Timeline



Jul 25, 2016:

10:46 PM Changeset in webkit [203713] by Chris Dumez
  • 12 edits in trunk

Second parameter to Range.setStart() / setEnd() should be mandatory
https://bugs.webkit.org/show_bug.cgi?id=160184

Reviewed by Ryosuke Niwa.

LayoutTests/imported/w3c:

Rebaseline W3C test now that more checks are passing.

  • web-platform-tests/dom/interfaces-expected.txt:

Source/WebCore:

Second parameter to Range.setStart() / setEnd() should be mandatory:

Also use "unsigned long" instead of "long" type for the parameter,
as per the specification.

Firefox and Chrome agree with the specification.

No new tests, rebaselined existing test.

  • dom/Range.cpp:

(WebCore::Range::setStart):
(WebCore::Range::setEnd):
(WebCore::Range::checkNodeWOffset):

  • dom/Range.h:
  • dom/Range.idl:
  • dom/RangeBoundaryPoint.h:

(WebCore::RangeBoundaryPoint::set):

LayoutTests:

Update tests to reflect behavior change.

  • editing/deleting/delete-uneditable-style.html:
  • fast/dom/non-numeric-values-numeric-parameters-expected.txt:
  • fast/dom/script-tests/non-numeric-values-numeric-parameters.js:
  • fast/regions/simplified-layout-no-regions.html:
10:27 PM Changeset in webkit [203712] by Chris Dumez
  • 4 edits in trunk

DOMTokenList.prototype.toString should be enumerable
https://bugs.webkit.org/show_bug.cgi?id=160182

Reviewed by Ryosuke Niwa.

LayoutTests/imported/w3c:

Rebaseline W3C test now that one more check is passing.

  • web-platform-tests/dom/interfaces-expected.txt:

Source/WebCore:

DOMTokenList.prototype.toString should be enumerable:

Firefox and Chrome agree with the specification.

No new tests, rebaselined existing test.

  • html/DOMTokenList.idl:
10:27 PM Changeset in webkit [203711] by n_wang@apple.com
  • 7 edits in trunk

AX: Expose autoFillButtonType to accessibility
https://bugs.webkit.org/show_bug.cgi?id=160179

Reviewed by Chris Fleizach.

Source/WebCore:

Added a new attribute on Mac to expose the auto-fill button type.

Changes are covered in modified test.

  • accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::isValueAutofillAvailable):
(WebCore::AccessibilityObject::valueAutofillButtonType):
(WebCore::AccessibilityObject::isValueAutofilled):

  • accessibility/AccessibilityObject.h:

(WebCore::AccessibilityObject::passwordFieldValue):

  • accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):

LayoutTests:

  • accessibility/auto-fill-types-expected.txt:
  • accessibility/auto-fill-types.html:
8:04 PM Changeset in webkit [203710] by rniwa@webkit.org
  • 2 edits in trunk/Websites/perf.webkit.org

Build fix for Safari 9.

  • public/v3/models/build-request.js:

(BuildRequest.prototype.waitingTime): Don't use "const" in strict mode.

7:45 PM Changeset in webkit [203709] by rniwa@webkit.org
  • 15 edits
    2 adds in trunk/Websites/perf.webkit.org

Perf dashboard should show the list of a pending A/B testing jobs
https://bugs.webkit.org/show_bug.cgi?id=160138

Rubber-stamped by Chris Dumez.

Add a page to show the list of A/B testing build requests per triggerable. Ideally, we would like to
see a queue per builder but that would require changes to database tables and syncing scripts.

Because this page is most useful when the analysis task with which each build request is associated,
JSON API at /api/build-requests/ has been modified to return the analysis task ID for each request.

Also streamlined the page that shows the list of analysis tasks per Chris' feedback by consolidating
"Bisecting" and "Identified" into "Investigated" and moving the toolbar from the upper left corner
inside the heading to right beneath the heading above the table. Also made the category page serialize
the filter an user had typed in so that reloading the page doesn't clear it.

  • public/api/analysis-tasks.php:

(fetch_associated_data_for_tasks): Removed 'category' from the list of columns returned as the notion
of 'category' is only relevant in UI, and it's better computed in the front-end.
(format_task): Ditto.
(determine_category): Deleted.

  • public/api/test-groups.php:

(main):

  • public/include/build-requests-fetcher.php:

(BuildRequestsFetcher::fetch_for_task): Include the analysis task ID in the rows.
(BuildRequestsFetcher::fetch_for_group): Ditto. Ditto.
(BuildRequestsFetcher::fetch_incomplete_requests_for_triggerable): Ditto.
(BuildRequestsFetcher::results_internal): Ditto.

  • public/v3/index.html:
  • public/v3/main.js:

(main): Create a newly introduced BuildRequestQueuePage as a subpage of AnalysisCategoryPage.

  • public/v3/components/ratio-bar-graph.js:

(RatioBarGraph.prototype.update): Fixed a bogus assertion here. ratio can be any number. The coercion
into [-1, 1] is done inside RatioBarGraph's render() function.

  • public/v3/models/analysis-task.js:

(AnalysisTask.prototype.category): Moved the code to compute the analysis task's category from
determine_category in analysis-tasks.php. Also merged "bisecting" and "identified" into "investigated".
(AnalysisTask.categories): Merged "bisecting" and "identified" into "investigated".

  • public/v3/models/build-request.js:

(BuildRequest): Remember the triggerable and the analysis task associated with this request as well as
the time at when this request was created.
(BuildRequest.prototype.analysisTaskId): Added.
(BuildRequest.prototype.statusLabel): Use a shorter label: "Waiting" for "pending" status.
(BuildRequest.prototype.createdAt): Added.
(BuildRequest.prototype.waitingTime): Added. Returns a human readable time duration since the creation
of this build request such as "2 hours 21 minutes" against a reference time.
(BuildRequest.fetchTriggerables): Added.
(BuildRequest.cachedRequestsForTriggerableID): Added. Used when navigating back to

  • public/v3/pages/analysis-category-page.js:

(AnalysisCategoryPage): Construct AnalysisCategoryToolbar and store it in this._categoryToolbar since it
no longer inherits from Toolbar class, which PageWithHeading recognizes and stores.
(AnalysisCategoryPage.prototype.title):
(AnalysisCategoryPage.prototype.serializeState): Added.
(AnalysisCategoryPage.prototype.stateForCategory): Added. Include the filter in the serialization.
(AnalysisCategoryPage.prototype.updateFromSerializedState): Restore the filter from the URL state.
(AnalysisCategoryPage.prototype.filterDidChange): Added. Called by AnalysisCategoryToolbar to update
the URL state in addition to calling render() as done previously via setFilterCallback.
(AnalysisCategoryPage.prototype.render): Always call _categoryToolbar.render() since the hyperlinks for
the category pages now include the filter, which can be updated in each call.
(AnalysisCategoryPage.cssTemplate):

  • public/v3/pages/analysis-category-toolbar.js:

(AnalysisCategoryToolbar): Inherits from ComponentBase instead of Toolbar since AnalysisCategoryToolbar
no longer works with Heading class unlike other subclasses of Toolbar class.
(AnalysisCategoryToolbar.prototype.setCategoryPage): Added.
(AnalysisCategoryToolbar.prototype.setFilterCallback): Deleted.
(AnalysisCategoryToolbar.prototype.setFilter): Added. Used to restore from a serialized URL state.
(AnalysisCategoryToolbar.prototype.render): Don't recreate the input element as it clears the value as
well as the selection of the element. Also use AnalysisCategoryPage's stateForCategory to serialize the
category name and the current filter for each hyperlink.
(AnalysisCategoryToolbar.prototype._filterMayHaveChanged): Now takes an boolean argument specifying
whether the URL state should be updated or not. We update the URL only when a change event is fired to
avoid constantly updating it while an user is still typing.
(AnalysisCategoryToolbar.cssTemplate): Added.
(AnalysisCategoryToolbar.htmlTemplate): Added a button to open the newly added queue page.

  • public/v3/pages/build-request-queue-page.js:

(BuildRequestQueuePage): Added.
(BuildRequestQueuePage.prototype.routeName): Added.
(BuildRequestQueuePage.prototype.pageTitle): Added.
(BuildRequestQueuePage.prototype.open): Added. Fetch open build requests for every triggerables using
the same API as the syncing scripts.
(BuildRequestQueuePage.prototype.render): Added.
(BuildRequestQueuePage.prototype._constructBuildRequestTable): Added. Construct a table for the list of
pending, scheduled or running build requests in the order syncing scripts would see. Note that the list
of build requests returned by /api/build-requests/* can contain completed, canceled, or failed requests
since the JSON returns all build requests associated with each test group if one of the requests of the
group have not finished. This helps syncing scripts picking the right builder for A/B testing when it
had previously been unloaded or crashed in the middle of processing a test group. This characteristics
of the API actually helps us here because we can reliably compute the total number of build requests in
the group. The first half of this function does this counting as well as collapses all but the first
unfinished build requests into a "contraction" row, which just shows the number of build requests that
are remaining in the group.
(BuildRequestQueuePage.cssTemplate): Added.
(BuildRequestQueuePage.htmlTemplate): Added.

  • public/v3/pages/summary-page.js:

(SummaryPage.prototype.open): Use one-day median instead of seven-day median to compute the status.
(SummaryPageConfigurationGroup): Initialize _ratio to NaN. This was causing assertion failures in
RatioBarGraph's update() while measurement sets are being fetched.

  • server-tests/api-build-requests-tests.js: Updated the tests per change in BuildRequest's statusLabel.
  • unit-tests/analysis-task-tests.js: Ditto.
  • unit-tests/test-groups-tests.js: Ditto.
  • unit-tests/build-request-tests.js: Added tests for BuildRequest's waitingTime.
7:40 PM Changeset in webkit [203708] by Alan Bujtas
  • 15 edits in trunk/Source/WebCore

Cleanup RenderTable*::createAnonymous*
https://bugs.webkit.org/show_bug.cgi?id=160175

Reviewed by Simon Fraser.

This patch

  1. tightens the type on createAnonymousBoxWithSameTypeAs, createAnonymousWithParentRendererAndDisplay and

createAnonymousWithParentRenderer from RenderObject to the appropriate type.

  1. changes the return type of create* function from raw pointer to std::unique_ptr<>
  2. decouples createAnonymousBoxWithSameTypeAs and createAnonymousWithParentRenderer.

createAnonymousBoxWithSameTypeAs misleadingly calls createAnonymousWithParentRenderer
while it is never the parent in case of table items.
(std::unique_ptr::release() vs. WTFMove() will be addressed in a separate patch)

No change in functionality.

  • rendering/RenderBlock.cpp:

(WebCore::RenderBlock::createAnonymousBoxWithSameTypeAs):
(WebCore::RenderBlock::createAnonymousWithParentRendererAndDisplay):

  • rendering/RenderBlock.h:

(WebCore::RenderBlock::createAnonymousBlock):

  • rendering/RenderBox.cpp:

(WebCore::RenderBox::layoutOverflowRectForPropagation):

  • rendering/RenderBox.h:

(WebCore::RenderBox::createAnonymousBoxWithSameTypeAs):

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::addChild):

  • rendering/RenderInline.cpp:

(WebCore::RenderInline::splitFlow):

  • rendering/RenderTable.cpp:

(WebCore::RenderTable::addChild):
(WebCore::RenderTable::createTableWithStyle):
(WebCore::RenderTable::createAnonymousWithParentRenderer):

  • rendering/RenderTable.h:

(WebCore::RenderTable::createAnonymousBoxWithSameTypeAs):

  • rendering/RenderTableCell.cpp:

(WebCore::RenderTableCell::createTableCellWithStyle):
(WebCore::RenderTableCell::createAnonymousWithParentRenderer):

  • rendering/RenderTableCell.h:

(WebCore::RenderTableCell::createAnonymousBoxWithSameTypeAs):

  • rendering/RenderTableRow.cpp:

(WebCore::RenderTableRow::addChild):
(WebCore::RenderTableRow::createTableRowWithStyle):
(WebCore::RenderTableRow::createAnonymousWithParentRenderer):

  • rendering/RenderTableRow.h:

(WebCore::RenderTableRow::createAnonymousBoxWithSameTypeAs):

  • rendering/RenderTableSection.cpp:

(WebCore::RenderTableSection::addChild):
(WebCore::RenderTableSection::createTableSectionWithStyle):
(WebCore::RenderTableSection::createAnonymousWithParentRenderer):

  • rendering/RenderTableSection.h:

(WebCore::RenderTableSection::createAnonymousBoxWithSameTypeAs):

7:24 PM Changeset in webkit [203707] by Chris Dumez
  • 3 edits
    2 adds in trunk

Touch properties should be on the prototype
https://bugs.webkit.org/show_bug.cgi?id=160174

Reviewed by Ryosuke Niwa.

Source/WebCore:

Touch properties should be on the prototype:

Chrome agrees with the specification.

Test: platform/ios-simulator/ios/touch/Touch-attributes-prototype.html

  • bindings/scripts/CodeGeneratorJS.pm:

(InterfaceRequiresAttributesOnInstanceForCompatibility): Deleted.

LayoutTests:

Add layout test coverage.

  • platform/ios-simulator/ios/touch/Touch-attributes-prototype-expected.txt: Added.
  • platform/ios-simulator/ios/touch/Touch-attributes-prototype.html: Added.
7:18 PM Changeset in webkit [203706] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

Set MediaRemote playback state based on MediaSession playback state.
https://bugs.webkit.org/show_bug.cgi?id=160177

Patch by Jeremy Jones <jeremyj@apple.com> on 2016-07-25
Reviewed by Eric Carlson.

Use playback session state to update media remote playback state instead of
unconditionally setting it to playing.

  • platform/audio/mac/MediaSessionManagerMac.mm:

(WebCore::MediaSessionManagerMac::updateNowPlayingInfo):

7:15 PM Changeset in webkit [203705] by Alan Bujtas
  • 9 edits in trunk/Source/WebCore

RenderBox::haveSameDirection is used only by table items.
https://bugs.webkit.org/show_bug.cgi?id=160141

Reviewed by Simon Fraser.

Remove RenderBox::haveSameDirection() since it's used only by RenderTable*
classes. The new stand alone function (with 2 arguments) now checks if both of
the objects are valid.

No change in functionality.

  • rendering/RenderBox.h:

(WebCore::RenderBox::hasSameDirectionAs): Deleted.

  • rendering/RenderTable.cpp:

(WebCore::RenderTable::tableStartBorderAdjoiningCell):
(WebCore::RenderTable::tableEndBorderAdjoiningCell):

  • rendering/RenderTable.h:

(WebCore::haveSameDirection):

  • rendering/RenderTableCell.cpp:

(WebCore::RenderTableCell::hasStartBorderAdjoiningTable):
(WebCore::RenderTableCell::hasEndBorderAdjoiningTable):

  • rendering/RenderTableCell.h:

(WebCore::RenderTableCell::borderAdjoiningTableStart):
(WebCore::RenderTableCell::borderAdjoiningTableEnd):

  • rendering/RenderTableRow.h:

(WebCore::RenderTableRow::borderAdjoiningTableStart):
(WebCore::RenderTableRow::borderAdjoiningTableEnd):

  • rendering/RenderTableSection.cpp:

(WebCore::RenderTableSection::borderAdjoiningStartCell):
(WebCore::RenderTableSection::borderAdjoiningEndCell):
(WebCore::RenderTableSection::firstRowCellAdjoiningTableStart):
(WebCore::RenderTableSection::firstRowCellAdjoiningTableEnd):

  • rendering/RenderTableSection.h:

(WebCore::RenderTableSection::borderAdjoiningTableStart):
(WebCore::RenderTableSection::borderAdjoiningTableEnd):

6:05 PM Changeset in webkit [203704] by benjamin@webkit.org
  • 23 edits
    4 copies in trunk/Source/JavaScriptCore

Unreviewed, rolling out r203703.

It breaks some internal tests

Reverted changeset:

"[JSC] DFG::Node should not have its own allocator"
https://bugs.webkit.org/show_bug.cgi?id=160098
http://trac.webkit.org/changeset/203703

5:27 PM Changeset in webkit [203703] by commit-queue@webkit.org
  • 23 edits
    4 deletes in trunk/Source/JavaScriptCore

[JSC] DFG::Node should not have its own allocator
https://bugs.webkit.org/show_bug.cgi?id=160098

Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-07-25
Reviewed by Geoffrey Garen.

We need some design changes for DFG::Node:
-Accessing the index must be fast. B3 uses indices for sets

and maps, it is a lot faster than hashing pointers.

-We should be able to subclass DFG::Node to specialize it.

  • CMakeLists.txt:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • dfg/DFGAllocator.h: Removed.

(JSC::DFG::Allocator::Region::size): Deleted.
(JSC::DFG::Allocator::Region::headerSize): Deleted.
(JSC::DFG::Allocator::Region::numberOfThingsPerRegion): Deleted.
(JSC::DFG::Allocator::Region::data): Deleted.
(JSC::DFG::Allocator::Region::isInThisRegion): Deleted.
(JSC::DFG::Allocator::Region::regionFor): Deleted.
(JSC::DFG::Allocator<T>::Allocator): Deleted.
(JSC::DFG::Allocator<T>::~Allocator): Deleted.
(JSC::DFG::Allocator<T>::allocate): Deleted.
(JSC::DFG::Allocator<T>::free): Deleted.
(JSC::DFG::Allocator<T>::freeAll): Deleted.
(JSC::DFG::Allocator<T>::reset): Deleted.
(JSC::DFG::Allocator<T>::indexOf): Deleted.
(JSC::DFG::Allocator<T>::allocatorOf): Deleted.
(JSC::DFG::Allocator<T>::bumpAllocate): Deleted.
(JSC::DFG::Allocator<T>::freeListAllocate): Deleted.
(JSC::DFG::Allocator<T>::allocateSlow): Deleted.
(JSC::DFG::Allocator<T>::freeRegionsStartingAt): Deleted.
(JSC::DFG::Allocator<T>::startBumpingIn): Deleted.

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::addToGraph):

  • dfg/DFGCPSRethreadingPhase.cpp:

(JSC::DFG::CPSRethreadingPhase::freeUnnecessaryNodes):
(JSC::DFG::CPSRethreadingPhase::addPhiSilently):

  • dfg/DFGCleanUpPhase.cpp:

(JSC::DFG::CleanUpPhase::run):

  • dfg/DFGConstantFoldingPhase.cpp:

(JSC::DFG::ConstantFoldingPhase::run):

  • dfg/DFGConstantHoistingPhase.cpp:
  • dfg/DFGDCEPhase.cpp:

(JSC::DFG::DCEPhase::fixupBlock):

  • dfg/DFGDriver.cpp:

(JSC::DFG::compileImpl):

  • dfg/DFGGraph.cpp:

(JSC::DFG::Graph::Graph):
(JSC::DFG::Graph::deleteNode):
(JSC::DFG::Graph::killBlockAndItsContents):
(JSC::DFG::Graph::~Graph): Deleted.

  • dfg/DFGGraph.h:

(JSC::DFG::Graph::addNode):

  • dfg/DFGLICMPhase.cpp:

(JSC::DFG::LICMPhase::attemptHoist):

  • dfg/DFGLongLivedState.cpp: Removed.

(JSC::DFG::LongLivedState::LongLivedState): Deleted.
(JSC::DFG::LongLivedState::~LongLivedState): Deleted.
(JSC::DFG::LongLivedState::shrinkToFit): Deleted.

  • dfg/DFGLongLivedState.h: Removed.
  • dfg/DFGNode.cpp:

(JSC::DFG::Node::index): Deleted.

  • dfg/DFGNode.h:

(JSC::DFG::Node::index):

  • dfg/DFGNodeAllocator.h: Removed.

(operator new ): Deleted.

  • dfg/DFGObjectAllocationSinkingPhase.cpp:
  • dfg/DFGPlan.cpp:

(JSC::DFG::Plan::compileInThread):
(JSC::DFG::Plan::compileInThreadImpl):

  • dfg/DFGPlan.h:
  • dfg/DFGSSAConversionPhase.cpp:

(JSC::DFG::SSAConversionPhase::run):

  • dfg/DFGWorklist.cpp:

(JSC::DFG::Worklist::runThread):

  • runtime/VM.cpp:

(JSC::VM::VM): Deleted.

  • runtime/VM.h:
5:21 PM Changeset in webkit [203702] by Chris Dumez
  • 8 edits
    5 adds in trunk

ClientRect properties should be on the prototype
https://bugs.webkit.org/show_bug.cgi?id=160165

Reviewed by Geoffrey Garen.

Source/WebCore:

Move ClientRect properties from the instance to the prototype. This
matches the specification, Firefox and Chrome.

Also add a serializer to ClientRect in order to match the specification:

This avoids breaking content that relies on JSON.stringify() to
serialize ClientRect objects.

Tests: fast/css/ClientRect-attributes-prototype.html

fast/css/ClientRect-serialization.html

  • CMakeLists.txt:
  • WebCore.xcodeproj/project.pbxproj:
  • bindings/js/JSBindingsAllInOne.cpp:
  • bindings/js/JSClientRectCustom.cpp: Added.

(WebCore::JSClientRect::toJSON):

  • bindings/scripts/CodeGeneratorJS.pm:
  • dom/ClientRect.idl:

LayoutTests:

  • fast/css/ClientRect-attributes-prototype-expected.txt: Added.
  • fast/css/ClientRect-attributes-prototype.html: Added.

Add layout test to check that ClientRect's properties are on the
prototype.

  • fast/css/ClientRect-serialization-expected.txt: Added.
  • fast/css/ClientRect-serialization.html: Added.

Add layout test to check that ClientRect has a serializer.

2:53 PM Changeset in webkit [203701] by Chris Dumez
  • 8 edits
    2 adds in trunk

Parameters to DOMImplementation.createDocumentType() should be mandatory and non-nullable
https://bugs.webkit.org/show_bug.cgi?id=160167

Reviewed by Ryosuke Niwa.

LayoutTests/imported/w3c:

Rebaseline a W3C test now that more checks are passing.

  • web-platform-tests/dom/interfaces-expected.txt:

Source/WebCore:

Parameters to DOMImplementation.createDocumentType() should be mandatory
and non-nullable:

Firefox and Chrome both agree with the specification. However, those
parameters were nullable and optional in WebKit.

Test: fast/dom/DOMImplementation/createDocumentType-parameters.html

  • dom/DOMImplementation.idl:

LayoutTests:

  • editing/selection/script-tests/DOMSelection-DocumentType.js:
  • fast/dom/DOMImplementation/createDocumentType-err-expected.txt:
  • fast/dom/DOMImplementation/script-tests/createDocumentType-err.js:

Update existing tests to reflect the behavior change.

  • fast/dom/DOMImplementation/createDocumentType-parameters-expected.txt: Added.
  • fast/dom/DOMImplementation/createDocumentType-parameters.html: Added.

Add layout test coverage. I have verified that this test passes on both
Firefox and Chrome.

2:38 PM Changeset in webkit [203700] by beidson@apple.com
  • 7 edits in trunk/Tools

Modern IDB: Make sure IndexedDB works from file:// url documents by default
https://bugs.webkit.org/show_bug.cgi?id=153783

Reviewed by Alex Christensen.

Previously, to grant IndexedDB access to file:// urls for testing purposes,
we had to call the SPI [WKWebViewConfiguration _setAllowUniversalAccessFromFileURLs:].

As of https://trac.webkit.org/changeset/203695 this is no longer required.

Change the relevant API tests to make sure this continues to be no longer required.

  • TestWebKitAPI/Tests/WebKit2Cocoa/IDBDeleteRecovery.mm:
  • TestWebKitAPI/Tests/WebKit2Cocoa/IndexedDBDatabaseProcessKill.mm:
  • TestWebKitAPI/Tests/WebKit2Cocoa/IndexedDBMultiProcess.mm:
  • TestWebKitAPI/Tests/WebKit2Cocoa/IndexedDBPersistence.mm:
  • TestWebKitAPI/Tests/WebKit2Cocoa/StoreBlobThenDelete.mm:
  • TestWebKitAPI/Tests/WebKit2Cocoa/WebProcessKillIDBCleanup.mm:
2:03 PM Changeset in webkit [203699] by fpizlo@apple.com
  • 7 edits in trunk/Source/JavaScriptCore

AssemblyHelpers should own all of the cell allocation methods
https://bugs.webkit.org/show_bug.cgi?id=160171

Reviewed by Saam Barati.

Prior to this change we had some code in DFGSpeculativeJIT.h and some code in JIT.h that
did cell allocation.

This change moves all of that code into AssemblyHelpers.h.

  • dfg/DFGSpeculativeJIT.h:

(JSC::DFG::SpeculativeJIT::emitAllocateJSCell):
(JSC::DFG::SpeculativeJIT::emitAllocateJSObject):
(JSC::DFG::SpeculativeJIT::emitAllocateJSObjectWithKnownSize):
(JSC::DFG::SpeculativeJIT::emitAllocateVariableSizedJSObject):
(JSC::DFG::SpeculativeJIT::emitAllocateDestructibleObject):

  • jit/AssemblyHelpers.h:

(JSC::AssemblyHelpers::emitAllocate):
(JSC::AssemblyHelpers::emitAllocateJSCell):
(JSC::AssemblyHelpers::emitAllocateJSObject):
(JSC::AssemblyHelpers::emitAllocateJSObjectWithKnownSize):
(JSC::AssemblyHelpers::emitAllocateVariableSized):
(JSC::AssemblyHelpers::emitAllocateVariableSizedJSObject):
(JSC::AssemblyHelpers::emitAllocateDestructibleObject):

  • jit/JIT.h:
  • jit/JITInlines.h:

(JSC::JIT::isOperandConstantChar):
(JSC::JIT::emitValueProfilingSite):
(JSC::JIT::emitAllocateJSObject): Deleted.

  • jit/JITOpcodes.cpp:

(JSC::JIT::emit_op_new_object):
(JSC::JIT::emit_op_create_this):

  • jit/JITOpcodes32_64.cpp:

(JSC::JIT::emit_op_new_object):
(JSC::JIT::emit_op_create_this):

1:51 PM Changeset in webkit [203698] by Wenson Hsieh
  • 6 edits
    2 adds in trunk

Media controls should not be displayed for a video until it starts playing
https://bugs.webkit.org/show_bug.cgi?id=160092
<rdar://problem/26986673>

Reviewed by Beth Dakin.

Source/WebCore:

For videos that have never played back yet, we should not show media controls. To ensure this
behavior, we ensure that the playback behavior restriction is set upon creating the media
element. This restriction is then removed when the media element begins to play.

Added two new WebKit API tests.

  • html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::HTMLMediaElement):

Tools:

Verify that multiple videos do or don't show the media controller depending on whether videos
are playing. Also tweaks an existing API test (VideoControlsManagerSingleLargeVideo) that was
passing because we were always showing media controls for large videos with audio, even if they
had not played back yet. This change ensures that large videos with audio show media controls
only after they begin to play back, and not by virtue of being large enough for main content.

  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
  • TestWebKitAPI/Tests/WebKit2Cocoa/VideoControlsManager.mm:

(TestWebKitAPI::TEST):

  • TestWebKitAPI/Tests/WebKit2Cocoa/large-video-with-audio.html:
  • TestWebKitAPI/Tests/WebKit2Cocoa/large-videos-with-audio-autoplay.html: Added.
  • TestWebKitAPI/Tests/WebKit2Cocoa/large-videos-with-audio.html: Added.
1:40 PM Changeset in webkit [203697] by sbarati@apple.com
  • 8 edits in trunk/Source/JavaScriptCore

MathICs should be able to take and dump stats about code size
https://bugs.webkit.org/show_bug.cgi?id=160148

Reviewed by Filip Pizlo.

This will make testing changes on MathIC going forward much easier.
We will be able to easily see if modifications to MathIC will lead
to us generating smaller code. We now only dump average size when we
regenerate any MathIC. This works out for large tests/pages, but is not
great for testing small programs. We can add more dump points later if
we find that we want to dump stats while running small small programs.

  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::jitSoon):
(JSC::CodeBlock::dumpMathICStats):

  • bytecode/CodeBlock.h:

(JSC::CodeBlock::isStrictMode):
(JSC::CodeBlock::ecmaMode):

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileMathIC):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileMathIC):

  • jit/JITArithmetic.cpp:

(JSC::JIT::emitMathICFast):
(JSC::JIT::emitMathICSlow):

  • jit/JITMathIC.h:

(JSC::JITMathIC::finalizeInlineCode):
(JSC::JITMathIC::codeSize):

  • jit/JITOperations.cpp:
1:35 PM Changeset in webkit [203696] by jiewen_tan@apple.com
  • 16 edits
    10 moves
    1 add in trunk

Rename SubtleCrypto to WebKitSubtleCrypto
https://bugs.webkit.org/show_bug.cgi?id=160067
<rdar://problem/27483617>

Reviewed by Brent Fulgham.

Source/WebCore:

Tests: crypto/webkitSubtle/gc-2.html

crypto/webkitSubtle/gc-3.html
crypto/webkitSubtle/gc.html

Rename Class SubtleCrypto to WebKitSubtleCrypto, and Crypto.subtle to Crypto.webkitSubtle in order
to let the new implementation to reuse the name SubtleCrypto. This renaming should match what our
current JSBindings use, and therefore should not introduce any change of behavoir.

  • CMakeLists.txt:

Revise project files for for new file names.

  • DerivedSources.cpp:
  • DerivedSources.make:
  • PlatformEfl.cmake:
  • PlatformGTK.cmake:
  • PlatformMac.cmake:
  • WebCore.xcodeproj/project.pbxproj:

Revise project files for for new file names.

  • bindings/js/JSWebKitSubtleCryptoCustom.cpp: Renamed from Source/WebCore/bindings/js/JSSubtleCryptoCustom.cpp.
  • crypto/WebKitSubtleCrypto.cpp: Renamed from Source/WebCore/crypto/SubtleCrypto.cpp.
  • crypto/WebKitSubtleCrypto.h: Renamed from Source/WebCore/crypto/SubtleCrypto.h.
  • crypto/WebKitSubtleCrypto.idl: Renamed from Source/WebCore/crypto/SubtleCrypto.idl.
  • page/Crypto.cpp:

(WebCore::Crypto::webkitSubtle):
(WebCore::Crypto::subtle): Deleted.

  • page/Crypto.h:
  • page/Crypto.idl:

LayoutTests:

Move tests involving crypto.webkitSubtle from crypto/subtle to crypto/webkitSubtle.

  • crypto/webkitSubtle/gc-2-expected.txt: Renamed from LayoutTests/crypto/subtle/gc-2-expected.txt.
  • crypto/webkitSubtle/gc-2.html: Renamed from LayoutTests/crypto/subtle/gc-2.html.
  • crypto/webkitSubtle/gc-3-expected.txt: Renamed from LayoutTests/crypto/subtle/gc-3-expected.txt.
  • crypto/webkitSubtle/gc-3.html: Renamed from LayoutTests/crypto/subtle/gc-3.html.
  • crypto/webkitSubtle/gc-expected.txt: Renamed from LayoutTests/crypto/subtle/gc-expected.txt.
  • crypto/webkitSubtle/gc.html: Renamed from LayoutTests/crypto/subtle/gc.html.
  • platform/efl/TestExpectations:
  • platform/gtk/TestExpectations:
  • platform/ios-simulator-wk1/TestExpectations:
  • platform/win/TestExpectations:
12:57 PM Changeset in webkit [203695] by beidson@apple.com
  • 3 edits
    2 moves
    1 add
    1 delete in trunk

Allow LocalStorage by default for file URLs.
https://bugs.webkit.org/show_bug.cgi?id=160169

Reviewed by Brent Fulgham.

Source/WebCore:

Test: storage/domstorage/localstorage/file-can-access.html

  • page/SecurityOrigin.cpp:

(WebCore::SecurityOrigin::canAccessStorage): Remove the m_universalAccess check for local URLs.

LayoutTests:

  • storage/domstorage/localstorage/blocked-file-access-expected.txt: Removed.
  • storage/domstorage/localstorage/file-can-access-expected.txt: Added.
  • storage/domstorage/localstorage/file-can-access.html: Renamed from LayoutTests/storage/domstorage/localstorage/blocked-file-access.html.
  • storage/domstorage/localstorage/resources/unblocked-example.html: Renamed from LayoutTests/storage/domstorage/localstorage/resources/blocked-example.html.
12:15 PM Changeset in webkit [203694] by n_wang@apple.com
  • 3 edits
    2 adds in trunk

AX: AccessibilityRenderObject is adding duplicated children when CSS first-letter is being used.
https://bugs.webkit.org/show_bug.cgi?id=160155

Reviewed by Chris Fleizach.

Source/WebCore:

We were adding the same text node twice if CSS first-letter selector was being used. Added a
check for the inline continuation so that we only add it once.

Test: accessibility/mac/css-first-letter-children.html

  • accessibility/AccessibilityRenderObject.cpp:

(WebCore::firstChildConsideringContinuation):

LayoutTests:

  • accessibility/mac/css-first-letter-children-expected.txt: Added.
  • accessibility/mac/css-first-letter-children.html: Added.
12:04 PM Changeset in webkit [203693] by sbarati@apple.com
  • 17 edits in trunk/Source/JavaScriptCore

op_mul/ArithMul(Untyped,Untyped) should be an IC
https://bugs.webkit.org/show_bug.cgi?id=160108

Reviewed by Mark Lam.

This patch makes Mul a type based IC in much the same way that we made
Add a type-based IC. I implemented Mul in the same way. I abstracted the
implementation of the Add IC in the various JITs to allow for it to
work over arbitrary IC snippets. This will make adding Div/Sub/Pow in the
future easy. This patch also adds a new boolean argument to the various
snippet generateFastPath() methods to indicate if we should emit result profiling.
I added this because we want this profiling to be emitted for Mul in
the baseline, but not in the DFG. We used to indicate this through passing
in a nullptr for the ArithProfile, but we no longer do that in the upper
JIT tiers. So we are passing an explicit request from the JIT tier about
whether or not it's worth it for the IC to emit profiling.

We now emit much less code for Mul. Here is some data on the average
Mul snippet/IC size:

| JetStream | Unity 3D |

------| -------------

Old | ~280 bytes | ~280 bytes |

------| -------------

New | 210 bytes | 185 bytes |

------------------------------------

  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::addJITAddIC):
(JSC::CodeBlock::addJITMulIC):
(JSC::CodeBlock::findStubInfo):

  • bytecode/CodeBlock.h:

(JSC::CodeBlock::stubInfoBegin):
(JSC::CodeBlock::stubInfoEnd):

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::GPRTemporary::adopt):
(JSC::DFG::FPRTemporary::FPRTemporary):
(JSC::DFG::SpeculativeJIT::compileValueAdd):
(JSC::DFG::SpeculativeJIT::compileMathIC):
(JSC::DFG::SpeculativeJIT::compileArithMul):

  • dfg/DFGSpeculativeJIT.h:

(JSC::DFG::SpeculativeJIT::callOperation):
(JSC::DFG::GPRTemporary::GPRTemporary):
(JSC::DFG::GPRTemporary::operator=):
(JSC::DFG::FPRTemporary::~FPRTemporary):
(JSC::DFG::FPRTemporary::fpr):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileToThis):
(JSC::FTL::DFG::LowerDFGToB3::compileValueAdd):
(JSC::FTL::DFG::LowerDFGToB3::compileMathIC):
(JSC::FTL::DFG::LowerDFGToB3::compileArithMul):

  • jit/JIT.h:

(JSC::JIT::getSlowCase):

  • jit/JITAddGenerator.cpp:

(JSC::JITAddGenerator::generateInline):
(JSC::JITAddGenerator::generateFastPath):

  • jit/JITAddGenerator.h:

(JSC::JITAddGenerator::JITAddGenerator):
(JSC::JITAddGenerator::isLeftOperandValidConstant):
(JSC::JITAddGenerator::isRightOperandValidConstant):

  • jit/JITArithmetic.cpp:

(JSC::JIT::emit_op_add):
(JSC::JIT::emitSlow_op_add):
(JSC::JIT::emitMathICFast):
(JSC::JIT::emitMathICSlow):
(JSC::JIT::emit_op_mul):
(JSC::JIT::emitSlow_op_mul):
(JSC::JIT::emit_op_sub):

  • jit/JITInlines.h:

(JSC::JIT::callOperation):

  • jit/JITMathIC.h:

(JSC::JITMathIC::slowPathStartLocation):
(JSC::JITMathIC::slowPathCallLocation):
(JSC::JITMathIC::isLeftOperandValidConstant):
(JSC::JITMathIC::isRightOperandValidConstant):
(JSC::JITMathIC::generateInline):
(JSC::JITMathIC::generateOutOfLine):

  • jit/JITMathICForwards.h:
  • jit/JITMulGenerator.cpp:

(JSC::JITMulGenerator::generateInline):
(JSC::JITMulGenerator::generateFastPath):

  • jit/JITMulGenerator.h:

(JSC::JITMulGenerator::JITMulGenerator):
(JSC::JITMulGenerator::isLeftOperandValidConstant):
(JSC::JITMulGenerator::isRightOperandValidConstant):
(JSC::JITMulGenerator::didEmitFastPath): Deleted.
(JSC::JITMulGenerator::endJumpList): Deleted.
(JSC::JITMulGenerator::slowPathJumpList): Deleted.

  • jit/JITOperations.cpp:
  • jit/JITOperations.h:
11:45 AM Changeset in webkit [203692] by weinig@apple.com
  • 2 edits in trunk/Source/WebKit2

Fix assertion.

  • NetworkProcess/cache/NetworkCacheCodersCocoa.cpp:

(WebKit::NetworkCache::encodeCertificateChain):

11:01 AM Changeset in webkit [203691] by commit-queue@webkit.org
  • 5 edits
    2 adds in trunk/Source/WebKit2

Split platform specific parts of NetworkCacheCoders.cpp into separate files
https://bugs.webkit.org/show_bug.cgi?id=160151

Patch by Sam Weinig <sam@webkit.org> on 2016-07-25
Reviewed by Alex Christensen.

  • NetworkProcess/cache/NetworkCacheCoders.cpp:

(WebKit::NetworkCache::Coder<WebCore::CertificateInfo>::encode): Deleted.
(WebKit::NetworkCache::Coder<WebCore::CertificateInfo>::decode): Deleted.

  • NetworkProcess/cache/NetworkCacheCodersCocoa.cpp: Copied from Source/WebKit2/NetworkProcess/cache/NetworkCacheCoders.cpp.

(WebKit::NetworkCache::encodeCFData): Moved.
(WebKit::NetworkCache::decodeCFData): Moved.
(WebKit::NetworkCache::encodeSecTrustRef): Moved.
(WebKit::NetworkCache::decodeSecTrustRef): Moved.
(WebKit::NetworkCache::encodeCertificateChain): Moved.
(WebKit::NetworkCache::decodeCertificateChain): Moved.
(WebKit::NetworkCache::Coder<WebCore::CertificateInfo>::encode): Moved.
(WebKit::NetworkCache::Coder<WebCore::CertificateInfo>::decode): Moved.

  • NetworkProcess/cache/NetworkCacheCodersSoup.cpp: Copied from Source/WebKit2/NetworkProcess/cache/NetworkCacheCoders.cpp.

(WebKit::NetworkCache::Coder<WebCore::CertificateInfo>::encode): Moved.
(WebKit::NetworkCache::Coder<WebCore::CertificateInfo>::decode): Moved.

  • PlatformGTK.cmake:
  • PlatformMac.cmake:
  • WebKit2.xcodeproj/project.pbxproj:

Add new files.

10:49 AM Changeset in webkit [203690] by Wenson Hsieh
  • 7 edits
    3 adds in trunk

Media controls on apple.com don't disappear when movie finishes playing
https://bugs.webkit.org/show_bug.cgi?id=160068
<rdar://problem/26668526>

Reviewed by Darin Adler.

Source/WebCore:

When a video ends, it should cause media controls to hide. While current logic
mostly accounts for this, it does not account for programmatic seeks causing
the video to lose its 'ended' status before querying for whether or not to
show media controls.

Three new API tests: large-video-seek-after-ending.html
large-video-hides-controls-after-seek-to-end.html
large-video-seek-to-beginning-and-play-after-ending.html

  • html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::mediaPlayerTimeChanged):
(WebCore::HTMLMediaElement::setPlaying):

  • html/MediaElementSession.cpp:

(WebCore::MediaElementSession::canControlControlsManager):

  • html/MediaElementSession.h:

Tools:

Adds new API tests. Please see WebCore ChangeLog for more details.

  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
  • TestWebKitAPI/Tests/WebKit2Cocoa/VideoControlsManager.mm:

(-[MediaPlaybackMessageHandler initWithWKWebView:finalMessageString:]):
(-[MediaPlaybackMessageHandler userContentController:didReceiveScriptMessage:]):
(TestWebKitAPI::TEST):
(-[DidPlayMessageHandler initWithWKWebView:]): Deleted.
(-[DidPlayMessageHandler userContentController:didReceiveScriptMessage:]): Deleted.

  • TestWebKitAPI/Tests/WebKit2Cocoa/large-video-hides-controls-after-seek-to-end.html: Added.
  • TestWebKitAPI/Tests/WebKit2Cocoa/large-video-seek-after-ending.html: Added.
  • TestWebKitAPI/Tests/WebKit2Cocoa/large-video-seek-to-beginning-and-play-after-ending.html: Added.
10:21 AM Changeset in webkit [203689] by bshafiei@apple.com
  • 5 edits in branches/safari-602-branch/Source

Versioning.

10:13 AM Changeset in webkit [203688] by commit-queue@webkit.org
  • 9 edits
    2 copies in trunk/Source/WebCore

Introduce a MathMLOperatorElement class
https://bugs.webkit.org/show_bug.cgi?id=160034

Patch by Frederic Wang <fwang@igalia.com> on 2016-07-25
Reviewed by Darin Adler.

No new tests, rendering is unchaned.

  • CMakeLists.txt: Add MathMLOperatorElement to the build file.
  • WebCore.xcodeproj/project.pbxproj: Ditto.
  • mathml/MathMLAllInOne.cpp: Ditto.
  • mathml/MathMLOperatorElement.cpp: New DOM class for <mo> element.

(WebCore::MathMLOperatorElement::MathMLOperatorElement):
(WebCore::MathMLOperatorElement::create):
(WebCore::MathMLOperatorElement::parseAttribute): Handle mo attributes.
(WebCore::MathMLOperatorElement::createElementRenderer): Create RenderMathMLOperator.

  • mathml/MathMLOperatorElement.h: Declare a class deriving from MathMLTextElement.
  • mathml/MathMLTextElement.cpp: Remove all the RenderMathMLOperator parts.

(WebCore::MathMLTextElement::MathMLTextElement): Remove inline keyword so that the class can
be overriden.
(WebCore::MathMLTextElement::parseAttribute): Remove code handled in MathMLOperatorElement.
(WebCore::MathMLTextElement::createElementRenderer): Ditto.

  • mathml/MathMLTextElement.h: Make class and members overridable.
  • mathml/mathtags.in: Map mo to MathMLOperatorElement.
  • rendering/mathml/RenderMathMLOperator.cpp:

(WebCore::RenderMathMLOperator::RenderMathMLOperator): Make the constructor take a
MathMLOperatorElement.

  • rendering/mathml/RenderMathMLOperator.h: Ditto.
9:57 AM Changeset in webkit [203687] by Chris Dumez
  • 4 edits in trunk/Source/WebKit2

[iOS] Make sure we call the ProcessAssertion invalidation handler on the main thread
https://bugs.webkit.org/show_bug.cgi?id=160140
<rdar://problem/27399998>

Reviewed by Darin Adler.

Based on crash traces, it appears BKSProcessAssertion is calling our
invalidation handler on a background thread. This was not anticipated
and therefore, this would lead to thread safety issues and crashes.

We now make sure to call our invalidation handler on the main thread.
We also use a WeakPtr to ensure that the ProcessAssertion is still
alive once on the main thread and before calling the invalidation
handler.

  • UIProcess/ProcessAssertion.cpp:

(WebKit::ProcessAssertion::ProcessAssertion):

  • UIProcess/ProcessAssertion.h:

(WebKit::ProcessAssertion::ProcessAssertion):
(WebKit::ProcessAssertion::createWeakPtr):

  • UIProcess/ios/ProcessAssertionIOS.mm:

(WebKit::ProcessAssertion::ProcessAssertion):
(WebKit::ProcessAssertion::markAsInvalidated):

9:37 AM Changeset in webkit [203686] by Darin Adler
  • 4 edits in trunk/Source

Speed up make process slightly by improving "list of files" idiom
https://bugs.webkit.org/show_bug.cgi?id=160164

Reviewed by Mark Lam.

  • DerivedSources.make: Change rules that build lists of files to only run when

DerivedSources.make has been modified since the last time they were run. Since the
list of files are inside this file, this is safe, and this is faster than always
comparing and regenerating the file containing the list of files each time.

9:30 AM Changeset in webkit [203685] by Philippe Normand
  • 2 edits in trunk/Tools

Unreviewed, fix test-webkitpy after r203674.

  • Scripts/webkitpy/port/linux_get_crash_log_unittest.py:

(GDBCrashLogGeneratorTest.test_generate_crash_log):

9:03 AM Changeset in webkit [203684] by Wenson Hsieh
  • 4 edits
    2 adds in trunk

The web process hangs when computing elements-based snap points for a container with large max scroll offset
https://bugs.webkit.org/show_bug.cgi?id=152605
<rdar://problem/25353661>

Reviewed by Simon Fraser.

Source/WebCore:

Fixes a bug in the computation of axis snap points. The ScrollSnapPoints object, which tracks
snap points along a particular axis, has two flags, hasRepeat and usesElements. For elements-
based snapping, both flags would be turned on, since StyleBuilderConverter::convertScrollSnapPoints
short-circuits for elements-based snapping and does not default usesRepeat to false. To address this,
we make ScrollSnapPoints not repeat(100%) by default.

Test: css3/scroll-snap/scroll-snap-elements-container-larger-than-children.html

  • css/StyleBuilderConverter.h:

(WebCore::StyleBuilderConverter::convertScrollSnapPoints): Deleted.

  • rendering/style/StyleScrollSnapPoints.cpp:

(WebCore::ScrollSnapPoints::ScrollSnapPoints):

LayoutTests:

Adds a scroll snap offset computation test case that would have previously
caused the web process to hang before this patch.

  • css3/scroll-snap/scroll-snap-elements-container-larger-than-children-expected.txt: Added.
  • css3/scroll-snap/scroll-snap-elements-container-larger-than-children.html: Added.
8:02 AM Changeset in webkit [203683] by Carlos Garcia Campos
  • 2 edits in trunk/Source/WebCore

REGRESSION(r200931): Invalid cast in highestAncestorToWrapMarkup()
https://bugs.webkit.org/show_bug.cgi?id=160163

Reviewed by Michael Catanzaro.

Since r200931 the result of enclosingNodeOfType() in highestAncestorToWrapMarkup() is downcasted to Element, but
the result of enclosingNodeOfType() can be a Node that is not an Element, in this case is Text. The cast is not
needed at all since that node is passed to editingIgnoresContent() and selectionFromContentsOfNode() and both
receive a Node not an Element.

  • editing/markup.cpp:

(WebCore::highestAncestorToWrapMarkup): Remove invalid cast.

8:01 AM Changeset in webkit [203682] by Carlos Garcia Campos
  • 2 edits in trunk/Source/WebCore

[Coordinated Graphics] ASSERTION FAILED: m_coordinator->isFlushingLayerChanges() in fast/repaint/animation-after-layer-scroll.html
https://bugs.webkit.org/show_bug.cgi?id=160156

Reviewed by Michael Catanzaro.

So, we fixed an assertion in r203663, but now is hitting the next one. As explained in bug #160142, flush
compositing state can be triggered in tests by RenderLayerCompositor::layerTreeAsText(), without the coordinator
even noticing it, so the assert can be just removed.

  • platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:

(WebCore::CoordinatedGraphicsLayer::flushCompositingStateForThisLayerOnly): Remove incorrect assert.

7:33 AM Changeset in webkit [203681] by Alan Bujtas
  • 3 edits in trunk/Source/WebCore

EllipsisBox ctor's isVertical parameter should read isHorizontal.
https://bugs.webkit.org/show_bug.cgi?id=160153

Reviewed by Andreas Kling.

It indicates whether the ellipsis box is horizontal. (both the callsites
and the parent class use isHorizontal)

No change in functionality.

  • rendering/EllipsisBox.cpp:

(WebCore::EllipsisBox::EllipsisBox):

  • rendering/EllipsisBox.h:
5:25 AM MathML/Early_2016_Refactoring edited by fred.wang@free.fr
(diff)
1:57 AM Changeset in webkit [203680] by svillar@igalia.com
  • 21 edits
    1 copy
    2 moves
    5 adds in trunk

[css-grid] Implement repeat(auto-fit)
https://bugs.webkit.org/show_bug.cgi?id=159771

Reviewed by Darin Adler.

Source/WebCore:

The auto-fit keyword works exactly as the already implemented auto-fill except that all
empty tracks collapse (became 0px). Absolutely positioned items do not participate on the
layout of the grid so they are not considered (a grid with only absolutely positioned items
is considered an empty grid).

Whenever a track collapses the gutters on either side do also collapse. When a collapsed
track's gutters collapse, they coincide exactly. If one side of a collapsed track does not
have a gutter then collapsing its gutters results in no gutter on either "side" of the
collapsed track.

In practice this means that is not possible to know the gap between 2 consecutive auto
repeat tracks without examining some others whenever there are collapsed tracks.

Uncommented the auto-fit cases from Mozilla tests. They have to be adapted as the reftest
machinery requires all the content to be rendered in the original 800x600 viewport.

Tests: fast/css-grid-layout/grid-auto-fit-columns.html
fast/css-grid-layout/grid-auto-fit-rows.html
fast/css-grid-layout/mozilla/grid-repeat-auto-fill-fit-005-part-1.html
fast/css-grid-layout/mozilla/grid-repeat-auto-fill-fit-005-part-2.html

  • css/CSSComputedStyleDeclaration.cpp:

(WebCore::valueForGridTrackList): Use the newly added trackSizesForComputedStyle().

  • rendering/RenderGrid.cpp:

(WebCore::RenderGrid::computeTrackBasedLogicalHeight):
(WebCore::RenderGrid::computeTrackSizesForDirection):
(WebCore::RenderGrid::isEmptyAutoRepeatTrack):
(WebCore::RenderGrid::gridGapForDirection): Returns the gap directly from the style.
(WebCore::RenderGrid::guttersSize): Computes the gap between a startLine and an
endLine. This method may need to inspect some other surrounding tracks to compute the gap.
(WebCore::RenderGrid::computeIntrinsicLogicalWidths):
(WebCore::RenderGrid::computeIntrinsicLogicalHeight):
(WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
(WebCore::RenderGrid::gridTrackSize):
(WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForItems):
(WebCore::RenderGrid::computeAutoRepeatTracksCount):
(WebCore::RenderGrid::computeEmptyTracksForAutoRepeat): Returns a Vector with the auto
repeat tracks that are going to be collapsed because they're empty.
(WebCore::RenderGrid::placeItemsOnGrid):
(WebCore::RenderGrid::trackSizesForComputedStyle): Used by ComputedStyle logic to print the
size of tracks. Added in order to hide the actual contents of m_columnPositions and
m_rowPositions to the outter world.
(WebCore::RenderGrid::offsetAndBreadthForPositionedChild):
(WebCore::RenderGrid::gridAreaBreadthForChild):
(WebCore::RenderGrid::populateGridPositionsForDirection): Added some extra code to compute
gaps as they cannot be directly added between tracks in case of having collapsed tracks.
(WebCore::RenderGrid::columnAxisOffsetForChild):
(WebCore::RenderGrid::rowAxisOffsetForChild):
(WebCore::RenderGrid::offsetBetweenTracks): Deleted.

  • rendering/RenderGrid.h: Made some API private. Added new required methods/attributes.
  • css/CSSComputedStyleDeclaration.cpp:

(WebCore::valueForGridTrackList):

  • rendering/RenderGrid.cpp:

(WebCore::RenderGrid::computeTrackBasedLogicalHeight):
(WebCore::RenderGrid::computeTrackSizesForDirection):
(WebCore::RenderGrid::hasAutoRepeatEmptyTracks):
(WebCore::RenderGrid::isEmptyAutoRepeatTrack):
(WebCore::RenderGrid::gridGapForDirection):
(WebCore::RenderGrid::guttersSize):
(WebCore::RenderGrid::computeIntrinsicLogicalWidths):
(WebCore::RenderGrid::computeIntrinsicLogicalHeight):
(WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
(WebCore::RenderGrid::gridTrackSize):
(WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForItems):
(WebCore::RenderGrid::computeAutoRepeatTracksCount):
(WebCore::RenderGrid::computeEmptyTracksForAutoRepeat):
(WebCore::RenderGrid::placeItemsOnGrid):
(WebCore::RenderGrid::trackSizesForComputedStyle):
(WebCore::RenderGrid::offsetAndBreadthForPositionedChild):
(WebCore::RenderGrid::assumedRowsSizeForOrthogonalChild):
(WebCore::RenderGrid::gridAreaBreadthForChild):
(WebCore::RenderGrid::populateGridPositionsForDirection):
(WebCore::RenderGrid::columnAxisOffsetForChild):
(WebCore::RenderGrid::rowAxisOffsetForChild):
(WebCore::RenderGrid::offsetBetweenTracks): Deleted.

  • rendering/RenderGrid.h:

LayoutTests:

Uncommented the auto-fit cases. Split the Mozilla's 005 test in two because it was not
possible to fit all the content in a viewport without scrollbars.

  • fast/css-grid-layout/grid-auto-fit-columns-expected.txt: Added.
  • fast/css-grid-layout/grid-auto-fit-columns.html: Added.
  • fast/css-grid-layout/grid-auto-fit-rows-expected.txt: Added.
  • fast/css-grid-layout/grid-auto-fit-rows.html: Added.
  • fast/css-grid-layout/grid-element-auto-repeat-get-set-expected.txt:
  • fast/css-grid-layout/grid-element-auto-repeat-get-set.html:
  • fast/css-grid-layout/grid-only-abspos-item-computed-style-crash-expected.txt:
  • fast/css-grid-layout/grid-only-abspos-item-computed-style-crash.html:
  • fast/css-grid-layout/grid-positioned-items-padding-expected.txt:
  • fast/css-grid-layout/grid-positioned-items-padding.html:
  • fast/css-grid-layout/grid-template-columns-rows-computed-style-gaps-content-alignment-expected.txt:
  • fast/css-grid-layout/grid-template-columns-rows-computed-style-gaps-content-alignment.html:
  • fast/css-grid-layout/mozilla/grid-repeat-auto-fill-fit-001-expected.html:
  • fast/css-grid-layout/mozilla/grid-repeat-auto-fill-fit-001.html:
  • fast/css-grid-layout/mozilla/grid-repeat-auto-fill-fit-002-expected.html:
  • fast/css-grid-layout/mozilla/grid-repeat-auto-fill-fit-002.html:
  • fast/css-grid-layout/mozilla/grid-repeat-auto-fill-fit-003-expected.html:
  • fast/css-grid-layout/mozilla/grid-repeat-auto-fill-fit-003.html:
  • fast/css-grid-layout/mozilla/grid-repeat-auto-fill-fit-004-expected.html:
  • fast/css-grid-layout/mozilla/grid-repeat-auto-fill-fit-004.html:
  • fast/css-grid-layout/mozilla/grid-repeat-auto-fill-fit-005-part-1-expected.html: Renamed from LayoutTests/fast/css-grid-layout/mozilla/grid-repeat-auto-fill-fit-005-expected.html.
  • fast/css-grid-layout/mozilla/grid-repeat-auto-fill-fit-005-part-1.html: Copied from LayoutTests/fast/css-grid-layout/mozilla/grid-repeat-auto-fill-fit-005.html.
  • fast/css-grid-layout/mozilla/grid-repeat-auto-fill-fit-005-part-2-expected.html: Added.
  • fast/css-grid-layout/mozilla/grid-repeat-auto-fill-fit-005-part-2.html: Renamed from LayoutTests/fast/css-grid-layout/mozilla/grid-repeat-auto-fill-fit-005.html.
12:21 AM MathML/Early_2016_Refactoring edited by fred.wang@free.fr
(diff)
12:18 AM Changeset in webkit [203679] by fred.wang@free.fr
  • 12 edits in trunk/Source/WebCore

Move parsing of display, displaystyle and mathvariant attributes into MathML element classes
https://bugs.webkit.org/show_bug.cgi?id=159623

Patch by Frederic Wang <fwang@igalia.com> on 2016-07-24
Reviewed by Brent Fulgham.

No new tests, already covered by existing tests.

  • mathml/MathMLElement.cpp:

(WebCore::MathMLElement::parseMathVariantAttribute): Move helper function to parse the
mathvariant attribute.
(WebCore::MathMLElement::getSpecifiedDisplayStyle): Helper function to set the displaystyle
value from the attribute specified on the MathML element.
(WebCore::MathMLElement::getSpecifiedMathVariant): Helper function to set the mathvariant
value from the attribute specified on the MathML element.

  • mathml/MathMLElement.h: Move the enum for mathvariant values and declare new members.

(WebCore::MathMLElement::acceptsDisplayStyleAttribute): Indicate whether the element accepts
displaystyle attribute (false for most of them).
(WebCore::MathMLElement::acceptsMathVariantAttribute): Indicate whether the element accepts
mathvariant attribute (false for most of them).

  • mathml/MathMLInlineContainerElement.cpp:

(WebCore::MathMLInlineContainerElement::acceptsDisplayStyleAttribute): Add mstyle and mtable
to the list of elements accepting the displaystyle attribute.
(WebCore::MathMLInlineContainerElement::acceptsMathVariantAttribute): Add mstyle to the list
of elements accepting the mathvariant attribute.
(WebCore::MathMLInlineContainerElement::parseAttribute): Mark displaystyle and mathvariant
dirty if necessary. Also use the new accepts*Attribute function.

  • mathml/MathMLInlineContainerElement.h: Declare overridden accepts*Attribute members.
  • mathml/MathMLMathElement.cpp:

(WebCore::MathMLMathElement::getSpecifiedDisplayStyle): Override acceptsDisplayStyleAttribute
so that the display attribute is also used to set the default value if the displaystyle
attribute is absent.
(WebCore::MathMLMathElement::parseAttribute): Mark displaystyle and mathvariant dirty if
necessary. We directly MathMLElement::parseAttribute to avoid duplicate work.

  • mathml/MathMLMathElement.h: Add the math tag to the list of elements accepting the

displaystyle and mathvariant attributes. Declare overridden getSpecifiedDisplayStyle.

  • mathml/MathMLTextElement.cpp:

(WebCore::MathMLTextElement::parseAttribute): Mark mathvariant as dirty.

  • mathml/MathMLTextElement.h: Add token elements to the list of elements accepting the

mathvariant attribute.

  • rendering/mathml/MathMLStyle.cpp:

(WebCore::MathMLStyle::updateStyleIfNeeded): Use the new MathMLElement::MathVariant enum.
(WebCore::MathMLStyle::resolveMathMLStyle): We no longer parse the display value to
initialize the default value on the math tag, because this is handled in
getSpecifiedDisplayStyle. In general, we also just call getSpecifiedDisplayStyle and
getSpecifiedMathVariant on the MathML elements instead of parsing the displaystyle and
mathvariant attributes here.
(WebCore::MathMLStyle::parseMathVariant): Deleted. This is moved into MathMLElement.

  • rendering/mathml/MathMLStyle.h: Use the new MathMLElement::MathVariant enum.
  • rendering/mathml/RenderMathMLToken.cpp: Ditto.

(WebCore::mathVariant): Ditto.
(WebCore::RenderMathMLToken::updateMathVariantGlyph): Ditto.

12:10 AM Changeset in webkit [203678] by Carlos Garcia Campos
  • 3 edits in trunk/Source/WebCore

Unreviewed. Remove unneeded header includes from CoordinatedGraphicsLayer.

Not only thjey are not needed, they are a layer violation, CoordinatedGraphicsLayer shouldn't know anything
about Page, Frame and FrameView.

  • platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
  • platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:

Jul 24, 2016:

11:34 PM Changeset in webkit [203677] by Philippe Normand
  • 1 edit
    1 add in trunk/Tools

Unreviewed, forgot to commit this file in r203674.

  • Scripts/process-linux-coredump: Added.

(main):

11:33 PM Changeset in webkit [203676] by Carlos Garcia Campos
  • 3 edits in trunk/Source/WebKit2

[GTK][Threaded Compositor] ASSERTION FAILED: !!handle !!m_nativeSurfaceHandle with several layout tests
https://bugs.webkit.org/show_bug.cgi?id=160143

Reviewed by Michael Catanzaro.

We have a message to set the native surface handle and another one for destroying it, the former is a normal
message while the latter is sync. This assertion happens if the web view is realized before the web process is
launched. This is the sequence:

1.- DrawingAreaProxyImpl sends SetNativeSurfaceHandleForCompositing message to the web process, since the
process hasn't been launched yet, the message is queued.
2.- Web process is launched and queued messages are now sent to the web process.
3.- The page is closed right after the web process is launched, and DrawingAreaProxyImpl sends
DestroyNativeSurfaceHandleForCompositing to the web process.
4.- The web process processes incoming messages, and DestroyNativeSurfaceHandleForCompositing is processed before
SetNativeSurfaceHandleForCompositing because it's sync.
5.- The web process processes SetNativeSurfaceHandleForCompositing message.

This is not only producing the assertion, it's also setting a handle for a X window already destroyed in the UI
process, so this could be producing the X errors we have seen in other tests. So, we need to make sure
SetNativeSurfaceHandleForCompositing and DestroyNativeSurfaceHandleForCompositing are handled in order by the
web process. We could make SetNativeSurfaceHandleForCompositing sync as well, but sync messages are just ignored
when sent before the web process has been launched (only normal messages are queued for obvious reasons). The
other option is sending the SetNativeSurfaceHandleForCompositing message with the
IPC::DispatchMessageEvenWhenWaitingForSyncReply flag. In this case the message is queued and dispatched on
process launch, but it's dispatched before other messages also queued without that flag, like
CreateWebPage. Since there's no WebPage the web process doesn't find a valid message receiver for it and
it's discarded. We need to ensure the DrawinArea object has been created before sending the
SetNativeSurfaceHandleForCompositing with the PC::DispatchMessageEvenWhenWaitingForSyncReply flag.

  • UIProcess/DrawingAreaProxyImpl.cpp:

(WebKit::DrawingAreaProxyImpl::didUpdateBackingStoreState): If we have received the first update and there's a
SetNativeSurfaceHandleForCompositing message pending, send it.
(WebKit::DrawingAreaProxyImpl::setNativeSurfaceHandleForCompositing): Do not send the message before the first
update is received.
(WebKit::DrawingAreaProxyImpl::destroyNativeSurfaceHandleForCompositing): If there was a
SetNativeSurfaceHandleForCompositing message pending, just ignore this destroy since the web process never
received the handle.

  • UIProcess/DrawingAreaProxyImpl.h:
11:28 PM Changeset in webkit [203675] by commit-queue@webkit.org
  • 27 edits
    3 copies
    1 delete in trunk

[Fetch API] Request should be created with any HeadersInit data
https://bugs.webkit.org/show_bug.cgi?id=159672

Patch by Youenn Fablet <youenn@apple.com> on 2016-07-24
Reviewed by Sam Weinig.

LayoutTests/imported/w3c:

  • imported/w3c/web-platform-tests/fetch/api/credentials/authentication-basic-expected.txt: Test was previously

failing due to lack of support for HeadersInit data in Request constructor.

  • platform/mac-wk1/imported/w3c/web-platform-tests/fetch/api/credentials/authentication-basic-expected.txt: Removed.
  • web-platform-tests/fetch/api/request/request-headers-expected.txt:
  • web-platform-tests/fetch/api/request/request-headers.html: Adding new test.

Source/JavaScriptCore:

  • Scripts/builtins/builtins_generator.py:

(WK_lcfirst): Synchronized with CodeGenerator.pm version.

Source/WebCore:

Made Request use JSBuiltinConstructor.
This allows initializing newly created Request with a JS built-in function, initializeFetchRequest.
initializeFetchRequest can call @fillFetchHeaders internal built-in to handle any HeadersInit data.
Future effort should be made to migrate more initialization code in initializeFetchRequest.

Made window and worker fetch function as a JS built-in.
This becomes more handy as these new functions can construct the Request object.
They can then call a single private function that takes a Request object as input.
Updated DOMWindowFetch and WorkerGlobalScopeFetch code accordingly.

To enable this, the binding generator is updated to support runtime-enabled JS built-in functions and
private functions atttached to global objects.

Covered by existing and modified tests.
Binding generator test covered by updated binding tests.

  • CMakeLists.txt: Adding DOMWindowFetch.js, FetchRequest.js and WorkerGlobalScopeFetch.js built-in files.
  • DerivedSources.make: Ditto.
  • Modules/fetch/DOMWindowFetch.cpp: Removed overloaded fetch and updated according new signature.

(WebCore::DOMWindowFetch::fetch):

  • Modules/fetch/DOMWindowFetch.h: Ditto.
  • Modules/fetch/DOMWindowFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
  • Modules/fetch/DOMWindowFetch.js: Added.

(fetch):

  • Modules/fetch/FetchHeaders.h:

(WebCore::FetchHeaders::setGuard): Used by FetchRequest when initializing headers.

  • Modules/fetch/FetchRequest.cpp:

(WebCore::buildHeaders): Removed as implemented in JS.
(WebCore::FetchRequest::initializeOptions): Added to handle most of the dictionary initialization.
(WebCore::FetchRequest::initializeWith): Method called from built-in constructor function.
(WebCore::FetchRequest::setBody): Corresponding to @setBody private method.
(WebCore::buildBody): Deleted.

  • Modules/fetch/FetchRequest.h:
  • Modules/fetch/FetchRequest.idl:
  • Modules/fetch/FetchRequest.js: Added.

(initializeFetchRequest): Implements fetch Request(input, init) constructor.

  • Modules/fetch/FetchResponse.cpp:

(WebCore::FetchResponse::fetch): Removed the construction of FetchRequest in fetch method since it is done by JS built-in code.

  • Modules/fetch/FetchResponse.h:
  • Modules/fetch/WorkerGlobalScopeFetch.cpp: Removed overloaded fetch and updated according new signature.

(WebCore::WorkerGlobalScopeFetch::fetch):

  • Modules/fetch/WorkerGlobalScopeFetch.h: Ditto.
  • Modules/fetch/WorkerGlobalScopeFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
  • Modules/fetch/WorkerGlobalScopeFetch.js: Added.

(fetch):

  • bindings/js/WebCoreBuiltinNames.h: Adding fetchRequest, setBody and Request private identifiers.
  • bindings/scripts/CodeGenerator.pm:

(WK_lcfirst): Replacing dOM by dom.

  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateImplementation): Adding support for runtime-enabled built-in methods and private methods.

  • bindings/scripts/test/JS/JSTestGlobalObject.cpp:

(WebCore::JSTestGlobalObject::finishCreation):
(WebCore::jsTestGlobalObjectInstanceFunctionTestPrivateFunction):

  • bindings/scripts/test/ObjC/DOMTestGlobalObject.mm:

(-[DOMTestGlobalObject testJSBuiltinFunction]):

  • bindings/scripts/test/TestGlobalObject.idl: Adding tests for runtime-enabled global built-in methods and private methods.
11:07 PM Changeset in webkit [203674] by Philippe Normand
  • 16 edits in trunk

Improve GDB backtrace generation for GTK/EFL
https://bugs.webkit.org/show_bug.cgi?id=128928

Reviewed by Carlos Garcia Campos.

Source/WebKit2:

Move the Web, Database and Network ProcessIdentifier functions to
the cross-platform WKContext and WKPage implementations.

  • UIProcess/API/C/WKContext.cpp:

(WKContextGetNetworkProcessIdentifier):
(WKContextGetDatabaseProcessIdentifier):

  • UIProcess/API/C/WKContextPrivate.h:
  • UIProcess/API/C/WKPage.cpp:

(WKPageGetProcessIdentifier):

  • UIProcess/API/C/WKPagePrivate.h:
  • UIProcess/API/C/mac/WKContextPrivateMac.h:
  • UIProcess/API/C/mac/WKContextPrivateMac.mm:
  • UIProcess/API/C/mac/WKPagePrivateMac.h:
  • UIProcess/API/C/mac/WKPagePrivateMac.mm:

Tools:

The PID of the crashed process is now correctly supplied to the
crash log reporter. The kernel core_pattern needs to be updated
after this change to something like:

echo "|/home/phil/WebKit/Tools/Scripts/process-linux-coredump /tmp/core-pid_%p.dump" > /proc/sys/kernel/core_pattern

  • Scripts/process-linux-coredump: Added.

(main): Minimal python script reading coredump data on stdin and writing it to a file in /tmp/.

  • Scripts/webkitpy/port/efl.py:

(EflPort._get_crash_log): Supply path of the process-linux-coredump script.

  • Scripts/webkitpy/port/gtk.py:

(GtkPort._get_crash_log): Ditto.

  • Scripts/webkitpy/port/linux_get_crash_log.py:

(GDBCrashLogGenerator.init): New argument for supplying the path of a coredump processor script.
(GDBCrashLogGenerator.generate_crash_log): Update error message, the core_pattern should now be set to pipe coredumps to a script.
(GDBCrashLogGenerator): Deleted.

  • Scripts/webkitpy/port/linux_get_crash_log_unittest.py:

(GDBCrashLogGeneratorTest.test_generate_crash_log): Update test expectations.

  • WebKitTestRunner/TestController.cpp:

(WTR::TestController::networkProcessDidCrash): Supply PID of crash process.
(WTR::TestController::databaseProcessDidCrash): Ditto.
(WTR::TestController::processDidCrash): Ditto.

8:42 PM Changeset in webkit [203673] by Matt Baker
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Filtering is broken in the Overview timeline view
https://bugs.webkit.org/show_bug.cgi?id=160152
<rdar://problem/27517481>

Reviewed by Joseph Pecoraro.

  • UserInterface/Views/SourceCodeTimelineTimelineDataGridNode.js:

(WebInspector.SourceCodeTimelineTimelineDataGridNode.prototype.filterableDataForColumn):
Non-resource nodes should be filtered based on their display name.

6:14 PM Changeset in webkit [203672] by bshafiei@apple.com
  • 3 edits in branches/safari-602-branch/LayoutTests

Merge r203665. rdar://problem/27453479

5:48 PM Changeset in webkit [203671] by weinig@apple.com
  • 3 edits in trunk/Source/WebKit2

Add specialization for encoding/decoding WebCore::CertificateInfos in the Network Cache
<rdar://problem/27409315>
https://bugs.webkit.org/show_bug.cgi?id=160144

Reviewed by Chris Dumez.

  • NetworkProcess/cache/NetworkCacheCoders.cpp:

(WebKit::NetworkCache::encodeCFData):
(WebKit::NetworkCache::decodeCFData):
(WebKit::NetworkCache::encodeSecTrustRef):
(WebKit::NetworkCache::decodeSecTrustRef):
(WebKit::NetworkCache::encodeCertificateChain):
(WebKit::NetworkCache::decodeCertificateChain):
(WebKit::NetworkCache::Coder<WebCore::CertificateInfo>::encode):
(WebKit::NetworkCache::Coder<WebCore::CertificateInfo>::decode):

  • NetworkProcess/cache/NetworkCacheStorage.h:

(WebKit::NetworkCache::Storage::version):
Bump the version and lastStableVersion to account for the format change.

1:33 PM Changeset in webkit [203670] by fpizlo@apple.com
  • 33 edits
    2 adds in trunk

B3 should support multiple entrypoints
https://bugs.webkit.org/show_bug.cgi?id=159391

Reviewed by Saam Barati.
Source/JavaScriptCore:


This teaches B3 how to compile procedures with multiple entrypoints in the best way ever.

Multiple entrypoints are useful. We could use them to reduce the cost of compiling OSR
entrypoints. We could use them to implement better try/catch.

Multiple entrypoints are hard to support. All of the code that assumed that the root block
is the entrypoint would have to be changed. Transformations like moveConstants() would have
to do crazy things if the existence of multiple entrypoints prevented it from finding a
single common dominator.

Therefore, we want to add multiple entrypoints without actually teaching the compiler that
there is such a thing. That's sort of what this change does.

This adds a new opcode to both B3 and Air called EntrySwitch. It's a terminal that takes
one or more successors and no value children. The number of successors must match
Procedure::numEntrypoints(), which could be arbitrarily large. The semantics of EntrySwitch
are:

  • Each of the entrypoints sets a hidden Entry variable to that entrypoint's index and jumps to the procedure's root block.


  • An EntrySwitch is a switch statement over this hidden Entry variable.


The way that we actually implement this is that Air has a very late phase - after all
register and stack layout - that clones all code where the Entry variable is live; i.e all
code in the closure over predecessors of all blocks that do EntrySwitch.

Usually, you would use this by creating an EntrySwitch in the root block, but you don't
have to do that. Just remember that the code before EntrySwitch gets cloned for each
entrypoint. We allow cloning of an arbitrarily large amount of code because restricting it,
and so restricing the placement of EntrySwitches, would be unelegant. It would be hard to
preserve this invariant. For example we wouldn't be able to lower any value before an
EntrySwitch to a control flow diamond.

This patch gives us an easy-to-use way to use B3 to compile code with multiple entrypoints.
Inside the compiler, only code that runs very late in Air has to know about this feature.
We get the best of both worlds!

Also, I finally got rid of the requirement that you explicitly cast BasicBlock* to
FrequentedBlock. I can no longer remember why I thought that was a good idea. Removing it
doesn't cause any problems and it makes code easier to write.

  • CMakeLists.txt:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • b3/B3BasicBlockUtils.h:

(JSC::B3::updatePredecessorsAfter):
(JSC::B3::clearPredecessors):
(JSC::B3::recomputePredecessors):

  • b3/B3FrequencyClass.h:

(JSC::B3::maxFrequency):

  • b3/B3Generate.h:
  • b3/B3LowerToAir.cpp:

(JSC::B3::Air::LowerToAir::lower):

  • b3/B3MoveConstants.cpp:
  • b3/B3Opcode.cpp:

(WTF::printInternal):

  • b3/B3Opcode.h:
  • b3/B3Procedure.cpp:

(JSC::B3::Procedure::isFastConstant):
(JSC::B3::Procedure::entrypointLabel):
(JSC::B3::Procedure::addDataSection):

  • b3/B3Procedure.h:

(JSC::B3::Procedure::numEntrypoints):
(JSC::B3::Procedure::setNumEntrypoints):
(JSC::B3::Procedure::setLastPhaseName):

  • b3/B3Validate.cpp:
  • b3/B3Value.cpp:

(JSC::B3::Value::effects):
(JSC::B3::Value::typeFor):

  • b3/B3Value.h:
  • b3/air/AirCode.cpp:

(JSC::B3::Air::Code::cCallSpecial):
(JSC::B3::Air::Code::isEntrypoint):
(JSC::B3::Air::Code::resetReachability):
(JSC::B3::Air::Code::dump):

  • b3/air/AirCode.h:

(JSC::B3::Air::Code::setFrameSize):
(JSC::B3::Air::Code::numEntrypoints):
(JSC::B3::Air::Code::entrypoints):
(JSC::B3::Air::Code::entrypoint):
(JSC::B3::Air::Code::setEntrypoints):
(JSC::B3::Air::Code::entrypointLabel):
(JSC::B3::Air::Code::setEntrypointLabels):
(JSC::B3::Air::Code::calleeSaveRegisters):

  • b3/air/AirCustom.h:

(JSC::B3::Air::PatchCustom::isTerminal):
(JSC::B3::Air::PatchCustom::hasNonArgEffects):
(JSC::B3::Air::PatchCustom::hasNonArgNonControlEffects):
(JSC::B3::Air::PatchCustom::generate):
(JSC::B3::Air::CommonCustomBase::hasNonArgEffects):
(JSC::B3::Air::CCallCustom::forEachArg):
(JSC::B3::Air::ColdCCallCustom::forEachArg):
(JSC::B3::Air::ShuffleCustom::forEachArg):
(JSC::B3::Air::EntrySwitchCustom::forEachArg):
(JSC::B3::Air::EntrySwitchCustom::isValidFormStatic):
(JSC::B3::Air::EntrySwitchCustom::isValidForm):
(JSC::B3::Air::EntrySwitchCustom::admitsStack):
(JSC::B3::Air::EntrySwitchCustom::isTerminal):
(JSC::B3::Air::EntrySwitchCustom::hasNonArgNonControlEffects):
(JSC::B3::Air::EntrySwitchCustom::generate):

  • b3/air/AirGenerate.cpp:

(JSC::B3::Air::prepareForGeneration):
(JSC::B3::Air::generate):

  • b3/air/AirLowerEntrySwitch.cpp: Added.

(JSC::B3::Air::lowerEntrySwitch):

  • b3/air/AirLowerEntrySwitch.h: Added.
  • b3/air/AirOpcode.opcodes:
  • b3/air/AirOptimizeBlockOrder.cpp:

(JSC::B3::Air::blocksInOptimizedOrder):

  • b3/air/AirSpecial.cpp:

(JSC::B3::Air::Special::isTerminal):
(JSC::B3::Air::Special::hasNonArgEffects):
(JSC::B3::Air::Special::hasNonArgNonControlEffects):

  • b3/air/AirSpecial.h:
  • b3/air/AirValidate.cpp:
  • b3/air/opcode_generator.rb:
  • b3/testb3.cpp:

Source/WTF:

  • wtf/GraphNodeWorklist.h: Expose some handy functionality.

(WTF::GraphNodeWorklist::pop):
(WTF::GraphNodeWorklist::saw):
(WTF::GraphNodeWorklist::seen):

  • wtf/VectorTraits.h: Fix a bug! Otherwise filling a vector of byte-sized enum classes doesn't work.

Websites/webkit.org:


Update some statements about ControlValue (which doesn't exist anymore) and add a blurb
about EntrySwitch.

  • docs/b3/index.html:
  • docs/b3/intermediate-representation.html:
12:53 PM Changeset in webkit [203669] by n_wang@apple.com
  • 3 edits
    2 adds in trunk

AX: Video Controls: Volume cannot be adjusted using VO.
https://bugs.webkit.org/show_bug.cgi?id=160107

Reviewed by Dean Jackson.

Source/WebCore:

The volume slider in video tag had 0.01 step which caused the screen reader adjusting it slowly.
Changed the step to 0.05 and added the aria-valuetext attribute to the slider, so that the value
is spoken in percentage.

Test: accessibility/mac/video-volume-slider-accessibility.html

  • Modules/mediacontrols/mediaControlsApple.js:

(Controller.prototype.createControls):
(Controller.prototype.handleVolumeSliderInput):
(Controller.prototype.updateVolume):

LayoutTests:

  • accessibility/mac/video-volume-slider-accessibility-expected.txt: Added.
  • accessibility/mac/video-volume-slider-accessibility.html: Added.
11:59 AM Changeset in webkit [203668] by fpizlo@apple.com
  • 3 edits in trunk/Source/JavaScriptCore

Unreviewed, fix broken test. I don't know why I goofed this up without seeing it before landing.

  • b3/air/AirOpcode.opcodes:
  • b3/testb3.cpp:

(JSC::B3::run):

10:47 AM Changeset in webkit [203667] by ddkilzer@apple.com
  • 3 edits
    2 adds in trunk

REGRESSION (r203106): Crash in WebCore::MathMLElement::parseMathMLLength()
<https://webkit.org/b/160111>
<rdar://problem/27506489>

Reviewed by Chris Dumez.

Source/WebCore:

Test: mathml/mpadded-crash.html

  • mathml/MathMLElement.cpp:

(WebCore::skipLeadingAndTrailingWhitespace): Change to take
StringView parameter instead of String to avoid creating a
temporary String that's released on return.

LayoutTests:

  • mathml/mpadded-crash-expected.txt: Added.
  • mathml/mpadded-crash.html: Added.
10:36 AM Changeset in webkit [203666] by fpizlo@apple.com
  • 11 edits in trunk/Source/JavaScriptCore

[B3] Fusing immediates into test instructions should work again
https://bugs.webkit.org/show_bug.cgi?id=160073

Reviewed by Sam Weinig.

When we introduced BitImm, we forgot to change the Branch(BitAnd(value, constant))
fusion. This emits test instructions, so it should use BitImm for the constant. But it
was still using Imm! This meant that isValidForm() always returned false.

This fixes the code path to use BitImm, and turns off our use of BitImm64 on x86 since
it provides no benefit on x86 and has some risk (the code appears to play fast and loose
with the scratch register).

This is not an obvious progression on anything, so I added comprehensive tests to
testb3, which check that we selected the optimal instruction in a variety of situations.
We should add more tests like this!

  • b3/B3BasicBlock.h:

(JSC::B3::BasicBlock::successorBlock):

  • b3/B3LowerToAir.cpp:

(JSC::B3::Air::LowerToAir::createGenericCompare):

  • b3/B3LowerToAir.h:
  • b3/air/AirArg.cpp:

(JSC::B3::Air::Arg::isRepresentableAs):
(JSC::B3::Air::Arg::usesTmp):

  • b3/air/AirArg.h:

(JSC::B3::Air::Arg::isRepresentableAs):
(JSC::B3::Air::Arg::castToType):
(JSC::B3::Air::Arg::asNumber):

  • b3/air/AirCode.h:

(JSC::B3::Air::Code::size):
(JSC::B3::Air::Code::at):

  • b3/air/AirOpcode.opcodes:
  • b3/air/AirValidate.h:
  • b3/air/opcode_generator.rb:
  • b3/testb3.cpp:

(JSC::B3::compile):
(JSC::B3::compileAndRun):
(JSC::B3::lowerToAirForTesting):
(JSC::B3::testSomeEarlyRegister):
(JSC::B3::testBranchBitAndImmFusion):
(JSC::B3::zero):
(JSC::B3::run):

10:25 AM Changeset in webkit [203665] by mmaxfield@apple.com
  • 3 edits in trunk/LayoutTests

Test gardening after r203626.
https://bugs.webkit.org/show_bug.cgi?id=160102
<rdar://problem/27453479>

Unreviewed.

  • platform/ios-simulator/editing/deleting/delete-emoji-expected.txt:
  • platform/mac-yosemite/editing/deleting/delete-emoji-expected.txt:
8:53 AM Changeset in webkit [203664] by Yusuke Suzuki
  • 3 edits in trunk/Source/JavaScriptCore

Unreviewed, update the exponentiation expression error message
https://bugs.webkit.org/show_bug.cgi?id=159969

Follow up patch for r203499.

  • parser/Parser.cpp:

(JSC::Parser<LexerType>::parseBinaryExpression):

  • tests/stress/pow-expects-update-expression-on-lhs.js:

(throw.new.Error):

6:08 AM Changeset in webkit [203663] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebCore

[Coordinated Graphics] ASSERTION FAILED: !m_flushingLayers in fast/repaint/animation-after-layer-scroll.html
https://bugs.webkit.org/show_bug.cgi?id=160142

Patch by Carlos Garcia Campos <cgarcia@igalia.com> on 2016-07-24
Reviewed by Michael Catanzaro.

This only happens in layout tests, because it happens when RenderLayerCompositor::layerTreeAsText() is
called. The thing is that CoordinatedGraphicsLayer::flushCompositingState() calls notifyFlushRequired() that
checks if the coordinator is flusing layers and if not it calls RenderLayerCompositor::notifyFlushRequired() and
returns early. This normally works because the coodinator is the one starting the layer flush, so that when
RenderLayerCompositor::flushPendingLayerChanges() is called the coordinator is always flusing layers. But
RenderLayerCompositor::layerTreeAsText() calls RenderLayerCompositor::flushPendingLayerChanges() directly, so at
that moment the coordinator is not flusing layers, what causes that
CoordinatedGraphicsLayer::flushCompositingState() ends up calling RenderLayerCompositor::notifyFlushRequired()
that schedules a new flush while flusing layers causing the
assertion. CoordinatedGraphicsLayer::flushCompositingState() is always called from
CompositingCoordinator::flushPendingLayerChanges() or RenderLayerCompositor::flushPendingLayerChanges() so we
never need to call RenderLayerCompositor::notifyFlushRequired() from there.

  • platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:

(WebCore::CoordinatedGraphicsLayer::notifyFlushRequired): This is void now since the return value is not checked anywhere.
(WebCore::CoordinatedGraphicsLayer::flushCompositingState): Remove the call to notifyFlushRequired().

  • platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
6:04 AM Changeset in webkit [203662] by Michael Catanzaro
  • 3 edits in trunk/LayoutTests

[GTK] Layout test security/contentSecurityPolicy/plugins-types-allows-quicktime-plugin-replacement.html timing out
https://bugs.webkit.org/show_bug.cgi?id=160128

Unreviewed, skip the tests.

  • platform/efl/TestExpectations:
  • platform/gtk/TestExpectations:
4:10 AM Changeset in webkit [203661] by Darin Adler
  • 3 edits
    2 deletes in trunk/Source

Adding a new WebCore JavaScript built-in source file does not trigger rebuild of WebCoreJSBuiltins*
https://bugs.webkit.org/show_bug.cgi?id=160115

Reviewed by Youenn Fablet.

Source/JavaScriptCore:

  • make-generated-sources.sh: Removed. Was unused.

Source/WebCore:

  • DerivedSources.make: Added a missing dependency so the rule that builds WebCore_BUILTINS_WRAPPERS

kicks in when the list of WebCore_BUILTINS_SOURCES is modified. Also added another missing dependency
so that changes to the JavaScript built-ins Python scripts will also trigger WebCore_BUILTINS_WRAPPERS.

  • make-generated-sources.sh: Removed. Was unused.

Jul 23, 2016:

8:11 PM Changeset in webkit [203660] by Alan Bujtas
  • 12 edits in trunk/Source/WebCore

Stop isEmpty() from leaking out of SVG.
https://bugs.webkit.org/show_bug.cgi?id=160121

Reviewed by Simon Fraser.

It's unclear what isEmpty() actually means and it doesn't bring any value to Render* classes.

No change in functionality.

  • editing/CompositeEditCommand.cpp:

(WebCore::CompositeEditCommand::addBlockPlaceholderIfNeeded):

  • rendering/RenderElement.h:
  • rendering/RenderListItem.cpp:

(WebCore::RenderListItem::isEmpty): Deleted.

  • rendering/RenderListItem.h:
  • rendering/RenderObject.h:

(WebCore::RenderObject::isEmpty): Deleted.

  • rendering/RenderRubyRun.cpp:

(WebCore::RenderRubyRun::removeChild):
(WebCore::RenderRubyRun::isEmpty): Deleted.

  • rendering/RenderRubyRun.h:
  • rendering/mathml/RenderMathMLFenced.cpp:

(WebCore::RenderMathMLFenced::updateFromElement):
(WebCore::RenderMathMLFenced::addChild):

  • rendering/mathml/RenderMathMLRoot.cpp:

(WebCore::RenderMathMLRoot::paint):

  • rendering/svg/RenderSVGShape.h:
7:16 PM WebKitGTK/Gardening/Calendar edited by Michael Catanzaro
(diff)
7:15 PM Changeset in webkit [203659] by Michael Catanzaro
  • 2 edits in trunk/LayoutTests

Unreviewed GTK test expectations fixups

  • platform/gtk/TestExpectations:
7:12 PM WebKitGTK/Gardening/Calendar edited by Michael Catanzaro
(diff)
7:11 PM Changeset in webkit [203658] by Michael Catanzaro
  • 3 edits in trunk/LayoutTests

Even more unreviewed flaky GTK test gardening

6:39 PM Changeset in webkit [203657] by Alan Bujtas
  • 11 edits in trunk/Source/WebCore

table*BorderAdjoiningCell and borderAdjoiningCell* should take reference instead of RenderTableCell*.
https://bugs.webkit.org/show_bug.cgi?id=160123

Reviewed by Simon Fraser.

No change in functionality.

  • rendering/RenderTable.cpp:

(WebCore::RenderTable::tableStartBorderAdjoiningCell):
(WebCore::RenderTable::tableEndBorderAdjoiningCell):

  • rendering/RenderTable.h:
  • rendering/RenderTableCell.cpp:

(WebCore::RenderTableCell::computeCollapsedStartBorder):
(WebCore::RenderTableCell::computeCollapsedEndBorder):

  • rendering/RenderTableCell.h:

(WebCore::RenderTableCell::borderAdjoiningCellBefore):
(WebCore::RenderTableCell::borderAdjoiningCellAfter):

  • rendering/RenderTableCol.cpp:

(WebCore::RenderTableCol::borderAdjoiningCellStartBorder):
(WebCore::RenderTableCol::borderAdjoiningCellEndBorder):
(WebCore::RenderTableCol::borderAdjoiningCellBefore):
(WebCore::RenderTableCol::borderAdjoiningCellAfter):

  • rendering/RenderTableCol.h:
  • rendering/RenderTableRow.cpp:

(WebCore::RenderTableRow::borderAdjoiningStartCell):
(WebCore::RenderTableRow::borderAdjoiningEndCell):

  • rendering/RenderTableRow.h:
  • rendering/RenderTableSection.cpp:

(WebCore::RenderTableSection::borderAdjoiningStartCell):
(WebCore::RenderTableSection::borderAdjoiningEndCell):

  • rendering/RenderTableSection.h:
6:38 PM Changeset in webkit [203656] by Alan Bujtas
  • 2 edits in trunk/Source/WebCore

Remove unused enum and stale comment from RenderObject.
https://bugs.webkit.org/show_bug.cgi?id=160122

Reviewed by Simon Fraser.

No change in functionality.

  • rendering/RenderBox.h:
4:13 PM WebKitGTK/Gardening/Calendar edited by Michael Catanzaro
(diff)
4:10 PM Changeset in webkit [203655] by Michael Catanzaro
  • 3 edits in trunk/LayoutTests

Unreviewed flaky test gardening for GTK

Mostly more fallout from threaded compositor

3:02 PM Changeset in webkit [203654] by Michael Catanzaro
  • 2 edits in trunk/LayoutTests

More unreviewed GTK gardening

Update expectations for tests timing out

  • platform/gtk/TestExpectations:
2:47 PM Changeset in webkit [203653] by Michael Catanzaro
  • 2 edits in trunk/LayoutTests

More unreviewed GTK gardening

Mark more flaky crashes after enabling threaded compositor

  • platform/gtk/TestExpectations:
2:32 PM Changeset in webkit [203652] by Michael Catanzaro
  • 2 edits in trunk/LayoutTests

More unreviewed GTK gardening, mark even more new passes after enabling threaded compositor

  • platform/gtk/TestExpectations:
2:09 PM Changeset in webkit [203651] by Chris Dumez
  • 2 edits in trunk/Source/WebKit/win

Unreviewed, fix Windows build after r203623.

  • DOMCoreClasses.cpp:

(DOMDocument::getComputedStyle):

11:21 AM WebKitGTK/Gardening/Calendar edited by Michael Catanzaro
(diff)
11:14 AM Changeset in webkit [203650] by Michael Catanzaro
  • 2 edits in trunk/LayoutTests

Unreviewed GTK gardening, mark many emoji gender tests passing

  • platform/gtk/TestExpectations:
11:05 AM Changeset in webkit [203649] by Michael Catanzaro
  • 3 edits in trunk/LayoutTests

Unreviewed test gardening

These tests are flaky now on GTK, passing about half the time.

10:51 AM Changeset in webkit [203648] by Michael Catanzaro
  • 2 edits in trunk/LayoutTests

Unreviewed GTK gardening new passes after enabling threaded compositor

  • platform/gtk/TestExpectations:
9:41 AM Changeset in webkit [203647] by Michael Catanzaro
  • 2 edits in trunk/LayoutTests

Unreviewed test expectation gardening

Skip layout test editing/deleting/delete-emoji.html

  • platform/gtk/TestExpectations:
9:31 AM Changeset in webkit [203646] by Michael Catanzaro
  • 2 edits in trunk/LayoutTests

Unreviewed, move some GTK expectations to more appropriate locations

  • platform/gtk/TestExpectations:
9:28 AM Changeset in webkit [203645] by Michael Catanzaro
  • 2 edits in trunk/LayoutTests

Unreviewed, add GTK expectations for threaded compositor regressions

  • platform/gtk/TestExpectations:
8:25 AM Changeset in webkit [203644] by commit-queue@webkit.org
  • 5 edits in trunk

[Coordinated Graphics] Lots of flaky tests
https://bugs.webkit.org/show_bug.cgi?id=160118

Patch by Carlos Garcia Campos <cgarcia@igalia.com> on 2016-07-23
Reviewed by Michael Catanzaro.

Source/WebCore:

Since the GTK+ ported to threaded compositor (coordinated graphics) there are a lot of flaky tests in the
bots. In manu of the cases the diff shows a different size in the FrameView layer.

This happens for tests run in the same WTR after fast/fixed-layout/fixed-layout.html. This is what happens:

1.- Test fast/fixed-layout/fixed-layout.html runs and sets fixed layout to true and fixed layout size to 400x400
2.- When it finishes TestController::resetStateToConsistentValues() is called.
3.- Blank URL is loaded after state has been updated
4.- Then Reset message is handled in the web process and Internals::resetToConsistentState() resets the fixed

layout state and size.

5.- onresize happens and the handler set in fast/fixed-layout/fixed-layout.html is invoked setting the fixed

layout to true and size to 400x400 again.

6.- about_blank is then loaded with the fixed layout enabled, as well as other tests after this one.

In addition to this, coordinated graphics uses a fixedVisibleContentRect in ScrollView that is never reset.

  • platform/ScrollView.cpp:

(WebCore::ScrollView::unscaledVisibleContentSizeIncludingObscuredArea): Only use m_fixedVisibleContentRect when
fixed layout is enabled.
(WebCore::ScrollView::unscaledUnobscuredVisibleContentSize): Ditto.
(WebCore::ScrollView::visibleContentRectInternal): Ditto.

  • testing/Internals.cpp:

(WebCore::Internals::resetToConsistentState): Reset also the m_fixedVisibleContentRect.

LayoutTests:

  • fast/fixed-layout/fixed-layout.html: Remove the onresize handler when the test finishes to ensure it can't be

called later affecting other tests.

8:23 AM Changeset in webkit [203643] by commit-queue@webkit.org
  • 4 edits in trunk

[Coordinated Graphics] Test imported/blink/svg/custom/svg-image-layers-crash.html crashes
https://bugs.webkit.org/show_bug.cgi?id=160078

Patch by Carlos Garcia Campos <cgarcia@igalia.com> on 2016-07-23
Reviewed by Michael Catanzaro.

Source/WebCore:

This is a merge of Blink r155373.
https://chromiumcodereview.appspot.com/20789004

Disable accelerated compositing for SVGImage content layers. SVGImageChromeClient does not support it.

Fixes imported/blink/svg/custom/svg-image-layers-crash.html.

  • svg/graphics/SVGImage.cpp:

(WebCore::SVGImage::dataChanged):

LayoutTests:

  • platform/efl/TestExpectations: Remove imported/blink/svg/custom/svg-image-layers-crash.html.
2:58 AM Changeset in webkit [203642] by commit-queue@webkit.org
  • 28 edits
    7 adds
    3 deletes in trunk

Unreviewed, rolling out r203641.
https://bugs.webkit.org/show_bug.cgi?id=160116

It broke make-based builds (Requested by youenn on #webkit).

Reverted changeset:

"[Fetch API] Request should be created with any HeadersInit
data"
https://bugs.webkit.org/show_bug.cgi?id=159672
http://trac.webkit.org/changeset/203641

1:55 AM Changeset in webkit [203641] by commit-queue@webkit.org
  • 27 edits
    3 copies
    1 delete in trunk

[Fetch API] Request should be created with any HeadersInit data
https://bugs.webkit.org/show_bug.cgi?id=159672

Patch by Youenn Fablet <youenn@apple.com> on 2016-07-23
Reviewed by Sam Weinig.

LayoutTests/imported/w3c:

  • imported/w3c/web-platform-tests/fetch/api/credentials/authentication-basic-expected.txt: Test was previously

failing due to lack of support for HeadersInit data in Request constructor.

  • platform/mac-wk1/imported/w3c/web-platform-tests/fetch/api/credentials/authentication-basic-expected.txt: Removed.
  • web-platform-tests/fetch/api/request/request-headers-expected.txt:
  • web-platform-tests/fetch/api/request/request-headers.html: Adding new test.

Source/JavaScriptCore:

  • Scripts/builtins/builtins_generator.py:

(WK_lcfirst): Synchronized with CodeGenerator.pm version.

Source/WebCore:

Made Request use JSBuiltinConstructor.
This allows initializing newly created Request with a JS built-in function, initializeFetchRequest.
initializeFetchRequest can call @fillFetchHeaders internal built-in to handle any HeadersInit data.
Future effort should be made to migrate more initialization code in initializeFetchRequest.

Made window and worker fetch function as a JS built-in.
This becomes more handy as these new functions can construct the Request object.
They can then call a single private function that takes a Request object as input.
Updated DOMWindowFetch and WorkerGlobalScopeFetch code accordingly.

To enable this, the binding generator is updated to support runtime-enabled JS built-in functions and
private functions atttached to global objects.

Covered by existing and modified tests.
Binding generator test covered by updated binding tests.

  • CMakeLists.txt: Adding DOMWindowFetch.js, FetchRequest.js and WorkerGlobalScopeFetch.js built-in files.
  • DerivedSources.make: Ditto.
  • Modules/fetch/DOMWindowFetch.cpp: Removed overloaded fetch and updated according new signature.

(WebCore::DOMWindowFetch::fetch):

  • Modules/fetch/DOMWindowFetch.h: Ditto.
  • Modules/fetch/DOMWindowFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
  • Modules/fetch/DOMWindowFetch.js: Added.

(fetch):

  • Modules/fetch/FetchHeaders.h:

(WebCore::FetchHeaders::setGuard): Used by FetchRequest when initializing headers.

  • Modules/fetch/FetchRequest.cpp:

(WebCore::buildHeaders): Removed as implemented in JS.
(WebCore::FetchRequest::initializeOptions): Added to handle most of the dictionary initialization.
(WebCore::FetchRequest::initializeWith): Method called from built-in constructor function.
(WebCore::FetchRequest::setBody): Corresponding to @setBody private method.
(WebCore::buildBody): Deleted.

  • Modules/fetch/FetchRequest.h:
  • Modules/fetch/FetchRequest.idl:
  • Modules/fetch/FetchRequest.js: Added.

(initializeFetchRequest): Implements fetch Request(input, init) constructor.

  • Modules/fetch/FetchResponse.cpp:

(WebCore::FetchResponse::fetch): Removed the construction of FetchRequest in fetch method since it is done by JS built-in code.

  • Modules/fetch/FetchResponse.h:
  • Modules/fetch/WorkerGlobalScopeFetch.cpp: Removed overloaded fetch and updated according new signature.

(WebCore::WorkerGlobalScopeFetch::fetch):

  • Modules/fetch/WorkerGlobalScopeFetch.h: Ditto.
  • Modules/fetch/WorkerGlobalScopeFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
  • Modules/fetch/WorkerGlobalScopeFetch.js: Added.

(fetch):

  • bindings/js/WebCoreBuiltinNames.h: Adding fetchRequest, setBody and Request private identifiers.
  • bindings/scripts/CodeGenerator.pm:

(WK_lcfirst): Replacing dOM by dom.

  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateImplementation): Adding support for runtime-enabled built-in methods and private methods.

  • bindings/scripts/test/JS/JSTestGlobalObject.cpp:

(WebCore::JSTestGlobalObject::finishCreation):
(WebCore::jsTestGlobalObjectInstanceFunctionTestPrivateFunction):

  • bindings/scripts/test/ObjC/DOMTestGlobalObject.mm:

(-[DOMTestGlobalObject testJSBuiltinFunction]):

  • bindings/scripts/test/TestGlobalObject.idl: Adding tests for runtime-enabled global built-in methods and private methods.
1:39 AM Changeset in webkit [203640] by commit-queue@webkit.org
  • 3 edits
    2 adds in trunk

Reset font-style on the <math> element
https://bugs.webkit.org/show_bug.cgi?id=160074

Patch by Frederic Wang <fwang@igalia.com> on 2016-07-23
Reviewed by Darin Adler.

Source/WebCore:

Mathematical formulas with italic font-style render poorly (slanted operators, mathvariant
italic etc). We align on Gecko and make the user agent stylesheet reset the font-style to
'normal' by default. This addresses the concrete use case of formula inside theorem or
proposition statements, which are often written in italic.

Test: mathml/presentation/math-font-style.html

  • css/mathml.css:

(math): Reset the font-style to normal.

LayoutTests:

  • mathml/presentation/math-font-style-expected.html: Added.
  • mathml/presentation/math-font-style.html: Added.
1:19 AM Changeset in webkit [203639] by commit-queue@webkit.org
  • 4 edits
    2 adds in trunk

Source/WebCore:
[MathML] PaintInfo state is not properly restored after applyTransform.
https://bugs.webkit.org/show_bug.cgi?id=160077

Patch by Frederic Wang <fwang@igalia.com> on 2016-07-23
Reviewed by Simon Fraser.

PaintInfo::applyTransform modifies PaintInfo::rect and the original state is not properly
restored by GraphicsContextStateSaver. To avoid some weird rendering bugs in MathOperator
and RenderMathMLMenclose, we follow what is done in SVG renderers and make a copy of the
original PaintInfo before applying the transform.

Test: mathml/presentation/bug160077.html

  • rendering/mathml/MathOperator.cpp:

(WebCore::MathOperator::paint):

  • rendering/mathml/RenderMathMLMenclose.cpp:

(WebCore::RenderMathMLMenclose::paint):

LayoutTests:
[MathML] PaintInfo state not properly restored after applyTransform.
https://bugs.webkit.org/show_bug.cgi?id=160077

Patch by Frederic Wang <fwang@igalia.com> on 2016-07-23
Reviewed by Simon Fraser.

  • mathml/presentation/bug160077-expected-mismatch.html: Added.
  • mathml/presentation/bug160077.html: Added.
1:07 AM Changeset in webkit [203638] by commit-queue@webkit.org
  • 9 edits in trunk

WPT stash server should be kept running when launching wpt server
https://bugs.webkit.org/show_bug.cgi?id=160052

Patch by Youenn Fablet <youenn@apple.com> on 2016-07-23
Reviewed by Sam Weinig.

LayoutTests/imported/w3c:

  • web-platform-tests/XMLHttpRequest/send-authentication-basic-setrequestheader-and-arguments-expected.txt:
  • web-platform-tests/fetch/api/cors/cors-preflight-expected.txt:
  • web-platform-tests/fetch/api/cors/cors-preflight-referrer-expected.txt:
  • web-platform-tests/html/semantics/document-metadata/the-link-element/document-without-browsing-context-expected.txt:
  • web-platform-tests/html/semantics/embedded-content/the-iframe-element/cross_origin_parentage-expected.txt:
  • web-platform-tests/html/semantics/embedded-content/the-iframe-element/same_origin_parentage-expected.txt:

Tools:

  • Scripts/webkitpy/layout_tests/servers/web_platform_test_launcher.py:

(main): waiting to read stdin while stash server is started.

12:46 AM Changeset in webkit [203637] by commit-queue@webkit.org
  • 8 edits in trunk

[Fetch API] Fetch response stream should enqueue Uint8Array
https://bugs.webkit.org/show_bug.cgi?id=160083

Patch by Youenn Fablet <youenn@apple.com> on 2016-07-23
Reviewed by Sam Weinig.

LayoutTests/imported/w3c:

  • web-platform-tests/fetch/api/resources/utils.js:

Source/WebCore:

Covered by updated tests.

Before enqueuing, ReadableStreamController::enqueue will convert ArrayBuffer as Uint8Array.
It also returns a boolean whether the operation is successful or not.

If returned value is false, calling code will stop loading or if everything is loaded it will refrain from closing the stream.
The enqueuing should be succesful except in OutOfMemory cases. This case is not yet handled in test cases.

Updated the code to remove templated enqueuing as Fetch has no use of it.

  • Modules/fetch/FetchBody.cpp:

(WebCore::FetchBody::consumeAsStream): Do not close the stream if enqueuing failed.

  • Modules/fetch/FetchBodyOwner.cpp:

(WebCore::FetchBodyOwner::blobChunk): Stop blob loading if enqueuing failed.

  • Modules/fetch/FetchResponse.cpp:

(WebCore::FetchResponse::BodyLoader::didReceiveData): Stop resource loading if enqueuing failed.
(WebCore::FetchResponse::consumeBodyAsStream): Ditto.

  • Modules/fetch/FetchResponseSource.h:
  • bindings/js/ReadableStreamController.h:

(WebCore::ReadableStreamController::enqueue):
(WebCore::ReadableStreamController::enqueue<RefPtr<JSC::ArrayBuffer>>): Deleted.

12:17 AM Changeset in webkit [203636] by Nikita Vasilyev
  • 2 edits in trunk/Source/WebInspectorUI

REGRESSION (r202876): Web Inspector: Switching away from Console tab with a lot of messages is slow
https://bugs.webkit.org/show_bug.cgi?id=160112

Reviewed by Joseph Pecoraro.

Showing NavigationSidebar before removing previous TabContentView can be very slow when
TabContentView is ConsoleTabContentView with a lot of messages. The order of operations
(show sidebar, change content view, show sidebar) caused more forced layouts. This patch
reduces the number of forced layouts by changes the order to: show content view, show sidebar,
show sidebar.

  • UserInterface/Views/TabBrowser.js:

(WebInspector.TabBrowser.prototype._tabBarItemSelected):

Jul 22, 2016:

11:15 PM Changeset in webkit [203635] by Joseph Pecoraro
  • 5 edits in trunk/Source/WebKit2

Web Automation: All key events should be processed before sending response
https://bugs.webkit.org/show_bug.cgi?id=160114
<rdar://problem/27505943>

Reviewed by Darin Adler.

When evaluating performKeyboardInteractions, we were sending all
NSEvents synchronously, but because WebPageProxy was doing its
own queueing and asynchronous processing of those key events, we
would receive and respond to the next Automation command before
having completed all of the key events.

This change makes performKeyboardInteractions asynchronous. It
will be notified only after WebPageProxy has exhausted its queue
of key events.

  • UIProcess/Automation/Automation.json:
  • UIProcess/Automation/WebAutomationSession.cpp:

(WebKit::WebAutomationSession::keyboardEventsFlushedForPage):
(WebKit::WebAutomationSession::evaluateJavaScriptFunction):
(WebKit::WebAutomationSession::performKeyboardInteractions):

  • UIProcess/Automation/WebAutomationSession.h:
  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::didReceiveEvent):

11:15 PM Changeset in webkit [203634] by Joseph Pecoraro
  • 4 edits in trunk/Source/WebKit2

Web Automation: WebAutomationSession::deleteAllCookies never calls callback, hangs automation session
https://bugs.webkit.org/show_bug.cgi?id=160113
<rdar://problem/27308124>

Reviewed by Darin Adler.

Delete all cookies appears to be a straightforward action
where we don't need to wait for a callback. So drop the
async altogether and implicitly complete the action.

  • UIProcess/Automation/Automation.json:
  • UIProcess/Automation/WebAutomationSession.cpp:

(WebKit::WebAutomationSession::deleteAllCookies):

  • UIProcess/Automation/WebAutomationSession.h:
11:11 PM Changeset in webkit [203633] by rniwa@webkit.org
  • 5 edits in trunk/Websites/perf.webkit.org

REGRESSION(r203035): Marking points as an outlier no longer updates charts
https://bugs.webkit.org/show_bug.cgi?id=160106

Reviewed by Darin Adler.

The bug was caused by MeasurementSet's fetchBetween clearing previously registered callbacks when noCache
option is specified.

  • public/v3/components/time-series-chart.js:

(TimeSeriesChart.prototype.setSourceList): Clear this._fetchedTimeSeries when changing chart options.
e.g. need to start including or excluding outliers.
(TimeSeriesChart.prototype.fetchMeasurementSets): Don't skip the fetching when noCache is true.

  • public/v3/models/measurement-set.js:

(MeasurementSet): Added this._callbackMap as an instance variable to keep track of all callbacks on every
cluster since we may need to call each callback multiple times per cluster when noCache option is used.
(MeasurementSet.prototype.fetchBetween): Moved the code to add _primaryClusterPromise to _allFetches here
so that now this function and _ensureClusterPromise are only functions that touch _allFetches.
(MeasurementSet.prototype._ensureClusterPromise): Extracted out of fetchBetween. Queue up all callbacks
for each cluster when creating a new promise.
(MeasurementSet.prototype._fetchPrimaryCluster): Removed the code to add _primaryClusterPromise now that
it's done in fetchBetween.

  • public/v3/remote.js:

(RemoteAPI.postJSONWithStatus): Removed superfluous call to console.log.

  • unit-tests/measurement-set-tests.js: Updated the test case for noCache. The callback registered before

fetchBetween is called with noCache=true is now invoked so callCount must be 3 instead of 2.

11:01 PM Changeset in webkit [203632] by commit-queue@webkit.org
  • 8 edits
    1 delete in trunk/Source/WebCore

Use a private property to implement FetchResponse.body getter
https://bugs.webkit.org/show_bug.cgi?id=159808

Patch by Youenn Fablet <youenn@apple.com> on 2016-07-22
Reviewed by Sam Weinig.

Covered by existing test sets.

Previously, body was handled as a CachedAttribute.
Using a private property will allow direct use of this property from JS built-ins which will allow easier
handling of ReadableStream cloning in Response.clone.
Also, this allows removing some binding custom code.

Updated redirect and error static methods to take NewObject keyword, as this removes a search into cached wrappers.
Ditto for createReadableStreamSource.

  • CMakeLists.txt: Removing JSFetchResponseCustom.cpp.
  • Modules/fetch/FetchResponse.idl: Adding createReadableStreamSource and isDisturbed private functions.

Making body getter a JSBuiltin.

  • Modules/fetch/FetchResponse.js:

(body): Adding getter which will call createReadableStreamSource if needed.

  • WebCore.xcodeproj/project.pbxproj: Removing JSFetchResponseCustom.cpp.
  • bindings/js/JSFetchResponseCustom.cpp: Removed.
  • bindings/js/ReadableStreamController.cpp:

(WebCore::createReadableStream): Deleted.
(WebCore::getReadableStreamReader): Deleted.

  • bindings/js/ReadableStreamController.h: Removing unneeded ReadableStream helper routine now that they can be

handled within JS built-in code.

  • bindings/js/WebCoreBuiltinNames.h: Adding @createReadableStreamSource, @isDisturbed and @Response identifiers.
6:56 PM Changeset in webkit [203631] by Alan Bujtas
  • 7 edits in trunk/Source

Handle cases when IOSurface initialization fails.
https://bugs.webkit.org/show_bug.cgi?id=160006
<rdar://problem/27495102>

Reviewed by Tim Horton and Simon Fraser.

This is an additional fix to r203514 to check if IOSurface initialization was successful.

Unable to test.

Source/WebCore:

  • platform/graphics/cg/ImageBufferCG.cpp:

(WebCore::ImageBuffer::ImageBuffer):

  • platform/graphics/cocoa/IOSurface.h: Merge 2 c'tors.
  • platform/graphics/cocoa/IOSurface.mm: Remove redundant IOSurface::create() code.

(WebCore::IOSurface::create):
(WebCore::IOSurface::createFromImage):
(WebCore::IOSurface::IOSurface):
(WebCore::IOSurface::convertToFormat):

Source/WebKit2:

  • Shared/mac/RemoteLayerBackingStore.mm:

(WebKit::RemoteLayerBackingStore::encode):
(WebKit::RemoteLayerBackingStore::display):
(WebKit::RemoteLayerBackingStore::applyBackingStoreToLayer):

  • UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _takeViewSnapshot]):
(-[WKWebView _snapshotRect:intoImageOfWidth:completionHandler:]):

6:19 PM Changeset in webkit [203630] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebKit2

[iOS] Clients should be able to decide if they want secure text entry in a form field
https://bugs.webkit.org/show_bug.cgi?id=160109
rdar://problem/27504958

Patch by Chelsea Pugh <cpugh@apple.com> on 2016-07-22
Reviewed by Dan Bernstein.

  • UIProcess/API/Cocoa/_WKFormInputSession.h:
  • UIProcess/ios/WKContentViewInteraction.mm:

(-[WKFormInputSession forceSecureTextEntry]): Getter.
(-[WKFormInputSession setForceSecureTextEntry:]): Setter.
(-[WKContentView textInputTraits]): If the form input session has specified that secure text
entry is desired, we should use secure text entry.

5:47 PM Changeset in webkit [203629] by Wenson Hsieh
  • 4 edits in trunk

Media controls should be displayed for media in media documents
https://bugs.webkit.org/show_bug.cgi?id=160104
<rdar://problem/27438936>

Reviewed by Myles C. Maxfield.

Source/WebCore:

Make videos that would otherwise not have been large enough or have the right
aspect ratio cause media controls to appear. This is because media elements in
a media document are implied to be main content.

Added a new API test.

  • html/MediaElementSession.cpp:

(WebCore::MediaElementSession::canControlControlsManager):

Tools:

Verifies that even a small video with audio in a media document gets media controls.

  • TestWebKitAPI/Tests/WebKit2Cocoa/VideoControlsManager.mm:

(TestWebKitAPI::TEST):

4:48 PM Changeset in webkit [203628] by bshafiei@apple.com
  • 1 copy in tags/Safari-602.1.43

New tag.

4:48 PM Changeset in webkit [203627] by bshafiei@apple.com
  • 11 edits in branches/safari-602-branch

Merge r203626. rdar://problem/27453479

4:45 PM Changeset in webkit [203626] by mmaxfield@apple.com
  • 11 edits in trunk

All dancers with bunny ears are female
https://bugs.webkit.org/show_bug.cgi?id=160102
<rdar://problem/27453479>

Reviewed by Simon Fraser.

Source/WebCore:

In r203330 I added support for new emoji group candidates. I accidentally
missed one of the new emoji code points.

Tests: editing/deleting/delete-emoji.html:

fast/text/emoji-gender-2-9.html:
fast/text/emoji-gender-9.html:
fast/text/emoji-gender-fe0f-9.html:

  • platform/text/CharacterProperties.h:

(WebCore::isEmojiGroupCandidate):

LayoutTests:

  • editing/deleting/delete-emoji.html:
  • platform/mac/editing/deleting/delete-emoji-expected.txt:
  • fast/text/emoji-gender-2-9-expected.html:
  • fast/text/emoji-gender-2-9.html:
  • fast/text/emoji-gender-9-expected.html:
  • fast/text/emoji-gender-9.html:
  • fast/text/emoji-gender-fe0f-9-expected.html:
  • fast/text/emoji-gender-fe0f-9.html:
4:17 PM Changeset in webkit [203625] by msaboff@apple.com
  • 2 edits in trunk/Tools

REGRESSION(203616): no FTL testing was inadvertently removed
https://bugs.webkit.org/show_bug.cgi?id=160100

Rubber-stamped by Filip Pizlo.

Added runNoFTL back into the set of tests we run on FTL enabled platforms.
Renamed runLayoutTestNoFTL to runLayoutTestDefault. Restructured the test
logic for the runLayout and runNoisy variants to match the run test logic,
that is we always invoke runXXXDefault and invoke runXXXNoFTL for FTL
enabled platforms.

  • Scripts/run-jsc-stress-tests:
4:13 PM Changeset in webkit [203624] by Chris Dumez
  • 11 edits in trunk

Parameter to HTMLCollection.item() / namedItem() should be mandatory
https://bugs.webkit.org/show_bug.cgi?id=160099

Reviewed by Sam Weinig.

LayoutTests/imported/w3c:

Rebaseline several W3C tests now that more checks are passing.

  • web-platform-tests/dom/interfaces-expected.txt:
  • web-platform-tests/html/dom/interfaces-expected.txt:

Source/WebCore:

Parameter to HTMLCollection.item() / namedItem() should be mandatory:

Firefox and Chrome agree with the specification.

No new tests, rebaselined existing tests.

  • bindings/js/JSHTMLFormControlsCollectionCustom.cpp:

(WebCore::JSHTMLFormControlsCollection::namedItem):

  • html/HTMLCollection.idl:
  • html/HTMLFormControlsCollection.idl:
  • html/HTMLOptionsCollection.idl:

LayoutTests:

Update existing test to reflect behavior change.

  • fast/dom/non-numeric-values-numeric-parameters-expected.txt:
  • fast/dom/script-tests/non-numeric-values-numeric-parameters.js:
3:56 PM Changeset in webkit [203623] by Chris Dumez
  • 12 edits
    2 adds in trunk

First parameter to Window.getComputedStyle() should be mandatory and non-nullable
https://bugs.webkit.org/show_bug.cgi?id=160097

Reviewed by Ryosuke Niwa.

Source/WebCore:

First parameter to Window.getComputedStyle() should be mandatory and
non-nullable:

Firefox and Chrome agree with the specification.

Test: fast/dom/Window/getComputedStyle-missing-parameter.html

  • css/CSSComputedStyleDeclaration.cpp:

(WebCore::ComputedStyleExtractor::ComputedStyleExtractor):
(WebCore::CSSComputedStyleDeclaration::CSSComputedStyleDeclaration):
(WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
(WebCore::CSSComputedStyleDeclaration::copyProperties):
(WebCore::CSSComputedStyleDeclaration::length):
(WebCore::CSSComputedStyleDeclaration::item):
(WebCore::CSSComputedStyleDeclaration::getPropertyValue):

  • css/CSSComputedStyleDeclaration.h:
  • dom/Document.idl:
  • inspector/InspectorCSSAgent.cpp:

(WebCore::InspectorCSSAgent::getComputedStyleForNode):

  • page/DOMWindow.cpp:

(WebCore::DOMWindow::getComputedStyle):

  • page/DOMWindow.h:
  • page/DOMWindow.idl:
  • testing/Internals.cpp:

(WebCore::Internals::computedStyleIncludingVisitedInfo):

  • testing/Internals.h:
  • testing/Internals.idl:

LayoutTests:

Add test coverage.

  • fast/dom/Window/getComputedStyle-missing-parameter-expected.txt: Added.
  • fast/dom/Window/getComputedStyle-missing-parameter.html: Added.
3:32 PM Changeset in webkit [203622] by beidson@apple.com
  • 4 edits
    2 adds in trunk

Removing IndexedDatabases that have stored blobs doesn't remove the blob files.
https://bugs.webkit.org/show_bug.cgi?id=160089

Reviewed by Darin Adler.

Source/WebCore:

Tested by API test IndexedDB.StoreBlobThenDelete.

Blob filenames exist in the IDB directory with the name "[0-9]+.blob".

That is, one or more digits, followed by ".blob".

So when we delete an IndexedDB.sqlite3 and related files, we should delete those blob files as well.

  • Modules/indexeddb/server/IDBServer.cpp:

(WebCore::IDBServer::removeAllDatabasesForOriginPath):

Tools:

  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
  • TestWebKitAPI/Tests/WebKit2Cocoa/StoreBlobThenDelete.mm: Added.
  • TestWebKitAPI/Tests/WebKit2Cocoa/StoreBlobToBeDeleted.html: Added.
3:14 PM Changeset in webkit [203621] by fpizlo@apple.com
  • 10 edits
    4 adds in trunk/Source/JavaScriptCore

Teach MarkedSpace how to allocate auxiliary storage
https://bugs.webkit.org/show_bug.cgi?id=160053

Reviewed by Sam Weinig.

Previously, we had two kinds of subspaces in MarkedSpace: destructor and non-destructor. This
was described using "bool needsDestruction" that would get passed around. We'd iterate over
these spaces using duplicated code - one loop for destructors and one for non-destructors, or
a single loop that does one thing for destructors and one for non-destructors.

But now we want a third subspace: non-destructor non-JSCell, aka Auxiliary.

So, this changes all of the reflection and iteration over subspaces to use functors, so that
the looping is written once and reused. Most places don't even have to know that there is a
third subspace; they just know that they must do things for each subspace, for each
allocator, or for each block - and the functor magic handles it for you.

To make this somewhat nice, this change also fixes how we describe subspaces. Instead of a
bool, we now have AllocatorAttributes, which is a struct. If we ever add more subspaces, we
can add fields to AllocatorAttributes to describe how those subspaces differ. For now it just
contains two properties: a DestructionMode and a HeapCell::Kind. The DesctructionMode
replaces bool needsDestruction. I deliberately used a non-class enum to avoid tautologies.
DestructionMode has two members: NeedsDestruction and DoesNotNeedDestruction. I almost went
with DestructionMode::Needed and DestructionMode::NotNeeded, but I felt like that involves
more typing and doesn't actually avoid any kind of namespace issues.

This is intended to have no behavior change other than the addition of a totally unused
space, which should always be empty. So hopefully it doesn't cost anything.

  • CMakeLists.txt:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • heap/AllocatorAttributes.cpp: Added.

(JSC::AllocatorAttributes::dump):

  • heap/AllocatorAttributes.h: Added.

(JSC::AllocatorAttributes::AllocatorAttributes):

  • heap/DestructionMode.cpp: Added.

(WTF::printInternal):

  • heap/DestructionMode.h: Added.
  • heap/Heap.h:
  • heap/MarkedAllocator.cpp:

(JSC::MarkedAllocator::allocateBlock):
(JSC::MarkedAllocator::addBlock):

  • heap/MarkedAllocator.h:

(JSC::MarkedAllocator::cellSize):
(JSC::MarkedAllocator::attributes):
(JSC::MarkedAllocator::needsDestruction):
(JSC::MarkedAllocator::destruction):
(JSC::MarkedAllocator::cellKind):
(JSC::MarkedAllocator::heap):
(JSC::MarkedAllocator::takeLastActiveBlock):
(JSC::MarkedAllocator::MarkedAllocator):
(JSC::MarkedAllocator::init):
(JSC::MarkedAllocator::allocate):

  • heap/MarkedBlock.cpp:

(JSC::MarkedBlock::create):
(JSC::MarkedBlock::destroy):
(JSC::MarkedBlock::MarkedBlock):
(JSC::MarkedBlock::callDestructor):
(JSC::MarkedBlock::sweep):
(JSC::MarkedBlock::stopAllocating):
(JSC::MarkedBlock::didRetireBlock):

  • heap/MarkedBlock.h:

(JSC::MarkedBlock::cellSize):
(JSC::MarkedBlock::attributes):
(JSC::MarkedBlock::needsDestruction):
(JSC::MarkedBlock::destruction):
(JSC::MarkedBlock::cellKind):
(JSC::MarkedBlock::size):
(JSC::MarkedBlock::forEachCell):
(JSC::MarkedBlock::forEachLiveCell):
(JSC::MarkedBlock::forEachDeadCell):

  • heap/MarkedSpace.cpp:

(JSC::MarkedSpace::MarkedSpace):
(JSC::MarkedSpace::~MarkedSpace):
(JSC::MarkedSpace::lastChanceToFinalize):
(JSC::MarkedSpace::resetAllocators):
(JSC::MarkedSpace::forEachAllocator):
(JSC::MarkedSpace::stopAllocating):
(JSC::MarkedSpace::resumeAllocating):
(JSC::MarkedSpace::isPagedOut):
(JSC::MarkedSpace::freeBlock):
(JSC::MarkedSpace::shrink):
(JSC::MarkedSpace::clearNewlyAllocated):
(JSC::clearNewlyAllocatedInBlock): Deleted.

  • heap/MarkedSpace.h:

(JSC::MarkedSpace::subspaceForObjectsWithDestructor):
(JSC::MarkedSpace::subspaceForObjectsWithoutDestructor):
(JSC::MarkedSpace::subspaceForAuxiliaryData):
(JSC::MarkedSpace::allocatorFor):
(JSC::MarkedSpace::destructorAllocatorFor):
(JSC::MarkedSpace::auxiliaryAllocatorFor):
(JSC::MarkedSpace::allocateWithoutDestructor):
(JSC::MarkedSpace::allocateWithDestructor):
(JSC::MarkedSpace::allocateAuxiliary):
(JSC::MarkedSpace::forEachBlock):
(JSC::MarkedSpace::didAddBlock):
(JSC::MarkedSpace::capacity):
(JSC::MarkedSpace::forEachSubspace):

3:14 PM Changeset in webkit [203620] by Konstantin Tokarev
  • 2 edits in trunk/Tools

[GTK] Improved exclusion patterns in make-dist.py manifest.
https://bugs.webkit.org/show_bug.cgi?id=160094

Reviewed by Michael Catanzaro.

  • gtk/manifest.txt.in:

Exclude Platform*.cmake files for more ports.
Removed obsolete .gyp and .pro.user patterns.
Exclude 'Configurations' and 'spi' directories.
Exclude CMakeLists.txt.user (Qt Creator IDE).

3:07 PM Changeset in webkit [203619] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Marking webaudio/audionode-connect-order.html as a flaky crash on mac-wk1 debug
https://bugs.webkit.org/show_bug.cgi?id=105870

Unreviewed test gardening.

  • platform/mac-wk1/TestExpectations:
3:06 PM Changeset in webkit [203618] by andersca@apple.com
  • 2 edits in trunk/Source/WebKit2

Get rid of an unused API typedef
https://bugs.webkit.org/show_bug.cgi?id=160103

Reviewed by Sam Weinig.

  • Shared/API/c/WKSharedAPICast.h:
2:58 PM Changeset in webkit [203617] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Marking userscripts/window-onerror-for-isolated-world-3.html as a flaky failure on mac-wk1
https://bugs.webkit.org/show_bug.cgi?id=160101

Unreviewed test gardening.

  • platform/mac-wk1/TestExpectations:
1:53 PM Changeset in webkit [203616] by msaboff@apple.com
  • 2 edits in trunk/Tools

Don't run FTL related JSC stress tests on non-FTL platforms
https://bugs.webkit.org/show_bug.cgi?id=160033

Reviewed by Mark Lam.

Added check for running tests on platforms that don't enable FTL to not run FTL tests.
Refactored several of the runXXX test methods to always runXXXDefault and made those
runXXXDefault to pass FTL_OPTIONS. For platforms that don't enable the FTL, FTL_OPTIONS
doesn't cause a problem.

  • Scripts/run-jsc-stress-tests:
1:38 PM Changeset in webkit [203615] by sbarati@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

REGRESSION(r203537): It made many tests crash on ARMv7 Linux platforms
https://bugs.webkit.org/show_bug.cgi?id=160082

Reviewed by Keith Miller.

We were improperly linking the Jump in the link buffer.
It caused us to be linking against the executable address
which always has bit 0 set. We shouldn't be doing that.
This patch fixes this, by using the same idiom that
PolymorphicAccess uses to link a jump to out of line code.

  • jit/JITMathIC.h:

(JSC::JITMathIC::generateOutOfLine):

1:36 PM Changeset in webkit [203614] by Matt Baker
  • 3 edits in trunk/LayoutTests

Web Inspector: Remove unused code from Debounce layout test
https://bugs.webkit.org/show_bug.cgi?id=160049
<rdar://problem/27479713>

Reviewed by Joseph Pecoraro.

  • inspector/unit-tests/debounce-expected.txt:

Updated with new delay times.

  • inspector/unit-tests/debounce.html:

Remove unused code that was copy-pasted from other tests, and reduced
delay times from 100ms to 10ms to speed up test.

1:35 PM Changeset in webkit [203613] by commit-queue@webkit.org
  • 2 edits in trunk/Source/JavaScriptCore

Unreviewed, rolling out r203603.
https://bugs.webkit.org/show_bug.cgi?id=160096

Caused CLoop tests to fail with assertions (Requested by
perarne on #webkit).

Reverted changeset:

"[Win] jsc.exe sometimes never exits."
https://bugs.webkit.org/show_bug.cgi?id=158073
http://trac.webkit.org/changeset/203603

1:34 PM Changeset in webkit [203612] by Chris Dumez
  • 6 edits in trunk

Fix default parameter values for window.alert() / prompt() / confirm()
https://bugs.webkit.org/show_bug.cgi?id=160085

Reviewed by Ryosuke Niwa.

Source/WebCore:

Fix default parameter values for window.alert() / prompt() / confirm() to
match the specification:

They should default to the empty string, not the string "undefined".

Firefox and chrome agree with the specification.

No new tests, updated existing test.

  • page/DOMWindow.h:
  • page/DOMWindow.idl:

LayoutTests:

Update existing test to reflect behavior change.

  • fast/dom/Window/alert-undefined-expected.txt:
  • fast/dom/Window/alert-undefined.html:
1:33 PM Changeset in webkit [203611] by dbates@webkit.org
  • 8 edits
    16 adds in trunk

CSP: object-src and plugin-types directives are not respected for plugin replacements
https://bugs.webkit.org/show_bug.cgi?id=159761
<rdar://problem/27365724>

Reviewed by Brent Fulgham.

Source/WebCore:

Apply the Content Security Policy (CSP) object-src and plugin-types directives to content that will
load with a plugin replacement.

Tests: security/contentSecurityPolicy/object-src-none-blocks-quicktime-plugin-replacement.html

security/contentSecurityPolicy/object-src-none-blocks-youtube-plugin-replacement.html
security/contentSecurityPolicy/plugins-types-allows-quicktime-plugin-replacement.html
security/contentSecurityPolicy/plugins-types-allows-youtube-plugin-replacement.html
security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement-without-mime-type.html
security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement.html
security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement-without-mime-type.html
security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement.html

  • html/HTMLPlugInImageElement.cpp:

(WebCore::HTMLPlugInImageElement::allowedToLoadPluginContent): Added.
(WebCore::HTMLPlugInImageElement::requestObject): Only request loading plugin content if we
are allowed to load such content.

  • html/HTMLPlugInImageElement.h:
  • loader/SubframeLoader.cpp:

(WebCore::SubframeLoader::pluginIsLoadable): Removed code to check CSP as we will check CSP
earlier in HTMLPlugInImageElement::requestObject().
(WebCore::SubframeLoader::requestPlugin): Ditto.
(WebCore::SubframeLoader::isPluginContentAllowedByContentSecurityPolicy): Deleted; moved implementation
to HTMLPlugInImageElement::allowedToLoadPluginContent().
(WebCore::SubframeLoader::requestObject): Deleted.

  • loader/SubframeLoader.h:
  • page/csp/ContentSecurityPolicy.cpp:

(WebCore::ContentSecurityPolicy::upgradeInsecureRequestIfNeeded): Changed signature from a non-const
function to a const function since these functions do not modify |this|.

  • page/csp/ContentSecurityPolicy.h:

LayoutTests:

Add layout tests to ensure that we apply the CSP object-src and plugin-types directives to content
that loads with either the QuickTime plugin replacement or YouTube plugin replacement.

  • security/contentSecurityPolicy/object-src-none-blocks-quicktime-plugin-replacement-expected.txt: Added.
  • security/contentSecurityPolicy/object-src-none-blocks-quicktime-plugin-replacement.html: Added.
  • security/contentSecurityPolicy/object-src-none-blocks-youtube-plugin-replacement-expected.txt: Added.
  • security/contentSecurityPolicy/object-src-none-blocks-youtube-plugin-replacement.html: Added.
  • security/contentSecurityPolicy/plugins-types-allows-quicktime-plugin-replacement-expected.txt: Added.
  • security/contentSecurityPolicy/plugins-types-allows-quicktime-plugin-replacement.html: Added.
  • security/contentSecurityPolicy/plugins-types-allows-youtube-plugin-replacement-expected.txt: Added.
  • security/contentSecurityPolicy/plugins-types-allows-youtube-plugin-replacement.html: Added.
  • security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement-expected.txt: Added.
  • security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement-without-mime-type-expected.txt: Added.
  • security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement-without-mime-type.html: Added.
  • security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement.html: Added.
  • security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement-expected.txt: Added.
  • security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement-without-mime-type-expected.txt: Added.
  • security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement-without-mime-type.html: Added.
  • security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement.html: Added.
12:54 PM Changeset in webkit [203610] by Chris Dumez
  • 11 edits in trunk

Parameters to Node.replaceChild() / insertBefore() should be mandatory
https://bugs.webkit.org/show_bug.cgi?id=160091

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Rebaseline several W3C tests now that more checks are passing.

  • web-platform-tests/dom/interfaces-expected.txt:
  • web-platform-tests/html/dom/interfaces-expected.txt:

Source/WebCore:

Parameters to Node.replaceChild() / insertBefore() should be mandatory:

The compatibility risk should be low since Firefox and Chrome both agree
with the specification and because it does not make much sense to omit
parameters when using this API.

No new tests, rebaselined existing tests.

  • bindings/js/JSNodeCustom.cpp:

(WebCore::JSNode::insertBefore):
(WebCore::JSNode::replaceChild):

LayoutTests:

Update existing tests due to the behavior change.

  • fast/block/basic/empty-anonymous-block-remove-crash.html:
  • fast/html/details-summary-document-child.html:
  • fast/repaint/focus-ring-with-negative-offset-repaint.html:
  • svg/animations/mpath-remove-from-dependents-on-delete-crash.html:
12:34 PM Changeset in webkit [203609] by Chris Dumez
  • 5 edits in trunk

Parameter to Node.contains() should be mandatory
https://bugs.webkit.org/show_bug.cgi?id=160084

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Rebaseline several W3C tests now that more checks are passing.

  • web-platform-tests/dom/interfaces-expected.txt:
  • web-platform-tests/html/dom/interfaces-expected.txt:

Source/WebCore:

Parameter to Node.contains() should be mandatory as per the
specification:

The compatibility risk should be low because both Firefox and Chrome
both agree with the specification. Also, it does not make much sense
to call this API without parameter.

No new tests, rebaselined existing tests.

  • dom/Node.idl:
11:58 AM Changeset in webkit [203608] by bshafiei@apple.com
  • 2 edits in branches/safari-602-branch/Source/WebCore

Merge r203606. rdar://problem/27430450

11:58 AM Changeset in webkit [203607] by bshafiei@apple.com
  • 10 edits
    2 adds in branches/safari-602-branch

Merge r203378. rdar://problem/25876032

11:45 AM Changeset in webkit [203606] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

[iOS] REGRESSION(203378): PDFDocumentImage::updateCachedImageIfNeeded() uses the unscaled size when deciding whether to cache the PDF image
https://bugs.webkit.org/show_bug.cgi?id=159933

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2016-07-22
Reviewed by Simon Fraser.

We need to use the scaled size when deciding whether to cache the PDF image
or not. This is because ImageBuffer takes the display resolution into account
which gives higher resolution for the image when zooming.

  • platform/graphics/cg/PDFDocumentImage.cpp:

(WebCore::PDFDocumentImage::updateCachedImageIfNeeded):

11:39 AM Changeset in webkit [203605] by Chris Dumez
  • 7 edits
    2 adds in trunk

First parameter to getElementById() should be mandatory
https://bugs.webkit.org/show_bug.cgi?id=160087

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Rebaseline several W3C tests now that more checks are passing.

  • web-platform-tests/dom/interfaces-expected.txt:
  • web-platform-tests/html/dom/interfaces-expected.txt:

Source/WebCore:

First parameter to getElementById() should be mandatory:

Both Firefox and Chrome agree with the specification.

Test: svg/dom/SVGSVGElement-getElementById.html

  • dom/NonElementParentNode.idl:
  • svg/SVGSVGElement.idl:

LayoutTests:

Add layout test coverage for SVGSVGElement.getElementById().

  • svg/dom/SVGSVGElement-getElementById-expected.txt: Added.
  • svg/dom/SVGSVGElement-getElementById.html: Added.
11:34 AM Changeset in webkit [203604] by Chris Dumez
  • 5 edits in trunk

Parameter to Node.lookupPrefix() / lookupNamespaceURI() / isDefaultNamespace() should be mandatory
https://bugs.webkit.org/show_bug.cgi?id=160086

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Rebaseline several W3C tests now that more checks are passing.

  • web-platform-tests/dom/interfaces-expected.txt:
  • web-platform-tests/html/dom/interfaces-expected.txt:

Source/WebCore:

Parameter to Node.lookupPrefix() / lookupNamespaceURI() / isDefaultNamespace()
should be mandatory:

Firefox and Chrome both agree with the specification.

No new tests, rebaselined existing tests.

  • dom/Node.idl:
11:26 AM Changeset in webkit [203603] by pvollan@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

[Win] jsc.exe sometimes never exits.
https://bugs.webkit.org/show_bug.cgi?id=158073

Reviewed by Mark Lam.

Make sure the VM is deleted after the test has finished. This will gracefully stop the sampling profiler thread,
and give the thread the opportunity to release the machine thread lock aquired in SamplingProfiler::takeSample.
If the sampling profiler thread was terminated while holding the machine thread lock, the machine thread will
not be able to grab the lock afterwards.

  • jsc.cpp:

(jscmain):

9:57 AM Changeset in webkit [203602] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Correct a TestExpectation by changing it from Failure to ImageOnlyFailure

Unreviewed test gardening.

  • platform/mac/TestExpectations:
9:01 AM Changeset in webkit [203601] by Chris Dumez
  • 12 edits in trunk

Parameter to Node.compareDocumentPosition() should be mandatory and non-nullable
https://bugs.webkit.org/show_bug.cgi?id=160071

Reviewed by Ryosuke Niwa.

LayoutTests/imported/w3c:

Rebaseline several W3C tests now that more checks are passing.

  • web-platform-tests/dom/interfaces-expected.txt:
  • web-platform-tests/html/dom/interfaces-expected.txt:

Source/WebCore:

Parameter to Node.compareDocumentPosition() should be mandatory and
non-nullable:

Firefox and Chrome agree with the specification so the compatibility
risk should be low. Also, it does not make much sense to call this
operation without parameter.

No new tests, rebaselined existing tests.

  • accessibility/AccessibilityObject.cpp:

(WebCore::rangeClosestToRange):

  • dom/AuthorStyleSheets.cpp:

(WebCore::AuthorStyleSheets::addStyleSheetCandidateNode):

  • dom/Node.cpp:

(WebCore::compareDetachedElementsPosition):
(WebCore::Node::compareDocumentPosition):

  • dom/Node.h:
  • dom/Node.idl:
  • dom/Position.h:

(WebCore::operator<):

  • html/HTMLFormElement.cpp:

(WebCore::HTMLFormElement::formElementIndexWithFormAttribute):
(WebCore::HTMLFormElement::formElementIndex):

  • rendering/RenderNamedFlowThread.cpp:

(WebCore::RenderNamedFlowThread::nextRendererForElement):
(WebCore::compareRenderNamedFlowFragments):
(WebCore::RenderNamedFlowThread::registerNamedFlowContentElement):

8:55 AM Changeset in webkit [203600] by pvollan@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Fix the Windows 64-bit build after r203537
https://bugs.webkit.org/show_bug.cgi?id=160080

Reviewed by Csaba Osztrogonác.

Added new version of setupArgumentsWithExecState method.

  • jit/CCallHelpers.h:

(JSC::CCallHelpers::setupArgumentsWithExecState):

8:52 AM Changeset in webkit [203599] by Konstantin Tokarev
  • 2 edits in trunk/Source/WebCore

[cmake] Removed obsolete plugins/win directory
https://bugs.webkit.org/show_bug.cgi?id=160081

Reviewed by Per Arne Vollan.

It was removed in r178219.

No new tests needed.

  • PlatformWin.cmake:
8:11 AM Changeset in webkit [203598] by mitz@apple.com
  • 5 edits in trunk/Source/WebKit2

run-safari doesn't work with Safari 10 on 10.11
https://bugs.webkit.org/show_bug.cgi?id=159958
<rdar://problem/27422805>

Reviewed by Alexey Proskuryakov.

Safari’s injected bundle may depend on the newer versions of frameworks installed in a
staging location. Have the engineering builds of the Web Content service look for newer
versions in that location.

  • Configurations/BaseTarget.xcconfig: Shortened a linker flag.
  • Configurations/BaseXPCService.xcconfig: Increased Mach-O header padding in production builds to allow for more dyld environment commands to be added after the fact.
  • Configurations/DebugRelease.xcconfig: Have the new WK_WEBCONTENT_SERVICE_NEEDS_VERSIONED_FRAMEWORK_PATH_LDFLAG set to YES for macOS engineering builds.
  • Configurations/WebContentService.xcconfig: Include the versioned frameworks whenever WK_WEBCONTENT_SERVICE_NEEDS_VERSIONED_FRAMEWORK_PATH_LDFLAG is set to YES. Have the value of WK_WEBCONTENT_SERVICE_NEEDS_VERSIONED_FRAMEWORK_PATH_LDFLAG default to the value of USE_STAGING_INSTALL_PATH, while letting DebugRelease.xcconfig override it.
5:40 AM Changeset in webkit [203597] by pvollan@apple.com
  • 4 edits in trunk

IWebView::mainFrame crashes if called after IWebView::close
https://bugs.webkit.org/show_bug.cgi?id=32868

Reviewed by Brent Fulgham.

Source/WebKit/win:

After deleting the page in WebView::close the mainframe object may be deleted.

Test: Tools/TestWebKitAPI/Tests/WebKit/win/WebViewDestruction.cpp (CloseThenGetMainFrame).

  • WebView.cpp:

(WebView::close): set mainframe pointer member to null.

Tools:

  • TestWebKitAPI/Tests/WebKit/win/WebViewDestruction.cpp:

(TestWebKitAPI::TEST_F): Added test.

3:24 AM Changeset in webkit [203596] by Carlos Garcia Campos
  • 4 edits in trunk

[GTK] Enable threaded compositor by default
https://bugs.webkit.org/show_bug.cgi?id=160079

Reviewed by Žan Doberšek.

.:

  • Source/cmake/OptionsGTK.cmake:

Tools:

  • Scripts/webkitperl/FeatureList.pm:
3:00 AM Changeset in webkit [203595] by Csaba Osztrogonác
  • 2 edits in trunk/Source/JavaScriptCore

[ARM] Unreviewed EABI buildfix after r203537.

  • jit/CCallHelpers.h:

(JSC::CCallHelpers::setupArgumentsWithExecState): Added.

2:50 AM Changeset in webkit [203594] by bshafiei@apple.com
  • 2 edits in branches/safari-602-branch/Source/WebCore

Merge r203548. rdar://problem/27474031

2:50 AM Changeset in webkit [203593] by bshafiei@apple.com
  • 3 edits in branches/safari-602-branch

Merge r203511. rdar://problem/27474031

2:38 AM Changeset in webkit [203592] by bshafiei@apple.com
  • 24 edits in branches/safari-602-branch

Merge r203545. rdar://problem/26964090

2:38 AM Changeset in webkit [203591] by bshafiei@apple.com
  • 3 edits in branches/safari-602-branch/Tools

Merge r203540. rdar://problem/26964090

2:38 AM Changeset in webkit [203590] by bshafiei@apple.com
  • 26 edits
    2 deletes in branches/safari-602-branch

Merge r203520. rdar://problem/26964090

2:26 AM Changeset in webkit [203589] by bshafiei@apple.com
  • 1 edit
    1 move
    1 add in branches/safari-602-branch/LayoutTests

Merge r203536. rdar://problem/27430111

2:26 AM Changeset in webkit [203588] by bshafiei@apple.com
  • 3 edits
    2 copies
    1 move
    1 add in branches/safari-602-branch

Merge r203533. rdar://problem/27430111

2:26 AM Changeset in webkit [203587] by bshafiei@apple.com
  • 2 edits in branches/safari-602-branch/Source/WebCore

Merge r203473. rdar://problem/27180657

2:26 AM Changeset in webkit [203586] by bshafiei@apple.com
  • 2 edits in branches/safari-602-branch/Tools

Merge r203468. rdar://problem/27180657

2:26 AM Changeset in webkit [203585] by bshafiei@apple.com
  • 5 edits
    1 add in branches/safari-602-branch

Merge r203464. rdar://problem/27180657

2:26 AM Changeset in webkit [203584] by bshafiei@apple.com
  • 2 edits in branches/safari-602-branch/Source/WebKit2

Merge r203483. rdar://problem/27455589

2:26 AM Changeset in webkit [203583] by bshafiei@apple.com
  • 2 edits in branches/safari-602-branch/Source/WebKit2

Merge r203462. rdar://problem/27453189

2:26 AM Changeset in webkit [203582] by bshafiei@apple.com
  • 2 edits in branches/safari-602-branch/Tools

Merge r203447. rdar://problem/27056844

2:26 AM Changeset in webkit [203581] by bshafiei@apple.com
  • 2 edits in branches/safari-602-branch/Tools

Merge r203436. rdar://problem/27056844

2:26 AM Changeset in webkit [203580] by bshafiei@apple.com
  • 2 edits in branches/safari-602-branch/Tools

Merge r203429. rdar://problem/27056844

2:26 AM Changeset in webkit [203579] by bshafiei@apple.com
  • 3 edits
    2 moves
    3 adds in branches/safari-602-branch/Tools

Merge r203426. rdar://problem/27056844

2:26 AM Changeset in webkit [203578] by bshafiei@apple.com
  • 5 edits in branches/safari-602-branch/Source

Merge r203392. rdar://problem/27056844

2:26 AM Changeset in webkit [203577] by bshafiei@apple.com
  • 3 edits
    3 adds in branches/safari-602-branch

Merge r203543. rdar://problem/27429465

2:26 AM Changeset in webkit [203576] by bshafiei@apple.com
  • 4 edits
    1 add in branches/safari-602-branch

Merge r203541. rdar://problem/27450825

2:25 AM Changeset in webkit [203575] by bshafiei@apple.com
  • 3 edits
    2 adds in branches/safari-602-branch

Merge r203538. rdar://problem/27462960

2:25 AM Changeset in webkit [203574] by bshafiei@apple.com
  • 2 edits in branches/safari-602-branch/Source/WebCore

Merge r203518. rdar://problem/21400186

2:25 AM Changeset in webkit [203573] by bshafiei@apple.com
  • 2 edits in branches/safari-602-branch/Source/WebCore

Merge r203514. rdar://problem/27208636

2:25 AM Changeset in webkit [203572] by bshafiei@apple.com
  • 9 edits
    1 add in branches/safari-602-branch/Source/JavaScriptCore

Merge r203488. rdar://problem/27439330

2:25 AM Changeset in webkit [203571] by bshafiei@apple.com
  • 3 edits in branches/safari-602-branch/Source/WebCore

Merge r203482. rdar://problem/27442806

2:25 AM Changeset in webkit [203570] by bshafiei@apple.com
  • 2 edits
    2 adds in branches/safari-602-branch/Tools

Merge r203478. rdar://problem/27411085

2:25 AM Changeset in webkit [203569] by bshafiei@apple.com
  • 4 edits in branches/safari-602-branch/Source/WebCore

Merge r203450. rdar://problem/21439264

2:25 AM Changeset in webkit [203568] by bshafiei@apple.com
  • 2 edits in branches/safari-602-branch/Source/WebKit2

Merge r203442. rdar://problem/27376446

2:25 AM Changeset in webkit [203567] by bshafiei@apple.com
  • 6 edits in branches/safari-602-branch

Merge r203435. rdar://problem/27438734

2:25 AM Changeset in webkit [203566] by bshafiei@apple.com
  • 2 edits in branches/safari-602-branch/Source/WebCore

Merge r203425. rdar://problem/27488703

2:25 AM Changeset in webkit [203565] by bshafiei@apple.com
  • 3 edits in branches/safari-602-branch/Source/WebCore

Merge r203424. rdar://problem/27391012

2:25 AM Changeset in webkit [203564] by bshafiei@apple.com
  • 3 edits
    2 adds in branches/safari-602-branch

Merge r203415. rdar://problem/27409483

2:25 AM Changeset in webkit [203563] by bshafiei@apple.com
  • 7 edits in branches/safari-602-branch/Source

Merge r203414. rdar://problem/26756701

2:25 AM Changeset in webkit [203562] by bshafiei@apple.com
  • 4 edits
    2 adds in branches/safari-602-branch

Merge r203412. rdar://problem/26898984

2:25 AM Changeset in webkit [203561] by bshafiei@apple.com
  • 3 edits
    6 adds in branches/safari-602-branch

Merge r203409. rdar://problem/27182267

2:25 AM Changeset in webkit [203560] by bshafiei@apple.com
  • 6 edits
    2 adds in branches/safari-602-branch

Merge r203388. rdar://problem/25740804

2:25 AM Changeset in webkit [203559] by bshafiei@apple.com
  • 2 edits in branches/safari-602-branch/Source/WebKit2

Merge r203387. rdar://problem/27018065

2:25 AM Changeset in webkit [203558] by bshafiei@apple.com
  • 2 edits in branches/safari-602-branch/Source/WebKit2

Merge r203385. rdar://problem/27192350

2:25 AM Changeset in webkit [203557] by bshafiei@apple.com
  • 15 edits in branches/safari-602-branch

Merge r203380. rdar://problem/27391725

2:25 AM Changeset in webkit [203556] by bshafiei@apple.com
  • 5 edits in branches/safari-602-branch/Source/WebKit2

Merge r203371. rdar://problem/26973202

2:24 AM Changeset in webkit [203555] by bshafiei@apple.com
  • 3 edits in branches/safari-602-branch/Source/WebCore

Merge r203362. rdar://problem/27371624

1:32 AM Changeset in webkit [203554] by commit-queue@webkit.org
  • 12 edits
    1 copy
    2 adds in trunk

run-builtins-generator-tests should be able to test WebCore builtins wrapper with more than one file
https://bugs.webkit.org/show_bug.cgi?id=159921

Patch by Youenn Fablet <youenn@apple.com> on 2016-07-22
Reviewed by Brian Burg.

Source/JavaScriptCore:

Updated built-in generator to generate only wrapper files when passed the --wrappers-only option.
When this option is used, wrapper files are generated but no individual file is generated.
When this option is not used, individual files are generated but not wrapper file is generated.
This allows the builtin generator test runner to generate a single WebCore-Wrappers.h-result generated for all
WebCore test files, like used for real in WebCore.
Previously wrapper code was generated individually for each WebCore test file.

Added new built-in test file to cover the case of concatenating several guards in generated WebCore wrapper files.

  • Scripts/generate-js-builtins.py:

(concatenated_output_filename): Compute a decent name for wrapper files in case of test mode.
(generate_bindings_for_builtins_files): When --wrappers-only is activated, this generates only the wrapper files, not the individual files.

  • Scripts/tests/builtins/WebCore-AnotherGuardedInternalBuiltin-Separate.js: Added.
  • Scripts/tests/builtins/expected/WebCore-AnotherGuardedInternalBuiltin-Separate.js-result: Added.
  • Scripts/tests/builtins/expected/WebCore-ArbitraryConditionalGuard-Separate.js-result: Removed wrapper code.
  • Scripts/tests/builtins/expected/WebCore-GuardedBuiltin-Separate.js-result: Ditto.
  • Scripts/tests/builtins/expected/WebCore-GuardedInternalBuiltin-Separate.js-result: Ditto.
  • Scripts/tests/builtins/expected/WebCore-UnguardedBuiltin-Separate.js-result: Ditto.
  • Scripts/tests/builtins/expected/WebCore-xmlCasingTest-Separate.js-result: Removed wrapper code.
  • Scripts/tests/builtins/expected/WebCoreJSBuiltins.h-result: Added, contains wrapper code for all WebCore valid test cases.

Source/WebCore:

Covered by existing and added built-ins tests.

Updating built system according ---wrappers-only new meaning.
builtin generator is now called for each individual built-in file plus once for WebCore wrapper files.
WebCore wrapper files allow handling things like conditionally guarded features.
They also remove the need to use built-ins macros outside generated code.

  • CMakeLists.txt:
  • DerivedSources.make:

Tools:

Updated builtin generator test runner to generate WebCore wrapper files based on all WebCore valid separate files.

  • Scripts/webkitpy/codegen/main.py:

(BuiltinsGeneratorTests.generate_from_js_builtins): Passing a list of builtin files to the script.
(BuiltinsGeneratorTests):
(BuiltinsGeneratorTests.single_builtin_test): Added to handle the case of single builtin generation.
(BuiltinsGeneratorTests.wrappers_builtin_test): Added to handle the case of WebCore wrappers builtin generation.
(BuiltinsGeneratorTests.run_test): Helper routine to run a test in reset mode or normal check mode.
(BuiltinsGeneratorTests.run_tests): Updated to add WebCore wrappers builtin generation test.

Jul 21, 2016:

10:36 PM MathML/Early_2016_Refactoring edited by fred.wang@free.fr
(diff)
10:33 PM Changeset in webkit [203553] by fred.wang@free.fr
  • 19 edits
    2 copies in trunk/Source/WebCore

Move parsing of accentunder and accent attributes from renderer to element classes
https://bugs.webkit.org/show_bug.cgi?id=159625

Patch by Frederic Wang <fwang@igalia.com> on 2016-07-21
Reviewed by Brent Fulgham.

We introduce a new MathMLUnderOverElement that is used for elements munder, mover and
munderover in order to create RenderMathMLUnderOver and parse and expose the values of the
accent and accentunder attributes. This is one more step toward moving MathML attribute
parsing to the DOM (bug 156536). We also do minor clean-up for this and previous renderer
classes that no longer do attribute parsing: the MathMLNames namespace is no longer necessary
and constructors can take a more accurate element type.

No new tests, already covered by existing test.

  • CMakeLists.txt: Add MathMLUnderOverElement files.
  • WebCore.xcodeproj/project.pbxproj: Ditto.
  • mathml/MathMLAllInOne.cpp: Ditto.
  • mathml/MathMLElement.cpp:

(WebCore::MathMLElement::cachedBooleanAttribute): Add parsing of boolean attributes.

  • mathml/MathMLElement.h: New type and helper functions for boolean attributes.
  • mathml/MathMLInlineContainerElement.cpp:

(WebCore::MathMLInlineContainerElement::createElementRenderer): Remove handling of
under/over/underover elements.

  • mathml/MathMLScriptsElement.cpp:

(WebCore::MathMLScriptsElement::MathMLScriptsElement): Remove inline keyword to avoid link
errors now that MathMLUnderOverElement overrides that class.

  • mathml/MathMLScriptsElement.h: Allow MathMLUnderOverElement to override this class.
  • mathml/MathMLUnderOverElement.cpp:

(WebCore::MathMLUnderOverElement::MathMLUnderOverElement):
(WebCore::MathMLUnderOverElement::create):
(WebCore::MathMLUnderOverElement::accent): Helper function to access the accent value.
(WebCore::MathMLUnderOverElement::accentUnder): Helper function to access the accentunder value.
(WebCore::MathMLUnderOverElement::parseAttribute): Make accent and accentunder dirty.
(WebCore::MathMLUnderOverElement::createElementRenderer): Create RenderMathMLUnderOver

  • mathml/MathMLUnderOverElement.h:
  • mathml/mathtags.in: Map under/over/underover to MathMLUnderOverElement.
  • rendering/mathml/RenderMathMLFraction.cpp: Remove MathMLNames and make the constructor

take a MathMLFractionElement.
(WebCore::RenderMathMLFraction::RenderMathMLFraction):

  • rendering/mathml/RenderMathMLFraction.h:
  • rendering/mathml/RenderMathMLPadded.cpp: Remove MathMLNames and make the constructor

take a MathMLPaddedElement.
(WebCore::RenderMathMLPadded::RenderMathMLPadded):

  • rendering/mathml/RenderMathMLPadded.h:
  • rendering/mathml/RenderMathMLScripts.cpp: Remove MathMLNames and make the constructor

take a MathMLScriptsElement. Also rename scriptsElement() to element().
(WebCore::RenderMathMLScripts::RenderMathMLScripts):
(WebCore::RenderMathMLScripts::element):
(WebCore::RenderMathMLScripts::getScriptMetricsAndLayoutIfNeeded):
(WebCore::RenderMathMLScripts::scriptsElement): Deleted.

  • rendering/mathml/RenderMathMLScripts.h:
  • rendering/mathml/RenderMathMLUnderOver.cpp: Remove MathMLNames and make the constructor

take a RenderMathMLUnderOver.
(WebCore::RenderMathMLUnderOver::RenderMathMLUnderOver):
(WebCore::RenderMathMLUnderOver::element):
(WebCore::RenderMathMLUnderOver::hasAccent): Use the helper functions for accent and accentunder.

  • rendering/mathml/RenderMathMLUnderOver.h:
9:51 PM Changeset in webkit [203552] by Chris Dumez
  • 5 edits in trunk

Parameter to Node.isSameNode() / isEqualNode() should be mandatory
https://bugs.webkit.org/show_bug.cgi?id=160070

Reviewed by Ryosuke Niwa.

LayoutTests/imported/w3c:

Rebaseline several W3C tests now that more checks are passing.

  • web-platform-tests/dom/interfaces-expected.txt:
  • web-platform-tests/html/dom/interfaces-expected.txt:

Source/WebCore:

Parameter to Node.isSameNode() / isEqualNode() should be mandatory as
per the specification:

Chrome and Firefox agree with the specification (although Firefox does
not support isSameNode()).

No new tests, rebaselined existing tests.

  • dom/Node.idl:
9:45 PM Changeset in webkit [203551] by mitz@apple.com
  • 2 edits in trunk/Tools

[Mac] webkitdirs.pm contains unused code to support outdated OS X and Xcode versions
https://bugs.webkit.org/show_bug.cgi?id=160072

Reviewed by Andy Estes.

  • Scripts/webkitdirs.pm:

(readXcodeUserDefault): Changed to take a defaults key rather than a suffix. Removed support

for old Xcode versions.

(determineBaseProductDir): Removed support for old Xcode versions. Updated for the change

to readXcodeUserDefault.

(debugger): Deleted. This was only used for Darwin, where LLDB is now the only supported

debugger.

(determineDebugger): Ditto.
(checkRequiredSystemConfig): Updated to require at least OS X Yosemite v10.10.5 and Xcode

7.0.

(printHelpAndExitForRunAndDebugWebKitAppIfNeeded): Removed --use-gdb and --use-lldb

switches.

(execMacWebKitAppForDebugging): Removed support for GDB.

8:29 PM Changeset in webkit [203550] by Chris Dumez
  • 5 edits in trunk

Parameter to Document.createEvent() should be mandatory
https://bugs.webkit.org/show_bug.cgi?id=160065

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Rebaseline several W3C tests now that more checks are passing.

  • web-platform-tests/dom/interfaces-expected.txt:
  • web-platform-tests/html/dom/interfaces-expected.txt:

Source/WebCore:

Parameter to Document.createEvent() should be mandatory as per the
specification:

We already throw anyway when the parameter is omitted because we use
"undefined" as event type, which is invalid. However, we throw the
wrong exception.

Firefox and Chrome agree with the specification here.

No new tests, rebaselined existing tests.

  • dom/Document.idl:
8:00 PM Changeset in webkit [203549] by BJ Burg
  • 2 edits in trunk/Source/WebCore

REGRESSION(r62549): Objective-C DOM bindings sometimes fail to regenerate when CodeGenerator.pm is modified
https://bugs.webkit.org/show_bug.cgi?id=160031

Reviewed by Darin Adler.

This bug was caused by a refactoring 6 years ago. Not all uses of a variable
were renamed, so the ObjC bindings target pattern was not specifying any
build scripts as target dependencies.

  • DerivedSources.make: Standardize on {COMMON,JS,DOM}_BINDINGS_SCRIPTS.
7:43 PM Changeset in webkit [203548] by Darin Adler
  • 2 edits in trunk/Source/WebCore

Remove unneeded content attribute name "playsinline"
https://bugs.webkit.org/show_bug.cgi?id=160069

Reviewed by Chris Dumez.

  • html/HTMLVideoElement.idl: Removed explicit content attribute name on Reflect

attribute since it is the same as the name that the code generator will generate.

7:42 PM Changeset in webkit [203547] by Chris Dumez
  • 6 edits in trunk

Make parameters to Element.getElementsBy*() operations mandatory
https://bugs.webkit.org/show_bug.cgi?id=160060

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Rebaseline several W3C tests now that more checks are passing.

  • web-platform-tests/dom/interfaces-expected.txt:
  • web-platform-tests/html/dom/interfaces-expected.txt:

Source/WebCore:

Make parameters to Element.getElementsBy*() operations mandatory to
match the specification:

Firefox and Chrome agree with the specification so the compatibility
risk should be low.

It makes very little sense to call these operations without parameter,
especially considering WebKit uses the string "undefined" if the
parameter is omitted.

No new tests, rebaselined existing tests.

  • dom/Element.idl:

LayoutTests:

Drop cases that were calling the operation without parameter.

  • fast/dom/getElementsByClassName/dumpHTMLCollection-expected.txt:
  • fast/dom/getElementsByClassName/dumpHTMLCollection.html:
7:21 PM Changeset in webkit [203546] by Chris Dumez
  • 16 edits in trunk

Make parameters mandatory for attribute-related API on Element
https://bugs.webkit.org/show_bug.cgi?id=160059

Reviewed by Ryosuke Niwa.

LayoutTests/imported/w3c:

Rebaseline several W3C tests now that more checks are passing.

  • web-platform-tests/dom/interfaces-expected.txt:
  • web-platform-tests/html/dom/interfaces-expected.txt:

Source/WebCore:

Make parameters mandatory for attribute-related API on Element to match
the specification:

Firefox and Chrome agree with the specification. Calling this API
without the parameters does not make much sense, especially considering
WebKit uses the string "undefined" when the parameter is omitted.

No new tests, rebaselined existing tests.

  • dom/Element.idl:

LayoutTests:

Update existing layout tests to reflect the behavior change.

  • fast/dom/Element/script-tests/setAttributeNS-namespace-err.js:
  • fast/dom/Element/setAttributeNS-namespace-err-expected.txt:
  • fast/dom/HTMLHrElement/hr-color-noshade-attribute.html:
  • fast/dom/attribute-downcast-right.html:
  • fast/images/style-access-during-imageChanged-style-freeze.html:
  • fast/selectors/read-only-read-write-input-basics.html:
  • fast/selectors/read-only-read-write-textarea-basics.html:
  • media/video-playsinline-expected.txt:
  • media/video-playsinline.html:
6:40 PM Changeset in webkit [203545] by mmaxfield@apple.com
  • 24 edits in trunk

Remove support for deprecated SPI inlineMediaPlaybackRequiresPlaysInlineAttribute
https://bugs.webkit.org/show_bug.cgi?id=160066

Reviewed by Dean Jackson.

Source/WebCore:

r203520 deprecated inlineMediaPlaybackRequiresPlaysInlineAttribute in favor of
allowsInlineMediaPlaybackWithPlaysInlineAttribute and
allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute. The old
inlineMediaPlaybackRequiresPlaysInlineAttribute is SPI and was never released
to the public. Therefore, it can be removed safely.

No new tests because there is no behavior change.

  • page/Settings.cpp:
  • page/Settings.in:
  • testing/InternalSettings.cpp:

(WebCore::InternalSettings::Backup::Backup): Deleted.
(WebCore::InternalSettings::Backup::restoreTo): Deleted.
(WebCore::InternalSettings::setInlineMediaPlaybackRequiresPlaysInlineAttribute): Deleted.

  • testing/InternalSettings.h:
  • testing/InternalSettings.idl:

Source/WebKit/mac:

  • WebView/WebPreferenceKeysPrivate.h:
  • WebView/WebPreferences.mm:

(+[WebPreferences initialize]): Deleted.
(-[WebPreferences inlineMediaPlaybackRequiresPlaysInlineAttribute]): Deleted.
(-[WebPreferences setInlineMediaPlaybackRequiresPlaysInlineAttribute:]): Deleted.

  • WebView/WebPreferencesPrivate.h:
  • WebView/WebView.mm:

(-[WebView _preferencesChanged:]): Deleted.

Source/WebKit2:

  • Shared/WebPreferencesDefinitions.h:
  • UIProcess/API/C/WKPreferences.cpp:

(WKPreferencesSetInlineMediaPlaybackRequiresPlaysInlineAttribute): Deleted.
(WKPreferencesGetInlineMediaPlaybackRequiresPlaysInlineAttribute): Deleted.

  • UIProcess/API/C/WKPreferencesRefPrivate.h:
  • UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _initializeWithConfiguration:]): Deleted.

  • UIProcess/API/Cocoa/WKWebViewConfiguration.mm:

(-[WKWebViewConfiguration init]): Deleted.
(-[WKWebViewConfiguration copyWithZone:]): Deleted.
(-[WKWebViewConfiguration _inlineMediaPlaybackRequiresPlaysInlineAttribute]): Deleted.
(-[WKWebViewConfiguration _setInlineMediaPlaybackRequiresPlaysInlineAttribute:]): Deleted.

  • UIProcess/API/Cocoa/WKWebViewConfigurationPrivate.h:
  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::updatePreferences): Deleted.

Tools:

  • DumpRenderTree/mac/DumpRenderTree.mm:

(setDefaultsToConsistentValuesForTesting): Deleted.

  • TestWebKitAPI/Tests/WebKit2Cocoa/RequiresUserActionForPlayback.mm:

(RequiresUserActionForPlaybackTest::SetUp): Deleted.

  • WebKitTestRunner/TestController.cpp:

(WTR::TestController::resetPreferencesToConsistentValues): Deleted.

  • WebKitTestRunner/cocoa/TestControllerCocoa.mm:

(WTR::initializeWebViewConfiguration): Deleted.

6:01 PM Changeset in webkit [203544] by sbarati@apple.com
  • 4 edits in trunk/Source/JavaScriptCore

callOperation(.) variants in the DFG that explicitly take a tag/payload register should take a JSValueRegs instead
https://bugs.webkit.org/show_bug.cgi?id=160007

Reviewed by Filip Pizlo.

This patch is the first step in my plan to remove all callOperation(.) variants
in the various JITs and to unify them using a couple template variations.
The steps are as follows:

  1. Replace all explicit tag/payload pairs with JSValueRegs in the DFG
  2. Replace all explicit tag/payload pairs with JSValueRegs in the baseline
  3. remove callOperation(.) variants and teach setupArgumentsWithExecState about JSValueRegs.
  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileGetByValOnString):
(JSC::DFG::SpeculativeJIT::compileValueAdd):
(JSC::DFG::SpeculativeJIT::compileGetDynamicVar):
(JSC::DFG::SpeculativeJIT::compilePutDynamicVar):
(JSC::DFG::SpeculativeJIT::compilePutAccessorByVal):

  • dfg/DFGSpeculativeJIT.h:

(JSC::DFG::SpeculativeJIT::callOperation):

  • dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::cachedGetById):
(JSC::DFG::SpeculativeJIT::cachedPutById):
(JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranch):
(JSC::DFG::CompareAndBoxBooleanSlowPathGenerator::generateInternal):
(JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeCompare):
(JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeStrictEq):
(JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeStrictEq):
(JSC::DFG::SpeculativeJIT::emitCall):
(JSC::DFG::SpeculativeJIT::compileLogicalNot):
(JSC::DFG::SpeculativeJIT::emitBranch):
(JSC::DFG::SpeculativeJIT::compile):

5:48 PM Changeset in webkit [203543] by dino@apple.com
  • 3 edits
    3 adds in trunk

REGRESSION (r202927): The internal size of the ImageBuffer is scaled twice by the context scaleFactor
https://bugs.webkit.org/show_bug.cgi?id=159981
<rdar://problem/27429465>

Reviewed by Myles Maxfield.

Source/WebCore:

The change to propagate color spaces through ImageBuffers created an
alternate version of createCompatibleBuffer. This version accidentally
attempted to take the display resolution (i.e. hidpi) into account
when creating the buffer, which meant it was being applied twice.

The fix is simply to remove that logic. The caller of the method
will take the resolution into account, the same way they did
with the old createCompatibleBuffer method.

Test: fast/hidpi/pdf-image-scaled.html

  • platform/graphics/cg/ImageBufferCG.cpp:

(WebCore::ImageBuffer::createCompatibleBuffer): Don't calculate
a resolution - just use the value of 1.0.

LayoutTests:

  • fast/hidpi/pdf-image-scaled-expected.html: Added.
  • fast/hidpi/pdf-image-scaled.html: Added.
  • fast/hidpi/resources/circle.pdf: Added.
5:44 PM Changeset in webkit [203542] by wilander@apple.com
  • 3 edits
    3 adds in trunk

Block mixed content synchronous XHR
https://bugs.webkit.org/show_bug.cgi?id=105462
<rdar://problem/13666424>

Reviewed by Brent Fulgham.

Source/WebCore:

Test: http/tests/security/mixedContent/insecure-xhr-sync-in-main-frame.html

  • loader/DocumentThreadableLoader.cpp:

(WebCore::DocumentThreadableLoader::loadRequest):

LayoutTests:

  • http/tests/security/mixedContent/insecure-xhr-sync-in-main-frame-expected.txt: Added.
  • http/tests/security/mixedContent/insecure-xhr-sync-in-main-frame.html: Added.
  • http/tests/security/mixedContent/resources/insecure-xhr-sync-in-main-frame-window.html: Added.
5:11 PM Changeset in webkit [203541] by commit-queue@webkit.org
  • 4 edits
    1 add in trunk

[iOS] Apps using WKWebView will crash if they set the scroll view's delegate and don't nil it out later
https://bugs.webkit.org/show_bug.cgi?id=159980
rdar://problem/27450825

Patch by Chelsea Pugh <cpugh@apple.com> on 2016-07-21
Reviewed by Dan Bernstein.

Source/WebKit2:

The root cause of this crash is that we are not abiding the UIScrollView API that the scroll view
delegate property should be weak. If setters of this delegate do not know that, since the WKWebView
exposes the scroll view as a UIScrollView, they may forget to nil out the delegate they set and will
then crash.

  • UIProcess/ios/WKScrollView.mm:

(-[WKScrollViewDelegateForwarder methodSignatureForSelector:]): Get a RetainPtr holding the
external delegate and use where needed.
(-[WKScrollViewDelegateForwarder respondsToSelector:]): Ditto.
(-[WKScrollViewDelegateForwarder forwardInvocation:]): Ditto.
(-[WKScrollViewDelegateForwarder forwardingTargetForSelector:]): Ditto. When returning a reference
to the external delegate, get a retained and autoreleased reference so the caller needn't release
the object when done.
(-[WKScrollView delegate]): Ditto.
(-[WKScrollView _updateDelegate]): Get a RetainPtr holding the external delegate that can be
used throughout this method. Use the RetainPtr to get the external delegate for setting super's
delegate as well as creating the delegate forwarder.
(-[WKScrollView setDelegate:]): Get a RetainPtr holding the external delegate and use its value for
comparison to the object we are setting the external delegate to.

Tools:

  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
  • TestWebKitAPI/Tests/ios/WKScrollViewDelegateCrash.mm: Added.

(-[TestDelegateForScrollView dealloc]): Update delegateIsDeallocated to true so that we can tell
when our delegate has hit -dealloc.
(TestWebKitAPI::TEST): Ensure that after an object has been set as the scroll view's delegate,
and has then been deallocated, that the scroll view's delegate is nil and the deallocated delegate
will not be messaged.

4:55 PM Changeset in webkit [203540] by mmaxfield@apple.com
  • 3 edits in trunk/Tools

Follow-up patch to r203520
https://bugs.webkit.org/show_bug.cgi?id=159967
<rdar://problem/26964090>

Unreviewed.

  • DumpRenderTree/mac/DumpRenderTree.mm:

(setDefaultsToConsistentValuesForTesting):

  • WebKitTestRunner/TestController.cpp:

(WTR::TestController::resetPreferencesToConsistentValues):

4:52 PM Changeset in webkit [203539] by Chris Dumez
  • 8 edits in trunk

Make parameters to Document.getElementsBy*() operations mandatory
https://bugs.webkit.org/show_bug.cgi?id=160050

Reviewed by Daniel Bates.

LayoutTests/imported/w3c:

Rebaseline several W3C tests now that more checks are passing.

  • web-platform-tests/dom/interfaces-expected.txt:
  • web-platform-tests/html/dom/interfaces-expected.txt:

Source/WebCore:

Make parameters to Document.getElementsBy*() operations mandatory to
match the specification:

Firefox and Chrome agree with the specification so the compatibility
risk should be low.

It makes very little sense to call these operations without parameter,
especially considering WebKit uses the string "undefined" if the
parameter is omitted.

No new tests, rebaselined existing tests.

  • dom/Document.idl:

LayoutTests:

Drop cases that were calling the operation without parameter.

  • fast/dom/getElementsByClassName/dumpHTMLCollection-expected.txt:
  • fast/dom/getElementsByClassName/dumpHTMLCollection.html:
4:47 PM Changeset in webkit [203538] by n_wang@apple.com
  • 3 edits
    2 adds in trunk

AX: aria-label not being used correctly in accessible name calculation of heading
https://bugs.webkit.org/show_bug.cgi?id=160009

Reviewed by Chris Fleizach.

Source/WebCore:

Actually we are exposing the correct information for heading objects. On macOS,
VoiceOver should handle the logic that picks the right information to speak.
On iOS, VoiceOver is speaking the static text child instead of the heading object.
So we should set the accessibilityLabel of the static text based on the parent's
alternate label.

Test: accessibility/ios-simulator/heading-with-aria-label.html

  • accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:

(-[WebAccessibilityObjectWrapper _accessibilityTraitsFromAncestors]):

LayoutTests:

  • accessibility/ios-simulator/heading-with-aria-label-expected.txt: Added.
  • accessibility/ios-simulator/heading-with-aria-label.html: Added.
4:41 PM Changeset in webkit [203537] by sbarati@apple.com
  • 40 edits
    7 adds in trunk/Source

op_add/ValueAdd should be an IC in all JIT tiers
https://bugs.webkit.org/show_bug.cgi?id=159649

Reviewed by Benjamin Poulain.

Source/JavaScriptCore:

This patch makes Add an IC inside all JIT tiers. It does so in a
simple, but effective, way. We will try to generate an int+int add
that will repatch itself if its type checks fail. Sometimes though,
we have runtime type data saying that the add won't be int+int.
In those cases, we will just generate a full snippet that doesn't patch itself.
Other times, we may generate no inline code and defer to making a C call. A lot
of this patch is just refactoring ResultProfile into what we're now calling ArithProfile.
ArithProfile does everything ResultProfile used to do, and more. It records simple type
data about the LHS/RHS operands it sees. This allows us to determine if an op_add
has only seen int+int operands, etc. ArithProfile will also contain the ResultType
for the LHS/RHS that the parser feeds into op_add. ArithProfile now fits into 32-bits.
This means instead of having a side table like we did for ResultProfile, we just
inject the ArithProfile into the bytecode instruction stream. This makes asking
for ArithProfile faster; we no longer need to lock around this operation.

The size of an Add has gone down on average, but we can still do better.
We still generate a lot of code because we generate calls to the slow path.
I think we can make this better by moving the slow path to a shared thunk
system. This patch mostly lays the foundation for future improvements to Add,
and a framework to move all other arithmetic operations to be typed-based ICs.

Here is some data I took on the average op_add/ValueAdd size on various benchmarks:

| JetStream | Speedometer | Unity 3D |

------| -------------

Old | 189 bytes | 169 bytes | 192 bytes |

------| -------------

New | 148 bytes | 124 bytes | 143 bytes |

---------------------------------------------------

Making an arithmetic IC is now easy. The JITMathIC class will hold a snippet
generator as a member variable. To make a snippet an IC, you need to implement
a generateInline(.) method, which generates the inline IC. Then, you need to
generate the IC where you used to generate the snippet. When generating the
IC, we need to inform JITMathIC of various data like we do with StructureStubInfo.
We need to tell it about where the slow path starts, where the slow path call is, etc.
When generating a JITMathIC, it may tell you that it didn't generate any code inline.
This is a request to the user of JITMathIC to just generate a C call along the
fast path. JITMathIC may also have the snippet tell it to just generate the full
snippet instead of the int+int path along the fast path.

In subsequent patches, we can improve upon how we decide to generate int+int or
the full snippet. I tried to get clever by having double+double, double+int, int+double,
fast paths, but they didn't work out nearly as well as the int+int fast path. I ended up
generating a lot of code when I did this and ended up using more memory than just generating
the full snippet. There is probably some way we can be clever and generate specialized fast
paths that are more successful than what I tried implementing, but I think that's worth deferring
this to follow up patches once the JITMathIC foundation has landed.

This patch also fixes a bug inside the slow path lambdas in the DFG.
Before, it was not legal to emit an exception check inside them. Now,
it is. So it's now easy to define arbitrary late paths using the DFG
slow path lambda API.

  • CMakeLists.txt:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • bytecode/ArithProfile.cpp: Added.

(JSC::ArithProfile::emitObserveResult):
(JSC::ArithProfile::shouldEmitSetDouble):
(JSC::ArithProfile::emitSetDouble):
(JSC::ArithProfile::shouldEmitSetNonNumber):
(JSC::ArithProfile::emitSetNonNumber):
(WTF::printInternal):

  • bytecode/ArithProfile.h: Added.

(JSC::ObservedType::ObservedType):
(JSC::ObservedType::sawInt32):
(JSC::ObservedType::isOnlyInt32):
(JSC::ObservedType::sawNumber):
(JSC::ObservedType::isOnlyNumber):
(JSC::ObservedType::sawNonNumber):
(JSC::ObservedType::isOnlyNonNumber):
(JSC::ObservedType::isEmpty):
(JSC::ObservedType::bits):
(JSC::ObservedType::withInt32):
(JSC::ObservedType::withNumber):
(JSC::ObservedType::withNonNumber):
(JSC::ObservedType::withoutNonNumber):
(JSC::ObservedType::operator==):
(JSC::ArithProfile::ArithProfile):
(JSC::ArithProfile::fromInt):
(JSC::ArithProfile::lhsResultType):
(JSC::ArithProfile::rhsResultType):
(JSC::ArithProfile::lhsObservedType):
(JSC::ArithProfile::rhsObservedType):
(JSC::ArithProfile::setLhsObservedType):
(JSC::ArithProfile::setRhsObservedType):
(JSC::ArithProfile::tookSpecialFastPath):
(JSC::ArithProfile::didObserveNonInt32):
(JSC::ArithProfile::didObserveDouble):
(JSC::ArithProfile::didObserveNonNegZeroDouble):
(JSC::ArithProfile::didObserveNegZeroDouble):
(JSC::ArithProfile::didObserveNonNumber):
(JSC::ArithProfile::didObserveInt32Overflow):
(JSC::ArithProfile::didObserveInt52Overflow):
(JSC::ArithProfile::setObservedNonNegZeroDouble):
(JSC::ArithProfile::setObservedNegZeroDouble):
(JSC::ArithProfile::setObservedNonNumber):
(JSC::ArithProfile::setObservedInt32Overflow):
(JSC::ArithProfile::setObservedInt52Overflow):
(JSC::ArithProfile::addressOfBits):
(JSC::ArithProfile::observeResult):
(JSC::ArithProfile::lhsSawInt32):
(JSC::ArithProfile::lhsSawNumber):
(JSC::ArithProfile::lhsSawNonNumber):
(JSC::ArithProfile::rhsSawInt32):
(JSC::ArithProfile::rhsSawNumber):
(JSC::ArithProfile::rhsSawNonNumber):
(JSC::ArithProfile::observeLHSAndRHS):
(JSC::ArithProfile::bits):
(JSC::ArithProfile::hasBits):
(JSC::ArithProfile::setBit):

  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::dumpRareCaseProfile):
(JSC::CodeBlock::dumpArithProfile):
(JSC::CodeBlock::dumpBytecode):
(JSC::CodeBlock::addStubInfo):
(JSC::CodeBlock::addJITAddIC):
(JSC::CodeBlock::findStubInfo):
(JSC::CodeBlock::resetJITData):
(JSC::CodeBlock::shrinkToFit):
(JSC::CodeBlock::dumpValueProfiles):
(JSC::CodeBlock::rareCaseProfileCountForBytecodeOffset):
(JSC::CodeBlock::arithProfileForBytecodeOffset):
(JSC::CodeBlock::arithProfileForPC):
(JSC::CodeBlock::couldTakeSpecialFastCase):
(JSC::CodeBlock::dumpResultProfile): Deleted.
(JSC::CodeBlock::resultProfileForBytecodeOffset): Deleted.
(JSC::CodeBlock::specialFastCaseProfileCountForBytecodeOffset): Deleted.
(JSC::CodeBlock::ensureResultProfile): Deleted.

  • bytecode/CodeBlock.h:

(JSC::CodeBlock::stubInfoBegin):
(JSC::CodeBlock::stubInfoEnd):
(JSC::CodeBlock::couldTakeSlowCase):
(JSC::CodeBlock::numberOfResultProfiles): Deleted.

  • bytecode/MethodOfGettingAValueProfile.cpp:

(JSC::MethodOfGettingAValueProfile::emitReportValue):

  • bytecode/MethodOfGettingAValueProfile.h:

(JSC::MethodOfGettingAValueProfile::MethodOfGettingAValueProfile):

  • bytecode/ValueProfile.cpp:

(JSC::ResultProfile::emitDetectNumericness): Deleted.
(JSC::ResultProfile::emitSetDouble): Deleted.
(JSC::ResultProfile::emitSetNonNumber): Deleted.
(WTF::printInternal): Deleted.

  • bytecode/ValueProfile.h:

(JSC::getRareCaseProfileBytecodeOffset):
(JSC::ResultProfile::ResultProfile): Deleted.
(JSC::ResultProfile::bytecodeOffset): Deleted.
(JSC::ResultProfile::specialFastPathCount): Deleted.
(JSC::ResultProfile::didObserveNonInt32): Deleted.
(JSC::ResultProfile::didObserveDouble): Deleted.
(JSC::ResultProfile::didObserveNonNegZeroDouble): Deleted.
(JSC::ResultProfile::didObserveNegZeroDouble): Deleted.
(JSC::ResultProfile::didObserveNonNumber): Deleted.
(JSC::ResultProfile::didObserveInt32Overflow): Deleted.
(JSC::ResultProfile::didObserveInt52Overflow): Deleted.
(JSC::ResultProfile::setObservedNonNegZeroDouble): Deleted.
(JSC::ResultProfile::setObservedNegZeroDouble): Deleted.
(JSC::ResultProfile::setObservedNonNumber): Deleted.
(JSC::ResultProfile::setObservedInt32Overflow): Deleted.
(JSC::ResultProfile::setObservedInt52Overflow): Deleted.
(JSC::ResultProfile::addressOfFlags): Deleted.
(JSC::ResultProfile::addressOfSpecialFastPathCount): Deleted.
(JSC::ResultProfile::detectNumericness): Deleted.
(JSC::ResultProfile::hasBits): Deleted.
(JSC::ResultProfile::setBit): Deleted.
(JSC::getResultProfileBytecodeOffset): Deleted.

  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::emitBinaryOp):

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::makeSafe):

  • dfg/DFGGraph.cpp:

(JSC::DFG::Graph::methodOfGettingAValueProfileFor):

  • dfg/DFGJITCompiler.cpp:

(JSC::DFG::JITCompiler::exceptionCheck):

  • dfg/DFGSlowPathGenerator.h:

(JSC::DFG::SlowPathGenerator::generate):

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::addSlowPathGenerator):
(JSC::DFG::SpeculativeJIT::runSlowPathGenerators):
(JSC::DFG::SpeculativeJIT::compileValueAdd):

  • dfg/DFGSpeculativeJIT.h:

(JSC::DFG::SpeculativeJIT::silentSpillAllRegistersImpl):
(JSC::DFG::SpeculativeJIT::silentSpillAllRegisters):
(JSC::DFG::SpeculativeJIT::callOperation):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileValueAdd):
(JSC::FTL::DFG::LowerDFGToB3::compileStrCat):

  • jit/CCallHelpers.h:

(JSC::CCallHelpers::setupArgumentsWithExecState):
(JSC::CCallHelpers::setupArguments):

  • jit/JIT.h:
  • jit/JITAddGenerator.cpp:

(JSC::JITAddGenerator::generateInline):
(JSC::JITAddGenerator::generateFastPath):

  • jit/JITAddGenerator.h:

(JSC::JITAddGenerator::JITAddGenerator):
(JSC::JITAddGenerator::didEmitFastPath): Deleted.
(JSC::JITAddGenerator::endJumpList): Deleted.
(JSC::JITAddGenerator::slowPathJumpList): Deleted.

  • jit/JITArithmetic.cpp:

(JSC::JIT::emit_op_jless):
(JSC::JIT::emitSlow_op_urshift):
(JSC::getOperandTypes):
(JSC::JIT::emit_op_add):
(JSC::JIT::emitSlow_op_add):
(JSC::JIT::emit_op_div):
(JSC::JIT::emit_op_mul):
(JSC::JIT::emitSlow_op_mul):
(JSC::JIT::emit_op_sub):
(JSC::JIT::emitSlow_op_sub):

  • jit/JITDivGenerator.cpp:

(JSC::JITDivGenerator::generateFastPath):

  • jit/JITDivGenerator.h:

(JSC::JITDivGenerator::JITDivGenerator):

  • jit/JITInlines.h:

(JSC::JIT::callOperation):

  • jit/JITMathIC.h: Added.

(JSC::JITMathIC::doneLocation):
(JSC::JITMathIC::slowPathStartLocation):
(JSC::JITMathIC::slowPathCallLocation):
(JSC::JITMathIC::generateInline):
(JSC::JITMathIC::generateOutOfLine):
(JSC::JITMathIC::finalizeInlineCode):

  • jit/JITMathICForwards.h: Added.
  • jit/JITMathICInlineResult.h: Added.
  • jit/JITMulGenerator.cpp:

(JSC::JITMulGenerator::generateFastPath):

  • jit/JITMulGenerator.h:

(JSC::JITMulGenerator::JITMulGenerator):

  • jit/JITOperations.cpp:
  • jit/JITOperations.h:
  • jit/JITSubGenerator.cpp:

(JSC::JITSubGenerator::generateFastPath):

  • jit/JITSubGenerator.h:

(JSC::JITSubGenerator::JITSubGenerator):

  • jit/Repatch.cpp:

(JSC::readCallTarget):
(JSC::ftlThunkAwareRepatchCall):
(JSC::tryCacheGetByID):
(JSC::repatchGetByID):
(JSC::appropriateGenericPutByIdFunction):
(JSC::tryCachePutByID):
(JSC::repatchPutByID):
(JSC::tryRepatchIn):
(JSC::repatchIn):
(JSC::linkSlowFor):
(JSC::resetGetByID):
(JSC::resetPutByID):
(JSC::repatchCall): Deleted.

  • jit/Repatch.h:
  • llint/LLIntData.cpp:

(JSC::LLInt::Data::performAssertions):

  • llint/LowLevelInterpreter.asm:
  • llint/LowLevelInterpreter32_64.asm:
  • llint/LowLevelInterpreter64.asm:
  • parser/ResultType.h:

(JSC::ResultType::ResultType):
(JSC::ResultType::isInt32):
(JSC::ResultType::definitelyIsNumber):
(JSC::ResultType::definitelyIsString):
(JSC::ResultType::definitelyIsBoolean):
(JSC::ResultType::mightBeNumber):
(JSC::ResultType::isNotNumber):
(JSC::ResultType::forBitOp):
(JSC::ResultType::bits):
(JSC::OperandTypes::OperandTypes):

  • runtime/CommonSlowPaths.cpp:

(JSC::SLOW_PATH_DECL):
(JSC::updateArithProfileForBinaryArithOp):
(JSC::updateResultProfileForBinaryArithOp): Deleted.

  • tests/stress/op-add-exceptions.js: Added.

(assert):
(f1):
(f2):
(f3):
(let.oException.valueOf):
(foo):
(ident):
(bar):

Source/WebCore:

  • ForwardingHeaders/jit/JITMathICForwards.h: Added.
4:32 PM Changeset in webkit [203536] by Ryan Haddad
  • 1 edit
    1 copy
    1 add
    1 delete in trunk/LayoutTests

Move expected.txt file for editing/deleting/delete-emoji.html from mac-elcapitan to mac-yosemite

Unreviewed test gardening.

  • platform/mac-yosemite/editing/deleting/delete-emoji-expected.txt: Renamed from LayoutTests/platform/mac-elcapitan/editing/deleting/delete-emoji-expected.txt.
3:56 PM Changeset in webkit [203535] by Chris Dumez
  • 18 edits in trunk

Make parameters mandatory for Document.create*() operations
https://bugs.webkit.org/show_bug.cgi?id=160047

Reviewed by Ryosuke Niwa.

LayoutTests/imported/w3c:

Rebaseline several W3C tests now that more checks are passing.

  • web-platform-tests/dom/interfaces-expected.txt:
  • web-platform-tests/html/dom/interfaces-expected.txt:

Source/WebCore:

Make parameters mandatory for Document.create*() operations:
createTextNode(), createComment(), createCDataSection(),
createAttribute() and createProcessingInstruction().

This matches the specification:

Firefox and Chrome both agree with the specification so the
compatibility risk should be low. Also WebKit uses the string
"undefined" when the parameter is omitted, which is not very
helpful.

No new tests, rebaselined existing tests.

  • dom/Document.idl:

LayoutTests:

Update existing tests to reflect the behavior change.

  • compositing/geometry/assert-marquee-timer.html:
  • editing/style/bold-with-dom-changes.html:
  • fast/dom/MutationObserver/observe-characterdata.html:
  • fast/dom/normalize-attributes-mutation-event-crash.html:
  • fast/dom/null-chardata-crash.html:
  • fast/dom/wrapper-classes-expected.txt:
  • fast/dom/wrapper-classes.html:
  • fast/forms/basic-textareas.html:
  • fast/inspector-support/uncaught-dom1-exception-expected.txt:
  • fast/inspector-support/uncaught-dom1-exception.html:
3:49 PM Changeset in webkit [203534] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Marking imported/w3c/web-platform-tests/fetch/api/cors/cors-preflight.html as flaky on mac
https://bugs.webkit.org/show_bug.cgi?id=160056

Unreviewed test gardening.

  • platform/mac/TestExpectations:
3:34 PM Changeset in webkit [203533] by mmaxfield@apple.com
  • 3 edits
    2 copies
    1 move
    1 add in trunk

[macOS] Caret placement occurs in the middle of new emoji group candidates
https://bugs.webkit.org/show_bug.cgi?id=160008
<rdar://problem/27430111>

Reviewed by Simon Fraser.

Source/WTF:

r203330 added support for new emoji group candidates. This patch updates the rules
governing caret placement around these new emoji groups.

  • wtf/text/TextBreakIterator.cpp:

(WTF::cursorMovementIterator):

LayoutTests:

Update expected results.

The new emoji support is behind the ADDITIONAL_EMOJI_SUPPORT guard, which
means it only occurs on El Capitan and higher. Similarly, these new rules
are not used for iOS.

  • editing/deleting/delete-emoji-expected.txt: Deleted.
  • platform/mac/editing/deleting/delete-emoji-expected.txt: Added.
  • platform/mac-elcapitan/editing/deleting/delete-emoji-expected.txt: Added.
  • platform/ios-simulator/editing/deleting/delete-emoji-expected.txt: Added.
3:16 PM Changeset in webkit [203532] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Land test expectations for rdar://problem/27475162.

  • platform/mac/TestExpectations:
2:31 PM Changeset in webkit [203531] by Chris Dumez
  • 6 edits
    2 adds in trunk

Fix null handling of SVGAngle/SVGLength.valueAsString attribute
https://bugs.webkit.org/show_bug.cgi?id=160025

Reviewed by Ryosuke Niwa.

Source/WebCore:

Fix null handling of SVGAngle/SVGLength.valueAsString attribute
to match the specification:

In particular, this patch drops [TreatNullAs=EmptyString] IDL
extended attribute from this attribute. This is not supposed
to change behavior given that both "" and "null" are invalid
numbers and the specification says to throw a SYNTAX_ERR in
this case.

However, WebKit currently ignores assignments to "" instead
of throwing. As a result, assigning to null will now throw
instead of being ignored. The compatibility risk should be
low because both Firefox and Chrome throw when assigning
null.

I did not change the behavior when assigning to "" because
it is a bit out of scope for this patch and browsers to not
seem to agree:

  • Firefox throws
  • Chrome set value to "0"
  • WebKit ignores the assignment

The specification seems to agree with Firefox as far as I
can tell given that "" is not a valid number as per:

Test: svg/dom/valueAsString-null.html

  • svg/SVGAngle.idl:
  • svg/SVGLength.idl:

LayoutTests:

Add test coverage.

  • svg/dom/svg-element-attribute-js-null-expected.txt:
  • svg/dom/svg-element-attribute-js-null.xhtml:
  • svg/dom/valueAsString-null-expected.txt: Added.
  • svg/dom/valueAsString-null.html: Added.

There are a couple of failures in this test because WebKit ignores
assignments to "" instead of throwing. Firefox passes all the checks.

2:25 PM Changeset in webkit [203530] by Chris Dumez
  • 7 edits in trunk

Fix null handling of HTMLFontElement.color
https://bugs.webkit.org/show_bug.cgi?id=160036

Reviewed by Ryosuke Niwa.

LayoutTests/imported/w3c:

Rebaseline W3C test now that more checks are passing.

  • web-platform-tests/html/dom/reflection-obsolete-expected.txt:

Source/WebCore:

Fix null handling of HTMLFontElement.color to match the specification:

We are supposed to treat null as the empty string. Both Firefox and
Chrome agree with the specification.

No new tests, rebaselined existing tests.

  • html/HTMLFontElement.idl:

LayoutTests:

Update existing test to reflect behavior change.

  • fast/dom/element-attribute-js-null-expected.txt:
  • fast/dom/element-attribute-js-null.html:
2:25 PM Changeset in webkit [203529] by Chris Dumez
  • 7 edits in trunk

Fix null handling for several HTMLTableElement attributes
https://bugs.webkit.org/show_bug.cgi?id=160041

Reviewed by Ryosuke Niwa.

LayoutTests/imported/w3c:

Rebaseline W3C test now that more checks are passing.

  • web-platform-tests/html/dom/reflection-tabular-expected.txt:

Source/WebCore:

Fix null handling for several HTMLTableElement attributes to match the
specification:

The attributes in question are 'bicolor', 'cellSpacing' and
'cellPadding'. We are supposed to treat null as the empty string for
these attributes.

Firefox and Chrome both agree with the specification.

No new tests, rebaselined existing tests.

  • html/HTMLTableElement.idl:

LayoutTests:

Update existing test to reflect the behavior change.

  • fast/dom/element-attribute-js-null-expected.txt:
  • fast/dom/element-attribute-js-null.html:
2:23 PM Changeset in webkit [203528] by Chris Dumez
  • 8 edits in trunk

Fix null handling for HTMLObjectElement.border
https://bugs.webkit.org/show_bug.cgi?id=160040

Reviewed by Ryosuke Niwa.

LayoutTests/imported/w3c:

Rebaseline W3C test now that more checks are passing.

  • web-platform-tests/html/dom/reflection-embedded-expected.txt:

Source/WebCore:

Fix null handling for HTMLObjectElement.border to match the specification:

We are supposed to treat null as the empty string.

Both Firefox and Chrome agree with the specification.

No new tests, rebaselined existing tests.

  • html/HTMLObjectElement.idl:

LayoutTests:

Update existing test to reflect the behavior change.

  • fast/dom/element-attribute-js-null-expected.txt:
  • fast/dom/element-attribute-js-null.html:
2:22 PM Changeset in webkit [203527] by Chris Dumez
  • 8 edits in trunk

Fix null handling for td.bgColor / tr.bgColor
https://bugs.webkit.org/show_bug.cgi?id=160043

Reviewed by Ryosuke Niwa.

LayoutTests/imported/w3c:

Rebaseline W3C test now that more checks are passing.

  • web-platform-tests/html/dom/reflection-tabular-expected.txt:

Source/WebCore:

Fix null handling for td.bgColor / tr.bgColor to match the
specification:

We are supposed to treat null as the empty string.

Firefox and Chrome both agree with the specification.

No new tests, rebaselined existing tests.

  • html/HTMLTableCellElement.idl:
  • html/HTMLTableRowElement.idl:

LayoutTests:

Update existing test to reflect the behavior change.

  • fast/dom/element-attribute-js-null-expected.txt:
  • fast/dom/element-attribute-js-null.html:
2:19 PM Changeset in webkit [203526] by dbates@webkit.org
  • 3 edits in trunk/LayoutTests

Test platform/ios-simulator/ios/plugin/youtube-flash-plugin-iframe.html is flaky
https://bugs.webkit.org/show_bug.cgi?id=160002

Reviewed by Alexey Proskuryakov.

The file platform/ios-simulator/ios/plugin/youtube-flash-plugin-iframe.html tests loading
plugin content from the main frame and from a subframe. Depending on timing the plugin
content loaded in the subframe may complete before plugin content loaded in the main frame.
We should test loading plugin content in a subframe after perform all main frame sub-tests
so as to ensure a well-defined sub-test order.

Add logic to ensure that an embedded YouTube flash video loaded in a subframe actually creates
a shadow DOM. Additionally, simplify the test logic by making use window.jsTestIsAsync/finishJSTest()
to mark the test as asynchronous and notify test completion instead of calling
window.testRunner.{waitUntilDone, notifyDone}(), remove the call to
testRunner.dumpAsText() (js-test-pre.js calls this for us), remove all of the DOM elements
used in the test to avoid noise in the expected results, and fix some style nits.

  • platform/ios-simulator/ios/plugin/youtube-flash-plugin-iframe-expected.txt:
  • platform/ios-simulator/ios/plugin/youtube-flash-plugin-iframe.html:
2:11 PM Changeset in webkit [203525] by Chris Dumez
  • 7 edits in trunk

Fix null handling for several HTMLBodyElement attributes
https://bugs.webkit.org/show_bug.cgi?id=160044

Reviewed by Ryosuke Niwa.

LayoutTests/imported/w3c:

Rebaseline W3C test now that more checks are passing.

  • web-platform-tests/html/dom/reflection-sections-expected.txt:

Source/WebCore:

Fix null handling for several HTMLBodyElement attributes to match the
specification:

The attributes in question are: 'text', 'link', 'vlink', 'alink' and
'bgcolor'.

We are supposed to treat null as the empty string for these attributes.

Firefox and Chrome both agree with the specification.

No new tests, rebaselined existing tests.

  • html/HTMLBodyElement.idl:

LayoutTests:

Update existing test to reflect the behavior change.

  • fast/dom/element-attribute-js-null-expected.txt:
  • fast/dom/element-attribute-js-null.html:
2:10 PM Changeset in webkit [203524] by Chris Dumez
  • 8 edits in trunk

Fix null handling for HTMLIFrameElement.marginWidth / marginHeight
https://bugs.webkit.org/show_bug.cgi?id=160037

Reviewed by Ryosuke Niwa.

LayoutTests/imported/w3c:

Rebaseline W3C test now that more checks are passing.

  • web-platform-tests/html/dom/reflection-embedded-expected.txt:

Source/WebCore:

Fix null handling for HTMLIFrameElement.marginWidth / marginHeight to
match the specification:

We are supposed to treat null as the empty string. Both Firefox and
Chrome agree with the specification.

No new tests, rebaselined existing tests.

  • html/HTMLIFrameElement.idl:

LayoutTests:

Update existing test to reflect the behavior change.

  • fast/dom/element-attribute-js-null-expected.txt:
  • fast/dom/element-attribute-js-null.html:
2:09 PM Changeset in webkit [203523] by Chris Dumez
  • 8 edits in trunk

Fix null handling for HTMLImageElement.border
https://bugs.webkit.org/show_bug.cgi?id=160039

Reviewed by Ryosuke Niwa.

LayoutTests/imported/w3c:

Rebaseline W3C test now that more checks are passing.

  • web-platform-tests/html/dom/reflection-embedded-expected.txt:

Source/WebCore:

Fix null handling for HTMLImageElement.border to match the specification:

We are supposed to treat null as the empty string.

Both Firefox and Chrome agree with the specification.

No new tests, rebaselined existing tests.

  • html/HTMLImageElement.idl:

LayoutTests:

Update existing test to reflect the behavior change.

  • fast/dom/element-attribute-js-null-expected.txt:
  • fast/dom/element-attribute-js-null.html:
2:06 PM Changeset in webkit [203522] by dbates@webkit.org
  • 9 edits in trunk

REGRESSION: Plugin replaced YouTube Flash videos always have the same width
https://bugs.webkit.org/show_bug.cgi?id=159998
<rdar://problem/27462285>

Reviewed by Simon Fraser.

Source/WebCore:

Fixes an issue where the width of a plugin replaced YouTube video loaded via an HTML embed
element would always have the same width regardless of value of the width attribute.

For YouTube Flash videos the YouTube plugin replacement substitutes a shadow DOM subtree
for the default renderer of an HTML embed element. The root of this shadow DOM subtree
is an HTML div element. Currently we set inline styles on this <div> when it is instantiated.
In particular, we set inline display and position to "inline-block" and "relative", respectively,
and set an invalid height and width (we specify a font weight value instead of a CSS length value

  • this causes an ASSERT_NOT_REACHED() assertion failure in StyleBuilderConverter::convertLengthSizing()

in a debug build). These styles never worked as intended and we ultimately created an inline
renderer (ignoring display "inline-block") that had auto width and height. Instead it is sufficient
to remove all these inline styles and create a RenderBlockFlow renderer for this <div> so that it
renders as a block, non-replaced element to achieve the intended illusion that the <embed> is a
single element.

  • html/shadow/YouTubeEmbedShadowElement.cpp: Remove unused header HTMLEmbedElement.h and include

header RenderBlockFlow.h. Also update copyright in license block.
(WebCore::YouTubeEmbedShadowElement::YouTubeEmbedShadowElement): Remove inline styles as these
never worked as intended.
(WebCore::YouTubeEmbedShadowElement::createElementRenderer): Override; create a block-flow
renderer for us so that we layout as a block, non-replaced element.

  • html/shadow/YouTubeEmbedShadowElement.h:

LayoutTests:

Unskip existing iOS layout tests, update tests and expected results.

  • platform/ios-simulator/TestExpectations:
  • platform/ios-simulator/ios/plugin/youtube-flash-plugin-iframe-expected.txt: Updated expected result based on the

changes to test youtube-flash-plugin-iframe.html.

  • platform/ios-simulator/ios/plugin/youtube-flash-plugin-iframe-no-height-or-width-expected.txt: Updated expected result

based on the changes to test youtube-flash-plugin-iframe-no-height-or-width.html.

  • platform/ios-simulator/ios/plugin/youtube-flash-plugin-iframe-no-height-or-width.html: Modified to check the

width of each embedded YouTube video to ensure that we respect it (if specified).

  • platform/ios-simulator/ios/plugin/youtube-flash-plugin-iframe.html: Substitute pseudo id -webkit-plugin-replacement

for -apple-youtube-shadow-iframe as the later was renamed to the former in <https://trac.webkit.org/changeset/168442>.
Fix misspelling of the word "embed" in a comment.

2:05 PM Changeset in webkit [203521] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Marking inspector/codemirror/prettyprinting-javascript.html as a flaky timeout on mac debug.
https://bugs.webkit.org/show_bug.cgi?id=160048

Unreviewed test gardening.

Added TestExpectation and reordered alphabetically.

  • platform/mac/TestExpectations:
1:19 PM Changeset in webkit [203520] by mmaxfield@apple.com
  • 26 edits
    2 deletes in trunk

[iPhone] Playing a video on tudou.com plays only sound, no video
https://bugs.webkit.org/show_bug.cgi?id=159967
<rdar://problem/26964090>

Reviewed by Jon Lee, Jeremy Jones, and Anders Carlsson.

Source/WebCore:

WebKit recently starting honoring the playsinline and webkit-playsinline
attribute on iPhones. However, because these attributes previously did
nothing, some sites (such as Todou) were setting them on their content
and expecting that they are not honored. In this specific case, the
video is absolutely positioned to be 1 pixel x 1 pixel.

Previously, with iOS 9, apps could set the allowsInlineMediaPlayback
property on their WKWebView, which would honor the webkit-playsinline
attribute. Safari on iPhones didn't do this.

In order to not break these existing apps, it's important that the
allowsInlineMediaPlayback preference still allows webkit-playsinline
videos to play inline in apps using WKWebView. However, in Safari, these
videos should play fullscreen. (Todou videos have webkit-playsinline
but not playsinline.)

Therefore, in Safari, videos with playsinline should be inline, but
videos with webkit-playsinline should be fullscreen. In apps using
WKWebViews, if the app sets allowsInlineMediaPlayback, then videos with
playsinline should be inline, and videos with webkit-playsinline should
also be inline. Videos on iPad and Mac should all be inline by default.

We can create some truth tables for the cases which need to be covered:

All apps on Mac / iPad:
Presence of playsinline | Presence of webkit-playsinline | Result
========================|================================|===========
Not present | Not present | Inline
Present | Not present | Inline
Not Present | Present | Inline
Present | Present | Inline

Safari on iPhone:
Presence of playsinline | Presence of webkit-playsinline | Result
========================|================================|===========
Not present | Not present | Fullscreen
Present | Not present | Inline
Not Present | Present | Fullscreen
Present | Present | Inline

App on iPhone which sets allowsInlineMediaPlayback:
Presence of playsinline | Presence of webkit-playsinline | Result
========================|================================|===========
Not present | Not present | Fullscreen
Present | Not present | Inline
Not Present | Present | Inline
Present | Present | Inline

The way to distinguish Safari from another app is to create an SPI
boolean preference which Safari can set. This is already how the
iPhone and iPad are differentiated using the requiresPlayInlineAttribute
which Safari sets but other apps don't. However, this preference is
no longer sufficient because Safari should now be discriminating
between the playsinline and webkit-playsinline attributes. Therefore,
this preference should be extended to two boolean preferences, which
this patch adds:

allowsInlineMediaPlaybackWithPlaysInlineAttribute
allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute

Safari on iPhone will set
allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to true,
and allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to
false. Other apps on iPhone will get their defaults values (because they
are SPI) which means they will both be true. On iPad and Mac, apps will
use the defaults values where both are false.

This patch adds support for these two preferences, but does not remove
the existing inlineMediaPlaybackRequiresPlaysInlineAttribute preference.
I will remove the exising preference as soon as I update Safari to migrate
off of it.

Test: media/video-playsinline.html

  • html/MediaElementSession.cpp:

(WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):

  • page/Settings.cpp:
  • page/Settings.in:
  • testing/InternalSettings.cpp:

(WebCore::InternalSettings::Backup::Backup):
(WebCore::InternalSettings::Backup::restoreTo):
(WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithPlaysInlineAttribute):
(WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute):

  • testing/InternalSettings.h:
  • testing/InternalSettings.idl:

Source/WebKit/mac:

Add the two preferences to WebPreferences.

  • WebView/WebPreferenceKeysPrivate.h:
  • WebView/WebPreferences.mm:

(+[WebPreferences initialize]):
(-[WebPreferences allowsInlineMediaPlaybackWithPlaysInlineAttribute]):
(-[WebPreferences setAllowsInlineMediaPlaybackWithPlaysInlineAttribute:]):
(-[WebPreferences allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute]):
(-[WebPreferences setAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute:]):

  • WebView/WebPreferencesPrivate.h:
  • WebView/WebView.mm:

(-[WebView _preferencesChanged:]):

Source/WebKit2:

Add the two preferences to WKWebViewConfiguration and WKPreferences to cover both
the Obj-C API and the C SPI.

  • Shared/WebPreferencesDefinitions.h:
  • UIProcess/API/C/WKPreferences.cpp:

(WKPreferencesSetAllowsInlineMediaPlaybackWithPlaysInlineAttribute):
(WKPreferencesGetAllowsInlineMediaPlaybackWithPlaysInlineAttribute):
(WKPreferencesSetAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute):
(WKPreferencesGetAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute):

  • UIProcess/API/C/WKPreferencesRefPrivate.h:
  • UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _initializeWithConfiguration:]):

  • UIProcess/API/Cocoa/WKWebViewConfiguration.mm:

(-[WKWebViewConfiguration init]):
(-[WKWebViewConfiguration copyWithZone:]):
(-[WKWebViewConfiguration _allowsInlineMediaPlaybackWithPlaysInlineAttribute]):
(-[WKWebViewConfiguration _setAllowsInlineMediaPlaybackWithPlaysInlineAttribute:]):
(-[WKWebViewConfiguration _allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute]):
(-[WKWebViewConfiguration _setAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute:]):

  • UIProcess/API/Cocoa/WKWebViewConfigurationPrivate.h:
  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::updatePreferences):

Tools:

Migrate tests to use new SPI.

  • TestWebKitAPI/Tests/WebKit2Cocoa/RequiresUserActionForPlayback.mm:

(RequiresUserActionForPlaybackTest::SetUp):

  • WebKitTestRunner/cocoa/TestControllerCocoa.mm:

(WTR::initializeWebViewConfiguration):

LayoutTests:

  • media/video-playsinline.html: Updated.
  • media/video-webkit-playsinline-expected.txt: Removed.
  • media/video-webkit-playsinline.html: Removed.
1:04 PM Changeset in webkit [203519] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Marking accessibility/mac/value-change/value-change-user-info-contenteditable.html as flaky on El Capitan WK2
https://bugs.webkit.org/show_bug.cgi?id=160042

Unreviewed test gardening.

  • platform/mac-wk2/TestExpectations:
12:41 PM Changeset in webkit [203518] by rniwa@webkit.org
  • 2 edits in trunk/Source/WebCore

Crash accessing null renderer inside WebCore::DeleteSelectionCommand::doApply
https://bugs.webkit.org/show_bug.cgi?id=160011

Reviewed by Chris Dumez.

Add a null pointer check for renderer() call.

Unfortunately no new tests since we don't have a reproduction.

  • editing/DeleteSelectionCommand.cpp:

(WebCore::DeleteSelectionCommand::doApply):

12:04 PM Changeset in webkit [203517] by Chris Dumez
  • 13 edits in trunk

The 2 first parameters to DOMImplementation.createDocument() should be mandatory
https://bugs.webkit.org/show_bug.cgi?id=160030

Reviewed by Sam Weinig.

LayoutTests/imported/w3c:

Rebaseline several W3C tests now that more checks are passing.

  • web-platform-tests/dom/interfaces-expected.txt:
  • web-platform-tests/dom/nodes/DOMImplementation-createDocument-expected.txt:

Source/WebCore:

The 2 first parameters to DOMImplementation.createDocument() should be mandatory
as per the specification:

Firefox and Chrome both agree with the specification. However, those
parameters were marked as optional in WebKit. Calling this function
without parameters would create a document element whose tag is the
string "undefined", which does not seem helpful. This patch thus
aligns our behavior with the specification and other browsers.

No new tests, rebaselined existing tests.

  • dom/DOMImplementation.idl:

LayoutTests:

Rebaseline / update existing test to reflect the behavior change.

  • fast/css/zoom-on-unattached.html:
  • fast/dom/DOMImplementation/createDocument-namespace-err-expected.txt:
  • fast/dom/DOMImplementation/script-tests/createDocument-namespace-err.js:
  • fast/dom/HTMLLinkElement/prefetch-detached.html:
  • fast/dom/node-move-to-new-document-crash-main.html:
  • fast/forms/change-form-element-document-crash.html:
11:40 AM Changeset in webkit [203516] by Chris Dumez
  • 5 edits in trunk/Source/WebCore

Kill legacy valueToStringWithNullCheck() utility function
https://bugs.webkit.org/show_bug.cgi?id=159991

Reviewed by Sam Weinig.

Kill legacy valueToStringWithNullCheck() utility function. Treating null as
a null string is legacy behavior so drop this function so that people are
not tempted to use it. We should be using either:

  1. JSValue::toWTFString() for non-nullable DOMStrings
  2. valueToStringWithUndefinedOrNullCheck() for nullable DOMStrings
  3. valueToStringTreatingNullAsEmptyString() for strings with [TreatNullAs=EmptyString]

No new tests, no web-exposed behavior change.

  • bindings/js/JSDOMBinding.cpp:

(WebCore::valueToStringWithNullCheck): Deleted.

  • bindings/js/JSDOMBinding.h:
  • bindings/js/JSHTMLFrameElementCustom.cpp:

(WebCore::JSHTMLFrameElement::setLocation):

  • html/HTMLFrameElement.idl:
11:23 AM Changeset in webkit [203515] by Ryan Haddad
  • 2 edits in branches/safari-602-branch/LayoutTests

Merge r203506. rdar://problem/27353750

11:20 AM Changeset in webkit [203514] by Alan Bujtas
  • 2 edits in trunk/Source/WebCore

Do not keep invalid IOSurface in ImageBufferData.
https://bugs.webkit.org/show_bug.cgi?id=160005
<rdar://problem/27208636>

Reviewed by Simon Fraser.

When we fail to initialize the IOSurface for the accelerated context, we switch over to
the non-accelerated code path. Since ImageBufferData::surface is used to indicate whether
the graphics context is in accelerated mode, we need to reset it when the initialization fails.

Unable to create a test case.

  • platform/graphics/cg/ImageBufferCG.cpp:

(WebCore::ImageBuffer::ImageBuffer):

11:17 AM Changeset in webkit [203513] by bshafiei@apple.com
  • 4 edits
    1 add in branches/safari-602-branch

Merge r203508. rdar://problem/27392691

11:08 AM Changeset in webkit [203512] by Csaba Osztrogonác
  • 54 edits in trunk

Clarify testing mode names in run-jsc-stress-tests
https://bugs.webkit.org/show_bug.cgi?id=160021

Reviewed by Mark Lam.

Default should mean really default, not default with disabled FTL, renamed

  • runMozillaTestDefault to runMozillaTestNoFTL
  • runMozillaTestDefaultFTL to runMozillaTestDefault
  • runDefault to runNoFTL
  • runDefaultFTL to runDefault
  • runLayoutTestDefault to runLayoutTestNoFTL
  • runLayoutTestDefaultFTL to runLayoutTestDefault
  • runNoisyTestDefault to runNoisyTestNoFTL
  • runNoisyTestDefaultFTL to runNoisyTestDefault

Source/JavaScriptCore:

  • tests/mozilla/mozilla-tests.yaml:
  • tests/stress/lift-tdz-bypass-catch.js:
  • tests/stress/obscure-error-message-dont-crash.js:
  • tests/stress/shadow-chicken-disabled.js:

Tools:

  • Scripts/run-jsc-stress-tests:

LayoutTests:

  • js/regress/script-tests/DataView-custom-properties.js:
  • js/regress/script-tests/HashMap-put-get-iterate-keys.js:
  • js/regress/script-tests/HashMap-put-get-iterate.js:
  • js/regress/script-tests/HashMap-string-put-get-iterate.js:
  • js/regress/script-tests/array-nonarray-polymorhpic-access.js:
  • js/regress/script-tests/basic-set.js:
  • js/regress/script-tests/bug-153431.js:
  • js/regress/script-tests/destructuring-arguments.js:
  • js/regress/script-tests/destructuring-swap.js:
  • js/regress/script-tests/inline-arguments-local-escape.js:
  • js/regress/script-tests/method-on-number.js:
  • js/regress/script-tests/new-array-buffer-push.js:
  • js/regress/script-tests/new-array-push.js:
  • js/regress/script-tests/poly-stricteq.js:
  • js/regress/script-tests/polymorphic-array-call.js:
  • js/regress/script-tests/regexp-prototype-is-not-instance.js:
  • js/regress/script-tests/regexp-prototype-search-observable-side-effects.js:
  • js/regress/script-tests/regexp-prototype-search-observable-side-effects2.js:
  • js/regress/script-tests/regexp-prototype-split-observable-side-effects.js:
  • js/regress/script-tests/regexp-prototype-split-observable-side-effects2.js:
  • js/regress/script-tests/regexp-prototype-split-observable-side-effects3-flags.js:
  • js/regress/script-tests/regexp-prototype-split-observable-side-effects3-global.js:
  • js/regress/script-tests/regexp-prototype-split-observable-side-effects3-ignoreCase.js:
  • js/regress/script-tests/regexp-prototype-split-observable-side-effects3-multiline.js:
  • js/regress/script-tests/regexp-prototype-split-observable-side-effects3-sticky.js:
  • js/regress/script-tests/regexp-prototype-split-observable-side-effects3-unicode.js:
  • js/regress/script-tests/regexp-prototype-split-observable-side-effects4.js:
  • js/regress/script-tests/regexp-prototype-test-observable-side-effects.js:
  • js/regress/script-tests/regexp-prototype-test-observable-side-effects2.js:
  • js/regress/script-tests/string-equality.js:
  • js/regress/script-tests/string-prototype-search-observable-side-effects.js:
  • js/regress/script-tests/string-prototype-search-observable-side-effects2.js:
  • js/regress/script-tests/string-prototype-search-observable-side-effects3.js:
  • js/regress/script-tests/string-prototype-search-observable-side-effects4.js:
  • js/regress/script-tests/string-prototype-split-observable-side-effects.js:
  • js/regress/script-tests/string-prototype-split-observable-side-effects2.js:
  • js/regress/script-tests/string-prototype-split-observable-side-effects3-flags.js:
  • js/regress/script-tests/string-prototype-split-observable-side-effects3-global.js:
  • js/regress/script-tests/string-prototype-split-observable-side-effects3-ignoreCase.js:
  • js/regress/script-tests/string-prototype-split-observable-side-effects3-multiline.js:
  • js/regress/script-tests/string-prototype-split-observable-side-effects3-sticky.js:
  • js/regress/script-tests/string-prototype-split-observable-side-effects3-unicode.js:
  • js/regress/script-tests/string-prototype-split-observable-side-effects4.js:
  • js/regress/script-tests/string-repeat-arith.js:
  • js/regress/script-tests/string-sub.js:
  • js/slow-stress/script-tests/destructuring-arguments-length.js:
10:54 AM Changeset in webkit [203511] by Chris Dumez
  • 5 edits in trunk

playsInline IDL attribute has the wrong casing
https://bugs.webkit.org/show_bug.cgi?id=160029
<rdar://problem/27474031>

Reviewed by Jon Lee.

Source/WebCore:

Fix case from video.playsinline to video.playsInline in order to match
the specification:

It still reflects the "playsinline" content attribute though, as per
the specification:

No new tests, updated existing test.

  • html/HTMLVideoElement.idl:

LayoutTests:

Update test to use the correct case.

  • media/video-playsinline-expected.txt:
  • media/video-playsinline.html:
10:24 AM WebKitGTK/Gardening/Calendar edited by clopez@igalia.com
(diff)
10:23 AM WebKitGTK/Gardening/Calendar edited by clopez@igalia.com
(diff)
10:20 AM Changeset in webkit [203510] by Chris Dumez
  • 3 edits
    2 adds in trunk

Drop [TreatNullAs=EmptyString] from CanvasRenderingContext2D.globalCompositeOperation
https://bugs.webkit.org/show_bug.cgi?id=160026

Reviewed by Sam Weinig.

Source/WebCore:

Drop [TreatNullAs=EmptyString] from CanvasRenderingContext2D.globalCompositeOperation
attribute as it does not match the specification:

It does not change web-exposed behavior because assigning to "" or "null"
gets ignored as those are not valid operations.

Test: fast/canvas/context-globalCompositeOperation-null.html

  • html/canvas/CanvasRenderingContext2D.idl:

LayoutTests:

Add test coverage.

  • fast/canvas/context-globalCompositeOperation-null-expected.txt: Added.
  • fast/canvas/context-globalCompositeOperation-null.html: Added.
10:12 AM Changeset in webkit [203509] by clopez@igalia.com
  • 8 edits in trunk/LayoutTests

[GTK] Gardening: Layout tests expectations updates and test rebaselines.

Unreviewed.

  • TestExpectations: js/regress-139548.html is ~10x slower since r203142.
  • fast/mediastream/RTCPeerConnection-add-removeTrack-expected.txt: Rebaseline after r203333.
  • fast/mediastream/RTCPeerConnection-addIceCandidate-expected.txt: Rebaseline after r203333.
  • fast/mediastream/RTCPeerConnection-setLocalDescription-offer-expected.txt: Rebaseline after r203333.
  • fast/mediastream/RTCPeerConnection-setRemoteDescription-offer-expected.txt: Rebaseline after r203333.
  • platform/efl/TestExpectations: workers/bomb.html is slow.
  • platform/gtk/TestExpectations: workers/bomb.html is slow, media/media-source/media-source-small-gap.html timeouts and new failure on platform/gtk/scrollbars/main-frame-scrollbar-horizontal-wheel-scroll.html.
10:01 AM Changeset in webkit [203508] by commit-queue@webkit.org
  • 4 edits
    1 add in trunk

WebBackForwardList's currentIndex could get out of bounds when filtering items.
https://bugs.webkit.org/show_bug.cgi?id=159986

Source/WebKit2:

When generating a new BackForwardListState object, if we filter out multiple items in the list, the currentIndex could get
out of bounds.

Patch by Yongjun Zhang <yongjun_zhang@apple.com> on 2016-07-21
Reviewed by Dan Bernstein.

  • UIProcess/WebBackForwardList.cpp:

(WebKit::WebBackForwardList::backForwardListState): Make currentIndex point to the last item if it is out of bounds.

Tools:

Add a test to verify filtering out 2 items from a 3-item list will set the currentIndex
to 0.

Patch by Yongjun Zhang <yongjun_zhang@apple.com> on 2016-07-21
Reviewed by Dan Bernstein.

  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
  • TestWebKitAPI/Tests/WebKit2/WKBackForwardList.mm: Added.

(-[WKBackForwardListTestNavigationDelegate webView:didFinishNavigation:]):
(TEST):

9:59 AM Changeset in webkit [203507] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebKit2

Web Automation: Allow JavaScript evaluation to return an InvalidElementState error
https://bugs.webkit.org/show_bug.cgi?id=160015
<rdar://problem/27434529>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2016-07-21
Reviewed by Brian Burg.

  • UIProcess/Automation/Automation.json:
  • WebProcess/Automation/WebAutomationSessionProxy.cpp:

(WebKit::WebAutomationSessionProxy::evaluateJavaScriptFunction):

9:21 AM Changeset in webkit [203506] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Update test expectations for rdar://problem/27353750.

  • platform/mac/TestExpectations:
9:05 AM Changeset in webkit [203505] by Carlos Garcia Campos
  • 3 edits in trunk/Source/WebCore

[GTK][Threaded Compositor] Overlay scrollbars shouldn't be a requirement of the threaded compositor
https://bugs.webkit.org/show_bug.cgi?id=160020

Reviewed by Michael Catanzaro.

It has been a requirement only because we didn't really know why frame scrollbars were not rendered when using
the threaded compositor. The reason is that RenderView doesn't use layers for FrameView scrollbars by default,
unless using overlay scrollbars. When using the threaded compositor we really need layers for the FrameView
scrollbars even when not using overlay scrollbars.

  • platform/gtk/ScrollbarThemeGtk.cpp:

(WebCore::ScrollbarThemeGtk::ScrollbarThemeGtk): Stop enforcing overlay scrollbars when threaded compositor is enabled.

  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::shouldCompositeOverflowControls): Always use layers for scrollbars when
threaded compositor is enabled.

9:02 AM Changeset in webkit [203504] by Carlos Garcia Campos
  • 7 edits in trunk/Source/WebKit2

[GTK][Threaded Compositor] WTR generates fully white images for pixel tests most of the time
https://bugs.webkit.org/show_bug.cgi?id=160016

Reviewed by Žan Doberšek.

WTR sends a force repaint message to the web process before taking a snapshot of the web view. With the threaded
compositor, the UI process is notified about the force repaint callback before the contents have been actually
painted. We need to ensure that the contents are rendered before the UI process is notified.

  • Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.cpp:

(WebKit::ThreadedCompositor::forceRepaint): Synchronously render the layer tree.

  • Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.h:
  • UIProcess/API/gtk/WebKitWebViewBase.cpp:

(webkitWebViewRenderAcceleratedCompositingResults): Always mark the redirected window surface as dirty before
rendering, since it can be modified by the web process at any time.

  • UIProcess/gtk/RedirectedXCompositeWindow.cpp:

(WebKit::XDamageNotifier::add):
(WebKit::RedirectedXCompositeWindow::RedirectedXCompositeWindow): Do not mark the surface as dirty on every
damage since the view will do it before rendering.

  • WebProcess/WebPage/CoordinatedGraphics/ThreadedCoordinatedLayerTreeHost.cpp:

(WebKit::ThreadedCoordinatedLayerTreeHost::forceRepaint): Call ThreadedCompositor::forceRepaint().

  • WebProcess/WebPage/CoordinatedGraphics/ThreadedCoordinatedLayerTreeHost.h:
9:01 AM Changeset in webkit [203503] by Carlos Garcia Campos
  • 2 edits in trunk/Source/WebCore

[Cairo] Fix a crash in fast/canvas/canvas-getImageData-invalid-result-buffer-crash.html
https://bugs.webkit.org/show_bug.cgi?id=160014

Reviewed by Michael Catanzaro.

In r202887 some null checks were added for JSArray::createUninitialized (and related) but not for the
ImageBuffer cairo implementation.

  • platform/graphics/cairo/ImageBufferCairo.cpp:

(WebCore::getImageData): Return early if Uint8ClampedArray::createUninitialized() returns nullptr.

6:03 AM Changeset in webkit [203502] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

[GTK] The GSTREAMER_GL path in MediaPlayerPrivateGStreamerBase::paintToTextureMapper() is missing a mutex lock
https://bugs.webkit.org/show_bug.cgi?id=160018

Patch by Miguel Gomez <magomez@igalia.com> on 2016-07-21
Reviewed by Philippe Normand.

Lock the video sample mutex while accessing it.

Covered by existent tests.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:

(WebCore::MediaPlayerPrivateGStreamerBase::paintToTextureMapper):

4:36 AM Changeset in webkit [203501] by jfernandez@igalia.com
  • 1 edit
    12 adds in trunk/LayoutTests

[css-grid] Handle min-content/max-content with orthogonal flows
https://bugs.webkit.org/show_bug.cgi?id=159294

Reviewed by Darin Adler.

New layout tests to evaluate basic positioning and sizing using orthogonal flows.

  • fast/css-grid-layout/grid-item-positioning-with-orthogonal-flows-expected.txt: Added.
  • fast/css-grid-layout/grid-item-positioning-with-orthogonal-flows.html: Added.
  • fast/css-grid-layout/grid-item-sizing-with-orthogonal-flows-expected.txt: Added.
  • fast/css-grid-layout/grid-item-sizing-with-orthogonal-flows.html: Added.
  • fast/css-grid-layout/grid-item-spanning-and-orthogonal-flows-expected.txt: Added.
  • fast/css-grid-layout/grid-item-spanning-and-orthogonal-flows.html: Added.
  • fast/css-grid-layout/grid-track-sizing-with-orthogonal-flows-expected.txt: Added.
  • fast/css-grid-layout/grid-track-sizing-with-orthogonal-flows.html: Added.
  • fast/css-grid-layout/grid-track-sizing-with-percentages-and-orthogonal-flows-expected.txt: Added.
  • fast/css-grid-layout/grid-track-sizing-with-percentages-and-orthogonal-flows.html: Added.
12:35 AM Changeset in webkit [203500] by Carlos Garcia Campos
  • 3 edits in trunk/Source/WebKit2

[GTK] White page when loaded tab is visited until it's hovered when AC mode is always on
https://bugs.webkit.org/show_bug.cgi?id=159512

Reviewed by Michael Catanzaro.

The redirected window is always mapped, but offscreen, to ensure that the web process can always render
there. When the web process renders something into the offscreen window, we receive a damage event in the UI
process and queue a redraw of the web view. However, when the web view is not mapped, even if we still receive
the damage events, the web view redraws are ignored until the view is mapped again (gtk_widget_queue_draw()
returns early when the widget is not visible). The redirected window updates its pixmap on demand when the
surface is requested, which happens when the web view draws its contents. So when the web view becames visible,
the redirected window creates a new pixmap and surface (the first time or if the web view was resized), that we
initialize to avoid artifacts when the web process hasn't render anything yet. That initialization is actually
overwriting anything rendered into the redirected window while the view was unmapped. That's why see white pages
the first time, and previous contents after a resize, and we don't see the actual contents until the web process
renders again and we reuse the existing pixmap. The white page didn't happen for tabs with accelerated content,
because in those cases the web process was rendering a new frame every 16ms, but instead there was a flickering
effect due to the current frame being overwritten when the view is mapped until the next frame.
So, instead of lazily create and initialize the redirected window pixmap and surface, we should always create
the new pixmap as soon as the window is created or resized (and not empty) This fixes the issues but also makes
resizing the window a bit smoother when AC mode is enabled.

  • UIProcess/gtk/RedirectedXCompositeWindow.cpp:

(WebKit::RedirectedXCompositeWindow::RedirectedXCompositeWindow): Create the pixmap and surface if the window is
not empty.
(WebKit::RedirectedXCompositeWindow::resize): Ditto.
(WebKit::RedirectedXCompositeWindow::createNewPixampAndPixampSurface): Create the pixmap and surface.
(WebKit::RedirectedXCompositeWindow::surface): Deleted.

  • UIProcess/gtk/RedirectedXCompositeWindow.h:

(WebKit::RedirectedXCompositeWindow::surface):

12:33 AM Changeset in webkit [203499] by Yusuke Suzuki
  • 23 edits
    2 copies
    9 adds in trunk/Source/JavaScriptCore

[ES7] Introduce exponentiation expression
https://bugs.webkit.org/show_bug.cgi?id=159969

Reviewed by Saam Barati.

This patch implements the exponentiation expression, e.g. x ** y.
The exponentiation expression is introduced in ECMA262 2016 and ECMA262 2016
is already released. So this is not the draft spec.

The exponentiation expression has 2 interesting points.

  1. Right associative

To follow the Math expression, operator is right associative.
When we execute x ** y ** z, this is handled as x ** (y ** z), not (x ** y) ** z.
This patch introduces the right associativity to the binary operator and handles it
in the operator precedence parser in Parser.cpp.

  1. LHS of the exponentiation expression is UpdateExpression

ExponentiationExpression[Yield]:

UnaryExpression?Yield
UpdateExpression?Yield ExponentiationExpression?Yield

As we can see, the left hand side of the ExponentiationExpression is UpdateExpression, not UnaryExpression.
It means that +x ** y becomes a syntax error. This is intentional. Without superscript in JS,
-x**y is confusing between -(x ** y) and (-x) ** y. So ECMA262 intentionally avoids UnaryExpression here.
If we need to use a negated value, we need to write parentheses explicitly e.g. (-x) ** y.
In this patch, we ensure that the left hand side is not an unary expression by checking an operator in
parseBinaryExpression. This works since ** has the highest operator precedence in the binary operators.

We introduce a new bytecode, op_pow. That simply works as similar as the other binary operators.
And it is converted to ArithPow in DFG and handled in DFG and FTL.
In this patch, we take the approach just introducing a new bytecode instead of calling Math.pow.
This is because we would like to execute ToNumber in the caller side, not in the callee (Math.pow) side.
And we don't want to compile into the following.

lhsNumber = to_number (lhs)
rhsNumber = to_number (rhs)
call Math.pow(lhsNumber, rhsNumber)

We ensure that this patch passes all the test262 tests related to the exponentiation expression.

The only sensitive part to the performance is the parser changes.
So we measured the code-load performance and it is neutral in my x64 Linux box (hanayamata).

Collected 30 samples per benchmark/VM, with 30 VM invocations per benchmark. Emitted a call to
gc() between sample measurements. Used 1 benchmark iteration per VM invocation for warm-up. Used
the jsc-specific preciseTime() function to get microsecond-level timing. Reporting benchmark
execution times with 95% confidence intervals in milliseconds.

baseline patched

closure 0.60499+-0.00250 0.60180+-0.00244
jquery 7.89175+-0.02433 ? 7.91287+-0.04759 ?

<geometric> 2.18499+-0.00523 2.18207+-0.00689 might be 1.0013x faster

  • bytecode/BytecodeList.json:
  • bytecode/BytecodeUseDef.h:

(JSC::computeUsesForBytecodeOffset):
(JSC::computeDefsForBytecodeOffset):

  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::dumpBytecode):

  • bytecompiler/NodesCodegen.cpp:

(JSC::emitReadModifyAssignment):

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::parseBlock):

  • dfg/DFGCapabilities.cpp:

(JSC::DFG::capabilityLevel):

  • jit/JIT.cpp:

(JSC::JIT::privateCompileMainPass):

  • jit/JIT.h:
  • jit/JITArithmetic.cpp:

(JSC::JIT::emit_op_pow):

  • llint/LowLevelInterpreter.asm:
  • parser/ASTBuilder.h:

(JSC::ASTBuilder::operatorStackShouldReduce):
(JSC::ASTBuilder::makePowNode):
(JSC::ASTBuilder::makeMultNode):
(JSC::ASTBuilder::makeDivNode):
(JSC::ASTBuilder::makeModNode):
(JSC::ASTBuilder::makeSubNode):
(JSC::ASTBuilder::makeBinaryNode):
(JSC::ASTBuilder::operatorStackHasHigherPrecedence): Deleted.

  • parser/Lexer.cpp:

(JSC::Lexer<T>::lex):

  • parser/NodeConstructors.h:

(JSC::PowNode::PowNode):

  • parser/Nodes.h:
  • parser/Parser.cpp:

(JSC::Parser<LexerType>::parseAssignmentExpression):
(JSC::isUnaryOpExcludingUpdateOp):
(JSC::Parser<LexerType>::parseBinaryExpression):
(JSC::isUnaryOp): Deleted.

  • parser/ParserTokens.h:

(JSC::isUpdateOp):
(JSC::isUnaryOp):

  • parser/SyntaxChecker.h:

(JSC::SyntaxChecker::operatorStackPop):

  • runtime/CommonSlowPaths.cpp:

(JSC::SLOW_PATH_DECL):

  • runtime/CommonSlowPaths.h:
  • tests/stress/pow-basics.js: Added.

(valuesAreClose):
(mathPowDoubleDouble1):
(mathPowDoubleInt1):
(test1):
(mathPowDoubleDouble2):
(mathPowDoubleInt2):
(test2):
(mathPowDoubleDouble3):
(mathPowDoubleInt3):
(test3):
(mathPowDoubleDouble4):
(mathPowDoubleInt4):
(test4):
(mathPowDoubleDouble5):
(mathPowDoubleInt5):
(test5):
(mathPowDoubleDouble6):
(mathPowDoubleInt6):
(test6):
(mathPowDoubleDouble7):
(mathPowDoubleInt7):
(test7):
(mathPowDoubleDouble8):
(mathPowDoubleInt8):
(test8):
(mathPowDoubleDouble9):
(mathPowDoubleInt9):
(test9):
(mathPowDoubleDouble10):
(mathPowDoubleInt10):
(test10):
(mathPowDoubleDouble11):
(mathPowDoubleInt11):
(test11):

  • tests/stress/pow-coherency.js: Added.

(pow42):
(build42AsDouble.opaqueAdd):
(build42AsDouble):
(powDouble42):
(clobber):
(pow42NoConstantFolding):
(powDouble42NoConstantFolding):

  • tests/stress/pow-evaluation-order.js: Added.

(shouldBe):
(throw.new.Error):

  • tests/stress/pow-expects-update-expression-on-lhs.js: Added.

(testSyntax):
(testSyntaxError):
(throw.new.Error):
(let.token.of.tokens.testSyntax.pow):
(testSyntax.pow):

  • tests/stress/pow-integer-exponent-fastpath.js: Added.

(valuesAreClose):
(mathPowDoubleDoubleTestExponentFifty):
(mathPowDoubleIntTestExponentFifty):
(testExponentFifty):
(mathPowDoubleDoubleTestExponentTenThousands):
(mathPowDoubleIntTestExponentTenThousands):
(testExponentTenThousands):

  • tests/stress/pow-nan-behaviors.js: Added.

(testIntegerBaseWithNaNExponentStatic):
(mathPowIntegerBaseWithNaNExponentDynamic):
(testIntegerBaseWithNaNExponentDynamic):
(testFloatingPointBaseWithNaNExponentStatic):
(mathPowFloatingPointBaseWithNaNExponentDynamic):
(testFloatingPointBaseWithNaNExponentDynamic):
(testNaNBaseStatic):
(mathPowNaNBaseDynamic1):
(mathPowNaNBaseDynamic2):
(mathPowNaNBaseDynamic3):
(mathPowNaNBaseDynamic4):
(testNaNBaseDynamic):
(infiniteExponentsStatic):
(mathPowInfiniteExponentsDynamic1):
(mathPowInfiniteExponentsDynamic2):
(mathPowInfiniteExponentsDynamic3):
(mathPowInfiniteExponentsDynamic4):
(infiniteExponentsDynamic):

  • tests/stress/pow-simple.js: Added.

(shouldBe):
(throw.new.Error):

  • tests/stress/pow-stable-results.js: Added.

(opaquePow):
(isIdentical):

  • tests/stress/pow-to-number-should-be-executed-in-code-side.js: Added.

(shouldBe):
(throw.new.Error):

  • tests/stress/pow-with-constants.js: Added.

(exponentIsZero):
(testExponentIsZero):
(exponentIsOne):
(testExponentIsOne):
(powUsedAsSqrt):
(testPowUsedAsSqrt):
(powUsedAsOneOverSqrt):
(testPowUsedAsOneOverSqrt):
(powUsedAsSquare):
(testPowUsedAsSquare):
(intIntConstantsSmallNumbers):
(intIntConstantsLargeNumbers):
(intIntSmallConstants):
(intDoubleConstants):
(doubleDoubleConstants):
(doubleIntConstants):
(testBaseAndExponentConstantLiterals):
(exponentIsIntegerConstant):
(testExponentIsIntegerConstant):
(exponentIsDoubleConstant):
(testExponentIsDoubleConstant):
(exponentIsInfinityConstant):
(testExponentIsInfinityConstant):
(exponentIsNegativeInfinityConstant):
(testExponentIsNegativeInfinityConstant):

  • tests/stress/pow-with-never-NaN-exponent.js: Added.

(exponentIsNonNanDouble1):
(exponentIsNonNanDouble2):
(testExponentIsDoubleConstant):

  • tests/test262.yaml:
12:29 AM Changeset in webkit [203498] by commit-queue@webkit.org
  • 6 edits in trunk/Source/WebCore

[Threaded Compositor] Flickering when zooming in/out in maps.google.com
https://bugs.webkit.org/show_bug.cgi?id=154069

Patch by Miguel Gomez <magomez@igalia.com> on 2016-07-21
Reviewed by Carlos Garcia Campos.

Add a new extra buffer to GraphicsContext3D when using the Threaded Compositor,
so it doesn't have to reuse the buffers that are still waiting for composition.

Covered by existing tests.

  • platform/graphics/GraphicsContext3D.h:

Add a new texture to use for the rendering. Remove the compositor fbo we were using.

  • platform/graphics/cairo/GraphicsContext3DCairo.cpp:

(WebCore::GraphicsContext3D::GraphicsContext3D):
Initialize the new texture and remove the previous fbo related code.
(WebCore::GraphicsContext3D::~GraphicsContext3D):
Properly destroy the new texture and remove the previous fbo related code.

  • platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:

(WebCore::GraphicsContext3D::reshapeFBOs):
Allocate the new texture and remove the previous fbo allocation.

  • platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:

(WebCore::GraphicsContext3D::prepareTexture):
Use a single fbo with three textures instead of two fbos with a texture each.
Rotate the three textures usage so:

  • m_texture becomes m_compositorTexture to be pushed to the compositor.
  • m_intermediateTexture becomes m_texture to receive the next rendering.
  • m_compositorTexture becomes m_intermediateTexture.

And add a glFlush() to ensure that the gl commands are sent to the pipeline.

  • platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp:

(WebCore::GraphicsContext3D::reshapeFBOs):
Allocate the new texture.

12:25 AM Changeset in webkit [203497] by Carlos Garcia Campos
  • 7 edits in trunk/Source

[GTK][Threaded Compositor] Web view background colors don't work
https://bugs.webkit.org/show_bug.cgi?id=159465

Reviewed by Michael Catanzaro.

Source/WebCore:

  • rendering/RenderLayerBacking.cpp:

(WebCore::RenderLayerBacking::createPrimaryGraphicsLayer): Initialize frame view layer opacity for platforms not
using the tiled cache layer.

Source/WebKit2:

  • Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.cpp:

(WebKit::ThreadedCompositor::setDrawsBackground): Set m_drawsBackground in compositing thread and schedule a
layer flush.
(WebKit::ThreadedCompositor::renderLayerTree): Clear the area when not rendering backgrounds.

  • Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.h:
  • WebProcess/WebPage/CoordinatedGraphics/ThreadedCoordinatedLayerTreeHost.cpp:

(WebKit::ThreadedCoordinatedLayerTreeHost::pageBackgroundTransparencyChanged): Notify the compositor.

  • WebProcess/WebPage/CoordinatedGraphics/ThreadedCoordinatedLayerTreeHost.h:
12:18 AM Changeset in webkit [203496] by Carlos Garcia Campos
  • 7 edits in trunk

[GTK] Web view background colors don't work in accelerated compositing mode
https://bugs.webkit.org/show_bug.cgi?id=159455

Reviewed by Michael Catanzaro.

Source/WebKit2:

In non AC mode it's the drawing area backing store the one drawing the background, and the web process just
renders into a transparent bitmap. In AC mode we need to make the redirected window pixmap transparent for the
web process to render there, and let the web view fill the background color before rendering the redirected
window pixmap on top. To be able to make the redirected window surface transparent, we need to ensure the parent
window has an RGBA visual, even when setting a fully opaque background, because we still need the web process
to render on the transparent xwindow.

  • UIProcess/API/gtk/WebKitWebView.cpp: Update documentation of webkit_web_view_set_background_color() since now

it's required to set the RGBA visual even for opaque colors in case AC mode is enabled.

  • UIProcess/API/gtk/WebKitWebViewBase.cpp:

(webkitWebViewRenderAcceleratedCompositingResults): When a background color has been set, fill it before
rendering the redirected window surface.

  • UIProcess/gtk/RedirectedXCompositeWindow.cpp:

(WebKit::RedirectedXCompositeWindow::RedirectedXCompositeWindow): Mark the surface as dirty after every damage
event, since the web process has modified it.
(WebKit::RedirectedXCompositeWindow::surface): Initialize the surface after creating it, to avoid flickering and
rendering artifacts when waiting for the first damage event from the web process.

  • WebProcess/WebPage/gtk/LayerTreeHostGtk.cpp:

(WebKit::LayerTreeHostGtk::compositeLayersToContext): Use a fully transparent color to clear the context when the page
is resized or when a view background color has been set.

Tools:

Set always RGBA visual to the view widget when setting a background color.

  • MiniBrowser/gtk/BrowserWindow.c:

(browser_window_set_background_color):

12:04 AM Changeset in webkit [203495] by Carlos Garcia Campos
  • 4 edits in trunk/Source/WebKit2

[GTK] Avoid the redirected window resize when the view is realized in AC mode
https://bugs.webkit.org/show_bug.cgi?id=159463

Reviewed by Michael Catanzaro.

We are always creating the redirected window at 1x1 and then resizing it if we are in AC mode. When the view is
realized and AC mode is already enabled, which happens for example when AC mode is forced, or when the threaded
compositor is enabled, we could just pass the initial size to the redirected window constructor to create the
XWindow at the right size.

  • UIProcess/API/gtk/WebKitWebViewBase.cpp:

(webkitWebViewBaseResizeRedirectedWindow): We no longer need to pass the device scale factor, since the
RedirectedXCompositeWindow already knows it.
(webkitWebViewBaseRealize): Pass the WebPageProxy and an initial size to the RedirectedXCompositeWindow
constructor instead of the parent GdkWindow. If AC mode is disabled, the initial size will be empty. With the
WebPageProxy the redirected window has access to the device scale factor and view widget to get the parent
GdkWindow.
(deviceScaleFactorChanged): Resize the redirected window when device scale factor changes.

  • UIProcess/gtk/RedirectedXCompositeWindow.cpp:

(WebKit::RedirectedXCompositeWindow::create):
(WebKit::RedirectedXCompositeWindow::RedirectedXCompositeWindow):
(WebKit::RedirectedXCompositeWindow::resize):
(WebKit::RedirectedXCompositeWindow::surface):
(WebKit::RedirectedXCompositeWindow::~RedirectedXCompositeWindow):

  • UIProcess/gtk/RedirectedXCompositeWindow.h:
Note: See TracTimeline for information about the timeline view.