheduledSourceNode.cpp:

(WebCore::AudioScheduledSourceNode::addEventListener):
(WebCore::AudioScheduledSourceNode::removeEventListener):

  • Modules/webaudio/AudioScheduledSourceNode.h:
  • Modules/webaudio/ScriptProcessorNode.cpp:

(WebCore::ScriptProcessorNode::addEventListener):
(WebCore::ScriptProcessorNode::removeEventListener):

  • Modules/webaudio/ScriptProcessorNode.h:
  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateParametersCheckExpression):

  • dom/Event.h:

(WebCore::Event::preventDefault):
(WebCore::Event::setInPassiveListener):

  • dom/EventListenerMap.cpp:

(WebCore::addListenerToVector):
(WebCore::EventListenerMap::add):

  • dom/EventListenerMap.h:
  • dom/EventTarget.cpp:

(WebCore::EventTarget::addEventListener):
(WebCore::EventTarget::addEventListenerForBindings):
(WebCore::EventTarget::removeEventListenerForBindings):
(WebCore::EventTarget::removeEventListener):
(WebCore::EventTarget::setAttributeEventListener):
(WebCore::EventTarget::fireEventListeners):

  • dom/EventTarget.h:

(WebCore::EventTarget::ListenerOptions::ListenerOptions):
(WebCore::EventTarget::AddEventListenerOptions::AddEventListenerOptions):
(WebCore::EventTarget::addEventListener):
(WebCore::EventTarget::addEventListenerForBindings):
(WebCore::EventTarget::removeEventListenerForBindings):

  • dom/EventTarget.idl:
  • dom/MessagePort.cpp:

(WebCore::MessagePort::addEventListener):

  • dom/MessagePort.h:
  • dom/Node.cpp:

(WebCore::tryAddEventListener):
(WebCore::Node::addEventListener):
(WebCore::tryRemoveEventListener):
(WebCore::Node::removeEventListener):

  • dom/Node.h:
  • dom/RegisteredEventListener.h:

(WebCore::RegisteredEventListener::Options::Options):
(WebCore::RegisteredEventListener::RegisteredEventListener):
(WebCore::operator==):

  • html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::addEventListener):
(WebCore::HTMLMediaElement::removeEventListener):

  • html/HTMLMediaElement.h:
  • page/DOMWindow.cpp:

(WebCore::DOMWindow::addEventListener):
(WebCore::DOMWindow::removeEventListener):

  • page/DOMWindow.h:
  • svg/SVGElement.cpp:

(WebCore::SVGElement::addEventListener):
(WebCore::SVGElement::removeEventListener):

  • svg/SVGElement.h:

LayoutTests:

  • fast/events/AddEventListenerOptions-once-expected.txt: Added.
  • fast/events/AddEventListenerOptions-once-recursive-expected.txt: Added.
  • fast/events/AddEventListenerOptions-once-recursive.html: Added.
  • fast/events/AddEventListenerOptions-once.html: Added.
  • fast/events/AddEventListenerOptions-passive-expected.txt: Added.
  • fast/events/AddEventListenerOptions-passive.html: Added.
  • fast/events/removeEventListener-EventListenerOptions-capture-expected.txt: Added.
  • fast/events/removeEventListener-EventListenerOptions-capture.html: Added.

Add layout testing coverage for various aspects of the functionality.

  • imported/blink/fast/events/eventlisteneroptions/capture_default-expected.txt: Added.
  • imported/blink/fast/events/eventlisteneroptions/capture_default.html: Added.
  • imported/blink/fast/events/eventlisteneroptions/capture_equality-expected.txt: Added.
  • imported/blink/fast/events/eventlisteneroptions/capture_equality.html: Added.
  • imported/blink/fast/events/eventlisteneroptions/capture_query-expected.txt: Added.
  • imported/blink/fast/events/eventlisteneroptions/capture_query.html: Added.
  • imported/blink/fast/events/eventlisteneroptions/passive_dispatch-expected.txt: Added.
  • imported/blink/fast/events/eventlisteneroptions/passive_dispatch.html: Added.
  • imported/blink/fast/events/eventlisteneroptions/passive_inequality-expected.txt: Added.
  • imported/blink/fast/events/eventlisteneroptions/passive_inequality.html: Added.
  • imported/blink/fast/events/eventlisteneroptions/passive_query-expected.txt: Added.
  • imported/blink/fast/events/eventlisteneroptions/passive_query.html: Added.

Import blink tests for this functionality.

5:36 PM Changeset in webkit [201734] by Ryan Haddad
  • 25 edits
    11 deletes in trunk

Unreviewed, rolling out r201730.
https://bugs.webkit.org/show_bug.cgi?id=158453

This change caused existing LayoutTests to crash (Requested by
ryanhaddad on #webkit).

Reverted changeset:

"Implement EventListenerOptions argument to addEventListener"
https://bugs.webkit.org/show_bug.cgi?id=149466
http://trac.webkit.org/changeset/201730

Patch by Commit Queue <commit-queue@webkit.org> on 2016-06-06

5:00 PM Changeset in webkit [201733] by mark.lam@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

32-bit JSC stress test failing: stress/recursive-try-catch.js.ftl-no-cjit-validate-sampling-profiler
https://bugs.webkit.org/show_bug.cgi?id=158362

Reviewed by Michael Saboff.

The test does infinite recursion until it overflows the stack. That means the
sampling profiler will have to capture excessively large samples, which in turn
makes it run very slowly. This is what causes the test time out.

The fix is to not run the test with the sampling profiler.

  • tests/stress/recursive-try-catch.js:
4:38 PM Changeset in webkit [201732] by akling@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Don't reportAbandonedObjectGraph() after throwing out linked code or RegExps.
<https://webkit.org/b/158444>

Unreviewed.

This is a speculative change for iOS performance bots. The calls to reportAbandonedObjectGraph
were basically redundant, since mainframe navigation will cause GC acceleration anyway via
ScriptController.

This appears successful at recovering the ~0.7% regression I could reproduce locally on newer
hardware but it's a bit too noisy to say for sure.

  • runtime/VM.cpp:

(JSC::VM::deleteAllLinkedCode):
(JSC::VM::deleteAllRegExpCode):

3:33 PM Changeset in webkit [201731] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Marking http/tests/misc/slow-loading-animated-image.html as flaky on ios-simulator
https://bugs.webkit.org/show_bug.cgi?id=157916

Unreviewed test gardening.

  • platform/ios-simulator/TestExpectations:
3:28 PM Changeset in webkit [201730] by Chris Dumez
  • 25 edits
    23 adds in trunk

Implement EventListenerOptions argument to addEventListener
https://bugs.webkit.org/show_bug.cgi?id=149466
<rdar://problem/22802031>

Reviewed by Dean Jackson.

LayoutTests/imported/w3c:

Import new test from W3C that covers EventListenerOptions.

  • web-platform-tests/dom/events/EventListenerOptions-capture-expected.txt: Added.
  • web-platform-tests/dom/events/EventListenerOptions-capture.html: Added.

Source/WebCore:

Implement AddEventListenerOptions dictionary argument to addEventListener()
and EventListenerOptions dictionary argument to removeEventListener(), as
per the latest DOM specification:

Firefox and Chrome already support this.

Support for AddEventListenerOptions in this patch is as follows:

  • 'capture': fully supported.
  • 'once': fully supported.
  • 'passive': supported in the sense that preventDefault() will be ignored

for passive event listeners. There are however currently no
performance benefits from passing this flag. Those optimizations
will be implemented in follow-up patches (in particular for
Touch and Scroll events).

Tests: fast/events/AddEventListenerOptions-once-recursive.html

fast/events/AddEventListenerOptions-once.html
fast/events/AddEventListenerOptions-passive.html
fast/events/removeEventListener-EventListenerOptions-capture.html
imported/w3c/web-platform-tests/dom/events/EventListenerOptions-capture.html

  • Modules/webaudio/AudioScheduledSourceNode.cpp:

(WebCore::AudioScheduledSourceNode::addEventListener):
(WebCore::AudioScheduledSourceNode::removeEventListener):

  • Modules/webaudio/AudioScheduledSourceNode.h:
  • Modules/webaudio/ScriptProcessorNode.cpp:

(WebCore::ScriptProcessorNode::addEventListener):
(WebCore::ScriptProcessorNode::removeEventListener):

  • Modules/webaudio/ScriptProcessorNode.h:
  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateParametersCheckExpression):

  • dom/Event.h:

(WebCore::Event::preventDefault):
(WebCore::Event::setInPassiveListener):

  • dom/EventListenerMap.cpp:

(WebCore::addListenerToVector):
(WebCore::EventListenerMap::add):

  • dom/EventListenerMap.h:
  • dom/EventTarget.cpp:

(WebCore::EventTarget::addEventListener):
(WebCore::EventTarget::addEventListenerForBindings):
(WebCore::EventTarget::removeEventListenerForBindings):
(WebCore::EventTarget::removeEventListener):
(WebCore::EventTarget::setAttributeEventListener):
(WebCore::EventTarget::fireEventListeners):

  • dom/EventTarget.h:

(WebCore::EventTarget::ListenerOptions::ListenerOptions):
(WebCore::EventTarget::AddEventListenerOptions::AddEventListenerOptions):
(WebCore::EventTarget::addEventListener):
(WebCore::EventTarget::addEventListenerForBindings):
(WebCore::EventTarget::removeEventListenerForBindings):

  • dom/EventTarget.idl:
  • dom/MessagePort.cpp:

(WebCore::MessagePort::addEventListener):

  • dom/MessagePort.h:
  • dom/Node.cpp:

(WebCore::tryAddEventListener):
(WebCore::Node::addEventListener):
(WebCore::tryRemoveEventListener):
(WebCore::Node::removeEventListener):

  • dom/Node.h:
  • dom/RegisteredEventListener.h:

(WebCore::RegisteredEventListener::Options::Options):
(WebCore::RegisteredEventListener::RegisteredEventListener):
(WebCore::operator==):

  • html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::addEventListener):
(WebCore::HTMLMediaElement::removeEventListener):

  • html/HTMLMediaElement.h:
  • page/DOMWindow.cpp:

(WebCore::DOMWindow::addEventListener):
(WebCore::DOMWindow::removeEventListener):

  • page/DOMWindow.h:
  • svg/SVGElement.cpp:

(WebCore::SVGElement::addEventListener):
(WebCore::SVGElement::removeEventListener):

  • svg/SVGElement.h:

LayoutTests:

  • fast/events/AddEventListenerOptions-once-expected.txt: Added.
  • fast/events/AddEventListenerOptions-once-recursive-expected.txt: Added.
  • fast/events/AddEventListenerOptions-once-recursive.html: Added.
  • fast/events/AddEventListenerOptions-once.html: Added.
  • fast/events/AddEventListenerOptions-passive-expected.txt: Added.
  • fast/events/AddEventListenerOptions-passive.html: Added.
  • fast/events/removeEventListener-EventListenerOptions-capture-expected.txt: Added.
  • fast/events/removeEventListener-EventListenerOptions-capture.html: Added.

Add layout testing coverage for various aspects of the functionality.

  • imported/blink/fast/events/eventlisteneroptions/capture_default-expected.txt: Added.
  • imported/blink/fast/events/eventlisteneroptions/capture_default.html: Added.
  • imported/blink/fast/events/eventlisteneroptions/capture_equality-expected.txt: Added.
  • imported/blink/fast/events/eventlisteneroptions/capture_equality.html: Added.
  • imported/blink/fast/events/eventlisteneroptions/capture_query-expected.txt: Added.
  • imported/blink/fast/events/eventlisteneroptions/capture_query.html: Added.
  • imported/blink/fast/events/eventlisteneroptions/passive_dispatch-expected.txt: Added.
  • imported/blink/fast/events/eventlisteneroptions/passive_dispatch.html: Added.
  • imported/blink/fast/events/eventlisteneroptions/passive_inequality-expected.txt: Added.
  • imported/blink/fast/events/eventlisteneroptions/passive_inequality.html: Added.
  • imported/blink/fast/events/eventlisteneroptions/passive_query-expected.txt: Added.
  • imported/blink/fast/events/eventlisteneroptions/passive_query.html: Added.

Import blink tests for this functionality.

2:47 PM Changeset in webkit [201729] by jer.noble@apple.com
  • 5 edits in trunk/Source/WebCore

Media elements should only be allowed to control controls manager during a user gesture.
https://bugs.webkit.org/show_bug.cgi?id=158432

Reviewed by Eric Carlson.

Add a new MediaElementSession behavior restriction for the controls manager
which is cleared on the first user gesture. Since canControlControlsManager()
may be called before the first layout, call updatePlaybackControlsManager()
since the main content check requires the laid-out size of the media element.

(WebCore::HTMLMediaElement::HTMLMediaElement):
(WebCore::HTMLMediaElement::layoutSizeChanged):
(WebCore::HTMLMediaElement::removeBehaviorsRestrictionsAfterFirstUserGesture):

  • html/HTMLMediaElement.h:
  • html/MediaElementSession.cpp:

(WebCore::MediaElementSession::canControlControlsManager):

  • html/MediaElementSession.h:
2:40 PM Changeset in webkit [201728] by adam.bergkvist@ericsson.com
  • 11 edits
    1 add in trunk

WebRTC: Update MediaEndpointPeerConnection::createOffer() to use the transceiver set
https://bugs.webkit.org/show_bug.cgi?id=158203

Reviewed by Eric Carlson.

Source/WebCore:

Create an SDP offer based on the RTCPeerConnection object's set of RTCRtpTransceiver objects
(instead of RTCRtpSender objects).

Updated existing test: fast/mediastream/RTCPeerConnection-inspect-offer.html

  • Modules/mediastream/MediaEndpointPeerConnection.cpp:

(WebCore::matchTransceiver):
(WebCore::matchTransceiverByMid):
(WebCore::MediaEndpointPeerConnection::createOfferTask):

  • Modules/mediastream/MediaEndpointPeerConnection.h:
  • Modules/mediastream/PeerConnectionBackend.h:

Remove getSenders() which is replaced by getTransceivers().

  • Modules/mediastream/RTCPeerConnection.h:
  • Modules/mediastream/SDPProcessor.cpp:

(WebCore::configurationFromJSON):
(WebCore::configurationToJSON):

  • Modules/mediastream/sdp.js:

(SDP.parse):
(SDP.generate):
Add support for mid attribute.

  • platform/mediastream/PeerMediaDescription.h:

(WebCore::PeerMediaDescription::mid):
(WebCore::PeerMediaDescription::setMid):
(WebCore::PeerMediaDescription::clone):

LayoutTests:

Updated existing test.

  • fast/mediastream/RTCPeerConnection-inspect-offer-expected.txt:
  • fast/mediastream/RTCPeerConnection-inspect-offer.html:

Add verification of mid attribute [1] (corresponds to the RTCRtpTransceiver mid attribute).
[1] https://tools.ietf.org/html/rfc5888

  • fast/mediastream/resources/sdp-utils.js: Added.

(printComparableSessionDescription):
(verified):
(match):
Move the printComparableSessionDescription function to a separate file
to make it usable in other (future) tests.

1:58 PM Changeset in webkit [201727] by commit-queue@webkit.org
  • 4 edits
    6 adds in trunk

Position of WebGL <canvas> on iOS is incorrect with CSS borders
https://bugs.webkit.org/show_bug.cgi?id=156790

Patch by Antoine Quint <Antoine Quint> on 2016-06-06
Reviewed by Simon Fraser.

Source/WebKit2:

WebGL layers on iOS are hosted by a WKRemoteView, which applies a transform scaling
its content by the inverse of the device pixel ratio, which affects how positions are
applied to the WebGL layer. The container layer of the layer hosted by a WKRemoteView
then has an inverse transform applied to it in the PlatformCALayerRemoteCustom
constructor. However, the position of a CALayer is not affected by its transform.

The fix for <rdar://problem/18316542> should be specific to video, so we only apply the
scaling in the case of a LayerTypeAVPlayerLayer.

  • UIProcess/ios/RemoteLayerTreeHostIOS.mm:

(-[WKRemoteView initWithFrame:contextID:]):
(WebKit::RemoteLayerTreeHost::createLayer):
(-[WKRemoteView initWithFrame:contextID:hostingDeviceScaleFactor:]): Deleted.

  • WebProcess/WebPage/mac/PlatformCALayerRemoteCustom.mm:

(WebKit::PlatformCALayerRemoteCustom::PlatformCALayerRemoteCustom):

LayoutTests:

Adding new tests checking that CSS border, box-shadow and padding properties used on a
WebGL <canvas> element correctly affect the position of the WebGL content.

  • webgl/webgl-border-expected.html: Added.
  • webgl/webgl-border.html: Added.
  • webgl/webgl-box-shadow-expected.html: Added.
  • webgl/webgl-box-shadow.html: Added.
  • webgl/webgl-padding-expected.html: Added.
  • webgl/webgl-padding.html: Added.
1:34 PM Changeset in webkit [201726] by clopez@igalia.com
  • 2 edits
    1 add in trunk/Tools

REGRESSION(r201449) [GTK] ARMv7 build fails with libicudata.so.55: cannot open shared object file on gtkdoc-scangobj step.
https://bugs.webkit.org/show_bug.cgi?id=158417

Reviewed by Michael Catanzaro.

The toolchain on armhf (ARMv7) seems unable to properly handle
a shared library that doesn't link with anything.

And libicudata is built by default in this way because it only
contains static data.

That makes icu unusable on armhf because the linker will be
unable to resolve the libicudata dependencies.

Most (if not all) distributions workaround this by linking
libicudata with libc6, which is already a needed dependency for
any of the other icu shared libraries.

So import here the Debian patch fixing this issue. For further
details check https://bugs.debian.org/653457

  • gtk/jhbuild.modules:
  • gtk/patches/icudata-stdlibs.patch: Added.
1:33 PM Changeset in webkit [201725] by gskachkov@gmail.com
  • 6 edits
    1 add in trunk

Source/JavaScriptCore:
[ESNext] Trailing commas in function parameters.
https://bugs.webkit.org/show_bug.cgi?id=158020

Reviewed by Keith Miller.

ESNext allow to add trailing commas in function parameters and function arguments.
Link to spec - https://jeffmo.github.io/es-trailing-function-commas
Example of using - (function (a, b,) { return a + b; })(1,2,);

  • parser/Parser.cpp:

(JSC::Parser<LexerType>::parseFormalParameters):
(JSC::Parser<LexerType>::parseArguments):

  • tests/stress/trailing-comma-in-function-paramters.js: Added.

LayoutTests:
[ESNext] Support trailing commas in function param lists
https://bugs.webkit.org/show_bug.cgi?id=158020

Reviewed by Keith Miller.

  • js/parser-syntax-check-expected.txt:
  • js/script-tests/parser-syntax-check.js:
  • sputnik/Conformance/13_Function_Definition/S13_A5.html:
1:30 PM Changeset in webkit [201724] by commit-queue@webkit.org
  • 16 edits
    21 adds in trunk

Support createPattern(HTMLVideoElement, const String& repetitionType)
https://bugs.webkit.org/show_bug.cgi?id=149984
<rdar://problem/23058823>

Patch by George Ruan <gruan@apple.com> on 2016-06-06
Reviewed by Dean Jackson.

Source/WebCore:

Support functionality for HTMLVideoElement argument for
CanvasRenderingContext2D::createPattern*()

Tests: fast/canvas/canvas-createPattern-video-invalid.html

fast/canvas/canvas-createPattern-video-loading.html
fast/canvas/canvas-createPattern-video-modify.html
http/tests/security/canvas-remote-read-remote-video-allowed-anonymous.html
http/tests/security/canvas-remote-read-remote-video-allowed-with-credentials.html
http/tests/security/canvas-remote-read-remote-video-blocked-no-crossorigin.html
http/tests/security/canvas-remote-read-remote-video-localhost.html
http/tests/security/canvas-remote-read-remote-video-redirect.html
media/video-canvas-createPattern.html

  • html/canvas/CanvasRenderingContext2D.cpp:

(WebCore::CanvasRenderingContext2D::createPattern): Implement
functionality of description

  • html/canvas/CanvasRenderingContext2D.h:
  • html/canvas/CanvasRenderingContext2D.idl:

LayoutTests:

  • fast/canvas/canvas-createPattern-video-invalid-expected.txt: Added.
  • fast/canvas/canvas-createPattern-video-invalid.html: Added. Test

behavior when given invalid arguments.

  • fast/canvas/canvas-createPattern-video-loading-expected.txt: Added.
  • fast/canvas/canvas-createPattern-video-loading.html: Added. Tests

behavior before video loaded, right after it's loaded, and after being
played.

  • fast/canvas/canvas-createPattern-video-modify-expected.txt: Added.
  • fast/canvas/canvas-createPattern-video-modify.html: Added. Tests

that modifying the video after calling the createPattern() function
does not affect the pattern rendered or to be rendered.
*
http/tests/security/canvas-remote-read-remote-image-allowed-expected.txt:
Fix typo.
*
http/tests/security/canvas-remote-read-remote-image-allowed-with-credentials-expected.txt:
Fix typo.
*
http/tests/security/canvas-remote-read-remote-image-allowed-with-credentials.html:
Fix typo.

  • http/tests/security/canvas-remote-read-remote-image-allowed.html:

Fix typo.
*
http/tests/security/canvas-remote-read-remote-image-blocked-no-crossorigin-expected.txt:
Fix typo.
*
http/tests/security/canvas-remote-read-remote-image-blocked-no-crossorigin.html:
Fix typo.

  • http/tests/security/canvas-remote-read-remote-video-allowed-anonymous-expected.txt: Added.

*
http/tests/security/canvas-remote-read-remote-video-allowed-anonymous.html:
Added. This test will fail as CORS is not implemented for media yet.
Tests that data can be retrieved from canvas even when tainted if CORS
is enabled with anonymous.

  • http/tests/security/canvas-remote-read-remote-video-allowed-with-credentials-expected.txt: Added.

*
http/tests/security/canvas-remote-read-remote-video-allowed-with-credentials.html:
Added. This test will fail as CORS is not implemented for media yet.
Tests that data can be retrieved from canvas even when tainted if CORS
is enabled with credentials.

  • http/tests/security/canvas-remote-read-remote-video-blocked-no-crossorigin-expected.txt: Added.

*
http/tests/security/canvas-remote-read-remote-video-blocked-no-crossorigin.html:
Added. Ensures that data cannot be retrieved from a tainted canvas if
no cross origin is enabled.

  • http/tests/security/canvas-remote-read-remote-video-localhost-expected.txt: Added.
  • http/tests/security/canvas-remote-read-remote-video-localhost.html:

Added. Ensures that localhost is blocked like http.

  • http/tests/security/canvas-remote-read-remote-video-redirect-expected.txt: Added.
  • http/tests/security/canvas-remote-read-remote-video-redirect.html:

Added. Ensures that redirects are blocked.

  • http/tests/security/resources/canvas-video-crossorigin.js: Added.

Includes common functions used to test the CORS of canvas for video.
*
http/tests/security/resources/video-cross-origin-allow-credentials.php:
Added. Script that serves test video for
canvas-remote-read-remote-video-allowed-with-credentials.html.

  • media/video-canvas-createPattern-expected.txt: Added.
  • media/video-canvas-createPattern.html: Added. Naive test that

ensures functionality of createPattern() with HTMLVideoElement
argument.

  • platform/ios-simulator-wk1/TestExpectations: Added

canvas-remote-read-remote-video-allowed-anonymous.html and
canvas-remote-read-remote-video-allowed-with-credentials.html.

  • platform/ios-simulator-wk2/TestExpectations: Same as wk1.
  • platform/mac/TestExpectations: Same as wk1.
  • platform/mac/media/video-canvas-createPattern-expected.png: Added.
  • platform/win/TestExpectations: Same as wk1.
  • platform/wk2/TestExpectations: Same as wk1.
1:19 PM Changeset in webkit [201723] by Csaba Osztrogonác
  • 2 edits in trunk/Source/WebCore

Fix the !ENABLE(SHADOW_DOM) && !ENABLE(DETAILS_ELEMENT) build
https://bugs.webkit.org/show_bug.cgi?id=158347

Reviewed by Chris Dumez.

  • dom/ContainerNode.cpp:

(WebCore::destroyRenderTreeIfNeeded):

1:11 PM Changeset in webkit [201722] by beidson@apple.com
  • 4 edits in trunk/Source/WebKit2

Fix build after r201717

Unreviewed.

  • NetworkProcess/NetworkConnectionToWebProcess.cpp:

(WebKit::NetworkConnectionToWebProcess::writeBlobsToTemporaryFiles):

  • NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::grantSandboxExtensionsToDatabaseProcessForBlobs):

  • NetworkProcess/NetworkProcess.h:
12:23 PM Changeset in webkit [201721] by achristensen@apple.com
  • 5 edits in trunk/Source/WebCore

Remove unused ResourceResponse::platformResponseIsUpToDate
https://bugs.webkit.org/show_bug.cgi?id=158424

Reviewed by Brady Eidson.

No change in behavior, just removing unused code that was introduced in r145007.

  • platform/network/cf/ResourceResponse.h:

(WebCore::ResourceResponse::ResourceResponse):
(WebCore::ResourceResponse::platformResponseIsUpToDate): Deleted.

  • platform/network/cocoa/ResourceResponseCocoa.mm:

(WebCore::ResourceResponse::ResourceResponse):

  • platform/network/curl/ResourceResponse.h:

(WebCore::ResourceResponse::cfURLResponse):
(WebCore::ResourceResponse::platformResponseIsUpToDate): Deleted.

  • platform/network/soup/ResourceResponse.h:

(WebCore::ResourceResponse::soupMessageTLSErrors):
(WebCore::ResourceResponse::setSoupMessageTLSErrors):
(WebCore::ResourceResponse::decode):
(WebCore::ResourceResponse::platformResponseIsUpToDate): Deleted.

12:16 PM Changeset in webkit [201720] by peavo@outlook.com
  • 2 edits in trunk/Tools

REGRESSION (r104174): 500+ tests failing on Windows
https://bugs.webkit.org/show_bug.cgi?id=75965

Reviewed by Michael Catanzaro.

Reset WebView scale factors before running next test.

  • DumpRenderTree/win/DumpRenderTree.cpp:

(resetWebViewToConsistentStateBeforeTesting):

12:11 PM Changeset in webkit [201719] by barraclough@apple.com
  • 17 edits in trunk/Source

Deprecate remaining uses of Lookup getStatic*, use HasStaticPropertyTable instead.
https://bugs.webkit.org/show_bug.cgi?id=158178

Reviewed by Darin Adler.

As of bug #158059 most JSC static table property access no longer requires getOwnPropertySlot to be
overridden. Port remaining calls to the getStatic* functions in Lookup.h over to the new mechanism.

Source/JavaScriptCore:

Deprecate getStatic* functions in Lookup.h

  • runtime/Lookup.h:

(JSC::getStaticPropertySlot): Deleted.
(JSC::getStaticFunctionSlot): Deleted.
(JSC::getStaticValueSlot): Deleted.

  • No longer required. Static table access now via JSObject.

Source/WebCore:

Switch WebCore DOM instance bindings to use HasStaticPropertyTable.

  • bindings/js/JSPluginElementFunctions.h:

(WebCore::pluginElementCustomGetOwnPropertySlot):

  • Switch call from getStaticValueSlot to Type::getOwnPropertySlot. For any element where Type::hasStaticPropertyTable is true the HasStaticPropertyTable structure flag will also be set, so Type::getOwnPropertySlot will do the same thing.
  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateGetOwnPropertySlotBody):

  • If we override getOwnPropertySlot, Base::getOwnPropertySlot will handle property storage & static property lookup.

(InstanceOverridesGetOwnPropertySlot):

  • Instances only override getOwnPropertySlot if the really need to, not just for static property lookup.

(GenerateHeader):

  • Set HasStaticPropertyTable in instance structureFlags, where appropriate.

(GenerateImplementation):

  • GenerateGetOwnPropertySlotBody no longer needs to know if there are static properties.
  • bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
  • bindings/scripts/test/JS/JSTestActiveDOMObject.h:
  • bindings/scripts/test/JS/JSTestException.cpp:
  • bindings/scripts/test/JS/JSTestException.h:
  • bindings/scripts/test/JS/JSTestObj.cpp:
  • bindings/scripts/test/JS/JSTestObj.h:
  • bindings/scripts/test/JS/JSTestTypedefs.cpp:
  • bindings/scripts/test/JS/JSTestTypedefs.h:
  • bindings/scripts/test/JS/JSattribute.cpp:
  • bindings/scripts/test/JS/JSattribute.h:
    • Updating bindings test results.
11:51 AM Changeset in webkit [201718] by rniwa@webkit.org
  • 9 edits in trunk/Websites/perf.webkit.org

sync-buildbot.js should update the list of tests and platforms associated with a triggerable
https://bugs.webkit.org/show_bug.cgi?id=158406
<rdar://problem/26185737>

Reviewed by Darin Adler.

Added /api/update-triggerable to update the list of configurations (platform and test pairs)
associated with a given triggerable, and make sync-buildbot.js use this JSON API before each
syncing cycle so that the association gets updated automatically by simply updating the JSON.

  • server-tests/api-manifest.js: Use const for imported modules.
  • server-tests/api-report-commits-tests.js: Removed unnecessary importing of crypto.
  • server-tests/resources/mock-data.js:

(MockData.someTestId): Added.
(MockData.somePlatformId): Added.
(MockData.addMockData):

  • server-tests/tools-buildbot-triggerable-tests.js: Use const for imported modules. Also added

a test for BuildbotTriggerable's updateTriggerable.

  • tools/js/buildbot-triggerable.js:

(BuildbotTriggerable.prototype.updateTriggerable): Added. Find the list of all configurations
associated with this triggeerable and post it to /api/update-triggerable.

  • tools/js/database.js: Added triggerable_configurations to the list of tables.
  • tools/js/remote.js:

(RemoteAPI.prototype.postJSON): Print the whole response when JSON parsing fails for debugging.

  • tools/sync-buildbot.js:

(syncLoop): Call BuildbotTriggerable's updateTriggerable before syncing.

11:38 AM Changeset in webkit [201717] by beidson@apple.com
  • 17 edits in trunk/Source

Modern IDB: Crash seen in IDBConnectionProxy::putOrAdd on GuardMalloc bot
https://bugs.webkit.org/show_bug.cgi?id=158124

Reviewed by Darin Adler.
Source/WebCore:

No new tests (Covered by existing test configurations).

  • Modules/indexeddb/IDBTransaction.cpp:

(WebCore::IDBTransaction::putOrAddOnServer):

  • Modules/indexeddb/client/IDBConnectionProxy.cpp:

(WebCore::IDBClient::IDBConnectionProxy::putOrAdd):

  • Modules/indexeddb/client/IDBConnectionProxy.h:

(WebCore::IDBClient::IDBConnectionProxy::callConnectionOnMainThread):

  • bindings/js/SerializedScriptValue.cpp:

(WebCore::SerializedScriptValue::writeBlobsToDiskForIndexedDB):

  • bindings/js/SerializedScriptValue.h:
  • platform/network/BlobRegistry.h:
  • platform/network/BlobRegistryImpl.cpp:

(WebCore::BlobRegistryImpl::writeBlobsToTemporaryFiles):

  • platform/network/BlobRegistryImpl.h:

Source/WebKit2:

  • NetworkProcess/FileAPI/NetworkBlobRegistry.cpp:

(WebKit::NetworkBlobRegistry::writeBlobsToTemporaryFiles):

  • NetworkProcess/FileAPI/NetworkBlobRegistry.h:
  • WebProcess/FileAPI/BlobRegistryProxy.cpp:

(WebKit::BlobRegistryProxy::writeBlobsToTemporaryFiles):

  • WebProcess/FileAPI/BlobRegistryProxy.h:
  • WebProcess/Network/NetworkProcessConnection.cpp:

(WebKit::NetworkProcessConnection::didClose):
(WebKit::NetworkProcessConnection::writeBlobsToTemporaryFiles):

  • WebProcess/Network/NetworkProcessConnection.h:
11:09 AM Changeset in webkit [201716] by commit-queue@webkit.org
  • 3 edits in trunk/Source/JavaScriptCore

[jsc][mips] Implement absDouble()
https://bugs.webkit.org/show_bug.cgi?id=158206

Patch by Guillaume Emont <guijemont@igalia.com> on 2016-06-06
Reviewed by Mark Lam.

Implement absDouble() for MIPS. This is needed because Math.pow() uses
it since r200208.

  • assembler/MIPSAssembler.h:

(JSC::MIPSAssembler::absd):

  • assembler/MacroAssemblerMIPS.h:

(JSC::MacroAssemblerMIPS::absDouble):

10:56 AM Changeset in webkit [201715] by Ryan Haddad
  • 28 edits
    9 deletes in trunk

Unreviewed, rolling out r201706.
https://bugs.webkit.org/show_bug.cgi?id=158427

This change broke the Yosemite build and its LayoutTest is
failing on Mac and iOS testers (Requested by ryanhaddad on
#webkit).

Reverted changeset:

"Add experimental support for spring based CSS animations"
https://bugs.webkit.org/show_bug.cgi?id=158403
http://trac.webkit.org/changeset/201706

Patch by Commit Queue <commit-queue@webkit.org> on 2016-06-06

10:31 AM Changeset in webkit [201714] by oliver@apple.com
  • 5 edits in trunk

RegExp unicode parsing reads an extra character before failing
https://bugs.webkit.org/show_bug.cgi?id=158376

Reviewed by Saam Barati.

Source/JavaScriptCore:

This was a probably harmless bug, but keeps triggering assertions
for me locally. Essentially we'd see a parse error, set the error
type, but then carry on parsing. In debug builds this asserts, in
release builds you are pretty safe unless you're exceptionally
unlucky with where the error occurs.

  • yarr/YarrParser.h:

(JSC::Yarr::Parser::parseEscape):

LayoutTests:

Add a couple of tests.

  • js/script-tests/regexp-unicode.js:
10:22 AM Changeset in webkit [201713] by commit-queue@webkit.org
  • 2 edits in trunk/Source/JavaScriptCore

[jsc][mips] fix JIT::emit_op_log_shadow_chicken_prologue/_tail
https://bugs.webkit.org/show_bug.cgi?id=158209

Patch by Guillaume Emont <guijemont@igalia.com> on 2016-06-06
Reviewed by Mark Lam.

On MIPS, changes GPRInfo::nonArgGPR0 to be regT4 instead of regT0,
since the code of JIT::emit_op_log_shadow_chicken_prologue/_tail()
expects nonArgGPR0 to be a different register from regT0 and regT2.

  • jit/GPRInfo.h:
9:40 AM Changeset in webkit [201712] by Chris Dumez
  • 3 edits
    2 adds in trunk

Crash under JSObject::getOwnPropertyDescriptor()
https://bugs.webkit.org/show_bug.cgi?id=158382
<rdar://problem/26605004>

Reviewed by Mark Lam.

Source/JavaScriptCore:

  • runtime/JSObject.h:

(JSC::JSObject::putDirectInternal):
We were crashing under getOwnPropertyDescriptor() because the
CustomAccessor was not properly reset on window.statusbar when
setting it to false (which is allowed because the property is
marked as [Replaceable] in the IDL). We now property reset the
CustomAccessor flag in putDirectInternal() when needed. This
fixes the crash.

LayoutTests:

Add layout test to cover the crash in JSObject::getOwnPropertyDescriptor().

  • js/dom/getOwnPropertyDescriptor-crash-expected.txt: Added.
  • js/dom/getOwnPropertyDescriptor-crash.html: Added.
7:31 AM Changeset in webkit [201711] by Gyuyoung Kim
  • 2 edits in trunk/Source/JavaScriptCore

[EFL] Move efl include paths to JavaScriptCore_SYSTEM_INCLUDE_DIRECTORIES
https://bugs.webkit.org/show_bug.cgi?id=158418

Reviewed by Csaba Osztrogonác.

In Source/JavaScriptCore/PlatformEfl.cmake, we don't use JavaScriptCore_SYSTEM_INCLUDE_DIRECTORIES
for efl include paths.

  • PlatformEfl.cmake:
6:00 AM Changeset in webkit [201710] by Gyuyoung Kim
  • 2 edits in trunk

[EFL] Update ewebkit minor version
https://bugs.webkit.org/show_bug.cgi?id=158409

Reviewed by Csaba Osztrogonác.

EWebKit has used efl 1.17 version though, it still is stopped at version 1.14.

  • Source/cmake/OptionsEfl.cmake: Bump minor version to 1.17.
5:11 AM Changeset in webkit [201709] by jfernandez@igalia.com
  • 3 edits
    2 adds in trunk

[css-grid] Horizontal scroll must account for grid container's height
https://bugs.webkit.org/show_bug.cgi?id=157971

Reviewed by Darin Adler.

Source/WebCore:

We don't consider the scrollbar when computing the grid container's
logical height at the beginning of the 'layoutBlock' logic. We must
do it because otherwise, contentLogicalHeight may return a negative
value.

Test: fast/css-grid-layout/grid-container-scroll-accounts-for-sizing.html

  • rendering/RenderGrid.cpp:

(WebCore::RenderGrid::layoutBlock):

LayoutTests:

Test to verify we account horizontal scrollbar's size for grid container's
height computation.

  • fast/css-grid-layout/grid-container-scroll-accounts-for-sizing-expected.html: Added.
  • fast/css-grid-layout/grid-container-scroll-accounts-for-sizing.html: Added.
1:25 AM Changeset in webkit [201708] by commit-queue@webkit.org
  • 35 edits in trunk/Source

Reduce ResourceRequest copying in loading code
https://bugs.webkit.org/show_bug.cgi?id=158251

Patch by Alex Christensen <achristensen@webkit.org> on 2016-06-06
Reviewed by Darin Adler.

Source/WebCore:

No new tests. There should be no change in behavior except fewer unnecessary copies.
Before, we would pass a const ResourceRequest& around, and if we needed to modify it
we would copy the whole thing, modify the copy, and pass the copy along. This can be
accomplished with move semantics without the now-unnecessary copy.

The biggest conceptual change is that the synchronous ResourceHandleClient::willSendRequest
used to take a non-const ResourceRequest& and modify it, but now it returns a modified
ResourceRequest instead.

  • loader/ResourceLoader.cpp:

(WebCore::ResourceLoader::cannotShowURLError):
(WebCore::ResourceLoader::willSendRequest):
(WebCore::ResourceLoader::didSendData):

  • loader/ResourceLoader.h:
  • platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:

(ResourceHandleStreamingClient::getOrCreateReadBuffer):
(ResourceHandleStreamingClient::willSendRequest):
(ResourceHandleStreamingClient::didReceiveResponse):

  • platform/network/ResourceHandle.h:
  • platform/network/ResourceHandleClient.cpp:

(WebCore::ResourceHandleClient::~ResourceHandleClient):
(WebCore::ResourceHandleClient::willSendRequest):
(WebCore::ResourceHandleClient::willSendRequestAsync):
(WebCore::ResourceHandleClient::didReceiveResponseAsync):

  • platform/network/ResourceHandleClient.h:

(WebCore::ResourceHandleClient::didSendData):
(WebCore::ResourceHandleClient::didReceiveResponse):
(WebCore::ResourceHandleClient::loadingSynchronousXHR):
(WebCore::ResourceHandleClient::willSendRequest): Deleted.

  • platform/network/SynchronousLoaderClient.cpp:

(WebCore::SynchronousLoaderClient::~SynchronousLoaderClient):
(WebCore::SynchronousLoaderClient::willSendRequest):
(WebCore::SynchronousLoaderClient::shouldUseCredentialStorage):

  • platform/network/SynchronousLoaderClient.h:
  • platform/network/cf/ResourceHandleCFNet.cpp:

(WebCore::ResourceHandle::cancel):
(WebCore::ResourceHandle::willSendRequest):

  • platform/network/cf/ResourceHandleCFURLConnectionDelegateWithOperationQueue.cpp:

(WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::willSendRequest):

  • platform/network/cf/SynchronousResourceHandleCFURLConnectionDelegate.cpp:

(WebCore::SynchronousResourceHandleCFURLConnectionDelegate::willSendRequest):

  • platform/network/mac/ResourceHandleMac.mm:

(WebCore::ResourceHandle::platformLoadResourceSynchronously):
(WebCore::ResourceHandle::willSendRequest):
(WebCore::ResourceHandle::continueWillSendRequest):

  • platform/network/mac/WebCoreResourceHandleAsDelegate.mm:

(-[WebCoreResourceHandleAsDelegate connection:willSendRequest:redirectResponse:]):
(-[WebCoreResourceHandleAsDelegate connectionShouldUseCredentialStorage:]):

  • platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:

(-[WebCoreResourceHandleAsOperationQueueDelegate connection:willSendRequest:redirectResponse:]):

  • platform/network/soup/ResourceHandleSoup.cpp:

(WebCore::shouldRedirectAsGET):
(WebCore::continueAfterWillSendRequest):
(WebCore::readCallback):
(WebCore::ResourceHandle::continueWillSendRequest):
(WebCore::ResourceHandle::continueDidReceiveResponse):

Source/WebKit2:

  • NetworkProcess/Downloads/DownloadManager.cpp:

(WebKit::DownloadManager::continueCanAuthenticateAgainstProtectionSpace):
(WebKit::DownloadManager::continueWillSendRequest):
(WebKit::DownloadManager::willDecidePendingDownloadDestination):

  • NetworkProcess/Downloads/DownloadManager.h:
  • NetworkProcess/Downloads/PendingDownload.cpp:

(WebKit::PendingDownload::PendingDownload):
(WebKit::PendingDownload::willSendRedirectedRequest):
(WebKit::PendingDownload::continueWillSendRequest):
(WebKit::PendingDownload::canAuthenticateAgainstProtectionSpaceAsync):

  • NetworkProcess/Downloads/PendingDownload.h:
  • NetworkProcess/NetworkDataTask.h:

(WebKit::NetworkDataTask::firstRequest):

  • NetworkProcess/NetworkLoad.cpp:

(WebKit::NetworkLoad::cancel):
(WebKit::NetworkLoad::continueWillSendRequest):
(WebKit::NetworkLoad::sharedDidReceiveResponse):
(WebKit::NetworkLoad::sharedWillSendRedirectedRequest):
(WebKit::NetworkLoad::setPendingDownload):
(WebKit::NetworkLoad::willPerformHTTPRedirection):
(WebKit::NetworkLoad::didReceiveChallenge):
(WebKit::NetworkLoad::didFail):
(WebKit::NetworkLoad::willSendRequestAsync):

  • NetworkProcess/NetworkLoad.h:

(WebKit::NetworkLoad::currentRequest):
(WebKit::NetworkLoad::clearCurrentRequest):
(WebKit::NetworkLoad::pendingDownloadID):

  • NetworkProcess/NetworkLoadClient.h:
  • NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::continueCanAuthenticateAgainstProtectionSpace):
(WebKit::NetworkProcess::continueWillSendRequest):
(WebKit::NetworkProcess::pendingDownloadCanceled):

  • NetworkProcess/NetworkProcess.h:
  • NetworkProcess/NetworkResourceLoader.cpp:

(WebKit::NetworkResourceLoader::didFailLoading):
(WebKit::NetworkResourceLoader::willSendRedirectedRequest):
(WebKit::NetworkResourceLoader::continueWillSendRequest):
(WebKit::NetworkResourceLoader::continueDidReceiveResponse):

  • NetworkProcess/NetworkResourceLoader.h:
  • NetworkProcess/PingLoad.h:

(WebKit::PingLoad::PingLoad):

  • NetworkProcess/cache/NetworkCacheSpeculativeLoad.cpp:

(WebKit::NetworkCache::SpeculativeLoad::~SpeculativeLoad):
(WebKit::NetworkCache::SpeculativeLoad::willSendRedirectedRequest):

  • NetworkProcess/cache/NetworkCacheSpeculativeLoad.h:
  • NetworkProcess/cocoa/NetworkDataTaskCocoa.mm:

(WebKit::NetworkDataTask::didBecomeDownload):
(WebKit::NetworkDataTask::willPerformHTTPRedirection):

  • WebProcess/Network/WebResourceLoader.cpp:

(WebKit::WebResourceLoader::detachFromCoreLoader):
(WebKit::WebResourceLoader::willSendRequest):

  • WebProcess/Network/WebResourceLoader.h:

Jun 5, 2016:

10:09 PM Changeset in webkit [201707] by Gyuyoung Kim
  • 2 edits in trunk

[EFL] Sync EFL features with featureList.pm
https://bugs.webkit.org/show_bug.cgi?id=158410

Reviewed by Antonio Gomes.

In OptionsEfl, some features on/off status are different with
featureList.pm definitions. Sync with it.

  • Source/cmake/OptionsEfl.cmake:
9:56 PM Changeset in webkit [201706] by commit-queue@webkit.org
  • 28 edits
    9 adds in trunk

Add experimental support for spring based CSS animations
https://bugs.webkit.org/show_bug.cgi?id=158403

Patch by Sam Weinig <sam@webkit.org> on 2016-06-05
Reviewed by Dean Jackson.

Source/WebCore:

Adds experimental support for a new CSS animation timing function that uses
spring to model the time function. To use it you replace your normal timing
function, be it cubic-bezier or steps, with a new function called spring().
For instance, for a transition you would write:

transition-timing-function: spring(1 100 10 0);

The parameters are, in order:

  • Mass
  • Stiffness
  • Damping
  • Initial Velocity

Tests: animations/spring-computed-style.html

animations/spring-function.html
animations/spring-parsing.html

  • WebCore.xcodeproj/project.pbxproj:

Add new file.

  • css/CSSComputedStyleDeclaration.cpp:

(WebCore::createTimingFunctionValue):
Modernize and add support for the spring function.

  • css/CSSParser.cpp:

(WebCore::CSSParserContext::CSSParserContext):
(WebCore::operator==):
(WebCore::CSSParser::CSSParser):
(WebCore::CSSParser::parseTransformOriginShorthand):
(WebCore::CSSParser::isSpringTimingFunctionEnabled):
(WebCore::CSSParser::parseCubicBezierTimingFunctionValue):
(WebCore::CSSParser::parseSpringTimingFunctionValue):
(WebCore::CSSParser::parseAnimationTimingFunction):

  • css/CSSParser.h:
  • css/CSSParserMode.h:

Add parsing support for the spring() function.

  • css/CSSTimingFunctionValue.cpp:

(WebCore::CSSCubicBezierTimingFunctionValue::customCSSText):
(WebCore::CSSCubicBezierTimingFunctionValue::equals):
(WebCore::CSSStepsTimingFunctionValue::customCSSText):
(WebCore::CSSStepsTimingFunctionValue::equals):
(WebCore::CSSSpringTimingFunctionValue::customCSSText):
(WebCore::CSSSpringTimingFunctionValue::equals):

  • css/CSSTimingFunctionValue.h:

(WebCore::CSSSpringTimingFunctionValue::create):
(WebCore::CSSSpringTimingFunctionValue::mass):
(WebCore::CSSSpringTimingFunctionValue::stiffness):
(WebCore::CSSSpringTimingFunctionValue::damping):
(WebCore::CSSSpringTimingFunctionValue::initialVelocity):
(WebCore::CSSSpringTimingFunctionValue::CSSSpringTimingFunctionValue):
Modernize and add support for the spring function.

  • css/CSSToStyleMap.cpp:

(WebCore::CSSToStyleMap::mapAnimationTimingFunction):
Pipe the spring function into the animation.

  • css/CSSValue.cpp:

(WebCore::CSSValue::equals):
(WebCore::CSSValue::cssText):
(WebCore::CSSValue::destroy):

  • css/CSSValue.h:

(WebCore::CSSValue::isSpringTimingFunctionValue):
Add support for the spring function.

  • page/Settings.in:

Add a setting to control if the spring function is enabled.

  • page/animation/AnimationBase.cpp:

(WebCore::solveSpringFunction):
(WebCore::AnimationBase::progress):
Add support for solving the spring function. Since the spring requires time to be absolute,
get the real time by multiplying the ratio t, to the total duration.

  • platform/animation/TimingFunction.cpp:

(WebCore::operator<<):

  • platform/animation/TimingFunction.h:

(WebCore::TimingFunction::~TimingFunction):
(WebCore::TimingFunction::isSpringTimingFunction):
Add support for the spring timing function.

  • platform/graphics/SpringSolver.h: Added.

(WebCore::SpringSolver::SpringSolver):
(WebCore::SpringSolver::solve):
Add a Spring solver that matches the one in CoreAnimation.

  • platform/graphics/ca/GraphicsLayerCA.cpp:

(WebCore::GraphicsLayerCA::createAnimationFromKeyframes):
(WebCore::GraphicsLayerCA::appendToUncommittedAnimations):
(WebCore::GraphicsLayerCA::createBasicAnimation):
(WebCore::GraphicsLayerCA::createSpringAnimation):
(WebCore::GraphicsLayerCA::setupAnimation):

  • platform/graphics/ca/GraphicsLayerCA.h:

Map animations with spring timing functions to CASpringAnimations.

  • platform/graphics/ca/PlatformCAAnimation.cpp:

(WebCore::operator<<):
(WebCore::PlatformCAAnimation::isBasicAnimation):

  • platform/graphics/ca/PlatformCAAnimation.h:

(WebCore::PlatformCAAnimation::setActualStartTimeIfNeeded):
(WebCore::PlatformCAAnimation::PlatformCAAnimation):

  • platform/graphics/ca/cocoa/PlatformCAAnimationCocoa.mm:

(WebCore::toCAMediaTimingFunction):
(PlatformCAAnimationCocoa::PlatformCAAnimationCocoa):
(PlatformCAAnimationCocoa::setTimingFunction):
(PlatformCAAnimationCocoa::copyTimingFunctionFrom):
(PlatformCAAnimationCocoa::setFromValue):
(PlatformCAAnimationCocoa::copyFromValueFrom):
(PlatformCAAnimationCocoa::setToValue):
(PlatformCAAnimationCocoa::copyToValueFrom):
Add a new type of PlatformCAAnimation, Spring, which is a sub-type of Basic.

Source/WebKit2:

  • Shared/WebCoreArgumentCoders.cpp:

(IPC::ArgumentCoder<StepsTimingFunction>::decode):
(IPC::ArgumentCoder<SpringTimingFunction>::encode):
(IPC::ArgumentCoder<SpringTimingFunction>::decode):
(IPC::ArgumentCoder<FloatPoint>::encode):

  • Shared/WebCoreArgumentCoders.h:
  • Shared/WebPreferencesDefinitions.h:
  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::updatePreferences):

  • WebProcess/WebPage/mac/PlatformCAAnimationRemote.mm:

(WebKit::PlatformCAAnimationRemote::Properties::encode):
(WebKit::PlatformCAAnimationRemote::Properties::decode):
(WebKit::addAnimationToLayer):
Pipe through support for the Spring animation.

LayoutTests:

  • animations/script-tests/spring-computed-style.js: Added.
  • animations/script-tests/spring-parsing.js: Added.
  • animations/spring-computed-style-expected.txt: Added.
  • animations/spring-computed-style.html: Added.
  • animations/spring-function-expected.txt: Added.
  • animations/spring-function.html: Added.
  • animations/spring-parsing-expected.txt: Added.
  • animations/spring-parsing.html: Added.

Add tests for the spring timing function.

8:59 PM Changeset in webkit [201705] by Gyuyoung Kim
  • 2 edits in trunk/LayoutTests

Unreviewed EFL gardening on June 6. Unskip passing tests and mark failing tests.
New bug is filed for new failing tests.

  • platform/efl/TestExpectations:
8:19 PM Changeset in webkit [201704] by zalan@apple.com
  • 7 edits in trunk/Source/WebCore

Addressing post-review comments on r201635.

Reviewed by Chris Dumez.

  • rendering/RenderInline.h:

(WebCore::RenderInline::computeRectForRepaint):

  • rendering/RenderObject.h:

(WebCore::RenderObject::RepaintContext::RepaintContext):
(WebCore::RenderObject::computeRectForRepaint):

  • rendering/RenderTableCell.h:
  • rendering/RenderView.h:
  • rendering/svg/RenderSVGForeignObject.h:
  • rendering/svg/RenderSVGText.h:
6:56 PM Changeset in webkit [201703] by Yusuke Suzuki
  • 66 edits
    6 adds in trunk/Source

Change ProxyObject.Get? not to use custom accessor
https://bugs.webkit.org/show_bug.cgi?id=157080

Reviewed by Darin Adler.

Source/JavaScriptCore:

This patch focuses on introducing the second part of the followings.
But to do so, first and third parts are necessary.

  1. Insert missing exception checks for getPropertySlot.

While getPropertySlot can perform user-observable behavior if the slot is not VMInquiry,
several places miss exeption checks. For example, ProxyObject's hasProperty already can
throw any errors. Looking through the code, we found several missing error checks after
hasProperty, but this will be fixed in the separated patch[1].

  1. Do not use custom accessor to implement ProxyObject's Get?.

The caller already allows getOwnPropertySlot to throw an exception if the type
is not VMInquiry. So instead of using custom accessor, we simply implement it
directly in the ProxyObject's method.

  1. Strip slotBase from custom accessor.

The custom accessor should not be bound to the specific slot base[2], since it
is just an accessor. There is an alternative design: makeing this custom accessor
to custom value accessor and accept both the slot base and the receiver instead
of allowing throwing an error from getOwnPropertySlot. But we take the first design
that allows getPropertySlot to throw an error, since hasProperty (that does not call
getValue of the custom getters) can already throw any errors.

To query the property with the non-user-observable way, we already provided the way for that:
use VMInquiry and isTaintedByProxy() instead.

Tests just ensure that the current semantics works correctly after this patch.
And this patch is performance neutral.

Later, we will attempt to rename "thisValue" to "receiver"[3].

[1]: https://bugs.webkit.org/show_bug.cgi?id=158398
[2]: https://bugs.webkit.org/show_bug.cgi?id=157978
[3]: https://bugs.webkit.org/show_bug.cgi?id=158397

  • API/JSCallbackObject.h:
  • API/JSCallbackObjectFunctions.h:

(JSC::JSCallbackObject<Parent>::staticFunctionGetter):
(JSC::JSCallbackObject<Parent>::callbackGetter):

  • bytecode/PolymorphicAccess.cpp:

(JSC::AccessCase::generateImpl):

  • dfg/DFGOperations.cpp:
  • interpreter/Interpreter.cpp:

(JSC::Interpreter::execute):

  • jit/JITOperations.cpp:
  • jsc.cpp:

(WTF::ImpureGetter::getOwnPropertySlot):
(WTF::CustomGetter::customGetter):
(WTF::RuntimeArray::lengthGetter):
(GlobalObject::finishCreation):
(GlobalObject::moduleLoaderFetch):
(functionGetGetterSetter):
(functionRun):
(functionLoad):
(functionLoadString):
(functionReadFile):
(functionCheckSyntax):
(functionLoadWebAssembly):
(functionLoadModule):
(functionCreateBuiltin):
(functionCheckModuleSyntax):
(dumpException):
(runWithScripts):
(runInteractive):

  • llint/LLIntSlowPaths.cpp:

(JSC::LLInt::LLINT_SLOW_PATH_DECL):

  • runtime/CommonSlowPaths.cpp:

(JSC::SLOW_PATH_DECL):

  • runtime/JSBoundSlotBaseFunction.cpp:

(JSC::boundSlotBaseFunctionCall):

  • runtime/JSCJSValue.h:
  • runtime/JSCJSValueInlines.h:

(JSC::JSValue::getPropertySlot):

  • runtime/JSCellInlines.h:

(JSC::ExecState::vm):
This change is super important for performance. We add several exec->hadException() calls into the super hot path, like JSC::operationGetByIdOptimize.
Without this change, we call ExecState::vm() and it is not inlined. This causes 1 - 2% performance regression in Octane PDFJS.

  • runtime/JSFunction.cpp:

(JSC::JSFunction::argumentsGetter):
(JSC::JSFunction::callerGetter):

  • runtime/JSFunction.h:
  • runtime/JSGenericTypedArrayViewConstructorInlines.h:

(JSC::constructGenericTypedArrayViewWithArguments):

  • runtime/JSModuleNamespaceObject.cpp:

(JSC::callbackGetter):

  • runtime/JSONObject.cpp:

(JSC::Stringifier::Holder::appendNextProperty):
Here's UNLIKELY is important for Kraken's json-stringify-tinderbox. Without it, we can observe 0.5% regression.

(JSC::Walker::walk):

  • runtime/JSObject.h:

(JSC::JSObject::getPropertySlot):

  • runtime/ObjectPrototype.cpp:

(JSC::objectProtoFuncToString):

  • runtime/PropertySlot.cpp:

(JSC::PropertySlot::customGetter):

  • runtime/PropertySlot.h:

(JSC::PropertySlot::thisValue):

  • runtime/ProxyObject.cpp:

(JSC::performProxyGet):
(JSC::ProxyObject::performGet):
(JSC::ProxyObject::getOwnPropertySlotCommon):

  • runtime/ProxyObject.h:
  • runtime/RegExpConstructor.cpp:

(JSC::regExpConstructorDollar):
(JSC::regExpConstructorInput):
(JSC::regExpConstructorMultiline):
(JSC::regExpConstructorLastMatch):
(JSC::regExpConstructorLastParen):
(JSC::regExpConstructorLeftContext):
(JSC::regExpConstructorRightContext):

  • tests/stress/get-from-scope-dynamic-onto-proxy.js: Added.

(shouldBe):
(shouldThrow.handler.has):
(handler.has):
(try.handler.has):

  • tests/stress/operation-in-throw-error.js: Added.

(testCase.handler.has):
(testCase):

  • tests/stress/proxy-and-json-stringify.js: Added.

(shouldThrow):

  • tests/stress/proxy-and-typed-array.js: Added.
  • tests/stress/proxy-json-path.js: Added.
  • tests/stress/proxy-with-statement.js: Added.

Source/WebCore:

  • bindings/js/JSCryptoAlgorithmDictionary.cpp:

(WebCore::getProperty):

  • bindings/js/JSDOMBinding.h:

(WebCore::nonCachingStaticFunctionGetter):

  • bindings/js/JSDOMWindowCustom.cpp:

(WebCore::jsDOMWindowWebKit):

  • bindings/js/JSDictionary.cpp:

(WebCore::JSDictionary::tryGetProperty):

  • bindings/js/JSPluginElementFunctions.cpp:

(WebCore::pluginElementPropertyGetter):

  • bindings/js/JSPluginElementFunctions.h:
  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateHeader):
(GenerateImplementation):

  • bindings/scripts/test/JS/JSInterfaceName.cpp:

(WebCore::jsInterfaceNameConstructor):

  • bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:

(WebCore::jsTestActiveDOMObjectExcitingAttr):
(WebCore::jsTestActiveDOMObjectConstructor):

  • bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:

(WebCore::jsTestClassWithJSBuiltinConstructorConstructor):

  • bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:

(WebCore::jsTestCustomConstructorWithNoInterfaceObjectConstructor):

  • bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:

(WebCore::jsTestCustomNamedGetterConstructor):

  • bindings/scripts/test/JS/JSTestEventConstructor.cpp:

(WebCore::jsTestEventConstructorAttr1):
(WebCore::jsTestEventConstructorAttr2):
(WebCore::jsTestEventConstructorAttr3):
(WebCore::jsTestEventConstructorConstructor):

  • bindings/scripts/test/JS/JSTestEventTarget.cpp:

(WebCore::jsTestEventTargetConstructor):

  • bindings/scripts/test/JS/JSTestException.cpp:

(WebCore::jsTestExceptionName):
(WebCore::jsTestExceptionConstructor):

  • bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:

(WebCore::jsTestGenerateIsReachableConstructor):

  • bindings/scripts/test/JS/JSTestGlobalObject.cpp:

(WebCore::jsTestGlobalObjectRegularAttribute):
(WebCore::jsTestGlobalObjectEnabledAtRuntimeAttribute):
(WebCore::jsTestGlobalObjectConstructor):

  • bindings/scripts/test/JS/JSTestInterface.cpp:

(WebCore::jsTestInterfaceConstructorImplementsStaticReadOnlyAttr):
(WebCore::jsTestInterfaceConstructorImplementsStaticAttr):
(WebCore::jsTestInterfaceImplementsStr1):
(WebCore::jsTestInterfaceImplementsStr2):
(WebCore::jsTestInterfaceImplementsStr3):
(WebCore::jsTestInterfaceImplementsNode):
(WebCore::jsTestInterfaceConstructorSupplementalStaticReadOnlyAttr):
(WebCore::jsTestInterfaceConstructorSupplementalStaticAttr):
(WebCore::jsTestInterfaceSupplementalStr1):
(WebCore::jsTestInterfaceSupplementalStr2):
(WebCore::jsTestInterfaceSupplementalStr3):
(WebCore::jsTestInterfaceSupplementalNode):
(WebCore::jsTestInterfaceConstructor):

  • bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:

(WebCore::jsTestJSBuiltinConstructorTestAttributeCustom):
(WebCore::jsTestJSBuiltinConstructorTestAttributeRWCustom):
(WebCore::jsTestJSBuiltinConstructorConstructor):

  • bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:

(WebCore::jsTestMediaQueryListListenerConstructor):

  • bindings/scripts/test/JS/JSTestNamedConstructor.cpp:

(WebCore::jsTestNamedConstructorConstructor):

  • bindings/scripts/test/JS/JSTestNode.cpp:

(WebCore::jsTestNodeName):
(WebCore::jsTestNodeConstructor):

  • bindings/scripts/test/JS/JSTestNondeterministic.cpp:

(WebCore::jsTestNondeterministicNondeterministicReadonlyAttr):
(WebCore::jsTestNondeterministicNondeterministicWriteableAttr):
(WebCore::jsTestNondeterministicNondeterministicExceptionAttr):
(WebCore::jsTestNondeterministicNondeterministicGetterExceptionAttr):
(WebCore::jsTestNondeterministicNondeterministicSetterExceptionAttr):
(WebCore::jsTestNondeterministicConstructor):

  • bindings/scripts/test/JS/JSTestObj.cpp:

(WebCore::jsTestObjReadOnlyLongAttr):
(WebCore::jsTestObjReadOnlyStringAttr):
(WebCore::jsTestObjReadOnlyTestObjAttr):
(WebCore::jsTestObjConstructorStaticReadOnlyLongAttr):
(WebCore::jsTestObjConstructorStaticStringAttr):
(WebCore::jsTestObjConstructorTestSubObj):
(WebCore::jsTestObjTestSubObjEnabledBySettingConstructor):
(WebCore::jsTestObjEnumAttr):
(WebCore::jsTestObjByteAttr):
(WebCore::jsTestObjOctetAttr):
(WebCore::jsTestObjShortAttr):
(WebCore::jsTestObjClampedShortAttr):
(WebCore::jsTestObjEnforceRangeShortAttr):
(WebCore::jsTestObjUnsignedShortAttr):
(WebCore::jsTestObjLongAttr):
(WebCore::jsTestObjLongLongAttr):
(WebCore::jsTestObjUnsignedLongLongAttr):
(WebCore::jsTestObjStringAttr):
(WebCore::jsTestObjTestObjAttr):
(WebCore::jsTestObjTestNullableObjAttr):
(WebCore::jsTestObjLenientTestObjAttr):
(WebCore::jsTestObjUnforgeableAttr):
(WebCore::jsTestObjStringAttrTreatingNullAsEmptyString):
(WebCore::jsTestObjXMLObjAttr):
(WebCore::jsTestObjCreate):
(WebCore::jsTestObjReflectedStringAttr):
(WebCore::jsTestObjReflectedIntegralAttr):
(WebCore::jsTestObjReflectedUnsignedIntegralAttr):
(WebCore::jsTestObjReflectedBooleanAttr):
(WebCore::jsTestObjReflectedURLAttr):
(WebCore::jsTestObjReflectedCustomIntegralAttr):
(WebCore::jsTestObjReflectedCustomBooleanAttr):
(WebCore::jsTestObjReflectedCustomURLAttr):
(WebCore::jsTestObjEnabledAtRuntimeAttribute):
(WebCore::jsTestObjTypedArrayAttr):
(WebCore::jsTestObjAttrWithGetterException):
(WebCore::jsTestObjAttrWithGetterExceptionWithMessage):
(WebCore::jsTestObjAttrWithSetterException):
(WebCore::jsTestObjAttrWithSetterExceptionWithMessage):
(WebCore::jsTestObjStringAttrWithGetterException):
(WebCore::jsTestObjStringAttrWithSetterException):
(WebCore::jsTestObjStrictTypeCheckingAttribute):
(WebCore::jsTestObjCustomAttr):
(WebCore::jsTestObjOnfoo):
(WebCore::jsTestObjOnwebkitfoo):
(WebCore::jsTestObjWithScriptStateAttribute):
(WebCore::jsTestObjWithCallWithAndSetterCallWithAttribute):
(WebCore::jsTestObjWithScriptExecutionContextAttribute):
(WebCore::jsTestObjWithScriptStateAttributeRaises):
(WebCore::jsTestObjWithScriptExecutionContextAttributeRaises):
(WebCore::jsTestObjWithScriptExecutionContextAndScriptStateAttribute):
(WebCore::jsTestObjWithScriptExecutionContextAndScriptStateAttributeRaises):
(WebCore::jsTestObjWithScriptExecutionContextAndScriptStateWithSpacesAttribute):
(WebCore::jsTestObjWithScriptArgumentsAndCallStackAttribute):
(WebCore::jsTestObjConditionalAttr1):
(WebCore::jsTestObjConditionalAttr2):
(WebCore::jsTestObjConditionalAttr3):
(WebCore::jsTestObjConditionalAttr4Constructor):
(WebCore::jsTestObjConditionalAttr5Constructor):
(WebCore::jsTestObjConditionalAttr6Constructor):
(WebCore::jsTestObjCachedAttribute1):
(WebCore::jsTestObjCachedAttribute2):
(WebCore::jsTestObjAnyAttribute):
(WebCore::jsTestObjContentDocument):
(WebCore::jsTestObjMutablePoint):
(WebCore::jsTestObjImmutablePoint):
(WebCore::jsTestObjStrawberry):
(WebCore::jsTestObjStrictFloat):
(WebCore::jsTestObjDescription):
(WebCore::jsTestObjId):
(WebCore::jsTestObjHash):
(WebCore::jsTestObjReplaceableAttribute):
(WebCore::jsTestObjNullableDoubleAttribute):
(WebCore::jsTestObjNullableLongAttribute):
(WebCore::jsTestObjNullableBooleanAttribute):
(WebCore::jsTestObjNullableStringAttribute):
(WebCore::jsTestObjNullableLongSettableAttribute):
(WebCore::jsTestObjNullableStringSettableAttribute):
(WebCore::jsTestObjNullableStringValue):
(WebCore::jsTestObjAttribute):
(WebCore::jsTestObjAttributeWithReservedEnumType):
(WebCore::jsTestObjPutForwardsAttribute):
(WebCore::jsTestObjPutForwardsNullableAttribute):
(WebCore::jsTestObjConstructor):

  • bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:

(WebCore::jsTestOverloadedConstructorsConstructor):

  • bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:

(WebCore::jsTestOverrideBuiltinsConstructor):

  • bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:

(WebCore::jsTestSerializedScriptValueInterfaceValue):
(WebCore::jsTestSerializedScriptValueInterfaceReadonlyValue):
(WebCore::jsTestSerializedScriptValueInterfaceCachedValue):
(WebCore::jsTestSerializedScriptValueInterfacePorts):
(WebCore::jsTestSerializedScriptValueInterfaceCachedReadonlyValue):
(WebCore::jsTestSerializedScriptValueInterfaceConstructor):

  • bindings/scripts/test/JS/JSTestTypedefs.cpp:

(WebCore::jsTestTypedefsUnsignedLongLongAttr):
(WebCore::jsTestTypedefsImmutableSerializedScriptValue):
(WebCore::jsTestTypedefsConstructorTestSubObj):
(WebCore::jsTestTypedefsAttrWithGetterException):
(WebCore::jsTestTypedefsAttrWithSetterException):
(WebCore::jsTestTypedefsStringAttrWithGetterException):
(WebCore::jsTestTypedefsStringAttrWithSetterException):
(WebCore::jsTestTypedefsConstructor):

  • bindings/scripts/test/JS/JSattribute.cpp:

(WebCore::jsattributeReadonly):
(WebCore::jsattributeConstructor):

  • bindings/scripts/test/JS/JSreadonly.cpp:

(WebCore::jsreadonlyConstructor):

  • bridge/runtime_array.cpp:

(JSC::RuntimeArray::lengthGetter):

  • bridge/runtime_array.h:
  • bridge/runtime_method.cpp:

(JSC::RuntimeMethod::lengthGetter):

  • bridge/runtime_method.h:
  • bridge/runtime_object.cpp:

(JSC::Bindings::RuntimeObject::fallbackObjectGetter):
(JSC::Bindings::RuntimeObject::fieldGetter):
(JSC::Bindings::RuntimeObject::methodGetter):

  • bridge/runtime_object.h:

Source/WebKit2:

  • WebProcess/Plugins/Netscape/JSNPObject.cpp:

(WebKit::JSNPObject::propertyGetter):
(WebKit::JSNPObject::methodGetter):

  • WebProcess/Plugins/Netscape/JSNPObject.h:
5:59 PM Changeset in webkit [201702] by barraclough@apple.com
  • 13 edits in trunk

Deprecate remaining uses of Lookup getStatic*, use HasStaticPropertyTable instead.
https://bugs.webkit.org/show_bug.cgi?id=158178

Reviewed by Darin Adler.

As of bug #158059 most JSC static table property access no longer requires getOwnPropertySlot to be
overridden. Port remaining calls to the getStatic* functions in Lookup.h over to the new mechanism.

Source/JavaScriptCore:

Part 1: Switch JSGlobalObject & JSDOMWindow to use HasStaticPropertyTable.

  • runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::getOwnPropertySlot):

  • Override is still required for symbol table, but regular property access is now via Base::getOwnPropertySlot.
  • runtime/JSGlobalObject.h:
    • add HasStaticPropertyTable to structureFlags.

Source/WebCore:

Part 1: Switch JSGlobalObject & JSDOMWindow to use HasStaticPropertyTable.

  • bindings/js/JSDOMWindowCustom.cpp:

(WebCore::JSDOMWindow::getOwnPropertySlot):

  • getStaticPropertySlot -> Base::getOwnPropertySlot.
  • bindings/js/JSPluginElementFunctions.h:

(WebCore::pluginElementCustomGetOwnPropertySlot):

  • Switch call from getStaticValueSlot to Type::getOwnPropertySlot. For any element where Type::hasStaticPropertyTable is true the HasStaticPropertyTable structure flag will also be set, so Type::getOwnPropertySlot will do the same thing.
  • bindings/scripts/CodeGeneratorJS.pm:

(PrototypeHasStaticPropertyTable):

  • Was PrototypeOverridesGetOwnPropertySlot; prototypes now never need override getOwnPropertySlot so renaming accordingly.

(GenerateImplementation):

  • Removed generation of getOwnPropertySlot body for DOMGlobalObjects.

(GeneratePrototypeDeclaration):

  • For DOMGlobalObjects, set HasStaticPropertyTable instead of OverridesGetOwnPropertySlot & removed getOwnPropertySlot declaration.

(PrototypeOverridesGetOwnPropertySlot): Deleted.

Renamed to PrototypeHasStaticPropertyTable.

  • bindings/scripts/test/JS/JSTestGlobalObject.cpp:
  • bindings/scripts/test/JS/JSTestGlobalObject.h:
    • Updating bindings test results.

LayoutTests:

Switch JSGlobalObject & WebCore DOM instance bindings to use HasStaticPropertyTable.

  • fast/dom/unforgeable-attributes-expected.txt:
    • Progression, similar to the getOwnPropertyDescriptor test below. Previously we were reporting an error with a message appropriate to a disallowed value->value redefinition. This is actually a disallowed accessor->value reconfiguration, now reporting the correct error message for this.
  • http/tests/security/cross-origin-window-property-access-expected.txt:
    • Newly reporting previously missing CORS error.
  • js/dom/getOwnPropertyDescriptor-expected.txt:
  • js/resources/getOwnPropertyDescriptor.js:
    • This test was previously incorrect - was expecting window.window property to reflect as a value decriptor. This now reflect as an accesor descriptor. New behaviour is correct per spec & matches Firefox.
12:48 PM Changeset in webkit [201701] by antti@apple.com
  • 9 edits
    2 adds in trunk

Source/WebCore:
Find on page finds too many matches
https://bugs.webkit.org/show_bug.cgi?id=158395
rdar://problem/7440637

Reviewed by Dan Bernstein and Darin Adler.

There is a long standing bug where in some cases WebKit may find non-visible text matches when doing find on page.
For example searching patch review view in bugs.webkit.org returns twice as many matches as there actually are
on the page. This happens because the text content is replicated in an invisible subframe.

Fix by making TextIterator ignore content in non-visible subframes in findPlainText.

Test: editing/text-iterator/count-matches-in-frames.html

  • editing/TextIterator.cpp:

(WebCore::nextInPreOrderCrossingShadowBoundaries):

Remove support for an uninteresting assertion.

(WebCore::fullyClipsContents):

Elements without renderer clip their content (except for display:contents).
Test the content rect instead of the size rect for emptiness.

(WebCore::ignoresContainerClip):
(WebCore::pushFullyClippedState):
(WebCore::setUpFullyClippedStack):
(WebCore::isClippedByFrameAncestor):

Test if the frame owner element is clipped in any of the parent frames.

(WebCore::TextIterator::TextIterator):

If the frame is clipped by its ancestors the iterator is initialized to end state.
Clipped frame never renders anything so there is no need to maintain clip stack and traverse.

(WebCore::findPlainText):

Use TextIteratorClipsToFrameAncestors behavior. There might be other places where
this behavior should be used (or perhaps it should be used always?) but limit this to
text search for now.

(WebCore::depthCrossingShadowBoundaries): Deleted.

  • editing/TextIterator.h:
  • editing/TextIteratorBehavior.h:

Add TextIteratorClipsToFrameAncestors behavior.

  • testing/Internals.cpp:

(WebCore::Internals::countMatchesForText):
(WebCore::Internals::countFindMatches):
(WebCore::Internals::numberOfLiveNodes):

  • testing/Internals.h:
  • testing/Internals.idl:

Testing support

LayoutTests:
TextIterator should ignore non-visible frames in findPlainText
https://bugs.webkit.org/show_bug.cgi?id=158395

Reviewed by Dan Bernstein and Darin Adler.

  • editing/text-iterator/count-matches-in-frames-expected.txt: Added.
  • editing/text-iterator/count-matches-in-frames.html: Added.
  • imported/blink/fast/shapes/shape-outside-floats/shape-outside-negative-height-crash-width.html: Non-rendered whitespace change.
12:38 PM Changeset in webkit [201700] by Konstantin Tokarev
  • 2 edits in trunk/Source/WebCore

Do not construct temporary copy of String from AtomicString.
https://bugs.webkit.org/show_bug.cgi?id=158400

Reviewed by Darin Adler.

No new tests needed.

  • accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::ariaReadOnlyValue):

9:35 AM Changeset in webkit [201699] by andersca@apple.com
  • 3 edits in trunk/Source/WebKit/mac

Attempt to fix plug-in hangs by adding back empty slots for the removed messages.

  • Plugins/Hosted/WebKitPluginClient.defs:
  • Plugins/Hosted/WebKitPluginHost.defs:
8:23 AM Changeset in webkit [201698] by Matt Baker
  • 2 edits in trunk/Source/WebInspectorUI

REGRESSION (r201686): Web Inspector: Fix typo causing an internal error
https://bugs.webkit.org/show_bug.cgi?id=158392
<rdar://problem/26640467>

Reviewed by Joseph Pecoraro.

  • UserInterface/Views/HeapAllocationsTimelineOverviewGraph.js:

Fixed typo.

8:20 AM Changeset in webkit [201697] by akling@apple.com
  • 2 edits in trunk/Source/WebCore

Give RuleFeatures::classesMatchingAncestors some inline capacity.
<https://webkit.org/b/158356>

Reviewed by Darin Adler.

Avoid 362'000 heap allocations on PLUM (1.3% of all transient fastMallocs) by giving
RuleFeatures::classesMatchingAncestors some inline capacity (32).
This class is only ever allocated on the stack anyway.

  • css/RuleFeature.h:
7:54 AM Changeset in webkit [201696] by beidson@apple.com
  • 9 edits in trunk/Source/WebCore

Unreviewed, rolling out r201693.

Can't fix right now

Reverted changeset:

"Modern IDB: Crash seen in IDBConnectionProxy::putOrAdd on
GuardMalloc bot"
https://bugs.webkit.org/show_bug.cgi?id=158124
http://trac.webkit.org/changeset/201693

7:53 AM Changeset in webkit [201695] by beidson@apple.com
  • 7 edits in trunk/Source/WebKit2

Unreviewed, rolling out r201694.

201693

Reverted changeset:

"Fix the build after r201693."
https://bugs.webkit.org/show_bug.cgi?id=158394
http://trac.webkit.org/changeset/201694

7:45 AM Changeset in webkit [201694] by beidson@apple.com
  • 7 edits in trunk/Source/WebKit2

Fix the build after r201693.
https://bugs.webkit.org/show_bug.cgi?id=158394

Reviewed by NOBODY (Build fix).

r201693 landed without the Source/WebKit2 changes, and I didn't have EWS/CQ available to check myself. *sigh*

  • NetworkProcess/FileAPI/NetworkBlobRegistry.cpp:

(WebKit::NetworkBlobRegistry::writeBlobsToTemporaryFiles):

  • NetworkProcess/FileAPI/NetworkBlobRegistry.h:
  • WebProcess/FileAPI/BlobRegistryProxy.cpp:

(WebKit::BlobRegistryProxy::writeBlobsToTemporaryFiles):

  • WebProcess/FileAPI/BlobRegistryProxy.h:
  • WebProcess/Network/NetworkProcessConnection.cpp:

(WebKit::NetworkProcessConnection::didClose):
(WebKit::NetworkProcessConnection::writeBlobsToTemporaryFiles):

  • WebProcess/Network/NetworkProcessConnection.h:

Jun 4, 2016:

8:46 PM Changeset in webkit [201693] by beidson@apple.com
  • 9 edits in trunk/Source/WebCore

Modern IDB: Crash seen in IDBConnectionProxy::putOrAdd on GuardMalloc bot
https://bugs.webkit.org/show_bug.cgi?id=158124

Reviewed by Darin Adler.

No new tests (Covered by existing test configurations).

  • Modules/indexeddb/IDBTransaction.cpp:

(WebCore::IDBTransaction::putOrAddOnServer):

  • Modules/indexeddb/client/IDBConnectionProxy.cpp:

(WebCore::IDBClient::IDBConnectionProxy::putOrAdd):

  • Modules/indexeddb/client/IDBConnectionProxy.h:

(WebCore::IDBClient::IDBConnectionProxy::callConnectionOnMainThread):

  • bindings/js/SerializedScriptValue.cpp:

(WebCore::SerializedScriptValue::writeBlobsToDiskForIndexedDB):

  • bindings/js/SerializedScriptValue.h:
  • platform/network/BlobRegistry.h:
  • platform/network/BlobRegistryImpl.cpp:

(WebCore::BlobRegistryImpl::writeBlobsToTemporaryFiles):

  • platform/network/BlobRegistryImpl.h:
5:59 PM Changeset in webkit [201692] by Brian Burg
  • 3 edits in trunk/Source/WebInspectorUI

Web Inspector: add a keyboard shortcut to open the new tab tab
https://bugs.webkit.org/show_bug.cgi?id=158365
<rdar://problem/26631897>

Reviewed by Timothy Hatcher.

Make Cmd-t show the new tab tab if it's not already open and
there is at least one tab type that's not currently in the tab bar.

  • UserInterface/Base/Main.js:

(WebInspector.contentLoaded):
(WebInspector._updateNewTabButtonState):
(WebInspector.showNewTabTab):
(WebInspector.isNewTabWithTypeAllowed):
Clean up the code that decides whether we can show the new tab tab.
It is now a special case inside WebInspector.isNewTabWithTypeAllowed.

  • UserInterface/Views/NewTabContentView.js:

(WebInspector.NewTabContentView.prototype._updateShownTabs):
Use Array.from.

5:36 PM Changeset in webkit [201691] by adachan@apple.com
  • 2 edits in trunk/Source/WebCore

REGRESSION (r201474): Should set overflow: hidden on -webkit-media-controls when placeholder is showing
https://bugs.webkit.org/show_bug.cgi?id=158377

Reviewed by Darin Adler.

In r201474, we defer removing the hidden class from inlinePlaybackPlaceholder until
showInlinePlaybackPlaceholderWhenSafe(). We also need to move the code that adds the
placeholder-showing class to -webkit-media-controls to that method.

  • Modules/mediacontrols/mediaControlsApple.js:

(Controller.prototype.showInlinePlaybackPlaceholderWhenSafe):
Add the "placeholder-showing" class to -webkit-media-controls when we show the placeholder.
(Controller.prototype.handlePresentationModeChange):
Remove the "placeholder-showing" class from -webkit-media-controls when we hide the
placeholder. Remove the old code that adds and removes that class.

4:02 PM Changeset in webkit [201690] by darin@apple.com
  • 3 edits in trunk/Source/WebCore

leaks seen in fast/css/variables tests
https://bugs.webkit.org/show_bug.cgi?id=150728

Reviewed by Anders Carlsson.

Fixes leaks seen running fast/css/variables tests with leak checking turned on.

  • css/CSSPrimitiveValue.cpp:

(WebCore::isStringType): Added. For debugging purposes so we catch cases where we
are not treating strings consistently between construction and destruction.
(WebCore::CSSPrimitiveValue::CSSPrimitiveValue): Assert isStringType returns true.
(WebCore::CSSPrimitiveValue::cleanup): Added CSS_DIMENSION and CSS_PARSER_IDENTIFIER
to the list of types that have to decrement the reference count of the string we own.
Both types are passed to the string constructor above.

  • css/CSSValueList.cpp:

(WebCore::CSSValueList::buildParserValueListSubstitutingVariables): Restructured the
code so we destroy any CSSParserValue that we don't use. This is needed because of the
peculiar requirements of CSSParserValue: it has a be a struct without a destructor so
it can be used in the CSS grammar, so we have to destroy it explicitly. Ideally we would
minimize any use of it outside the CSSParser itself, but as long as we are using it, we
need to do this explicit destruction.

3:48 PM Changeset in webkit [201689] by andersca@apple.com
  • 15 edits
    4 deletes in trunk/Source/WebKit

Remove NPSPI that is no longer used
https://bugs.webkit.org/show_bug.cgi?id=158384

Reviewed by Sam Weinig.

Source/WebKit:

  • WebKit.xcodeproj/project.pbxproj:

Source/WebKit/mac:

  • Configurations/WebKitLegacy.xcconfig:
  • Plugins/Hosted/NetscapePluginHostProxy.mm:

(WKPCCheckIfAllowedToLoadURL): Deleted.
(WKPCCancelCheckIfAllowedToLoadURL): Deleted.
(WKPCResolveURL): Deleted.

  • Plugins/Hosted/NetscapePluginInstanceProxy.h:
  • Plugins/Hosted/NetscapePluginInstanceProxy.mm:

(WebKit::NetscapePluginInstanceProxy::NetscapePluginInstanceProxy): Deleted.
(WebKit::NetscapePluginInstanceProxy::checkIfAllowedToLoadURL): Deleted.
(WebKit::NetscapePluginInstanceProxy::cancelCheckIfAllowedToLoadURL): Deleted.
(WebKit::NetscapePluginInstanceProxy::checkIfAllowedToLoadURLResult): Deleted.
(WebKit::NetscapePluginInstanceProxy::resolveURL): Deleted.

  • Plugins/Hosted/WebHostedNetscapePluginView.h:
  • Plugins/Hosted/WebHostedNetscapePluginView.mm:

(-[WebHostedNetscapePluginView _webPluginContainerCancelCheckIfAllowedToLoadRequest:]): Deleted.
(-[WebHostedNetscapePluginView _containerCheckResult:contextInfo:]): Deleted.

  • Plugins/Hosted/WebKitPluginClient.defs:
  • Plugins/WebBaseNetscapePluginView.h:
  • Plugins/WebBaseNetscapePluginView.mm:

(-[WebBaseNetscapePluginView resolvedURLStringForURL:target:]): Deleted.

  • Plugins/WebNetscapeContainerCheckContextInfo.h: Removed.
  • Plugins/WebNetscapeContainerCheckContextInfo.mm: Removed.

(-[WebNetscapeContainerCheckContextInfo initWithCheckRequestID:callbackFunc:context:]): Deleted.
(-[WebNetscapeContainerCheckContextInfo checkRequestID]): Deleted.
(-[WebNetscapeContainerCheckContextInfo callback]): Deleted.
(-[WebNetscapeContainerCheckContextInfo context]): Deleted.

  • Plugins/WebNetscapeContainerCheckPrivate.h: Removed.
  • Plugins/WebNetscapeContainerCheckPrivate.mm: Removed.

(browserContainerCheckFuncs): Deleted.

  • Plugins/WebNetscapePluginView.h:
  • Plugins/WebNetscapePluginView.mm:

(-[WebNetscapePluginView checkIfAllowedToLoadURL:frame:callbackFunc:context:]): Deleted.
(-[WebNetscapePluginView _containerCheckResult:contextInfo:]): Deleted.
(-[WebNetscapePluginView cancelCheckIfAllowedToLoadURL:]): Deleted.
(-[WebNetscapePluginView _webPluginContainerCancelCheckIfAllowedToLoadRequest:]): Deleted.
(-[WebNetscapePluginView fini]): Deleted.
(-[WebNetscapePluginView getVariable:value:]): Deleted.
(-[WebNetscapePluginView resolveURL:forTarget:]): Deleted.

  • Plugins/npapi.mm:

(WKN_CheckIfAllowedToLoadURL): Deleted.
(WKN_CancelCheckIfAllowedToLoadURL): Deleted.
(WKN_ResolveURL): Deleted.

3:34 PM Changeset in webkit [201688] by andersca@apple.com
  • 3 edits in trunk/Source/WebKit/mac

Temporary build fix. (This function is going away).

  • Plugins/Hosted/NetscapePluginInstanceProxy.mm:

(WebKit::NetscapePluginInstanceProxy::checkIfAllowedToLoadURLResult): Deleted.

  • Plugins/Hosted/WebKitPluginHost.defs:
2:28 PM Changeset in webkit [201687] by andersca@apple.com
  • 2 edits in trunk/Source/WebCore

32-bit build fix
https://bugs.webkit.org/show_bug.cgi?id=158383
rdar://problem/26628125

Reviewed by Dan Bernstein.

Synthesize the webPlaybackSessionInterfaceMac property.

  • platform/mac/WebPlaybackControlsManager.mm:
2:09 PM Changeset in webkit [201686] by Matt Baker
  • 8 edits in trunk/Source/WebInspectorUI

Web Inspector: discontinuous recordings should have discontinuities in the timeline memory graph
https://bugs.webkit.org/show_bug.cgi?id=158052
<rdar://problem/26516695>

Reviewed by Joseph Pecoraro.

Add gaps to the overview and category line charts where discontinuities
exist in the timeline recording.

  • UserInterface/Models/Timeline.js:

(WebInspector.Timeline.prototype.recordsInTimeRange):
Replaces _visibleRecords methods found in various views.

  • UserInterface/Models/TimelineRecording.js:

(WebInspector.TimelineRecording.prototype.reset):
(WebInspector.TimelineRecording.prototype.addDiscontinuity):
(WebInspector.TimelineRecording.prototype.discontinuitiesInTimeRange):
Allow discontinuities to be added to the recording, and have a means to
look up gaps within a time range.

  • UserInterface/Views/HeapAllocationsTimelineOverviewGraph.js:

(WebInspector.HeapAllocationsTimelineOverviewGraph.prototype._visibleRecords): Deleted.
Replaced by Timeline helper method.

  • UserInterface/Views/MemoryTimelineOverviewGraph.js:

(WebInspector.MemoryTimelineOverviewGraph.prototype.layout.insertDiscontinuity):
(WebInspector.MemoryTimelineOverviewGraph.prototype.layout):
Insert zero-points into the chart at discontinuity boundaries to create
gaps. Data points for records immediately before or after a gap are extended
to the edge of the discontinuity.

(WebInspector.MemoryTimelineOverviewGraph.prototype._visibleRecords): Deleted.
Replaced by Timeline helper method.

  • UserInterface/Views/MemoryTimelineView.js:

(WebInspector.MemoryTimelineView.prototype.layout):
Insert zero-points into each category chart at discontinuity boundaries
to create gaps.

Insert zero-points into the chart to create gaps.
(WebInspector.MemoryTimelineView.prototype._visibleRecords): Deleted.
Replaced by Timeline helper method.

  • UserInterface/Views/TimelineOverview.js:

(WebInspector.TimelineOverview.prototype.discontinuitiesInTimeRange):
Forward to the TimelineRecording, which isn't exposed to clients.

  • UserInterface/Views/TimelineRecordingContentView.js:

(WebInspector.TimelineRecordingContentView):
(WebInspector.TimelineRecordingContentView.prototype._capturingStarted):
(WebInspector.TimelineRecordingContentView.prototype._capturingStopped):
(WebInspector.TimelineRecordingContentView.prototype._recordingReset):
Track discontinuities (recording stop followed by a start) and add them
to the current recording.

1:59 PM Changeset in webkit [201685] by beidson@apple.com
  • 3 edits
    2 copies
    4 adds in trunk/LayoutTests

Modern IDB: Add -private.html variants of crypto/subtle IndexedDB tests.
https://bugs.webkit.org/show_bug.cgi?id=153323

Reviewed by Darin Adler.

  • crypto/subtle/resources/rsa-indexeddb-non-exportable.js: Copied from LayoutTests/crypto/subtle/rsa-indexeddb-non-exportable.html.
  • crypto/subtle/resources/rsa-indexeddb.js: Copied from LayoutTests/crypto/subtle/rsa-indexeddb.html.
  • crypto/subtle/rsa-indexeddb-non-exportable-private-expected.txt: Added.
  • crypto/subtle/rsa-indexeddb-non-exportable-private.html: Added.
  • crypto/subtle/rsa-indexeddb-non-exportable.html:
  • crypto/subtle/rsa-indexeddb-private-expected.txt: Added.
  • crypto/subtle/rsa-indexeddb-private.html: Added.
  • crypto/subtle/rsa-indexeddb.html:
1:53 PM Changeset in webkit [201684] by andersca@apple.com
  • 4 edits
    2 deletes in trunk/Source/WTF

Get rid of WorkItemWin
https://bugs.webkit.org/show_bug.cgi?id=158381

Reviewed by Sam Weinig.

  • wtf/PlatformWin.cmake:
  • wtf/WorkQueue.h:
  • wtf/win/WorkItemWin.cpp: Removed.

(WTF::WorkItemWin::WorkItemWin): Deleted.
(WTF::WorkItemWin::create): Deleted.
(WTF::WorkItemWin::~WorkItemWin): Deleted.

  • wtf/win/WorkItemWin.h: Removed.

(WTF::WorkItemWin::function): Deleted.
(WTF::WorkItemWin::queue): Deleted.

  • wtf/win/WorkQueueWin.cpp:

(WTF::WorkQueue::performWorkOnRegisteredWorkThread):
(WTF::WorkQueue::dispatch):

12:26 PM Changeset in webkit [201683] by andersca@apple.com
  • 5 edits in trunk/Source/WTF

Get rid of HANDLE registration code in WorkQueueWin
https://bugs.webkit.org/show_bug.cgi?id=158375

Reviewed by Darin Adler.

  • wtf/WorkQueue.h:
  • wtf/win/WorkItemWin.cpp:

(WTF::HandleWorkItem::HandleWorkItem): Deleted.
(WTF::HandleWorkItem::createByAdoptingHandle): Deleted.
(WTF::HandleWorkItem::~HandleWorkItem): Deleted.

  • wtf/win/WorkItemWin.h:

(WTF::HandleWorkItem::setWaitHandle): Deleted.
(WTF::HandleWorkItem::waitHandle): Deleted.

  • wtf/win/WorkQueueWin.cpp:

(WTF::WorkQueue::handleCallback): Deleted.
(WTF::WorkQueue::platformInvalidate): Deleted.
(WTF::WorkQueue::unregisterWaitAndDestroyItemSoon): Deleted.
(WTF::WorkQueue::unregisterWaitAndDestroyItemCallback): Deleted.

12:11 PM Changeset in webkit [201682] by ap@apple.com
  • 5 edits in trunk

REGRESSION (r201263): Some tests have become flaky timeouts.
https://bugs.webkit.org/show_bug.cgi?id=157990

Reviewed by Darin Adler.

Tools:

  • WebKitTestRunner/TestInvocation.cpp: (WTR::TestInvocation::invoke):

It is somewhat legitimate for WebContent to not respond to messages after the test
is done; it can be e.g. re-doing a costly repaint. So, we should restart is silently,
without making the current test fail.

LayoutTests:

  • platform/mac-wk2/TestExpectations:
  • platform/mac/TestExpectations:
12:10 PM Changeset in webkit [201681] by Chris Dumez
  • 3 edits in trunk/Source/WebCore

Avoid redundant isUndefined() check for parameters that are both optional and nullable in overloads
https://bugs.webkit.org/show_bug.cgi?id=158380

Reviewed by Brady Eidson.

  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateParametersCheckExpression):

  • bindings/scripts/test/JS/JSTestObj.cpp:

(WebCore::jsTestObjPrototypeFunctionOverloadedMethodWithOptionalParameter):

11:58 AM Changeset in webkit [201680] by commit-queue@webkit.org
  • 3 edits
    6 adds in trunk

Add better basic isNaN test coverage
https://bugs.webkit.org/show_bug.cgi?id=158379

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2016-06-04
Reviewed by Benjamin Poulain.

  • js/Number-isNaN-expected.txt: Added.
  • js/Number-isNaN.html: Added.
  • js/global-isNaN-expected.txt: Added.
  • js/global-isNaN.html: Added.
  • js/script-tests/Number-isNaN.js: Added.

(objectWithNumberValueOf.valueOf):
(objectWithNaNValueOf.valueOf):
(objectRecordConversionCalls.toString):
(objectRecordConversionCalls.valueOf):

  • js/script-tests/global-isNaN.js: Added.

(objectConvertToString.toString):
(objectRecordToStringCall.toString):
(objectThrowOnToString.toString):
(objectWithValueOf.valueOf):
(objectThrowOnValueOf.valueOf):
(objectThrowOnValueOf.toString):
(objectRecordValueOfCall.valueOf):
(objectRecordConversionCalls.toString):
(objectRecordConversionCalls.valueOf):

  • js/script-tests/math-clz32.js:
12:20 AM Changeset in webkit [201679] by bfulgham@apple.com
  • 22 edits
    64 adds in trunk

CSP: Content Security Policy directive, upgrade-insecure-requests (UIR)
https://bugs.webkit.org/show_bug.cgi?id=143653
<rdar://problem/23032067>

Reviewed by Andy Estes.

Source/WebCore:

Modify our loading logic so that we recognize and upgrade insecure requests to secure
requests if the Content Security Policy directive 'upgrade-insecure-requests' is
present.

Add a static helper function to ContentSecurityPolicy to upgrade insecure URLs so
that we don't have to sprinkle the same code all over the loader system.

Tests: http/tests/security/contentSecurityPolicy/report-only-upgrade-insecure.php

http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/basic-upgrade-cors.https.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/basic-upgrade.https.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/form-upgrade.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/https-header-auxiliary.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/https-header-nested.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/https-header-subresource.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/https-header-top-level.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/iframe-upgrade.https.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/proper-nested-upgrades.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/proper-open-window-upgrades.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-insecure-audio-video-in-main-frame.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-insecure-css-in-iframe.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-insecure-image-in-main-frame.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-simple-ws.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-insecure-xhr-in-main-frame.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-redirect-http-to-https-script-in-iframe.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-redirect-https-to-http-script-in-iframe.html
http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrades-mixed-content.html
http/tests/ssl/iframe-upgrade.https.html
http/tests/ssl/upgrade-origin-usage.html
http/tests/websocket/tests/hybi/upgrade-simple-ws.html

  • Modules/websockets/WebSocket.cpp:

(WebCore::WebSocket::connect): Upgrade insecure requests if the CSP
indicates we should.

  • dom/Document.cpp:

(WebCore::Document::initSecurityContext): Populate new document CSP with sets of upgrade host and port combinations.

  • dom/ScriptElement.cpp:

(WebCore::ScriptElement::requestScript): Upgrade insecure requests if
the CSP indicates we should.

  • html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::loadResource): Ditto.

  • loader/DocumentWriter.cpp:

(WebCore::DocumentWriter::begin): Ditto.

  • loader/FormSubmission.cpp:

(WebCore::FormSubmission::create): Ditto.
(WebCore::FormSubmission::populateFrameLoadRequest): Add "Upgrade-Insecure-Requests"
header to frame load requests.

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::addExtraFieldsToMainResourceRequest): Add the
'Update-Insecure-Requests' header field if necessary.
(WebCore::FrameLoader::addHTTPUpgradeInsecureRequestsIfNeeded): Added helper function.
(WebCore::FrameLoader::loadPostRequest): Upgrade insecure requests if the CSP
indicates we should.
(WebCore::FrameLoader::loadResourceSynchronously): Ditto.
(WebCore::FrameLoader::loadDifferentDocumentItem): If loading a form, add the
'Update-Insecure-Requests' header field if necessary.
(WebCore::createWindow): Upgrade insecure requests if the CSP
indicates we should.

  • loader/FrameLoader.h:
  • loader/PingLoader.cpp:

(WebCore::PingLoader::loadImage): Upgrade insecure requests if the CSP
indicates we should.
(WebCore::PingLoader::sendPing): Ditto.
(WebCore::PingLoader::sendViolationReport): Ditto.

  • loader/ResourceLoader.cpp:

(WebCore::ResourceLoader::willSendRequestInternal): Ditto.

  • loader/SubframeLoader.cpp:

(WebCore::SubframeLoader::requestFrame): Ditto.
(WebCore::SubframeLoader::requestObject): Ditto.

  • loader/appcache/ApplicationCacheHost.cpp:

(WebCore::ApplicationCacheHost::shouldLoadResourceFromApplicationCache): Ditto.

  • loader/cache/CachedResourceLoader.cpp:

(WebCore::CachedResourceLoader::requestImage): Ditto.
(WebCore::CachedResourceLoader::requestResource): Ditto.

  • page/DOMWindow.cpp:

(WebCore::DOMWindow::createWindow): Add the 'Update-Insecure-Requests' header
field if necessary.

  • page/csp/ContentSecurityPolicy.cpp:

(WebCore::ContentSecurityPolicy::copyStateFrom): Populate upgraded resource set
from other context.
(WebCore::ContentSecurityPolicy::upgradeInsecureRequestIfNeeded): Added helper function
to upgrade requests when the upgrade-insecure-requests CSP policy is present, or if
the host and port combination have previously been upgraded.
(WebCore::ContentSecurityPolicy::upgradeInsecureNavigationRequestIfNeeded): Added
helper function to upgrade requests that have been previously upgraded. Cross-site
navigations only get upgraded when they have been previously upgraded.
(WebCore::ContentSecurityPolicy::addInsecureNavigationRequestsToUpgrade): Added.
(WebCore::ContentSecurityPolicy::populateInsecureNavigationRequestsToUpgradeFromOther): Added.

  • page/csp/ContentSecurityPolicy.h:

(WebCore::ContentSecurityPolicy::setUpgradeInsecureRequests): Added.
(WebCore::ContentSecurityPolicy::upgradeInsecureRequests): Added.

  • page/csp/ContentSecurityPolicyDirectiveList.cpp:

(WebCore::ContentSecurityPolicyDirectiveList::ContentSecurityPolicyDirectiveList): Use
more C++11 initializations.
(WebCore::ContentSecurityPolicyDirectiveList::setUpgradeInsecureRequests): Added.
(WebCore::ContentSecurityPolicyDirectiveList::addDirective): Teach this function to
recognize the new directive.

  • page/csp/ContentSecurityPolicyDirectiveList.h:
  • page/csp/ContentSecurityPolicyDirectiveNames.cpp:
  • page/csp/ContentSecurityPolicyDirectiveNames.h:
  • platform/network/HTTPHeaderNames.in: Add new 'Upgrade-Insecure-Requests' header field.
  • xml/XMLHttpRequest.cpp:

(WebCore::XMLHttpRequest::open): Upgrade insecure requests if the CSP if needed.

LayoutTests:

Some of these tests are based on a set of Blink patches by Mike West <mkwst@chromium.org>.
<https://src.chromium.org/viewvc/blink?revision=192607&view=revision>,
<https://codereview.chromium.org/1178093002>, <https://codereview.chromium.org/1964303003>

The rest of them are based on our own mixedContent tests, revised for upgraded requests.

Note that WebSockets are not part of this testing at present due to https://bugs.webkit.org/show_bug.cgi?id=157884.

  • http/tests/security/contentSecurityPolicy/report-only-upgrade-insecure.php: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/basic-upgrade-cors.https-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/basic-upgrade-cors.https.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/basic-upgrade.https-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/basic-upgrade.https.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/form-upgrade-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/form-upgrade.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/https-header-auxiliary-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/https-header-auxiliary.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/https-header-nested-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/https-header-nested.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/https-header-subresource-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/https-header-subresource.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/https-header-top-level-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/https-header-top-level.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/iframe-upgrade.https-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/iframe-upgrade.https.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/proper-nested-upgrades-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/proper-nested-upgrades.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/proper-open-window-upgrades-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/proper-open-window-upgrades.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/resources: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/resources/basic-upgrade-cors.https.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/resources/check-https-header.pl: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/resources/echo-https-header.pl: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/resources/frame-with-insecure-audio-video.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/resources/frame-with-insecure-css.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/resources/frame-with-insecure-image.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/resources/frame-with-redirect-http-to-https-script.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/resources/frame-with-redirect-https-to-http-script.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/resources/insecure-xhr-in-main-frame-window.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/resources/mixed-content-with-upgrade.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/resources/post-https-header.pl: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-insecure-audio-video-in-main-frame-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-insecure-audio-video-in-main-frame.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-insecure-css-in-iframe-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-insecure-css-in-iframe.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-insecure-image-in-main-frame-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-insecure-image-in-main-frame.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-insecure-xhr-in-main-frame-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-insecure-xhr-in-main-frame.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-redirect-http-to-https-script-in-iframe-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-redirect-http-to-https-script-in-iframe.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-redirect-https-to-http-script-in-iframe-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-redirect-https-to-http-script-in-iframe.html: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrades-mixed-content-expected.txt: Added.
  • http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrades-mixed-content.html: Added.
  • http/tests/security/resources/post-origin-to-parent.html: Added.
  • http/tests/ssl/iframe-upgrade.https-expected.txt: Added.
  • http/tests/ssl/iframe-upgrade.https.html: Added.
  • http/tests/ssl/upgrade-origin-usage-expected.txt: Added.
  • http/tests/ssl/upgrade-origin-usage.html: Added.
  • http/tests/ssl/resources/origin-usage-iframe-1.html: Added.
  • http/tests/ssl/resources/origin-usage-iframe-1.manifest: Added.
  • http/tests/ssl/resources/origin-usage-iframe-2.html: Added.
  • http/tests/ssl/resources/origin-usage-iframe-2.manifest: Added.
  • http/tests/websocket/tests/hybi/upgrade-simple-ws-expected.txt: Added.
  • http/tests/websocket/tests/hybi/upgrade-simple-ws.html: Added.
  • TestExpectations: Skip http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/upgrade-simple-ws.html since the

WebSocket server does not currently support wss sockets.

Jun 3, 2016:

8:28 PM Changeset in webkit [201678] by commit-queue@webkit.org
  • 2 edits
    1 add in trunk/Source/JavaScriptCore

Eager FTL failure for strict comparison of NaN with number check
https://bugs.webkit.org/show_bug.cgi?id=158368

Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-06-03
Reviewed by Darin Adler.

DoupleRep with a RealNumberUse starts by handling double
then falls back to Int32 if the unboxed double is NaN.

Before handling integers, the code is checking if the input
is indeed an int32. The problem was that this check failed
to account for NaN as an original input of the DoubleRep.

The call to isNotInt32() filter the doubles checks because
that was handled by the previous block.
The problem is the previous block handles any double except NaN.
If the original input was NaN, the masking by "~SpecFullDouble"
filter that possibility and isNotInt32() fails to test that case.

This patch fixes the issue by changing the filter to SpecDoubleReal.
The type SpecDoubleReal does not include the NaN types.

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileDoubleRep):

  • tests/stress/double-rep-real-number-use-on-nan.js: Added.

To ensure the isNotInt32() does not test anything, we want
proven numbers as input. The (+value) are there to enforce
a ToNumber() which in turn give us a proven Number type.

7:04 PM Changeset in webkit [201677] by mmaxfield@apple.com
  • 5 edits
    2 adds in trunk

Bopomofo ruby in Dictionary.app is written horizontally (when it should be written vertically)
https://bugs.webkit.org/show_bug.cgi?id=158245
<rdar://problem/25675318>

Reviewed by Darin Adler.

Source/WebCore:

With orthogonal flows, the inner element gets a logical width that is computed from two values:

  • The containing block's available logical height
  • The FrameView's visibleHeight

In Dictionary.app, the FrameView's height changes, but this element doesn't get relaid out.
This is because of our optimization where normal-flow elements don't get relaid out if their
parent's width doesn't change (which is the case here).

Therefore, this orthogonal writing mode element should be relaid out when the FrameView changes
size. Luckily, we already have machinery for doing this: percentage heights. In quirks mode, a
div with a percentage height may walk arbitrarily far up the DOM tree in order to determine which
element the percentage should be resolved against. Therefore, we have a map of percentage-sizing-
ancestors to percentage-sizing-descendants which speeds up this search. If a percentage-sizing-
ancestor gets relaid out, all the relevant percentage-sizing-descendants get relaid out too.

Therefore, we can simply mark the FrameView as a percentage-sizing-ancestor and the orthogonal
flow element as a percentage-sizing-descendant. The lifetime of this relationship is already
managed correctly - it gets reset when style changes and when the renderer is destroyed, and
is created during layout.

Unfortunately, this same treatment should also be done to the element which dictates the
containing block's logical height (which caused https://bugs.webkit.org/show_bug.cgi?id=158286).
Implementing this would require giving RenderBox::availableLogicalHeight() a second result
of the necessary element which dictates the return. In an effort to keep this patch small and
focused, I'll do this secondary (much larger) work in a patch on that bug. This patch,
therefore, is kept small and focused.

Test: fast/text/orthogonal-writing-mode-containing-block-frameView-resize-relayout.html

  • rendering/RenderBox.cpp:

(WebCore::RenderBox::perpendicularContainingBlockLogicalHeight):

LayoutTests:

Rebaselined fast/table/border-collapsing/004-vertical.html to show a progression.

  • fast/text/orthogonal-writing-mode-containing-block-frameView-resize-relayout-expected.html: Added.
  • fast/text/orthogonal-writing-mode-containing-block-frameView-resize-relayout.html: Added.
  • platform/mac/fast/table/border-collapsing/004-vertical-expected.png: Rebased
  • platform/mac/fast/table/border-collapsing/004-vertical-expected.txt: Rebased
7:00 PM Changeset in webkit [201676] by mmaxfield@apple.com
  • 11 edits
    4 adds in trunk

Text not visible while external font downloading
https://bugs.webkit.org/show_bug.cgi?id=25207
<rdar://problem/15167413>

Reviewed by Dean Jackson.

Source/WebCore:

I already laid the groundwork for this when implementing the CSS Font Loading API.
We only have to create a timer and correctly respond to it timing out (by setting
state).

This patch also adds a new internal setting which puts us in a mode where font
loads never complete and the timeout occurs immediately. This is so we can test
the fallback behavior.

Test: fast/text/web-font-load-fallback-during-loading.html

  • css/CSSFontFace.cpp:

(WebCore::CSSFontFace::CSSFontFace):
(WebCore::CSSFontFace::fontLoadEventOccurred):
(WebCore::CSSFontFace::timeoutFired):
(WebCore::CSSFontFace::setStatus):
(WebCore::CSSFontFace::fontLoaded):
(WebCore::CSSFontFace::webFontsShouldAlwaysFallBack):
(WebCore::CSSFontFace::pump):
(WebCore::CSSFontFace::font):

  • css/CSSFontFace.h:
  • css/CSSFontFaceSource.cpp:

(WebCore::CSSFontFaceSource::fontLoaded):

  • css/FontFace.cpp:

(WebCore::FontFace::fontStateChanged):

  • page/Settings.cpp:

(WebCore::Settings::Settings):
(WebCore::Settings::setWebFontsAlwaysFallBack):

  • page/Settings.h:

(WebCore::Settings::webFontsAlwaysFallBack):

  • testing/InternalSettings.cpp:

(WebCore::InternalSettings::Backup::Backup):
(WebCore::InternalSettings::Backup::restoreTo):
(WebCore::InternalSettings::setWebFontsAlwaysFallBack):

  • testing/InternalSettings.h:
  • testing/InternalSettings.idl:

LayoutTests:

  • fast/text/web-font-load-fallback-during-loading-no-multiple-expected.txt: Added.
  • fast/text/web-font-load-fallback-during-loading-no-multiple.html: Added.
  • fast/text/web-font-load-fallback-during-loading-expected.html: Added.
  • fast/text/web-font-load-fallback-during-loading.html: Added.
6:31 PM Changeset in webkit [201675] by Chris Dumez
  • 12 edits in trunk/Source

Modernize a few more lambda captures
https://bugs.webkit.org/show_bug.cgi?id=158370

Reviewed by Brady Eidson.

Source/WebCore:

  • workers/DedicatedWorkerGlobalScope.cpp:

(WebCore::DedicatedWorkerGlobalScope::postMessage):

  • workers/DedicatedWorkerGlobalScope.h:
  • workers/Worker.cpp:

(WebCore::Worker::postMessage):

  • workers/Worker.h:
  • workers/WorkerEventQueue.cpp:

(WebCore::WorkerEventQueue::enqueueEvent):

  • workers/WorkerGlobalScopeProxy.h:
  • workers/WorkerMessagingProxy.cpp:

(WebCore::WorkerMessagingProxy::postMessageToWorkerObject):
(WebCore::WorkerMessagingProxy::postMessageToWorkerGlobalScope):

  • workers/WorkerMessagingProxy.h:
  • workers/WorkerObjectProxy.h:

Source/WebKit:

  • Storage/StorageTracker.cpp:

(WebCore::StorageTracker::deleteOrigin):

6:08 PM Changeset in webkit [201674] by commit-queue@webkit.org
  • 5 edits
    3 adds in trunk

JSON.stringify replacer function calls with numeric array indices
https://bugs.webkit.org/show_bug.cgi?id=158262
Source/JavaScriptCore:

rdar://problem/26613876

Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-06-03
Reviewed by Saam Barati.

The spec of SerializeJSONArray is pretty clear that the index
should be transformed into a string before calling SerializeJSONProperty.
See http://www.ecma-international.org/ecma-262/6.0/#sec-serializejsonarray

  • runtime/JSONObject.cpp:

(JSC::PropertyNameForFunctionCall::value):

LayoutTests:

Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-06-03
Reviewed by Saam Barati.

  • js/JSON-stringify-exposes-array-indices-as-strings-expected.txt: Added.
  • js/JSON-stringify-exposes-array-indices-as-strings.html: Added.
  • js/script-tests/JSON-stringify-exposes-array-indices-as-strings.js: Added.

(replacer):
(testObject.toJSON):
(toJSONArrayHelper):

  • js/resources/JSON-stringify.js:
  • js/dom/JSON-stringify-expected.txt:

Update the test results for the native implementation.

5:56 PM Changeset in webkit [201673] by commit-queue@webkit.org
  • 55 edits
    1 move in trunk/Source

Unreviewed, rolling out r201663.
https://bugs.webkit.org/show_bug.cgi?id=158374

Broke the Windows build (Requested by andersca on #webkit).

Reverted changeset:

"Rename NoncopyableFunction to Function"
https://bugs.webkit.org/show_bug.cgi?id=158354
http://trac.webkit.org/changeset/201663

5:34 PM Changeset in webkit [201672] by sbarati@apple.com
  • 3 edits in trunk/Source/JavaScriptCore

Proxy.ownKeys should no longer throw an exception when duplicate keys are returned and the target is non-extensible
https://bugs.webkit.org/show_bug.cgi?id=158350
<rdar://problem/26626211>

Reviewed by Michael Saboff.

The spec was recently changes in Proxy OwnPropertyKeys?
to allow for duplicate property names under certain circumstances.
This patch fixes our implementation to match the spec.
See: https://github.com/tc39/ecma262/pull/594

  • runtime/ProxyObject.cpp:

(JSC::ProxyObject::performGetOwnPropertyNames):

  • tests/stress/proxy-own-keys.js:

(i.catch):
(ownKeys):
(assert):

5:04 PM Changeset in webkit [201671] by Brian Burg
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: add a keyboard shortcut to close the current tab bar item
https://bugs.webkit.org/show_bug.cgi?id=158363
<rdar://problem/22677254>

Reviewed by Timothy Hatcher.

Make Cmd-w close the current tab. This matches Safari's keyboard shortcut.

  • UserInterface/Views/TabBrowser.js:

(WebInspector.TabBrowser):
Don't do anything if the New Tab tab is the only tab bar item besides the
pinned "new tab" button.

4:51 PM Changeset in webkit [201670] by sbarati@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Some shadow chicken code is wrong when run on a big endian CPU
https://bugs.webkit.org/show_bug.cgi?id=158361

Reviewed by Mark Lam.

This code was wrong on a big endian CPU, and it was
also an anti-pattern in the file. The code was harmless
on a little endian CPU, but it's better to remove it.

  • llint/LowLevelInterpreter64.asm:
4:27 PM Changeset in webkit [201669] by Brian Burg
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: setter for debugging flag InspectorBackend.dumpInspectorTimeStats does not work
https://bugs.webkit.org/show_bug.cgi?id=158366

Reviewed by Timothy Hatcher.

  • UserInterface/Protocol/InspectorBackend.js:

(InspectorBackendClass.prototype.set dumpInspectorTimeStats):
Actually update the backing member when the setter is called.

4:06 PM Changeset in webkit [201668] by keith_miller@apple.com
  • 26 edits
    1 add in trunk/Source/JavaScriptCore

Add argument_count bytecode for concat
https://bugs.webkit.org/show_bug.cgi?id=158358

Reviewed by Geoffrey Garen.

This patch adds a new argument count bytecode. Normally, we would
just make sure that the argument.length bytecode was fast enough
that we shouldn't need such an bytecode. However, for the case of
Array.prototype.concat the overhead of the arguments object
allocation in the LLInt was too high and caused regressions.

  • bytecode/BytecodeIntrinsicRegistry.h:
  • bytecode/BytecodeList.json:
  • bytecode/BytecodeUseDef.h:

(JSC::computeUsesForBytecodeOffset):
(JSC::computeDefsForBytecodeOffset):

  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::dumpBytecode):

  • bytecompiler/NodesCodegen.cpp:

(JSC::BytecodeIntrinsicNode::emit_intrinsic_argumentCount):

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::getArgumentCount):
(JSC::DFG::ByteCodeParser::parseBlock):

  • dfg/DFGCapabilities.cpp:

(JSC::DFG::capabilityLevel):

  • jit/JIT.cpp:

(JSC::JIT::privateCompileMainPass):

  • jit/JIT.h:
  • jit/JITOpcodes.cpp:

(JSC::JIT::emit_op_argument_count):

  • llint/LowLevelInterpreter32_64.asm:
  • llint/LowLevelInterpreter64.asm:
  • tests/stress/argument-count-bytecode.js: Added.

(inlineCount):
(inlineCount1):
(inlineCount2):
(inlineCountVarArgs):
(assert):

4:01 PM Changeset in webkit [201667] by rniwa@webkit.org
  • 7 edits
    2 adds in trunk

Crash under VisibleSelection::firstRange()
https://bugs.webkit.org/show_bug.cgi?id=158241

Reviewed by Enrica Casucci.

Source/WebCore:

The crash was commonly caused by parentAnchoredEquivalent returning null when the anchored node was a shadow root.
Fixed it by returning a shadow root in parentAnchoredEquivalent.

Also guard against other kinds of crashes by adding a null check in VisibleSelection::firstRange() since we've seen
a crash in the same code path outside of a shadow tree.

This patch also fixes other Position methods to stop using nonShadowBoundaryParentNode in place of parentNode as
that would cause a similar crash and/or a bug elsewhere.

Test: fast/shadow-dom/selection-at-shadow-root-crash.html

  • accessibility/AXObjectCache.cpp:

(AXObjectCache::startCharacterOffsetOfParagraph): Fixed a bug uncovered by the assertion fix in Position::Position.
This code was sometimes creating a position inside a BR, which is wrong.
(AXObjectCache::endCharacterOffsetOfParagraph): Ditto.

  • dom/Position.cpp:

(WebCore::Position::Position): Fixed an assertion which was checking that this constructor wasn't being called

with m_anchorNode set to an element editing ignores content of.
ing it with isShadowRoot() made this assertion

useless because it's true whenever m_anchorNode is not a shadow root.
(WebCore::Position::containerNode): Use parentNode() instead of findParent() which calls nonShadowBoundaryParentNode
since Position should
(WebCore::Position::parentAnchoredEquivalent): Fixed the bug by letting this function return a shadow root.
(WebCore::Position::previous): Use parentNode() instead of findParent().
(WebCore::Position::next): Ditto.
(WebCore::Position::atStartOfTree): Ditto.
(WebCore::Position::atEndOfTree): Ditto.
(WebCore::Position::findParent): Deleted.

  • dom/Position.h:
  • editing/VisibleSelection.cpp:

(VisibleSelection::firstRange): Added a null check.

LayoutTests:

Added a regression test.

  • fast/shadow-dom/selection-at-shadow-root-crash-expected.txt: Added.
  • fast/shadow-dom/selection-at-shadow-root-crash.html: Added.
3:47 PM Changeset in webkit [201666] by zalan@apple.com
  • 3 edits
    2 adds in trunk

Incorrect rendering on boostmobile FAQ page
https://bugs.webkit.org/show_bug.cgi?id=158303
<rdar://problem/26603462>

Reviewed by Chris Dumez.

Initial value for background-color is 'transparent'. see https://drafts.csswg.org/css-backgrounds-3/#background-color

Source/WebCore:

Test: fast/selectors/non-visited-link-backround-color.html

  • css/CSSPropertyNames.in:

LayoutTests:

  • fast/selectors/non-visited-link-backround-color-expected.html: Added.
  • fast/selectors/non-visited-link-backround-color.html: Added.
3:31 PM Changeset in webkit [201665] by beidson@apple.com
  • 8 edits in trunk/Source/WebCore

More miscellaneous IDBBindingUtilities cleanup.
https://bugs.webkit.org/show_bug.cgi?id=158359

Reviewed by Tim Horton.

No new tests (Straight refactor, yo).

Replace more ScriptExecutionContext&s with ExecState&s.
Combine more unnecessarily separate functions.
Remove some cruft.

  • Modules/indexeddb/IDBCursor.cpp:

(WebCore::IDBCursor::setGetResult):

  • Modules/indexeddb/IDBRequest.cpp:

(WebCore::IDBRequest::setResult):
(WebCore::IDBRequest::setResultToStructuredClone):

  • Modules/indexeddb/server/MemoryObjectStore.cpp:

(WebCore::IDBServer::MemoryObjectStore::updateIndexesForPutRecord):
(WebCore::IDBServer::MemoryObjectStore::populateIndexWithExistingRecords):

  • Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:

(WebCore::IDBServer::SQLiteIDBBackingStore::updateOneIndexForAddRecord):
(WebCore::IDBServer::SQLiteIDBBackingStore::updateAllIndexesForAddRecord):

  • Modules/indexeddb/server/UniqueIDBDatabase.cpp:

(WebCore::IDBServer::UniqueIDBDatabase::performPutOrAdd):

  • bindings/js/IDBBindingUtilities.cpp:

(WebCore::deserializeIDBValueToJSValue):
(WebCore::idbKeyDataToScriptValue):
(WebCore::deserializeIDBValueDataToJSValue): Deleted.

  • bindings/js/IDBBindingUtilities.h:
3:26 PM Changeset in webkit [201664] by Chris Dumez
  • 10 edits in trunk

CanvasRenderingContext2D.createPattern() / putImageData() throw wrong exception type
https://bugs.webkit.org/show_bug.cgi?id=158322

Reviewed by Ryosuke Niwa.

LayoutTests/imported/w3c:

Rebaseline test now that it is passing.

  • canvas/2d.pattern.image.undefined-expected.txt:

Source/WebCore:

CanvasRenderingContext2D.createPattern() / putImageData() were throwing the wrong
exception type when the first parameter was null. It should throw a TypeError
but it was throwing a legacy TYPE_MISMATCH_ERR:

This patch aligns our behavior with the specification.

No new tests, covered by existing tests.

  • html/canvas/CanvasRenderingContext2D.cpp:

(WebCore::CanvasRenderingContext2D::createPattern):
(WebCore::CanvasRenderingContext2D::putImageData):
(WebCore::CanvasRenderingContext2D::webkitPutImageDataHD):
(WebCore::CanvasRenderingContext2D::didDraw): Deleted.
(WebCore::CanvasRenderingContext2D::drawFocusIfNeeded): Deleted.
(WebCore::CanvasRenderingContext2D::drawFocusIfNeededInternal): Deleted.
(WebCore::CanvasRenderingContext2D::font): Deleted.

  • html/canvas/CanvasRenderingContext2D.h:
  • html/canvas/CanvasRenderingContext2D.idl:

LayoutTests:

Update several outdated layout tests.

  • canvas/philip/tests/2d.imageData.put.null.html:
  • canvas/philip/tests/2d.pattern.image.null.html:
  • canvas/philip/tests/2d.pattern.image.undefined.html:
3:24 PM Changeset in webkit [201663] by andersca@apple.com
  • 55 edits
    1 move in trunk/Source

Rename NoncopyableFunction to Function
https://bugs.webkit.org/show_bug.cgi?id=158354

Reviewed by Chris Dumez.

Source/WebCore:

  • Modules/mediastream/MediaEndpointPeerConnection.cpp:

(WebCore::MediaEndpointPeerConnection::runTask):

  • Modules/mediastream/MediaEndpointPeerConnection.h:
  • Modules/webaudio/AudioDestinationNode.h:

(WebCore::AudioDestinationNode::resume):
(WebCore::AudioDestinationNode::suspend):
(WebCore::AudioDestinationNode::close):

  • Modules/webaudio/DefaultAudioDestinationNode.cpp:

(WebCore::DefaultAudioDestinationNode::resume):
(WebCore::DefaultAudioDestinationNode::suspend):
(WebCore::DefaultAudioDestinationNode::close):

  • Modules/webaudio/DefaultAudioDestinationNode.h:
  • dom/ActiveDOMCallbackMicrotask.cpp:

(WebCore::ActiveDOMCallbackMicrotask::ActiveDOMCallbackMicrotask):

  • dom/ActiveDOMCallbackMicrotask.h:
  • dom/ScriptExecutionContext.h:

(WebCore::ScriptExecutionContext::Task::Task):

  • fileapi/AsyncFileStream.cpp:

(WebCore::callOnFileThread):
(WebCore::AsyncFileStream::perform):

  • fileapi/AsyncFileStream.h:
  • page/FrameView.cpp:

(WebCore::FrameView::queuePostLayoutCallback):
(WebCore::FrameView::flushPostLayoutTasksQueue):

  • page/FrameView.h:
  • page/scrolling/ScrollingThread.cpp:

(WebCore::ScrollingThread::dispatch):
(WebCore::ScrollingThread::dispatchBarrier):
(WebCore::ScrollingThread::dispatchFunctionsFromScrollingThread):

  • page/scrolling/ScrollingThread.h:
  • platform/GenericTaskQueue.cpp:

(WebCore::TaskDispatcher<Timer>::postTask):

  • platform/GenericTaskQueue.h:

(WebCore::TaskDispatcher::postTask):

  • platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
  • platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:

(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::scheduleDeferredTask):

  • platform/mediastream/MediaStreamPrivate.cpp:

(WebCore::MediaStreamPrivate::scheduleDeferredTask):

  • platform/mediastream/MediaStreamPrivate.h:
  • platform/mediastream/mac/AVMediaCaptureSource.h:
  • platform/mediastream/mac/AVMediaCaptureSource.mm:

(WebCore::AVMediaCaptureSource::scheduleDeferredTask):

  • style/StyleTreeResolver.cpp:

(WebCore::Style::postResolutionCallbackQueue):
(WebCore::Style::queuePostResolutionCallback):

  • style/StyleTreeResolver.h:

Source/WebKit:

  • Storage/StorageSyncManager.cpp:

(WebCore::StorageSyncManager::dispatch):

  • Storage/StorageSyncManager.h:
  • Storage/StorageThread.cpp:

(WebCore::StorageThread::dispatch):
(WebCore::StorageThread::terminate):

  • Storage/StorageThread.h:

Source/WebKit2:

  • NetworkProcess/NetworkProcess.cpp:

(WebKit::fetchDiskCacheEntries):
(WebKit::NetworkProcess::fetchWebsiteData):
(WebKit::clearDiskCacheEntries):

  • NetworkProcess/NetworkProcess.h:
  • NetworkProcess/cache/NetworkCache.cpp:

(WebKit::NetworkCache::Cache::traverse):

  • NetworkProcess/cache/NetworkCache.h:
  • NetworkProcess/cache/NetworkCacheIOChannelSoup.cpp:

(WebKit::NetworkCache::runTaskInQueue):

  • NetworkProcess/cache/NetworkCacheStorage.h:

Source/WTF:

  • WTF.xcodeproj/project.pbxproj:
  • wtf/CrossThreadTask.h:

(WTF::CrossThreadTask::CrossThreadTask):

  • wtf/Function.h: Renamed from Source/WTF/wtf/NoncopyableFunction.h.
  • wtf/FunctionDispatcher.h:
  • wtf/MainThread.cpp:

(WTF::functionQueue):
(WTF::dispatchFunctionsFromMainThread):
(WTF::callOnMainThread):

  • wtf/MainThread.h:
  • wtf/RunLoop.cpp:

(WTF::RunLoop::performWork):
(WTF::RunLoop::dispatch):

  • wtf/RunLoop.h:
  • wtf/WorkQueue.h:
  • wtf/cocoa/WorkQueueCocoa.cpp:

(WTF::WorkQueue::dispatch):
(WTF::WorkQueue::dispatchAfter):

  • wtf/efl/DispatchQueueWorkItemEfl.h:

(WorkItem::WorkItem):
(TimerWorkItem::create):
(TimerWorkItem::TimerWorkItem):

  • wtf/efl/WorkQueueEfl.cpp:

(WTF::WorkQueue::dispatch):
(WTF::WorkQueue::dispatchAfter):

  • wtf/generic/RunLoopGeneric.cpp:

(WTF::RunLoop::TimerBase::ScheduledTask::create):
(WTF::RunLoop::TimerBase::ScheduledTask::ScheduledTask):
(WTF::RunLoop::dispatchAfter):

  • wtf/generic/WorkQueueGeneric.cpp:

(WorkQueue::dispatch):
(WorkQueue::dispatchAfter):

  • wtf/glib/RunLoopGLib.cpp:

(WTF::DispatchAfterContext::DispatchAfterContext):
(WTF::RunLoop::dispatchAfter):

  • wtf/win/WorkItemWin.cpp:

(WTF::WorkItemWin::WorkItemWin):
(WTF::WorkItemWin::create):
(WTF::HandleWorkItem::HandleWorkItem):
(WTF::HandleWorkItem::createByAdoptingHandle):

  • wtf/win/WorkItemWin.h:

(WTF::WorkItemWin::function):

  • wtf/win/WorkQueueWin.cpp:

(WTF::WorkQueue::dispatch):
(WTF::WorkQueue::dispatchAfter):

3:05 PM Changeset in webkit [201662] by Ryan Haddad
  • 3 edits in trunk/LayoutTests

Marking fast/scrolling/scroll-container-horizontally.html as flaky on mac-wk2 and ios-simulator-wk1
https://bugs.webkit.org/show_bug.cgi?id=158237

Unreviewed test gardening.

  • platform/ios-simulator-wk1/TestExpectations:
  • platform/mac-wk2/TestExpectations:
2:59 PM Changeset in webkit [201661] by adachan@apple.com
  • 2 edits in trunk/Source/WebCore

REGRESSION(r201474): Subtitles are not resizing in other fullscreen modes
https://bugs.webkit.org/show_bug.cgi?id=158355

Reviewed by Eric Carlson.

  • platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:

(WebCore::MediaPlayerPrivateAVFoundationObjC::syncTextTrackBounds):
Set the text track representation layer's frame based on the active video layer.

2:42 PM Changeset in webkit [201660] by beidson@apple.com
  • 10 edits in trunk/Source/WebCore

Miscellaneous IDBBindingUtilities cleanup.
https://bugs.webkit.org/show_bug.cgi?id=158353

Reviewed by Tim Horton.

No new tests (Straight refactor, yo).

Starting with removing a single form of scriptValueToIDBKey(), and making the return value be
Ref<IDBKey> instead of RefPtr<IDBKey>, update a whole bunch of code to understand that the ExecState
is non-null and the resulting key is non-null.

  • Modules/indexeddb/IDBCursor.cpp:

(WebCore::IDBCursor::continueFunction):

  • Modules/indexeddb/IDBFactory.cpp:

(WebCore::IDBFactory::cmp):

  • Modules/indexeddb/IDBIndex.cpp:

(WebCore::IDBIndex::count):
(WebCore::IDBIndex::get):
(WebCore::IDBIndex::getKey):

  • Modules/indexeddb/IDBKey.cpp:

(WebCore::IDBKey::compare):
(WebCore::IDBKey::isLessThan):
(WebCore::IDBKey::isEqual):

  • Modules/indexeddb/IDBKey.h:

(WebCore::IDBKey::createMultiEntryArray):

  • Modules/indexeddb/IDBKeyRange.cpp:

(WebCore::IDBKeyRange::only):
(WebCore::IDBKeyRange::lowerBound):
(WebCore::IDBKeyRange::upperBound):
(WebCore::IDBKeyRange::bound):
(WebCore::IDBKeyRange::isOnlyKey):

  • Modules/indexeddb/IDBObjectStore.cpp:

(WebCore::IDBObjectStore::get):
(WebCore::IDBObjectStore::modernDelete):
(WebCore::IDBObjectStore::count):

  • bindings/js/IDBBindingUtilities.cpp:

(WebCore::get):
(WebCore::set):
(WebCore::createIDBKeyFromValue):
(WebCore::getNthValueOnKeyPath):
(WebCore::internalCreateIDBKeyFromScriptValueAndKeyPath):
(WebCore::ensureNthValueOnKeyPath):
(WebCore::canInjectNthValueOnKeyPath):
(WebCore::injectIDBKeyIntoScriptValue):
(WebCore::maybeCreateIDBKeyFromScriptValueAndKeyPath):
(WebCore::canInjectIDBKeyIntoScriptValue):
(WebCore::deserializeIDBValueToJSValue):
(WebCore::scriptValueToIDBKey):
(WebCore::createKeyPathArray):

  • bindings/js/IDBBindingUtilities.h:
2:36 PM Changeset in webkit [201659] by benjamin@webkit.org
  • 8 edits
    2 moves in trunk/Source/WebCore

Rename CheckedRadioButtons into RadioButtonGroups
https://bugs.webkit.org/show_bug.cgi?id=158326

Reviewed by Alex Christensen.

CheckedRadioButtons handles the set of all the Radio Button Groups
for a particular form or document.
The name is wrong and apparently comes from former uses of this class
(see the comment above the class declaration).

This patch renames "CheckedRadioButtons" to "RadioButtonGroups" to reflect that it handles
all the Radio Button Group from a given context (form or document).
Internally it has a set of RadioButtonGroup but that is never explicitely
exposed.

  • CMakeLists.txt:
  • WebCore.xcodeproj/project.pbxproj:
  • dom/CheckedRadioButtons.cpp:

(WebCore::RadioButtonGroup::isEmpty): Deleted.
(WebCore::RadioButtonGroup::isRequired): Deleted.
(WebCore::RadioButtonGroup::checkedButton): Deleted.
(WebCore::RadioButtonGroup::RadioButtonGroup): Deleted.
(WebCore::RadioButtonGroup::isValid): Deleted.
(WebCore::RadioButtonGroup::members): Deleted.
(WebCore::RadioButtonGroup::setCheckedButton): Deleted.
(WebCore::RadioButtonGroup::add): Deleted.
(WebCore::RadioButtonGroup::updateCheckedState): Deleted.
(WebCore::RadioButtonGroup::requiredAttributeChanged): Deleted.
(WebCore::RadioButtonGroup::remove): Deleted.
(WebCore::RadioButtonGroup::updateValidityForAllButtons): Deleted.
(WebCore::RadioButtonGroup::contains): Deleted.
(WebCore::CheckedRadioButtons::CheckedRadioButtons): Deleted.
(WebCore::CheckedRadioButtons::~CheckedRadioButtons): Deleted.
(WebCore::CheckedRadioButtons::addButton): Deleted.
(WebCore::CheckedRadioButtons::groupMembers): Deleted.
(WebCore::CheckedRadioButtons::updateCheckedState): Deleted.
(WebCore::CheckedRadioButtons::requiredAttributeChanged): Deleted.
(WebCore::CheckedRadioButtons::checkedButtonForGroup): Deleted.
(WebCore::CheckedRadioButtons::isInRequiredGroup): Deleted.
(WebCore::CheckedRadioButtons::removeButton): Deleted.

  • dom/RadioButtonGroups.cpp: Renamed from Source/WebCore/dom/CheckedRadioButtons.cpp.

(WebCore::RadioButtonGroup::isEmpty):
(WebCore::RadioButtonGroup::isRequired):
(WebCore::RadioButtonGroup::checkedButton):
(WebCore::RadioButtonGroup::RadioButtonGroup):
(WebCore::RadioButtonGroup::isValid):
(WebCore::RadioButtonGroup::members):
(WebCore::RadioButtonGroup::setCheckedButton):
(WebCore::RadioButtonGroup::add):
(WebCore::RadioButtonGroup::updateCheckedState):
(WebCore::RadioButtonGroup::requiredAttributeChanged):
(WebCore::RadioButtonGroup::remove):
(WebCore::RadioButtonGroup::updateValidityForAllButtons):
(WebCore::RadioButtonGroup::contains):
(WebCore::RadioButtonGroups::RadioButtonGroups):
(WebCore::RadioButtonGroups::~RadioButtonGroups):
(WebCore::RadioButtonGroups::addButton):
(WebCore::RadioButtonGroups::groupMembers):
(WebCore::RadioButtonGroups::updateCheckedState):
(WebCore::RadioButtonGroups::requiredAttributeChanged):
(WebCore::RadioButtonGroups::checkedButtonForGroup):
(WebCore::RadioButtonGroups::isInRequiredGroup):
(WebCore::RadioButtonGroups::removeButton):

  • dom/RadioButtonGroups.h: Renamed from Source/WebCore/dom/CheckedRadioButtons.h.
  • html/FormController.h:

(WebCore::FormController::radioButtonGroups):
(WebCore::FormController::checkedRadioButtons): Deleted.

  • html/HTMLFormElement.h:
  • html/HTMLInputElement.cpp:

(WebCore::HTMLInputElement::~HTMLInputElement):
(WebCore::HTMLInputElement::setChecked):
(WebCore::HTMLInputElement::didMoveToNewDocument):
(WebCore::HTMLInputElement::requiredAttributeChanged):
(WebCore::HTMLInputElement::isInRequiredRadioButtonGroup):
(WebCore::HTMLInputElement::radioButtonGroup):
(WebCore::HTMLInputElement::checkedRadioButtonForGroup):
(WebCore::HTMLInputElement::radioButtonGroups):
(WebCore::HTMLInputElement::addToRadioButtonGroup):
(WebCore::HTMLInputElement::removeFromRadioButtonGroup):
(WebCore::HTMLInputElement::checkedRadioButtons): Deleted.

  • html/HTMLInputElement.h:
2:35 PM Changeset in webkit [201658] by nvasilyev@apple.com
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Remove unused WebInspector.CSSCompletions methods
https://bugs.webkit.org/show_bug.cgi?id=158352

Reviewed by Joseph Pecoraro.

  • UserInterface/Models/CSSCompletions.js:

(WebInspector.CSSCompletions.prototype.firstStartsWith): Deleted.
(WebInspector.CSSCompletions.prototype.isLonghandPropertyName): Deleted.
(WebInspector.CSSCompletions.prototype.longhandsForShorthand): Deleted.

2:26 PM Changeset in webkit [201657] by ggaren@apple.com
  • 4 edits in trunk/Source/JavaScriptCore

Clients of PolymorphicAccess::addCases shouldn't have to malloc
https://bugs.webkit.org/show_bug.cgi?id=158357

Reviewed by Keith Miller.

We only ever have 1 or 2 cases, so we can use inline Vector capacity.

This shows up a little in the JSBench profile.

  • bytecode/PolymorphicAccess.cpp:

(JSC::PolymorphicAccess::addCases):
(JSC::PolymorphicAccess::addCase):

  • bytecode/PolymorphicAccess.h:
  • bytecode/StructureStubInfo.cpp:

(JSC::StructureStubInfo::addAccessCase):

2:13 PM Changeset in webkit [201656] by benjamin@webkit.org
  • 6 edits in trunk/Source/JavaScriptCore

Fix some more INFINITI->INFINITY typos

Unreviewed.

The tests were not covering the edge cases they were supposed to test.

Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-06-03

  • tests/stress/math-ceil-basics.js:

(testMathCeilOnConstants):

  • tests/stress/math-clz32-basics.js:

(testMathClz32OnDoubles):
(testMathClz32OnConstants):

  • tests/stress/math-floor-basics.js:

(testMathFloorOnConstants):

  • tests/stress/math-round-basics.js:

(testMathRoundOnConstants):

  • tests/stress/math-trunc-basics.js:

(testMathTruncOnConstants):

1:59 PM Changeset in webkit [201655] by Chris Dumez
  • 14 edits in trunk/Source

Unreviewed, roll out r196633 as it broke PageCache on iOS for WebKit.org
<rdar://problem/26521101>

Source/WebCore:

  • dom/Document.cpp:

(WebCore::Document::setInPageCache): Deleted.

  • history/CachedPage.cpp:

(WebCore::CachedPage::restore):
(WebCore::CachedPage::clear):

  • history/CachedPage.h:

(WebCore::CachedPage::markForVisitedLinkStyleRecalc):
(WebCore::CachedPage::markForFullStyleRecalc):

  • history/PageCache.cpp:

(WebCore::PageCache::markPagesForVisitedLinkStyleRecalc):
(WebCore::PageCache::markPagesForFullStyleRecalc):

  • history/PageCache.h:
  • page/Frame.cpp:

(WebCore::Frame::setPageAndTextZoomFactors):

  • page/Page.cpp:

(WebCore::Page::setViewScaleFactor):
(WebCore::Page::setDeviceScaleFactor):
(WebCore::Page::setPagination):
(WebCore::Page::setPaginationLineGridEnabled):
(WebCore::Page::setVisitedLinkStore):

Source/WebKit/mac:

  • WebCoreSupport/WebVisitedLinkStore.mm:

(WebVisitedLinkStore::removeAllVisitedLinks):
(WebVisitedLinkStore::removeVisitedLink):
(WebVisitedLinkStore::addVisitedLinkHash):

Source/WebKit/win:

  • WebCoreSupport/WebVisitedLinkStore.cpp:

(WebVisitedLinkStore::removeAllVisitedLinks):
(WebVisitedLinkStore::addVisitedLinkHash):

Source/WebKit2:

  • WebProcess/WebPage/VisitedLinkTableController.cpp:

(WebKit::VisitedLinkTableController::setVisitedLinkTable):
(WebKit::VisitedLinkTableController::visitedLinkStateChanged):
(WebKit::VisitedLinkTableController::allVisitedLinkStateChanged):
(WebKit::VisitedLinkTableController::removeAllVisitedLinks):

1:12 PM Changeset in webkit [201654] by barraclough@apple.com
  • 6 edits in trunk/Source/JavaScriptCore

JSGlobalObject::addFunction should call deleteProperty rather than removeDirect
https://bugs.webkit.org/show_bug.cgi?id=158295

Reviewed by Saam Barati.

When a function in declared in program code, this replaces any previosly existing
property from the global object. JSGlobalObject::addFunction is currently calling
removeDirect rather than deleteProperty to remove the existing property. This fails
to remove any properties from static tables.

We currently get away with this because (a) JSObject & JSGlobalObject don't currently
have any properties in static tables, and (b) the current quirky property precedence
means that the symbol table properties end up taking precedence over JSDOMWindow's
static table, so window object properties end up being shadowed.

As a part of bug #158178 the precedence of static tables will change, requiring this
to be fixed.

The deleteProperty function does what we want (has the ability to remove properties,
including those from the static tables). Normally deleteProperty will not remove
properties that are non-configurable (DontDelete) - we need to do so. The function
does already support this, through a flag on VM named 'isInDefineOwnProperty', which
causes configurability to be ignored. Generalize this mechanism for use outside of
defineOwnProperty, renaming & moving DefineOwnPropertyScope helper class out to VM.

  • runtime/JSFunction.cpp:

(JSC::JSFunction::deleteProperty):

  • isInDefineOwnProperty -> deletePropertyMode.
  • runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::addFunction):

  • removeDirect -> deleteProperty.
  • runtime/JSObject.cpp:

(JSC::JSObject::deleteProperty):

  • isInDefineOwnProperty -> deletePropertyMode.

(JSC::JSObject::defineOwnNonIndexProperty):

  • DefineOwnPropertyScope -> VM::DeletePropertyModeScope.

(JSC::DefineOwnPropertyScope::DefineOwnPropertyScope): Deleted.
(JSC::DefineOwnPropertyScope::~DefineOwnPropertyScope): Deleted.

  • DefineOwnPropertyScope -> VM::DeletePropertyModeScope.
  • runtime/VM.cpp:

(JSC::VM::VM):

  • removed m_inDefineOwnProperty.
  • runtime/VM.h:

(JSC::VM::deletePropertyMode):

  • isInDefineOwnProperty -> deletePropertyMode.

(JSC::VM::DeletePropertyModeScope::DeletePropertyModeScope):
(JSC::VM::DeletePropertyModeScope::~DeletePropertyModeScope):

  • DefineOwnPropertyScope -> VM::DeletePropertyModeScope.

(JSC::VM::setInDefineOwnProperty): Deleted.

  • Replaced with deletePropertyMode, can now only be set via VM::DeletePropertyModeScope.

(JSC::VM::isInDefineOwnProperty): Deleted.

  • isInDefineOwnProperty -> deletePropertyMode.
12:54 PM Changeset in webkit [201653] by beidson@apple.com
  • 2 edits in trunk/LayoutTests

LayoutTest imported/w3c/indexeddb/idbcursor-advance-continue-async.htm is flaky on Yosemite WK2
https://bugs.webkit.org/show_bug.cgi?id=154606

Reviewed by Alex Christensen.

  • platform/mac-wk2/TestExpectations: Remove expectations. Test has been working great for quite awhile.
12:28 PM Changeset in webkit [201652] by beidson@apple.com
  • 5 edits in trunk/LayoutTests

storage/indexeddb/intversion-open-in-upgradeneeded.html is flaky on mac.
https://bugs.webkit.org/show_bug.cgi?id=155050

Reviewed by Alex Christensen.

The test no longer crashes/times out, but it does have text failures.
Resolve them by removing a race in the test itself.

  • platform/mac-wk2/TestExpectations:
  • storage/indexeddb/intversion-open-in-upgradeneeded-expected.txt:
  • storage/indexeddb/intversion-open-in-upgradeneeded-private-expected.txt:
  • storage/indexeddb/resources/intversion-open-in-upgradeneeded.js:
11:42 AM Changeset in webkit [201651] by mark.lam@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

ARMv7 vstm and vldm instructions can only operate on a maximum of 16 registers.
https://bugs.webkit.org/show_bug.cgi?id=158349

Reviewed by Filip Pizlo.

According to the ARM Assembler Reference, the vstm and vldm instructions can only
operate on a maximum of 16 registers. See
http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.dht0002a/ch01s03s02.html
and http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.dht0002a/ch01s03s02.html.

The ARMv7 probe code was wrongly using these instructions to store and load all
32 'd' registers. This is now fixed.

  • assembler/MacroAssemblerARMv7.cpp:
11:36 AM Changeset in webkit [201650] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Update NativeFunctionParameters (FontFaceSet, HTMLSlotElement, EventTarget)
https://bugs.webkit.org/show_bug.cgi?id=158333

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2016-06-03
Reviewed by Brian Burg.

  • UserInterface/Models/NativeFunctionParameters.js:

Replace FontLoader with FontFaceSet. Add HTMLSlotElement API.
EventTarget is now actually in the prototype chain, so add it as
a first class citizen and keep mixing it in for legacy backends.

11:22 AM Changeset in webkit [201649] by peavo@outlook.com
  • 2 edits in trunk/Source/WebKit/win

[Win] Implement WebView::removeAllUserContentFromGroup
https://bugs.webkit.org/show_bug.cgi?id=158343

Reviewed by Brent Fulgham.

  • WebView.cpp:

(WebView::removeAllUserContentFromGroup):

11:13 AM Changeset in webkit [201648] by commit-queue@webkit.org
  • 5 edits
    8 adds in trunk

Reflection of element does not respect backdrop-filter property
https://bugs.webkit.org/show_bug.cgi?id=158201

Patch by Antoine Quint <Antoine Quint> on 2016-06-03
Reviewed by Dean Jackson.

Source/WebCore:

We weren't cloning the PlatformCALayer for the backdrop so reflections would simply
not show their backdrops. We now follow the same pattern as other PlatformCALayers
owned by a GraphicsLayerCA and keep a list of backdrop layer clones that we add
to the structural layer when cloning to match the layer order of the original
and update the backdrop layer clone properties to match the original when the
backdrop filters or rectangle changes.

Tests: css3/filters/backdrop/backdrop-filter-with-reflection-add-backdrop.html

css3/filters/backdrop/backdrop-filter-with-reflection-remove-backdrop.html
css3/filters/backdrop/backdrop-filter-with-reflection-value-change.html
css3/filters/backdrop/backdrop-filter-with-reflection.html

  • platform/graphics/ca/GraphicsLayerCA.cpp:

(WebCore::GraphicsLayerCA::updateBackdropFilters):
(WebCore::GraphicsLayerCA::updateBackdropFiltersRect):
Update backdrop layer clones to match new values set when the backdrop filter
configuration changes.

(WebCore::GraphicsLayerCA::ensureCloneLayers):
Create the backdrop layer clones map if needed and clone the existing backdrop layer.

(WebCore::GraphicsLayerCA::clearClones):
Clear the backdrop layer clones map.

(WebCore::GraphicsLayerCA::fetchCloneLayers):
Obtain a clone for the backdrop layer, and if we have a valid clone, add it to the
structural layer clone as its first child to match the operation in updateSublayerList().

  • platform/graphics/ca/GraphicsLayerCA.h:

Modify the signature for ensureCloneLayers() to account for the new backdrop layer clone and
declare the backdrop layer clone map.

  • platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:

(PlatformCALayerCocoa::clone):
Reflect the backdrop layer type when cloning a PlatformCALayer.

LayoutTests:

  • css3/filters/backdrop/backdrop-filter-with-reflection-add-backdrop-expected.html: Added.
  • css3/filters/backdrop/backdrop-filter-with-reflection-add-backdrop.html: Added.

Covers the case where a reflected element without a backdrop-filter initially has one added later.

  • css3/filters/backdrop/backdrop-filter-with-reflection-expected.html: Added.
  • css3/filters/backdrop/backdrop-filter-with-reflection-remove-backdrop-expected.html: Added.

Covers the case where a reflected element with a backdrop-filter initially has it removed later.

  • css3/filters/backdrop/backdrop-filter-with-reflection-remove-backdrop.html: Added.
  • css3/filters/backdrop/backdrop-filter-with-reflection-value-change-expected.html: Added.

Covers the case where a reflected element with a backdrop-filter has its backdrop-filter property changed later.

  • css3/filters/backdrop/backdrop-filter-with-reflection-value-change.html: Added.
  • css3/filters/backdrop/backdrop-filter-with-reflection.html: Added.

Covers the basic case of a reflected element with a backdrop-filter.

10:09 AM Changeset in webkit [201647] by beidson@apple.com
  • 3 edits in trunk/Source/WebCore

ResourceResponseBase cleanup.
https://bugs.webkit.org/show_bug.cgi?id=158348

Reviewed by Chris Dumez.

No new tests (Refactor, no behavior change).

CrossThreadData can be noncopyable and WTFMove()'ed around, instead of
being in a unique_ptr.

  • platform/network/ResourceResponseBase.cpp:

(WebCore::ResourceResponseBase::crossThreadData):
(WebCore::ResourceResponseBase::fromCrossThreadData):

  • platform/network/ResourceResponseBase.h:
9:49 AM Changeset in webkit [201646] by mark.lam@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Gardening: CLOOP build fix (needs a #include).

Not reviewed.

  • interpreter/StackVisitor.h:
9:43 AM Changeset in webkit [201645] by akling@apple.com
  • 3 edits in trunk/Source/JavaScriptCore

Eliminate two large sources of temporary StringImpl objects.
<https://webkit.org/b/158336>

Reviewed by Anders Carlsson.

We were jumping through some inefficient hoops when creating Identifiers due to the
convenience of our String(const char*) constructor.

This patch avoids just over 1 million temporary StringImpl objects on the PLUM benchmark.

  • runtime/JSObject.h:

(JSC::makeIdentifier): Add an overload for string literals so we can stop creating a temporary
String just for passing to Identifier::fromString().

  • runtime/Lookup.h:

(JSC::reifyStaticProperties): Use the Identifier::fromString() that takes an LChar* and a length
instead of creating a temporary String.

9:32 AM Changeset in webkit [201644] by pvollan@apple.com
  • 2 edits in trunk

[Win] IndexedDB worker tests are failing.
https://bugs.webkit.org/show_bug.cgi?id=158341

Reviewed by Alex Christensen.

Enable IndexedDB in workers.

  • Source/cmake/OptionsWin.cmake:
9:13 AM Changeset in webkit [201643] by Csaba Osztrogonác
  • 2 edits in trunk/Source/WebKit2

Fix the !ENABLE(INDEXED_DATABASE) build after r201575
https://bugs.webkit.org/show_bug.cgi?id=158346

Reviewed by Brady Eidson.

  • DatabaseProcess/DatabaseProcess.cpp:

(WebKit::DatabaseProcess::fetchWebsiteData):
(WebKit::DatabaseProcess::deleteWebsiteData):
(WebKit::DatabaseProcess::deleteWebsiteDataForOrigins):

8:40 AM Changeset in webkit [201642] by youenn.fablet@crf.canon.fr
  • 2 edits in trunk/Tools

[GTK] Update YouCompleteMe script to make all include paths absolute
https://bugs.webkit.org/show_bug.cgi?id=158301

Reviewed by Michael Catanzaro.

Before this patch, some include paths were not made absolute.
This could make YouCompleteMe plugin to fail extracting information or validating cpp files.

  • gtk/ycm_extra_conf.py:
7:53 AM Changeset in webkit [201641] by mark.lam@apple.com
  • 6 edits
    1 add in trunk/Source

Clean up how StackVisitor dumps its frames.
https://bugs.webkit.org/show_bug.cgi?id=158316

Reviewed by Keith Miller.

Source/JavaScriptCore:

  1. Updated to do dumping to a PrintStream.
  2. Added support for printing a prefix for each frame. This is currently used by JSDollarVMPrototype to print frame numbers.
  3. Fix the incrementing of the frame index in StackVisitor. It was initialized but never incremented before when iterating the frames.
  • interpreter/StackVisitor.cpp:

(JSC::StackVisitor::gotoNextFrame):
(JSC::StackVisitor::Frame::codeType):
(JSC::StackVisitor::Frame::functionName):
(JSC::StackVisitor::Frame::sourceURL):
(JSC::StackVisitor::Frame::toString):
(JSC::StackVisitor::Frame::createArguments):
(JSC::StackVisitor::Frame::computeLineAndColumn):
(JSC::StackVisitor::Frame::retrieveExpressionInfo):
(JSC::StackVisitor::Frame::setToEnd):
(JSC::StackVisitor::Frame::dump):
(JSC::StackVisitor::Indent::dump):
(JSC::printIndents): Deleted.
(JSC::log): Deleted.
(JSC::logF): Deleted.
(JSC::StackVisitor::Frame::print): Deleted.

  • interpreter/StackVisitor.h:

(JSC::StackVisitor::Indent::Indent):
(JSC::StackVisitor::Indent::operator++):
(JSC::StackVisitor::Indent::operator--):
(JSC::StackVisitor::Frame::isJSFrame):
(JSC::StackVisitor::Frame::isInlinedFrame):
(JSC::StackVisitor::Frame::vmEntryFrame):
(JSC::StackVisitor::Frame::callFrame):
(JSC::StackVisitor::Frame::Frame):
(JSC::StackVisitor::Frame::~Frame):

  • tools/JSDollarVMPrototype.cpp:

(JSC::PrintFrameFunctor::operator()):

Source/WTF:

Added an Indenter class what works with dataLog.

  • WTF.xcodeproj/project.pbxproj:
  • wtf/Indenter.h: Added.

(WTF::Indenter::Indenter):
(WTF::Indenter::dump):
(WTF::Indenter::operator++):
(WTF::Indenter::operator--):

2:03 AM Changeset in webkit [201640] by nael.ouedraogo@crf.canon.fr
  • 2 edits in trunk/Tools

Unreviewed: add myself to the committers list.

  • Scripts/webkitpy/common/config/contributors.json:
12:52 AM Changeset in webkit [201639] by commit-queue@webkit.org
  • 4 edits in trunk

REGRESSION: WebGL doesn't show up in CSS reflections
https://bugs.webkit.org/show_bug.cgi?id=76489

Patch by Antoine Quint <Antoine Quint> on 2016-06-03
Reviewed by Dean Jackson.

Source/WebCore:

The WebGLLayer needs to notify its owning GraphicsLayer that it was displayed
such that its clones, in GraphicsLayerCA::layerDidDisplay, may have their contents
updated to match that layer's contents. The test at compositing/webgl/webgl-reflection.html
already covers this test and its expectation on Mac has been updated.

  • platform/graphics/mac/WebGLLayer.mm:

(-[WebGLLayer display]):

LayoutTests:

Update the expected rendering to contain the reflected WebGL <canvas>.

  • platform/mac/compositing/webgl/webgl-reflection-expected.png:
12:10 AM Changeset in webkit [201638] by barraclough@apple.com
  • 2 edits in trunk/Source/WebCore

Refactor showModalDialog handling in JSDOMWindowCustom
https://bugs.webkit.org/show_bug.cgi?id=158294

Reviewed by Ryosuke Niwa.

The showModalDialog property is currently implemented in a way that effectively
results in duplication of the tail of the function, but modified to call
Base::getOwnPropertySlot instead of getStaticPropertySlot. It does so based on the
assumption that Base::getOwnPropertySlot is not going to search the static tables
(containing the property we wish to omit).

However as a part of bug #158178 I plan to change it such that Base::getOwnPropertySlot
does also search the static tables. So, refactoring this code to no longer depend on
using a function that bypasses the static tables. Always perform a lookup that will
check both property storage & static tables. If the object does contain the property,
then check explicitly for the value we're intending to suppress.

Covered by exsiting tests.

  • bindings/js/JSDOMWindowCustom.cpp:

(WebCore::JSDOMWindow::getOwnPropertySlot):

  • Check result of getStaticPropertySlot for showModalDialog function.
Note: See TracTimeline for information about the timeline view.